Tech Sharing Blog

Computer knowledge, news, product, SEO, earn money online sharing place

Advertisement

Archive for the ‘ Application ’ Category

Turn off SSLv2 and Weak ciphers

By on July 11, 2011

Recently running some security checking of one of my web site and found out that getting the alert of deprecated SSLv2.0 protocol still enabled on my server. This is also one of the requirement from Payment Card Industry Data Security Standrad (PCI-DSS) v1.2.

So I spend sometime to Google it and go through some forum + blog, finally found out the solution to turn it off, but microsoft not providing the UI way to do that, have to manually go to registry and edit it by our self. How to check is my server are enable the SSLv2?

There are many way to check the configuration including using the Open SSL (I’m not too familiar with the OpenSSL so i use the alternative way – web). You may go to Serversniff.net, enter your web domain or IP address of your server which enabled the port 443 or you may edit the port number if you not using the standard SSL port of 443. After all, just click on SSL-Check.

How to disabled the SSL2.0 in window server 2003?

  1.  Click Start, click Run, type regedit, and then click OK.
  2. In Registry Editor, locate the following registry key/folder: HKey_Local_Machine/System/CurrentControlSet/Control/SecurityProviders/SCHANNEL/Protocols/SSL 2.0
  3. Right-click on the SSL 2.0 folder and select New and then click Key. Name the new folder Server.
  4. Inside the Server folder, click the Edit menu, select New, and click DWORD (32-bit) Value.
  5. Enter Enabled as the name and hit Enter.
  6. Ensure that it shows 0×00000000 (0) under the Data column (it should by default). If it doesn’t, right-click and select Modify and enter 0 as the Value data.
  7. Restart the computer.
  8. Verify that no SSL 2.0 ciphers are available at Serversniff.net or the Public SSL Server Database

disable ssl2 in iis Turn off SSLv2 and Weak ciphers

Registry key location which you may need to touch on

[HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/SecurityProviders/SCHANNEL/Ciphers/DES 56/56] "Enabled"=dword:00000000 [HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/SecurityProviders/SCHANNEL/Ciphers/NULL] "Enabled"=dword:00000000 [HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/SecurityProviders/SCHANNEL/Ciphers/RC2 40/128] "Enabled"=dword:00000000 [HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/SecurityProviders/SCHANNEL/Ciphers/RC2 56/128] "Enabled"=dword:00000000 [HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/SecurityProviders/SCHANNEL/Ciphers/RC4 40/128] "Enabled"=dword:00000000 [HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/SecurityProviders/SCHANNEL/Ciphers/RC4 56/128] "Enabled"=dword:00000000 [HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/SecurityProviders/SCHANNEL/Ciphers/RC4 64/128] "Enabled"=dword:00000000 [HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/SecurityProviders/SCHANNEL/Protocols/PCT 1.0/Server] "Enabled"=dword:00000000 [HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/SecurityProviders/SCHANNEL/Protocols/SSL 2.0/Server] "Enabled"=dword:00000000

More From david_cheong

david_cheong Recommends

Turn off SSLv2 and Weak ciphersAsk david_cheong To Recommend Your Posts Turn off SSLv2 and Weak ciphers

Popularity: 1% [?]

Visa announced will provide mobile payment apps for iOS

By on December 24, 2010

The world’s largest retail electronic payments network Visa Inc. today announced that the company will provide for the iPhone, mobile payment applications, so that all their consumers can enjoy more easy and convenient shopping experience.


Now, just by gently touching fingers, Visa cardholders can get 50 kinds of businesses exclusive offers, involving clothing, food and entertainment daily consumption. Visa mobile payment applications from the iTunes App Store is currently available for free download.


Visa will work with selective most popular group of merchant to provide the exclusive benefits to their cardholder in order to help them to save money in their daily consumption expenses.mophie0001 thumb 550x316 30910 Visa announced will provide mobile payment apps for iOS

More From david_cheong

david_cheong Recommends

Visa announced will provide mobile payment apps for iOSAsk david_cheong To Recommend Your Posts Visa announced will provide mobile payment apps for iOS

Popularity: 1% [?]

How to schedule disk cleanup manager to run in Window XP/Server 2003?

