Feature Articles

Need an in-depth introduction to a new security topic? Our features articles will bring up up-to-date on everything from buffer overflows to SE Linux policy development.

Fortifying Email Security with Infosec Through the SDLC

Imagine releasing a software solution into the market only to realize the user cannot use the app properly. They have been reporting numerous bugs, which has lowered your reputation and reliability. ...
May 07, 2024
  0

Protect Your Linux Web Apps and Meet Compliance Standards

Security is vital for your Linux web apps, but keeping ...
May 05, 2024
  0
7.Locks HexConnections Esm H115

Strategies for Improving Linux Security Through Cross-Browser Compatibility Testing

In the dynamic landscape of web development, ensuring t...
May 05, 2024
  0
19.Laptop Bed Esm H115

Discover LinuxSecurity Features

LS Hmepg 337x500 34 Esm H200

Remote Syslog with MySQL and PHP

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Msyslog has the ability to log syslog messages to a database. This allows for easier monitoring of multiple servers and the ability to be display and search for syslog messages using PHP or any other programming language that can communicate with the database.

Ls Default Copy 1 Duane Dunston
LS Hmepg 337x500 34 Esm H200

Patching It Up

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Patching and upgrading software requires more than running a few commands. Having a patch recovery plan, communicating with developers on that server, and knowing who to contact in case of a botched patch job is critical.

Ls Default Copy 1 Duane Dunston

Contribute to LinuxSecurity

Don’t sit on the sidelines of history. Join the Linux Security community
and write real news & articles about Linux that matters the most.

Contribute Now
LS Hmepg 337x500 34 Esm H200

Newest Members of the Team

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Just to give everyone an idea about who writes these articles and feature stories that we spend so much of our time reading each day, I have decided to ask Brian Hatch and Duane Dunston, the newest members of the LinuxSecurity.com team, a few questions.

Ls Default Copy 1 Duane Dunston
LS Hmepg 337x500 34 Esm H200

No 'A' Word In Time

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Maintaining accurate time is required for security. Many tools and devices exist to ensure that accurate time is maintained on an organization's system. It makes the job of analysis and system administration much easier to deal with, as well.

Ls Default Copy 1 Duane Dunston
LS Hmepg 337x500 34 Esm H200

If It Ain't Broke See If It's Fixed

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Attackers are still compromising servers with well-known attacks. General awareness can assist the busy administrators and users to protect their systems from these kinds of attacks. SANS provides a list of the Top 20 most common security vulnerabilities, how to identify each, and what can be done to protect against these vulnerabilities.

Ls Default Copy 1 Duane Dunston
LS Hmepg 337x500 34 Esm H200

Security: Apache (2 of 3)

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This is the second installation of a 3 part article on LAMP (Linux Apache MySQL PHP). Apache is the most widely used HTTP-server in the world today.

191 Brittany Brittany Day
LS Hmepg 337x500 34 Esm H200

Remote Syslogging - A Primer

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The syslog daemon is a very versatile tool that should never be overlooked under any circumstances. The facility itself provides a wealth of information regarding the local system that it monitors.

191 Brittany Brittany Day
LS Hmepg 337x500 34 Esm H200

Designing Shellcode Demystified

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This paper is about the fundamentals of shellcode design and totally Linux 2.2 on IA-32 specific architectures. The base principles apply to all architectures, whereas the details might obviously not.

191 Brittany Brittany Day
LS Hmepg 337x500 34 Esm H200

Network Security Audit (Part I)

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

"Information for the right people at right time and from anywhere" has been the driving force for providing access to the most of the vital information on the network of an organization over the Internet. This is a simple guide on conducting a network security audit, This article contains points for conducting an audit.

191 Brittany Brittany Day
LS Hmepg 337x500 34 Esm H200

What is Slapper?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The question of the week: What is Slapper? Let me begin by telling you I am not only describing the Slapper worm, but I am also describing the Apache/mod_ssl worm, the bugtraq.c worm, and the Modap worm. In effect, this is just 4 different names for the same nasty worm.

191 Brittany Brittany Day
LS Hmepg 337x500 34 Esm H200

NFS Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

NFS (Network File System) is a widely used and primitive protocol that allows computers to share files over a network. The main problems with NFS are that it relies on the inherently insecure UDP protocol, transactions are not encrypted and hosts and users cannot be easily authenticated. Below we will show a number of issues that one can follow to heal those security problems.

191 Brittany Brittany Day
LS Hmepg 337x500 34 Esm H200

PHP Secure Installation

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

As we know that the vulnerabilities in PHP are increasing day by day there comes the need to secure the PHP installation to the highest level. Due to its popularity and its wide usage most of the developers and the administrators will be in trouble if they don't take appropriate steps on security issues during the installation.

191 Brittany Brittany Day
LS Hmepg 337x500 34 Esm H200

Centralized File-Integrity With Samhain Part I

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This article will discuss installing and configuring a secure, centralized file-integrity program. Later articles in this series will discuss specific features, like deploying packaged clients to hosts on your network, creating customized reports, and other cool Samhain features.

Ls Default Copy 1 Duane Dunston
LS Hmepg 337x500 34 Esm H200

Best Practices guide for securing the Linux Workstation

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

There is no silver bullet in security; rather, due diligence and knowledge are the best foundations for solid management of risk. The focus of this document is distinctively on workstations: those located in a corporate environment, those situated at the house, and the myriad of situations that fall somewhere in-between.

191 Brittany Brittany Day
LS Hmepg 337x500 34 Esm H200

Assessing Internet Security Risk, Part Two: an Internet Assessment Methodology

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This article is the second in a series that is designed to help readers to assess the risk that their Internet-connected systems are exposed to. In the first installment, we established the reasons for doing a technical risk assessment. In this installment, we'll start discussing the methodology that we follow in performing this kind of assessment.

191 Brittany Brittany Day
LS Hmepg 337x500 34 Esm H200

Real World Linux Security: Bob Toxen's Perspective

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In this interview, Bob introduces his new book, discusses the "seven deadly sins" of Linux security, and outlines the benefits of the open source software model. He also points out the pitfalls that many system administrators fall into and how to avoid them.

191 Brittany Brittany Day
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved