Category: Security

Configuration Example, Security

Cygwin with OpenSSL for CSR generation

René Jorissen on September 18, 2008 2 Comments • Tags: #certificate #csr #cygwin #generate #geotrust #openssl #request #signing #ssl #verisign

A lot of services, which are published to the Internet, are secured with SSL certificates. A lot of times we use SSL certificates to secure communications when implementing ISA reverse proxy servers, Citrix Secure Gateway servers and/or Cisco WebVPN portals. When you want to secure a connection with a SSL certificate you have to create … Read More

Security

RSA Authentication Manager 7.1 on VMware

René Jorissen on August 15, 2008 2 Comments • Tags: #61 #71 #authenticate #bad #esx #manager #performance #rsa #slow #vmware

I had to install and configure RSA Authentication Manager 7.1. Looking at the Supported Platforms I couldn’t find VMware ESX as supported platform. VMware ESX was supported for RSA AU6.1. So I thought by myself, let’s give it a try. What I noticed first was the size of the installer. The installation file for RSA … Read More

Configuration Example, Proxy, Security

Change password through LDAPS on ISA server

René Jorissen on August 6, 2008 0 Comments • Tags: #2006 #authority #ca #fqdn #isa #key #ldaps #private #proxy #reverse #set #user

Today I received the question about allowing users to changes his/her password through webmail, whereby webmail is published via an ISA server 2006 reverse proxy. This is possible, but it requires the configuration of LDAPS to authenticate users. I started by configuring a Certificate Authority (CA) on a member server in the domain. During the … Read More

Configuration Example, Routing, Security, Switching

Secure HSRP configuration

René Jorissen on July 25, 2008 2 Comments • Tags: #authenticate #cdp #clear #dtp #hsrp #keystring #md5 #preempt #priority #spoofing #standby #text #timeout #wireshark #yersinia

A friend of mine works for a well known auditing and penetration testing company in the Netherlands. Recently we were talking about how he starts looking for flaws in network infrastructures. My friend told me that the first thing he does is simply starting WireShark and start looking at all the packets he receives. By … Read More

Security

Serious DNS Vulnerability

René Jorissen on July 24, 2008 0 Comments • Tags: #dan #dns #kaminsky #vulnerability

I guess you already read about it, but if not here a short outcome. Despite Dan Kaminsky’s efforts to keep a lid on the details of the critical DNS vulnerability he found, someone at the security firm Matasano leaked the information on its blog yesterday, then quickly pulled the post down. But not before others … Read More

Proxy, Security

ISA 2006 Authentication over HTTP

René Jorissen on July 8, 2008 0 Comments • Tags: #12250 #2003 #2007 #403 #authenticate #block #code #error #exchange #forwarding #http #over #owa #proxy #requests #require #reverse

I implemented different ISA 2006 Reverse Proxy servers in conjunction with Microsoft Exchange 2003 or Windows Exchange 2007. Today I configured ISA 2006 with Exchange 2007. I configured the Reverse Proxy server as I did always. And the connection from outside the network works perfectly. On the internal Exchange server I configured Basic and Integrated … Read More