Server Security - Page 11 - Results from #200

Discover Server Security News

Stack Smashing Protection for Debian

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Here's an older article on programming security, but still very useful. Is this something you ever considered to be a concern for your systems in the past? Since we last covered the use of Stack Smashing Protection (SSP) the default compiler for Debian Sid has been upgraded to include it, with no need for custom patching. Read on for a brief demonstration of how it can be used to prevent attacks.

LinuxSecurity.com Team
Mar 01, 2010

Chuck Norris is not a Linux virus

Get a grip people. A recent story about the so-called Chuck Norris botnet implies that it breaks Linux's security. Wrong. Windows malware, whether it comes in the form of a Trojan, virus, or worm, works by exploiting security holes in either the operating system itself or an application like Adobe Reader or Internet Explorer.

LinuxSecurity.com Team
Feb 24, 2010

NetBSD 5.0.2 released

The NetBSD development team have announced the release of the second "critical/security" update of the 5.0 release branch, NetBSD 5.0.2. The latest maintenance release includes a number of important security and stability fixes for the BSD based operating system.

LinuxSecurity.com Team
Feb 16, 2010

Tech Insight: Securing The Virtualized Server Environment

Server virtualization is becoming all the rage in many data centers as enterprises seek greater efficiency and cost savings by consolidating their hardware. Unfortunately, some of these enterprises have overlooked the security implications of virtualizing their environments -- but hackers and security researchers haven't.

LinuxSecurity.com Team
Feb 15, 2010

Install software updates and security patches without rebooting

There's a real irony to my article this week. Just as I began to write, I got an e-mail from one of my hosted service providers. To paraphrase the message, it says: "Dear Customer, we will be performing maintenance on your application server for a few hours this weekend. We plan to install critical software updates and security patches. During this window you may experience brief interruptions in service. Sorry for the inconvenience."

LinuxSecurity.com Team
Feb 12, 2010

When is a 0day not a 0day? Fake OpenSSh exploit, again

When is a 0day in OpenSSH not a 0day? When it's local exploit code. Not the kind that exploits a vulnerability in the system you are logged into, to escalate privilege for example. The kind that takes advantage of potential vulnerabilities in the gray matter between your ears to make a mess of your local system. A reader wrote in to advise us of a potential 0day in the current version of OpenSSH 5.3/5.3p1 released Oct 1, 2009.

LinuxSecurity.com Team
Feb 08, 2010

Squid update fixes DoS vulnerability

Specially crafted DNS packets can compromise the popular Squid web proxy/cache in such a way that it briefly fails to respond. The problem is caused by insufficiently checked DNS responses which Squid initially places in a queue. By sending packets that only contain a header, a queue overflow can be triggered which can apparently be exploited for Denial-of-Service (DoS) attacks.

LinuxSecurity.com Team
Feb 02, 2010

Mitigate the Security Risks of PHP System Command Execution

As the Web continues its march towards becoming the de facto interface for the world's software applications, developers must find effective ways to not only communicate with server processes such as MySQL, but also other operating system tools such as a shell or Ruby script. In this tutorial, I'll show you how to securely execute a variety of system-based commands via a PHP script, demonstrating how to build web applications that can tightly integrate with both the operating system and third-party software.

LinuxSecurity.com Team
Jan 29, 2010

Set up rsyslog to store syslog messages in MySQL

The de facto system logger on Linux systems is sysklogd, which provides the syslog and klog services that allow system events and application events to be logged and written to standard log files such as /var/log/messages.

LinuxSecurity.com Team
Jan 28, 2010

Security update for BIND name server

The Internet Systems Consortium (ISC), the company behind the open source DNS BIND, software, has released security updates to resolve a DNSSEC-related vulnerability that could lead to Denial-of-Service (DoS) attacks. According to the relevant advisory, the server's domain validation code contains a flaw that can cause an NXDomain to be regarded as validated although it isn't. With the usual protective measures (random transaction IDs and random source ports) in place, however, the cache is not said to be open to manipulation. However, the prevention of DoS attacks is apparently, compromised. No further details were given by ISC.

