Featured Linux Articles
Need an in-depth introduction to a new security topic? Our features articles will bring up up-to-date on everything from buffer overflows to SE Linux policy development.
Need an in-depth introduction to a new security topic? Our features articles will bring up up-to-date on everything from buffer overflows to SE Linux policy development.
It’s hard to think of a technology more impactful than Artificial Intelligence (AI). While it’s been around for a while, it’s only recently broken into the mainstream. Now that it has, it’s rewriting the playbook for much of the tech industry, especially open-source software (OSS).
With the support of the open-source community and a strict privilege system embedded in its architecture, Linux has security built into its design. That being said, gone are the days when Linux system administrators could get away with subpar security practices. Cybercriminals have come to view Linux as a viable attack target due to its growing popularity, the valuable devices it powers worldwide, and an array of dangerous new Linux malware variants that have emerged in recent years.
Security is vital for your Linux web apps, but keeping up with the latest exploits and meeting compliance standards can quickly become overwhelming.
In the dynamic landscape of web development, ensuring that applications perform uniformly across various web browsers is a vital aspect of user experience. This becomes increasingly important for Linux systems, where the default browsers and configurations range presents unique challenges. Cross-browser compatibility testing on Linux helps to identify and resolve these discrepancies, thereby enhancing the accessibility and functionality of web applications for all users.
In the evolving cybersecurity landscape, staying ahead of threats while ensuring system stability and compliance is paramount for businesses and developers. Red Hat Enterprise Linux (RHEL) version 9.4 emerges as a beacon of innovation and security, encapsulating the best open-source technology to meet these challenges head-on.
Imagine releasing a software solution into the market only to realize the user cannot use the app properly. They have been reporting numerous bugs, which has lowered your reputation and reliability.
Open-source software, or OSS, has completely changed the technology sector by enabling developers anywhere to work together and produce creative solutions faster. However, security issues are a significant worry, just like in any digital environment. Therefore, you should take precautions to secure any open-source software you use.
This first part of the Complete Guide to Keylogging in Linux will explore keylogger attacks in network security. Keylogging can be valuable for testing within the Linux Security realm, so we will dive deeper into how you can write keyloggers and read events directly from a keyboard device on Linux.
In Complete Guide to Keylogging in Linux: Part 1, we discussed how to write keyloggers for Linux by reading keyboard device events. This article will continue to discuss keyboard event capture so you have more techniques to use for keylogger attacks in network security.
In Complete Guide to Keylogging in Linux: Part 1 and Complete Guide to Keylogging in Linux: Part 2, we discussed the basics of keylogging and a few options you can utilize to check your server for attacks in network security. This article will discuss what techniques you can implement to capture keyboard events within a Linux kernel.
Keylogger attacks in network security have become more popular over time. Therefore, businesses must implement procedures and tactics to prevent these network security issues from harming a server.
Linux administrators and infosec professionals face rising cyber threats in today's interconnected digital world. As open-source platforms gain more importance, securing them becomes mission-critical for organizations worldwide.
Cybersecurity is not static; it's a game of continuous evolution. As web applications burgeon, so too do the threats against them. Within Linux environments, where flexibility and open-source attributes are prized, secure coding practices, Linux devs can stand on vigilant watch against these proliferating dangers.
Most businesses understand the need for cybersecurity. However, many of those same companies still rely on outdated systems, making it hard to ensure the security they know they need.
Data security in a modern business environment is considered one of the most critical factors for any company. The digitalization of the world has led to more and more data being generated daily, including very sensitive data, such as internal business plans, customer payment data, etc.
IaC, or infrastructure as code, is essential to most cloud-based applications. Implementing IaC has advantages that significantly increase the service's characteristics and efficiency. However, as well as its enormous value, IaC has certain security drawbacks, like the spreading of simple security issues on all the files or vulnerability to data exposure, which could greatly affect the security of an open-source environment.
At last count, W3Techs reported that 43.1% of all websites operating on the Internet today rely on the WordPress CMS. And of those, an overwhelming majority run on Linux servers. That immense popularity makes Linux servers running WordPress a prime target of hackers and other bad actors. As a result, such servers face an estimated 90,000 attacks every minute, every day.
In this paper, we describe and analyze a network-based DoS attack for IP-based networks. It is known as SYN flooding. It works by an attacker sending many TCP connection requests with spoofed source addresses to a victim's machine. Each request causes the targeted host to instantiate data structures out of a limited pool of resources to deny further legitimate access.
There are several general categories of DoS attacks. Some groups divide attacks into three classes: bandwidth attacks, protocol attacks, and logic attacks. Following are brief descriptions of some common types of DoS attacks.
When a normal TCP connection starts, a destination host receives a SYN (synchronize/start) packet from a source host and sends back a SYN ACK (synchronize acknowledge). The destination host must then hear an ACK (acknowledge) of the SYN ACK before the connection is established. This is referred to as the "TCP three-way handshake."