Skip to main content
Information Security

Questions tagged [attack-surface]

Ask Question

The tag has no summary.

7 questions
Newest Active Bountied Unanswered
3 votes
3 answers
1k views

Reducing the attack surface of my service using Reverse proxy (TLS secured)?

I have a RabbitMq cluster running in a private subnet with no internet access. The only way to reach it is an HAProxy (let's say tcp.my-vpc.us-east-2.amazonaws.com) which exposes 3 ports to the world: ...
Aman Singh's user avatar
Aman Singh
  • 133
1 vote
0 answers
142 views

Is there a way to limit browser extension internet access?

Most browser extensions I use are utility like tools that do something in the DOM. Like copying HTML tables to Markdown tables, accepting cookie warnings, removing ads, regex find replace et cetera. ...
Bob Ortiz's user avatar
Bob Ortiz
  • 7,715
1 vote
0 answers
162 views

Is it possible to break out of 8086 tiny from within?

We don't normally worry about old school viruses breaking out of emulators; but sometimes we worry about targeted exploit code breaking out of emulators. 8086tiny is an 8086/80186 CPU emulator. The ...
Joshua's user avatar
Joshua
  • 1,300
2 votes
2 answers
175 views

Are polyglot microservices (multiple technologies) more secure than using a single technology framework?

As a full-stack cloud-native (AWS, Azure, and GCP) polyglot (Rust, Golang, Python, and Java) microservices developer, the nagging question that I have is if the use of multiple technology frameworks ...
Nathan Aw's user avatar
Nathan Aw
  • 1,073
1 vote
1 answer
713 views

Recommendations on minimal alternatives to openssh [closed]

Although openssh is awesome, I'm interested in exploring some more lightweight FLOSS alternatives to use for connecting to servers I'm administrating (and using alone). Since I only need a minimal ...
n0542344's user avatar
n0542344
  • 131
0 votes
0 answers
124 views

Should Maintenance Informations Such As "Service Will Be Unavailable At X And Should Be Back At Y" Be Publicly Available?

Suppose you are implementing a maintenance info banner that is publicly shown on your web application, meaning that even unauthenticated/unauthorised users can access this information easily. Let's ...
Marco's user avatar
Marco
  • 1
0 votes
1 answer
175 views

How can Linux service installation page create an attack surface?

Based on one of the lectures of Planning, Auditing and Maintaining Enterprise system course by Greg Williams (Department of computer science university of Colorado): Let's say they were installing ...
R1W's user avatar
R1W
  • 1,627