Stay Ahead With Linux Security HOWTOs
How to Secure My Network
access control Linux administration
access control Linux administration Most SSH hardening advice ends at the same recommendation: Disable password authentication and use SSH keys. . That's good advice. It removes entire classes of attacks, including password spraying, credential stuffing, and brute-force attempts against exposed servers. The problem is what happens next. Many administrators treat SSH keys as the finish line when they are really the beginning of the hardening process. Attackers rarely care whether they obtained access with a password or a private...
Jun 05, 2026
How to Secure My Networksecurity advisory remote access
security advisory remote access Most of the time, nobody notices. SSH authentication succeeds, no alerts are generated, and the connection looks exactly the way it did the day the key was installed. That's part of the problem. . When security teams investigate unauthorized access on Linux systems, they often focus on passwords, exposed services, or vulnerable software. Trusted access receives less attention. Yet a single forgotten or unauthorized SSH key can provide the same access as a legitimate user while attracting very...
Jun 03, 2026
How to Secure My Networkintrusion detection application security
intrusion detection application security The wrong IPS rule can look like a security fix right up until it becomes an outage. . On Linux systems, detection and prevention are often discussed together, but they do not carry the same operational risk. One tells admins that something suspicious happened. The other can decide whether traffic is allowed to continue. That is why IDS vs IPS is not just a definition to memorize. It is a deployment decision about where to monitor, where to block, and how much confidence a team needs before...
Jun 01, 2026
How to Secure My Networkunauthorized access security techniques
unauthorized access security techniques Exposed SSH servers are continuously hammered by brute-force attacks, password spraying, credential stuffing, and recycled passwords from infostealer dumps. Attackers rotate usernames, test weak credentials, and probe for anything that gives them initial access. The logs usually look messy long before the compromise happens. . The difficult part is separating harmless failures from actual intrusion activity. One failed login from an internal workstation rarely matters. Repeated failures...
May 28, 2026
How to Secure My Networksecurity advisory incident response
security advisory incident response The first 30 minutes after discovering a compromised Linux server usually decide how much evidence remains available. One rushed reboot or cleanup attempt can wipe logs, terminate malicious processes, or remove network activity that investigators still need to review. Attackers also do not usually stay on one system for long once access is established. Early response is mostly about preserving visibility. Collect process information. Save network connections. Limit access carefully before...
May 28, 2026
Refine HOWTOs
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security HOWTOs
We found 3 articles for you...
166
risk managementsecurity practicesrisk mitigationEnhancing Docker Security: Four Essential Practices for IT Admins
Without the right tools and processes in place, Docker security can feel like a moving target. Learn four best practices for keeping deployments safe in this helpful TechTarget tutorial. . When it comes to container security, there are two key areas IT admins should emphasize: the container image and host. You can't, after all, secure one without the other. At the end of the day, virtualized containers still run on a host system. A privilege escalation bug could compromise the security of the entire host and lead to loss of confidentiality, integrity and availability. The good news is that IT admins can use freely available tools -- combined with a coherent build and test process -- to mitigate risks. To get started, embrace these four Docker security best practices. . Discover proactive strategies to mitigate threats in Docker security and protect your container environments with these essential guidelines.. Docker Security, Container Best Practices, Risk Management, IT Administration. . Brittany Day
Dec 21, 2020
•
How to Learn Tips and Tricks
166
network securitynetwork protectionad blockerHow To Deploy Pi-hole Using Podman On Linux For Network Safety
Running Pi-hole is an excellent way to secure devices on your local network against unwanted content. Pi-hole was initially designed to run on a Raspberry Pi, but can be deployed as a container as well. Learn how to run Pi-hole as a container with Podman in this tutorial. . There is arguably no better way to protect devices on your local network from unwanted content than Pi-hole . Add a machine running Pi-hole to your network, and it will quietly scrub all incoming traffic from pesky stuff like ads and trackers in the background. As the name suggests, Pi-hole was initially designed to run on a Raspberry Pi. But if you already have a Linux server on your network, you can deploy a Pi-hole container on it instead. That's what I did when I replaced a QNAP NAS appliance with a ThinkPad T410 running Linux Mint. But instead of Docker, I chose to use Podman Deploying Pi-hole on Linux Mint (and by extension, on any Ubuntu-based Linux distribution) requires a few steps, but it's not beyond the wit of man. The link for this article located at Tokyoma is no longer available. . Secure your home network by following this tutorial to set up Pi-hole in a container using Podman.. Pi-hole Guide, Podman Tutorial, Container Security, Local Network Protection. . Brittany Day
Nov 30, 2020
•
How to Learn Tips and Tricks
166
security best practiceskubernetescontainer securitySecuring Kubernetes Clusters: Best Practices For Developers
Kubernetes is hot in the DevOps space - mainly due to the open-source platform's portability and scalability. However, misconfigurations are the biggest risk for cloud environments—and Kubernetes is no exception. Learn how to secure Kubernetes clusters in this Container Journal tutorial. . Kubernetes is hot in the DevOps space and is now the third most wanted platform among developers. The appeal of the platform largely stems from its portability and scalability. Kubernetes defines itself as “a portable, extensible, open-source platform for managing containerized workloads and services that facilitates both declarative configuration and automation.” Container adoption has surged in recent years, with the “ 2019 Cloud Native Computing Foundation survey ” reporting 84% of their respondents use some type of containerization in production. The same survey also found 78% of respondents use Kubernetes in production, making it a market leader. With clear benefits and rising adoption, it is critical that the security of Kubernetes is well-understood by any developer implementing this service in their cloud environment. To help developers distill all the information available on this topic, here are some of the key steps for securing Kubernetes clusters . . Securing your Kubernetes cluster in the cloud requires a layered security strategy to protect infrastructure and applications, ensuring overall safety and compliance. Kubernetes Security, Cloud Containerization, Secure DevOps, Kubernetes Configuration, Container Best Practices. . Brittany Day
