Server Security - Page 37

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Magnet Goblin Hackers Exploit One-Day Flaws to Deploy Custom Linux Malware

Financially motivated hacking groups are increasingly exploiting newly disclosed vulnerabilities to deploy custom malware on public-facing servers. The threat actors are known as Magnet Goblin, and they have been quick to leverage one-day flaws, vuln...
Mar 11, 2024
  0

New Bifrost Malware Evades Detection, Threatens Linux Server Security

A new variant of Bifrost, a remote access Trojan (RAT),...
Mar 02, 2024
  0
11.Locks IsometricPattern Esm H115

Cryptocurrency Mining Migo Malware Attacks Linux Redis Servers

A new malware dubbed “Migo” that is targeting Linux Red...
Feb 21, 2024
  64
22.Lock ScreenEffect Esm H115

Discover Server Security News

LS Hmepg 337x500 34 Esm H200

Deploying the Squid proxy server on Linux

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

These servers run the Squid proxy server software; this software is available under the GNU general public license. In brief, Squid provides for caching and/or forwarding requests for internet objects such as the data available via HTTP, FTP and gopher protocols. . . .

LS Hmepg 337x500 34 Esm H200

The High Price of Vulnerability

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

... IT managers and CxOs already understand the value of strong security practices, right? Wrong. Apparently, the message isn't hitting home. Even with the constant barrage of security talk spewed by media and marketers, IT managers can't get upper management to . . .

LS Hmepg 337x500 34 Esm H200

Securing BSD Daemons

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Let's continue where we left off by taking a closer look at /etc/inetd.conf. Remember that inetd is the internet super-server which listens for requests on behalf of other daemons; it reads /etc/inetd.conf to determine which ports you wish it to listen . . .

LS Hmepg 337x500 34 Esm H200

Buffer-Overflow Problems in BIND

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Among BIND, there were several other vulnerabilities this week. "Buffer-overflow problems have been found in versions 4 and 8 of BIND, a domain-name-system daemon distributed by the Internet Software Consortium (ISC). This vulnerability has wide implications as most sites on the . . .

LS Hmepg 337x500 34 Esm H200

Some Thoughts on the Occasion of the NSA Linux Release

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

There are two things I am sure of after all these years: there is a growing societal need for high assurance software, and market forces are never going to provide it. Superficially, I'm going to offer a few comments on the technology underlying the NSA release. My real intent is to induce the Open Source community into building on this release--so when society wakes up to the fact that this stuff is really, truly needed, something is actually there. . . .

LS Hmepg 337x500 34 Esm H200

Infamous Spammer Spammed

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In what some see as a perfect example of the evidence of cosmic retribution, an avalanche of spam has crashed British Internet service provider Pipex's servers, and stopped delivery of e-mail to its million-plus users for the past week. . . .

LS Hmepg 337x500 34 Esm H200

Insecure Temporary File Functions

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Problems this week include a problem with glibc, a possible problem with ReiserFS, a buffer overflow in exrecover, a stack overflow in arp, temporary file race conditions in a long list of programs, and a back door in Borland InterBase. . . .

LS Hmepg 337x500 34 Esm H200

Process accounting with lastcomm and sa

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This document discusses implementing process accounting on a BSD system. The paths may be slightly different on a Linux system, but it's otherwise the same. "Over a year ago, I had an interesting job of tracking down how a root superuser . . .

LS Hmepg 337x500 34 Esm H200

Securing Linux: Part 2

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Trevor Warren writes: "This second article in the series takes you through TCP wrappers, OpenSSH, disabling unnecessary services and better monitoring of system activity by using unique log files to monitor specific information."

LS Hmepg 337x500 34 Esm H200

Security is out of step with ebusiness

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Fewer than half of blue-chip companies believe that their ebusiness and security strategies are effectively coordinated. Business managers are guilty of demanding ebusiness at all costs and security is overlooked, according to research by analyst group Xephon. . . .

LS Hmepg 337x500 34 Esm H200

Security hole found in Borland database

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Borland's InterBase database software contains a "back door" that allows anyone with the appropriate password to wreak major havoc with the database and the computer it's running on, security experts said. A back door is an undocumented way to get access . . .

LS Hmepg 337x500 34 Esm H200

Feds unveil 'security-enhanced' Linux prototype

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The U.S. National Security Agency last week publicly released a prototype "security-enhanced Linux" operating system, hoping to attract the developer community to find ways to improve Linux security for business and governmental uses. So how is the developer community reacting so . . .

LS Hmepg 337x500 34 Esm H200

Websites warned over first hypertext virus

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A potential threat to ecommerce sites has been identified with the discovery of the first virus using the hypertext preprocessor (PHP) scripting language. PHP is one of the most popular scripting languages and is used to develop ecommerce sites and those . . .

LS Hmepg 337x500 34 Esm H200

NT still most hacked web server platform

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This article, based on a recent attrition.org report, doesn't mention how many hacked sites were due to default passwords, poor administration, etc. The numbers couldn't possibly be not telling the whole story now, could they. "The year 2000 saw Windows NT . . .

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved