Archive for the ‘IT Security’ Category

Configuring Active Directory for LDAPS (LDAP over SSL)

Thursday, September 1st, 2011

2011-10-01 Reformatted for clarity

2009-01-13 Initial post

BACKGROUND

By default, Kerberos will encrypt the LDAP authentication only, but not the actual LDAP traffic. You can enable LDAPS (LDAP over SSL) to encrypt the entire LDAP session in Windows AD. (more…)

Password Protect WordPress Blog

Sunday, February 28th, 2010

2010-02-28 Initial Post

I looked into this briefly, not too long ago, and didn't find anything simple for password protecting an entire WordPress blog. The other day I was looking around cPanel and noticed an option for password protection. The option is not specific to WordPress but for any folder in your account. It allows you to password protect any of your site's folders, including the folder that hosts your WordPress site. So the end result is that you can password protect your WordPress blog. Here's how to do that: (more…)

Windows Share Permissions Allow Folder Traversal

Saturday, February 6th, 2010

2009-09-22 Initial Post

Tested with Windows Server 2003 SP2 and Windows XP Professional SP3.

An account that has Read permission to a share, but no permissions at all to the shared folder itself, can still traverse the shared folder to get to a subfolder for which it does have permission to. (more…)

SSL / HTTPS Man-in-the-Middle Attacks

Saturday, February 6th, 2010

2008-12-24 Initial Post

The other month I was wondering if HTTP SSL traffic could be spoofed by some type of man-in-the-middle scenario and just the other day I read an article (more…)

Brute-Force and Dictionary Password Attacks

Saturday, February 6th, 2010

2008-01-26 Initial Post

From what I’ve been able to determine, these types of attacks are very difficult against an account database such as Active Directory. Here are my thoughts on this: (more…)