Stay Ahead With Linux Security Features
security advisory important The compromise of Nx Console shows how much infrastructure now sits behind a single developer account. GitHub repositories, CI/CD pipelines, container build systems, Terraform projects, Kubernetes deployments. None of those systems was the initial target. The workstation was. . Attackers did not need a Linux privilege escalation bug or a remote code execution chain. They needed developers to trust a tool they were already using. For many organizations, that was enough. What Happened? Federal...
Jun 03, 2026
security advisory open-source You remove the malware. You rotate the compromised credentials. You patch the original vulnerability and close the ticket. Two weeks later, the attacker is back. . What happened? You didn't lose the battle at the exploit; you lost it at the cleanup. In many modern Linux intrusions, the malware you found wasn't the main problem—it was the fallback mechanisms left behind. These hooks quietly restore attacker access the moment you look away. If you clean a host but miss these persistence layers,...
Jun 02, 2026
security advisory Red Hat Researchers investigating a campaign now tracked as Miasma found that more than 30 packages in Red Hat's @redhat-cloud-services npm namespace had been altered to deliver credential-stealing malware. . The packages weren't being used to deploy ransomware or sabotage systems. From what has been reported so far, the objective appears to have been much simpler: collect credentials from developer environments and use that access elsewhere. GitHub tokens, cloud credentials, SSH keys, and other...
Jun 02, 2026
cloud security security monitoring Linux rootkits are old, but they never really disappeared. They just stopped attracting the same attention. . Most malware wants to execute and spread. A rootkit wants to stay invisible long enough that nobody notices the compromise until the damage is already done, and on Linux systems, that still works more often than many teams are comfortable admitting. That difference matters because modern infrastructure runs heavily on Linux underneath. Cloud workloads, ESXi hosts, telecom appliances,...
Jun 01, 2026
access control open-source A production Linux server gets rebuilt from an old image. A contractor leaves. A CI/CD job is retired. Months later, the same SSH public keys are still sitting in authorized_keys, silently trusted by root or a service account nobody owns anymore. . That is how SSH key sprawl usually happens. It rarely stems from one obvious failure. Instead, it accumulates through years of small access decisions that never expire. For attackers, those forgotten keys are not clutter; they represent silent SSH...
May 27, 2026
Refine features
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security features
We found -1 articles for you...
102
system stabilityopen source distributioninstallation guideRocky Linux Installation Guide: Step-By-Step Process for Enterprises
With the increasing popularity of Linux over the years, and the various Linux distributions that are constantly being released, it can be hard to choose the correct one for you. Because Linux is open source, and is not overseen by a specific vendor, knowing and picking the correct distribution can be challenging, however, no matter your requirements, you are bound to find a Linux distribution that suits your needs. . In this guide, we will explore Rocky Linux, why it is starting to become a good choice for enterprises, and how to get an image running on a virtual machine. What is Rocky Linux? Rocky Linux is a free linux distribution, forked off from CentOS, with the intention to eventually replace CentOS when Red Hat decided to step away from it. It is compatible with the RHEL operating system source code which makes it an ideal operating system for many use cases. Being that it is 100% compatible with Enterprise Linux, it makes it kind of a simple, drag and drop-in solution. Furthermore, not only is it very stable and user-friendly, but it is also a perfect choice for your servers and desktop applications. Being that a lot of administrators widely use CentOS and have been looking for a workaround ever since RedHat discontinued support, Rocky Linux was and is the perfect choice. The Co-Founder of CentOS is also the founder of Rocky Linux so with high promise and potential, not only did he try to create something sustainable and something to replace CentOS, but he also created something that could tackle the issues of CentOS. The result: an operating system with high functionality, great security, and very adaptable to any situation. How Does It Compare to Its Predecessor, centOS? The single most essential feature of CentOS for users was its binary compatibility with RHEL. CentOS featured all of the features that made RHEL the leading enterprise-class Linux. If you wanted to run industry standard technology without having to deal with