I guess it was long
overdue for me to follow up on my Hardening Windows Server 2003 SSL/TLS configuration and Windows server 2003 vs 2008, SSL/TLS comparison posts. They
were two of my very first blog posts and they still receive a
decent amount of traffic. The world has fortunately moved forward since then,
so in this blog post we’ll have a look at the default configuration of recent
Windows Server (WS) versions in light of the latest recommendations from SSL Labs.
We’ll keep the discussion at a reasonably high level, but I’ve included
references to more in-depth information along the way for those who want to dig
into the details. We’ll finish off with an announcement (Hint: it might have
something to do with TLS configuration and Windows Azure).
Software security blog by André N. Klingsheim, who's learning to love .NET and Microsoft servers.
Disclaimer
Any opinions expressed here are my own and not necessarily those of my employer (I'm self-employed).
Subscribe to:
Posts (Atom)
Copyright notice
© André N. Klingsheim and www.dotnetnoob.com, 2009-2018. Unauthorized use and/or duplication of this material without express and written permission from this blog’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to André N. Klingsheim and www.dotnetnoob.com with appropriate and specific direction to the original content.
Read other popular posts
-
Microsoft's widely used e-mail service Hotmail was recently overhauled and rebranded Outlook.com. One of the less known services they pr...
-
The release of Firesheep a week ago brought a lot of attention to a problem that has been known for many, many years: cookies sent over both...
-
I finally got around to publish the slides for the two talks I did in May: the talk about the online banking trojans at the DND/ISACA/ISF me...
-
I just found out that Terminal services manager does not exist in Windows 7. But fear not, the Remote Desktop Services Manager will do the ...
-
I just ran into a weird problem while creating a bootable USB-stick, it was impossible to do a full copy of the files from an .iso. I tried...
-
A couple of weeks ago I was remotely involved in a discussion on password hashing in .NET with @thorsheim , @skradel , and @troyhunt . (Foll...
-
Security headers in an HTTP response There are many things to consider when securing a web application but a definite "quick win&qu...
-
The .NET 4.5 framework was released a couple of months ago and it included several improvements in the security area. To benefit from these ...
-
I guess it was long overdue for me to follow up on my Hardening Windows Server 2003 SSL/TLS configuration and Windows server 2003 vs 20...
-
If you work in an environment where several people fiddle around on the same servers, every once in a while you'll get the message "...