Collaborate Disseminate
I have a system with three layers: two client web apps, one Backend, and two DBs.
The two DB and client app instances represent prod and test environments.
The backend has only one instance that should serve both environments. Say I have p… Continue reading Telling the backend where to go from client side
If when you try log on to a computer that is running Windows 10 in a domain environment, and you…
For more visit TheWindowsClub.com. Continue reading The trust relationship between this workstation and the primary domain failed
Recently, during a pen-testing exercise, I noticed that the target server responded with multiple "Server" fields in the header. I was wondering what it could mean and if oddity is somehow interesting from a pen-tester’s perspect… Continue reading Multiple server fields in HTTP Response
I am getting a lot of spam GET and POST requests lately which some of them look like this:
"GET /config/getuser?index=0 HTTP/1.1" 404 143 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox… Continue reading Spam GET And POST Requests – Are They Dangerous?
If I have a client connecting to a server over SSH, can I do something on the server side to redirect the client to another server, with no control over the client except knowing that the client will connect to the server via SSH?
To be cl… Continue reading Can the server redirect an SSH session the way it can redirect an RDP session?
Is there a problem to use reflection (specifically class.forName) in server side application?
My main thread about this is someone to inject a code dumping memory in JVM and adding commands in reference memory field, but this is unlike in … Continue reading Dyanamic class load for server side application
Let’s say hypothetically a business has a network and some respective infrastructure. Importantly, a VPN for giving remote secure access to work resources, and a (not so)private DNS server for DNS but also things like blocking malware doma… Continue reading Is unrestricted query access to dedicated DNS server considered an insecurity?
My IoT Device is connecting to server using TLS. on Device side implementtaion (with wolfSSL) we are just passing CA (root) cert to validate/ authenticate the server! any specific identity of server is NOT being passed apart from the serve… Continue reading Validation of server identity via SSL certificate in during SSL connection handshake
Microsoft has announced a new Windows Server base OS container in the preview stage. Developers at…
For more visit TheWindowsClub.com. Continue reading Microsoft announces new Windows Server Container Image Preview
(This is a duplicate of my question here). I want to know if this hypothetical setup is reasonably secure to the point where it can’t be conventionally hacked remotely over Tor, from which it is accessible, and for it to be hacked the atta… Continue reading Would this HTTP server setup be reasonably secure?