Linux Network Security - Page 47

Linux Pentesting Distros: An Essential Tool for Strengthening Network Security

Maintaining robust network defenses requires a proactive approach to keep pace with today's rapidly evolving network security threats. One crucial element of an effective network security strategy is penetration testing, or staged attacks in network ...
Oct 10, 2024
  0

Enhancing Network Security with Linux Proxy Servers

Network security is of utmost importance for organizati...
Sep 30, 2024
  0
4.Lock AbstractDigital Esm H115

OPNsense 24.7 'Thriving Tiger': Elevating Open-Source Network Security and Performance

OPNsense 24.7 'Thriving Tiger" marks an impressive...
Jul 29, 2024
  0
18.WifiCutout Landscape Esm H115

Discover Network Security News

Secret hackers to aid war on internet fraud

Secret hackers to aid war on internet fraud

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

FEARS that small online retailers are the weakest link in the fight against internet fraud have prompted MasterCard, the global payment scheme group, to set up secret teams of hackers to test security systems in the sector. The Times has learnt that the project, named Site Data Protection (SDP), will go live in May and will target online outlets that fail to comply with appropriate levels of internet security. SDP teams will be recruited by the banks that have relationships with online merchants whose systems do not come up to scratch. Brian Morris, head of e-business solutions at MasterCard, said that while large online retailers had robust internet security systems, small and medium-size enterprises (SMEs) "could benefit from the assistance". . . .

The Myth of the Secure Operating System?

The Myth of the Secure Operating System?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

An exercise for the reader: what is wrong with this picture? Laura DiDio is also known to the Linux community for her statements to the effect that SCO has a serious case. But the question here is different -- does the underlying OS make any difference to security? If not, is there a reason to care about such useless innovations as SELinux? Or should we simply take Ms. DiDio's advice: "Don't even argue those merits. Every piece of software that is connected is potentially vulnerable and at risk." . . .

Whose Site is it Anyway?

Whose Site is it Anyway?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

People who buy things online may be familiar with the closed-lock padlock in the bottom right hand corner of their screens. While this is meant to provide a sense of security, how many Internet shoppers actually know what it refers to? In fact the padlock is there to show that at that particular time i.e. on the current web page communications with that site will be secured using encryption based on a protocol called SSL - or Secure Socket Layer (see explanation). In an ecommerce transaction, SSL achieves two things. It authenticates to the user the identity of the organisation responsible for the site in question and ensures that any information transmitted between the purchaser's web browser and the merchant's web site is protected from potential eavesdroppers or hackers listening in from anywhere on the Internet. . . .

Protecting enterprise VOIP environments

Protecting enterprise VOIP environments

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Communications through the public, IP-based network are kept private and secure by 3DES, 128 bit encryption and attack prevention. There is also user authentication and access to the management interface is secured by RADIUS, X.509 digital certificate. . . .

EU Commissioner makes his views felt on European Network Security

EU Commissioner makes his views felt on European Network Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In today's society, much depends on networks and information systems. Additional requirements for security will rapidly increase as networking and computing develop further and electronic communications become part of all aspects of our daily lives. For instance broadband connections offer people the possibility to be "always on". . . .

Network Troubleshooting A Complex Process Made Simple

Network Troubleshooting A Complex Process Made Simple

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Gideon T. Rasmussen writes, "The most efficient manner to troubleshoot a network issue is to approach it in a systematic way. Start by gathering background information; then troubleshoot following the Open System Interconnection (OSI) networking model." . . .

VoIP - Vulnerability over Internet Protocol

VoIP - Vulnerability over Internet Protocol

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The VoIP 'revolution' has been talked of since the 1990's as the 'next big thing' in the enterprise telecoms sector; saving companies vast amounts of money on both call charges and internal network infrastructure and support costs. But just as the VoIP market is finally taking a cautious step towards delivering some of its long-overdue promise, the increasing priority of IT security may force it two steps back. . . .

Using key-based authentication over SSH

Using key-based authentication over SSH

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

SSH, or secure shell, is a protocol by which users can remotely log in, administer, or transfer files between computers using an encrypted transport mechanism. Running over every major operating system, SSH provides a more secure connection method than traditional telnet or the much-maligned "r commands" (rlogin, rcp, rsh). . . .

Detection of SQL Injection and Cross-site Scripting Attacks

Detection of SQL Injection and Cross-site Scripting Attacks

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In this article, we've presented different types of regular expression signatures that can be used to detect SQL Injection and Cross Site Scripting attacks. Some of the signatures are simple yet paranoid, in that they will raise an alert even if there is a hint of an attack. But there is also the possibility that these paranoid signatures may result in false positives. To take care of this, we've then modified the simple signatures with additional pattern checks so that they are more accurate. We recommend that these signatures be taken as a starting point for tuning your IDS or log analysis methods, in the detection of these Web application layer attacks. After a few modifications, and after taking into account the non-malicious traffic that occurs as part of your normal Web transactions, you should be able to accurately detect these attacks. . . .

Mitigating the Complexities of Security Management

Mitigating the Complexities of Security Management

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

An optimal security posture, and one that eliminates the complexities of security management, is one that takes into account each of these four security disciplines. Adherence to best practices within these four fronts will reduce the costs of enterprise protection and lower risks while enhancing security resource allocation and inefficiencies. . . .

Outsourcing: Losing Control

Outsourcing: Losing Control

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A woman in Pakistan recently struck fear among IT executives whooutsource. She had obtained sensitive patient documents from theUniversity of California, San Francisco, Medical Center through amedical transcription subcontractor that she worked for, and shethreatened to post the files on the Internet unless she was paid moremoney. . . .

Explosive Cold War Trojan has lessons for Open Source exporters

Explosive Cold War Trojan has lessons for Open Source exporters

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A reminder of how important these are came last week with a revelation from the Cold War era, contained in a new book by a senior US national security official. Thomas Reed's At The Abyss recounts how the United States exported control software that included a Trojan Horse, and used the software to detonate the Trans-Siberian gas pipeline in 1982. The Trojan ran a test on the pipeline that doubled the usual pressure, causing the explosion. Reed was Reagan's special assistant for National Security Policy at the time; he had also served as Secretary of the Air Force from 1966 to 1977 and was a former nuclear physicist at the Lawrence Livermore laboratory in California. The software subterfuge was so secret that Reed didn't know about it until he began researching the book, 20 years later. . . .

Study: Spam Filters Often Lose E-Mails

Study: Spam Filters Often Lose E-Mails

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

As spam-fighting tools become increasingly aggressive, e-mail recipients risk losing newsletters and promotions they've requested. A new study attempts to quantify missed bulk mailings. Return Path, a company that monitors e-mail performance for online marketers, found that nearly 19 percent of e-mail sent by its customers never reached the inboxes of intended recipients. The figure, for the last half of 2003, is up 3.7 percentage points from the same period in 2002. . . .

Risk management seen as key to IT security

Risk management seen as key to IT security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

David Bauer, first vice president and chief information security and privacy officer at Merrill Lynch, gave his audience a historical perspective on the evolution of IT security, starting with the Morris worm attack of 1988. That attack took the Internet by surprise, he said. There were no tools to fight back and no source of reliable information. Responses were uncoordinated, and the result was "complete havoc," Bauer said. He contrasted that with the Mydoom attack last month, when Merrill Lynch combined good tools with a coordinated and carefully planned response to understand and contain the threat after just one infection. That attack, he said, was "just another event." . . .

Symbiot launches DDoS counter-strike tool

Symbiot launches DDoS counter-strike tool

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Security company Symbiot is about to launch a product that can hit back at hackers and DDoS attacks by lashing out with its own arsenal of tricks, but experts say it may just be a bit too trigger-happy. Symbiot, a Texas-based security firm, is preparing to launch a corporate defence system at the end of March that can fight back against distributed denial-of-service (DDoS) and hacker attacks by launching a counter-strike. . . .

VLANs on Linux

VLANs on Linux

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

To begin, we must have a more formal definition of what a LAN is. LAN stands for local area network. Hubs and switches usually are thought of as participating in a single LAN. Normally, if you connect two computers to the same hub or switch, they are on the same LAN. Likewise, if you connect two switches together, they are both on the same LAN. . . .

Thinking Inside the Box

Thinking Inside the Box

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

To help enterprises that are battling network threats on multiple fronts (worms to spam to application vulnerabilities) several hardware vendors are now offering ISGs that combine an arsenal of security capabilities -- such as intrusion detection and prevention, virus scanning, spam blocking and Web content filtering -- in a single box. Many integrated products also incorporate a firewall and VPN support. . . .

Defending Against Worm Wave Is A Tough Task

Defending Against Worm Wave Is A Tough Task

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

While hackers bicker back and forth, all users want is an end to the torrent of worms that's clobbered the Internet this week. While it's not difficult to stymie one worm, it's a different story when that one becomes a legion, a tsunami that just keeps coming, said security analysts Thursday as they offered up advice on how to handle waves like this week's. Unfortunately, said Ken Dunham, the director of malicious code research at iDefense, "there's no single magic bullet and no comprehensive patch against all of these new worms." . . .

Gateway AV Scanners Caught By Surprise

Gateway AV Scanners Caught By Surprise

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

It is important to stress that the problem with infected password protected zip files is only manifest with gateway scanners. On client computers with up-to-date AV protection, the worm is detected once the user provides the password and decompresses/decrypts the zip file. This fact provides a graphic example why it is important to implement defense in-depth on all layers of your IT infrastructure. . . .

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved