Feature Articles

IPv6 approach for TCP SYN Flood attack over VoIP, Part I

In this paper, we describe and analyze a network based DoS attack for IP based networks. It is known as SYN flooding. It works by an attacker sending many TCP connection requests with spoofed source addresses to a victim's machine. Each request causes the targeted host to instantiate data structures out of a limited pool of resources to deny further legitimate access.

The paper contributes a detailed analysis of the SYN flooding attack and existing and proposed countermeasures. SYN flooding attacks in application Performance Validation with VoIP gives improper results. To overwhelm it, IPv6 approaches have been proposed here with successful implementation it with Network Tester using Moonerv6 Phases algorithms. Agilent Network Tester practices on the same principles to make availability of IPv6 service in Networks or sensor networks.

Benjamin D. Thomas

• Benjamin D. Thomas
• 12/22/2005
• 35188 Views
• 0 Comments

Hacks From Pax: Using AIDE to Ensure System Integrity

Today in Hacks From Pax we'll talk about AIDE, a host intrusion detection system. AIDE can provide another important layer of security for a system, specifically a layer designed not to keep intruders out per se, but to notify administrators of a possible compromise or intrusion. By itself it won't prevent a successful intrusion, but it can help prevent the only thing worse: a successful intrusion that you don't know about yet.

Brittany Day

• Brittany Day
• 12/20/2005
• 19971 Views
• 0 Comments

EnGarde v3 Now Available!

Guardian Digital is pleased to announce the release of EnGarde Community v3.0. This release represents the most significant number of improvements since the first version released more than four years ago.

If you haven't tried EnGarde recently, then I'm certain you'll be equally as excited about this release as we are. Completely redesigned web interface, firewall functionality, integrated Security-Enhanced Linux protection, and completely free updates are just a few of the outstanding new benefits.

Benjamin D. Thomas

• Benjamin D. Thomas
• 09/28/2005
• 24785 Views
• 0 Comments

Introduction: IP Spoofing

An article on "Security Problems in the TCP/IP Protocol Suite" by S.M.Bellovin in 1989 initially explored IP Spoofing attacks . He described how Robert Morris, creator of the now infamous Internet Worm, figured out how TCP created sequence numbers and forged a TCP packet sequence.

Benjamin D. Thomas

• Benjamin D. Thomas
• 08/25/2005
• 83085 Views
• 0 Comments

Hacks From Pax: PHP Web Application Security

Today on Hacks From Pax we'll be discussing PHP web application security. PHP is a great language for rapidly developing web applications, and is very friendly to beginning programmers, but some of its design can make it difficult to write web apps that are properly secure. We'll discuss some of the main security "gotchas" when developing PHP web applications, from proper user input sanitization to avoiding SQL injection vulnerabilities.

Brittany Day

• Brittany Day
• 08/08/2005
• 33738 Views
• 0 Comments

Pull the Plug Revisited: An Interview Five Years Later

Five years after our original interview with Brian Gemberling, founder of PullthePlug.org, we catch up with Daniel Alvarez and the rest of the site's administrative management. Its structured management and focus on the community will ensure many years of continued success. You're asking, what is pull the plug? Read more to find out...

Benjamin D. Thomas

• Benjamin D. Thomas
• 07/05/2005
• 41431 Views
• 0 Comments

Hacks From Pax: Linux File & Directory Permissions Mistakes

Greetings, gentle reader, and welcome to linuxsecurity.com and our new recurring series of articles on security related mistakes and how to avoid them. I'm your host, Pax Dickinson, and today we'll be reviewing basic Linux file and directory permissions and how to avoid some common pitfalls in their use, in this episode of Hacks From Pax.

Anthony Pell

• Anthony Pell
• 06/27/2005
• 71764 Views
• 0 Comments

Are Your Servers Secure?

In a word, No. No machine connected to the internet is 100% secure. This doesn't mean that you are helpless. You can take measures to avoid hacks, but you cannot avoid them completely. This is like a house — when the windows and doors are open then the probability of a thief coming in is high, but if the doors and windows are closed and locked the probability of being robbed is less, but still not nil.

Blessen Cherian

• Blessen Cherian
• 02/08/2005
• 41585 Views
• 0 Comments

Getting to Know Linux Security: File Permissions

Welcome to the first tutorial in the 'Getting to Know Linux Security' series. The topic explored is Linux file permissions. It offers an easy to follow explanation of how to read permissions, and how to set them using chmod. This guide is intended for users new to Linux security, therefore very simple. If the feedback is good, I'll consider creating more complex guides for advanced users. Please let us know what you think and how these can be improved. If you have ideas for future topics, please post them in the discussion forum below.

Benjamin D. Thomas

• Benjamin D. Thomas
• 02/03/2005
• 91868 Views
• 0 Comments

The Tao of Network Security Monitoring: Beyond Intrusion Detection

The Tao of Network Security Monitoring is one of the most comprehensive and up-to-date sources available on the subject. It gives an excellent introduction to information security and the importance of network security monitoring, offers hands-on examples of almost 30 open source network security tools, and includes information relevant to security managers through case studies, best practices, and recommendations on how to establish training programs for network security staff.

Benjamin D. Thomas

• Benjamin D. Thomas
• 01/28/2005
• 50798 Views
• 0 Comments

Linux Netwosix One Year Later

This brief article outlines the history and story behind Linux Netwosix, a security-focused distribution that is still in early stages of development. Vincenzo Ciaglia, its Italian founder, gives the Linux community an update on how the project has progressed after 11 months.

Brittany Day

• Brittany Day
• 01/06/2005
• 27175 Views
• 0 Comments

A 2005 Linux Security Resolution

As a preface to this paper, I wanted to take a moment mourn the loss of the many tsunami victims worldwide. Our thoughts and prayers are with each of the victims and families. Donations to help in the relief effort can be made through the following organizations; World Vision; American Red Cross; Oxfam; and many others.

Benjamin D. Thomas

• Benjamin D. Thomas
• 12/30/2004
• 25064 Views
• 0 Comments

State of Linux Security 2004

In 2004, security continued to be a major concern. The beginning of the year was plagued with several kernel flaws and Linux vendor advisories continue to be released at an ever-increasing rate. This year, we have seen the reports touting Window's security superiority, only to be debunked by other security experts immediately after release. Also, Guardian Digital launched the new LinuxSecurity.com, users continue to be targeted by automated attacks, and the need for security awareness and education continues to rise.

Benjamin D. Thomas

• Benjamin D. Thomas
• 12/23/2004
• 16373 Views
• 0 Comments