Nessus Output: Description The remote host is missing one or more of the following Microsoft updates: KB2871997, KB2973351, KB2975625, KB2982378, KB2984972, KB2984976, KB2984981, KB2973501, or KB3126593. These updates are needed to improve the protection against possible credential theft. - For Windows 7 / 2008 R2 : KB2984972, KB2871997, KB2982378, and KB2973351 are required; also, KB2984976 […]
Read More »
Best practice for systems running IIS, part of Hardening IIS:
Read More »
Nessus Output: Description The remote service accepts connections encrypted using SSL 2.0 and/or SSL 3.0. These versions of SSL are affected by several cryptographic flaws. An attacker can exploit these flaws to conduct man-in-the-middle attacks or to decrypt communications between the affected service and clients. NIST has determined that SSL 3.0 is no longer acceptable […]
Read More »
Best practice for systems running IIS, part of Hardening IIS:
Read More »
Best practice for systems running IIS, part of Hardening IIS:
Read More »
Best practice for systems running IIS, part of Hardening IIS:
Read More »
Best practice for systems running IIS, part of Hardening IIS:
Read More »
Best practice for systems running IIS, part of Hardening IIS:
Read More »
Best practice for systems running IIS, part of Hardening IIS:
Read More »
Best practice for systems running IIS, part of Hardening IIS:
Read More »
Best practice for systems running IIS, part of Hardening IIS:
Read More »
Best practice for systems running IIS, part of Hardening IIS:
Read More »
Best practice for systems running IIS, part of Hardening IIS:
Read More »
Best practice for systems running IIS, part of Hardening IIS:
Read More »
Best practice for systems running IIS, part of Hardening IIS:
Read More »
Objective Target your Nessus Auditfile checks to a specific version of IIS.
Read More »
Best practice for systems running IIS, part of Hardening IIS:
Read More »
Objective Remove the X-AspNetMvc-Version HTTP header
Read More »
Objective Remove the X-Powered-By HTTP header
Read More »
Objective Remove the X-Aspnet-Version HTTP header
Read More »
Nessus Output Synopsis : The remote web server does not take steps to mitigate a class of web application vulnerabilities. Description : The remote web server in some responses sets a permissive Content-Security-Policy (CSP) response header or does not set one at all. The CSP header has been proposed by the W3C Web Application Security […]
Read More »
Nessus Output The remote web server reveals the physical path of the webroot when a nonexistent page is requested. While printing errors to the output is useful for debugging applications, this feature should be disabled on production servers.
Read More »
Nikto Output OSVDB-630: IIS may reveal its internal or real IP in the Location header via a request to the /images directory. The value is "http://<ipaddress>/images/".
Read More »
Often, during a penetration test on web applications, we come up against many error codes generated from applications or web servers. It’s possible to cause these errors to be displayed by using a particular requests, either specially crafted with tools or created manually. These codes are very useful to penetration testers during their activities, because […]
Read More »
Nikto Output DEBUG HTTP verb may show server debugging information. See http://msdn.microsoft.com/en-us/library/e8z01xdh%28VS.80%29.aspx for details.
Read More »
You probably gonna find this issue in your manual browsing and spidering phase of your assessment and when performing the Fingerprint Web Server (Passive) and Fingerprint Web Server (Active) Tests.
Read More »
Nikto Output The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
Read More »
Nikto Output The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
Read More »
Nikto output The site uses SSL and the Strict-Transport-Security HTTP header is not defined
Read More »
Nessus Output Description The version of Windows running on the remote host is affected by a vulnerability in the HTTP protocol stack (HTTP.sys) due to improperly parsing crafted HTTP requests. A remote attacker can exploit this to execute arbitrary code with System privileges.
Read More »
A quick example to query a xml config file to retrieve a specific security setting Powershell: Select-Xml -path C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\machine.config -XPath "/configuration/system.web/membership/providers/add" | Select-Object -ExpandProperty node | Select-Object passwordFormat passwordFormat -------------- HashedSelect-Xml -path C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\machine.config -XPath "/configuration/system.web/membership/providers/add" | Select-Object -ExpandProperty node | Select-Object passwordFormat passwordFormat -------------- Hashed
Read More »
Best practices and references used for hardening IIS.
Read More »
