Problem Description:
When running OpenVPN in an LXC environment, users may encounter a specific error that prevents the OpenVPN service from operating correctly. The error manifests as follows:
Jan 08 00:56:47 fw openvpn[404]: openvpn_execve: unable to fork: Resource temporarily unavailable (errno=11)
Jan 08 00:56:47 fw openvpn[404]: Exiting due to fatal error
Jan 08 00:56:47 fw systemd[1]: openvpn-client@yourvpn.service: Main process exited, code=exited, status=1/FAILURE
When you do a security assessment, you need to elaborate some recommendations to mitigate the potential risks. This is one of the most difficult parts, because bad assumptions can easily lead to false sense of security and overspending…
Continue reading Mitigating Security RisksUnfortunately, TLS has been plagued by several vulnerabilities in recent years, making every HTTPS connection potentially unsafe.
In this article I’ll show you how to get the Grade A+ on SSLLabs (https://www.ssllabs.com/) through the appropriate use of GnuTLS Priorities.
I’ve always used Fedora, basically since it was RedHat 7.0 … However, from that time until now, it has changed a lot.
Penetration testing and vulnerability assesment is a practice that every day becomes more important to our businesses. Today we need to make security stress tests in order to discover potential vulnerabilities that may exist in our systems.
In the past few years Diffie-Hellman has become unsupported in the main internet websites, do you know the implications?
But this is not the only thing happening, many reputable websites, including banks, social networks and search engines have chosen to continue to support for TLSv1.0 and SSLv2 “for compatibility reasons”
Some network administrators dont know how to handle and correctly install network monitoring applications, IDS and other products who requires network traffic inspection, there is no knowledgment about how span port where designed and it limitations for full-duplex networks.
When the network are in full-duplex mode, the span port have a natural loss of packets that not vary across the hardware.
Continue reading SPAN Port / Mirroring Monitoring