User leeand00 - Information Security Stack Exchange

52 votes

4 answers

56k views

Should I be using ECDSA keys instead of RSA for SSH?

asked Apr 28, 2020 at 17:32

14 votes

2 answers

3k views

Are SHA-2 certificates considered obsolete, or current?

asked Nov 20, 2015 at 16:08

5 votes

1 answer

4k views

Does Firefox use OCSP?

asked Jun 23, 2016 at 19:23

4 votes

3 answers

777 views

What can be done to secure passwords that might be stored in plain text or hashed inside a git repository?

asked Jul 20, 2016 at 16:59

4 votes

1 answer

157 views

Does using creating a seprate firefox profile cause a seprate security context protect against XSS and DNS Re-binding?

asked Dec 1, 2015 at 14:08

4 votes

1 answer

307 views

Looking for SSH key management tricks that apply to a large fleet of machines to reduce the 'trust of first use' attack surface?

asked Dec 10, 2018 at 0:53

4 votes

1 answer

480 views

Is there a way to run a downloaded powershell script as admin without setting a global ExecutionPolicy bypass?

asked Jun 17, 2021 at 14:08

3 votes

1 answer

4k views

Should a backup server be on a separate subnet / vlan from other machines on the network?

asked Jul 18, 2017 at 5:27

3 votes

1 answer

543 views

Is binding all private services to the 127.0.0.1 address and then accessing them via SSH using an RSA key pair of 4096 bits secure?

asked Nov 24, 2015 at 2:37

3 votes

3 answers

7k views

Should I use more than 2048 bits in my SSH-2 RSA Key?

asked Jul 1, 2014 at 20:37

3 votes

2 answers

1k views

What agency digitally signed Cryptowall 2.0 so that it can run without being detected?

asked Oct 18, 2014 at 14:32

2 votes

2 answers

265 views

In what situations should a node ping/not ping?

asked Jan 30, 2019 at 18:11

2 votes

3 answers

2k views

Are there any security hazards to installing Ubutnu for Windows 10?

asked Aug 22, 2019 at 11:49

2 votes

2 answers

909 views

If I turn off Windows Defender Credential Manager off in Windows 10 so I can run a virtual machine in Virtual Box, is that a bad idea?

asked May 27, 2019 at 16:09

1 vote

1 answer

237 views

How do you lock down a users access to ODBC settings in Windows 10? [closed]

asked Aug 7, 2019 at 11:05

1 vote

1 answer

168 views

How does one tighten up their git repo security for Powershell?

asked Jan 4, 2021 at 18:35

1 vote

0 answers

71 views

In CiscoAMP can one determine how long the scan of a file took based on the times between scans in history.db?

asked Dec 31, 2022 at 2:26

1 vote

1 answer

5k views

Is there a way to prevent changing the MAC address on a Windows machine?

asked Jul 14, 2016 at 12:48

1 vote

1 answer

2k views

How do I verify that an ssh public/private keypair go together, is it different for openssl and ssh-key generated keys?

asked Aug 22, 2019 at 18:34

1 vote

1 answer

226 views

Best Practices for exporting sensitive database data and transforming it whilist keeping it encrypted?

asked Jan 30, 2019 at 18:50

1 vote

0 answers

792 views

How can I safely use Get-Credential to obtain a username and password for a set period of time for use as command line arguments?

asked Apr 23, 2018 at 18:05

1 vote

0 answers

91 views

Are the interactive methods of credential gathering listed here actually secure, since they dont store the credentials on disk?

asked May 2, 2018 at 18:09

1 vote

1 answer

198 views

Find the Encryption Key (used for network encryption) assuming a Trust Chain is being used on Windows?

asked Nov 18, 2015 at 15:39

1 vote

2 answers

363 views

Generating a Certificate Signing Request for an Apache webserver on a sub domain?

asked Nov 20, 2015 at 20:56

1 vote

1 answer

520 views

Is it possible to filter internet access on a mobile phone with a 3/4G connection with a proxy server?

asked Jun 28, 2016 at 13:42

1 vote

1 answer

505 views

Is it possible to lock down the http / https proxy settings on an iPhone?

asked Jun 28, 2016 at 15:44

1 vote

1 answer

192 views

Is it possible to lock down the http / https proxy settings on an Android phone?

asked Jun 29, 2016 at 18:29

1 vote

1 answer

142 views

Is it possible to lock down the http / https proxy settings on a Windows Phone?

asked Jun 29, 2016 at 20:35

1 vote

0 answers

149 views

Making My Cache Work and Not Theirs: Blacklist for Blocking Caching Sites with Squidguard?

asked Jul 5, 2016 at 19:38

1 vote

2 answers

254 views

What is the niche that Kerberos authentication fills called?

asked Jul 7, 2016 at 18:01

Stack Exchange Network

48 Questions

Should I be using ECDSA keys instead of RSA for SSH?

Are SHA-2 certificates considered obsolete, or current?

Does Firefox use OCSP?

What can be done to secure passwords that might be stored in plain text or hashed inside a git repository?

Does using creating a seprate firefox profile cause a seprate security context protect against XSS and DNS Re-binding?

Looking for SSH key management tricks that apply to a large fleet of machines to reduce the 'trust of first use' attack surface?

Is there a way to run a downloaded powershell script as admin without setting a global ExecutionPolicy bypass?

Should a backup server be on a separate subnet / vlan from other machines on the network?

Is binding all private services to the 127.0.0.1 address and then accessing them via SSH using an RSA key pair of 4096 bits secure?

Should I use more than 2048 bits in my SSH-2 RSA Key?

What agency digitally signed Cryptowall 2.0 so that it can run without being detected?

In what situations should a node ping/not ping?

Are there any security hazards to installing Ubutnu for Windows 10?

If I turn off Windows Defender Credential Manager off in Windows 10 so I can run a virtual machine in Virtual Box, is that a bad idea?

How do you lock down a users access to ODBC settings in Windows 10? [closed]

How does one tighten up their git repo security for Powershell?

In CiscoAMP can one determine how long the scan of a file took based on the times between scans in history.db?

Is there a way to prevent changing the MAC address on a Windows machine?

How do I verify that an ssh public/private keypair go together, is it different for openssl and ssh-key generated keys?

Best Practices for exporting sensitive database data and transforming it whilist keeping it encrypted?

How can I safely use Get-Credential to obtain a username and password for a set period of time for use as command line arguments?

Are the interactive methods of credential gathering listed here actually secure, since they dont store the credentials on disk?

Find the Encryption Key (used for network encryption) assuming a Trust Chain is being used on Windows?

Generating a Certificate Signing Request for an Apache webserver on a sub domain?

Is it possible to filter internet access on a mobile phone with a 3/4G connection with a proxy server?

Is it possible to lock down the http / https proxy settings on an iPhone?

Is it possible to lock down the http / https proxy settings on an Android phone?

Is it possible to lock down the http / https proxy settings on a Windows Phone?

Making My Cache Work and Not Theirs: Blacklist for Blocking Caching Sites with Squidguard?

What is the niche that Kerberos authentication fills called?