Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 14 articles for you...
67
application securitydigital signaturessoftware verificationEnsure Digital Safety By Verifying Crypto Applications Against Backdoors
At the beginning of the year, I did something I've never done before: I made a new year's resolution. From here on out, I pledged, I would install only digitally signed software I could verify hadn't been tampered with by someone sitting between me and the website that made it available for download. . It seemed like a modest undertaking, but in practice, it has already cost me a few hours of lost time. With practice, it's no longer the productivity killer it was. Still, the experience left me smarting. In some cases, the extra time I spent verifying signatures did little or nothing to make me more secure. And too many times, the sites that took the time to provide digital signatures gave little guidance on how to use them.. Examining the critical role of software validation in cryptocurrency applications, to guarantee digital security and integrity.. Secure Software, Digital Signature Verification, Crypto Backdoors. . LinuxSecurity.com Team
Feb 05, 2015
•
Cryptography
77
dns securitykey managementdigital signaturesF5 Networks And Infoblox Integrated DNS Security Announcement
F5 Networks and Infoblox announced on Monday what they claim is the first integrated solution that combines DNS Security Extensions key management and signing capabilities with global server load balancing to boost performance.. DNSSEC is an Internet standard that prevents spoofing attacks by allowing Web sites to verify their domain names and corresponding IP addresses using digital signatures and public-key encryption. DNSSEC is being deployed across the Internet infrastructure, from the root servers at the top of the DNS heirarchy to the servers that run .com and .net and other top-level domains, and then down to the servers that cache content for individual Web sites. DNSSEC has been in the news in recent weeks, with Comcast being the first U.S. carrier to announce a public trial of its DNSSEC signing and resolution services. The link for this article located at Network World is no longer available. . DANE improves internet safety by verifying identities of servers and stopping phishing via cryptographic techniques.. DNS Security, Key Management, Digital Signatures, Network Performance. . LinuxSecurity.com Team
Mar 02, 2010
•
Server Security
67
IT managementinternal securityemail encryptionOpenPGP Enhances Internal Email Security For IT Managers
PGP, or Pretty Good Privacy, is a security program that allows users to encrypt and decrypt e-mail, as well as incorporating the added protection of digital signatures for user verification. OpenPGP builds upon PGP with enhanced PGP standards, military-grade security and an increased number of encryption algorithms. Michael W. Lucas, author of PGP & GPG: E-mail for the Practical Paranoid recommends that IT managers take advantage of easy-to-use OpenPGP to add an extra layer of internal security that can prevent tampering from within an organization. The most difficult part is not installation or using OpenPGP but educating users. . OpenPGP puts control of security in the hands of the IT manager. Even if you only use it internally amongst your IT staff, it provides a layer of security that's difficult to achieve otherwise. One common problem in computer security is 'who watches the watchmen?' Your e-mail administrator has the ability to view and edit any e-mail message that passes through the system. When I'm troubleshooting a network problem, I often must use a packet sniffer. At that point, I will see the contents of e-mail messages unless I take specific steps to prevent it. Even your helpdesk staff has access to people's personal data. All of these people can change that data, or even create entirely fraudulent data, files and messages and attribute them to other people. The link for this article located at TechTarget is no longer available. . OpenPGP puts control of security in the hands of the IT manager. Even if you only use it internally . pretty, privacy, security, program, allows, users, encrypt, decrypt, e-mail. . LinuxSecurity.com Team
May 10, 2006
•
Cryptography
81
authenticationLinuxdigital signaturesDigital Signatures: Risks and Legal Binding in Linux Systems
Digital signatures were designed to allow secure, confidential communication between two parties. As Wikipedia describes it: "A user may digitally sign messages using his private key, and another user can check that signature (using the public key contained in that user's certificate issued by a certificate authority). This enables two (or more) communicating parties to establish confidentiality, message integrity and user authentication without having to exchange any secret information in advance." . Are digital signatures legally binding? Usually. Check your local statutes. Are they foolproof? Not usually. For years, Prof. Ferenc Leitold of the University of Veszprem has been explaining the dangers of digital signatures to the world at large. This week, he's doing it again at the 15th EICAR Annual Conference in Hamburg, Germany. The link for this article located at Email Battles is no longer available. . Are digital signatures legally binding? Usually. Check your local statutes. Are they foolproof? Not . digital, signatures, designed, allow, secure, confidential, communication, between, parties. . LinuxSecurity.com Team
May 08, 2006
•
Privacy
67
email securityencryption techniquesauthentication methodsUnlocking Email Security: Challenges of Public Key Cryptography
