Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 4 articles for you...
210
security advisoryupdatemalwareWireshark Security Alert: Malware Risk From Packet Capture Files
Maliciously constructed Wireshark packet capture files might be used to distribute malware , providing recipients can be tricked into double clicking file URL fields. A CVE has been assigned to the security issue (now resolved through a recent update) due its potential for harm, despite the fact that some social engineering trickery is required. . Variants of the same attack could potentially be thrown against users of the popular network security tool, widely used by security analysts and penetration testers, whether they use Windows or Xubuntu Linux-based systems. The attack, discovered by security researcher Lukas Euler of Positive Security , is explained in a recent post on GitLab that features proof-of-concept videos. Even though developers of Wireshark normally avoid asking for a CVE to be created for potential security issues that require user interaction, an exception was made in this case because of the “low barrier to entry and level of control” an attacker might gain. The issue, tracked as CVE-2021-22191 , was resolved through a recent update. . Alterations of a breach could target individuals employing popular cybersecurity solutions, increasing the dangers of malware propagation.. Network Attack Vectors, Wireshark Security Risks, Malware Distribution. . Brittany Day
Mar 16, 2021
•
Security Vulnerabilities
79
traffic analysispacket capturenetwork analysisTShark: Powerful Tool for Live and Archived Network Analysis
Tshark is actually part of the Wireshark package, and has some similar functionality. It does some cool stuff though so I thought it. TShark is a network protocol analyzer. It lets you capture packet data from a live network, or read packets from a previously saved capture file, either printing a decoded form of those packets to the standard output or writing the packets to a file. TShark The link for this article located at Darknet UK is no longer available. . Tcpdump serves as a utility that intercepts real-time packet information or examines earlier recorded sessions effectively.. Tshark Tool, Network Packet Capture, Traffic Analysis Tool. . LinuxSecurity.com Team
Aug 23, 2010
•
Security Projects
74
tcpdumppacket capturenetwork analysisCapture Network Packets Remotely Using Cisco Router and Tcpdump
Have you ever thought about your routers. I mean - *really* thought about them? They think all day long, processing all of the packets in and out of your company. PC's with almost any operating system can be configured with tcpdump or windump (with wireshark or whatever gui you'd care to hang in front of it) to do packet capture an analysis. But if the traffic you are trying to capture is halfway across the world (or maybe closer but still too far to drive), can you use your router to capture packets in a standard libpcap format? As you've probably guessed, the answer is YES, or else there The link for this article located at SANS is no longer available. . PC's with almost any operating system can be configured with tcpdump or windump (with wireshark or w. thought, about, routers, *really*, think. . Anthony Pell
Nov 20, 2009
•
Network Security
74
network monitoringopen sourceLinux toolEssential Guide to Wireshark for Linux Network Analysis
Previously, we. The link for this article located at ITWire is no longer available. . Investigate network traffic with Wireshark, the free software designed for packet sniffing on Unix-based platforms.. Wireshark Tool, Linux Administration, Packet Analysis. . Bill Locke
Oct 29, 2007
•
Network Security
74
network securitydns attackddos attackDNS Amplification Attacks: Understanding DDoS Threats and Mechanics
This paper outlines a Distributed Denial of Service (DDoS) attack which abuses open recursive Domain Name System (DNS) name servers using spoofed UDP packets. Our study is based on packet captures and logs from attacks reported to have a volume of 2.8Gbps. We study this data in order to further understand the basics of the reported recursive name server amplification attacks which are also known as DNS amplification or DNS reflector attacks. One of the networks under attack, Sharktech, indicated some attacks have reached as high as 10Gbps and used as many as 140,000 exploited name servers. In addition to the increase in the response packet size, the large UDP packets create IP protocol fragments. Several other responses also contribute to the overall effectiveness of these attacks. . The link for this article located at ISOTF is no longer available. . This examination uncovers details about NTP reflection assaults, their functioning, and repercussions on cybersecurity infrastructure.. DNS Attack,DDoS Amplification,Packet Capture,Network Security. . Benjamin D. Thomas
Apr 20, 2006
•
Network Security
74
networkingpacket captureopen source toolEttercap: An Effective LAN Tool for Packet Sniffing and Monitoring
