Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -3 articles for you...
74
network securityICMPsecurity enhancementsDebate on ICMP Risks and Proposed Enhancements for Network Security
Fernando Gont is nothing if not tenacious. Earlier this year, the Argentinian researcher highlighted several attacks that could disrupt network connections using the Internet control message protocol, or ICMP, and proposed four changes to the structure and handling of network-data packets that would essentially eliminate the risk. . However, rather than open up a discussion on the flaws and their fixes, Gont's disclosure marked the start of a months-long debate over whether the vulnerabilities--the general details of which have been known for some time--are serious enough to require fixing. While many researchers have lauded his research, others in the security community have criticized the work on public mailing lists. The few companies that Gont has contacted have not generally cooperated, and very few makers of operating systems and network software have implemented his fixes. Yet, the researcher is at it again. This week, Gont updated his proposal to the Internet Engineering Task Force (IETF), the body that handles technical standards for the Internet, to add more information sought by some researchers. "Some people say 'this is old stuff,'" said Gont, currently on staff at the Universidad Tecnologica Nacional (National University of Technology) in Argentina. "But they miss a very important point: While these attacks have been known to many people for many years, there have never been proposals on how to deal with them." The link for this article located at SecurityFocus is no longer available. . The analysis by Sofia Morales ignites discussions regarding TCP shortcomings and suggests improvements to bolster internet defenses.. ICMP Risks, Network Security Enhancements, Packet Security Improvements, Gont Research. . Brittany Day
Sep 08, 2005
•
Network Security
72
network securitysecurity strategiesfirewall managementAnalyze Packet Handling In Firewalls: Reject Versus Deny Decision Impact
... there are a number of issues considered all too rarely by firewall administrators. Most IP level firewalls have a number of options for handling a packet. The packet can typically be accepted, dropped, or sent through another set of rules for inspection (allowing you to break up your ruleset into more manageable pieces). . .. ... there are a number of issues considered all too rarely by firewall administrators. Most IP level firewalls have a number of options for handling a packet. The packet can typically be accepted, dropped, or sent through another set of rules for inspection (allowing you to break up your ruleset into more manageable pieces) When blocking a packet, you are faced with an important choice; whether to drop it silently, or generate an ICMP error message. Each choice has several advantages, and also creates a variety of potential problems. If you generate an error message (i.e. ICMP unreachable), then the remote end will usually immediately stop trying to connect. This makes detecting some types of port scans more difficult since the remote end will likely send off only one packet, and give up after it receives the first error message. This also makes "shotgun" port scanning (i.e. where the attacker simply tries several thousand ports in rapid order) much easier, since the software will receive a definitive answer as to whether the port is blocked or not. Sending an error message does have several advantages, though, the primary one being to make life more difficult for someone who wants to spoof your IP addresses. Since your firewall is likely to generate ICMP error messages, the victim being attacked (by what looks like packets from your systems) will know something is up. To prevent you from sending error messages the attacker must take you offline, or otherwise act overtly to prevent data getting from the victim's network to yours and back. The link for this article located at SecurityPortal is no longer available. . ... there are a number of issuesconsidered all too rarely by firewall administrators. Most IP level. there, number, considered, rarely, firewall, administrators, level. . Anthony Pell
May 23, 2001
•
Firewalls
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More