In a post Heartbleed world, implementation of SSL is being scrutinized like never before (at least in my short years of experience in information security). Even though Microsoft/IIS implementations were hardly, if at all, affected by Heartbleed, they do often suffer from other common SSL vulnerabilities. This is particularly true of Microsoft Server 2003 R2 / IIS 6.5 and older setups.

Back in the olden days (you know, like 5 – 10 years ago…) before massive Chinese super-computers, NSA spying programs, and 30-core processors, a 48-Bit SSL cipher may have been considered sufficient as the length of time it would take to brute-force decrypt collected data was significant on the hardware of the day. No so much anymore.

Fast forward to today, many environments still have aging servers sitting around from a bygone era whose weak implementation of SSL pose a security risk. It is time to turn off archaic SSL ciphers on these old boxes and strengthen your connection security.

So… before you read any further, you need to check a few things to find out if this article is relevant to you.

First, do you host any websites in IIS that use SSL? (i.e. do they have “HTTPS” preceding the URL?) (more…)

Free penetration testing tools abound. Free, easy-to-use penetration testing tools… not as much. Free, easy-to-use, web-hosted penetration testing tools, rarer still.

I came across an excellent, web-hosted NMAP port scanning tool and I wanted to make sure I linked it here in case I needed it again in the future. Without further ado…

https://pentest-tools.com/discovery-probing/tcp-port-scanner-online-nmap

I haven’t explored the rest of the site, but the ability to quickly hit a public site and “fingerprint” the most common open ports is very very handy. I hope others find this as useful as I have! What is nice about it, is that because it is web-hosted, it requires zero setup on your own machine and quickly running scans is simple as everything is GUI’d.

I have found zenmap useful if you are looking for something locally hosted to do internal scans between machines. It isn’t quite as easy to use and I have gotten some odd results from it but it provides more flexibility, especially on windows, vs. just going to the cmd shell and running the common “ping” and “telnet” commands.

While we are on the topic of excellent, free, web-hosted tools. SSL Labs has an absolutely phenomenal SSL testing suite for checking your sites SSL security. In the wake of heartbleed, there has been a lot of attention given to SSL security. If you are a company that runs a public site or sites with SSL, I recommend you start checking them now to make sure that they are configured as well as can be.

You can access that tool here:
https://www.ssllabs.com/ssltest/analyze.html

Reference:
http://security.stackexchange.com/questions/32/what-tools-are-available-to-assess-the-security-of-a-web-application/38#38
https://pentest-tools.com/discovery-probing/tcp-port-scanner-online-nmap
https://www.ssllabs.com/ssltest/analyze.html