PCI Detailed Vulnerability Report

Size: px
Start display at page:

Download "PCI Detailed Vulnerability Report"

Transcription

1 PCI Detailed Vulnerability Report Scan Date: 03/03/ :28:47 Generated: 03/03/ :30: Clone Systems, Inc. All rights reserved

2 Table of Contents Part 1. Scan Information... 1 Part 2. Vulnerability Details... 1 Host IP: ( static.reverse.softlayer.com)... 1

3 Part 1. Scan Information Scan Customer Company: ASV Company: Clone Systems, Inc. Date scan was completed: 03/03/ :28:47 Scan expiration date: 06/01/ :28:47 Part 2. Vulnerability Details ( static.reverse.softlayer.com) Severity Compliance IP Address Level Status Details High Fail Application: ftp Port: 21 VATID: The remote FTP server is vulnerable to a FTP server bounce attack. It is possible to force the remote FTP server to connect to third parties using the PORT command. The problem allows intruders to use your network resources to scan other hosts, making them think the attack comes from your network. See the CERT advisory in the references for solutions and workarounds. CVSS Base Score : 7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P) CVSS Temporal Score : 6.2 (CVSS2#E:F/RL:OF/RC:C) Public Exploit Available : true The following command, telling the server to connect to on port 10794: PORT 169,254,54,182,42,42 produced the following output: 200 PORT command successful Proprietary and Confidential Page 1

4 CVE : CVE BID : 126 Other references : OSVDB: Medium Fail Application: ftp Port: 21 VATID: Anonymous logins are allowed on the remote FTP server. This FTP service allows anonymous logins. Any remote user may connect and authenticate without providing a password or unique credentials. This allows a user to access any files made available on the FTP server. Disable anonymous FTP if it is not required. Routinely check the FTP server to ensure sensitive content is not available. CVSS Base Score : 5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N) The contents of the remote FTP root are : drwxr-xr-x May \r drwxr-xr-x May \r drwxr-xr-x May pub CVE : CVE Other references : OSVDB: Low Pass Application: ftp Port: 21 VATID: Authentication credentials might be intercepted. The remote FTP server allows the user's name and password to be transmitted in clear text, which may be intercepted by a network sniffer or a man-in-the-middle attack. Switch to SFTP (part of the SSH suite) or FTPS (FTP over SSL/TLS). In the latter case, configure the server such that control connections are encrypted. Proprietary and Confidential Page 2

5 CVSS Base Score : 2.6 (CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N) This FTP server does not support 'AUTH TLS'. Other references : CWE:522, CWE: Low Pass Application: smtp Port: 25 VATID: The remote mail server allows cleartext logins. The remote host is running an SMTP server that advertises that it allows cleartext logins over unencrypted connections. An attacker may be able to uncover user names and passwords by sniffing traffic to the server if a less secure authentication mechanism (i.e. LOGIN or PLAIN) is used. Configure the service to support less secure authentication mechanisms only over an encrypted channel. CVSS Base Score : 2.6 (CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N) The SMTP server advertises the following SASL methods over an unencrypted channel : All supported methods : PLAIN, LOGIN Cleartext methods : PLAIN, LOGIN Low Pass Application: smtp Port: 25 VATID: An SMTP server is listening on the remote port. Proprietary and Confidential Page 3

6 The remote host is running a mail (SMTP) server on this port. Since SMTP servers are the targets of spammers, it is recommended you disable it if you do not use it. Disable this service if you do not use it, or filter incoming traffic to this port. Remote SMTP server banner : 220-rei.reinventingaging.org ESMTP Exim 4.69 #1 Sat, 03 Mar :23: \r 220-We do not authorize the use of this system to transport unsolicited, \r 220 and/or bulk Low Pass Application: imap Port: 143 VATID: The SSL certificate commonname does not match the host name. This service presents an SSL certificate for which the 'commonname' (CN) does not match the host name on which the service listens. If the machine has several names, make sure that users connect to the service through the DNS host name that matches the common name in the certificate. The host name known by Nessus is : static.reverse.softlayer.com The CommonName of the certificate is : dedi-image.hostgator.com Low Pass Application: imap Port: 143 VATID: The remote host allows resuming SSL sessions. This script detects whether a host allows resuming SSL sessions by Proprietary and Confidential Page 4

7 performing a full SSL handshake to receive a session ID, and then reconnecting with the previously used session ID. If the server accepts the session ID in the second connection, the server maintains a cache of sessions that can be resumed. This port supports resuming SSLv3/TLSv1 sessions Low Pass Application: imap Port: 143 VATID: The remote service encrypts communications using SSL. This script detects which SSL ciphers are supported by the remote service for encrypting communications. Here is the list of SSL ciphers supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1 DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES(128) Mac=SHA1 DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES(256) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1 AES128-SHA Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1 AES256-SHA Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Proprietary and Confidential Page 5

8 Enc={symmetric encryption method} Mac={message authentication code} {export flag} Note that this service does not encrypt traffic by default but does support upgrading to an encrypted connection using STARTTLS Low Pass Application: http Port: 80 VATID: A web server is running on the remote host. This plugin attempts to determine the type and the version of the remote web server. The remote web server type is : Apache and the 'ServerTokens' directive is ProductOnly Apache does not offer a way to hide the server type Low Pass Application: http Port: 80 VATID: This plugin determines which HTTP methods are allowed on various CGI directories. By calling the OPTIONS method, it is possible to determine which HTTP methods are allowed on each directory. As this list may be incomplete, the plugin also tests - if 'Thorough tests' are enabled or 'Enable web applications tests' is set to 'yes' in the scan policy - various known HTTP methods on each directory and considers them as unsupported if it receives a response code of 400, 403, 405, or 501. Note that the plugin output is only informational and does not necessarily indicate the presence of any security vulnerabilities. Proprietary and Confidential Page 6

9 Based on the response to an OPTIONS request : - HTTP methods GET HEAD OPTIONS POST are allowed on : / /sys_cpanel/images Based on tests of each method : - HTTP methods ACL BASELINE-CONTROL BCOPY BDELETE BMOVE BPROPFIND BPROPPATCH CHECKIN CHECKOUT COPY DEBUG DELETE GET HEAD INDEX LABEL LOCK MERGE MKACTIVITY MKWORKSPACE MOVE NOTIFY OPTIONS ORDERPATCH PATCH POLL POST PROPFIND PROPPATCH PUT REPORT RPC_IN_DATA RPC_OUT_DATA SEARCH SUBSCRIBE UNCHECKOUT UNLOCK UNSUBSCRIBE UPDATE VERSION-CONTROL X-MS-ENUMATTS are allowed on : /cgi-sys - HTTP methods GET HEAD OPTIONS POST are allowed on : / /sys_cpanel/images - Invalid/unknown HTTP methods are allowed on : /cgi-sys Low Pass Application: http Port: 80 VATID: Some information about the remote HTTP configuration can be extracted. This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive and HTTP pipelining are enabled, etc... This test is informational only and does not denote any security problem. Proprietary and Confidential Page 7

