Linux Network Security - Page 50

Linux Pentesting Distros: An Essential Tool for Strengthening Network Security

Maintaining robust network defenses requires a proactive approach to keep pace with today's rapidly evolving network security threats. One crucial element of an effective network security strategy is penetration testing, or staged attacks in network ...
Oct 10, 2024
  0

Enhancing Network Security with Linux Proxy Servers

Network security is of utmost importance for organizati...
Sep 30, 2024
  0
4.Lock AbstractDigital Esm H115

OPNsense 24.7 'Thriving Tiger': Elevating Open-Source Network Security and Performance

OPNsense 24.7 'Thriving Tiger" marks an impressive...
Jul 29, 2024
  0
18.WifiCutout Landscape Esm H115

Discover Network Security News

The Future of IP Is Now!

The Future of IP Is Now!

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

IPv6 is the next-generation Internet protocol designed by the IETF as a replacement for IPv4. Most of today's Internet uses IPv4, which has been remarkably resilient in spite of its age; however, it is beginning to have problems in various features areas. . . .

2003 viruses caused $55B damage, antivirus firm says

2003 viruses caused $55B damage, antivirus firm says

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

omputer virus attacks cost global businesses an estimated $55 billion in damages in 2003, a sum that would rise this year, said Trend Micro Inc., the world's third-largest antivirus software maker. Companies lost roughly $20 billion to $30 billion in 2002 from the virus attacks, up from about $13 billion in 2001, according to various industry estimates. "The economic and financial impact of virus attacks will continue to climb in 2004," Lionel Phang, Trend Micro's Managing Director told Reuters in an interview. He did not have a forecast for the year. . . .

GAO Faults Inconsistent Online Security Programs

GAO Faults 'Inconsistent' Online Security Programs

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The federal government has spent about $1 billion on 89 public key infrastructure programs among 20 major agencies in recent years, but the results of those programs are mixed, according to a report issued by the General Accounting Office. PKI is a secure method for exchanging information within an organization, within an industry, nationwide, or worldwide. . . .

ISO17799 Newsletter

ISO17799 Newsletter

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Every issue of The ISO17799 Newsletter features at least one TRUE story of an information security breach and its consequences:1) The 'Perfect' Business Continuity PlanYes, we have published this one previously - but it is our favorite true story! . . .

Security firms put up Personal Firewall Day

Security firms put up 'Personal Firewall Day'

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Straddling the line between public service and marketing, Microsoft and a handful of security companies are sponsoring a campaign to heighten consumer security awareness and have declared Jan. 15 "Personal Firewall Day." . . .

Strategies to beat the virus writers

Strategies to beat the virus writers

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Twenty years after Fred Cohen first defined the computer security problem of viruses in a paper he wrote as a graduate student, most experts would contend that viruses have evolved from intermittent irritants into an internet plague. But Cohen, a research professor at the University of New Haven and principal analyst at the Burton Group, believes that viruses really haven't changed much since the late 1980s. Email-based viruses and programs that exploit software vulnerabilities basically all imitate similar iterations from the past, he says. . . .

Random Acts of Spamness

Random Acts of Spamness

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

"Daphnia blue-crested fish cattle, darkorange fountain moss, beaverwood educating, eyeblinking advancing, dulltuned amazons...." This is not a failed attempt at free-form prose. It's a snippet of a spam message intended to promote a sexual stimulant, a deliberate crack at sneaking past and spoiling some of the most popular antispam filters. . . .

Protocol Flaw Puts VoIP Users at Risk

Protocol Flaw Puts VoIP Users at Risk

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Some voice-enabled IP networks could be at risk for denial-of-service (define) and buffer overflow (define) attacks as a result of a security flaw in the H.323 (define) networking protocol for transmitting audio-visual data. According to an alert from the U.K. National Infrastructure Security Co-Ordination Centre (NISCC), the security vulnerability was identified in the H.323 protocol, which is used for the transmission of real-time audio, video and data information over packet switched-based networks. . . .

Wireless LAN worries

Wireless LAN worries

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The 802.11i protocol for wireless encryption is on track to become an IEEE standard by June, but it looks like existing WLAN customers seeking to adopt it will need to swap out hardware instead of just upgrading software. In addition, Cisco and Microsoft have gone their separate ways on a WLAN authentication technology called Protected Extensible Authentication Protocol (PEAP), creating a schism that could result in interoperability issues. . . .

VeriSign dead cert causes net instability

VeriSign dead cert causes net instability

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The expiration of one of VeriSign's master digital certificates on Wednesday created confusion for Net users and glitches to the operation of some applications, notably Norton Anti-Virus (NAV). After the cert VeriSign used to sign other certs expired, the chain of trust was broken, leaving some aps unable to set up a secure connection. These apps then defaulted to trying to access Verisign's certificate revocation list server (crl.verisign.com) which, faced with a huge extra load, buckled under the pressure. . . .

NetSec Security Checklist

NetSec Security Checklist

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Recently, a former student and propective client asked me to send, along with a proposal, a checklist of things he needs to be thinking about to help his company's goal of "revamping security" in 2004. This is that checklist. Be forewarned. While risks change somewhat with network size, bandwidth, and connectivity, while business requirements grow, and while the technology we can use to mitigate and mediate risk gets fancier (it is hoped to meet the changing risks), there is nothing new under the sun. Also, this is purposely very high level. It is a general checklist of things to consider. . . .

Vulnerability found in Lotus Notes for Linux

Vulnerability found in Lotus Notes for Linux

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A local vulnerability in a Lotus Notes for Linux configuration file could allow a malicious user to manipulate the values of essential configuration parameters and gain access to files. When installing Lotus Notes for Linux, the default permissions for the "notesdata/notes.ini" configuration file are "666". This gives malicious local users the ability to open the file, change the values of configuration parameters and save them. The local copy of Notes would then run using these altered parameter values, which could cause Notes to operate improperly and possibly destroy or alter data. . . .

Kazaa Delivers More Than Tunes

Kazaa Delivers More Than Tunes

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Forty-five percent of the executable files downloaded through Kazaa, the most popular file-sharing program, contain malicious code like viruses and Trojan horses, according to a new study. Out of 4,778 files downloaded in one month, Bruce Hughes, director of malicious code research at security firm TruSecure, found that nearly half of them contained various types of nefarious code. . . .

NoCat – Wireless Network Security

NoCat – Wireless Network Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Wireless technology, with its freedom of flexibility, its low cost equipment, provides a powerful solution to connect large numbers of computers through an air-network without cables. Despite of its advantages, if not treated correctly, wireless technology provides a real threat to wireless-based communities and networks. . . .

Improving Passive Packet Capture: Beyond Device Polling

Improving Passive Packet Capture: Beyond Device Polling

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Passive packet capture is necessary for many activities including network debugging and monitoring. With the advent of fast gigabit networks, packet capture is becoming a problem even on PCs due to the poor performance of popular OSs. The introduction of device polling has improved the capture process quite a bit but not really solved the problem. This paper proposes a new approach to passive packet capture that combined with device polling further improves it and allows, on fast machines, packets to be captured at (almost) wire speed. . . .

New MiMail Worm Belittles President Bush

New MiMail Worm Belittles President Bush

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

"MiMail attacks have been relentless since the summer of 2003," said Ken Dunham, the director of malicious code for iDefense, a Reston, Va.-based security intelligence firm, in an e-mailed statement. "This is just one of many waves of MiMail attacks we've seen in the wild in the past few months." And that wave won't crest anytime soon, added Dunham. "MiMail stands to be one of the more regular threats to emerge in the first part of 2004." . . .

Basics On Protecting An Organization Against Hackers

Basics On Protecting An Organization Against Hackers

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This 10-point game plan will push the risks and liabilities associated with cybersecurity to the forefront of the corporate agenda and help to dramatically increase your preparedness. But this program won't remove the threat or eliminate the need for strong walls until the technology industry puts better weapons at our disposal. . . .

Managing the Network Security Challange

Managing the Network Security Challange

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

For university information technology departments, a balancing act can be challenging. University computer networks are an essential component of university operations. Yet, they are often large, heterogeneous, open, and used by thousands of individuals whose computing habits and expertise are largely unknown. . . .

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved