Apache Partial HTTP Request Denial of Service Vulnerability - Zero Day. SSL Certificate - Subject Common Name Does Not Match Server FQDN

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Apache Partial HTTP Request Denial of Service Vulnerability - Zero Day. SSL Certificate - Subject Common Name Does Not Match Server FQDN"

Transcription

1 Vulnerability Scan 06 October 2014 at 16:21 URL : Summary: 34 vulnerabilities found Cookie Does Not Contain The "HTTPOnly" Attribute Cookie Does Not Contain The "secure" Attribute Cookie Does Not Contain The "secure" Attribute Cookie Does Not Contain The "HTTPOnly" Attribute SSL Server Allows Anonymous Authentication Vulnerability Web Server Stopped Responding POP3 Server Allows Plain Text Authentication Vulnerability Mail Server Accepts Plaintext Credentials Discovery of Unix Account Names Vulnerability Discovery of Unix Account Names Vulnerability Mail Server Accepts Plaintext Credentials Web Server Stopped Responding SSLv3.0/TLSv1.0 Protocol Weak CBC Mode Vulnerability Apache Partial HTTP Request Denial of Service Vulnerability - Zero Day SSL Certificate - Subject Common Name Does Not Match Server FQDN SSL Certificate - Signature Verification Failed Vulnerability SSL Certificate - Subject Common Name Does Not Match Server FQDN SSL Certificate - Improper Usage Vulnerability SSL Certificate - Subject Common Name Does Not Match Server FQDN 1/71

2 SSL Certificate - Subject Common Name Does Not Match Server FQDN SSL Certificate - Subject Common Name Does Not Match Server FQDN SSL Certificate - Subject Common Name Does Not Match Server FQDN SSL Certificate - Subject Common Name Does Not Match Server FQDN Global User List SSL Certificate - Self-Signed Certificate SSL Certificate - Subject Common Name Does Not Match Server FQDN SSL Certificate - Subject Common Name Does Not Match Server FQDN Database Instance Detected SSL/TLS use of weak RC4 cipher SSL/TLS use of weak RC4 cipher SSL/TLS use of weak RC4 cipher SSL/TLS use of weak RC4 cipher Apache Web Server ETag Header Information Disclosure Weakness Apache Web Server ETag Header Information Disclosure Weakness Remote Access or Management Service Detected Remote Management Service Accepting Unencrypted Credentials Detected POP3 Banner FTP Server Banner IMAP Banner Operating System Detected SMTP Banner SMTP Banner SMTP Banner IMAP Banner POP3 Banner 2/71

3 MySQL Banner SMTP Service Detected SMTP Service Detected Host Uptime Based on TCP TimeStamp Option SMTP Service Detected Web Server Version Open TCP Services List SSL Web Server Version Firewall Detected SSL Server Information Retrieval Degree of Randomness of TCP Initial Sequence Numbers SSL Certificate will expire within next six months SSL Session Caching Information TLS Secure Renegotiation Extension Supported TLS Secure Renegotiation Extension Supported SSL Server Information Retrieval ICMP Replies Received SSL Server Information Retrieval SSL Certificate - Information SSL Certificate - Information List of Web Directories Traceroute SSL Session Caching Information SSL Certificate - Information Host Scan Time SSL Certificate - Information 3/71

4 SSL/TLS invalid protocol version tolerance SSL/TLS invalid protocol version tolerance SSL Session Caching Information IP ID Values Randomness SSL Server Information Retrieval List of Web Directories SSL/TLS invalid protocol version tolerance DNS Host Name SSL Certificate - Information SSL Certificate - Information SSL Session Caching Information TLS Secure Renegotiation Extension Supported TLS Secure Renegotiation Extension Supported TLS Secure Renegotiation Extension Supported Host Names Found TLS Secure Renegotiation Extension Supported SSL Session Caching Information SSL Session Caching Information SSL Session Caching Information SSL Certificate - Information SSL Server Information Retrieval TLS Secure Renegotiation Extension Supported SSL Certificate - Information SSL Session Caching Information Target Network Information TLS Secure Renegotiation Extension Supported 4/71

5 SSL Server Information Retrieval SSL Session Caching Information SSL Certificate - Information Internet Service Provider TLS Secure Renegotiation Extension Supported SSL Server Information Retrieval SSL Server Information Retrieval SSL/TLS invalid protocol version tolerance SSL Server Information Retrieval Type: Web Application Cookie Does Not Contain The "HTTPOnly" Attribute QID: Category: Web Application Port: - The cookie does not contain the "HTTPOnly" attribute. Cookies without the "HTTPOnly" attribute are permitted to be accessed via JavaScript. Cross-site scripting attacks can steal cookies which could lead to user impersonation or compromise of the application account. If the associated risk of a compromised account is high, apply the "HTTPOnly" attribute to cookies wordpress_sec_bf07d8ddea19c831a87b2fd81497f82e=+; expires=sun Oct 6 05:45: ; path=/; domain= Cookie Does Not Contain The "secure" Attribute QID: Category: Web Application Port: - The cookie does not contain the "secure" attribute. 5/71

6 Cookies with the "secure" attribute are only permitted to be sent via HTTPS. Session cookies sent via HTTP expose an unsuspecting user to sniffing attacks that could lead to user impersonation or compromise of the application account. If the associated risk of a compromised account is high, apply the "secure" attribute to cookies and force all sensitive requests to be sent via HTTPS PHPSESSID=70fa5d181bc2138ff263f0e994e5ccb2; path=/; domain= Cookie Does Not Contain The "secure" Attribute QID: Category: Web Application Port: - The cookie does not contain the "secure" attribute. Cookies with the "secure" attribute are only permitted to be sent via HTTPS. Session cookies sent via HTTP expose an unsuspecting user to sniffing attacks that could lead to user impersonation or compromise of the application account. If the associated risk of a compromised account is high, apply the "secure" attribute to cookies and force all sensitive requests to be sent via HTTPS wordpress_bf07d8ddea19c831a87b2fd81497f82e=+; expires=sun Oct 6 05:45: ; path=/wp-content/plugins; domain= Cookie Does Not Contain The "HTTPOnly" Attribute QID: Category: Web Application Port: - The cookie does not contain the "HTTPOnly" attribute. Cookies without the "HTTPOnly" attribute are permitted to be accessed via JavaScript. Cross-site scripting attacks can steal cookies which could lead to user impersonation or compromise of the application account. If the associated risk of a compromised account is high, apply the "HTTPOnly" attribute to cookies PHPSESSID=70fa5d181bc2138ff263f0e994e5ccb2; path=/; domain= Type: Vulnerability SSL Server Allows Anonymous Authentication Vulnerability QID: /71

7 Category: General remote services Port: 21 The Secure Socket Layer (SSL) protocol allows for secure communication between a client and a server. The client usually authenticates the server using an algorithm like RSA or DSS. Some SSL ciphers allow SSL communication without authentication. Most common Web browsers like Microsoft Internet Explorer, Netscape and Mozilla do not use anonymous authentication ciphers by default. A vulnerability exists in SSL communications when clients are allowed to connect using no authentication algorithm. SSL client-server communication may use several different types of authentication: RSA, Diffie-Hellman, DSS or none. When 'none' is used, the communications are vulnerable to a man-in-the-middle attack." An attacker can exploit this vulnerability to impersonate your server to clients. Disable support for anonymous authentication. 1) Apache: Typically, for Apache/mod_ssl, httpd.conf or ssl.conf should have the following lines: SSLProtocol -ALL +SSLv3 +TLSv1 SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM For Apache/apache_ssl include the following line in the configuration file (httpsd.conf): SSLRequireCipher ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM 2) IIS: For IIS please see: How to disable PCT 1.0, SSL 2.0, SSL 3.0, or TLS 1.0 in Internet Information Services, How to Restrict the Use of Certain Cryptographic Algorithms and Protocols in Schannel.dll, How to Determine the Cipher Suite for the Server and Client,, and How to restrict the use of certain ciphers in Internet Information Services 5.0 3) Wu-FTP: For Wu-FTP which supports TLS, the ciphers parameter in TLS configuration file should be set to -ALL +SSLv3 +TLSv1 For more details please consult the docs/howto/ssl_and_tls_ftpd.howto file provided by wu-ftpd distribution. 4) Lighttpd: For lighttpd: Locate the lighttpd config file and modify the following ssl.ciperlist line to include!anull. A restart of the lightttpd application is necessary. Example: ssl.cipher-list = "TLSv1+HIGH!SSLv2 Additional reading: #table cols="6" CIPHER KEY-EXCHANGE AUTHENTICATION MAC ENCRYPTION(KEY- STRENGTH) GRADE SSLv3_SUPPORTS_CIPHERS_WITH_NO_AUTHENTICATION _ ADH-RC4-MD5 DH None MD5 RC4(128)_ MEDIUM_ ADH-DES-CBC3-SHA DH None SHA1 3DES(168)_ HIGH_ ADH-AES128-SHA DH None SHA1 AES(128)_ MEDIUM_ ADH-AES256- SHA DH None SHA1 AES(256)_ HIGH_ ADH-CAMELLIA128-SHA DH None SHA1 Camellia(128)_ MEDIUM_ ADH-CAMELLIA256-SHA DH None SHA1 Camellia(256)_ HIGH_ ADH-SEED-SHA DH None SHA1 SEED(128)_ MEDIUM_ TLSv1_SUPPORTS_CIPHERS_WITH_NO_AUTHENTICATION _ ADH-RC4-MD5 DH None MD5 RC4(128) _MEDIUM_ ADH-DES-CBC3-SHA DH None SHA1 3DES(168) _HIGH_ ADH-AES128-SHA DH None SHA1 AES(128) _MEDIUM_ ADH-AES256-SHA DH None SHA1 AES(256) _HIGH_ ADH-CAMELLIA128-SHA DH None SHA1 Camellia(128) _MEDIUM_ ADH-CAMELLIA256-SHA DH None SHA1 Camellia(256) _HIGH_ ADH-SEED-SHA DH None SHA1 SEED(128) _MEDIUM_ Web Server Stopped Responding QID: Category: Web server Port: 443 7/71

