Problem Description:
When running OpenVPN in an LXC environment, users may encounter a specific error that prevents the OpenVPN service from operating correctly. The error manifests as follows:
Jan 08 00:56:47 fw openvpn[404]: openvpn_execve: unable to fork: Resource temporarily unavailable (errno=11)
Jan 08 00:56:47 fw openvpn[404]: Exiting due to fatal error
Jan 08 00:56:47 fw systemd[1]: openvpn-client@yourvpn.service: Main process exited, code=exited, status=1/FAILURE
There are many discussions about to use or not a password manager. However, most experts agree that you must use a strong password in every system/service (+2fa, but we are not going to elaborate about it today).
So to create a strong password, you need:
Continue reading The Clipboard and Password ManagersMost security assessments only includes CVE’s and known vulnerabilities but many fail to address the true potential security risks. And this will create a big problem for your organization.
The problem starts because most organizations only wants to have a security analysis based on know-existent vulnerabilities, like a “tell me what KB to patch”, but this approach is not good and fails to protect you in two ways:
Continue reading Security Risk Without a CVEWhen you do a security assessment, you need to elaborate some recommendations to mitigate the potential risks. This is one of the most difficult parts, because bad assumptions can easily lead to false sense of security and overspending…
Continue reading Mitigating Security RisksKubuntu and mostly ubuntu installations comes with a very basic installer, and does not allow you to personalize the encryption, by example, if you have windows and linux together in the same hard drive, the installation won’t allow you to dual boot it, it will force you to use the whole disk, removing the existing windows partition.
Continue reading Installing K-Ubuntu 16.04 with LVM+LUKS Full Encryption
Many organizations fail to hire an ideal pentester, maybe because there are not enough candidates, maybe because they are too expensive, and they end up looking for the following alternatives:
In a recent article, John McAfee described computer forensic as a fallacy, and it’s true… here is why…
Continue reading Forensics and Nation State Cyber Threat Actors
Unfortunately, TLS has been plagued by several vulnerabilities in recent years, making every HTTPS connection potentially unsafe.
In this article I’ll show you how to get the Grade A+ on SSLLabs (https://www.ssllabs.com/) through the appropriate use of GnuTLS Priorities.
I’ve always used Fedora, basically since it was RedHat 7.0 … However, from that time until now, it has changed a lot.
Since several years, we have faced a “transparency campaign” on cryptography. That means that the cipher announces itself as an “encrypted container”. This suppose a serious risk by exposing you to a rubber-hose attack.
LUKS (Linux Unified Key Setup) which is used by common Linux distributions is not the exception. But there is a hope to provide some kind of privacy.
Continue reading LUKS: Plausible deniability on crypto containers