Server Security - Page 10 - Results from #180

Discover Server Security News

Linux Machines Surprisingly Linked to Spam

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

I don't think this finding is unexpected at all. After all, Linux certainly operates better on the network, and sending spam email is no different than sending other types of email, or operating a web server. Whichever operation you're performing, choosing the best implementation for the job is a wise decision. Although Linux holds only a small market share, Linux computers appear to send a disproportionate amount of spam compared to other operating systems, according to new research from Symantec's MessageLabs messaging security division.

LinuxSecurity.com Team
Apr 27, 2010

Typo3 allows remote command execution via PHP

The developers of the Typo3 CMS framework have raised the alarm in an email to This email address is being protected from spambots. You need JavaScript enabled to view it., and security firm Secunia rates the problem "highly critical". In versions 4.3.0, 4.3.1 and 4.3.2 of Typo3 (as well as previous versions of the 4.4 development branch), attackers can inject PHP code from an external server and execute it within the Typo3 context. Advisory SA-2010-008 contains details about how to fix the problem. Upgrading to version 4.3.3 is one way of improving the situation. The vulnerability is also impossible to exploit if at least one of three PHP switches is set to "off": register_globals allow_url_include allow_url_fopen The chances are that one of them is already switched off by default, and switching off all three is a good idea. However, this may cause compatibility problems and, as a web hosting customer, you may also only have very limited access to your PHP settings.

LinuxSecurity.com Team
Apr 12, 2010

Cross-site scripting using meta information

According to security expert Tyler Reguly of nCircle, data fields for storing meta-information offer plenty of latitude for future cross-site scripting (XSS) attacks. JavaScript embedded in Whois and DNS records and in SSL certificates, for instance, can, under certain circumstances, be executed in a browser.

LinuxSecurity.com Team
Apr 08, 2010

Chrooting Apache2 With mod_chroot On Fedora 12

This guide explains how to set up mod_chroot with Apache2 on a Fedora 12 system. With mod_chroot, you can run Apache2 in a secure chroot environment and make your server less vulnerable to break-in attempts that try to exploit vulnerabilities in Apache2 or your installed web applications.

LinuxSecurity.com Team
Apr 07, 2010

Google researchers out kernel bugs in Windows, Linux and VMware

Two security researchers at search engine giant Google have discovered 20 kernel bugs, about half remaining unpatched, affecting Windows, Linux and the popular VMware virtualization software over the last several years. Google engineers, Julien Tinnes and Tavis Ormandy said kernel security must improve. They shared their kernel security research recently at the CanSecWest Applied Security Conference. They say they hope their data motivates operating system developers to reduce the kernel attack surface.

LinuxSecurity.com Team
Mar 31, 2010

75 Ways to Secure Your Linux/Mac/Windows Systems With Open Source

According to the FBI, cybercrime complaints rose 20 percent in 2009, and victims lost $559 million, more than double the year before. With online crime on the rise, it's more important than ever to protect your systems. But you don't have to pay a lot of money for security. The open source community continues to produce (and maintain) excellent tools that fulfill a wide variety of security needs.

LinuxSecurity.com Team
Mar 31, 2010

How to detect and remove rootkits

There's now a threat to online life that's so potentially potent it requires a new form of defence. Rootkits hide inside the operating system, actively defending themselves and hiding their presence. To arm your system against rootkits, you first need to understand them. So, where have they come from, how have they evolved and how, crucially, can they be stopped?

LinuxSecurity.com Team
Mar 24, 2010

Replace a failed drive in Linux RAID

A few weeks ago I had the distinct displeasure of waking up to a series of emails indicating that a series of RAID arrays on a remote system had degraded. The remote system was still running, but one of the hard drives was pretty much dead.

LinuxSecurity.com Team
Mar 23, 2010

Google Releases Free Web Security Scanner

The open-source skipfish software can be used as preparation for a professional Web application security evaluation. Google on Friday released an automated Web security scanning program called skipfish to help reduce online security vulnerabilities. Though skipfish performs the same functions as other open-source scanning tools like Nikto and Nessus, Google engineer Michal Zalewski argues that skipfish has a several advantages.

