IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [remote-server]

80 questions
5
votes
5 answers

Avoid unauthorized updating of online leaderboard php/sql

I am developing an offline web app (game) for android using cordova (phonegap). The leaderboard of the same is maintained online in my server. Currently this is how the leaderboard is updated Step 1) The user's score is stored in the offline app's…
Sandeep Thedarkprince C
  • 91
  • 1
  • 5
5
votes
5 answers

Testing C++ Algorithm On A Server

I am making a C++ testing server and want to do that compiled programs would: not have access to read or write files. not have access to open or connect through sockets. not be able to work with ANY non-standard C++ (e.g. system) libraries have…
Pijusn
  • 163
  • 6
4
votes
1 answer

Sulley - only using ASCII printable characters

I have a problem fuzzing FTP protocol. An example of a command fuzzed is the following data model, which should fuzz the "CWD [string]" command of the FTP protocol. s_initialize('CWD') s_static('CWD') s_delim('…
eleanor
  • 528
  • 2
  • 5
  • 11
4
votes
1 answer

Is the ssh-copy-id command secure?

I have 2 Ubuntu 14.04 servers with openssh-server installed on both. I've set up key-based authentication using RSA keys, without passphrase, so that I can run automated backup scripts, to a remote site, with rsync. I normally do the key exchange…
Arronical
  • 167
  • 10
4
votes
1 answer

How does one typically monitor their privileged admins encrypted SSH & RDP sessions?

From a compliance (& perhaps just for pure due-diligence) standpoint, what do IT departments typically deploy to keep an eye on their privileged administrator's remote access sessions? Also what's the standard when it comes to security procedures…
user88092
  • 41
  • 1
3
votes
1 answer

Saving connection parameters in an RDP file

For connecting to a remote Windows Server 2008 I use a standard Windows 7 RDP remote desktop connection. In an RDP dialog there is an option to save connection parameters to an RDP file to use it later for a quick connection. Is it safe to save…
rem
  • 2,017
  • 2
  • 19
  • 27
3
votes
1 answer

How To Track Down Who Initiated A Remote File Transfer Via TeamViewer If I Have Log File

Walked into my office an hour into a Remote File Transfer initiated by an unknown user. I disabled it right away and looked through the files they transferred, which include a blank check with my routing and account numbers, my personal CV, and a…
Scot Smith
  • 31
  • 1
  • 2
3
votes
1 answer

To workaround a FreeBSD ACL bug I need to grant "read attributes/ACLs" to untrusted Samba users. Not happy about security - can practical harm result?

I've found either one, or more than one, bug, in ACL evaluation, when running Samba on FreeBSD. I can't be sure if these are facets of the same bug or related bugs - they're very similar but do have distinct features and expose different specific…
Stilez
  • 1,664
  • 8
  • 13
3
votes
2 answers

What is a proper way of destroying data remotely?

After watching a Defcon talk about data destruction, I became interested in the subject of how I would go around remotely destroying all my data on all my systems. I got to a point where I figured out how to arrange everything so a script would be…
Slava Knyazev
  • 716
  • 5
  • 12
3
votes
2 answers

securities concerns about calling REST API from multiple servers

There is a master web application that needs to call REST APIs from servers of other applications. I can think of two ways to achieve it: a). call APIs on the front-end of the master application(javascript) // javascript code of master…
odieatla
  • 131
  • 3
3
votes
1 answer

Run NetCat as bat file instead of exe

I need to run a netcat on a remote lab machine. I can execute remote commands through the browser with Administrator rights (because of the application vulnerability) but I don't have access to the machine itself. I uploaded nc.exe on a remote…
Dranik
  • 233
  • 1
  • 3
  • 8
2
votes
1 answer

Remote Administrative Access to a server, KVM over IP or HP iLo?

We have a situation. We want to grant remote administrative access to one of our servers for clients. As I know, there are two possible ways: 1- KVM-over-IP and 2-HP iLO. The most important thing for us is security. Next we would like to consider…
A23149577
  • 153
  • 1
  • 11
2
votes
2 answers

How to protect iKvM, IPMI, KvM Interfaces from 0day and other exploits

In REF to http://threatpost.com/ipmi-protocol-bmc-vulnerabilities-expose-thousands-of-servers-to-attack and the hacks of several companies and web hosts have been hit and had their servers wiped from remote management hacking. What can one do to…
Jason
  • 3,086
  • 4
  • 20
  • 24
2
votes
1 answer

"holding open" encrypted home with local ssh

I have a couple of machines that I use for purely automated stuff, with home directories encrypted using ecryptfs. So even if the machine is powered on, those directories aren't decrypted unless that user logs in (desired behavior). Now, I'd like to…
bright-star
  • 147
  • 5
2
votes
4 answers

Protecting IP on a remote server

Apologies in advance if this question is a bit vague. I just joined a stock trading group. A guy set up a server for me, and it's racked in their building. I ssh into it, and run my algo remotely from my house. I just started worrying about…
Taylor
  • 123
  • 4
1
2
3 4 5 6