Questions tagged [security]
For questions relating to application security and attacks against software. Please don't use this tag alone, that results in ambiguity. Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. If your question is not about a specific programming problem, please consider instead asking it at Information Security SE
6,898
questions
0
votes
0
answers
22
views
Inquiry regarding Security considerations for Nginx Docker image
My name is Ramyashree, and I am currently exploring the usage of the Nginx Docker image within our project. I am reaching out to seek more information about the security considerations and best ...
-1
votes
1
answer
36
views
ASP.Net: Problems loading WebResource.axd
(See also IIS - Ajax Problems when migrating to Windows Server 2022 and https://stackoverflow.com/questions/77523244/ajax-problems-when-migrating-to-windows-server-2022?noredirect=1#...
0
votes
2
answers
135
views
Is opening SMTP port with default Sendmail config safe?
My self-hosted web app (Ubuntu VPS) needs the ability to send noreply@ notifications to users when something goes wrong. I don't really need the ability to receive emails but I would like to comply ...
0
votes
0
answers
52
views
JAVA UnsupportedOperationException (The Security Manager is deprecated) on Windows 10 + OpenJDK
I am using OpenJDK on Windows 10.
C:\Users\divym>java -version
openjdk version "1.8.0_332"
OpenJDK Runtime Environment (Temurin)(build 1.8.0_332-b09)
OpenJDK 64-Bit Server VM (Temurin)(...
- 333
0
votes
0
answers
27
views
How to get the OpenVPN *REMOTE* server version?
Getting the local openvpn client version number is easy: openvpn --version. But I am wondering how to get the server version running remotely? Thanks!
I tried nc and nmap. But none of them provided me ...
- 101
0
votes
0
answers
91
views
Security of keys while keeping my code clean
I'm using a Google Cloud function to call a 3rd party API in my application. The API key/secret will depend on the user in my application.
I would like to send a request from the cloud function to my ...
google-cloud-platform
0
votes
1
answer
37
views
Forbid characters in Ubuntu password
How can I forbid an user to set a password with e.g. the german Umlaut characters äöüÄÜÖß on a Ubuntu 22.04 ?
Even the non-Ubuntu pam regex module can only regex on usernames and not on passwords.
- 193
0
votes
1
answer
59
views
ProxyJump asks for the same password twice
For my work, I have to connect to a remote server. The connection is via a simple SSH and with only one password (no authentication file is needed).
For more clarity, I connect like this:
Do ssh user@...
- 101
0
votes
0
answers
25
views
Ansible: no password in log for community.docker.docker_container env-vars
Via ansible (AWX) I start a docker container with the community.docker.docker_container module. I have some environment variables that I dont wat to be logged. Here is a small example:
- name: &...
- 103
-1
votes
1
answer
48
views
Can already opened event log screens of powershell on windows event viewer can be hacked offline by hackers? [closed]
Can Windows powershell give me fake or altered outputs if I use common commands primarily used in powershell checking hash codes is option but they can be altered too theorically so its not that ...
0
votes
0
answers
28
views
How to set a pre-exiting password for an aws_db_instance resource, from a secure SSoT container while keeping it out of the state file?
I'm trying to find a solution for setting the master user password of an aws_db_instance from a pre-existing secret (which is currently in an existing Secrets Manager resource).
If I use password = ...
- 101
0
votes
0
answers
41
views
How can I give permissions to linux user to execute chown and chmod commands for specific directory?
I have a linux server RHEL 8. This server has a linux user called 'john'. This user doesn't have permissions to apply sudo as root.
I wish to give to john user permissions to execute chmod and chown ...
- 165
-2
votes
0
answers
66
views
Security scanner reports CVE-2016-2114 on Samba 4.17.12 with SMB3 protocol
I'm using Samba 4.17.12 as file server with minimum server protocol set to SMB3 and I don't use any AD Domain Controller in my network. Why my security scanner still reports CVE-2016-2114 ...
0
votes
0
answers
34
views
AWS ELB leaks private ip address via dns name that are only accessible via VPN - can this be considered a security risk?
I'm using VPN for my AWS development environment and i have some databases running on EC2 behind an ELB. The thing is whenever i connect to them via VPN i will use database-12345678.elb.us-east-1....
- 902
0
votes
1
answer
58
views
After run sudo and/or su or su - command, the command prompt not loaded, however the switch user is successful
I saw a maybe similar thread but not sure there the issue is the same:
su command not responding?
I have an Ubuntu 20.04 LTS baremetal server.
After run sudo and/or su or su - command, the command ...
- 115
-1
votes
3
answers
74
views
Monitor web server directories for changed / new files
TL;DR: Is there an easy why to monitor directories for new/changed/deleted files?
Details: A simple WordPress website on a virtual server got hacked. Nothing too serious. No important project / data ...
2
votes
1
answer
542
views
Vmware Virtual Machine Securing Access
I rented a virtual server from a hosting provider that uses VMWare as virtualization software.
If I remove the initial user from the virtual machine created by the VMWare admin and If I change the SSH ...
- 141
0
votes
0
answers
26
views
Newbie: How to add mod_sec rule exception for specific use-case
maybe someone with experience or basic knowledge that knows what they're doing (unlike me :)) can help....
Currently, I have Ubuntu 20.04 installation with OpenLitespeed and Cyberpanel.
I've installed ...
0
votes
1
answer
47
views
Are Packages In Centos Yum Repo's Secure?
I have tried to do research to figure out this issue, but I would like to hear from the community to understand if what is available in the Yum repo is secure. Even when the versions in the repository ...
1
vote
1
answer
88
views
Probed for .env files in commonly used resource paths [closed]
I am using an NGINX server to host a static website exposed to the open internet. While glancing through the access logs I came across a cluster of requests for resources ending with .env, e.g:
"...
0
votes
1
answer
135
views
CA Offline Standard publish Active Directory
I have a hierarchy of one offline CA (standard) and 2 subCAs (enterprise).
The offline CA is not published in Active Directory and the 2 SubCa's are published in AD.
Can the offline CA be modified to ...
- 29
1
vote
2
answers
203
views
IIS 10 - IP Address And Domain Restrictions is denying all traffic
I have a server that has multiple sites set up on it in IIS 10.
On one of the sites, I want to allow access to a range of IP Addresses, and deny traffic to the site from all other IP Addresses.
In IIS,...
- 123
0
votes
0
answers
22
views
2FA SSH authorization by a different user
Is there a way to enable two-factor (2FA) SSH authorization for multiple specified users (not everyone) when their login attempts are confirmed by a different person?
So, on the server with users a b ...
0
votes
1
answer
29
views
Trying to run Security Onion on AWS behind an ALB (nginx behind ALB)
I've got a wildcard certificate for internal services. I'd like to run Security Onion behind an ALB so I can get valid SSL with a single certificate stored in certificate manager. (Storing it there is ...
- 775
0
votes
0
answers
82
views
CA-Certificate and Server Certificate are expired! - openVPN - Server <--> Client(x)
I am hosting an openVPN-Service to connect ~30 IoT-Clients directly to my Server. I have forgoten to extend the lifetime of the self-signed ca.cert and the server.crt. Now my openVPN-Clients could not ...
- 3
0
votes
0
answers
42
views
sanitize folder names before creation
How prevent the injection when creating folders with user supplied paths in a unix like system?
Ideally subfolders can be created only in selected or working folder. Although the creation of folder in ...
- 101
0
votes
1
answer
51
views
Secure method for automated copying of files over a root ssh connection
I currently have a few different services running on my home server and for simplicity, I have a single VM manage the certificates via certbot and just copy them across the network using SCP.
The ssh ...
- 101
0
votes
0
answers
35
views
Gitlab Access Tokens, protected by authenticating Apache Reverse Proxy?
We hide a Gitlab instance (among several other applications) behind a single Apache Reverse Proxy, that is doing user authentication (OpenID) before granting further access to the lower services.
This ...
1
vote
0
answers
140
views
Problems with FIPS Mode in Adobe Acrobat Pro 2020 and Adobe Reader DC
Security requirements are such that we need to set this key depending on software:
HKCU\Software\Adobe\Adobe Acrobat\2020\AVGeneral\bFIPSMode (DWORD = 1)
KHCU\Software\Adobe\Acrobat Reader\DC\...
- 341
0
votes
1
answer
55
views
Creating a low-cost and scalable star network infrastructure
I am tasked with creating the architecture for an integration application for 2 systems.
I will be running a Ubuntu LTS instance, with an application that requires to connect to our clients MSSQL ...
0
votes
0
answers
331
views
how to setup socks5 proxy server on centos9 for network access behind firewall?
I need a socks proxy on centos 9, to access services from an (internal) network behind a firewall.
It should be a socks 5 proxy (dynamic port forwarding) that can only be used by the configured ssh ...
- 101
0
votes
2
answers
47
views
IPTables: introduce a policy for a chain so that I can maintain the drop policy/rule without having to delete it when I need to add a new accept rule?
Say I have a chain introduced with iptables -N SERVICES-VPN.
But then I want this chain to drop everything... so iptables -A SERVICES-VPN -j DROP.
The problem here is that I may need to add rules ...
0
votes
0
answers
43
views
Secure external database access from AWS application
Today we have a solution whose infrastructure is entirely hosted on AWS. Among other things, there is an API (API Gateway + lambda) which communicates with a database through a VPC to VPC connection ...
- 251
0
votes
0
answers
29
views
Someone installed a cryptominer on my Ubuntu server [duplicate]
It seems someone gained access to my ubuntu server and installed a cryptominer. This user added a crontab for the user "git" on my server. I disconnected the server from the internet and I ...
0
votes
0
answers
49
views
Is creating a fake file that's not in use a viable honey pot?
We currently host upwards of 300 wordpress sites/installations, and I am experimenting with beefing up WordPress security through some homemade efforts.
As an IT guy, I watch logs .. All the time, ...
- 354
1
vote
0
answers
70
views
OpenSSL issue with Rancher/Kubernetes cluster on RHEL 8
So we are working on setting up a big Rancher/Kubernetes cluster on a bunch of RHEL 8 servers. We have everything installed and have Rancher running on a 3 node cluster behind a load balancer. The ...
- 11
0
votes
0
answers
22
views
Securing VPN access using the Always On Technology or 3rd party VPN clients?
I'm using Hybrid Azure AD Join for all my Windows 10 & 11 Workstations, but not for the Windows Server OS.
So rather than manually deploying the 3rd Party VPN client to each workstation, can I use ...
- 1,295
1
vote
0
answers
43
views
FreeBSD Local Smart Card Auth Only
I'm trying to figure out how to configure a FreeBSD CLI installation to only allow authentication via X.509 certificates. I'm not talking about SSH, I'm talking about locally in front of the server. I'...
- 133
1
vote
0
answers
16
views
How do I restrict some directories to some clients in GlusterFS?
GlusterFS makes it possible with auth.ssl-allow option to allow or deny access to given volumes for a given client, identified by its SSL certificate, but the access is global: either the client has ...
- 2,275
0
votes
1
answer
191
views
Is Bitlocker automatic unlock not safe?
I don't get how "automatically unlock" Bitlocker feature works on Windows 10. I have a main SSD with OS installed in it that's encrypted with bitlocker and another drive encrypted with ...
-2
votes
1
answer
169
views
How to default to TLS1.3 for all dns traffic to and from Windows 11 box?
I was browsing Wireshark output and noticed that the handshake process for talking to Google DNS servers was asking for TLS1.2 vs the supported default TLS1.3 at 2001:4860:4860::8844.(https://...
- 173
0
votes
2
answers
92
views
Email account to use for company domain registration account?
Domain registration is a very important part of security. If a domain is stolen, all emails in this domain becomes accessible so an attacker could use I forgot my password feature on many website or ...
- 111
-4
votes
1
answer
202
views
Completely unable by any and all means to move Hyper-V VM from one computer to another due to "permission issue"
This is completely incomprehensible how this issue is so pervasive. I want to do something VERY SIMPLE: move a VM from one computer (HOST1) to another (HOST2), but some bull$h!t error ALWAYS HAPPENS ...
0
votes
0
answers
66
views
How to trace process that has already terminated? And even trace back its parent process?
I am able to jail specific commands execution by a proxy script to a user whose sudo privilege is only this script sodo check here for how to. Also the sodo script logs whatever critical commands they ...
- 540
7
votes
2
answers
948
views
How to log executions of specific commands on Linux no matter where it came from?
Dangerous commands like rm , kill and systemctl stop can be hidden outside bash inputs - i.e. - a malicious user can easily hide them inside a python script using os module and just run the python ...
- 540
1
vote
1
answer
84
views
sudo file in sudoers - why user can modify file?
I want to allow one user to run specialscript.sh as root
so in his folder i created
-rwxr---- 1 root deployers 142 Jul 16 14:07 specialscript.sh
and in sudoers.d/specialscripts:
user123 ALL=(...
- 793
-1
votes
1
answer
75
views
Why does AWS Cognito require a client secret when configuring an external IdP (Azure AD)?
I don't understand why AWS Cognito require a client secret when configuring an external IdP (e.g. Azure AD).
AFAIK, AWS Cognito merely forwards federated identities to the external IdP for (OIDC) ...
- 429
-1
votes
1
answer
179
views
assign AD GPO to a specific set of computers: what mechanism?
(In exploratory mode: not sure what is the right question to ask, and how to ask it. Also, new to AD GPOs: please forgive lack of clarity in the question.)
Question: how do I assign an Active ...
- 304
0
votes
0
answers
90
views
Protecting a Linux against root users
I'm searching for a way to "protect" a Linux operating system against (root) users that can potentially misbehave.
My threat model is the one of university students, having access to root ...
-2
votes
1
answer
93
views
Sudo user running app: can it be elevated to be root by app?
Sudo user running app: can it be elevated to be root by app?
e.g.,
user "user_xyz" is a regular user in sudo group.
sudo command
Does not require password.
If the user run an app, can the ...
- 111