Alerts This Week
Warning Icon 1 770
Alerts This Week
Warning Icon 1 770

Linux Network Security - Page 38

For years, IPv4 was the only proxy type that really mattered for anyone running automation off a Linux box. IPv6 was the protocol everyone said they’d migrate to, but almost nobody actually did. In 2026, that’s finally starting to shift. ...

Researchers recently identified another wave of malicio...

The romanticized image of the digital nomad – a laptop ...

Discover Network Security News

LS Hmepg 337x500 34 Esm H267

BIND Update: Important Advisory on DNS Cache Poisoning Risks

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The InfoCon is currently set at yellow in response to the DNS cache poisoning issues that we have been reporting on for the last several days. We originally went to yellow because we were uncertain of the mechanisms that allowed seemingly "secure" systems to be vulnerable to this issue. Now that we have a better handle on the mechanisms, WE WANT TO GET THE ATTENTION OF ISPs AND ANY OTHERS WHO RUN DNS SERVERS THAT MAY ACT AS FORWARDS FOR DOWNSTREAM Microsoft DNS SYSTEMS. If you are running BIND, please consider updating to Version 9.

LS Hmepg 337x500 34 Esm H267

Exploring DNSSEC Key Management and Its Security Challenges

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

DNSSEC, which stands for DNS Security Extensions, is a method by which DNS servers can verify that DNS data is coming from the correct place, and that the response is unadulterated. In this article we will discuss what DNSSEC can and cannot do, and then show a simple ISC Bind 9.3.x configuration example.

LS Hmepg 337x500 34 Esm H267

Detailed Study of Evolving DNS Cache Poisoning Threats and Attacks

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Around 22:30 GMT on March 3, 2005 the SANS Internet Storm Center began receiving reports from multiple sites about DNS cache poisoning attacks that were redirecting users to websites hosting malware. As the "Handler on Duty" for March 4, I began investigating the incident over the course of the following hours and days. This report is intended to provide useful details about this incident to the community. The initial reports showed solid evidence of DNS cache poisoning, but there also seemed to be a spyware/adware/malware component at work. After complete analysis, the attack involved several different technologies: dynamic DNS, DNS cache poisoning, a bug in Symantec firewall/gateway products, default settings on Windows NT4/2000, spyware/adware, and a compromise of at least 5 UNIX webservers. We received information the attack may have started as early as Feb. 22, 2005 but probably only affected a small number of people.

LS Hmepg 337x500 34 Esm H267

Understanding Security Myths That Could Compromise Your Network

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Hacker tools are growing more sophisticated and automated. Hackers can now quickly adapt to new security vulnerabilities as they are uncovered and distribute the fruits of their exploits more widely with the help of automated toolkits. And they're employing an ever-increasing range of methods to find individuals' and companies' private information and use it to their own advantage. And yet many of us have a false sense of security about our own data and networks. We install a firewall at the perimeter, put anti-virus and anti-spyware tools on our desktops, and use encryption to send and store data. Microsoft and the big security companies provide ever-improving tools and patches to protect us. Although others who are less careful might be at risk, we're safe, right?

LS Hmepg 337x500 34 Esm H267

George Mason University Data Breach Warning for 32,000 Individuals

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

When a hacker broke into the network at George Mason University (VA) earlier this year, IT officials were absolutely powerless to stop him. Within minutes, the hacker compromised the school’s main Windows 2000 server and gained access to information that included names, Social Security numbers, university identification numbers, and even photographs of almost everyone on campus. Next, he poked around for a back door into other GMU servers that store information such as student grades, financial aid, and payroll.

LS Hmepg 337x500 34 Esm H267

Boosting Your Online Privacy Using Tor for Enhanced Data Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

You may never think about it, but many of your online activities may be monitored and analyzed. Advertising companies, government agencies, and private users can use traffic analysis to gather information about which Web sites and pages you visit, what newsgroups you read, and whom you talk to on IRC. While there is no need to be paranoid (or is there???), you can keep your online communication private. The Tor project can help you with that.

LS Hmepg 337x500 34 Esm H267

SmoothWall Advanced Firewall: Enhanced Security & User Authentication

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Network security specialist SmoothWall Limited, is today previewing its new Advanced Firewall, aimed at enterprise customers and organisations with demanding security requirements. Like its existing Corporate firewall for medium sized organisations, Advanced Firewall is based on open source technology, enabling SmoothWall to provide sophisticated enterprise class features at prices starting from £950.

