ISSCloud - Information Systems Solutions

isscloud

macOS security and com.apple.quarantine extended attribute

macos com apple quarantine

Apple offers one of the most advanced operating systems out there: macOS. With security and privacy in its core, it comes with a number of system protection services such as Gatekeeper runtime protection, the built-in System Integrity Protection (SIP), and others. While Apple Software, Apple installers and apps from the App Store are already cleared […]

Upgrade RAID1 to RAID5 without losing data

it professional replacing hard disk in san at data

Initial considerations It is possible to upgrade RAID1 to RAID5 without losing data, but as any operation that involves stored data it is dangerous and may result in dataloss if not performed correctly, so be warned. Please be aware that this operation requires a Disk ARRAY of N-disk where N ≥ 3. The process to […]

Using OpenSSL to verify SSL/TLS connections

openssl

OpenSSL is a general-purpose cryptography library and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It’s licensed under the Apache License 2.0, meaning that you are free to get and use it for both commercial and non-commercial purposes, subject to a few simple license conditions. Using OpenSSL to check […]

PHP-FPM settings for best performance

php-fpm settings

A recurring question we get from customers is how to fine tune PHP-FPM settings. The official PHP documentation kind of lacks recommendations in this regard. So we’ve made this article explaining how you can calculate the optimal PHP-FPM settings for your server. PHP-FPM is an acronym for PHP FastCGI Process Manager, one of the most […]

Install docker & docker-compose on Oracle Linux

docker

By default on the new Enterprise Linux distributions, docker engine has been replaced by podman, a docker compliant engine. In order to install docker and docker-compose, you can follow this simple tutorial. Install Docker Engine To install docker engine we’ll add first the docker repository: And now we can proceed to install docker: And we […]

How to mount a VHD disk image file

qemu

Sometimes you may need to mount a VHD disk image file in order to inspect its contents or even recover specific files. On Linux you can use the QEMU Disk Network Block Device Server utility – qemu-nbd – to access disk images in different formats as if they were block devices. First, you may want […]

How To Create a SSH Key

ssh key

In this tutorial we will explain how you create a SSH Key pair and how to use this key to authenticate on remote devices. SSH, that stands for Secure Shell, is a network protocol used to establish an encrypted connection between two devices. The SSH protocol supports either the use of a username and password […]

Microsoft blocks Windows Defender ability following major security concerns

windows defender

Microsoft has blocked the ability to download files using Windows Defender after it was shown how easily it could be used by attackers to install malware onto a computer.  Earlier this year, for reasons yet unclear, Microsoft discreetly added the ability to download files using Windows Defender. When this was publicly recognized, there was grave concern from […]

Windows 10 themes can be abused to steal passwords

windows theme bugs

Security researcher Jimmy Bayne (@bohops) has revealed that specially crafted Windows themes can be used to perform Pass-the-Hash attacks and steal passwords. Pass-the-Hash attacks are used to steal Windows login names and password hashes by tricking the user into accessing a remote SMB share that requires authentication. A theme’s settings are saved under the %AppData%\Microsoft\Windows\Themes folder as a […]

Web security is improving, but so much more to be done

web security

A much-anticipated report from Rapid7, a cybersecurity company based in Boston USA, revealed “frankly shocking” news concerning the current global state of security on the Internet in the wake of the Covid-19 pandemic.  According to the massive cross-industry study, completed in the summer of 2020, the findings revealed that despite enormous security problems from the […]