Questions tagged [network]
Security of network infrastructure and network traffic. For questions about security of network equipment, topology, protocols, traffic, administration, and configuration. Related tags: [packet], [firewall], [network-scanners], [network-access-control].
2,906 questions
0
votes
0
answers
31
views
Matching network alerts with labelled flow data in Suricata [closed]
I’m working with network traffic from the CICIDS 2017 dataset https://www.unb.ca/cic/datasets/ids-2017.html specifically the “Tuesday Working Hours” capture. The dataset contains a collection of false ...
0
votes
1
answer
80
views
What is the best way to authenticate and encrypt a simple, end-user started, ephemeral tcp server?
Context
I have a GUI application with a proprietary scripting language. There is a library that starts a python child process from the GUI which listens on a tcp socket and runs any script command ...
- 101
0
votes
0
answers
76
views
Does my ISP see what operating system I’m using when I use my own router and a VPN? [duplicate]
I’m using Qubes OS on my computer and I want to hide this fact from my ISP. My default template is Fedora(sys-net, sys-usb, sys-firewall are Fedora operating system). I’m using my own router (not the ...
1
vote
0
answers
49
views
Eduroam certificate - is it safe? [duplicate]
I am trying to use wifi at the university and the only option is to use eduroam. When connecting to eduroam it requires trusting a certificate first. I wonder, how safe is trusting this certificate ...
- 11
2
votes
2
answers
222
views
How to prevent javascript in a single webapp from communicating with outside servers
I want to use certain javascript webapp running in browser and be certain it doesnt send data outside.
I self host this webapp on my own server and connect to it via my PC browser. So I can edit ...
- 23
0
votes
1
answer
188
views
How secure is a network HSM connection with TLS disabled, relying only on IP ACLs and PKCS#11 slot PINs?
If TLS is disabled on a network-attached Hardware Security Module (HSM), but the device still enforces:
IP-based access control (only whitelisted client IPs can connect),
and
PKCS#11 slot PIN ...
- 101
0
votes
0
answers
68
views
How do websites ensure security of the data transferred when the connection goes through third parties? [duplicate]
Disclaimer:- I am not a cybersecurity or computer science student. I am just curious about this scenario and couldn't find/understand how the methods used ensure the safety of the connection are ...
1
vote
1
answer
179
views
De-anonymization of VPN use through broken killswitch?
This answer to a question about how to make a killswitch for use with a VPN states "don't simply whitelist port 1194 or you will allow trivial deanonymization" and this answer to a similar ...
- 111
2
votes
0
answers
54
views
How do you track vulnerabilities from non-CNA vendors and third-party components?
I'm working on evaluating the security posture of embedded devices, and I’ve run into a challenge when dealing with vendors who are not CNAs — especially those that rely on third-party components.
For ...
1
vote
0
answers
55
views
ettercap-text-only ARP Poisoning Works in Docker Environment with three containers but No Packets Are Sniffed
I'm working on a protected Docker based lab with three containers for education purpose to run network tools like Ettercap to perform a MITM.
Here's a snippet from my Dockerfile for the attacker ...
- 11
2
votes
2
answers
152
views
Block access to device except USB
We would like to sell a device (Raspberry Pi) to our customers that does process customer data. The device contains sensitive data and software to which the customer should not have access. The ...
- 21
5
votes
2
answers
1k
views
Is it a security risk to share a NAT gateway across multiple cloud tenants?
If a NAT gateway hosted in cloud is used by multiple tenant nodes to send data across the internet, is there any significant security risk and is it considered and insecure design?
Only security risks ...
- 51
0
votes
1
answer
122
views
Why do we use TLS if we already have IPsec, and visa versa? [duplicate]
I couldn't understand why IPsec was used when the application data we were going to send was already encrypted by TLS. Or, if at the end of the day, all the data we send is encrypted at the bottom ...
- 9
0
votes
1
answer
153
views
Block all HTTP/80 traffic? [closed]
We are starting an initiative to remove all unsecure protocols. Logically, we would also need to block HTTP / Port 80. And this is where we cannot agree:
Some say blocking http/80 is a bad idea. port ...
- 195
1
vote
1
answer
669
views
How do I deauth a client on 5Ghz?
Setup Details:
Access Point Security: WPA2
PMF: Not enabled on the client
Channel: Non-DMF (Channel 40)
Channel Width: 20 MHz
Network mode: 802.11 B/G/N
MDK4 version: 4.2
Aireplay-ng version: 1.7
...
- 11