Nikto output
| The site uses SSL and the Strict-Transport-Security HTTP headerĀ is not defined |
Category Archives: Browsers
Hardening Google Chrome (on Windows)
Steps to harden Google Chrome:
- Updating Google Chrome
- Review best practices
- Configure Group Policy settings
X-Frame-Options header is not set
You probably gonna find this issue in your manual browsing and spidering phase of your assessment. But also Nessus will report this issue during your scanning phase.
MS15-124: Cumulative Security Update for Internet Explorer (3116180)
Nessus Output
ASLR hardening settings for Internet Explorer in KB3125869 have not been applied. The following DWORD keys must be created with a value of 1: - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ALLOW_USER32_EXCEPTION_HANDLER_HARDENING\iexplore.exe - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ALLOW_USER32_EXCEPTION_HANDLER_HARDENING\iexplore.exe
Hardening Internet Explorer
Resources used to implement and audit Internet Explorer:
Check Internet Explorer version
Objective:
According to Microsoft announcement: Support for older versions of Internet Explorer ended on January 12th, 2016, you should verify you Windows systems to the latest Microsoft Support Lifecycle statements.