8 The Web server stopped responding to 3 consecutive connection attempts and/or more than 3 consecutive HTTP requests. Consequently, the service aborted testing for HTTP vulnerabilities. The vulnerabilities already detected are still posted. The service was unable to complete testing for HTTP vulnerabilities since the Web server stopped responding. Check the Web server status. If the Web server was crashed during the scan, please restart the server, report the incident to Customer Support and stop scanning the Web server until the issue is resolved. If the Web server is unable to process multiple concurrent HTTP requests, please lower the scan harshness level and launch another scan. If this vulnerability continues to be reported, please contact Customer Support. The web server did not respond for 4 consecutive HTTP requests. After these, the service was still unable to connect to the web server 2 minutes later. POP3 Server Allows Plain Text Authentication Vulnerability QID: Category: Mail services Port: 110 Post Office Protocol version 3 (POP3) is an application layer internet standard protocol to retrieve from a remote server. Use of the PASS command sends passwords in the clear over the network. Also, servers that answer -ERR to the User command are giving potential attackers clues about which names are valid. Malicious users could obtain mail server credentials by sniffing the traffic. This can allow unauthorized users to use the mail server as an open mail relay. POP3 supports several authentication methods to provide varying levels of protection. Contact your vendor for further configuration information. Mail Server Accepts Plaintext Credentials QID: Category: Mail services Port: 25 Your Mail Server responds to the EHLO command which implies that it uses the ESMTP protocol. ESMTP uses the AUTH command which indicates an authentication mechanism to the server. If the server supports the requested authentication mechanism, it performs an authentication protocol exchange to authenticate and identify the user. Optionally, it also negotiates a security layer for subsequent protocol interactions. Your server accepts PLAIN or LOGIN as one of the AUTH parameters. The authentication credentials are transmitted in plaintext over the network and no encryption is performed. Malicious users could obtain mail server credentials by sniffing the traffic. This can allow unauthorized users to use the mail server as an open mail relay. It may also lead to compromise of account credentials that can be used to access other mail services like POP3 and IMAP. 8/71

9 Disable the plaintext authentication methods on your SMTP server for unencrypted (non- SSL/TLS) sessions. You may consider using more advanced challenge-based authentication methods like CRAM-MD5 or DIGEST-MD5. Please contact your vendor for configuration information. Also check RFC 2554 and RFC 2487 for more details. EHLO 250-p3plcpnl0246.prod.phx3.secureserver.net Hello [ ] 250-SIZE BITMIME250-PIPELINING 250-AUTH PLAIN LOGIN 250-STARTTLS 250 HELP AUTH LOGIN 334VXNlcm5hbWU6 EHLO 250- p3plcpnl0246.prod.phx3.secureserver.net Hello [ ] 250-SIZE BITMIME 250-PIPELINING 250-AUTH PLAIN LOGIN 250-STARTTLS 250 HELP AUTH PLAIN 334 Discovery of Unix Account Names Vulnerability QID: Category: Brute Force Attack Port: 80 CVEID: CVE When a request for a user is made ( certain servers (such as Apache Versions and 1.3.9) return a different reply depending on whether the account user exists on the host or not. If a request is made for an account that exists on the host, a 403 error is returned. If a request is made for a non-existent account, then a 404 error is returned. Unauthorized remote users can implement brute force attacks on the Web server to guess a valid account name on the server. Even though they may be successful in obtaining a valid account, they will still have to guess the password. However, if user passwords are weak, some services may also be brute forced. Disable the default-enabled "UserDir" directive. To do so, add the following line to the httpd.conf file: UserDir Disabled Apache Versions and are vulnerable. Other Web servers may also be vulnerable. There are currently no patches available. We strongly advise you to upgrade to a later version of Apache. #table cols="2" N._Server Account root operator Discovery of Unix Account Names Vulnerability QID: Category: Brute Force Attack Port: 443 CVEID: CVE When a request for a user is made ( certain servers (such as Apache Versions and 1.3.9) return a different reply depending on whether the account user exists on the host or not. If a request is made for an account that exists on the host, a 403 error is returned. If a request is made for a non-existent account, then a 404 error is returned. Unauthorized remote users can implement brute force attacks on the Web server to guess a valid account name on the server. Even though they may be successful in obtaining a valid account, they will still have to guess the password. However, if user passwords are weak, some services may also be brute forced. 9/71

10 Disable the default-enabled "UserDir" directive. To do so, add the following line to the httpd.conf file: UserDir Disabled Apache Versions and are vulnerable. Other Web servers may also be vulnerable. There are currently no patches available. We strongly advise you to upgrade to a later version of Apache. #table cols="2" N._Server Account root Mail Server Accepts Plaintext Credentials QID: Category: Mail services Port: 587 Your Mail Server responds to the EHLO command which implies that it uses the ESMTP protocol. ESMTP uses the AUTH command which indicates an authentication mechanism to the server. If the server supports the requested authentication mechanism, it performs an authentication protocol exchange to authenticate and identify the user. Optionally, it also negotiates a security layer for subsequent protocol interactions. Your server accepts PLAIN or LOGIN as one of the AUTH parameters. The authentication credentials are transmitted in plaintext over the network and no encryption is performed. Malicious users could obtain mail server credentials by sniffing the traffic. This can allow unauthorized users to use the mail server as an open mail relay. It may also lead to compromise of account credentials that can be used to access other mail services like POP3 and IMAP. Disable the plaintext authentication methods on your SMTP server for unencrypted (non- SSL/TLS) sessions. You may consider using more advanced challenge-based authentication methods like CRAM-MD5 or DIGEST-MD5. Please contact your vendor for configuration information. Also check RFC 2554 and RFC 2487 for more details. EHLO qualysguard.com 250-p3plcpnl0246.prod.phx3.secureserver.net Hello sn094.s01.sjc01.qualys.com [ ] 250-SIZE BITMIME 250-PIPELINING 250-AUTH PLAIN LOGIN 250-STARTTLS 250 HELP AUTH LOGIN 334 VXNlcm5hbWU6 EHLO qualysguard.com 250- p3plcpnl0246.prod.phx3.secureserver.net Hello sn094.s01.sjc01.qualys.com [ ] 250-SIZE BITMIME 250-PIPELINING 250-AUTH PLAIN LOGIN 250-STARTTLS 250 HELP AUTH PLAIN 334 Web Server Stopped Responding QID: Category: Web server Port: 80 The Web server stopped responding to 3 consecutive connection attempts and/or more than 3 consecutive HTTP requests. Consequently, the service aborted testing for HTTP vulnerabilities. The vulnerabilities already detected are still posted. The service was unable to complete testing for HTTP vulnerabilities since the Web server stopped responding. Check the Web server status. 10/71

11 If the Web server was crashed during the scan, please restart the server, report the incident to Customer Support and stop scanning the Web server until the issue is resolved. If the Web server is unable to process multiple concurrent HTTP requests, please lower the scan harshness level and launch another scan. If this vulnerability continues to be reported, please contact Customer Support. The web server did not respond for 4 consecutive HTTP requests. After these, the service was still unable to connect to the web server 2 minutes later. SSLv3.0/TLSv1.0 Protocol Weak CBC Mode Vulnerability QID: Category: General remote services Port: 443 CVEID: CVE SSLv 3.0 and TLS v1.0 protocols are used to provide integrity, authenticity and privacy to other protocols such as HTTP and LDAP. They provide these services by using encryption for privacy, x509 certificates for authenticity and one-way hash functions for integrity. To encrypt data SSL and TLS can use block ciphers, which are encryption algorithms that can encrypt only a fixed block of original data to an encrypted block of the same size. Note that these ciphers will always obtain the same resulting block for the same original block of data. To achieve difference in the output the output of encryption is XORed with yet another block of the same size referred to as initialization vectors (IV). A special mode of operation for block ciphers known as CBC (cipher block chaining) uses one IV for the initial block and the result of the previous block for each subsequent block to obtain difference in the output of block cipher encryption. In SSLv3.0 and TLSv1.0 implementation the choice CBC mode usage was poor because the entire traffic shares one CBC session with single set of initial IVs. The rest of the IV are as mentioned above results of the encryption of the previous blocks. The subsequent IV are available to the eavesdroppers. This allows an attacker with the capability to inject arbitrary traffic into the plain-text stream (to be encrypted by the client) to verify their guess of the plain-text preceding the injected block. If the attackers guess is correct then the output of the encryption will be the same for two blocks. For low entropy data it is possible to guess the plain-text block with relatively few number of attempts. For example for data that has 1000 possibilities the number of attempts can be 500. For more information please see a paper by Gregory V. Bard. Recently attacks against the web authentication cookies have been described which used this vulnerability. If the authentication cookie is guessed by the attacker then the attacker can impersonate the legitimate user on the Web site which accepts the authentication cookie. This attack was identified in 2004 and later revisions of TLS protocol which contain a fix for this. If possible, upgrade to TLSv1.1 or TLSv1.2. If upgrading to TLSv1.1 or TLSv1.2 is not possible, then disabling CBC mode ciphers will remove the vulnerability. Setting your SSL server to prioritize RC4 ciphers mitigates this vulnerability. Microsoft has posted information including workarounds for IIS at KB Using the following SSL configuration in Apache mitigates this vulnerability: SSLHonorCipherOrder On SSLCipherSuite RC4-SHA:HIGH:!ADH Qualys SSL/TLS Deployment Best Practices can be found here. Note: RC4 recommendation is only in situations where upgrade to TLSv1.2 is not possible. RC4 in TLS v1.0 has output bias problem as described in QID Therefore it is recommended to upgrade to TLS v1.2 or later. #table cols="3" Available_non_CBC_cipher Server's_choice SSL_version RC4- SHA ECDHE-RSA-DES-CBC3-SHA TLSv1 11/71

