Questions tagged [network]
Security of network infrastructure and network traffic. For questions about security of network equipment, topology, protocols, traffic, administration, and configuration. Related tags: [packet], [firewall], [network-scanners], [network-access-control].
2,891 questions
3votes
2answers
696views
Are client certificates a secure way of having publicly facing SQL database?
Quick Context: I often come across videos where people build apps using SQL database services alongside serverless functions (like AWS Lambda, Vercel, and others) without setting up a VPC to keep the ...
1vote
1answer
77views
What are the risks of allowing outgoing traffic on all ports on a webserver? [duplicate]
If I have a webserver which allows outgoing traffic on all ports. What are the risks? I understand that incoming traffic should be limited to HTTPS, HTTP and other required ports for communication. I ...
- 13
2votes
2answers
142views
What is the problem with Deserialization?
BinaryFormatter has been removed from C# due to security concerns. In the migration guide it is written: "Any deserializer, binary or text, that allows its input to carry information about the ...
- 121
2votes
0answers
48views
How to Anonymize Entry Nodes in an Encrypted Traffic System Using Threshold Cryptography?
I'm designing an encrypted traffic system where users can stay anonymous while learning more about networking and security. Anonymity is achieved through layered encryption, where traffic passes ...
- 121
1vote
0answers
77views
How can intermediary devices securely forward traffic using only session IDs in a symmetric encryption system, without risking MITM attacks? [closed]
I'm imagining a Utopian world where the internet nowadays doesn't have as much overhead as the OSI layer. In this world, network engineers never make mistakes, such as using IPv4, which has been ...
6votes
1answer
2kviews
Is there a security benefit from adding a dedicated router to a network of 1 PC?
If I have a single computer with a direct connection to the Internet (and a real external IP address from the ISP), does it make sense security-wise to put a dedicated router between the computer and ...
- 1,112
0votes
1answer
312views
Secure home network running Linux
I'm using Kubuntu 24.04. In my understanding, antivirus in Linux is not really a thing or needed, so my question is targetted specifically about firewall. For a home laptop that will run server ...
- 221
2votes
2answers
229views
How do I start servers in my home laptop but make sure all incoming connections are blocked?
I have a Kubuntu 24.04 and for development purposes I want to run servers such as Kubernetes, Docker, MySQL, Zookeper etc that open connections and listen. I do not want any sort of incoming ...
- 221
1vote
0answers
127views
Unable to Capture 4-Way Handshake Using Airodump-ng and Aireplay-ng on Ubuntu
Question: I am attempting to capture a 4-way handshake using airodump-ng and aireplay-ng on Ubuntu. I have set my Wi-Fi adapter to monitor mode and targeted the desired network. Despite running the ...
1vote
0answers
59views
How does the Noise Protocol Framework provide authenticity in overlay networks like Nebula?
In addition to my question: Is a Nebula overlay network essentially a peer-to-peer mesh network with mutual TLS?. How does the Noise Protocol Framework work exactly? Especially, how does it provide ...
- 7,657
1vote
0answers
71views
Is disabling TCP state check a significant security loss in a firewall?
We have a higly dynamic and asymetrical network topology for a specific projet using FortiGate firewalls. Because of asymetry, some communications are sometimes dropped because firewalls only see one ...
2votes
1answer
213views
Does geo blocking whole countries objectively increase security? [duplicate]
I often see whole countries being blocked using GEO-IP blocks in network firewalls and even in web application firewalls. Often with great anecdotal success in reducing the amount of registered ...
- 7,657
2votes
0answers
73views
Can exponential back-off be abused to "knock off" a station off a network?
In my Cryptography & Network Security course, my professor mentioned that you can "knock off" a station of a network by abusing the timings of the exponential off algorithm used in CSMA/...
2votes
2answers
106views
How safe is it to open a recusive DoH resolver to the internet?
I understand that open UDP DNS resolvers can be used to amplify DOS. Are there any pit falls such as this I need to be aware of before opening my resolver?
- 21
2votes
1answer
362views
More secure way than sending cookies through JSON from server to server?
In learning more about web security, I was thinking of hiding my tool for managing cookies for auth, but putting it in a backend "API" server, and having the frontend "web" server ...
