Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 0 articles for you...
72
firewallopenbsdpacket filterExploring PF in OpenBSD: Essential Traffic Filtering and NAT Features
Packet Filter (from here on referred to as PF) is OpenBSD's system for filtering TCP/IP traffic and doing Network Address Translation. PF is also capable of normalizing and conditioning TCP/IP traffic and providing bandwidth control and packet prioritization. PF has been a part of the GENERIC OpenBSD kernel since OpenBSD 3.0. Previous OpenBSD releases used a different firewall/NAT package which is no longer supported.. . .. Packet Filter (from here on referred to as PF) is OpenBSD's system for filtering TCP/IP traffic and doing Network Address Translation. PF is also capable of normalizing and conditioning TCP/IP traffic and providing bandwidth control and packet prioritization. PF has been a part of the GENERIC OpenBSD kernel since OpenBSD 3.0. Previous OpenBSD releases used a different firewall/NAT package which is no longer supported. PF was originally developed by Daniel Hartmeier and is now maintained and developed by Daniel and the rest of the OpenBSD team. This set of documents is intended as a general introduction to the PF system as run on OpenBSD. It is intended to be used as a supplement to the man pages, not as a replacement for them. This document does not cover all of PF's features and may not be as up to date as the man pages are. As with the rest of the FAQ, this document is focused on users of OpenBSD 3.3. As PF is always growing and developing, there are changes and enhancements between the 3.3-release version and the version in OpenBSD-current. The reader is advised to see the man pages for the version of OpenBSD they are currently working with. . The IP Filter is a powerful tool within FreeBSD that allows precise control over TCP/IP data flows, bolstering network security and optimizing throughput.. OpenBSD, Packet Filtering, NAT, TCP/IP, Security Tool. . Anthony Pell
May 07, 2003
•
Firewalls
72
network securitydebianfirewallDebian Firewall Configuration: IP Masquerading for Safe Internet Sharing
John Gowin wrote in about using IP masquerading and Debian to build a simple firewall. "This tutorial will give you the necessary steps to turn one of your old PCs into a firewall with IP Masquerading, using a popular Linux distribution. I will leave it to you to get and install Debian onto your machine and work out connectivity to your ISP, then I will guide you through a kernel compile and install. . .. John Gowin wrote in about using IP masquerading and Debian to build a simple firewall. "This tutorial will give you the necessary steps to turn one of your old PCs into a firewall with IP Masquerading, using a popular Linux distribution. I will leave it to you to get and install Debian onto your machine and work out connectivity to your ISP, then I will guide you through a kernel compile and install - which is necessary to enable features in the 2.4.x series kernels which allow your Linux machine to act as a firewall. IP Masquerading is a type of network address translation (NAT) in the Linux kernel which allows packets (chunks of formatted data) from an internal machine to appear to be coming from the public interface of the firewall. This allows machines on the local network to assume the address of the firewall when communicating on the internet, thereby making them "hidden" from attackers." The link for this article located at LinuxOrbit is no longer available. . Master the setup of a firewall on Debian GNU/Linux utilizing IP masquerading for safe internet distribution.. Firewall Configuration, Debian Security, IP Masquerading, Linux Networking. . Anthony Pell
Jul 09, 2002
•
Firewalls
67
security advisorynetwork address translationfirewall standardIETF Proposal: Firewall Standard for VPN Interoperability
In a bid to make it easier for firewalls to interoperate with virtual private networks (VPNs), the Internet Engineering Task Force (IETF) is considering a standard for network address translation (Nat). At a recent meeting in London, the IETF reviewed a . . . . In a bid to make it easier for firewalls to interoperate with virtual private networks (VPNs), the Internet Engineering Task Force (IETF) is considering a standard for network address translation (Nat). At a recent meeting in London, the IETF reviewed a proposed standard for Nat that would determine how IP Security VPN tunnels should pass through firewalls and other Nat devices. The proposal, which is a combination of suggestions by companies including Microsoft and Cisco Systems, outlines how the IP Security traffic would be enclosed within a user datagram protocol header before Nat takes place. The link for this article located at vnunet is no longer available. . The IETF is working to standardize firewalls and VPNs, ensuring efficient traffic management, enhanced security, and improved interoperability for network integration. VPN Interoperability, Firewall Integration, Network Standards. . LinuxSecurity.com Team
Aug 30, 2001
•
Cryptography
72
openbsdnetwork filteringpacket controlUnderstanding IPFilter Packet Control And NAT Features in OpenBSD
What is IPFilter? Very simply, a package for permitting (or passing) and denying IP packets based on a range of criteria. It can also provide Network Address Translation (NAT) services, if desired. The IPFilter web site has more details. . . .. What is IPFilter? Very simply, a package for permitting (or passing) and denying IP packets based on a range of criteria. It can also provide Network Address Translation (NAT) services, if desired. The IPFilter web site has more details. The available rules range from quite simple -- for example, deny all traffic on any interface; to relatively complex -- pass and log all ICMP traffic of type ICMP-QUERY from the 199.232.41.24/29 subnet on interface fxp0. Each rule is one-way only, meaning you can block inbound HTTP requests without disrupting outbound requests. When bridging two cards together, OpenBSD's bridge device only checks incoming filter rules. Bidirectional rules are easily created by setting the inbound rules on the other NIC. The link for this article located at Read this full article is no longer available. . What is IPFilter? Very simply, a package for permitting (or passing) and denying IP packets based on. ipfilter, simply, package, permitting, passing), denying, packets, based. . Anthony Pell
Aug 08, 2001
•
Firewalls
74
firewall setupgateway configurationnetwork address translationSecure Internet Gateway Setup With NAT For Multiple Machines
If you have several machines in your home or office network, make the other machines use it. With NAT (or "IP masquerading", as it's called in another universe), multiple machine can be hidden behind one gateway machine. The machines behind the . . . . If you have several machines in your home or office network, make the other machines use it. With NAT (or "IP masquerading", as it's called in another universe), multiple machine can be hidden behind one gateway machine. The machines behind the gateway can use their own, private network numbers (usually form the 10/24 or 192.168/16 subnets), and the gateway will translate the private, internal addresses to the public, external address of the gateway machine (hence NAT => Network Address Translation, see Image #3). Any replies made to requests sent out will be translated before sent back to the client. One of the characteristics of this scheme is that a client machine needs to establish a connection, and no outside machine can connect beyond the NAT gateway. From the security point of view this is absolutely desirable. From a practical view, it might be needed to forward single ports to inside machines, e.g. to let them handle WWW or FTP requests. The link for this article located at BSDToday is no longer available. . Utilize NAT to bolster cybersecurity by efficiently handling various devices in your personal or workplace network.. NAT Security, Network Configuration, Home Networking. . Anthony Pell
Feb 13, 2001
•
Network Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More