Collaborate Disseminate
I have two process, one run as user client, another run as user inspector
The web app admin ( process client ) port 8080
The web app customer ( process client ) port 8081
Single app process listing on multiple ports
The client process … Continue reading Is beneficial to have one process listing multiple ports to block country?
From what I know, it’s a bad practice to login to any workstation or server except domain controllers as a domain admin. I read that mimikatz or other malware can extract the hash of the password from a compromised workstation. What about … Continue reading Are domain admin credentials cached when entered for approving a software installation?
We have our dev & prod env split between AWS (databricks workspaces) and on-prem Linux boxes. Specifically, we have DB instances on-prem and have python code running inside our databricks workspace in AWS that reads/writes to the DB.
W… Continue reading Is is bad that on-prem "prod" DB is accessible/visible from in-cloud dev environment?
As I understand, in a typical LAMP (or be it LEPP) setup, all PHP code is executed using the same user and group ("www" or similar). In a multi-user scenario (e.g. some variant of allowing Linux user accounts to propagate a publi… Continue reading User isolation in LAMP
If there is a program written by a normal user that requires root privileges (eg. a program that interacts with root processes) what is the difference between running this program using sudo vs. changing the program permissions with chown … Continue reading Security difference between changing permissions versus using sudo to execute
I have been thinking of implementing a new practice where local admin privileges are disabled entirely from all endpoints. For users who need to elevate privileges, they will have a separate admin account dedicated and restricted only to t… Continue reading Is there really any benefit in having a separate local admin account
Consider a scenario in which you offer service access based on a hierarchy of authority. i.e., a HEAD can register his subordinates. The authenticated HEAD has the previledge to read and update data from all of his subordinates. Is there a… Continue reading Authorise access to hierarchical data
Someone in my company wants to be granted admin privileges in every single application, infrastructure and network component, just because he is a big IT manager. I don’t have a security background, but it sounds wrong practice. My team is… Continue reading Which security standard or compliance bans admin privileges across all the company systems [duplicate]
The company I work at uses a program on their Windows workstations that runs as the logged-in user but some tasks require elevated privileges. The user must be able to run these without having admin permissions himself.
The current approac… Continue reading Windows service with elevated privileges – Security concern
I’m asking this question with the assumption that anything the user can do, so can malware.
I’m using a third party firewall on my system to control which programs are able to access the internet. However I notice that I – as a limited us… Continue reading How could malware disable third party security software?