Shaare your links...
3009 links
Httqm's Links Home Login RSS Feed ATOM Feed Tag cloud Picture wall Daily
Links per page: 20 50 100
◄Older
page 1 / 6
117 results for tags Security x
  • How useful/necessary is the browser extension "NoScript?"
    Read in the comments :
    "I find that it's more hassle than it's worth."
    Tue Jun 16 15:44:36 2020 - permalink -
    - https://www.reddit.com/r/firefox/comments/46jobd/how_usefulnecessary_is_the_browser_extension/
    Firefox Javascript Plugins Privacy Security
  • KeePassXC Password Manager
    KeePass Cross-Platform Community Edition

    For those wondering about the differences from Keepass2 : https://keepassxc.org/docs/#faq-keepassx
    Mon Apr 6 14:32:37 2020 - permalink -
    - https://keepassxc.org/
    Password Privacy Security Software
  • SSH Key Management & SSH Key managers
    TL;DR : you can :
    - create your own CA to generate user and host certificates
    - upon login, user and host present certificates to each other. Provided both trust the same CA, the login is accepted
    - no more need to deploy keys

    It's also possible to embed extra settings in certificates (like forbidding port forwarding, ...)

    Details : https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/deployment_guide/sec-using_openssh_certificate_authentication#sec-Introduction_to_SSH_Certificates
    Thu Apr 2 10:06:52 2020 - permalink -
    - https://gravitational.com/blog/ssh-key-management/
    certificates Security SSH
  • [openssh-unix-announce] Announce: OpenSSH 8.2 released
    Fri Feb 14 12:33:16 2020 - permalink -
    - https://lists.mindrot.org/pipermail/openssh-unix-announce/2020-February/000138.html
    Linux Privacy Security Software ssh Unix
  • Attaque sur l'authentification WPS
    Tue Jan 7 07:41:37 2020 - permalink -
    - https://net-security.fr/security/attaque-sur-l-authentification-wps/
    Network Security WiFi
  • Everything you should know about certificates and PKI but are too afraid to ask
    Fri Nov 22 07:55:55 2019 - permalink -
    - https://smallstep.com/blog/everything-pki/
    Cryptography PKI Privacy Security SSL TLS
  • Pourquoi la sécurité numérique ne peut pas être la même pour tous les journalistes
    Ne pas changer les méthodes de travail pour favoriser l’adoption

    Transformer son smartphone en coffre-fort peut être contre productif
    ==> les coups et la torture viennent toujours à bout des mots de passe
    Wed Aug 28 09:49:23 2019 - permalink -
    - https://gijn.org/2019/07/16/pourquoi-la-securite-numerique-ne-peut-etre-la-meme-pour-tous-les-journalistes/
    Best_Practice Journalists Security
  • Le piratage de TV5 Monde vu de l’intérieur
    Tout est dans le titre.

    Voir aussi : https://static.sstic.org/videos2017/SSTIC_2017-06-09_P09.mp4
    Mon Jun 17 06:51:48 2019 - permalink -
    - https://www.lemonde.fr/pixels/article/2017/06/10/le-piratage-de-tv5-monde-vu-de-l-interieur_5142046_4408996.html
    France Hack Malware Security TV
  • Dans la tête d’un hacker chinois… – IneatConseil
    Très intéressant.

    Astuce en fin d'article qui peut sauver des vies :
    Beaucoup de malwares utilisent pastebin.com pour délivrer leurs charges utiles. Dans le cas où l’utilisation de ce site n’est pas prévue de manière nominale pour le serveur, il peut être conseillé de bloquer tout le trafic depuis et vers ce site. C’est facilement réalisable avec cette commande sous Linux :

