Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 5 articles for you...
78
security advisorySELinuxsystem protectionopenSUSE Tumbleweed: SELinux Adoption Enhances Security Measures
openSUSE Tumbleweed is taking an innovative step toward improving security by transitioning from AppArmor to SELinux for new installations, which aligns with other major Linux distributions that already utilize its comprehensive policy enforcement capabilities. This move brings Tumbleweed closer to other major Linux distributions using this powerful, flexible policy enforcement method. . For us Linux security admins, this transition is an opportunity to increase system protection via SELinux's more detailed access controls. Still, it also introduces an additional learning curve as its configuration and management can be more complicated than AppArmor. Existing Tumbleweed installations will continue to run on AppArmor for greater flexibility and enable administrators to select an ideal time and date to switch. To help you understand and prepare for this transition, I'll discuss the security benefits of SELinux and the implications of this transition for Tumbleweed users. Understanding the Shift AppArmor has long been the default system security framework on Linux distributions, widely recognized for its ease of use and simplicity. However, openSUSE Tumbleweed developers recently opted for a more complex SELinux system instead because of its more refined approach to system protection. While AppArmor remains more accessible for beginners, SELinux introduces structured policies that give more precise control over how applications interact with each other and the system, making SELinux an integral component in environments where safety is paramount. Examining the Benefits of SELinux One of SELinux's primary attractions is its robust security policy framework, which defines how applications access files, devices, and other processes. Unlike AppArmor, which primarily focuses on file access, SELinux offers comprehensive policy-based control that extends to processes and users. This granularity enables administrators to enforce stricter security postures, minimizing the risk of unapprovedactions or breaches. Moreover, SELinux’s mandatory access control (MAC) replaces the traditional discretionary access control (DAC) model, adding another layer of defense. In an SELinux-enabled environment, even if an application is compromised, its ability to impact the rest of the system can be significantly restricted based on predefined policies. This makes SELinux an excellent choice for systems that require a heightened security level. The Learning Curve and Support As much as SELinux offers enhanced security features, it can also be quite complex for administrators switching over from AppArmor. To fully utilize its capabilities, transitioning admins must understand its terminologies, such as contexts, policies, and types. Writing and managing policies for SELinux can be challenging, but taking full advantage of its features is essential. Recognizing the learning curve associated with switching platforms, openSUSE community members have invested in creating detailed migration guides and documentation . These resources aim to assist admins through this transition with clear instructions and examples, helping them understand, configure, and troubleshoot SELinux on their systems. Furthermore, forums and community discussions provide invaluable real-world perspectives and advice from those who have already made the change. Flexibility for Current Users Existing Tumbleweed users will take comfort from AppArmor being supported, with existing installations not forcibly switching over to SELinux immediately. Administrators can operate their systems without immediate changes being required. This gives organizations more control in planning a smooth transition that fits their operational requirements, helping to avoid disruptions that might otherwise arise from sudden changeover. This dual-support approach caters to diverse infrastructure requirements. Admins can examine both security modules to see which best meets the needs of their environment - legacy systems that rely on AppArmor ornew deployments that might benefit more from SELinux. Preparing for the Transition Preparation for using SELinux requires first understanding its architecture and functionality. Unlike AppArmor's path-based security model, SELinux tags every system object with a security context that defines which processes can do what and which cannot, further granulating what processes can or cannot do at an object level. Administrators should expect to delve deep into understanding audit logs, creating custom policies, and addressing common concerns, such as understanding "denial" messages in their administration of SELinux systems. One practical method of becoming comfortable with SELinux is to begin with less critical systems. By activating the "permissive" mode for SELinux , administrators can observe which actions would be denied without actually enforcing restrictions, making troubleshooting and policy adjustments possible in a controlled fashion before moving the configuration into production environments. Our Final Thoughts: Is openSUSE Tumbleweed's Transition Part of a Broader Trend? OpenSUSE Tumbleweed's choice to adopt SELinux represents an ongoing trend toward more sophisticated security tools for Linux environments. As cyber threats continue to evolve, so must strategies and technologies designed to combat them. With its policy-driven framework, SELinux provides admins and users with an effective method to strengthen their defenses significantly. Security administrators looking to use SELinux should approach it as a challenge and an opportunity. Adopting it means expanding their technical knowledge beyond what may be familiar while at the same time strengthening their systems' security posture - potentially becoming an invaluable part of their professional toolbox. By joining forces with SELinux, openSUSE Tumbleweed affirms its dedication to offering users robust security options. While the transition may be challenging, administrators who make the leap will discover more powerful toolsthan ever to protect their systems and data - laying a strong foundation for future Linux security efforts. . Migrating from AppArmor to SELinux on openSUSE Tumbleweed boosts system protection, delving into advantages and obstacles.. openSUSE Security, SELinux Management, AppArmor Transition, Linux Policy Enforcement. . Brittany Day
