The domain name system (DNS) is the phone book of the Internet: it tells computers where to send and retrieve information. Unfortunately, it also accepts any address given to it, no questions asked.
The root DNS zone contains information about how to query the top-level domain (TLD) name servers (.com, .edu, .org, etc). It enables Internet users to access domain names in all TLDs, even brand new ones like .software and .bank, making it an integral part of the global Internet.
Of all the high-demand areas in IT, security stands out at the top. According to DICE, the number of security jobs skyrocketed by more than 40% from 2014 to 2015, to 50,000 openings, compared with 16.8% growth the year before. “Security jobs are growing at a far more rapid pace than other areas of technology, which are also growing rapidly,” says Bob Melk, president at DICE.
One of the best pieces of security advice any computer expert can give you is to enable two-factor authentication for websites that support it. With password breaches so common nowadays, it could be the one thing that keeps hackers from stealing your identity online. Here are five points to help you understand this technology.
Badly configured software used on thousands of machines can let hackers into X-ray scanners, industrial control systems, doctors’ servers storing medical records, and more.
Glibc, the GNU C library at the core of last year’s GHOST vulnerability, is vulnerable to another critical flaw affecting nearly all Linux machines, as well as API web services and major web frameworks where the code runs. The vulnerability, discovered independently by researchers at Google and Red Hat, has been patched. The flaw, CVE-2015-7547, is a stack-based buffer overflow in the glibc DNS client-side resolver that puts Linux machines at risk for remote code execution. The flaw is triggered when the getaddrinfo() library function is used, Google said today in its advisory.
What a nice way to finish a week – three pieces of really good news all in one announcement! Kali Linux (the successor to BackTrack), well known as one of the premier distributions for digital forensics and penetration testing, announced a new release. This by itself already qualifies as very good news. With this release, Kali-Rolling (2016.1), Kali Linux is now officially a rolling distribution. Kali was previously based on the Debian stable distribution, and basically had to track the major release cycles of Debian with their own major releases. Now Kali is based on the Debian testing distribution, so it is continuously updated. The Kali developers have also added continuous notification and updates of the penetration testing tools that they add to Debian to create the Kali distribution.
Securing a system in a production from the hands of hackers and crackers is a challenging task for a System Administrator. This article related is to How to Secure Linux box or Hardening a Linux Box. In this article We’ll explain 25 useful tips & tricks to secure your Linux system
Observium is a PHP/MySQL driven Network Observation and Monitoring application, that supports a wide range of operating systems/hardware platforms including, Linux, Windows, FreeBSD, Cisco, HP, Dell, NetApp and many more. It seeks to present a robust and simple web interface to monitor health and performance of your network.
Credit card users could have their PINs stolen, and merchants could have their bank accounts pillaged, in a set of attacks demonstrated by researchers Karsten Nohl and Fabian Bräunlein at the Chaos Computing Club security conference. Much research has been done into the chips found on credit cards and the readers and number pads used with these cards, but Nohl decided to take a different approach, looking instead at the communications protocols used by those card readers. There are two that are significant; the first, ZVT, is used between point of sale systems and the card readers. The second, Poseidon, is used between the card reader and the merchant’s bank. Nohl found that both had important flaws.