Category: Security

VMWARE: Meltdown and Spectre

Martin 09/01/2018

Due to the new CPU bug, memory can be read by criminals, therefore update your OS and virtuel environments: Relevant Products VMware vSphere ESXi (ESXi) VMware Workstation Pro / Player (Workstation) excluded Workstation version 14 VMware Fusion Pro / Fusion (Fusion) excluded Fusion 10 Solution VMware vSphere 6.5: apply patch ESXi650-201712101-SG (released on Dec, 19th 2017) VMware vSphere 6.0: apply patch ESXi600-201711101-SG VMware vSphere 5.5: apply patch ESXi550-201709101-SG (this patch has remediation against CVE-2017-5715 but not against… VMWARE: Meltdown and Spectre

Read More VMWARE: Meltdown and Spectre

Sophos UTM: Setting up DKIM for mail security

Martin 01/09/2017

Sophos UTM mail security has many features, it also supports DKIM (DomainKeys Identified Mail), which allows the UTM to cryptographically sign outgoing messages. Unfortunately it’s not “that” easy to set up, like any other UTM feature, but that’s not the UTM’s fault 🙂 I will try to explain how to make things work here: Firstly you have to generate som key pairs, which we need to use to identify your mail, I will be using OpenSSL… Sophos UTM: Setting up DKIM for mail security

Read More Sophos UTM: Setting up DKIM for mail security

Compliance check: IIS leaks internal IP

Martin 21/12/2016

During security audit scans, it is sometimes seen that a Microsoft Internet Information Services (IIS) server is exposing the servers internal ip, when a speciel get request is sent to the server. This can be due to misconfig, unpatched server or maybe something that is default. It can be amended by running this on IIS servers from 2008 R2 and up: appcmd.exe set config -section:system.webServer/serverRuntime /alternateHostName:”mail.domain.com” /commit:apphost Reboot is not needed and now it will… Compliance check: IIS leaks internal IP

Read More Compliance check: IIS leaks internal IP