Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 11 articles for you...
79
intrusion detectionnetwork monitoringsecurity toolExploring Honeyd: A Comprehensive Tool for Intrusion Detection
Honeyd, the brainchild of Niels Provos, is free open source software released under GNU General Public License. The first major release, 0.5, arrived in 2003, and the latest version I could track down, 1.5c, was released in 2007. Honeyd wasn't the first honeypot, but it quickly became the most accessible and flexible -- the first fully formed honeypot for the masses. . For many years, Provos worked to update his honeypot, wrote a book on it ("Virtual Honeypots: From Botnet Tracking to Intrusion Detection"), and gained wide participation from the open source community in developing add-ons and scripts. There have even been a few Windows ports of the Linux-based program over the years. Unfortunately, like most honeypot projects and Honeyd itself, they appear neglected. The Windows ports are mostly unusable, not working at all on any of Microsoft's latest operating systems. The link for this article located at InfoWorld is no longer available. . For many years, Provos worked to update his honeypot, wrote a book on it ('Virtual Honeypots: From B. honeyd, brainchild, niels, provos, source, software, released, under, general. . LinuxSecurity.com Team
Nov 17, 2010
•
Security Projects
83
network securityhoneypotblacklistVoIP Abuse Project Enhances Threat Protection Through Network Blacklisting
A security expert at a managed services provider has kicked off a project to expose and blacklist the networks hosting VoIP attacks against his and other companies' VoIP PBX servers. The VoIP Abuse Project uses a honeypot to gather as much data as it can from incoming VoIP attacks, including the IP address and a recording of what the call was sending.. Some operators of the offending networks are unaware that their VoIP systems have been hacked and are being used to place fraudulent calls. The attacks range from brute-force hacking to acquire usernames and passwords of the VoIP systems to callers posing as a customer's bank in order to convince victims to hand over their bank account numbers. J. Oquendo, the security engineer who built the so-called Arkeos VoIP honeypot that runs the VoIP Abuse Project, says he decided to launch the VoIP abuse project because he was tired of seeing brute-force attempts against VoIP PBXes and having to contact the organizations whose networks were being used in the attacks -- only to often be ignored. He also wanted to make other companies with VoIP PBX servers on the Internet aware of the threat and actual attacks out there so they could block them. The link for this article located at Dark Reading is no longer available. . Exploring the subtleties of VoIP vulnerabilities and the initiatives aimed at blocking them for enhanced protection.. VoIP threats, Network protection, Cybersecurity measures. . LinuxSecurity.com Team
Sep 30, 2010
•
Hacks/Cracks
79
network securitythreat analysishoneypotDeploy WASC Open Proxy Honeypot For Analyzing Malicious Traffic
This project will use one of the web attacker's most trusted tools against them - the Open Proxy server. Instead of being the target of the attacks, we opt to be used as a conduit of the attack data in order to gather our intelligence. By deploying multiple, specially configured open proxy server (or proxypot), we aim to take a birds-eye look at the types of malicious traffic that traverse these systems. The honeypot systems will conduct real-time analysis on the HTTP traffic to categorize the requests into threat classifications outlined by the Web Security Threat Classification and report all logging data to a centralized location.. You can participate by deploying the WASC Open Proxy Honyepot sensor on your own network. WASC has created a VMware image of the standard sensor. This image includes all of the software to quickly get your sensor up and running with little configuration on the end user's part. You must contact the project leader via email in order to participate. You will then recieve the link location to download the VMware image. You will need to have the free version of VMware player or Server. If you would like to deploy a honeypot sensor, include the following details in your email to the project leader. The link for this article located at Web App Security is no longer available. . You can participate by deploying the WASC Open Proxy Honyepot sensor on your own network. WASC has c. project, attacker's, trusted, tools, against, proxy. . LinuxSecurity.com Team
Feb 27, 2010
•
Security Projects
74
network securityrisk managementthreat detectionStrengthening Network Security Through Effective Honeypot Strategies
Honeypots have largely been relegated to use by academia and antivirus vendors because most enterprise IT teams figure they're too expensive to run and could land their companies in legal trouble. But honeypots aren't as scary as all that, according to an expert on the topic who spoke at the InfoSec World Conference & Expo in Orlando Tuesday. . Honeypots servers that emulate production systems in hopes of luring hackers and sniffing out new threats can cost a lot to run, but most organizations probably don The link for this article located at NetworkWorld is no longer available. . Explore the potential of bait systems in attracting cybercriminals, minimizing vulnerabilities, and cutting expenses.. Honeypot Systems, Threat Detection Strategy, Network Security Solutions. . Bill Locke
Mar 22, 2007
•
Network Security
74
network securitymalwareincident responseLeveraging Nepenthes Honeypots For Rapid Malware Detection