12 Apache Partial HTTP Request Denial of Service Vulnerability - Zero Day QID: Category: Web server Port: 0 CVEID: CVE The Apache HTTP Server, commonly referred to as Apache is a freely available Web server. Apache is vulnerable to a denial of service due to holding a connection open for partial HTTP requests. Apache Versions 1.x and 2.x are vulnerable. A remote attacker can cause a denial of service against the Web server which would prevent legitimate users from accessing the site. Denial of service tools and scripts such as Slowloris takes advantage of this vulnerability. Patch - There are no vendor-supplied patches available at this time. Workaround: - Server-specific recommendations can be found here. - Countermeasures for Apache are described here. - Reverse proxies, load balancers and iptables can help to prevent this attack from occurring. - Adjusting the TimeOut Directive can also prevent this attack from occurring. - A new module mod_reqtimeout has been introduced since Apache to provide tools for mitigation against these forms of attack. Also refer to Cert Blog and Slowloris and Mitigations for Apache document for further information. QID: detected on port 80 over TCP - Apache 2.0QID: detected on port 443 over TCP - Apache 2.0 Type: Vulnerability SSL Certificate - Subject Common Name Does Not Match Server FQDN QID: Category: General remote services Port: 143 An SSL Certificate associates an entity (person, organization, host, etc.) with a Public Key. In an SSL connection, the client authenticates the remote server using the server's Certificate and extracts the Public Key in the Certificate to establish the secure connection. A certificate whose Subject commonname or subjectaltname does not match the server FQDN offers only encryption without authentication. Please note that a false positive reporting of this vulnerability is possible in the following case: If the common name of the certificate uses a wildcard such as *.somedomainname.com and the reverse DNS resolution of the target IP is not configured. In this case there is no way for Qualys to associate the wildcard common name to the IP. Adding a reverse DNS lookup entry to the target IP will solve this problem. A man-in-the-middle attacker can exploit this vulnerability in tandem with a DNS cache poisoning attack to lure the client to another server, and then steal all the encryption communication. Please install a server certificate whose Subject commonname or subjectaltname matches the server FQDN. 12/71

13 Certificate #0 CN=*.prod.phx3.secureserver.net,O=Special_Domain_Services\,_LLC,ST=Arizona,C=US (*.prod.phx3.secureserver.net) doesn't resolve (prod.phx3.secureserver.net) doesn't resolve (*.prod.phx3.secureserver.net) doesn't resolve SSL Certificate - Signature Verification Failed Vulnerability QID: Category: General remote services Port: 21 An SSL Certificate associates an entity (person, organization, host, etc.) with a Public Key. In an SSL connection, the client authenticates the remote server using the server's Certificate and extracts the Public Key in the Certificate to establish the secure connection. The authentication is done by verifying that the public key in the certificate is signed by a trusted third-party Certificate Authority. If a client is unable to verify the certificate, it can abort communication or prompt the user to continue the communication without authentication. By exploiting this vulnerability, man-in-the-middle attacks in tandem with DNS cache poisoning can occur. Exception: If the server communicates only with a restricted set of clients who have the server certificate or the trusted CA certificate, then the server or CA certificate may not be available publicly, and the scan will be unable to verify the signature. Please install a server certificate signed by a trusted third-party Certificate Authority. Certificate #0 rod.phx3.secureserver.net self signed certificate SSL Certificate - Subject Common Name Does Not Match Server FQDN QID: Category: General remote services Port: 587 An SSL Certificate associates an entity (person, organization, host, etc.) with a Public Key. In an SSL connection, the client authenticates the remote server using the server's Certificate and extracts the Public Key in the Certificate to establish the secure connection. A certificate whose Subject commonname or subjectaltname does not match the server FQDN offers only encryption without authentication. Please note that a false positive reporting of this vulnerability is possible in the following case: If the common name of the certificate uses a wildcard such as *.somedomainname.com and the reverse DNS resolution of the target IP is not configured. In this case there is no way for Qualys to associate the wildcard common name to the IP. Adding a reverse DNS lookup entry to the target IP will solve this problem. A man-in-the-middle attacker can exploit this vulnerability in tandem with a DNS cache poisoning attack to lure the client to another server, and then steal all the encryption communication. Please install a server certificate whose Subject commonname or subjectaltname matches the server FQDN. 13/71

14 Certificate #0 CN=*.prod.phx3.secureserver.net,O=Special_Domain_Services\,_LLC,ST=Arizona,C=US (*.prod.phx3.secureserver.net) doesn't resolve (prod.phx3.secureserver.net) doesn't resolve (*.prod.phx3.secureserver.net) doesn't resolve Type: Vulnerability SSL Certificate - Improper Usage Vulnerability QID: Category: General remote services Port: 21 An SSL Certificate associates an entity (person, organization, host, etc.) with a Public Key. In an SSL connection, the client authenticates the remote server using the server's Certificate and extracts the Public Key in the Certificate to establish the secure connection. The basicconstraints section of the certificate may specify if it is a Certificate Authority (CA) certificate. Also, the keyusage field in the X509v3 extensions section of the certificate, if present, may restrict the usage of the certificate. In general, a server public key should not be used for Certificate or CRL signing and a client or CA certificate should be not used as a server certificate. If the keyusage or the basicconstraint field is designated as a critical parameter in the certificate, the client may abort the communication if the usage validation fails. Please install a server certificate with correct usage. Certificate #0 rod.phx3.secureserver.net is not suitable for CRL signing. Type: Vulnerability SSL Certificate - Subject Common Name Does Not Match Server FQDN QID: Category: General remote services Port: 110 An SSL Certificate associates an entity (person, organization, host, etc.) with a Public Key. In an SSL connection, the client authenticates the remote server using the server's Certificate and extracts the Public Key in the Certificate to establish the secure connection. A certificate whose Subject commonname or subjectaltname does not match the server FQDN offers only encryption without authentication. Please note that a false positive reporting of this vulnerability is possible in the following case: If the common name of the certificate uses a wildcard such as *.somedomainname.com and the reverse DNS resolution of the target IP is not configured. In this case there is no way for Qualys to associate the wildcard common name to the IP. Adding a reverse DNS lookup entry to the target IP will solve this problem. A man-in-the-middle attacker can exploit this vulnerability in tandem with a DNS cache poisoning attack to lure the client to another server, and then steal all the encryption 14/71

15 communication. Please install a server certificate whose Subject commonname or subjectaltname matches the server FQDN. Certificate #0 CN=*.prod.phx3.secureserver.net,O=Special_Domain_Services\,_LLC,ST=Arizona,C=US (*.prod.phx3.secureserver.net) doesn't resolve (prod.phx3.secureserver.net) doesn't resolve (*.prod.phx3.secureserver.net) doesn't resolve SSL Certificate - Subject Common Name Does Not Match Server FQDN QID: Category: General remote services Port: 995 An SSL Certificate associates an entity (person, organization, host, etc.) with a Public Key. In an SSL connection, the client authenticates the remote server using the server's Certificate and extracts the Public Key in the Certificate to establish the secure connection. A certificate whose Subject commonname or subjectaltname does not match the server FQDN offers only encryption without authentication. Please note that a false positive reporting of this vulnerability is possible in the following case: If the common name of the certificate uses a wildcard such as *.somedomainname.com and the reverse DNS resolution of the target IP is not configured. In this case there is no way for Qualys to associate the wildcard common name to the IP. Adding a reverse DNS lookup entry to the target IP will solve this problem. A man-in-the-middle attacker can exploit this vulnerability in tandem with a DNS cache poisoning attack to lure the client to another server, and then steal all the encryption communication. Please install a server certificate whose Subject commonname or subjectaltname matches the server FQDN. Certificate #0 CN=*.prod.phx3.secureserver.net,O=Special_Domain_Services\,_LLC,ST=Arizona,C=US (*.prod.phx3.secureserver.net) doesn't resolve (prod.phx3.secureserver.net) doesn't resolve (*.prod.phx3.secureserver.net) doesn't resolve SSL Certificate - Subject Common Name Does Not Match Server FQDN QID: Category: General remote services Port: 465 An SSL Certificate associates an entity (person, organization, host, etc.) with a Public Key. In an SSL connection, the client authenticates the remote server using the server's Certificate and extracts the Public Key in the Certificate to establish the secure connection. A certificate whose Subject commonname or subjectaltname does not match the server FQDN offers only encryption without authentication. Please note that a false positive reporting of this vulnerability is possible in the following case: If the common name of the certificate uses a wildcard such as *.somedomainname.com and the reverse DNS resolution of the target IP is not configured. In this case there is no way for Qualys to associate the wildcard common name to the IP. Adding a reverse DNS lookup 15/71

