HackerTrans
TopNewTrendsCommentsPastAskShowJobs

mchenier

no profile record

comments

mchenier
·10 maanden geleden·discuss
Don’t fix it if it ain’t broken!
mchenier
·vorig jaar·discuss
One way to avoid this problem and considerably reduce the attack surface is to: 1- Create a dummy Onedrive account. 2- Share a folder on your main Onedrive to the dummy account. 3- In the dummy account, maps the shared link to a folder for easier access as if it was a normal folder. (May not be required for some apps). 4- Only lets third party apps access the dummy Onedrive account with its single folder.

This doesn’t give access to your main Onedrive account to any apps, just the files and folders under the shared folder you have shared with the dummy account.
mchenier
·2 jaar geleden·discuss
Port knocking may be a first line defense here with a port scan attack detector to ban IPs that try to find such ports. See Linux knockd and psad for references. This obscurity doesn’t protect again man-in-the-middle but at least protects from unwanted and opportunistic guests. It also gives more time to indirectly protect from 0-day on sshd (aka the fiasco that could have been the xz incident).