Monday, October 31, 2016

cipher check with check-ciphers.com


SSLLABS is good to check ciphers, but for IP adresses and non 443 ports, it does not work.
check-ciphers.com orders the ciphers for each protocol (ssl.x, tls.x) in server prefered sort order.
(the red ones are weak)

Friday, October 28, 2016

Amazing, how fast chinese "hijack" your machine as proxy.

Last week during a test I configured FIDDLER to accept remote connections from internet on standard port 8888. During my tests I recognized immediatley calls from an unknown source crawling online travel agencies using my machine as proxy. My IP was one located in US.

Tuesday, October 25, 2016

checking TTL of a domain with dig

Since latest DDOS attacks on DNS servers, it can be useful to check the TTL setting for domains. The TTL set how long a DNS server caches the result of the last lookup. In stable environments one of the most common used settings is 3600 (one hour).


Thursday, October 13, 2016

mobile policy acronyms

lol today i learned a lot of strange mobile device policy acronyms.

COBO-Company Owned, Business Only.
COPE-Company Owned, Personally Enabled.
BYOD-Bring your own device.
CYOD-Choose your own device.