       echo -e "\n0.0.0.0 pastebin.com " >> /etc/hosts
    Fri Jun 7 15:07:54 2019 - permalink -
    - https://blog.ineat-conseil.fr/2019/06/dans-la-tete-dun-hacker-chinois/
    Hack Malware Security Shell
  • Les attaques par collision SHA-1 ne sont plus de la simple théorie
    Thu May 23 09:32:22 2019 - permalink -
    - https://www.zdnet.fr/actualites/les-attaques-par-collision-sha-1-ne-sont-plus-de-la-simple-theorie-39884537.htm
    Cryptography Hack Hash Security
  • IPSET & filtrages des attaques sur les serveurs
    IPSET (http://ipset.netfilter.org/) est un outil Linux disponible depuis bien longtemps mais hélas peu utilisé. Il permet de définir des tables d’adresses IP ou IP+Port ou préfixe d’IP.
    Tue Apr 9 07:00:49 2019 - permalink -
    - https://www.octopuce.fr/ipset-filtrages-des-attaques-sur-les-serveurs/
    iptables Linux Network Security
  • Call for testing: OpenSSH 8.0
    The scp protocol is outdated, inflexible and not readily fixed. We recommend the use of more modern protocols like sftp and rsync for file transfer instead.
    Fri Mar 29 15:12:22 2019 - permalink -
    - https://lists.mindrot.org/pipermail/openssh-unix-dev/2019-March/037672.html
    Open_Source Security SSH
  • 40 Linux Server Hardening Security Tips [2019 edition]
    Very good and up-to-date advice !
    Wed Mar 27 08:59:19 2019 - permalink -
    - https://www.cyberciti.biz/tips/linux-security.html
    Best_Practice Linux nixCraft Security
  • ARP Spoofing in 2018: are you protected?
    TL;DR: don't be so sure, and check your network ;-)

    NB: the article says it can be defeated by DHCP snooping : https://en.wikipedia.org/wiki/DHCP_snooping

    Some ARP tools : https://en.wikipedia.org/wiki/ARP_spoofing
    Tue Mar 5 13:32:18 2019 - permalink -
    - https://isc.sans.edu/forums/diary/ARP+Spoofing+in+2018+are+you+protected/23533/
    ARP Hack MITM Network Security
  • Security Isn't Enough. Silicon Valley Needs 'Abusability' Testing
    (...) tech companies need to work to predict the next form of sociological harm their products might inflict before it happens, not after the fact.

    That sort of prediction can be immensely complex, and Soltani suggests tech firms consult those who make it their job to foresee the unintended consequence of technology: academics, futurists, and even science fiction authors. "We can use art to think about the potential dystopias we want to avoid," Soltani says. "I think Black Mirror has done more to inform people on the potential pitfalls of AI than any White House policy paper."
    Mon Feb 18 07:51:15 2019 - permalink -
    - https://www.wired.com/story/abusability-testing-ashkan-soltani/?mc_cid=be3fe7e4a4&mc_eid=c15c92a706
    Security Société Technology Vie_Pratique
  • Vulnerable Machines
    Interesting details about privileges escalation
    Mon Dec 3 14:21:07 2018 - permalink -
    - https://bitvijays.github.io/LFC-VulnerableMachines.html#linux-privilege-escalation
    Linux Security Shell
  • Advanced web security topics
    Some interesting web hacks explained.
    Thu Nov 22 13:32:16 2018 - permalink -
    - https://blog.georgovassilis.com/2016/04/16/advanced-web-security-topics/
    CSS Hack HTML Javascript Privacy Security Web
  • Entropy and Security
    Some facts / definitions about entropy.
    Tue Nov 6 07:52:57 2018 - permalink -
    - https://danielmiessler.com/blog/entropy-and-security/?mc_cid=8b11aeb08d&mc_eid=c15c92a706
    Entropy Security
  • How to automate password-based SSH logins ?
    Sat Oct 27 08:35:23 2018 - permalink -
    - http://doc.callmematthi.eu/ssh.html#automatePasswordBasedSshLogins
    Password Security SSH
  • 5 Things You Didn't Know You Could do with Nmap - Daniel Miessler
    - Nmap may not be the fastest portscanner, but it’s the most versatile.
    - With its NSE functionality, the lines are blurred between portscanner and vuln scanner.
    - The next time you have something common you want to do with a service, check to see if there’s an NSE script available. Let Nmap do the work for you.
    Wed Sep 5 09:58:21 2018 - permalink -
    - https://danielmiessler.com/blog/things-you-didnt-know-you-could-do-with-nmap/?mc_cid=065d80dbfd&mc_eid=c15c92a706
    Network Security Software
Links per page: 20 50 100
◄Older
page 1 / 6
Shaarli 0.0.41 beta - The personal, minimalist, super-fast, no-database delicious clone. By sebsauvage.net. Theme by idleman.fr.