Server Security - Page 23

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Securing Your Linux Server: Understanding and Mitigating Modern Threats

In this digital age, Linux servers face unprecedented challenges posed by cyber threats. These, in turn, introduce new vulnerabilities that system administrators must address. Traditionally considered a more secure environment compared to other opera...
Oct 25, 2024
  0

Essential Server Security Security Strategies for Administrators

In the current threat landscape, Linux servers have eme...
Oct 03, 2024
  0
13.Lock StylizedMotherboard Esm H115

Ensuring Linux Server Security: A Comprehensive Guide

Linux servers form a vital backbone of today's Internet...
Oct 02, 2024
  0
22.Lock ScreenEffect Esm H115

Discover Server Security News

Backup Doesnt Matter

Backup Doesn't Matter

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Paquet: I don't care if you can back my data up or not. I only care if you can recover it. Backup doesn't matter. IT Architect: How do you recover if you don't have any backup? Paquet: I replicate it, I copy it. I cluster it, I use WAFS, I use continuous data protection. Backup doesn't have to be the answer. There are all sorts of things I can do, and sometimes it is backup, but the key is that backup is just a means for recovery, and it's recovery that matters.

Looking beyond simple spam filtering

Looking beyond simple spam filtering

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

After years of narrow focus on fighting spam, messaging security vendors are branching out in new directions as corporate customers demand more from them than filtering unwanted e-mail. At the same time, this crowded industry is overripe for consolidation, and experts believe only those companies with the technology and deep pockets to satisfy growing customer demands will be left standing.

Pass on Passwords with scp

Pass on Passwords with scp

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In this article, I show you how to use the scp (secure copy) command without needing to use passwords. I then show you how to use this command in two scripts. One script lets you copy a file to multiple Linux boxes on your network, and the other allows you to back up all of your Linux boxes easily.

But Wait, Theres More

But Wait, There's More

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The ink is barely dry on all of the Red Hat Enterprise Linux 4 materials, and the company is already gearing up for the launch of RHEL 5. While Red Hat is not being terribly specific about what is in RHEL 5 just yet, the company did announce last week that it is working with server maker IBM and security expert Trusted Computer Solutions to begin the Common Criteria security certification for the forthcoming RHEL 5, which is due in late 2006.

Automating Linux security should be a higher priority

Automating Linux security should be a higher priority

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

I know Linux has a firewall. I know about iptables. I know Linux has fewer viruses targeting it than Windows does. But I strongly believe that Linux users badly need the kind of automated anti-viral patch management service that Windows users now take for granted. The present approach, in my view, just won't scale.

Trusted Linux OS tipped for next year

'Trusted' Linux OS tipped for next year

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Linux vendor has made plans to put its operating system through the paces of a US evaluation program to create the first "trusted" Linux operating system. Red Hat, with help from IBM and Trusted Computing Solutions, said it would put its operating system through the paces of the National Information Assurance Partnership's Common Criteria evaluation program to create the first "trusted" Linux operating system.

Underground without firewalls

Underground without firewalls

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Deep underground somewhere in south-east England, security experts have built a data hosting center almost entirely based on open source operating systems. The cryptologists at the Bunker, an ex-Nato anti-nuclear hideout owned by a data hosting group also known as the Bunker, are so confident of good security, that they say they have no need for firewalls – the tools commonly used for keeping hackers away.

Protecting Linux against automated attackers

Protecting Linux against automated attackers

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

As many systems administrators will tell you, attacks from automated login scripts specifically targeting common account names with weak passwords have become a substantial threat to system security, especially via SSH (a popular program that allows remote users to log in to a Linux computer and execute commands locally). Here are some common-sense rules to follow that can greatly improve security, as well as several scripts to cut down on the computing resources wasted by these attacks.

Users tackle question of Linux vs. Windows on the server

Users tackle question of Linux vs. Windows on the server

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The battle between Linux and Windows for server-side dominance is continuing to play out in data centers worldwide. While some are drawn to Microsoft due to Windows' ease-of-use, manageability and application availability, others feel that low cost, high stability and the freedom of being able to tweak and analyze source code makes Linux the only choice.

Linux/Unix e-mail flaw leaves system open to attack

Linux/Unix e-mail flaw leaves system open to attack

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Two serious security flaws have turned up in software widely distributed with Linux and Unix. The bugs affect Elm (Electronic Mail for Unix), a venerable e-mail client still used by many Linux and Unix sysadmins, and Mplayer, a cross-platform movie player that is one of the most popular of its kind on Linux. The Elm flaw involves a boundary error when the client reads an e-mail's "Expires" header. A specially crafted e-mail could exploit the bug to cause a buffer overflow and execute malicious code on a system, according to security researchers.

Database Security Explained

Database Security Explained

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The most popular open source database for Linux, is MySQL. It's easy to install and configure, runs light, and is quite fast. You'll commonly see it harnessed to Apache serving up site content and authenticating users and offering a tempting target to those with more time than sense or conscience.

IIS vs. Apache: Which is the right security choice?

IIS vs. Apache: Which is the right security choice?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Not long ago, Web administrators didn't have a great deal of input into their organization's Web server platform. If they worked in a Windows shop, they ran Microsoft's Internet Information Server (IIS), while those in Linux/Unix shops were tied to Apache, and never the twain did meet. However, times have changed and the Apache HTTP Server Project has broken down the walls by releasing a Windows distribution of the Web server that traces its historic roots to the original NCSA httpd server. There are now two "big kids on the block" and Windows administrators, at least, have some flexibility. (Don't expect Microsoft to release IIS for Linux anytime soon!)

Storage Security Basics: Confidentiality and Integrity

Storage Security Basics: Confidentiality and Integrity

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In the first part of our Storage Security Basics series, we looked at authentication, authorization, accountability and access control. In this installment, we examine confidentiality and integrity. If you manage a storage network, one of your primary goals is to ensure that the data is secure. As the administrator, the confidentiality and integrity of information is your responsibility. (Data confidentiality refers to the process of encrypting information to prevent it from being read by users who weren't intended to have access to it. Data integrity means that information has not been changed or modified during transit.)

Real World Open Source: Security

Real World Open Source: Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Security breaches in software applications and networks are one of the biggest threats organizations currently face. But unless you pack your computers into boxes and go back to pencils, paper, and typewriters, being mindful of electronic security is an unavoidable reality and business expense. Because security vulnerabilities are such a high stakes issue, the subject has become a political hot potato between open source and commercial software advocates, with each pointing a finger at the other. Some commercial software vendors claim that their model promotes security while the open source model weakens it; some open source developers claim the exact opposite.

Key bugs in core Linux code squashed

Key bugs in core Linux code squashed

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Serious security bugs in key parts of the latest Linux code have been fixed, but some small glitches have been introduced, according to a recent scan. In December, Coverity looked at version 2.6.9 of the Linux kernel, the heart of the open-source operating system, and found six critical defects in the core file system and networking code. In July, the code analysis company scanned the latest version of the Linux kernel, version 2.6.12, and found no such programming errors, Coverity CEO Seth Hallem said.

Linux Kernel Security and Quality Improved Dramatically in Last Six Months, New Coverity Study Finds

Linux Kernel Security and Quality Improved Dramatically in Last Six Months, New Coverity Study Finds

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Coverity, Inc., makers of the world's most advanced and scalable source code analysis solution today announced results from a new study on the security and quality of the Linux kernel. Six months ago Coverity analyzed Linux kernel 2.6.9, the same version used in Red Hat Enterprise Linux 4.0, and found six potentially critical defects in the core filesystem and networking code. Today's findings on the newest Linux kernel 2.6.12 show that all critical defects have been fixed.

Secure servers standards launched

Secure servers standards launched

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Trusted Computing Group has announced an open specification for trusted servers to allow manufacturers to offer better data and transaction security. The specification launched by the industry standards body defines the architecture of a trusted server including its management, maintenance and communication between servers and clients.

Apache 2.x Request Smuggling Vulnerability

Apache 2.x Request Smuggling Vulnerability

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

All versions of Apache previous to 2.1.6 are vulnerable to a HTTP request smuggling attack which can allow malicious piggybacking of false HTTP requests hidden within valid content. This method of HTTP Request Smuggling was first discussed by Watchfire some time ago. The issue has been addressed by an update to version 2.1.6.

Linux-Windows Single Sign-On

Linux-Windows Single Sign-On

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

I am an advocate of centralized identity management and I think Active Directory makes a great repository for user account information. Interoperability can be a challenge, though. For example, you may work in a mixed environment of Linux/Unix and Windows and want users to take advantage of their Windows accounts when logging on at a Linux/Unix machine. This provides single sign-on for users who otherwise would need to maintain two different sets of passwords.

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved