Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -2 articles for you...
79
security advisorysecurity issuesLinux kernelLinux Kernel: Preparing for RNDIS Removal and Safer Alternatives
In the ongoing quest to enhance security and streamline functionality, the Linux kernel community increasingly focuses on potentially deprecated protocols that pose more harm than benefit. One such protocol is RNDIS (Remote Network Driver Interface Specification) , which has become the center of discussion among developers and security experts. Initially intended for handling virtual Ethernet over USB, RNDIS has consistently been plagued by vulnerabilities and fundamental security issues, making it a concern for modern Linux-based systems. . In this article, I'll explore the implications of the potential removal of RNDIS from the Linux kernel and safer alternatives to RNDIS, providing valuable insights on how it would impact the security and performance of our systems. Understanding RNDIS and Its Security Flaws Microsoft originally developed RNDIS to facilitate networking over USB. While it served its purpose for a time, especially when connecting Windows and Linux systems in earlier years, its security framework was never robust. The protocol suffers from vulnerabilities that cannot easily be mitigated, mainly due to its design not aligning with contemporary security standards. These vulnerabilities become particularly problematic when RNDIS is used in environments where untrusted devices might connect. The potential for exploitation is a genuine concern, and removing such an insecure protocol from the Linux kernel helps mitigate unnecessary risks. Understanding these flaws underscores the need to move away from RNDIS. Recent Developments and the Push for Removal The conversation around disabling and eventually phasing out RNDIS from the Linux kernel isn't new. However, recent patch updates have brought this issue to the forefront. Greg Kroah-Hartman, a key figure in the Linux kernel development community, has updated the "rndis-removal" branch within the USB.git repository, signaling a renewed urgency in addressing this obsolete protocol. While this branch hasn't yet been mergedinto the mainline USB "next" branch — which would make it part of the upcoming Linux kernel cycle — the fact that it's being actively considered means that change could be on the horizon. Security admins should anticipate that by early 2025, RNDIS drivers might be fully disabled if current efforts proceed as planned. This means proactive steps to identify and transition away from any dependencies on this protocol are not just recommended but essential. Examining RNDIS's Impact on Windows and Android Systems Traditionally, RNDIS has been necessary for Microsoft Windows systems, particularly those as old as Windows XP. However, modern Windows versions rely less on RNDIS due to alternative protocols and updated features that provide similar functionality without the associated security headaches. For Linux systems interacting with Windows, this shift minimizes the impact its removal might have. On the other hand, Android has not utilized RNDIS for several years. The Android ecosystem moved away from using this protocol as part of its goal to enhance security and reliability across devices. This acceptance of newer, more secure alternatives indicates that most systems can cope without RNDIS, even across different operating systems' connectivity needs. Ethernet-over-USB: A Safer Alternative to RNDIS Ethernet-over-USB is a safer alternative to Remote Network Driver Interface Specification (RNDIS) that mitigates the security risks arising from RNDIS' complex and less scrutinized code base. By contrast, Ethernet-over-USB (primarily when implemented using the CDC-ECM class) typically features a more straightforward implementation, thus minimizing its attack surface and making security audits more straightforward. Ethernet-over-USB works by encapsulating Ethernet frames within USB packets, enabling USB devices to interact like they were on an Ethernet network. This method takes advantage of its well-understood protocols for added reliability and security. To make the switch, admins canenable the USB CDC Ethernet driver (CDC-ECM) in their kernel configuration (CONFIG_USB_NET_CDCETHER). This can be done by navigating to the kernel configuration menu (usually through make menuconfig or a similar command) and enabling the appropriate settings. Once configured and compiled, you can load the driver and enjoy a more secure networking setup over USB. Staying Informed As the Linux community advances toward potentially removing RNDIS, staying informed becomes crucial. Administrators should monitor official Linux kernel communication channels and resources like LinuxSecurity.com to remain updated on this initiative's progress. This involves tracking changes within the kernel's repositories and engaging with the broader Linux community to gain insights and share experiences with others facing similar challenges. Beyond RNDIS: Embracing Secure Protocols The shift away from RNDIS represents a broader trend in the technology sector: the ongoing effort