Server Security - Page 23 - Results from #440

Discover Server Security News

macOS User Privileges: Sudo Versus Root Access Risks Explained

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

What are you really gaining by using sudo in the default Mac OS X configuration? First, you gain some comfort that nobody can login as root, either locally or remotely via SSH or FTP and tamper with your machine. Second, you get a log entry in /var/log/system.log every time sudo is used showing you who used it and what command was executed. These appear good enough reasons to endure the slight inconvenience of using sudo. However, the way sudo is configured out of the box, you only need to enter your own password for authentication. This means that if someone guesses your password or steals it (and has access to it locally or via SSH), they can take over your box just as if you had root enabled.

LinuxSecurity.com Team
Mar 22, 2006

Exploring Effective Application Testing Tools And Techniques

Web application security is interesting to test, in particular because, unlike most network and operating system testing, most web applications are custom-built. Even when they’re not custom-built, there’s enough diversity out there that simply looking for known problems isn’t good enough. You need to review the application itself.

LinuxSecurity.com Team
Mar 09, 2006

LAMP Stack Security Analysis Reveals Low Bug Density Findings

The most popular open-source software is also the most free of bugs, according to the first results of a U.S. government-sponsored effort to help make such software as secure as possible. The so-called LAMP stack of open-source software has a lower bug density--the number of bugs per thousand lines of code--than a baseline of 32 open-source projects analyzed, Coverity, a maker of code analysis tools, announced Monday.

LinuxSecurity.com Team
Mar 08, 2006

New Hampshire Server Malware Incident: Credit Card Theft Threat

What do people who renew their driver's licenses, buy hard liquor or donate to a home for elderly and disabled veterans have in common? In New Hampshire, people who did any of those things within the past six months may have had their credit card numbers stolen because of computer security issues (see N.H. state server eyed in possible credit card data breach ).

LinuxSecurity.com Team
Mar 01, 2006

Oracle E-Business Suite 11i Update Critical Security Fix Advisory

Oracle has issued an upgrade to its E-Business Suite 11i diagnostics module containing a number of the security fixes, according to applications security firm Integrigy. In releasing the upgrade, Oracle made an usual move by alerting its users about the security patches, according to Integrigy's advisory. Historically, the software maker has released product upgrades but not disclosed whether they included security fixes, Integrigy noted.

LinuxSecurity.com Team
Mar 01, 2006

.htaccess Tweaking Guide for Server Performance and Speed Optimization

In this tutorial we are going to improve our website by tweaking out the .htaccess file. Why I wrote this article? Because on the net I have found many articles about this little beast, but every one of them dealt with a specific issue and not look at the overall usage of these files, or they are just too big when you need to do a thing in little time. So I’m trying to collect all the useful bits of data in a monolithic but slim tutorial, which will be updated as I collect more information. But first, let’s see what .htaccess file is.

LinuxSecurity.com Team
Feb 28, 2006

Oracle Acquires SleepyCat: Security Risks In Embedded Databases Examined

With Oracle Corp.’s purchase last week of open-source embedded software maker SleepyCat Software Inc., at least one security analyst believes that Oracle -- which has come under fire for security vulnerabilities in its core database -- could be adding more potential problems. SleepyCat’s BerkeleyDB database has been deployed more than 200 million times, according to London-based research firm Ovum Ltd. Those deployments range from network routers and cell phones to business applications and popular Web sites.

LinuxSecurity.com Team
Feb 22, 2006

Best Practices For Detecting Rootkits And Cyber Threat Awareness

Rootkits are dangerous-perhaps the most dangerous piece of software in an attacker's arsenal. But competent policies and a sound architecture offer more protection than you might think.

LinuxSecurity.com Team
Feb 21, 2006

Mare-D Worm Exploits Vulnerabilities in PHP XML-RPC and Mambo Platforms

Internet ne'er do wells have created a Linux worm which uses a recently discovered vulnerability in XML-RPC for PHP, a popular open source component used in many applications, to attack vulnerable systems. The Mare-D worm also tries to take advantage of a security flaw in Mambo to spread. If successful, the worm installs an IRC-controlled backdoor on compromised systems.

LinuxSecurity.com Team
Feb 21, 2006

DenyHosts: Protect SSH Access From Repeated Attacks and Intrusions

DenyHosts is a tool that observes login attempts to SSH, and if it finds failed login attempts again and again from the same IP address, DenyHosts blocks further login attempts from that IP address by putting it into /etc/hosts.deny. DenyHosts can be run by cron or as a daemon.