16 entry to the target IP will solve this problem. A man-in-the-middle attacker can exploit this vulnerability in tandem with a DNS cache poisoning attack to lure the client to another server, and then steal all the encryption communication. Please install a server certificate whose Subject commonname or subjectaltname matches the server FQDN. Certificate #0 CN=*.prod.phx3.secureserver.net,O=Special_Domain_Services\,_LLC,ST=Arizona,C=US (*.prod.phx3.secureserver.net) doesn't resolve (prod.phx3.secureserver.net) doesn't resolve (*.prod.phx3.secureserver.net) doesn't resolve SSL Certificate - Subject Common Name Does Not Match Server FQDN QID: Category: General remote services Port: 25 An SSL Certificate associates an entity (person, organization, host, etc.) with a Public Key. In an SSL connection, the client authenticates the remote server using the server's Certificate and extracts the Public Key in the Certificate to establish the secure connection. A certificate whose Subject commonname or subjectaltname does not match the server FQDN offers only encryption without authentication. Please note that a false positive reporting of this vulnerability is possible in the following case: If the common name of the certificate uses a wildcard such as *.somedomainname.com and the reverse DNS resolution of the target IP is not configured. In this case there is no way for Qualys to associate the wildcard common name to the IP. Adding a reverse DNS lookup entry to the target IP will solve this problem. A man-in-the-middle attacker can exploit this vulnerability in tandem with a DNS cache poisoning attack to lure the client to another server, and then steal all the encryption communication. Please install a server certificate whose Subject commonname or subjectaltname matches the server FQDN. Certificate #0 CN=*.prod.phx3.secureserver.net,O=Special_Domain_Services\,_LLC,ST=Arizona,C=US (*.prod.phx3.secureserver.net) doesn't resolve (prod.phx3.secureserver.net) doesn't resolve (*.prod.phx3.secureserver.net) doesn't resolve SSL Certificate - Subject Common Name Does Not Match Server FQDN QID: Category: General remote services Port: 21 An SSL Certificate associates an entity (person, organization, host, etc.) with a Public Key. In an SSL connection, the client authenticates the remote server using the server's Certificate and extracts the Public Key in the Certificate to establish the secure connection. A certificate whose Subject commonname or subjectaltname does not match the server FQDN offers only encryption without authentication. 16/71

17 Please note that a false positive reporting of this vulnerability is possible in the following case: If the common name of the certificate uses a wildcard such as *.somedomainname.com and the reverse DNS resolution of the target IP is not configured. In this case there is no way for Qualys to associate the wildcard common name to the IP. Adding a reverse DNS lookup entry to the target IP will solve this problem. A man-in-the-middle attacker can exploit this vulnerability in tandem with a DNS cache poisoning attack to lure the client to another server, and then steal all the encryption communication. Please install a server certificate whose Subject commonname or subjectaltname matches the server FQDN. Certificate #0 rod.phx3.secureserver.net (p3plcpnl0246.prod.phx3.secureserver.net) and IP ( ) don't match Type: Vulnerability Global User List QID: Category: Information gathering Port: 0 This is the global system user list, which was retrieved during the scan by exploiting one or more vulnerabilities. The Qualys IDs for the vulnerabilities leading to the disclosure of these users are also given in the Result section. Each user will be displayed only once, even though it may be obtained by using different methods. These common account(s) can be used by a malicious user to break-in the system via password bruteforcing. To prevent your host from being attacked, do one or more of the following: Remove (or rename) unnecessary accounts Shutdown unnecessary network services Ensure the passwords to these accounts are kept secret Use a firewall to restrict access to your hosts from unauthorized domains #table cols="2" User_Name Source_Vulnerability_(QualysID) root 5001 operator 5001 Type: Vulnerability SSL Certificate - Self-Signed Certificate QID: Category: General remote services Port: 21 An SSL Certificate associates an entity (person, organization, host, etc.) with a Public Key. In an SSL connection, the client authenticates the remote server using the server's Certificate and extracts the Public Key in the Certificate to establish the secure connection. 17/71

18 The client can trust that the Server Certificate belongs the server only if it is signed by a mutually trusted third-party Certificate Authority (CA). Self-signed certificates are created generally for testing purposes or to avoid paying third-party CAs. These should not be used on any production or critical servers. By exploiting this vulnerability, an attacker can impersonate the server by presenting a fake self-signed certificate. If the client knows that the server does not have a trusted certificate, it will accept this spoofed certificate and communicate with the remote server. By exploiting this vulnerability, an attacker can launch a man-in-the-middle attack. Please install a server certificate signed by a trusted third-party Certificate Authority. Certificate #0 rod.phx3.secureserver.net is a self signed certificate. SSL Certificate - Subject Common Name Does Not Match Server FQDN QID: Category: General remote services Port: 443 An SSL Certificate associates an entity (person, organization, host, etc.) with a Public Key. In an SSL connection, the client authenticates the remote server using the server's Certificate and extracts the Public Key in the Certificate to establish the secure connection. A certificate whose Subject commonname or subjectaltname does not match the server FQDN offers only encryption without authentication. Please note that a false positive reporting of this vulnerability is possible in the following case: If the common name of the certificate uses a wildcard such as *.somedomainname.com and the reverse DNS resolution of the target IP is not configured. In this case there is no way for Qualys to associate the wildcard common name to the IP. Adding a reverse DNS lookup entry to the target IP will solve this problem. A man-in-the-middle attacker can exploit this vulnerability in tandem with a DNS cache poisoning attack to lure the client to another server, and then steal all the encryption communication. Please install a server certificate whose Subject commonname or subjectaltname matches the server FQDN. Certificate #0 CN=*.prod.phx3.secureserver.net,O=Special_Domain_Services\,_LLC,ST=Arizona,C=US (*.prod.phx3.secureserver.net) doesn't resolve (prod.phx3.secureserver.net) doesn't resolve (*.prod.phx3.secureserver.net) doesn't resolve SSL Certificate - Subject Common Name Does Not Match Server FQDN QID: Category: General remote services Port: 993 An SSL Certificate associates an entity (person, organization, host, etc.) with a Public Key. In an SSL connection, the client authenticates the remote server using the server's Certificate and extracts the Public Key in the Certificate to establish the secure connection. A certificate whose Subject commonname or subjectaltname does not match the server 18/71

19 FQDN offers only encryption without authentication. Please note that a false positive reporting of this vulnerability is possible in the following case: If the common name of the certificate uses a wildcard such as *.somedomainname.com and the reverse DNS resolution of the target IP is not configured. In this case there is no way for Qualys to associate the wildcard common name to the IP. Adding a reverse DNS lookup entry to the target IP will solve this problem. A man-in-the-middle attacker can exploit this vulnerability in tandem with a DNS cache poisoning attack to lure the client to another server, and then steal all the encryption communication. Please install a server certificate whose Subject commonname or subjectaltname matches the server FQDN. Certificate #0 CN=*.prod.phx3.secureserver.net,O=Special_Domain_Services\,_LLC,ST=Arizona,C=US (*.prod.phx3.secureserver.net) doesn't resolve (prod.phx3.secureserver.net) doesn't resolve (*.prod.phx3.secureserver.net) doesn't resolve Type: Vulnerability Database Instance Detected QID: Category: Database Port: 3306 The service detected a database installation on the target. Databases like Oracle, MS-SQL, MySQL, IBM DB2, PostGgresql, Firebird and other are detected. The database instance is listed in the result section below. MYSQL instance detected on TCP port SSL/TLS use of weak RC4 cipher QID: Category: General remote services Port: 465 CVEID: CVE Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS ) protocols provide integrity, confidentiality and authenticity services to other protocols that lack these features. SSL/TLS protocols use ciphers such as AES,DES, 3DES and RC4 to encrypt the content of the higher layer protocols and thus provide the confidentiality service. Normally the output of an encryption process is a sequence of random looking bytes. It was known that RC4 output has some bias in the output. Recently a group of researches has discovered that the there is a stronger bias in RC4, which make statistical analysis of ciphertext more practical. The described attack is to inject a malicious javascript into the victim's browser that would ensure that there are multiple connections being established with a target website and the same HTTP cookie is sent multiple times to the website in encrypted form. This provides the attacker a large set of ciphertext samples, that can be used for statistical analysis. 19/71

20 If this attack is carried out and an HTTP cookie is recovered, then the attacker can then use the cookie to impersonate the user whose cookie was recovered. This attack is not very practical as it requires the attacker to have access to millions of samples of ciphertext, but there are certain assumptions that an attacker can make to improve the chances of recovering the cleartext from cihpertext. For examples HTTP cookies are either base64 encoded or hex digits. This information can help the attacker in their efforts to recover the cookie. RC4 should not be used where possible. One reason that RC4 was still being used was BEAST and Lucky13 attacks against CBC mode ciphers in SSL and TLS. However, TLSv 1.2 or later address these issues. TLSv1.0 with RC4 ciphers is supported SSL/TLS use of weak RC4 cipher QID: Category: General remote services Port: 995 CVEID: CVE Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS ) protocols provide integrity, confidentiality and authenticity services to other protocols that lack these features. SSL/TLS protocols use ciphers such as AES,DES, 3DES and RC4 to encrypt the content of the higher layer protocols and thus provide the confidentiality service. Normally the output of an encryption process is a sequence of random looking bytes. It was known that RC4 output has some bias in the output. Recently a group of researches has discovered that the there is a stronger bias in RC4, which make statistical analysis of ciphertext more practical. The described attack is to inject a malicious javascript into the victim's browser that would ensure that there are multiple connections being established with a target website and the same HTTP cookie is sent multiple times to the website in encrypted form. This provides the attacker a large set of ciphertext samples, that can be used for statistical analysis. If this attack is carried out and an HTTP cookie is recovered, then the attacker can then use the cookie to impersonate the user whose cookie was recovered. This attack is not very practical as it requires the attacker to have access to millions of samples of ciphertext, but there are certain assumptions that an attacker can make to improve the chances of recovering the cleartext from cihpertext. For examples HTTP cookies are either base64 encoded or hex digits. This information can help the attacker in their efforts to recover the cookie. RC4 should not be used where possible. One reason that RC4 was still being used was BEAST and Lucky13 attacks against CBC mode ciphers in SSL and TLS. However, TLSv 1.2 or later address these issues. TLSv1.0 with RC4 ciphers is supported SSL/TLS use of weak RC4 cipher QID: Category: General remote services Port: 443 CVEID: CVE Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS ) protocols provide integrity, confidentiality and authenticity services to other protocols that lack these features. SSL/TLS protocols use ciphers such as AES,DES, 3DES and RC4 to encrypt the content of the higher layer protocols and thus provide the confidentiality service. Normally the output of an encryption process is a sequence of random looking bytes. It was known that RC4 output 20/71

21 has some bias in the output. Recently a group of researches has discovered that the there is a stronger bias in RC4, which make statistical analysis of ciphertext more practical. The described attack is to inject a malicious javascript into the victim's browser that would ensure that there are multiple connections being established with a target website and the same HTTP cookie is sent multiple times to the website in encrypted form. This provides the attacker a large set of ciphertext samples, that can be used for statistical analysis. If this attack is carried out and an HTTP cookie is recovered, then the attacker can then use the cookie to impersonate the user whose cookie was recovered. This attack is not very practical as it requires the attacker to have access to millions of samples of ciphertext, but there are certain assumptions that an attacker can make to improve the chances of recovering the cleartext from cihpertext. For examples HTTP cookies are either base64 encoded or hex digits. This information can help the attacker in their efforts to recover the cookie. RC4 should not be used where possible. One reason that RC4 was still being used was BEAST and Lucky13 attacks against CBC mode ciphers in SSL and TLS. However, TLSv 1.2 or later address these issues. TLSv1.0 with RC4 ciphers is supported SSL/TLS use of weak RC4 cipher QID: Category: General remote services Port: 993 CVEID: CVE Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS ) protocols provide integrity, confidentiality and authenticity services to other protocols that lack these features. SSL/TLS protocols use ciphers such as AES,DES, 3DES and RC4 to encrypt the content of the higher layer protocols and thus provide the confidentiality service. Normally the output of an encryption process is a sequence of random looking bytes. It was known that RC4 output has some bias in the output. Recently a group of researches has discovered that the there is a stronger bias in RC4, which make statistical analysis of ciphertext more practical. The described attack is to inject a malicious javascript into the victim's browser that would ensure that there are multiple connections being established with a target website and the same HTTP cookie is sent multiple times to the website in encrypted form. This provides the attacker a large set of ciphertext samples, that can be used for statistical analysis. If this attack is carried out and an HTTP cookie is recovered, then the attacker can then use the cookie to impersonate the user whose cookie was recovered. This attack is not very practical as it requires the attacker to have access to millions of samples of ciphertext, but there are certain assumptions that an attacker can make to improve the chances of recovering the cleartext from cihpertext. For examples HTTP cookies are either base64 encoded or hex digits. This information can help the attacker in their efforts to recover the cookie. RC4 should not be used where possible. One reason that RC4 was still being used was BEAST and Lucky13 attacks against CBC mode ciphers in SSL and TLS. However, TLSv 1.2 or later address these issues. TLSv1.0 with RC4 ciphers is supported Apache Web Server ETag Header Information Disclosure Weakness QID: Category: Web server Port: 80 CVEID: CVE /71

22 The Apache HTTP Server is a popular, open-source HTTP server for multiple platforms, including Windows, Unix, and Linux. A cache management feature for Apache makes use of an entity tag (ETag) header. When this option is enabled and a request is made for a document relating to a file, an ETag response header is returned containing various file attributes for caching purposes. ETag information allows subsequent file requests to contain specific information, such as the file's inode number. A weakness has been found in the generation of ETag headers under certain configurations implementing the FileETag directive. Among the file attributes included in the header is the file inode number that is returned to a client. Affected Versions: By default, all Versions of Apache are vulnerable. In Apache Versions and earlier, it's not possible to disable inodes in in ETag headers to mitigate this vulnerability, so Apache Version and earlier are vulnerable at all times. Apache Version and later have a setting that can be modified to remove the inode info from the ETag Headers to mitigate this vulnerability. Apache Versions >= allow the user to configure what goes into ETag. However, if the user does not configure Apache to not include inode in ETag, the Web server can still be vulnerable even if Apache >= is being used. This vulnerability poses a security risk, as the disclosure of inode information may aid in launching attacks against other network-based services. For instance, NFS uses inode numbers to generate file handles. Workaround: For Apache and earlier: There is no patch or remediation available for Apache Versions and earlier since it's not possible to disable inodes in in ETag headers. Customers running versions of Apache <= will need to upgrade to a later version and then apply the settings listed below (see Apache Version and later), as versions of Apache and earlier do not have the ability to configure these setting. For Apache and later: In Apache Version and later, it's possible to configure the FileETag directive to generate ETag headers without inode information, which mitigates this vulnerability. To do so, include "FileETag -INode" in the Apache server configuration file for a specific subdirectory. In order to fix this vulnerability globally, for the Web server, use the option "FileETag None". Use the option "FileETag MTime Size" if you just want to remove the Inode information. OpenBSD: OpenBSD has released a patch that fixes this vulnerability. After installing the patch, inode numbers returned from the server are encoded using a private hash to avoid the release of sensitive information. "646fa-7ab-500e0b4e5a84c" Apache Web Server ETag Header Information Disclosure Weakness QID: Category: Web server Port: 443 CVEID: CVE The Apache HTTP Server is a popular, open-source HTTP server for multiple platforms, including Windows, Unix, and Linux. A cache management feature for Apache makes use of an entity tag (ETag) header. When this option is enabled and a request is made for a document relating to a file, an ETag response header is returned containing various file attributes for caching purposes. ETag information allows subsequent file requests to contain specific information, such as the file's inode number. A weakness has been found in the generation of ETag headers under certain configurations implementing the FileETag directive. Among the file attributes included in the header is the file inode number that is returned to a client. 22/71

My FreeScan Vulnerabilities Report

My FreeScan Vulnerabilities Report Page 1 of 6 My FreeScan Vulnerabilities Report Print Help For 66.40.6.179 on Feb 07, 008 Thank you for trying FreeScan. Below you'll find the complete results of your scan, including whether or not the

More information

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1 Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions

More information

Criteria for web application security check. Version 2015.1

Criteria for web application security check. Version 2015.1 Criteria for web application security check Version 2015.1 i Content Introduction... iii ISC- P- 001 ISC- P- 001.1 ISC- P- 001.2 ISC- P- 001.3 ISC- P- 001.4 ISC- P- 001.5 ISC- P- 001.6 ISC- P- 001.7 ISC-

More information

Chapter 17. Transport-Level Security

Chapter 17. Transport-Level Security Chapter 17 Transport-Level Security Web Security Considerations The World Wide Web is fundamentally a client/server application running over the Internet and TCP/IP intranets The following characteristics

More information

Internet Banking System Web Application Penetration Test Report

Internet Banking System Web Application Penetration Test Report Internet Banking System Web Application Penetration Test Report Kiev - 2014 1. Executive Summary This report represents the results of the Bank (hereinafter the Client) Internet Banking Web Application

More information

Transport Level Security

Transport Level Security Transport Level Security Overview Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-14/

More information

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security? 7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk

More information

SBClient SSL. Ehab AbuShmais

SBClient SSL. Ehab AbuShmais SBClient SSL Ehab AbuShmais Agenda SSL Background U2 SSL Support SBClient SSL 2 What Is SSL SSL (Secure Sockets Layer) Provides a secured channel between two communication endpoints Addresses all three

More information

Communication Security for Applications

Communication Security for Applications Communication Security for Applications Antonio Carzaniga Faculty of Informatics University of Lugano March 10, 2008 c 2008 Antonio Carzaniga 1 Intro to distributed computing: -server computing Transport-layer

