Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Server Security - Page 20

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it c...

Linux runs the internet. More than 96% of the world’s t...

Linux security has traditionally depended on logs, metr...

Discover Server Security News

LS Hmepg 337x500 34 Esm H267

Protecting Against Man-In-The-Middle Attacks in SSL VPNs

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Your Secure Sockets Layer (SSL) VPN still may not be as secure as you think, especially if your users don't always access the network via corporate-issue laptops. Once they jump on an outside machine to Web browse or check their email, SSL VPN users can leave behind sensitive data or be vulnerable to man-in-the-middle attacks and keystroke loggers, experts say. An infected kiosk can infect your network, too. So even though they may be more convenient than their IPSec counterparts (SSL can be used by browsers anywhere without client software) these VPNs can also backfire if you're not careful in how you deploy them.

LS Hmepg 337x500 34 Esm H267

Securing CentOS With Bastille And Psad For Enhanced Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This article shows how to secure a CentOS server using psad, Bastille, and some other tweaks. psad is a tool that helps detect port scans and other suspicious traffic, and the Bastille hardening program locks down an operating system, proactively configuring the system for increased security and decreasing its susceptibility to compromise.

LS Hmepg 337x500 34 Esm H267

Integrating Linux Authentication With Windows Active Directory

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

One of the main problems with UNIX/Windows environments is the lack of integration between the two platforms. Userids have to be created separately on each environment, passwords changed separately, etc. This doubles administrative work. This paper will explore using one of several different ways that you can active directory integrate your LINUX boxes to your windows AD forest. This document will give you integration between your linux boxes and your Windows AD forest. Additionally, it will allow you to control who can login to the LINUX boxes by group memberships within Active Directory. It will give you full

LS Hmepg 337x500 34 Esm H267

Secure Your Apache Configuration On Ubuntu 6.0.6 With Nikto Scan

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

By now you've got the perfect setup for your new Ubuntu 6.0.6 (Dapper Drake) box. You may have even followed the excellent Intrusion Detection and Prevention with BASE and Snort tutorial. And as an added precaution you installed DenyHosts to prevent hack attempts via ssh. But now that you've got your new LAMP server on the internet, how can you tell that your new web server is secure? You test it, of course!

LS Hmepg 337x500 34 Esm H267

Security Teams Urged to Adapt as Attack Methods Outpace Forensics

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Attackers are using increasingly sophisticated methods to stay ahead of security incident response teams, says Kevin Mandia, security consultancy. In the never-ending cat-and-mouse game between hackers and those charged with stopping them, it's pretty clear who's winning--and it's not the cat. Speaking at the Black Hat conference in Las Vegas last week, Kevin Mandia, president of Mandiant, an Alexandria, Va.-based security consultancy, said attackers are using increasingly sophisticated methods to evade detection and make life difficult for security incident response teams.

LS Hmepg 337x500 34 Esm H267

Securing Backup Data: Four Key Considerations for Chain of Custody

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

As recent lapses have shown, sending critical backup data to a storage facility isn't as simple as placing a package on a truck. Here are four points to consider when you're securing the chain of custody for your backup data. When Bank of America disclosed in February that its courier service had lost backup tapes containing data on about 1.2 million federal employees

LS Hmepg 337x500 34 Esm H267

Web Application Security Insights From LinuxWorld Conference Experts

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This is the first in a series of newsletters, where we talk with Linux experts who will be speaking at the LinuxWorld Conference and Expo, which runs Aug. 14-17 at the Moscone Convention Center in San Francisco. PHP, PERL and other languages are useful and easy to learn tools that can be used to build some pretty functional Web-based applications. They can also be the bane of a system administrator's existence, especially when slapped together and used to publish Web apps accessible to the outside world.

