Top new questions this week:
|
|
I am working on the following war game from Defend The Web, which requires me to do a source code review to login as the user memtash. The code is on GitLab here. Here is my methodology: Reset the …
|
|
I wondered what to do if there is a currently ongoing ransomware execution on my computer. Assuming that I’m “spotting” it while it is encrypting my files, should I power my computer off? I …
|
|
How do companies manage SIEM for Kubernetes environments? I am specifically interested in running CIS benchmarks and auditing OS events on the nodes. I already have a Wazuh cluster and agents rolled …
|
|
TL;DR: Is there a safe way to play games over the network with an old computer with an old OS? My son (5yo) really likes base-building games and we would like to play together. Finding coop games we …
|
|
I am studying information security, I have a question that I need help with. Which of the following storage options would give the organization the best chance of recovering data? A. Encrypted …
|
|
CVE-2023-24055 is a known vulnerability that enables an attacker to recover plaintext user credentials from the KeePass application. However, due to the original KeePass being Windows-specific, I’ve …
|
|
Say a ransomware encrypts your database but hides the fact (by secretly decrypting everything you ask for). Then your backups become rubbish once the attacker deletes the key. What are good measures …
|
Greatest hits from previous weeks:
|
|
I know there are many discussions on salted hashes, and I understand that the purpose is to make it impossible to build a rainbow table of all possible hashes (generally up to 7 characters). My …
|
|
I ran a scan with nmap -n -vv -A x.x.x.x –min-parallelism=50 –max-parallelism=150 -PN -T2 -oA x.x.x.x With the following result: Host is up (0.032s latency). Scanned at 2012-10-25 16:06:38 AST for …
|
|
I’m a bit paranoid, but I want to know if my school can see what I’m browsing while logged into my school account but on my home network with my own laptop. I have brought my laptop to school …
|
|
Most users would simply type ssh-keygen and accept what they’re given by default. But what are the best practices for generating ssh keys with ssh-keygen? For example: Use -o for the OpenSSH key …
|
|
In order to mitigate the “Poodle” vulnerability, I’d like to disable SSLv3 support in my (in this case, TLS, rather than HTTPS) server. How can I use openssl s_client to verify that I’ve done this?
|
|
What exactly is the difference between following two headers: Authorization : Bearer cn389ncoiwuencr vs Authorization : cn389ncoiwuencr All the sources which I have gone through, sets …
|
|
Can the internet be censored from the ISP itself? And what to do if the internet is censored by my ISP? Even TOR is not showing me the results I want: I had previously searched for the same keywords …
|
Can you answer these questions?
|
|
We use an external scanner (Qualys) to scan our external assets. We have a firewall in front of the external assets, but it is configured to whitelist the scanner so that the external assets get …
|
|
I’m in the process of evaluating adding WebAuthn/Passkey support to a website, and I’m not really sure how to properly manage challenge nonces. My understanding is that the main reason for using …
|
|
In our company we have many SpeedFaster 2TB USB SSDs. They were working perfectly until our endpoint protection software was updated. Currently they work only for a few seconds and are then blocked …
|
