ISC StormCast for Monday, September 28th 2020
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 28 September 2020
⏱️ 6 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello, welcome to the Monday, September 28, 2020 edition of the Sandstone Storm Center's Stormcast. |
| 0:07.7 | My name is Johannes Ulrich, and I'm recording from Jacksonville, Florida. |
| 0:12.7 | If you're using Exchange Online or if you're thinking about switching to Exchange Online as part of, for example, Exchange 2010, sort of expiring |
| 0:24.5 | its extended support. Well, we have a great guest diary for you by Jason Danz. Jason is going |
| 0:31.9 | over a lot of details how you can actually secure exchange online. That's something a lot of organizations are having problems with how to essentially |
| 0:42.1 | tweak some of these security settings and what they mean, pretty extensive, post, much |
| 0:47.6 | larger than what we typically post at the Internet Storm Center with references to various external guides. |
| 0:56.9 | So take a look if you are using Exchange Online. |
| 1:02.5 | And then we got a quick diary by DDE about how to decode corrupt base 64 strings. |
| 1:09.5 | Now, this is mostly about base 64 strings that are missing the padding at the end. |
| 1:15.4 | Well, you could just try on error at the padding yourself, just the necessary number of |
| 1:23.3 | equal signs, or use a tool that is more forgiving when it comes to padding like DDA's own |
| 1:30.8 | base 64 dump tool. And security platform provider Sam Seamless Network has published a blog post |
| 1:39.5 | warning of a default certificate problem in 40 Gates''s SSVPN product. Now, Fortygate essentially |
| 1:48.8 | states that this is not a real problem. Users should change those certificates. There's also |
| 1:55.5 | a warning in the admin interface that basically states you're using default certificates, please go out and get a real certificate for your VPN server. |
| 2:06.9 | I feel the warning is sufficient. |
| 2:09.9 | Sam Simulus Network disagrees with that and also states that they found over 200 implementations of Fortygate VPN that still use the default certificate. |
| 2:22.0 | The problem with the default certificate is that, well, it's signed by Fortygate's internal certificate authority. |
| 2:30.1 | Now, probably the larger problem almost here is that clients will happily connect as long as the |
| 2:37.3 | certificate is signed by Fortigate or any other trusted certificate authority. |
| 2:44.7 | And this actually sort of a little bit of misconception sometimes with some VPN implementations. |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.