Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Ahead With Linux Security Features

Siem Architecture Hero Esm H350
Price Tag 1threat detection scalability

Building a SIEM is easier than scaling one. Most open-source deployments start as a simple "all-in-one" server. It is easy to set up, but that design rarely survives the transition from a lab to a production workload. . A SIEM watching 20 endpoints is not doing the same job as one watching 500. More endpoints mean more logs; more logs require more storage; more storage makes search heavier. Eventually, the very architecture that made your lab easy to deploy becomes the reason your production...
1 min read
Http2 Bomb Hero 2026 Esm H350
Price Tag 1security advisory apache

A newly disclosed attack technique called HTTP/2 Bomb is drawing attention because it targets the software that sits at the front of much of the Linux internet. Apache HTTP Server, NGINX, Envoy, and the ingress layers that many Kubernetes environments depend on can be forced into consuming disproportionate amounts of memory using relatively small amounts of attacker traffic. . For Linux administrators, the concern is not the HTTP/2 protocol itself. It is the possibility that a single...
3 - 5 min read
Supply Chain Risk Starts At The Workstation Hero Esm H350
Price Tag 1security advisory important

The compromise of Nx Console shows how much infrastructure now sits behind a single developer account. GitHub repositories, CI/CD pipelines, container build systems, Terraform projects, Kubernetes deployments. None of those systems was the initial target. The workstation was. . Attackers did not need a Linux privilege escalation bug or a remote code execution chain. They needed developers to trust a tool they were already using. For many organizations, that was enough. What Happened? Federal...
3 - 5 min read
Persistence Tricks Hero Esm H350
Price Tag 1security advisory open-source

You remove the malware. You rotate the compromised credentials. You patch the original vulnerability and close the ticket. Two weeks later, the attacker is back. . What happened? You didn't lose the battle at the exploit; you lost it at the cleanup. In many modern Linux intrusions, the malware you found wasn't the main problem—it was the fallback mechanisms left behind. These hooks quietly restore attacker access the moment you look away. If you clean a host but miss these persistence layers,...
4 - 7 min read
Red Hat Npm Hero Esm H350
Price Tag 1security advisory Red Hat

Researchers investigating a campaign now tracked as Miasma found that more than 30 packages in Red Hat's @redhat-cloud-services npm namespace had been altered to deliver credential-stealing malware. . The packages weren't being used to deploy ransomware or sabotage systems. From what has been reported so far, the objective appears to have been much simpler: collect credentials from developer environments and use that access elsewhere. GitHub tokens, cloud credentials, SSH keys, and other...
3 - 6 min read
Filter Icon Refine features
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security features

We found -3 articles for you...
102
1.Penguin Landscape Esm H240
Price Tag 1open source softwareLinux securitycybersecurity

