Tuesday github hailed me telling me that my password might have been in some logfile and it needs to be changed – two days later, same thing on Twitter. Both cases aren’t really to be taken too easy – and both companies did it well: transparent. I don’t want to say that it’s a good thing that companies […]
Tag: security
POODLE Security Vulnerability and IE6
The Facts: As a counter-method against the POODLE-Security Vulnerability it is recommended to disable SSLv3. Internet Explorer 6 cannot deal with TLSv1. For security reasons I did disable SSLv3 here too. Guess that’s quite some hard times for Internet Explorer 6. Care to update? ;)
Google-Authenticator – Strike 2
Google Authenticator surely is a cute thing. But my current solution isn’t really matching my taste: one token for every app which makes up a total of 20 token for my daily use – about 19 token too much if you’d ask me. A solution could be a Radius server, having all the users authenticated using a PAM […]
Google-Authenticator and SSH
Looking at the current bugs and problems with passwords and authentification, everything is insecure – at least in theory. Believe me, as a sysadmin I have to say, “that sucks”. So I decided to choose “Plan G” which is the Google-Authenticator, a software token to extend our passwords by a new 6 digits number, pretty much like the […]
Safenet Authentication Client 8.1.0-4 vs Gentoo64?
Today someone pointed me towards SAC 8.1 which is the middleware for my eToken which I am trying to use on Gentoo (pure 64bit) for quite a while. After downloading and unpacking I peeked at the binaries shipped, as the old version offered 32 bit ones which I couldn’t use on my system. So a quick check using […]
Blacklist uses reCaptcha
A small update: The delisting process for my blacklist slightly changed – it’s using reCaptcha by now to prevent some folks from having bad ideas. Further enhancements are already waiting to be implemented.