Category Archives: Security - Page 2

How To Update Microsoft Security Essentials In Windows Server 2012 R2

Recently I covered how to install Microsoft Security Essentials in Windows Server 2012 R2, however after performing a Windows update it failed to install with error 0x8004FF04.

Here I will discuss why this happens and then cover how to resolve this problem and update Microsoft Security Essentials manually.
Read more »

How To Install Microsoft Security Essentials In Windows Server 2012 R2

Windows Defender has been built into Windows 8, 8.1 and 10 by default to provide protection against malware, however there is no such default program installed in the Windows server operating system.

To provide a basic level of security in a small server environment, we can install Microsoft Security Essentials with some simple modifications which contains most of the functionality of Windows Defender for free.

By default if you try to install Microsoft Security Essentials in Windows Server you will receive various errors which we will cover how to fix here.

Read more »

How To Use The Bitcoin Client Over The Tor Network

Here we cover how to configure the Bitcoin client to send traffic via the Tor network rather than directly out to the Internet over your own connection, which can help reduce your Bitcoin transactions / addresses from being associated with your IP address.

Read more »

Overview of Kiwicon 2015

Kiwicon 9 2015 Overview

This year for the first time I made my way down to Wellington in New Zealand to attend Kiwicon 9. Kiwicon is a security / hacker conference that has been held each year since 2007.

I’ve previously attended Ruxcon 6 times, which is another computer security conference but here in Australia so it’s a bit easier for me to get to. After my experience with Kiwicon I am definitely interested in going back, it was easily the best security conference that I’ve been to so far.

Read more »

How To View BitLocker Disk Status

Bitlocker status

BitLocker is Microsoft’s solution to providing full disk encryption. While setting up BitLocker and encrypting your disk you probably want to check and view the progress and see the current status, as it can take quite a long time depending on the size and speed of your disk.

Here we cover how to view the current BitLocker status in both the graphical user interface, and with PowerShell.

Read more »

How To Disable USB Storage Devices In Linux

How To Disable USB Storage In Linux

By default when you plug in an external USB storage device into a computer running Linux it will automatically mount, allowing the user to access the contents.

This behaviour can be less than ideal from a security perspective, as it can allow an attacker to copy confidential files, or allow a user to run a malicious script stored on the USB device for example.

With some simple configuration changes we can disable USB storage in Linux for unprivileged users.

Read more »

Use SELinux Port Labeling To Allow Services To Use Non-Standard Ports

SELinux Ports

By default SELinux policy defines the ports that a particular service is allowed bind to and make use of with port labeling. This increases system security by preventing random services or malicious code from being able to bind to a well known defined port that may otherwise be used by a legitimate service.

In order to change a service to use a non standard port we must change SELinux policy and specify the SELinux port types that are allowed to use specific ports.

Read more »

Overview of Ruxcon 2015

Ruxcon 2015 Overview

I attended the Ruxcon 2015 computer security conference this year in Melbourne Australia for my 6th consecutive year and thought I’d post an overview of the event. I’ll cover the awesome presentations that I saw as well as the capture the flag hacking game where I spent most of my time.

Read more »

How To Configure Private Directories With Apache

Password Login

By default Apache will serve content out to anyone that requests it which essentially makes it public. We can add some additional simple configuration to create a private directory that can only be accessed based on source IP address, or with a username and password combination, or even based on user group membership.

Read more »

How To Provide NFS Network Shares to Specific Clients

NFS share for specific clients

With NFS we can export specific directories within a file system over the network to other clients allowing us to share various files over the network. It is important to configure this properly and secure it as much as possible so that only the required clients have access to the NFS share, otherwise it may be possible for anyone to mount it and access the data.

To do this we are going to use the /etc/exports file on the NFS server and lock down shares to only be accessible by specific IP addresses.
Read more »