The protection of computer systems and information from threats such as theft or data destruction.

0
votes
1answer
1k views

Windows 10 TPM Firmware Update for Surface Pro 3

I just updated my OS to windows 10 pro version 1803. In Windows Defender, I now see a warning telling me a firmware update is needed for my security processor (TPM). There is a learn more link that ...
1
vote
0answers
14 views

Can I use KIS (Home Edition) on Win Server 2012 R2

I have data server (win server 2012 r2) and I have KasperSky Internet Security (Home Edition), can I install KIS on the server to protect it from malicious SW.
0
votes
1answer
41 views

Firefox Saved Logins Once cleared never asks again?

If I delete a login/password in firefox by deleting it from the url list under Options > Privacy and Security > Saved Logins , that url will never offer again the option to save a login/password.I ...
0
votes
1answer
52 views

How to secure dynamic dns home network computer? [closed]

I have read a number of articles on setting up a dynamic DNS using my web hosting provider to point towards my home network. This would then allow me to access my Ubuntu server on my home network ...
1
vote
1answer
71 views

IRC Client to Bitlbee - end-to-end encryption?

I'm a newbie to Bitlbee, using it with libpurple to aggregate all my messaging. It's very cool, but I have some security concerns, which I'd like to clarify.When connecting from an IRC Client (I'm ...
0
votes
0answers
14 views

How to set dhcp on hosts respectively in VLAN PacketFence?

firstly, I installed PacketFence in VMware, and opened this ip. 192.168.232.128 is my PacketFence IP. then, I selected VLAN enforcement. In two step, I set eth0 as management, and added two VLANs as...
1
vote
1answer
43 views

How can i safely isolate on-line activity such as banking from chrome browser extensions?

I have seen advice (from an earlier post) stating that simply running separate instances of chrome will not help, and that it is necessary to create separate windows users, one of which (user A) has a ...
1
vote
0answers
39 views

USB-Stick Encrypted for a period of time + Load data on it in this period of time?

For a study, where I am required to store data for a period of time without the possibility to see them I need a solution for a USB-Stick. Is there a possible way to:Have an encrypted USB-Stick...
0
votes
0answers
21 views

Why does Virtual Box VMs add a Floppy Drive by default

Whenever I create a new VM, a floppy drive is added by default. I don't think I've ever needed to use a virtual floppy drive.Seeing that there have been hypervisor vulnerabilities that exploit ...
0
votes
0answers
21 views

entrust security store login keep password

Each time I use entrust security store login, I have to type in password.Is there a way to keep password so that I don't need to input password every time?
0
votes
0answers
22 views

Windows 10 “Update & Security” dialog does not appear - Updates not working

When I go to Settings and then click on "Update & security" no window/dialog appears... and the "Settings" window/dialog also disappears.I have also not been notified of any Windows updates ...
0
votes
0answers
29 views

Inconsistent security behavior in Windows Explorer?

In Windows 7 x64 SP1, in this directory:C:\ProgramData\Microsoft\Windows\Start Menu...to create a new file, I have to confirm the UAC prompt.BUT, to delete this file afterwards, NO UAC PROMPT ...
0
votes
1answer
42 views

Right sequence for hardening Windows 10 against vulnerabilities that persist after reinstall?

I have a Lenovo Ideacenter H50-55 PC desktop (2 years old, Windows 10 Home, 1x AMD A10-7800 Processor) which stopped booting after the last Windows update. I removed the HD, ran check disk from ...
0
votes
0answers
19 views

How to run SecComp in Systemd to only get warning in the logs about systems calls?

I would like to run a program in systemd with SecComp enabled, but only get warning in the logs when the filtered systems calls are done by the program (or its libraries). Note: I already used ...
1
vote
1answer
126 views

Why does the BIOS perform a RAM check before booting?

It appears a little arbitrary to me, so I presume there is some specific reasoning behind this. RAM failure should occur very rarely (it never has to me) and most errors will not even be caught by ...
1
vote
1answer
26 views

Are there any concerns relating to connecting a router to a combo modem/router?

