Stay Ahead With Linux Security HOWTOs
How to Secure My Network
security advisory remote access
security advisory remote access Most of the time, nobody notices. SSH authentication succeeds, no alerts are generated, and the connection looks exactly the way it did the day the key was installed. That's part of the problem. . When security teams investigate unauthorized access on Linux systems, they often focus on passwords, exposed services, or vulnerable software. Trusted access receives less attention. Yet a single forgotten or unauthorized SSH key can provide the same access as a legitimate user while attracting very...
Jun 03, 2026
How to Secure My Networkintrusion detection application security
intrusion detection application security The wrong IPS rule can look like a security fix right up until it becomes an outage. . On Linux systems, detection and prevention are often discussed together, but they do not carry the same operational risk. One tells admins that something suspicious happened. The other can decide whether traffic is allowed to continue. That is why IDS vs IPS is not just a definition to memorize. It is a deployment decision about where to monitor, where to block, and how much confidence a team needs before...
Jun 01, 2026
How to Secure My Networkunauthorized access security techniques
unauthorized access security techniques Exposed SSH servers are continuously hammered by brute-force attacks, password spraying, credential stuffing, and recycled passwords from infostealer dumps. Attackers rotate usernames, test weak credentials, and probe for anything that gives them initial access. The logs usually look messy long before the compromise happens. . The difficult part is separating harmless failures from actual intrusion activity. One failed login from an internal workstation rarely matters. Repeated failures...
May 28, 2026
How to Secure My Networksecurity advisory incident response
security advisory incident response The first 30 minutes after discovering a compromised Linux server usually decide how much evidence remains available. One rushed reboot or cleanup attempt can wipe logs, terminate malicious processes, or remove network activity that investigators still need to review. Attackers also do not usually stay on one system for long once access is established. Early response is mostly about preserving visibility. Collect process information. Save network connections. Limit access carefully before...
May 28, 2026
How to Secure My Networknetwork monitoring Linux server
network monitoring Linux server When a Linux server initiates an unauthorized outbound connection to an unknown IP address, it rarely triggers an immediate system failure. Instead, the server continues running normally, and the connection is usually only discovered during a routine firewall log review, a DNS audit, or a post-incident investigation. Because there are no obvious system crashes or performance drops, these quiet outbound sessions can easily be overlooked. . However, treating these anomalies lightly is a...
May 27, 2026
Refine HOWTOs
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security HOWTOs
We found 27 articles for you...
162
data protectionencryptionsecurity best practicesProtect Your GPG Key: Essential Tips For Online Identity Security
GPG keys are crucial in verifying your online identity. Securing your GPG key from malicious actors ensures that no one can impersonate you in your communications with other people. The tutorial linked below demonstrates five simple and practical tips for securing your GPG key in Linux. . . GPG keys are crucial in verifying your online identity. Securing your GPG key from malicious actors.. crucial, verifying, online, identity, securing, malicious, actors. . Anthony Pell
Jun 22, 2024
•
How to Strengthen My Privacy
166
cyber threatsencryptionnetwork protection10 Tips to Boost Samba Server Security Against Cyber Threats
If you're hosting a Samba server, it's important that you pay extra attention to securing the server from adversaries. . SMB (Server Message Block) protocol is a cornerstone of file and printer sharing in connected environments. However, the default configuration of Samba can pose significant security risks, leaving your network vulnerable to unauthorized access and cyberattacks. If you're hosting a Samba server, you need to be extra cautious with the configurations you have set in place. Here are 10 critical steps to ensure your SMB server remains secure and protected. By default, SMB traffic is not encrypted. You can verify this by capturing network packets with tcpdump or Wireshark. It is paramount that you encrypt all traffic to prevent an attacker from intercepting and analyzing the traffic. It's recommended that you set up Transport Layer Security (TLS) to encrypt and secure your Linux Samba server's traffic. . Take crucial measures to safeguard your Samba server by implementing these fundamental practices to defend against breaches and digital threats.. Samba Server Security, SMB Protocol, File Sharing Protection, Encryption Techniques. . Brittany Day
Aug 21, 2023
•
How to Learn Tips and Tricks
162
encryptionopen sourcetwo-factor authenticationGuide To Installing Bitwarden On Debian 11 And 12 Systems
Bitwarden is a password manager that offers both SAAS service and the opportunity for admins to create their own password manager server using the open-source Bitwarden server. Whereas to manage, save and sync passwords from the local system, it also offers client applications. . This software is quite popular among users as it allows us to store our login credentials and sensitive information securely in an encrypted vault. Bitwarden comprises a range of features such as the ability to store unlimited passwords, generate strong passwords, and autofill login forms. To enhance security further users can use two-factor authentication. Furthermore, the source code of the Bitwarden server and client are public and available on GitHub for anyone to view and audit. Therefore, as compared to paid solution a user will have extra transparency and security, as it ensures that the software is not hiding any backdoors or vulnerabilities. It offers both free and paid versions as I said in the beginning for those who don’t want to take the hassle of installing the server by themselves. The paid version provides additional features such as secure file storage and priority customer support. . Dashlane enables individuals to safely store and synchronize their passwords, featuring customization for local hosting and added layers of protection.. Bitwarden,password manager,Debian installation,open source security. . Brittany Day
May 08, 2023
•
How to Strengthen My Privacy
162
encryptionLinux securityopen sourceA Step-By-Step Guide To Generating Your GPG Key For Encryption
GPG is software that is generally seen as difficult to use because it was used by typically tech-savvy people in the past. However, in recent years, especially when privacy concerns are on the rise, GPG has become an easy-to-use piece of software for computer users of all levels. It's even easier now to create your own GPG key. . GPG is a free cryptographic tool. With GPG, you can perform operations such as encryption, signing, authentication, and creating a web of trust using asymmetric and symmetric tools. Today, GPG is available in many different places, from securing GNU/Linux package distributions to email encryption. GPG started its software life as Pretty Good Privacy (PGP), written by Phil Zimmermann. PGP probably has one of the most inspiring stories in free software and freedom of knowledge. The first version of PGP entered the world in 1991 when it was installed on Usenets , the widespread internet communication platform of the time. Various legal rules back then prohibited the import of software that worked with keys over 40 bits wide, so PGP was distributed by Zimmermann and some of his friends via payphones and acoustic replicators. . Generate your personal GPG key effortlessly, taking advantage of its security features for protecting your emails and files with encryption.. GPG Key Generation,Cryptographic Software,Privacy Tools,Linux Encryption. . Brittany Day
Dec 14, 2022
•
How to Strengthen My Privacy
166
security advisoryencryptionpassword managementEnhancing Digital Security for Your Business with Linux
One of the beauties of using Linux for your business is that it’s one of the most secure operating systems available. However, that doesn’t mean you can leave your digital security up to chance. Cyberattacks are becoming increasingly sophisticated and can have devastating consequences, including financial loss, reputational damage, and the theft of sensitive data. . As a Linux user, there are still steps you need to take to make sure your business information is safe from cyber threats. Here are some tips to help you keep your business safe. Use a Strong Password A strong password is the first line of defense against digital threats. A strong password is at least 12 characters long and includes a mix of uppercase and lowercase letters, numbers, and symbols. Avoid using easily guessed words like "password" or easily accessible personal information like your birthdate. Instead, create a phrase that you can easily remember but would be hard for someone else to guess. For example, "I always start my day with a cup of coffee" could become "iA$DwacM$C." Avoid using easily guessed words or phrases, and mix up letters, numbers, and special characters. You should also never use the same password for more than one account. Consider the Best Tools for Password Cracking to check whether your passwords are as secure as they can be. Set Up Digital Authentication Features In today’s business world, it’s more important than ever to have strong security measures in place to protect your company’s data. One way to do this is by setting up digital authentication features, such as two-factor authentication or biometric login. These features add an extra layer of security by requiring users to provide additional information beyond just a username and password. Two-factor authentication (2FA) is an additional layer of security that requires you to have two out of three types of identification before you can log in to an account. The