-
How To Check (And Fix) Your Website’s SSL Security
Is Your Website’s SSL Vulnerable? In this tutorial, I’ll walk through how to check your website’s HTTPS SSL certificate for common vulnerabilities and I’ll also provide some steps to easily mitigate common issues. Check Your SSL Certificate Using The Qualys Online SSL Test What are you waiting for? Go scan your website for weak…
-
Hardening an OpenSSH 6.2+ Server in Ubuntu 14.04
How To Secure Your OpenSSH 6.2+ Server Relearning Secure Authentication Before we even get started on securing OpenSSH you need to make sure your overall security strategy makes sense. Are you securing actual sensitive information or are you just worried about someone snooping your connection? This tutorial assumes you are protecting sensitive data and require…
-
How To Fix BootstrapValidator.js Feedback Icon for Input-Group
This article will help you fix BootstrapValidator.js feedbackIcons position for Bootstrap.js input-group class using CSS.
-
OneDrive Linux Client Project Published – FOSS
A great foundation for a proper open-source community project that I really hope others will get involved with to grow this into a proper solution for Linux users seeking OneDrive connectivity.
-
Using Android KitKat with pfSense IPsec VPN
Getting your Android KitKat device to work with pfSense IPsec VPN server is a finicky process and the settings on both sides need to be exact. Android only supports a small subset of common encryption schemes and this article will show you what settings to use.
-
Samsung Galaxy S4 (SPH-L720) “FAIL (auth)” and “SW REV CHECK FAIL” fix
These errors indicate that the phone cannot use the ROM provided (via Samsung’s ODIN loader) because the ROM is either not legitimate or is a version prior to the one currently installed. Basically, if you’ve flashed a ROM that is Android 4.4.2 (KitKat), you will not be able to revert back to an earlier version…
-
Protecting Apache2 Against Slowloris DoS
Slowloris is a tool to DoS an HTTP(S) web server without performing a traditional high-bandwidth “flood” approach. I’ll give you some background on how Slowloris is so effective, even today, and how to protect your Apache servers from this type of attack.
-
The FIDO Alliance’s “Second Factor Experience” In A Nutshell
The FIDO Alliance is a conglomerate of top technology corporations (Microsoft, Google, Oberthur, NXP, Paypal, etc…) aiming to create standardized enhanced authentication with specific goals of “Passwordless Authentication” (UAF) and “Second Factor Authentication” (U2F). Essentially, they want to be able to framework how companies provide secure access to their web resources as well as how…
-
Authentication solutions comparison
There’s a lot of debate in the information security industry about what the next-gen solution will be for authenticating users into services (websites, applications, etc…). I’ve collected a list of suggested authentication solutions (both hardware and software mechanisms) and will try to shed some light on their pros and cons.
-
LogMeIn Rescue SAML 2.0 Authentication Tips
I’ve dealt with a lot of integration projects involving Single Sign-On using SAML2.0 but LogMeIn Rescue’s process for achieving this threw me for a loop initially. I’d like to share a little insight to hopefully help others achieve SSO using LMI Rescue with minimal pain.