Archive for the ‘Security’ Category

Simplify SSL Management & Installation on Windows Servers

Here’s the deal: Unless you work with SSL every day, managing your certificates on Windows servers isn’t easy.  Root certificates, intermediate certificates, and private keys, oh my!  Sometimes it can feel like you’re doing brain surgery on your server to fix a certificate problem.  So DigiCert built a new tool called DigiCertUtil.exe to make it easier.  With this tool you can manage, troubleshoot, and fix the SSL certificates on your server, all without having to open up a cmd prompt to run special certutil commands, or dig through the MMC Certificate Snap-in.

DigiCertUtil.exe makes it easy to:

  • See all the SSL certificates installed on your server.
  • Easily view details for each certificate.
  • Fix intermediate certificate problems with one click.
  • Import and Export your certificates to make a backup or move them between servers.
  • Test a certificate to verify its private key is functional.
  • Create certificate signing requests (very useful on ISA servers)
  • Install a certificate to a pending request.
  • Repair a certificate whose private key exists on the server but is not correctly associated with the certificate.

Continue reading and download the tool at DigiCert Windows SSL Management Tool – Windows SSL Troubleshooting.

Cheap GPUs are rendering strong passwords useless

Think that your eight-character password consisting of lowercase characters, uppercase characters and a sprinkling of numbers is strong enough to protect you from a brute force attack?

Think again!The results are startling. Working against NTLM login passwords, a password of “fjR8n” can be broken on the CPU in 24 seconds, at a rate of 9.8 million password guesses per second. On the GPU, it takes less than a second at a rate of 3.3 billion passwords per second.

Increase the password to 6 characters (pYDbL6), and the CPU takes 1 hour 30 minutes versus only four seconds on the GPU. Go further to 7 characters (fh0GH5h), and the CPU would grind along for 4 days, versus a frankly worrying 17 minutes 30 seconds for the GPU.

Continue reading whole article via Cheap GPUs are rendering strong passwords useless | ZDNet.