Feature Articles - Page 1.25
Need an in-depth introduction to a new security topic? Our features articles will bring up up-to-date on everything from buffer overflows to SE Linux policy development.
Need an in-depth introduction to a new security topic? Our features articles will bring up up-to-date on everything from buffer overflows to SE Linux policy development.
At last count, W3Techs reported that 43.1% of all websites operating on the Internet today rely on the WordPress CMS. And of those, an overwhelming majority run on Linux servers. That immense popularity makes Linux servers running WordPress a prime target of hackers and other bad actors. As a result, such servers face an estimated 90,000 attacks every minute, every day.
There are several general categories of DoS attacks. Some groups divide attacks into three classes: bandwidth attacks, protocol attacks, and logic attacks. Following are brief descriptions of some common types of DoS attacks.
When a normal TCP connection starts, a destination host receives a SYN (synchronize/start) packet from a source host and sends back a SYN ACK (synchronize acknowledge). The destination host must then hear an ACK (acknowledge) of the SYN ACK before the connection is established. This is referred to as the "TCP three-way handshake."
Service Providers are scrambling to offer voice, video, data, and innovative services, such as gaming, interactive TV, and messaging, on a single pipe. At the same time, network equipment is being upgraded to IPV6. But some Real-Time IPV6 Security overwhelms performance due to the application intelligence, which is the rapid inspection of VoIP signaling SIP, H.323 and audio packets, and the prompt opening and shutting of "pinholes" to allow the passage of valid voice traffic over wireless networks.
In this paper, we describe and analyze a network-based DoS attack for IP-based networks. It is known as SYN flooding. It works by an attacker sending many TCP connection re¬quests with spoofed source addresses to a victim's machine. Each request causes the targeted host to instantiate data structures out of a limited pool of resources to deny further legitimate access. Part I Part II Part III Part IV
In this paper, we describe and analyze a network-based DoS attack for IP-based networks. It is known as SYN flooding. It works by an attacker sending many TCP connection requests with spoofed source addresses to a victim's machine. Each request causes the targeted host to instantiate data structures out of a limited pool of resources to deny further legitimate access.
It was discovered that a sequence of processor instructions for some Intel processors leads to unexpected behavior that could allow an authenticated local user to escalate privileges (CVE-2023-23583). This bug, dubbed "Reptar," could expose sensitive information or cause system crashes, resulting in denial of service attacks leading to loss of system access.
Computer systems, software, applications, and other interfaces are vulnerable to network security threats. Failure to find these cybersecurity vulnerabilities can lead to the downfall of a company. Therefore, businesses must utilize vulnerability scanners regularly within their systems and servers to identify existing loopholes and weaknesses that can be resolved through security patching.
Two critical vulnerabilities were recently discovered in the Linux kernel, which both received a National Vulnerability Database base score of 9.8 out of 10 due to how simple they are for attackers to exploit and their severe threat to impacted systems.
In the dynamic landscape of contemporary software development, Docker containerization has emerged as a cornerstone, facilitating the efficient deployment and scaling of applications. However, fortifying their security measures becomes paramount as organizations increasingly embrace Docker containers.
A weak password can be as simple as having a password equal to a username, a blank password, or combination passwords such as ‘qwerty’. Users feel that they can get away with leaving a weak password oftentimes because they have trouble keeping track of them.
Because of the changing nature of the data management environment, many businesses are turning to data governance consultancy as a compliance tool. Data governance consulting aims to help businesses develop strategies, policies, and frameworks to ensure their data's security, privacy, and integrity. Linux and open-source security play a crucial role in achieving these objectives for organizations that use Linux-based systems and open-source software.
Passkeys are created on user devices, so you must select the correct one to log in to the services and websites. Passwords are no longer required, which is one of the main advantages of this convenient, up-and-coming feature.
Linux device management is pivotal in contemporary managed service providers' (MSPs) core operations. With a growing reliance on Linux systems within organizations, adeptly administering these devices is a defining factor for MSPs. In the rapidly evolving tech landscape, the surge in Linux adoption is driving MSPs to deliver efficient Linux device management services that align with the distinct needs of their clients.
Peer-to-peer (P2P) torrenting users face many risks, ranging from downloading malware to inadvertently downloading unauthorized content. Your computer may get infected with viruses, your ISP may limit your connection, or you may face penalties.
At last count, nearly half of all small businesses used cloud-based hosting and infrastructure services. SMBs are doing so because it allows them to use enterprise-grade technology at affordable prices. However, many small business owners and decision-makers don't fully appreciate the level of risk that comes with their cloud footprint. And that's a blind spot that can have significant bottom-line consequences.
Recently, the media has been covering many Internet break-ins, their reporters spinning tales of clever bandits who magically gain access to machines with a simple keystroke. In real life, however, it is rarely that simple. Cracking into a computer system requires planning. A cracker has to find a target machine, and then find out what ports the machine is listening on before a system can be compromised.
If your Linux system were a busy airport, the GNU C Library (glibc) would be the control tower that could give malicious actors free rein on your systems, like a pilot who hijacked an airplane. Recently, a severe vulnerability dubbed "Looney Tunables" (CVE-2023-4911) was found in this integral part of most Linux systems that provides basic system functions like file I/O, network, and memory access.
With cyber threats becoming alarmingly sophisticated, IT professionals constantly struggle to keep digital assets safe. It's not just about reacting to threats anymore; it's about building a security system that’s as dynamic and adaptable as the threats themselves. Linux, with its open-source, transparent framework, offers precisely that.
Data security is critical for running your business smoothly and earning customers’ trust. People provide information when purchasing products at e-commerce sites, signing up for services, giving feedback about experiences, and much more. However, many are becoming less open to sharing their data with companies unless they feel confident employees there will handle it responsibly.
Sign up to get the latest security news affecting Linux and
open source delivered straight to your inbox
Powered By
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.