Stay Ahead With Linux Security HOWTOs
How to Secure My Network
security advisory remote access
security advisory remote access Most of the time, nobody notices. SSH authentication succeeds, no alerts are generated, and the connection looks exactly the way it did the day the key was installed. That's part of the problem. . When security teams investigate unauthorized access on Linux systems, they often focus on passwords, exposed services, or vulnerable software. Trusted access receives less attention. Yet a single forgotten or unauthorized SSH key can provide the same access as a legitimate user while attracting very...
Jun 03, 2026
How to Secure My Networkintrusion detection application security
intrusion detection application security The wrong IPS rule can look like a security fix right up until it becomes an outage. . On Linux systems, detection and prevention are often discussed together, but they do not carry the same operational risk. One tells admins that something suspicious happened. The other can decide whether traffic is allowed to continue. That is why IDS vs IPS is not just a definition to memorize. It is a deployment decision about where to monitor, where to block, and how much confidence a team needs before...
Jun 01, 2026
How to Secure My Networkunauthorized access security techniques
unauthorized access security techniques Exposed SSH servers are continuously hammered by brute-force attacks, password spraying, credential stuffing, and recycled passwords from infostealer dumps. Attackers rotate usernames, test weak credentials, and probe for anything that gives them initial access. The logs usually look messy long before the compromise happens. . The difficult part is separating harmless failures from actual intrusion activity. One failed login from an internal workstation rarely matters. Repeated failures...
May 28, 2026
How to Secure My Networksecurity advisory incident response
security advisory incident response The first 30 minutes after discovering a compromised Linux server usually decide how much evidence remains available. One rushed reboot or cleanup attempt can wipe logs, terminate malicious processes, or remove network activity that investigators still need to review. Attackers also do not usually stay on one system for long once access is established. Early response is mostly about preserving visibility. Collect process information. Save network connections. Limit access carefully before...
May 28, 2026
How to Secure My Networknetwork monitoring Linux server
network monitoring Linux server When a Linux server initiates an unauthorized outbound connection to an unknown IP address, it rarely triggers an immediate system failure. Instead, the server continues running normally, and the connection is usually only discovered during a routine firewall log review, a DNS audit, or a post-incident investigation. Because there are no obvious system crashes or performance drops, these quiet outbound sessions can easily be overlooked. . However, treating these anomalies lightly is a...
May 27, 2026
Refine HOWTOs
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security HOWTOs
We found 2 articles for you...
166
system hardeningsecurity best practicesuser authenticationKali Linux: Steps for Changing Your Root Password Securely Now
The first thing to do right after booting into Kali Linux for the first time is to change the default root password. Here's how you can do it. . A system protected by default credentials is an open invitation for adversaries to exploit. It is highly recommended that you set a custom root password for your Kali Linux machine as soon as it boots up post-installation. In this primer, you will find the easiest and swiftest way to reset the root password of your Kali Linux desktop with the passwd command or, if you forgot your root password then with the GRUB bootloader. . Strengthen your Kali Linux environment by modifying the initial root password to avert potential breaches efficiently.. Kali Linux Password Change, Root Access Security, Change Default Credentials. . Brittany Day
Apr 05, 2022
•
How to Learn Tips and Tricks
163
John the Rippersecurity assessmentLinux toolHow to Verify Strong Passwords Using John the Ripper on Linux Systems
Are you certain that your end users are utilizing strong passwords on your Linux servers? Let a tool called John the Ripper (JTR) show you who is and who isn't. Learn how this is done in a helpful tutorial. . The security of your Linux servers is only as strong as the passwords used by your end users. If your users have weak passwords, it's only a matter of time before any given ne'er do well breaks into your system to wreak havoc on your network or steal precious data. You don't want that. So what do you do? You can certainly set password policies, but even then, you might have a user that predates the policy or maybe you've set a policy that borders on weak. To make sure your users aren't working with weak passwords, you can employ a tool called John the Ripper (JTR) to make sure those passwords aren't easily crackable. . Secure your Linux servers by effectively auditing user passwords with John the Ripper to enhance overall security and protect sensitive data.. Password Strength, John the Ripper, Linux Passwords, User Security, Authentication Checks. . Brittany Day
May 01, 2020
•
How to Secure My Webserver
162
security practicespassword managementpassword securityStrengthening Password Security Through a Threat Model Framework