By on December 16, 2010


Our computer are very smart and it will help us to enhance the user experience by creating some temporary file and store it in somewhere in your harddisk. So after sometime the un-used files, old temporary files, temporary Internet files, and any log file may use up a lot of space in your harddisk, in addition, those unwanted file may also slow down your computer performance. Keeping your harddisk clean and tiny is a way to mainteance your computer performance at the top.


This task seem easy but very time consuming as we may need to find out what files are useless for our computer and safe to delete without affecting our computer. Microsoft Window XP/2003 did provide a very user friendly tools for us to done the task call ‘Disk Cleanup Manager’.


You can get the tools at Start –> All Program –> Accessories –> System Tools –> Disk Cleanup.


But to using this tools, it need the human interaction which response to it on the spot in order to accomplish the job. Why not we make it run automatically at the time that the computer is free or idle without any response needed by the user.


To do so just following the following step:

  1. Click Start Menu > Run, then type cleanmgr /sageset:1
  2. Click OK.
Disk Cleanup opens with a list of the possible files to be deleted. Select a file type to display a description. Check the boxes for the files you want removed, and click OK.
Disk cleanMgr 1 How to schedule disk cleanup manager to run in Window XP/Server 2003?
Next, you need to schedule Disk Cleanup to run when you want it to.
  1. Open Control Panel, double-click Scheduled Tasks Disk cleanMgr 2 How to schedule disk cleanup manager to run in Window XP/Server 2003?
  2. Double-click Add Scheduled Task
  3. On the Scheduled Task Wizard dialog, click Next.Disk cleanMgr 2 1 How to schedule disk cleanup manager to run in Window XP/Server 2003?
  4. In the list of applications you want Windows to run, click Disk Cleanup, and then click Next.Disk cleanMgr 3 How to schedule disk cleanup manager to run in Window XP/Server 2003?

  5. Select a frequency for the task (once per week is usually enough) and click Next.Disk cleanMgr 4 How to schedule disk cleanup manager to run in Window XP/Server 2003?

  6. Select a day of the week and time for the task to run.Disk cleanMgr 5 How to schedule disk cleanup manager to run in Window XP/Server 2003?

  7. Enter the name and password of a user.Disk cleanMgr 7 How to schedule disk cleanup manager to run in Window XP/Server 2003?
  8. Check the box to open Advanced Settings when you’re done.Disk cleanMgr 8 How to schedule disk cleanup manager to run in Window XP/Server 2003?
  9. In the Run box, add the following to the end of the path: /sagerun: 1 and then click OK.Disk cleanMgr 9 How to schedule disk cleanup manager to run in Window XP/Server 2003?
  10. Task Scheduler will automatically run Disk Cleanup with the settings you selected at the time you selected.
  11. Done

Done.

There are something you need to attention on which is the first command and switch you enter in the command prompt are difference with the extra command and switch you enter on the scheduler. The command enter in command prompt is /sageset but in the scheduler is /sagerun.


Syntax
CLEANMGR option
Options
/d driveletter: – Select the drive that you want Disk Cleanup to clean.
/sageset:n      - Display the Disk Cleanup Settings dialog box and create a registry key to store the settings you select.
The n value is stored in the registry and allows you to specify different tasks for Disk Cleanup to run.
n can be any integer from 0 to 65535. Specify the %systemroot% drive to see all the available options.
/sagerun:n       – Run task ‘n’
All drives in the computer will be enumerated, and the
selected profile will be run against each drive.
Only one of the 3 options above can be run at a time

More From david_cheong

david_cheong Recommends

How to schedule disk cleanup manager to run in Window XP/Server 2003?Ask david_cheong To Recommend Your Posts How to schedule disk cleanup manager to run in Window XP/Server 2003?

Popularity: 1% [?]

Import the server or CA certification in coldfusion server

By on September 15, 2010

Last whole week working with a project which involve the integration with 3th party API through the HTTPS secure channel using coldfusion CFHTTP. I come across with the following error message:


I/O Exception: peer not authenticated

coldfusioncerterror Import the server or CA certification in coldfusion server


Try to Google it for some time and find out that I need to import the 3th party certificate into my Coldfusion server by using some keytool certificate import tools. Trying few times but still can’t get it work until I found a blog which showing a very effective way and free tools for import the certificate.