In the past few years, a number of serious flaws in Windows have been exposed, including MS03-026 [ref 1], the flaw that Blaster [ref 2] used to spread in 2003, right up to the recent Mocbot/Wargbot worm [ref 3] which exploited MS06-040 [ref 4] from August 2006. The number of distinct pieces of malware exploiting these flaws has rapidly increased over the same time period. There are several variants of most worms and many more than that of most of the bot families, such as Agobot, Phatbot, Sdbot, and so on. As is now well-known, bots are collections of compromised "zombie" computers used together in a botnet network for nefarious purposes. In the paper, they give detection rates for newly capture malware range between 73% and 84% across four different antivirus engines. Clearly, relying on antivirus software is not going to work for everyone, all the time. In this paper we describe how a particular low-interaction honeypot, Nepenthes [ref 6], can be used to quickly alert an administrator to a network compromise. It captures malware and can assist in containing and removing the infection. . Some of the most damaging worms of recent years have been based on flaws in Windows services. For example, Blaster, Sasser, Welchia and Slammer have all caused large amounts of downtime and lost productivity to businesses around the world. Hopefully, the reader's Intrusion Detection System (IDS) vendor has signatures for known worms such as these, and also has portscan detection to help discover new worms. In the case of Blaster, each infected host would send out around 10 packets every second to port 135/tcp, which was enough to trigger a Snort [ref 7] alert that discovered the problem even before the Blaster signature was created. The link for this article located at is no longer available. . Uncover the capabilities of Nepenthes honeypots in effectively spotting and reporting malware dangers through instant notifications.. Nepenthes Honeypot, Malware Detection, Network Incident Response, Security Monitoring. .Brittany Day
Nov 20, 2006
•
Network Security
79
open sourcePHPweb threatsExploring PHP Honeypot Techniques for Cyber Threat Engagement
PHP HoP is an open source project for: * Application-based low-level interaction honeypot * Dealing with web threats PHP HoP has already been used to : * Fool different kind of web attackers (audit tools, manual hax0rs...) * Create real statistics about the first top10 commands used by an intruder . * Steal malware (PHP, C, Perl) that attackers wanted to upload * Identify evil behaviours and learn about current web threats . The link for this article located at PHP.Hop is no longer available. . The link for this article located at PHP.Hop is no longer available. . source, project, application-based, low-level, interaction, honeypot, dealing. . LinuxSecurity.com Team
Apr 25, 2006
•
Security Projects
79
malwareintegrationcyber threatMwcollect And Nepenthes Merge For Enhanced Malware Collection
Looking to streamline the collection of malware samples, two of the biggest honeypot projects—mwcollect and nepenthes—have merged operations. . The two projects, which passively trap viruses, spyware and other forms of malicious software by emulating known vulnerabilities, will combine operations to develop a single malware collection tool, according to an announcement my mwcollect head developer Georg Wicherski. The merger comes after a year of concurrent development that caused a lot of overlap and shared work, Wicherski said. The link for this article located at eWeek is no longer available. . Integrating mwcollect with nepenthes advances the capture of malware samples via cutting-edge honeypot systems.. Malware Sampling,Honeypot Integration,Cyber Threat Detection. . LinuxSecurity.com Team
Feb 24, 2006
•
Security Projects
77
security toolspam preventionhoneypotUtilizing Honeypots to Combat Spam and Ensure Email Security
Do you want to be aggressive, very aggressive in stopping spam? Then what you might want to do is to set up a fake open proxy or e-mail relay as a honeypot.. . .. Do you want to be aggressive, very aggressive in stopping spam? Then what you might want to do is to set up a fake open proxy or e-mail relay as a honeypot. Honeypots are an ancient, but still effective security tool. Traditionally a honeypot is a server that looks like it has very attractive files and has a security hole in it. Crackers will then break into the honeypot in search of pirated copies of games, trade secrets or such. In reality, there's nothing of any real value in the honeypot. By watching who breaks into the honeypot, you can audit would-be attackers as they hunt for the goodies until you know exactly who they are and you can then put the cuffs on them. Some black-list administrators, notably Ron Guilmette, has taken this basic idea and turned it into an anti-spam approach. It works in exactly the same way. Since a spammer doesn't know what proxies or relays are open to abuse by spammers, they are constantly testing sites for new and vulnerable relays. In fact, a spammer probably has no idea what sites he is using to spread spam. Most simply rely on automatic scripts to find new sites as old open relays are either fixed or knocked off the net by being listed on a blacklist. If you're not sure yourself about whether your mail servers are open, you should get a copy of Mail Relay Tester or run the Abuse.net mail relay test, and test out your own system. The link for this article located at Enterprise IT Planet is no longer available. . Investigate proactive methods to combat unwanted emails by implementing honeypots alongside relay test protocols to fortify your defenses.. Honeypots, Spam Prevention, Email Relay Testing. . LinuxSecurity.com Team
Nov 17, 2003
•
Server Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More