Configuration – Page 13 – WindowsTechs.com

CIS recommendations – disabling ip forwarding

Posted on October 3, 2016 by Dog eat cat world

I am looking through the CIS recommendations for debian 8.
In a CIS compliance test using nessus, I see that the test for disabling ip forwarding has failed. But when I look at the system, I can see that it is in fact disabled.

$ cat /pro… Continue reading CIS recommendations – disabling ip forwarding→

How to properly secure an ActiveMQ instance, and what are all of the different files for?

Posted on August 24, 2016 by Ryan Stull

I’m trying to configure user based authentication for ActiveMQ, and I’m pretty confused about the many different files involved in this process. I’ve read ActiveMQ’s security page, but I still have several questions.

Just t… Continue reading How to properly secure an ActiveMQ instance, and what are all of the different files for?→

VU#735416: UltraVNC repeater does not restrict IP addresses or ports by default

Posted on August 8, 2016 by CERT

UltraVNC repeater versions prior to ultravnc_repeater_1300 do not restrict usage by IP address by default and cannot restrict by ports,which may be leveraged to induce connections to arbitrary hosts using any port. Continue reading VU#735416: UltraVNC repeater does not restrict IP addresses or ports by default→

Is there an original information source linking output of Qualys SSL report to settings in nginx and Apache configurations?

Posted on June 28, 2016 by vfclists

The online tool at Qualys for testing webserver SSL configurations, https://www.ssllabs.com/ssltest/index.html, produces a list of codeslike TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_CAMELLIA_256_CBC_SHA etc.

There… Continue reading Is there an original information source linking output of Qualys SSL report to settings in nginx and Apache configurations?→

Set the preferred site for Windows Server 2016 clusters

Posted on June 2, 2016 by Windows IT Pro

Configure the preferred site for a Windows Server 2016 cluster.

Free E-Book – Microsoft Intune Step by Step

Posted on March 2, 2016 by Windows IT Pro

This free PDF based eBook will walk you through all aspects of configuring Microsoft Intune.

What are the main advantages of using LibreSSL versus OpenSSL

Posted on February 2, 2016 by Wilt

What are the main advantages of using LibreSSL vs OpenSSL?

As I understood LibreSSL is a fork of OpenSSL:

LibreSSL is a version of the TLS/crypto stack forked from OpenSSL in 2014, with goals of modernizing the codebase, improving sec… Continue reading What are the main advantages of using LibreSSL versus OpenSSL→

Secure way to save password in configuration file

Posted on October 14, 2015 by dimi

I’m developing a desktop application and it required connecting to a remote MySQL database server, currently I save all information (server IP, TCP port, username, password, database name) needed for the connection in a configuration file … Continue reading Secure way to save password in configuration file→

Gaming Mods Security Risks

Posted on February 9, 2015 by user58446

I read the following post, and while the questions was specific to SkyRim, the more general answer was that it depends on the game. I wanted to pose a more generic question here to the security folks.

The main concern seemed to be the typ… Continue reading Gaming Mods Security Risks→

Difference between hardening guides (CIS, NSA, DISA)

Posted on November 19, 2014 by blong

I’m researching OS hardening and it seems there are a variety of recommended configuration guides. I realize the different configuration providers supply different offerings per Operating System, but let’s assume (for conven… Continue reading Difference between hardening guides (CIS, NSA, DISA)→