From our Blog

VPN
Guides
Peter

Howto VPN

In our “How to securely” series we asked our followers what tools they would like a simple guide on to help them stay secure online. There seemed to be a lot of confusion as to what a VPN is and why you should or should not use one. So we asked Peter to help.

Read More »
whatsapp
Data Protection
Peter

How To Whatsapp Safely

WhatsApp is among the fastest-growing instant messengers out there, and almost a social network in its own way. But if you are using it, there are some steps you should take to protect your security and privacy.

Read More »

How To: Securing Zoom

In this guide we are looking at how to go about securing zoom. Since the onset of the global pandemic, we have seen surge in “zoom bombing”. This is where people with malicious intent look for in-progress zoom meetings to join and cause trouble.

Read More »

Microsoft Windows SMB Shares Unprivileged Access

This vulnerability will allow an attacker on a connected network to view any of the files contained within the file share. In some circumstances, it may be possible to add new files and modify existing files within the file share.

Read More »

Near Perfect SSH Configuration

On many vulnerability scans we see SSH being reported as a medium risk vulnerability due to insecure ciphers and poor configurations. In penetration tests we often find we are able to use SSH once we have a set of user credentials, especially where the service is linked through to a centralised password management solution such as Active Directory.

Read More »

Securing Apache: security.conf

Apache is probably the most common webserver used and despite there being well documented guides on how to secure apache, we come across web server header issues and very poor SSL configurations on a daily basis. To aid in the remediation, here is Peter Bassill’s recommended configuration for the apache global security file, /etc/apache/conf-enabled/security.conf:

Read More »

Backup Script

Originally copied from https://voorburg.home.xs4all.nl/backup.html about 10 years ago. Still good.

Read More »

Fixing SMB Signing not required

Implementing SMB signing should be done with care. An excellent guide to implementing SMB signing can be found on Jose Barreto’s blog here. Should it ever vanish, I have copied it below.

Read More »

How To Upgrade to PHP 7

Introduction PHP 7, which was released on December 3, 2015, promises substantial speed improvements over previous versions of the language, along with new features like

Read More »