There are very few open source tools I’ve yet to see that are more useful then Ettercap. What is Ettercap, you may ask? I’ll tell you. Ettercap is a Ethernet/LAN Sniffer. It allows you to sniff packets on a LAN network, but that’s not the kicker. Ettercap can sniff packets on a switched network. There are two major devices used to connect computers together. A Hub, and a Switch. A hub is a dumb device. It takes the data it receives in one port and simply sends it out all the other ports on the unit, regardless of the destination. Thus, sniffing traffic on a hub is relatively easy- all you have to do is “listen. The link for this article located at SailingCrusade.com is no longer available. . Discover Ettercap, an advanced open-source tool designed for packet capturing and network analysis, boasting a range of functionalities perfect for monitoring and securing networks.. Ethernet Sniffer, Ettercap Tool, Network Capture, Open Source Monitoring. . Benjamin D. Thomas
Mar 10, 2006
•
Network Security
74
network monitoringtraffic analysisperformance improvementImproving Packet Capture Methods for Gigabit Network Monitoring
Passive packet capture is necessary for many activities including network debugging and monitoring. With the advent of fast gigabit networks, packet capture is becoming a problem even on PCs due to the poor performance of popular OSs. The introduction of device polling has improved the capture process quite a bit but not really solved the problem. This paper proposes a new approach to passive packet capture that combined with device polling further improves it and allows, on fast machines, packets to be captured at (almost) wire speed. . . .. Passive packet capture is necessary for many activities including network debugging and monitoring. With the advent of fast gigabit networks, packet capture is becoming a problem even on PCs due to the poor performance of popular OSs. The introduction of device polling has improved the capture process quite a bit but not really solved the problem This paper proposes a new approach to passive packet capture that combined with device polling further improves it and allows, on fast machines, packets to be captured at (almost) wire speed. 1.Introduction Many network monitoring tools are based on passive packet capture. The principle is the following: the tool passively captures packets flowing on the network and analyzes them in order to compute traffic statistics and reports including network protocols being used, communication problems, network security and bandwidth usage. Many network tools that need to perform packet capture. Tcpdump, ethereal, and snort are based on a popular programming library called libpcap [libpcap] that provides a high level interface to packet capture. The main library features are: * Ability to capture from various network media such as ethernet, serial lines, virtual interfaces. * Same programming interface on every platform. * Advanced packet filtering capabilities based on BPF (Berkeley Packet Filtering), implemented into the OS kernel for better performance. Depending on the operating system, libpcap implements a virtual device from whichcaptured packets are read from user-space applications. Despite different platforms provide the very same API, the libpcap performance changes significantly according to the platform being used. On low traffic conditions there is no big difference among the various platforms, whereas at high speeds the situation changes significantly. The following table shows the outcome of some tests performed using a traffic generator [tcpreplay] on a fast host (Dual 1.8 GHz Athlon, 3Com 3c59x ethernet card) that sends packets to a mid-range PC (VIA C3 533 MHz, Intel 100Mbit ethernet card) connected over a 100 Mbit Ethernet switch (Cisco Catalyst 3548 XL) that is used to count the real number of packets sent/received by the hosts. The traffic generator reproduces at full speed (~80K pkt/sec) some traffic that has been captured previously, whereas the capture application is a simple application named pcount based on libpcap that counts and discards, with no further analysis, the captured packets. The link for this article located at net-security.org is no longer available. . The latest advancements in passive packet capture enhance high-speed network monitoring, using state-of-the-art hardware and machine learning for efficiency and real-time anomaly detection. Passive Packet Capture, Network Monitoring, Libpcap, Device Polling. . Anthony Pell
Jan 09, 2004
•
Network Security
81
cybersecurity techniquespacket captureFBI programFBI Internet Surveillance Expansion: Comprehensive Packet Capture Insights
Expect the FBI to expand its Internet wiretapping program, says a source familiar with the plan. Stewart Baker, a partner with law firm Steptoe & Johnson, is a former general counsel to the National Security Agency. He says the FBI has . . . . Expect the FBI to expand its Internet wiretapping program, says a source familiar with the plan. Stewart Baker, a partner with law firm Steptoe & Johnson, is a former general counsel to the National Security Agency. He says the FBI has spent the last two years developing a new surveillance architecture that would concentrate Internet traffic in several key locations where all packets, not just e-mail, could be wiretapped. It is now planning to begin implementing this architecture using the powers it has under existing wiretapping laws. The FBI has acknowledged a program called Carnivore, which sniffs e-mail messages, but the new program is more extensive, Baker says. The link for this article located at Interactive Week is no longer available. . CIA aims to enhance its data collection efforts, targeting advanced digital monitoring strategies.. FBI Surveillance, Internet Wiretapping, Cybersecurity Policy. . LinuxSecurity.com Team
Oct 22, 2001
•
Privacy
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More