Discover LinuxSecurity Features

Member Profile: My Expedition Through nmap Lab How to get through the NMAP room in Tryhackme

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Thank you to Oyelakin Timilehin Valentina for contributing this article.

Our newest member, Valentina, an up and coming cybersecurity professional in Nigeria, studying cybersecurity and showing stellar skills in learning and applying her knowledge, recently went through the Tryhackme online learning platform, and shared her experiences, as well as a few quick tips on using nmap.

Open-Source Kernel Security Technologies

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Kernel security is a key determinant of overall system security. After all, the Linux kernel is the foundation of the OS and the core interface between a computer’s hardware and its processes.  Luckily, Linux now supports a range of effective open-source extensions and external tools engineered to boost kernel security. From the threats you should be aware of to the initiatives and technologies designed to reinforce and enhance the security of the Linux kernel, here's what you need to know.

Contribute to LinuxSecurity

Don’t sit on the sidelines of history. Join the Linux Security community
and write real news & articles about Linux that matters the most.

How To Secure the Linux Kernel

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

With the support of the open-source community behind it and a strict privilege system embedded in its architecture, Linux has security built into its design. That being said, gone are the days that Linux system administrators could get away with subpar security practices. Cyber criminals have come to view Linux as a viable attack target due to its growing popularity, the valuable devices it powers worldwide, and an array of dangerous new Linux malware variants that have emerged in recent years. 

Fileless Malware on Linux: Anatomy of an Attack

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Recent years have demonstrated that Windows users are not the only ones who should be concerned about malware. Linux is becoming an increasingly popular target among malware operators due to the growing popularity of the open-source OS and the high-value devices it powers worldwide. Security researchers from AT&T Alien Labs are now warning that “cyber gangs have started infecting Linux machines via a fileless malware installation technique that until recently was more commonly used against Windows-based systems”.

Linux Pentesting: What Is It and How Can It Improve Network Security?

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

When setting up and testing a network security system, it is critical to make sure it is working properly and free from vulnerabilities that could be exploited by malicious hackers. While the best way to guarantee the security of a system is to design, implement and operate it to be secure, continuously testing a network security system for potential flaws is an excellent way to improve and validate network security - which is where pentesting comes in quite handy. This article will introduce the concept of pentesting to improve and verify network security, explain basic pentesting methodology and explore some excellent pentesting tools, distros and OSes available to Linux users in 2021.

Modernize Your Intrusion Detection Strategy with an AI-Powered, Open-Source NIDS

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

As 2020 comes to an end, cyber risk has reached an all-time high, and intrusion detection has never been more essential in securing networks and preventing attacks and breaches. Cyber criminals’ methods, tactics and techniques are evolving to become increasingly stealthy and sophisticated, and more organizations than ever are turning to AI-based intrusion detection systems to beef up their security defenses, outsmart the “bad guys” and protect their critical servers, systems and data.

Anatomy of a Linux Ransomware Attack

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Ransomware has dominated cybersecurity news headlines for the past decade, and for good reason. Through a combination of advanced encryption and effective extortion mechanisms, a ransomware attack can have devastating consequences for any victim including data loss, reputation harm, recovery costs and significant downtime.

Verifying Linux Server Security: What Every Admin Needs to Know

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Linux is a widespread OS known for its robust security. That being said, vulnerabilities are inevitable in any OS, and Linux system administrators must be vigilant about monitoring and verifying the security of their servers on an ongoing basis in order to protect sensitive data and prevent attacks. After all, the majority of attacks on Linux systems can be attributed to poor administration

OctopusWAF: A Customizable Open-Source WAF for High Performance Applications

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Mainstream web application firewalls (WAFs) can be very difficult to understand, with thousands of lines of code and obscure plugins. This complexity makes it challenging for developers to modify code to block specific anomalies and secure their applications. But OctopusWAF is different - the open-source WAF is customizable, user-friendly and optimized for a large number of parallel connections - making it ideal for high performance Asynchronous JavaScript and XML (AJAX) applications.

WireGuard Brings Speed and Simplicity to VPN Technology

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

VPN technology has become a critical part of our digital lives, serving a variety of purposes including securing wireless connections, resolving geographical limitations, reaching prohibited websites and protecting the privacy of sensitive data. However, the unfortunate reality is that many of the VPN protocols on the market today are comlex, slow, unstable and insecure. Luckily, the new, innovative Wireguard protocol has demonstrated significant promise in all of these areas - and has earned a place in the mainline Linux kernel as a result. This article will briefly explore VPN protocols and potential concerns when implementing a VPN, and will dive deeper into the unique benefits that Wireguard offers users.

Open Source is Revolutionizing Careers in Cybersecurity - What You Need to Know

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Technology is an integral part of our everyday lives. Widespread reliance on devices that connect us to the Internet and cloud platforms that facilitate digital communications has markedly increased since the beginning of this pandemic. As technology companies are scrambling to meet businesses’ and consumers’ evolving needs, one trend has become clearly apparent - open-source is at the forefront of modern technological innovation, revolutionizing careers available in the field of cybersecurity in the process.