Linux Network Security - Page 46

Linux Pentesting Distros: An Essential Tool for Strengthening Network Security

Maintaining robust network defenses requires a proactive approach to keep pace with today's rapidly evolving network security threats. One crucial element of an effective network security strategy is penetration testing, or staged attacks in network ...
Oct 10, 2024
  0

Enhancing Network Security with Linux Proxy Servers

Network security is of utmost importance for organizati...
Sep 30, 2024
  0
4.Lock AbstractDigital Esm H115

OPNsense 24.7 'Thriving Tiger': Elevating Open-Source Network Security and Performance

OPNsense 24.7 'Thriving Tiger" marks an impressive...
Jul 29, 2024
  0
18.WifiCutout Landscape Esm H115

Discover Network Security News

Understanding TCP Reset Attacks, Part I

Understanding TCP Reset Attacks, Part I

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

To better understand the reality of this threat, KernelTrap spoke with Theo de Raadt [interview], the creator of OpenBSD, an operating system which among other goals proactively focuses on security. In this article, we aim to provide some background into the workings of TCP, and then to build upon this foundation to understand how resets attacks work. . . .

Network Security Basics

Network Security Basics

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Routers and switches are the keys to a strong network foundation. Together they enable the intelligent, end-to-end movement of converged data, voice, and video information within or outside the business. . . .

The Internets Wilder Side

The Internet's Wilder Side

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

I.R.C. perhaps most closely resembles the cantina scene in "Star Wars'': a louche hangout of digital smugglers, pirates, curiosity seekers and the people who love them (or hunt them). There seem to be I.R.C. channels dedicated to every sexual fetish, and I.R.C. users speculate that terrorists also use the networks to communicate in relative obscurity. Yet I.R.C. has its advocates, who point to its legitimate uses. . . .

Scanning the Horizon

Scanning the Horizon

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Protecting today's dynamic networks against ever-changing security threats requires vigilance as well as action. A vulnerability assessment scanner, frequently updated to reflect the latest attacks, can be an essential weapon in your information security arsenal. The recent Blaster worm was just the latest reminder that corporations need to move swiftly to prevent attack. It won't be the last. . . .

HNS Learning Session: DDoS Threats

HNS Learning Session: DDoS Threats

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In this ten minute audio, Mr. Woo introduces the listeners to the enormous threat of Distributed Denial of Service attacks in the Internet era and gives his opinion on what should organizations do to stop them. . . .

DNS Troubleshooting – Everything Depends on It

DNS Troubleshooting – Everything Depends on It

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Domain Name System (DNS) service is required to access e-mail, browse Web sites and use hostnames in general. DNS resolves hostnames to IP addresses and back (e.g. www.cyberguard.com translates to 64.94.50.88). This article details how DNS works under normal circumstances and provides troubleshooting tips. . . .

Mobile flaws expose executives to bugging

Mobile flaws expose executives to bugging

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Executives at some of Britain's biggest companies are using mobile phones that can be secretly tracked and bugged, despite a series of Times investigations demonstrating gaping holes in handset security. During tests at the offices of Shell, BP, HSBC and Goldman Sachs, The Times identified 95 phones potentially vulnerable to a new form of hacking known as "bluesnarfing". . . .

Protecting Road Warriors: Managing Security for Mobile Users (Part One)

Protecting Road Warriors: Managing Security for Mobile Users (Part One)

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Imagine what it would be like if every user's system was located on your network perimeter and had none of the safeguards your multi-layered security systems provide. Unfortunately, you most likely have such systems: your mobile users. Whether it's your sales force, world-traveling executives or just a user "working from home," these people are separated from all of your inner defenses and are at the mercy of their surroundings. You need a strategy to ensure their systems and their data is as safe on the road as they are in your own borders. . . .

Common Security Vulnerabilities in e-commerce systems

Common Security Vulnerabilities in e-commerce systems

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The tremendous increase in online transactions has been accompanied by an equal rise in the number and type of attacks against the security of online payment systems. Some of these attacks have utilized vulnerabilities that have been published in reusable third-party components utilized by websites, such as shopping cart software. Other attacks have used vulnerabilities that are common in any web application, such as SQL injection or cross-site scripting. This article discusses these vulnerabilities with examples, either from the set of known vulnerabilities, or those discovered during the author's penetration testing assignments. The different types of vulnerabilities discussed here are SQL injection, cross-site scripting, information disclosure, path disclosure, price manipulation, and buffer overflows. . . .

TCP Net threat overstated, says security researcher

TCP Net threat overstated, says security researcher

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

VANCOUVER, British Columbia--Widespread reports about a flawed communications protocol making the Internet vulnerable to collapse were overblown, according to the researcher credited with uncovering the security problem. A flaw in the most widely used protocol for sending data over the Net--TCP, or the Transmission Control Protocol--was addressed by most large Internet service providers during the last two weeks and presents little danger to major networks, said Paul Watson, a security specialist for industry automation company Rockwell Automation. If left unfixed, the weakness could have allowed a knowledgeable attacker to shut down connections between certain hardware devices that route data over the Net. . . .

HNS Learning Session: Session Hijacking Explained

HNS Learning Session: Session Hijacking Explained

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

For the first learning session on Help Net Security, we've got Caleb Sima, SPI Dynamics CTO and co-founder, discussing session hijacking attacks. While session hijacking can be applied to a lot of areas, this learning session is concentrated to the attacks on web applications. . . .

Securing The IP Telephony Perimeter

Securing The IP Telephony Perimeter

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Networking battles never die; they just move to another layer in the OSI stack. That networking adage is as true with IP telephony security devices today as it was years ago with bridges and routers. . . .

Flaw Leaves Internet Open to Attacks

Flaw Leaves Internet Open to Attacks

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A security researcher has developed a new attack for a well-known flaw in the TCP protocol that allows an attacker to effectively shut down targeted routers and terminate existing TCP sessions at will. The scenario has many security experts worried, given the ubiquity of TCP and the fact that there's an attack tool already circulating on the Internet. . . .

Vulnerability Issues in TCP

Vulnerability Issues in TCP

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The vulnerability described in this advisory affects implementations of the Transmission Control Protocol (TCP) that comply with the Internet Engineering Task Force's (IETF's) Requests For Comments (RFCs) for TCP, including RFC 793, the original specification, and RFC 1323, TCP Extensions for High Performance. TCP is a core network protocol used in the majority of networked computer systems today. Many vendors include support for this protocol in their products and may be impacted to varying degrees. Furthermore any network service or application that relies on a TCP connection will also be impacted, the severity depending primarily on the duration of the TCP session. . . .

How secure is your handheld?

How secure is your handheld?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The No. 1 threat to the sensitive data stored on your handheld device or smart phone remains physically losing the device, but other threats are looming on the handheld horizon. "When you send a defective PDA to the manufacturer for tech support, they usually give you a new one and then resell the old one," said John Girard, vice president and research director at Gartner Inc. "Buying dead machines is an ideal method of pursuing identity theft." What's more, 90% of mobile devices lack the protection necessary to ward off hackers, according to a recent strategic planning assumption conducted by Stamford, Conn.-based Gartner. . . .

CARP your way to high availability

CARP your way to high availability

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

You're putting out system management fires, with five SSH sessions open on your desktop. The mail server needs a restart after that kernel patch, so you su to root and type reboot. Just as the connection closes, your brain catches up with your fingertips. The mail server's still up -- the system you rebooted was the firewall at the site 200 miles away. The firewall on which 50 users rely. The firewall that refuses to reboot without a cold reset. What do you do? . . .

Mail Scanning With Exim And The Exiscan ACL

Mail Scanning With Exim And The Exiscan ACL

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

With all the spam and viruses circulating the Internet these days, any network admin worth his or her salt will have appropriate filters in place to prevent these irritants from getting to users and customers. My predecessor, unfortunately, was worth far less than that, so my first task upon assuming the role of a systems administrator for a small ISP was to establish a mail filter. With no previous experience with a mail filtering system, I dug in and started my research. After reviewing open source solutions such as AmaViS and MailScanner and commercial solutions such as Postini and Mail Warden, I settled on Exim with the Exiscan-ACL plugin. . . .

Expert releases Cisco wireless hacking tool

Expert releases Cisco wireless hacking tool

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The tool, called "Asleap," allows users to scan the wireless network broadcast spectrum for networks using LEAP (Lightweight Extensible Authentication Protocol), capture wireless network traffic and crack user passwords, according to a message posted to the Bugtraq online security discussion group on Wednesday. . . .

Networking improvements in the 2.6 kernel

Networking improvements in the 2.6 kernel

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The new Linux 2.6 kernel offers many improvements over the 2.4 version. One area of technical advancement is in the kernel networking options. Although there are enhancements in most of the files associated with the networking options, this article focuses on major feature improvements and additions that affect entire sections rather than on specific files. Specifically, in this article we will address improvements to the Networking File System (NFS) and Internet Protocol Security (IPSec). We will also meet two new members of the TCP/IP protocol family, Stream Control Transmission Protocol (SCTP) and Internet Protocol version 6 (IPv6). . . .

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved