Stay Ahead With Linux Security HOWTOs
How to Secure My Network
security advisory remote access
security advisory remote access Most of the time, nobody notices. SSH authentication succeeds, no alerts are generated, and the connection looks exactly the way it did the day the key was installed. That's part of the problem. . When security teams investigate unauthorized access on Linux systems, they often focus on passwords, exposed services, or vulnerable software. Trusted access receives less attention. Yet a single forgotten or unauthorized SSH key can provide the same access as a legitimate user while attracting very...
Jun 03, 2026
How to Secure My Networkintrusion detection application security
intrusion detection application security The wrong IPS rule can look like a security fix right up until it becomes an outage. . On Linux systems, detection and prevention are often discussed together, but they do not carry the same operational risk. One tells admins that something suspicious happened. The other can decide whether traffic is allowed to continue. That is why IDS vs IPS is not just a definition to memorize. It is a deployment decision about where to monitor, where to block, and how much confidence a team needs before...
Jun 01, 2026
How to Secure My Networkunauthorized access security techniques
unauthorized access security techniques Exposed SSH servers are continuously hammered by brute-force attacks, password spraying, credential stuffing, and recycled passwords from infostealer dumps. Attackers rotate usernames, test weak credentials, and probe for anything that gives them initial access. The logs usually look messy long before the compromise happens. . The difficult part is separating harmless failures from actual intrusion activity. One failed login from an internal workstation rarely matters. Repeated failures...
May 28, 2026
How to Secure My Networksecurity advisory incident response
security advisory incident response The first 30 minutes after discovering a compromised Linux server usually decide how much evidence remains available. One rushed reboot or cleanup attempt can wipe logs, terminate malicious processes, or remove network activity that investigators still need to review. Attackers also do not usually stay on one system for long once access is established. Early response is mostly about preserving visibility. Collect process information. Save network connections. Limit access carefully before...
May 28, 2026
How to Secure My Networknetwork monitoring Linux server
network monitoring Linux server When a Linux server initiates an unauthorized outbound connection to an unknown IP address, it rarely triggers an immediate system failure. Instead, the server continues running normally, and the connection is usually only discovered during a routine firewall log review, a DNS audit, or a post-incident investigation. Because there are no obvious system crashes or performance drops, these quiet outbound sessions can easily be overlooked. . However, treating these anomalies lightly is a...
May 27, 2026
Refine HOWTOs
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security HOWTOs
We found -3 articles for you...
167
privilege escalationpen-testingsystem assessmentEffective Enumeration Techniques for Linux Privilege Escalation
Want to gain superuser access to a Linux system? Here are some of the best ways to enumerate a Linux machine. . Enumeration is one of the key stages of penetration testing. It's the first thing to do when you've compromised a target system as a penetration tester. Although there are a plethora of tools to automate this process, it's always recommended to manually scour through and double-check the system for potential vectors of privilege escalation. Let's look at the different ways to manually enumerate a Linux system for privilege escalation. Privilege escalation, also known as Escalation of Privilege (EOP) is a core component of penetration testing and the penetration testing methodology. As the name suggests, it's a stage when you attempt to elevate your privileges to the administrator or, in Linux systems, the root user. To gain root privileges, you need to first find a vulnerability in the system. This is where enumeration comes into play. Though there are tools to automate enumeration, more often than not, manual and thorough enumeration can uncover misconfigurations and other vulnerabilities that aren't picked up by tools. . Effective enumeration is key in Linux penetration testing for superuser access. Explore users, services, packages, SUID files, and network configs for vulnerabilities. Linux Enumeration, Privilege Escalation Techniques, Security Assessment Methods. . Brittany Day
Jun 10, 2023
•
How to Secure My Network
166
privilege escalationauthenticationSSHBypassing SSH Bastion Authentication With Multiplexing Techniques
For any red teamer, SSH bastions (hosts that can control access between environments) can be difficult to compromise due to the use of multi-factor authentication (MFA) technologies. In a typical scenario, you may end up on a user’s host that has access to the bastion thanks to phishing or exploiting a vulnerability with the compromised user’s permissions. Learn more about SSH multiplexing and its role in bypassing authentication on SSH bastion hosts: . The normal course of action is to identify the privilege escalation vector in order to get root. This privilege escalation is not always a possibility, but using a method that takes advantage of an SSH feature called “multiplexing” can help with this pivoting. SSH multiplexing is the ability to send multiple SSH connections using a single pre-existing connection. This is used in environments to improve efficiency and reduce resource load. This isn’t a new feature: there’s a detailed write-up in the OpenSSH Cookbook about how it works; HD Moore & Valsmithpresented on the topicat DEF CON back in 2007. The only major difference is that, today, SSH bastion hosts are heavily used in many production environments. These bastion servers will typically use a form of MFA that can be a major obstacle when attempting to pivot into sensitive areas of a network. The link for this article located at NCC Group is no longer available. . Explore the advantages of SSH session multiplexing to streamline secure access and mitigate authentication hurdles on gateway servers.. SSH Authentication, Bastion Hosts, Privilege Escalation, SSH Multiplexing, Red Team Techniques. . Brittany Day
Oct 25, 2019
•
How to Learn Tips and Tricks
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More