Linux Network Security - Page 35

Linux Pentesting Distros: An Essential Tool for Strengthening Network Security

Maintaining robust network defenses requires a proactive approach to keep pace with today's rapidly evolving network security threats. One crucial element of an effective network security strategy is penetration testing, or staged attacks in network ...
Oct 10, 2024
  0

Enhancing Network Security with Linux Proxy Servers

Network security is of utmost importance for organizati...
Sep 30, 2024
  0
4.Lock AbstractDigital Esm H115

OPNsense 24.7 'Thriving Tiger': Elevating Open-Source Network Security and Performance

OPNsense 24.7 'Thriving Tiger" marks an impressive...
Jul 29, 2024
  0
18.WifiCutout Landscape Esm H115

Discover Network Security News

Dump Your DMZ!

Dump Your DMZ!

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

DMZs (short for demilitarized zones) have been a standard component of network design ever since firewalls were invented. A DMZ is a network segment that contains all resources, such as Web servers and mail servers, accessible from the Internet. Implementing a DMZ allows you to limit network traffic from the Internet to these resources in the DMZ, while preventing any network traffic from the Internet to your internal network. As a general rule, a DMZ server should never contain any valuable data, so even if someone managed to break into a server in the DMZ, the damage would be minor.

Worms could dodge Net traps

Worms could dodge Net traps

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Future worms could evade a network of early-warning sensors hidden across the Internet unless countermeasures are taken, according to new research. In a pair of papers presented at the Usenix Security Symposium here Thursday, computer scientists said would-be attackers can locate such sensors, which act as trip wires that detect unusual activity. That would permit nefarious activities to take place without detection.

More Lynn/Cisco Information

More Lynn/Cisco Information

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

There's some new information on last week's Lynn/Cisco/ISS story: Mike Lynn gave an interesting interview to Wired. Here's some news about the FBI's investigation. And here's a video of Cisco/ISS ripping pages out of the BlackHat conference proceedings.

DNS servers - an Internet Achilles heel

DNS servers - an Internet Achilles heel

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Hundreds of thousands of Internet servers are at risk of an attack that would redirect unknowing Web surfers from legitimate sites to malicious ones. In a scan of 2.5 million so-called Domain Name System machines, which act as the White Pages of the Internet, security researcher Dan Kaminsky found that about 230,000 are potentially vulnerable to a threat known as DNS cache poisoning.

What to do before an IOS disaster strikes

What to do before an IOS disaster strikes

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Last week, former Internet Security Systems researcher Michael Lynn presented at the Black Hat USA 2005 conference a reliable process that could be used to exploit Cisco routers running the Internetworking Operating System (IOS.) Even though the exact exploit demonstrated during his presentation was not disclosed, Lynn showed enough details to prove that the exploit is real and that previous misconceptions that routers and switches are not exploitable are false.

Google now a hackers tool

Google now a hacker's tool

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Although security software can identify when an attacker is performing reconnaissance work on a company's network, attackers can find network topology information on Google instead of snooping for it on the network they're studying, he said. This makes it harder for the network's administrators to block the attacker. "The target does not see us crawling their sites and getting information," he said.

Exploit writers team up to target Cisco routers

Exploit writers team up to target Cisco routers

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

It's Saturday night, a time for blowout parties at the annual DEF CON hacker convention, including the Goth-flavored Black and White Ball. But a half dozen researchers in the nondescript room quietly drink, stare at the screens of their laptops, and in low voices, discuss how to compromise two flat metal boxes sitting on a sofa side table: Cisco routers.

Should Michael Lynn have kept his mouth shut?

Should Michael Lynn have kept his mouth shut?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

One can only imagine what raced through Michael Lynn's mind the penultimate moment before he saved or sacrificed our nation's critical infrastructure, depending on your take of the researcher's Black Hat Briefings presentation this week.

Linux Network Security Higher than Other Platforms

Linux Network Security Higher than Other Platforms

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

"There are many research reports that try to compare the number of vulnerabilities between Linux and other operating systems but none take into account the severity of the issues." said Mark Cox head of the Red Hat security response team, "This report shows there are relatively few critical issues affecting users of Linux based operating systems. However, we believe even one is unsatisfactory, and our strategy is to rapidly respond to fix these issues whilst innovating new technology to reduce the risk of future issues."

CSOs Worry About Digital Pearl Harbor

CSOs Worry About Digital Pearl Harbor

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Forty-five percent of corporate chief security officers believe a "digital Pearl Harbor" will take place eventually, with 13 percent anticipating such an attack within a year, according to a survey by CSO Magazine.

Review: GFI LANguard Network Security Scanner 6

Review: GFI LANguard Network Security Scanner 6

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This is a review of the new release of LANguard Network Security Scanner (GFI LANguard NSS) from GFI. NSS will scan computers for known vulnerabilities and common misconfigurations and other potential security issues. It produces reports that can be used to assist in the tracking and mitigation of security issues that have been identified. Furthermore, NSS provides patch management capabilities that allow you to centrally download and push out patches to systems with identified vulnerabilities.

Network monitoring with ngrep

Network monitoring with ngrep

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Constant monitoring and troubleshooting are key to maintaining a network's availability. With ngrep, you can analyze network traffic in a manner similar to that of other network sniffers. However, unlike its brethern, ngrep can match regular expressions within the network packet payloads. By using its advanced string matching capabilities, ngrep can look for packets on specified ports and assist in tracking the usernames and passwords zipping off the network, as well as all Telnet attempts to the server.

Strengthening Quantum Cryptography by Putting On Blinders

Strengthening Quantum Cryptography by Putting On Blinders

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A Korea-UK team (contact Myungshik Kim, Queen's University, Belfast, This email address is being protected from spambots. You need JavaScript enabled to view it., or Chilmin Kim, Paichai University) has introduced a method for preventing several clever attacks against quantum cryptography, a form of message transmission that uses the laws of quantum physics to make sure an eavesdropper does not covertly intercept the transmission. Making the message sender and receiver a little blind to each other's actions, the researchers have shown, can bolster their success against potential eavesdroppers.

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved