Disable Weak Cipher Suites in Servers

Most of the servers support the use of SSL ciphers that offer medium strengthencryption, which we currently regard as those with key lengths at least 56bits. This is considerably easier to exploit if the attacker is on the samephysical network. Some of the such weak cipher suits are: DES-CBC(56) DES-CBC(40) RC4(40) RC2(40)...

Read More

Configure Network Level Authentication for Remote Desktop Services Connections

Network Level Authentication completes user authentication before you establish a remote desktop connection and the logon screen appears. This is a more secure authentication method that can help protect the remote computer from malicious users and malicious software. Further this can help provide...

Read More

Disable HTTP TRACE / TRACK Methods

This is the most frequent vulnerability which scanners will complain about TRACE method being enabled on the web server tested. When the debuging function is enabled on web servers. TRACE and TRACK methods can be executed. Normally you will have this enabled by default, but if you want to test if it...

Read More

Disable/Remove HP System Management Homepage

When the installed version of the HP System Management Homepage (SMH) is earlier than 7.0, such systems are reportedly affected by multiple critical security vulnerabilities. Two possible option to resolve the above vulnerability: Upgrade to HP System Management Homepage to latest stable version Disable/Remove...

Read More

Set of usefull filters with wireshark

I believe all the listed filters in the below will be usefull for everyone, as it did for me. These are mainly about short listing the number of packets to be looked at during a session of analyzing a packet capture file. Filter out a given source ip range !(ip.src >= 175.157.7.0 && ip.src...

Read More