Heinzi – Page 2 – WindowsTechs.com

How do I minimize the number of passwords leaked when a PC gets compromized?

Posted on August 2, 2020 by Heinzi

For customer support reasons, we need to store passwords to some of our customers’ systems (with their explicit, written permission, of course), as well as, obviously, passwords to some of our own systems. Customer support agents and admin… Continue reading How do I minimize the number of passwords leaked when a PC gets compromized?→

Security risks of fetching user-supplied URLs

Posted on April 25, 2020 by Heinzi

We are considering to add the following feature to our web application (an online product database, if it matters):

Instead of uploading an image, the user can provide the (self-hosted) URL of an image. We store the URL instead of the im… Continue reading Security risks of fetching user-supplied URLs→

Do I need to worry about vulnerabilities that require administrative privileges to exploit?

Posted on June 14, 2019 by Heinzi

I am currently evaluating the impact that the recent NUC Firmware Advisory has on our machines.

What confuses me is that fact that those vulerabilities are scored with

a high risk score, but
require(!) administrative privi… Continue reading Do I need to worry about vulnerabilities that require administrative privileges to exploit?→

What’s the drawback of enabling auth-nocache in OpenVPN?

Posted on April 11, 2019 by Heinzi

Using a “default” configuration, OpenVPN clients show the following warning when connecting to a VPN server in red, attention-seeking letters:

WARNING: this configuration may cache passwords in memory — use the auth-noca… Continue reading What’s the drawback of enabling auth-nocache in OpenVPN?→

Is it possible to defend against a backscatter attack?

Posted on October 31, 2018 by Heinzi

Yesterday, some spammer on the other side of the world decided to send out a ton of phishing mails with my business mail address as both From address and envelope sender.

The usual best practices are in place: My provider (a… Continue reading Is it possible to defend against a backscatter attack?→

Someone is trying to brute-force(?) my private mail server… very… slowly… and with changing IPs

Posted on November 27, 2017 by Heinzi

This has been going on for about 1-2 days now:

heinzi@guybrush:~$ less /var/log/mail.log | grep ‘^Nov 27 .* postfix/submission.* warning’
[…]
Nov 27 03:36:16 guybrush postfix/submission/smtpd[7523]: warning: hostname bd676a3d.virtua.com… Continue reading Someone is trying to brute-force(?) my private mail server… very… slowly… and with changing IPs→

How does the CVE-2017-7494 "SambaCry" exploit work?

Posted on May 26, 2017 by Heinzi

According to media reports, an attacker can

upload a library to a Samba share and then
open a named pipe whose name equals the local path to the uploaded library

to remotely execute the code contained in the library.

How… Continue reading How does the CVE-2017-7494 "SambaCry" exploit work?→