corporate, CentOS was the man for the job! However, justas quickly as CentOS rose, it quickly fell. Red Hat discontinued support for CentOS leaving users and companies alike with no replacement. Following the demise of CentOS, Rocky Linux has received widespread adoption and community support, and its future seems quite promising. It runs well as a server since it is built on RHEL's reliable source code, and it can thus be utilized to power multiple production workloads. When Red Hat changed the relationship between future development by Fedora to development for CentOS, it was no longer a stable version of RHEL. Rocky Linux on the other hand was built to be a better, more stable version of RHEL and CentOS, whilst still running off the RHEL binaries. To say the least, ever since its release, Rocky Linux has then grown to one of the biggest distributions today. Pros of Rocky Linux Compatibility Rocky Linux's compatibility with Red Hat Enterprise binaries increases efficiency and reassures many customers about the distribution's performance. Moreover, Rocky Linux makes it easy to migrate from CentOS, Alma Linux and other distributions using one tool. Rocky Linux also has fixed Cloud apps and container images being used without issue. Open Source The fact that Rocky Linux is open source is one of its most notable features, which has helped to create a sizable and cohesive support community for it. Uninterrupted and free from any obstacles, it can offer a variety of updates to meet user needs and offer a full level of security, giving users hope for a successful future for Rocky Linux as a desirable replacement for its precursor. Stability Since Rocky Linux was developed to take the position of CentOS, it should emphasize the stability of CentOS as its key characteristic and perform flawlessly in this area to win over people. As a result, Rocky Linux prioritizes system reliability despite systems with recent updates and instability. Support Before the release of Rocky Linux, the developer was aware of the requirements of CentOS users and theuseful features of CentOS that were crucial for its users, so he made the decision to stick with the open-source path and establish a sizable and potent support community so that users could choose this distribution for their activities without any concern. Cons of Rocky Linux Still too soon Although the operating system is still in its early stages, future plans are already being prepared. The frequency of updates will depend on how dedicated the community is and how strong the financial support is. Currently, several major corporations serve as sponsors. How long this assistance will really be provided, though, is unclear. Updates It always takes time for new apps to get live. Rocky Linux, the CentOS replacement, has up to this point operated extremely steadily on every server, much like CentOS. However, since rolling releases and regular updates are the norm here, you will probably choose CentOS Stream if you always want to have the most recent version of the operating system. Rocky Linux operates substantially more slowly in contrast. Users that appreciate durability will find the system more suited as well as developers who want a distro that releases updates constantly. Is Rocky Linux Secure? One of the primary goals when creating Rocky Linux was to maintain stability whilst also being secure at the enterprise level. Now, with the release of Rocky Linux 9 not too long ago, we have received just that. Below are just a few of the security features that were implemented: Since the cryptographic hash functions generated by SHA-1 are no longer regarded as secure, the use of SHA-1 message digests for cryptographic purposes has been discouraged. OpenSSL has significant enhancements in version 3.0.1, including support for additional protocols, formats, algorithms, and more. Other changes include a provider concept, a new versioning system, an enhanced HTTP(S) client, and more. The most notable change in OpenSSH 8.7p1 is the substitution of the SFTP protocol for the SCP/RCPprotocol, which provides more predictable filename processing. Significant improvements have been made to SELinux speed, memory overhead, load time, and other factors. Moreover, being that Rocky Linux heavily relies on released security package updates from RHEL, it is safe to say that it will continue to remain secure. How To Install Rocky Linux When it comes to installing Rocky Linux, you can either opt for Rocky Linux 8 or Rocky Linux 9, RL9 being the latter rather than the former. Although RL8 is still very usable, there are notable differences between the two versions. In comparison to RHEL and RL8, Rocky Linux 9 now ships with Apache HTTP Server 2.4.51 and nginx 1.20 support, support for MariaDB 10.5, MySQL 8.0, PostgreSQL 13, and Redis 6.2, support for Varnish Cache 6.6 and Squid 5.2 as proxy caching servers, new versions of popular dynamic programming languages such as Node.js 16, Perl 