Server Security - Page 29

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Securing Your Linux Server: Understanding and Mitigating Modern Threats

In this digital age, Linux servers face unprecedented challenges posed by cyber threats. These, in turn, introduce new vulnerabilities that system administrators must address. Traditionally considered a more secure environment compared to other opera...
Oct 25, 2024
  0

Essential Server Security Security Strategies for Administrators

In the current threat landscape, Linux servers have eme...
Oct 03, 2024
  0
13.Lock StylizedMotherboard Esm H115

Ensuring Linux Server Security: A Comprehensive Guide

Linux servers form a vital backbone of today's Internet...
Oct 02, 2024
  0
22.Lock ScreenEffect Esm H115

Discover Server Security News

SQL Server getting security boosts

SQL Server getting security boosts

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Microsoft will not be swayed by the current industry momentum of Linux and open source, with no plans afoot to port the database to either Linux or Unix or make any SQL Server code available through an open source format, he said. . . .

Security flaws could corrupt open source databases

Security flaws could corrupt open source databases

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Flaws in two popular source code database applications could allow attackers to access and corrupt open-source software projects, according to a security researcher. One vulnerability affects the Concurrent Versions System (CVS), an application used by many developers to store program code. The other flaw affects a newer, less widely used system known as Subversion, said Stefan Esser, the researcher who discovered the security holes. . . .

Email attack could kill servers

Email attack could kill servers

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A crafty way of knocking out any email server using a few carefully constructed emails has been identified by a team of computer security experts. The trick involves sending forged emails that contain thousands of incorrect addresses in the "copy to" fields that are normally used to send duplicate messages. Researchers at UK-based NGSSoftware sent these emails to the largest email servers on the internet, and found they could force huge quantities of unwanted email to pour into another mail server of their choice. . . .

Moving to Linux may not save money--yet

Moving to Linux may not save money--yet

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

More from Laura DiDio, who tells us that many IT executives are reconsidering a move to Linux due to "a growing number of security threats and a dearth of experienced Linux administrators". Are there execs out there who consider Windows to be a more secure platform than Linux, or are they frightened by the sheer volume of patches released by the open source distributions? . . .

Red Hat brings SE Linux to Fedora

Red Hat brings SE Linux to Fedora

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Red Hat Inc. took the first step this week toward the inclusion of Security Enhanced Linux in its enterprise offerings when it released Fedora Core 2, test2. The latest beta of Fedora, an openly developed and constantly changing version of Linux sponsored by the Raleigh, N.C.-based distributor, includes SE Linux and is based on the 2.6 kernel. Enterprises are unlikely to deploy Fedora for mission-critical systems, but it does serve as a proving ground for Red Hat Enterprise Linux. RHEL 4.0 is on course for an early 2005 release and is likely to include SE Linux, said Fedora technical lead Cristian Gafton. . . .

No second thoughts on Linux use

No second thoughts on Linux use

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

"In terms of security and man-hours to keep the network up and running, Linux is invaluable," Smith said. "Patches in the Linux world both work and leave the machine fully functional. That has not been my experience in the Windows world, where on many occasions I've had to back out a patch to regain functionality and on at least a few occasions cratered a machine by applying a patch. . . .

Forensic Analysis of a Live Linux System, Part One

Forensic Analysis of a Live Linux System, Part One

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

During the incident response process we often come across a situation where a compromised system wasn't powered off by a user or administrator. This is a great opportunity to acquire much valuable information, which is irretrievably lost after powering off. I'm referring to things such as: running processes, open TCP/UDP ports, program images which are deleted but still running in main memory, the contents of buffers, queues of connection requests, established connections and modules loaded into part of the virtual memory that is reserved for the Linux kernel. All of this data can help the investigator in offline examination to find forensic evidence. Moreover, when an incident is still relatively new we can recover almost all data used by and activities performed by an intruder. . . .

