Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -1 articles for you...
77
network securityremote accesssecure tunnelingComprehensive Guide to SSH Port Forwarding for Secure Connections
SSH is typically used for logging into remote servers so you have shell access to do maintenance, read your email, restart services, or whatever administration you require. SSH also offers some other native services, such as file copy (using scp and sftp) and remote command execution (using ssh with a command on the command line after the hostname). . Whenever we SSH from one machine to another, we establish a secure encrypted session. This first article in this SSH series[1] looked at properly verifying a server's host key, so that we can be sure that no attacker is able to perform a man-in-the-middle attack and gain access to read or manipulate what we do in that session. Other articles in this series looked at removing the need for static passwords using SSH user identities[2], and then using ssh-agent[3] to automate the task of typing passphrases. SSH also has a wonderful feature called SSH Port Forwarding, sometimes called SSH Tunneling, which allows you to establish a secure SSH session and then tunnel arbitrary TCP connections through it. Tunnels can be created at any time, with almost no effort and no programming, which makes them very appealing. In this article we look at SSH Port Forwarding in detail, as it is a very useful but often misunderstood technology. SSH Port Forwarding can be used for secure communications in a myriad of different ways. Let's start with an example. The link for this article located at Brian Hatch is no longer available. . Whenever we SSH from one machine to another, we establish a secure encrypted session. This first art. typically, logging, remote, servers, shell, maintenance. . LinuxSecurity.com Team
Jan 06, 2005
•
Server Security
74
Ciscodictionary attacksecure tunnelingCisco EAP-FAST: New WLAN Security Protocol Against Brute Force Attacks
Cisco Systems Inc. has developed a new wireless LAN security protocol designed to defeat brute force dictionary attacks that capture a user's passwords, and it submitted a draft of the protocol to the Internet Engineering Task Force (IETF) on Monday. Cisco developed the new WLAN Extensible Authentication Protocol-Flexible Authentication via Secure Tunneling (EAP-FAST) to defeat dictionary attacks against unencrypted passwords in its earlier, proprietary Lightweight Extensible Authentication Protocol (LEAP). Cisco posted a security bulletin last August warning users that LEAP is vulnerable to such attacks. . . .. Cisco Systems Inc. has developed a new wireless LAN security protocol designed to defeat brute force dictionary attacks that capture a user's passwords, and it submitted a draft of the protocol to the Internet Engineering Task Force (IETF) on Monday. Cisco developed the new WLAN Extensible Authentication Protocol-Flexible Authentication via Secure Tunneling (EAP-FAST) to defeat dictionary attacks against unencrypted passwords in its earlier, proprietary Lightweight Extensible Authentication Protocol (LEAP). Cisco posted a security bulletin last August warning users that LEAP is vulnerable to such attacks. Ron Seide, WLAN product line manager at Cisco, said EAP-FAST protects against dictionary attacks by sending password authentication between a WLAN client and wireless LAN access points through a secure, encrypted tunnel. Seide added that EAP-FAST also eliminates the need for enterprises to install separate servers to handle the digital certificates used in another WLAN security system, the Protected Extensible Authentication Protocol (PEAP). Seide said that Cisco believes that EAP-FAST complements PEAP as well as LEAP, "bringing together some of the key advantages of LEAP's convenience and flexibility with the password protection tunneling of PEAP". According to Seide, Cisco submitted EAP-FAST to the IETF for inclusion in the 802.1x wireless LAN security protocol that is under development and expects tohave it available for download for free from its Web site by the end of March. Seide said Cisco doesn't intend EAP-FAST as a replacement for LEAP but as an addition to its WLAN security suite of products, which includes PEAP. Cisco also intends to make EAP-FAST available to partners in its Cisco Compatible Extensions (CCX) program, (see story) Seide said. Cisco's CCX wireless LAN chip partners include Intel Corp. and Atheros Communications Inc. Hardware manufacturers that are part of the CCX program include Dell Inc., Hewlett-Packard Co. and Toshiba Corp. The link for this article located at computerworld.com is no longer available. . Explore the innovative WLAN security framework by Cisco that effectively thwarts dictionary attacks.. Wireless Authentication,EAP-FAST,Cisco WLAN Security,Dictionary Attack Protection,Secure Tunneling. . Anthony Pell
Feb 16, 2004
•
Network Security
74
network securityremote accessipsecIPSec And SSL VPN: Evaluating The Best Remote Access Option
By implementing a VPN, a company can provide access to the internal private network to clients around the world at any location with access to the public Internet. It erases the administrative and financial headaches associated with a traditional leased line wide-area network (WAN) and allows remote and mobile users to be more productive. . . .. By implementing a VPN, a company can provide access to the internal private network to clients around the world at any location with access to the public Internet. It erases the administrative and financial headaches associated with a traditional leased line wide-area network (WAN) and allows remote and mobile users to be more productive. Best of all, if properly implemented, it does so without impacting the security and integrity of the computer systems and data on the private company network. Traditional VPN's rely on IPSec (Internet Protocol Security) to tunnel between the two endpoints. IPSec works on the Network Layer of the OSI Model- securing all data that travels between the two endpoints without an association to any specific application. When connected on an IPSec VPN the client computer is "virtually" a full member of the corporate network- able to see and potentially access the entire network. SSL VPN's have been gaining in prevalence and popularity; however they are not the right solution for every instance. Likewise, IPSec VPN's are not suited for every instance either. Vendors are continuing to develop ways to expand the functionality of the SSL VPN and it is a technology that you should watch closely if you are in the market for a secure remote networking solution. For now, it is important to carefully consider the needs of your remote users and weigh the pros and cons of each solution to determine what works best for you. The link for this article located at About.com is no longer available. . Utilizing a VPN allows safe connectivity to corporate networks for off-site users, boosting efficiency and safeguarding data.. VPN Implementation, SecureTunneling, Remote Network Access, Network Protection. . Anthony Pell
Nov 17, 2003
•
Network Security
67
encryptiondata exchangenetwork communicationImplementing IPsec Tunnels for Secure Network Communication
I started this project because I was using a number of IPIP tunnels to connect a number of private networks over the Internet, and I needed encryption for a few resons. Above all I wanted to be able to use standard protocols such as FTP and NFS without having to worry about cleartext passwords and snooping.. . .. I started this project because I was using a number of IPIP tunnels to connect a number of private networks over the Internet, and I needed encryption for a few resons. Above all I wanted to be able to use standard protocols such as FTP and NFS without having to worry about cleartext passwords and snooping. I knew that I needed IPsec, and the only free implementation under active development I could find for Linux was FreeSWAN, but looking closer it seemed too much for my simple case. My first impression was that it was hard to understand and hard to configure, especially for the simple case of manually configured tunnels with fixed keys. Routing was also strange. I wanted something resembling the standard IPIP tunnel, but when I could not find it, I printed out the IPsec RFCs and started reading, and after that I started coding. I decided to use the cryptoapi patches for the encryption/decryption algorithms, which really gave me a head start on the hard stuff. The code has been running on my netword for some time now, and I feel that it's time to share the code to the rest of the community. Please try it out and let me know what you think! The link for this article located at Tobias Ringström is no longer available. . Explore the complexities of SSL VPN setups for safe information transmission, addressing decryption issues proficiently.. IPsec Tunnel, Secure Tunneling, Network Encryption, Encryption Implementation. . LinuxSecurity.com Team
Apr 25, 2002
•
Cryptography
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More