Question Defense

What Are The OWASP Top 10 Vulnerabilities?

alex — Mon, 07 Oct 2019 18:34:16 +0000

Securing computer applications and software is simply one of the most important stages of planning for development. After all, the level of usage is what determines success, and it reflects the number of active users in the app. There is no way you would refer about safety without referencing OWASP. The acronym OWASP is short…

The post What Are The OWASP Top 10 Vulnerabilities? appeared first on Question Defense.

Improving WordPress: Security Tips

alex — Wed, 02 Oct 2019 10:02:19 +0000

Once you start your WordPress website, you have to pay attention to all security measurements in order to make your website safe for visitors. The below WordPress security tips will assist with the beginning steps to make WordPress more secure. Websites have constant attacks from hackers that try to take some personal data, take over…

The post Improving WordPress: Security Tips appeared first on Question Defense.

MacOS Configure Default Mail Client

alex — Mon, 30 Sep 2019 17:22:55 +0000

On a Mac when you click a link that is a mailto link it will open the default email application, which is the MacOS Apple Mail app or just Mail.app. Many times you might have another email client such as Outlook or Spark, so you will need to change the default mail client to the…

The post MacOS Configure Default Mail Client appeared first on Question Defense.

iTerm2 On OSX – Copy Text In vim On Debian Stretch

alex — Fri, 27 Sep 2019 15:48:49 +0000

I use iTerm2 in place of the default Terminal on MacOS or OSX. I was working on a project that has some Debian Stretch VM’s in Google Cloud, so I was logged into those VM’s via SSH using iTerm2. On previous operating systems I would SSH into using iTerm2 I had been able to simply…

The post iTerm2 On OSX – Copy Text In vim On Debian Stretch appeared first on Question Defense.

Block phpMyAdmin Access Via IP Address

alex — Thu, 26 Sep 2019 11:40:19 +0000

I recently launched a WordPress website using Google Cloud’s Click to Deploy for a client and during that process phpMyAdmin is installed. Since this will allow full control of all of your MySQL database data, one thing that should be done immediately is to lock down phpMyAdmin so access is restricted and attackers cannot even…

The post Block phpMyAdmin Access Via IP Address appeared first on Question Defense.

Browse Privately Online – Tor vs Brave

Wed, 25 Sep 2019 11:56:45 +0000

Ever considered getting better privacy with a browser that’s been designed to shield online browsing sessions from prying eyes? Tor has been around for a long time and is widely considered one of the most popular private browsers out there. But the competing newcomer, Brave, has provided privacy-oriented people with a strong alternative. Both are…

The post Browse Privately Online – Tor vs Brave appeared first on Question Defense.

DTD Attacks or Document Type Declaration Attacks

Wed, 25 Sep 2019 00:50:30 +0000

Some of us, neophytes in security vulnerabilities, underestimate the damage XXE attacks can cause to a system. DoS attacks, sensitive data leaks, or server side forgery requests are only some of the threats that systems with XXE vulnerabilities are exposed to. Before we dive deeper into security aspects and attack types, it is important to…

The post DTD Attacks or Document Type Declaration Attacks appeared first on Question Defense.

WEMO Application Not Detecting LED Bulbs

alex — Mon, 11 Jul 2016 22:51:38 +0000

When I first purchased the Belkin LED Lighting Starter Kit I didn’t have any issues getting the two A19 LED bulbs working with the Belkin WEMO Link Controller. I recently moved and had all sorts of problems getting the WEMO iPhone application to not only configure the WEMO Link Controller but once configured I could…

The post WEMO Application Not Detecting LED Bulbs appeared first on Question Defense.

TokuDB Google Cloud Install: Starting MySQL… ERROR! The server quit without updating PID file

alex — Tue, 20 Jan 2015 04:08:25 +0000

I am fairly new to TokuDB but so far I am impressed with the compression it provides to the data stored within. One of my clients has a ton of data that is constantly growing and thus TokuDB made a lot of sense for the solution that was created. While becoming more familiar with this…

The post TokuDB Google Cloud Install: Starting MySQL… ERROR! The server quit without updating PID file appeared first on Question Defense.

How to Configure NVFax on FreePBX

alex — Wed, 28 May 2014 00:39:16 +0000

Earlier I received a call from a client wanting to know if their VoIP solution would allow them to receive fax calls that would convert a fax to email. After looking at their system the solution was fairly easy since they are running Asterisk with a FreePBX front-end. There are two options with FreePBX when…

The post How to Configure NVFax on FreePBX appeared first on Question Defense.

TextMate Find & Replace Using Regular Expressions

alex — Thu, 15 May 2014 01:59:12 +0000

While working on a new section of the Question-Defense.com web site that will include articles related to Kali Linux I was creating a menu system that would be similar to the Kali Linux menu system. Once the menu was completed with the necessary content and was visually what I was looking for I needed to…

The post TextMate Find & Replace Using Regular Expressions appeared first on Question Defense.

