Linux Network Security - Page 48

Discover Network Security News

Analyzing Linux Security Claims and Administration Challenges

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

An exercise for the reader: what is wrong with this picture? Laura DiDio is also known to the Linux community for her statements to the effect that SCO has a serious case. But the question here is different -- does the underlying OS make any difference to security? If not, is there a reason to care about such useless innovations as SELinux? Or should we simply take Ms. DiDio's advice: "Don't even argue those merits. Every piece of software that is connected is potentially vulnerable and at risk." . . .

Anthony Pell
Apr 05, 2004

E-Commerce Security: Protecting Transactions With SSL and Certificates

People who buy things online may be familiar with the closed-lock padlock in the bottom right hand corner of their screens. While this is meant to provide a sense of security, how many Internet shoppers actually know what it refers to? In fact the padlock is there to show that at that particular time i.e. on the current web page communications with that site will be secured using encryption based on a protocol called SSL - or Secure Socket Layer (see explanation). In an ecommerce transaction, SSL achieves two things. It authenticates to the user the identity of the organisation responsible for the site in question and ensures that any information transmitted between the purchaser's web browser and the merchant's web site is protected from potential eavesdroppers or hackers listening in from anywhere on the Internet. . . .

Anthony Pell
Apr 01, 2004

Exploring the Dangers of Mini-DDoS Attacks on Internet Access

These are distributed denial of service attacks small enough to fly below the security radars of ISPs and law enforcement agencies, but potent enough to shut down cable or DSL modems connections. . . .

Anthony Pell
Mar 30, 2004

Effective Encryption And Authentication For VoIP Security

Communications through the public, IP-based network are kept private and secure by 3DES, 128 bit encryption and attack prevention. There is also user authentication and access to the management interface is secured by RADIUS, X.509 digital certificate. . . .

Anthony Pell
Mar 26, 2004

EU Commissioner Stresses Network Security Importance Due to Cyber Threats

In today's society, much depends on networks and information systems. Additional requirements for security will rapidly increase as networking and computing develop further and electronic communications become part of all aspects of our daily lives. For instance broadband connections offer people the possibility to be "always on". . . .

Anthony Pell
Mar 25, 2004

Effective Network Troubleshooting Through The OSI Model Approach

Gideon T. Rasmussen writes, "The most efficient manner to troubleshoot a network issue is to approach it in a systematic way. Start by gathering background information; then troubleshoot following the Open System Interconnection (OSI) networking model." . . .

Anthony Pell
Mar 23, 2004

Cisco 7900 DoS Risks: Interception and Security Concerns in VoIP

The VoIP 'revolution' has been talked of since the 1990's as the 'next big thing' in the enterprise telecoms sector; saving companies vast amounts of money on both call charges and internal network infrastructure and support costs. But just as the VoIP market is finally taking a cautious step towards delivering some of its long-overdue promise, the increasing priority of IT security may force it two steps back. . . .

Anthony Pell
Mar 22, 2004

Key-Based Authentication: Enhancing SSH Remote Access Security

SSH, or secure shell, is a protocol by which users can remotely log in, administer, or transfer files between computers using an encrypted transport mechanism. Running over every major operating system, SSH provides a more secure connection method than traditional telnet or the much-maligned "r commands" (rlogin, rcp, rsh). . . .

Anthony Pell
Mar 19, 2004

Techniques For SQL Injection And XSS Detection With Snort IDS

In this article, we've presented different types of regular expression signatures that can be used to detect SQL Injection and Cross Site Scripting attacks. Some of the signatures are simple yet paranoid, in that they will raise an alert even if there is a hint of an attack. But there is also the possibility that these paranoid signatures may result in false positives. To take care of this, we've then modified the simple signatures with additional pattern checks so that they are more accurate. We recommend that these signatures be taken as a starting point for tuning your IDS or log analysis methods, in the detection of these Web application layer attacks. After a few modifications, and after taking into account the non-malicious traffic that occurs as part of your normal Web transactions, you should be able to accurately detect these attacks. . . .

Anthony Pell
Mar 18, 2004

Comprehensive Security Management Strategies for Enterprises

An optimal security posture, and one that eliminates the complexities of security management, is one that takes into account each of these four security disciplines. Adherence to best practices within these four fronts will reduce the costs of enterprise protection and lower risks while enhancing security resource allocation and inefficiencies. . . .

Anthony Pell
Mar 17, 2004

Examining Outsourcing Risks: Data Loss and Control Challenges

A woman in Pakistan recently struck fear among IT executives whooutsource. She had obtained sensitive patient documents from theUniversity of California, San Francisco, Medical Center through amedical transcription subcontractor that she worked for, and shethreatened to post the files on the Internet unless she was paid moremoney. . . .

