Home » Archive for 2024

Remove sensitive (personal) headers from postfix emails

- Posted in How To by
When I first set up my email server to handle messages for my domains, I noticed a concerning issue: the outgoing email headers included sensitive information, such as my home IP address and the [...] Read more

Set up a SSH honeypot with logging on your linux server

- Posted in How To by
Setting up a honeypot on your server can be an effective way to monitor, log, and analyze potential attacks, as well as learn about common hacking techniques. By setting up a honeypot, you can create [...] Read more

Implementing and Managing Group Policy in Active Directory

- Posted in Technology Compendium by
Introduction Group Policy, first introduced by Microsoft with Windows 2000, allows managing and configuring operating systems, applications, and users in a Windows environment. It enables [...] Read more

Containerization & Docker Explained

- Posted in Technology Compendium by
What are Containers? Containers are lightweight, standalone, executable packages that include everything required to run a piece of software: code, runtime, system tools, libraries, and settings. [...] Read more

How to fix an obsolete AD Trust

- Posted in How To by
When running a few Active Directory (AD) scans to check for any open vulnerabilities or misconfigurations, I discovered that one of our trusts was marked as not having SID filtering enabled. For [...] Read more

Hypervisors and Virtual Machines (VMs)

- Posted in Technology Compendium by
What is a VM? A Virtual Machine (VM) is a software-based emulation of a physical computer. It can run an operating system and applications just like a physical computer. However, unlike a physical [...] Read more

End-to-End Encryption Demystified

- Posted in IT Security by
End-to-End Encryption Demystified
Have you ever wondered what it truly means when your favourite instant messaging app proudly proclaims in the chat, "Messages and Calls are End-to-End Encrypted, and nobody, not even company XYZ, can read them"? Is this just marketing? If not, how exactly does this even work? [...] Read more

Two-Factor Authentication (2FA) Demystified

- Posted in IT Security by
Two-Factor Authentication (2FA) Demystified
You try to log into your favourite social media platform and enter your username and password, only to be greeted with that dreaded message: "An email has been sent to your inbox." Now, you've got to navigate to your email client, wait for the validation token to arrive, and finally get back to what you were doing. It begs the question: Why the extra hassle? Shouldn't a password be sufficient? [...] Read more

No, blurring images is not secure

- Posted in IT Security by
No, blurring images is not secure
Hands up, we've all been there. You make a quick screenshot using your tool of choice, only to realize something sensitive lurks in the background. No problem, just blur it out, right? Easy fix. If I [...] Read more