5.32, PHP 8.0, Python 3.9, and Ruby 3.0, and support for OpenSSL 3.0.1, OpenSSH 8.7.01, and automatically configured compliance settings for PCI-DSS, HIPAA, and DISA. With that being said, let's get into the install! The most recent download link for Rocky Linux can be found download , as well as different architectures, different ISOs whether it be DVD, minimal, boot, or torrent, and finally, you can find a checksum of said downloaded file to confirm the integrity of the download beforehand. If you are on a Linux system, you can run the command below to download using wget: wget Once downloaded, if you’d like to perform a checksum, you can run the following command below: wget Afterwards, you should have a checksum file called CHECKSUM in the respective directory. Run the command below to confirm the checksum: sha256sum -c CHECKSUM --ignore-missing If everything is successful, you should be greeted with the following message: Rocky-9.0-x86_64-minimal.iso: OK Depending onthe ISO you used, the name will vary e.g x86_64-minimal.iso, x86_64-boot.iso, or x86_64-DVD.iso. Once done, we can move ahead with the installation. For many use cases, you will find yourself creating a bootable USB unless you are using a software such as VirtualBox or VMWare. For this example, we will be using VirtualBox to simulate one possible use case. Virtual Box Setup Step 1: Assign a name Step 2: Configure Machine Settings Here we are configuring the “Motherboard” so to speak. Here you can configure the amount of RAM, the boot order, chipset, so on and so forth. For the boot order, you want to have the floppy/optical options first to load our OS onto the Virtual Hard Drive. After installation, we then put the Hard Disk as the first option. Here, we are configuring the processor(s) and execution cap. At an enterprise level, if you plan to use the virtual machine for intensive loads, then a higher processor amount will most likely be needed. Step 3: Configuring Storage Here we are configuring the Optical Drive which is used to load the ISO file onto the virtual machine. Make sure to click on “Choose a disk file…” from the dropdown menu after clicking the blue CD icon. Afterwards, it should look something like this: Step 4: Configure Network Settings Here we are configuring the network settings. Depending on how you would like to use Rocky Linux, and considering you have the hardware to support these virtual machines such as a rack, you might want to bridge this to your network. Things such as DNS servers, DHCP servers, etc require this to be bridged rather than using something like NAT. Installation: Once everything is set up properly, we can launch up our virtual machine. After doing so, you should be greeted with this screen: For this instance, we will be selecting the second option. After selecting that, you will be greeted with a welcome screen like below: Here, we select the language that we want our serverto run. Here, you can configure a couple of things. Firstly, we can configure network settings like below: We can also configure security settings and profiles. The great thing about Rocky Linux is that they have pre-made and pre-configured security profiles that you can choose from. They range from low-level security to enterprise-grade fortress-like security. For this instance, we used a very low-level security profile. We can also configure storage settings and create partitions as needed, however, for this instance I will be using the standard configuration. We can also choose how we want to set up our instance of RL9 (base environment) as well as any software such as making RL9 a DNS server or DHCP server. After going through everything and the install finishes, you will be prompted to reboot your system: After you reboot your machine, you should be greeted with the following screen below: Here, we select the first option and it should take us to this screen: When you get to this screen, just click on start setup. One of the reasons why RL9 is so popular is for its ability to make a Linux server operate with a GUI, plus it being completely open-source, hence FREE! After you click on that button, you should see this screen Here, we can connect any accounts that we may have. After doing this step, or skipping it, you should see this as shown below: This is the account creation process. You first input your name and username as shown above and you will then be greeted by the screen below: Here you will set a password. For this instance, I set a low-security password that could probably be cracked. Our suggestion would be to use randomized passwords or something big in length with a mixture of lowercase and uppercase letters, numbers, and special characters. After that, we should finally be at this screen as shown below: Finally, we have installed RL9! Depending on how you set up your instance, you may have different tools,settings, and security configurations however, this is the general greeting