2021-02-05 | By Stanisław Szymański | In Security

How people hack themselves with dotgit?

In the twisted times of modern technology era it is often unsafe to assume, that you're safe. Today's topic is .git - one of the primary examples, how you can accidentaly hack yourself by an extremely simple, even trivial, overlook. We will explain, what is .git directory, how it can be used by the attacker to run away with a copy of your code, how to spot such vulnerabilities in your infrastructure, and what should be done to keep the danger away. What is .git ? .git [1] is a directory, native to Git [2] , the most popular version control system to date. Put simply, Git uses .git…

Continue reading

2020-08-26 | By Kamil Zabielski | In Security

How to secure SSH?

It is 2020, and we can say for sure, that ssh-server [1] is still one of the most popular services on Linux systems. During various meetings, I was often asked: How to secure SSH? Even though this question seems trivial, it is not. There are a lot of things to remember to accomplish well-designed service security. Secure shell is used not only for a remote-shell, per se. Many other technologies depend on it, for various reasons. I have decided to answer the above question once and forever, and maintain the freshness of this answer, so that you can always refer to this document, as an up-to…

Continue reading

2020-07-16 | By Kamil Zabielski | In Security

How to secure container image?

How to build a secure Docker image? The biggest goal of this article is to be a comprehensive guide on building and delivering secure and safe container images. Keeping that in mind, we'll try to focus on build-time, therefore we won't cover registry, orchestrator and runtime protection here. Those are so broad, that they deserve completely separate write-ups of their own. Compliance, standards and order are the key, to organized and relatively secure environment. Every organization's environment, its threats and malicious actors are different. Our intention is to present the mindset for…

Continue reading
  • 1