Newest security Questions

Q&A for system and network administrators

Which is the safer “contingency” ubuntu sudo user approach?

I was just seeking some advice on (opinionated?) security concious, best-practices for this situation: I have an Ubuntu VPS (on Azure) running a couple of websites. These servers are quite hardened ...

Policy for server automatic security upgrades

I've always enabled automatic upgrades (unattended-upgrades on Debian based distribs) on my server, fully trusting Debian. I now have to administer some customer sensitive servers that must be up ...

yum security plugin questions

When i run "yum updateinfo list available", many packages are listed [apcon@localhost ~]$ sudo yum updateinfo list security all Loaded plugins: fastestmirror i FEDORA-EPEL-2014-4045 security ...

Isolate IIS Websites Folders - Application Pools

I have a pretty straight forward Windows 10 IIS installed. I have multiple websites hosted under the /wwwroot folder. Each of the website is running it's own application pool by default. However, I ...

Any downsides of starting a SSH connection as root?

I'm aware that allowing root access to a server over SSH is a bad idea (i.e. allowing login as root over SSH). But how about the other end of the equation? Are there any downsides of initiating a SSH ...

How do I extract potential passwords from an archive of my facebook conversations [on hold]

What is the best way to scan for username/passwords that were exchanged via facebook messenger? I have the file containing chat the entire chat hitory.

IDr payload missing error in VPN logs

textPayload: "IDr payload missing" insertId: "********" resource: {…} timestamp: "2017-02-22T08:45:21.308309618Z" severity: "DEBUG" logName: "projects/astral-chassis-xxxx/logs/cloud.googleapis....

cntlm on linux server

I have a local linux server PC, for a small subnetwork cluster. The server accesses internet using CNTLM (since I am behind a corporate NTLM proxy). This poses the following security problem. CNTLM ...

SRP hash rule that cause interaction with Windows File Explorer

I'm currently implementing Software Restriction Policy rules. While I was doing that, I noticed that I couldn't do a right click on directories in the Windows file explorer and selecting "Properties". ...

Unprivileged lxc container versus AppArmor

I want to run several instances of apache2 (2.4 to be precise) with php 7 (libapache2-mod-php7.0) under debian stretch. Is it more secure to run every instance (with its own config) in its own ...

windows 10 share not accessible from same client with domain admin account

On a Windows 10 client I have a shared folder with full folder and share access for the local admin group (which is member of the domain admin group). I have an account that is member of the domain ...

Job scheduler with target list

I want to have a scheduler that can run a command on a list of targets using a cluster of nodes. So, for example I want to run Nmap on a list of IP's. These IP's can be in a CSV, JSON, database etc. ...

filesmatch causing php to be downloaded not parsed

Background Under the recommendation of an upload security best practise article, in my htaccess file there is the following snippet: ForceType application/octet-stream <FilesMatch "(?i).jpe?g$"&...

Firewall with Virtual Machines

I'm trying to set up a Firewall in a VM in my enviroment where the Network Cards (Wifi and various Ethernet) are in separate VMs, so that the Firewall VM is between the NetVMs and my host system. The ...

ProFTPD: The meaning of the “TLS Verify Client” and “NoCertRequest” in the TLS configuration

I know that per default FTP is insecure, because it is not encrypted. To avoid this insecure behavior of FTP, I want to set up a TLS encryption in my ProFTPD. Pursuant to this tutorial here: https://...

Security Risks of Internet exposed Virtual Machine running on NAS

I have a small business network that is currently locked down behind a security gateway. However I'd like to expose a website. The web server would be running on a virtual machine running on a NAS. ...

Will Duplicating server's SSH host keys poses any issues

Im trying to bring up gitlab environment with load balance setup... Problem i have is if a user ssh to LB using putty or git bash they get below error. Server's host key doest not match the one ...

Marathon, Rancher, Nomad, Which solution is the best for me? [closed]

I would like to do a big test on Marathon, Rancher, Nomad ans Swarm to determine which is the best solution for orchestration of Docker for a school project. So i need help to get a list of what it's ...

Security Lox max size change doesn't take effect

I have temporarily changed security log size via GPO to 1GB and later i changed it back to 100 MB , still the evt file size is 1GB ; had applied GPO, rebooted server and checked the registry , are ...

Can someone go around the .htaccess file without modifying it?

I'm storing some sensitive data in a folder called /data/. This folder contains some files, and a subdirectory. The subdirectory contains a modified version of the sensitive data, with the same ...

CVE-2016-2107 Apache

I have 2 production servers both with Ubuntu 14 and OpenSSL 1.0.1f 6 Jan 2014 and when I test both servers against ssllabs only one of them is vulnerable to CVE-2016-2107. The only difference I could ...

Best way to containerize an existing PHP/MySQL app into customer tenants

I have a normal Apache/MySQL serving a webapp that companies and users of those companies log in to. So everyone from all the companies are in the same Users table. Whilst my code does try to keep ...

Keep Root Account Audit Trail

I am the owner of a company. I want to keep an audit trail of our Unix administrator who has root access to the CentOS system. How can I configure it such that the audit trail cannot be bypassed and ...

Broadcast IP through Proxy

I see destination IP as 255.255.255.255 when a user trying to access URL. Can anyone explain why and when this will happen. Sample packet <30>Feb 4 05:55:34 msdsdg mwg: McAfeeWG|time_stamp=[04/...

Is it possible to completely hide website's IP from everybody including the website's users?

There is a good article on how to protect your origin IP in https://blog.cloudflare.com/ddos-prevention-protecting-the-origin. All is good and clear on that page except when it comes to mail server, ...

Unrecognized SSH access on server?

I'm running a basic Ubuntu server from Digital Ocean, which I use an SSH key (stored on my Desktop) to access. I've just run netstat -ap with the following result: Local Address Foreign Address ...

Samhain Yule Beltane : Bad version number in the file signature database

I had a working client/server setup and made a few changes to the client samhainrc file. running: samhain -p info -t check -D I get the following error: <log sev="ERRO" tstamp="2017-02-22T16:34:...

Configure OpenVPN to block clients by OS?

Is there a way to configure an OpenVPN server so that it restricts the clients that connect to it by operating system? We currently use an OpenVPN server to connect our laptops to our servers on AWS (...

Robocopy Error 5

When using robocopy to backup data in a directory tree to a NAS, I keep getting Error 5 - Copying NTFS Security to Destination Directory. Access denied. for folders which shouldn't return such error. ...

IPtables : Don't redirect specific IP

I am tryng to redirect all web traffic to a computer using: iptables -t nat -A PREROUTING -p tcp –destination-port 80 -j REDIRECT –to-port 1000 It works but I would like to add a rule in order to ...

How to restrict Workstation access to specific Domain Users

I would like to know how to restrict user access from logging into workstations, servers, etc. I was wondering if there were specific machine settings in Active Directory that could be set. Ideally ...

Permissions for installing Windows Updates

we are administering a set of servers and have a lot of people to accomplish this. In the last months there were accidentally installed updates on our machines by some of our domain admins. Now we ...

What can/should I do about gross lack of IT security at another company? [migrated]

I used to login into a certain website a couple of years ago. Recently I've got an email suggesting that I should renew my membership, and that email included my old password. That's right, my old ...

Is it safe to use the decrypt function in mysql

I am running an ProFTPD Server on Ubuntu 12.04 and do the user authentication with MySQL. Now, I am looking for a secure way the hashed passwords. There a lot of built-in hash functions in MySQL (...

How to secure a Remote Application server farm to prohibit users from running unpublished applications?

We have recently deployed and tested a working RemoteApps configuration based on MS Windows Server 2012R2's Remote Desktop Session Host and Remote Desktop Gateway services, that is intended to allow ...

Rate-limit nginx based on a prior request

It's not a problem, but I get a huge number of vulnerability scanners and script kiddies hitting my site, constantly. My site doesn't run WordPress, but it gets constantly scanned for WordPress ...

Isolate network interface from system except from one docker bridge

I have two separate networks, one which is trusted and one which is untrusted. The trusted network contains a server. Blue is the existing, trusted network and the big box is the server, which is ...

Is nested virtualization secure?

Is it secure to enable KVM nested virtualization on our (physical) host in order to enable users to run own VMs inside their VPS? Or does it introduce some security issues to our primary host and ...

Esxi file ssh config chnages to make non permanent and permananet

I have dedicated server with esxi. I added extra user to esxi and added its keys in /etc/keys/keys-user/authorized_keys Then i rebooted server and that keys folder was gone. Then i find that i need ...

Http page wirh https iframe connecting to other secure host. Will it work?

This is the scenario: my website works through http and includes an iframe loading a swf file from another website of my own. The issue is i need the flash application to make a request to a remote ...

Securing CloudFront video on a SaaS platform

I have few videos which needs to be embedded in a SaaS LMS platform. Is there a possibility of making it available only if played from the SaaS platform. I looked at the Origin Access Identity - they ...

Manage security on NT namespace objects from the command line [on hold]

I need to be able to get the ACL for \Sessions\session_number\Windows\ThemeSection and then revoke a right for the specific user from this ACL. It's possible with OSR Object Viewer but I want to do ...

Malware Scanner for Webserver [duplicate]

What is a good malware/virus scanner for a linux based web server? My organization was recently hacked and the attacker was on our web server. We want to check if he modified any files or left ...

Best way to disable SSH for all users?

For security reasons I want to turn off SSH when I don't use it and turn it on again via a VNC connection as I can connect to my web server remotely over the Digitalocean control panel's console ...

User guest-jHAanB found on computer

I discovered that the data from a MongoDB installation on my computer are deleted. There is also a DB and a Collection with information about how to send 0.5 bit-coin. Obviously our MongoDB ...

How can encrypting the key increase security level in MariaDB data at rest encryption?

I am following the instructions here to encrypt a database in MariaDB: https://mariadb.com/kb/en/mariadb/data-at-rest-encryption/ Obviously, it requires us to generate a key which will be used to ...

Secure internal communications

Most of JEE container, storage backend systems... offers a way to use SSL in order to get a secured communication. In order to get this, I don't quite figure out some issues: Do I need a certificate ...

How to read local user group memberships from a SAM hive?

So I am working with a OS drive from a machine that cannot be accessed. I am trying to discover whether certain group permissions where applied before a DR failover took place. I have the drive ...

NFS - when to use subtree_check and how it affects nested exports?

I have following VPS hosting server storage architecture: And networking: Service VM has access to higher capacity storage and it's supposed to serve as storage server for all VMs. In order to ...

Random domain when using telnet on my server's IP

I was preparing a new website on my cloud server and before changing the domain's pointing IP I decided to use telnet to make a quick test. Since each site is a vhost I can use a different domain (...
Translating... 0%