Server Security - Page 38

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Securing Your Linux Server: Understanding and Mitigating Modern Threats

In this digital age, Linux servers face unprecedented challenges posed by cyber threats. These, in turn, introduce new vulnerabilities that system administrators must address. Traditionally considered a more secure environment compared to other opera...
Oct 25, 2024
  0

Essential Server Security Security Strategies for Administrators

In the current threat landscape, Linux servers have eme...
Oct 03, 2024
  0
13.Lock StylizedMotherboard Esm H115

Ensuring Linux Server Security: A Comprehensive Guide

Linux servers form a vital backbone of today's Internet...
Oct 02, 2024
  0
22.Lock ScreenEffect Esm H115

Discover Server Security News

XP Updates Start to P.O. Users

XP Updates Start to P.O. Users

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

As many as three times a week, on average, XP users see a little window pop-up at the bottom of their computer screens announcing the availability of another new update for their system. This plethora of patches has left many users wondering whether their hard drives are big enough to handle "Trustworthy Computing.". . .

Cookies Take A Bite Out Of Security

Cookies Take A Bite Out Of Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

As if IT managers didn't have enough security headaches, the rise of Web site-based intrusions has risen over the last year, with aggressive cookies and pop-up-spawned spyware leading the charge. Products like the Gator password manager utility are reported to include a Web-user monitoring component, which may even cause Web browsers to crash or behave erratically.. . .

Potential Vulnerability in LIDS 1.1.1

Potential Vulnerability in LIDS 1.1.1

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

There is a possibility to use a capability from LIDS protected binaries for arbitrary users. For example if some binary has the CAP_SETUID capability granted, a general user can execute this binary under a arbitrary user ( could be the root ).. . .

Denial-of-service attacks still a threat

Denial-of-service attacks still a threat

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Denial-of-service (DOS) attacks continue to present a significant security threat to corporations two years after a spate of incidents brought down several high-profile sites, including those of Yahoo Inc. and eBay Inc., users and analysts report. Since then, several technologies . . .

Server port 80 plagues Internet security

Server port 80 plagues Internet security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

THE INTERNET HAS become a riskier place for businesses since the fall of 2001 and doesn't look to be any more secure in the near future, according to security firm Internet Security Systems, which released its security incident figures for the first quarter of 2002 Wednesday. . . .

How to set up IMAP on the cheap, Part 2

How to set up IMAP on the cheap, Part 2

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This is the second in a series of articles about how to install and configure the Cyrus IMAP mail server, Postfix SMTP, and Procmail for server-side mail filtering. Last week, we covered the installation and basic configuration for Cyrus IMAP.. . .

A Tangled World Wide Web of Security Issues

A Tangled World Wide Web of Security Issues

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The World Wide Web (WWW) was initially intended as a means to share distributed information amongst individuals. Now the WWW has become the preferred environment for a multitude of e-services: e-commerce, e-banking, e-voting, e-government, etc. Security for these applications is an important enabler. This article gives a thorough overview of the different security issues regarding the WWW, and provides insight in the current state-of-the-art and evolution of the proposed and deployed solutions.. . .

User Authentication with PHP and Apache

User Authentication with PHP and Apache

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

There are a number of reasons why you might want to add user authentication to your Web site. You might want to restrict access to certain pages only to a specific group of privileged users. You might want to customize the content on your site as per user preferences.. . .

Introduction to logging

Introduction to logging

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

"Welcome to yet another article in the series of articles dedicated to basic system maintenace and security. This time, I plan to cover the topic of logging, and why is logging a must for every serious admin, or for any system . . .

Using SSH

Using SSH

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

SSH is a secure replacement for telnet, rlogin, other r* and ftp protocols which handle sensitive information in an unsecure manner. Telnet broadcasts sensitive information such as usernames and passwords unencrpyted whereas SSH encrypts them, so that a malicious user trying . . .

Hardening Sendmail

Hardening Sendmail

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Ah, sendmail. You either love it for being so versatile and ubiquitous, or you hate it for being bloated, complicated and insecure. Or perhaps you're a complete newcomer to the e-mail server game and would like to give sendmail a try . . .

Ad Zapping With Squid

Ad Zapping With Squid

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

For some time at my workplace we've been running an ad-zapping service on our web proxy. This page documents how it works, how to use it yourself, how to join the mailing list for updates of the pattern file, and the weirdnesses of our local setup (which you need not duplicate yourself).. . .

Configuring Amanda

Configuring Amanda

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Amanda is the Advanced Maryland Automatic Network Disk Archiver, developed at the University of Maryland in the 1990s. While it is now maintained at SourceForge and support is provided only through mailing lists and a FAQ-O-MATIC, it is still a highly . . .

Multi-Layered Security

Multi-Layered Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In this article I discuss generalized ways to increase system and network trust. While my examples are somewhat FreeBSD-centric, they can be abstracted to almost any platform. There is a popular misconception floating around the corporate sector. Many individuals tout, UNIX is not as secure as other operating systems.. . .

Modular Authentication for Linux

Modular Authentication for Linux

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

You can set up your systems so Linux users can gain secure authentication against a Windows NT Domain. That way they won't need a Linux account and a separate NT Domain account. It'll make life easier for you as a network administrator and make your power users happier. . . .

Flaws found in PHP scripting language

Flaws found in PHP scripting language

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A flaw in the common open-source scripting language PHP could allow attackers to crash or compromise a hefty fraction of the nine million servers running the open-source Web software Apache, as well as other Web servers. A member of the PHP engineering team warned Web developers of the software flaws in an advisory on Wednesday, but security experts believe that while some in the Internet underground have tools to exploit the flaw, few people have the resources.. . .

Webmasters Urged To Plug PHP Security Hole

Webmasters Urged To Plug PHP Security Hole

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Web site operators who use server-side scripting software known as PHP are being urged today to upgrade to a new release that does not contain recently discovered - and apparently serious - security holes. Stefan Esser of Germany-based E-matters, a Web development company, reported that a number of memory-allocation bugs were found in PHP code that handles file uploads, also known as multipart/form-data Post requests.. . .

Multiple Critical PHP Vulnerabilities

Multiple Critical PHP Vulnerabilities

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Multiple critical remote vulnerabilities exist in several versions of PHP. We found several flaws in the way PHP handles multipart/form-data POST requests. Each of the flaws could allow an attacker to execute arbitrary code on the victim's system.. . .

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved