last update: February 7th 2017 Similar but newer posts: Changing my Citrix NetScaler VPX based website from http to https and scoring an A+ in SSL labs test and Making a NetScaler Gateway on NetScaler 11 a bit more secure ECDHE Ciphers, this means, Elliptic curve Diffie–Hellman type of cyphers, add additional security to a NetScaler. If we want to use this kind of cyphers we need to create a DH...
It may not be the strongest security measure, but many administrators are not quite sure about HTTP headers like Server or X-Powered-By. There seems to be just one reason why this header has to be in a HTTP response: It makes life easier for a hacker. So why not just remove it? Or even fake a false server? In fakt there is no technical need for this headers. We have a NetScaler, the ultimate...
last update: November 18th 2019 Hacking nsroot on a NetScaler with default settings is completely easy! I missed this one in Neil Spelling’s excellent blog about penetration testing NetScalers. What do you need to hack a NetScaler if you forgot your nsroot password? An external authentication source. My 1st idea would be: Use nerecover user. But this dies not work, as it uses the same...
I started getting a bit confused about security of SSL during the last some month. First of all there was Mr. Edward Snowden. He told us about continuous massive attacks against SSL going on. NSA seems to be able to continuously trace our sessions. Next issue was Heartbleed (CVE-2014-0160). SSL renegotiation seemed to be a big issue. The last one is just a POODLE (CVE 2014-3566) (but never...