Collaborate Disseminate
We are running a simulated phishing campaign and one of the landing pages has been blacklisted by google. If you try to visit it in chrome you get the big, red warning page “Deceptive site ahead” (works OK in other browsers)…. Continue reading Whitelist Simulated phishing landing page
Consider the following scenario:
There is a “server” (e.g. database, API, etc) that is “in the cloud” (i.e. hosted on physical hardware that is physically distant from the clients and reachable only by IP through the public… Continue reading What are the benefits of using IP whitelists to secure cloud servers/resources?
I’m securing our networks and want to be able to whitelist all known Torguard VPN ip addresses for accessing my network. I read that I have to use the dig command, but I only get one result when I do. I am able to get all the… Continue reading Finding all random IPs and ranges of Torguard VPN or any VPN service provider
My googling came up with nothing useful. I assume others must have ran into this too.
If we start the Network Troubleshooter wizard it generates some temp ps1 files that are blocked silently to the end user, because of the d… Continue reading applocker script rules blocking diagnostic troubleshooter by default
We are discussing about making available through the internet one of our microservices deployed on a public cloud on Kubernetes. This ms offers some sensitive information to the clients.
This microservices will be protected … Continue reading Is IP whitelisting safe enough for a HTTP Basic protected service available on the internet?
A company I’m applying to as web software tester is requiring me to be on-site so they could put me on their whitelist. However, I had a previous job which allowed me to work anywhere, using only Cisco VPN.
Is on-site whitel… Continue reading On-site Whitelisting vs. Off-site Cisco VPN
All the data we have on our customers sits in our data-lake, which is hosted by one of our suppliers. Currently the security is such that a limited number of users has (limited) access to the database each with their user-name and password… Continue reading IP-whitelisting for DB access, does solution fit best practices?
My firewall has a few ports open but traffic is only forwarded when coming from specific IP addresses (whitelisted).
When scanning these ports with nmap from a non whitelisted IP address, what state would I see those ports t… Continue reading What port state to expect from Nmap when scanning ports that are open only to specific IP addresses
There is a network that is protected with a firewall and only one IP is whitelisted.
Assuming the attacker knows the whitelisted IP, what would prevent an attacker from sending traffic via a spoofed IP to access the network?
Continue reading Could an attacker spoof a whitelisted IP to access the network?
Our IT department needs to Whitelist Microsoft’s Symbol server so our developers can gain access to the .pdb files there.
They allowed the following URL to go through: http://msdl.microsoft.com/download/symbols/.
They also… Continue reading White list Microsoft’s Symbol Server