Collaborate Disseminate
Recently wordpress site on centos 7 server is hacked and WSO shell was uploaded.
Ive checked other sites and nothing was changed, Im using centos web panel and the root password also was not changed.
I had also modsecurity on my nginx- fir… Continue reading How to recover a hacked site with WSO Shell [duplicate]
I would like to know how I can know which is the safest compilation line, that is:
Having several compilation lines in, for example, GCC, how do I know which one is more secure? Hardening would be a good solution? What do you recommend?
Do… Continue reading How do I compare the safety of a compiled program with optimization flag?
Problem:
The hiring department occasionally sends me Word documents asking to clear the file as "safe" to open and review for purposes like resumes etc.; they can come from anywhere and are often unsolicited job applications.
Bas… Continue reading How can I improve my sheep dipping process?
I’m trying to secure a Linux machine so that a pentester will not be able to exploit the machine in any way, shape, or form. The laptop will eventually host many services.
I know that there is no one answer to securing a machine or network… Continue reading Secure a machine for pentesters [closed]
This is a very newbie question, but I would just like to make sure that I’m not missing anything: If I connect via VNC protocol to my various servers etc. inside my own LAN (home network), then should I consider hardening my VNC in any way… Continue reading Does VNC need hardening when inside LAN (home network)?
How can I best prevent, that critical commandos (e.g. open garage door) from an IoT device are being reverse engineered from the firmware? Is the following list complete / do you spot any errors? Any comments?
Encrypt firmware patches for… Continue reading what are the best counter measures against reverse engineering of firmware? [closed]
I’m a systems specialist in our organization and I’ve read a lot about TeamViewer security concerns over the last few years. Now I decided to come seek professional and objective opinions about the security of the following scenario:
Team… Continue reading The level of security regarding a TeamViewer host deployment
Running this command resulted with the list of ciphers which supports rc4:
/usr/bin/openssl ciphers -v | grep -i "rc4"
What’s the easiest way and how to remove specifically ciphers that supports rc4 that I need to execute or whe… Continue reading Way to remove rc4 from Linux Cipher Suites
Was thinking to use Ambassador design pattern and filter each request through Nginx with Waf (mod_security or Naxsi) in reverse proxy and ACL, authentication and authorization to pod.
What are the best practices?
How to prevent "soft … Continue reading How to implement zero trust concept on a pod running in Kubernetes?
We would like to use an hardened rabbitmq3.8-alpine Docker Image and we could not find any resources about an hardened image nor information about how to harden a RabbitMQ container.
Among others, we would like to run the container as a no… Continue reading Harden RabbitMQ Docker Container