Apache Upgrades Web Server, Fixes Bugs

Apache Upgrades Web Server, Fixes Bugs

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Sander Striker, a director of the Apache Software Foundation (ASF), told ServerWatch that the release was "regular" and not made in reaction to any security contingencies. However, Apache's change log shows that there are a number of security-related bug fixes and enhancements that deal with previously identified vulnerabilities. . . .

Apple OS X Server is most Secure System?

Apple OS X Server is most Secure System?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

An independent study by British cyber security firm, mi2g, has found Apple's OS X Server and the Berkely Software Distribution (BSD) open source systems on which it is based, to be the most secure online server operating systems in the world, according to a recent report published . . .

Security One Step at a Time

Security One Step at a Time

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

As I write this, yet another e-mail worm is spreading among non-Linux computers and incidentally filling my mailbox with "YOU HAVE A VIRUS" bounces from dumb software that somehow doesn't yet get the concept that worms forge mail. There's nothing like a worm attack that spares Linux to bring out the smug superiority in Linux users. . . .

Linux servers attacked more often

Linux servers 'attacked more often'

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Linux advocates often take pride in the operating system being more secure than Windows but this claim may have attracted unwanted attention from the hacking community. An analysis of hacker attacks on online servers in January by UK-based security consultancy mi2g found that Linux servers were the most frequently hit, accounting for 13,654 successful attacks, or 80 percent of the survey total. Windows came in a distant second with 2,005 attacks. . . .

Linux v2.6 Scales the Enterprise

Linux v2.6 Scales the Enterprise

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Other goodies in the v2.6 kernel include integrated IPSec support, with the inclusion of the Kame Project; enhanced support for network file systems, including support for mounting Novell NetWare shares; initial NFSv4 (Network File System Version 4) support; and performance and compatibility enhancements with SMB (Server Message Block) shares, including support for CIFS (Common Internet File System). . . .

Common sense security

Common sense security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A few years back, I was working on getting investment into our business. We had big problems with the lawyer from the other side, who kept raising objections. The issue wasn't that her points were invalid; they just weren't material. In other words, they were unlikely to cause problems for their investor. . . .

Linux group releases enterprise guidelines

Linux group releases enterprise guidelines

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The document defines some 300 capabilities for Linux usage, which OSDL has arranged into a number of categories: scalability, performance, reliability/availability/scalability, manageability, clusters, standards, security and usability. OSDL said it plans to create a DCL requirements document based on the guidelines to be used in developing a public reference for Linux distributions, business users, and developers of the Linux kernel--the heart of the operating system. . . .

An Introduction To SQL Injection Attacks For Oracle Developers

An Introduction To SQL Injection Attacks For Oracle Developers

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Most application developers underestimate the risk of SQL injection attacks against web applications that use Oracle as the back-end database. This paper is intended for application developers, database administrators, and application auditors to highlight the risk of SQL injection attacks and demonstrate why web applications may be vulnerable. . . .

Database, Security, Storage Are Next Layers For Open Source Commoditization

Database, Security, Storage Are Next Layers For Open Source Commoditization

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Key open source advocates point to databases, security and storage as the next big categories ripe for commoditization. At a panel exploring open source issues at Harvard Business School's annual Cyberposium, executives from IBM, Hwwlett Packard, Red Hat, Sun Microsystems and Microsoft debated a variety of issues related to the future of open source, including growth areas and controversial procurement issues. . . .

Ten Security Checks for PHP, Part 1

Ten Security Checks for PHP, Part 1

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Web applications have become a popular way to provide global access to data, services, and products. While this global access is one of the Web's underlying advantages, any security holes in these applications are also globally exposed and frequently exploited. It is extremely easy to write applications that contain unintentional security holes. This is demonstrated by the range of common web applications, including PHPMyAdmin, PHPShop and FreeTrade, that have contained major security holes.. . .

OpenSSL gets FIPS certification

OpenSSL gets FIPS certification

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The National Institute of Standards and Technology has approved an open-source library of encryption algorithms for use on sensitive government networks, the Open Source Software Institute announced this month. The cryptographic module of OpenSSL (https://www.openssl.org:443/ ), an open-source version of Secure . . .

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved