Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 3 articles for you...
83
security advisorysecurity enhancementcache poisoningDNS Security Enhancement: Significant DNSSec Deployment Against Attacks
The typical end-of-year security story generally involves a looming cyber threat or yet another major misstep by Microsoft. Well, there's good news on the security front this year -- and, like our other picks, it's gone largely unnoticed. A major hole in security has been plugged with the full deployment of Domain Name System Security Extensions (DNSSec) at the Internet's authoritative root zone. . (InfoWorld awarded one of the main drivers of fixing the flaw in its CTO 25 awards earlier this year, but little has been said since.) The extensions will make it much more difficult for black hats to engage in cache poisoning, an attack that strikes at the fundamental nature of the Internet. "If you can't trust your DNS server, you can't trust anything," says Paul Smith, a senior analyst for Symantec's Hosted Services division. The link for this article located at Network World is no longer available. . Significant vulnerability in DNS addressed through DNSSec implementation, improving online safety against cache poisoning exploits.. DNSSec Deployment, Internet Security Enhancement, Cyber Threat Mitigation. . LinuxSecurity.com Team
Dec 31, 2010
•
Hacks/Cracks
74
network securitycache poisoningdnssecVeriSign DNSSEC Implementation For Enhanced Domain Security
At the end of last week, US company VeriSign announced the roll-out schedule for the authentication of.com and .net zones. From the 9th of December, .net domains are to be authenticated via keys that are based on the new DNSSEC (Domain Name System Security Extensions) protocol and stored in the Domain Name System (DNS). . Responses that don't originate from the server that was authorised for a domain will be detected when signatures are validated. Signatures for .net domains have been available since the 29th of October, but they cannot be validated yet. Signatures for the .com zone are to follow in March; users will be able to protect their own .com domains with DNSSEC signatures shortly afterwards. This is mainly designed to prevent future cache-poisoning attacks. The link for this article located at H Security is no longer available. . VeriSign's DNSSEC implementation enhances security for .com and .net zones, protecting against cache poisoning and ensuring users access authentic DNS data. DNSSEC Implementation,Domain Authentication,Network Security Enhancements. . Alex
Nov 02, 2010
•
Network Security
74
digital signaturecache poisoningdnsNominet Begins DNSSEC Implementation for .uk Domain Protection
Nominet, the U.K.'s domain name registry, will begin implementing a security protocol on Monday designed to protect the DNS (Domain Name System). The system, called DNS Security Extensions (DNSSEC), uses public key cryptography to digitally "sign" the DNS records for Web sites. It is designed to stop attacks such as cache poisoning, where a DNS server is hacked, making it possible for a user to type in the correct Web site name but be directed to a fake Web site.. In 2008, security researcher Dan Kaminsky showed it was possible to poison a cache in just a few seconds with a special kind of attack. Almost every organization running a DNS server have deployed a patch, but DNSSEC is a long-term fix. Nominet will begin signing the ".uk" top-level domain beginning Monday, a process which will conclude a week later, said Simon McCalla, director of IT at the registry. Interestingly, there are just a little over a dozen Web sites that use ".uk" since a decision was made more than a decade ago to close off registrations, he said. Much more common are second-level domains, such as ".co.uk" and ".org.uk," among others. The link for this article located at IT World is no longer available. . Nominet is introducing DNS Security Extensions aimed at bolstering defenses against threats such as DNS spoofing.. DNS Security,Nominet,DNSSEC,Domain Security,Cache Poisoning. . Alex
Feb 26, 2010
•
Network Security
74
cache poisoningwifi securitydata theftThreats of Cache Poisoning And Data Theft Over Public Wi-Fi
Public Wi-Fi networks such as those in coffee shops and airports present a bigger security threat than ever to computer users because attackers can intercede over wireless to "poison" users' browser caches in order to present fake Web pages or even steal data at a later time.That's according to security researcher Mike Kershaw, developer of the Kismet wireless network detector and intrusion-detection system, who spoke at the Black Hat conference. . He said it's simple for an attacker over an 802.11 wireless network to take control of a Web browser cache by hijacking a common JavaScript file, for example. "Once you've left Starbucks, you're owned. I own your cache-control header," he said. "You're still loading the cache JavaScript when you go back to work. "Open networks have no client protection," said Kershaw, who also uses the handle Dragorn. "Nothing stops us from spoofing the [wireless access point] and talking directly to the client," the user's Wi-Fi-enabled device. The link for this article located at Network World is no longer available. . Wireless networks can expose users to serious threats, as malicious actors may exploit browser history to display counterfeit websites or capture sensitive information.. Wi-Fi Security, Browser Hijacking, Open Network Attacks, Data Compromise. . Alex
Feb 04, 2010
•
Network Security
74
denial of servicedns securitycache poisoningUnderstanding Google Public DNS Security Challenges And Solutions
Here's a great overview of DNS and its intrinsic security issues, and how Google hopes to address them, and improve the security of DNS on the Internet. Because of the open, distributed design of the Domain Name System, and its use of the User Datagram Protocol (UDP), DNS is vulnerable to various forms of attack. Public or "open" recursive DNS resolvers are especially at risk, since they do not restrict incoming packets to a set of allowable source IP addresses. We are mostly concerned with two common types of attacks:. Spoofing attacks leading to DNS cache poisoning. Various types of DNS spoofing and forgery exploits abound, which aim to redirect users from legitimate sites to malicious websites. These include so-called "Kaminsky attacks", in which attackers take authoritative control of an entire DNS zone. Denial-of-service (DoS) attacks. Attackers may launch DDoS attacks against the resolvers themselves, or hijack resolvers to launch DoS attacks on other systems. Attacks that use DNS servers to launch DoS attacks on other systems by exploiting large DNS record/response size are known as amplification attacks. Each class of attack is discussed further below. The link for this article located at Google is no longer available. . Investigating the threats of DNS hijacking, strategies for cache compromise, and defenses against DDoS attacks, including measures from Google's cybersecurity efforts.. DNS Security, Google DNS, Spoofing Risks, DDoS Defenses. . Dave Wreski
