Windows Servers | Summa Lai

How to Redirect HTTP to HTTPS with Windows IIS 10

Posted on November 24, 2023November 24, 2023 by Summa Lai

To create redirection rules in IIS, you must download and install the URL Rewrite Module 2.1 IIS module (https://www.iis.net/downloads/microsoft/url-rewrite). Then open the Internet Information Services Manager console (InetMgr.exe) and select your site. Go to the SSL Settings section and make sure that the Require SSL option is not enabled. If not, this will cause a conflict with the Rewrite URL Read More

How to Enable SMB Signing?

Posted on November 20, 2023November 20, 2023 by Summa Lai

SMB signing (also known as security signatures) is a security mechanism in the SMB protocol. SMB signing means that every SMB message contains a signature that is generated by using the session key. The client puts a hash of the entire message into the signature field of the SMB header. SMB signing first appeared in Read More

How to Disable TLS 1.0 and TLS 1.1 via Group Policy

Posted on November 16, 2023November 16, 2023 by Summa Lai

How to Disable TLS 1.0 and TLS 1.1 via Group Policy Open regedit utility Open Group Policy Management (gpmc.msc) in a Domain Controller. 2. Creating a GPO in the Domain Controller Navigate to the OU where Policy is to be linked and right-click and select ‘Create a GP in this domain and Link it here’; In this Read More

How to Disable SSL V3 on Windows Servers

Posted on November 15, 2023November 15, 2023 by Summa Lai

The best way is to have this done by a free tool called “IIS Crypto” from the Nartac Software. You can download the tool from here. https://www.nartac.com/ Below, is a way to get this done manually. but it’s not recommended. SSLv3 is an obsolete protocol, the main attack vector on which, at the time of Read More

How to Fix Microsoft IIS Tilde Character Short File/Folder Name Disclosure

Posted on September 20, 2023September 20, 2023 by Summa Lai

Description Microsoft Internet Information Server (IIS) suffers from a vulnerability which allows the detection of short names of files and directories which have en equivalent in the 8.3 version of the file naming scheme. By crafting specific requests containing the tilde ‘~‘ character, an attacker could leverage this vulnerability to find files or directories that Read More

How to Mitigate CVE-2023-36884 Security Vulnerability

Posted on August 1, 2023August 1, 2023 by Summa Lai

Mitigations Customers who use Microsoft Defender for Office are protected from attachments that attempt to exploit this vulnerability. In current attack chains, the use of the Block all Office applications from creating child processes Attack Surface Reduction Rule will prevent the vulnerability from being exploited. Organizations who cannot take advantage of these protections can set the FEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATION Read More