Server Security - Page 43

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Securing Your Linux Server: Understanding and Mitigating Modern Threats

In this digital age, Linux servers face unprecedented challenges posed by cyber threats. These, in turn, introduce new vulnerabilities that system administrators must address. Traditionally considered a more secure environment compared to other opera...
Oct 25, 2024
  0

Essential Server Security Security Strategies for Administrators

In the current threat landscape, Linux servers have eme...
Oct 03, 2024
  0
13.Lock StylizedMotherboard Esm H115

Ensuring Linux Server Security: A Comprehensive Guide

Linux servers form a vital backbone of today's Internet...
Oct 02, 2024
  0
22.Lock ScreenEffect Esm H115

Discover Server Security News

Web Security: Apache and mod_ssl

Web Security: Apache and mod_ssl

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

As we covered in the last article, SSL/TLS (Secure Socket Layer/Transport Layer Security) are the protocols used to add encryption and authentication to TCP/IP and HTTP. In this article we'll cover the most popular open source method of adding SSL/TLS to a web server. Adding mod_ssl to Apache.. . .

Security bugfix for Samba

Security bugfix for Samba

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A serious security hole has been discovered in all versions of Samba that allows an attacker to gain root access on the target machine for certain types of common Samba configuration. Until all vendors have released updates, there is an interim workaround available. . . .

Saving face: Tripwire for Web Pages

Saving face: Tripwire for Web Pages

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This is a great security utility to be sure, but what about non-system files like those that constitute your Web site? Never fear: Tripwire, in partnership with Covalent, has recently released Tripwire for Web Pages into its security software stable. Tripwire . . .

Security geek developing WinXP raw socket exploit

Security geek developing WinXP raw socket exploit

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Security specialist Steve Gibson has created quite a fracas with his increasingly vocal opposition to the raw-socket connectivity planned for Windows-XP, and upon which he bases predictions of impending chaos for the entire Internet, so he's decided to exploit the very threat he claims will make the Internet permanently unstable.. . .

ISS Xforce: BIND Inadvertent Local Exposure of HMAC-MD5 (TSIG) Keys

ISS Xforce: BIND Inadvertent Local Exposure of HMAC-MD5 (TSIG) Keys

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A flaw exists in the dnskeygen utility under BIND version 8 and the dnssec-keygen utility included with BIND version 9. The keys generated by these utilities are stored in two files. In the case of HMAC-MD5 shared secret keys that are used for dynamic updates to DNS servers, the same secret keying material is present in both files. Only one of the files is configured by default with strong access control. The resulting exposure may allow unauthorized local users to obtain the keying information. This may allow attackers to update DNS servers that support dynamic DNS updates.. . .

Securing Java Code: Part 4, Decompilers

Securing Java Code: Part 4, Decompilers

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

ava programs are especially vulnerable to decompilers, because Java source code is compiled to Java bytecode. But there are techniques to make decompilation harder. It is a difficult prospect to take machine level code and translate it backwards into language level . . .

RAZOR advisory: Unsafe Signal Handling in Sendmail

RAZOR advisory: Unsafe Signal Handling in Sendmail

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Sendmail signal handlers used for dealing with specific signals (SIGINT, SIGTERM, etc) are vulnerable to numerous race conditions, including handler re-entry, interrupting non-reentrant libc functions and entering them again from the handler (see "References" for more details on this family of vulnerabilities). This set of vulnerabilities exist because of unsafe library function calls from signal handlers (malloc, free, syslog, operations on global buffers, etc).. . .

Windows vs. Linux: Taking Security Seriously

Windows vs. Linux: Taking Security Seriously

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

While proponents of Linux systems maintain that the many security vulnerabilities and attacks coming to the fore are due to Microsoft's dominance in the market and its inherent vulnerabilities, others believe that Bill Gates' behemoth company is beginning to hold its . . .

Securing Java Code: Part 2

Securing Java Code: Part 2

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

n this installment in our series, we further examine the elements that should be part of a secure Java code policy, including such safeguards as compartmentilization and cryptography. In our last installment, we introduced policy and covered product requirements, error handling, . . .

Access Granted: MySQL Security

Access Granted: MySQL Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Over the next few pages, I'm going to examine the mySQL access control system, and throw some light on the mySQL "grant tables". These tables, which are an integral part of the server's security system, offer database administrators a great deal . . .

FTP Buffer Overflows

FTP Buffer Overflows

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In this column, we look at buffer overflows in many FTP daemons, Oracle Application Server, Solaris ipcs, Solaris Xsun, and a whole list of programs in SCO OpenServers; temporary file race conditions in pine and pico; format string bugs in HylaFAX . . .

Securing Your Apache Server

Securing Your Apache Server

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

An excerpt from Chapter 3, "Security," of Apache: The Definitive Guide, 2nd Edition. Enable Apache to communicate securely over Secure Sockets Layer (SSL). Covers building, configuring, and securing an SSL-enabled Apache server under Unix.. . .

Anti-Virus with Sendmail and FreeBSD

Anti-Virus with Sendmail and FreeBSD

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This is a very nice add on for ISPs or someone that wants to safeguard all email coming into their system from viruses. The following article will walk you through installing and setting up several programs, to get this project done.. . .

NSA funds work to thicken Linux armor

NSA funds work to thicken Linux armor

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The National Security Agency, the electronic snooping arm of the U.S. government, has enlisted computer security company Network Associates to help create a version of Linux that's less vulnerable to attack. The NSA awarded the two-year, $1.2 million contract to the . . .

suEXEC keeps you in control of your systems

suEXEC keeps you in control of your systems

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

One of the biggest problems for both Web hosting providers and clients is server security. How do you provide a flexible server environment for the client while maintaining some level of security? In this article, Jamie Wilson explains how the Apache Web server and the suEXEC module make that possible. . . .

Custom-fit security apps

Custom-fit security apps

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Unlike past attempts to manage security, these companies are concentrating on gathering real-time intelligence on attacks, vulnerabilities and exploits. Using data mining and artificial intelligence techniques, they can predict where problems could appear on a particular customer's network and then design . . .

Updated backdoor program increases danger

Updated backdoor program increases danger

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

AN UPDATED VERSION of the backdoor program SubSeven was released by its creator, a hacker known as "mobman," on Friday, according to the "official" Web page of the program. The SubSeven backdoor, which allows malicious hackers to access and control a user's computer without his or her knowledge, is "one of the highest threats to Windows PCs, especially those running in broadband environments," said Chris Rouland, director of the X-Force research team at computer security firm Internet Security Systems (ISS) in Atlanta.. . .

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved