Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 3 articles for you...
79
network securitysecurity issuedriver securityAssessing Microsoft RNDIS Protocol Security Risks in Linux Systems
Microsoft's proprietary protocol, Remote Network Driver Interface Specification (RNDIS) , started with a good idea. It would enable hardware vendors to add networking support to USB devices without having to build them from scratch. There was only one little problem. RNDIS has no security to speak of. . As Greg Kroah-Hartman, the Linux Foundation fellow responsible for stable Linux kernel releases, wrote in November 2022 on the Linux Kernel Mailing List (LKML) , "The Microsoft RNDIS protocol is, as designed, insecure and vulnerable on any system that uses it with untrusted hosts or devices. Because the protocol is impossible to make secure, just disable all RNDIS drivers to prevent anyone from using them again." He added, in another message, "The protocol was never designed to be used with untrusted devices. It was created, and we implemented support for it, when we trusted USB devices that we plugged into our systems, AND we trusted the systems we plugged our USB devices into." That's no longer the case. Kroah-Hartman concluded, "Today, with untrusted hosts and devices, it's time just to retire this protocol . As I mentioned in the patch comments, Android disabled this many years ago in their devices, with no loss of functionality." . The Linux community investigates the vulnerabilities inherent in Microsoft's RNDIS protocol and its potential risks for safeguarding networks against unverified devices.. Microsoft RNDIS, Linux Kernel Security, USB Network Vulnerability. . LinuxSecurity.com Team
Oct 05, 2023
•
Security Projects
67
network securityopen sourceprotocolWireGuard Merged Into Linux Kernel 5.6: Enhanced Network Security
The WireGuard VPN protocol, which is smaller, faster and easier to configure than IPsec, has been merged into Linus Torvalds' git repository for version 5.6 of the Linux kernel, the next release. . There is no set date for Linux kernel releases. Version 5.5 was released on 26 January 2020 and there is typically a couple of months between releases, so 5.6 may come in April. WireGuard in 5.6 is not a surprise. The code was merged into network maintainer Dave Miller's repository in December 2019 but not pulled in by Torvalds until today. "Linus pulled in net-next about a half hour ago. So WireGuard is now officially upstream," said the announcement on the WireGuard mailing list. WireGuard developer Jason Donenfeld shared his excitement at the news, but added: "I look forward to start refining some of [the] rougher areas of WireGuard now." The link for this article located at The Register UK is no longer available. . The WireGuard VPN protocol has been officially integrated into the Linux kernel version 5.6, offering enhanced speeds and simplified setup for its users.. WireGuard, Linux Kernel, Network Security, Open Source VPN. . LinuxSecurity.com Team
Jan 30, 2020
•
Cryptography
79
open sourceprotocolweb managementOpen Source Initiative: Google Robots.txt Standardization
Google is releasing robots.txt to the open-source community in the hopes that the system will, one day, becoming a stable internet standard. . On Monday, the tech giant outlined the move to make the Robots Exclusion Protocol (REP) -- better known as robots.txt -- open-source, alongside its matching C++ library. REP is a way for webmasters to establish the behavior of code attempting to visit a website. The original creator, Martijn Koster, found that his website was being overwhelmed by crawlers and so in a bid to reduce server strain, developed the initial standard in 1994. The link for this article located at ZDNet is no longer available. . Google intends to improve the Robots Exclusion Standard by making it open source to facilitate improved site administration.. Open Source, Robots Exclusion Protocol, Web Crawling Management. . LinuxSecurity.com Team
Jul 02, 2019
•
Security Projects
67
risk managementcryptographysecurity analysisUnderstanding the Risks of Amateur Encryption in Smart Grid Protocols
Anyone can design a cipher that he himself cannot break. This is why you should uniformly distrust amateur cryptography, and why you should only use published algorithms that have withstood broad cryptanalysis. All cryptographers know this, but non-cryptographers do not. And this is why we repeatedly see bad amateur cryptography in fielded systems. . The latest is the cryptography in the Open Smart Grid Protocol, which is so bad as to be laughable. From the paper: The link for this article located at Schneier on Security is no longer available. . Amateur cryptography often poses security risks due to self-made ciphers lacking rigorous scrutiny, leading to vulnerabilities exploitable by skilled attackers. Amateur Cryptography, Smart Grid Protocol, Risk Management. . LinuxSecurity.com Team
May 12, 2015
•
Cryptography
74
hackersecurity riskexploitationOAuth 2.0 Security Risks and Hacker Exploitation Insights
