Collaborate Disseminate
We have a server to server communication scenario, where we would use a CA signed certificate for the TLS server authentication and would like to use a self-signed certificate for the Client authentication.
Is there any addi… Continue reading Usage of self-signed certificates for Client authentication
I want to protect my networktraffic in unencrypted/open WiFi-Hotspots in hotels. For that reason I setup my Qnap TS-110 as a OpenVPN-Server. All other services are disabled.
I configured my Qnap NAS like in this video:
https… Continue reading Qnap TS-110 as OpenVPN-Server – Is this generated client configuration secure?
Is it possible to file fuzz and network fuzz client apps written in C# .Net? The reason I ask is I am not a developer, but I am a security analyst and I have been given the task of file fuzzing the products created by my comp… Continue reading Fuzzing client apps
Is it possible to file fuzz and network fuzz client apps written in C# .Net? The reason I ask is I am not a developer, but I am a security analyst and I have been given the task of file fuzzing the products created by my comp… Continue reading Fuzzing client apps
I have moderate knowledge of programming , and currently I am writing a client-server messaging application for windows. My project is written from scratch using sockets , and all it does is data transmission from one client … Continue reading Storing data encryption key (client side)
Microsoft is making a new OneDrive Sync Client deployment ring available for certain enterprise customers.
read more Continue reading OneDrive for Business Introduces Changes for Enterprise Update Ring
This question already has an answer here:
What stops an attacker from tampering with data sent during the SSL/TLS handshake?
1 answer
… Continue reading Is altering version in Client_Hello detectable? [duplicate]
I am making a website that requires username, password and a certificate (this last contain the public key of the end user).
Update Question
When the user is registering to the website, it obtains the certificate from the server.
Furthermore, this certificate is stored in device’s memory. But what happen when the user try to login from another device? How can I manage the relationship with one user->one certificate->multiple device? How can I manage the relationship “user/private key/multiple devices”?
I have heard something about a VPN, but I don’t know if there are other best practices (approaches).
Which offers a higher level of safety: Webmail or using a POP3/IMAP client?
Assume the following for webmail:
Access via HTTPS
Rarely downloading any attachments, but in cases where it may be necessary, carefully verifying the integrity… Continue reading Better safety: Webmail or POP3/IMAP email client?
If using Basic security under an SSL connection (https), is is not true that the server matches the user/password combination, but what happens after that? What prevents the browser from accessing the server? Does the browser… Continue reading Who is the Gate Keeper?