Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [security]

For questions relating to application security and attacks against software. Please don't use this tag alone, that results in ambiguity. Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. If your question is not about a specific programming problem, please consider instead asking it at Information Security SE

Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.

Resources

6881 questions
41
votes
11 answers

Got Hacked. Want to understand how

Someone has, for the second time, appended a chunk of javascript to a site I help run. This javascript hijacks Google adsense, inserting their own account number, and sticking ads all over. The code is always appended, always in one specific…
Lothar_Grimpsenbacher
  • 1,677
  • 3
  • 19
  • 29
40
votes
4 answers

How can I stop the Windows Recovery Environment being used as a back door?

In Windows 10, the Windows Recovery Environment (WinRE) can be launched by repeatedly cutting power to the computer during the boot sequence. This allows an attacker with physical access to a desktop machine to gain administrative command-line…
Harry Johnston
  • 6,005
  • 4
  • 35
  • 52
40
votes
5 answers

What are the exact protocol level differences between SSL and TLS?

This is a technical deep dive after this overview question was asked. What are the protocol differences between SSL and TLS? Is there really enough of a difference to warrant a name change? (versus calling it "SSLv4" or SSLv5 for the newer versions…
makerofthings7
  • 8,911
  • 34
  • 121
  • 197
39
votes
10 answers

How do I know if my Linux server has been hacked?

What are the tell-tale signs that a Linux server has been hacked? Are there any tools that can generate and email an audit report on a scheduled basis?
cowgod
  • 3,500
  • 6
  • 28
  • 20
38
votes
3 answers

Finding latest successful logins and failed attempts to a CentOS server

I'm looking for a log file or any service to report the latest login attempts that have failed due to username/password mismatch. Are there any such utilities available for CentOS? (built-in is preferred) My second question, and more generally, I…
lashgar
  • 681
  • 1
  • 5
  • 16
38
votes
2 answers

Is a central location for authorized_keys a good idea?

I'm in the process of configuring a cloud server to run the following stack: Ruby, Passenger, Apache; under Ubuntu 10.04 (Lucid Lynx). In the process of wanting to make the server easier to manage I setup RSA keys on root, and www-data so that I…
Gavin Miller
  • 585
  • 2
  • 6
  • 9
38
votes
2 answers

How bad is setting MySQL's bind-address to 0.0.0.0?

I'm trying to allow a remote server to access a MySQL instance that currently shares a Linux server with a web app. According to the documentation the only way this would be possible (unless I'm not understanding correctly) is if the bind-address…
jonathanatx
  • 507
  • 1
  • 4
  • 9
38
votes
12 answers

What do you do about staff and personal laptops?

Today, one of our developers had his laptop stolen from his house. Apparently, he had a full svn checkout of the company's source code, as well as a full copy of the SQL database. This is one massive reason why I'm personally against allowing…
Tom O'Connor
  • 27,480
  • 10
  • 73
  • 148
37
votes
10 answers

Securing a fresh Ubuntu server

Say I've got a fresh install of Ubuntu, what steps should I take to secure it for use as a Rails application server?
Codebeef
  • 1,449
  • 4
  • 19
  • 20
36
votes
6 answers

Windows XP PCs in company network

In our small business, we are using about 75 PCs. Servers and desktops/laptops are all up-to-date and are secured using Panda Business Endpoint Protection and Malwarebytes Business Endpoint Security (MBAM + Ant-Exploit). However, in our…
Thomas VDB
  • 369
  • 3
  • 3
36
votes
3 answers

What kind of network attack turns a switch into a hub?

I read an article today describing how a penetration tester was able to demonstrate creating a fake bank account with a $14 million balance. However, one paragraph describing the attack stood out: Then he "flooded" switches -- small boxes that…
Lucas
  • 485
  • 5
  • 8
36
votes
6 answers

How to enable TLS 1.1 and 1.2 with OpenSSL and Apache

In light of a growing number of security issues, such as the newly announced Browser Exploit Against SSL/TLS (BEAST), I was curious how we could go about enabling TLS 1.1 and 1.2 with OpenSSL and Apache to ensure that we will not be vulnerable to…
John
  • 2,276
  • 7
  • 44
  • 60
36
votes
7 answers

MITM attacks - how likely are they?

How likely are "Man in the Middle" attacks in internet security? What actual machines, apart from ISP servers, are going to be "in the middle" of internet communications? What are the actual risks associated with MITM attacks, as opposed to the…
CJ7
  • 653
  • 10
  • 24
35
votes
9 answers

How can I stop ansible from writing passwords to the logfiles?

I am setting up a MySQL server and want Ansible to set the mysql-root password during installation. With the help of the internet I came up with this solution: - name: Set MySQL root password before installing debconf: name='mysql-server'…
claus
  • 571
  • 1
  • 4
  • 11
35
votes
8 answers

Is it best practices to have separate login for a domain for domain admins?

I typically like to set up separate logins for myself, one with regular user permissions, and a separate one for administrative tasks. For example, if the domain was XXXX, I'd set up a XXXX\bpeikes and a XXXX\adminbp account. I've always done it…
Benjamin Peikes
  • 1,094
  • 3
  • 16
  • 26
1 2 3
99 100