Sysadmins of the North

Technical blog, where topics include: computer, server, web, sysadmin, MySQL, database, virtualization, optimization and security

Tag: security (Page 1 of 5)

Security?

WordPress .htaccess security best practices in Apache 2.4.6+

Apache Access Control done right, ‘Allow/Deny from all’ versus ‘Require All Granted/Denied’

Since Apache 2.4.6, a new module is used to configure and set up access control for websites: mod_authz_core. This means you have to use a different syntax for allowing or blocking hosts and IP addresses to your website. But unfortunately, old documentation is never updated and people even still write blog posts using that old syntax, leaving you with an unprotected website. Not what you had in mind, now is it?…

Read More

How to use SSL in PHP Data Objects (PDO) mysql

connect securely to your MySQL database from PHP PDO using an SSL encrypted connection

If you want to connect securely to your MySQL database over SSL using PHP Data Objects (PDO), here is how…

Read More

A cheat-sheet for password crackers

A cheat-sheet for password crackers that may come in handy sometime, by m3g9tr0n.

Read More

Windows privilege escalation guide

Ryan McFarland writes on his blog: “Privilege escalation always comes down to proper enumeration. But to accomplish proper enumeration you need to know what to check and look for. This takes familiarity with systems that normally comes along with experience. At first privilege escalation can seem like a daunting task, but after a while you start to filter through what is normal and what isn’t. It eventually becomes easier to know what to look for rather than digging through everything hoping to find that needle in the haystack. Hopefully this guide will provide a good foundation to build upon and get you started.”

Read More

List all SPNs used in your Active Directory

There are a lot of hints & tips out there for troubleshooting SPNs, or Service Principal Names. Listing duplicate SPNs is fairly easy, just use setspn -X on your command-line and you’ll find out. But how do you find out which SPNs are used for which users and computers are used for this?

Read More

Important note about Windows Update KB4056892

There is another VERY IMPORTANT THING with Microsoft Meltdown patches like update KB4056892: – Customers will not receive these security updates and will not be protected from security vulnerabilities unless their anti-virus software vendor sets the following registry key:

Read More

Help Net Security reviewed Acunetix 11

Acunetix 11 Review by Help Net Security. Acunetix is one of the biggest players in the web security arena. The European-based company released the first version of their product back in 2005, and thousands of clients around the globe use it to analyze the security of their web applications. They recently unveiled Acunetix version 11, so Help Net Security decided to take it for a spin.

Read More

3 Important security measurements for Windows Server & IIS

Windows Server security: When you have just installed your new Windows Server, with or without IIS as web server, it is important to take a few extra security measurements. Securing your (web) server is important to keep hackers out and your data safe. Here are some steps you can take to secure and harden your Windows Server (IIS) web or file server.

Read More

Windows Server logo small

How to disable SMBv1 in Windows 10 and Windows Server

Disable SMBv1 to prevent prevent Petya/NotPetya, WannaCry/WanaCrypt0r ransomware spreading on your network. These worm viruses exploit a vulnerability in Windows Server Message Block (SMB) version 1 (SMBv1), and spread like wildfire. It is urged you disable SMBv1 in your Windows variant (Windows 10, 8.1, Server 2016, 2012 R2), and here is how if you haven’t done so yet.

Read More

Vulnerabilities in .NET Core, ASP.NET Core Could Allow Elevation of Privilege

Microsoft Security Advisory 4021279: Microsoft is releasing this security advisory to provide information about vulnerabilities in public .NET Core and ASP.NET Core. This advisory also provides guidance on what developers can do to update their applications correctly.

Read More

Penetration Testers’ Guide to Windows 10 Privacy & Security

Andrew Douma, a vendor-neutral consultant, writes in Penetration Testers’ Guide to Windows 10 Privacy & Security:

Read More

Check WordPress Core files integrity

Check the md5 checksum of WordPress Core files against WordPress’ checksums API, using this standalone PHP file. I chose to use a standalone PHP script to check the md5sum of WordPress Core files against the API so you’re not dependent on a possibly hacked WordPress installation. This kind of guarantees the result can be trusted, as opposed to using a WordPress plugin. I think this is a better integrity check of WordPress Core files.

Read More

Intrusion Detection with Windows Event ID’s

Found via cyber-ir.com: This paper is the best I have ever read on how to build IOC’s with Windows Event ID’s. I highly recommend you to read it, it contains very useful information and some very interesting behavioural examples of attacker activity. If you are looking to enhance your detection in your core network this is the document!

Read More

WordPress advisory: Akal premium theme XSS vulnerability & abandonded

Over the course of one week I had the opportunity to audit two hacked WordPress websites. I could quickly discover two vulnerabilities: a Cross Site Scripting, or XSS, in a premium WordPress theme Akal, and a Denial-of-Service in an undisclosed newsletter plugin. This post describes the Akal premium WordPress theme XSS vulnerability.

Read More

Samsung’s smart camera. A tale of IoT & network security

Pen Test Partners writes about IoT and security in the Samsung smart camera SNH-6410BN. They discovered eleven (11) issues, chained together to gain root access. Got r00t?

Read More

Page 1 of 5

Powered by WordPress & Theme by Anders Norén