Linux Network Security - Page 28

Discover Network Security News

Analysis: Network Access Control

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

All conspiracy theorists worth their salt have one thing in common: A certainty that far-reaching and insidious forces are conspiring, molding events to suit their nefarious aims. That about sums up the NAC market. The number of players in this intrigue has exploded from a handful a few years ago to upwards of 35 today. And it's not just infrastructure gear vendors, though Cisco Systems and its rivals are well represented. From AirMagnet to Vernier, and of course Microsoft, everyone wants a piece of your security budget, and they're not above forming convenient alliances to get it.

Benjamin D. Thomas
Oct 11, 2006

Is your DNS server configured wrong?

More than half of the Internet's name servers are configured incorrectly, leaving networks vulnerable to pharming attacks and enabling servers to be used in attacks that can wipe out DNS infrastructure. This is the key finding of a survey of the Internet's domain name servers released Monday. The Measurement Factory conducted the survey for Infoblox, which sells DNS appliances. Overall, the 2006 DNS Report Card assigned a grade of D+ for DNS security. This is the second annual survey conducted by The Measurement Factory about the state of the global DNS. We saw an increase in the pace and severity of attacks and outages resulting from bad configurations in the DNS infrastructure, says Rick Kagan, vice president of marketing for Infoblox.

Benjamin D. Thomas
Oct 10, 2006

10 tips to secure client VPNs

If you have given your trusted employees and key contractors remote access to your network via a client virtual private network (VPN), congratulations! By now, you have seen the productivity and cost benefits from allowing collaboration that surmounts geographical separation. You may also have discovered that keeping your network secure is now even trickier than it was, because each uncontrolled remote computer potentially creates another avenue of access to the network for attackers. Here are 10 tips to help secure your network while ensuring the benefits of your VPN.

Benjamin D. Thomas
Oct 03, 2006

Access over Ethernet: Insecurities in AoE

ATA over Ethernet (AoE) is an open standards based protocol which allows direct network access to disk drives by client hosts. AoE has been incorporated into the mainstream Linux kernel, recently been the subject of a Slashdot article, and it appears that it is a SAN technology which is here to stay. This paper investigates the insecurities present in the AoE protocol and suggests how you can deploy AoE infrastructure without worrying about a wide scale compromise.

Brittany Day
Sep 28, 2006

SSL-Explorer Community Edition

SSL-Explorer is the world's first open-source, browser-based SSL VPN solution. This unique remote access solution provides users and businesses alike with a means of securely accessing network resources from outside the network perimeter using only a standard web browser. Users can now be granted access to their files, intranet applications and email from virtually any location with an internet connection. Using SSL-Explorer you can quickly and simply provide full extranet access to key strategic business partners and external consultants. Similarly, your network support staff are also now free to remotely manage servers, routers and other network hardware securely using industry standard encryption technologies to protect key information assets.

Benjamin D. Thomas
Sep 28, 2006

Nmap Parsers and Interfaces

This is the ninth in a series of tips on how to use Nmap in an enterprise network environment. For a security tool to be useful you have to be able to understand what it's telling you about the setup, security, or weak points of your system or network. With Nmap you can run very comprehensive tests. To analyze the results it is often best to have the output recorded in XML format so that it can be easily imported into a database or converted into HTML for analysis and human consumption.

Benjamin D. Thomas
Sep 26, 2006

Recovery Management: a new approach to data protection and management

In the struggle to ensure data protection, reduce backup windows, and manage costs

Brittany Day
Sep 19, 2006

Web flaws race ahead in 2006

Less rigor in Web programming, an increasing variety of software, and restrictions on Web security testing have combined to make flaws in Web software the most reported security issues this year to date, according to the latest data from the Common Vulnerabilities and Exposures (CVE) project. A draft report on the latest numbers from the vulnerability database found that 4,375 security issues had so far been cataloged in the first nine months of 2006, just shy of the 4,538 issues documented last year.

Brittany Day
Sep 16, 2006

Analyzing Large DDoS Attacks Using Multiple Data Sources

Internet distributed denial of service (DDoS) attacks are becoming increasingly prevalent [1]. To prevent the discovery of attack sources, attackers have been known to spoof the source IP addresses of packets in DDoS attack. These spoofed addresses were often chosen randomly from the IPv4 space, which allowed a technique called backscatter analysis [2] to be used to infer the prevalence of such spoofed DDoS attacks on the Internet. This technique works by measuring the amount of unwanted tra

Benjamin D. Thomas
Sep 06, 2006

ISPs Fight Against Encrypted BitTorrent Downloads

The advent of BitTorrent was a cause for celebration for people who wished to share large files very quickly, but Internet Service Providers did not see the technology in quite the same positive light. ISPs soon found that the majority of their bandwidth was taken up with BitTorrent traffic, and some, like Canadian provider Shaw, started throttling the service in response. BitTorrent clients such as Azureus added a feature that encrypted torrent traffic to try and get around these ISP roadblocks.

