Questions tagged [security]

For questions relating to application security and attacks against software. Please don't use this tag alone, that results in ambiguity. Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. If your question is not about a specific programming problem, please consider instead asking it at Information Security SE

Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.


6881 questions
31 answers

Our security auditor is an idiot. How do I give him the information he wants?

A security auditor for our servers has demanded the following within two weeks: A list of current usernames and plain-text passwords for all user accounts on all servers A list of all password changes for the past six months, again in plain-text A…
13 answers

How do I deal with a compromised server?

This is a Canonical Question about Server Security - Responding to Breach Events (Hacking) See Also: Tips for Securing a LAMP Server Reinstall after a Root Compromise? Canonical Version I suspect that one or more of my servers is compromised…
  • 6,400
  • 3
  • 19
  • 22
21 answers

How do you search for backdoors from the previous IT person?

We all know it happens. A bitter old IT guy leaves a backdoor into the system and network in order to have fun with the new guys and show the company how bad things are without him. I've never personally experienced this. The most I've experienced…
Jason Berg
  • 19,084
  • 6
  • 40
  • 55
6 answers

What permissions should my website files/folders have on a Linux webserver?

This is a Canonical Question about File Permissions on a Linux web server. I have a Linux web server running Apache2 that hosts several websites. Each website has its own folder in…
  • 13,425
  • 17
  • 61
  • 104
9 answers

Heartbleed: What is it and what are options to mitigate it?

This is a Canonical Question about understanding and remediating the Heartbleed security issue. What exactly is CVE-2014-0160 AKA "Heartbleed"? What is the cause, what OSs and versions of OpenSSL are vulnerable, what are the symptoms, are there…
  • 9,204
  • 4
  • 45
  • 56
3 answers

Possible to change email address in keypair?

I've created an RSA keypair that I used for SSH, and it includes my email address. (At the end of the public key.) I've now changed my email address. Is it possible to change the email address on the key, or is it part of the key and I would have to…
Ram Rachum
  • 5,231
  • 7
  • 34
  • 46
22 answers

Is it normal to get hundreds of break-in attempts per day?

I just checked my server's /var/log/auth.log and found that I'm getting over 500 failed password/break-in attempt notifications per day! My site is small, and its URL is obscure. Is this normal? Should I be taking any measures?
Kyle Cureau
  • 1,537
  • 3
  • 11
  • 15
14 answers

How to view all ssl certificates in a bundle?

I have a certificate bundle .crt file. doing openssl x509 -in bundle.crt -text -noout only shows the root certificate. how do i see all the other certificates?
  • 2,447
  • 5
  • 18
  • 15
5 answers

I am under DDoS. What can I do?

This is a Canonical Question about DoS and DDoS mitigation. I found a massive traffic spike on a website that I host today; I am getting thousands of connections a second and I see I'm using all 100Mbps of my available bandwidth. Nobody can…
Falcon Momot
  • 25,244
  • 15
  • 63
  • 92
5 answers

How to check if an RSA public / private key pair match

I have two files, id_rsa and What command can be used to validate if they are a valid pair?
  • 5,831
  • 24
  • 72
  • 91
4 answers

How to handle security updates within Docker containers?

When deploying applications onto servers, there is typically a separation between what the application bundles with itself and what it expects from the platform (operating system and installed packages) to provide. One point of this is that the…
Markus Miller
  • 1,974
  • 3
  • 15
  • 15
7 answers

How does CTRL-ALT-DEL to log in make Windows more secure?

When logging into Windows, it says on that page that CTRL-ALT-DEL somehow makes Windows more secure. I have never been able to figure a mechanism where having to press some specific key combination before logging in makes the system more secure. I…
  • 11,432
  • 8
  • 37
  • 48
8 answers

How can I implement ansible with per-host passwords, securely?

I would like to use ansible to manage a group of existing servers. I have created an ansible_hosts file, and tested successfully (with the -K option) with commands that only target a single host ansible -i ansible_hosts host1 --sudo -K # + commands…
  • 1,433
  • 2
  • 11
  • 10
7 answers

REJECT vs DROP when using iptables

Is there any reason why I would want to have iptables -A INPUT -j REJECT instead of iptables -A INPUT -j DROP
Mike B
  • 11,871
  • 42
  • 107
  • 168
20 answers

Why should I firewall servers?

PLEASE NOTE: I'm not interested in making this into a flame war! I understand that many people have strongly-held beliefs about this subject, in no small part because they've put a lot of effort into their firewalling solutions, and also because…
  • 5,352
  • 6
  • 31
  • 37
2 3
99 100