Discover LinuxSecurity Features

OctopusWAF: A Customizable Open-Source WAF for High Performance Applications

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Mainstream web application firewalls (WAFs) can be very difficult to understand, with thousands of lines of code and obscure plugins. This complexity makes it challenging for developers to modify code to block specific anomalies and secure their applications. But OctopusWAF is different - the open-source WAF is customizable, user-friendly and optimized for a large number of parallel connections - making it ideal for high performance Asynchronous JavaScript and XML (AJAX) applications.

WireGuard Brings Speed and Simplicity to VPN Technology

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

VPN technology has become a critical part of our digital lives, serving a variety of purposes including securing wireless connections, resolving geographical limitations, reaching prohibited websites and protecting the privacy of sensitive data. However, the unfortunate reality is that many of the VPN protocols on the market today are comlex, slow, unstable and insecure. Luckily, the new, innovative Wireguard protocol has demonstrated significant promise in all of these areas - and has earned a place in the mainline Linux kernel as a result. This article will briefly explore VPN protocols and potential concerns when implementing a VPN, and will dive deeper into the unique benefits that Wireguard offers users.

Contribute to LinuxSecurity

Don’t sit on the sidelines of history. Join the Linux Security community
and write real news & articles about Linux that matters the most.

How To Identify Libraries that are Still Vulnerable to Attacks After Updates

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Patch management can be a complex and time-consuming process, and because of this, patches to fix vulnerabilities may not be applied before a hacker is able to breach an organization's security. The majority of organizations are not aware of these vulnerabilities until they have experienced a breach, at which point it is frustrating to learn that deploying a simple patch could have prevented the breach altogether.

Securing a Linux Web Server: A Primer

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Over the next couple of weeks and months, LinuxSecurity editors and contributors will be writing a series on Linux Web Server Security. This week, we’re summarizing the risks Linux administrators face when trying to secure their systems, as well as outlining the first steps that should be taken toward ensuring that your systems are secure. This series will dive deeper into topics including preventing information leakage, firewall considerations, protecting file and directory permissions, securely running PHP applications, monitoring logs and how to verify the security of a Linux server.

Linux Server Security: A Getting Started Guide

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Are your Linux servers secure? No machine connected to the internet is 100% secure, of course. In the words of security guru Bruce Schneier: “Security is a process, not a product.” However, this doesn't mean that you are helpless. Although cyber attacks, hacks and breaches are sometimes unavoidable, all system administrators and users can take definitive measures to mitigate their risk online. 

The Ultimate Guide to Using Data Encryption on Linux

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Data encryption has never been more important. New data protection and privacy regulations, such as GDPR, mean that companies storing unencrypted customer information are vulnerable to paying heavy fines. The public is now more aware of the importance of encryption, with massive data breaches impacting companies like Facebook receiving major media coverage.

5 Open-Source Blockchain Technologies That Linux Users Need to Know About

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

With hundreds of thousands of open-source projects underway, it’s easy to say that open source has become a standard in software development. And when talking about open source, the first development environment that comes to mind is, of course, Linux. Halfway through 2020, around 50% of software developers say they use the Linux operating system (OS) for their projects.

Apache SpamAssassin Leads A Growing List of Open-Source Projects Taking Steps to Correct Instances of Racism and White Privilege

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Over the past few weeks, a heated debate has arisen on the Apache SpamAssassin users list regarding the replacement of racially charged terms like “whitelist” and “blacklist” used in the Apache Spamassassin Project’s code with more inclusive language. Certain community members have been very supportive of Apache SpamAssassin’s efforts to remove racially insensitive language from the project, while others have loudly voiced their disapproval.

Instructions for Disabling AdBlock Extensions on LinuxSecurity.com

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Welcome to the LinuxSecurity.com instruction page on how to turn off your adblocker. We sincerely appreciate the support you are providing by choosing to disable your adblocker on our website. We depend on ad revenue to continue creating free, quality content for you to enjoy. Below are steps you can take in order to white list LinuxSecurity.com on your browser or device.

Google Chrome
Using AdBlock Plus

  • Click on the AdBlock Plus icon on the top right of your browser
  • A drop-down menu will appear with a check mark followed by Enabled on this site
  • Click the button until the text reads Disabled on this site
  • Refresh the page or click Continue to site to access LinuxSecurity.com

Using Chrome adblock extension

  • Click on the hand icon for adblock extension, on the top right corner of your browser
  • A drop-down menu will appear
  • Click the Don't run on pages on this domain option on the drop down
  • Once clicked a settings popup will appear.
  • Click Exclude
  • Refresh the page or click Continue to site to access LinuxSecurity.com

Firefox

  • Click on the AdBlock Plus icon on the top right of your browser
  • A drop-down menu will appear
  • Click the Disabled on LinuxSecurity.com option on the drop down
  • Refresh the page or click Continue to site to access LinuxSecurity.com
  • Firefox "Private Window" runs its own version of adblock. You will receive an adblock detection screen on Private Window, even if you are not running any adblock plugins. In this case, you will need to open LinuxSecurity.com on your standard Firefox window.

Internet Explorer

  • Click on the AdBlock Plus icon on the bottom right hand side of your browser
  • A drop-down menu will appear
  • Click the Disable on www.linuxsecurity.com option on the drop down
  • Refresh the page or click Continue to site to access LinuxSecurity.com

Devices with Apple IOS9 and above

  • Go to the Settings app on the main screen
  • Click on the Safari button
  • From Menu click Content Blockers
  • You will see your blocker enabled. Slide button to the left to disable.
  • Return to your Safari browser and refresh the page or click Continue to site to access LinuxSecurity.com

Know The Enemy: Upgrade Your Threat Detection Strategy with Honeynets

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Honeynets are an invaluable offensive security tool for learning the tactics and motives of the blackhat community and sharing the information and insights gathered. This article will explore what a Honeynet is, its value, how it works and the risks involved with deploying a Honeynet. It will also examine some great open-source honeynet options your organization may wish to consider.