Securing application server for a single user

I’m building some simple dashboard app for myself, but I want to have them on multiple devices – hence the server and front end. As I will be the only user who will access the application server, what security should I implement.

Stack: Postgres Ktor (Kotlin) server, HTTPS, only REST API Front end

I’ll run AWS Lightsail instance since I don’t need anything heavy. Postgres and application server will be there, with only ports 443 and 22 open. Front end will be on S3 with CloudFront.

I’m doing this because it’s easier for me to make a browser "app", than to make an Android app + something for desktop and keep them in sync.

I’ll be using the app from multiple networks. At home (where I don’t have a static IP, which would solve some of the problems), from mobile network, from work, when traveling to other countries, etc.

For background, I’ve been working on server for almost 3 years, Spring + Hibernate, Postgres. I have a fair knowledge of linux, hosting a server on it, some of AWS services and basic knowledge of database administration. I’ve done a bit of front end, but I’ll have to get back to that soon. I have almost no knowledge of security beyond basic JWT and SSH.

Can I use my own implementation of a widely used, supposedly secure cryptographic algorithm for securing data at rest?

I know you shouldn’t roll your own crypto and generally its not a good idea to implement (and then deploy) any extensively tested and recommended algorithms by yourself either.

I have already seen this question, and as far as I understand, the main problem with implementing things yourself is that you will probably remain vulnerable to a host of side-channel attacks.

But suppose I have already implemented AES (just for fun and as a learning experience). What if I now use that implementation for simply encrypting files locally (and then perhaps back them up on the cloud or on removable media)? Since nobody other than me would be using the implementation, most of the side channel attacks would not apply. For instance, since no attacker can request an encryption/decryption (the way it works with a server), no timing attack can be carried out. Would this scenario be sufficiently secure?

In other words would using my own implementation of AES provide security for data at rest or will using it still be a stupid idea?

Securing a Linux VPS: is it rational to be terrified?

Like so many others on the web, I’m an intermediate web developer who is starting to get into the security side of things and I’m looking to start running a VPS. For years, I’ve resisted the move to VPSs because of the security implications. There are many, many guides available on the internet and even questions on this StackExchange.

However, I’m still terrified about exposing the server by missing something (because as we all know just because somebody writes a blog post doesn’t mean they know what they’re talking about). Am I overreacting by making a mountain out of a molehill? Is hardening a VPS actually possible for a non-expert?

Securing media uploading to the cloud from reverse engineering

I own an RPG multiplayer game written in Java, where players can fight each other in the game.

Recently I planned to invent a new feature, where the last 15 seconds of your fight and the “knockout” will be saved and a gif will be created of the fight’s ending and automatically uploaded and can be linked to your account and viewed on the game’s website gallery.

Strategy I planned to use:

  1. Server sends a start-recording packet to the client to start recording the graphics buffer
  2. Client will clear the buffer and only keep the latest 15 seconds (X frames) of the current fight.
  3. When the fight ends, server sends stop-recording packet, this packet will contain a pre-signed URL generated by the server in which the client will use to upload the gif that the client will create in this step. the presigned URL will have the user’s ID encoded so that way it is linked, and a record will be created in the database aswell on the presign or on upload callback.

Might use AWS S3 as my storage.

What is the issue?

People can reverse-engineer my client, and can basically start fights and upload any gifs that they would want to, pornographic and unrelated content.

Is there a way, besides image-processing to solve this issue\?

Securing SMTP server and its logs

Looking for general mail server security best practices here.

I did some research and it’s really hard to find the information out there.

  1. How do you safe guard a smtp server log? Are there any encryption tools out there? Our reason is if the server is compromised, at least the logs are not in plaint text format for attackers to see without obtain our tool/keys.

  2. It seems like most SMTP servers out there stores recipient information in the log files, how can we ensure these information are not stored or at a minimum are scrambled. Is that possible?

Thank you and I’m still researching on the subject.

Securing an API for 3rd party users

I’m having issues finding the right language to search for answers to my problem so hopefully I can explain it here.

I am trying to create an API that will be accessed by a 3rd party. This 3rd party authenticates their users using some unknown system (they use something like auth0 or Okta). Their web application will be making requests to our API on behalf of the users. We need to validate the these requests are coming from authenticated users from the specific 3rd party, but we don’t want to keep track of the 3rd party’s users. We need these requests to have tokens containing claims pertaining to the individual user, but it would be up to the 3rd party to handle these claims.

Is what I’m describing here possible? I’ve been reading up on Federated SSO, but it doesn’t quite seem to solve the problem that we’re having.

Securing data from unwanted users

I inherited a DBA position not so long ago, and even having worked with SQL for the past 20 years it is a different ball game. Anyway, here is my pain 🙂

We need to start hiding sensitive data information . This HAS to be done at the SQL level, as we do not have access to our software sources. I was reading on the web and Data Masking seemed to be the solution, BUT we are running 2014 SQL 🙁

Data encryption does not seem to be a solution (for what I have read) What other options are out there, and keep in mind that I am a newbie at this.

Securing Client-Server Architecture with VPN or a SSL-connection?

I developed a mobile application runs on our companys’ mobile terminals. Mobile application connects to company servers via GSM network.

We had a meeting to decide how to secure communication between mobile application and server application. Our security team insists that we must install VPN application on mobile terminal, connects to our company network with VPN firstly and then our mobile application must connect to server via https.

I could not understand their insistence. I think giving VPN rigths to every mobile terminal owners are more dangerous then securing a connection with https. As I know, https connection could provide required security between client and server applications which I wrote both of them and they use https for communication. Is there any security related information that my knowledge is not enough to understand? If I am rigth , how I could show them that https is enough for security and givin VPN is more dangerous. Any other convincing information is welcome.

Securing API access. oAuth Client Credentials vs client ID and secret

I have a REST API that will be called by other external 3rd party servers over the internet and be used only for machine to machine communication. I am looking for mechanisms to secure this API such that only servers that I designate will be allowed to use this API. I do not control the servers and cannot guarantee the IP addresses that these servers use.

I thought of using the OAuth client credentials flow to secure the API by giving each external server a client id and a client secret. But that made me realize why use OAuth at all and not directly deal with client id and secret i.e. when the external servers call my API they will pass the client id and client secret and if a compromise happens I will revoke the client secret and the communication will no longer be allowed. For the communication to start again, I will issue them a new client ID and secret.

Is this approach correct? If not, what is the advantage of using the client credentials flow in OAuth if the external server has to store and pass the client id and secret to get a token anyway.