Internet Explorer Hardening Mysteries

Today I had a very interesting problem with system hardening and a new application that we are going to use. This application moved from a form based management interface to a web based one. Under normal circumstances this doesn’t provide a huge challenge because management of these type of apps is done over the network… Continue reading Internet Explorer Hardening Mysteries

3DES/FIPS 140-2/RDP Hotfix

In the past I’ve written a blog about the issues my company encountered when we disabled 3DES on our Windows 2008 R2 systems. Since we are obligated to also use FIPS 140-2 for compliance reasons the combination of disabling 3DES, and having FIPS140-2 enabled would break remote desktop functionality. Basically it came down to RDP… Continue reading 3DES/FIPS 140-2/RDP Hotfix

0x800b010e – The revocation process could not continue – the certificate(s) could not be checked

I my line of work, every now and then I run into these unique situations. A few weeks ago we needed to do an application upgrade on a few of our systems. Once we started we got the following message: “0x800b010e – The revocation process could not continue – the certificate(s) could not be checked.”… Continue reading 0x800b010e – The revocation process could not continue – the certificate(s) could not be checked

Challenges with Disabling 3Des

With the discovery of the sweet32 vulnerability (more at sweet32.info) in 3Des and 64-bit block ciphers in general, we had to see if it was possible to disable 3Des on our devices. You could be thinking, why have it enabled in the first place? Well, on Windows systems it’s enabled by default if you don’t… Continue reading Challenges with Disabling 3Des