Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 1 articles for you...
83
security advisorybuffer overflownetwork exploitationD-Link Router: Buffer Overflow Risk Due to UPnP M-SEARCH Request
eEye Digital Security has reported a vulnerability in various D-Link routers, which can be exploited by malicious people to compromise a vulnerable network device. . The vulnerability is caused due to a boundary error in the UPnP service when processing "M-SEARCH" requests. This can be exploited to cause a stack-based buffer overflow by sending an "M-SEARCH" request with an overly long string (about 800 bytes) to port 1900/UDP. The link for this article located at Secunia.com is no longer available. . The vulnerability is caused due to a boundary error in the UPnP service when processing 'M-SEARCH' r. digital, security, reported, vulnerability, various, d-link, routers, which, exploited. . LinuxSecurity.com Team
Jul 17, 2006
•
Hacks/Cracks
74
cyber threatsnetwork exploitationgoogle hackingUnderstanding Google Hacking and Network Vulnerabilities
Although security software can identify when an attacker is performing reconnaissance work on a company's network, attackers can find network topology information on Google instead of snooping for it on the network they're studying, he said. This makes it harder for the network's administrators to block the attacker. "The target does not see us crawling their sites and getting information," he said. . Often, this kind of information comes in the form of apparently nonsensical information -- something that Long calls "Google Turds." For example, because there is no such thing as a Web site with the URL (Uniform Resource Locator) "nasa," a Google search for the query "site:nasa" should turn up zero results. instead, it turns up what appears to be a list of servers, offering an insight into the structure of Nasa's (the U.S. National Aeronautics and Space Administration's) internal network, Long said. Combining well-structured Google queries with text processing tools can yield things like SQL (Structured Query Language) passwords and even SQL error information. This could then be used to structure what is known as a SQL injection attack, which can be used to run unauthorized commands on a SQL database. "This is where it becomes Google hacking," he said. "You can do a SQL injection, or you can do a Google query and find the same thing." Although Google traditionally has not concerned itself with the security implications of its massive data store, the fact that it has been an unwitting participant in some worm attacks has the search engine now rejecting some queries for security reasons, Long said. "Recently, they've stepped into the game." The link for this article located at InfoWorld is no longer available. . Discover how Google can be exploited for intelligence gathering, revealing weaknesses in networks and facilitating breaches such as cross-site scripting.. Google Hacking,Cybersecurity Strategies,Network Exploitation,SQL Injection. . Brittany Day
Aug 02, 2005
•
Network Security
78
network exploitationsecurity insightscisco routerExploiting Cisco Routers: Configuration and Penetration Insights
Welcome back! The first article in this two-part series covered a few different methods of getting into the target router. This article will focus on what we can do once we've gotten in. For the remainder of this article, we'll assume . . . . Welcome back! The first article in this two-part series covered a few different methods of getting into the target router. This article will focus on what we can do once we've gotten in. For the remainder of this article, we'll assume that the only progress we've made is that we've gotten the below router config via the vulnerable HTTP server. At this point, Access Control Lists (ACLs) prevent us from logging in directly to the router. As imagined, router config files can give the penetration tester a TON of useful information. One can identify new targets, identify sensitive systems or networks by analyzing the ACLs, learn passwords that may be used elsewhere, and a bunch of other information. The link for this article located at SecurityFocus is no longer available. . Discover sophisticated techniques for optimizing Cisco routers, using configuration data in penetration testing to exploit protocol weaknesses and reveal unseen network resources. Cisco Routers, Exploitation Technique, Network Analysis, Security Insights. . LinuxSecurity.com Team
Dec 02, 2003
•
Vendors/Products
78
network exploitationpen testingCisco routersIdentifying Weak Configurations In Cisco Routers: A Detailed Guide
