Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [security]

For questions relating to application security and attacks against software. Please don't use this tag alone, that results in ambiguity. Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. If your question is not about a specific programming problem, please consider instead asking it at Information Security SE

Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.

Resources

6881 questions
3
votes
2 answers

Getting Centos Security Updates as in 2016

I have been searching around in the net and in StackExchange as well, and found out yum-plugin-security although can be installed but it is actually not functioning for Centos-base repositories, back to 2013 and 2014. Referring to this and this. I…
sylye
  • 241
  • 5
  • 13
3
votes
2 answers

Setting up IIS 8.5 - Security practices

This is the first time I'm setting up an IIS installation and i want to make sure to provide maximum security. Some questions were popping into my mind while setting up: Note that this server hosts external websites which have about 50 Users…
SimonS
  • 785
  • 4
  • 14
  • 29
3
votes
1 answer

Clone identical cipher suite from Apache2 on linux to IIS 8.5 in Windows Server 2012r2

Intended result: To have identical cipher support in IIS 8.5 (new server), as I have support for in Apache 2.4 (the server I want to copy the supported ciphers from). ssllabs.com info : Apache 2.4 gives A+ rating with Robust FS support and support…
Kraang Prime
  • 215
  • 1
  • 2
  • 11
3
votes
4 answers

iTunes for iPhone in a corporate environment

We cannot obtain iPhones in my work environment due to "the whole music management problem on servers." Our management is concerned about users putting MP3 files on their laptops or on a server filesystem. After reading Apple's iPhone Enterprise…
Jeff Costa
  • 481
  • 3
  • 9
3
votes
1 answer

Security implications when only allowing logins via key and UsePAM setting is 'yes'?

When setting up a new server, I generally want to allow logins only via key authentification and not from the root user. Therefore, I edit the sshd_config like this: I change 'PermitRootLogin' to 'no' and uncomment 'PasswordAuthentification' and set…
user40974
  • 180
  • 2
  • 7
3
votes
1 answer

How convince Security auditors to change frequent password change policy?

I am a new Junior IT Manager in a small company of around 500 employees and the current policy regarding passwords has enforced password expiration within 30 days, with a password history of 5. As you can understand, this leads to people having…
Dumraden
  • 33
  • 2
3
votes
1 answer

My event log has corrupted DACL 'Write Attributes' in 4656 file audit events

I have been scripting a procedure in powershell to pull security event logs from my windows 2012r2 server. Investigating a bug in my procedure to parse the event into xml I discovered a very strange problem in the 'Access Reasons' property of the…
EPJK1337
  • 61
  • 7
3
votes
1 answer

How secure is information on a LUKS encrypted backup media?

Imagine confidential information (certificates, keys, whatever) stored on an LUKS encrypted backup disk containing for example an ext4 file-system. AFAIK such a device contains a key file which is in turn encrypted with some pass-phrase. Suppose…
pefu
  • 679
  • 1
  • 6
  • 24
3
votes
2 answers

permission denied on authorized_keys

I am attempting to set up SFTP for chrooted users, and use SSH public key authentication. In this example I'll be working with the dummy user "globocorp" who's a member of "sftpusers". This user is chrooted to /sftp/globocorp I have placed my…
esoterydactyl
  • 183
  • 1
  • 1
  • 7
3
votes
1 answer

ejabberd: set Diffie-Hellman (DH) ciphers bitsize to >= 2048

In the modern version of ejabberd there is a possibility to use custom Diffie-Helman parameters by providing a self-generated pem-file to the dhfile and s2s_dhfile options in ejabberd.yml. I had created different such DH parameters pem-files in…
Neurotransmitter
  • 468
  • 1
  • 6
  • 17
3
votes
1 answer

Possible Cisco Router Hack?

We have a Cisco EPC3928AD EuroDocsis 3.0 2-PORT Voice Gateway from our ISP. The router is connected to a firewall (an Ubuntu-box running iptables and Wireshark). Our LAN (10.0.0.1/24) is beyond the firewall. No other equipment is connected to the…
ElToro1966
  • 177
  • 2
  • 8
3
votes
1 answer

How to secure an open proxy (mod_proxy) for demoing service

A client has a service that requires a bit javascript to be added to a customer's page. As a marketing tool to show prospective customers, I created a web app that demonstrates how the customer's page would look with my client's javascript. It's…
Stan James
  • 391
  • 3
  • 8
3
votes
3 answers

Remote users attempting to gain access to root mysqld

I have just reviewed my syslog file and notice a TON of entries of the following: Aug 25 13:06:17 ssrv001 mysqld: 150825 13:06:17 [Warning] Access denied for user 'root'@'61.160.232.48' (using password: YES) The ip is malicious as no one but…
nullReference
  • 263
  • 1
  • 3
  • 11
3
votes
1 answer

How to forbid access to admin URL path in Apache config by IP subnet?

I want to only allow a private IP range to be able to access the administrator panel on my site. I found an article explaining how to do it for a specific directory path, such as /var/www/admin/, but not by URL. I am unable to use the exact…
sybind
  • 327
  • 1
  • 4
  • 14
3
votes
1 answer

How secure is this Nginx Config? What else can I do to optimize it further?

So I recently setup a personal GitLab server and I am using the following config with full SSL. I tried my best but what else can be done to make it better? I mostly learned what I know about webservers from playing around with it in spare time so I…
Dikshant Adhikari
  • 201
  • 1
  • 8
1 2 3
99 100