to adopt protocols that offer enhanced security features and align with modern industry standards. Security-minded organizations are increasingly looking to implement solutions that address vulnerabilities and protect sensitive data against emerging threats. This emphasis on security should drive admins to consider performing regular audits of their networks and protocols, seeking out potential weaknesses associated with RNDIS and across the organization's IT infrastructure. By being proactive and forward-thinking, security admins can ensure their systems are well-equipped to handle future challenges. Our Final Thoughts on Preparing for the End of RNDIS in Linux The potential removal of RNDIS from the Linux kernel marks a significant shift towards a more secure computing environment. While the conversations around this topic continue to evolve, Linux security administrators must start preparing for a future where RNDIS is obsolete. By understanding the reasons behind this move, assessing current dependencies, and exploring viablealternatives like Ethernet-over-USB , admins can ensure that their networks remain intact and secure. As with any operational transition, diligence, planning, and staying well-informed will be key to navigating this change successfully. Through collective efforts to adopt and implement secure protocols, the Linux community can continue to uphold the values of openness and collaboration without compromising security. . In this article, I'll explore the implications of the potential removal of RNDIS from the Linux kern. ongoing, quest, enhance, security, streamline, functionality, linux, kernel, community. . Brittany Day
Jan 03, 2025
•
Security Projects
209
security practicessystem hardeningLinux administrationThe Essential Reasons for Keeping SELinux Active for Optimal Security
Too many admins disable SELinux or set it to Permissive on their data center systems, as opposed to spending the necessary time to make the projects they're working on work with SELinux. Jack Wallen warns that admins are playing with fire by shrugging off SELinux, leaving their OSes weakened and susceptible to attacks. . Given the kerfuffle that has been CentOS lately, and the number of inevitable forks that will rise out of the ashes, there will probably be a large percentage of admins migrating to, or finally deploying, a Linux distribution based on Red Hat Enterprise Linux in some form or fashion. It may be Rocky Linux or AlmaLinux . It may be that you stick with CentOS Stream , or even purchase a license for Red Hat Enterprise Linux . If you're a non-profit or another eligible organization, you might qualify for RHEL for Open Source Infrastructure . No matter which route you take, you'll be using a solid Linux distribution with serious security systems in place. However... It's such a powerful word, "however." It stops all natural flow of the narrative to make you wonder just what comes next. You wait, and you wait, and you wait. Until the inevitable: SELinux. . Numerous administrators opt to deactivate SELinux or configure it in Permissive mode, jeopardizing overall system security. Discover the reasons this approach needs to change.. SELinux Management,System Security,Linux Best Practices,Admin Recommendations,Data Center Security. . Brittany Day
Mar 03, 2021
•
Security Trends
74
networkingthreat mitigationdos attackWireless Security: Defending Against DoS Attacks and Worms
Bloodsuckers swarm the Internet too, and three in particular bite networkers again and again: wireless vulnerabilities, Denial of Service (DoS) attacks, and worms. These threats persist for several reasons, including an abundance of automated attack tools, egregious technology failures, and sometimes . . . . Bloodsuckers swarm the Internet too, and three in particular bite networkers again and again: wireless vulnerabilities, Denial of Service (DoS) attacks, and worms. These threats persist for several reasons, including an abundance of automated attack tools, egregious technology failures, and sometimes sloppy security administration. This article explores the origins of these attacks, discusses the reasons they are so prevalent, and highlights steps that administrators can take to avoid getting stung. Wireless LANs based on the 802.11b standard (2.4GHz operation with speeds of 11Mbits/sec) have been making inroads to corporate networks for three reasons: they're cheaper to install than cabling, they're easy to set up, and they let workers stay connected to the network as they roam from office to conference room and even outdoors. According to a Gartner Group (https://linuxsecurity.com) survey, 50 percent of respondents will have a wireless access point touching their corporate networks by the end of 2001. The link for this article located at Network Magazine is no longer available. . Wireless attacks, DoS incidents, and network worms pose serious threats to network integrity and security. Implementing strategies can effectively mitigate these risks. Wireless Attack Methods, Network Security Risks, DoS Attack Prevention. . Anthony Pell
Dec 06, 2001
•
Network Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More