Configuration – Page 8 – WindowsTechs.com

Which PFS Group is recommended for IPSec configuration?

Posted on November 1, 2018 by ellefc

I can’t find much information on PFS (Perfect Forward Secrecy) Groups so I’m unsure what to suggest for a secure IPSec configuration.

Any suggestions on PFS groups that aren’t recommended?

What is the implication for using… Continue reading Which PFS Group is recommended for IPSec configuration?→

What should be done to determine why it takes so long to set up a secure session using TLS?

Posted on October 10, 2018 by Nicholas Hill

I loaded a client-side .svclog file inside Microsoft Service Trace Viewer and there are a lot of entries in the log saying setting up secure session and close secure session, each taking more time than usual. For example, set… Continue reading What should be done to determine why it takes so long to set up a secure session using TLS?→

Where to save the token information?

Posted on October 9, 2018 by skovanden

I’m currently working on an end user Windows 10 application using the Microsoft UWP platform. Within this application the end user will be able to authenticate themselves using an oauth2 SSO service.

So here is the question:… Continue reading Where to save the token information?→

BIOS skips password confirmation after 3 consecutive wrong attempts [on hold]

Posted on October 8, 2018 by Gabriel Mills

I’m running Ubuntu 17.04 on a Dell Inspiron 660s. I’ve set up the BIOS in order to prompt for a password every time the system boots. However, if you enter an incorrect password 3 times, it simply skips the password confirmat… Continue reading BIOS skips password confirmation after 3 consecutive wrong attempts [on hold]→

Best Source of Security Configuration Guidance

Posted on October 5, 2018 by Joe

Over the years I have used a number of different sources of security configuration guidance for a spectrum of systems including for example:

https://www.cisecurity.org/cis-benchmarks/
https://www.stigviewer.com/stigs
https:… Continue reading Best Source of Security Configuration Guidance→

Topology Configuration on CheckPoint

Posted on September 6, 2018 by Supersharp

On CheckPoint firewall (R77), in the Topology config. section that is used for anti-spoofing, is it possible to configure 2 different External interfaces?

I have already an interface configured as External for an internet ac… Continue reading Topology Configuration on CheckPoint→

What is /etc/ethers for?

Posted on August 1, 2018 by leeand00

From what I understand I believe it’s for preventing arp attacks, but I’m pretty unfamiliar with it.

Continue reading What is /etc/ethers for?→

Is it ok to delete SSH configuration files?

Posted on July 31, 2018 by cubed

From what I read, SSH is mainly used for remotely accessing a machine. If I don’t want anyone remotely accessing my machine, nor myself included, is it ok to delete these configuration files from my Linux system? Can doing so… Continue reading Is it ok to delete SSH configuration files?→

Securely retrieving and exposing configuration within Docker

Posted on July 19, 2018 by ps2goat

It seems that the correct approach to supplying secrets to Docker containers is debatable. This question is the closest to mine, to which one person answered that environment variables are ok, but a comment quoted Docker as saying the oppo… Continue reading Securely retrieving and exposing configuration within Docker→

How to Receive a Clean SOC 2 Report

Posted on July 11, 2018 by Anthony Israel-Davis

Controls—SOC 2 is all about controls. It’s right there in the name: Service Organization Controls, S-O-C. A SOC 2 report is a de facto requirement for any organization that wants to store any customer data in the cloud, which means most Saa… Continue reading How to Receive a Clean SOC 2 Report→