Collaborate Disseminate
I run a bare-metal on-premises GitLab server (Ubuntu 22.04) for a very small company. While the server isn’t currently in production use, it is active and accessible over the public internet.
I have UFW set to block everything except HTTP,… Continue reading Unexpected drop in UFW noise, should I be worried?
There are sound reasons not to put any secrets, PII or other sensitive information into the logs on the server side (see OWASP ASVS V7).
But should the same rule apply on the client side? Is there a sound reason we should prohibit devs fro… Continue reading Logging secrets in the user agent (browser)
Is there any Security Benefits/Risk in keeping old "Here is your 2FA login code" in email and text?
I always wonder if seeing one that is unread could queue me in to something bad happening but also concerned that keeping such a … Continue reading Is there any Security Benefits (auditing) to keeping old emails/text that give 2FA account codes?
I have this kind of entries in my nginx log. If I read them correctly, someone is trying to call index.php script that is trying to download some shell script, but I don’t have any PHP on this server (at least not that I know of), and it s… Continue reading Suspicious log entries [duplicate]
I’ve got 2 unexplained network spikes. They are both short duration but one of them has appeared on my private IP instead of my public IP and this was unexpected. Both are very short duration. Are there standard logs that would give me … Continue reading Detecting what used bandwidth retroactively [migrated]
I recently found out that my pc has been infected by some serious spyware and while I did successfully remove them, I’m afraid that that malware affected the antimalware and management solutions I installed on my PC.
In order to find out w… Continue reading How do I track all the different types of event logs exclusive to an antimalware software or pc recovery software? [migrated]
Is it possible to be alerted to deleted files using the Event Viewer?
Continue reading Is it possible to be alerted to deleted files using the Event Viewer? [closed]
I’m setting up firewalls on a few computers and am stuck on what logging I should be doing? I spent a few days Googling, but came up with little info. I have totally run out of ideas on where to look next to figure this out. Any hints woul… Continue reading What Logs Do I Need When Setting Up Firewall
I logged into a private google account on a work laptop. I switched passwords and anything a few seconds later. Could my employer still see and access new activity on my google account even though I logged out and switched passwords? I mea… Continue reading Can my employer still access my account after signing out from work pc and switching passwords?
So I did this post before on a guest account but I had further questions so now I’m posing it on a real one.
Can my employer see my private google history/”google activity” if I didn’t do anything on my work pc? For some context I logged i… Continue reading Can my employer see my private google account history when just logging in and out in a matter of 10 seconds on a work laptop (REPOSTED)