LinuxSecurity.com Team
Jan 22, 2010

How to steal a virtual machine and its data in 3 easy steps

Remember the email server or payroll system that you virtualized? Someone with administrator access to your virtual environment could easily swipe it and all the data without anybody knowing. Stealing a physical server out of a data center is very difficult and is sure to be noticed, stealing a virtual machine (VM), however, can be done from anywhere on your network, and someone could easily walk out with it on a flash drive in their pocket.

LinuxSecurity.com Team
Jan 11, 2010

Security fixes for Sendmail - Update

Version 8.14.4 of Sendmail, the open source mail transfer agent (MTA), includes fixes for several security vulnerabilities including some integer overflows, memory leaks and for the SSL NUL character problem disclosed in mid 2009. The release also corrects a resolution error where an apparently valid host name lookup contained a NULL pointer; this problem caused crashes on some Linux versions of the software. The update also includes a number of corrections for several non-security issues.

LinuxSecurity.com Team
Jan 06, 2010

Google Chrome OS May Be Security Hotspot in 2010

Google's Chrome OS will be "poked" by hackers in 2010, in large part because it will be the "new kid on the block," a security researcher predicted Wednesday. Google's (GOOG) Chrome OS will be "poked" by hackers in 2010, in large part because it will be the "new kid on the block," a security researcher predicted today.

LinuxSecurity.com Team
Jan 04, 2010

PHP 5.2.12 closes security holes

The PHP developers have released version 5.2.12 of their popular programming language, fixing over 60 bugs mainly to increase stability, but also closing some security holes. While PHP 5.3 has been available since mid 2009, backwards compatibility issues with various popular PHP applications have prevented many users from upgrading. Since, as a result, the 5.2 branch is still used on numerous systems, the developers continue to update this branch.

LinuxSecurity.com Team
Dec 18, 2009

Prevent web application hacking with Packt's New ModSecurity Book

Packt is pleased to announce ModSecurity 2.5, a new book that system administrators can use to secure their system by knowing exactly how a hacker would break into it. Written by Magnus Mischel, this book covers in depth details about Mod Security rule language elements such as variables, actions, and request phases.

LinuxSecurity.com Team
Dec 14, 2009

Linux kernel vulnerabilities closed

Several Linux distributors are releasing updated kernel packages to close security holes in the kernel. For instance, very large packets can reportedly be used to remotely provoke a flaw in the TCP/IPv4 stack's ip_defrag() (net/ipv4/ip_fragment.c) function. This can potentially cause null-pointer dereferencing and crash a system.

LinuxSecurity.com Team
Dec 10, 2009

Hypervisor Security Concerns

The basic idea/thesis of this article (and the previous, unfinished draft) is this: hypervisors are getting more and more common, and are growing in deployment in everything from datacenter systems to embedded consumer electronics. But, as their deployment increases, more and more security concerns come into play, including a variety of attack methods and the dire consequences of a compromised hypervisor.

LinuxSecurity.com Team
Dec 03, 2009

Free database firewall protects PostgreSQL and MySQL

Version 1.2 of GreenSQL is now able to protect PostgreSQL as well as MySQL. GreenSQL is designed to protect databases against SQL injection attacks and other unauthorised changes, in a similar fashion to a firewall protecting a network against TCP/IP outside attacks. The new version also provides a graphical user interface for monitoring the database firewall.

LinuxSecurity.com Team
Dec 03, 2009

Root exploit for FreeBSD

An exploit for FreeBSD is in circulation that allows users with restricted access to escalate their privileges to root level. The problem is caused by a flaw in the run-time link editor (rtld) which, in certain circumstances, accepts specially crafted environment variables. According to Kingcope, the developer of the exploit, the flaw is "incredibly easy" to exploit by, for example, setting a path to a specially crafted library for the LD_PRELOAD environment variable and then starting an SUID program like Ping.

LinuxSecurity.com Team
Dec 01, 2009

Total security in a PostgreSQL database

Database security is the single biggest concern with today's Web-based applications. Without control, you risk exposing sensitive information about your company or, worse yet, your valuable customers. In this article, learn about security measures you can take to protect your PostgreSQL database.

LinuxSecurity.com Team
Nov 30, 2009

Server Security - Page 11

Magnet Goblin Hackers Exploit One-Day Flaws to Deploy Custom Linux Malware

New Bifrost Malware Evades Detection, Threatens Linux Server Security

Cryptocurrency Mining Migo Malware Attacks Linux Redis Servers