Server Security - Page 43

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Magnet Goblin Hackers Exploit One-Day Flaws to Deploy Custom Linux Malware

Financially motivated hacking groups are increasingly exploiting newly disclosed vulnerabilities to deploy custom malware on public-facing servers. The threat actors are known as Magnet Goblin, and they have been quick to leverage one-day flaws, vuln...
Mar 11, 2024
  0

New Bifrost Malware Evades Detection, Threatens Linux Server Security

A new variant of Bifrost, a remote access Trojan (RAT),...
Mar 02, 2024
  0
11.Locks IsometricPattern Esm H115

Cryptocurrency Mining Migo Malware Attacks Linux Redis Servers

A new malware dubbed “Migo” that is targeting Linux Red...
Feb 21, 2024
  64
22.Lock ScreenEffect Esm H115

Discover Server Security News

LS Hmepg 337x500 34 Esm H200

RAZOR advisory: Unsafe Signal Handling in Sendmail

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Sendmail signal handlers used for dealing with specific signals (SIGINT, SIGTERM, etc) are vulnerable to numerous race conditions, including handler re-entry, interrupting non-reentrant libc functions and entering them again from the handler (see "References" for more details on this family of vulnerabilities). This set of vulnerabilities exist because of unsafe library function calls from signal handlers (malloc, free, syslog, operations on global buffers, etc).. . .

LS Hmepg 337x500 34 Esm H200

Windows vs. Linux: Taking Security Seriously

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

While proponents of Linux systems maintain that the many security vulnerabilities and attacks coming to the fore are due to Microsoft's dominance in the market and its inherent vulnerabilities, others believe that Bill Gates' behemoth company is beginning to hold its . . .

LS Hmepg 337x500 34 Esm H200

Securing Java Code: Part 2

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

n this installment in our series, we further examine the elements that should be part of a secure Java code policy, including such safeguards as compartmentilization and cryptography. In our last installment, we introduced policy and covered product requirements, error handling, . . .

LS Hmepg 337x500 34 Esm H200

Access Granted: MySQL Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Over the next few pages, I'm going to examine the mySQL access control system, and throw some light on the mySQL "grant tables". These tables, which are an integral part of the server's security system, offer database administrators a great deal . . .

LS Hmepg 337x500 34 Esm H200

FTP Buffer Overflows

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In this column, we look at buffer overflows in many FTP daemons, Oracle Application Server, Solaris ipcs, Solaris Xsun, and a whole list of programs in SCO OpenServers; temporary file race conditions in pine and pico; format string bugs in HylaFAX . . .

LS Hmepg 337x500 34 Esm H200

Securing Your Apache Server

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

An excerpt from Chapter 3, "Security," of Apache: The Definitive Guide, 2nd Edition. Enable Apache to communicate securely over Secure Sockets Layer (SSL). Covers building, configuring, and securing an SSL-enabled Apache server under Unix.. . .

LS Hmepg 337x500 34 Esm H200

Anti-Virus with Sendmail and FreeBSD

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This is a very nice add on for ISPs or someone that wants to safeguard all email coming into their system from viruses. The following article will walk you through installing and setting up several programs, to get this project done.. . .

LS Hmepg 337x500 34 Esm H200

NSA funds work to thicken Linux armor

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The National Security Agency, the electronic snooping arm of the U.S. government, has enlisted computer security company Network Associates to help create a version of Linux that's less vulnerable to attack. The NSA awarded the two-year, $1.2 million contract to the . . .

LS Hmepg 337x500 34 Esm H200

suEXEC keeps you in control of your systems

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

One of the biggest problems for both Web hosting providers and clients is server security. How do you provide a flexible server environment for the client while maintaining some level of security? In this article, Jamie Wilson explains how the Apache Web server and the suEXEC module make that possible. . . .

LS Hmepg 337x500 34 Esm H200

Custom-fit security apps

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Unlike past attempts to manage security, these companies are concentrating on gathering real-time intelligence on attacks, vulnerabilities and exploits. Using data mining and artificial intelligence techniques, they can predict where problems could appear on a particular customer's network and then design . . .

LS Hmepg 337x500 34 Esm H200

Updated backdoor program increases danger

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

AN UPDATED VERSION of the backdoor program SubSeven was released by its creator, a hacker known as "mobman," on Friday, according to the "official" Web page of the program. The SubSeven backdoor, which allows malicious hackers to access and control a user's computer without his or her knowledge, is "one of the highest threats to Windows PCs, especially those running in broadband environments," said Chris Rouland, director of the X-Force research team at computer security firm Internet Security Systems (ISS) in Atlanta.. . .

LS Hmepg 337x500 34 Esm H200

The Future of Operating Systems Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The microcomputer revolution empowered script kiddies and other, more inquisitive, barbarians to begin an onslaught against IT. With the advent of wireless computing and distributed operating systems, the dangers continue to evolve and to multiply. Often computer security takes us down . . .

LS Hmepg 337x500 34 Esm H200

Upgrade bug causes awkward BIND

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A small number of users upgrading their Domain Name System (DNS) servers to guard against a major exploit in BIND have become entangled in a denial of service issue. The problem in updating from BIND (Berkeley Internet Name Domain) 4.9.x or . . .

LS Hmepg 337x500 34 Esm H200

Uncovering the secrets of SE Linux: Part 1

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In an uncharacteristic move, the U.S. National Security Agency recently released a security-enhanced version of Linux -- code and all -- to the open source community. This dW-exclusive article takes a first look at this unexpected development -- what it means . . .

LS Hmepg 337x500 34 Esm H200

BINDing the Internet

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Security experts recently made an unprecedented appeal to computer system administrators to update software to protect the Internet. The warning highlights the vulnerabilities of the digital era. Security flaws continue to be the Achilles Heel of the information revolution. There is . . .

LS Hmepg 337x500 34 Esm H200

Security hole in Java may expose servers

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Sun Microsystems has revealed a security hole in several versions of a critical component of Java that could allow an attacker to run harmful programs on a victim's computer. The vulnerability appears in versions of the Java Runtime Environment that Sun . . .

LS Hmepg 337x500 34 Esm H200

Time to un-BIND your network!

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This post by D. J. Bernstein, author of djbdns, a "secure" DNS server, wrote this message prompted by the recent problems experienced with BIND 9 and its "300000 lines of bad code." "BIND 9 is good code, you say? The BIND programmers learned their lesson from these security disasters and rewrote everything from scratch? Professor Bernstein's opinion differs. . .

Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved