• Home

  • Custom Ecommerce
  • Application Development
  • Database Consulting
  • Cloud Hosting
  • Systems Integration
  • Legacy Business Systems
  • Security & Compliance
  • GIS

  • Expertise

  • About Us
  • Our Team
  • Clients
  • Careers

  • Blog

  • EpiTrax

  • VisionPort

  • Contact
  • Our Blog

    Ongoing observations by End Point Dev people

    Blog posts tagged ‘security’

    Vulnerability Scanning

    Jeremy Freeman · September 15, 2022

    Implementing Authentication in ASP.NET Core Web APIs

    Kevin Campusano · June 17, 2022

    Using pgTAP to automate database testing

    Josh Tolley · March 16, 2022

    Using a YubiKey as authentication for an encrypted disk

    Zed Jensen · March 7, 2022

    Fixing a PostgreSQL cluster that has no superuser

    Jon Jensen · January 7, 2022

    Remote Access Control with AWS Security Groups

    Ardyn Majere · December 23, 2021

    Generating TOTP QR codes as Unicode text from the command line

    Bharathi Ponnusamy · October 28, 2021

    Lock down your security with GPG on a YubiKey

    Ardyn Majere · September 10, 2021

    Media erasure in the time of SSD

    Ardyn Majere · December 10, 2020

    A great gift for the holidays: No ads!

    Ardyn Majere · December 3, 2020

    Testing to defend against nginx add_header surprises

    Jon Jensen · May 29, 2020

    Consolidating Multiple SFTP Accounts Into One Master Account

    Selvakumar Arumugam · March 16, 2020

    Cooking with CAS

    Josh Tolley · March 10, 2020

    End Point Security Tips: Securing your Infrastructure

    Charles Chang · February 5, 2020

    SCAM ALERT: EndPoint Petroleum Corporation, P&Z Petroleum

    Benjamin Goldstein · June 22, 2019

    OWASP Top Ten Application Security Risks

    Marco Pessotto · February 27, 2019

    Where are you with your Windows OS in 2019?

    Dan Briones · February 12, 2019

    Instant TLS Upgrades Through Proxy Magic!

    David Christensen · June 14, 2018

    Mobile Device and Application Management (MAM vs. MDM)

    Joe Marrero · December 20, 2017

    Symantec Certificate Distrust (CertQuake)

    Josh Lavin · December 15, 2017

    HGCI Summit Conference 2017, Malaysia: A conference on cloud, security and big data

    Muhammad Najmi bin Ahmad Zabidi · December 12, 2017

    From Zero to HTTPS in an afternoon

    Matt Vollrath · November 20, 2017

    Web Security Services Roundup

    Phineas Jensen · September 19, 2017

    The mystery of the disappearing SSH key

    Greg Sabino Mullane · April 13, 2017

    SELINUX=disabled? Read this and think twice!

    Emanuele “Lele” Calò · April 10, 2017

    Free Encryption for All, In Our Time

    Lee Azzarello · June 27, 2016

    A Beginner’s Guide to PCI DSS Compliance and TLS Versions

    Elizabeth Garrett Christensen · March 29, 2016

    Bonked By Basic_auth Because Bcrypt

    Greg Sabino Mullane · February 9, 2016

    E-commerce website encryption changes

    Jon Jensen · July 24, 2015

    Protect Interchange Passwords with Bcrypt

    Mark Johnson · April 28, 2015

    One-time password SSH solutions

    Greg Sabino Mullane · February 2, 2015

    SSH one-time passwords (otpw) on chromebook

    Greg Sabino Mullane · January 21, 2015

    Can we Server Name Indicate yet?

    Josh Williams · November 13, 2014

    OpenSSL CSR with Alternative Names one-line

    Emanuele “Lele” Calò · October 30, 2014

    Interchange 5.8.2 Release with Bcrypt Encryption Support

    Mark Johnson · July 9, 2014

    Spree Security Update 2.x.x Error, undefined method ‘assume_from_symbol’ for Money:Class (ActionView::Template::Error)

    Matt Galvin · April 23, 2014

    Restrict IMAP account access to one (or more) IP address

    Emanuele “Lele” Calò · March 13, 2014

    Java Web app error: “Your security settings have blocked a self-signed application from running”

    Emanuele “Lele” Calò · February 13, 2014

    IPTables: All quotes are not created equal

    Richard Templet · January 7, 2014

    SELinux fix for sudo PAM audit_log_acct_message() failed

    Jon Jensen · November 20, 2013

    SSL Certificate SANs and Multi-level Wildcards

    Cas Rusnov · October 29, 2013

    GnuPG: list all recipients of a message

    Jon Jensen · May 24, 2013

    How to Apply a Rails Security Patch

    Brian Buchalter · January 29, 2013

    Evading Anti-Virus Detection with Metasploit

    Brian Buchalter · January 28, 2013

    Create a key pair using SSH on Windows

    Bianca Rodrigues · January 24, 2013

    Use Metasploit to Verify Rails is Secured from CVE-2013-0156

    Brian Buchalter · January 10, 2013

    Redirect from HTTP to HTTPS before basic auth

    Ron Phipps · December 22, 2012

    Setting user ownership of nginx and Passenger processes

    Brian Buchalter · October 2, 2012

    Defense in Depth

    Zed Jensen · September 28, 2012

    Interchange Caching Implementation Under Fire

    Adam Vollrath · June 15, 2012

    Security review with Kiel: Time to be paranoid.

    Josh Williams · June 14, 2012

    You shall not pass! Preventing SQL injection

    Marina Lohova · June 14, 2012

    Detecting Postgres SQL Injection

    Greg Sabino Mullane · June 10, 2012

    UTOSC 2012 talks of interest

    Jon Jensen · May 18, 2012

    Vim — working with encryption

    Terry Grant · May 16, 2012

    SELinux Local Policy Modules

    Jon Jensen · May 11, 2012

    PHP Vulnerabilities and Logging

    Steph Skardal · March 13, 2012

    Protecting and auditing your secure PostgreSQL data

    Greg Sabino Mullane · January 30, 2012

    Linux unshare -m for per-process private filesystem mount points

    Jon Jensen · January 27, 2012

    Book Recommendation: Ghost in the Wires

    Steph Skardal · November 29, 2011

    OpenSSH known_hosts oddity

    Jon Jensen · September 12, 2011

    RHEL 5 SELinux initscripts problem

    Jon Jensen · April 22, 2011

    Google 2-factor authentication

    Jon Jensen · March 14, 2011

    Utah Open Source Conference 2010 part 1

    Jon Jensen · November 12, 2010

    Red Hat SELinux policy for mod_wsgi

    Adam Vollrath · October 13, 2010

    Finding the PostgreSQL version — without logging in!

    Greg Sabino Mullane · May 17, 2010

    SSHFS and ServerAliveInterval

    Ethan Rowe · January 7, 2010

    Verifying Postgres tarballs with PGP

    Greg Sabino Mullane · December 21, 2009

    Multiple links to files in /etc

    Jon Jensen · December 11, 2009

    Cisco PIX mangled packets and iptables state tracking

    Jon Jensen · December 4, 2009

    Port knocking with knockd

    Greg Sabino Mullane · November 16, 2009

    Permission denied for postgresql.conf

    Greg Sabino Mullane · September 21, 2009

    Rejecting SSLv2 politely or brusquely

    Jon Jensen · September 2, 2009

    SDCH: Shared Dictionary Compression over HTTP

    Jon Jensen · July 27, 2009

    TrueCrypt whole-disk encryption for Windows

    Jon Jensen · December 13, 2008

    Small changes can lead to significant improvements

    Steve McIntosh · September 5, 2008

    Subversion or CVS metadata exposure

    Jon Jensen · August 20, 2008