More information

Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213

Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213 Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213 UNCLASSIFIED Example http ://www. greatstuf f. com Wants credit card number ^ Look at lock on browser Use https

More information

Network Vulnerability Assessment Report Sorted by host names

Network Vulnerability Assessment Report Sorted by host names Network Vulnerability Assessment Report Sorted by host names Session name: before192.168.0.110 Total records generated: 66 high severity: 7 low severity: 46 informational: 13 Start time: 30.08.2003 07:56:15

More information

Thick Client Application Security

Thick Client Application Security Thick Client Application Security Arindam Mandal (arindam.mandal@paladion.net) (http://www.paladion.net) January 2005 This paper discusses the critical vulnerabilities and corresponding risks in a two

More information

SSL BEST PRACTICES OVERVIEW

SSL BEST PRACTICES OVERVIEW SSL BEST PRACTICES OVERVIEW THESE PROBLEMS ARE PERVASIVE 77.9% 5.2% 19.2% 42.3% 77.9% of sites are HTTP 5.2% have an incomplete chain 19.2% support weak/insecure cipher suites 42.3% support SSL 3.0 83.1%

More information

Topics in Network Security

Topics in Network Security Topics in Network Security Jem Berkes MASc. ECE, University of Waterloo B.Sc. ECE, University of Manitoba www.berkes.ca February, 2009 Ver. 2 In this presentation Wi-Fi security (802.11) Protecting insecure

More information

Network Security Fundamentals

Network Security Fundamentals APNIC elearning: Network Security Fundamentals 27 November 2013 04:30 pm Brisbane Time (GMT+10) Introduction Presenter Sheryl Hermoso Training Officer sheryl@apnic.net Specialties: Network Security IPv6

More information

APNIC elearning: Network Security Fundamentals. 20 March 2013 10:30 pm Brisbane Time (GMT+10)

APNIC elearning: Network Security Fundamentals. 20 March 2013 10:30 pm Brisbane Time (GMT+10) APNIC elearning: Network Security Fundamentals 20 March 2013 10:30 pm Brisbane Time (GMT+10) Introduction Presenter/s Nurul Islam Roman Senior Training Specialist nurul@apnic.net Specialties: Routing &

More information

ncircle PCI Compliance Report for Techno Kitchen Detail Report

ncircle PCI Compliance Report for Techno Kitchen Detail Report ncircle PCI Compliance Report for Techno Kitchen Detail Report Report Summary Scan Start Date 2010-04-30 19:25:42 UTC Scan End Date 2010-04-30 20:22:39 UTC Report Date 2010-04-30 20:22:55 UTC ASPL Version

More information

POODLE. Yoshiaki Kasahara Kyushu University kasahara@nc.kyushu-u.ac.jp. 2015/3/3 APAN 39th in Fukuoka 1

POODLE. Yoshiaki Kasahara Kyushu University kasahara@nc.kyushu-u.ac.jp. 2015/3/3 APAN 39th in Fukuoka 1 POODLE Yoshiaki Kasahara Kyushu University kasahara@nc.kyushu-u.ac.jp 2015/3/3 APAN 39th in Fukuoka 1 Summary POODLE: Padding Oracle On Downgraded Legacy Encryption Discovered in October 2014 by Google

More information

The Trivial Cisco IP Phones Compromise

The Trivial Cisco IP Phones Compromise Security analysis of the implications of deploying Cisco Systems SIP-based IP Phones model 7960 Ofir Arkin Founder The Sys-Security Group ofir@sys-security.com http://www.sys-security.com September 2002

More information

Payment Card Industry (PCI) Executive Report 08/04/2014

Payment Card Industry (PCI) Executive Report 08/04/2014 Payment Card Industry (PCI) Executive Report 08/04/2014 ASV Scan Report Attestation of Scan Compliance Scan Customer Information Approved Scanning Vendor Information Company: A.B. Yazamut Company: Qualys

More information

noway.toonux.com 09 January 2014

noway.toonux.com 09 January 2014 noway.toonux.com p3.7 10 noway.toonux.com 88.190.52.71 Debian Linux 0 CRITICAL 0 HIGH 5 MEDIUM 2 LOW Running Services Service Service Name Risk General Linux Kernel Medium 22/TCP OpenSSH 5.5p1 Debian 6+squeeze4

More information

Security Protocols/Standards

Security Protocols/Standards Security Protocols/Standards Security Protocols/Standards Security Protocols/Standards How do we actually communicate securely across a hostile network? Provide integrity, confidentiality, authenticity

More information

1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained

1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained home Network Vulnerabilities Detail Report Grouped by Vulnerability Report Generated by: Symantec NetRecon 3.5 Licensed to: X Serial Number: 0182037567 Machine Scanned from: ZEUS (192.168.1.100) Scan Date:

More information

Payment Card Industry (PCI) Executive Report 10/27/2015

Payment Card Industry (PCI) Executive Report 10/27/2015 Payment Card Industry (PCI) Executive Report 10/27/2015 ASV Scan Report Attestation of Scan Compliance Scan Customer Information Approved Scanning Vendor Information Company: Rural Computer Consultants

More information

ABC LTD EXTERNAL WEBSITE AND INFRASTRUCTURE IT HEALTH CHECK (ITHC) / PENETRATION TEST

ABC LTD EXTERNAL WEBSITE AND INFRASTRUCTURE IT HEALTH CHECK (ITHC) / PENETRATION TEST ABC LTD EXTERNAL WEBSITE AND INFRASTRUCTURE IT HEALTH CHECK (ITHC) / PENETRATION TEST Performed Between Testing start date and end date By SSL247 Limited SSL247 Limited 63, Lisson Street Marylebone London

More information

ASV Scan Report Vulnerability Details PRESTO BIZ

ASV Scan Report Vulnerability Details PRESTO BIZ ASV Scan Report Vulnerability Details PRESTO BIZ Scan Results Executive Summary PCI Compliance: Passing Scan Target: secure.prestomart.com Scan ID: 6060285 Start: 2015-03-14 05:00:01 Finish: 2015-03-14

More information

Overview. SSL Cryptography Overview CHAPTER 1

Overview. SSL Cryptography Overview CHAPTER 1 CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure

More information

Internet Mail Client Control Library SSL Supplement

Internet Mail Client Control Library SSL Supplement Codestone Ltd Internet Mail Client Control Library SSL Supplement Codestone Ltd 2004 Page 1 / 22 Welcome to the Internet Mail Client Control Library SSL Supplement we hope you will find the library to

More information

CS 356 Lecture 27 Internet Security Protocols. Spring 2013

CS 356 Lecture 27 Internet Security Protocols. Spring 2013 CS 356 Lecture 27 Internet Security Protocols Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists

More information

Scan Report Executive Summary. Part 2. Component Compliance Summary IP Address : 69.43.165.11

Scan Report Executive Summary. Part 2. Component Compliance Summary IP Address : 69.43.165.11 Scan Report Executive Summary Part 1. Scan Information Scan Customer Company: Date scan was completed: rsync.net ASV Company: Comodo CA Limited 06-02-2015 Scan expiration date: 08-31-2015 Part 2. Component

More information

Cyber Security Scan Report

Cyber Security Scan Report Scan Customer Information Scan Company Information Company: Example Name Company: SRC Security Research & Consulting GmbH Contact: Mr. Example Contact: Holger von Rhein : : Senior Consultant Telephone:

More information

Web Application Report

Web Application Report Web Application Report This report includes important security information about your Web Application. Security Report This report was created by IBM Rational AppScan 8.5.0.1 11/14/2012 8:52:13 AM 11/14/2012

More information

Is Your SSL Website and Mobile App Really Secure?

Is Your SSL Website and Mobile App Really Secure? Is Your SSL Website and Mobile App Really Secure? Agenda What is SSL / TLS SSL Vulnerabilities PC/Server Mobile Advice to the Public Hong Kong Computer Emergency Response Team Coordination Centre 香 港 電

More information

Automated Vulnerability Scan Results

Automated Vulnerability Scan Results Automated Vulnerability Scan Results Table of Contents Introduction...2 Executive Summary...3 Possible Vulnerabilities... 7 Host Information... 17 What Next?...20 1 Introduction The 'www.example.com' scan

More information

SSL/TLS: The Ugly Truth

SSL/TLS: The Ugly Truth SSL/TLS: The Ugly Truth Examining the flaws in SSL/TLS protocols, and the use of certificate authorities. Adrian Hayter CNS Hut 3 Team adrian.hayter@cnsuk.co.uk Contents Introduction to SSL/TLS Cryptography

More information

Specific recommendations

Specific recommendations Background OpenSSL is an open source project which provides a Secure Socket Layer (SSL) V2/V3 and Transport Layer Security (TLS) V1 implementation along with a general purpose cryptographic library. It

More information

Web Security Considerations

Web Security Considerations CEN 448 Security and Internet Protocols Chapter 17 Web Security Dr. Mostafa Hassan Dahshan Computer Engineering Department College of Computer and Information Sciences King Saud University mdahshan@ccis.ksu.edu.sa

More information

Chapter 7 Transport-Level Security

Chapter 7 Transport-Level Security Cryptography and Network Security Chapter 7 Transport-Level Security Lectured by Nguyễn Đức Thái Outline Web Security Issues Security Socket Layer (SSL) Transport Layer Security (TLS) HTTPS Secure Shell

