From the Blog

Privacy
Guides
Peter

Howto VPn

In our “How to securely” series we asked our followers what tools they would like a simple guide on to help them stay secure online. There seemed to be a lot of confusion as to what a VPN is and why you should or should not use one. So we asked Peter to help.

Read More »
WhatsApp
Data Protection
Peter

How To Whatsapp Safely

WhatsApp is among the fastest-growing instant messengers out there, and almost a social network in its own way. But if you are using it, there are some steps you should take to protect your security and privacy.

Read More »
Securing Zoom
Data Protection
Peter

How To: Securing Zoom

In this guide we are looking at how to go about securing zoom. Since the onset of the global pandemic, we have seen surge in “zoom bombing”. This is where people with malicious intent look for in-progress zoom meetings to join and cause trouble.

Read More »

Microsoft Windows SMB Shares Unprivileged Access

This vulnerability will allow an attacker on a connected network to view any of the files contained within the file share. In some circumstances, it may be possible to add new files and modify existing files within the file share.

Read More »

Near Perfect SSH Configuration

On many vulnerability scans we see SSH being reported as a medium risk vulnerability due to insecure ciphers and poor configurations. In penetration tests we often find we are able to use SSH once we have a set of user credentials, especially where the service is linked through to a centralised password management solution such as Active Directory.

Read More »

Securing Apache: security.conf

Apache is probably the most common webserver used and despite there being well documented guides on how to secure apache, we come across web server header issues and very poor SSL configurations on a daily basis. To aid in the remediation, here is Peter Bassill’s recommended configuration for the apache global security file, /etc/apache/conf-enabled/security.conf:

Read More »

Backup Script

Originally copied from https://voorburg.home.xs4all.nl/backup.html about 10 years ago. Still good.

Read More »

Fixing SMB Signing not required

Implementing SMB signing should be done with care. An excellent guide to implementing SMB signing can be found on Jose Barreto’s blog here. Should it ever vanish, I have copied it below.

Read More »

Web Application Potentially Vulnerable to Clickjacking

A very common issue seen in vulnerability scan reports and to an extent, on Penetration Tests. The risk posed by clickjacking varies by who you talk to. For example, Hacker1 say it isn’t important at all and can be ignored. We believe that as a vulnerability, it is simple stupid to ignore it. Especially as

Read More »

How To Upgrade to PHP 7

Introduction PHP 7, which was released on December 3, 2015, promises substantial speed improvements over previous versions of the language, along with new features like scalar type hinting. This guide explains how to quickly upgrade an Apache or Nginx web server running PHP 5.x (any release) to PHP 7. Warning: As with most major-version language releases,

Read More »

Fixing SSL Medium Strength Cipher Suites Supported

Nessus Summary Nessus Plugin ID: 42873 CVSS v3.0 Base Score: 5.3 Nessus Description: The remote host supports the use of SSL ciphers that offer medium strength encryption. Nessus regards medium strength as any encryption that uses key lengths at least 64 bits and less than 112 bits, or else that uses the 3DES encryption suite.

Read More »

Fixing SSL Null Cipher Suites Supported

Nessus Summary Nessus Plugin ID: 66848 CVSS v3.0 Base Score: 5.3 Nessus Description: The remote host supports the use of SSL ciphers that offer no encryption at all. Note: This is considerably easier to exploit if the attacker is on the same physical network. How to Fix Null cipher suites is where a zero level

Read More »
Scroll to Top