Feature Articles - Page 15

Need an in-depth introduction to a new security topic? Our features articles will bring up up-to-date on everything from buffer overflows to SE Linux policy development.

Protect Your Linux Web Apps and Meet Compliance Standards

Security is vital for your Linux web apps, but keeping up with the latest exploits and meeting compliance standards can quickly become overwhelming. ...
Apr 15, 2024
  0

Strategies for Improving Linux Security Through Cross-Browser Compatibility Testing

In the dynamic landscape of web development, ensuring t...
Apr 10, 2024
  0
19.Laptop Bed Esm H115

Security Risks of Open-Source Software & Mitigations to Overcome Them

Open-source software, or OSS, has completely changed th...
Apr 04, 2024
  0
27.Tablet Connections Blocks Lock Esm H115

Discover LinuxSecurity Features

Contribute to LinuxSecurity

Don’t sit on the sidelines of history. Join the Linux Security community
and write real news & articles about Linux that matters the most.

Contribute Now
Book Reviews Esm H200

Securing a Linux Web Server

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise. While specific configurations vary wildly due to environments or specific use, there are various general steps that can be taken to insure basic security considerations are in place.

Ls Default Copy 1 Anthony Pell
Book Reviews Esm H200

Peter Smith Releases Linux Network Security Online

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Thanks so much to Peter Smith for announcing on linuxsecurity.com the release of his Linux Network Security book available free online. "In 2005 I wrote a book on Linux security. 8 years later and the publisher has gone out of business. Now that I'm free from restrictions on reproducing material from the book, I have decided to make the entire book available online."

Dave Copy 3 Dave Wreski
Book Reviews Esm H200

Password guessing with Medusa 2.0

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Medusa was created by the fine folks at foofus.net, in fact the much awaited Medusa 2.0 update was released in February of 2010. For a complete change log please visit

Ls Default Copy 1 Anthony Pell
Book Reviews Esm H200

Squid and Digest Authentication

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Digest AuthenticationDigest Authentication hashes the password before transmitting over the wire. Essentially it sends a message digest generated from multiple items including username, realm and nonce value. If you want to know more see (RFC 2617).

Ls Default Copy 1 Anthony Pell
Book Reviews Esm H200

Squid and Basic Authentication

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This is perhaps the easiest authentication helper to configure in Squid, but also the most insecure. The biggest problem with Basic is it transmits username and password in clear text, hence very susceptible to network sniffing or man in the middle type attacks. The only reason I

Ls Default Copy 1 Anthony Pell
Book Reviews Esm H200

Free Online security course (LearnSIA) - A Call for Help

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Survivability and Information Assurance (SIA) course was originally developed by a team at Carnegie Mellon, led by Lawrence Rogers (/about/divisions/cert/index.cfm). Back in 2010, I requested a license to continue the development of the course because it provides useful information on Information Assurance. Also, this course will always be freely available for anyone to use in the classroom or self-study. There are three parts to the LearnSIA curriculum.

Dave Copy 3 Dave Wreski
LS Hmepg 337x500 34 Esm H200

Using the sec-wall Security Proxy

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This article full of examples will show you various ways to test services secured using sec-wall, a feature-packed high performance security proxy. We'll be using cURL, a popular Linux command line tool and PycURL - a Python interface to cURL. As of version 1.0, sec-wall supports HTTP Basic auth, digest auth, custom HTTP headers, XPath-based authentication, WS-Security & SSL/TLS client certificates and each of the options is being shown below.

Dave Copy 3 Dave Wreski
LS Hmepg 337x500 34 Esm H200

sec-wall: Open Source Security Proxy

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

sec-wall, a recently released security proxy is a one-stop place for everything related to securing HTTP/HTTPS traffic. Designed as a pragmatic solution to the question of securing servers using SSL/TLS certificates, WS-Security, HTTP Basic/Digest Auth, custom HTTP headers, XPath expressions with an option of modifying HTTP headers and URLs on the fly.

Dave Copy 3 Dave Wreski
LS Hmepg 337x500 34 Esm H200

Meet the Anti-Nmap: PSAD

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Having a great defense involves proper detection and recognition of an attack. In our security world we have great IDS tools to properly recognize when we are being attacked as well as firewalls to prevent such attacks from happening. However, certain attacks are not blindly thrown at you - a good attacker knows that a certain amount of reconnaissance and knowledge about your defenses greatly increases the chances of a successful attack. How would you know if someone is scanning your defenses? Is there any way to properly respond to such scans? You bet there is...

Ls Default Copy 1 Anthony Pell
LS Hmepg 337x500 34 Esm H200

Understand: Fork Bombing Attack

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Thanks to Anand Jahagirdar for this feature! As the variety of attacks and threats grow, you need to be prepared. In this HOWTO, get a feeling for the Fork Bombing Attack, what it is, how it works, where it comes from, how to deal with it and more.

Ls Default Copy 1 Anthony Pell
LS Hmepg 337x500 34 Esm H200

Master's Student: Social Engineering is not just a definition!

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

We are happy to announce a new addition to the Linux Security Contributing Team: Gian G. Spicuzza. Currently a Graduate Student pursuing a Masters Degree in Computer Security (MSIA), Gian is a certified Linux/Unix administrator, the lead developer for the OSCAR-Backup System (at Sourceforge.com) and has experience in a variety of CSO, Management and consulting positions. His first topic is a quick foray into the world and psychology of Social Engineering: All the security in the world isn't going to stop one of your employees or coworkers from giving up information. Just how easy is it? Craig never worked for Linda's company, nor did he call from IT. Craig was an unethical hacker who just gained unauthorized access to her account. Why? Because a phone call is simple. Read on to see just how easy businesses can be exploited.

Ls Default Copy 1 Anthony Pell
LS Hmepg 337x500 34 Esm H200

SSH: Best Practices

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

If you're reading LinuxSecurity.com then it's a safe bet that you are already using SSH, but are you using it in the best way possible? Have you configured it to be as limited and secure as possible? Read on for my best practices for using Secure Shell.

191 Brittany Brittany Day
LS Hmepg 337x500 34 Esm H200

Security Features of Firefox 3

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Lets take a look at the security features of Firefox 3. Since its release, I have been testing it out to see how the new security enhancements work and help in increase user browsing security. One of the exciting improvements for me was how Firefox handles SSL secured web sites while browsing the Internet. There are also many other security features that this article will look at. For example, improved plugin and addon security.

Ls Default Copy 1 Anthony Pell
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved