Collaborate Disseminate
For an assignment I have to implement a proof of concept and (optionally attack it). The part of OCSP is working so far. I have a client that sends the request to a server, the server verifies if the certificate is valid. But I wanted to d… Continue reading Implement Replay attacks in python [closed]
There is a very interesting presentation online showing the technical solutions that enable Netflix to stream data at around 800 Gb/s. This is an astonishing achievement, made possible by improvements across the board of the server archite… Continue reading Why does Netflix send its films over an encrypted connection? [closed]
My environment has a variety of operating systems (Windows, Linux, etc.), servers and applications. Infrastructure scans are showing old versions of TLS that need to be disabled at the OS level, while DAST scans are likewise showing old ve… Continue reading Should old versions of TLS be disabled at the OS level and the server level?
I’ve recently acquired a Synology server (DS720+) and have it accessible outside my LAN via a VPN. I have 2FA on for logins to the server via the web portal, but I have found many use cases for connecting via SSH. Is there a way to secure … Continue reading Going about sharing 2FA key between multiple login methods on a Synology NAS + browser & SSH authentication
I would like to remotely verify whether SSL 3.0 is running on several servers.
Previously, this command:
openssl s_client -connect example.com:443 -ssl3
Would have worked but now I am getting the error Option unknown option -ssl3 meaning t… Continue reading How to remotely check if SSL 3.0 is enabled on server?
I work for a small company of about 10-15 remote workers. We have at least 3 physical servers (domain controllers) and roughly 5 or 6 VM. We are looking to implement a DLP policy in addition to performing vulnerability assessments and pene… Continue reading Looking for suggestions on DLP and VAPT [closed]
Jack Wallen shows you how easy it is to deploy the latest iteration of Nextcloud, which includes the exciting new Nextcloud Hub 3.
The post How to deploy Nextcloud 25 on Ubuntu Server 22.04 appeared first on TechRepublic.
Continue reading How to deploy Nextcloud 25 on Ubuntu Server 22.04
How serious a security problem is it to have the name of the web server in the HTTP header (Apache, Nginx etc.)?
I am discussing this with a system administrator and he told me that deleting version is easy, but deleting the name of the se… Continue reading Is having the name of web server software in HTTP response header a serious problem?
Say I have a game, when you finish playing you put your name in and your score is synched with a public scoreboard. Assume also that I own the server and its code. How can I verify that the scores received by public clients are legitimate … Continue reading validating the authenticity of messages from public client without authentication
Logwatch shows those attacks giving a 500. Given that 500 is an internal server error, does that mean I need to examine further or dismiss?
421 (undefined)
/: 4 Time(s)
500 Internal Server Error
/: 1131 Time(s)
/robots.txt: 67 Tim… Continue reading Dismissing 500 errors in logwatch