CentOS Remove Old Kernels

alex — Wed, 14 May 2014 03:26:51 +0000

Tonight when upgrading a CentOS Linux server it was noted by YUM that 15MB more disk space was needed to upgrade grub and the kernel itself. Below are four quick steps to verify what kernels are installed, install yum-utils if it is not installed already, delete previous kernels and set YUM to remove old kernels…

The post CentOS Remove Old Kernels appeared first on Question Defense.

Ubuntu apt-get upgrade – The following packages have been kept back

alex — Sat, 07 Sep 2013 03:38:33 +0000

When upgrading packages on Ubuntu using the apt-get upgrade command you may notice that some packages are not upgraded. Ubuntu will not upgrade packages that could have a major impact to service on the server such as the kernel, kernel headers, MySQL packages, and various others. The packages are held back by aptitude as a…

The post Ubuntu apt-get upgrade – The following packages have been kept back appeared first on Question Defense.

Update WordPress Amazon Product in a Post Plugin 2.X to Amazon Product in a Post Plugin 3.X

alex — Thu, 05 Sep 2013 22:44:24 +0000

If you use the Amazon Product In A Post Plugin on WordPress you might have either not upgraded yet or decided to not upgrade because the shortcode syntax has changed. You can get around not upgrading by updating the WordPress post content immediately after you upgrade the Amazon Product In A Post Plugin. Below I…

The post Update WordPress Amazon Product in a Post Plugin 2.X to Amazon Product in a Post Plugin 3.X appeared first on Question Defense.

JTR – John The Ripper Compile Error – /usr/bin/ld: cannot find -lOpenCL

alex — Wed, 04 Sep 2013 21:36:35 +0000

The article below describes an error received while attempting to compile John The Ripper with GPU support via OpenCL on Ubuntu Linux version 12.04 LTS also known as Precise Pangolin. Many compile errors are related to necessary packages not being installed on Linux though other errors could be related to all sorts of different issues…

The post JTR – John The Ripper Compile Error – /usr/bin/ld: cannot find -lOpenCL appeared first on Question Defense.

JTR – John The Ripper Compile Error – common-opencl.h:8:19: fatal error: CL/cl.h: No such file or directory

alex — Tue, 03 Sep 2013 21:17:08 +0000

Recently while attempting to get John The Ripper 1.7.9 jumbo-7 working on a Ubuntu 12.04 LTS Linux server with multiple AMD GPU cards in it I ran across an error during the compile process. The error complained about the VL/cl.h file not being installed and thus could not finishing compiling. Below I describe the compile…

The post JTR – John The Ripper Compile Error – common-opencl.h:8:19: fatal error: CL/cl.h: No such file or directory appeared first on Question Defense.

JTR – John The Ripper Compile Error – sha.h:4:25: fatal error: openssl/sha.h: No such file or directory

alex — Mon, 02 Sep 2013 20:36:04 +0000

Earlier while compiling JTR or John The Ripper password cracker on a new Ubuntu 12.04 LTS server I received a compile error. The error compiling JTR, which is noted in more detail below, pointed to the sha.h file not being found which likely means there is a missing package though I have seen other causes…

The post JTR – John The Ripper Compile Error – sha.h:4:25: fatal error: openssl/sha.h: No such file or directory appeared first on Question Defense.

Ubuntu 12.04 View Package Version

alex — Fri, 26 Jul 2013 14:28:51 +0000

While working to verify some packages in Ubuntu 12.04 had backport patches installed properly I needed to list installed package versions. To do this you can install a package called apt-show-versions which will allow you to list all installed packages and their versions with ease. This likely works on most Ubuntu versions but was tested…

The post Ubuntu 12.04 View Package Version appeared first on Question Defense.

arping – Backtrack 5 – Information Gathering – Network Analysis – Identify Live Hosts – arping

alex — Tue, 05 Feb 2013 09:48:36 +0000

The arping application is a simple command that will allow you to ping devices by hostname, IP address, or MAC address. The unfortunate part is that most device will not respond to the arp requests, which are directed broadcast ICMP echo requests, though there are some out there that do. I go into more detail…

The post arping – Backtrack 5 – Information Gathering – Network Analysis – Identify Live Hosts – arping appeared first on Question Defense.

Authenticate Linux To Active Directory On Windows – Centrify Express

alex — Mon, 04 Feb 2013 07:44:20 +0000

I was working with a coworker today to setup a new Redmine server running on top of Ubunut 12.04 and one of the steps we completed in the process was setting up LDAP authentication in Redmine. Setting up LDAP authentication in Redmine requires the server running Redmine to be joined to the Windows Active Directory…

The post Authenticate Linux To Active Directory On Windows – Centrify Express appeared first on Question Defense.