Nmap’s New Math? 9 = 8 but does 3,674 = 65,536?

Fyodor’s inclusion of the results from the Top Ports Project into the latest version (4.76) of Nmap is a welcome addition to information security professionals who need to perform port scans of large networks in short periods of time. cough* Consulting Firms *cough However, the claim that using the “–top-ports” switch to scan only the top 3,674 TCP ports is 100% effective opens the door for yet another false sense of security.

Continue reading

Remediating Common PCI SSL Vulnerabilities with a Simple Windows Registry File

in PCI

Recently I was working with a client who was struggling to remediate two vulnerabilities identified by their quarterly perimeter PCI scans. Specifically, they needed to remediate the following vulnerabilities: SSLv2 Enabled Weak SSL Encryption Ciphers Enabled With these vulnerabilities being so common amongst those bound to the PCI DSS, I would have hoped that better remediation information existed beyond Microsoft’s overcomplicated Knowledgebase Article, How to Restrict the Use of Certain Cryptographic Algorithms and Protocols in Schannel.

Continue reading