Tom – Page 8 – WindowsTechs.com

Add time to mod_forensic log [on hold]

Posted on March 21, 2017 by Tom

as my website is getting hacked constantly I added mod_forensic to analyze the requests and possibly identify the vulernable wordpress part.

However I do not have a timestamp in the log. As this is a very valuable piece of … Continue reading Add time to mod_forensic log [on hold]→

Server gets infected with malicious files

Posted on March 8, 2017 by Tom

I have a lot of php files being inserted to my server with spam mail purpose.

When i check the apache access log i notice the following line:

95.213.177.123 – – [07/Mar/2017:12:28:50 -0700] “POST http://check.proxyradar.co… Continue reading Server gets infected with malicious files→

do password managers count as a MFA authentication factor

Posted on February 23, 2017 by Tom

When users store complicated and unremembered passwords in password manager service such as lastpass, what authentication factor does the lastpass access represent?

Not something that is known (complicated and unremembered)… Continue reading do password managers count as a MFA authentication factor→

Monitor Server Requests and IP Addresses

Posted on February 17, 2017 by Tom

I have a Apache VPS by GoDaddy with Wordpress and the Enfold theme. Both are up to date, no additional plugins are installed.

The server frequently gets hacked, and malicious PHP code gets injected to the file structure. Tho… Continue reading Monitor Server Requests and IP Addresses→

Monitor Server Requests and IP Addresses

Posted on February 17, 2017 by Tom

I have a Apache VPS by GoDaddy with Wordpress and the Enfold theme. Both are up to date, no additional plugins are installed.

The server frequently gets hacked, and malicious PHP code gets injected to the file structure. Tho… Continue reading Monitor Server Requests and IP Addresses→

How to simply check if a certificate has the OCSP must-staple attribute?

Posted on April 2, 2016 by Tom

https://www.rfc-editor.org/rfc/rfc7633
https://blog.mozilla.org/security/2015/11/23/improving-revocation-ocsp-must-staple-and-short-lived-certificates/
How can I simple check if a certificate of a website has the OCSP must-staple extension… Continue reading How to simply check if a certificate has the OCSP must-staple attribute?→

SSH attempt blocked now ECDSA keys changed

Posted on October 22, 2015 by Tom

Last night I had an external IP tried to access my server over SSH. The attempt was blocked as it failed to authorise in the number of times and time limit that I’d specified.

Doing a whois on the ip address comes back with:

[Querying wh… Continue reading SSH attempt blocked now ECDSA keys changed→

How do I make my drive fully protected with bitlocker?

Posted on July 5, 2014 by Tom

Please note that I am new to BitLocker but I was able to set it up on my C drive. After doing this, I breifly searched on the web for ways around BitLocker and came up with two articles, Passware Hard Disk Decryption and This… Continue reading How do I make my drive fully protected with bitlocker?→

What is setuid based script root spoofing?

Posted on November 14, 2013 by Tom

I’m reading this and I’m little confused. What exactly is this setuid based script root spoofing?

Continue reading What is setuid based script root spoofing?→