Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [security]

For questions relating to application security and attacks against software. Please don't use this tag alone, that results in ambiguity. Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. If your question is not about a specific programming problem, please consider instead asking it at Information Security SE

Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.

Resources

6881 questions
3
votes
1 answer

Firewall Port Mapping, Good or Bad?

Is it worth the trouble to map open ports in the firewall from some inconspicuous port number to the correct port number for a given service? Or is it simpler and similarly secure just to present the actual port number required to the outside…
Nicholas
3
votes
1 answer

Allow user to sudo as any user in group

I'm running a service where I have users that are running services from their home directories. They are all in the group serviceusers, and I have a user that will perform automated tasks initiated from a website on the service users files. Lets…
James McDonnell
  • 131
  • 3
3
votes
1 answer

Storing Multiple SFTP Credentials on a *nix Server

I have a situation where a cron job needs to upload files to at least 2 different SFTP servers. We only have logins, so using SSH keys as suggested in another answer won't work. So given the example: SFTP Server 1 someusername somepassword SFTP…
Robert Dundon
  • 223
  • 2
  • 6
3
votes
1 answer

Is slowdown caused by Meltdown/Spectre patches expected to happen when vm or the virtualisation host gets updated?

I have Ubuntu server vms running on Ubuntu server hosts with Kvm as hypervisor. I know that installing the kernel patches for Meltdown/Spectre may cause the systems to become slower. Is this slowdown expected to happen when vms get patched or when…
Madoc Comadrin
  • 570
  • 4
  • 11
  • 29
3
votes
4 answers

Enable In this update the Windows OS support for PCID performance optimization is enabled Windows Server 2012 R2

I've been following this article regarding the update of Google Compute VMs running Windows Server 2012 R2 and getting mixed results. In the Microsoft Article everything is flagged as True. Below are two screen shots from two different VMs running…
Boomerang
  • 143
  • 1
  • 4
3
votes
1 answer

ansible ssh connections with two factor auth

I'm setting ansible to manage a whole farm of servers. My approach is the following: Allow a user to connect to all servers protecting his connections with a heavy RSA key, passphrase protected, and user password. In order to automate as much as…
Abel
  • 322
  • 3
  • 13
3
votes
1 answer

How to stop unauthorized website replication/mirroring

I'm running a website in a vps server (nginx). I recently found several other websites that are 100% duplicate of my website. Even when I change a post or delete files from my server, these other websites automatically update with the changes I…
Sadiqur Rahman
  • 51
  • 1
  • 2
3
votes
1 answer

Checking the encryption level of Remote Desktop on Windows Server 2012

I want to check that my RDP sessions to a windows server 2012 use SSL/TLS 1.0. I found hints about using tools for Windows 2008 that do not exist anymore on Windows Server 2012 and above. So my question is: how can I be sure (Log--Entries,…
Aurelius Baier
  • 33
  • 1
  • 1
  • 3
3
votes
1 answer

Does using SPF for GSuite open my domain to abuse from GMail?

Google's recommendation for SPF for both GMail and GSuite is v=spf1 include:_spf.google.com ~all My concern is that this is the same for both Google and GMail. If I am not mistaken, this means that I can send from the GSuite server as my personal…
JB.
  • 161
  • 2
  • 6
3
votes
5 answers

Why does anyone use ftp?

I am a newbie, so maybe I'm missing something. Why would anyone use ftp or telnet for site administration? If they use them, why would they wonder how they've been hacked? Isn't it obvious that all this stuff should go over sftp, ssh, or an https…
chernevik
  • 725
  • 3
  • 10
  • 19
3
votes
3 answers

Can Outlook certificate errors be surpressed?

We host a multi-tenant shared exchange environment and some customers are seeing a certificate warning when they open outlook as their domain name is not included in our SSL certificate as a subject alternative name. We have a wildcard certificate…
John
  • 541
  • 4
  • 17
  • 34
3
votes
1 answer

Why is '-o sec=krb5p' unnecessary in the mount command?

I have a nfs server on Centos 7 with this in the /etc/exports file: /export *(rw,sec=krb5p) When I issue this command, it mounts successfully, as expected: mount -t nfs -o sec=krb5p server.example.com:/export /mnt/export It also mounts successfully…
SauceCode
  • 143
  • 1
  • 5
3
votes
3 answers

Blocking HTTP downloads but not HTTPS

Are there any security reasons why a network admin would block downloads over HTTP, but allow them over HTTPS?
user1450877
  • 149
  • 4
3
votes
5 answers

Blacklisting: IP's or domains?

I am implementing a blacklisting system on my website that monitors contact forms for suspicious usage (both spam content and excessive frequency). When I find somebody / robot that meets my criteria for blacklisting, I want to send them to my DB as…
johnnietheblack
  • 491
  • 2
  • 5
  • 11
3
votes
1 answer

How do I respond to DMARC Forensic Reports

I have just received a DMARC forensic report from Hotmail/Microsoft. My SPF policy seems to have successfully blocked the offending email. I have also blocked the offending IP using IPTables (just in case they try another way). Is there anything…
dave37
  • 133
  • 3
1 2 3
99 100