Collaborate Disseminate
There is a firewall deployment case called "transparent mode", when the firewall does its job without routing and having IPv4 addresses, i.e. it is invisible.
"Stealth mode" is mentioned as one of the advantages:
Becau… Continue reading What is the need for firewall to be in "stealth mode"?
We recently added a new Software Component Analysis tool (dependencytrack) to our infrastructure, which allows us to gain visibility on which dependencies are pulled by the code of our web apps.
How could we take advantage of this new ligh… Continue reading How to take advantage of a new security tool (SCA) added to company?
We recently added a new Software Component Analysis tool (dependencytrack) to our infrastructure, which allows us to gain visibility on which dependencies are pulled by the code of our web apps.
How could we take advantage of this new ligh… Continue reading How to take advantage of a new security tool (SCA) added to company?
The rejected ICMP requests have been logged on the firewall of my router.
IN=ppp*** Direction=OUT Public->Local PROTO=ICMP Type=8 CODE=0 DST is
my WAN IP, and I’m in a CGNAT.
It sends one request every minute, and I get "general … Continue reading ICMP Echo Requests Every Minute from an IP Address
Around 4 months ago, someone learned my IP, and is threatening to DDoS attack me if I am not his slave. He was breaking the Discord TOS with all kinds of stuff in my DMs. I blocked him, but one of his friends told me to friend him back, or… Continue reading Someone knows my IP and is threatening to DDoS me
Extend version of the question
I’m trying to figure out how to detect the launch of unwanted processes based on regular logging in Windows and sysmon. Sysmon event 1 allows you to get a significant amount of information about the running p… Continue reading No User SID in the sysmon event with id 1 (process creation)
If my Content-Security-Policy is set to the following:
Content-Security-Policy: frame-ancestors ‘self’
Does it also imply:
Content-Security-Policy: default-src ‘self’
Or is it a lot safer to put both rules?
Content-Security-Policy: defau… Continue reading Is the "same-origin" implied when using "frame-ancestor" in the CSP header?
A10:2017-Insufficient Logging & Monitoring
This is one of OWASP Top 10 vulnerabilities. Given that we log and monitor sufficiently, how can this prevent an attack for example – attack where username and password is guessed over several… Continue reading How to prevent attacks due to Insufficient Logging & Monitoring?
My company has a domain name that we use to serve our customers, say company.com for the main website, app.company.com for the web application and api.company.com. These are all public domains that our customers connect to use our services… Continue reading Should I have another domain name for my company internal tools
I’m a software dev working on an open-sourced password manager(dev lib, gui and cli) for educational and eventually usefulness purposes. There doesn’t seem to be all that much information regarding vault-based password managers and the sec… Continue reading Protection against different attack vectors, password manager