three types of identification are something you know (like apassword), something you have (like a physical key or token), and something you are (like a fingerprint). Enabling 2FA adds an extra step to the login process, but it’s worth it because it makes it much harder for cybercriminals to gain access to your account, even if they have your password. For example, with two-factor authentication, a user would need to enter both a password and a code that is sent to their mobile phone. This makes it much harder for hackers to gain access to your systems, as they would need to not only know the passwords but also have access to the user’s mobile phone. Similarly, biometric login requires users to provide a fingerprint or other type of biometric data, which is much harder for hackers to spoof. Passwords can be a reliable digital identity authentication factor when used correctly in accordance with strict security procedures. Use Encryption Encryption is a process that encodes data so that it can only be accessed by authorized parties. When data is encrypted, even if someone gains access to it, they won’t be able to read it unless they have the encryption key. That’s why encryption is an important part of digital security . There are various levels of encryption, but 256-bit encryption is considered military grade and should be more than sufficient for most businesses. Luckily, most Linux distributions come with full disk encryption enabled by default. This makes it difficult for unauthorized individuals to access sensitive information, such as customer credit card numbers or confidential business documents. Encryption can be used in a variety of ways, such as encrypting email messages, stored data, and even entire websites. Create a Cybersecurity Plan This plan should include measures for preventing attacks, detecting threats, and responding to incidents. It should also be reviewed and updated on a regular basis. Some other key components of a strong cybersecurity program include employee training, email filtering, and two-factorauthentication. Focus On Training Your Staff Phishing and ransomware are two of the largest risks that organizations must deal with. If staff receive malicious emails and cannot recognize that they are scams, the entire firm is at risk. Similar to internal error, privilege abuse, and data loss, these issues are often brought on by staff members who neglect their security responsibilities. To contain these issues, organizations must support their IT division by regularly providing staff awareness training. Don't post personal information like your address or date of birth, and think twice before sharing sensitive information like photos or financial details. Be Wary of Email Attachments Email attachments are one of the most common ways for cyber criminals to spread malware because people are often tricked into opening them without realizing they contain malware. That’s why it’s important to be wary of email attachments, even if they appear to come from someone you know. If you receive an email attachment from someone you know but weren't expecting one, confirm with the sender that they actually sent it before opening it. If you receive an attachment from someone you don't know, delete the email without opening it because there's a good chance it contains malware designed to infect your system as soon as you open the attachment. Set Up Firewalls A firewall monitors traffic going in and out of your network and blocks suspicious activity. It’s basically like a barrier between your network and the internet, and it’s an important part of digital security because it can block many types of attacks before they even reach your systems. Most Linux distributions come with a firewall installed by default, but it might not be enabled. Check with your system administrator or consult your distribution’s documentation on how to enable the firewall if it isn’t already enabled. The first line of protection against a hacker attempting to hack into your terminals is a good firewall. Withoutone, a hacker can infect your computer with malware and steal crucial data such as personal and credit card information. Update Your Software Software updates often include security patches that close vulnerabilities that could be exploited by cybercriminals. Make sure you set your software applications to update automatically or that you manually update them on a regular basis. It’s also important to keep your operating system up-to-date for the same reason. Fortunately, most Linux distributions include automatic updates, so you don’t have to worry about manually updating them. Similar to passwords, once these vulnerabilities are made public, hackers start looking for users of that particular software who might be exposed. Installing an update will take less time than dealing with a real data breach. Consult an Expert Every small business requires strong support. Security professionals focus solely on your network architecture, and can evaluate present and potential risks. Hiring digital security professionals can acquire the most recent security features. Additionally, if your team