Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [security]

For questions relating to application security and attacks against software. Please don't use this tag alone, that results in ambiguity. Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. If your question is not about a specific programming problem, please consider instead asking it at Information Security SE

Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.

Resources

6881 questions
4
votes
0 answers

List of all Permissions-Policy header keys and values?

Does someone have a list of all Permissions-Policy header keys and values? What I have: more_set_headers "Permissions-Policy: camera=(self), fullscreen=(*), geolocation=(self), payment=()"; It was somehow (old - don't use it): more_set_headers…
uav
  • 534
  • 5
  • 20
4
votes
3 answers

Remote Desktop Authentication without NTLM - How to Configure from non-Windows clients?

Background This has been bugging me for quite a while (and no amount of internet searching has amounted to a decent solution), so I'm hoping someone can offer some sage advice. When I try and start a Remote Desktop session from a Mac to a Windows…
Alex Leach
  • 1,697
  • 3
  • 16
  • 18
4
votes
0 answers

Setup 2FA/MFA on Jenkins

I'm trying to find how to setup 2FA/MFA on users who login to Jenkins, with Google Authenticator. Everything I'm finding is about logins to servers/git/etc, but not for the actual USERS in Jenkins. Does anyone know how to do this?
Nuno
  • 553
  • 2
  • 8
  • 26
4
votes
1 answer

semodule_package command not found

Hello im trying to install MongoDB on CentOS7. It says there to configure SELInux, which i followed. On the third step, it says to execute the following; checkmodule -M -m -o mongodb_cgroup_memory.mod mongodb_cgroup_memory.te semodule_package -o…
lemoncodes
  • 201
  • 1
  • 3
  • 7
4
votes
2 answers

Virtual machine memory space forensics

in spite of the fact that the main point of virtualization is having "containerized" environments for every instanced OS without sharing memory space, are there techniques to make forensics on either online or offline (paused) virtual…
bbanelli
  • 41
  • 5
4
votes
2 answers

Recommended Mac anti-virus client

What anti-virus client do you recommend for Macs used in an office setting? (I am not asking if you should run AV on Mac, I'm asking for client recommendations.) Candidates: Sophos ClamxAV Others?
Justin
  • 915
  • 3
  • 13
  • 26
3
votes
0 answers

How to configure Content-Security-Policy for Nginx and Drupal 8?

I have a Nginx server with Ubuntu 18.04 and a Drupal 8 site. I have read on several articles that should not use 'unsafe-eval', 'unsafe-inline' I added headers for security but the pages of the site are no longer loaded correctly. Here is my Nginx…
Mathieu
  • 31
  • 1
  • 3
3
votes
4 answers

How useful is Bitlocker without a TPM?

When you install Bitlocker on a system without a TPM you need to put the startup key on a flash drive. Since you can hardly expect the user to store his notebook and flash drive separately, would Bitlocker offer any advantage over an unencrypted…
laktak
  • 686
  • 2
  • 9
  • 16
3
votes
3 answers

Access AWS EC2 MySQL instance remotely - Best practice

We have a small business with less than 10 employees. We have a MySQL database with sensitive information that is hosted on an AWS EC2 instance. The employees need to have access to the DB. Currently, I have exposed the DB to the internet and each…
Vincent L
  • 133
  • 5
3
votes
1 answer

How can I decide which ssl_protocols and ssl_ciphers to set with nginx?

I recently added TLS (letsencrypt with certbot) to my domain. It comes with a basic configuration options-ssl-nginx.conf which includes ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers…
Martin Thoma
  • 277
  • 4
  • 13
3
votes
3 answers

Website security certificate warnings in IE8 Windows 7 (64bit), fine in Firefox

We received new computers for use in the office (Dell Vostro). They seem to work fine for the most part but when we use IE8 to go to some websites, such as Yahoo! Mail, it tells us: There is a problem with this websites security certificate If we…
Steve
  • 31
  • 1
  • 2
3
votes
0 answers

hosts.allow, hosts.deny : One rule per service?

In quite a few places (some old, some recent) it's stated that the tcp-wrappers configuration files /etc/hosts.allow, /etc/hosts.deny allow only one rule per service. This looks wrong to me, I write many sshd: lines in my…
leonbloy
  • 2,118
  • 17
  • 23
3
votes
1 answer

Securing NFSv4 WITHOUT Kerberos on a public cloud?

I've lost enough hair trying to setup this Kerberos nonsense. Is there any way to secure an NFS v4 setup without using Kerberos on a public cloud, i.e: all servers have a public IP (there is no internal IP or no VPC) only known servers will be…
Saurabh Nanda
  • 489
  • 1
  • 8
  • 20
3
votes
0 answers

How to access database on Docker swarm without exposing ports to internet?

I had a really hard time coming up with a short and descriptive title for this... Let me explain: In classic Docker (no swarm mode) I had my system set up in a way that my PostgreSQL database would expose its main port (5432) only to localhost. That…
MadMonkey
  • 295
  • 1
  • 2
  • 8
3
votes
2 answers

IMAP connections from Microsoft IP addresses when using Outlook

I run a Linux based mail server and use Dovecot to provide IMAP over TLS access. This server has been up and running for a bit more than 8 years now and it serves my email address along with those of my clients. As this is one of my business…
moray
  • 63
  • 6
1 2 3
99 100