These instructions are for Windows based machines but the concepts and tools should work on Mac or Unix based platforms.


1. Install tools

Download and install Portecle JVM certificate manager

(portecle-1.5.zip) You do not need the source (src) version

https://sourceforge.net/projects/portecle

The easiest way to install Portecle is to unzip the contents of the zip file to a directory such as C:\Program Files\portecle-1.5\ Then find the file “Portecle.jar”, right click it and send it to your desktop as a shortcut. You can then use this shortcut to launch Portecle. (optionally you can also change the name of the shortcut and change the icon to use the portecle.ico file for the icon)


2. Extract the certificate

The easy way to get the certificate is ask from the issuer, but if you unable to do so, you may have another alternative solution which you open the https page in your browser and double click on the lock logo at bottom left of the browser (the lock appear just beside the url addrss for Google Chrome)


Double click on the lock –> click the certificate information button –> go to details –> click the copy to file button –> Follow the wizard and select the base-64 encoded X.509 (.cer) format –> save the file


3. Install Certificate to Java Virtual Machine and/or ColdFusion server

Start Portecele.

On the [File] menu, select [Open Keystore File] navigate to and locate the keystore you are interested in.

For many java installations this will be located in your “jre\lib\security” directory and might be named “cacerts”

For the ColdFusion 8 default developer install the path will be “c:\coldfusion8\runtime\jre\lib\security\cacerts”

You will have to enter the password for the keystore. The default password is “changeit”


Now you are ready to import the key.

From the [Tools] menu select [Import Trusted Certificate]

Navigate to and locate the certificate you saved and click [Import]

You will need to reenter the keystore password.

You can change the alias if you desire but I would recommend leaving it as the default

Note: You may also be prompted to “trust” the certificate.


Click on the save button at the top of the portecle


4.       Restart you Java Virtual Machine/coldfusion application server.

For ColdFusion not installed on top of JRun you just need to restart the ColdFusion service. If you are running on top of JRun you also need to restart JRun.


Up to now, you already successfully import your partner certificate to your coldfusion/java server.


Please feel free to leave your suggestion if any. Click here for more information regarding Protecle

More From david_cheong

david_cheong Recommends

Import the server or CA certification in coldfusion serverAsk david_cheong To Recommend Your Posts Import the server or CA certification in coldfusion server

Popularity: 2% [?]

Advanced ColdFusion: Error handling

By on July 26, 2010


That’s nothing perfect in the world, no matter how good the application and web site is, that’s still some hole that we may need to handle. By handling that kind of hole, we try to make our application close to perfect.


This powerpoint show that Why we need the error handling, What are error, how the error being handled, type of error, type of error handling.


Advanced ColdFusion - Error Handling (192)


Error Catching with CFERROR and CFCATCH (175)

More From david_cheong

david_cheong Recommends

Advanced ColdFusion: Error handlingAsk david_cheong To Recommend Your Posts Advanced ColdFusion: Error handling

Popularity: 4% [?]

Building Secure Coldfusion Applications

By on July 21, 2010

Here is the presentation slide by Pete Freitag, Principal Consultant from Founeo Inc.

In the presentation slide show it will cover the following topic include:

  • Uchecked input
  • File Uploads
  • XSS-Cross Site Scripting
  • SQL Injection
  • Cross Site Request Forgery
  • CRLF Injection
  • Session Hijacking


Secure your Coldfusion application (162)

More From david_cheong

david_cheong Recommends

Building Secure Coldfusion ApplicationsAsk david_cheong To Recommend Your Posts Building Secure Coldfusion Applications

Popularity: 4% [?]

How to secure your Microsoft Excel 2007 with password

By on July 14, 2010


We store a lot of important information in Excel file which we don’t want other to grant any access to that information. By using Microsoft Excel 2007 you may do so by protect your whole workbook.

 

In order to do that, click on File –> Save As.On the file-save pop up window, select the location where you which to store your file and type in the file name, after all, click on the tools at the bottom of the window and select General Options. A small window will pop up to ask you to enter the password to open as well as password to modify.