LinuxSecurity.com Team
Feb 20, 2006

Exploring Trusted Computing Standard: Strengthening Storage Security

Trusted Computing chips are already built into most new business PCs. At this week’s RSA Security show, the Trusted Computing Group unveiled a draft specification that will add a simplified version of the chip to storage devices, too. Intended mainly for hard disks and USB flash drives, it can be used for both and portable and networked storage. Seagate Technology last year launched a laptop drive that automatically encrypted all data at wire speed. At the show, the company announced that this was based on the draft specification, which allows encryption keys to be transferred between drives and the Trusted Platform Module (TPM) chips in PCs.

LinuxSecurity.com Team
Feb 17, 2006

Secure Science Advisory: Pharming Attack Exploiting SSL Vulnerability

Secure Science Corporation released an advisory regarding the fact that the latest Pharming techniques utilized within malware has broken SSL. Chapter 5 of Phishing Exposed, a book by Lance James, who happens to work for Secure Science, demonstrated this technique in his book as an upcoming threat that phishers will take advantage of. The report on how this SSL Pharming attack occurs can be found on the advisories page at Secure Science.

LinuxSecurity.com Team
Feb 15, 2006

Understanding Domain Hijacking and Its Impact on Organizations

Malicious hackers who are able to hijack an organization's Web domain may be able to steal traffic from the legitimate Web site long after the domain has been restored to its owner, according to a recent report.Design flaws in the way Web browsers and proxy servers store data about Web sites allow malicious hackers to continue directing Web surfers to malicious Web pages for days or even months after the initial domain hijacking.

LinuxSecurity.com Team
Feb 09, 2006

Bank of America And Time Warner: Security Breaches Of Backup Tapes

When Bank of America disclosed in February that its courier service had lost backup tapes containing data on about 1.2 million federal employees—including names and Social Security numbers—consumers, senators and even some industry peers asked how there could have been such a lapse in security. No escort for the air transport? No encryption of the tapes?

LinuxSecurity.com Team
Feb 07, 2006

Achieving SOX Compliance on UNIX/Linux Systems Through IAM Solutions

his document addresses how an organization can use identity and access management solutions (IAM) such as Symark's PowerBroker and PowerPassword-UME for UNIX and Linux operating systems to meet Sarbanes-Oxley (SOX) requirements for effectiveness of internal controls for financial reporting requirements. Symark PowerBroker and PowerPassword-UME safely delegate administrative privileges (including root) and provide secure logins and strong password and user management policies, keystroke logging and indelible audit trails. This document demonstrates how Symark PowerPassword-UME and PowerBroker work in tandem to protect the integrity of data across heterogeneous UNIX/Linux systems to help bring your IT systems into compliance especially with the SOX section 404 requirements for internal IT controls.

LinuxSecurity.com Team
Feb 03, 2006

Comprehensive Overview of Antivirus Strategies for Business Applications

Enterprise software vendors beware. If you have included rootkit-like technology in your products, now is the time to step forward, publicly own up to it, and get rid of it right away. Otherwise some enterprising hacker is going to do it for you.

LinuxSecurity.com Team
Feb 02, 2006

Examining Trusted Computing's Role in Software Market Monopoly Effects

Technologies touted as providing a more secure computing experience are actually more likely to reinforce monopolies and lock customers in, security and free software experts have warned.The "Trusted Computing" technologies promoted by major IT companies such as Microsoft and IBM could have negative consequences for customers and rival software makers, according to security experts.

LinuxSecurity.com Team
Feb 01, 2006

Debian: SSH Password Attack Analysis and Response Recommendations

This document describes the compromise of a Debian Linux server on an internal network. We look at how the incident first came to light, the response procedures and an analysis of the actions of the attacker. This leads us to some recommendations on how to secure systems against this kind of exploitation in future. None of this is particularly new or surprising, but hopefully will serve as a welcome reminder, or as useful material when trying to justify particular security policies.

LinuxSecurity.com Team
Jan 31, 2006

Oracle Database Vulnerability: Critical Flaw In Web Server Software

A security researcher released details of a critical flaw in Oracle's application and Web software on Wednesday, criticising the company for not cooperating with the security community and taking too long to fix software issues that threaten its customers. The flaw occurs in the way that a module in Oracle's Apache Web server distribution handles input and could give external attackers the ability to take control of a backend Oracle database through the Web server, said David Litchfield, principal researcher of database security firm Next-Generation Security Software, during a presentation at the Black Hat Federal security conference.

LinuxSecurity.com Team
Jan 26, 2006

Debian Sarge OpenSSH: Chrooted User Access Configuration

This tutorial describes how to install and configure OpenSSH so that it will allow chrooted sessions for users. With this setup, you can give your users shell access without having to fear that they can see your whole system. Your users will be jailed in a specific directory which they will not be able to break out of.

LinuxSecurity.com Team
Jan 25, 2006

Community Poll

More Polls

Server Security - Page 23

Misuse of Cron Jobs for Long-Term Access in Linux Environments

Securing Remote Access to Linux Servers: Best Practices for 2026

Linux AI Tools Require Enhanced Observability for Security