Server Security - Page 6

The Importance of Securing a Linux Web Server

With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise.

• LinuxSecurity.com Team
• Jan 15, 2013

Apple Taps Noted Hacker for Security Team

Apple has tapped a a noted hacker for its security team. Wired reported that the company has hired Kristin Paget, who was part of a small team of hackers who helped lock down Windows Vista for Microsoft before that OS shipped.

• LinuxSecurity.com Team
• Dec 07, 2012

Linux Webserver Rootkit Attacks Internet Users

Rootkit.Linux.Snakso.a is designed to infect the Linux kernel version 2.6.32-5-amd64 and adds an iframe to all served web pages by the infected Linux server via the nginx proxy.

• LinuxSecurity.com Team
• Dec 03, 2012

Researchers Raving Over Remarkable Rootkit

One of the more advanced rootkits to have hit town in recent memory has got security researchers across the globe in a tizz, even though it hasn

• LinuxSecurity.com Team
• Nov 20, 2012

HTTPS Everywhere 3.0 supports more sites

The Electronic Frontier Foundation (EFF) has released a new version of its HTTPS Everywhere browser extension for Firefox that now supports encryption on even more web sites. The US digital rights advocacy organisation says that version 3.0 of its Firefox add-on, which automatically redirects users to more secure HTTPS connections when accessing certain web pages, now supports an additional 1,500 sites, more than twice as many as previous stable releases.

• LinuxSecurity.com Team
• Oct 09, 2012

NSA: Building a More Secure Android

It's no secret that Google's Android mobile operating system has had its share of security flaws. But what is less well-known is that the U.S. government's National Security Agency (NSA) is among the teams working to improve Android security.

• LinuxSecurity.com Team
• Aug 30, 2012

Create A Mac Zombie Army, Cheap: Hacker Emptor

Going once, going twice: The new NetWeird toolkit can be used to infect Apple OS X systems, converting Macs into zombies ready to do your botnet bidding, with prices starting at just $60.

• LinuxSecurity.com Team
• Aug 24, 2012

The Hack That Kept Me Awake at Night

If I've seemed a little bleary-eyed and inattentive this week you can blame Jim Fallows. Late on Tuesday night I read his post about gmail, which linked to Mat Honan's piece for Wired about the destruction of his (Honan's) digital life. I was then up most of the night implementing Jim's advice about improving my computer security. This is by no means the first warning Jim has issued.

• LinuxSecurity.com Team
• Aug 13, 2012

Fear not, Linux admins: There are TOOLS to help you

Most Linux distributions have a significant focus on security. This does not mean they are necessarily ready for production out of the box. Tools like SELinux, excellent firewall options, and robust access controls can make Linux exceptionally secure.

• LinuxSecurity.com Team
• Jul 23, 2012

Tech Journal: How to Keep Your Accounts Secure

They say the cloud is the future of computing. All your data and software programs, now known as web apps, will reside in the cloud and the computer itself will act as a

• LinuxSecurity.com Team
• Jun 14, 2012

Experts dispute sandboxing would have stopped Flame

Bigger lesson learned from Flame: Multiple layers of security needed, so when one technology fails, a second or third may succeed

• LinuxSecurity.com Team
• Jun 11, 2012

Linux UEFI compromise reasonable, still sucks

Life is full of trade-offs, and many times they are not palatable for every side. Such was the trade-off proposed by Fedora developers this week to solve the upcoming obstacle of UEFI secure booting on Windows 8-certified machines.

• LinuxSecurity.com Team
• Jun 08, 2012

The story of BSD and open-source Linux

On March 9, 1977, Bill Joy compiled the first version of Berkeley Systems Distribution Unix, known as 1BSD. This version was just an add-on to an existing Unix, however. Two years later, he released 2BSD, which added two new programs from his repertoire: vi and the C Shell.

• LinuxSecurity.com Team
• Apr 19, 2012

Why switching OS platforms is not a security fix

The Mac platform now finds itself in the crosshairs of malware developers along with Windows, but that isn't a reason to switch to Linux.

• LinuxSecurity.com Team
• Apr 17, 2012

Simple Security Tricks To Harden A New Linux Web Server

There are a few things you need to always remember when setting up a new Linux server. By default the root login is enabled for most systems. The best practice is to disable root login. Also, if you are transferring files via FTP, the best way to do this securely is via SFTP (not FTP).

• LinuxSecurity.com Team
• Apr 16, 2012

Mac Security: A Myth?

Apple is taking steps to address the Java vulnerabilities behind the Flashback Trojan outbreak. But Java isn't the only attack vector for OS X -- and Apple users can no longer cling to the belief that Macs are virtually immune to malware.

• LinuxSecurity.com Team
• Apr 16, 2012

Why Not Use Port Knocking?

The robots currently at work knocking around for your guessable password could easily be repurposed to guess your Unicode password currently known as your port knocking sequence, and quite likely have been already. Plus, we already have authpf(8) for network-level restrictions on access.

• LinuxSecurity.com Team
• Apr 13, 2012

Why Linux Needs Malware Protection

• LinuxSecurity.com Team
• Mar 28, 2012

DNSSEC Error Caused NASA Website To Be Blocked

The hazards of early DNSSEC adoption: A misconfiguration in NASA

• LinuxSecurity.com Team
• Jan 26, 2012

The myth of 'bulletproof' Linux

Security consultant: Users who don't run antivirus software on Linux

• LinuxSecurity.com Team
• Jan 17, 2012