Brittany Day
Sep 02, 2006

The Effectiveness of Mix-Networks in Concealing Low-Latency Traffic

Generally, traffic analysis is done to identify one or more of the following: the kind of traffic being sent or received by the target, the contents of all or any traffic sent, and the origin and destination of the traffic. Traffic analyses can be generally classified into two major types, active and passive. A passive traffic analysis attack is one in which the attacker is able to monitor some or all of the network traffic entering or exiting a node, without altering the shape of that traffic in any discernable way[1]. Because the flow of the traffic is unaltered, passive traffic analysis can be extremely difficult to detect, even under the best circumstances. Of course, as the complexity of the network increases, likewise, it becomes increasing difficult (and expensive) to monitor traffic in this manner. This is, of course, assuming that there are enough producers of traffic, hereby referred to as senders, to make such an analysis infeasible without detection. To illustrate, consider mail sent via the US Postal service.

Brittany Day
Aug 30, 2006

OpenSSH Introduction

SSH is the secure replacement for rlogin, rsh and telnet, which has been used in the past to do remote administration work. Even today some people still like using telnet for administration, even though it actively affects system security, since all commands and passwords are transmitted in cleartext. Since we are aware of the security risk of running a telnet service and want to be better we are not only using SSH, we will set up SSH with public key authentification.

Benjamin D. Thomas
Aug 18, 2006

SMEs must 'prioritise' network security

Network security is vital if Welsh SMEs hope to thwart hackers in future years, says UK internet security tester NTA monitor. While SMEs make up 99.9 per cent of the 4.3 million businesses in the UK, the vast majority do not have dedicated IT departments. Because of this, the necessity for security against threats should be a priority. Network structure should always be considered with this firmly in mind, according to NTA monitor.

Brittany Day
Aug 17, 2006

Covert Channel Tool Hides Data In IPv6

The tool, dubbed VoodooNet or v00d00n3t, uses the ability of most computers to encapsulate next-generation network traffic, known as Internet Protocol version 6 (IPv6), inside of today's network communications standard, or IPv4. Because most security hardware appliances and host-based intrusion detection programs have not been programmed to inspect IPv6 packets in depth, data can bypass most network security, said independent security researcher Robert Murphy, who presented the tool at the DEFCON hacking conference last weekend.

Brittany Day
Aug 15, 2006

Solving the Security Challenge of Dynamic Networks

Europe is hurtling toward an information society capable of offering communication services anywhere in the world; a society where data and communication devices spontaneously form networks using any medium with any protocol to access any service. So far, such a proposition is not too secure. But researchers are on the case.

Brittany Day
Aug 14, 2006

Wired Network Security: Hospital Best Practices

With an ever increasing amount of information in hospitals transmitted electronically, it is important that security be considered in every phase of network design and maintenance. Although much emphasis has been placed on such things as wireless networks and remote access, it is imperative that the core network not be overlooked. Because the wired network is the

Brittany Day
Aug 11, 2006

What You Need to Know about VPN Technologies

Virtual Private Networks, or VPNs, extend the reach of local-area networks without requiring owned or leased private lines. Businesses can use VPNs to give remote and mobile users network access, connect geographically separated branches into a unified network and enable the remote use of applications that rely on internal servers. VPNs can use one or both of two mechanisms. One is to use private circuits leased from a trusted communications provider: alone, this is called a trusted VPN. The other is to send encrypted traffic over the public Internet: alone, this is called a secure VPN. Using a secure VPN over a trusted VPN is called a hybrid VPN. Combining two kinds of secure VPN into one gateway, for instance IPsec and SSL, is also called a hybrid VPN.

Benjamin D. Thomas
Aug 09, 2006

Making corporate security second nature

Enterprise security executives need to make practices such as safe USB use and discreet handling of patient or customer data as commonplace as not accepting luggage from strangers in airports or wearing a seat belt when driving.

Brittany Day
Aug 05, 2006

Rounding the Corners of Network Security

You might just call it the Windows factor. The more widespread the technology, the higher-value target it becomes to crackers, hackers and attackers. But network and personal computing safety go beyond the operating system you're running. Even Linux and Macs have seen their share of security issues. Maybe your databases aren't up to code in order to thwart a SQL injection attack that could bypass your firewall.

Brittany Day
Aug 02, 2006

Researcher unveils Net neutrality test

A Seattle-based security researcher has devised a way to test for Net neutrality.

Brittany Day
Aug 02, 2006

Linux Network Security - Page 28

Linux Pentesting Distros: An Essential Tool for Strengthening Network Security

Enhancing Network Security with Linux Proxy Servers

OPNsense 24.7 'Thriving Tiger': Elevating Open-Source Network Security and Performance