Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 2 articles for you...
79
cloud securityservice providerIT serviceTop Cloud Security Questions For Your IT Service Provider
Back in March, IT services provider Avanade Inc. conducted a global study of 573 business leaders, asking them about their primary IT focus areas for the next 12 months. It comes as no surprise that cloud computing, security and IT consolidation topped the charts. While 60% of the companies surveyed said cloud computing is a top IT priority for the next year, 75% of the C-level executives in those companies place it at the top of the priority list.. Security ranks high, too, as it can never be separated from any computing architecture or solution. This week, we look at a few considerations for security in a cloud environment. The link for this article located at Network World is no longer available. . Security ranks high in IT considerations as it integrates with cloud environments and solutions across businesses.. Cloud Security, IT Service Priorities, Security Considerations. . LinuxSecurity.com Team
Jun 24, 2011
•
Security Projects
83
hackingsecurity breachvoipRobert Moore’s $1 Million VoIP Heist Using Brute-Force Attacks
Robert Moore, a 23-year old hacker from Washington, summarizes his $1 million heist of VoIP minutes. His methods involved brute-force attacks against Cisco XM routers and Quintum Tenor voice gateways in order to gain access and route calls through them. Just to clarify (FTA) - the attacks could easily have been prevented if the default passwords were changed on the routers. Even so, read on to find out how he confused the intrusion detection systems, how he gained the address to attack, and how he knew which attacks to send to which ports. . The link for this article located at Network World is no longer available. . Uncover the story of how a cybercriminal orchestrated a $1 million VoIP scam by deploying brute-force tactics and sidestepping protective measures.. VoIP Security,Hacking Techniques,Service Provider Breach. . LinuxSecurity.com Team
Aug 10, 2007
•
Hacks/Cracks
78
security surveyservice providersecurity productCisco Surges in Yankee Group Survey as Trusted Security Provider
Cisco has been ranked as one of the top three most trusted security product vendors and one of the top three most trusted security service providers in two surveys done by the Yankee Group. . . .. Cisco has been ranked as one of the top three most trusted security product vendors and one of the top three most trusted security service providers in two surveys done by the Yankee Group. Symantec was also ranked as one of the top three most trusted vendors in both categories. The Yankee Group 2004 Managed Security Services Survey found that of 606 enterprises, Symantec, Cisco and VeriSign rank as the three most trusted security service vendors. The Yankee Group noted that Cisco's standing as one of the top three most-trusted security service vendors was surprising, given that it doesn't offer broad security services, offers only limited professional services, and no managed security services. "This survey result is really a testament to the power of Cisco's remarkable brand recognition," said Phebe Waterfield, Yankee Group Security Solutions & Services analyst, in a statement. The link for this article located at Preston Gralla is no longer available. . According to surveys conducted in 2004, Cisco stands out as one of the top three most reliable vendors in the field of security products and services.. Cisco Security, Trusted Vendors, Security Products, Service Providers. . LinuxSecurity.com Team
Sep 22, 2004
•
Vendors/Products
74
network securityservice providerembedded systemsCustom Firmware Exposes Eavesdropping Threats in Cable Modems
A small and diverse band of hobbyists steeped in the obscure languages of embedded systems has released its own custom firmware for a popular brand of cable modem, along with a technique for loading it -- a development that's already made life easier for uncappers and service squatters, and threatens to topple long-held assumptions about the privacy of cable modem communications. The program, called Sigma, was released in its final version last month, and has reportedly been downloaded 350 to 400 times a day ever since. It's designed to be flashed into the non-volatile memory of certain models of Motorola's Surfboard line, where it runs in parallel with the device's normal functionality. It gives users almost complete control of their cable modem -- a privilege previously reserved for the service provider. . . .. A small and diverse band of hobbyists steeped in the obscure languages of embedded systems has released its own custom firmware for a popular brand of cable modem, along with a technique for loading it -- a development that's already made life easier for uncappers and service squatters, and threatens to topple long-held assumptions about the privacy of cable modem communications. The program, called Sigma, was released in its final version last month, and has reportedly been downloaded 350 to 400 times a day ever since. It's designed to be flashed into the non-volatile memory of certain models of Motorola's Surfboard line, where it runs in parallel with the device's normal functionality. It gives users almost complete control of their cable modem -- a privilege previously reserved for the service provider. The project is the work of a gang of coders called TCNiSO. With about ten active members worldwide, the group is supported by contributions from the uncapping community -- speed-hungry Internet users who rely on TCNiSO's research and free hackware to surmount the bandwidth caps imposed by service providers, usually in violation of their service agreement, if not the law. To them, Sigma is a delight,because it makes it simple to change the modem's configuration file -- the key to uncapping, and, on some systems, to getting free anonymous service using "unregistered" modems. "I've known TCNiSO for two years now and I've done a lot of things with their techniques," wrote a Canadian uncapper in an e-mail interview. "Sigma is the greatest one I've seen." While it's a boon to uncappers, the security implications of firmware hacking go beyond mere bandwidth-boosting and