ciphermethod.com

Security

Functional Synology DSM 7.0 VPN Server

by on Jul.10, 2022, under Apple, iOS, iPhone, Linux, Security

Synology VPN Server

Forward ports 500, 1701, 4500 to server

VPN Server: Enable L2TP/IPSec, confirm Authentication is MS-CHAP v2, and set pre-shared key, enable user permissions for L2TP

IPad/IPhone VPN Client: L2TP w/ secret

Windows VPN Client: L2TP/IPSec with pre-shared key

Windows VPN Adapter Options:

Set VPN adapter Security Tab to Layer 2 Tunneling Protocol with IPSec (L2TP/IPSec)

Set Requires encryption (disconnect if server declines)

Set “Allow these protocols” and enable Microsoft CHAP Version 2 (MS-CHAP v2)

Leave a Comment more...

Adobe patches actively exploited Flash Player vulnerability in 24 flaw fix | PCWorld

by on Apr.08, 2016, under Security

Adobe Systems released a security update for Flash Player to fix 24 critical vulnerabilities, including one that hackers have been exploiting to infect computers with ransomware over the past week.

Source: Adobe patches actively exploited Flash Player vulnerability in 24 flaw fix | PCWorld

Leave a Comment more...

More than 11 million HTTPS websites imperiled by new decryption attack | Ars Technica (DROWN)

by on Mar.01, 2016, under Security

More than 11 million websites and e-mail services protected by the transport layer security protocol are vulnerable to a newly discovered, low-cost attack that decrypts sensitive communications in a matter of hours and in some cases almost immediately, an international team of researchers warned Tuesday. More than 81,000 of the top 1 million most popular Web properties are among the vulnerable HTTPS-protected sites.

Source: More than 11 million HTTPS websites imperiled by new decryption attack | Ars Technica

Leave a Comment more...

SSL 3.0 Protocol Vulnerability and POODLE Attack | US-CERT

by on Oct.17, 2014, under Security

Systems AffectedAll systems and applications utilizing the Secure Socket Layer (SSL) 3.0 with cipher-block chaining (CBC) mode ciphers may be vulnerable. However, the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack demonstrates this vulnerability using web browsers and web servers, which is one of the most likely exploitation scenarios.Some Transport Layer Security (TLS) implementations are also vulnerable to the POODLE attack.

Source: SSL 3.0 Protocol Vulnerability and POODLE Attack | US-CERT

Leave a Comment more...

Heartbleed bug: What you need to know (FAQ) – CNET

by on Apr.11, 2014, under Security

The Heartbleed bug, a newly discovered security vulnerability that puts users’ passwords at many popular Web sites at risk, has upended the Web since it was disclosed earlier this week. It’s an extremely serious issue, and as such, there’s a lot of confusion about the bug and its implications as you use the Internet.

Source: Heartbleed bug: What you need to know (FAQ) – CNET

Leave a Comment more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

But Wait, There's More!

A few highly recommended friends...