Collaborate Disseminate
So essentially I do not want people to be able to access my NGINX site, unless it is through the domain name. I have a flask instance running that controls the requests. Anyways I have used this command,
server {
listen 80 default_ser… Continue reading Disabling an IP based access to my NGINX site [migrated]
I’m trying to set up cURL to get data from remote server at any sitaution. I use –tlsv1.3 –tls13-ciphers TLS_CHACHA20_POLY1305_SHA256 –http2 to make it as secure as I can think of, using Windows 11. (tried http3 but cURL said it’s not f… Continue reading is it necessary for cURL to check for CRL in Windows?
I have a GKE standard deployment in GCP. I have TLS terminating at an IAAS managed load balancer, provided by their Ingress controller. The certificates are GoogleManagedCertificates. I’m fine with traffic past the load balancer and traffi… Continue reading Do you encrypt traffic between GKE nodes and external Load balancers?
I worked for a company where our TLS Private Key was accidentally leaked to the Internet and it was a big mess. The strategy the security team came up for avoiding this in the future was "be more careful who you trust with access to t… Continue reading TLS Private Key Secured with Hardware Fingerprint
I have a question about Emotet’s TLS traffic:
Using MITMProxy, I have successfully decrypted TLS traffic with Emotet’s C2 server and can read the contents of the traffic.
https://mitmproxy.org
However, although we were able to see the co… Continue reading How to decrypt Emotet’s TLS traffic by MITMProxy
I’ve been breaking my head over how to do this, as it doesn’t seem to fit any example I could find online.
My IOT device servers will run on the client network and may be accessed over it or over the open internet (with port forwarding). t… Continue reading Providing encryption and password for an IOT device over gRPC
I have a OIDC provider that can’t use mutual TLS authentication due to mTLS problems like certificates expiration (what if client didn’t rotate certificate and it’s expired now? Client cant authenticate to server to e.g. inform server that… Continue reading Using certificate-constrained access tokens created by private key used to authentication (with private_key_jwt)
I am designing a cloud based PKI infrastructure which issues and manages TLS certificates for telemetry devices and data server. Each customer will install multiple telemetry devices and a data server in his/her premise. Data server collec… Continue reading Trust segregation in PKI
I bought a domain on Namecheap a few weeks back and now that I want to set it up, I visited my domain on the web and discovered that it had a valid cert issued and was pointing to an unknown site. The cert was issued by Let’s Encrypt on De… Continue reading Can Namecheap get certificates issued for my domain without my knowledge?
I bought a domain on Namecheap a few weeks back and now that I want to set it up, I visited my domain on the web and discovered that it had a valid cert issued and was pointing to an unknown site. The cert was issued by Let’s Encrypt on De… Continue reading Can Namecheap get certificates issued for my domain without my knowledge?