Home How-To

How-To

Three SSL/TLS Tools you need to know!

Not only when working on IT-Security related things but also for daily sysadmin stuff, it’s essential to have the right tool to do the job. Below are my three favorite tools I use when configuring, debugging and researching SSL/TLS related things. Let’s face it… with all these recent issues, it’s necessary to deal with SSL […]

Force Flash update by command line

Flash got an auto updater. It can however take some time until patches are detected and applied to the system. Especially for Flash 0-Day exploits, Flash updates can be critical and should be applied immediately. I leave it up to you how to auto-apply these forced updates to all your clients. Let’s get started! Forcing […]

Check autorun entries with VirusTotal – Autoruns v13

Version 13 of Autoruns which was release January 29, 2015 includes a very handy feature to check unknown autorun entries with Virustotal “automatically”. It’s integrated pretty well, you open Autoruns as usual and then just right-click and choose Check Virustotal:   After you agree to VirusTotals Terms of Service (yes, obviously a hash of the file […]

Turn off Nginx version display

By default Nginx likes to show it’s version in the reply header of every request and on error pages. It is important to turn off the nginx version disclosure in order to prevent attackers to find potential exploits for your nginx server version. While this is generally a problem, I suspect that the secure “do […]

“Secure” config for OpenSSH 6.6 Ubuntu 14.04

When using a standard Ubuntu1 14.04 installation, it will be configured half-way secure. However, to achieve no findings on vulnerability scanners like nessus, you’ll need to tweak the settings further. Another nice side-effect is, that attackers are usually using outdated systems which means that they’re not even able to get to the authentication part. Disable […]