Linux - mssql-cli and sqlcmd error 0x2746
When trying to use the SQL server linux command-line clients, mssql-cli in a continuous loop without connecting to the SQL server succesfully without any output
security
Pentesting - Crack Windows password hashes
However, despite efforts to create strong passwords, sometimes they can be compromised. In this blog post, we'll delve into the process of cracking
F5 BIG-IP - Add HSTS Strict Transport Security using IRules
HTTP Strict Transport Security (HSTS) is a security feature that allows websites to specify that browsers should only interact with them over secure HTTPS connections.
Checkpoint - Identity Awareness/AD continuous "Failed Login" errors
Check Point Identity Awareness module provides visibility into network traffic, allowing organizations to enforce security policies based granular control over user access.
Recently, I encountered
Linux - How to Disable IPv6
IPv6 stands as the next-generation protocol designed to address the limitations of IPv4 and accommodate the ever-expanding landscape of internet-connected devices.
Here you can see
Security - Changing Database Encryption Key in Authelia
Authelia, a robust authentication and authorization server, is a cornerstone in securing applications with features like multi-factor authentication. One crucial aspect of Authelia's
Security - Remove sensitive data from headers in Postfix
Email headers can provide sensitive and valuable information.
For security purposes it is highly recommended to avoid sending private IP addresses, versions, etc...
Example email
Security - Sudo vulnerability allows privilege scalation
A 10 year old sudo related flaw has been discovered that can make unprivileged users obtain root permissions. Linux admins should patch this critical vulnerability
Security - Error installing Kali: "Installation step failed"
When I was installing a Kali virtual machine, I came across an error in the “Software selection” step
After confirming the software, the installation shows
Security - List available cipher suite using nmap
If you are in process of securing your web server or site, there are some tools and online resources that can help us a lot
Security - View HTTP headers using tcpdump
If you need to trace the HTTP request and response headers by capturing the related packets, you can use tcpdump in this way:
tcpdump -i
Exchange - Update to fix escalation privilege vulnerability
Due to the vulnerability that allows privilege escalation I wrote about in this post, Microsoft has released a cumulative update for all supported versions of
Exchange - New vulnerability that allows privilege escalation
A new vulnerability that affects Exchange on-premise servers has been discovered recently (https://dirkjanm.io/abusing-exchange-one-api-call-away-from-domain-admin/). By making use of the high privileges Exchange servers
Security - Create self signed SAN certificate with OpenSSL
This post explains how to generate self signed certificates with SAN – Subject Alternative Names using openssl. It is a common but not very funny task,
Security - Convert PFX to PEM using Windows or Linux
For certain application, a job partner asked me to send him certain certificate with private key in PEM format. Normally I’m using PFX format,