Password security involves a broad set of practices, and not all of them are appropriate or possible for everyone. Therefore, the best strategy is to develop a threat model by thinking through your most significant risks—who and what you are protecting against—then model your security approach on the activities that are most effective against those specific threats. The Electronic Frontier Foundation (EFF) has a great series on threat modeling that I encourage everyone to read. . In my threat model, I am very concerned about the security of my passwords against (among other things) dictionary attacks, in which an attacker uses a list of likely or known passwords to try to break into a system. One way to stop dictionary attacks is to have your service provider rate-limit or deny login attempts after a certain number of failures. Another way is not to use passwords in the "known passwords" dataset. The link for this article located at Opensource.com is no longer available. . Boost the protection of your passwords by constructing a comprehensive threat model while efficiently mitigating dictionary attack risks.. Password Management, Threat Modeling, Security Practices. . Brittany Day
Jun 24, 2019
•
How to Strengthen My Privacy
162
open source toolspassword securityauthentication methodsExploring Keystroke Dynamics for Password Security Enhancement
Are you always looking to expand your security practices? Do you want to take a crack at instituting a whole new way of creating a secure, password infrastructure? If so, this article on keystroke dynamics can help you break into whole new worlds of security... Measure the total time of entry and verify the time between keystrokes to help authenticate a user regardless of the data being entered. Require nonprintable characters, such as backspace and break, in the password to enable new levels of password obfuscation. Learn how to apply the open source tools xev and Perl in keystroke dynamics to measure the more-subtle characteristics of human-computer interaction. The whorls and ridges on your fingertips can identify you based on what you touch. How you touch and especially type can often be just as unique an activity. Keystroke dynamics is a relatively new field that enables identification of individuals through statistical analysis of their typing patterns. Many commercial products analyze the dynamics of password entry, as well as continuous typing monitoring for enhanced security. This article uses example code to demonstrate keystroke dynamics for enhancing the security of your applications in authentication and continuous data entry contexts. . . Are you always looking to expand your security practices? Do you want to take a crack at instituting. always, looking, expand, security, practices, crack, instituting. . LinuxSecurity Contributors
Jan 08, 2008
•
How to Strengthen My Privacy
160
password crackeropen sourceauthenticationFast Password Cracker: John The Ripper for Unix Systems
John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords.. . Uncover Hashcat, an efficient password recovery tool for multiple systems, identifying vulnerable passwords on diverse platforms.. John The Ripper, Password Cracking, Unix Authentication. . Anthony Pell
Jan 07, 2005
•
How to Harden My Filesystem
160
enterprise securitypassword securityauthentication methodsExamining Password Security Plans In Online Business Settings
As more and more business processes move online, many enterprises are evaluating stronger security than that provided by traditional passwords. However, the decision to replace embedded password security solutions with stronger authentication is a co. . With the shift of commerce to the digital world, organizations are increasingly seeking enhanced protection beyond what standard passwords can offer.. Password Security, Business Authentication, Online Security Solutions. . Anthony Pell
Dec 02, 2004
•
How to Harden My Filesystem
166
password managementuser authenticationpassword securityBest Practices for Password Management and User Authentication
Having a secure password is often the first line of defense against security breaches.. One of the most important security features used today are passwords. It is important for both you and all your users to have secure, unguessable passwords. Most of the more recent Linux distributions include password programs that do not allow you to set a easily guessable password. Make sure your passwd program is up to date and has these features. Password security is the most critical means to protect your system from compromise. Without an effective well-chosen password, your system is sure to be compromised. It is the most basic means of authentication. Password security involves both choosing good passwords, and enforcing this on the users of the system. Knowing a password and having physical access to a terminal are all that an unauthorized user needs to gain access to a system. Once a user has gained access to the system, she can steal data or corrupt the system in obvious as well as subtle ways. If your account is compromised as a result of choosing a poor password, you may ultimately be responsible. It is your responsibility to ensure that your account is not compromised. Conventional Linux distributions have used a one-way encryption algorithm, called DES (Data Encryption Standard) to encrypt passwords. More recently, a stronger method using the MD5 function is being used. This produces a 128-bit integrity fingerprint and allows for longer passwords, and are more difficult to crack. How is my password stored? This encrypted password is stored in /etc/passwd or /etc/shadow if you have "shadow