LS Hmepg 337x500 34 Esm H267

Rethinking Security: Beyond Traditional Defenses Against Internal Threats

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

There is a classic moment during the battle for Helm’s Deep in the epic film, Lord of the Rings, the Two Towers, when King Theoden stands atop the supposedly impregnable city. Rain sodden, he surveys the massed ranks of Saruman’s armies and defiantly shouts ‘Is this all you’ve got?’ A few fateful minutes, and a well placed explosive, later his confidence is shattered and replaced with fear as he realises that his fortress has been penetrated. Whilst this may have been a marvellous piece of celluloid drama, this scene could have been replicated in the IT departments of many enterprises throughout 2004. Replace Helm’s Deep with firewalls and the Orcs with trojans and viruses and you’ll soon appreciate the similarities.

LS Hmepg 337x500 34 Esm H267

Improving Linux Internet Access Using Mobile IPv6 Technology

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The woman who cut me off on the freeway because she was too busy talking on her cell phone might not have had a clue, but she probably had an IP address. Mobile devices, from cell phones to PDAs to the automobiles themselves, increasingly require always-on Internet connectivity. According to at least one report, the average U.S. home has over 250 devices that could benefit from Internet connectivity. While the number of IP addresses in the world is large -- IPv4's 32-bit addressing scheme enables 4 billion addresses -- it is not infinite. And the woman applying blue eyeshadow on the 101 freeway is using up one of them.

LS Hmepg 337x500 34 Esm H267

Combat DNS-Based Phishing Threats Through User Awareness

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Phishing fraudsters are using a pair of DNS exploits to help give them the illusion of credible domains, the latest ploy to dupe people into handing over their sensitive information. According to research firm Netcraft, phishers have begun to use wildcard DNS records to help trick unsuspecting users into giving up information about their identity.

LS Hmepg 337x500 34 Esm H267

Exploring Active And Passive Scanning Techniques For Network Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

There are two approaches to network vulnerability scanning, active and passive. The active approach encompasses everything an organization does to foil system breaches, while the passive (or monitoring) approach entails all the ways the organization oversees system security. When making buying decisions for your organization, it's a mistake to think that you have to choose between the two types of protection.

LS Hmepg 337x500 34 Esm H267

VoIP Security Challenges: Implications for IT Management Teams

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

New technology often leads to improved productivity, but it also arrives with new IT challenges, often centering on security. "With any new technology, security functions tend to be the last area that matures," noted Pete Lindstrom, Research Director at Spire Security LLC, a market research firm focusing on security issues. Voice over IP (VoIP) has begun to make significant inroads in the enterprise, so IT managers need to be aware of the unique security challenges it presents.

LS Hmepg 337x500 34 Esm H267

Gecko-Based Browsers: Spoofing Flaw Risks Identity Theft

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The flaw affects a broad range of browsers that use the open-source Gecko browser kernel. Anyone using Firefox, Safari, or the like, could be visiting spoofed sites without realizing it. Since some phishing scams rely on fake sites to collect personal information, users could be opening themselves up to identity theft.

LS Hmepg 337x500 34 Esm H267

IBM's Findings on Linux: Securing Networks with Open Source Solutions

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

An IBM report that tested the suitability of Linux software to secure an network its entirety has come to light months after it was originally published. Tested over three months at IBM's Linux Test Integration Center (LTIC) by a seven-person team, the 87-page report set out to test a wide range of open-source Linux products supported by IBM to see whether they could adequately protect a middleware environment. Only open source products were used.

LS Hmepg 337x500 34 Esm H267

IBM's Three-Month Study of Linux in Network Security Solutions

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Tested over three months at IBM’s Linux Test Integration Center (LTIC) by a seven-person team, the 87-page report [pdf] titled "Linux Security: exploring open source security for a Linux server environment" set out to test a wide range of open-source Linux products supported by IBM to see whether they could adequately protect a middleware environment. Only open source products were us

LS Hmepg 337x500 34 Esm H267

VoIP Security Risks: Protecting Your Phone Network Efficiency

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Imagine that you deliver an application with 100%, instant-on availability. Security is rock-solid. Costs are dropping. Users never complain. And anytime you upgrade, even if you buy software and gear with new features from a different vendor, user acceptance is always immediate and training virtually nil.

Your message here