Server Security - Page 34

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Securing Your Linux Server: Understanding and Mitigating Modern Threats

In this digital age, Linux servers face unprecedented challenges posed by cyber threats. These, in turn, introduce new vulnerabilities that system administrators must address. Traditionally considered a more secure environment compared to other opera...
Oct 25, 2024
  0

Essential Server Security Security Strategies for Administrators

In the current threat landscape, Linux servers have eme...
Oct 03, 2024
  0
13.Lock StylizedMotherboard Esm H115

Ensuring Linux Server Security: A Comprehensive Guide

Linux servers form a vital backbone of today's Internet...
Oct 02, 2024
  0
22.Lock ScreenEffect Esm H115

Discover Server Security News

Web Server Compromise?

Web Server Compromise?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

It depends upon the motive of the attacker. If you were targeted specifically, its possible the attacker will first attempt to hide their presence on the system, and then remain there quietly observing, altering files or using it as a . . .

Inside the World of Secure Operating Systems

Inside the World of Secure Operating Systems

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

On a normal system, if an attacker gains root or administrator access, he or she can run rampant. Not so on a trusted system -- at least so long as it is properly configured. Another hardened OS is EnGarde Linux, which is sold by Guardian Digital. EnGarde uses the same applications one might find in another Linux distribution, but the approach to building the final product is a bit different. Dave Wreski, CEO of Guardian Digital, told NewsFactor that the average Linux distribution "tries to be all things to all people," which makes it difficult to secure the system.. . .

Buffer Overflow in Samba allows remote root

Buffer Overflow in Samba allows remote root

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

An anonymous user can gain remote root access due to a buffer overflow caused by a StrnCpy() into a char array (fname) using a non-constant length (namelen). An exploit named trans2root.pl has been posted on the Digital Defense, Inc. website. A quick udp based based scanner named nmbping.pl has also been posted to assist you in identifying Samba servers on your network.. . .

Security Administration with Debian GNU/Linux

Security Administration with Debian GNU/Linux

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Debian has a package manager (DPKG) that resolves dependency problems automatically. It help us to automatically keep up to date programs looking for new versions on the internet, resolving and completing the files and libraries dependencies which a package requires, making system administration easy and keeping us up to date with the new security changes.. . .

Another Sendmail Vulnerability

Another Sendmail Vulnerability

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Sendmail, Inc., and the Sendmail Consortium announce the availability of sendmail 8.12.9. It contains a fix for a critical security problem discovered by Michal Zalewski whom we thank for bringing this problem to our attention. Sendmail urges all users to either upgrade to sendmail 8.12.9 or apply a patch for your sendmail version that is part of this announcement.. . .

SpamAssassin 2.52 Released

SpamAssassin 2.52 Released

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Multiple bugfixes relating to Bayes support and other fixes new in this version. SpamAssassin is a mail filter to identify spam. Using its rule base, it uses a wide range of heuristic tests on mail headers and body text to . . .

Is a Sendmail worm likely?

Is a Sendmail worm likely?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A serious buffer overflow vulnerability announced last week in Sendmail is ripe to be exploited by targeted attacks, but it is also possible for a worm writer to write malicious code that exploits the security hole. No one can say whether a worm writer will create malware that targets the Sendmail flaw, but it is possible, experts said. The pervasiveness of the flaw and of Sendmail usage are strong reasons to be wary of the potential for such a worm. . . .

Buffer Overflow Attacks and Their Countermeasures

Buffer Overflow Attacks and Their Countermeasures

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Buffer overflow problems always have been associated with security vulnerabilities. In the past, lots of security breaches have occurred due to buffer overflow. This article attempts to explain what buffer overflow is, how it can be exploited and what countermeasures can be taken to avoid it. . . .

Bound by Tradition: A Sampling of the Security Posture of the Internets DNS Servers

Bound by Tradition: A Sampling of the Security Posture of the Internet's DNS Servers

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

DNS servers across the Internet running BIND are not up to date with security patches and software updates. As a result, a significant fraction of the Internet's DNS servers is vulnerable to compromise, subversion, denial of service, and general misuse. Considering that DNS is the lynchpin of the corporate enterprise, the impact of these vulnerabilities is significant and a successful attack could bring down any online business.. . .

Google: Net Hacker Tool du Jour

Google: Net Hacker Tool du Jour

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Why bother pounding at a website in search of obscure holes when you can simply waltz in through the front door? Hackers have recently done just that, turning to Google to help simplify the task of honing in on their . . .

Critical Sendmail Vulnerability, Updates available

Critical Sendmail Vulnerability, Updates available

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A new critical vulnerability has been discovered in Sendmail. The UNIX and Linux vendors have been working feverishly to get a patch ready and most are available now. Sendmail is too big a target for attackers to ignore, so it makes sense to act immediately to protect your systems. Also, nice outline of how the whole disclosure was performed between countries, distributions, state and country agencies, and the vendor.. . .

Is Linux as vulnerable as Windows?

Is Linux as vulnerable as Windows?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Counting viruses is simplistic, but there is evidence that Windows is becoming more resistent, and Linux is becoming more of a target Turning the heat up another notch on a long-simmering debate, the Aberdeen Group has published a study comparing the security of Linux/Unix systems with that of the Microsoft Windows family of products.. . .

FTP Server Offers Key to the Store

FTP Server Offers Key to the Store

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This week I was sidetracked from my projects yet again by the need to investigate two security incidents. Both involved deleted files on servers that apparently had been compromised. The first incident was more of a server configuration issue than a . . .

How to Build, Install, Secure & Optimize Xinetd

How to Build, Install, Secure & Optimize Xinetd

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Xinetd is a secure, powerful and efficient replacement for the old Internet services daemons named inetd and tcp_wrappers. Xinetd can control denial-of-access attacks by providing access control mechanisms for all services based on the address of the remote client that wants to connect to the server as well as the ability to make services available based on time of access, extensive logging, and the ability to bind services to specific interfaces.. . .

tcpserver: Secure, Flexible Daemon Management

tcpserver: Secure, Flexible Daemon Management

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

If you're still running inetd, it's time to move on. Either xinetd or tcpserver offer superior security and control. We're going to look at tcpserver. Note that there is one limitation: it manages only tcp. If you're using UDP or rpc services, tcpserver alone will not do the job. In that case, xinetd is the way to go.. . .

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved