Collaborate Disseminate
I have the task to place an FTP server in the company DMZ for our partners to store sensitive data that can not be sent by mail.
I have chosen the IIS FTPS. I will generate a self-signed certificate for server authentication. Also, I was… Continue reading IIS FTPS Best Practise
My question is similar to these:
Protect sensitive data from sysadmin prying eyes
Restrict access to a specific directory on Linux
From those, I understand that SELinux could accomplish my goal. But we do not have the r… Continue reading Restrict privileged users from accessing certain directories on Linux servers with Grsecurity?
Scenario: I am assembling a desktop computer. I buy an ASUS XYZ motherboard because it will not run — or, even better, its running state cannot be altered, short of pulling the plug — without hardware token authentication. … Continue reading Do any desktop PC motherboards require hardware token authentication? [on hold]
After several months of experimenting with various distributions of Linux and BSD I decided to try Linux in a VirtualBox VM as an additional layer of isolation for my online banking. The host is Windows 7 SP1. The admittedly … Continue reading Checklist for a dedicated online banking Linux desktop [on hold]
I know it is impossible to completely prevent a host from accessing the data of a virtual machine (as noted here, here and here), but I think there is value in making it harder to do so. Bare metal servers aren’t always an o… Continue reading How to make it harder for a VPS provider to access my data?
From my understanding of a VPN, it essentially creates a network between the two ‘machines’. So if I have open ports (e.g. HTTP, SSH) on my client machine, those can be accessed by the VPN provider or other users.
Suppose one is running a single internet-facing daemon, as a service in a FreeBSD jail, and expects targeted hostile attacks targeting open WAN ports and services.
Like many services, the service and indeed its jail don’t ne… Continue reading Tightly locking down a FreeBSD jail
Once there’s a primary Google account registered on the device and then another work account is added in order to access G Suite of the work place, what are the G Suite administrators are able to access/modify on the phone?
… Continue reading Implications of adding work account to an android device
I need to buy an external TB hard drive and store sensitive information on it. External hard drive aren’t small, it may have to be left unattended at times.
What can I do to tighten the hard drive security so that if any phy… Continue reading External hard drive security
I’m starting out in Malware Research / Malware Analysis. I am reading a book called “Practical Guide to Malware Analysis,” which touches this in the 2nd chapter, before approaching Dynamical Analysis (malware detonation). How… Continue reading Hardening VM for Malware Analysis