SIngle sign-on protocol is a way to authenticate the users one only time avoiding to reinsert continually username and password for accessing to other services. The process is comfortable from user point of view, secure and scalable for who will manage it. The father of all authentication protocols is the kerberos, standard de facto in ..
High availability and scalability are increasingly demanded requirements for modern applications that can be implemented by a software cluster. The service availability is guaranteed even if one node of the cluster crashs for software or hardware issue. There are different type of cluster depending on the layer where it’s provides its functionality. The goal of this ..
In this article I will show how to integrate apache web server with active directory for having a single sign on authentication to allow a windows user to login to a web gui. The web server is running in a linux system in join with a freeipa domain trusted with a active directory domain. The authentication and ..
This article has the goal to improve the awareness about the risks of a pivot attack where the target system is exploited through another compromised system. The classic defense against these type of attacks based on the company’s perimeter is obsolete and it requires new solutions and approaches. The systems are compromised generally by phishing attack forcing the ..
This article aims to raise awareness of system administrator about the cross domain attack and to provide suggestions about how to reduce the exposure to them. The need arises from the awareness that the one of most vector used by hacker for its malicious purposes is to invite to visit a infected site containing java script that attempts ..
This article describes how to configure pacemaker software (an open source high availability cluster) for designing a NFS service in high availability using drbd for mirroring the volume data. The cluster is configured in Active/Standby way on two Centos 7.3 nodes. The reference architecture is the following: The resources software are configured in active standby. The ..
This page contains all security vulnerabilities, updates and bulletins of 2017. 2017 Security Vulnerability Bulletins Adobe Releases Security Updatess 17/10/2017 Adobe Releases Security Updatess 16/10/2017 CERT/CC Reports WPA2 Vulnerabilities 04/10/2017 CERT/CC Reports WPA2 Vulnerabilities 04/10/2017 Apache Releases Security Updates for Apache Tomcat 04/10/2017 Apple Releases Security Update for iOS 03/10/2017 Tragic-Event-Related Scams 03/10/2017 National Cybersecurity Awareness ..
WordPress is the content management system most used for creating web sites. It’s a php web application based with MySql database hosted under apache or nginx. The web site is stored in the mysql database; the images and other files like java scripts are stored in the file system. The php is the logical part that returns ..
WordPress is a free content management system used for hosting web sites. The web application written in php can running under apache or nginx. Whatever the solution adopted, it’s necessary to have a reverse proxy for better managing the web site and for performing SSL termination. In this article a solution with nginx as reverse proxy ..
KVM is a virtualization solution for linux largely used in enterprise environment. It’s permits to define overlay networks scalable over public network by open virtual switch. Layer 2 networks encapsulated over udp packet, by VXLAN or GRE tunnel, enable an use efficient and versatile of network infrastructure. Docker is a open platform that permits to run applications ..