Linux Network Security - Page 37

Discover Network Security News

Network monitoring with Nagios

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

How can a system administrator monitor a large number of machines and services to proactively address problems before anyone else suffers from them? The answer is Nagios. Nagios is an open source network monitoring tool. It is free, powerful and flexible. It can be tricky to learn and implement, but can reduce enormously the amount of time required to keep track of how your organization's IT infrastructure is performing.

Brittany Day
Apr 14, 2005

Diffie: Infrastructure a disaster in the making

In the 1970s, Martin Hellman and Whitfield Diffie wrote the recipe for one of today's most widely used security algorithms in a paper called "New Directions in Cryptography. The paper mapped out the Diffie-Hellman key exchange, a major advancement in Public Key Infrastructure (PKI) technology that allows for secure online transactions and is used in such popular protocols as the Secure Sockets Layer (SSL) and Secure Shell (SSH). In 2000, they received the prestigious Marconi Foundation award for their contributions.

Benjamin D. Thomas
Apr 13, 2005

Using a Linux failover router

Today, it's hard to imagine an organization operating without taking advantage of the vast resources and opportunities that the Internet provides. The Internet's role has become so significant that no organization can afford to have its Net connection going down for too long. Consequently, most organizations have some form of a secondary or backup connection ready (such as a leased line) in case their primary Net connection fails.

Benjamin D. Thomas
Apr 13, 2005

And here's a key to combat hacking

As we rely more on computers, the potential for hackers to hurt us and destroy our personal records has grown. Corporates and public networks, instead of individuals face the brunt of hackers’ ingenuity. However, there are ways to build unhackable network.

Benjamin D. Thomas
Apr 11, 2005

DNS cache poisoning update

The InfoCon is currently set at yellow in response to the DNS cache poisoning issues that we have been reporting on for the last several days. We originally went to yellow because we were uncertain of the mechanisms that allowed seemingly "secure" systems to be vulnerable to this issue. Now that we have a better handle on the mechanisms, WE WANT TO GET THE ATTENTION OF ISPs AND ANY OTHERS WHO RUN DNS SERVERS THAT MAY ACT AS FORWARDS FOR DOWNSTREAM Microsoft DNS SYSTEMS. If you are running BIND, please consider updating to Version 9.

Brittany Day
Apr 08, 2005

DNSSEC: What Is It Good For?

DNSSEC, which stands for DNS Security Extensions, is a method by which DNS servers can verify that DNS data is coming from the correct place, and that the response is unadulterated. In this article we will discuss what DNSSEC can and cannot do, and then show a simple ISC Bind 9.3.x configuration example.

Brittany Day
Apr 07, 2005

SANS tracking active DNS cache poisonings

Around 22:30 GMT on March 3, 2005 the SANS Internet Storm Center began receiving reports from multiple sites about DNS cache poisoning attacks that were redirecting users to websites hosting malware. As the "Handler on Duty" for March 4, I began investigating the incident over the course of the following hours and days. This report is intended to provide useful details about this incident to the community. The initial reports showed solid evidence of DNS cache poisoning, but there also seemed to be a spyware/adware/malware component at work. After complete analysis, the attack involved several different technologies: dynamic DNS, DNS cache poisoning, a bug in Symantec firewall/gateway products, default settings on Windows NT4/2000, spyware/adware, and a compromise of at least 5 UNIX webservers. We received information the attack may have started as early as Feb. 22, 2005 but probably only affected a small number of people.

Brittany Day
Apr 06, 2005

7 Myths About Network Security

Hacker tools are growing more sophisticated and automated. Hackers can now quickly adapt to new security vulnerabilities as they are uncovered and distribute the fruits of their exploits more widely with the help of automated toolkits. And they're employing an ever-increasing range of methods to find individuals' and companies' private information and use it to their own advantage. And yet many of us have a false sense of security about our own data and networks. We install a firewall at the perimeter, put anti-virus and anti-spyware tools on our desktops, and use encryption to send and store data. Microsoft and the big security companies provide ever-improving tools and patches to protect us. Although others who are less careful might be at risk, we're safe, right?

Brittany Day
Apr 04, 2005

Hack Job

When a hacker broke into the network at George Mason University (VA) earlier this year, IT officials were absolutely powerless to stop him. Within minutes, the hacker compromised the school’s main Windows 2000 server and gained access to information that included names, Social Security numbers, university identification numbers, and even photographs of almost everyone on campus. Next, he poked around for a back door into other GMU servers that store information such as student grades, financial aid, and payroll.

