How to disable SSL 2.0 in IIS

As I am sure you are all aware Secure Sockets Layer (SSL) version 2 certificates are a risk. This protocol is known to have cryptographic weaknesses as well as other exploitable vulnerabilities.

To ensure that your Microsoft IIS Servers do not publish these you can perform the following registry tweek.

1. Click Start, click Run, type regedt32 or [...]

September 17th, 2008 | Category: Hosting, Internet, Server, TCP/IP, Windows 2003 | Leave a comment

Changing the IP address of a RSA Authentication Manager server

RSA SecurID 800 token

I have recently worked on a Data Center migration that involved changing the whole IP address range for the site, this process went quite smoothly really.  One thing that caught me out was when the primary IP address of the RSA Authentication Manager server was changed all of the other servers could [...]

September 7th, 2008 | Category: RSA, Server, TCP/IP, Two-Factor, Windows 2003, Windows XP | 3 comments

Do you know who is logged on at 11pm?

I have created a pair of scripts that log when a user logs on and off to workstaions on a domain.

A basic overview of how the system works is as follows:

A share located on an Active Directory server
A logon script
A logoff script
Group Policy to launch the scripts

Setting up the system:

Create a directory called AUDIT on a [...]

September 17th, 2007 | Category: Group Policy, Scripting, Windows 2003, Windows XP | 2 comments

RSA Authentication Agent and SID800 Tokens

I have recently implemented a RSA SecurID infrastructure to provide secure two-factor authentication over both local login to servers and workstations and also EAP VPN authentication.  This was initially using SID700 tokens and worked brilliantly.  Since then we have purchased a number of SID800 tokens which have USB connectors built-in to automatically passthrough the code on [...]

August 2nd, 2007 | Category: RSA, Two-Factor, VPN, Windows 2003, Windows XP | 9 comments

Microsoft ISA Server 2004 Service Pack 3

In May Microsoft released Service Pack 3 for Microsoft ISA Server 2004, when I attempted to install this update it would bring the firewall down and the service could not be restated.  It would result in leaving mixed components on the ISA Server, causing the service startup to fail.  I have now managed to apply this [...]

June 12th, 2007 | Category: ISA, Server, Windows 2003 | Leave a comment

Using a JPG with an Active Directory roaming profile

There is a known issue that if you use a non-BMP wallpaper, for example a .jpg (jpeg), in a roaming profile using Microsoft Windows, it will not roam with the user.  To resolve this I created a script that when used as a logoff script, it will enable the wallpaper to roam.

MoveJPGWallpaper.vbs

Further to this I would highly [...]

June 7th, 2007 | Category: Active Directory, Roaming Profiles, Scripting, VBS, Windows 2003, Windows XP | 24 comments