2 posts tagged with "Security"


This post summarizes a simple method to secure, or lock-down, SSH access using the Restricted SSH () package. The basic premise, you can create a user with a restricted shell and allow only specific protocols such as SCP or SFTP. There are many reasons to restrict SSH access or restrict SSH access to specific accounts. I used on an assessment server in one of the papers I teach. I wanted students to be able to submit an assessment using a simple bash script, that SCP transferred a single file…

This post documents a security project I have written, SecureMilkCarton - an intentionally vulnerable Java web application that runs on Apache Tomcat. Contents Introduction Project Background Project Repository Project Exercises and Answers SecureMilkCarton: Quick Start Option 1: Build Script Option 2: Docker SecureMilkCarton: Installation using Build Script Optional: Install better history Optional: Changing the default ports SecureMilkCarton: Web Server Configuration SecureMilkCarton: Project…