Infrastructure security

How to run the WSUS Server Cleanup Wizard from command-line

When running the WSUS Server Cleanup Wizard from the MMC snap-in, it can occur that you receive the following WSUS database error:

Error: Database Error
An error occurred when trying to perform a database operation. This can happen if the database is very busy, if the database service is stopped, if the connection to the database is lost, of if the Post-Installation task is not completed successfully. Please contact your system administrator if the problem persists.

Click Reset Server Node to try to connect to the server again.

Tags: 

Scanning for CVE-2017-0143 (EternalBlue) using nmap (MS17-010)

With both WannaCry and NotPetya using MS17-010 for propagation it is important to be able to detect servers which are vulnerable.
This vulnerability has been assigned CVE-ID CVE-2017-0143. The vulnerability is also often nicknamed EternalBlue.
This page explains how you can scan for it from a Windows machine using nmap.

Tags: 

Scanning for CVE-2017-5638 using nmap

On March 6, 2017, Apache disclosed a vulnerability in the Jakarta multipart parser used in Apache Struts2 that could allow an attacker to execute commands remotely on the targeted system using a crafted Content-Type header value.
This vulnerability has been assigned CVE-ID CVE-2017-5638.
This page explains how you can scan for it from a Windows machine using nmap.

Tags: 

Scan for FREAK using nmap

Not everyone is vulnerable to the potential attack vector that researchers from INRIA, a French research institute, and Microsoft disclosed recently. In order to be vulnerable, the computer or server must support a class of deliberately weak export cipher suites. Support for these weak algorithms has remained in many implementations, however they are typically disabled by default. Nevertheless, the researchers discovered that several implementations incorrectly allow the message sequence of export ciphersuites to be used even if a non-export ciphersuite was nogotiated.

Tags: 

Prevent spammers from sending mails that abuse your domain name using an SPF record

All mail server administrators will have encountered the following problem: spammers send out spam and they spoof the mails so that the sender appears to be a user in the domain you are managing. Unfortunately there is not a lot that can be done to prevent spammers from sending such these spam mail. There is however a way in which receiving mail servers can check whether the mail was send from your mail server or whether is was a spammer who used a mail server that is not authorized to send mails from your domain. This can be accomplished with SPF (Sender Policy Framework).

Tags: 

Scan for POODLE using nmap from a Windows machine

Researchers from the Google Security Team have published findings about a vulnerability in SSL 3.0. CVE-­2014­-3566 has been allocated for this protocol vulnerability. It is possible to use nmap to scan for the presence of this vulnerability by doing a scan on the supported SSL/TLS protocols. This post shows how to scan for the POODLE weakness using nmap.

Tags: 

You might also be interested in...

Subscribe to RSS - Infrastructure security