Browsing: Security

How to Setup IIS for SSL Perfect Forward Secrecy and TLS 1.2


An often overseen action is to lock down Internet Information Services. You can increases security of SSL connections to your server by disabling insecure SSL2 and SSL3 and all insecure and weak ciphers that a browser may fall-back, too. I recently found a great PowerShell script, which can help implement the current best practices for IIS in a quick way. This PowerShell script setups your Microsoft Internet Information Server 7.5/8.0/8.5/10 (IIS) on Windows 2008R2/2012/2012R2/2016 to support TLS 1.1 and TLS 1.2…

How to Encrypt Password in web.config files


This post is a small how to guide, on how to encrypt sensitive information in a web.config and in my specific case username and password for a service account used by the Azure Multi-Factor Authentication (MFA) services, such as MFA User Portal and MFA Mobile App web services. In my scenario, those services had been installed on dedicated servers and since it was decided to use service accounts for communicating with the backend MFA servers. The MFA service account are…

Error Loading Groups in Azure MFA Server


If you have implemented an om-premise Azure MFA server and have an Active Directory with many objects, you might have run into this issue (Error loading security groups), when trying to load groups in the Directory Integration – Synchronization of the Azure MFA Server Console. The error is seen when choosing Add under the Synchronization Tab in the Multi-Factor server Console, when trying to setup Filtering for certain groups, so that the MFA server automatically can import users, based on…

How to repopulate TPM with BitLocker Recovery Key after a Motherboard replacement


If you run Bitlocker and get your motherboard (mainboard) replaced, e.g. could be from a repair of the PC or Laptop. Then you would start to get prompted for Bitlocker Recovery Key every time you start your PC, This happens because the TPM chip on the new motherboard, does not contain any information about the Bitlocker encryption of your hard drive. So you have to repopulate the TPM chip with the Bitlocker Recovery Key. This can be done in several…

ASP.NET Vulnerability and Exchange


The announced ASP.NET vulnerability (Microsoft Security Advisory (2416728) from Microsoft is also affecting Exchange Server. The Exchange Team has tested the patch for this vulnerability and has approved it and it’s recommended to apply this to your Exchange servers as soon as possible. The Exchange Server team has completed validation of this fix against Microsoft Exchange Server 2010, 2007 and 2003 and we are pleased to report that we have not identified any issues related to the application of this…

1 2
Copyright 2005-2015 - Peter Schmidt.