Linux Network Security - Page 14

Discover Network Security News

Warning: Undefined property: stdClass::$helix_ultimate_image in /var/www/www.linuxsecurity.com-443/html/templates/newsberg/html/com_content/category/blog_item.php on line 54

Warning: Undefined property: stdClass::$helix_ultimate_image in /var/www/www.linuxsecurity.com-443/html/templates/newsberg/html/com_content/category/blog_item.php on line 55

Analysis Of Cloud Security Threats And Solutions Overview

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Top Cloud Security Threats Report compiled by the Cloud Security Alliance (CSA), and commissioned by CSA member Hewlett-Packard (HP), is intended to alert businesses to current and future cloud computing risks. Based on a survey of corporate IT security experts across 29 companies, the report recommends strategies companies can use to protect their business transactions and data.

Alex
Mar 03, 2010

2010 Internet Security: FTC Warnings And Hacking Incidents Overview

It's already been a busy year in the area of Internet freedom and security. First, Google reported that it, along with a bunch of other major companies, had been hacked, and pointed the finger at China. Then Secretary of State Hillary Rodham Clinton gave a few "Remarks on Internet Freedom" in which she pushed for one Internet, without barriers.

Anthony Pell
Mar 03, 2010

Nominet Begins DNSSEC Implementation for .uk Domain Protection

Nominet, the U.K.'s domain name registry, will begin implementing a security protocol on Monday designed to protect the DNS (Domain Name System). The system, called DNS Security Extensions (DNSSEC), uses public key cryptography to digitally "sign" the DNS records for Web sites. It is designed to stop attacks such as cache poisoning, where a DNS server is hacked, making it possible for a user to type in the correct Web site name but be directed to a fake Web site.

Alex
Feb 26, 2010

M86 Security Findings on Botnets Fueling Email Malware Surge

Malicious spam volumes increased dramatically in the back half of 2009, reaching three billion messages per day, compared to 600 million messages per day in the first half of 2009. But this is still a tiny fraction of the estimated global spam volume, thought to be about 200 billion messages per day.

Alex
Feb 17, 2010

OpenDNSSEC Project Launch: Enhancing DNS Traffic Encryption Security

A consortium of security and infrastructure management organisations has launched a new project to help secure Domain Name System (DNS) queries. OpenDNSSEC will provide a way for service providers and hosting vendors to encrypt DNS traffic.

Anthony Pell
Feb 10, 2010

Threats of Cache Poisoning And Data Theft Over Public Wi-Fi

Public Wi-Fi networks such as those in coffee shops and airports present a bigger security threat than ever to computer users because attackers can intercede over wireless to "poison" users' browser caches in order to present fake Web pages or even steal data at a later time.That's according to security researcher Mike Kershaw, developer of the Kismet wireless network detector and intrusion-detection system, who spoke at the Black Hat conference.

Alex
Feb 04, 2010

Exploring Satellite Internet Exploitation Techniques at Black Hat

Satellites can bring a digital signal to places where the Internet seems like a miracle: off-the-grid desert solar farms, the Arctic or an aircraft carrier at sea. But in beaming data to and from the world's most remote places, satellite Internet may also offer its signal to a less benign recipient: any digital miscreant within thousands of miles.

Anthony Pell
Feb 02, 2010

Twitter Security Alert: Password Reset Due To Phishing Incident

Twitter reset passwords for an unknown number of users on Tuesday whose accounts appeared to have been compromised via phishing. "As part of Twitter's ongoing security efforts, we reset passwords for a small number of accounts that we believe may have been compromised offsite," the company said in a statement.

Anthony Pell
Feb 02, 2010

Data Breach Report: Need for Enhanced Security Awareness and Education

Research carried out by the University of Bedfordshire in conjunction with 7Safe, the IT forensics specialist, has found that there are a number of areas where organisations are commonly neglecting internet security and being rewarded with a data loss incident.

Anthony Pell
Jan 29, 2010

University Cybersecurity: Managing Client Risks While Ensuring Safety

Which is more important in a network: the client machines or the system infrastructure? This could be debated until the cows come home and further debated to include the cows. Personally I would say the latter, but as we have seen this week, one single client machines can open up an almighty can of whoop-ass on the entire network.

Alex
Jan 25, 2010

Survey Reveals Top Cloud Security Concerns for Providers and ISPs

According to Arbor Networks' latest annual Infrastructure Security Report (Volume 5) survey of 132 large IP operators from across the world, 35 percent of respondents put this at the top of their worry list for the next year, ahead even of the traditional anxiety over botnets and DDoS.

Anthony Pell
Jan 19, 2010

CPAN Testers DDoS Threat: Blocking Microsoft Bots For Site Access

The Perl CPAN Testers have been suffering issues accessing their sites, databases and mirrors. According to a posting on the CPAN Testers' blog, the CPAN Testers' server has been being aggressively scanned by "20-30 bots every few seconds" in what they call "a dedicated denial of service attack"; these bots "completely ignore the rules specified in robots.txt".

Anthony Pell
Jan 18, 2010

DDoS Attack Surge: Botnet Threats to Corporations and Governments

Distributed denial of service (DDoS) attack are certainly nothing new. Companies have suffered the scourge since the beginning of the digital age. But DDoS seems to be finding its way back into headlines in the past six months, in thanks to some high profile targets and, experts say, two important changes in the nature of the attacks.

Benjamin D. Thomas
Jan 14, 2010

Ex-Military Hacker Develops Multi-Thread DDoS Tool For Linux Servers

A politically-motivated hacker has apparently developed a multi-thread, thin-client denial of service attack application that effectively allows him to launch a distributed denial of service (DDOS) attack on a website from a single linux server.

Benjamin D. Thomas
Jan 13, 2010

Effective Linux VPN And OpenVPN Solutions For Remote Access

The problem with corporate networks is they not only stop the bad guys coming in but also your users who want to work remotely, whether at home, at a client site or on the road. Here is where a VPN product comes in, and the simplest to deploy on Windows is a Linux virtual appliance called OpenVPN.

Anthony Pell
Jan 12, 2010

How To Secure Your Data: Sniffing Network Traffic Using Wireshark

The internet is inherently insecure. Whenever you send data across it, there is a chance that that data could be sniffed, and someone could end up with your personal data. Hopefully once you've read this article, you'll have a better understanding of how to prevent this from happening.

Alex
Jan 12, 2010

Understanding Enterprise Cloud Computing For Enhanced Agility And Security

What is enterprise cloud computing? Simply stated, it

Alex
Jan 04, 2010

Small Business Security: The Power of Managed Services for Protection

As more and more critical applications and services move to the cloud, organizations are increasingly receptive to the idea of using a managed security service to protect their network and information assets. The number and types of external threats to a network are growing uncontrollably, and unless a company has a dedicated and highly specialized team devoted to network security, it's hard to keep up with the rapidly changing threat landscape. After all, the threats of the Internet are the same for every company regardless of its size.

Alex
Jan 04, 2010

Understanding IaaS and PaaS Security in Cloud Ecosystems

OWASP AppSec DC 2009 had a compelling session that defined cloud taxonomies and the security implications associated with the cloud computing. The three taxonomies that have become part of our vernacular are: 1. Infrastructure as a Service (IaaS): Set of virtualized components that can be assembled to build a application. Amazon EC2, Rackspace, Opsource, and GoGrid are examples of IaaS where you can rent "virtual" hardware and software as a "pay-as-you-go" services. If you need 5 Linux servers running MySQL Database for 3 months, you'd subscribe to an IaaS provider and using their REST or Web service-based API (or command line if you're too cool) to provision, de-provision and monitor your instance.

Alex
Dec 30, 2009

Fabian Yamaguchi Uncovers Network Flaws and Attack Strategies at 26C3

At the 26th Chaos Communication Congress (26C3) in Berlin, security researcher Fabian Yamaguchi demonstrated a number of vulnerabilities that can apparently be found in many average communication networks and affect all levels from the access layer to the application layer. Attackers exploit many minor design flaws which allow "dangerous attacks" when combined, explained the Berlin-based security expert who last year investigated vulnerabilities in the basic TCP internet protocol. Overall, the "bugs" can reportedly be exploited to hijack a proxy server such as Squid and control all of the network traffic that flows through it.

Anthony Pell
Dec 29, 2009

Community Poll

More Polls