I recently created a virtualbox virtual machine of Ubuntu 18.04 and installed Anydesk remote desktop app in it. An IT guy accessed my computers desktop via Anydesk app, but he is actually inside the Ubuntu Virtual Machine on Virtualbox. I don’t even mentioned anything about Virtualbox, but after asking me my laptop model and brand, in less than one minute he asked me “Are you using Virtualbox VM?”. I startled, he even mentioned which virtualization software I am using( virtual box) even there is VMWARE, Parallel, Nutanix and manymore. My host machine is Linux Mint. Can anyone explain how our IT guy managed to know that I am running Ubuntu 18.04 inside virtualbox as a Virtual Machine.
My company’s AWS security inbound rules are set such that IP’s from within company networks can SSH into AWS Resources. However, I want to work from home and be able to SSH into AWS EC2 instances (and also login to RDS instances).
One way is to of course add my home wifi’s IP into Inbound Rules of AWS security group of the instance I want to SSH into. However, my manager for some reason don’t like that. (I wonder why is that).
So, the other way is to connect to my company’s network using VPN. I don’t understand after that, how to connect to AWS EC2 or AWS RDS. Please help.
The Project Image spell allows the caster to control an illusion of themselves from a significant distance away. They can see and hear through the eyes and ears of the illusion. The illusion can gesture and speak.
Can the caster cast spells (without material components) originating from the illusion? (through gesturing and speaking with the illusion)
Mislead has a similar effect, so the answer will likely apply to that as well.
I’m aware you can forward connection from a proxy server like this:
ssh -R 8080:localhost:80 public.example.com
But I’m curious if it’s possible to forward from a free proxy such as:
Seems unlikely to use the ssh option because I wouldn’t have access to the server. If so what would be a practical way?
Suppose that I know my server’s FQDN hostname is
bobserver and the server is connected to Internet.
Is it possible for the outside world to find my server’s IP address by knowing only the hostname? If so, how?
Imagine I had a virtual file system that I am using to store some data (similar to an FTP). I am trying to figure out a scheme where I can implement encryption at rest for the files local to the file server, but at the same time not reveal a key that could compromise the encrypted data at rest. The user retrieving the files should be (mostly) unaware of any encryption so long as they access the files through a given interface (website or something).
This is sort of a thought experiment on how various encrypted cloud storage providers do this. I’d imagine the simplest possible way is to encrypt the files locally on the server, leave the key on the server, and through an HTTP header the user can provide the password. This can be secured using any sort of standard issue in-transit password security scheme and HTTPS, but my fear would be leaving the key unattended on the server. A would-be attacker could gain access to the key and file system and be able to perform an offline attack on it. This sort of begs the question as to how to secure the key on the local system such that this kind of attack would be more difficult.
It seems impractical to have the user send the key to the server, mostly because they would have to send the password along side it anyway which opens up a potential MITM where the attacker can get both the key and password in one go.
I’ve also thought about various 3-fold encryption schemes but for a file server I don’t believe the idea would work well. Using the classic example of Alice writing a message to Bob, putting a lock on it, Bob receives the message and puts his lock on it and sends it back to Alice, and Alice takes her lock off and sends it back to Bob would not only cause significant overhead, it would defeat the purpose of having the file system itself encrypted at rest and you’d be better off just sending encrypted files back and forth on a normal FTP-type system.
Is there any documentation or papers on how one of these systems could possibly be set up? The key-on-server-send-password method I described above seems ok and I am almost certain there are insecurities in the implementation that would render it useless.
Does anyone know similar 3rd party Two factor authentication provider which uses OTP codes like SecureMFA_RDS_OTP ( https://www.securemfa.com/downloads/mfa-rds-otp) for Microsoft Remote Desktop Gateway Service but can do MFA with client certificates ?
The idea is the following:
I have a port open (P) on a remote machine (R) with a service application running which is listening on (P). I would like to connect from a client machine to the service application on the remote machine.
I leave the port open so I can connect directly from my client via the ip and the port to the service application on the remote machine.
I restrict the service application via firewall to localhost and forward (P) with an ssh tunnel to my client machine.
My own conclusion:
If I open the port of the service application across the internet, then I have to trust that it cannot be exploited for remote code execution on (R).
If I use an ssh tunnel, then I only have to trust that the listening ssh port cannot be exploited. The number of open ports is reduced and hence the attack surface (from my point of view). I would still be vulnerable if my client machine was compromised, but I’m accepting that risk anyway when using ssh.
So my question is, is my conclusion correct? Is it more secure to use an ssh tunnel and forward a port instead of exposing that port directly?
Sorry if this is a dumb question, but I am not very educated when it comes to security.
I was wondering if a website I am visiting can detect whether or not the computer that is being used is being operated remotely.
I have two desktops. I use Desktop 1 to remotely operate Desktop 2 through windows’ Remote Desktop Connection. Through this connection, I visit a website on Desktop 2. Would it be possible for the website to detect the fact that Desktop 2 is being remotely operated? (Not detect Desktop 1, but just detect remote operation in general).
On a Juniper Firewall, the command
show security pki local-certificate will give all sorts of detail for a local certificate. (The sort of certificate you would use to stand up an IKE connection)
My question is, is there an equivalent command for the certificate being used by the remote peer to validate themselves?
Or, is the remote peer’s certificate also considered by Juniper to be a ‘local certificate’, even though it’s for the remote peer?
I can see that there is a command ‘show security ike active-peer’ that can be used to get the security associate details.
And that there’s a command
show security ipsec security-associations that gives a lot of details, but not, it appears, the details of the remote certificate (I don’t have access to enough equipment to check for myself, I’m afraid)
The page IKE Policy for Digital Certificates on an ES PIC suggests that it’s possible to assign a name to the remote certificate.
To define the remote certificate name, include the identity statement at the [edit security ike policy ike-peer-address] hierarchy level:
[edit security ike policy ike-peer-address]
It’s not clear to me if that name can then be used in the same way that the name of a locally stored certificate can be.
Juniper’s introduction to PKI does talk about a “Remote server local certificate”, which suggests that maybe for some purposes, local doesn’t strictly mean local but also includes “remote local certificates”. (Odd concept.)