More information

Configuring Secure Socket Layer (SSL)

Configuring Secure Socket Layer (SSL) 7 Configuring Secure Socket Layer (SSL) Contents Overview...................................................... 7-2 Terminology................................................... 7-3 Prerequisite for Using

More information

Vulnerabilità dei protocolli SSL/TLS

Vulnerabilità dei protocolli SSL/TLS Università degli Studi di Milano Facoltà di Scienze Matematiche, Fisiche e Naturali Dipartimento di Informatica e Comunicazione Vulnerabilità dei protocolli SSL/TLS Andrea Visconti Overview Introduction

More information

Network Security Essentials Chapter 5

Network Security Essentials Chapter 5 Network Security Essentials Chapter 5 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 5 Transport-Level Security Use your mentality Wake up to reality From the song, "I've Got

More information

External Vulnerability Assessment. -Technical Summary- ABC ORGANIZATION

External Vulnerability Assessment. -Technical Summary- ABC ORGANIZATION External Vulnerability Assessment -Technical Summary- Prepared for: ABC ORGANIZATI On March 9, 2008 Prepared by: AOS Security Solutions 1 of 13 Table of Contents Executive Summary... 3 Discovered Security

More information

3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol

3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol Chapter 2: Security Techniques Background Chapter 3: Security on Network and Transport Layer Network Layer: IPSec Transport Layer: SSL/TLS Chapter 4: Security on the Application Layer Chapter 5: Security

More information

Outline. Transport Layer Security (TLS) Security Protocols (bmevihim132)

Outline. Transport Layer Security (TLS) Security Protocols (bmevihim132) Security Protocols (bmevihim132) Dr. Levente Buttyán associate professor BME Híradástechnikai Tanszék Lab of Cryptography and System Security (CrySyS) buttyan@hit.bme.hu, buttyan@crysys.hu Outline - architecture

More information

Introduction. Purpose. Background. Details

Introduction. Purpose. Background. Details Introduction Recent media reports confirm that Secure Socket Layer (SSL) 3.0 is obsolete and insecure. This report provides guidance on how to ensure your communications use the more secure Transport Layer

More information

CS5008: Internet Computing

CS5008: Internet Computing CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is

More information

Certificate Management. PAN-OS Administrator s Guide. Version 7.0

Certificate Management. PAN-OS Administrator s Guide. Version 7.0 Certificate Management PAN-OS Administrator s Guide Version 7.0 Contact Information Corporate Headquarters: Palo Alto Networks 4401 Great America Parkway Santa Clara, CA 95054 www.paloaltonetworks.com/company/contact-us

More information

Transport Layer Security Protocols

Transport Layer Security Protocols SSL/TLS 1 Transport Layer Security Protocols Secure Socket Layer (SSL) Originally designed to by Netscape to secure HTTP Version 2 is being replaced by version 3 Subsequently became Internet Standard known

More information

Web Security. Mahalingam Ramkumar

Web Security. Mahalingam Ramkumar Web Security Mahalingam Ramkumar Issues Phishing Spreading misinformation Cookies! Authentication Domain name DNS Security Transport layer security Dynamic HTML Java applets, ActiveX, JavaScript Exploiting

More information

REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB

REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB Conducted: 29 th March 5 th April 2007 Prepared By: Pankaj Kohli (200607011) Chandan Kumar (200607003) Aamil Farooq (200505001) Network Audit Table of

More information

Network-Enabled Devices, AOS v.5.x.x. Content and Purpose of This Guide...1 User Management...2 Types of user accounts2

Network-Enabled Devices, AOS v.5.x.x. Content and Purpose of This Guide...1 User Management...2 Types of user accounts2 Contents Introduction--1 Content and Purpose of This Guide...........................1 User Management.........................................2 Types of user accounts2 Security--3 Security Features.........................................3

More information

Client Server Registration Protocol

Client Server Registration Protocol Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are

More information

Communication Systems SSL

Communication Systems SSL Communication Systems SSL Computer Science Organization I. Data and voice communication in IP networks II. Security issues in networking III. Digital telephony networks and voice over IP 2 Network Security

More information

SSL Interception Proxies. Jeff Jarmoc Sr. Security Researcher Dell SecureWorks. and Transitive Trust

SSL Interception Proxies. Jeff Jarmoc Sr. Security Researcher Dell SecureWorks. and Transitive Trust SSL Interception Proxies Jeff Jarmoc Sr. Security Researcher Dell SecureWorks and Transitive Trust About this talk History & brief overview of SSL/TLS Interception proxies How and Why Risks introduced

More information

Three attacks in SSL protocol and their solutions

Three attacks in SSL protocol and their solutions Three attacks in SSL protocol and their solutions Hong lei Zhang Department of Computer Science The University of Auckland zhon003@ec.auckland.ac.nz Abstract Secure Socket Layer (SSL) and Transport Layer

More information

What is Web Security? Motivation

What is Web Security? Motivation brucker@inf.ethz.ch http://www.brucker.ch/ Information Security ETH Zürich Zürich, Switzerland Information Security Fundamentals March 23, 2004 The End Users View The Server Providers View What is Web

More information

Security Protocols HTTPS/ DNSSEC TLS. Internet (IPSEC) Network (802.1x) Application (HTTP,DNS) Transport (TCP/UDP) Transport (TCP/UDP) Internet (IP)

Security Protocols HTTPS/ DNSSEC TLS. Internet (IPSEC) Network (802.1x) Application (HTTP,DNS) Transport (TCP/UDP) Transport (TCP/UDP) Internet (IP) Security Protocols Security Protocols Necessary to communicate securely across untrusted network Provide integrity, confidentiality, authenticity of communications Based on previously discussed cryptographic

More information

Internet Security [1] VU 184.216. Engin Kirda engin@infosys.tuwien.ac.at

Internet Security [1] VU 184.216. Engin Kirda engin@infosys.tuwien.ac.at Internet Security [1] VU 184.216 Engin Kirda engin@infosys.tuwien.ac.at Christopher Kruegel chris@auto.tuwien.ac.at Administration Challenge 2 deadline is tomorrow 177 correct solutions Challenge 4 will

More information

Appendix. Web Command Error Codes. Web Command Error Codes

Appendix. Web Command Error Codes. Web Command Error Codes Appendix Web Command s Error codes marked with * are received in responses from the FTP server, and then returned as the result of FTP command execution. -501 Incorrect parameter type -502 Error getting

More information

CA Performance Center

CA Performance Center CA Performance Center Single Sign-On User Guide 2.4 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is

More information

PowerChute TM Network Shutdown Security Features & Deployment

PowerChute TM Network Shutdown Security Features & Deployment PowerChute TM Network Shutdown Security Features & Deployment By David Grehan, Sarah Jane Hannon ABSTRACT PowerChute TM Network Shutdown (PowerChute) software works in conjunction with the UPS Network

More information

Using EMC Unisphere in a Web Browsing Environment: Browser and Security Settings to Improve the Experience

Using EMC Unisphere in a Web Browsing Environment: Browser and Security Settings to Improve the Experience Using EMC Unisphere in a Web Browsing Environment: Browser and Security Settings to Improve the Experience Applied Technology Abstract The Web-based approach to system management taken by EMC Unisphere

More information

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise

More information

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V2.0, JULY 2015 Multiple Layers of Protection Overview Password Salted-Hash Thank you

More information

Contents. Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008

Contents. Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008 Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008 Contents Authentication and Identity Assurance The Identity Assurance continuum Plain Password Authentication

More information

Vulnerability Scan 05 May 2015 at 08:58

Vulnerability Scan 05 May 2015 at 08:58 Vulnerability Scan 05 May 2015 at 08:58 URL : http://scantest.sentex.ca Summary: 1 vulnerabilities found 0 1 0 20 Apache Partial HTTP Request Denial of Service Vulnerability Zero Day Server accepts unnecessarily

More information

Network Security Web Security and SSL/TLS. Angelos Keromytis Columbia University

Network Security Web Security and SSL/TLS. Angelos Keromytis Columbia University Network Security Web Security and SSL/TLS Angelos Keromytis Columbia University Web security issues Authentication (basic, digest) Cookies Access control via network address Multiple layers SHTTP SSL (TLS)

More information

Communication Systems 16 th lecture. Chair of Communication Systems Department of Applied Sciences University of Freiburg 2009

Communication Systems 16 th lecture. Chair of Communication Systems Department of Applied Sciences University of Freiburg 2009 16 th lecture Chair of Communication Systems Department of Applied Sciences University of Freiburg 2009 1 25 Organization Welcome to the New Year! Reminder: Structure of Communication Systems lectures

More information

SENSE Security overview 2014

SENSE Security overview 2014 SENSE Security overview 2014 Abstract... 3 Overview... 4 Installation... 6 Device Control... 7 Enrolment Process... 8 Authentication... 9 Network Protection... 12 Local Storage... 13 Conclusion... 15 2

More information

Computer System Management: Hosting Servers, Miscellaneous

Computer System Management: Hosting Servers, Miscellaneous Computer System Management: Hosting Servers, Miscellaneous Amarjeet Singh October 22, 2012 Partly adopted from Computer System Management Slides by Navpreet Singh Logistics Any doubts on project/hypo explanation

