IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [remote-server]

80 questions
0
votes
2 answers

Ports open on jump server in CDE

We placed a jump server in CDE to restrict the direct access to PCI in-scope devices (although I believe it should be outside CDE, please confirm) Now, we have opened SQL ports 1433 and application ports from the jump server to the prod host in the…
user30026
  • 1
  • 1
0
votes
2 answers

ssh authentication: is it possible to have password OR keys?

I'm wanting to use hashbackup to backup one server (A) to another server (B). Hashbackup can send the backup to server B, if server A has server B's key (public?) for passwordless ssh. I haven't used keys prior. I prefer ssh'ing with password and…
oneearth
  • 1
0
votes
2 answers

Secure way to set up GitHub repository in shared remote machine

I have access to a shared remote machine to execute code and store data, accessible through SSH from my local machine, but I do not have root privileges there. The remote is shared among many users. I usually store code in my personal GitHub…
lucasresck
  • 23
  • 4
0
votes
0 answers

What are my vulnerabilities with this multi-user ACL database approach?

I would like some expert insight. I want to know what my vulnerabilities for this model are. This is a demo project that I will be following in my production app if all works out securely. My production app will include hybrid encryption for ALL…
RobbB
  • 117
  • 5
0
votes
2 answers

Store cookies for multiple sites on remote server and connect from multiple clients

Would it be secure to: Store all my website cookies (stack sites, webhost, github, web-based email, etc) on a remote server (using an customized open-source VPN or something) Login to the server with password + 2fa (and maybe have a trusted devices…
Reed
  • 105
  • 4
0
votes
1 answer

Direct access to clients behind NAT

We have a client/server application which we set a port for both server and client to listen to and then enter a list of clients as IP (Host)/Port pair in the server's admin panel for monitoring clients. Then the server connects to clients and asks…
user3067948
  • 1
  • 1
0
votes
1 answer

What's the safest way to make home server available from outside the network?

I have an old laptop that I decided to use as a server, with some samba shares and whatnot (making available some dvd rips and the like), and I'd like to be able to access the files in it from not only inside my home network, but also the outside…
Marcy
  • 3
  • 4
0
votes
1 answer

How can Remote Code Execution in Unity infect me?

There is a Remote Code Execution Vulnerability in Unity, it sounds like a vulnerability that someone can infect you after they trick you click something, I guess. So assume I hadn't installed the patch, and I worked on a local project (one man…
123iamking
  • 235
  • 2
  • 3
  • 9
0
votes
1 answer

What are design and security considerations for a site that connects to its users' own dbs?

I'm envisaging a website where a user signs up, has their own database running somewhere, then provides credentials to the website so that website can access that database. For example, if I was the user, I might be running MySQL on a shared hosting…
youcantryreachingme
  • 101
0
votes
1 answer

How dangerous is it to allow local connections to remote selenium servers?

There are services like BrowserStack or Sauce Labs that help with testing and test automation on different browsers and devices. But, in order to solve the problem of an application under test being behind the VPN or firewall, they implement and…
alecxe
  • 1,515
  • 5
  • 19
  • 34
0
votes
2 answers

Setting up communication between internal database and hosted web server by third party

I am trying to figure out the best and most secure way to do this, if it is possible to do it safe and secure. Small company. We have a hosted web server from a third party that serves our client web app with bare minimum of data in the database on…
cjones
  • 223
  • 2
  • 7
0
votes
3 answers

Why is accessing a remote database a security risk?

I recently wrote a small PHP script to get users that are online in my application, which uses MySQL and is hosted from my dedicated server. I use a popular web hosting company and had trouble connecting to my MySQL database from the script, so I…
AStopher
  • 777
  • 6
  • 18
0
votes
1 answer

secure ways to prevent access to an application by more than one person at a time?

If an application is licensed in such a way that is set up for one user, on one computer, how can I secure it? Even if locking into one computer, how could you prevent the computer from being remotely accessed by others, so that only one user can…
XaolingBao
  • 897
  • 2
  • 9
  • 21
0
votes
2 answers

How risky is to to use external DNS servers?

My infrastructure doesn't have an internal DNS server, so I just forward any DNS request to external DNS servers by iptables rules. I wonder how risk that can be, and how easy is it to spoof DNS or build an attack based on that? Is there a better…
Adam
  • 133
  • 4
0
votes
1 answer

Can the latest glibc DNS vuln be tested on remote servers?

I recently heard of the critical DNS vulnerability in glibc that can lead to arbitrary code execution. I hadn't found much about the cases when the faulty function is called and ways to remotely diagnose the vulnerability - what could be an example…
d33tah
  • 6,524
  • 8
  • 38
  • 60
1 2 3 4
5
6