hasn't yet received sufficient training, cybersecurity professionals can bridge this knowledge gap and safeguard the business until your team is prepared to take over. Data security should always be a major priority as the world transitions from paper-based systems to digital ones. You may better secure your data, employees, customers, and organizations from security risks and hackers by choosing the appropriate technology, implementing policies, and training staff. By taking some simple precautions, you can make sure your Linux system is as secure as possible against digital threats, keeping your business safe in the process. Following these tips will help safeguard your business against any potential cyber threats. . Strengthen your online defenses as a user of Linux by implementing practical strategies to protect your information and reduce vulnerabilities.. Linux Security Tips, Cyber AttackPrevention, Strong Password Practices, Business Data Protection. Martin William. Brittany Day
Sep 30, 2022
•
How to Learn Tips and Tricks
166
data protectionencryptionfile transferCroc File Transfer: Securely Move Data Between Computers
Croc is a free and open-source command line tool that enables computers to easily and securely transfer files and folders using code phrases. Learn how to install and use croc in this tutorial. . There are lots of ways to transfer files between two or more computers. Today, we will discuss about yet another utility named Croc. This tutorial we’ll show you how to install Croc and how to use it to transfer files between computers. Croc is a file transfer system that sends files securely using end-to-end encryption, via a file transfer relay. If you are curious about the name, it is inspired by the fable of the frog and the crocodile. The Croc key advantages are speed, security, and simplicity, all-in-one. Transferring data using Croc is faster, because it acts as a relay server between the systems. It creates a full-duplex real-time communication layer between the two computers, so the “uploading” and “downloading” tasks occur simultaneously between those computers. . Delve into Croc, a public-source solution designed for safeguarding file exchanges across devices, utilizing end-to-end encryption for enhanced security.. Croc File Transfer, Safe File Sharing, Open Source Security. . Brittany Day
May 14, 2021
•
How to Learn Tips and Tricks
166
encryptionopen sourcefile transferSecure File Transfers With Croc: Efficient and Simple Guide
Croc is a free and open-source command line tool that enables computers to easily and securely transfer files and folders using code phrases. Learn how to install and use croc in this tutorial. . There are lots of ways to transfer files between two or more computers. Today, we will discuss about yet another utility named Croc. This tutorial we’ll show you how to install Croc and how to use it to transfer files between computers. Croc is a file transfer system that sends files securely using end-to-end encryption, via a file transfer relay. If you are curious about the name, it is inspired by the fable of the frog and the crocodile. The Croc key advantages are speed, security, and simplicity, all-in-one. Transferring data using Croc is faster, because it acts as a relay server between the systems. It creates a full-duplex real-time communication layer between the two computers, so the “uploading” and “downloading” tasks occur simultaneously between those computers. . Learn to safely transmit files with Croc, the open-source application designed for easy file sharing, featuring built-in encryption for enhanced security.. Croc File Transfer, Secure File Sharing, Command Line Utility. . Brittany Day
May 14, 2021
•
How to Learn Tips and Tricks
161
network securityencryptionfirewallEnhance Privacy And Security With OPNsense DNS Over TLS Setup
OPNsense is an open-source, FreeBSD-based firewall and routing security software that also acts as a DNS resolver for all of your desktops and mobile devices. Learn how to configure the OPNsense DNS resolver to encrypt all DNS queries to protect from eavesdropping and increase your privacy and security online in this tutorial. . All DNS queries routed using plaintext. We either use UDP and TCP protocol 53 in plaintext, and your ISP or an attacker/hacker can monitor transmissions even if you use HTTPS, the DNS queries and answers of the site leaked. Hence we need to encrypt our DNS queries to protect ourselves. DNS over TLS (DoT) is nothing but a security protocol for encrypting DNS traffic using the Transport Layer Security (TLS) protocol. The main objective is to increase your security and privacy. Some benefits of DNS over TLS: Avoid manipulation DNS. Get rid of man-in-the-middle attacks. No more eavesdropping. The link for this article located at DNS Knowledge is no longer available. . Enhance your web safety by configuring OPNsense DNS Over TLS to safeguard your internet privacy and security.. OPNsense Configuration,TLS Encryption,DNS Security,Network Privacy,Firewall Setup. . Brittany Day
Mar 10, 2021
•
How to Secure My Firewall
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More