Collaborate Disseminate
I’m using Azure to store customer data. In a specific country, there are multiple partners. Each partner has his clients. The issue is they don’t want us to have access to this data. In other words, the only one who can access the data is … Continue reading Storing client keys in cloud app
I am studying for an exam in computer security, and I got stuck on the following question from a past exam:
A random program generator service S allows clients to generate random data. Each client Ci
shares a symmetric key Ki with the serv… Continue reading Denial of Service question
I know that to start the BYOB server you need to put
python server.py –host PRIVATEIPADDRESS –port 8080
But, after –host I put the private IP address, but won’t that not work if the attacker and target are on different networks as a pr… Continue reading Does BYOB Botnet work when target and attacker are on different networks?
Is it more secure to retrieve a client cert from their host rather than accept the cert presented in request?
Example:
B2B
Client pre-shares public cert with me
I store public cert in database
Later, client sends GET request + cert to my … Continue reading Client Cert Authentication: Accept cert in request or retrieve from host?
I’d like to know if it’s possible to protect communications between a heavy client on a machine and a remote server accessible by a web interface on this machine using certificates. Or the only way is to set a certificate for the whole cli… Continue reading Certificates between services in a single machine
Please concern the following setup: A client certificate is issued like this:
Root CA → Intermediate CA → Client Cert
Let’s assume everything is fine up to here, the intermediate CA cert is properly signed by the root CA and the same for t… Continue reading "unsupported certificate purpose" for nginx client auth
I wanted to know if bettercap has a feature that allows to view TLS handshake phase information (as Wireshark does), for example the "Client Hello" ?
I understand SSL/TLS is the most commonly data transmission protocol for a secured communication. I need to implement the same in one of the IoT device (ARM® Cortex®-M4 Core at 80 MHz). This will be TLS Client implementation.
Since the d… Continue reading Addressing SSL/TLS vulnerabilities in IoT Device client side implementation
I’d like to know if I can assign static IPs for VPN clients (on virtual network interface) using NordVPN. If not, then which VPN provider (except OpenVPN) allows to assign static IPs for clients.
There is a Python client app connecting to a Java server app via a secure socket. The connection works great with a self-signed certificate, however, it fails when I attempt to utilize a given valid certificate signed via a CA. I’m suspici… Continue reading Getting a "so-called valid" certificate to work inside the application