Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -2 articles for you...
78
malwareanti-spamspam protectionAvinti NEWT Anti-Spam Plugin Effectively Blocks Malware Links
In the perpetual battle against spam, Avinti has thrown its hat into the game with its email gateway plugin. Reading through the article presented a very generic description of the tool: Called NEWT, for Neutralize E-mail-Web Threats, the software is designed to block URLs and IP addresses embedded in inbound spam messages that link to known malware sites, according to company officials. How does a tool like this stack up to the likes of SpamAssassin or Spamhaus's DROP list? Does Avinti's database of known malware links scale to today's amount of incoming spam? . The link for this article located at Network World is no longer available. . Explore the advantages of Avinti's NEWT plugin as it targets spam reduction and effectively barricades malicious URLs.. Avinti NEWT, Email Gateway Plugin, Spam Protection, Malware Defense. . LinuxSecurity.com Team
Oct 03, 2007
•
Vendors/Products
77
security advisoryattack vectoremail gatewayEmail Gateways Affected By MIME Flaw: 1000 Issues Found
Serious security flaws that potentially affect hundreds of email gateway products have been discovered in the widely deployed MIME (Multi-Purpose Internet Mail Extensions) protocol. . . .. The vulnerabilities in the MIME extension to the ubiquitous Simple Mail Transport Protocol (SMTP) were uncovered by experts from information security firm Corsaire, which warned of 190 discrete attack vectors. Due to the scale and seriousness of this issue - and the requirement for coordination of vendors with compromised products - Corsaire passed its findings to the UK National Infrastructure Co-ordination Centre (NISCC) team, which is expected to release full details to the public at noon today (Monday 13 September 2004). The MIME vulnerabilities were discovered during a recent Corsaire project to assess the suitability of the email systems used by a large insurance company. The scope of the project was to identify any weaknesses in the organisation's controls for limiting the types of data sent via email and identifying malicious content, such as viruses. During this investigation bespoke tools developed by Corsaire were used to test the system's ability to identify standard and non-standard document formats, and also deliberately malformed MIME encapsulation. The MIME flaws came to light when the same tools were applied to a variety of contemporary mail gateway products. The end result was the discovery of 14 fundamental MIME implementation issues, with 190 discrete attack vectors, Corsaire warned. "In specific terms, these were used to identify over 1000 individual vulnerabilities in only ten common MIME gateway products. At the last count Corsaire was aware of around 90 separate vendors producing MIME products that will also likely be affected," Corsaire said in a prepared statement. The link for this article located at Rob Jaques is no longer available. . A critical issue within the MIME protocol impacts various email servers, risking the exposure of systems to more than 1000 security threats.. MIME Flaws,Email Gateway Security, Attack Vectors. . LinuxSecurity.com Team
Sep 13, 2004
•
Server Security
77
OpenBSDSpamAssassinPostfixConfigure A Spam-Blocking Email Gateway With OpenBSD And Postfix
This document describes how to setup a spam-blocking email gateway based on open source and freely available software. This procedure is designed for a small to medium sized company with a single domain (multiple domains are possible...just not described here). I will describe how to setup a new computer that is meant to run on your network's DMZ in between the Internet and a corporate email server like Lotus Notes or Microsoft Exchange.. . .. This document describes how to setup a spam-blocking email gateway based on open source and freely available software. This procedure is designed for a small to medium sized company with a single domain (multiple domains are possible...just not described here). I will describe how to setup a new computer that is meant to run on your network's DMZ in between the Internet and a corporate email server like Lotus Notes or Microsoft Exchange. This entire procedure has been developed with security as a primary focus. The operating system is OpenBSD (www.openbsd.org), which is a "Secure by Default" system with an amazing track record for security. The email MTA is Postfix (www.postfix.org) which also has a good record for security and is the easier of the 2 main competitors to the troubled sendmail program. Amavisd-new (https://www.ijs.si/software/amavisd/) is the main filter which processes email from postfix and ensures that we don't lose any mail. Amavisd-new is an huge improvement over the original amavis which was a simple virus scanner, and I think it is the best way of implementing SpamAssassin (https://spamassassin.apache.org/404.html SpamAssassin is the main anti-spam component which works by comparing messages to a ruleset and by using a statistical analysis that is custom built based on your email. In addition to the SpamAssassin spam detection software, we will be using 2 online SPAM databases: DCC (https://www.rhyolite.com/dcc/ and Vipul's Razor (razor.sourceforge.net). These databases work by comparing hashes of our email messages with hashes of known spam. As afinal security precaution, we will run all network processes in a restricted-user/chroot environment,so if an attacker were able to compromise one of the modules, the amount of damage they could do would be seriously limited. There are many different ways to customize the handling of SPAM with this solution. At my company we debated the merits of a number of different methods. We considered using the ability of amavisd to add extensions on spam emails (so a spam email to
May 08, 2003
•
Server Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More