Passwords suck, but I built a password generator that'll create passwords like "7Salads&aQuailnamedSteve." and "84Butterbeans&anEelcalledRicky!" philipnewborough.co.uk/demos/passwo...
Folksonomy: security
Posts, statuses and bookmarks on philipnewborough.co.uk tagged with: "security"
Find more posts tagged with "security" on Mastodon .
Blog
No blog posts tagged with security.
Status
We have a BitLocker encrypted drive at work and we have lost the recovery password. We think the device was provisioned by a trainee and they forgot to record it. Anyhow, has anyone tried/had any luck with BitCracker? github.com/e-ago/bitcracker
Just configured fingerprint authentication on my ThinkPad T14s under Debian and it worked first time. The device is listed as '27c6:6594 Shenzhen Goodix Technology Co.,Ltd. Goodix USB2.0 MISC'.
Every time I remove a Linode from my pool and the IP address is assigned to another Linode customer, I receive an early warning report from the National Cyber Security Centre about potential security vulnerabilities on the customer's new server. I'm thinking there is a potential business opportunity here.
Starting my morning by blocking a Ukraine based IP address that is constantly hitting a web server. The server hosts a UK only web store, so pretty sure it's not valid traffic. Will need to monitor this.
Bookmarks
-
How Secure Is My Password? | Password Strength Checker | Security.org The #1 Password Strength Tool. Trusted and used by millions.
-
Have I Been Pwned: Pwned Passwords Pwned Passwords are hundreds of millions of real world passwords previously exposed in data breaches. This exposure makes them unsuitable for ongoing use as they're at much greater risk of being used to take over other accounts.
-
OWASP Top Ten | OWASP Foundation The OWASP Top 10 is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications.
-
Digitalwave ModSecurity Repository This is a repository for different Linux distributions, currently for Debian and Ubuntu. The repository contains the necessary packages in pre-compiled binary (and source) format for a WAF (Web Application Firewall).
-
Modsecurity Project ModSecurity is an open source, cross-platform web application firewall (WAF) module. Known as the “Swiss Army Knife” of WAFs, it enables web application defenders to gain visibility into HTTP(S) traffic and provides a power rules language and API to implement advanced protections.
-
The Insecurity of Debian - unix.foo In the end, the choice between Debian and Red Hat isn’t just about corporate influence versus community-driven development. It’s also a choice between a system that assumes the best and one that prepares for the worst. Unfortunately in today’s highly connected world, pessimism is a necessity.
-
An introduction to Linux Access Control Lists (ACLs) | Enable Sysadmin Linux Access Control Lists, or ACLs, can take some getting used to, but they're invaluable for getting a finer-grained control of your Linux filesystem permissions.
-
Poor security let hackers access 40 million voters' details - BBC News The ICO said hackers had access to the Electoral Commissions' systems for over a year. It was only spotted when an employee reported that spam emails were being sent from the commission's own email server.
WOW!
-
Linux maintainers assess blast radius of xz-utils backdoor -
MegaManSec/SSH-Snake: SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.
