How can I determine if someone’s SSH key contains an empty passphrase?
Some of my Linux & FreeBSD systems have dozens of users. Staff will use these “ssh gateway” nodes to SSH into other internal servers.
security
Monitoring activity on my computer.
So recently I found that someone has been using my computer without consent, browsing folders, etc….
Why is passing the secrets via environmental variables considered “extremely insecure”?
Passing secrets (password) to a program via environmental variable is considered “extremely insecure” according to MySQL docs and as poor choice (from security aspect) across other resources.
Does installing and using Wine open up your Linux platform to Windows viruses?
Just wondering if installing Wine might open up a fairly solid Linux desktop to the world of Windows viruses. Any confirmed reports about that?
How to prevent a process from writing files
I want to run a command on Linux in a way that it cannot create or open any files to write. It should still be able to read files as normal (so an empty chroot is not an option), and still be able to write to files already open (especially stdout).
How do I list all sockets which are open to remote machines?
A vanilla ss -l lists (on my current machine) lots of open sockets, with various Netid types and many of which are only listening on localhost.
Securest way to authenticate users against /etc/shadow using PHP?
This question became important to me, since I’m setting up a Horde environment and want to use the system accounts. Doing some search I found mainly 4 ways of doing that, which all seem to have some drawbacks. Now I’m wondering, which one is most secure or if I’m missing some alternatives.
How to fill a device with zeros, without overwriting the bytes that are already zeros?
I have a USB flash drive usb 3, the reading speed is much more than the writing speed.
Let’s say that 99% of the flash memory is already full with zeros, and I would like to fill it with zeros until 100%, by overwriting all the memory flash with zeros dd if=/dev/zero of=/dev/FLASH.
How does the kernel prevent a malicious program from reading all of physical RAM?
If I write a program that tries to read memory at every possible address, and I run it on a “full” Unix, it will not be able to access all of the physical RAM. But how does the operating system prevent it from doing so?
Editing my /etc/hosts.deny
I’m being trolled by China, and don’t know why I can’t block their request to my server.