Collaborate Disseminate
How can I best prevent, that critical commandos (e.g. open garage door) from an IoT device are being reverse engineered from the firmware? Is the following list complete / do you spot any errors? Any comments?
Encrypt firmware patches for… Continue reading what are the best counter measures against reverse engineering of firmware? [closed]
I’m a systems specialist in our organization and I’ve read a lot about TeamViewer security concerns over the last few years. Now I decided to come seek professional and objective opinions about the security of the following scenario:
Team… Continue reading The level of security regarding a TeamViewer host deployment
Running this command resulted with the list of ciphers which supports rc4:
/usr/bin/openssl ciphers -v | grep -i "rc4"
What’s the easiest way and how to remove specifically ciphers that supports rc4 that I need to execute or whe… Continue reading Way to remove rc4 from Linux Cipher Suites
Was thinking to use Ambassador design pattern and filter each request through Nginx with Waf (mod_security or Naxsi) in reverse proxy and ACL, authentication and authorization to pod.
What are the best practices?
How to prevent "soft … Continue reading How to implement zero trust concept on a pod running in Kubernetes?
We would like to use an hardened rabbitmq3.8-alpine Docker Image and we could not find any resources about an hardened image nor information about how to harden a RabbitMQ container.
Among others, we would like to run the container as a no… Continue reading Harden RabbitMQ Docker Container
We would like to harden our Docker Image and remove redundant software from it. Our Devs and Ops asked to keep some Linux tools used for debugging on the containers running on our Kubernetes Prod environment.
I’ve read this post:
https://w… Continue reading Is it possible to run commands that exist only on the host on a docker container?
I recently started the Offensive Security AWAE course.
On their connectivity guide page, they warn about the hazards of connecting to their labs:
you will be exposing your computers’ VPN IP to other students taking the course with you. Du… Continue reading Secure a virtual machine during a lab exercise
Any security benefit to winmgmt operating outside of shared svchost processes via the command
winmgmt /standalonehost ?
As for security, yes, it is useful for changing wbem Authentication levels, which is changed by the command winmgmt /st… Continue reading Hardening WMI: Any security beneifit to "winmgmt /standalonehost"?
Question #1 Does changing the Default Impersonation Level in WMI to "anonymous" or "identify" help mitigate against WMI exploitation, implants, and persistent threats on a local machine? If so, please explain why… and… Continue reading Hardening WMI: Any security benefit to changing Impersonation level & separately, setting ‘Winmgmt Standalonehost?’
So I have a small electronics project where I am using common Mifare Classic 1K NFC tags as a means of authentication. (Mifare DesiFire is just too expensive)
I know these aren’t very secure so here are my ideas on improving on it.
Make C… Continue reading Hardening NFC tags for authentication