theft-of-service. The topography of cable modem networks typically puts between 500 and 1,000 homes in a neighborhood on the same circuit, their Internet traffic all mingled on the same co-ax cable. Subscribers are prevented from eavesdropping on their neighbors' traffic by their own modem, which is programmed to only pass packets destined for them. By building on TCNiSO's hacking technique, a malefactor could write custom code to forward all the raw network traffic to their PC. Outside security experts have generally dismissed any eavesdropping threat on modern cable systems based on a belief that cable companies are encrypting customer traffic, a capability built into all DOCSIS-certified modems since 1999. But while encryption would indeed thwart any eavesdropping attempt, in the most commonly-deployed version of the DOCSIS standard, version 1.0, the encryption option is just that -- an option, and one that's turned off by default. "The security has to be there" in the modem, says Oscar Marcia, chief security architect at for CableLabs, the industry group responsible for DOCSIS. "But the [service provider] can decide when to turn it on." And turning it on they are, Marcia says, but slowly, and in bits and pieces, even five years after the option became available. "It's kind of a gradual process... They want to make sure that they have all the kinks worked out of their system." He adds that he expects the process to accelerate as cable companies migrate to newer versions of the DOCSIS specifications, where encryption is "on" by default, insteadof off. SecurityFocus asked four U.S. cable modem service providers if they protected their customers with the encryption option. Comcast, Adelphia, and CableVision's Optimum Online declined comment; a spokesman for Time Warner's Road Runner service didn't return repeated phone calls on the question. Comcast's terms of service, however, acknowledges a risk of eavesdropping by "other subscribers," and Optimum Online's bluntly admits the company doesn't utilize encryption: "All Subscriber's ethernet traffic... will be reflected by the cable Modem in an unencrypted form onto the cable network and be subject to eavesdropping." The link for this article located at is no longer available. . A small and diverse band of hobbyists steeped in the obscure languages of embedded systems has relea. small, diverse, hobbyists, steeped, obscure, languages, embedded, systems, relea. . Anthony Pell
Feb 09, 2004
•
Network Security
74
network securityVPN serviceservice providerExploring Outsourced IP VPN Services for Network Security Flexibility
Service providers have various options in the way in which they can offer outsourced IP virtual private network (VPN) services to customers. The original service offerings were mostly customer premises equipment (CPE)-based. In such services, service providers deploy and manage . . . . Service providers have various options in the way in which they can offer outsourced IP virtual private network (VPN) services to customers. The original service offerings were mostly customer premises equipment (CPE)-based. In such services, service providers deploy and manage CPE VPN gateways (in other words, dedicated VPN appliances or VPN-enabled routers/firewalls) at customer sites. IPSec tunneling is used to provide the required security for communication between sites over public Internet infrastructure. Most major VPN service providers are now also offering one or more network-based IP VPN services. There are three types of network-based VPN services: * Network-based IPSec * MPLS (Multi-Protocol Label Switching) * Virtual routers over an ATM backbone The link for this article located at ZDNet is no longer available. . More organizations are opting for outsourced IP VPN solutions to enhance their network security and flexibility, compelling providers to focus on security, flexibility, and support. IP VPN, Network Security, Virtual Private Network, VPN Service Options. . Anthony Pell
Aug 14, 2002
•
Network Security
81
FBIservice providerinternet surveillanceEarthLink Fights Back: FBI Won't Use Carnivore Surveillance
EarthLink Inc., an Atlanta-based Internet service provider, says it has reached an agreement with the FBI in which the agency has agreed not to install its Carnivore Internet surveillance system on EarthLink's network. EarthLink was involved in a court battle with . . . . EarthLink Inc., an Atlanta-based Internet service provider, says it has reached an agreement with the FBI in which the agency has agreed not to install its Carnivore Internet surveillance system on EarthLink's network. EarthLink was involved in a court battle with the FBI earlier this year in which it resisted efforts by the agency to install Carnivore under a court order to wiretap the communications of a suspect in a criminal case. The link for this article located at ComputerWorld is no longer available. . Privacy advocate organizations commend EarthLink for its stand against the FBI's Carnivore surveillance program, igniting a crucial legal clash over user privacy. EarthLink, FBI Agreement, Privacy Protection, Internet Surveillance. . LinuxSecurity.com Team
Jul 17, 2000
•
Privacy
77
data breachcyber lawservice providerInsights On Cybersecurity Lawsuits Impacting Service Providers
"Somebody's going to get sued; that's clear," said David J. Loundy, of Chicago's D'Ancona & Pflaum LLC. "Somebody's going to want a test case. The issue [is] whether there's going to be one or two of these suits, or whether . . .. "Somebody's going to get sued; that's clear," said David J. Loundy, of Chicago's D'Ancona & Pflaum LLC. "Somebody's going to want a test case. The issue [is] whether there's going to be one or two of these suits, or whether it's going to be open season against service providers," said Mr. Loundy, who teaches computer crime at Chicago's John Marshall Law School. The link for this article located at NY Law Journal is no longer available. . Professionals analyze how data protection failures might result in legal actions against service companies, highlighting potential legal consequences.. Cybersecurity Law,Lawsuit Risks,Data Breach Consequences. . LinuxSecurity.com Team
Mar 02, 2000
•
Server Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More