Digitally signing email with S/MIME and the iPhone / iOS

You can use S/MIME certificates, also called “Digital Certificates” or “Personal Certificates”, with most email clients to digitally sign and/or encrypt email messages. In order to digitally sign or encrypt your email, you will need a digital certificate. For a run down on how to get a certificate, and also how to use it in …

Continue reading ‘Digitally signing email with S/MIME and the iPhone / iOS’ »

HTTP Strict Transport Security with Apache

HTTP Strict Transport Security (HSTS) is a web security policy which helps to protect websites against protocol downgrade attacks by allowing web servers to declare that web browsers should only connect via secure HTTPS connections. The HSTS Policy for the site is communicated by the server to the browser via a HTTPS response header field …

Continue reading ‘HTTP Strict Transport Security with Apache’ »

Digitally signing email with S/MIME and Outlook 2016

You can use S/MIME certificates, also called “Digital Certificates” or “Personal Certificates”, with most email clients to digitally sign and/or encrypt email messages. In order to digitally sign or encrypt your email, you will need a digital certificate. Get a certificate For this example, we will use the free certificate service from Comodo. Head over …

Continue reading ‘Digitally signing email with S/MIME and Outlook 2016’ »

ROCA – Return of Coppersmith’s Attack

So it is big in the news this week, ROCA, what’s the deal? I’m not going to cover this in detail yet, however here is what you need to know now: The ROCA vulnerability (tracked as CVE-2017-15361) enables computation of RSA private keys from their public certificate/key counterparts.  The flaw affects the implementation of RSA …

Continue reading ‘ROCA – Return of Coppersmith’s Attack’ »

Deny access to all .php files in a folder using htaccess

In order to further harden a folder, for example an ‘uploads’ folder as used by WordPress, it maybe appropriate to block the execution of key file types. If you have a specific folder where content can be more easily written, blocking execution of script files will help reduce the chance of an attacker executing a …

Continue reading ‘Deny access to all .php files in a folder using htaccess’ »

Samsung S6 won’t charge – Only white lighting bolt battery symbol, no charge light!

So I had a Samsung S6 that would not charge, when you plugged it in, the white lighting bolt battery symbol came on but no charge led light. I suspected the charger or cable, but that didn’t help. I fast came to the conclusion it could be the USB port. Reset Keys! I then found …

Continue reading ‘Samsung S6 won’t charge – Only white lighting bolt battery symbol, no charge light!’ »

Cisco ASA Unicast Reverse Path Forwarding Verification Was Disabled

If you have had a firewall audit, and your report states that ‘Unicast Reverse Path Forwarding Verification Was Disabled’ on your Cisco ASA then read on. “Network administrators can use Unicast Reverse Path Forwarding (Unicast RPF) to help limit the malicious traffic on an enterprise network. This security feature works by enabling a router to …

Continue reading ‘Cisco ASA Unicast Reverse Path Forwarding Verification Was Disabled’ »