Linux Network Security - Page 29

Linux Pentesting Distros: An Essential Tool for Strengthening Network Security

Maintaining robust network defenses requires a proactive approach to keep pace with today's rapidly evolving network security threats. One crucial element of an effective network security strategy is penetration testing, or staged attacks in network ...
Oct 10, 2024
  0

Enhancing Network Security with Linux Proxy Servers

Network security is of utmost importance for organizati...
Sep 30, 2024
  0
4.Lock AbstractDigital Esm H115

OPNsense 24.7 'Thriving Tiger': Elevating Open-Source Network Security and Performance

OPNsense 24.7 'Thriving Tiger" marks an impressive...
Jul 29, 2024
  0
18.WifiCutout Landscape Esm H115

Discover Network Security News

After An Exploit: Mitigation and Remediation

After An Exploit: Mitigation and Remediation

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

As we all know, prevention, detection and response are our three main lines of defence against threats, with a good administrator putting most focus on prevention. As the old adage goes, "an ounce of prevention is worth a pound of cure" - a 1:16 ratio for the metrically inclined - but there's always going to be the odd occasion where prevention fails, either through a lack of time or a mistake in one's security procedure. In this article we describe a few hardening and alerting methods for Unix servers that help block vectors for various attacks, including two web-based application attacks and the brute-forcing of SSH passwords. The article then looks at what an administrator should do post-compromise. These incidents have been drawn from both honeypots and real systems.

Old UTM is Still New in Network Security

Old UTM is Still New in Network Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

They'll always be with us in the wooly corners of the Web: attackers bent on breaking your network system, stealing your data, pilfering funds, or letting their fingers do the walking through your e-mail and IM threads. Research firm IDC, in its security trends forecast for 2006, said chief security officers, as well as other executives whose job it is to evaluate risk, must account for the broadening scope of emerging threats. At the same time, it warned that many organizations are simply unprepared to handle such multi-layered threats, even if they are aware that the sophistication of attacks is increasing.

Network Security: Protecting the Patients Electronic Medical Data in the Health Care Organization

Network Security: Protecting the Patient's Electronic Medical Data in the Health Care Organization

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Today there is a growing concern for the security of confidential electronic patient health information in the health care organization. The health care network administrator is usually responsible for implementing information security in the health care organization. The problems faced by the health care organization are the following: third party access to confidential electronic medical records, limited IT budgets and resources, noncompliance and the Health Insurance Portability and Accountability Act, security attacks, resting databases in clear text, attainable security policies and educating users on the confidentiality and the security of electronic patient health information. Third party access is a concern because only physicians were responsible for managing the patient

Preventing Internal Security Breaches

Preventing Internal Security Breaches

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Security is always on the minds of system administrators. As Intranets have evolved from glorified online cafeteria menus and corporate memos to robust information portals and mission critical applications, the bar has been raised to protect the castle from critters and other unwanted spooks that go bump in the night.

Basic journey of a packet

Basic journey of a packet

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The purpose of this introductory article is to take a basic look at the journey of a packet across the Internet, from packet creation to switches, routers, NAT, and the packet's traverse across the Internet. This topic is recommended for those who are new to the networking and security field and may not have a basic understanding of the underlying process.Previous articles by this author have looked at the importance of two key areas of computer security for new users: programming and networking. While they are different disciplines, both networking and programming should largely be viewed as complimentary. If it were it not for the early programming of networking protocols there would be no network. That said, does one have to be a programmer in order to fully grasp networking concepts and theory at a low level? In many cases, you do not. However, a reader's natural curiosity will likely lead him toward programming at some point, in order to further experiment with various protocols and networking theory.

Spam once again on the rise

Spam once again on the rise

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Spam is again on the rise, led by a flood of junk images that spammers have crafted over the past few months to trick e-mail filters, according to security vendors. Called "image-based" spam, these junk images typically do not contain any text, making it harder for filters that look for known URLs or suspicious words to block them.

