SSL 3.0 Protocol Vulnerability and POODLE Attack

ll systems and applications utilizing the Secure Socket Layer (SSL) 3.0 with cipher-block chaining (CBC) mode ciphers may be vulnerable. However, the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack demonstrates this vulnerability using web browsers and web servers, which is one of the most likely exploitation scenarios. This affects most current browsers and websites, […]

Read more
IIS interview Questions

IS Interview Questions and Answers                            IIS Interview Questions and Answers   Differences between IIS5.0 and IIS6.0 IIS5 comes in windows 2000 server. IIS6 comes in windows 2003 server. IIS5 is 32bit architecture IIS6 is 32bit and 64bit architecture. IIS5 is TCP/IP Kernal […]

Read more
IIS TROUBLE SHOOTING

Some Useful commands in IIS MSTSC INETMGR SERVICES.MSC GPEDIT.MSC SECPOL.MSC REGEDIT REGEDT32 MMC TSADMIN ASPNET_REGIIS -I : To register aspnet ASPNET_REGIIS -U : To Uninstall aspnet iisapp.vbs : To check the list applications running on the iis. NETSTART -ANO | FIND STR <PORT>   :  Verify IIS listening on the  port or not. PING <IP> TRACEROUTE […]

Read more
POODLE = Padding Oracle On Downgraded Legacy Encryption

POODLE = Padding Oracle On Downgraded Legacy Encryption B.E.A.S.T (Browser Exploit Against SSL TLS) Affected systems: Netscape 3.0 ssl tls Netscape affected system: tls Netscape 1.2 Netscape 1.1 tls tls Netscape 1.0 Description: CVE (CAN) ID: CVE-2014-3566 SSL3.0 is obsolete and no security protocol, has been TLS 1.0, TLS 1.1, TLS 1.2 substitution, for compatibility […]

Read more
IIS7 installation scenarios Chart

default Server Install Components Server Manager Update Name Static Content IIS-StaticContent Default Document IIS-DefaultDocument Directory Browsing IIS-DirectoryBrowsing HTTP Errors IIS-HttpErrors HTTP Logging IIS-HttpLogging Logging Tools IIS-LoggingLibraries Request Monitor IIS-RequestMonitor Request Filtering IIS-RequestFiltering Static Content Compression IIS-HttpCompressionStatic IIS Management Console IIS-ManagementConsole ASP.NET Workload Server Options Server Manager Update Name Static Content IIS-StaticContent Default Document IIS-DefaultDocument Directory […]

Read more
IIS Crypto

IIS Crypto IIS Crypto is a free tool that gives administrators the ability to enable or disable protocols, ciphers, hashes and key exchange algorithms on Windows Server 2003, 2008 and 2012. It also lets you reorder SSL/TLS cipher suites offered by IIS, implement best practices with a single click and test your website.     […]

Read more
Disable CRL Checking

How to Disable CRL Checking in IIS 6.x: Open a CMD prompt Navigate to c:\inetpub\adminscripts To disable for ALL sites, run the following command: cscript adsutil.vbs set w3svc/CertCheckMode 1 Hit the ENTER key To disable for SPECIFIC sites, run the following command: cscript adsutil.vbs set w3svc/siteid#/CertCheckMode 1 Hit the ENTER key To query to see […]

Read more
HTTPS 413

IIS 7.5 – uploadReadAheadSize A developer recently reported a problem that when a customer attempted to upload an attachment, they would sometime receive the error:The page was not displayed because the request entity is too large.In our case it did not include an error number, but it will sometimes include the error number: HTTPS 413 […]

Read more
IIS 7 Presentation from Microsoft

IIS 7 architecture diagram HTTP Request Processing in IIS IIS 7 and above have a similar HTTP request-processing flow as IIS 6.0. The diagrams in this section provide an overview of an HTTP request in process. The following list describes the request-processing flow that is shown in Figure 1: When a client browser initiates an […]

Read more

Hit Counter provided by dental implants orange county