Disable SSL/TLS Diffie-Hellman Modulus 1024 Bits

When a SSL/TLS connection is established using DH <=1024 bits, an attacker could find the shared secret in a short amount of time (depending on modulus size and attacker resources). This may allow an attacker to recover the plain text or potentially violate the integrity of connections.

How to detect vulnerability?

Use nmap

nmap -Pn -p 443 –script ssl-dh-params <IP-address>

nmap DH 1024

 

How to fix vulnerable systems?

  1. Navigate to following path in Registry.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders
\SChannel\KeyExchangeAlgorithms

2. Create new sub key named Diffie-Hellman, if it didn’t already exists.

DH 1024 Bits

3. Create DWORD called Enabled and set 0 value.

Disable SSL RC4 Cipher Suits on Windows Server

Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS) protocols provide integrity, confidentiality and authenticity services to other protocols that lack these features. SSL/TLS protocols use ciphers such as AES, DES, 3DES and RC4 to encrypt the content of the higher layer protocols. However, RC4 is considered as practically vulnerable and RC4 is recommended to be disabled on Server.

How to detect Vulnerability?

Download and use testssl.sh

.testssl.sh –rc4 <ip-address>

testssl.sh rc4

 

How to fix Vulnerable Systems?

  1. Navigate to following path in regedit.

Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control
\SecurityProviders\SCHANNEL\Ciphers

2. Create following RC4 sub keys if they do not exists already.

Disable RC4 Cipher on Windows Server

3. Create REG_DWORD called Enabled and set as 0 value for all the 3 RC4 folders.

 

Vodafone Qatar DNS Servers

Following are official DNS Servers of Vodafone, Qatar

Primary DNS Server: 80.76.162.246

Secondary DNS Server: 80.76.162.243

Note: 80.76.162.28 is decommissioned as on 15th Jun 2018. If you are using 80.76.162.28, then migrate to above DNS servers.

Ooredoo Qatar DNS Servers

Following are official DNS servers of Ooredoo

Primary DNS: 212.77.192.59

Secondary DNS: 82.148.111.11

The previous Secondary DNS server 212.77.192.60 is no longer being used.

Install XAMPP in Ubuntu

 

xampp

 

1. Download latest version o XAMPP from apachefriends.org. In my case, it is 64bit version of Linux operating system

Once you downloaded, you cannot install it as simple as that, just follow 1 more step ahead of your installation procedure.

2. open Terminal (Ctrl + Alt +t). Make sure to specify the location of your downloaded file. In my case, it is ‘Downloads’ folder

sudo chmod +x Downloads/xampp-linux-x64-5.6.3-0-installer.run

3. Complete rest of the installations.

If you would like to stop and start XAMPP only when necessary, then remember these commands

To Start – sudo /opt/lampp/lampp stop

To Stop – sudo /opt/lampp/lampp start