Linux Network Security - Page 15

Discover Network Security News

Warning: Undefined property: stdClass::$helix_ultimate_image in /var/www/www.linuxsecurity.com-443/html/templates/newsberg/html/com_content/category/blog_item.php on line 54

Warning: Undefined property: stdClass::$helix_ultimate_image in /var/www/www.linuxsecurity.com-443/html/templates/newsberg/html/com_content/category/blog_item.php on line 55

DDoS Attack on Amazon Services: Internet Users Affected

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Internet users in parts of California were hit by DDoS attack preventing them from reach several sites. including Amazon. The sites' DNS provider, UltraDNS, was targeted by the DDoS attack. Amazon Web Services (AWS) was the first to signal something was amiss and began investigating a problem at 5.43 pm Pacific Time, The problem persisted until 6:38 pm, but in the meantime the S3 service continued to operate, AWS said.

Anthony Pell
Dec 24, 2009

Metasploit 3.3.3 Release: New Features for Security Testing

Metasploit provides useful information to people who perform penetration testing, IDS signature development, and exploit research. This project was created to provide information on exploit techniques and to create a useful resource for exploit developers and security professionals. The tools and information on this site are provided for legal security research and testing purposes only. Metasploit is an open source project managed by Rapid7.

Anthony Pell
Dec 23, 2009

Students Bypassing School Internet Security Through Proxy Servers

Many young people are using 'proxy servers' to get round their schools' internet security systems. The free services offer instant access to banned websites, including online games and social networking. Figures suggest the use of proxies has risen sharply in recent years. Security experts are warning that pupils who log on put themselves at risk of cyber crime.

Anthony Pell
Dec 22, 2009

UK Retail Wi-Fi Security: Vulnerabilities and Ongoing Risks

Wi-Fi security in UK retail environments is improving, but shops remain vulnerable to the sorts of attacks carried out as part of the infamous TJX credit card heist.

Anthony Pell
Dec 21, 2009

Understanding Botnet Exploits in FTP and SSL Server Attacks

Botnet operators have always been able to easily infect and convert PCs into bots, but they also are increasingly going after servers -- even building networks of compromised servers. Web servers, FTP servers, and even SSL servers are becoming prime targets for botnet operators, not as command and control servers or as pure zombies, but more as a place to host their malicious code and files, or in some cases to execute high-powered spam runs.

Alex
Dec 17, 2009

Understanding Google Public DNS Security Challenges And Solutions

Here's a great overview of DNS and its intrinsic security issues, and how Google hopes to address them, and improve the security of DNS on the Internet. Because of the open, distributed design of the Domain Name System, and its use of the User Datagram Protocol (UDP), DNS is vulnerable to various forms of attack. Public or "open" recursive DNS resolvers are especially at risk, since they do not restrict incoming packets to a set of allowable source IP addresses. We are mostly concerned with two common types of attacks:

Dave Wreski
Dec 05, 2009

Google DNS Service: Enhancements for Fast and Reliable Browsing

Google wants to speed up a key part of the Internet's inner workings called the Domain Name System and is inviting technically savvy folks to try their ideas out. The DNS is a crucial part of the Internet. It converts the text addresses people can remember into the numeric Internet Protocol addresses actually used to locate information on the Internet. For example, CNET.com's IP address is 216.239.122.102.

Anthony Pell
Dec 04, 2009

Analysis of Attack Methods and Trends in the Koobface Botnet Threat

News, of the latest iteration of the Koobface Botnet, has hit the blogosphere. Utilizing client based attack vectors, this evil bit of badness can

Alex
Dec 01, 2009

Bind: Critical Advisory for DNSSEC Threats in Domain Name Resolution

Makers of Bind have warned of a security vulnerability in versions of the domain name resolution application that could allow attackers to trick servers into returning unauthorized results.

Alex
Nov 25, 2009

Strategies for Large Firms to Secure Networks from Cyber Threats

It isn

Alex
Nov 24, 2009

Capture Network Packets Remotely Using Cisco Router and Tcpdump

Have you ever thought about your routers. I mean - *really* thought about them? They think all day long, processing all of the packets in and out of your company

Anthony Pell
Nov 20, 2009

Exploring Cloud Security Trends and Cyber Threats With Howard Schmidt

The bad guys of the Internet -- black hat hackers, scammers, and the like -- are becoming more organized and directed in their attacks, according to Howard Schmidt, president of the Information Security Forum. As companies begin looking toward cloud services, they're often wary of the problems they've faced in the past but also careful not to fall into the same traps again.

Anthony Pell
Nov 18, 2009

Exploring Cloud Security Insights from Whitfield Diffie

Great interview with crypto-legend Whitfield Diffie. Cryptography solutions are far-off, but much can be done in the near term, says Whitfield Diffie. Cloud computing services, such as Amazon's EC2 and Google Apps, are booming. But are they secure enough? Friday's ACM Cloud Computing Security Workshop in Chicago was the first such event devoted specifically to cloud security.

Anthony Pell
Nov 17, 2009

Exploring Encrypted Search Technologies For Enhanced Cloud Security

Recent advances in cryptography could mean that future cloud computing services will not only be able to encrypt documents to keep them safe in the cloud--but also make it possible to search and retrieve this information without first decrypting it, researchers say.

Anthony Pell
Nov 17, 2009

Inside The Life Of A Botnet Hunter In Cybercrime Defense

They're the Internet equivalent of storm chasers, spending endless hours scanning and sleuthing, looking for the telltale signs of botnets. Here's an inside look at the battle against cybercrime's weapons of mass infection.

Anthony Pell
Nov 17, 2009

DDoS Risks Arising From Open Resolvers in Home Modem Devices

Internet security experts say that misconfigured DSL and cable modems are worsening a well-known problem with the Internet's DNS (domain name system), making it easier for hackers to launch distributed denial-of-service (DDoS) attacks against their victims.

Alex
Nov 16, 2009

VeriSign DNSSEC Implementation: Enhancing Internet Security By 2011

VeriSign has said a significant outstanding internet security vulnerability will be closed by 2011, after delays caused by technical aspects of the implementation. The problem is that DNS, the Domain Name System that translates internet addresses such as website URLs into numerical values, can be seeded with false values and used to misdirect users.

Anthony Pell
Nov 16, 2009

Innovative Botnet Communication Analysis and Reverse Engineering Techniques

Networks of compromised computers controlled by a central server, better known as botnets, are a Swiss Army knife of tools for online criminals. Hackers can use these co-opted systems to churn out spam, host malicious code, hide their tracks on the Internet, or flood a corporate network to cut off its access to the Web.

Alex
Nov 13, 2009

SQL Injection And XSS Threats Lead To Serious Flaws In Web Apps

Cross-site scripting and SQL injection remain the top methods of attack. Vulnerabilities in web applications remain the primary avenue of attack for cybercriminals, according to a WhiteHat Website Security Statistics Report released this week.

Anthony Pell
Nov 13, 2009

ICANN and VeriSign Outline DNSSEC Root Zone Security Strategy

Preparations for securing the domain name system root zone using the DNS Security Extensions (DNSSEC ) protocol are entering a key phase. At the 76th meeting of the Internet Engineering Task Force (IETF) in Hiroshima, the design team from VeriSign, the internet administration authority ICANN and the US NTIA presented the strict security conditions under which the various keys required will be generated, held and renewed. IETF developers expressed concern about the lack of channels for both explaining the DNSSEC rollout, scheduled to commence in January, to ISPs and for collecting reports of anything untoward from the ISPs.

Anthony Pell
Nov 12, 2009

Community Poll

More Polls