Linux Network Security - Page 87

Discover Network Security News

Warning: Undefined property: stdClass::$helix_ultimate_image in /var/www/www.linuxsecurity.com-443/html/templates/newsberg/html/com_content/category/blog_item.php on line 54

Warning: Undefined property: stdClass::$helix_ultimate_image in /var/www/www.linuxsecurity.com-443/html/templates/newsberg/html/com_content/category/blog_item.php on line 55

SANS Report: Linux and Unix Higher Security Risk for Internet Attacks

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A SANS Institute of America report has named Linux and Unix operated sites as more vulnerable to internet attacks than Windows and Mac powered sites. Compiled by US industry, government, and academics, the June 1 paper, titled How to Eliminate the Ten Most Critical Internet Security Threats: The Experts' Consensus, names versions of Unix and Linux systems in nine out of a "top ten" list of security vulnerabilities for operating systems that engineers "need to eliminate". Dean Stockwell, director of sales and support, Network Associates Asia-Pacific, dismissed SANS's report as "skewed".

Anthony Pell
Jun 07, 2000

Additional Cyber Threats for Network Admins Underscore Vigilance Needs

The threats listed in the document are just the "tip on the iceberg," Nowland said, warning network administrators not to feel safe simply because they address the 10 concerns outlined by SANS. NETSEC intends next week to release its . . .

Anthony Pell
Jun 06, 2000

How Hackers Exploit Weak Site Security Through Search Engines

"... With a bit of ingenuity, anyone can skirt basic password authentication and go straight to the goodies on those sites where administrators are foolish enough to post them. If the desired information is contained in a Web page, anyone . . .

Anthony Pell
Jun 05, 2000

Government Cybersecurity: Addressing Threats to Agency Networks

"In the race to get online, network security has been something of an afterthought. But even the most obscure agency can be a target for Internet intruders. .. According to records on Web site defacements kept by attrition.org, a hacking . . .

Anthony Pell
Jun 05, 2000

SANS Insights on Critical Security Flaws Leading to Cyber Attacks

The SANS threat list has become the focus this week. "The majority of successful attacks on computer systems via the Internet can be traced to exploitation of one of a small number of security flaws, SANS said. Most . . .

Anthony Pell
Jun 02, 2000

SANS Report Reveals Common Security Threats and Management Strategies

More on the recent SANS report. ""Many of the vulnerabilities on that list are well-known vulnerabilities that everyone knows about," said Sean Hernan, team leader for vulnerability handling at the Computer Emergency Response Team (CERT) Coordination Center at Carnegie . . .

Anthony Pell
Jun 02, 2000

Allegro Software RomPager TS002 Advisory: Critical DoS Threat

Here is a pretty serious DoS advisory released on Bugtraq. I am not aware of any fixes, yet. We'll keep you posted! "Allegro-Software-RomPager is an http server which is used in network hardware like switches to provide a . . .

Anthony Pell
Jun 02, 2000

Cisco: TACACS+ Buffer Overflow Advisory: Critical Access Control Patch

TACACS+ is a protocol used to provide access control for routers and network devices created by Cisco. Solar found a buffer overflow and reported it and supplied a patch in the report below. Cisco later responded to . . .

Anthony Pell
Jun 01, 2000

Nmap 2.53 Release: Enhanced Features for Network Scanning

The latest version of nmap, a utility for port scanning networks, has been released. This tool should be in everyone's security arsenal. "The main addition is IP Protocol scan mode (-sO) which tells you what protocols the host . . .

Anthony Pell
May 31, 2000

Overview of Secure Shell: Advantages and Setup Guidelines Explained

This article explains the need and rationale for Secure SHell, an encrypted communications channel which functions as a telnet replacement, and also guides you through the process of installing and using SSH on your own system. . . .

Anthony Pell
May 31, 2000

Government Policy Changes on Internet Access Amid Security Risks

When it emerged less than a decade ago, the World Wide Web was quickly embraced as a bright new medium that could help reinvent government and revitalize democracy. But gradually government policy-makers have also seen that the Web has a . . .

Anthony Pell
May 31, 2000

Best Practices To Manage Cybersecurity Threats For Classified Info

If your agency deals in classified or sensitive information, you probably wage an ongoing war against Internet hackers. The danger isn’t so much from hackers’ creativity as much as it’s due to managers’ failures to seal security holes, establish policies . . .

Anthony Pell
May 30, 2000

Popa3d v0.4 Contributions: Kerberos v4 and APOP Authentication Enhancements

Dug Song has contributed Kerberos v4 (KPOP) and APOP authentication patches for popa3d v0.4. I've mirrored them into popa3d/contrib on the FTP and added links to the popa3d page at the usual location: . . .

Anthony Pell
May 30, 2000

3GPP Accepts IPv6 As Standard Protocol For Mobile Multimedia Networks

"... The proposal, which paves the way to make IPv6 the standard protocol in third-generation mobile multimedia networks, was accepted this week in a plenary session of the system architecture group of the 3GPP (Third-Generation Partnership Project), Nokia said in . . .

Anthony Pell
May 29, 2000

Investigating the Security Aspects of IPv6 and SSL Protocols by Reto Haeni

Reto Haeni has written this paper that gives a brief overview of the features of IPv6 and discuss its security specifications. In the later sections of the paper, he compares the security specifications of IPv6 to one of today's available . . .

Anthony Pell
May 29, 2000

WAP Security: Enhancing Mobile File Transfers and Encryption Methods

Accessing the Web using WAP (Wireless Application Protocol)-enabled mobile phones may be all the rage, but what about the security issues? While it is possible to encrypt selected sections of the Web using a desktop PC with conventional browser and . . .

Anthony Pell
May 26, 2000

Wireless LANs Urgent Equipment Replacement: Spectrum Crowding Risks

The spectrum used by the LANs' signals is expected to become crowded so quickly that companies could find themselves replacing all of their wireless equipment in just two to three years, as wireless technology is forced to move to less . . .

Anthony Pell
May 24, 2000

Exploring Security Challenges of Always-On Internet Connectivity

The two best things about those fast Internet connections you get from cable, DSL, and ISDN are that you don't have to dial a number to connect to the Internet, and they are also easy to share over a network. . . .

Anthony Pell
May 24, 2000

Setting Up Host-Based Intrusion Detection Systems on Linux

This article focuses on several host-based intrusion detection systems that are available on Linux. In particular, I will cover some of the basics of installing setting up these packages, how they are useful, and in what circumstances they can be . . .

Anthony Pell
May 23, 2000

Slashdot.org DDoS Attacks: Three Day Outage Impact to Linux Fans

Slashdot.org, the "news for nerds" Web site popular among Linux fans, fell victim to a series of hacker attacks for three days last week. The site was taken down intermittently by a series of distributed denial-of-service (DDoS) attacks Thursday, . . .

Anthony Pell
May 22, 2000

Community Poll

More Polls