10 Protocol version : HTTP/1.1 SSL : no Keep-Alive : yes Options allowed : (Not implemented) Headers : Date: Sat, 03 Mar :26:53 GMT Server: Apache Last-Modified: Fri, 11 Nov :22:28 GMT ETag: " f-4b16b5ab0dd00" Accept-Ranges: bytes Content-Length: 111 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html Low Pass Application: general Port: 0 Protocol: udp VATID: It was possible to obtain traceroute information. Makes a traceroute to the remote host. For your information, here is the traceroute from to : Low Pass Application: general Port: 0 VATID: The remote service implements TCP timestamps. The remote host implements TCP timestamps, as defined by RFC1323. A side effect of this feature is that the uptime of the remote host can sometimes be computed. Proprietary and Confidential Page 8

11 Low Pass Application: general Port: 0 VATID: It was possible to resolve the name of the remote host. Nessus was able to resolve the FQDN of the remote host resolves as static.reverse.softlayer.com Low Pass Application: general Port: 0 VATID: It is possible to guess the remote operating system. Using a combination of remote probes, (TCP/IP, SMB, HTTP, NTP, SNMP, etc...) it is possible to guess the name of the remote operating system in use, and sometimes its version. N/A Remote operating system : Linux Kernel 2.6 Confidence Level : 70 Method : SinFP The remote host is running Linux Kernel Proprietary and Confidential Page 9

12 Low Pass Application: smtp Port: 25 VATID: The remote mail server supports authentication. The remote SMTP server advertises that it supports authentication. Review the list of methods and whether they're available over an encrypted channel. The following authentication methods are advertised by the SMTP server without encryption : LOGIN PLAIN Low Pass Application: general Port: 0 VATID: It is possible to enumerate CPE names that matched on the remote system. By using information obtained from a Nessus scan, this plugin reports CPE (Common Platform Enumeration) matches for various hardware and software products found on a host. Note that if an official CPE is not available for the product, this plugin computes the best possible CPE based on the information available from the scan. Proprietary and Confidential Page 10

13 The remote operating system matched the following CPE : cpe:/o:linux:linux_kernel:2.6 Following application CPE matched on the remote system : cpe:/a:isc:bind:9.3.6:p Low Pass Application: ftp Port: 21 VATID: An FTP server is listening on this port. It is possible to obtain the banner of the remote FTP server by connecting to the remote port. N/A The remote FTP banner is : Welcome to Pure-FTPd [privsep] [TLS] \r 220-You are user number 1 of 50 allowed.\r 220-Local time is now 08:20. Server port: 21.\r 220-IPv6 connections are also welcome on this server.\r 220 You will be disconnected after 15 minutes of inactivity Low Pass Application: ftp Port: 21 VATID: The remote directory service supports encrypting traffic. The remote FTP service supports the use of the 'AUTH TLS' command to switch from a plaintext to an encrypted communications channel. Proprietary and Confidential Page 11

14 The remote FTP service responded to the 'AUTH TLS' command with a '234' response code, suggesting that it supports that command. However, Nessus failed to negotiate a TLS connection or get the associated SSL certificate, perhaps because of a network connectivity problem or the service requires a peer certificate as part of the negotiation Low Pass Application: domain Port: 53 Protocol: udp VATID: A DNS server is listening on the remote host. The remote service is a Domain Name System (DNS) server, which provides a mapping between hostnames and IP addresses. Disable this service if it is not needed or restrict access to internal hosts only if the service is available externally Low Pass Application: domain Port: 53 Protocol: udp VATID: The DNS server discloses the remote host name. It is possible to learn the remote host name by querying the remote DNS server for 'hostname.bind' in the CHAOS domain. It may be possible to disable this feature. Consult the vendor's documentation for more information. Proprietary and Confidential Page 12

15 The remote host name is : rei.reinventingaging.org Low Pass Application: domain Port: 53 Protocol: udp VATID: It is possible to obtain the version number of the remote DNS server. The remote host is running BIND or another DNS server that reports its version number when it receives a special request, for the text 'version.bind' in the domain 'chaos'. This version is not necessarily accurate and could even be forged, as some DNS servers send the information based on a configuration file. It is possible to hide the version number of bind by using the 'version' directive in the 'options' section in named.conf The version of the remote DNS server is : P1-RedHat P1.el5_7.1 Other references : OSVDB: Low Pass Application: domain Port: 53 VATID: A DNS server is listening on the remote host. The remote service is a Domain Name System (DNS) server, which provides a mapping between hostnames and IP addresses. Disable this service if it is not needed or restrict access to Proprietary and Confidential Page 13

16 internal hosts only if the service is available externally Low Pass Application: pop3 Port: 110 VATID: The remote mail service supports encrypting traffic. The remote POP3 service supports the use of the 'STLS' command to switch from a plaintext to an encrypted communications channel. Here is the POP3 server's SSL certificate that Nessus was able to collect after sending a 'STLS' command : snip Subject Name: Country: US State/Province: Unknown Locality: Unknown Organization: Unknown Organization Unit: Unknown Common Name: dedi-image.hostgator.com Address: ssl@dedi-image.hostgator.com Issuer Name: Country: US State/Province: Unknown Locality: Unknown Organization: Unknown Organization Unit: Unknown Common Name: dedi-image.hostgator.com Address: ssl@dedi-image.hostgator.com Serial Number: 01 C9 6D A0 84 Version: 3 Proprietary and Confidential Page 14

