Linux Today - Security

 FOSSpost: Is it time for default sudo behavior to change?

ZDnet: For less than a $100, you can have an open-source powered, easy-to-use server, which enables you -- and not Apple, Facebook, Google, or Microsoft -- to control your view of the internet.

Learn how to mitigate the ICMP timestamp vulnerability in Linux by blocking certain types of Internet Control Message Protocol at the firewall.

Bruteforce is among the oldest hacking techniques, it is also one of the simplest automated attacks requiring minimum knowledge and intervention by the attacker.

A new major Kismet version has been released, almost 3 years after the previous stable release.

Linuxize: A self-signed SSL certificate is a certificate that is signed by the person who created it rather than a trusted certificate authority.

eWEEK: Oracle is out with its second critical patch update set for 2019, patching a total of 297 issues spread across its software portfolio, though one issue in particular could well be more impactful and critical for users to patch, than others.

Most applications normally display a feedback using asterisks (*******) when a user is typing a password...

HowToForge: OpenVPN is an open source application that allows you to create a secure private network over the public internet.

CentOS 7 has firewalld installed as a default firewall program. But firewalld can be used to configure CentOS 7 as a router as well.

Linux.com: The ultimate goal of using LDAP (in many cases) is enabling desktop authentication.

Learn how to restore the root password for CentOS in a very simple way.

Learn how you can install and use ClamAV Antivirus and ClamTK in order to scan your Ubuntu System for viruses.

eWEEK DATA POINTS: IBM Security and the Ponemon Institute asked global IT executives what they do to keep their organizations cyber-resilient and discovered interesting insights about the state of modern cyber-security.

eWEEK: Imperva discovers a new attack in which hackers abused a commonly used HTML5 attribute to launch a DDoS attack that generated 70 million requests hitting a target website in a four-hour span.

The Register: Making it the first new top-level project since 2012

By default, SSH already uses a secure data communication between remote machines, but if you want to add some extra security layer to your SSH connections, you can add a Google Authenticator (two-factor authentication)

Learn how to setup up an SFTP Chroot Jail environment

Phoronix: WireGuard lead developer Jason Donenfeld announced this latest snapshot on Saturday, the first since late February.

Purism plans to integrate Private Internet Access's VPN services by default within its Debian-based PureOS operating system

Linux.com: Learn how to install and use the LDAP Account Manager (LAM) tool in this tutorial

Android Security Patch for April 2019 consists of the 2019-04-01 and 2019-04-05 security patch levels, which address a total of 89 vulnerabilities across several components

ostechix: Firejail is a SUID (Set owner User ID up on execution) program that reduces the risk of security breaches

eWEEK: The open-source Apache Web Server project has patched six flaws in the new 2.4.39 update, including a critical issue that could potentially put cloud and shared web hosting providers at risk.

eSecurityPlanet: Automation, orchestration and machine learning technologies could help organizations keep up with cybersecurity threats, according to new research.

eWEEK: Cloudflare is using the next generation Quic internet protocol and the open-source Wireguard VPN project as a base to build an advanced internet security service that could one day challenge incumbents in the multi-billion dollar enterprise VPN space.

There are times when you really just want to disable security -- even though you really shouldn't

MakeTechEasier: LUKS is the native encryption option on Linux system

Linux systems are designed in such a way that they can support multiple users.

Learn how to disable the root user access and permit it via su user in Linux for security reasons.

MakeTechEasier: Ubuntu's recovery mode provides great options to fix a broken system.

eSecurityPlanet: Serverless is a new computing paradigm that also introduces new security risks. Learn what serverless is and the security steps your organization needs to take to make serverless workloads run securely.

In this tutorial we will cover the basics of firewalld like zones, targets, runtime vs permanent, opening ports, etc.

This detailed guide teaches you what is Fail2Ban

2DayGeek: Three methods to configure sudo access in Linux.

 Learn how to use the pwquality pam module to create a password policy in Linux.