Questions tagged [network]
Security of network infrastructure and network traffic. For questions about security of network equipment, topology, protocols, traffic, administration, and configuration. Related tags: [packet], [firewall], [network-scanners], [network-access-control].
2,905 questions
0 votes
1 answer
98 views
What is the best way to authenticate and encrypt a simple, end-user started, ephemeral tcp server?
Context I have a GUI application with a proprietary scripting language. There is a library that starts a python child process from the GUI which listens on a tcp socket and runs any script command ...
- 101
0 votes
0 answers
79 views
Does my ISP see what operating system I’m using when I use my own router and a VPN? [duplicate]
I’m using Qubes OS on my computer and I want to hide this fact from my ISP. My default template is Fedora(sys-net, sys-usb, sys-firewall are Fedora operating system). I’m using my own router (not the ...
1 vote
0 answers
49 views
Eduroam certificate - is it safe? [duplicate]
I am trying to use wifi at the university and the only option is to use eduroam. When connecting to eduroam it requires trusting a certificate first. I wonder, how safe is trusting this certificate ...
- 11
2 votes
2 answers
230 views
How to prevent javascript in a single webapp from communicating with outside servers
I want to use certain javascript webapp running in browser and be certain it doesnt send data outside. I self host this webapp on my own server and connect to it via my PC browser. So I can edit ...
- 23
0 votes
1 answer
194 views
How secure is a network HSM connection with TLS disabled, relying only on IP ACLs and PKCS#11 slot PINs?
If TLS is disabled on a network-attached Hardware Security Module (HSM), but the device still enforces: IP-based access control (only whitelisted client IPs can connect), and PKCS#11 slot PIN ...
- 101
0 votes
0 answers
68 views
How do websites ensure security of the data transferred when the connection goes through third parties? [duplicate]
Disclaimer:- I am not a cybersecurity or computer science student. I am just curious about this scenario and couldn't find/understand how the methods used ensure the safety of the connection are ...
1 vote
1 answer
186 views
De-anonymization of VPN use through broken killswitch?
This answer to a question about how to make a killswitch for use with a VPN states "don't simply whitelist port 1194 or you will allow trivial deanonymization" and this answer to a similar ...
- 111
2 votes
0 answers
54 views
How do you track vulnerabilities from non-CNA vendors and third-party components?
I'm working on evaluating the security posture of embedded devices, and I’ve run into a challenge when dealing with vendors who are not CNAs — especially those that rely on third-party components. For ...
1 vote
0 answers
60 views
ettercap-text-only ARP Poisoning Works in Docker Environment with three containers but No Packets Are Sniffed
I'm working on a protected Docker based lab with three containers for education purpose to run network tools like Ettercap to perform a MITM. Here's a snippet from my Dockerfile for the attacker ...
- 11
2 votes
2 answers
154 views
Block access to device except USB
We would like to sell a device (Raspberry Pi) to our customers that does process customer data. The device contains sensitive data and software to which the customer should not have access. The ...
- 21
5 votes
2 answers
1k views
Is it a security risk to share a NAT gateway across multiple cloud tenants?
If a NAT gateway hosted in cloud is used by multiple tenant nodes to send data across the internet, is there any significant security risk and is it considered and insecure design? Only security risks ...
- 51
0 votes
1 answer
130 views
Why do we use TLS if we already have IPsec, and visa versa? [duplicate]
I couldn't understand why IPsec was used when the application data we were going to send was already encrypted by TLS. Or, if at the end of the day, all the data we send is encrypted at the bottom ...
- 9
0 votes
1 answer
158 views
Block all HTTP/80 traffic? [closed]
We are starting an initiative to remove all unsecure protocols. Logically, we would also need to block HTTP / Port 80. And this is where we cannot agree: Some say blocking http/80 is a bad idea. port ...
- 195
1 vote
1 answer
756 views
How do I deauth a client on 5Ghz?
Setup Details: Access Point Security: WPA2 PMF: Not enabled on the client Channel: Non-DMF (Channel 40) Channel Width: 20 MHz Network mode: 802.11 B/G/N MDK4 version: 4.2 Aireplay-ng version: 1.7 ...
- 11
3 votes
2 answers
780 views
Are client certificates a secure way of having publicly facing SQL database?
Quick Context: I often come across videos where people build apps using SQL database services alongside serverless functions (like AWS Lambda, Vercel, and others) without setting up a VPC to keep the ...