Carlo Alberto Scola
MSc Student
My Personal Blog
That’s life, you know. We never end up where you thought you wanted to be.[M.E.]
MSc Student
That’s life, you know. We never end up where you thought you wanted to be.[M.E.]
A quick walk-through the basic functions of the Autopsy framework for computer digital forensic and investigations.
categories: #security
How to setup the most simple remote backup solution for your needs. Rsync and EncFS will incrementally store only the encrypted files on your "cloud" providing complete privacy.
The debate on the different vulnerability disclosure options is still running without a decisive winning answer. Cyber Security is not an option for companies but they often seem to not give it much attention.
categories: #security #vulnerability
Subdomain takeover is a threat that comes down to a registration of an unused subdomain by an attacker which is then able to own a valid subdomain and launch different attacks.
From Network Function Virtualization to Middleboxes outsourcing to the cloud, load balancing and in-data-plane connectivity recovery. Research papers summary.
A walk-through from the beginning of SDN networks and applications, towards testing, model checking, scaling and SDN applied to Internet Exchange Point. Research papers summary.
A project experiencing Software Defined Networking and Network Function Virtualization using the popular POX controller platform in Python with OpenFlow and Click Modular Router.
Here we are going to focus on how to set up HSRP fault tolerance to provide IP routing redundancy and availability between two routers and multiple networks.
Today we are going to explain how to set up a FreeRADIUS server for Authentication, Authorization and Accounting (AAA) along with a MySQL database for credentials storage accessed only through encrypted TLS connections.
The goal is to enable Prestashop SSL/TLS on a NGINX reverse proxy which is acting as SSL/TLS concentrator to an internal non-SSL apache web server.
Hello everybody, in this post we are going to learn step by step how to setup a fully functioning network environment with the help of Graphical Network Simulator-3 (GNS3). This exercise aims to be helpful...
How to use TOR hidden service with SSH remote tunnel. How to use hidden service as an anonymous SSH proxy. We will set a remote ssh tunnel from a raspi client towards a hidden service,...
How to set up a SOCKS proxy with SSH reverse tunnel. The tunnel will be ssh-encrypted and each traffic will pass through the tunnel, like in a VPN.
SameSite cookies are only sent if the site the request originated from is in the same origin as the target site. They can be set as Strict or Lax..
categories: #notes
Summary of HTTP headers useful and fundamental for securing web pages, clients, and communication from malicious activities. HSTS, CORS, CSP, HPKP and many many others.
categories: #notes
Malicious scripts are executed by the victim's browser because the browser trusts the source of the content, even when it's not coming from where it seems to be coming from.
categories: #notes
During an XSS malicious code is placed into a victim’s page, during an XSSI victim’s code is included in a malicious page. In an XSSI the attacker wants to leak data cross-origin.
categories: #notes
How to set up a persistent, always available, SSH remote tunnel (reverse SSH tunnel).
How to set up a netdata cluster monitoring multiple servers. One dashboard, multiple server monitoring instances.
Configuring netdata on ubuntu with SSL/TLS and Apache web server.