Anthony Pell
Mar 17, 2004

Exploring Cold War Software Sabotage Insights for Exporters

A reminder of how important these are came last week with a revelation from the Cold War era, contained in a new book by a senior US national security official. Thomas Reed's At The Abyss recounts how the United States exported control software that included a Trojan Horse, and used the software to detonate the Trans-Siberian gas pipeline in 1982. The Trojan ran a test on the pipeline that doubled the usual pressure, causing the explosion. Reed was Reagan's special assistant for National Security Policy at the time; he had also served as Secretary of the Air Force from 1966 to 1977 and was a former nuclear physicist at the Lawrence Livermore laboratory in California. The software subterfuge was so secret that Reed didn't know about it until he began researching the book, 20 years later. . . .

Anthony Pell
Mar 16, 2004

Study Indicates 19% Email Failure Rate Due To Aggressive Spam Filters

As spam-fighting tools become increasingly aggressive, e-mail recipients risk losing newsletters and promotions they've requested. A new study attempts to quantify missed bulk mailings. Return Path, a company that monitors e-mail performance for online marketers, found that nearly 19 percent of e-mail sent by its customers never reached the inboxes of intended recipients. The figure, for the last half of 2003, is up 3.7 percentage points from the same period in 2002. . . .

Anthony Pell
Mar 12, 2004

David Bauer Highlights Risk Management Evolution In IT Security

David Bauer, first vice president and chief information security and privacy officer at Merrill Lynch, gave his audience a historical perspective on the evolution of IT security, starting with the Morris worm attack of 1988. That attack took the Internet by surprise, he said. There were no tools to fight back and no source of reliable information. Responses were uncoordinated, and the result was "complete havoc," Bauer said. He contrasted that with the Mydoom attack last month, when Merrill Lynch combined good tools with a coordinated and carefully planned response to understand and contain the threat after just one infection. That attack, he said, was "just another event." . . .

Anthony Pell
Mar 12, 2004

Symbiot DDoS Tool Launch Raises Ethical and Legal Issues

Security company Symbiot is about to launch a product that can hit back at hackers and DDoS attacks by lashing out with its own arsenal of tricks, but experts say it may just be a bit too trigger-happy. Symbiot, a Texas-based security firm, is preparing to launch a corporate defence system at the end of March that can fight back against distributed denial-of-service (DDoS) and hacker attacks by launching a counter-strike. . . .

Anthony Pell
Mar 11, 2004

Understanding VLAN Concepts and Configuration Techniques in Networking

To begin, we must have a more formal definition of what a LAN is. LAN stands for local area network. Hubs and switches usually are thought of as participating in a single LAN. Normally, if you connect two computers to the same hub or switch, they are on the same LAN. Likewise, if you connect two switches together, they are both on the same LAN. . . .

Anthony Pell
Mar 11, 2004

How Integrated Security Gateways Bolster Enterprise Network Defense

To help enterprises that are battling network threats on multiple fronts (worms to spam to application vulnerabilities) several hardware vendors are now offering ISGs that combine an arsenal of security capabilities -- such as intrusion detection and prevention, virus scanning, spam blocking and Web content filtering -- in a single box. Many integrated products also incorporate a firewall and VPN support. . . .

Anthony Pell
Mar 10, 2004

Counterattacking Worm Waves to Enhance Email Security Measures

While hackers bicker back and forth, all users want is an end to the torrent of worms that's clobbered the Internet this week. While it's not difficult to stymie one worm, it's a different story when that one becomes a legion, a tsunami that just keeps coming, said security analysts Thursday as they offered up advice on how to handle waves like this week's. Unfortunately, said Ken Dunham, the director of malicious code research at iDefense, "there's no single magic bullet and no comprehensive patch against all of these new worms." . . .

Anthony Pell
Mar 08, 2004

Bagle Worm Overview: Evading Gateway Endpoints Using Zip Encryption

It is important to stress that the problem with infected password protected zip files is only manifest with gateway scanners. On client computers with up-to-date AV protection, the worm is detected once the user provides the password and decompresses/decrypts the zip file. This fact provides a graphic example why it is important to implement defense in-depth on all layers of your IT infrastructure. . . .

Anthony Pell
Mar 04, 2004

Capturing TCP Data Through a Linux Kernel Module Implementation Guide

The network protocol stack, which forms the carrier and pipeline of data from one host to another is designed in such a way that we can interact with different layers at desired level. This article is a small attempt to describe the movement of data through these stacked layers and at the end we will try to implement a linux kernel module which helps us to capture the data flowing out to TCP layer and display it. . . .

Anthony Pell
Mar 03, 2004

Community Poll

More Polls