The Practical Linux Handbook: A Beginner’s Guide to Mastering Everyday Tasks
InfoSec servicesĀ |Ā InfoSec booksĀ |Ā Follow our blogĀ |Ā DISC llc is listed on The vCISO DirectoryĀ |Ā ISO 27k Chat bot
Jul 25 2024
Jan 22 2023
Recent Windows 11 Insider buildsĀ includeĀ support for ReFS, the Resilient File System. The file system is currently only available in Windows server operating systems, but not in client systems.
Resilient File System is designed to “maximize data availability, scale efficiently to large data sets across diverse workloads, and provide data integrity with resiliency to corruption”Ā accordingĀ to Microsoft.
NTFS, the New Technology File System, is the default file system on client versions of Microsoft’s Windows operating system. It is a proprietary file system introduced in Windows NT 3.1 and also supported on Linux and BSD.
ReFS and NTFS support a wide range of features, but there are major differences between the two file systems as well.
The Resilient File System, for example, supports file and volume sizes of up to 35 petabytes. NTFS, on the other hand, supports a maximum of 256 terabytes. A petabyte equals 1024 terabytes. While most home systems are very far away from reaching these file and volume sizes, it is clear that the 256 terabyte limit will be reached eventually.
ReFS supports the following features exclusively (compared to NTFS):
ReFS lacks support for several important features that NTFS supports. Major features that are missing include file system compression and encryption support, support for disk quotas and removable media, or booting.
ReFS support adds a new option to the Windows 11 operating system. It is possible that the file system will only be supported in Enterprise, Education and Workstation editions of Windows 11. On the other hand, a Pro version of Windows 11 was used by the Twitter user who revealed the support information.
Another aspect that needs to be considered is that there is no direct NTFS to ReFS conversion; this makes it very likely that ReFS can only be selected during initial setup of the operating system, but not while it is running.
Windows 11 administrators may enable ReFS on Windows 11 Insider builds using ViVeTool and the ID42189933. It is recommended to create a full system backup before attempting to install Windows 11 on ReFS.
Dec 07 2021
Letās try to understand what CRLF injection is. In response to an HTTP request from a web browser, a web server sends a response, which contains both the HTTP headers and the actual content of the website. There is a special combination of characters that separates the HTTP headers from the HTML response (the website content), namely a carriage return followed by a line feed.
When a header ends with a CRLF, a new header is created on the server. So, a web application or a user will know when a new line begins in a file or text block.
An attacker can inject information into HTTP responses by using the CRLF characters that separate HTTP responses. As long as the header and body end in *CRLF>*CRLF>, the browser will understand that the header ends. Consequently, they have the option to store data in the body of the answer, where HTML is stored.
If an attacker enters the ASCII code for carriage return (%0d) and line feed (%0a) in a HTTPS header, they could identify them easily. The result would look like this:
https://xyz.com/index.php?page=home%0d%0a
Table of Contents
Aug 13 2021
Google has open-sourced the Allstar tool that can be used to secure GitHub projects by enforcing a set of security policies to prevent misconfiguration.
āAllstar is a GitHub App installed on organizations or repositories to set and enforce security policies. Its goal is to be able to continuously monitor and detect any GitHub setting or repository file contents that may be risky or do not follow security best practices.ā reads theĀ project description. āIf Allstar finds a repository to be out of compliance, it will take an action such as create an issue or restore security settings.ā
Open Source Intelligence Techniques: Resources for Searching and Analyzing Online Information
May 31 2019
Apr 05 2019
To make sure a deleted file can’t be recovered, you’ll need to use a third-party shredding tool. Here’s a look at three such free programs: Eraser, File Shredder, and Freeraser.
Source: How to completely and securely delete files in Windows