Subscribe: LinuxSecurity.com - Feature Stories
http://www.linuxsecurity.com/linuxsecurity_features.rdf
Added By: Feedage Forager Feedage Grade A rated
Language: English
Tags:
attack vector  authentication  book  linux  linuxsecurity  medusa  password guessing  password  security  server  servers  web server  web 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: LinuxSecurity.com - Feature Stories

LinuxSecurity.com - Feature Stories



The central voice for Linux and Open Source security news.



 



Social Engineering Methods for Penetration Testing

Fri, 21 Oct 2016 10:18:59 +0000

LinuxSecurity.com: Social engineering is the practice of learning and obtaining valuable information by exploiting human vulnerabilities. It is an art of deception that is considered to be vital for a penetration tester when there is a lack of information about the target that can be exploited.



Putting Infosec Principles into Practice

Fri, 23 Sep 2016 10:53:29 +0000

LinuxSecurity.com: When you’re dealing with a security incident it’s essential you – and the rest of your team – not only have the skills they need to comprehensively deal with an issue, but also have a framework to support them as they approach it. This framework means they can focus purely on what they need to do, following a process that removes any vulnerabilities and threats in a proper way – so everyone who depends upon the software you protect can be confident that it’s secure and functioning properly.



Installing an Apache Web Server with TLS

Mon, 22 Aug 2016 15:30:11 +0000

LinuxSecurity.com: One of the powerful things that Linux on servers allows you to do is to create scalable web applications with little to no software costs. Apache HTTPD, commonly referred to as just Apache, is the number one web server software in the world.



Essential tools for hardening and securing Unix based Environments

Tue, 26 May 2015 19:34:05 +0000

LinuxSecurity.com: System administrators are aware as how important their systems security is, not just the runtime of their servers. Intruders, spammers, DDOS attack, crackers, are all out there trying to get into people's computers, servers and everywhere they can lay hands on and interrupt the normal runtime of services.



Peter Smith Releases Linux Network Security Online

Mon, 06 Jan 2014 18:28:38 +0000

LinuxSecurity.com: Thanks so much to Peter Smith for announcing on linuxsecurity.com the release of his Linux Network Security book available free online. "In 2005 I wrote a book on Linux security. 8 years later and the publisher has gone out of business. Now that I'm free from restrictions on reproducing material from the book, I have decided to make the entire book available online."



Securing a Linux Web Server

Tue, 28 Apr 2015 11:26:18 +0000

LinuxSecurity.com: With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise. While specific configurations vary wildly due to environments or specific use, there are various general steps that can be taken to insure basic security considerations are in place.



Password guessing with Medusa 2.0

Mon, 09 Jan 2012 13:34:36 +0000

LinuxSecurity.com: Medusa was created by the fine folks at foofus.net, in fact the much awaited Medusa 2.0 update was released in February of 2010. For a complete change log please visit http://www.foofus.net/jmk/medusa/changelog



Password guessing as an attack vector

Tue, 13 Dec 2011 11:27:40 +0000

LinuxSecurity.com: Using password guessing as an attack vector. Over the years we've been taught a strong password must be long and complex to be considered secure. Some of us have taken that notion to heart and always ensure our passwords are strong. But some don't give a second thought to the complexity or length of our password.



Squid and Digest Authentication

Thu, 01 Dec 2011 15:02:43 +0000

LinuxSecurity.com: Digest AuthenticationDigest Authentication hashes the password before transmitting over the wire. Essentially it sends a message digest generated from multiple items including username, realm and nonce value. If you want to know more see (RFC 2617).



Squid and Basic Authentication

Thu, 01 Dec 2011 15:00:24 +0000

LinuxSecurity.com: This is perhaps the easiest authentication helper to configure in Squid, but also the most insecure. The biggest problem with Basic is it transmits username and password in clear text, hence very susceptible to network sniffing or man in the middle type attacks. The only reason I'm writing about it is it's a valid authentication mechanism in some limited circumstances. Secondly I want to show you how authentication has evolved over the years.