Collaborate Disseminate
We would like to harden our Docker Image and remove redundant software from it. Our Devs and Ops asked to keep some Linux tools used for debugging on the containers running on our Kubernetes Prod environment.
I’ve read this post:
https://w… Continue reading Is it possible to run commands that exist only on the host on a docker container?
I recently started the Offensive Security AWAE course.
On their connectivity guide page, they warn about the hazards of connecting to their labs:
you will be exposing your computers’ VPN IP to other students taking the course with you. Du… Continue reading Secure a virtual machine during a lab exercise
Any security benefit to winmgmt operating outside of shared svchost processes via the command
winmgmt /standalonehost ?
As for security, yes, it is useful for changing wbem Authentication levels, which is changed by the command winmgmt /st… Continue reading Hardening WMI: Any security beneifit to "winmgmt /standalonehost"?
Question #1 Does changing the Default Impersonation Level in WMI to "anonymous" or "identify" help mitigate against WMI exploitation, implants, and persistent threats on a local machine? If so, please explain why… and… Continue reading Hardening WMI: Any security benefit to changing Impersonation level & separately, setting ‘Winmgmt Standalonehost?’
So I have a small electronics project where I am using common Mifare Classic 1K NFC tags as a means of authentication. (Mifare DesiFire is just too expensive)
I know these aren’t very secure so here are my ideas on improving on it.
Make C… Continue reading Hardening NFC tags for authentication
I am setting up a Privileged Access Workstation (PAW) to access a whitelist of websites. Currently I have been following this guide on Github by unassassinable and applying the latest Windows 10 security baselines.
Is there any documenta… Continue reading Setup guide for Privileged Access Workstation on Windows 10
After the second hack, we did all the necessary things written here – https://wordpress.org/support/article/hardening-wordpress/ , https://security.stackexchange.com/a/180925 and we also changed the file permission (wp-config.php to 400). … Continue reading My WP site just got hacked for the third time even after following WP hardening guidelines
I was working with one of my systems and set it to isolate users and their processes. For example:
[user@server] $ ps aux
shows only processes started by that user, not every process on the system.
[root@server] # ps aux
shows every… Continue reading How do I Isolate users and their processes on linux [migrated]
Could anyone tell me which kind of linux-os is the most safe?
I use many of them, but I am still not sure which one is best about safety. Ubuntu does not look very safe to me. Fedora looks better. Tails looks good.
Which one is best in s… Continue reading Which flavor of linux is the safest? [closed]
Software libraries targetting resource constrained environments like embedded systems use conditional compilation to allow consumers to shave space and thus increase performance by removing unused features from the final binaries distribut… Continue reading Does removing features from a library increase or reduce security risks?