passwords" enabled. A conventional password from /etc/shadow might look like this: fred:m2nv/1iKlc1:11080:0:99999:7:-1:-1:134537628 The actual password that the user typed is not stored anywhere on the system. Instead, a value that is generated by using the password to encrypt a block of zero with a one-way function called crypt() is used. When you attempt to authenticate yourself tothe system using the same password that was supplied to set the password, the system runs it through the crypt() algorithm again, and compares it to the stored value. If the encrypted results match, you are authenticated. An MD5-equipped password would look similar to this: fred:$1$NCz74a5c$s/CbS1cqse2C1nV/1IKjc1:11080:0:99999:7:-1:-1:134537628 Shadow passwords are a means of keeping your encrypted password information secret from normal users. Normally this encrypted password is stored in your /etc/passwd file for all to read. They can then run password guesser programs on it and attempt to determine what it is. Shadow passwords save this information to a /etc/shadow file that only privileged users can read. All current distributions surely are configured by default for shadow passwords. When you attempt to login, whatever you type in is encrypted again and compared with the entry in the file that stores your passwords. If they match, it must be the same password, and you are allowed access. Although DES is a two-way encryption algorithm (you can code and then decode a message, given the right keys), the variant that most unicies use is one-way. This means that it should not be possible to reverse the encryption to get the password from the contents of /etc/passwd or /etc/shadow . Any entry in the password file with a user-ID of "0" (zero) is a root entry, regardless of what it's called. Choose effective passwords There is a great deal of information available on the Internet regarding choosing good passwords. A password minimum of 6 characters should be enforced, and 8 characters provides a significant improvement in security. You can find more information on improving password security in the postscript document titled Foiling the Cracker: Survey of, and Improvements, to Password Security and demonstrates the ease with which most passwords can be guessed by a motivated attacker. Brute force attack tools, such as John the Ripper , can often guess passwords unless yourpassword is sufficiently random. PAM modules allow you to use a different encryption routine with your passwords (MD5 or the like) making it more difficult to crack. Protect your password by following these guidelines: Never share your password. When you tell someone your password and let them log in to your account, the system loses its ability to hold individual users accountable for their own actions. Do not write down your password. Many system penetrations occur simply because a user wrote his or her password on a terminal. If a password must be recorded, keep it under lock and key. Never use an old password again. This increases the probability that someone can guess the password. Never type a password while someone is watching. It is possible to steal a password simply by watching someone type it. Be especially careful if you are using a workstation in a public area. If you are allowed to choose your own password, choose your password wisely. Select passwords that are hard to guess. Never use an ordinary word or a proper name, your spouse's, child's, or pet's name, your birthday, your address, or a machine name, even if these words are specified backward, permuted in some other way, or have a number added to the front or back. Always choose a password that contains some numbers or special characters. Always select different passwords for different machines, but never use the name of the machine, even permuted. Although these procedures add a small amount of effort to your login, they help to avoid system compromise. Resources: Department of Defense Password Management Guideline -- Enumerates a number of good password management practices. Selecting Good Passwords -- Quick list of things to keep in mind when choosing a password and should be consulted when developing your security policy. Standard for Automated Password Generator -- Federal Information Processing Standard No. 181. Foiling the Cracker: A Survey of, andImprovements to, Password Security -- Demonstrates the ease with which most passwords can be guessed by a motivated attacker. Observing Reusable Password Choices -- A method for observing password choices made by users, and how to protect it from being compromised. OPUS: Preventing Weak Password Choices -- A system that uses Bloom filters to implement a constant-time dictionary lookup, regardless of dictionary size, to check a user's password choice for " goodness" User Authentication and Related Topics: An Annotated Bibliography Password Security: A Case History -- A description of the original UNIX password algorithm, and the reasons for replacing it with the current one. UNIX Password Security - Ten Years Later -- A reexamination of the UNIX password algorithm after ten years of advances in software and hardware. The S/Key One-Time Password System -- A freely available implementation of one-time passwords. . Robust passwords play a vital role in preventing unauthorized access. Discover essential strategies for developing and protecting your passwords.. Password Management, User Authentication, Encryption Techniques. . Anthony Pell
Jul 06, 2000
•
How to Learn Tips and Tricks
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More