LinuxSecurity.com Team
Mar 22, 2010

Kernel vulnerabilities discovered in Ubuntu

I just know other outlets will eventually pick up on this and add nonsense and subtract the facts at their own leisure, so I thought it worthwhile to get in early. A kernel vulnerabilities have been uncovered across a range of Ubuntu releases, covering 6.06 LTS to 9.10, also including Kubuntu, Edubuntu, and Xubuntu distros.

LinuxSecurity.com Team
Mar 19, 2010

Security updates for Drupal modules

The Drupal team has just released a whole heap of security advisories. Drupal's Email Input Filter, Keys and Tag Order modules all contain security vulnerabilities. Updated versions, in which the problems are fixed, are now available. Only Email Input Filter and Tag Order for Drupal 5 and 6 and Keys for Drupal 6 are affected.

LinuxSecurity.com Team
Mar 19, 2010

Understanding Samba security modes

If you have read any of the Samba content here on Ghacks you probably will have noticed that within the smb.conf configuration file a line that begins with security =. This is a very important part of Samba setup and generally the section that gives users the most problems. Although the security mode would seem fairly straight-forward, it is certainly worth explaining.

LinuxSecurity.com Team
Mar 18, 2010

Security vulnerability in SpamAssassin filter module

The SpamAssassin Milter plug-in which plugs in to Milter and calls SpamAssassin, contains a security vulnerability which can be exploited by attackers using a crafted email to inject and execute code on a mail server. The SpamAssassin Milter plug-in is frequently used to run SpamAssassin on Postfix servers.

LinuxSecurity.com Team
Mar 18, 2010

An Introduction to Virtualization Security

Virtualization platforms are software. All software has flaws. Therefore, virtualization platforms have flaws. Simple logic,right? The major virtualization platform vendors, VMware, Xen (now Citrix), and Microsoft, have all had several vulnerabilities over the last few years. However, the major components of a virtualization infrastructure and the IT strategy related to deployment and maintenance of virtualization technologies can be planned and secured fairly well. The following sections will explore the major areas of concern for security professionals.

LinuxSecurity.com Team
Mar 16, 2010

How To Harden PHP5 With Suhosin On CentOS 5.4

This tutorial shows how to harden PHP5 with Suhosin on a CentOS 5.4 server. From the Suhosin project page: "Suhosin is an advanced protection system for PHP installations that was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core. Suhosin comes in two independent parts, that can be used separately or in combination.

LinuxSecurity.com Team
Mar 15, 2010

Apache bug prompts update advice

IT security company Sense of Security has discovered a serious bug in Apache's HTTP web server, which could allow a remote attacker to gain complete control of a database. Discovered by the company's security consultant Brett Gervasoni, the vulnerability exists in Apache's core "mod_isapi" module. By exploiting the module, an attacker could remotely gain system privileges that would compromise data security.

LinuxSecurity.com Team
Mar 12, 2010

Virtualization Security Is Taking Longer Than Expected

A few years ago I wrote a paper for SANS titled

LinuxSecurity.com Team
Mar 12, 2010

Multiple Apache Web Server Flaws Patched

The Apache HTTP Web Server is the most widely deployed Web server on the Internet today, which means that vulnerabilities in the open source server can have a devastating impact. That also makes security updates like the new 2.2.15 release critical, since it addresses several security vulnerabilities in Apache's flagship HTTP Web server.

LinuxSecurity.com Team
Mar 09, 2010

F5, Infoblox team on DNS security

F5 Networks and Infoblox announced on Monday what they claim is the first integrated solution that combines DNS Security Extensions key management and signing capabilities with global server load balancing to boost performance.

LinuxSecurity.com Team
Mar 02, 2010

Five Tools for Measuring and Improving Linux System Performance

Out of the box, Linux runs just fine for many uses. But if you find yourself needing to ferret out performance problems or tune the kernel for better performance, Linux has more than enough tools to measure and tweak system performance. In this guide, we'll take a look at five of the best utilities to measure system performance and tweak the Linux kernel.

LinuxSecurity.com Team
Mar 02, 2010

Server Security - Page 10

Magnet Goblin Hackers Exploit One-Day Flaws to Deploy Custom Linux Malware

New Bifrost Malware Evades Detection, Threatens Linux Server Security

Cryptocurrency Mining Migo Malware Attacks Linux Redis Servers