Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 0 articles for you...
214
application securitytrust managementcybersecurity best practicesEstablishing a Root of Trust in Embedded Linux and IoT Security
With IoT, 5G and embedded devices becoming a larger part of everyone’s daily lives, security—and more importantly, trust in our technology—is on everyone’s minds. Embedded devices don’t have a good security track record; the last several years saw a significant number of high-profile hacks that could prevent people from widely accepting IoT into their homes. . The proliferation of hacks and the threat to basic infrastructure resulted in a move toward regulating the security of critical software. Specifically, Executive Order 14082, issued by United States, drew up a list of security practices, including the inclusion of a software bill of materials (SBOM), with every application run by the U.S. federal government. The National Institute of Standards and Technology (NIST) is also creating reference architectures and templates for application security as a result of the Executive Order. Regulation is coming to software security that will likely impact every company that produces code or sells products running on code. Check out these six tips on protecting your IoT devices from hackers. . Surge in cyber attacks drives regulatory changes in safeguarding embedded systems and IoT device security initiatives.. Embedded Security, IoT Trust, Application Regulation, Cybersecurity Best Practices. . Brittany Day
May 18, 2022
•
IoT Security
74
OpenSSLenterprise securitytrust managementImplementing Your Own CA For Improved Enterprise PKI Security
In this article we continue our discussion of some of the foundations of public key infrastructure (PKI) that we began in an earlier article, where we discussed the role of keys, certificates, and trust. While discussing the importance of distributed (or transitive) trust in PKI design, we outlined the job of the certificate authority (CA) in PKI, giving the general idea of its role in certificate issuance and management. Here, we'll explore the how and when one might wish to establish one's own CA when incorporating a PKI into an enterprise design. . . .. In this article we continue our discussion of some of the foundations of public key infrastructure (PKI) that we began in an earlier article, where we discussed the role of keys, certificates, and trust. While discussing the importance of distributed (or transitive) trust in PKI design, we outlined the job of the certificate authority (CA) in PKI, giving the general idea of its role in certificate issuance and management. Here, we'll explore the how and when one might wish to establish one's own CA when incorporating a PKI into an enterprise design. We'll expand the discussion of CA implementation and use by giving practical examples using two widely available tools, OpenSSL and keytool. Bear in mind that many of the topics that we'll touch on require a deeper background than is practical to present within the scope if this article. Where applicable, we'll provide pointers to useful references. Why do I need a CA? As discussed in our earlier article, the CA is a crucial component of any PKI, as it provides public-key certificate issuance, management, and revocation services to PKI users, thus enabling distributed trust relationships. In general, the CA is usually not a singular entity, but a hierarchical collection of authorities, with a root CA at the top of the structure acting as the most trusted (and most authoritative) entity in the organization. The link for this article located at newsforge.com is no longer available. . In this article wecontinue our discussion of some of the foundations of public key infrastructure (. article, continue, discussion, foundations, public, infrastructure. . Anthony Pell
Aug 25, 2004
•
Network Security
78
security riskstrust managementcommunity trustUnderstanding The Role Of Transparency In Open-Source Integrity
Some people would have you believe this is monumental or out of the ordinary -- a group that distributes software experiencing a compromise, then letting everybody know about it and warning of the potential risks. Those that prance about in Penguin-embroidered cheerleader tops and yellow and black tutus suggest between pom-pom waves that no commercial vendor would ever be as candid.. . .. Some people would have you believe this is monumental or out of the ordinary -- a group that distributes software experiencing a compromise, then letting everybody know about it and warning of the potential risks. Those that prance about in Penguin-embroidered cheerleader tops and yellow and black tutus suggest between pom-pom waves that no commercial vendor would ever be as candid. I think that's wrong. When you get owned, somebody is going to announce it, so there's no reason for anyone -- commercial vendors included -- to try and keep it under wraps. People talk. This is our nature, and inevitably the gossip subway is going to go rumbling down the tracks, out of control, until it breaks through the surface. Moreover, open projects are in a situation that uniquely requires immediate disclosure of a compromise. A project that does not publicly admit a compromise not only risks the integrity of the project, but also risks the trust that users put in the project. And in current form, open-source projects are built entirely on trust. This trust in open-source generally springs from the practice of distributing the source code for applications. But users who download from the project can't be assured that the application hasn't been tampered with, unless they actually read through the source code. There's no guarantee that the source is actually the source that was intended. The link for this article located at is no longer available. . Open-source initiatives need to prioritize clarity and reliability even when facing challenges in program dissemination.. Open Source Integrity, Project Transparency, Community Trust. .LinuxSecurity.com Team
Dec 17, 2003
•
Vendors/Products
74
configurationsecurity best practicestrust managementComprehending Trust Management Within System Configuration Practices
Noel writes about some things that a System Administrator should consider about trust when configuring or maintaining a system. "One of the first things many of us think about is the trust we give to the users of our systems. . . . . Noel writes about some things that a System Administrator should consider about trust when configuring or maintaining a system. "One of the first things many of us think about is the trust we give to the users of our systems. Some of these users have special privileges so that they can perform their own jobs." A System Administrator has a strange relationship with the equipment they manage, with the people using their system and with the world outside their systems. They have to walk a fine line between making their systems unusable and leaving them unsecured or unreliable. To make things even more complicated the line is different for each and every situation. In this article I will overview some of the choices and decisions that a System Administrator must understand and make when building or maintaining their systems. The link for this article located at Rootprompt.org is no longer available. . In IT security, System Administrators are vital for protecting systems and data. Prioritizing trust is key through account integrity, user privilege management, and security audits. Trust Management,System Configuration,User Access Control. . Anthony Pell
Jun 19, 2000
•
Network Security
77
access controlsystem administrationtrust managementManaging Trust and Access in System Administration Environments
One of the most difficult decisions in any given enviroment is the distribution of trust. Who can you trust and with how much access? If you have a Systems Administrator on-site then they probably have super user access . . .. One of the most difficult decisions in any given enviroment is the distribution of trust. Who can you trust and with how much access? If you have a Systems Administrator on-site then they probably have super user access on at least one or more boxes within your enterprise. What about techs who occassionaly need to perform tasks that are beyond the range of their limited access? The issue of trust is a difficult one. We all spend so much time focusing our energies on unknown parties trying to get into our systems that we often forget that we need to consider what those who are already inside can do. This SunWorld article discusses some of the issues involved in dealing with internal trust decisions and what can be done to protect critical systems from internal attack. The link for this article located at SunWorld is no longer available. . Safeguarding confidence in your network is vital. Discover essential choices regarding whom to rely on and the effects of various access permissions.. Trust Management, Access Levels, Internal Security. . LinuxSecurity.com Team
Feb 03, 2000
•
Server Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More