Security Vulnerabilities 
malware linux
malware linux IronWorm steals credentials and uses them to spread beyond the original victim, turning developer access into a supply chain risk. . A new campaign targeting npm has evolved past simple credential theft. Researchers identified IronWorm, a self-spreading threat. It harvests high-value Linux development secrets—SSH keys, cloud tokens, package publishing credentials. One compromised workstation becomes a launchpad for downstream supply chain attacks. This is not a get-in-and-get-out operation....
Jun 08, 2026
Network Securitysystem security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 8 articles for you...
74
network securitydata protectionpacket analysisHow To Secure Your Data: Sniffing Network Traffic Using Wireshark
The internet is inherently insecure. Whenever you send data across it, there is a chance that that data could be sniffed, and someone could end up with your personal data. Hopefully once you've read this article, you'll have a better understanding of how to prevent this from happening.. When data travels through the internet, it needs to pass through multiple connections to get to its final destination. Most people don't realise that the data can be read by any machine it passes through on this journey. With the right tools, you can sniff this data yourself, and any data that passes through your network. This is because most networks actually send data intended for anyone on that network to all machines on your network, and your computer will ignore anything that's not meant for it. This is especially true for most wireless networks, even networks that are 'secured' with WEP/WPA. The link for this article located at Tux Radar is no longer available. . Learn methods to safeguard your information from interception while using unsecure internet links by utilizing Wireshark.. Wireshark, Network Security, Data Privacy, Sniffing Tools, Packet Analysis. . Alex
Jan 12, 2010
•
Network Security
74
packet analysistoolsdata extractionIn-Depth Exploration of CDPSnarf for CDP Packet Analysis
CDPSnarf is a network sniffer exclusively written to extract information from CDP packets. It provides all the information a . The link for this article located at Darknet.org is no longer available. . Dive into CDPSnarf, an advanced utility for harvesting information from CDP packets, and elevate your abilities in network analysis.. CDP Tools, Packet Analysis, CDPSnarf, Network Monitoring, Data Sniffer. . Brittany Day
Apr 30, 2008
•
Network Security
74
network securitypacket analysisicmpExploring DNS and ICMP Challenges Through Unique Packet Analysis
This time around, packets from one of my own DNS servers. If you would like to follow along, you can find the full unobfuscated packet trace here. (quick update... turns out that the router and DNS queries involved are part of www.nlnetlabs.nl, a network research labs that does experiment with DNS servers... so maybe this is all some side effect of an experiment they are running. Thanks to Don for pointing this out to me. After visiting their website, I did see a number of similar ICMP admin prohibited packets with flipped fragmentation bytes, but the embeded packet's source port was 80! . The link for this article located at SANS is no longer available. . Explore packet scrutiny, focusing on DNS evaluations and ICMP trials. Understanding these protocols uncovers networking challenges and helps optimize efficiencies.. Packet Analysis,DNS Issues,ICMP Operations,Network Security,Data Experimentation. . Benjamin D. Thomas
Nov 14, 2006
•
Network Security
74
network monitoringthreat detectiontraffic analysisEnhance Network Monitoring With IPAudit Tool for Threat Detection
IPAudit is a handy tool that will allow you to analyze all packets entering and leaving your network. It listens to a network device in promiscuous mode, just as an IDS sensor would, and provides details on hosts, ports, and protocols. It can be used to monitor bandwidth, connection pairs, detect compromises, discover botnets, and see whos scanning your network. When compared to similar tools, such as Cisco System's Netflow it has many advantages (see the SecurityFocus articles on Netflow, part 1 and part 2). It is easier to setup than Netflow, and if you install it on your existing IDS sensors, there is no extra hardware to purchase. Since it captures traffic from a span port, it does not require that you modify the configuration of your networking equipment, or poke holes in firewalls for Netflow data. . The link for this article located at Security Focus is no longer available. . The link for this article located at Security Focus is no longer available.. ipaudit, handy, allow, analyze, packets, entering, leaving, network. . Brittany Day
Jul 03, 2006
•
Network Security
74
network monitoringtraffic analysispacket analysisSemantic Traffic Analyzer: Efficient Packet Inspection on Linux
The equipment that technician Mark Klein learned was installed in the National Security Agency's "secret room" inside AT&T's San Francisco switching office isn't some sinister Big Brother box designed solely to help governments eavesdrop on citizens' internet communications. Rather, it's a powerful commercial network-analysis product with all sorts of valuable uses for network operators. It just happens to be capable of doing things that make it one of the best internet spy tools around. . "Anything that comes through (an internet protocol network), we can record," says Steve Bannerman, marketing vice president of Narus, a Mountain View, California, company. "We can reconstruct all of their e-mails along with attachments, see what web pages they clicked on, we can reconstruct their (voice over internet protocol) calls." Narus' product, the Semantic Traffic Analyzer, is a software application that runs on standard IBM or Dell servers using the Linux operating system. It's renowned within certain circles for its ability to inspect traffic in real time on high-bandwidth pipes, identifying packets of interest as they race by at up to 10 Gbps. The link for this article located at Wired News is no longer available. . Unveil the powerful Contextual Network Inspector, a Unix-oriented solution for instantaneous data packet evaluation tailored for network managers.. Network Monitoring, Traffic Analysis, Packet Analysis. . Brittany Day
