Collaborate Disseminate
I have an upcoming oral network security exam and know that in past exams, the professor asked about why TLS requires TCP. I know that there is DTLS but it wasn’t part of the lecture. So the question is about what advantage T… Continue reading Why does TLS require TCP?
In a client-server communication scenario over secure websocket, client is authorized securely and from there on, I have two choices:
Assign a unique random ID (session) and check that on subsequent
communications.
rely on … Continue reading Is it secure to rely on websocket connection?
Does anyone know how TCPwrappers matches incoming connections against rules containing hostnames?
Does this require a match on the PTR (i.e. only the canonical hostname will be of use in the hosts.allow/hosts.deny)
Or does… Continue reading Hostname resolution in TCPwrappers
I have flooded my server with tcp/udp (layer 4 and layer 7) packets in order to see how does it work and what data contains. When I checked the access.log I couldn’t find any data.
Any idea how to get those logs?
I have web… Continue reading TCP – UDP packets [on hold]
I have flooded my server with tcp/udp (layer 4 and layer 7) packets in order to see how does it work and what data contains. When I checked the access.log I couldn’t find any data.
Any idea how to get those logs?
I have web… Continue reading TCP – UDP packets [on hold]
To be clear: I am not a cybersecurity expert but, since I am learning quite a lot these days I wonder whether if an attacker sends a frame with an ACK flag to my boss’ computer (for example) and then uses the broadcast IP to … Continue reading Protection against IP attacks
I used CurrPorts to monitor TCP/IP network connections. This image shows when I don’t connect to the Internet but I don’t know why Avast Antivirus established this port. Is it insecure?
This image shows when I connected to… Continue reading Insecure/Obsolete TCP/UDP Ports?
I’ve recently become a fan of MITM attacks and had some fun hacking some manipulating HTTPS requests and responses.
I did this using mitmproxy and installing the certificate on my phone.
I would like to be able to decrypt t… Continue reading Generic SSL/TLS decryptor [on hold]
In accordance to the recent question Why is TCP more secure than UDP?. How would an “attack” look when it comes to the practical aspect? A great example would be the use of TCP or UDP for Microsoft Remote Desktop (RDP) sessio… Continue reading If TCP is more "secure" than UDP, how would a practical UDP "attack" look, for example during the initiation of a MS RDP connection?
While reading MS SDL (Microsoft Security Development Lifecycle) presentations I found a recommendation to replace UDP with TCP in applications because TCP is more secure than UDP. But both of them are only transport layers, nothing more.