Oct 13, 2020
•
How to Learn Tips and Tricks
166
video seriescontainer securityuser namespaceExploring Rootless Containers and User Namespaces with Podman
Want to gain a better understanding of root inside and outside of Podman containers and how user namespaces work? If so, you'll want to check out this informative two-part video series. . I have published a couple of videos that cover an overview of rootless containers through practical demonstration. If you are curious about terms like "rootless containers" or "running a container rootless as non-root," these videos will explain what they are and the benefits that these features provide. . Dive into the world of Podman with this engaging video series that covers the concepts of rootless containers and user namespaces.. Rootless Containers, Podman, Container Security, User Namespace. . Brittany Day
Sep 17, 2020
•
How to Learn Tips and Tricks
166
Red Hatsoftware updatessecurity standardsUtilizing OpenSCAP for Scanning Containers in Red Hat Enterprise Linux 8.2
Containers are no more secure than physical machines. Find out how to scan your containers for vulnerabilities with the oscap-podman utility, available in Red Hat Enterprise Linux (RHEL) 8.2. . One of the main benefits of containers is that the software that makes up a container is separate from the system that it is running on. The container's software is placed in a container image that can easily be distributed and run. From a security perspective, however, this can be a challenge, because many security compliance scanning software utilities are focused only on the host system, and potentially miss security issues that might be present in containers on the system. For example, if a container image contains an outdated and vulnerable package, many compliance scanning utilities would miss that if they only look at the packages installed on the host. It is important that container images stay up-to-date with security updates, and that the container images also meet required security standards. Without an effective way to scan and evaluate container images, it is easy to get in a position where you are running containers with outdated, vulnerable versions of software, or containers with configurations that don't meet your security standards. . Discover the methods to efficiently assess containers for vulnerabilities utilizing OpenSCAP on Red Hat 8.2 for meeting compliance standards.. Container Security, OpenSCAP, Podman Utility, Vulnerability Scanning, Red Hat. . Brittany Day
Sep 03, 2020
•
How to Learn Tips and Tricks
166
application securitysecure practicescontainer securityBuilding Secure Docker Images: Essential Practices and Compliance
How to build a secure Docker image? The biggest goal of this article, is to be a comprehensive guide on building and delivering secure and safe container images. . Having that said, we try to focus on build-time. We will not cover registry, orchestrator and runtime protection in this write-up. All of these are so broad, that they deserve a completely different article. Compliance, standards and order are the keys to organize and make relatively secure environment. Every organization’s environment, its threat and malicious actors are different. Our intention is to present the mindset for container images security; some terms might be very global, the others very strict to the project and processes. Having that said, in next points we will cover some terms that might not be related to your specific environment, dear Reader, however, we still hope you will find this guidance useful. Thank you to Kamil Zabielski (
Aug 27, 2020
•
How to Learn Tips and Tricks
166
security practicesseccompcontainer securityImproving Container Security Using Seccomp Runtime Hooks
Looking for new methods for improving container security? Try using an OCI runtime hook for tracing syscalls prior to building a container. This article explains how this can be done. . Containers run everywhere. They run in the cloud, on IoT devices, in small and big companies, and wherever they run, we want them to do so as securely as possible. In this article, I describe the Google Summer of Code 2019 project that Dan Walsh and I have been working on with a brilliant student, Divyansh Kamboj , and how we improved container security. The tool has further matured in the past year and is planned to be released with Red Hat Enterprise Linux 8.3. More than just one reason to have a closer look! . Boosting container security is vital against rising cyber threats. Implementing seccomp and runtime syscall tracing can enhance security significantly. Container Security, Seccomp, Runtime Hook, Syscall Tracing, Security Practices. . Brittany Day
Jun 18, 2020
•
How to Learn Tips and Tricks
166
security managementadministrationkernel modulesHow To Secure Kubernetes Cluster By Stopping Unwanted Kernel Modules
Looking to secure a Kubernetes cluster? One step you should take is unloading unnecessary kernel modules in your Linux containers. Learn how to stop modules from loading on your containers in a helpful tutorial. . Kubernetes is an incredible container management system. But with that power comes a great deal of responsibility on the behalf of the developers and admins. If you aren't deploying secure containers on secure clusters, you're fighting a losing battle from the beginning. Fortunately, this is Linux we're talking about, so there's plenty you can do to help ensure the security of your deployments. One very crucial task you can undertake is to prevent unwanted kernel modules from loading on your containers. You'd be surprised at how many modules load at boot—many of them you probably don't need to be using within your containers. But how do you stop them from loading? I'm going to show you. . Docker Swarm serves as a formidable orchestration platform. Yet, with such capability arises a significant level of accountability.. Kubernetes Security, Container Management, Linux Administration, Kernel Module Management. . Brittany Day
Apr 10, 2020
•
How to Learn Tips and Tricks
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More