screen you will see. The reason why RL9 is such a game changer is because they’ve basically provided administrators with a fully capable, enterprise-level distribution of linux that is full GUI. Tools such as DHCP set up, DNS set up, and so forth are all within a GUI. It is essentially the windows server of linux so to speak. Rocky Linux 9 is not only ready for high, operation-intensive enterprises, but it is doing so in style making it easier for administrators. Final Thoughts There is a distinction between a Linux workstation and a server. The distribution you choose may have an impact on the performance of your server which is why it is critical to select the appropriate Linux distribution for your needs. For the same reason, this is why Rocky Linux is a gift to many Linux users and admins alike who grieve the loss of CentOS 8.0 and are not fans of Fedora. Users and admins migrating from CentOS to Rocky Linux will be pleasantly pleased by the distributions familiar appearance and feel. Moreover, Rocky Linux is very easy to navigate and traverse for new Linux users making it a great choice for many use cases. . Rocky Linux is quickly becoming a preferred choice for businesses after CentOS's discontinuation, offering stability, security, and easy RHEL compatibility. Rocky Linux Installation, Open Source Distro, Secure Linux Systems, Enterprise Support. . Brian Gomez
Sep 26, 2022
•
102
intrusion preventionsecurity toolopen sourceCrowdSec v1.1.x Release: Exciting Features and Installation Steps
On July 8, 2021, the CrowdSec team released CrowdSec v1.1.x - the latest version of their free and open-source cybersecurity solution designed to protect Linux servers, services, containers, or virtual machines exposed on the Internet with a server-side agent - with new packages and repositories, as well as improvements to to the CrowdSec agent itself. LinuxSecurity spoke with the CrowdSec team to provide readers with insight into what they can expect from this exciting release, and how they can get started with CrowdSec v1.1.x. . A Brief Introduction to CrowdSec CrowdSec is a modernized, collaborative version of the Fail2Ban intrusion-preventio n tool that is designed to run on complex modern architectures including clouds, containers and lambdas. It leverages a behavior analysis system based on logs to determine whether someone is trying to hack you. If your agent detects such aggression, the offending IP is then sent for curation. If it passes the curation process, the IP is then redistributed to all users sharing a similar technological profile to “immunize” them against this IP. Philippe Humeau, CEO and co-founder of the company explains, “The goal is to leverage the power of the crowd to create a real-time IP reputation database. Ultimately, CrowdSec harnesses the power of the community to create an extremely accurate IP reputation system that benefits all its users. With its collaborative, transparent roots, Open Source has provided and continues to provide our team with the optimal framework to accomplish this mission”. Enhancing Package Support with Package Cloud As part of the CrowdSec v1.1.x release, CrowdSec has moved its services to Package Cloud , a fast, reliable and secure cloud-hosted package distribution. This move has enabled CrowdSec to distribute more packages to their customers . Thibault Koechlin, CTO, elaborates, “Alongside existing packages for Debian and Ubuntu including Bionic, Bullseye, Buster, Focal, Stretch, Focal for x86-64 and arm, we now provide packagesfor Red Hat Enterprise Linux (RHEL), CentOS and Amazon Linux. We encourage users to update repositories’ URLs as soon as they can. The “old” repository (S3 bucket used as a repository) will no longer be updated and will be decommissioned shortly.” As part of this landmark release, CrowdSec has also added RPM and Debian package support to its firewall bouncer , which fetches new and old decisions from a CrowdSec API and adds them to a blocklist used by supported firewalls, and its custom bouncer , which fetches new and expired or removed decisions from a CrowdSec Local API and passes them as arguments to a custom user script. Various improvements have also been made to CrowdSec itself, one of the most notable being a revamp of the data acquisition process to add support for CloudWatch sources. Their CTO states, “We are excited to announce that CrowdSec can also now act as a syslog server, which should allow for the addition of many more data sources in future releases!” Getting Started with CrowdSec v1.1.x With the release of v1.1.x, getting started with CrowdSec is now easier than ever! To install CrowdSec on Ubuntu or Debian, add the repositories: curl -s https://packagecloud.io/install/repositories/crowdsec/crowdsec/script.deb.sh | sudo bash Then install: sudo apt-get install crowdsec -y On a CentOS or Red Hat Enterprise Linux (RHEL) system, add the repositories: curl -s https://packagecloud.io/install/repositories/crowdsec/crowdsec/script.rpm.sh | sudo bash Then install: sudo dnf install crowdsec If you install new services after this, you can update CrowdSec to install the required collections using: /usr/share/crowdsec/wizard.sh -c Repel Attacks with Bouncers CrowdSec’s detection capabilities provide visibility into the threats targeting your system; however, deterring attacks requires an intelligent, proactive security strategy, which is where bouncers come into play! Bouncers work by querying CrowdSec’s API to know when to block anIP. They can be downloaded directly from the CrowdSec Hub . To install the Cs-firewall-bouncer in an Ubuntu or Debian repository, use: sudo apt install crowdsec-firewall-bouncer-nftables crowdsec-firewall-bouncer If you are an CentOS or RHEL user, use: sudo dnf install crowdsec-firewall-bouncer-nftables The CrowdSec Console: CrowdSec Values Your Feedback! The brand-new CrowdSec Console, which is now in private beta, provides an easy-to-use web interface to inspect multiple CrowdSec agents spread across different networks. You can create a Console account and find instructions to enroll the CrowdSec agent app . Philippe, CEO, concludes, “The CrowSec team encourages testing and feedback! To get in touch with us, visit our Gitter channel . We look forward to continuing to provide our users with versatile, reliable and user-friendly intrusion-prevention services.” . Explore the latest enhancements in CrowdSec v1.1.x for bolstered protection and learn straightforward installation methods across different operating systems.. CrowdSec Installation,Linux Security Tools,Intrusion Detection,Cloud Package Management. . Brittany Day
Aug 01, 2021
•
102
installation guideopen source firewallreal-time protectionDebian 10 Buster: Install CrowdSec Firewall For Enhanced Protection
CrowdSec is a massively multiplayer firewall designed to protect Linux servers, services, containers, or virtual machines exposed on the Internet with a server-side agent. It was inspired by Fail2Ban and aims to be a modernized, collaborative version of that intrusion-prevention tool. . CrowdSec is free and open-source (under an MIT License), with the source code available on GitHub . It is using a behavior analysis system to qualify whether someone is trying to hack you, based on your logs. If your agent detects such aggression, the offending IP is then dealt with and sent for curation. If this signal passes the curation process, the IP is then redistributed to all users sharing a similar technological profile to “immunize” them against this IP. The goal is to leverage the crowd power to create a real-time IP reputation database. As for the IP that aggressed your machine, you can choose to remedy the threat in any manner you feel appropriate. Ultimately, CrowdSec leverages the power of the crowd to create an extremely accurate IP reputation system that benefits all its users. It was clear to the founders that open source was going to be one of the main pillars of CrowdSec. First because they have been working on open source projects for decades. They didn’t just jump on the train. They are strong open source believers. Second because the crowd is key to the mass hacking plague and Open Source is the best lever to create a community and have people bring their knowledge to contribute to the project and make it better. The solution recently turned 1.x, introducing a major architectural change: the introduction of a local REST API. In this tutorial, we are going to cover how to install and run CrowdSec on a Linux server: CrowdSec setup Testing detection capabilities Bouncer set up Observability How Can I Set Up the CrowdSec Environment? The machine used for this test is a Debian 10 Buster t2.medium EC2. Tomake it more relevant, let’s start by installing nginx: $ sudo apt-get update $ sudo apt-get install nginx Configure the security groups so that both secure shell (SSH) (tcp/22) and HTTP (tcp/80) can be reached from the outside world. This will be useful for simulating attacks later. How Can I Install CrowdSec? Grab the latest version of CrowdSec: $ curl -s https://api.github.com/repos/crowdsecurity/crowdsec/releases/latest | grep browser_download_url| cut -d '"' -f 4 | wget -i - . CrowdSec is free and open-source (under an MIT License), with the source code available on Gi. crowdsec, massively, multiplayer, firewall, designed, protect, linux, servers, services, containers. . Brittany Day
Feb 08, 2021
•
102
network securityfirewallopen sourceFirestarter Firewall Installation Guide for Ubuntu Security
When I typed on Google . Introduction If I have an option of giving a brief description about firewall I would say . Discover methods to boost Ubuntu protection by implementing the Firestarter firewall along with essential configuration advice.. Firestarter Setup, Ubuntu Firewall, Network Management, Security Tips. . Brittany Day
Sep 25, 2008
•
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More