Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -3 articles for you...
77
apacheconfigurationweb serverIIS vs Apache: Security Analysis and Server Configuration Comparison
Not long ago, Web administrators didn't have a great deal of input into their organization's Web server platform. If they worked in a Windows shop, they ran Microsoft's Internet Information Server (IIS), while those in Linux/Unix shops were tied to Apache, and never the twain did meet. However, times have changed and the Apache HTTP Server Project has broken down the walls by releasing a Windows distribution of the Web server that traces its historic roots to the original NCSA httpd server. There are now two "big kids on the block" and Windows administrators, at least, have some flexibility. (Don't expect Microsoft to release IIS for Linux anytime soon!) . From a security perspective, the choice is debatable. Here are four factors that might sway your decision on the most secure platform for your organization: Inherent server vulnerabilities. Despite the bad press Microsoft receives, the platforms are almost equally vulnerable to attacks. A recent search in the CERT Vulnerability Database yielded 28 hits for IIS vulnerabilities and 25 separate announcements of Apache vulnerabilities. That's as close as you get to a horse race in the information security world. The link for this article located at TechTarget.com is no longer available. . When choosing between IIS and Apache for web hosting, it's important to assess their security mechanisms, default settings, patch management, and more for informed decisions. IIS Security, Apache Web Server, Security Analysis, Web Server Comparison. . LinuxSecurity.com Team
Aug 16, 2005
•
Server Security
83
security advisorybuffer overflowremote accessIIS: Secret Exploit Tool Creates High Risk For Administrators
Security professionals are concerned that a program used by hackers to exploit a flaw in Microsoft IIS webserver has not been made public. They fear that the hackers are keeping the tool secret in a bid to launch further damaging IIS . . . . Security professionals are concerned that a program used by hackers to exploit a flaw in Microsoft IIS webserver has not been made public. They fear that the hackers are keeping the tool secret in a bid to launch further damaging IIS attacks. The latest in a long line of vulnerabilities in IIS was discovered last week, when it was revealed that a remote buffer overflow in all versions of IIS Internet Services API could be exploited to give an attacker complete control of a system. But the security community is worried that hackers may be hanging on to the tool used for exploiting this hole, rather than releasing it for analysis so that a patch can be developed. Typically, when a hole is discovered, a tool capable of exploiting the glitch appears within 48 hours, encouraging administrators to patch their systems quickly. But so far, no such tool has appeared to push administrators into gear, although rumour has it that hackers are in possession of such a program, potentially leaving the six million users of IIS at risk. Security firm @stake warned that administrators are less likely to react to an advisory if there is no exploit tool available. Hackers thrive on a lack of awareness in security and, by keeping the exploit tool underground, network administrators could be lulled into a false sense of security. [ All of article content ] The link for this article located at vnunet is no longer available. . Security professionals are concerned that a program used by hackers to exploit a flaw in Microsoft I. security, professionals, concerned, program, hackers, exploit, microsoft. . LinuxSecurity.com Team
Jun 25, 2001
•
Hacks/Cracks
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More