 

Pop up save as window How to secure your Microsoft Excel 2007 with password

Pop up saved as window

General option from the drop down tools menu How to secure your Microsoft Excel 2007 with password

Select general option from the drop down tools menu

enter the password for open and modify How to secure your Microsoft Excel 2007 with password

Enter the password for view and modify your excel file


By enter these 2 passwords, Microsoft will protect your entire workbook and prevent anyone else to open and view your contents. Make sure you will remember your password that you enter as if you lost that password, it’s not an easy job to get back your content in your excel file.

 

 

password require on viewing file How to secure your Microsoft Excel 2007 with password

The password will be require whenever you try to open the excel file





More From david_cheong

david_cheong Recommends

How to secure your Microsoft Excel 2007 with passwordAsk david_cheong To Recommend Your Posts How to secure your Microsoft Excel 2007 with password

Popularity: 1% [?]

Hidding IIS web server header

By on July 9, 2010


Google for long time regarding how to hide the HTTP header for IIS in order to mask the server identity and finally found out this tools call URLScan.
Basically URLScan is an ISAPI filter that allows Web site administrators to restrict the kind of HTTP requests that the server will process. By blocking specific HTTP requests, the URLScan filter prevents potentially harmful requests from reaching the server and causing damage.
Actually most of the features that provided by URLScan are included in IIS but not the Remove Server Header features as microsfot find out that this is not an important issue that that’s no real security benefit of include in IIS. But that’s some marketing purposes why microsoft not encourage web master to hide the identity.

How to hide the IIS identity:

  1. download the URL scan
  2. Install the URL scan in your server.
  3. go to the URLScan config file at C:\WINDOWS\system32\inetsrv\urlscan\UrlScan.ini
  4. Change RemoveServerHeader=1 (by default is 0)
  5. Save the file
  6. Restart your IIS
  7. Check on your header (http://www.rexswain.com/httpview.html)
For more detail on the URLScan and the features, you may easily get a lot of information by Google on URLScan



More From david_cheong

david_cheong Recommends

Hidding IIS web server headerAsk david_cheong To Recommend Your Posts Hidding IIS web server header

Popularity: 1% [?]

Sending free SMS from YM

By on June 29, 2010


Recently start to use the Yahoo Messenger as my girlfriend just change to a new company which only allows Yahoo Messenger but not MSN. In the mean time, I found out that that’s cool functions may attract your interest which is sending the free SMS from the YM to any phone of the world.


This service is totally free and you may send from the computer version of YM or iPhone version of YM. For iPhone user, you may download the YM apps from the apple apps store


To send the SMS in iPhone, just login to the YM in your phone and create a contact by adding the mobile number from your phone book, or just compose a new message by entering the phone number of your recipient.


“When you send an SMS message from Yahoo! Messenger, replies from your friends come back to you in Messenger, making it a quick and convenient way to chat with your friends when they’re not online. This feature is available in all of our versions – 9.0 for Windows, Messenger for Mac, Yahoo! Messenger for the Web, iPhone and even in the chat features in Yahoo! Mail,” Product Manager Sarah Bacon explains.

yahooiphone Sending free SMS from YM

iphone yahoo messenger Sending free SMS from YM

More From david_cheong

david_cheong Recommends

Sending free SMS from YMAsk david_cheong To Recommend Your Posts Sending free SMS from YM

Popularity: 1% [?]

Replace traditional menu with iPad

By on June 25, 2010

What can iPad do in the food and bevarate industry? One of the restaurant owner in Australia has use iPad to replace the tranditional printed manus in his rastaurant with iPad-based interactive menu cards.


Global Mundo Tapas‘, in the North Sydney Rydges Hotel you don’t be suprise when the Waiter hand you and latest Apple product – iPad instead of a tranditional printed menu. The iPad which pass to you are installed with a special menu apps that custom make for Global Mundo Tape.


e423 iPadMenuCard Replace traditional menu with iPad


You may think that the restaurant is crazy by spending so much of money on this, but try to think on the other end, the brand new idea of bringing iPad to replace the menu is not only entertaining and interactive, but also help to protect the environment by saves the trees from being killed to make the paper.

More From david_cheong

david_cheong Recommends

Replace traditional menu with iPadAsk david_cheong To Recommend Your Posts Replace traditional menu with iPad

Popularity: 1% [?]

SEO Powered by Platinum SEO from Techblissonline