Collaborate Disseminate
As someone who is naturally good at recognizing risk and who are striving to maintain a wholistic view on security, I’m wondering how to evaluate and reduce the risks of hardware accessories (I.e. charging plug-ins, Thunderbolt cables), sp… Continue reading How to mitigate the risks of using new, third party imported electronic accessories?
What would be the best practices for securing a single-purpose Windows laptop against a determined foreign intelligence agency from tampering with data on the machine? The machine would be used several times per year by two individuals wh… Continue reading Securing a Laptop from a Foreign Intelligence Agency
As far as I remember,
most Debian Wheezy packages were not compiled with those useful security flags (ASLR, PIE, SSP, and more).
Did the situation improve with Debian Squeeze or the upcoming Debian Buster ?
By comparison, … Continue reading the state of ASLR, PIE, SSP on Debian in 2018?
The Center for Internet Security’s Critical Security Controls (“the CIS Controls”) are incredibly useful in helping organizations defend themselves against digital threats. By adopting the first five controls alone, it’s possibl… Continue reading Two-Thirds of Organizations Don’t Use Hardening Benchmarks to Establish a Secure Baseline, Report Reveals
From what I read, SSH is mainly used for remotely accessing a machine. If I don’t want anyone remotely accessing my machine, nor myself included, is it ok to delete these configuration files from my Linux system? Can doing so… Continue reading Is it ok to delete SSH configuration files?
As part of the new best practices in hardening server communications I need to deny TLS 1.0 on the web server, before doing so I wish to identify the number of clients who connect with this level of encryption.
Therefore I would like to kn… Continue reading Filter TLS in Wireshark or other monitoring tool
There are many security issues that make your website vulnerable to SQL injection & there are many ways to prevent from being injected by hackers.
There are many companies that are heavily secured and
use many security t… Continue reading General prevention of SQL injection [on hold]
When hardening a LINUX system what command line tools would you remove first in order to make an attackers life really difficult?
I read a book about linux hardening (Hardening Linux by James Turnbull, 2005). The book suggests to remove the sync user. If I remove the sync user I am not able to call commands like ls and shutdown, because they are not fou… Continue reading Remove sync user to harden the system
During a Lynis audit I found this on a system that uses Fedora 28:
Checking Linux single user mode authentication WARNING
And under results I got:
No password set for single mode [AUTH-9308]
Rkhunter skips… Continue reading How can I set a password for single user mode?