| Security – Error installing Kali: “Installation step failed” |
When I was installing a Kali virtual machine, I came across an error in the “Software selection” step
After confirming the software, the installation shows an “Installation step failed” message.
After browsing through some sites and forums, apparently the problem could be related to not configuring enough space and a suggestion is configuring more than 30-40 GB. But no luck, … Read more
| Checkpoint – Custom application signature ACST |
This time I show you the Checkpoint “Application Control Signature Tool”. This tool allows you to create your own Apps and URL filtering signatures.
For example, I’m using it to block Torrent clients based on the User-Agent, but it is very versatile and you can use it in many ways.
|
| Security – List available cipher suite using nmap |
If you are in process of securing your web server or site, there are some tools and online resources that can help us a lot (in one of the following posts will show you some of them).
But simply using the command the fantastic nmap tool, another interesting feature is listing the available cipher suite certain site offers using the … Read more
| Exchange – New vulnerability that allows privilege escalation |
A new vulnerability that affects Exchange on-premise servers has been discovered recently (https://dirkjanm.io/abusing-exchange-one-api-call-away-from-domain-admin/). By making use of the high privileges Exchange servers have by default, the attacker would be able to escalate from any user with a mailbox to Domain Admin access.
According to Dirk-jan Mollema (see upper link), the vulnerability has been tested against …
|
| Security – Create self signed SAN certificate with OpenSSL |
This post explains how to generate self signed certificates with SAN – Subject Alternative Names using openssl. It is a common but not very funny task, only a minute is needed when using this method.
The example below generates a certificate with two SubAltNames: mydomain.com and www.mydomain.com
Create configuration file for openssh (In a Linux … Read more
|
| Security – Convert PFX to PEM using Windows or Linux |
For certain application, a job partner asked me to send him certain certificate with private key in PEM format. Normally I’m using PFX format, but with a little help of the openssl toolkit converting PFX to PEM is quite easy.
openssl for windows can be downloaded here: http://gnuwin32.sourceforge.net/packages/openssl.htm
After extracting the contents, inside the bin subfolder the openssl … Read more