Feb 19, 2025
•
Vendors/Products
79
security advisoryaccess controlSELinuxLinux Security Modules Overview: SELinux, AppArmor, and TOMOYO Comparison
Linux has long been celebrated for its versatility, robustness, and vast array of security features it offers. A key aspect of maintaining and improving Linux security is using Linux Security Modules (LSMs) to manage access control policies. . LSMs provide fine-grain control over who can do what on a system, significantly boosting overall security postures across varied environments. I'll explain LSMs, the main contenders Linux admins should consider using, and how they compare. I'll also recommend certain LSMs for specific environments and share best practices for getting the most out of these powerful tools! An Overview of LSMs Linux Security Modules (LSM) serve as a framework within the kernel that facilitates the implementation of various security policies. Their modularity ensures they remain flexible and adaptable to varying security models, expanding beyond discretionary access control (DAC) with more stringent mandatory access control (MAC) mechanisms. LSMs in modern Linux systems vitally enforce security policies with incredible granularity. From isolating processes to assigning access controls based on user roles, LSMs allow administrators to tailor security measures specifically to their environment—an invaluable advantage given today's rapidly developing security threats. The Contenders: SELinux, AppArmor and TOMOYO SELinux, AppArmor, and TOMOYO Linux are the main LSMs admins must choose from. Each offers its unique benefits and is best suited to certain use cases: SELinux SELinux, AppArmor, and TOMOYO Linux are the main LSMs admins must choose from, each offering advantages. Security-Enhanced Linux (SELinux ) stands out among Linux ecosystem security frameworks. As an outcome of collaboration between the National Security Agency (NSA) and the security community, SELinux implements a robust set of policies that regulate access effectively, using three primary models: targeted, minimum, and multilevel security (MLS) policies. Critical features of SELinuxinclude its ability to enforce tight and comprehensive access controls, making it an invaluable asset in environments requiring high security. Unfortunately, such depth of control comes at the cost of complexity. Learning SELinux requires patience, and policy management is often complex and time-consuming. Still, its comprehensive security functionalities make SELinux an indispensable addition for applications such as government and military environments. AppArmor AppArmor provides an alternative approach to security, prioritizing ease-of-use and application-level protection. Initially developed by Immunix but now maintained by Canonical, AppArmor uses profiles to define permissible program actions. These profiles simplify user experiences by dealing with security on an application level rather than a systemwide policy level. AppArmor stands out with its user-friendly design and effortless profile creation process, making it particularly suitable for environments requiring rapid deployment and manageable security policies. AppArmor focuses on application-level protection to tailor protections specifically to each application's behavior while simplifying policy management and improving overall system security. TOMOYO Linux TOMOYO Linux takes an innovative approach by basing its security model on system behavior rather than predefined policies. This provides an intuitive policy syntax and relatively low maintenance requirements. TOMOYO also simplifies policy creation by learning acceptable behaviors from administrators before permitting administrators to fine-tune themselves. TOMOYO stands apart from its competition by taking a simple and easy-to-maintain behavioral-centric approach - perfect for environments looking for simple security solutions with minimal ongoing oversight. Comparative Analysis of SELinux, AppArmor & TOMOYO Let's take a closer look at how the three LSMs we've discussed compare in the following key areas: Usability and Learning Curve SELinux: Highcomplexity and a steep learning curve make SELinux require extensive training and documentation for effective implementation. AppArmor: Easier to use and focuses on application-specific security, making it more approachable for less experienced administrators. TOMOYO: Simplicity in policy creation and maintenance, making it user-friendly for environments where ease of use is a priority. Policy Management and Development SELinux: Detailed and labor-intensive policy management, though highly granular. AppArmor: Simplifies policy management with application-specific profiles, lowering the barrier for deployment. TOMOYO: The behavioral approach simplifies initial policy creation and requires low maintenance over time. Performance Overhead SELinux: Can introduce performance overhead due to its comprehensive security checks. AppArmor: Typically has a lighter performance footprint compared to SELinux. TOMOYO: Low performance overhead, aligning with its ease of use and manageability. Security Features and Granularity of Control SELinux: Offers the highest granularity in access control, making it suitable for high-security requirements. AppArmor: Provides solid security but with less granularity compared to SELinux. TOMOYO: Balanced approach, offering moderate granularity with an emphasis on ease of management. Community Support and Documentation SELinux: Strong community support and extensive documentation due to its long-standing presence. AppArmor: Good community support with comprehensive and accessible documentation. TOMOYO: Smaller but dedicated community with clear documentation. Recommendations for Specific Environments When selecting an appropriate LSM, it is critical to consider the environment's specific needs and constraints. The following types of environments are best suited to a particular LSM we've discussed: High-security environments (e.g., military, finance): SELinux isrecommended due to its fine-grained access control capabilities. Web servers and application-specific security needs: AppArmor offers an ideal mix of security and ease of management. Small to medium-sized enterprises (SMEs): TOMOYO is suitable for organizations seeking a balance between security and usability. System administrators must be prepared for the associated learning curves, which may require additional training, particularly when adopting more complex systems like SELinux. Best Practices for Implementing LSM in Linux Systems Effective implementation of LSMs involves the use of security best practices, including: Thorough Planning: Assessing security needs and potential risks. Ongoing Policy Management: Regularly update and audit security policies. Leveraging Community Resources: Engaging with the LSM community for best practices and support. Our Final Thoughts on LSMs & How They Compare Linux Security Modules (LSMs) are critical in strengthening Linux system security. Administrators can choose among SELinux, AppArmor, or TOMOYO to address specific security needs while considering the long-term implications for their administration we've discussed. Security is a dynamic field, and staying informed on developments within LSMs is essential to remaining current with best practices and industry changes. Engaging with the Linux security community by sharing experiences and contributing to the ongoing evolution of LSM policies will assist in creating more robust and resilient systems for us all. . LSMs enhance Linux security by providing fine-grain control and tailored access policies.. linux, celebrated, versatility, robustness, array, security, features. . Brittany Day
Sep 25, 2024
•
Security Projects
76
security practicesSELinuxpolicy managementLolpolicy Implementation for SELinux Policy Management at LinuxCon
Ever wonder how lolspeak, the language of lolcats could be used to secure Linux? At LinuxCon, Joshua Brindle from Linux security vendor Tresys detailed something he called lolpolicy for making SELinux security policies easier to manage.. Lolpolicy is Brindle's half-serious implementation of something he referred to as -CIL (Common Intermediary Language) - which is an intermediate policy language for SELinux. It's an attempt to clean up some of the management layer of SELinux, Brindle said. The link for this article located at Internet News is no longer available. . Dive into the transformative impact of lolpolicy on SELinux administration, streamlining security measures at LinuxCon by leveraging cutting-edge methodologies.. Lolpolicy Management, SELinux Policy, Linux Security Solutions. . Alex
Aug 12, 2010
•
Organizations/Events
78
access controlsecurity technologypolicy managementHyTrust Funding: $10.5 Million For Enhanced Virtualization Security
Cisco and several other investors have given $10.5 million to HyTrust, a start-up that is tackling some of the thornier security problems posed by the growing popularity of VMware's virtualization platform. Virtualization security remains a work in progress.. HyTrust won "Best of Show" at last year's VMworld, the major virtualization conference hosted by VMware, and was named of Network World's 10 start-ups to watch in 2010. When HyTrust launched its first product last April it already had $5.5 million in venture capital from Trident Capital and Epic Ventures. Now the company has added a second round of financing with the existing investors as well as Cisco and Granite Ventures. HyTrust sells a hardware- or software-based appliance that gives administrators a central point from which to control access, policy management, security configuration and compliance in virtual environments. Analysts have praised HyTrust's technology for solving authentication problems in VMware's hypervisor with more granular auditing and security controls, and for letting administrators set policies that won't be overridden by other tools. In an announcement Wednesday HyTrust said the new funding will aid in development, sales and marketing. Cisco's investment is indicative of the network vendor's increasing focus on virtualization. Cisco has developed software switches for virtualization deployments and its Unified Computing System uses VMware to create large pools of virtual resources. Cisco also recently teamed with NetApp and VMware on a security project designed to isolate applications sharing the same physical resources. The link for this article located at IT World is no longer available. . SafeNet raises $12 million in funding to boost cloud security solutions and improve identity management systems.. HyTrust Investment, Virtual Security, Access Control Solutions, Policy Management Technology, Cisco Ventures. . LinuxSecurity.com Team
Feb 25, 2010
•
Vendors/Products
72
computer securitypolicy managementhost-based firewallComputer Associates Host-Based Firewall Transforms User Security Management
Computer Associates, a business software vendor will market a 'host-based' firewall that learns-by-example to provide better security of computers and computer networks, the company said. The firewall provides centrally managed computer security and simplifies deployment on Windows systems, the company said. . The firewall allows administrators to create policies based on user behavior and existing examples. This "learn-by-example" approach eliminates much of the time and effort typically required for administrators to define policies for specific roles, applications and/or resources. The link for this article located at CIO Team is no longer available. . The security system empowers managers to establish guidelines derived from user actions and prior instances.. Host-Based Firewall, User Behavior Security, Policy Management. . Bill Locke
Feb 09, 2007
•
Firewalls
76
access controlSELinuxsecurity technologySecond SELinux Symposium: Explore Access Control For Enhanced Security
Registration for the Security-Enhanced Linux (SELinux) Symposium is now open at . The event, scheduled for February 27-March 3, 2006 in Baltimore, Maryland, explores the emerging SELinux technology and the power of flexible mandatory access control in Linux. . The Second SELinux Symposium features two full days of SELinux-related tutorials followed by a two-day technical agenda that includes papers, presentations, and case studies by experts and practitioners with SELinux. Topics for the symposium include in-depth discussions of the core SELinux technology, emerging SELinux policy management and development tools, experiences using SELinux to build secure system solutions, and the status of SELinux within Linux. New this year is an invitation-only SELinux developer summit, where the core developers and contributors of SELinux discuss upcoming technology changes, requirements, and plans. The link for this article located at LinuxWorld is no longer available. . Enrollment for the Upcoming SELinux Summit is now available, delving into SELinux innovations and authorization techniques.. SELinux Symposium, Mandatory Access Control, SELinux Technology. . Brittany Day
Jan 05, 2006
•
Organizations/Events
72
network monitoringsecurity toolpolicy managementSolsoft NetfilterOne: Centralized Firewall Management Solution
In an effort to support the open source community, Solsoft Inc., the leading provider of network security policy management software, today announced its Solsoft NetfilterOne, a graphical interface that will automate the design, deployment and documentation of security rules and policies as they pertain to a networked netfilter firewall. . With Solsoft NetfilterOne, IT administrators will realize the advantages of a centralized interface from which to configure, deploy, enforce and audit rules and policies consistently among netfilter firewall(s). NetfilterOne is the ideal tool to remotely maintain security policies on Linux servers, webservers, DNS, Mail servers which often resides on DMZ. netfilter is an open source-based firewall that offers both stateless and stateful packet filtering. The technology performs a variety of network address and port translations and offers multiple layers of API’s for the development of third-party extensions. Most recently, Solsoft announced a $4,500 Firewall Manager, a scaled-down version of the company’s automated, multi-vendor security management platform used to support firewalls, routers, switches, intrusion prevention and other security devices by market leaders such as Cisco, Check Point, Nortel, Symantec, ISS and others. "The addition of Solsoft NetfilterOne to Solsoft's product line-up broadens the spectrum of customers that stand to benefit from automated policy management to include small businesses, schools, and regional and state agencies," said Gilles Samoun, Solsoft CEO. Since 1997, Solsoft has provided its customers worldwide with centralized management of security policies on leading firewall, router, switch, VPN, IDS/IPS, and other security platforms. Using Solsoft’s flagship Policy Server software, network and information security teams collaborate to define, store, deploy, and audit policies across large-scale enterprise, service provider, and government networks. Availability & Pricing Solsoft NetfilterOne will be availablefor download October 17, 2005 at Pricing for multiple installations will be determined. About Solsoft Founded in 1997, Solsoft is the leading provider of network security policy management solutions, with production deployments in more than 25 Fortune 500 companies, Government agencies, and some of the largest Telcos worldwide. Solsoft solutions enable organizations to centrally control the design, deployment, and documentation of security policies across single- and multi-vendor networks. The Solsoft product line offers centralized management of firewalls, routers, switches, VPN, intrusion prevention, intrusion detection, and other security equipment from market leaders such as Cisco, Juniper, Check Point, Nortel, Symantec, Internet Security Systems, and Linux-based vendors. Enterprise, service provider, and government customers rely on the Solsoft platform for compliance with regulations and standards, collaborative security policy design and maintenance, role-based security configuration change control and deployment, policy audits, and response to network attacks. For more information about Solsoft, please visit send e-mail to
Oct 18, 2005
•
Firewalls
72
network securityfirewallopen source toolFirewall Builder 1.1 Overview: Enhance Your Network Protection
Firewall Builder consists of an object-oriented GUI and a set of policy compilers for various firewall platforms. In Firewall Builder, a firewall policy is a set of rules; each rule consists of abstract objects that represent real network objects and services . . . . Firewall Builder consists of an object-oriented GUI and a set of policy compilers for various firewall platforms. In Firewall Builder, a firewall policy is a set of rules; each rule consists of abstract objects that represent real network objects and services (hosts, routers, firewalls, networks, protocols). Firewall Builder helps users maintain a database of objects and allows policy editing using simple drag-and-drop operations. Preferences and object databases are stored in XML format. The link for this article located at Net-Security.org is no longer available. . Security Manager provides a user-friendly interface and automated rule generators to improve protection for your network.. Firewall Management, Network Policies, Open Source Application. . Anthony Pell
Nov 26, 2003
•
Firewalls
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More