Hey Friends, The upcoming releases of Google Chrome September 2018 time frame is said to no longer trust certain Symantec, Thawte, GeoTrust, and RapidSSL SSL/TLS certificates. Chrome users will see “Not secure” in the address bar when connecting to websites using a distrusted certificate. The folks over at Qualys wrote: “Google finalized their plans for […]
I recently retired my OpenVPN Turnkey appliance and needed to get my VPN solution up and running again. I decided to go with installing OpenVPN Access Server on a clean install of Ubuntu Server to create a stable and lightweight Virtual Private Network (VPN) to access my network. I chose to go with OpenVPN AS because […]
One of the teams I support had run into some issues. Spending a lot of time investigating code and possible configuration problems. What they later suspected to be a policy issue, possibly a firewall, network issues turned out to be something entirely different. Lets start with the symptoms: Service request to a secured site stopped functioning, […]
Here we are again with POODLE I’ve touched on it here: http://jermsmit.com/security-news-poodle-security-vulnerability/ Then secured up Apache here: http://jermsmit.com/secure-apache-httpd-from-poodle/ And even did some testing here: http://jermsmit.com/tech-short-lets-test-for-poodle-or-sslv3/ This time I am adding the steps used to secure-up some IIS Servers. Lets Start: *note* These steps apply to Server 2003, 2008, 2012 Requirements: Administrator Rights Registry Changes Reboot of Server Steps: […]
I was testing one of my SSL enabled sites after securing apache HTTPD from POODLE, when I noticed the following warning: The server does not support Forward Secrecy with the reference browsers To ensure I was operating at the best security level possible for my little site, I added the following to the apache2.conf (/etc/apache2/) […]