Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 11 articles for you...
78
Linux distributionsecurity modeluser privilegeKali Linux 2020.1 Release: Defaulting to Non-Root User for Security
The Kali Linux distribution is going to switch to a new security model by defaulting to a non-root user starting with the upcoming 2020.1 release. Learn more: . This change will come with the release of the 2020.1 version scheduled for late January 2020, but users can already test it via the daily builds . They will also be able to test it by downloading and running theweekly images released until Kali 2020.1 will be officially available. The link for this article located at Bleeping Computer is no longer available. . In the 2020.1 release, Kali Linux adopts a safety-first approach by defaulting to non-administrative user accounts, significantly improving user security.. Kali Linux Release, User Privilege Changes, Default Non-Root User, Linux Security Model. . LinuxSecurity.com Team
Jan 06, 2020
•
Vendors/Products
74
risk managementthreat landscapesecurity modelInvestigating Cloud Security Frameworks for Enhanced Data Protection
Despite the numerous advantages presented by cloud computing, security is still the biggest factor holding back more widespread adoption by businesses. A recent survey by AlienVault found that an overwhelming 90 percent of organisations are still concerned about cloud security. . But many people don't realise that the cloud also presents a great opportunity for security. The automation and scale provided by the cloud gives us a platform that we can secure far better than any in the past. The cloud is not an inherently insecure environment. . Explore the ways in which cloud technology boosts security via automated processes and adaptable resources, reshaping the arena of cyber threats.. Cloud Security Model, Automation in Security, Cloud Risk Management, Security Opportunities in Cloud. . Anthony Pell
Mar 14, 2017
•
Network Security
82
access controldata managementsecurity modelNSA Accumulo Software: Advanced Label-Based Security for Data Storage
The National Security Agency has submitted its new, label-based data store software to the Apache Software Foundation, in hopes that others will further develop it for use in secure systems. . Called Accumulo, the software uses "expressive, fine-grained" labels that can tag each cell in a data store. Security policies can then be applied to the individual labels to, for example, allow an external server to access some cells but not others. Based on Google's Big Table design, Accumulo is a simple key/value data store, where providing the system with the key will return any data associated with that key. Featuring a distributed design, Accumulo can be run across multiple servers, making it a good candidate for managing big data systems, the NSA said. The link for this article located at Network World is no longer available. . The Accumulo system, developed by the NSA, utilizes detailed tagging for the efficient storage and governance of sensitive information, facilitating customized permissions.. Accumulo Management, Big Data Security, Fine-Grained Data Control. . Alex
Sep 26, 2011
•
Government
79
network protectioncyber attackssecurity modelAddressing Security Fragmentation To Improve Network Protection
A new week, a new rash of attacks against security vendors, email marketers and banks. It would be easy to point fingers and laugh at the irony, especially in the case of security vendors, but that would be both petty and shortsighted.. The stark reality is that security breaches can, will and do happen to everyone. For every security control and process we put in place, somewhere else there's a vulnerability, a weakness, an untrained employee or a path of least resistance for an attack. All the point solutions in the world are not going to make us any more secure. What we desperately need is a new model for integrating security solutions across vendors, across devices, across operating systems and across the globe. Companies today are faced with a fundamental security conundrum. Their networks, applications and end-user devices are made up of a patchwork of dozens if not hundreds of vendor solutions. Each vendor may offer security features in their apps, security appliances, or even an entire range of security solutions. None of them really interoperate with any of the other vendors' security solutions (not unless you consider LDAP and syslog to be interoperability). None of them work on other vendor network devices. The link for this article located at Network World is no longer available. . Cyber threats are an ongoing challenge for all suppliers. It's essential to implement protective measures across systems seamlessly.. Security Integration, Cyber Attacks, Vendor Security Solutions, Network Protection. . LinuxSecurity.com Team
Apr 14, 2011
•
Security Projects
76
network securitysecurity modeluser trustExamining Zero Trust: Can We Trust Internal Networks Anymore?
The so-called Zero Trust model for security proposed by Forrester Research earlier this month has revived debate about the way organizations secure their networks.. Zero Trust means end users are no more trusted than outsiders, and that organizations must inspect all traffic, from the outside and on the inside as well. While this concept has stirred Big Brother worries among skeptics, it also resonates with some experts in light of the end user application-borne attacks as well as malicious or careless insiders. But does this user threat trend merit a whole new security model? Most security experts agree that you can't trust your internal network and have to assume you've been compromised, so it's a matter of detecting and stopping breaches before any information is stolen or damage is done. It's just that inspecting all internal traffic can be a tall order -- and maybe overkill. The link for this article located at Dark Reading is no longer available. . The concept of Zero Trust dictates that every user is scrutinized in the same way as external entities, emphasizing rigorous examination of all data flows.. Zero Trust Security, Network Inspection, End User Threats, Security Models. . Anthony Pell
Oct 01, 2010
•
Organizations/Events
78
open sourcesecurity modellinux kernelGreg Kroah-Hartman: Android Drivers Removed From Linux Kernel
After removing Google's Android driver code from the Linux kernel, Novell Fellow and Linux developer Greg Kroah-Hartman has argued that the mobile OS is incompatible with the project's main tree. Kroah-Hartman deleted the Android drivers on December 11 - Android code is no more as of version 2.6.33 of the kernel release - and yesterday, with a post to his personal blog, he explained the move in detail.. "No one cared about the code, so it was removed," writes Kroah-Hartman. "As I've stated before, code in the staging tree needs to be worked on to be merged to the main kernel tree, or it will be deleted." But the larger problem, he continues, is that Android uses a new lock type, new hooks for its "sometimes bizarre" security model, and a revamped framebuffer driver infrastructure. All this, he says, prevents "a large chunk" of Android drivers and platform code from merging into the main kernel tree. Google, he ultimately argues, has forked its mobile OS. Google did not immediately respond to our request for comment. But in a pair of posts to LWN.net, Mountain View open source guru Chris DiBona says that Android isn't in the main tree because the main tree doesn't want it. The link for this article located at The Register is no longer available. . The Android driving code developed by Google was eliminated from the Linux kernel because of incompatibility problems and insufficient collaboration.. Android Driver Removal,Linux Kernel Changes,Open Source Development. . LinuxSecurity.com Team
Feb 04, 2010
•
Vendors/Products
74
identity managementsecurity modeldeperimeterisationModifying Security Frameworks for Organisations across Europe
When you add the responsibility for information and security in an organisation that ranges across Europe, life becomes even more complex. You also need to accommodate differences in mindset about legislative severity, and differences in national character. Within countries, many of the challenges remain the same for CIOs, wherever they are based. They must try to operate a security model that has changed from a "fortress" - where everything was kept out - to an "airport" style security. Now everyone is rushing around in different directions aiming for different destinations, and their credentials to "fly" or interact with the company need to be checked. . Organisations need to welcome everyone in from partners to customers and hope they are friends, not foes. The key word is now "deperimeterisation". But opening up the perimeter means organisations require knowledge of identities through trust and confidence. The link for this article located at ComputerWeekly.co.uk is no longer available. . Entities need to evolve alongside fresh security paradigms, welcoming deperimeterisation and placing trust in identities.. Information Management, Security Frameworks, Digital Identity, Trust Relationships. . Benjamin D. Thomas
Nov 24, 2005
•
Network Security
72
network securityaccess controlfirewallRethinking Firewalls: New Models For Effective Network Security
Three years ago, I proposed to our technology architects that we eliminate our network firewalls. Today, we're close to achieving that goal. Back then, I thought that network-based firewalls were losing their effectiveness, enabling a mind-set that was flawed. Today, I'm certain. . Perimeter security was originally intended to allow us to operate with the confidence that our information and content wouldn't be stolen or otherwise abused. Instead, the firewall has slowed down application deployment, limiting our choice of applications and increasing our stress. To make matters worse, we constantly heard that something was safe because it was inside our network. Who thinks that the bad guys are outside the firewall and the good guys are in? A myriad of applications, from Web-based mail to IM to VoIP, can now tunnel through or bypass the firewall. At the same time, new organizational models embrace a variety of visitors, including contractors and partners, into our networks. Nevertheless, the perimeter is still seen as a defense that keeps out bad behavior. Taking that crutch away has forced us to rethink our security model. Our new security posture gives our users access to more applications regardless of their location and without sacrificing security. The new security architecture isn't focused on our network firewall. Instead, we embed security within our internal network. This begins with separating our servers from our clients. We can do that now, thanks to layer-3 data center switches that allow for the low-cost creation of subnets. By defining simple ACLs, we further isolate our backend servers. The link for this article located at Security Pipeline is no longer available. . The landscape of perimeter security is changing; examine how conventional firewalls could impede the deployment of applications and the security of access.. Network Security, Innovative Firewall, Application Access, Security Architecture, Perimeter Defense. . Brittany Day
Jul 08, 2005
•
Firewalls
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More