Server Security - Page 30

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Securing Your Linux Server: Understanding and Mitigating Modern Threats

In this digital age, Linux servers face unprecedented challenges posed by cyber threats. These, in turn, introduce new vulnerabilities that system administrators must address. Traditionally considered a more secure environment compared to other opera...
Oct 25, 2024
  0

Essential Server Security Security Strategies for Administrators

In the current threat landscape, Linux servers have eme...
Oct 03, 2024
  0
13.Lock StylizedMotherboard Esm H115

Ensuring Linux Server Security: A Comprehensive Guide

Linux servers form a vital backbone of today's Internet...
Oct 02, 2024
  0
22.Lock ScreenEffect Esm H115

Discover Server Security News

Terminating a systems administrator

Terminating a systems administrator

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Perhaps one of the most challenging situations in an IT organisation is to let a systems administrator go. This individual has the proverbial keys to the kingdom as a trusted member of your corporate team. If the time comes to part . . .

Dont leave holes in your patching policies

Don't leave holes in your patching policies

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

With network device vulnerabilities being discovered all the time, should you be monitoring patch management yourself, or is outsourcing the best option? If the IT industry was subject to the same restrictions as the car industry, the number of equipment recalls . . .

Theres no silver bullet for security

There's no silver bullet for security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Don't even get me started on security vendors peddling "Intrusion Prevention Systems" (IPS) like they're some kind of silver bullet cure for all security ills. I'd like to see some of those vendors taken to court on a Trade Practices Act . . .

Patching: Process matters

Patching: Process matters

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

"We see people looking for a tool that will solve all their problems, but what you need is a process; it's not just about the tool," says Felicia Nicastro, senior network systems consultant for International Network Services, a consulting firm that . . .

Patch management: Filling security holes

Patch management: Filling security holes

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Nobody knows when the first patch was issued, but it was almost certainly shortly after the first release of the first software package. No matter how much testing is done in-house, the real world and real users always exercise applications in . . .

Significant rsync 2.5.6 Security Vulnerability

Significant rsync 2.5.6 Security Vulnerability

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The rsync team has received evidence that a vulnerability in rsync was recently used in combination with a Linux kernel vulnerability to compromise the security of a public rsync server. While the forensic evidence we have is incomplete, we have pieced together the most likely way that this attack was conducted and we are releasing this advisory as a result of our investigations to date.. . .

Kernel flaw paved way to Debian hack

Kernel flaw paved way to Debian hack

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Michael S. Mimoso submitted, "A dangerous vulnerability in the Linux kernel is at the heart of a recent attack on the Debian Project's development servers. The flaw, an integer overflow in the brk system call, enabled an attacker to compromise . . .

Cross Site Scripting Explained

Cross Site Scripting Explained

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

For those of you who don't know the acronym, XSS stands for Cross-Site Scripting. It is the term that has been given to web pages that can be tricked into displaying web surfer supplied data capable of altering the page for . . .

Critical Linux Kernel Vulnerability

Critical Linux Kernel Vulnerability

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Critical security bug has been discovered in the Linux kernel within do_brk() function that may lead to full compromise of vulnerable system. Successful exploitation of do_brk() leads to full compromise of vulnerable system, including gaining full uid 0 privileges... EnGarde Secure Linux is not vulnerable to this exploit and no update is necessary. Other vendors are expected to publish updates shortly.. . .

Linux security breaches at all time high

Linux security breaches at all time high

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A UK based security firm claimed today that digital attacks on Web sites using the Linux operating system have reached an all-time high over the last three months. British firm mi2g claimed that Windows based servers were more resilient from March . . .

Secure Web Sites and Servers

Secure Web Sites and Servers

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

If you are hosting your Web site on your own server, you need to pay particular attention to security. You should probably install intrusion detection software such as Tripwire. If you're running a Web server you need to be aware . . .

Probability Defense: Bayesian Filters

Probability Defense: Bayesian Filters

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Bayesian filtering works very well, measured at greater than 99.9 percent accuracy at detecting spam and other unwanted e-mails. In his paper, "A Plan For Spam", Paul Graham popularized Bayesian filtering on word groupings to prevent spammers from getting their messages . . .

ISC Releases BIND Security Update

ISC Releases BIND Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

BIND 8.4.3 is a maintenance release of BIND 8.4. It includes the BIND 8.4.2 release which includes a security fix (also released as BIND 8.3.7). EnGarde has updates available; other vendors expected to follow shortly. It is not yet known if this impacts BIND-9; updates to follow.. . .

Secure the incompatible

Secure the incompatible

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

As web services become more complex and involve interaction between multiple parties, users will require more versatile security. Simple, point-to-point web services can be secured in much the same way as interactive web sessions are secured today, by using Secure Sockets . . .

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved