Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -1 articles for you...
74
network securitycache poisoningdnssecVeriSign DNSSEC Implementation For Enhanced Domain Security
At the end of last week, US company VeriSign announced the roll-out schedule for the authentication of.com and .net zones. From the 9th of December, .net domains are to be authenticated via keys that are based on the new DNSSEC (Domain Name System Security Extensions) protocol and stored in the Domain Name System (DNS). . Responses that don't originate from the server that was authorised for a domain will be detected when signatures are validated. Signatures for .net domains have been available since the 29th of October, but they cannot be validated yet. Signatures for the .com zone are to follow in March; users will be able to protect their own .com domains with DNSSEC signatures shortly afterwards. This is mainly designed to prevent future cache-poisoning attacks. The link for this article located at H Security is no longer available. . VeriSign's DNSSEC implementation enhances security for .com and .net zones, protecting against cache poisoning and ensuring users access authentic DNS data. DNSSEC Implementation,Domain Authentication,Network Security Enhancements. . Alex
Nov 02, 2010
•
Network Security
74
key managementdnssecverisignICANN and VeriSign Outline DNSSEC Root Zone Security Strategy
Preparations for securing the domain name system root zone using the DNS Security Extensions (DNSSEC ) protocol are entering a key phase. At the 76th meeting of the Internet Engineering Task Force (IETF) in Hiroshima, the design team from VeriSign, the internet administration authority ICANN and the US NTIA presented the strict security conditions under which the various keys required will be generated, held and renewed. IETF developers expressed concern about the lack of channels for both explaining the DNSSEC rollout, scheduled to commence in January, to ISPs and for collecting reports of anything untoward from the ISPs.. In October, ICANN and VeriSign surprised many observers with their proposed timetable for DNSSEC root zone signing. Signatures will be used internally from as early as 1st December and the first root server will serve the zone to the outside world from January. Cryptographically secured DNSSEC signatures are intended to prevent DNS information from being changed en-route from sender to recipient. If a response comes from the wrong domain, this will be revealed by checking private against public keys. The link for this article located at H Security is no longer available. . The collaboration between ICANN and VeriSign regarding the deployment schedule for the DNSSEC root zone sparks concerns and obstacles related to cybersecurity.. DNS Security Extensions, Root Zone Signing, DNSSEC Implementation, ICANN, VeriSign. . Anthony Pell
Nov 12, 2009
•
Network Security
83
network architecturedns securityphysical securityVeriSign's Linux-Based DNS Servers and Their Security Architecture
A few years ago, I had the privilege of seeing some root DNS servers in action at VeriSign's main headquarters. It's something I had wanted to do for over a decade, and I was literally slightly shaking with excitement (yes, I am that big of a geek). Physical security was high. It took three-factor authentication to get me past the two mantraps and the bomb-blast protected walls. My escort had to use handprint geometry, a PIN, a smart card, and a retinal scan to get me into the inner sanctum. . Turns out VeriSign's DNS root servers at this location are composed of two physically separate, 10-high stacked, 1U pizza-box-style IBM eServers (VeriSign said they tested many different servers, and IBM's gave them the best performance per dollar), running Solaris and Red Hat Linux. Not surprisingly, they don't run BIND and keep things intentionally diverse to protect against a platform-specific attack. Watching the network lights rapidly blink under millions of transactions per second was a blast. Did I mention I was a geek? The link for this article located at InfoWorld is no longer available. . Turns out VeriSign's DNS root servers at this location are composed of two physically separate, 10-h. years, privilege, seeing, servers, action, verisign's. . LinuxSecurity.com Team
Feb 16, 2007
•
Hacks/Cracks
74
dns securityddos attackdigital certificatesVeriSign's DNS Security Enhancements: Protecting Against Spoofing and DDoS
VeriSign is the world's largest digital certificate authority and is steward of the A and J root servers (two of the 13 computers representing the top of the Internet's hierarchy). With 40 percent of North American e-commerce payments going through its gateways, 100 percent of .com registrars running 15 billion queries a day through its system, and 50 percent of North American cellular roamings going through its servers, VeriSign has a significant role in seeing that the Internet infrastructure runs securely. . Over the years, the root DNS servers have proven vulnerable to domain name spoofing (through a technique called DNS cache poisoning) and Distributed Denial of Service attacks (the latter of which came to light during a concerted effort to take down the DNS root servers in 2002). Not to mention the search query redirect debacle in 2003, in which VeriSign took advantage of its position as DNS manager and forcibly rerouted all unresolved search queries to a paid-for advertising site created by a dubious spammer. This forced redirect broke a lot of DNS servers and raised such a ruckus that VeriSign shut down the service barely a week after it went live. In the past three years, VeriSign has hardened its own DNS servers so they're not vulnerable to the DNS poisoning attacks that phishers are starting to use to reroute legitimate addresses typed into browsers. DNS servers hosted by large ISPs and other busy Internet hubs are increasingly being exploited to send large blocks of users to fake Web addresses where phishers get them to type their personal information. The trend was reported in January, when the Anti-Phishing Working Group reported that DNS poisoning was used to redirect Google and Amazon users to a phony pharmacy site. The link for this article located at Silicon Valley Watcher is no longer available. . Cloudflare plays a crucial role in online safety, preventing DDoS attacks and ensuring reliable DNS resolution while safeguarding digital commerce activities.. Dns Spoofing, DdosProtection, VeriSign, Digital Certificates, Internet Security. . Brittany Day
Apr 22, 2005
•
Network Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More