HP: Hacking techniques help security

HP: Hacking techniques help security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

HP is to launch a penetration-testing service for businesses in October, but has denied reports that it will unleash worms on its customers. The company said on Tuesday it would use the same techniques as hackers to gain access to its customers' machines. However, the exploit code it will use will be controlled and will not propagate itself, HP said. "We use hacking techniques to gain access to the system, but once we have control we make the system safe," said Richard Brown, threat management department manager, HP Labs. "We don't unleash a worm

Introduction to ipaudit

Introduction to ipaudit

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

IPAudit is a handy tool that will allow you to analyze all packets entering and leaving your network. It listens to a network device in promiscuous mode, just as an IDS sensor would, and provides details on hosts, ports, and protocols. It can be used to monitor bandwidth, connection pairs, detect compromises, discover botnets, and see whos scanning your network. When compared to similar tools, such as Cisco System's Netflow it has many advantages (see the SecurityFocus articles on Netflow, part 1 and part 2). It is easier to setup than Netflow, and if you install it on your existing IDS sensors, there is no extra hardware to purchase. Since it captures traffic from a span port, it does not require that you modify the configuration of your networking equipment, or poke holes in firewalls for Netflow data.

Using ICMP tunneling to steal Internet

Using ICMP tunneling to steal Internet

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The scenario is you are without Internet connectivity anywhere. You have found either an open wireless access pointed or perhaps you're staying in a hotel which permits rented Internet via services like Spectrum Interactive [1] (previously known as UKExplorer). You make the connection, whether its physically connecting the Ethernet cables, or instructing you're wireless adapter to lock onto the radio signal. You are prompted with some sort of authorization page when you open a browser. You don't have access to it, so what do you do?

Get a quick VPN with OpenVPN

Get a quick VPN with OpenVPN

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Virtual private networks (VPNs) are a means for connecting to a remote network and making it look like a local one. This means you can connect to your work location and have full access to resources (if so configured on the work side), such as shared printers, work files, etc. There are a number of VPN products freely available; some are kernel-level like openswan and can be fairly difficult to configure. OpenVPN, available at https://openvpn.net/, doesn't require patching the kernel and can be extremely straightforward. Configuration is more difficult if you want to use a lot of its features, but for a quick client/server VPN, you can be up and running in minutes.

Top 100 Network Security Tools

Top 100 Network Security Tools

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

After the tremendously successful 2000 and 2003 security tools surveys, Insecure.Org is delighted to release this 2006 survey. I (Fyodor) asked users from the nmap-hackers mailing list to share their favorite tools, and 3,243 people responded. This allowed me to expand the list to 100 tools, and even subdivide them into categories. Anyone in the security field would be well advised to go over the list and investigate tools they are unfamiliar with. I discovered several powerful new tools this way. I also will be pointing newbies to this site whenever they write me saying

Network security is virtually here

Network security is virtually here

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Network security will be one of the next areas for virtualisation, reckons Scott Lucas, the director of product marketing at Extreme Networks. The aim, he says, is to move away from applying security at specific places in the network, and instead make it available throughout.

Agent-based or Agent-less Network Monitoring

Agent-based or Agent-less Network Monitoring

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

When monitoring the availability of services between networked clients and servers, it is important to ensure a correct and timely response between those devices, for example to meet service level agreements (SLAs). This is often referred to as end-to-end service management and encompasses the need to monitor applications, servers and interconnecting networks.

For Better Security, Touch Your Printer

For Better Security, Touch Your Printer

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Security is more than just passwords on your desktop. Every agency knows physical security is just as important. However, within a department there is normally not much to protect documents from users already in the building. And that can cause trouble.

Hardening Network Routing

Hardening Network Routing

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In today’s world we are constantly reminded of the day to day dangers that exist in our society. According to statistics people are becoming the victims of Identity Theft at an alarming rate, it is estimated that 246,570 people had their identities stolen in 2004 alone. Businesses are taking every precaution imaginable to protect the privacy of their consumers. We live in an electronic age, things like paying bills, shopping, ordering clothing, and banking are done online. Yes; it is a very convenient way to do business! It is also very dangerous!

Survey on inadequate storage of administrative passwords

Survey on inadequate storage of administrative passwords

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Cyber-Ark revealed the results of their annual survey which illuminates the industry-wide struggle to safely and easily share and manage administrative passwords. The survey shows that the majority of IT professionals mismanage the storage of passwords by keeping them in inaccessible or unsecured locations.

Is Your VoIP Phone Vulnerable?

Is Your VoIP Phone Vulnerable?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

It's become a familiar pattern in online security. A groundbreaking way to communicate emerges, spreads like wildfire, and then hackers find a way to use it to their advantage. Security companies react—but not before the problem has succeeded in wreaking havoc. It happened with e-mail and is happening now with instant messaging and mobile devices.

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved