IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [network]

Security of network infrastructure and network traffic. For questions about security of network equipment, topology, protocols, traffic, administration, and configuration. Related tags: [packet], [firewall], [network-scanners], [network-access-control].

The provisions and policies to prevent and monitor unauthorized access, misuse, modification, or denial of the computer network and network-accessible resources.

This tag applies to any aspect of network security, from hardware and equipment up to software and configuration.

In the future we may want to re-tag some questions if we create tags for , , etc.

2793 questions
55
votes
13 answers

Is it dangerous to use default router admin passwords if only trusted users are allowed on the network?

There are a lot of articles addressing the dangers of default router admin passwords. Certain security applications will also detect default router admin passwords as a vulnerability. However, these articles all focus on what could possibly happen…
Zsw
  • 757
  • 1
  • 5
  • 10
53
votes
7 answers

Security risk of PING?

I have been told that PING presents a security risk, and it's a good idea to disable/block it on production web servers. Some research tells me that there are indeed security risks. Is it common practice to disable/block PING on publicly visible…
Mr. Jefferson
  • 705
  • 1
  • 5
  • 7
51
votes
4 answers

Do simple Linux servers really need a non-root user for security reasons?

Playing devil's advocate, Let's assume I purchase a Linux server from a hosting provider. I am given a password for the root user and am told I may login using SSH. The only purpose this server has is to host one or more websites, possibly with SSL…
user31679
51
votes
1 answer

Why can you bypass restricted WiFis by adding "?.jpg" to the URL?

I recently read an article on Hacking a commercial airport WLAN. It's basically about circumventing paid airport WiFi redirections (they redirect you to a certain URL when you type something in the address bar). You just add ?.jpg and tada, you've…
JohnPhteven
  • 613
  • 1
  • 6
  • 5
48
votes
5 answers

Bring your own phone to a (new) job: Consequences?

I am starting a new job, and I have the choice to receive a phone from the company, or to bring my own. I am considering using my own phone, to avoid having an extra device, but I want to better understand the consequences of that decision. I have…
aliteralmind
  • 595
  • 4
  • 7
48
votes
13 answers

DDoS - Impossible to stop?

Is it possible - in theory - to stop1 a DDoS attack of any size? Many people claim it's impossible to stop DDoS attacks and tell me I just shouldn't mess with the wrong people on the internet. But what if, in like 5 years, everyone is able to rent a…
user2173629
  • 589
  • 1
  • 4
  • 3
46
votes
2 answers

WPA2 ephemeral key derivation

I'm trying to learn how ephemeral keys in WPA2 4-way handshake are derived. Starting from 4 EAPOL packets sniffing, I successfully derived PMK and PTK reading ANonce, SNonce, and knowing ASCII-PSK and the SSID. From PTK I derived, by splitting it,…
spazio dati
  • 561
  • 3
  • 4
46
votes
6 answers

Can I detect a MITM attack?

Based on this question here: Are "man in the middle" attacks extremely rare? Is it possible to detect man-in-the-middle attacks, and if so, how would one go about it? In addition, what if the attack is taking place via connecting into the local…
TigerCoding
  • 757
  • 1
  • 5
  • 11
45
votes
12 answers

Would it be more secure or not if all computers in the network use the same operating system?

If all the computers use the same operating system, attackers only need to focus on one operating system, would it be unsafe?
user8162924
  • 577
  • 4
  • 4
45
votes
7 answers

Port Knocking is it a good idea?

Normally for a server I like to lock down SSH and other non-public service to only be accessible by certain IP addresses. However this is not always practical if the business doesn’t have static IP addresses or if outside developers need access. I…
Mark Davidson
  • 9,367
  • 6
  • 43
  • 61
43
votes
3 answers

What is the best home wireless network encryption algorithm to use?

What is the best home wireless network encryption algorithm to use? I realize the best answer will probably change over time, and hopefully people can provide updated answers as new standards come out. So far, my knowledge, as of early 2015…
Jonathan
  • 3,157
  • 4
  • 26
  • 42
43
votes
4 answers

How can you change "system fonts" in Firefox (to increase own safety & privacy)?

I know there were some previous (similar) questions to this, I have read them all and also tried but nothing has really helped (maybe because it was outdated information). What I did was I went to: https://panopticlick.eff.org to see my digital…
tenepolis
  • 533
  • 4
  • 7
42
votes
6 answers

Can I change my public IP address to a specific one?

It happens that I participate in a bug hunting program and analyzing the app I realized that there is a particular parameter that is very important for access control and that only changes with the IP address. Anyway, the question here is if I can…
Carlos Bello
  • 575
  • 4
  • 11
41
votes
8 answers

Why is WPA Enterprise more secure than WPA2?

In personal mode WPA2 is more secure than WPA. However, I have read that WPA Enterprise provides stronger security than WPA2 and I am unsure exactly how this is achieved.
user12199
41
votes
5 answers

My WiFi network is replaced by another network. Am I being hacked?

To begin with, I am not very computer savvy. I am an older person with an older computer and a 2003 Windows XP using Google Chrome for a browser. (If anyone is old enough to remember when Windows first came out, and remembers their hologram…
Susie
  • 407
  • 1
  • 4
  • 6
1 2
3
99 100