Passwords suck, but I built a password generator that'll create passwords like "7Salads&aQuailnamedSteve." and "84Butterbeans&anEelcalledRicky!" philipnewborough.co.uk/demos/passwo...
Folksonomy: security
Posts, statuses and bookmarks on philipnewborough.co.uk tagged with: "security"
Find more posts tagged with "security" on Mastodon .
Blog
No blog posts tagged with security.
Status
We have a BitLocker encrypted drive at work and we have lost the recovery password. We think the device was provisioned by a trainee and they forgot to record it. Anyhow, has anyone tried/had any luck with BitCracker? github.com/e-ago/bitcracker
Just configured fingerprint authentication on my ThinkPad T14s under Debian and it worked first time. The device is listed as '27c6:6594 Shenzhen Goodix Technology Co.,Ltd. Goodix USB2.0 MISC'.
Every time I remove a Linode from my pool and the IP address is assigned to another Linode customer, I receive an early warning report from the National Cyber Security Centre about potential security vulnerabilities on the customer's new server. I'm thinking there is a potential business opportunity here.
Starting my morning by blocking a Ukraine based IP address that is constantly hitting a web server. The server hosts a UK only web store, so pretty sure it's not valid traffic. Will need to monitor this.
Bookmarks
-
Home - Distributed Denial of Secrets
We're a 501(c)(3) non-profit in the US that archives and publishes hacked and leaked documents in the public interest.
-
How Secure Is My Password? | Password Strength Checker | Security.org
The #1 Password Strength Tool. Trusted and used by millions.
-
Have I Been Pwned: Pwned Passwords
Pwned Passwords are hundreds of millions of real world passwords previously exposed in data breaches. This exposure makes them unsuitable for ongoing use as they're at much greater risk of being used to take over other accounts.
-
OWASP Top Ten | OWASP Foundation
The OWASP Top 10 is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications.
-
Digitalwave ModSecurity Repository
This is a repository for different Linux distributions, currently for Debian and Ubuntu. The repository contains the necessary packages in pre-compiled binary (and source) format for a WAF (Web Application Firewall).
-
Modsecurity Project
ModSecurity is an open source, cross-platform web application firewall (WAF) module. Known as the “Swiss Army Knife” of WAFs, it enables web application defenders to gain visibility into HTTP(S) traffic and provides a power rules language and API to implement advanced protections.
-
The Insecurity of Debian - unix.foo
In the end, the choice between Debian and Red Hat isn’t just about corporate influence versus community-driven development. It’s also a choice between a system that assumes the best and one that prepares for the worst. Unfortunately in today’s highly connected world, pessimism is a necessity.
-
An introduction to Linux Access Control Lists (ACLs) | Enable Sysadmin
Linux Access Control Lists, or ACLs, can take some getting used to, but they're invaluable for getting a finer-grained control of your Linux filesystem permissions.
-
Poor security let hackers access 40 million voters' details - BBC News
The ICO said hackers had access to the Electoral Commissions' systems for over a year. It was only spotted when an employee reported that spam emails were being sent from the commission's own email server.
WOW!
-
Linux maintainers assess blast radius of xz-utils backdoor