May 17, 2006
•
Network Security
74
network monitoringopen source toolscompetitive analysisWildPackets Strategies Against Open Source Network Monitoring Competition
The lure of open source is strong, and it's starting to be felt by the traditional network monitoring and analysis companies - but they are finding ways to fight back, according to Janice Spampinato, VP international at WildPackets. "Packet analysis tools are very much a commodity now," she says. "Ethereal and the like has taken the legs off the portable market, so thank goodness we decided to go for the distributed market." . In her view, companies such as WildPackets still have an important edge, not least because they have R&D money to invest: "The free tool expands the network analysis market, and it keeps us honest. They now do voice too, so it keeps us developing the right things that people want to see in our products. The link for this article located at TechWorld is no longer available. . WildPackets can thrive amidst rising open-source competition by enhancing product features, offering robust support, forming strategic partnerships, and promoting security.. Network Monitoring, Open Source Tools, Packet Analysis, Competitive Challenges. . Benjamin D. Thomas
Nov 18, 2005
•
Network Security
74
network securitynetwork monitoringsecurity toolAnalyze Network Traffic With Ngrep Tool for Enhanced Security
Constant monitoring and troubleshooting are key to maintaining a network's availability. With ngrep, you can analyze network traffic in a manner similar to that of other network sniffers. However, unlike its brethern, ngrep can match regular expressions within the network packet payloads. By using its advanced string matching capabilities, ngrep can look for packets on specified ports and assist in tracking the usernames and passwords zipping off the network, as well as all Telnet attempts to the server. . Ngrep uses the libpcap library, and can also take hexadecimal expressions for which to capture network traffic. It supports TCP, UDP, ICMP, IGMP, and Raw protocols across Ethernet, PPP, SLIP, FDDI, Token Ring, 802.11, and null interfaces. In addition to listening to live traffic, ngrep can also filter previous tcpdump grabs. Author Jordan Ritter says that ngrep has traditionally been used to debug plaintext protocol interactions such as HTTP, SMTP, and FTP; to identify and analyze anomalous network communications, such as those between worms, viruses, and zombies; and to store, read, and reprocess pcap dump files while looking for specific data patterns. You can also use ngrep to do the more mundane plaintext credential collection, as with HTTP basic authentication or FTP or POP3 authentication. Like all tools, it can be useful in the right hands and damaging if used by those with less than admirable intentions. The link for this article located at NewsForge is no longer available. . Ngrep uses the libpcap library, and can also take hexadecimal expressions for which to capture netwo. constant, monitoring, troubleshooting, maintaining, network', availability, ngrep. . Brittany Day
Jul 20, 2005
•
Network Security
83
network securityintrusion detectionpacket analysisAnalyzing Public Exploits And Intrusion Detection Techniques
The first part of this article series set out to create an environment that allowed readers to examine a public exploit as it was sent across the network. The purpose of this exercise is to help the reader understand the complex world of intrusion detection and low-level packet analysis, so that he can better secure his network. . . .. The first part of this article series set out to create an environment that allowed readers to examine a public exploit as it was sent across the network. The purpose of this exercise is to help the reader understand the complex world of intrusion detection and low-level packet analysis, so that he can better secure his network. In part one we setup a lab environment using two machines and a set of tools which included Snort, Snortsnarf, Tcpdump, and libpcap (or windump and winpcap for Windows environments). Once the lab was setup, we built an exploit using publicly available source code, and then sent this binary from one test machine to the other. This action triggered an alert with our IDS, Snort, and prompted us to do some low level packet analysis to see what was going on. With the necessary tools and machines in place, and with our exploit having triggered numerous alerts as shown below, there was only time to discuss the first alert, which turned out to be a false positive (a false alarm). Now we will continue our analysis and analyze the final four alerts that were generated in Snort. Readers are encouraged to review part one of this article series, to understand how this was generated with snortsnarf, before continuing on. The link for this article located at is no longer available. . The first part of this article series set out to create an environment that allowed readers to exami. first, article, series, create, environment, allowed, readers, exami. . LinuxSecurity.com Team
Sep 15, 2004
•
Hacks/Cracks
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More