Highest Voted 'server' Questions - IT Security Stack Exchange

31

votes

3 answers

Could a VPS provider have access to the content of their users?

Could a VPS provider like DigitalOcean have access to the content of their users? In their terms of service they do not mention anything related to this question, but could they theoretically have access (e.g., via a backdoor)? Apart from a possible…

server

asked Oct 25 '15 at 18:48

cgcmake

490
1
4
8

30

votes

13 answers

Is a server infrastructure fundamentally possible which the smartest person can't breach?

TL;DR: Perhaps I've gone overboard with my question's detail, but I wanted to be sure the question was clear since the topic seems very broad. But here it is. The word "smartest" is meant fundamentally, not literally. Is a server infrastructure…

server

asked Aug 25 '15 at 03:45

J.Todd

1,310
1
11
20

5

votes

1 answer

Mail client: Public key pinning

I'm running my own mail server setup: - IMAP: Dovecot - SMTP: Postfix There are 4 clients which retrieve emails via IMAP: - iOS (Default client: Apple Mail) - Android (Default client) - Mac (Default client: Apple Mail) - Windows (Thunderbird) The…

server

asked Jun 03 '15 at 16:14

Ben Richard

3,646
5
19
18

5

votes

1 answer

Does Ubuntu Server have a "phone home" feature?

I've heard that Ubuntu has some sort of "phone home" system that is enabled by default. The kind of stuff that passes along performance information and that type of things to Canonical. I don't know if this is true or not, but if it is happening,…

server

asked Nov 21 '13 at 23:44

Mike Gifford

183
1
6

4

votes

1 answer

What are the pros and cons of using fail2ban when using SSH key auth?

I've just bought a new dedicated server. Should I install fail2ban if I am only using SSH keys to login? What else does fail2ban protect? What are the advantages and disadvantages of fail2ban? Is there a better alternative? I have also disabled root…

server

asked Aug 14 '13 at 20:33

Alex Chamberlain

143
1
2
9

2

votes

2 answers

Is this accidental incident considered hacking(illegal)?

I was doing research for a college research paper and I got bored and opened up CMD. I don't really know more than the next guy about computers, so i figured id just play around. I googled the commands for the command prompt and started trying…

server

asked Oct 17 '13 at 15:14

LBP2creator

31
1

2

votes

1 answer

Chatting server that doesn't know who the end clients are

I am thinking of creating a small chatting server. I want it to be as secure as possible so I found it to be very helpful if some expert could guide me a little bit. Has there been any research on or perhaps a completely built prototype of a…

server

asked Nov 21 '21 at 00:09

donaastor

121
2

1

vote

1 answer

Categories of security when evaluating services and protocols

I'm setting up some externally accessible services for a small business, and evaluating some of the different options I have. This is all new to me. I have found the question, "is this secure?" to be very vague and misleading. So, to weigh the pros…

server

asked Feb 18 '15 at 22:13

Jason C

273
2
16

1

vote

1 answer

Defense of a server against malicious uploaded resources

We know that viruses and other threats can propagate through mail etc.But when any resource is shared,it is uploaded to the server and then shared.This means that the server does not take the responsibility of cleaning the uploaded files of…

server

asked Aug 15 '14 at 01:12

user1369975

179
2
8

1

vote

1 answer

question on rooting

Rooting a server is done through uploading a shell on a target website and running a root exploit to gain root privileges on a server thus gaining access to sites that are hosted on that shared server. My question is, what is preventing a person…

server

asked Nov 10 '13 at 20:52

sss

33
5

1

vote

2 answers

How to build arbitrary code without risking the server?

I'm creating a server that is in charge of building code. This server should be able to run arbitrary building scripts without those being able to harm the server. For example by modifying configuration files, tampering binaries or stealing secrets…

server

asked May 19 '20 at 22:58

Alberto Salvia Novella

151
1
8

1

vote

3 answers

How do I ensure a local Minecraft server (with admin wrapper) is inaccessible to the outside?

I'm running a Minecraft server on my local network for myself and my roommates. I would like to simplify some of the admin tasks by using an admin wrapper. Unlike most of the questions, tutorials, and other things I could find, I want to make sure…

server

asked Mar 04 '19 at 00:38

AnonJr

199
8

1

vote

0 answers

Secure Server start up

From the server implementations that I have seen, people normally use a properties file with all the passwords (that may be encrypted with hardcoded key(s)). I have therefore, created a server that takes localhost inputs. However, that is vulnerable…

server

asked Jul 21 '18 at 10:46

user3635998

111
3

1

vote

1 answer

Is a strange test.cake file on my server a sign of a compromise?

On a clients shared hosting I found a file called test.cake in the admin folder. It's pretty big, 353 KBytes, and contains this: execve("/usr/local/bin/php", ["php", "login.php"], ["GREP_COLOR=1;32", "HOSTNAME=gator3304.hostgator.com",…

server

asked Apr 04 '18 at 10:30

user4035

297
2
6

1

vote

1 answer

Secure dev server with remote staff

What are the best practices to secure a development server where the staff is remote? On that server, it will run apache2 webserver and mysql. Server O/S is Debian 9. My idea is that: Only SSH connections with SSH keys will be allowed. Every…

server

asked Oct 17 '17 at 14:51

tomsk

389
2
8

Questions tagged [server]