With its ability to authenticate, digitally sign, and encrypt messages, public key cryptography seems like a natural fit for protecting e-mail: With one solution, you can ensure the integrity of the content and prove the identity of the sender. But public key cryptography is akin to peace in the Middle East--everyone agrees it's a good idea, but the associated complexities can derail implementation. . . .. With its ability to authenticate, digitally sign, and encrypt messages, public key cryptography seems like a natural fit for protecting e-mail: With one solution, you can ensure the integrity of the content and prove the identity of the sender. But public key cryptography is akin to peace in the Middle East--everyone agrees it's a good idea, but the associated complexities can derail implementation. Traditional public key encryption schemes involve complicated processes such as issuing and managing keys and digital certificates, integrating cryptographic functions into existing applications, and locating a recipient's certificate. The difficulty of performing these functions often overrides any value that an enterprise might get from public key-based mail security. The link for this article located at Andrew Conry-Murray is no longer available. . With its ability to authenticate, digitally sign, and encrypt messages, public key cryptography seem. ability, authenticate, digitally, encrypt, messages, public, cryptography. . LinuxSecurity.com Team
Oct 06, 2004
•
Cryptography
81
email securitydigital signaturesfiltering softwareEmail Security: Uncovering Spam Tactics with Digital Signatures
Bulk emailers are digitally signing unsolicited messages in hopes of bypassing popular filtering programs, but updated software has been modified to detect the trick. The trick was noted on several security lists, as the number of junk email messages sporting . . . . Bulk emailers are digitally signing unsolicited messages in hopes of bypassing popular filtering programs, but updated software has been modified to detect the trick. The trick was noted on several security lists, as the number of junk email messages sporting digital signatures has apparently increased. Digital signatures are used in email to attest to the validity and integrity of an email message; any changes to the message's text break the signature and can thus be detected. The new spam tactic was probably introduced to fool a popular open-source email filtering program known as SpamAssassin, said Rand Wacker, director of product strategy and planning for email software maker Sendmail. Wacker said the openness of the program's development allows spammers to develop tricks to fool the software. "Since SpamAssassin is built in a very transparent way in how it does its filtering, we see a lot of spam that is directly targeted at getting past SpamAssassin," Wacker said. Sendmail's own spam program, Mailstream, wouldn't be fooled by the technique because it doesn't give better scores to signed email messages. Filters frequently use a scoring system to evaluate whether a particular message is spam or legitimate. The link for this article located at ZDNet is no longer available. . Bulk emailers are digitally signing unsolicited messages in hopes of bypassing popular filtering pro. emailers, digitally, signing, unsolicited, messages, hopes, bypassing, popular, filtering. . LinuxSecurity.com Team
Oct 13, 2003
•
Privacy
67
key managementencryption tooldata communicationGnuPG 1.0.7: Advanced Encryption For Data Communication and Signatures
The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication and data storage. It is a complete and free replacement of PGP and can be used to encrypt data and to create digital signatures. It includes an advanced . . . . The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication and data storage. It is a complete and free replacement of PGP and can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. This new release has a lot of features beyond OpenPGP which will be included in a soon to be published RFC2440 successor. The link for this article located at GnuPG Project is no longer available. . Investigate the latest enhancements in GnuPG 1.0.7, a robust utility for safeguarding data through encryption and providing digital signatures, improving the security of communications.. GnuPG, Encryption Tool, Digital Signatures, Secure Communication. . LinuxSecurity.com Team
May 08, 2002
•
Cryptography
67
open source softwarePKIencryption toolsGnuPG Overview: Encryption And Digital Signatures In Focus
GnuPG, the GNU Privacy Guard, is the open source equivalent to PGP, or Pretty Good Privacy, which has been available for Windows, DOS, and some other operating systems for many years. It has all the same features, based on the OpenPGP . . . . GnuPG, the GNU Privacy Guard, is the open source equivalent to PGP, or Pretty Good Privacy, which has been available for Windows, DOS, and some other operating systems for many years. It has all the same features, based on the OpenPGP standard. The uses for GnuPG (or GPG) are varied: It can be used to encrypt email messages and files, or to digitally sign email messages and files. The first use is obvious, encrypting emails or files on your hard drive maintains the privacy and integrity of sensitive messages or documents. The latter is extremely useful to maintain the integrity of messages and files, especially when transmitting over insecure networks. It certifies that a) the email was sent by whomever claims to have sent it, and b) that a file has not been tampered with. Using GPG is very easy and straightforward. It is a text-based command line tool, but there are frontends to GPG that make it even easier to use. The whole premise of GPG is PKI, or Public Key Infrastructure. What this means is that GPG is based upon a two-key system, a private key used to sign and decrypt, and a public key used to decrypt and verify. The link for this article located at MandrakeSecure is no longer available. . GnuPG, the GNU Privacy Guard, is the open source equivalent to PGP, or Pretty Good Privacy, which ha. privacy, gnupg, guard, source, equivalent, pretty, which. . LinuxSecurity.com Team
Apr 23, 2002
•
Cryptography
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More