Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 2 articles for you...
77
security breachsession managementweb application securityCross Site Scripting Attack: Exploiting Session IDs And Cookies
Cross site scripting (XSS) errors are generally considered nothing more than a nuisance . As if fate wanted to make it challenging, the maximum size of the HTML input field for the email address was 25 characters, and it only accepted POST data, which is somewhat limiting. As a result, I had to "outsource" my cross-site scripting attack to a third server. The end result was that I had to make a user click on a link that first took the victim to my server. From there, the code on my server directed the victim to the web application with a POST value that included the XSS code, which was then fed into the login script. Finally, the above JavaScript was output into the login page. Once the JavaScript executed, the cookie data was passed back to the third party server, which captured that cookie value, stored it, and redirected the victim back to the real server where they would again be presented with the real and unaltered login page. Since all this happened in a matter of a second, only an educated and knowledgeable user would notice anything out of the ordinary. The link for this article located at Inform IT is no longer available. . As if fate wanted to make it challenging, the maximum size of the HTML input field for the email add. cross, scripting, (xss), errors, generally, considered, nothing, nuisance. . LinuxSecurity.com Team
Aug 16, 2006
•
Server Security
77
application securityauthenticationsession managementExploring PAM Modules For Enhanced Authentication Security
PAM stands for Pluggable Authentication Modules and is a system for providing application independence for authentication. A PAM-enabled application calls a stack of PAM modules to run authentication, open and close sessions, and check account validity.. . .. PAM stands for Pluggable Authentication Modules and is a system for providing application independence for authentication. A PAM-enabled application calls a stack of PAM modules to run authentication, open and close sessions, and check account validity. This is part three of a three-part series on writing PAM modules. Part one discussed the background information needed to write modules. Part two covered supporting code, including the conversation structure. PAM modules are grouped into four module types, though there are six critical functions. Applications call each of the functions as they need them, but system administrators can only choose functions by their module type. . Delve into the world of PAM frameworks, uncover deployment strategies, and elevate application authentication autonomy with our comprehensive manual.. PAM Modules, Pluggable Authentication, Application Security, System Admin, Module Development. . LinuxSecurity.com Team
Jun 03, 2002
•
Server Security
77
access controlweb applicationsession managementImplement User Authentication Using PHP And Apache for Secure Access
There are a number of reasons why you might want to add user authentication to your Web site. You might want to restrict access to certain pages only to a specific group of privileged users. You might want to customize the content on your site as per user preferences.. . .. There are a number of reasons why you might want to add user authentication to your Web site. You might want to restrict access to certain pages only to a specific group of privileged users. You might want to customize the content on your site as per user preferences. Or you might just want to track user movement between the pages of your site. Regardless of why you want to add it, you should know how to go about doing it reliably and efficiently. That's where this article comes in. Over the next few pages, I'll be showing you how to authenticate users, maintain session information and handle login/logout operations, using both built-in Apache authentication and custom PHP code. So keep reading. The link for this article located at DevShed is no longer available. . Developing web applications requires robust authentication for user data safety. This guide assists you in implementing secure user authentication with PHP and Apache. User Authentication, PHP Integration, Apache Security. . LinuxSecurity.com Team
Mar 20, 2002
•
Server Security
74
web applicationsecurity riskssession managementUnderstanding Risks of Brute Forcing Session IDs in Web Applications
Almost all of today's "stateful" web-based applications use session IDs to associate a group of online actions with a specific user. This has security implications because many state mechanisms that use session IDs also serve as authentication and authorization mechanisms -- . . . . Almost all of today's "stateful" web-based applications use session IDs to associate a group of online actions with a specific user. This has security implications because many state mechanisms that use session IDs also serve as authentication and authorization mechanisms -- purposes for which they were not well designed. In this paper, iDEFENSE Labs focused on the ease with which many of today's common web applications can be brute-forced, allowing an attacker to steal a legitimate user's credentials without ever having to guess their password. . Explore the vulnerabilities of session tokens in online platforms that can be targeted via brute force methods, jeopardizing user authentication.. Session ID Attacks, Brute Force Methods, Authentication Flaws, User Credential Theft. . Anthony Pell
Nov 13, 2001
•
Network Security
78
MySQLaccess controlweb securitySecuring Web Pages with User Authentication and MySQL Integration
phpSecurePages is a PHP module to secures pages with a login name and password. It can handle multiple user groups (each with their own viewing rights), store data in a MySQL database or a configuration file, and be used to identify . . . . phpSecurePages is a PHP module to secures pages with a login name and password. It can handle multiple user groups (each with their own viewing rights), store data in a MySQL database or a configuration file, and be used to identify your Web site viewers. It also has multiple language support and session support for both PHP3 and PHP4. The link for this article located at net-security.org is no longer available. . SecureWebPages is a PHP extension crafted for safeguarding internet pages through login verification and account administration.. phpSecurePages, User Authentication, Web Security, MySQL Integration, Session Management. . LinuxSecurity.com Team
Sep 24, 2000
•
Vendors/Products
77
MySQLuser managementsession managementUser and Session Management Strategies in E-Commerce Development
This is the second article in a three-part series dealing with using PHP 4 and MySQL to make a comprehensive e-commerce storefront solution. This article covers session management within the store, user privileges, and a few security concerns. . . .. This is the second article in a three-part series dealing with using PHP 4 and MySQL to make a comprehensive e-commerce storefront solution. This article covers session management within the store, user privileges, and a few security concerns. The link for this article located at DevShed is no longer available. . Explore our in-depth guide on user roles and session management in PHP and MySQL for e-commerce, ensuring robust security and seamless user experiences. User Management, E-Commerce, Session Control, PHP, MySQL. . LinuxSecurity.com Team
May 19, 2000
•
Server Security
67
session managementPHPecommerceBuilding An Ecommerce Shopping Cart: Session Management Insights
This edition of "Couch Sessions" talks about building an online shopping cart. "Need to build an online shopping cart in a hurry? This article takes a look at session management, an important component of transaction-based Web sites, and explains the . . .. This edition of "Couch Sessions" talks about building an online shopping cart. "Need to build an online shopping cart in a hurry? This article takes a look at session management, an important component of transaction-based Web sites, and explains the fundamentals of adding session support to your site. Includes programming examples in PHP4 and PHP3 with PHPLib." The link for this article located at Submitted by Randy Cosby is no longer available. . This edition of 'Couch Sessions' talks about building an online shopping cart. 'Need to build an onl. edition, 'couch, sessions', talks, about, building, online, shopping, 'need, build. . LinuxSecurity.com Team
May 03, 2000
•
Cryptography
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More