Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 3 articles for you...
77
Linux securityserver protectionsecurity hardeningLinux Security Hardening Guide 2026 SSH Backup Strategies
Linux security is not about stacking tools and hoping for the best. It comes down to deliberate configuration, steady maintenance, and systems that can withstand real-world pressure. . Most production compromises still trace back to the same issues. Weak SSH settings. Unpatched services. Overexposed ports. Backups that fail when you need them. None of these are exotic threats; they are operational gaps. If you run Linux in production, hardening has to be practical and repeatable. Start With SSH, Because Attackers Do SSH is still the main entry point into Linux systems. Treat it like the front door, not a side entrance. The default configuration is rarely strict enough for production. A hardened setup should: Disable direct root login. Force administrative access through controlled privilege escalation. Disable password authentication; use public-key authentication only. Restrict allowed users or groups – Make access explicit. Limit authentication attempts – reduce the effectiveness of brute-force attacks. Set idle timeouts – Close forgotten sessions automatically. These are small changes inside the SSH daemon configuration, but they remove entire categories of risk. Quick check # Verify what is actually listening on the system ss -tulnp # Confirm SSH is running with the expected settings grep -E '^(PermitRootLogin|PasswordAuthentication|MaxAuthTries|AllowUsers|ClientAliveInterval)' /etc/ssh/sshd_config Then add automation. Fail2Ban brute-force protection watches authentication logs and temporarily blocks IP addresses that repeatedly fail to log in. It turns constant background probing into a non-issue without daily oversight. Quiet automation beats manual reaction every time. Patch Automatically, Review Intentionally Waiting for someone to remember to apply updates is not a strategy. Most modern Linux distributions support automatic security updates through their native package managers. Enable them. Security patchesshould apply without waiting for a maintenance window that never comes. That said, automation does not remove responsibility. A healthy workflow looks like this: Automatic security updates enabled – Shrinks exposure windows. Scheduled reboots when required – Kernel updates need to be activated. Weekly review of applied updates – Confirm nothing critical broke. Security improves when patching becomes routine instead of reactive. Treat Open Ports as Liabilities Every listening service is a potential foothold. Linux provides strong native firewall tools such as nftables and simpler front ends like UFW . The tooling matters less than the policy. A secure baseline should follow one rule: deny everything by default, allow only what is necessary. That means: Default deny inbound traffic – No open doors without a reason. Explicitly allow required services – SSH, application ports, nothing more. Quick check # Review active firewall rules (UFW example) ufw status verbose Port sprawl happens quietly over time. Regular review keeps exposure under control. Logging That Survives an Incident Logging often gets attention only after something goes wrong. By then, it is too late. Start with auditd. It provides kernel-level auditing and records changes to sensitive files, account modifications, and authentication events. This gives visibility beyond standard system logs. But local logs alone are fragile. If an attacker gains sufficient privileges, they can alter or delete them. Forward logs to a separate system. That might be a dedicated log server or a security monitoring platform isolated from production. The important part is separation. Retention matters as well. Incidents are sometimes discovered weeks after they begin. Keeping short-term searchable logs and longer-term archived copies makes forensic review possible. Logs are not just for troubleshooting. They are evidence. Backups Designed for Ransomware, Not HardwareFailure Backups used to focus on disk crashes. In 2026, they must assume hostile access. A resilient Linux backup strategy includes: Immutable backup storage – Prevent deletion or modification during a retention window. Offline or air gapped copies – Ensure at least one copy is unreachable from production systems. Separate credentials – Backup systems should not trust production authentication. Encrypted storage and transfer – Protect backup data itself. The step many teams skip is restore testing. Quarterly restore tests validate more than file recovery. They confirm permissions, ownership, database integrity, and recovery time expectations. A backup that has never been restored is a guess. Design backups as if an attacker already has administrative access. Because one day, they might. Container Security Is Not Automatic Isolation Containers improve deployment speed, but they do not eliminate risk. Running containers as root on the host defeats much of the isolation benefit. Rootless containers reduce that exposure and should be the default where practical. Layer in additional controls: Mandatory access control profiles – Enforce AppArmor or SELinux in enforcing mode, not permissive. Seccomp filters – Restrict unnecessary system calls. Minimal base images – Reduce the attack surface. Dropped Linux capabilities – Remove privileges containers do not need. Network boundaries – Prevent containers from freely reaching internal services. Containers are processes with namespaces, not magic boxes. Treat them with the same discipline as traditional services. Build a Security Rhythm Hardening is not a one-time event. It is a cadence. A practical operational rhythm looks like this: Weekly patch review – Confirm updates applied successfully. Weekly log sampling – Check authentication spikes or unusual access. Monthly port and service audit – Validate exposed services. Quarterly restore test – Provebackups work. Quarterly access review – Remove unused accounts and SSH keys. Security improves when it becomes part of the calendar. Resilience Over Perfection No Linux system is invulnerable. The goal is controlled exposure, fast detection, and reliable recovery. Tight SSH configuration. Automatic patching. Minimal open ports. Centralised logging. Ransomware-resistant backups. Hardened containers. A steady review cycle. That combination does more for real-world Linux security than any single tool ever will. Production safety is built through discipline, not optimism. . Most production compromises still trace back to the same issues. Weak SSH settings. Unpatched servic. linux, security, about, stacking, tools, hoping, comes, deliberate. . MaK Ulac
Feb 05, 2026
•
Server Security
77
data managementdata recoverybackup strategyUtilizing RAID Arrays for Improved Strategies in Data Backup Solutions
How valuable is your data? If your storage drive crashed, would it ruin your day? Your week? Your entire career? Only you can answer those questions for yourself and your organization. But I'll tell you, personally, I need my files -- not only to get my day-to-day job done, but to reference older information and even look at personal keepsakes (like all my digital photos).. Over the years, I've discussed storage strategies a lot. I've talked about the traditional 3-2-1 backup approach, and what I call 3-2-1 off and away backups. I've talked about cloud backup, and how having most of my critical data in the cloud helped me keep going during last year's hurricane evacuation. I've even taken you through an in-depth torture testing of seven different RAID storage devices to find the winners (and losers).. Over the years, I've discussed storage strategies a lot. I've talked about the traditional 3-2-1 bac. valuable, storage, drive, crashed, would. . LinuxSecurity.com Team
Mar 15, 2018
•
Server Security
77
data protectionbackup strategybackup systemCreating Secure Remote Backups With Duplicity: A Comprehensive Guide
Remote backup is an increasingly popular way to protect your files, and Duplicity makes it easy to implement a secure yet flexible backup system . Duplicity is an easy-to-use system that allows you to make encrypted backups that are stored at a remote location or even in a locally accessible directory. I t has a good selection of networking back-ends (SFTP, SSH, Google storage, S3 etc), so you should be able to fit it into your organisation. The backups are incremental, which saves on bandwidth and storage space when making subsequent backups. Incremental backups also allow the user to step back to a specific point in time to retrieve an older version of a file. The link for this article located at LinuxUser UK is no longer available. . Safeguard your data using Duplicity, a user-friendly solution that accommodates multiple off-site options and robust encryption.. Remote Backup, Encrypted Backup, Duplicity Tutorial, Data Protection, Incremental Backup. . LinuxSecurity.com Team
Jun 03, 2013
•
Server Security
77
data backupdata losssecurity practiceEssential Strategies for Data Protection on World Backup Day
Hello, world! Today it's your Backup Day. World Backup Day is a new idea promoted by a small team of Redditors, and it's a good idea. You can never be too careful when it comes to backing up.. By the way, this is about your data, and not calling your buddies over for help in a hostile situation, which is not really my area of expertise. So let's talk backups! Basically it means putting your data in multiple places so that if something happens to one place (let's say you forget your laptop on the top of your car and subsequently back over it), that important PowerPoint presentation you've been working on isn't lost. The link for this article located at CNET is no longer available. . Safeguarding your information is crucial. Keep your vital documents safe; find out how to remain secure this World Backup Day.. Secure Data Backup, Multi-Location Storage, Prevent Data Loss. . LinuxSecurity.com Team
Apr 01, 2011
•
Server Security
77
risk managementdata protectioncomplianceModernizing Backup Strategies for Enhanced Data Protection
Data protection requirements have moved on from the purely technical question of "Did the backup work?" to the much more complex question of "Is my business protected?". The view of the backup application of success or failure is no longer relevant unless considered in the context of business policies. . The link for this article located at Net-Security.org - LogError is no longer available. . In the digital age, effective data protection transcends simple backups, emphasizing compliance and integrity. A layered security approach is vital for safeguarding data.. Data Protection Strategy, Business Continuity Planning, Risk Management Solutions. . LinuxSecurity.com Team
Jul 11, 2006
•
Server Security
77
data backupdata recoverybackup methodsKey Backup Strategies To Prevent Data Loss From Drive Failures
I've noticed recently that more and more of my clients and friends are having drive failures. Now I don't know if it's the recent heat waves, global warming, or the fact that most of the drives that are in play right now were purchased quite some time ago and have just run their spindles out, but at least once a week for the past two months I've heard about a full on drive failure or seen a drive showing the signs of impending doom. Since we're at the halfway mark for the year I'm suggesting that we all take a look at our backup solution and make sure that the whole end to end backup process is working. . The link for this article located at InfoWorld.com is no longer available. . Establish a robust recovery strategy to mitigate the risk of information loss due to hardware malfunctions or failures.. Data Recovery, Backup Strategies, Protect Your Data. . LinuxSecurity.com Team
Jul 03, 2006
•
Server Security
77
data protectionsystem securitydata recoveryImproving System Security Through Effective CD-RW Backup Strategies
System backups are the oft-forgotten step of system security. This Linux Journal article discusses using your CD-RW drive to make a backup of your system. . . .. System backups are the oft-forgotten step of system security. This Linux Journal article discusses using your CD-RW drive to make a backup of your system. The link for this article located at Linux Journal is no longer available. . Recognize the critical role of data redundancy in safeguarding information. Explore how to utilize a USB flash drive to preserve your files efficiently.. Backup Process, Data Security, CD-RW Backup. . LinuxSecurity.com Team
Mar 13, 2000
•
Server Security
77
data protectionLinux toolssystem recoveryEffective Backup And Recovery Methods For Linux Systems
Part 1 of this LJ series discusses "backup strategies, tools, and ways to make the whole process a bit less unpleasant." [Found on linuxtoday] . . .. Part 1 of this LJ series discusses "backup strategies, tools, and ways to make the whole process a bit less unpleasant." [Found on linuxtoday] The link for this article located at Linux Journal is no longer available. . Mastering effective backup strategies in Linux is essential for seamless data recovery. Explore key techniques and tools to secure and streamline your backups. Backup Strategies, Data Recovery Tools, Linux Backup Solutions, Data Protection Techniques. . LinuxSecurity.com Team
Mar 04, 2000
•
Server Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More