Shaw (an ISP) recently decided to switch from supplying a basic modem, to supplying a combination modem/router, the Hitrom CGNM-2250.The problem is, the router aspect of it is terrible. The admin UI ...
0
votes
2answers
61 views

Is my Corsair DDR4 memory (CMK16GX4M4B3000C15) affected by RowHammer? [closed]

I have a Corsair Vengeance LPX 16GB (4 x 4GB) DDR4 DRAM 3000MHz (PC4-24000) C15 memory kit for DDR4 Systems (CMK16GX4M4B3000C15).I can't seem to find out whether it is affected by the Rowhammer ...
1
vote
0answers
36 views

why is adobe photoshop tcp listening on my computer? cloudfront

I closed photoshop and seems like there are no adobe process running. (macos)Though if i type in terminal:danass$ lsof -i 4i get among others :Adobe\x20 589 danass 9u IPv4 ...
109
votes
3answers
20k views

Deceptive site ahead: unanalytics.com

I am getting strange warning on almost all the websites since morning, including unanalytics.com.I am pretty much sure that it's a issue in google chrome only. The reason for being sure is, I am ...
0
votes
1answer
21 views

Audit or monitor user login

How do you audit or monitor logins and logouts on workstations from a Server 2012 R3 server?The workstations are Windows 7 and 10, and the people who will be using this aren't the most ...
0
votes
1answer
31 views

Windows: What are the security implication of adding Network Service account to “Event Log Readers” group?

I want to read security audit logs from a network service. By default, Network Service does not have permission to read but it can if the account is added to "Event Log Readers". One of the examples ...
0
votes
1answer
68 views

What is the source of “Firefox Download Protection” warnings? How am I sure they are 100% valid

I recently received the following error using Firefox on Debian 9:Source:https://blog.mozilla.org/security/2016/08/01/enhancing-download-protection-in-firefox/I canceled the download immediately ...
1
vote
1answer
30 views

how to prevent gnupg from decrypting files automatically?

I'm on OSX 10.13.4, I am learning how to use gnupg from the terminal.I encrypted a file withgpg --cipher-algo AES256 -c input.txt -o output.gpgit asked me for a password, I made one up, the file ...
0
votes
0answers
20 views

NTLM Session Security

Among authentication NTLM does also provide Session Security in form of signing and sealing. I found a very good documentation about these features and how they work. However, so far I was not able to ...
0
votes
0answers
17 views

AppArmor transition to subprofile - profile not found

I'm trying to write a custom AppArmor profile for a PHP application. The PHP application is run by PHP-FPM (PHP master process). I want to confine everything PHP is executing via shell_exec/exec/...
0
votes
1answer
106 views

How to stop a rogue Linux process from every starting up again

I'm running an Ubuntu 14.04 LTS server, with Apache2, and PHP 5.6.I'm trying to find the source of a process that has been plaguing one of my servers.I can see the process in "top", its ran by the ...
0
votes
2answers
103 views

Building a program in Linux

I am a Windows user but I need to use a Linux tool. I am using Ubuntu. The tool's website here provided a file named: build-x86-64.sh which I installed it. It then says all what you need is to run: % ....
0
votes
1answer
22 views

How To Automatically Edit Request Parameters In Burp Suite

How can I edit the parameters from the requests that burp suite intercepts and forward them automatically. Like for example in the below snap I want to edit the User-Agent line to some other browse ...
0
votes
2answers
53 views

Given an MD5 checksum and a random file. Is it feasible to add a suffix to match the checksum?

I often hear that MD5 is insecure. But I am not sure how it can be manipulated. I don't want to be the guy who just repeat "MD5 is insecure" without knowing some details.Say, I have an 128-bits MD5 ...
0
votes
0answers
25 views

How do I log the execution of programs within a directory regardless of shell?

I'm curious when exactly a particular directory is being used and when it is loaded into memory. Is there a way to place a low level hook in the linux file system that says when a file with execution ...
0
votes
2answers
102 views

What security key specification is needed for WebAuthN compatibility?

Is it already possible to buy a buy a USB-pendrive-style authentication key that is compatible with WebAuthN?If yes, what technical standard/specification should it support?According to press ...
0
votes
1answer
63 views

Unknown VBS script on my browser download folder

There is a _zipit.vbs on my download folder. I use FirefoxThe code opened in notepad below. This file has been on my computer for 6 months.I dont know where it came from but googling seems to ...
0
votes
1answer
39 views

How to secure OneNote cache ( having sensitive information)

I am using Boxcryptor to encrypt the entire OneDrive folder by saving OneNote 2016 files to my PC in an Encrypted OneDrive Folder, which automatically gets synchronized with OneDrive. To make this ...
0
votes
0answers
99 views

What is the difference between headless, service and user Kerberos keytabs

I often work on Kerberised Hadoop clusters, and have to use a variety of keytabs, such as:hbase.headless.keytabhbase.service.keytabdevuser.keytabI'm not entirely clear on exactly what the ...
1
vote
1answer
69 views

Prevent Infection of USB drive

I have a bootable USB drive full of computer repair tools. I would use it to repair a computer that might very well be infected by a virus or other malware. I would like to know how I can prevent ...
0
votes
0answers
17 views

Require password for ssl user certificates every time

I get this screen when I login in using my SSL user certificate: However, I am not asked for the certificate password nor my phone's pin.How can I make Android require me to enterSSLpassword or ...
0
votes
0answers
28 views

will disable the sticky keys prevent sethc hack? [duplicate]

I read about lots of articles about sethc hack and prevention.I am wondering if IT just disable sticky function, will that really stop all sethc attack or there are ways that hackers can somehow re-...
0
votes
1answer
221 views

Someone keeps hacking my wifi router [closed]

I have WiFi router at my home, and I have set the WPA2-PSK security on it. I set it with a strong password. My neighbour has repeatedly hacked my wifi, and I don't know how he breaks my security ...
0
votes
1answer
90 views

How to turn on “only elevate executables that are signed and validated” setting

I'm running Windows 10 Home, and I want to make sure that unsigned executables don't run (or at least I get a popup making sure that I want to run them).I found this page, but I cannot for the life ...
1
vote
1answer
125 views

“Your Connection is not private” - PC can’t go to any HTTPS sites on Chrome and Firefox

At my workplace, one of the computer has problems accessing “https://” websites. It only occurs to this machine and with web browsers Chrome and Firefox; Internet Explorer works with almost no problem ...
0
votes
1answer
108 views

Analyze Spectre and Meltdown Check Script by Red Hat

As you know Red Hat published a script to check the vulnerability of the system to Spectre and Meltdown. Kernel upgrade and activation/deactivation of some features is enough for avoid from these ...
0
votes
0answers
37 views

How to Restrict Windows software to specific directory?

Imagine I have an untrusted software which Do Not Want to access any directory except the one I specify (Restrict software access to an specific directory)Is there a way other than (Virtual machine &...
1
vote
1answer
40 views

How can I effectively restrict myself access to certain websites on Windows 10?

I want to restrict access to myself and I know how to do it using Hosts file but it can be easily disabled by editing this file. Is there a way to effectively restrict myself access to this file after ...
0
votes
1answer
59 views

How does BitTorrent ensure you connect to non-malicious peers when using DHT/Trackerless torrents?

As far as I understand, Trackers in torrents somewhat provide the promise that the peers it shows you are non-malicious.In trackerless torrents however, you fetch peers from other peers. How does ...
2
votes
1answer
58 views

How to get information from an installed malicious program?

I asked a question today on security.stackexchange.com Hijacked certificate and Remote Login. Office computer compromised with a virus? which is a question about a suspicious program named PROGRAM....
127
votes
3answers
20k views

Why does my browser think that https://1.1.1.1 is secure?

When I visit https://1.1.1.1, any web browser I use considers the URL to be secure.This is what Google Chrome shows:Normally, when I try to visit an HTTPS site via its IP address, I get a security ...
1
vote
0answers
21 views

Set variable ftp anon_root directory in ubuntu vsftpd

I have a FTP server running to let local users share files to anon users (friends and peers).The public share folder is called /PubRoot.But I do not want files to be accessed from such a ...
1
vote
1answer
257 views

sudo su not asking password even after changing password

I have an ubuntu instance with aws.After getting ssh login, I was able to change to root password with sudo su command.For security reasons, I wanted to change the root password.So I tries to ...
1
vote
1answer
86 views

Chrome showing insecure for a website. But other browsers show secured

I am trying to open an internet banking website in Chrome.Chrome is showing me that the website is insecure:But if I try using another browser like Safari it shows as secure:I checked with my ...
-2
votes
1answer
68 views

CVE-2012-5785 fix in apache axis2 [closed]

Can anyone please tell me in which version of Apache axis2 CVE-2012-5785 is fixed?Thanks in advance

153050per page