17 Signature Algorithm: SHA-1 With RSA Encryption Not Valid Before: Dec 19 06:02: GMT Not Valid After: Dec 18 06:02: GMT Public Key Info: Algorithm: RSA Encryption Public Key: 00 D7 77 AE C8 85 F9 FA 0B 3D 30 C9 8A 80 FA C5 F D1 3A D5 39 A0 7E 6E 4D A9 3B A 8C 6A CA D7 E1 04 3D A7 BD 87 A4 AE 9D D9 22 2F C5 BE E C1 B5 EC 62 8D F4 11 6A E4 FE 5D 9C A 71 E4 4D AE 8B E B3 E6 35 1D 92 B5 B7 42 6D 51 0A 0D 63 B2 96 A9 EF 04 A1 A D8 0E D1 AA BC 25 AA E0 2A 89 5E 56 AF 7A 58 4E 7A 41 A1 8B AC D3 F7 D3 6C EA B7 60 D7 CB AB 79 B1 A1 9B 48 3C 25 DC 34 BB 1C 0B B6 40 F7 7B B8 D F A 75 4E 9B FF AF B8 7F E2 C C5 D6 32 9B FB E5 85 F0 1C B9 61 3C D A E E0 3F E3 C0 A8 F9 F4 98 7D 23 B6 E0 BD AD 0C DA B2 A6 0A BB D8 8C AA FC 00 8F AC 7D 7D 2E 4A 6C A6 27 CC F9 Exponent: Signature: EF FF 20 7F 96 2D 40 E7 C3 5C B4 4B 5C E 47 1E 7A F9 88 F1 1D 2B B9 2B F C2 DD C7 D1 10 3C A2 72 1A 79 AE 96 B9 58 E4 4A 09 0C D4 C9 2F B6 0D 5A AF 6A 7A 89 6B B1 D9 80 C1 1E 47 7C D DB F 16 A3 47 B3 62 5D 4E E7 8E 66 F9 9C C D D0 D4 CC 6B 3F E8 45 D1 AB 29 8D 3B 64 DA F 55 F2 2B 33 F F A 7D E B6 48 ED AE E3 5A 9A 0A E4 64 B9 5D 87 1C BB DA AC B C 96 B9 2D 0E E9 24 D9 37 E9 6E 4F E9 6A A 67 9D FE 70 2C D0 00 8F 63 FC 83 AF 7C E3 ED 1A CC 0A 1D D D8 D0 9F C6 03 C3 68 E3 78 A7 DD E3 2E 64 F6 B8 C6 FB A8 6D 69 AD 62 BF A 51 5F B1 42 FC DD 05 Extension: Subject Key Identifier ( ) Critical: 0 Subject Key Identifier: C2 A BF 3D FC 9E E4 D7 C3 94 F1 D3 E3 79 E7 51 Extension: Authority Key Identifier ( ) Critical: 0 Extension: Basic Constraints ( ) Critical: snip Low Pass Application: pop3 Port: Proprietary and Confidential Page 15

18 VATID: A POP server is listening on the remote port. The remote host is running a server that understands the Post Office Protocol (POP), used by clients to retrieve messages from a server, possibly across a network link. Disable this service if you do not use it. Remote POP server banner : +OK Dovecot ready Low Pass Application: pop3 Port: 110 VATID: The SSL certificate commonname does not match the host name. This service presents an SSL certificate for which the 'commonname' (CN) does not match the host name on which the service listens. If the machine has several names, make sure that users connect to the service through the DNS host name that matches the common name in the certificate. The host name known by Nessus is : static.reverse.softlayer.com The CommonName of the certificate is : dedi-image.hostgator.com Low Pass Application: pop3 Port: 110 VATID: Proprietary and Confidential Page 16

19 The remote service encrypts communications using SSL. This script detects which SSL ciphers are supported by the remote service for encrypting communications. Here is the list of SSL ciphers supported by the remote server : High Strength Ciphers (>= 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1 DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES(128) Mac=SHA1 DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES(256) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1 AES128-SHA Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1 AES256-SHA Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} Note that this service does not encrypt traffic by default but does support upgrading to an encrypted connection using STARTTLS Low Pass Application: imap Port: 143 VATID: An IMAP server is running on the remote host. An IMAP (Internet Message Access Protocol) server is installed and running on the remote host. Proprietary and Confidential Page 17

20 The remote imap server banner is : * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready Low Pass Application: imap Port: 143 VATID: The remote mail service supports encrypting traffic. The remote IMAP service supports the use of the 'STARTTLS' command to switch from a plaintext to an encrypted communications channel. Here is the IMAP server's SSL certificate that Nessus was able to collect after sending a 'STARTTLS' command : snip Subject Name: Country: US State/Province: Unknown Locality: Unknown Organization: Unknown Organization Unit: Unknown Common Name: dedi-image.hostgator.com Address: ssl@dedi-image.hostgator.com Issuer Name: Country: US State/Province: Unknown Proprietary and Confidential Page 18

21 Locality: Unknown Organization: Unknown Organization Unit: Unknown Common Name: dedi-image.hostgator.com Address: Serial Number: 01 C9 6D A0 84 Version: 3 Signature Algorithm: SHA-1 With RSA Encryption Not Valid Before: Dec 19 06:02: GMT Not Valid After: Dec 18 06:02: GMT Public Key Info: Algorithm: RSA Encryption Public Key: 00 D7 77 AE C8 85 F9 FA 0B 3D 30 C9 8A 80 FA C5 F D1 3A D5 39 A0 7E 6E 4D A9 3B A 8C 6A CA D7 E1 04 3D A7 BD 87 A4 AE 9D D9 22 2F C5 BE E C1 B5 EC 62 8D F4 11 6A E4 FE 5D 9C A 71 E4 4D AE 8B E B3 E6 35 1D 92 B5 B7 42 6D 51 0A 0D 63 B2 96 A9 EF 04 A1 A D8 0E D1 AA BC 25 AA E0 2A 89 5E 56 AF 7A 58 4E 7A 41 A1 8B AC D3 F7 D3 6C EA B7 60 D7 CB AB 79 B1 A1 9B 48 3C 25 DC 34 BB 1C 0B B6 40 F7 7B B8 D F A 75 4E 9B FF AF B8 7F E2 C C5 D6 32 9B FB E5 85 F0 1C B9 61 3C D A E E0 3F E3 C0 A8 F9 F4 98 7D 23 B6 E0 BD AD 0C DA B2 A6 0A BB D8 8C AA FC 00 8F AC 7D 7D 2E 4A 6C A6 27 CC F9 Exponent: Signature: EF FF 20 7F 96 2D 40 E7 C3 5C B4 4B 5C E 47 1E 7A F9 88 F1 1D 2B B9 2B F C2 DD C7 D1 10 3C A2 72 1A 79 AE 96 B9 58 E4 4A 09 0C D4 C9 2F B6 0D 5A AF 6A 7A 89 6B B1 D9 80 C1 1E 47 7C D DB F 16 A3 47 B3 62 5D 4E E7 8E 66 F9 9C C D D0 D4 CC 6B 3F E8 45 D1 AB 29 8D 3B 64 DA F 55 F2 2B 33 F F A 7D E B6 48 ED AE E3 5A 9A 0A E4 64 B9 5D 87 1C BB DA AC B C 96 B9 2D 0E E9 24 D9 37 E9 6E 4F E9 6A A 67 9D FE 70 2C D0 00 8F 63 FC 83 AF 7C E3 ED 1A CC 0A 1D D D8 D0 9F C6 03 C3 68 E3 78 A7 DD E3 2E 64 F6 B8 C6 FB A8 6D 69 AD 62 BF A 51 5F B1 42 FC DD 05 Extension: Subject Key Identifier ( ) Critical: 0 Subject Key Identifier: C2 A BF 3D FC 9E E4 D7 C3 94 F1 D3 E3 79 E7 51 Extension: Authority Key Identifier ( ) Proprietary and Confidential Page 19