Enhancing Remote Work Security With Linux Customization And Tools

Operational security at least seemed so much easier back when traditional 9-to-5 office life was still dominant. Talk of professionals taking their work home with them was largely metaphorical, with only occasional instances of C-suite types dragging their laptops everywhere they went. Business hardware and systems would be shielded through physical security and isolated networks. One office (or office complex), one place to guard: entirely straightforward. . Now, after a year that’s seen countless businesses (some eagerly and others reluctantly) adopt the working-from-home model, there are different challenges to overcome. Teams are scattered and must share sensitive data across the internet — data to which other companies and fraudsters would love to gain access. When information gets out, reputations are destroyed and businesses (particularly those working entirely online) struggle to survive. So what can be done about this? Well, there are various steps you can take to improve cybersecurity, and in this post we’re going to consider whether the use of Linux is one of them. Can companies bolster their remote-working operations — even offline — through swapping their current operating systems for Linux? Let’s see what conclusions we can reach. What are the strengths of Linux for securing online activities? While this certainly isn’t a comprehensive account of what makes Linux great for online security, there are three long-standing benefits of Linux distributions that we should focus on here: They’re entirely customizable, removing the need to rely on third parties. Windows is updated by Microsoft, and iOS is updated by Apple. It’s possible to find unofficial and unsigned patches, but they’re always going to cause issues with support services (and that’s if they work at all). This means that those using these systems must rely on those companies to react appropriately to security threats. Because Linux is open-source software, it doesn’t rely on securityupdates from any single provider, and its ever-improving compatibility options make it a stable like-for-like replacement. If you want to run a VPN service, you’ll find that all the leading contenders support Linux — and if you want to do something like implement a system-level proxy server, you can easily load up a caching proxy like Squid through the terminal. Additionally, the fundamental transparency of Linux makes it relatively simple to review for potential security issues. If you’re willing to put in the effort to steer the ship, you can achieve far more impressive levels of security through Linux systems. They’re updated by people who care about privacy and security. Leading software companies do care about security, but largely in the sense that their profits and reputations are affected by system vulnerabilities. Linux, on the other hand, is heavily driven by passionate enthusiasts who actually care about user privacy. If you’re looking to resolve a certain issue, you can inevitably find free community support to point you in the right direction. And if you want to run a cut-down OS with none of the default telemetry services that plague all the mainstream alternatives, Linux isn’t just your best option: it’s your only practical option. Throw in superior support for things like using SSH and saving and reviewing comprehensive log files, and you have a fantastic out-of-the-box option (so to speak) that will only get better the more you work on it. They’re not high-priority targets for hackers due to their niche appeal. While it’s true that Linux servers have become very popular ( and thus attracted attention ), the same can’t yet be said of Linux desktop operating systems. Almost all attention goes towards Windows and iOS, all because it’s far more economical to target them. On top of that, you need to factor in the presence of different Linux distros. Where Windows installations will differ only marginally, systems running on Debian,Red Hat and Linux Mint can have far more substantial differences. There isn’t much motivation for a hacker to specifically target Linux Mint systems, making them much safer. How can Linux secure remote-working hardware? We’ve looked at how Linux helps to secure online operations, but what about offline activity? Remote-working hardware still poses a threat, after all, and needs to be kept in line. Well, just as it supports plenty of online security services, Linux also offers a tremendous array of at-home security solutions that allow extensive configuration. For businesses that still want to use office spaces (or those determined to monitor their remote-working employees extremely closely, however much that seems like a bad idea), there’s open-source monitoring software like Zoneminder . For network user authentication (key for all remote-working companies, and often managed through cloud systems like Azure Active Directory), there’s the free Kerberos protocol. And for those who need to keep their business hardware secure on the go (despite lockdowns, there are still workers who need to travel), it’s easy enough to take advantage of tools like the Yubico Pluggable Authentication Module (PAM). The PAM makes it convenient to use hardware dongles for user authentication, ensuring that lost laptops don’t present major weaknesses. Linux can shield smart technology from threats by offering a robust and customizable security framework capable of combating a wide array of cyber vulnerabilities. What is the value of tech comprehension in cybersecurity? User error is the one thing that even the most tightly-secured systems can’t fully move past. This is why social engineering is such a popular endeavor for fraudsters. Hacking an up-to-date system is complicated and risky, while convincing a poorly-trained employee to volunteer their login details under false pretences can provide quick success. Due to this, ensuring that your employees have strong awareness of security basics willdo much to make your operation stronger — and though Linux still has an intimidating learning curve, it’s sufficiently approachable that you could make it your main operating system without asking more of your workers than they can reasonably provide. It certainly helps that so much is done through browsers at this point. If someone can use a Chromebook, they can get to grips with a Linux distribution, and learning more about how Linux works (and how it treats something like admin authentication) will slowly but surely leave them less likely to make basic security mistakes. Wrapping up, the answer to the titular question is a strong yes. Less likely to be attacked than other systems, built with security and flexibility in mind, and equipped with rich compatibility features that make it easier than ever to swap from Windows or iOS, Linux is a mature solution that every modern business should consider using. About the Author Elliot Mark is a senior writer at Ecommerce Platforms with a deep curiosity for all things digital and the changing world of ecommerce. He’s helped create a number of unique online stores, providing content and marketing support to help people grow their own ecommerce biz. Connect with him on Twitter @EcomPlatformsio. . In today's remote work environment, Linux emerges as a strong OS that enhances organizational security with its built-in features and community support. Remote Work Security, Linux Customization, Cyber Tools, Open Source Solutions, Cybersecurity Best Practices. . Brittany Day

Calendar 2 Apr 19, 2021 User Avatar Brittany Day
102
General Esm H240
Price Tag 1access controlfirewall managementsecurity guidelines

Network Security Audit: Key Strategies for LAN Security and Access Control

In the First part of Network Security we had a brief overview of the areas that are to be considered on accessing a network's security and also we looked into a few points in each of Management and Administration areas. . Mean while the article titled " Security Scanning is not Risk Analysis " by Laura Taylor on 14 th July 2002 is a good article and deals in depth with what an Organization's management has to know about Security. Now lets continue and look into some of the finer points in each of the other areas. i.e., LAN Security, Access control, Operations. LAN Security: Is the LAN secured from viruses? The extent of virus protection can be gauged by looking into the Anti viruses programs installed in the Network. Things like: Does the Mail gateway to the network have an online antivirus? Do the Servers in the network have an online antivirus (having antivirus only on the servers will suffice if the end user has no external net access and has no access to hardware to install new softwares like using a floppy, etc.) Is the third party media (such as Floppy/CD-ROM) access controlled (like check for viruses, etc.) Is the communication between systems controlled? Are the systems being properly isolated (Like in cases the Production systems should be separated from the development systems etc.) or are they provided with proper gateway access (setting of Firewall for control of access between intra-networks, etc.) Are software/hardware acquisitions/disposals controlled? Check whether there is an established procedure for acquiring any new software/hardware requirements (Usually its required to get proper clearance and a proper channel for acquiring any new software/hardware required). Even the disposal of the hardwares should be done with due permissions and through proper channel ( Improper disposals of Hardware like harddisks etc. can prove to be a great security risk). Check for unauthorized software/hardware installed onthe LAN. This check should be done manually on each of the systems in the network. Check for Trojans/Root kits etc. Check for the ports that are open in each of the system. Use a port scanner to detect any unwanted services running on the network. Any unwanted service/port open on the network is bound to pose a serious threat for security, usually its because it may be a backdoor/Trojan or since the administrator isn't aware of this service he may not be monitoring the secure/insecure usage of the service. This (point 4) is what is usually mistaken for a vulnerability assessment. Hope this article produce some awareness on real vulnerability assessments made by professionals and organizations give a serious thought of vulnerability assessment. Firewall and ACL Configuration Are the Firewall policies and Access Control Lists properly maintained/updated when changes are made to the network access. Usually when any changes are made to system access (in case of removal of a system from network) most of the administrators fail to cross check this change with the firewall ruleset (in case this system has access to a classified server, this ruleset still exists ) and this may be misused. Similarly the Access Control Lists should be cross-checked when any changes are made in the user/group accounts. Does the firewall contain rules to prevent denial of service attacks, rules to prevent spoofing ( eg: requests coming from outside network has IP originating from local internal LAN). These are some of the most basic rules that should be present in any firewall. Check for existence of backup firewall incase of failure of the primary one. The upload/download process should be monitored. (The user should be notified about his upload/download process and mails being monitored if it is being monitored). Does the source and destination of the data transfer authenticate each other or are the source/destination traceable (Use DHCP for LAN addressallocation usually based on Mac addresses). Check that the software license compliance exists. (i.e., make sure that the users are using legitimate software and aware of software licensing). Do checks for accounts holding privileged rights, unused accounts, is there adequate support staff for providing user support and is there any backup administrator in case of his absence. Is data being transported in encrypted mode whenever necessary. Access Control: Check that the user access is controlled appropriately. There are various guidelines to be followed when checking for user access. Each user's privileges must be defined, documented, and controlled with appropriate access controls. Look for the user name and password policy. Each user should have a unique user name. The password set for (by) the user should be of a minimum length of 6 characters, should contain a combination of alpha and numerals and one special character (such as * # % ^ & $ etc.). Users/Admins should avoid having passwords which are easily guessed like the same as username, username backwards, etc., The password should be changed regularly (a password expire period should be set). Check for guest user access rights and ex-staff accounts (should not be present). Accounts should be disabled on 4-6 unsuccessful login attempts and systems disconnected on certain time of inactivity after the connection is established to a particular system (this requires settings to be done on the servers being accessed). Dial-up access should have another level of access control apart from user id and password (like callback) The access should also be time controlled Operations: It is not necessary that there should be an operations department in each of the organizations. Some organizations suffice with only one IT department which handles all of these areas discussed. The organizations structure is not so important. But when implementing/assessing security, due care is to be taken ondescribing the duties for each of the concerned department personnel. The physical transmission media like LAN cables, Routers, Switches, etc. should be adequately protected. The LAN servers should be secured from physical access too. Unauthorized personnel shouldn't be able to get near it. Are the Systems, Peripherals, and devices being protected from fluctuations/disturbances in electric power supply. (Usually the network should contain an online UPS system to protect against electric power fluctuations and backup). The setup should also ensure non-stop working of these devices. Hence there should be a backup power supply. The data backup should be taken regularly according to a schedule (full, incremental backups) and tested for restoration and backup errors. The backup media should be physically secured. A weekly backup should be placed at a different physical location (different branch office) under safe custody in case of calamities like fire, flood, etc. The recovery process should be tested periodically. The organization should ensure an adequate staff capable of supporting the users and performing backup and recovery operations. Also ensure their availability at any time required. The user should know whom to contact on what kind of problems and how to reach them, for this the users should be briefed about their actions in such situations. Checks should be performed to adequate availability of resources (backbone, traffic on the file server and the ability of the file server to handle these loads). This check is to be performed on each of the generally accessed systems and the critical servers. The access to critical systems (not necessarily limited to this) should be restricted with proper tools like keys, badges, electronic sensors, movement sensors, biometrics identification. Are the keys to important cabinets and rooms in safe custody. The system rooms should be properly protected against fire, soexistence of Fire alarms, Fire extinguishers are all good signs of proper security. The computer systems should be periodically maintained, cleaned and a log of the same done kept for cross checks. The users/admins should be adequately trained for the duties to be performed, reporting problems. The users should be informed/warned about their intrusive activities (if any) and a procedure described for actions taken against them. Literally speaking everything listed in these parts are only guidelines to consider. An actual assessment depends on the kind of organization, their use of Information Technology, number of systems, kind of data storage, type of business the organization does. Some of these points may prove to be too much to consider in some situations (and I consider this to be too little). A security audit should take into account anything that's potential threat for disclosure of data, providing access to any unauthorized persons, improper use of resources, or the inability to handle breakdown of systems. I hope this article is of some help to someone somewhere in the globe. . Explore the critical facets of network security assessments, concentrating on local area network protection and key protocols for managing access control.. Network Security Audit, LAN Protection, Access Control Management, Firewall Configuration, Security Measures. . Anthony Pell

Calendar 2 Mar 01, 2010 User Avatar Anthony Pell
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here