This three-part article will focus on identifying and exploiting vulnerabilities and poor configurations in Cisco routers. We will then discuss the analysis of the router configuration file and will attempt to leverage this access into other systems. Additionally, we will cover . . . . This three-part article will focus on identifying and exploiting vulnerabilities and poor configurations in Cisco routers. We will then discuss the analysis of the router configuration file and will attempt to leverage this access into other systems. Additionally, we will cover the possibilities of what one may do once access to the device has been achieved. We chose to focus this article on Cisco routers due to their overwhelming market share. Pen testers may often go after the more glamorous or fun systems to hack, such as the vulnerable Solaris 8 system, or the Microsoft 2000 server vulnerable to the slew of recent RPC DCOM holes, leaving the core network infrastructure devices alone. I would caution the pen tester to think twice about overlooking these critical systems, for these are the proverbial keys to the kingdom. "So what that the telnet service is accessible to everyone on the Internet", or "I need SNMP open in order to manage my devices", the client may say. These two services alone (though not necessarily vulnerable because of bugs in the code) will usually give a pen tester (or attacker) more than enough opportunities to compromise the device. As important as these network devices are to the overall security, reliability, and availability of the network, it is pertinent that the pen tester takes a good, hard look at them before blessing them as being secure. The link for this article located at SecurityFocus is no longer available. . This three-part article will focus on identifying and exploiting vulnerabilities and poor configurat. three-part, article, focus, identifying, exploiting, vulnerabilities, configurat. . LinuxSecurity.com Team
Oct 01, 2003
•
Vendors/Products
74
network exploitationsecurity solutionswireless securityCyber Guerillas: Identifying Latest Threats to Wireless Security
Cyber guerillas are the newest breed of hackers. They love to hunt and sniff the air for signals emitted from the wireless handheld devices that you use to connect primarily with the WLAN. They then exploit the vulnerable network to launch . . . . Cyber guerillas are the newest breed of hackers. They love to hunt and sniff the air for signals emitted from the wireless handheld devices that you use to connect primarily with the WLAN. They then exploit the vulnerable network to launch an attack. In this article, Judith talks about who the cyber guerillas are and where you will most likely meet them. Additionally, she'll cover the various wireless security issues and describe how they use the tools of the trade to intercept, intrude upon, and attack the unprotected wireless traffic. Finally, a brief discussion about the VPN support, followed by a list of the shortcomings of mobile devices -- with suggested solutions to overcome them, of course. They are cyber spies that were the stuff of fiction you read a decade ago, but now they can spring right at you out of Jack's proverbial box if you are not careful -- especially when you use your Palm or other wireless mobile device on the road. They are the cyber version of the urban guerillas you read about in the newspapers. Cyber guerillas intend to deny or destroy wireless services for legitimate users, and as such, are more of a danger, even, than hackers. Hackers, or intruders, know ahead of time where the signals emanating from wireless networks (WLAN and mobile) are (see C. C. Palmer's "Ethical Hacking"). They use the trade tools to listen to actual packet flow in a vulnerable network and then break into the intended system targets. Cyber guerillas, on the other hand, search for signals in the spectrums and then use hacking tools to decrypt the transmissions. The link for this article located at IBM is no longer available. . Explore the realm of digital saboteurs, the new wave of cybercriminals targeting Wi-Fi systems. Uncover their tactics and learn how tosafeguard your networks. Wireless Security, Network Exploitation, Mobile Threats, Cyber Guerillas, VPN Solutions. . Anthony Pell
Sep 09, 2003
•
Network Security
74
network exploitationwireless securityhacking toolAirSnort: The Hacking Tool Exploiting WEP Risks In Wireless LANs
IT managers and security experts have expressed alarm at a new hacking tool for accessing supposedly secure wireless local area networks (WLANs), which is freely available on the Internet. The tool, called AirSnort, can recover encryption keys used to protect data . . . . IT managers and security experts have expressed alarm at a new hacking tool for accessing supposedly secure wireless local area networks (WLANs), which is freely available on the Internet. The tool, called AirSnort, can recover encryption keys used to protect data sent over wireless networks by exploiting flaws in the Wired Equivalent Privacy (WEP) security protocol, used to encrypt data carried on 802.11b WLANs. Earlier this year, IT Week Labs found that current WEP offerings were inadequate for securing data. The link for this article located at ZDNet is no longer available. . A recent cybersecurity software, SkySiphon, has caused concern among network administrators for taking advantage of weaknesses in Wi-Fi security.. Wireless LAN Threats,Hacking Tools,WEP Security Issues,Data Encryption Risks,AirSnort Vulnerability. . Anthony Pell
Aug 28, 2001
•
Network Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More