22 Critical: 0 Extension: Basic Constraints ( ) Critical: snip CONFIDENTIALITY: This (including any attachments) may contain confidential, proprietary and privileged information. Unauthorized disclosure or use is prohibited. If you received this in error, please notify the sender and delete this from your system. Proprietary and Confidential Page 20

Scan Time Start time : Fri May 14 19:16: End time : Fri May 14 19:18:

Scan Time Start time : Fri May 14 19:16: End time : Fri May 14 19:18: 1 / 37 List of hosts 192.168.1.10 192.168.1.10 Scan Time Start time : Fri May 14 19:16:46 2010 End time : Fri May 14 19:18:24 2010 Medium Severity problem(s) found [^] Back Number of vulnerabilities Open

More information

Scan Results - ( Essentials - Onsharp )

Scan Results -   ( Essentials - Onsharp ) Scan Results - www.onsharp.com ( Essentials - Onsharp ) Overview Open Ports (18) Scan ID: 7675527 Target: www.onsharp.com Max Score: 2.6 Compliance: Passing PCI compliance, Expires undefined Profile: 15

More information

Scan Report Executive Summary. Part 2. Component Compliance Summary IP Address :

Scan Report Executive Summary. Part 2. Component Compliance Summary IP Address : Scan Report Executive Summary Part 1. Scan Information Scan Customer Company: Date scan was completed: Vin65 ASV Company: Comodo CA Limited 03/18/2015 Scan expiration date: 06/16/2015 Part 2. Component

More information

Nessus Scan Report. Hosts Summary (Executive) Hosts Summary (Executive) Mon, 15 May :27:44 EDT

Nessus Scan Report. Hosts Summary (Executive) Hosts Summary (Executive) Mon, 15 May :27:44 EDT Nessus Scan Report Mon, 15 May 2017 15:27:44 EDT Table Of Contents Hosts Summary (Executive) 192.168.168.134 Hosts Summary (Executive) [-] Collapse All [+] Expand All 192.168.168.134 Summary Critical High

More information

Scan Report Executive Summary. Part 2. Component Compliance Summary Component (IP Address, domain, etc.):

Scan Report Executive Summary. Part 2. Component Compliance Summary Component (IP Address, domain, etc.): Scan Report Executive Summary Part 1. Scan Information Scan Customer Company: Date scan was completed: Vin65 ASV Company: Comodo CA Limited 02/18/2018 Scan expiration date: 05/19/2018 Part 2. Component

More information

Payment Card Industry (PCI) Executive Report 11/01/2016

Payment Card Industry (PCI) Executive Report 11/01/2016 Payment Card Industry (PCI) Executive Report 11/01/2016 ASV Scan Report Attestation of Scan Compliance Scan Customer Information Approved Scanning Vendor Information Company: Rural Computer Consultants

More information

Scan Report Executive Summary

Scan Report Executive Summary Scan Report Executive Summary Part 1. Scan Information Scan Customer Company: Date scan was completed: Vin65 ASV Company: Comodo CA Limited 08/28/2017 Scan expiration date: 11/26/2017 Part 2. Component

More information

Scan Report Executive Summary

Scan Report Executive Summary Scan Report Executive Summary Part 1. Scan Information Scan Customer Company: Date scan was completed: Vin65 ASV Company: Comodo CA Limited 11/20/2017 Scan expiration date: 02/18/2018 Part 2. Component

More information

Findings for

Findings for Findings for 198.51.100.23 Scan started: 2017-07-11 12:30 UTC Scan ended: 2017-07-11 12:39 UTC Overview Medium: Port 443/tcp - NEW Medium: Port 443/tcp - NEW Medium: Port 443/tcp - NEW Medium: Port 80/tcp

More information

CIS-331 Exam 2 Fall 2015 Total of 105 Points Version 1

CIS-331 Exam 2 Fall 2015 Total of 105 Points Version 1 Version 1 1. (20 Points) Given the class A network address 117.0.0.0 will be divided into multiple subnets. a. (5 Points) How many bits will be necessary to address 4,000 subnets? b. (5 Points) What is

More information

Payment Card Industry (PCI) Executive Report 11/07/2017

Payment Card Industry (PCI) Executive Report 11/07/2017 Payment Card Industry (PCI) Executive Report 11/07/2017 ASV Scan Report Attestation of Scan Compliance A1. Scan Customer Information A2. Approved Scanning Vendor Information Company: Allied Collection

More information

CIS-331 Fall 2013 Exam 1 Name: Total of 120 Points Version 1

CIS-331 Fall 2013 Exam 1 Name: Total of 120 Points Version 1 Version 1 1. (24 Points) Show the routing tables for routers A, B, C, and D. Make sure you account for traffic to the Internet. NOTE: Router E should only be used for Internet traffic. Router A Router

More information

Scan Report Executive Summary. Part 2. Component Compliance Summary Component (IP Address, domain, etc.):ekk.worldtravelink.com

Scan Report Executive Summary. Part 2. Component Compliance Summary Component (IP Address, domain, etc.):ekk.worldtravelink.com Scan Report Executive Summary Part 1. Scan Information Scan Customer Company: Date scan was completed: Travolutionary ASV Company: Comodo CA Limited 10-03-2018 Scan expiration date: 01-01-2019 Part 2.

More information

ID: Cookbook: urldownload.jbs Time: 23:23:00 Date: 11/01/2018 Version:

ID: Cookbook: urldownload.jbs Time: 23:23:00 Date: 11/01/2018 Version: ID: 42417 Cookbook: urldownload.jbs Time: 23:23:00 Date: 11/01/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature

More information

TLS 1.2 Protocol Execution Transcript

TLS 1.2 Protocol Execution Transcript Appendix C TLS 1.2 Protocol Execution Transcript In Section 2.3, we overviewed a relatively simple protocol execution transcript for SSL 3.0. In this appendix, we do something similar for TLS 1.2. Since

More information

CIS-331 Spring 2016 Exam 1 Name: Total of 109 Points Version 1

CIS-331 Spring 2016 Exam 1 Name: Total of 109 Points Version 1 Version 1 Instructions Write your name on the exam paper. Write your name and version number on the top of the yellow paper. Answer Question 1 on the exam paper. Answer Questions 2-4 on the yellow paper.

