-
Archives
- May 2026
- April 2026
- November 2025
- June 2024
- September 2023
- March 2023
- August 2022
- April 2022
- September 2021
- September 2020
- March 2019
- March 2018
- June 2017
- May 2017
- November 2016
- September 2016
- July 2016
- June 2016
- May 2016
- April 2016
- March 2016
- February 2016
- January 2016
- December 2015
- November 2015
- October 2015
- September 2015
- August 2015
- July 2015
- June 2015
- April 2015
- December 2014
- October 2014
- September 2014
- May 2014
- April 2014
- March 2014
- January 2014
- November 2013
- October 2013
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
-
Meta
Tag Archives: security
Block Countries by IP on Debian Trixie with nftables and xtables-addons
Debian Trixie uses nftables as its default firewall. If you’re used to iptables, the commands still work — but they go through an iptables-nft compatibility shim that translates them to nftables rules under the hood. For country-based IP blocking, the … Continue reading
BOLA in a Laravel Livewire app: when client-side state is the only thing standing between users and admin actions
A penetration test landed an interesting finding on a Livewire-powered admin panel I work on. The summary on the report read: Broken Object-Level Authorization (BOLA). A standard user can change a tenant-wide “who can access these assets” setting by replaying … Continue reading