The emerging OAuth 2.0 web API authorisation protocol, already deployed by Facebook, Salesforce.com and others, is coming under increased criticism for being too easy to use, and therefore to spoof by malicious hackers.. "The OAuth community has made a big mistake about the future direction of the protocol," wrote Yahoo director of standards development Eran Hammer-Lahav in a blog post last week. Hammer-Lahav's criticism may carry more weight than those from the usual naysayer, because he is actually one of the creators of OAuth. "What makes this more frustrating is that the people behind [OAUTH 2.0] are some of the brightest security minds on the Web. These guys know exactly what they are doing, and it's not like they don't care," Hammer-Lahav wrote. "They just gave up and decided that the best they can do is maintain the status quo. They are also representing a large and powerful coalition of big companies too lazy to work a little harder." The link for this article located at Tech News World is no longer available. . OAuth 2.0 faces scrutiny over security vulnerabilities, raising concerns about potential hacker exploits. Insights from specialists in the industry shed light on this issue.. OAuth Security, API Exploitation, Protocol Risks. . Anthony Pell
Sep 23, 2010
•
Network Security
67
security advisoryencryptionremote accessSSH Protocol Trademark Rejected: Implications For Secure Remote Access
The Internet engineering community rebuffed one of its own security gurus this week, by rejecting a request from the inventor of the popular Secure Shell protocol to change the technology's acronym to protect his company's trademark on the term. Tatu Ylonnen . . . . The Internet engineering community rebuffed one of its own security gurus this week, by rejecting a request from the inventor of the popular Secure Shell protocol to change the technology's acronym to protect his company's trademark on the term. Tatu Ylonnen created Secure Shell in 1995 as a way of securing remote login, file transfer, TCP/IP and X11 forwarding. The protocol automatically encrypts, authenticates and compresses transmitted data. Ylonnen published Secure Shell as free software, and the technology is now available from several software vendors, including Sun Microsystems, Lucent Technologies, Nokia and Ericsson. Ylonnen's own company, SSH Communications Security of Finland, sells a full suite of cryptography and authentication products based on the Secure Shell protocol. The link for this article located at NWFusion is no longer available. . The Internet engineering community rebuffed one of its own security gurus this week, by rejecting a . internet, engineering, community, rebuffed, security, gurus, rejecting. . LinuxSecurity.com Team
Mar 22, 2001
•
Cryptography
72
firewallnetwork trafficauthenticationPotential Dangers of Unverified Protocol Fields in Firewall Configurations
The following problem (as discussed in this paper) has not yet been identified. Certain firewalls today, will not authenticate the validity of certain protocol fields, within the packet they are processing. The risk is exposure of information. What kind of information . . . . The following problem (as discussed in this paper) has not yet been identified. Certain firewalls today, will not authenticate the validity of certain protocol fields, within the packet they are processing. The risk is exposure of information. What kind of information can be exposed? Mainly it will be unique patterns of behavior produced by the probed machines answering our crafted queries (or other kind of network traffic initiated in order to elicit a reply). Those patterns will help a malicious computer attacker to identify the operating systems in use. The link for this article located at Net-security is no longer available. . Unverified protocol fields in firewalls present serious network security risks, allowing unauthorized access, data leaks, and malicious traffic infiltration. Firewall Security, Protocol Validation, Network Traffic Risks, Security Challenges. . Anthony Pell
Oct 15, 2000
•
Firewalls
74
network securitysecurity issuefirewallExploring ICMP Security Issues And Effective Safeguards
The Internet Control Message Protocol (ICMP) is simple, as Internet protocols go. Originally described in RFC 792 by Jon Postel, ICMP provides a way for IP stacks to send simple messages containing information or errors. ICMP is important for the Internet . . . . The Internet Control Message Protocol (ICMP) is simple, as Internet protocols go. Originally described in RFC 792 by Jon Postel, ICMP provides a way for IP stacks to send simple messages containing information or errors. ICMP is important for the Internet (and IP networks) to function correctly; however, ICMP can also have a negative effect on your network's security. For instance, ICMP has been used for scanning, Denial of Service (DoS) attacks, and tunneling (see "Distributed Denial of Service Attacks," March 2000, and "Firewall Vulnerabilities," August 1999,). A recent research paper by Israeli security consultant Ofir Arkin draws attention to some of the more arcane ways that ICMP can be employed in scanning networks (see Resources). At the end of his paper, Arkin suggests permitting only one of the 52 ICMP types and codes through a firewall, and that one only inbound. The link for this article located at Network Magazine is no longer available. . The Internet Control Message Protocol (ICMP) is simple, as Internet protocols go. Originally describ. internet, control, message, protocol, (icmp), simple, protocols, originally, describ. . Anthony Pell
Oct 02, 2000
•
Network Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More