More information

ENABLING RPC OVER HTTPS CONNECTIONS TO M-FILES SERVER

ENABLING RPC OVER HTTPS CONNECTIONS TO M-FILES SERVER M-FILES CORPORATION ENABLING RPC OVER HTTPS CONNECTIONS TO M-FILES SERVER VERSION 2.3 DECEMBER 18, 2015 Page 1 of 15 CONTENTS 1. Version history... 3 2. Overview... 3 2.1. System Requirements... 3 3. Network

More information

Secure Socket Layer (SSL) and Trnasport Layer Security (TLS)

Secure Socket Layer (SSL) and Trnasport Layer Security (TLS) Secure Socket Layer (SSL) and Trnasport Layer Security (TLS) CSE598K/CSE545 - Advanced Network Security Prof. McDaniel - Spring 2008 1 SSL/TLS The Secure Socket Layer (SSL) and Transport Layer Security

More information

Integrated SSL Scanning

Integrated SSL Scanning Software Version 9.0 Copyright Copyright 1996-2008. Finjan Software Inc. and its affiliates and subsidiaries ( Finjan ). All rights reserved. All text and figures included in this publication are the exclusive

More information

Real-Time Communication Security: SSL/TLS. Guevara Noubir noubir@ccs.neu.edu CSU610

Real-Time Communication Security: SSL/TLS. Guevara Noubir noubir@ccs.neu.edu CSU610 Real-Time Communication Security: SSL/TLS Guevara Noubir noubir@ccs.neu.edu CSU610 1 Some Issues with Real-time Communication Session key establishment Perfect Forward Secrecy Diffie-Hellman based PFS

More information

Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability

Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability WWW Based upon HTTP and HTML Runs in TCP s application layer Runs on top of the Internet Used to exchange

More information

Lab Exercise SSL/TLS. Objective. Step 1: Open a Trace. Step 2: Inspect the Trace

Lab Exercise SSL/TLS. Objective. Step 1: Open a Trace. Step 2: Inspect the Trace Lab Exercise SSL/TLS Objective To observe SSL/TLS (Secure Sockets Layer / Transport Layer Security) in action. SSL/TLS is used to secure TCP connections, and it is widely used as part of the secure web:

More information

Unifying Information Security. Implementing TLS on the CLEARSWIFT SECURE Email Gateway

Unifying Information Security. Implementing TLS on the CLEARSWIFT SECURE Email Gateway Unifying Information Security Implementing TLS on the CLEARSWIFT SECURE Email Gateway Contents 1 Introduction... 3 2 Understanding TLS... 4 3 Clearswift s Application of TLS... 5 3.1 Opportunistic TLS...

More information

ERserver. iseries. Securing applications with SSL

ERserver. iseries. Securing applications with SSL ERserver iseries Securing applications with SSL ERserver iseries Securing applications with SSL Copyright International Business Machines Corporation 2000, 2001. All rights reserved. US Government Users

More information

Secure Socket Layer (SSL) and Transport Layer Security (TLS)

Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Socket Layer (SSL) and Transport Layer Security (TLS) Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available

More information

Release Notes for Epilog for Windows Release Notes for Epilog for Windows v1.7/v1.8

Release Notes for Epilog for Windows Release Notes for Epilog for Windows v1.7/v1.8 Release Notes for Epilog for Windows v1.7/v1.8 InterSect Alliance International Pty Ltd Page 1 of 22 About this document This document provides release notes for Snare Enterprise Epilog for Windows release

More information

Integrated SSL Scanning

Integrated SSL Scanning Version 9.2 SSL Enhancements Copyright 1996-2008. Finjan Software Inc. and its affiliates and subsidiaries ( Finjan ). All rights reserved. All text and figures included in this publication are the exclusive

More information

CrashPlan Security SECURITY CONTEXT TECHNOLOGY

CrashPlan Security SECURITY CONTEXT TECHNOLOGY TECHNICAL SPECIFICATIONS CrashPlan Security CrashPlan is a continuous, multi-destination solution engineered to back up mission-critical data whenever and wherever it is created. Because mobile laptops

More information

WEB Security & SET. Outline. Web Security Considerations. Web Security Considerations. Secure Socket Layer (SSL) and Transport Layer Security (TLS)

WEB Security & SET. Outline. Web Security Considerations. Web Security Considerations. Secure Socket Layer (SSL) and Transport Layer Security (TLS) Outline WEB Security & SET (Chapter 19 & Stalling Chapter 7) Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction (SET) Web Security Considerations

More information

Overview of SSL. Outline. CSC/ECE 574 Computer and Network Security. Reminder: What Layer? Protocols. SSL Architecture

Overview of SSL. Outline. CSC/ECE 574 Computer and Network Security. Reminder: What Layer? Protocols. SSL Architecture OS Appl. CSC/ECE 574 Computer and Network Security Outline I. Overview II. The Record Protocol III. The Handshake and Other Protocols Topic 8.3 /TLS 1 2 Reminder: What Layer? Overview of 3 4 Protocols

More information

Security vulnerabilities in the Internet and possible solutions

Security vulnerabilities in the Internet and possible solutions Security vulnerabilities in the Internet and possible solutions 1. Introduction The foundation of today's Internet is the TCP/IP protocol suite. Since the time when these specifications were finished in

More information

Redirecting and modifying SMTP mail with TLS session renegotiation attacks

Redirecting and modifying SMTP mail with TLS session renegotiation attacks Business Unit or Product Name Redirecting and modifying SMTP mail with TLS session renegotiation attacks Wietse Venema Postfix mail server project www.postfix.org November 8, 2009 2003 IBM Corporation

More information

Configuring SSL Termination

Configuring SSL Termination CHAPTER 4 This chapter describes the steps required to configure a CSS as a virtual SSL server for SSL termination. It contains the following major sections: Overview of SSL Termination Creating an SSL

More information

Secure Socket Layer. Introduction Overview of SSL What SSL is Useful For

Secure Socket Layer. Introduction Overview of SSL What SSL is Useful For Secure Socket Layer Secure Socket Layer Introduction Overview of SSL What SSL is Useful For Introduction Secure Socket Layer (SSL) Industry-standard method for protecting web communications. - Data encryption

More information

Client logo placeholder XXX REPORT. Page 1 of 37

Client logo placeholder XXX REPORT. Page 1 of 37 Client logo placeholder XXX REPORT Page 1 of 37 Report Details Title Xxx Penetration Testing Report Version V1.0 Author Tester(s) Approved by Client Classification Confidential Recipient Name Title Company

More information

FileCloud Security FAQ

FileCloud Security FAQ is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file

More information

Dashlane Security Whitepaper

Dashlane Security Whitepaper Dashlane Security Whitepaper November 2014 Protection of User Data in Dashlane Protection of User Data in Dashlane relies on 3 separate secrets: The User Master Password Never stored locally nor remotely.

More information

SSL Server Rating Guide

SSL Server Rating Guide SSL Server Rating Guide version 2009j (20 May 2015) Copyright 2009-2015 Qualys SSL Labs (www.ssllabs.com) Abstract The Secure Sockets Layer (SSL) protocol is a standard for encrypted network communication.

More information

Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard Payment Card Industry (PCI) Data Security Standard Technical and Operational Requirements for Approved Scanning Vendors (ASVs) Version 1.1 Release: September 2006 Table of Contents Introduction...1-1 Naming

More information

Locking down a Hitachi ID Suite server

Locking down a Hitachi ID Suite server Locking down a Hitachi ID Suite server 2016 Hitachi ID Systems, Inc. All rights reserved. Organizations deploying Hitachi ID Identity and Access Management Suite need to understand how to secure its runtime

More information

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

Overview of CSS SSL. SSL Cryptography Overview CHAPTER CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers

More information

WHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats

WHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats WHITE PAPER FortiWeb and the OWASP Top 10 PAGE 2 Introduction The Open Web Application Security project (OWASP) Top Ten provides a powerful awareness document for web application security. The OWASP Top

More information

Architecture and Data Flow Overview. BlackBerry Enterprise Service 10 721-08877-123 Version: 10.2. Quick Reference

Architecture and Data Flow Overview. BlackBerry Enterprise Service 10 721-08877-123 Version: 10.2. Quick Reference Architecture and Data Flow Overview BlackBerry Enterprise Service 10 721-08877-123 Version: Quick Reference Published: 2013-11-28 SWD-20131128130321045 Contents Key components of BlackBerry Enterprise

More information

Web Security (SSL) Tecniche di Sicurezza dei Sistemi 1

Web Security (SSL) Tecniche di Sicurezza dei Sistemi 1 Web Security (SSL) Tecniche di Sicurezza dei Sistemi 1 How the Web Works - HTTP Hypertext transfer protocol (http). Clients request documents (or scripts) through URL. Server response with documents. Documents

More information

How to break in. Tecniche avanzate di pen testing in ambito Web Application, Internal Network and Social Engineering

How to break in. Tecniche avanzate di pen testing in ambito Web Application, Internal Network and Social Engineering How to break in Tecniche avanzate di pen testing in ambito Web Application, Internal Network and Social Engineering Time Agenda Agenda Item 9:30 10:00 Introduction 10:00 10:45 Web Application Penetration

More information

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 12 Applying Cryptography

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 12 Applying Cryptography Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography Objectives Define digital certificates List the various types of digital certificates and how they are used

More information