Questions tagged [network-security]
The network-security tag has no usage guidance.
64
questions
0
votes
1
answer
44
views
Best practices along with using VPN for remote access to VPC [closed]
I'm exploring the OpenVPN access server/ConexaCloud as I want to be able to access a VPC with private resources.
With OpenVPN, what other measures should I take to secure the VPC?
I know I can block ...
- 103
-1
votes
1
answer
66
views
Disable ICMPv6, IGMPv2 and other network protocols
I'm the IT guy for a small office that started to get not so small anymore, so we got a switch and a windows server active directory. Then some security concerns started to appear, so i searched the ...
- 1
0
votes
0
answers
12
views
Protect AdGuard DNS with mTLS
is it possible to Protected/Restrict Access to a AdGuard DNS (or any DNS for that matter) using mTLS?
I have a VPS with Traefik, AdGuard and EJBCA running. I already secure most of my Services with ...
0
votes
0
answers
86
views
Block HTTP/HTTPS POST/PUT from a container
Is there a practical way to inspect HTTP/HTTPS and block arbitrary POST and PUT requests, from within a container, to the internet? (while still allowing GET requests)
I had a look at eBPF but I am ...
0
votes
0
answers
119
views
OpenVPN "TLS Error: TLS key negotiation failed"; possible malicious access tentative
I have an Ubuntu Server with OpenVPN 2.5.5. Here is the server configuration
port 1194
proto udp
dev tun
ca /etc/openvpn/server/ca.crt
cert /etc/openvpn/server/issued/server.crt
key /etc/openvpn/...
- 103
0
votes
3
answers
63
views
Azure managed identity Arc enabled server and operator security
I have an Arc enabled server which is using managed identity to connect to an Azure Key Vault. The IIS hosted application is able to access the key vault without any problems, but there's a security ...
- 3
0
votes
1
answer
297
views
Why I'm getting these random [UFW BLOCK] requests in my syslogs?
I just noticed large numbers of these random requests getting blocked by UFW in my ubuntu server 22.04
9:34 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=193.254.3.18 DST=[...
- 103
0
votes
1
answer
601
views
Getting random http/s requests from certain IP addresses
Stack used: ExpressJs, NodeJs, Docker, Nginx, Ubuntu 20.04
I host my backend on DigitalOcean droplet with the tech stack mentioned above. My server constantly has been targeted multiple times on ...
- 101
0
votes
1
answer
480
views
Windows security event ID 4769 Kerberos Error on single user Domain
I have a test lab with a single Windows Server 2019 and a single Windows 10 Pro PC that connects to it, with a single user, me. I test our own software on it and that's it.
As of the past few days I ...
- 61
0
votes
0
answers
20
views
Wireless SSIDs restrictions for Windows Mac Ubuntu
I am an IT Admin and we are using Symanetc EndPoint protection, through this we have restricted external USB access.Now, I need to allow only office provided wireless access points to the office ...
0
votes
0
answers
72
views
Secure external database access from AWS application
Today we have a solution whose infrastructure is entirely hosted on AWS. Among other things, there is an API (API Gateway + lambda) which communicates with a database through a VPC to VPC connection ...
- 261
0
votes
0
answers
36
views
Securing VPN access using the Always On Technology or 3rd party VPN clients?
I'm using Hybrid Azure AD Join for all my Windows 10 & 11 Workstations, but not for the Windows Server OS.
So rather than manually deploying the 3rd Party VPN client to each workstation, can I use ...
- 1,315
0
votes
0
answers
255
views
Docker and Nginx Reverse Proxy Best Practices
I recently found out some basic security stuff I could implement to ensure that my VPS's are safer. I have tried to implement these but I have run into some problems. I do not know what my next steps ...
-1
votes
4
answers
407
views
What is the proper way to block entire TLDs using iptables?
With new TLDs being approved like .zip that could be extremely malicious, it seems prudent to have the ability to block entire TLDs on tap. What is the proper way to do this in iptables?
- 109
-6
votes
1
answer
100
views
Is there any way to access Hyper-V host from a network adapter not shared with host? [closed]
I am considering to move my firewall inside Hyper-V. There will be only one Guest OS that is connected to the virtual Switch, and the guest OS is the Firewall OS. While the second adapter at the ...
- 596