Blogs

Background

OpenSSL Client is a helpful tool for carrying out diagnostics of servers using the SSL/TLS client protocols. It’s often used to evaluate SSL certificate status and negotiation. An example might be that you have configured your server to negotiate only using a strict set of ciphers and want to test and ensure that a client cannot use a more insecure cipher. The OpenSSL client has a set of basic and advanced Connected Commands. The naming is self explanatory, but these commands are used once a connection is established and allow you to interact with the server to perform requested operations. Examples include:

This is going to be a quick post. I was recently building a new Kali Linux virtual server using UTM on an M1 based MacBook Pro. Kali have a great guide on how to do this, however, the final step after Kali is installed, you remove your serial terminal device and then clear the path to the installation ISO from the USB configuration. This ensures that when your machine restarts it boots from the boot partition on the virtual disc and doesn’t launch the installation process again. The screenshot below shows the configuration that should be cleared.

Background

Security response headers are HTTP headers that can be to improved the security posture of your web application and can mitigate attacks such as Cross-Site Scripting (XSS) which forms part of injection attacks in the OWASP Top 10 (number 3 at the time of writing this post).

Although this is a personal site, it’s been a while since I completed any updates so I wanted to baseline the config and then improve the security posture. This blog is fronted by Amazon CloudFront using Amazon S3 as an origin for the static content. This gives me a an opportunity to check out how easily CloudFront can help in adding controls