Server Security - Page 13

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Securing Your Linux Server: Understanding and Mitigating Modern Threats

In this digital age, Linux servers face unprecedented challenges posed by cyber threats. These, in turn, introduce new vulnerabilities that system administrators must address. Traditionally considered a more secure environment compared to other opera...
Oct 25, 2024
  0

Essential Server Security Security Strategies for Administrators

In the current threat landscape, Linux servers have eme...
Oct 03, 2024
  0
13.Lock StylizedMotherboard Esm H115

Ensuring Linux Server Security: A Comprehensive Guide

Linux servers form a vital backbone of today's Internet...
Oct 02, 2024
  0
22.Lock ScreenEffect Esm H115

Discover Server Security News

Linux kernel vulnerability fixes - Update 2

Linux kernel vulnerability fixes - Update 2

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Linux developers have released kernel versions 2.6.27.30 and 2.6.30.5 which fix a critical vulnerability revealed last week. The vulnerability, which is found in all 2.4 and 2.6 series Linux kernels since 2001 and for which there is already an exploit, allows users with restricted privileges to obtain root privileges. The developers urgently recommend users update to the new versions.

How Safe Is Your Mail Server?

How Safe Is Your Mail Server?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Great article that talks about the effectiveness of Sender Policy Framework approach to stopping spam, and how effective it is.IT shops have thrown everything but the kitchen sink at the issue and more times than not, come up empty on long-term solutions. Lately we

WordPress issues new version, closes password flaw

WordPress issues new version, closes password flaw

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

WordPress, the popular blogging software platform, has been updated to fix a flaw that could have enabled a hacker to change an administrator password. The bug enables a specially crafted URL to evade a password reset security verification check, Matt Mullenweg, founding developer of WordPress, said Wednesday on the organization's blog.

Security update for WordPress

Security update for WordPress

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The 2.8.3 security update for WordPress fixes several privilege escalation vulnerabilities, similar to the problems fixed in a previous update to version 2.8. The developers had overlooked some of the loopholes which 2.8.3 now closes. The security service provider Core Security had warned of various security problems in WordPress before, after finding errors in processing certain URLs. For example, unprivileged, but registered users, are reportedly able to examine the configuration pages of plug-ins and to change their options.

BIND name server vulnerable to DoS attacks

BIND name server vulnerable to DoS attacks

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A vulnerability in the popular open source BIND9 name server allows attackers to remotely trigger a server crash. According to the error report, a single specially crafted "dynamic update" packet is all that is required to prevent IP addresses from being translated into server addresses. Authorised name-servers use dynamic updates to add, or remove, resource records to, or from, a zone.

Top 20 OpenSSH Server Best Security Practices

Top 20 OpenSSH Server Best Security Practices

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

OpenSSH is the implementation of the SSH protocol. OpenSSH is recommended for remote login, making backups, remote file transfer via scp or sftp, and much more. SSH is perfect to keep confidentiality and integrity for data exchanged between two networks and systems. However, the main advantage is server authentication, through the use of public key cryptography. From time to time there are rumors about OpenSSH zero day exploit. Here are a few things you need to tweak in order to improve OpenSSH server security.

Security update for Joomla

Security update for Joomla

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Joomla developers have announced the release of version 1.5.13 of their content management system (CMS). The security update addresses a critical vulnerability in the Tiny browser included with the TinyMCE 3.0 editor that could allow files to be uploaded or removed without a user needing to be logged in. Version 1.5.12 is affected. Additional details, however, have not been provided.

Root vulnerability in DD-WRT free router firmware

Root vulnerability in DD-WRT free router firmware

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The management interface of the current stable version of DD-WRT, the free router firmware, suffers a vulnerability that lets attackers run programs with root rights on the router. The vulnerability, described at milw0rm and in the DD-WRT forum, is caused by inadequate handling of meta-characters in the query string in DD-WRT's httpd web server. The server will then run programs even when no session is running.

Apache HTTP DoS tool released

Apache HTTP DoS tool released

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Yesterday an interesting HTTP DoS tool has been released. The tool performs a Denial of Service attack on Apache (and some other, see below) servers by exhausting available connections. While there are a lot of DoS tools available today, this one is particularly interesting because it holds the connection open while sending incomplete HTTP requests to the server.

Security and regulatory concerns slow some server virtualization efforts

Security and regulatory concerns slow some server virtualization efforts

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

How does your organization handle virtualization security issues? Has it been something you've thought about for your customers? Security and regulatory concerns have some users warily eyeing the move to server virtualization. For example, during the past year, the Stanford Hospital & Clinics, part of Stanford University in Palo Alto, Calif., has shifted about half of its applications from traditional server platforms to VMware-based virtual machines (VM) -- and found it strongly impacted decision-making on security.

Test the strength of your password policy

Test the strength of your password policy

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Great article on cracking passwords, including info from Bruce Schneier. Don't forget about l0phtcrack for some serious 64-bit auditing and recovery. What tools do you use?Roger Grimes presents a useful tool for figuring out how susceptible your network might be to a password-cracking attack. Most password-cracking scenarios focus on attacks that convert a captured hash to its plain-text password equivalent using an offline attack and hash or rainbow table database. Capturing password hashes assumes a lot. In most cases, the attacker must have highly privileged access (admin or root) to get to the hashes; if they do, they can inflict much more other damage. So why just discuss password cracking?

Linux and Windows compromised at boot

Linux and Windows compromised at boot

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This article talks about Kon-Boot, a tool that can be used for security purposes, such as to legitimately rescue a dead system, or malicious purposes too. Does anyone know another such tool? In the case of Microsoft Windows and certain Linux distributions, this concern is not just theory. It is also a very concrete reality. Piotr Bania has put together a proof of concept, a boot compromise tool called Kon-Boot, which so far has been tested and confirmed to work on at least four Linux distribution releases and a slew of common MS Windows releases.

Report: Over 60 Percent of Websites Contain Serious Vulnerabilities

Report: Over 60 Percent of Websites Contain Serious Vulnerabilities

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Most Websites harbor at least one major vulnerability, and over 80 percent of Websites have had a critical security flaw, according to new data released today by WhiteHat Security. The Website vulnerability statistics, based on Website vulnerability data gathered from WhiteHat's own enterprise clients, show that 63 percent of Websites have at least one high, critical, or urgent vulnerability issue, and there's an average of seven unfixed vulnerabilities in a Website today.

Getting Started With ModSecurity

Getting Started With ModSecurity

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Nice article on better securing your public web presence. Does this article help you? We would love to hear from you whether this is the type of article you like to see on this site. Using ModSecurity is not easy. The complexity of your site, your use of PHP, MySQL and other scripting languages will make it more difficult to configure correctly. Basically, the more complex your site, the more time you will need to work out issues with rules. This tutorial will provide you with several important tips to get started with ModSecurity.

Server Virtualization: Top Five Security Concerns

Server Virtualization: Top Five Security Concerns

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Great article contributed by Taylor Banks. From VM sprawl to compliance, here's a look at the top security issues worrying IT about virtualized servers. The bad news: Despite improved IT understanding regarding virtualization management, many of the security holes are still ones that companies create themselves.

Infosec 2009: Security must be built in from the start

Infosec 2009: Security must be built in from the start

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The government-backed Cyber Security Knowledge Transfer Network (KTN) launched a new roadmap today intended to kick-start an international effort to engineer security into products from their inception. Building in Information Security, Privacy and Assurance (PDF) aims to overcome the siloed approach to security taken by many countries, according to Cyber Security KTN director Nigel Jones. Security at the core is extremely important. Trying to "bolt on" security, as so many distributions do, often leads to something less than really secure. Do you agree?

Wordpress security dissected and analyzed: Part 1

Wordpress security dissected and analyzed: Part 1

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Wordpress is very popular as both a blogging platform and a general CMS. [...] Unfortunately, the more layers of technology you add to a website (PHP code, MySQL databases, authentication mechanisms, fancy themes and endless plugins), the more security holes you potentially open up.

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved