Server Security - Page 12

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Securing Your Linux Server: Understanding and Mitigating Modern Threats

In this digital age, Linux servers face unprecedented challenges posed by cyber threats. These, in turn, introduce new vulnerabilities that system administrators must address. Traditionally considered a more secure environment compared to other opera...
Oct 25, 2024
  0

Essential Server Security Security Strategies for Administrators

In the current threat landscape, Linux servers have eme...
Oct 03, 2024
  0
13.Lock StylizedMotherboard Esm H115

Ensuring Linux Server Security: A Comprehensive Guide

Linux servers form a vital backbone of today's Internet...
Oct 02, 2024
  0
22.Lock ScreenEffect Esm H115

Discover Server Security News

PHP 5.2.12 closes security holes

PHP 5.2.12 closes security holes

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The PHP developers have released version 5.2.12 of their popular programming language, fixing over 60 bugs mainly to increase stability, but also closing some security holes. While PHP 5.3 has been available since mid 2009, backwards compatibility issues with various popular PHP applications have prevented many users from upgrading. Since, as a result, the 5.2 branch is still used on numerous systems, the developers continue to update this branch.

Linux kernel vulnerabilities closed

Linux kernel vulnerabilities closed

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Several Linux distributors are releasing updated kernel packages to close security holes in the kernel. For instance, very large packets can reportedly be used to remotely provoke a flaw in the TCP/IPv4 stack's ip_defrag() (net/ipv4/ip_fragment.c) function. This can potentially cause null-pointer dereferencing and crash a system.

Hypervisor Security Concerns

Hypervisor Security Concerns

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The basic idea/thesis of this article (and the previous, unfinished draft) is this: hypervisors are getting more and more common, and are growing in deployment in everything from datacenter systems to embedded consumer electronics. But, as their deployment increases, more and more security concerns come into play, including a variety of attack methods and the dire consequences of a compromised hypervisor.

Free database firewall protects PostgreSQL and MySQL

Free database firewall protects PostgreSQL and MySQL

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Version 1.2 of GreenSQL is now able to protect PostgreSQL as well as MySQL. GreenSQL is designed to protect databases against SQL injection attacks and other unauthorised changes, in a similar fashion to a firewall protecting a network against TCP/IP outside attacks. The new version also provides a graphical user interface for monitoring the database firewall.

Root exploit for FreeBSD

Root exploit for FreeBSD

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

An exploit for FreeBSD is in circulation that allows users with restricted access to escalate their privileges to root level. The problem is caused by a flaw in the run-time link editor (rtld) which, in certain circumstances, accepts specially crafted environment variables. According to Kingcope, the developer of the exploit, the flaw is "incredibly easy" to exploit by, for example, setting a path to a specially crafted library for the LD_PRELOAD environment variable and then starting an SUID program like Ping.

Total security in a PostgreSQL database

Total security in a PostgreSQL database

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Database security is the single biggest concern with today's Web-based applications. Without control, you risk exposing sensitive information about your company or, worse yet, your valuable customers. In this article, learn about security measures you can take to protect your PostgreSQL database.

openSUSE kernels on 1&1 root servers may be out of date

openSUSE kernels on 1&1 root servers may be out of date

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

According to a German IT service provider, users running 1&1 servers with openSUSE 11 as their distribution should check the version number of their Linux kernel. In order to guarantee full support for the hardware it uses, for openSUSE, 1&1 installs its own homemade kernel. Unfortunately this kernel disables the YAST auto-update function, with the result that, despite regular updates, the kernel (2.6.27.21) remains several months old

Practical Analysis: The Fastest-Growing Security Threat

Practical Analysis: The Fastest-Growing Security Threat

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

SQL injections, more than any other exploit, can land your company in trouble. So why aren't you worried about them? Few things make a CIO's eyes glaze over like the mere mention of SQL injections. Unless they cut their teeth in security or SQL programming, chances are that the folks who control the purse strings don't understand these increasingly common attacks. That's a real issue because you're probably making decisions that could exacerbate the problem.

Does Wine Make Linux Too Loose?

Does Wine Make Linux Too Loose?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

For those Wine aficionados out there, beware of the remote possibility that your Linux system could be infected by Windows-seeking malware. "WINE running a Windows virus is nothing more than a 'stupid Linux trick' ... for now," said Slashdot blogger hairyfeet. But if the year of the Linux desktop ever arrives, he wonders, can Linux hold up to a "tidal wave of stupidity"?

Hole in the Linux kernel allows root access

Hole in the Linux kernel allows root access

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A null pointer dereference in the Linux kernel can be exploited to access a system at root privilege level. The hole is reportedly contained in pipe.c and can occur in certain circumstances when using the pipe_read_open(), pipe_write_open() or pipe_rdwr_open() functions while releasing a mutex (mutual exclusion) too early

Email Security: Top 10 E-mail Blunders Of 2009, So Far

Email Security: Top 10 E-mail Blunders Of 2009, So Far

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

E-mail, the Internet's first killer app, can injure companies and individuals when not used with care. In its attempt to document the risks of electronic messaging and to make the case for the value of its services, Proofpoint, an e-mail security company, has assembled a list of what it considers are the "Top 10 Terrifying E-mail Blunders of 2009."

WordPress Hardening

WordPress Hardening

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Today one of our readers sent an interesting post from the developers of WordPress. It is about a just released version 2.8.5. This version is called as the "Hardening Release", which I thought was quite great! According the post, these were new security features from the new 2.9 series that they decided to backport to the 2.8.x tree.

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved