Server Security - Page 25

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Securing Your Linux Server: Understanding and Mitigating Modern Threats

In this digital age, Linux servers face unprecedented challenges posed by cyber threats. These, in turn, introduce new vulnerabilities that system administrators must address. Traditionally considered a more secure environment compared to other opera...
Oct 25, 2024
  0

Essential Server Security Security Strategies for Administrators

In the current threat landscape, Linux servers have eme...
Oct 03, 2024
  0
13.Lock StylizedMotherboard Esm H115

Ensuring Linux Server Security: A Comprehensive Guide

Linux servers form a vital backbone of today's Internet...
Oct 02, 2024
  0
22.Lock ScreenEffect Esm H115

Discover Server Security News

The good and bad of Linux LiveCDs

The good and bad of Linux LiveCDs

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

If you're an IT manager, introducing Linux into your enterprise is a tough decision. Choosing to take the plunge at all is one thing, but facing the myriad choices is another. At last count, the database at DistroWatch.com racked some 345 actively maintained Linux and BSD distributions. Although most enterprises are likely to consider only a fraction of that catalog, the number of decision points it represents is potentially much larger.

Web Sites Running On Windows NT At Risk

Web Sites Running On Windows NT At Risk

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Hundreds of thousands of Web sites running Windows NT 4 remain -- and will remain -- at risk from attack via a vulnerability patched for other operating systems a month ago, a U.S.-based security firm and a British-based Web monitoring vendor said Thursday. The bug in a key Windows protocol, Server Message Block (SMB), was patched for Windows XP, Windows Server 2003, and Windows 2000 in February, but because NT 4 had reached the end of its support lifecycle December 31, 2004, no public fix was issued by Microsoft. Microsoft does provide security patches for NT 4.0 customers who pay for custom support, a service available through the end of 2006.

Hosting Your Own Web Server: Things to Consider

Hosting Your Own Web Server: Things to Consider

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

When being your own web host you should be technically inclined and have basic knowledge of operating systems, understand technical terms, understand how to setup a server environment (such as: DNS, IIS, Apache, etc.) have basic knowledge of scripting languages and databases (PHP, Perl, MySQL, etc.), be familiar with current technologies, and have a basic understanding of hardware and server components.

Linux Security Rough Around The Edges, But Improving

Linux Security Rough Around The Edges, But Improving

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The National Security Agency built a version of Linux with more security tools that its technologists believe could help make the country's computing infrastructure less vulnerable. They won over the Linux developer community with the changes. But its success depends on the adoption by U.S. companies and government agencies, something that remains very much in doubt.

Easy Automated Snapshot-Style Backups with Linux and Rsync

Easy Automated Snapshot-Style Backups with Linux and Rsync

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This document describes a method for generating automatic rotating "snapshot"-style backups on a Unix-based system, with specific examples drawn from the author's GNU/Linux experience. Snapshot backups are a feature of some high-end industrial file servers; they create the illusion of multiple, full backups per day without the space or processing overhead. All of the snapshots are read-only, and are accessible directly by users as special system directories.

How to cut patchwork… and save a cool $100m

How to cut patchwork… and save a cool $100m

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

ccording to Gilligan, a new vulnerability is discovered nearly every day in the commercial software products the Air Force uses – not just Microsoft, but also Linux, Oracle and Cisco Systems. "What we are now reaping is the unfortunate consequence of an era of software development in the 90s, when the rush to get the product to market overrode the importance of correctness in the quality of the software."

Oracle wraps top-notch security around Linux

Oracle wraps top-notch security around Linux

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Oracle has tightened up the security of a number of its products to allow customers to use them in critical national infrastructures, including in conjunction with open source technology from Linux. Oracle has met the Common Criteria Evaluations at the EAL4 level – the highest industry security level for commercial software – for its Oracle Internet Directory, a middleware component of Oracle Identity Management; Oracle9i Database release 2; and the Oracle9i Label Security release 2.

Review: Linux Server Security

Review: Linux Server Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Staying on my current security theme, O'Reilly has published a second edition of Linux Server Security by Michael D. Bauer. The book, targeted toward those managing Internet-connected systems, also known as bastion hosts, packs a powerful arsenal of security design, theory and practical configuration schemes into 500 pages.

Defense picks two for PKI

Defense picks two for PKI

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Defense Department officials selected two companies to provide digital certificate validation for the department's public-key infrastructure (PKI), a decision that some officials feel could spur a faster move to paperless e-government. After a yearlong, worldwide pilot test, military officials chose Tumbleweed Communications and CoreStreet as the two certificate validation providers for its Identity Protection and Management Program, which includes the Common Access Card smart card program.

Is Linux Security A Myth?

Is Linux Security A Myth?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

There are rare occasions in IT when a particular architecture reaches a point where it stops being purely IT driven and takes on a life of its own.The last year has seen the open source movement reach such a cult status and at the vanguard of open source fashion can be found the Linux operating system. Whilst the platform appeals at several levels for potential users, some of a philosophical nature and others far more concrete, it is noticeable that a couple of its qualities have recently been called into question.

Securing Linux with Mandatory Access Controls

Securing Linux with Mandatory Access Controls

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Some in the security industry say that Linux is inherently insecure, that the way Linux enforces security decsions is fundamentally flawed, and the only way to change this is to redesign the kernel. Fortunately, there are a few projects aiming to solve this problem by providing a more robust security model for Linux by adding Mandatory Access Control (MAC) to the kernel.

Company’s Linux-based Mail Solution Helps ISP’s Prevent New Spam Threat

Company’s Linux-based Mail Solution Helps ISP’s Prevent New Spam Threat

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Guardian Digital, the world’s premier open source Internet security company today announced the availability of the first anti-spam software tool designed specifically to diminish the threat of Trojan zombie attacks. Responsible for a high volume of successful spam attacks, this latest email threat is causing serious problems within corporate email infrastructures. Known to take over unsuspecting computers and utilize its resources to send out spam messages, zombie-type attacks use the domain name of the victimized computers ISP to send messages that appear as if they are coming directly from the ISP, making it very difficult for customary anti-spam solutions to block them.

Linux Kernel Security is Lacking

Linux Kernel Security is Lacking

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

During the disclosure of some recent vulnerabilities in the Linux kernel, I learned some things about Linux kernel security that was truly shocking. The way security in the Linux kernel is handled is broken, and it needs to be fixed right now. I'm a big proponent of open source software. Although personally I'm a huge follower of BSD-based operating systems, I keep an open and analytical mind when looking at any OS. Unfortunately, I was totally blown away with some of the things that I learned about Linux kernel security during the release of some recent vulnerabilities in the kernel code.

Penguins at the Gate

Penguins at the Gate

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Only a few open-source vendors have borne the time and expense of having their software EAL-certified. Red Hat and Novell's SuSE Linux attained EAL3+ ratings in the last year, but many other vendors have yet to do the same. This raises a fundamental question: Does open-source software need security certifications to win global acceptance?

Linux is mission critical for Czechs

Linux is mission critical for Czechs

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Czech postal service is putting its faith in open source, by migrating a vital application onto SuSE Linux The Czech postal service has moved a mission-critical application used by 3,400 post offices across the country to Linux.

The Role Of Email Security In Meeting Regulatory Requirements

The Role Of Email Security In Meeting Regulatory Requirements

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Corporate governance and regulation were one of the dominant themes of 2004 and look set to continue to be so throughout 2005. Corporate governance relates to how an organisation is run, and has repercussions for almost every department – particularly Finance, HR, Auditing, Procurement and IT. Due to the nature of the potential content of email, ranging from a simple customer query to financial projections, the use of this application demands particular attention to ensure that its management helps to secure regulatory compliance.

Common Criteria – Salvation For Email Security

Common Criteria – Salvation For Email Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

With the increasing threat of far more sophisticated attacks than just spam and viruses, email security is taking a leap forward. But in implementing new solutions, organisations open up the risk to additional vulnerabilities, because the products they have chosen may not provide an adequate level of security.

SSH Port Forwarding

SSH Port Forwarding

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

SSH is typically used for logging into remote servers so you have shell access to do maintenance, read your email, restart services, or whatever administration you require. SSH also offers some other native services, such as file copy (using scp and sftp) and remote command execution (using ssh with a command on the command line after the hostname).

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved