Collaborate Disseminate
this is the second of a series of questions on hardening Linux servers at the filesystem level. The first is here. The same scenario applies; I copy it here for convenience:
At work I’m hardening an Ubuntu 18.04 Server installation follow… Continue reading Secure partitioning: does LVM affect hardening guidelines?
Virtualisation can do reasonably secure nonpersistent drives. Would rather not rely on this alone but also have a host that is nonpersistent too. A live DVD as a host leaves no traces and is physically impossible to permanently infect/own … Continue reading Most secure linux equivalent to Shadow Defender for live CD-like nonpersistency with no traces left (or traces that are encrypted)
I have newly bought HP Pavilion laptop, which i am planning to nuke and reinstall.
I really do not like the bloatware as it might posses a security risk.
However, in Thailand, i do not trust the sellers of USB sticks and external hard d… Continue reading How to safely reinstall Windows in Thailand – avoiding BadUSB/SSD
I’ve recently bought a new HP Pavilion laptop, it came with pre-installed software (bloatware) such as various games and other useless stuff.
When setting up the laptop, i was connected to AIS, which is Thailand foreigner mobile network.
… Continue reading Newly bought HP Pavilion laptop – bloatware – security risks [duplicate]
The goal of this process is providing more security to the cloud infrastructure, but in the process of hardening, sometimes there are some items in the checklists that can put the availability of our system in jeopardy.
A … Continue reading The best method for cloud infrastructure hardening [closed]
I have the task to place an FTP server in the company DMZ for our partners to store sensitive data that can not be sent by mail.
I have chosen the IIS FTPS. I will generate a self-signed certificate for server authentication. Also, I was… Continue reading IIS FTPS Best Practise
My question is similar to these:
Protect sensitive data from sysadmin prying eyes
Restrict access to a specific directory on Linux
From those, I understand that SELinux could accomplish my goal. But we do not have the r… Continue reading Restrict privileged users from accessing certain directories on Linux servers with Grsecurity?
Scenario: I am assembling a desktop computer. I buy an ASUS XYZ motherboard because it will not run — or, even better, its running state cannot be altered, short of pulling the plug — without hardware token authentication. … Continue reading Do any desktop PC motherboards require hardware token authentication? [on hold]
After several months of experimenting with various distributions of Linux and BSD I decided to try Linux in a VirtualBox VM as an additional layer of isolation for my online banking. The host is Windows 7 SP1. The admittedly … Continue reading Checklist for a dedicated online banking Linux desktop [on hold]
I know it is impossible to completely prevent a host from accessing the data of a virtual machine (as noted here, here and here), but I think there is value in making it harder to do so. Bare metal servers aren’t always an o… Continue reading How to make it harder for a VPS provider to access my data?