Benjamin D. Thomas
Apr 04, 2005

Securing your online privacy with Tor

You may never think about it, but many of your online activities may be monitored and analyzed. Advertising companies, government agencies, and private users can use traffic analysis to gather information about which Web sites and pages you visit, what newsgroups you read, and whom you talk to on IRC. While there is no need to be paranoid (or is there???), you can keep your online communication private. The Tor project can help you with that.

Brittany Day
Mar 31, 2005

SMOOTHWALL LAUNCHES ITS FIRST FIREWALL AIMED AT LARGE ENTERPRISES

Network security specialist SmoothWall Limited, is today previewing its new Advanced Firewall, aimed at enterprise customers and organisations with demanding security requirements. Like its existing Corporate firewall for medium sized organisations, Advanced Firewall is based on open source technology, enabling SmoothWall to provide sophisticated enterprise class features at prices starting from £950.

Brittany Day
Mar 31, 2005

The demise of traditional perimeter defences

There is a classic moment during the battle for Helm’s Deep in the epic film, Lord of the Rings, the Two Towers, when King Theoden stands atop the supposedly impregnable city. Rain sodden, he surveys the massed ranks of Saruman’s armies and defiantly shouts ‘Is this all you’ve got?’ A few fateful minutes, and a well placed explosive, later his confidence is shattered and replaced with fear as he realises that his fortress has been penetrated. Whilst this may have been a marvellous piece of celluloid drama, this scene could have been replicated in the IT departments of many enterprises throughout 2004. Replace Helm’s Deep with firewalls and the Orcs with trojans and viruses and you’ll soon appreciate the similarities.

Brittany Day
Mar 30, 2005

Spammer, ID Yourself

IBM last week introduced technology called FairUCE, for Fair Use of Unsolicited Commercial E-mail, that blocks spam by trying to ID the sender's Internet domain rather than evaluating message content.

Brittany Day
Mar 29, 2005

ISPs join to 'fingerprint' Internet attacks

Leading global telecommunications companies, ISPs, and network operators will begin sharing information on Internet attacks as members of a new group called the "Fingerprint Sharing Alliance," according to a published statement from the new group.

Brittany Day
Mar 28, 2005

Open Source For Perimeter Security

There is a widespread and wholly inaccurate impression that open source development is somehow haphazard and undisciplined, a free-for-all among brilliant but uncoordinated individuals. In fact, most major open source projects are very tightly managed highly disciplined teams.

Benjamin D. Thomas
Mar 24, 2005

How to set up DNS for Linux VPNs

One often-overlooked requirement of a functioning VPN is DNS. For any host-network or network-network VPN, you will be enabling access to machines that are not available on the Internet at large. Unless you want to access machines only by their IP address, you want to have DNS work cleanly.

Benjamin D. Thomas
Mar 24, 2005

Mobile IPv6 On Linux

The woman who cut me off on the freeway because she was too busy talking on her cell phone might not have had a clue, but she probably had an IP address. Mobile devices, from cell phones to PDAs to the automobiles themselves, increasingly require always-on Internet connectivity. According to at least one report, the average U.S. home has over 250 devices that could benefit from Internet connectivity. While the number of IP addresses in the world is large -- IPv4's 32-bit addressing scheme enables 4 billion addresses -- it is not infinite. And the woman applying blue eyeshadow on the 101 freeway is using up one of them.

Benjamin D. Thomas
Mar 23, 2005

DNS-Based Phishing Attacks on The Rise

Phishing fraudsters are using a pair of DNS exploits to help give them the illusion of credible domains, the latest ploy to dupe people into handing over their sensitive information. According to research firm Netcraft, phishers have begun to use wildcard DNS records to help trick unsuspecting users into giving up information about their identity.

Benjamin D. Thomas
Mar 08, 2005

Two Sides of Vulnerability Scanning

There are two approaches to network vulnerability scanning, active and passive. The active approach encompasses everything an organization does to foil system breaches, while the passive (or monitoring) approach entails all the ways the organization oversees system security. When making buying decisions for your organization, it's a mistake to think that you have to choose between the two types of protection.

Benjamin D. Thomas
Feb 28, 2005

Why VoIP is raising new security concerns

New technology often leads to improved productivity, but it also arrives with new IT challenges, often centering on security. "With any new technology, security functions tend to be the last area that matures," noted Pete Lindstrom, Research Director at Spire Security LLC, a market research firm focusing on security issues. Voice over IP (VoIP) has begun to make significant inroads in the enterprise, so IT managers need to be aware of the unique security challenges it presents.

Benjamin D. Thomas
Feb 16, 2005

Linux Network Security - Page 37

Harnessing Proxies for Enhanced Threat Intelligence: A Guide with Open Source Tools

Understanding HTTP Proxy Servers: A Vital Linux Network Security Tool

Exploring Vulnerability Scanners: Tools & Strategies for a Secure Network