Featured Linux Articles
Need an in-depth introduction to a new security topic? Our features articles will bring up up-to-date on everything from buffer overflows to SE Linux policy development.
Need an in-depth introduction to a new security topic? Our features articles will bring up up-to-date on everything from buffer overflows to SE Linux policy development.
Computer forensics have hit the big time. A previously superniche technology, forensics have moved into the collective consciousness of IT sys. admins. and Corporate CSOs.
Proper methodology for computer forensics would involve a laundry-list of actions and thought processes that an investigator needs to consider in order to have the basics covered.
Msyslog has the ability to log syslog messages to a database. This allows for easier monitoring of multiple servers and the ability to be display and search for syslog messages using PHP or any other programming language that can communicate with the database.
Patching and upgrading software requires more than running a few commands. Having a patch recovery plan, communicating with developers on that server, and knowing who to contact in case of a botched patch job is critical.
Just to give everyone an idea about who writes these articles and feature stories that we spend so much of our time reading each day, I have decided to ask Brian Hatch and Duane Dunston, the newest members of the LinuxSecurity.com team, a few questions.
Maintaining accurate time is required for security. Many tools and devices exist to ensure that accurate time is maintained on an organization's system. It makes the job of analysis and system administration much easier to deal with, as well.
Attackers are still compromising servers with well-known attacks. General awareness can assist the busy administrators and users to protect their systems from these kinds of attacks. SANS provides a list of the Top 20 most common security vulnerabilities, how to identify each, and what can be done to protect against these vulnerabilities.
This is the second installation of a 3 part article on LAMP (Linux Apache MySQL PHP). Apache is the most widely used HTTP-server in the world today.
The first installation of a 3 part article covering everything from physical security and service security to LAMP security (Linux Apache MySQL PHP).
The syslog daemon is a very versatile tool that should never be overlooked under any circumstances. The facility itself provides a wealth of information regarding the local system that it monitors.
This paper is about the fundamentals of shellcode design and totally Linux 2.2 on IA-32 specific architectures. The base principles apply to all architectures, whereas the details might obviously not.
"Information for the right people at right time and from anywhere" has been the driving force for providing access to the most of the vital information on the network of an organization over the Internet. This is a simple guide on conducting a network security audit, This article contains points for conducting an audit.
The question of the week: What is Slapper? Let me begin by telling you I am not only describing the Slapper worm, but I am also describing the Apache/mod_ssl worm, the bugtraq.c worm, and the Modap worm. In effect, this is just 4 different names for the same nasty worm.
NFS (Network File System) is a widely used and primitive protocol that allows computers to share files over a network. The main problems with NFS are that it relies on the inherently insecure UDP protocol, transactions are not encrypted and hosts and users cannot be easily authenticated. Below we will show a number of issues that one can follow to heal those security problems.
As we know that the vulnerabilities in PHP are increasing day by day there comes the need to secure the PHP installation to the highest level. Due to its popularity and its wide usage most of the developers and the administrators will be in trouble if they don't take appropriate steps on security issues during the installation.
This article will discuss installing and configuring a secure, centralized file-integrity program. Later articles in this series will discuss specific features, like deploying packaged clients to hosts on your network, creating customized reports, and other cool Samhain features.
There is no silver bullet in security; rather, due diligence and knowledge are the best foundations for solid management of risk. The focus of this document is distinctively on workstations: those located in a corporate environment, those situated at the house, and the myriad of situations that fall somewhere in-between.
This article is the second in a series that is designed to help readers to assess the risk that their Internet-connected systems are exposed to. In the first installment, we established the reasons for doing a technical risk assessment. In this installment, we'll start discussing the methodology that we follow in performing this kind of assessment.
The recent situation regarding the Apache Chunk Encoding Vulnerability has caused plenty of controversy in the security industry. It initially began with the community dislike of the release of information.
In this interview, Bob introduces his new book, discusses the "seven deadly sins" of Linux security, and outlines the benefits of the open source software model. He also points out the pitfalls that many system administrators fall into and how to avoid them.