Dec 05, 2009
•
Network Security
74
network securitysecurity enhancementcache poisoningDan Kaminsky on DNSSEC: Security Challenges and Trust Enhancement
Network security researcher Dan Kaminsky has had a year to reflect on the impact of the cache poisoning vulnerability he discovered in the Domain Name System (DNS). Kaminsky revealed during last year's Black Hat Briefings a technique that made it relatively easy to exploit the bug and enable an attacker to redirect website requests to malicious sites. In the time since, Kaminsky has become an advocate for improving security in DNS, and ultimately, trust on the Internet. One way to do this is with the widespread use of DNSSEC (DNS Security Extensions), which essentially brings PKI to website requests. In this interview, Kaminsky talks about how the implementation of DNSSEC would enable greater security and trust on the Net and provide a platform for the development of new security products and services.. In the year since you went public with the DNS cache poisoning bug, what do you think the impact has been on awareness of DNS' security issues and the movement to deploy DNSSEC on a wide scale? Dan Kaminsky: At the time I was amazed and overjoyed everyone came together to fix and address this problem. A year has done nothing to lesson my happiness that things turned out quite well. The real unifying theme culminating in the recent Obama discussion of cybersecurity is that these problems have to be taken so much more seriously, and the only way we're going to be able to dig selves out of the hole we're in is to ignore old boundaries, limitations and rules, and say we're all in this together; we're all struggling, and ignoring the problem doesn't make it go away. DNSSEC is interesting not because it fixes DNS. DNSSEC is interesting because it allows us to start addressing core problems we have on the Internet in a systematic and scalable way. The reality is: Trust is not selling across organizational boundaries. We have lots and lots systems that allow companies to authenticate their own people, manage and monitor their own people and interact with their own people. In a world where companies only deal withthemselves, that's great. We don't live in that world and we haven't for many years. The link for this article located at Search Security is no longer available. . Dan Kaminsky highlights the dangers of DNS cache poisoning and emphasizes the critical need for DNSSEC in enhancing cybersecurity and fostering confidence on the internet.. DNS Security,DNSSEC Trust,Cache Poisoning Solutions,Network Protection,Internet Trust. . Anthony Pell
Jun 26, 2009
•
Network Security
74
network securitydns securitycache poisoning230,000 DNS Servers Vulnerable: Cache Poisoning Threat Overview
Hundreds of thousands of Internet servers are at risk of an attack that would redirect unknowing Web surfers from legitimate sites to malicious ones. In a scan of 2.5 million so-called Domain Name System machines, which act as the White Pages of the Internet, security researcher Dan Kaminsky found that about 230,000 are potentially vulnerable to a threat known as DNS cache poisoning. . "That is almost 10 percent of the scanned DNS servers," Kaminsky said in a presentation last week at the Black Hat security event in Las Vegas. "If you are not auditing your DNS servers, please start," he said. The motivation for a potential attack is money, according to the SANS Internet Storm Center, which tracks network threats. Attackers typically get paid for each spyware or adware program they manage to get installed on a person's PC. Information lifted from victims, such as social security numbers and credit card data, can also be sold. Additionally, malicious software could be installed on a PC to hijack it and use it to relay spam. The DNS servers in question are run by companies and Internet service providers to translate text-based Internet addresses into numeric IP addresses. The cache on each machine is used as a local store of data for Web addresses.. Uncover the threats posed by DNS cache poisoning to numerous servers, emphasizing the urgency for proactive assessments.. DNS Security, Cache Poisoning, Network Vulnerabilities. . Brittany Day
Aug 03, 2005
•
Network Security
74
security advisorysoftware updatecache poisoningBIND Update: Important Advisory on DNS Cache Poisoning Risks
The InfoCon is currently set at yellow in response to the DNS cache poisoning issues that we have been reporting on for the last several days. We originally went to yellow because we were uncertain of the mechanisms that allowed seemingly "secure" systems to be vulnerable to this issue. Now that we have a better handle on the mechanisms, WE WANT TO GET THE ATTENTION OF ISPs AND ANY OTHERS WHO RUN DNS SERVERS THAT MAY ACT AS FORWARDS FOR DOWNSTREAM Microsoft DNS SYSTEMS. If you are running BIND, please consider updating to Version 9. . We have received more technical details on the software configurations that are vulnerable. Thanks to Microsoft for clarifying details on Windows DNS and thanks to numerous others for reporting. We try to get all the technical details right before publishing information on attacks like this, but if we waited until we were 100% sure all the time, we would never be able to notify the community when the attacks are actually happening. On Windows 2000 SP3 and above, the DNS server DOES protect against DNS cache pollution by default. The registry key to protect against the poisoning is not necessary: the value is TRUE if the registry key does not exist. Microsoft has now corrected the KB article that we published earlier with this information. The link for this article located at SANS is no longer available. . We have received more technical details on the software configurations that are vulnerable. Thanks t. infocon, currently, yellow, response, cache, poisoning. . Brittany Day
Apr 08, 2005
•
Network Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More