user211245 – WindowsTechs.com

CIS Signature Updates setting recommendation [closed]

Posted on November 28, 2022 by user211245

Looking at CIS Microsoft Intune for Windows 10 Release 2004 Benchmark v1.0.1. I’m wondering about the following section:

I’m puzzled as to what the actual recommendation here is. The setting they are referring to is the one below

General… Continue reading CIS Signature Updates setting recommendation [closed]→

Firewall process for LAN segmentation

Posted on August 18, 2020 by user211245

We are in the process of implementing firewalls for LAN segmentation. Some of the VLA’s are already moved under the firewall. We were in an observation period for 5 weeks (the firewall was configured with an any any rule) and now we are ab… Continue reading Firewall process for LAN segmentation→

Real-world use of restricted shells

Posted on April 22, 2020 by user211245

I’ve been reading various articles about escaping restricted shells, e.g. rbash. I’ve been speaking with friends working in different Linux environments (small, mid-size and huge) and none of them is using restricted shells.

Are restrict… Continue reading Real-world use of restricted shells→

How to make sure vulnerability management does not lead to reduced or compromised security

Posted on February 12, 2020 by user211245

When running vulnerability scans, often a particular version of, say, Node.js is reported to be vulnerable along with a recommendation to update to a higher version. Then we also have insecure SSL/TLS protocols, like TLS 1.0 and SSL 3.0, … Continue reading How to make sure vulnerability management does not lead to reduced or compromised security→

vulnerability management, risk mitigation vs risk acceptance

Posted on January 14, 2020 by user211245

I was involved in a conversation concerning the in-house vulnerability management program. One the statements made was that the management is generally not willing to accept risk and it should be aimed to mitigate it preferably in form of … Continue reading vulnerability management, risk mitigation vs risk acceptance→

TLS heartbeat request and Heartbleed how?

Posted on December 16, 2019 by user211245

How can an attacker send a bogus Heartbeat request as per the TLS extension addressed in RFC 6520 without hijacking the TLS connection altogether? RFC 6520 states:

The Heartbeat protocol is a new protocol running on top … Continue reading TLS heartbeat request and Heartbleed how?→

http referer security

Posted on December 15, 2019 by user211245

quoting from Referer header: privacy and security concerns

For example, consider a “reset password” page with a social media link
in a footer. If the link was followed, depending on how information
was shared the soci… Continue reading http referer security→