ISC StormCast for Wednesday, September 25th 2019
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 25 September 2019
⏱️ 5 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello, welcome to the Wednesday, September 25th, 2019 edition of the Sansonet Storms, Stormcast. My name is Johannes Ulrich, and today I'm recording from London, England. |
| 0:13.7 | Xavier today took another look at Certificant Transparency Logs. Certificant transparency logs are a pretty good idea. Essentially, what's |
| 0:23.6 | happening is that whenever you get a certificate from a public certificate authority, this certificate |
| 0:31.2 | is published as part of that certificate authorities. Transparency logs. The idea here is that you'll be able to detect if |
| 0:39.3 | someone will obtain an unauthorized certificate for one of your domains. But of course |
| 0:46.2 | the flip side of the certificate transparency logs is that any host name that you |
| 0:53.4 | disclose in your certificates may also be made public and |
| 0:58.5 | this of course may be a problem if this host name is only supposed to be for internal use. |
| 1:06.6 | Now Xavier took a look at certificates being issued for the Remote Web Access.com domain. |
| 1:13.6 | This domain is owned by Microsoft and Microsoft customers who are using a version of Windows |
| 1:22.1 | that does support Remote Web Access may obtain free host names within the remote web access.com domain |
| 1:31.0 | in order to remotely administer their Windows systems via a web browser. |
| 1:38.4 | When setting up access with Microsoft, the user is able to specify their own host name within the domain, and then also a TLS certificate |
| 1:46.9 | is generated for this host name, and of course, with that, the host name is published in certificate |
| 1:53.1 | transparency logs. Of course, you're never supposed to rely on security through obscurity, |
| 1:59.6 | but on the other hand, it doesn't help if people |
| 2:02.5 | will be able to easily find this host name that you set up to remotely access |
| 2:08.4 | your Windows system probably best thing you can do is use a host name that |
| 2:13.7 | doesn't directly relate to your organization. |
| 2:22.8 | And of course, if you're setting up a service like this that really only you're going to use or a couple of trusted administrators, it may be preferable to actually use an internally generated |
| 2:30.2 | certificate using your own internal certificate authority which doesn't publish its certificate |
| 2:36.7 | transparency logs. |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.