More information

Scan Report Executive Summary

Scan Report Executive Summary Scan Report Executive Summary Part 1. Scan Information Scan Customer Company: Date scan was completed: WineDirect ASV Company: Comodo CA Limited 10/11/2018 Scan expiration date: 01/09/2019 Part 2. Summary

More information

CIS-331 Fall 2014 Exam 1 Name: Total of 109 Points Version 1

CIS-331 Fall 2014 Exam 1 Name: Total of 109 Points Version 1 Version 1 1. (24 Points) Show the routing tables for routers A, B, C, and D. Make sure you account for traffic to the Internet. Router A Router B Router C Router D Network Next Hop Next Hop Next Hop Next

More information

CIS-331 Exam 2 Spring 2016 Total of 110 Points Version 1

CIS-331 Exam 2 Spring 2016 Total of 110 Points Version 1 Version 1 1. (20 Points) Given the class A network address 121.0.0.0 will be divided into multiple subnets. a. (5 Points) How many bits will be necessary to address 8,100 subnets? b. (5 Points) What is

More information

HOWTO: Setup FTP with TLS support

HOWTO: Setup FTP with TLS support HOWTO: Setup FTP with TLS support Contributed by Michael Felt HOWTO setup AIX FTPD for TLS sessions In this article I shall resolve a new fallacies about AIX FTP and TLS connections Fallacy #1: Hard to

More information

Release note Tornaborate

Release note Tornaborate Release note 1.2.6 Tornaborate 2015-09-10 Contents 1 Summary 4 2 Additional important information about this release 5 3 Upgrade 6 3.1 Prerequisites................................... 6 3.2 How to apply

More information

4. Specifications and Additional Information

4. Specifications and Additional Information 4. Specifications and Additional Information AGX52004-1.0 8B/10B Code This section provides information about the data and control codes for Arria GX devices. Code Notation The 8B/10B data and control

More information

CIS-331 Exam 2 Fall 2014 Total of 105 Points. Version 1

CIS-331 Exam 2 Fall 2014 Total of 105 Points. Version 1 Version 1 1. (20 Points) Given the class A network address 119.0.0.0 will be divided into a maximum of 15,900 subnets. a. (5 Points) How many bits will be necessary to address the 15,900 subnets? b. (5

More information

Administrator's Guide

Administrator's Guide Administrator's Guide Contents Administrator's Guide... 7 Using Web Config Network Configuration Software... 8 About Web Config... 8 Accessing Web Config... 8 Changing the Administrator Password in Web

More information

Overview of SSL/TLS. Luke Anderson. 12 th May University Of Sydney.

Overview of SSL/TLS. Luke Anderson. 12 th May University Of Sydney. Overview of SSL/TLS Luke Anderson luke@lukeanderson.com.au 12 th May 2017 University Of Sydney Overview 1. Introduction 1.1 Raw HTTP 1.2 Introducing SSL/TLS 2. Certificates 3. Attacks Introduction Raw

More information

SEEM4540 Open Systems for E-Commerce Lecture 03 Internet Security

SEEM4540 Open Systems for E-Commerce Lecture 03 Internet Security SEEM4540 Open Systems for E-Commerce Lecture 03 Internet Security Consider 2. Based on DNS, identified the IP address of www.cuhk.edu.hk is 137.189.11.73. 1. Go to http://www.cuhk.edu.hk 3. Forward the

More information

Payment Card Industry (PCI) Technical Report 11/07/2017

Payment Card Industry (PCI) Technical Report 11/07/2017 Payment Card Industry (PCI) Technical Report 11/07/2017 ASV Scan Report Attestation of Scan Compliance A1. Scan Customer Information A2. Approved Scanning Vendor Information Company: Allied Collection

More information

Protecting MySQL network traffic. Daniël van Eeden 25 April 2017

Protecting MySQL network traffic. Daniël van Eeden 25 April 2017 Protecting MySQL network traffic Daniël van Eeden 25 April 2017 Booking.com at a glance Started in 1996; still based in Amsterdam Member of the Priceline Group since 2005 (stock: PCLN) Amazing growth;

More information

Merchant Certificate of Compliance

Merchant Certificate of Compliance Merchant Certificate of Compliance Awarded To: Consolid S.R.L. (55504923) Self - Assessment Questionnaire Passed: SAQ D, v3.2r1.1 Date Awarded: 03/01/2018 Most Recent Scan Date: 06/04/2018 Certificate

More information

SMTP [in]security. Ian Foster Jon Larson

SMTP [in]security. Ian Foster Jon Larson SMTP [in]security Ian Foster Jon Larson Goals 1. Does the global email system currently provide security against passive adversary (eavesdropper)? 2. Against an active adversary (man in the middle)? Brief

More information

Lab 5 Nessus Vulnerability Scan Report

Lab 5 Nessus Vulnerability Scan Report Lab 5 Nessus Vulnerability Scan Report This handout is a printout of the results of a Nessus vulnerability scan. The scan was performed on the mock IT infrastructure in the lab environment for the Jones

More information

Scan Report Executive Summary

Scan Report Executive Summary Scan Report Executive Summary Part 1. Scan Information Scan Customer Company: Date scan was completed: Vin65 ASV Company: Comodo CA Limited 06/08/2018 Scan expiration date: 09/06/2018 Part 2. Component

More information

HP Instant Support Enterprise Edition (ISEE) Security overview

HP Instant Support Enterprise Edition (ISEE) Security overview HP Instant Support Enterprise Edition (ISEE) Security overview Advanced Configuration A.03.50 Mike Brandon Interex 03 / 30, 2004 2003 Hewlett-Packard Development Company, L.P. The information contained

More information

Triple DES and AES 192/256 Implementation Notes

Triple DES and AES 192/256 Implementation Notes Triple DES and AES 192/256 Implementation Notes Sample Password-to-Key and KeyChange results of Triple DES and AES 192/256 implementation For InterWorking Labs customers who require detailed information

More information

Verify certificate chain with OpenSSL

Verify certificate chain with OpenSSL Verify certificate chain with OpenSSL 1 / 5 Author : Tobias Hofmann Date : February 18, 2016 A good TLS setup includes providing a complete certificate chain to your clients. This means that your web server

More information

Produced by. Mobile Application Development. Higher Diploma in Science in Computer Science. Eamonn de Leastar

Produced by. Mobile Application Development. Higher Diploma in Science in Computer Science. Eamonn de Leastar Mobile Application Development Higher Diploma in Science in Computer Science Produced by Eamonn de Leastar (edeleastar@wit.ie) Department of Computing, Maths & Physics Waterford Institute of Technology

More information

CISCO EXAM QUESTIONS & ANSWERS

CISCO EXAM QUESTIONS & ANSWERS CISCO 300-206 EXAM QUESTIONS & ANSWERS Number: 300-206 Passing Score: 800 Time Limit: 120 min File Version: 35.2 http://www.gratisexam.com/ Exam Code: 300-206 Exam Name: Implementing Cisco Edge Network

More information

CN Assignment I. 1. With an example explain how cookies are used in e-commerce application to improve the performance.

