Need an in-depth introduction to a new security topic? Our features articles will bring up up-to-date on everything from buffer overflows to SE Linux policy development.
Exclusive Interview with CrowdSec CEO Philippe Humeau
With the widespread adoption of cloud and container infrastructure, protecting servers, services, containers and virtual machines exposed on the Internet with a reliable, intelligent intrusion pr...
Mainstream web application firewalls (WAFs) can be very difficult to understand, with thousands of lines of code and obscure plugins. This complexity makes it challenging for developers to modify code to block specific anomalies and secure their applications. But OctopusWAF is different - the open-source WAF is customizable, user-friendly and optimized for a large number of parallel connections - making it ideal for high performance Asynchronous JavaScript and XML (AJAX) applications.
VPN technology has become a critical part of our digital lives, serving a variety of purposes including securing wireless connections, resolving geographical limitations, reaching prohibited websites and protecting the privacy of sensitive data. However, the unfortunate reality is that many of the VPN protocols on the market today are comlex, slow, unstable and insecure. Luckily, the new, innovative Wireguard protocol has demonstrated significant promise in all of these areas - and has earned a place in the mainline Linux kernel as a result. This article will briefly explore VPN protocols and potential concerns when implementing a VPN, and will dive deeper into the unique benefits that Wireguard offers users.
Information leakage is a serious threat to the security of a Linux server, and can result in a host of severe consequences including significant downtime and the compromise of sensitive data. Luckily, server administrators can mitigate the risk of information leakage through a series of configuration changes.
Patch management can be a complex and time-consuming process, and because of this, patches to fix vulnerabilities may not be applied before a hacker is able to breach an organization's security. The majority of organizations are not aware of these vulnerabilities until they have experienced a breach, at which point it is frustrating to learn that deploying a simple patch could have prevented the breach altogether.
Over the next couple of weeks and months, LinuxSecurity editors and contributors will be writing a series on Linux Web Server Security. This week, we’re summarizing the risks Linux administrators face when trying to secure their systems, as well as outlining the first steps that should be taken toward ensuring that your systems are secure. This series will dive deeper into topics including preventing information leakage, firewall considerations, protecting file and directory permissions, securely running PHP applications, monitoring logs and how to verify the security of a Linux server.
Are your Linux servers secure? No machine connected to the internet is 100% secure, of course. In the words of security guru Bruce Schneier: “Security is a process, not a product.” However, this doesn't mean that you are helpless. Although cyber attacks, hacks and breaches are sometimes unavoidable, all system administrators and users can take definitive measures to mitigate their risk online.
The Internet of Things (IoT) is rapidly growing, connecting more devices each day. It is projected that by 2025, the world will have an astounding 64 billion IoT devices.
Data encryption has never been more important. New data protection and privacy regulations, such as GDPR, mean that companies storing unencrypted customer information are vulnerable to paying heavy fines. The public is now more aware of the importance of encryption, with massive data breaches impacting companies like Facebook receiving major media coverage.
With hundreds of thousands of open-source projects underway, it’s easy to say that open source has become a standard in software development. And when talking about open source, the first development environment that comes to mind is, of course, Linux. Halfway through 2020, around 50% of software developers say they use the Linux operating system (OS) for their projects.
Is your home router leaving your network vulnerable to attack? New research suggests that this worrisome scenario is more likely than you may have thought.
Over the past few weeks, a heated debate has arisen on the Apache SpamAssassin users list regarding the replacement of racially charged terms like “whitelist” and “blacklist” used in the Apache Spamassassin Project’s code with more inclusive language. Certain community members have been very supportive of Apache SpamAssassin’s efforts to remove racially insensitive language from the project, while others have loudly voiced their disapproval.
LinuxSecurity.com, the open-source community’s go-to source for security news and information, celebrates providing the Linux community with timely, authoritative industry content for nearly two and a half decades.
Welcome to the LinuxSecurity.com instruction page on how to turn off your adblocker. We sincerely appreciate the support you are providing by choosing to disable your adblocker on our website. We depend on ad revenue to continue creating free, quality content for you to enjoy. Below are steps you can take in order to white list LinuxSecurity.com on your browser or device.
Google Chrome Using AdBlock Plus
Click on the AdBlock Plus icon on the top right of your browser
A drop-down menu will appear with a check mark followed by Enabled on this site
Click the button until the text reads Disabled on this site
Refresh the page or click Continue to site to access LinuxSecurity.com
Using Chrome adblock extension
Click on the hand icon for adblock extension, on the top right corner of your browser
A drop-down menu will appear
Click the Don't run on pages on this domain option on the drop down
Once clicked a settings popup will appear.
Click Exclude
Refresh the page or click Continue to site to access LinuxSecurity.com
Firefox
Click on the AdBlock Plus icon on the top right of your browser
A drop-down menu will appear
Click the Disabled on LinuxSecurity.com option on the drop down
Refresh the page or click Continue to site to access LinuxSecurity.com
Firefox "Private Window" runs its own version of adblock. You will receive an adblock detection screen on Private Window, even if you are not running any adblock plugins. In this case, you will need to open LinuxSecurity.com on your standard Firefox window.
Internet Explorer
Click on the AdBlock Plus icon on the bottom right hand side of your browser
A drop-down menu will appear
Click the Disable on www.linuxsecurity.com option on the drop down
Refresh the page or click Continue to site to access LinuxSecurity.com
Devices with Apple IOS9 and above
Go to the Settings app on the main screen
Click on the Safari button
From Menu click Content Blockers
You will see your blocker enabled. Slide button to the left to disable.
Return to your Safari browser and refresh the page or click Continue to site to access LinuxSecurity.com
Honeynets are an invaluable offensive security tool for learning the tactics and motives of the blackhat community and sharing the information and insights gathered. This article will explore what a Honeynet is, its value, how it works and the risks involved with deploying a Honeynet. It will also examine some great open-source honeynet options your organization may wish to consider.
![Linux Malware: The Truth About This Growing Threat [Updated]](/images/HomepageBannerImages/LS-hmepg-337x500_34.jpg)
