■ ALERT: TLS 1.3 ENFORCED ON ALL CONNECTIONS ■ STATUS: ALL SYSTEMS NOMINAL UPTIME: 99.97% ■ NETCMD.NET COMMAND YOUR NETWORK SINCE 1996 ■ CSP: ACTIVE HSTS: ENABLED ■ LAST AUDIT: PASSED DNSSEC: ENABLED ■ ALERT: TLS 1.3 ENFORCED ON ALL CONNECTIONS ■ STATUS: ALL SYSTEMS NOMINAL UPTIME: 99.97% ■ NETCMD.NET COMMAND YOUR NETWORK SINCE 1996 ■ CSP: ACTIVE HSTS: ENABLED ■ LAST AUDIT: PASSED DNSSEC: ENABLED

// ESTABLISH CONNECTION //

NETCMD.NET

COMMAND · CONTROL · CONNECT

C:\NETCMD> ping netcmd.net -t

Pinging netcmd.net [127.0.0.1]

Reply from 127.0.0.1: bytes=32 time=1ms TTL=128

■ CONNECTION SECURE ■ TLS 1.3 ■ HSTS ACTIVE

C:\NETCMD>

■ HTTPS ONLY ■ HSTS PRELOAD ■ CSP ENFORCED ■ NO TRACKING ■ DNSSEC ACTIVE

99.97%

Uptime SLA

28YRS

Est. 1996

A+

SSL Grade

1MS

Avg Latency

// 01

SERVICES

SVC-001

Web Hosting

High-performance hosting with SSD storage, Nginx, and automatic TLS certificate management via Let's Encrypt.

NGINX // CADDY // DOCKER

SVC-002

Security Hardening

Full server hardening: UFW firewall, fail2ban, CSP headers, HSTS preload, and regular vulnerability audits.

UFW // FAIL2BAN // OWASP

SVC-003

Network Management

DNS management, DNSSEC, reverse proxy configuration, load balancing, and network diagnostics.

DNS // DNSSEC // BGP

SVC-004

Container Ops

Docker container orchestration, Compose stack management, Portainer dashboards, and automated deployments.

DOCKER // PORTAINER // DOCKGE

SVC-005

Monitoring

24/7 uptime monitoring, log aggregation, health checks, alerting, and incident response.

UPTIME // LOGS // ALERTS

SVC-006

Backup & Recovery

Automated daily backups, offsite replication, point-in-time recovery, and documented DR procedures.

DAILY // OFFSITE // RTO

// 02

SYSTEM SPECS

Parameter	Value	Status
TLS Version	1.3	■ ACTIVE
HTTP Version	HTTP/2 + HTTP/3	■ ACTIVE
HSTS Preload	max-age=31536000	■ ENABLED
CSP Policy	Strict	■ ENFORCED
X-Frame-Options	DENY	■ SET
Referrer Policy	strict-origin	■ SET
Server Header	STRIPPED	■ HIDDEN
DNSSEC	Enabled	■ SIGNED

WEB SERVERS99.97%

NETWORK CORE100%

DNS RESOLVERS98.2%

# Security audit — netcmd.net

$ nmap -sV --script ssl-enum-ciphers netcmd.net

Starting Nmap 7.94...

PORT STATE SERVICE VERSION

443/tcp open ssl/http Caddy

| ssl-enum-ciphers:

| TLSv1.3:

| ciphers: TLS_AES_256_GCM_SHA384 (A)

|_ least strength: A

$ curl -sI https://netcmd.net | grep -i hsts

strict-transport-security: max-age=31536000; includeSubDomains; preload

$ docker ps --format "table {{.Names}}\t{{.Status}}"

NAMES STATUS

caddy Up 47 days (healthy)

netcmd-nginx Up 47 days (healthy)

// 03

SECURITY

Content Security Policy

HSTS Preload

X-Frame-Options: DENY

X-Content-Type-Options

Referrer-Policy

Permissions-Policy

TLS 1.3 Only

Server Header Stripped

No Inline Scripts

UFW Firewall

Fail2Ban Active

Root SSH Disabled

DNSSEC Signed

No Version Disclosure

# OWASP ZAP baseline scan summary

[PASS] No SQL injection vectors detected

[PASS] No XSS vectors detected

[PASS] No sensitive data in HTTP headers

[PASS] HTTPS enforced — no mixed content

[PASS] CSP header present and valid

[PASS] No directory traversal paths exposed

[PASS] No hidden files served (.env, .git)

# SSL Labs — ssllabs.com/ssltest

Overall Rating: A+ | Certificate: 100 | Protocol: 100 | Key Exchange: 90 | Cipher Strength: 90

■ ALL CHECKS PASSED — SYSTEM SECURE

// INITIATE CONTACT //

READY TO CONNECT?

Establish a secure channel with the NETCMD team

■ SEND TRANSMISSION ■ VIEW DOCS