CN Assignment I. 1. With an example explain how cookies are used in e-commerce application to improve the performance. CN Assignment I 1. With an example explain how cookies are used in e-commerce application to improve the performance. In an e-commerce application, when the user sends a login form to the server, the server

More information

CIS-331 Final Exam Spring 2018 Total of 120 Points. Version 1

CIS-331 Final Exam Spring 2018 Total of 120 Points. Version 1 Version 1 Instructions 1. Write your name and version number on the top of the yellow paper and the routing tables sheet. 2. Answer Question 2 on the routing tables sheet. 3. Answer Questions 1, 3, 4,

More information

Administrator's Guide

Administrator's Guide Administrator's Guide Contents Administrator's Guide... 7 Using Web Config Network Configuration Software... 8 About Web Config... 8 Accessing Web Config... 8 Changing the Administrator Password in Web

More information

ZN-DN312XE-M Quick User Guide

ZN-DN312XE-M Quick User Guide ZN-DN312XE-M Quick User Guide This manual provides instructions for quick installation and basic configuration of your IP device. Step1. Connect cables to IP device Connect required cables to the device

More information

Fun with Certifictee Oitober 20, 2018

Fun with Certifictee Oitober 20, 2018 bc - an arbitrary precision calculator language Windows: http://gnuwin32.sourceforge.net/packages/bc.htm macos: should come built in Linux: should come built in Flags: -l : uses mathlib libraries and makes

More information

Managing Administrative Security

Managing Administrative Security 5 CHAPTER 5 Managing Administrative Security This chapter describes how to manage administrative security by using the secure administration feature. This chapter assumes that you are familiar with security

More information

Comprehensive Setup Guide for TLS on ESA

Comprehensive Setup Guide for TLS on ESA Comprehensive Setup Guide for TLS on ESA Contents Introduction Prerequisites Requirements Components Used Background Information Functional Overview and Requirements Bring Your Own Certificate Update a

More information

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York University artg@cs.nyu.edu Security Achieved by

More information

Fortinet.Certdumps.FCESP.v by.Zocki.81q. Exam Code: FCESP. Exam Name: Fortinet Certified Security Professional

Fortinet.Certdumps.FCESP.v by.Zocki.81q. Exam Code: FCESP. Exam Name: Fortinet Certified  Security Professional Fortinet.Certdumps.FCESP.v2014-03-05.by.Zocki.81q Number: FCESP Passing Score: 600 Time Limit: 105 min File Version: 18.5 http://www.gratisexam.com/ Exam Code: FCESP Exam Name: Fortinet Certified Email

More information

Configuring SSL. SSL Overview CHAPTER

Configuring SSL. SSL Overview CHAPTER 7 CHAPTER This topic describes the steps required to configure your ACE appliance as a virtual Secure Sockets Layer (SSL) server for SSL initiation or termination. The topics included in this section are:

More information

CIS-331 Final Exam Spring 2015 Total of 115 Points. Version 1

CIS-331 Final Exam Spring 2015 Total of 115 Points. Version 1 Version 1 1. (25 Points) Given that a frame is formatted as follows: And given that a datagram is formatted as follows: And given that a TCP segment is formatted as follows: Assuming no options are present

More information

CIT 480: Securing Computer Systems

CIT 480: Securing Computer Systems CIT 480: Securing Computer Systems Scanning CIT 480: Securing Computer Systems Slide #1 Topics 1. Port Scanning 2. Stealth Scanning 3. Version Identification 4. OS Fingerprinting CIT 480: Securing Computer

More information

IPv6 Support for LDAP

IPv6 Support for LDAP The Lightweight Directory Access Protocol (LDAP) is an application protocol for accessing and maintaining distributed directory information services over an IP network. The feature module describes the

More information

Security in Bomgar Remote Support

Security in Bomgar Remote Support Security in Bomgar Remote Support 2018 Bomgar Corporation. All rights reserved worldwide. BOMGAR and the BOMGAR logo are trademarks of Bomgar Corporation; other trademarks shown are the property of their

More information

ASA AnyConnect Double Authentication with Certificate Validation, Mapping, and Pre Fill Configuration Guide

ASA AnyConnect Double Authentication with Certificate Validation, Mapping, and Pre Fill Configuration Guide ASA AnyConnect Double Authentication with Certificate Validation, Mapping, and Pre Fill Configuration Guide Document ID: 116111 Contributed by Michal Garcarz, Cisco TAC Engineer. Jun 13, 2013 Contents

More information

Transport Level Security

Transport Level Security 2 Transport Level Security : Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l12, Steve/Courses/2013/s2/css322/lectures/transport.tex,

More information

Managing External Identity Sources

Managing External Identity Sources CHAPTER 5 The Cisco Identity Services Engine (Cisco ISE) integrates with external identity sources to validate credentials in user authentication functions, and to retrieve group information and other

More information

Sentry Power Manager (SPM) Software Security

Sentry Power Manager (SPM) Software Security Sentry Power Manager (SPM) Software Security Purpose This technical note is a detailed review of the security areas of the SPM enterprise software product, version 6.0 and greater, and provides a brief

More information

Citrix XenApp and XenDesktop 7.6 LTSR FIPS Sample Deployments

Citrix XenApp and XenDesktop 7.6 LTSR FIPS Sample Deployments Citrix XenApp and XenDesktop 7.6 LTSR FIPS 140-2 Sample Deployments Table of contents Introduction... 2 Audience... 2 Security features introduced in XenApp and XenDesktop 7.6 LTSR... 2 FIPS 140-2 with

More information

Configuring Health Monitoring

Configuring Health Monitoring CHAPTER1 This chapter describes how to configure health monitoring on the ACE to track the state of a server by sending out probes. Also referred to as out-of-band health monitoring, the ACE verifies the

More information

Content and Purpose of This Guide... 1 User Management... 2

Content and Purpose of This Guide... 1 User Management... 2 Contents Introduction--1 Content and Purpose of This Guide........................... 1 User Management........................................ 2 Security--3 Security Features.........................................

