Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -3 articles for you...
79
Linux updatessecurity moduleremote loggingHighlights of LKRG 0.9.8: Enhanced Kernel Safety and Remote Logging
Openwall has released Linux Kernel Runtime Guard (LKRG) 0.9.8 with significant updates and improvements. For those unfamiliar with Linux Kernel Runtime Guard (LKRG), it is a kernel module that performs runtime integrity checking of the Linux kernel and detects security vulnerability exploits against the kernel. . We'll explain the significance of LKRG in more depth, explore its remote logging functionality, and discuss the significant changes introduced in LKRG 0.9.8. What Is the Significance of LKRG? LKRG was a project of Adam 'pii3' Zabrocki that was brought under the Openwall umbrella and released to the public in 2018. It performs runtime integrity checks on the Linux kernel to detect security vulnerabilities exploited against the kernel. LKRG tries to detect and respond quickly to unauthorized kernel modifications or changes in credentials for running system processes. This protects against exploits gaining unauthorized access to root through kernel vulnerabilities. LKM Rootkits, Docker containers, and other threats are all included in the module, enabling it to combat most existing and future Linux kernel vulnerabilities. LKRG offers security by diversity but without the drawbacks of running an unusual OS. LKRG works best on systems that are unlikely to be rebooted to a new kernel or live-patched whenever a kernel vulnerability is found. It provides robust protection from kernel vulnerability exploits without requiring much effort by the user. There is no need to configure a security policy, etc. LKRG is especially beneficial for systems not expected to be updated consistently. The module can be installed easily in various distros such as RHEL, CentOS, Ubuntu, Whonix, Debian, Rocky Linux, and AlmaLinux. Remote Logging with LKRG Remote logging is critical for troubleshooting incidents, centralizing processing for SIEM and EDR, and compliance. While there are pre-existing Linux kernel remote logging solutions, LKRG is an excellent option for Linux kernel remotelogging. It offers transport security, provides long-term encryption and authentication of messages and blobs, and is not too susceptible to DoS attacks. LKRG also offers: Reliable delivery Congestion control Message prioritization Roaming support Message encapsulation According to security specialist Solar Designer , "Delivery, storage, and processing of LKRG security events to/on a remote system is a natural extension of LKRG's functionality. Remote logging is also valuable on its own, including for troubleshooting and post-mortem analyses of (non-)security incidents, where the system's local logs might be unavailable, incomplete, or tampered with." For more technical details, I encourage you to explore Solar Designer's recent presentation on Linux kernel remote logging: approaches, challenges, implementation. What's New in LKRG 0.9.8? According to Openwall, the following significant changes have been made in LKRG 0.9.8: Added optional remote kernel message logging, including the sending component in LKRG itself and the receiving/logging counterpart in a userspace daemon, as well as additional utilities to generate a public/secret keypair and to process the logs and documentation in LOGGING. Added support for RHEL 8.8+. More complete documentation of the build requirements. The most notable change in this release is the addition of built-in remote kernel message logging capabilities. You can get LKRG 0.9.8 here . Our Final Thoughts on LKRG 0.9.8 LKRG 0.9.8 is an exciting release for those looking to enhance kernel security, especially if they are not engaging in frequent updates. We encourage you to check it out and share your thoughts on X @lnxsec ! That being said, keeping your systems patched against the latest security flaws is another essential defense mechanism against attacks exploiting known vulnerabilities. Be sure to subscribe to our newsletters for the latest updates, news, and advisories impacting your securityas a Linux user. . Explore the significant advancements in LKRG 0.9.8, its critical role in safeguarding kernel integrity, and how enhanced remote logging improves overall defense mechanisms.. Linux Kernel Runtime Guard, LKRG Updates, Kernel Integrity, Remote Logging Solutions. . Dave Wreski
Mar 05, 2024
•
Security Projects
74
Linux administrationlog managementsecure loggingCentralized Logging With SCP: A Secure Solution For Linux
A few months ago, I challenged myself with a problem. I wanted to implement centralized system logging that would securely store logs in a location that would prevent any tampering or mischief. It was necessary to find a solution that fit . . . . A few months ago, I challenged myself with a problem. I wanted to implement centralized system logging that would securely store logs in a location that would prevent any tampering or mischief. It was necessary to find a solution that fit into my company's tight budget that would also be a) secure, b) affordable and c) easy to run, especially on a Solaris system. While these constraints made it very tough to discover a viable solution, I was nevertheless able to do so. This article will discuss a solution that meets these criteria and will work well in other environments as well. It should be noted that since I implemented the solution I have in place now, I have discovered some other options. The link for this article located at Security Focus is no longer available. . Establish a secure, centralized logging system using SCP to protect logs from tampering. Follow these steps for effective log management and integrity.. Centralized Logging, Secure SCP Implementation, Remote Log Management, Log Security, Linux Administration. . Anthony Pell
Feb 14, 2001
•
Network Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More