LS Hmepg 337x500 34 Esm H267

Protect Sensitive Data In MySQL: 6 Essential Security Steps

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

If you're using MySQL, there are some easy things you can do to secure your systems and significantly reduce the risk of unauthorised access to your sensitive data. The most valuable asset for technology-based organisations is usually the customer or product information in their databases. And so, a critical part of database administration in such organisations consists of securing these databases against outside attack and hardware/software failures. In most cases, hardware and software failures are handled through a data backup regimen. Most databases come with built-in tools to automate the entire process, making this aspect of the job relatively painless and error-free. What's not so simple, however, is the second half of the puzzle: making sure that outside hackers can't get into the system and either steal or damage the information contained therein. And unfortunately, there usually isn't an automated way to solve this problem; rather, it requires you, the administrator, to manually put in place roadblocks and obstacles to trip up would-be hackers and to ensure that your company's data stays secure.

LS Hmepg 337x500 34 Esm H267

Examining the Risks and Challenges of Web 2.0 Feed Injection Techniques

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

One new feature of "Web 2.0", the movement to build a more responsive Web, is the utilization of XML content feeds which use the RSS and Atom standards. These feeds allow both users and Web sites to obtain content headlines and body text without needing to visit the site in question, basically providing users with a summary of that sites content. Unfortunately, many of the applications that receive this data do not consider the security implications of using content from third parties and unknowingly make themselves and their attached systems susceptible to various forms of attack.

LS Hmepg 337x500 34 Esm H267

Effective Auditing and Recovery Techniques for Linux Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Two critical security considerations that are closely related to one another are ignored all too often: integrity auditing and recovery. This document is an overview of good security integrity auditing and recovery practices using a Linux operating system. Too often, a system administrator will get all the basic security measures in place, set up a well-secured system, and figure his job is done unless something goes horribly and obviously wrong. It is important, though, to regularly check the systems in your area of responsibility to make sure they haven't been compromised, and to know what to do if they have. Two critical security considerations that are closely related to one another are ignored: integrity auditing and recovery. This download gives you an overview of good security integrity auditing and recovery practices using a Linux operating system.

LS Hmepg 337x500 34 Esm H267

Web 2.0 Security Risks: Innovation Over Protection and User Safety

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Web 2.0 is causing a splash as it stretches the boundaries of what Web sites can do. But in the rush to add features, security has become an afterthought, experts say. The buzz around the new technology echoes the '90s Internet boom--complete with pricey conferences, plenty of start-ups, and innovative companies like MySpace.com and Writely being snapped up for big bucks. And the sense of deja vu goes even further for some experts. Just as in the early days of desktop software, they say, the development momentum is all about features--and protections are being neglected.

LS Hmepg 337x500 34 Esm H267

Security Challenges for Removable Storage and Backup Systems

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Storage formats such as tape have enjoyed year upon year of being in pole position as the format of choice for secondary backup, though in recent years hard disk technologies have caught up with the aging medium. One fundamental challenge for hard disk technology is to prove its ability to provide cost effective off-site security, something of a hardship for a fixed disk technology. Unlike tape, disk technologies are traditionally not as removable and have to be handled carefully due to the drive mechanics being transported with the media. Off-site security, therefore can be a difficult, cumbersome job.

LS Hmepg 337x500 34 Esm H267

Exploring Differences in Linux Patching for Various Distros

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

With all the different distributions of Linux available -- many for free -- what distinguishes one over another? Most have the same set of standard bells and whistles. A few have support options that might be appealing for enterprise-level deployments. Nevertheless, underneath the surface, they all share pretty much the same code base. After all, that's what makes Linux so intriguing: busy open source developers all over the planet are always adding features or fixing bugs, and anybody can take advantage of their work.

LS Hmepg 337x500 34 Esm H267

Data Protection Through Efficient Backup and Recovery Strategies

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Backup and recovery operations are the focus of business continuity and data protection plans and often the main source of anxiety for IT departments. Few businesses are fully satisfied with their backup and recovery solutions. Not only must data be protected from complete site failures, such as those resulting from natural disasters, data must also be protected from corruption or data loss, such as that resulting from a computer virus or human error.

Your message here