More information

Information Security CS 526

Information Security CS 526 Information Security CS 526 Topic 14: Key Distribution & Agreement, Secure Communication Topic 14: Secure Communication 1 Readings for This Lecture On Wikipedia Needham-Schroeder protocol (only the symmetric

More information

CISCO EXAM QUESTIONS & ANSWERS

CISCO EXAM QUESTIONS & ANSWERS CISCO 300-206 EXAM QUESTIONS & ANSWERS Number: 300-206 Passing Score: 800 Time Limit: 120 min File Version: 35.2 http://www.gratisexam.com/ Exam Code: 300-206 Exam Name: Implementing Cisco Edge Network

More information

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005 Firewalls Lecture 33 Security April 15, 2005 Idea: separate local network from the Internet Trusted hosts and networks Intranet Firewall DMZ Router Demilitarized Zone: publicly accessible servers and networks

More information

Transport Layer Security

Transport Layer Security CEN585 Computer and Network Security Transport Layer Security Dr. Mostafa Dahshan Department of Computer Engineering College of Computer and Information Sciences King Saud University mdahshan@ksu.edu.sa

More information

FIPS Management. FIPS Management Overview. Configuration Changes in FIPS Mode

FIPS Management. FIPS Management Overview. Configuration Changes in FIPS Mode This chapter contains the following sections: Overview, on page 1 Configuration Changes in FIPS Mode, on page 1 Switching the Appliance to FIPS Mode, on page 2 Encrypting Sensitive Data in FIPS Mode, on

More information

Defeating All Man-in-the-Middle Attacks

Defeating All Man-in-the-Middle Attacks Defeating All Man-in-the-Middle Attacks PrecisionAccess Vidder, Inc. Defeating All Man-in-the-Middle Attacks 1 Executive Summary The man-in-the-middle attack is a widely used and highly preferred type

More information

Configuring SSL CHAPTER

Configuring SSL CHAPTER 7 CHAPTER This chapter describes the steps required to configure your ACE appliance as a virtual Secure Sockets Layer (SSL) server for SSL initiation or termination. The topics included in this section

More information

Contents. Configuring SSH 1

Contents. Configuring SSH 1 Contents Configuring SSH 1 Overview 1 How SSH works 1 SSH authentication methods 2 SSH support for Suite B 3 FIPS compliance 3 Configuring the device as an SSH server 4 SSH server configuration task list

More information

TLS1.2 IS DEAD BE READY FOR TLS1.3

TLS1.2 IS DEAD BE READY FOR TLS1.3 TLS1.2 IS DEAD BE READY FOR TLS1.3 28 March 2017 Enterprise Architecture Technology & Operations Presenter Photo Motaz Alturayef Jubial Cyber Security Conference 70% Privacy and security concerns are

More information

MSE System and Appliance Hardening Guidelines

MSE System and Appliance Hardening Guidelines MSE System and Appliance Hardening Guidelines This appendix describes the hardening of MSE, which requires some services and processes to be exposed to function properly. This is referred to as MSE Appliance

More information

Administrator's Guide

Administrator's Guide Administrator's Guide Contents Administrator's Guide... 7 Using Web Config Network Configuration Software... 8 About Web Config... 8 Accessing Web Config... 8 Restricting Features Available for Users...

More information

Secure Socket Layer (SSL) for

Secure Socket Layer (SSL) for Secure Socket Layer (SSL) for Micro-Controller over Wireless LAN This document illustrates how to secure network link by using SSL. The example setups a SSL connection with Apache Web server, and transmit/receive

More information

How to Configure Authentication and Access Control (AAA)

How to Configure Authentication and Access Control (AAA) How to Configure Authentication and Access Control (AAA) Overview The Barracuda Web Application Firewall provides features to implement user authentication and access control. You can create a virtual

More information

Linux Network Administration

Linux Network Administration Secure Remote Connections with OpenSSH Objective At the conclusion of this module, the student will be able to: Configure the ssh daemon start, stop, and restart sshd 17 January 2005 NETW 111 - SSH 2 SSH

More information

Security Protocols. Professor Patrick McDaniel CSE545 - Advanced Network Security Spring CSE545 - Advanced Network Security - Professor McDaniel

Security Protocols. Professor Patrick McDaniel CSE545 - Advanced Network Security Spring CSE545 - Advanced Network Security - Professor McDaniel Security Protocols Professor Patrick McDaniel CSE545 - Advanced Network Security Spring 2011 CSE545 - Advanced Network Security - Professor McDaniel 1 Case Study: Host Access The first systems used telnet

More information

Chapter 2. Switch Concepts and Configuration. Part II

Chapter 2. Switch Concepts and Configuration. Part II Chapter 2 Switch Concepts and Configuration Part II CCNA3-1 Chapter 2-2 Switch Concepts and Configuration Configuring Switch Security MAC Address Flooding Passwords Spoofing Attacks Console Security Tools

More information

Configuring SSL. SSL Overview CHAPTER

Configuring SSL. SSL Overview CHAPTER CHAPTER 8 Date: 4/23/09 This topic describes the steps required to configure your ACE (both the ACE module and the ACE appliance) as a virtual Secure Sockets Layer (SSL) server for SSL initiation or termination.

More information

ACS 5.x: LDAP Server Configuration Example

ACS 5.x: LDAP Server Configuration Example ACS 5.x: LDAP Server Configuration Example Document ID: 113473 Contents Introduction Prerequisites Requirements Components Used Conventions Background Information Directory Service Authentication Using

More information

CSE 127: Computer Security Network Security. Kirill Levchenko

CSE 127: Computer Security Network Security. Kirill Levchenko CSE 127: Computer Security Network Security Kirill Levchenko November 28, 2017 Network Security Original TCP/IP design: Trusted network and hosts Hosts and networks administered by mutually trusted parties

More information

Host Identity Sources

Host Identity Sources The following topics provide information on host identity sources: Overview: Host Data Collection, on page 1 Determining Which Host Operating Systems the System Can Detect, on page 2 Identifying Host Operating

More information

BIG-IP System: SSL Administration. Version

BIG-IP System: SSL Administration. Version BIG-IP System: SSL Administration Version 13.1.0 Table of Contents Table of Contents About SSL Administration on the BIG-IP System...7 About SSL administration on the BIG-IP system... 7 Device Certificate

More information

ID: Cookbook: browseurl.jbs Time: 19:37:50 Date: 11/05/2018 Version:

ID: Cookbook: browseurl.jbs Time: 19:37:50 Date: 11/05/2018 Version: ID: 59176 Cookbook: browseurl.jbs Time: 19:37:50 Date: 11/05/2018 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis

More information

Monitoring the Device

Monitoring the Device The system includes dashboards and an Event Viewer that you can use to monitor the device and traffic that is passing through the device. Enable Logging to Obtain Traffic Statistics, page 1 Monitoring

More information

Configuring SSH with x509 authentication on IOS devices

Configuring SSH with x509 authentication on IOS devices Configuring SSH with x509 authentication on IOS devices Contents Introduction Prerequisites Requirements Components Used Configure Network Diagram Deployment considerations Configurations (Optional) Integration

