Featured Linux Articles

Need an in-depth introduction to a new security topic? Our features articles will bring up up-to-date on everything from buffer overflows to SE Linux policy development.

RHEL 9.4 Unveiled: Elevating Enterprise Security with Cutting-Edge Features

In the evolving cybersecurity landscape, staying ahead of threats while ensuring system stability and compliance is paramount for businesses and developers. Red Hat Enterprise Linux (RHEL) version 9.4 emerges as a beacon of innovation and security, e...
May 09, 2024
  0

Fortifying Email Security with Infosec Through the SDLC

Imagine releasing a software solution into the market o...
May 07, 2024
  0
9.EmailServers Atsign Esm H115

Protect Your Linux Web Apps and Meet Compliance Standards

Security is vital for your Linux web apps, but keeping ...
May 18, 2024
  0
7.Locks HexConnections Esm H115

Discover LinuxSecurity Features

LS Hmepg 337x500 34 Esm H200

FTP Attack Case Study Part I: The Analysis

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This article presents a case study of a company network server compromise. The attack and other intruder's actions are analyzed. Computer forensics investigation is undertaken and results are presented. The article provides an opportunity to follow the trail of incident response for the real case.

Ls Default Copy 1 Anthony Pell

Contribute to LinuxSecurity

Don’t sit on the sidelines of history. Join the Linux Security community
and write real news & articles about Linux that matters the most.

Contribute Now
LS Hmepg 337x500 34 Esm H200

Intrusion Detection Response

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In this paper, Anton looks at network intrusion systems, IDS-triggered countermeasures, what are they, how they can be triggered and when they should not be triggered.

191 Brittany Brittany Day
LS Hmepg 337x500 34 Esm H200

Linux Data Hiding and Recovery

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Just when you thought your data was removed forever, Anton Chuvakin shows us how to recover data and even how data can surruptitiously be hidden within space on the filesystem.

191 Brittany Brittany Day
LS Hmepg 337x500 34 Esm H200

Linux 802.11b and wireless (in)security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In this article, Michael talks about Linux and background on wireless security, utilities to interrogate wireless networks, and the top tips you should know to improve wireless security of your network.

191 Brittany Brittany Day
LS Hmepg 337x500 34 Esm H200

Building a VPN Using Yavipin

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Yavipin is a package that can be used to build a VPN between two hosts using some of the most advanced and sophisticated cryptography available. Learn more about the VPN that focuses on network efficiency, usability, and is highly secure.

191 Brittany Brittany Day
LS Hmepg 337x500 34 Esm H200

IT Security Cookbook Now Available

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Over the past five years, Sean Boran has put together what has become the most comprehensive online Internet security resource available. LinuxSecurity recently had an opportunity to chat with the author, talk about its new home at LinuxSecurity.com, and a few words about the resource itself.

191 Brittany Brittany Day
LS Hmepg 337x500 34 Esm H200

Building a Virtual Honeynet

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Hisham shares his experiences with building a virtual honeynet on his existing Linux box. He describes data capture and control techniques, the types of honeynets, and configuration changes to get one running on your system.

191 Brittany Brittany Day
LS Hmepg 337x500 34 Esm H200

Using Chroot Securely

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The chroot() function can be a powerful mechanism to secure your system, but only if used correctly. Anton provides a good foundation for implementing it in your programs and services running on your system.

Ls Default Copy 1 Anthony Pell
LS Hmepg 337x500 34 Esm H200

Securing Vulnerable Software

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Scott Wimer, CTO Cylant Software, discusses methods for improving the security of a computer system in spite of their vulnerabilities in order to break out of the current security cycle.

191 Brittany Brittany Day
LS Hmepg 337x500 34 Esm H200

Oskar Andreasson IP Tables Tutorial

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Oskar Andreasson speaks with LinuxSecurity.com about his comprehensive IP Tables tutorial and how this document can be used to build a robust firewall for your organization.

191 Brittany Brittany Day
LS Hmepg 337x500 34 Esm H200

International Security, Privacy and Solidarity

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Today's events mark more than a display of courage by Americans, an effort to exact retribution on those who committed this senseless act, and how this country will be changed as a result. It directly impacts us all on an international scale as individual architects of the global Internet.

191 Brittany Brittany Day
LS Hmepg 337x500 34 Esm H200

Encrypted Tunnels using SSH and MindTerm

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Introduction Businesses, schools, and home users need more secure network services now more than ever. As online business increases, more people continue to access critical company information over insecure networks. Companies are using the Internet as a primary means to communicate with travelling employees in their country and abroad, sending documents to various field offices around the world, and sending unencrypted email; this communication can contain a wealth of information that any malicious person can potentially intercept and sell or give to a rival company. Good security policies for both users and network administrators can help to minimize the problems associated with a malicious person intercepting or stealing critical information within their organization. This paper will discuss using Secure Shell (SSH) and MindTerm to secure organizational communication across the Internet.

191 Brittany Brittany Day
LS Hmepg 337x500 34 Esm H200

0wn This Box Challenge

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Cylant's "0wn this box challenge" is a research effort providing a good challenge to skilled crackers. Dave Wreski and Benjamin Thomas of LinuxSecurity.com interview Cylant Technology, Inc. seeking to find more information regarding the work to create this contest, and the experiences gained from holding it.

191 Brittany Brittany Day
LS Hmepg 337x500 34 Esm H200

An Introduction to Nessus

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

There are a number of security scanners out there. Most of them are vendor specific, and each boasts a number of vulnerability checks to determine what is secure on your system and what is not. So what if you are a hardcore open source paranoid like myself who wouldn't think to spend a dime on the latest commercial security scanner from CyberSlueths or CrackerCops? Well there is a superior alternative that is regularly updated, free, and open source. It's called Nessus, and it is by far the best scanner available.

191 Brittany Brittany Day
LS Hmepg 337x500 34 Esm H200

Open Source Security Testing Methods

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Open-Source Security Testing Methodology Manual (OSSTMM) is an effort to develop an open standard method of performing security tests. Dave Wreski and Rich Jankowski interview Pete Herzog, the creator of the project to gain insight to the development efforts and the hope for adoption into the industry.

191 Brittany Brittany Day

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved