warlord0blog.wordpress.com
Open in
urlscan Pro
192.0.78.12
Public Scan
URL:
https://warlord0blog.wordpress.com/2017/02/09/tls-and-nps/
Submission Tags: falconsandbox
Submission: On August 02 via api from US — Scanned from DE
Submission Tags: falconsandbox
Submission: On August 02 via api from US — Scanned from DE
Form analysis 4 forms found in the DOM
GET https://warlord0blog.wordpress.com/
<form role="search" method="get" class="search-form" action="https://warlord0blog.wordpress.com/">
<!-- <label> -->
<span class="screen-reader-text">Search for:</span>
<input type="search" value="Type and press enter" onfocus="if(this.value=='Type and press enter')this.value='';" onblur="if(this.value=='')this.value='';" name="s" id="s">
<!-- </label> -->
<input type="submit" id="searchsubmit" value="Search" class="button hidden">
</form>POST https://warlord0blog.wordpress.com/wp-comments-post.php
<form action="https://warlord0blog.wordpress.com/wp-comments-post.php" method="post" id="commentform" class="comment-form" novalidate=""><input type="hidden" id="highlander_comment_nonce" name="highlander_comment_nonce" value="3b07bbedb1"><input
type="hidden" name="_wp_http_referer" value="/2017/02/09/tls-and-nps/">
<input type="hidden" name="hc_post_as" id="hc_post_as" value="guest">
<div class="comment-form-field comment-textarea">
<div id="comment-form-comment">
<textarea id="comment" name="comment" title="Enter your comment here..." placeholder="Enter your comment here..." style="overflow: hidden; overflow-wrap: break-word; resize: none; height: 38px;"></textarea>
</div>
</div>
<div id="comment-form-identity" style="display: none;">
<div id="comment-form-nascar">
<p>Fill in your details below or click an icon to log in:</p>
<ul>
<li class="selected" style="display:none;">
<a href="#comment-form-guest" id="postas-guest" class="nascar-signin-link" title="Login via Guest">
</a>
</li>
<li>
<a href="#comment-form-load-service:WordPress.com" id="postas-wordpress" class="nascar-signin-link" title="Login via WordPress.com">
<svg xmlns="http://www.w3.org/2000/svg" role="presentation" viewBox="0 0 24 24"><rect x="0" fill="none" width="24" height="24"></rect><g><path fill="#0087be" d="M12.158 12.786l-2.698 7.84c.806.236 1.657.365 2.54.365 1.047 0 2.05-.18 2.986-.51-.024-.037-.046-.078-.065-.123l-2.762-7.57zM3.008 12c0 3.56 2.07 6.634 5.068 8.092L3.788 8.342c-.5 1.117-.78 2.354-.78 3.658zm15.06-.454c0-1.112-.398-1.88-.74-2.48-.456-.74-.883-1.368-.883-2.11 0-.825.627-1.595 1.51-1.595.04 0 .078.006.116.008-1.598-1.464-3.73-2.36-6.07-2.36-3.14 0-5.904 1.613-7.512 4.053.21.008.41.012.58.012.94 0 2.395-.114 2.395-.114.484-.028.54.684.057.74 0 0-.487.058-1.03.086l3.275 9.74 1.968-5.902-1.4-3.838c-.485-.028-.944-.085-.944-.085-.486-.03-.43-.77.056-.742 0 0 1.484.114 2.368.114.94 0 2.397-.114 2.397-.114.486-.028.543.684.058.74 0 0-.488.058-1.03.086l3.25 9.665.897-2.997c.456-1.17.684-2.137.684-2.907zm1.82-3.86c.04.286.06.593.06.924 0 .912-.17 1.938-.683 3.22l-2.746 7.94c2.672-1.558 4.47-4.454 4.47-7.77 0-1.564-.4-3.033-1.1-4.314zM12 22C6.486 22 2 17.514 2 12S6.486 2 12 2s10 4.486 10 10-4.486 10-10 10z"></path></g></svg> </a>
</li>
<li>
<a href="#comment-form-load-service:Facebook" id="postas-facebook" class="nascar-signin-link" title="Login via Facebook">
<svg xmlns="http://www.w3.org/2000/svg" role="presentation" viewBox="0 0 24 24"><rect x="0" fill="none" width="24" height="24"></rect><g><path fill="#3B5998" d="M20.007 3H3.993C3.445 3 3 3.445 3 3.993v16.013c0 .55.445.994.993.994h8.62v-6.97H10.27V11.31h2.346V9.31c0-2.325 1.42-3.59 3.494-3.59.993 0 1.847.073 2.096.106v2.43h-1.438c-1.128 0-1.346.537-1.346 1.324v1.734h2.69l-.35 2.717h-2.34V21h4.587c.548 0 .993-.445.993-.993V3.993c0-.548-.445-.993-.993-.993z"></path></g></svg> </a>
</li>
</ul>
</div>
<div id="comment-form-guest" class="comment-form-service selected">
<div class="comment-form-padder">
<div class="comment-form-avatar">
<a href="https://gravatar.com/site/signup/" target="_blank"> <img src="https://1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=identicon&forcedefault=y&r=G" srcset="https://1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=identicon&forcedefault=y&r=G 1x, https://1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=38&d=identicon&forcedefault=y&r=G 1.5x, https://1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=50&d=identicon&forcedefault=y&r=G 2x, https://1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=75&d=identicon&forcedefault=y&r=G 3x, https://1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=100&d=identicon&forcedefault=y&r=G 4x" alt="Gravatar" width="25" class="no-grav wp-hovercard-attachment grav-hashed">
</a>
</div>
<div class="comment-form-fields">
<div class="comment-form-field comment-form-email">
<label for="email">Email <span class="required">(required)</span> <span class="nopublish">(Address never made public)</span></label>
<div class="comment-form-input"><input id="email" name="email" type="email" value=""></div>
</div>
<div class="comment-form-field comment-form-author">
<label for="author">Name <span class="required">(required)</span></label>
<div class="comment-form-input"><input id="author" name="author" type="text" value=""></div>
</div>
<div class="comment-form-field comment-form-url">
<label for="url">Website</label>
<div class="comment-form-input"><input id="url" name="url" type="url" value=""></div>
</div>
</div>
</div>
</div>
<div id="comment-form-wordpress" class="comment-form-service">
<div class="comment-form-padder">
<div class="comment-form-avatar">
<img src="https://1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=identicon&forcedefault=y&r=G"
srcset="https://1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=identicon&forcedefault=y&r=G 1x, https://1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=38&d=identicon&forcedefault=y&r=G 1.5x, https://1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=50&d=identicon&forcedefault=y&r=G 2x, https://1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=75&d=identicon&forcedefault=y&r=G 3x, https://1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=100&d=identicon&forcedefault=y&r=G 4x"
alt="WordPress.com Logo" width="25" class="no-grav wp-hovercard-attachment grav-hashed grav-hijack">
</div>
<div class="comment-form-fields">
<input type="hidden" name="wp_avatar" id="wordpress-avatar" class="comment-meta-wordpress" value="">
<input type="hidden" name="wp_user_id" id="wordpress-user_id" class="comment-meta-wordpress" value="">
<input type="hidden" name="wp_access_token" id="wordpress-access_token" class="comment-meta-wordpress" value="">
<p class="comment-form-posting-as pa-wordpress">
<strong></strong> You are commenting using your WordPress.com account. <span class="comment-form-log-out"> ( <a href="javascript:HighlanderComments.doExternalLogout( 'wordpress' );">Log Out</a> /
<a href="#" onclick="javascript:HighlanderComments.switchAccount();return false;">Change</a> ) </span>
<span class="pa-icon"><svg xmlns="http://www.w3.org/2000/svg" role="presentation" viewBox="0 0 24 24">
<rect x="0" fill="none" width="24" height="24"></rect>
<g>
<path fill="#0087be"
d="M12.158 12.786l-2.698 7.84c.806.236 1.657.365 2.54.365 1.047 0 2.05-.18 2.986-.51-.024-.037-.046-.078-.065-.123l-2.762-7.57zM3.008 12c0 3.56 2.07 6.634 5.068 8.092L3.788 8.342c-.5 1.117-.78 2.354-.78 3.658zm15.06-.454c0-1.112-.398-1.88-.74-2.48-.456-.74-.883-1.368-.883-2.11 0-.825.627-1.595 1.51-1.595.04 0 .078.006.116.008-1.598-1.464-3.73-2.36-6.07-2.36-3.14 0-5.904 1.613-7.512 4.053.21.008.41.012.58.012.94 0 2.395-.114 2.395-.114.484-.028.54.684.057.74 0 0-.487.058-1.03.086l3.275 9.74 1.968-5.902-1.4-3.838c-.485-.028-.944-.085-.944-.085-.486-.03-.43-.77.056-.742 0 0 1.484.114 2.368.114.94 0 2.397-.114 2.397-.114.486-.028.543.684.058.74 0 0-.488.058-1.03.086l3.25 9.665.897-2.997c.456-1.17.684-2.137.684-2.907zm1.82-3.86c.04.286.06.593.06.924 0 .912-.17 1.938-.683 3.22l-2.746 7.94c2.672-1.558 4.47-4.454 4.47-7.77 0-1.564-.4-3.033-1.1-4.314zM12 22C6.486 22 2 17.514 2 12S6.486 2 12 2s10 4.486 10 10-4.486 10-10 10z">
</path>
</g>
</svg></span>
</p>
</div>
</div>
</div>
<div id="comment-form-facebook" class="comment-form-service">
<div class="comment-form-padder">
<div class="comment-form-avatar">
<img src="" alt="Facebook photo" width="25" class="no-grav">
</div>
<div class="comment-form-fields">
<input type="hidden" name="fb_avatar" id="facebook-avatar" class="comment-meta-facebook" value="">
<input type="hidden" name="fb_user_id" id="facebook-user_id" class="comment-meta-facebook" value="">
<input type="hidden" name="fb_access_token" id="facebook-access_token" class="comment-meta-facebook" value="">
<p class="comment-form-posting-as pa-facebook">
<strong></strong> You are commenting using your Facebook account. <span class="comment-form-log-out"> ( <a href="javascript:HighlanderComments.doExternalLogout( 'facebook' );">Log Out</a> /
<a href="#" onclick="javascript:HighlanderComments.switchAccount();return false;">Change</a> ) </span>
<span class="pa-icon"><svg xmlns="http://www.w3.org/2000/svg" role="presentation" viewBox="0 0 24 24">
<rect x="0" fill="none" width="24" height="24"></rect>
<g>
<path fill="#3B5998"
d="M20.007 3H3.993C3.445 3 3 3.445 3 3.993v16.013c0 .55.445.994.993.994h8.62v-6.97H10.27V11.31h2.346V9.31c0-2.325 1.42-3.59 3.494-3.59.993 0 1.847.073 2.096.106v2.43h-1.438c-1.128 0-1.346.537-1.346 1.324v1.734h2.69l-.35 2.717h-2.34V21h4.587c.548 0 .993-.445.993-.993V3.993c0-.548-.445-.993-.993-.993z">
</path>
</g>
</svg></span>
</p>
</div>
</div>
</div>
<div id="comment-form-load-service" class="comment-form-service">
<div class="comment-form-posting-as-cancel"><a href="javascript:HighlanderComments.cancelExternalWindow();">Cancel</a></div>
<p>Connecting to %s</p>
</div>
</div>
<script type="text/javascript">
var highlander_expando_javascript = function() {
function hide(sel) {
var el = document.querySelector(sel);
if (el) {
el.style.setProperty('display', 'none');
}
}
function show(sel) {
var el = document.querySelector(sel);
if (el) {
el.style.removeProperty('display');
}
}
var input = document.createElement('input');
var comment = document.querySelector('#comment');
if (input && comment && 'placeholder' in input) {
var label = document.querySelector('.comment-textarea label');
if (label) {
var text = label.textContent;
label.parentNode.removeChild(label);
comment.setAttribute('placeholder', text);
}
}
// Expando Mode: start small, then auto-resize on first click + text length
hide('#comment-form-identity');
hide('#comment-form-subscribe');
hide('#commentform .form-submit');
if (comment) {
comment.style.height = '10px';
var handler = function() {
comment.style.height = HighlanderComments.initialHeight + 'px';
show('#comment-form-identity');
show('#comment-form-subscribe');
show('#commentform .form-submit');
HighlanderComments.resizeCallback();
comment.removeEventListener('focus', handler);
};
comment.addEventListener('focus', handler);
}
}
if (document.readyState !== 'loading') {
highlander_expando_javascript();
} else {
document.addEventListener('DOMContentLoaded', highlander_expando_javascript);
}
</script>
<div id="comment-form-subscribe" style="display: none;">
<p class="comment-subscription-form"><input type="checkbox" name="subscribe" id="subscribe" value="subscribe" style="width: auto;"> <label class="subscribe-label" id="subscribe-label" for="subscribe" style="display: inline;">Notify me of new
comments via email.</label></p>
<p class="post-subscription-form"><input type="checkbox" name="subscribe_blog" id="subscribe_blog" value="subscribe" style="width: auto;"> <label class="subscribe-label" id="subscribe-blog-label" for="subscribe_blog"
style="display: inline;">Notify me of new posts via email.</label></p>
</div>
<p class="form-submit" style="display: none;"><input name="submit" type="submit" id="comment-submit" class="submit button" value="Post Comment"> <input type="hidden" name="comment_post_ID" value="3931" id="comment_post_ID">
<input type="hidden" name="comment_parent" id="comment_parent" value="0">
</p>
<p style="display: none;"><input type="hidden" id="akismet_comment_nonce" name="akismet_comment_nonce" value="ea46fef422"></p>
<p style="display: none !important;"><label>Δ<textarea name="ak_hp_textarea" cols="45" rows="8" maxlength="100"></textarea></label><input type="hidden" id="ak_js_1" name="ak_js" value="1690994862582">
<script>
document.getElementById("ak_js_1").setAttribute("value", (new Date()).getTime());
</script>
</p>
</form>GET https://warlord0blog.wordpress.com/
<form role="search" method="get" class="search-form" action="https://warlord0blog.wordpress.com/">
<!-- <label> -->
<span class="screen-reader-text">Search for:</span>
<input type="search" value="Type and press enter" onfocus="if(this.value=='Type and press enter')this.value='';" onblur="if(this.value=='')this.value='';" name="s" id="s">
<!-- </label> -->
<input type="submit" id="searchsubmit" value="Search" class="button hidden">
</form>POST https://subscribe.wordpress.com
<form method="post" action="https://subscribe.wordpress.com" accept-charset="utf-8" style="display: none;">
<div class="actnbr-follow-count">Join 86 other followers</div>
<div>
<input type="email" name="email" placeholder="Enter your email address" class="actnbr-email-field" aria-label="Enter your email address">
</div>
<input type="hidden" name="action" value="subscribe">
<input type="hidden" name="blog_id" value="116670669">
<input type="hidden" name="source" value="https://warlord0blog.wordpress.com/2017/02/09/tls-and-nps/">
<input type="hidden" name="sub-type" value="actionbar-follow">
<input type="hidden" id="_wpnonce" name="_wpnonce" value="c00a053f01">
<div class="actnbr-button-wrap">
<button type="submit" value="Sign me up"> Sign me up </button>
</div>
</form>Text Content
Skip to content
* Home
* Categories
* Linux
* Networking
* Security
* Virtualisation
* Docker
* Web
* About
* The Privateer
* Home Media Client/Server
* Build a Raspberry Pi Media Centre
* OSMC Installation
* Usenet
* All Privateer Articles
* Contact
Search for:
STUFF I'M UP TO
TECHNICAL RAMBLINGS
Menu
TLS and NPS — February 9, 2017
TLS AND NPS
February 9, 2017February 18, 2017/Warlord
Looks like NPS only supports TLS1.0 by default. So if you go restricting your
ciphers too much you’ll find none of your NPS clients able to connect using EAP.
That’s a bit of a problem when you have an 802.1x secure network and every
client is expected to authenticate. If a cipher is not available on both client
and server then you’ll get a client unable to connect or reconnect when their
sessions require.
So in order to expand the ciphers supported by newer systems you should ensure
you can deliver them over a wider number of protocols , including TLS1.1 and
1.2.
ENSURE YOU HAVE THE REQUIRED UPDATE PATCH FOR YOUR SYSTEM
To add these registry values, follow these steps:
1. Click Start, click Run, type regedit in the Open box, and then click OK.
2. Locate and then click the following subkey in the registry:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RasMan\PPP\EAP\13
3. On the Edit menu, point to New, and then click DWORD Value.
4. Type TlsVersion for the name of the DWORD, and then press Enter.
5. Right-click TlsVersion, and then click Modify.
6. In the Value data box, use the following values for the various versions of
TLS, and then click OK.
TLS version DWORD value TLS 1.0 0xC0 TLS 1.1 0x300 TLS 1.2 0xC00
Any OR’ed combination of these values will enable the corresponding
protocols. By default, TLS 1.0 is enabled. If any invalid value is
configured, TLS 1.0 will be used.
7. Exit Registry Editor, and then either restart the computer or restart the
EapHost service.
> Support for TLS1.0, 1.1 and 1.2 = 0xFC0. TLS1.1 and 1.2 only = 0xF00.
References: https://support.microsoft.com/en-us/help/2977292/microsoft-security-advisory-update-for-microsoft-eap-implementation-that-enables-the-use-of-tls-october-14,-2014
SHARE THIS:
* Twitter
* Facebook
*
LIKE THIS:
Like Loading...
RELATED
SSL 64-BIT BLOCK SIZE CIPHER SUITES SUPPORTED (SWEET32)
Nessus reports a vulnerability because of 64-bit cipher suites and SSL Medium
Strength Cipher Suites Supported (even though it shows up as strong). Windows
requires the cipher TLS_RSA_WITH_3DES_EDE_CBC_SHA being disabled. I found that
adding the cipher suite to the registry didn't work as expected. Then I found a
reference that says it's…
January 20, 2017
In "Windows"
SSL/TLS AS A SERVER ADMIN
I don't trust you just because we can encrypt data together. I need to trust you
based on a 3rd party we both trust telling me that you are who you say you are.
February 28, 2017
In "Linux"
SSL 64-BIT BLOCK SIZE CIPHER SUITES SUPPORTED (SWEET32) – TOMCAT
Following on from the Windows vulnerability for SWEET32, Here's how to resolve
the same issue with Tomcat 8. This use the OpenSSL format string for ciphers, so
can also be applied to anything using the same cipher list.
ciphers="HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA:!ECDHE-RSA-DES-CBC3-SHA"
Simply by adding the !ECDHE-RSA-DES-CBC3-SHA to your existing : delimited cipher
list…
February 3, 2017
In "Web"
Categories: WindowsTags: Security, ssl
POST NAVIGATION
Server Message Block (SMB) Protocol Version 1 Unspecified RCE
(uncredentialed check)
OpenVPN & DNS Lookup Failures
ONE THOUGHT ON “TLS AND NPS”
1 PINGBACK
1. TLS 1.0 and 1.1 Disable Gotchas | Welcome to Pariswells.com
LEAVE A REPLY CANCEL REPLY
Fill in your details below or click an icon to log in:
*
*
*
Email (required) (Address never made public)
Name (required)
Website
You are commenting using your WordPress.com account. ( Log Out / Change )
You are commenting using your Facebook account. ( Log Out / Change )
Cancel
Connecting to %s
Notify me of new comments via email.
Notify me of new posts via email.
Δ
SEARCH THIS SITE
Search for:
CATEGORIES
* electronics (4)
* Linux (340)
* Networking (61)
* Privateer (30)
* Security (30)
* Uncategorized (14)
* Virtualisation (10)
* Docker (6)
* Web (174)
* Bootstrap (8)
* JavaScript (71)
* Laravel (56)
* php (40)
* Windows (103)
RECENT POSTS
* Extracting Formatted Content from MediaWiki
* Kubernetes Clustering
* 10GbE SFP+ and a Python3 One Line FTP Server
* Virtual Machine Clustering, part 2
* Virtual Machine Clustering
ARCHIVES
* August 2023
* July 2023
* June 2023
* May 2023
* April 2023
* March 2023
* February 2023
* January 2023
* December 2022
* November 2022
* October 2022
* September 2022
* August 2022
* July 2022
* June 2022
* May 2022
* April 2022
* March 2022
* February 2022
* January 2022
* November 2021
* October 2021
* August 2021
* July 2021
* June 2021
* May 2021
* April 2021
* March 2021
* February 2021
* January 2021
* November 2020
* October 2020
* September 2020
* August 2020
* July 2020
* June 2020
* May 2020
* April 2020
* March 2020
* February 2020
* January 2020
* October 2019
* September 2019
* August 2019
* July 2019
* June 2019
* May 2019
* April 2019
* March 2019
* February 2019
* January 2019
* December 2018
* November 2018
* October 2018
* September 2018
* August 2018
* July 2018
* June 2018
* May 2018
* April 2018
* March 2018
* February 2018
* January 2018
* December 2017
* November 2017
* October 2017
* September 2017
* August 2017
* July 2017
* June 2017
* May 2017
* April 2017
* March 2017
* February 2017
* January 2017
* December 2016
* November 2016
* October 2016
* September 2016
* March 2016
* January 2016
* October 2015
* September 2015
* August 2015
* July 2015
* February 2014
TAG CLOUD
active directory ajax ansible apache asterisk authentication azure bash
Bootstrap certificates CoffeeScript debian dhcp dkim dns Docker electron
electronics email esp32 esp8266 exchange exim4 firewall ftp git gnome gulp
horizon html5 iptables java jquery json juniper keycloak kodi kvm Laravel ldap
manjaro mssql mysql nginx node.js nzbget oauth2 openvpn owncloud php postgis
postgresql proxy python qemu radius raspberry pi ReactJS rsync Security
single-sign-on smtp spf ssh ssl synology tomcat updates vmware vpn vue.js
webpack wireguard xml xmpp
Create a website or blog at WordPress.com
* Follow Following
* Stuff I'm Up To
Join 86 other followers
Sign me up
* Already have a WordPress.com account? Log in now.
* * Stuff I'm Up To
* Customize
* Follow Following
* Sign up
* Log in
* Copy shortlink
* Report this content
* View post in Reader
* Manage subscriptions
* Collapse this bar
%d bloggers like this:
Advertisements
Powered by wordads.co
We've received your report.
Thanks for your feedback!
Seen too often
Not relevant
Offensive
Broken
Report this adPrivacy