IT Nota

How to Enable Secure HttpOnly Cookies in IIS

Session cookies are often seen as one of the biggest problems for security and privacy with HTTP, yet often times, it's necessary to utilize it to maintain state in modern web applications. By default, it is insecure and vulnerable to be intercepted by an authorized party. Cookies typically store session identifiers that may offer full access to an account, therefore if a cookie is intercepted, … [Read more...]

How to Setup HTTP Strict Transport Security (HSTS) on IIS

HTTP Strict-Transport-Security (HSTS) response header is used to tell browsers that the particular website should only be accessed solely over HTTPS. This is a powerful feature that is easy to implement to mitigate the risks for the communication to be intercepted by hackers and keep your website visitors safe. Enabling HTTP Strict Transport Security on IIS See the steps below to enable HSTS on … [Read more...]

How to Enable TLS 1.2 as the Default Security Protocol on Windows Servers

Transport Layer Security (TLS) are cryptographic protocols designed to provide communications security over a computer network, typically between a website and a browser. TLS 1.0 and its deprecated predecessor, SSL are vulnerable to some well-known security issues such as POODLE and BEAST attacks. According to NIST, these vulnerabilities cannot be fixed or patched, therefore all companies, … [Read more...]

How to Create Key Pair Using Kleopatra (GnuPG)

If you need to find a free solution to encrypt file or email, Gpg4win (GNU Privacy Guard for Windows) may be more than enough encryption than what you need. It is a free software and pretty straightforward to install. Before you can use it though, you need to create a key pair first and this may be confusing to beginners. Here are the steps to generate a key pair in GPG4Win Kleopatra: Launch … [Read more...]

Live Cyber Attacks Map

A live cyber attacks map from various companies may give you a different outlook on Internet security. Fire Eye Cyber Threat Map No longer available The explanation from Norse Security's website: "Every second, Norse collects and analyzes live threat intelligence from darknets in hundreds of locations in over 40 countries. The attacks shown are based on a small subset of live flows … [Read more...]

Recent Posts

Tags

.NET Core Access AdSense Amazon ASP.NET Cdonts Dll Classic ASP Code Editor ETL FSharp Genesis Framework Git Google HP Asset Manager HTML HTML5 Hugo IIS Information Security Internet Internet Information Services iOS JAMStack JavaScript Linux macOS Microsoft Microsoft SQL Server MVC PHP Simple Mail Transfer Protocol Smtp Server Social Media SQL SQL Server SSIS SSMS SSRS Visual Studio VPN Windows Windows 8 Windows 10 Windows 2012 Windows Server