Server Security - Page 49.25
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
This article shows how a web-server behind a firewall can be accessed without compromising security. It discusses configuring the Apache ProxyPass option to allow external hosts to an internal network. . . .
Microsoft has been unable to douse allegations that one of the hotly anticipated technologies in Windows 2000 Server has a security hole. "If this had been a legitimate security bug, Microsoft would have admitted that," said Peter Houston, Microsoft's group . . .
Part 1 of this LJ series discusses "backup strategies, tools, and ways to make the whole process a bit less unpleasant." [Found on linuxtoday] . . .
"Somebody's going to get sued; that's clear," said David J. Loundy, of Chicago's D'Ancona & Pflaum LLC. "Somebody's going to want a test case. The issue [is] whether there's going to be one or two of these suits, or whether . . .
The Apache Software Foundation and The Apache Server Project are pleased to announce the release of version 1.3.12 of the Apache HTTP server. The primary changes in this version of Apache are those related to the ``cross site scripting'' . . .
Here's a pretty well-written introduction to utilizing the access control mechanisms built into Apache. This includes the Apache security modules, controlling access by IP and username, using htaccess/htpasswd, among others. . . .
John Viega posted the following message to bugtraq announcing a new security auditing tool. "I've put together a command-line tool for statically scanning C and C++ source code for security vulnerabilities. The tool is . . .
The E-Commerce Times writes, "The rash of hacker attacks against Web sites continued this week, directed mainly against e-commerce sites, and the FBI reportedly is now investigating a total of 17 distributed denial-of-service (DDoS) intrusions." . . .
ZDNet writes, "A suspected computer hacker boosted the stock of Aastrom Biosciences Inc. on Thursday by posting a fake press release on the company's Web site announcing a merger with California biopharmaceutical company Geron Corp." . . .
Bastille Linux, a suite of scripts designed to help secure a RH box is now available. Release 1.0.3 is now online, accessible via the site. The Freshmeat post should hit soon as well. This version includes: . . .
John Borland writes ... "In the battle to strengthen Web security, the open-door policies that helped universities create the Net may now prove to be its weakest link. At least two California institutions--Stanford University and the University of California at . . .
Sherman Fridman writes ... "Responding to the recent flurry of incapacitating attacks on various major Web sites such as Yahoo and eBay, Network Associates, Inc., has launched a new business-to-business service called myCIO.com which allows enterprises to click on to . . .
Buy.com, Amazon and EBay are the latest sites to be hit with a distributed denial of service attack. These attacks are coordinated typically between many people and web sites, all sending "junk traffic" to a site at the same . . .
Distributed Denial Of Service attacks are the AK-47 of attackers today. These attack tools "send a crippling barrage of data to the target Web site. The Web server receiving the data requests is duped into responding to them, as . . .
I think most of us probably noticed Yahoo.com being down today. I didn't believe it until I did three seperate traceroutes from three different hosts with Internet backbone connections. Johnathan Dube writes ... "Yahoo! came under attack today and . . .
One of the most difficult decisions in any given enviroment is the distribution of trust. Who can you trust and with how much access? If you have a Systems Administrator on-site then they probably have super user access . . .
Denial of service attacks are a part of life on the Internet. They are generally speaking the easiest attacks to commit since they require minimal skill, only a minimum of knowledge about your intended victim's network, and can be done . . .
Many Linux administrators often think about securing their systems from the top down (or perhaps the outside in). Significant focus is placed on Firewalls, packet filtering, limiting or denying dangerous services and controlling available programs and local permissions. . . .