Feature Articles - Page 15

Need an in-depth introduction to a new security topic? Our features articles will bring up up-to-date on everything from buffer overflows to SE Linux policy development.

Protect Your Linux Web Apps and Meet Compliance Standards

Security is vital for your Linux web apps, but keeping up with the latest exploits and meeting compliance standards can quickly become overwhelming. ...
Apr 15, 2024
  0

Strategies for Improving Linux Security Through Cross-Browser Compatibility Testing

In the dynamic landscape of web development, ensuring t...
Apr 10, 2024
  0
19.Laptop Bed Esm H115

Security Risks of Open-Source Software & Mitigations to Overcome Them

Open-source software, or OSS, has completely changed th...
Apr 04, 2024
  0
27.Tablet Connections Blocks Lock Esm H115

Discover LinuxSecurity Features

LS Hmepg 337x500 34 Esm H200

Vulnerabilities in Web Applications

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Internet has made the world smaller. In our routine usage we tend to overlook that "www" really does mean "world wide web" making virtually instant global communication possible. It has altered the rules of marketing and retailing. An imaginative website can give the small company as much impact and exposure as its much larger competitors. In the electronics, books, travel and banking sectors long established retail chains are increasingly under pressure from e-retailers. All this, however, has come at a price – ever more inventive and potentially damaging cyber crime. This paper aims to raise awareness by discussing common vulnerabilities and mistakes in web application development. It also considers mitigating factors, strategies and corrective measures.  

Ls Default Copy 1 Benjamin D. Thomas
LS Hmepg 337x500 34 Esm H200

A Secure Nagios Server

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Nagios is a monitoring software designed to let you know about problems on your hosts and networks quickly. You can configure it to be used on any network. Setting up a Nagios server on any Linux distribution is a very quick process however to make it a secure setup it takes some work. This article will not show you how to install Nagios since there are tons of them out there but it will show you in detail ways to improve your Nagios security.

Ls Default Copy 1 Anthony Pell
LS Hmepg 337x500 34 Esm H200

HowTo: Secure your Ubuntu Apache Web Server

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Setting up a web server with Apache on a Linux distribution is a very quick process, however to make it a secure setup takes some work. This article will show you how to make your Apache web server more secure from an attack by effectively using Access control and authentication strategies.

Ls Default Copy 1 Anthony Pell

Contribute to LinuxSecurity

Don’t sit on the sidelines of history. Join the Linux Security community
and write real news & articles about Linux that matters the most.

Contribute Now
LS Hmepg 337x500 34 Esm H200

Creating Snort Rules with EnGarde

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

There are already tons of written Snort rules, but there just might be a time where you need to write one yourself. You can think of writing Snort rules as writing a program. They can include variables, keywords and functions. Why do we need to write rules? The reason is, without rules Snort will never detect someone trying to hack your machine. This HOWTO will give you confidence to write your own rules.

Ls Default Copy 1 Anthony Pell
LS Hmepg 337x500 34 Esm H200

Introduction: Buffer Overflow Vulnerabilities

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.

Ls Default Copy 1 Erica R. Thomas
LS Hmepg 337x500 34 Esm H200

Network Security Audit (Part II)

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In the First part of Network Security we had a brief overview of the areas that are to be considered on accessing a network's security and also we looked into a few points in each of Management and Administration areas.

Ls Default Copy 1 Anthony Pell
LS Hmepg 337x500 34 Esm H200

Measuring Security IT Success

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In a time where budgets are constrained and Internet threats are on the rise, it is important for organizations to invest in network security applications that will not only provide them with powerful functionality but also a rapid return on investment.

Ls Default Copy 1 Anthony Pell
LS Hmepg 337x500 34 Esm H200

Buffer Overflow Basics

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A buffer overflow occurs when a program or process tries to store more data in a temporary data storage area than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information can overflow into adjacent buffers, corrupting or overwriting the valid data held in them.

Ls Default Copy 1 Benjamin D. Thomas
LS Hmepg 337x500 34 Esm H200

Hacks From Pax: Network Server Monitoring With Nmap

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Hi, and welcome back to another edition of Hacks From Pax. Today we'll discuss hardening Linux servers by scanning for unnecessarily open network ports, and we'll show you how to automate port scanning so you can easily monitor your network for vulnerabilities.

Ls Default Copy 1 Anthony Pell
LS Hmepg 337x500 34 Esm H200

Open Source Tool of March: ZoneMinder

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

For January and February, we chose some of the staples of open source security (GnuPG and Nmap) as the tool of the month. And deservedly so; both have just celebrated their ten-year anniversary in the open source realm, a rare feat for any open source project, much less one founded on security. But for the month of March, we wanted to move ahead and change gears. This month's Open Source Tool is no newbie for sure, but we bet that most of you reading haven't heard of it. While most Linux security tools deal with digital security, this month's tool is one of the few to cross that divide; Welcome to Zone Minder, the Open Source Tool for March...

191 Brittany Brittany Day
LS Hmepg 337x500 34 Esm H200

Open Source Tool of February: Nmap!

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This February, the team at Linuxsecurity.com has chosen NMAP as the Open Source Security Tool of the Month! In January, we chose GnuPG in part because it had just celebrated its 10th anniversary. Well, it wasn't alone. As of this past December Nmap ("Network Mapper"), the free and open source utility for network exploration and auditing, celebrated its 10th Anniversary as well! And because of its popularity, chances are very good that you've already used NMAP for quite some time. Even if you have, it's always good to take a look at how it all got started and what it's all about...

191 Brittany Brittany Day
LS Hmepg 337x500 34 Esm H200

Open Source Tool of the Month: GnuPG!

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Encryption is one of the main pillars of security, and GnuPG is a robust and flexible tool with great functionality that is fully GPL Licensed. And since it just celebrated its landmark 10th Anniversary, it was an easy choice for our tool of the month.

Ls Default Copy 1 Anthony Pell
LS Hmepg 337x500 34 Esm H200

Master's Student: A Quick and Dirty Guide To Kernel Hardening with GrSecurity

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Our resident Master's student Gian Spicuzza chimes in this month with a great feature HowTo on Kernel Hardening! There are a number of ways to lock down a system, and RBAC (role based access control) is one of them. Read on to learn more about what makes RBAC so useful, and to read one of the best overviews on Low/Medium/High Security... The combination of the Linux kernel and GNU packages has always been regarded as a secure operating system, but can it be more secure? Kernel hardening is the answer to tightening up the Linux backbone. GrSecurity, a kernel patch for Linux, is one of the more popular approaches... One of the most significant feature is the addition of a role-based access control system (RBAC) that monitors what each user can execute based on their role and denies execution if they overstep their pre-defined rules.

191 Brittany Brittany Day
LS Hmepg 337x500 34 Esm H200

Knock, Knock, Knockin' on EnGarde's Door (with FWKNOP)

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Secret knocks have been used for purposes as simple and childish as identifying friend or foe during a schoolyard fort war. Fraternities teach these knocks as a rite of passage into their society, and in our security world we can implement this layer of security to lock down an SSH server. With this guide on FWKNOP by Eckie S. (one of our own), you are taken on an easy-to-follow process of securing your platform with your own client and server port knocking set-up. Installation, iptable Rules setup, configuring access for the client and server, and everything in between. Check it out!

191 Brittany Brittany Day
LS Hmepg 337x500 34 Esm H200

IPTables HOWTO Updated Release

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The aim of the iptables-tutorial is to explain iptables in a complete and simple way. The iptables-tutorial is currently rather stable, and contains information on all the currently available matches and targets (in kernel), as well as a couple of complete example scripts and explanations. It contains a complete section on iptables syntax, as well as other interesting commands such as iptables-save and iptables-restore. The tutorial has recently been under heavy scrutiny and updating, as can be seen in this, the latest version of the tutorial. It is now also available in bookform from Lulu.com. If you feel like contributing or donating to the author of this tutorial, please do buy the book! Thank you!   Oskar Andreasson

191 Brittany Brittany Day
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved