Linux Network Security - Page 35

Discover Network Security News

New Linux Worm Exploits PHP Injection and Command Execution Threats

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Over the weekend reports began to filter in of a new network worm that focused on a variety of vulnerabilities in products typically found in Linux-based Web servers. It's been tagged by many as a Linux problem, and is, in a practical sense, although most of the vulnerabilities aren't strictly Linux issues. So far there's no evidence it's a serious real-world problem, although the Internet Storm Center has been reporting that they are seeing multiple variants of it circulating around the net.

Brittany Day
Nov 09, 2005

IP Network Security Concerns and Executives' Deployment Plans

Despite high levels of concern about the security of IP networks, companies are planning to press ahead and roll out the technology regardless, according to research from the Economist Intelligence Unit (EIU).

Brittany Day
Nov 08, 2005

Secure Shell Approaches for Enhanced Remote Access Security

Telnet, Rsh, Rlogin, Rcp, and FTP are commonly used methods to access files and execute commands on remote servers. They are available in most operating systems and work seamlessly in multi-platform environments. However, this convenience comes with major security risks. This document is intended for IT professionals at enterprises who need to secure file transfer and system administration access methods in heterogeneous and large-scale environments.

Benjamin D. Thomas
Nov 07, 2005

Enhance Linksys WAP With OpenWRT For Greater Customization

A lot of Linux geeks are master scroungers, because Linux is so adaptable that old AMDs, classic Pentiums and even 386es and 486es can be put to use in some way. It's a shame to throw away old equipment when it can be repurposed as networking devices like firewalls, authentication servers and routers. But as fun as it is to recycle, I'll wager I'm not the only who has gazed upon shiny new devices like the Linksys WRT54G and sighed "Wouldn't that be a great device for my network! It is small, cheap, and uses little power.

Benjamin D. Thomas
Oct 26, 2005

Understanding VoIP Security Threats: Insights and Expert Analysis

Is enterprise VoIP (voice over IP) due for a security wakeup call or are the threats mostly exaggerated? It depends on who's talking. "The security aspects of enterprise VoIP have been overblown," says Irwin Lazar, senior analyst at the Burton Group. "There's a lot more attention being paid to the fear of attack than what is actually possible."

Benjamin D. Thomas
Oct 25, 2005

David Lynch Discusses Insider Threats and Network Security Challenges

We conducted a brief Q&A session with David Lynch, CMO at Apani Networks, a global network security software provider focused on securing inside the network perimeter. He discusses the security breach in White House, internal security attacks in general and how to prevent them.

Brittany Day
Oct 12, 2005

Key Compliance Hurdles: Best Log Management Strategies for Sarbanes-Oxley

Companies are now finding that log management is a cornerstone best practice in their compliance efforts. Sarbanes-Oxley 404 Internal IT Control requirements infer rigorous end-to-end Log Management and Archival. Net Report helps companies face this issue.

Brittany Day
Oct 07, 2005

Cisco Enhances Network Security Strategy With Incident Control Tools

Cisco Systems took steps Tuesday to address the growing need for more secure networks that can defend themselves against a variety of threats with the introduction of new incident-control and threat-mitigation software and services. It also has new versions of the company's intrusion-prevention signature (ISP) system and IOS router operating system software.

Benjamin D. Thomas
Sep 29, 2005

Cisco Enhances Security Certifications for IT Professionals

Cisco Systems Inc. is revamping its security professional-level certifications to better reflect the networking giant's emphasis on its Self-Defending Network strategy.

Brittany Day
Sep 20, 2005

Cisco IOS Critical Advisory: Router Buffer Overflow Threat Exploit

Cisco alerted its customers Wednesday about a serious security flaw in many of its Internet routers, which serve as key intersections in channeling Web and e-mail traffic from point to point. Cisco Systems Inc., based in San Jose, Calif., warned that attackers could use the flaw to seize control over specified vulnerable routers—not most routers currently in use.

Brittany Day
Sep 08, 2005

Debate on ICMP Risks and Proposed Enhancements for Network Security

Fernando Gont is nothing if not tenacious. Earlier this year, the Argentinian researcher highlighted several attacks that could disrupt network connections using the Internet control message protocol, or ICMP, and proposed four changes to the structure and handling of network-data packets that would essentially eliminate the risk.

Brittany Day
Sep 08, 2005

Network Security Sales Rise By 23% Due To Virus Attack Fears

Fuelled by increasing fears of virus and hack attacks, global network security appliance and software sales continue to climb steadily, rising four per cent to $1bn between the first and second quarters of this year, according to newly published figures.

Brittany Day
Aug 31, 2005

Start Your Network Security Adventure in Just Ten Minutes Today

The Internet can be a dangerous place, full of viruses, worms and hackers bent on doing harm to your network. "Security first" has become a kind of mantra for IT professionals and CIOs, while regulations like Sarbanes-Oxley have made network protection as much a question of legal responsibility as good business sense.

Brittany Day
Aug 31, 2005

Prepare IT Departments for IPv6 Transition Amid Growing Internet Usage

IPv6 is the replacement for IPv4, the protocol used to send and receive network traffic. The main benefit of the new version is that it offers an almost unlimited number of IP addresses. This is important as the number of internet users and connected devices, each requiring a unique IP address, is set to increase rapidly over the next few years. Although operating systems such as Unix and Linux already support IPv6, there is expected to be a huge increase in usage with the release of Windows Vista, the next version of the Microsoft operating system, next year.

Benjamin D. Thomas
Aug 31, 2005

Enhancing Cyber Defense With Collaborative Threat Information Sharing

Earlier this month, a series of worms--the first of which was named Zotob--took down a significant number of Windows 2000 PCs around the world. Microsoft issued a patch and said there was no threat to Windows XP systems unless the attacker had valid log-on credentials. About two weeks later, Microsoft discovered that wasn't the case, and said the same vulnerability that Zotob used to victimize Windows 2000 systems also existed on some Windows XP systems.

Brittany Day
Aug 30, 2005

FBI Arrests Zotob Worm Creators: Insights Into Global Cybercrime

Local police have arrested two people in Turkey and Morocco under suspicion of involvement in the Zotob, Rbot and Mytob computer Windows 2000 worms, according to Microsoft.

Brittany Day
Aug 29, 2005

Understanding Domain Hijacking Risks And Protection Strategies

Domain name hijacking broadly refers to acts where a registered domain name is misused or stolen from the rightful name holder. A domain hijacking is a security risk many organizations overlook when they develop security policy and business continuity plans. While name holders can take measures to protect their domain names against theft and loss, many measures are not generally known.

Brittany Day
Aug 25, 2005

Widespread Bot Attack: CNN, ABC, New York Times Targeted

CNN reported late Tuesday that a worm had hit computers in its newsroom, those at rivals ABC and the New York Times, some on Capitol Hill, and machines in Europe and Asia. Experts assumed that it was the Zotob bot worm, or one of the other bots that exploit last week's Plug and Play vulnerability on Windows 2000 machines.

Brittany Day
Aug 17, 2005

Cisco Network Security Threats: Shift Towards Infrastructure Exploits

Security issues involving Cisco kit highlighted in Michael Lynn’s presentation at Black Hat are characteristic of networking vendors in general. Cisco is just the most visible of these vendors to target as hackers raise their sights from attacking operating systems towards attacking network infrastructure and database systems, security researchers warn.

Brittany Day
Aug 09, 2005

Enhanced Network Security Through Effective DMZ Implementations

DMZs (short for demilitarized zones) have been a standard component of network design ever since firewalls were invented. A DMZ is a network segment that contains all resources, such as Web servers and mail servers, accessible from the Internet. Implementing a DMZ allows you to limit network traffic from the Internet to these resources in the DMZ, while preventing any network traffic from the Internet to your internal network. As a general rule, a DMZ server should never contain any valuable data, so even if someone managed to break into a server in the DMZ, the damage would be minor.

Benjamin D. Thomas
Aug 09, 2005

Community Poll

More Polls