Carlo Alberto Scola

MSc Student


» categories: security

Articles by category: security

linux web notes network cisco sdn python vulnerability
29 Sep 2019

Full and Responsible disclosure, the debate.

The debate on the different vulnerability disclosure options is still running without a decisive winning answer. Cyber Security is not an option for companies but they often seem to not give it much attention.

categories: #security #vulnerability

05 Sep 2019

What is Subdomain Takeover and how to defend.

Subdomain takeover is a threat that comes down to a registration of an unused subdomain by an attacker which is then able to own a valid subdomain and launch different attacks.

categories: #web #security

25 Feb 2019

How to configure FreeRADIUS 3 with MySQL and EAP-TTLS

Today we are going to explain how to set up a FreeRADIUS server for Authentication, Authorization and Accounting (AAA) along with a MySQL database for credentials storage accessed only through encrypted TLS connections.

categories: #network #security #linux

15 Jan 2019

Enabling SSL on NGINX reverse proxy towards non-SSL apache

The goal is to enable Prestashop SSL/TLS on a NGINX reverse proxy which is acting as SSL/TLS concentrator to an internal non-SSL apache web server.

categories: #web #security

09 May 2018

TOR SSH Remote Reverse Tunnel - Raspberry Pi

How to use TOR hidden service with SSH remote tunnel. How to use hidden service as an anonymous SSH proxy. We will set a remote ssh tunnel from a raspi client towards a hidden service,...

categories: #linux #security

02 May 2018

SOCKS PROXY on Reverse SSH tunnel

How to set up a SOCKS proxy with SSH reverse tunnel. The tunnel will be ssh-encrypted and each traffic will pass through the tunnel, like in a VPN.

categories: #security #linux

13 Mar 2018

SSH Reverse Tunnel - Raspberry Pi

How to set up a persistent, always available, SSH remote tunnel (reverse SSH tunnel).

categories: #linux #security

15 Feb 2018

Configuring SSL/TLS for a domain on Apache2

How to set up SSL/TLS on Apache for securing web communication. Let's Encrypt certificate generation.

categories: #linux #web #security