Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 0 articles for you...
83
malwarerootkitsystem controlNew Reptile Rootkit Attack on Linux: Port Knocking for Control
A new kernel module rootkit malware was released recently on GitHub, dubbed Reptile. It’s an open-source rootkit that has the ability to hide itself, other malicious codes, files, directories, and network traffic. . While, unlike other rootkit malware, Reptile stands out with a reverse shell, enabling easy system control, and its signature move is Port Knocking. Port Knocking opens a specific port on an infected system, connecting it to the C&C server upon receiving an attacker’s Magic Packet. The cybersecurity researchers at ASEC recently identified this new rootkit malware. Reptile aids malware installation and equips attackers with Listener, a command line tool that awaits a reverse shell connection to execute on infected systems, granting control to the attacker. Attackers can operate a reverse shell without specifying the C&C server by forwarding specific packets using Port Knocking. Packet, a command line tool, receives parameters for the reverse shell connection and port knocking method. The link for this article located at CyberSecurity News is no longer available. . Investigate the latest Reptile rootkit malware utilizing port knocking techniques for discreet Linux infiltrations, enabling streamlined system manipulation.. Reptile Rootkit, Linux Malware, Port Knocking, Open Source Threat. . LinuxSecurity.com Team
Jul 26, 2023
•
Hacks/Cracks
77
access controlsecurity techniquesauthenticationEvaluating SSH Security: Alternatives To Port Knocking For Access Control
The robots currently at work knocking around for your guessable password could easily be repurposed to guess your Unicode password currently known as your port knocking sequence, and quite likely have been already. Plus, we already have authpf(8) for network-level restrictions on access. . Whenever you write about security in general and SSH security in particular (and for good measure also get slashdotted for your efforts), the comments inevitably turn up a variety of useful and less useful suggestions. The link for this article located at That grumpy BSD guy is no longer available. . Port knocking allows access to services by sending a sequence of packet "knocks" but has vulnerabilities like reliance on secrecy and lack of encryption. Port Knocking Alternatives, Secure SSH Access, SSH Security Techniques. . LinuxSecurity.com Team
Apr 13, 2012
•
Server Security
72
firewalldaemonnetwork accessExploring Port Knocking for Firewall Access Security Improvement
Fred Stluka from Bristle.com just introduced me to port knocking -- a method of opening ports on a firewall by trying to connect with a series of ports in a pre-determined order. The sequence of "knocks" acts like a secret access code -- like tapping out the first couple of bars from your favorite song to tell someone inside that it's you. . Similar secret taps were used during Prohibition to ensure that only those who knew the secret knock would be allowed into the speakeasies. These days, port knocking provides a way to forge access through a firewall by using the code. Port knocking is usually implemented via some kind of daemon that watches the firewall logs for signs of the knock sequence and then modifying the firewall's configuration to permit access through a specified port. You might use it on your home firewall to allow you to access your home network from the office or to provide a temporary back door to a network and then close it again after use. Generally, a sequence of three or more knocks is used to complicate the access. If a single knock were used, it would obviously be too easy. Guessing the right sequence of three or four port numbers, on the other hand, greatly reduces the likelihood that anyone would be able to guess their way into your network. Port knocking is customizable. You can select the port numbers and change the sequence as often as you feel is needed. As Wikipedia points out, you aren't limited to using this technique to open ports. You might use port knocking to initiate a shell script set up to do just about anything -- restart your web server, start your backups or run a scan of some sort. The link for this article located at IT World is no longer available. . Explore the concept of port knocking as a means to enhance firewall protection by employing hidden access techniques to secure your infrastructure.. PortKnocking, FirewallAccess, NetworkSecurity. . Anthony Pell
Mar 03, 2010
•
Firewalls
79
security toolauthentication methodport knockingFwknop: A Powerful Tool for Secure Port Knocking Techniques
Port Knocking came about in around 2003, but it has various weaknesses. There are plenty of implentations though (some quite advanced). Most of the problems are fixed however by fwknop! fwknop stands for the . The link for this article located at Dark Reading is no longer available. . Explore the functionalities of Fwknop, a sophisticated port knocking solution that fortifies network defenses.. Fwknop Port Knocking, Network Security Tool, Authentication Methods, Open Source Security Solutions. . LinuxSecurity.com Team
Oct 08, 2008
•
Security Projects
79
Linux securitynetwork access controlport knockingExplore Fwknop for Enhanced Port Knocking and OS Filters in Linux
fwknop is a flexible port knocking implementation that is based around iptables. Both shared knock sequences and encrypted knock sequences are supported. In addition, fwknop makes use of passive OS fingerprinting signatures derived from p0f to ensure the OS that initiates a knock sequence conforms to a specific type. This makes it possible to allow, say, only Linux systems to connect to your SSH daemon. Both the knock sequences and OS fingerprinting are completely implemented around iptables log messages, and so a separate packet capture library is not required. . . .. fwknop stands for "Firewall Knock Operator" and is an upcoming piece of software that will be released at the DEFCON 12 conference in July, 2004 in Las Vegas. fwknop implements network access controls (via iptables) based on a flexible port knocking mini-language, but with a twist; it combines port knocking and passive operating system fingerprinting to make it possible to do things like only allow, say, Linux-2.4/2.6 systems to connect to your SSH daemon. fwknop supports shared, multi-protocol port knock sequences along with both relative and absolute timeouts, and coded port knock sequences encrypted with the Rijndael block cipher. The link for this article located at cipherdyne.org is no longer available. . fwknop combines port knocking with OS fingerprinting for secure network access control in Linux environments.. fwknop, port knocking, security, network access, Linux. . LinuxSecurity.com Team
Aug 09, 2004
•
Security Projects
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More