More information

April 24, 1998 Expires in six months. SMTP Service Extension for Secure SMTP over TLS. Status of this memo

April 24, 1998 Expires in six months. SMTP Service Extension for Secure SMTP over TLS. Status of this memo HTTP/1.1 200 OK Date: Tue, 09 Apr 2002 00:24:41 GMT Server: Apache/1.3.20 (Unix) Last-Modified: Mon, 27 Apr 1998 14:31:00 GMT ETag: "2e9b64-31dd-354496a4" Accept-Ranges: bytes Content-Length: 12765 Connection:

More information

MTAT Applied Cryptography

MTAT Applied Cryptography MTAT.07.017 Applied Cryptography Transport Layer Security (TLS) Advanced Features University of Tartu Spring 2016 1 / 16 Client Server Authenticated TLS ClientHello ServerHello, Certificate, ServerHelloDone

More information

Scan Report. Contents. November 15, Result Overview 2

Scan Report. Contents. November 15, Result Overview 2 Scan Report November 15, 2016 This document reports on the results of an automatic security scan. All dates are displayed using the timezone Coordinated Universal Time, which is abbreviated UTC. The task

More information

Action List Modify Configuration Mode Commands

Action List Modify Configuration Mode Commands Action List Modify Configuration Mode Commands Chapter 2 CLI Commands Action List Modify Configuration Mode Commands Action list modify configuration mode commands allow you to configure ACE action lists.

More information

APPLESHARE PC UPDATE INTERNATIONAL SUPPORT IN APPLESHARE PC

APPLESHARE PC UPDATE INTERNATIONAL SUPPORT IN APPLESHARE PC APPLESHARE PC UPDATE INTERNATIONAL SUPPORT IN APPLESHARE PC This update to the AppleShare PC User's Guide discusses AppleShare PC support for the use of international character sets, paper sizes, and date

More information

COMPUTER NETWORKS AND COMMUNICATION PROTOCOLS. Web Access: HTTP Mehmet KORKMAZ

COMPUTER NETWORKS AND COMMUNICATION PROTOCOLS. Web Access: HTTP Mehmet KORKMAZ COMPUTER NETWORKS AND COMMUNICATION PROTOCOLS Web Access: HTTP 16501018 Mehmet KORKMAZ World Wide Web What is WWW? WWW = World Wide Web = Web!= Internet Internet is a global system of interconnected computer

More information

Steel Belted Radius. Release Notes SBR 6.24 Build 1. Release, Build Published Document Version Build 1 May,

Steel Belted Radius. Release Notes SBR 6.24 Build 1. Release, Build Published Document Version Build 1 May, Steel Belted Radius Release Notes SBR 6.24 Build 1 Release, Build Published Document Version 6.24 Build 1 May, 2017 2.0 Contents Steel-Belted Radius Release - 6.2 Release Notes... 3 System Requirements...

More information

TLS in the wild. An Internet-wide analysis of TLS-based protocols for electronic communication. Ralph Holz

TLS in the wild. An Internet-wide analysis of TLS-based protocols for electronic communication. Ralph Holz TLS in the wild An Internet-wide analysis of TLS-based protocols for electronic communication Ralph Holz School of Information Technologies Faculty of Engineering & Information Technologies Team This is

More information

Cisco Unified Operating System Administration Web Interface for Cisco Emergency Responder

Cisco Unified Operating System Administration Web Interface for Cisco Emergency Responder Cisco Unified Operating System Administration Web Interface for Cisco Emergency Responder These topics describe the Cisco Unified Operating System (OS) Administration web interface for Cisco Emergency

More information

Security in the Privileged Remote Access Appliance

Security in the Privileged Remote Access Appliance Security in the Privileged Remote Access Appliance 2003-2018 BeyondTrust, Inc. All Rights Reserved. BEYONDTRUST, its logo, and JUMP are trademarks of BeyondTrust, Inc. Other trademarks are the property

More information

DKT 224/3 LAB 2 NETWORK PROTOCOL ANALYZER DATA COMMUNICATION & NETWORK SNIFFING AND IDENTIFY PROTOCOL USED IN LIVE NETWORK

DKT 224/3 LAB 2 NETWORK PROTOCOL ANALYZER DATA COMMUNICATION & NETWORK SNIFFING AND IDENTIFY PROTOCOL USED IN LIVE NETWORK DKT 224/3 DATA COMMUNICATION & NETWORK LAB 2 NETWORK PROTOCOL ANALYZER SNIFFING AND IDENTIFY PROTOCOL USED IN LIVE NETWORK Lab #2 2 Lab #2 : Network Protocol Analyzer (Sniffing and Identify Protocol used

More information

Wireless LAN Security. Gabriel Clothier

Wireless LAN Security. Gabriel Clothier Wireless LAN Security Gabriel Clothier Timeline 1997: 802.11 standard released 1999: 802.11b released, WEP proposed [1] 2003: WiFi alliance certifies for WPA 2004: 802.11i released 2005: 802.11w task group

More information

Protecting Your Blind Spots Boaz Avigad

Protecting Your Blind Spots Boaz Avigad Protecting Your Blind Spots Boaz Avigad Director of Technical Marketing March 14, 2017 The Internet Is Going Dark The Internet Is Going Dark Leading Brands 100% of traffic encrypted* 77% of traffic encrypted

More information

How to Set Up VPN Certificates

How to Set Up VPN Certificates For the VPN service, you can use either self-signed certificates or certificates that are generated by an external CA. In this article: Before You Begin Before you set up VPN certificates, verify that

More information

ENGI 8868/9877 Computer and Communications Security III. BLOCK CIPHERS. Symmetric Key Cryptography. insecure channel

ENGI 8868/9877 Computer and Communications Security III. BLOCK CIPHERS. Symmetric Key Cryptography. insecure channel (a) Introduction - recall symmetric key cipher: III. BLOCK CIPHERS k Symmetric Key Cryptography k x e k y yʹ d k xʹ insecure channel Symmetric Key Ciphers same key used for encryption and decryption two

More information

WHITE PAPER. Authentication and Encryption Design

WHITE PAPER. Authentication and Encryption Design WHITE PAPER Authentication and Encryption Design Table of Contents Introduction Applications and Services Account Creation Two-step Verification Authentication Passphrase Management Email Message Encryption

More information

Administrator's Guide

Administrator's Guide Administrator's Guide Contents Administrator's Guide... 7 Using Web Config Network Configuration Software... 8 About Web Config... 8 Accessing Web Config... 8 Restricting Features Available for Users...

More information

Administrator's Guide

Administrator's Guide Administrator's Guide Administrator's Guide Welcome to the Administrator's Guide. For a printable PDF copy of this guide, click here. Note: Not all features mentioned in this Administrator's Guide are

More information