All posts in:

Security

How Secure is the Email Connection from End to End

Background There was a perception the email was somehow not secure end to end, and the hacker could sniff around the email package. Solution Most of the email servers, the hosted one especially, implemented the Transport Layer Security (TLS), a cryptographic protocol designed to provide communications security over a computer…

How to Find the Vulnerability in Small Office Home Office (SOHO) Network

Background As work-from-home increased since the Covid, securing the small office home office (SOHO) network is quite challenging. Solution Firstly, we get the public IP of the network that we would like to test via IPChicken. Easy Test The quick and free solution is to use the tools from PennTest…

How to Solve Microsoft Support Diagnostic Tool Vulnerability

Background We have been following one of YouTube’s IT security channels, and they mentioned Zero Day in relation to Microsoft Office (Follina). After researching this, we found that the vulnerability is actually related to Microsoft Support Diagnostic Tool. The detail of the attack is mentioned on this – https://doublepulsar.com/follina-a-microsoft-office-code-execution-vulnerability-1a47fce5629e Temporary…

How to Install and Configure OpenVPN on Ubuntu

Background Over time, we use multiple VPN products such as ExpressVPN and IPVanish and they are excellent products. But then we found that it’s underutilised so we decided to find alternative but cost-effective. We found OpenVPN which is open-source. Since we have multiple virtual machines in the clouds, we decided…

Exposing the Attack on the Website

Background We found weird one of our websites as the link not be able to go to the proper URL with the domain, and in fact, it went to a third-party link. That’s quite alarming. We then checked Google Analytics, and the traffic went down. There was something not right…

picoGym: The Answers

As I am challenging myself in picoGym, here is the guide on how to get the answer. The hints are very helpful. Obedient Cat Click the picoCTF web shell. Download: wget https://mercury.picoctf.net/static/217686fc11d733b80be62dcfcfca6c75/flag Check the file: ls -li See the file: cat flag Copy the answer – picoCTF{xxx} and post it…

How to Harden Router Security for Home/Office in 2022

Background As configured more routers on-site either in the office or home-office environment, we started to compile on how to harden the router for protection from hackers or attackers. Router hardening is an IT security term that essentially means locking it down for maximum security. Solution Many router brands are…

How to Harden the Ubuntu Server in 2022

As we spun out more virtual machines on the cloud for web and application hosting and started managing this environment ourselves, we began compiling our own guide on how to harden an Ubuntu server for better protection from hackers. Here is the setup: Enabling Automatic Updates Most servers get hacked…

How to Change the Resolution in Kali Linux using Hyper-V

The Environment Kali Linux Virtual Machine (VM) running on Windows 11 Hyper-V Challenge Not be able to figure out in the Hyper-V or in the Kali itself to change the current resolution. The default is very small. Solution Log in to Kali virtual machine. Run the command line: sudo vi…

Linux Commands – Quick Cheat Sheet

Having a quick cheat sheet is quite handy. ManualUserDirectory/FilePermissionNetworkServicesInstalling and Updating Tools Manual See the manual for command: man User To find the current user: whoami To change the password: passwd To switch users: su To add a user: adduser /etc/passwd, /etc/shadow To run as a sudo admin: sudo [command]…