Warning found on port https (443/tcp)  using Nessus 2.0.0

Similar Messages

• Authentication syntax for HTTP GET method using TCP functions in Labview on linux

  Hi,
  Currently, I am trying to communicate to web server. I have Labview installed on a Linux machine. The HTTP function blocks and other labview functions do not work. Hence, I am building a HTTP code string using TCP functions (port 80) to talk to the web server. I am successfully able to fetch a response from web sites (example www.ni.com) from my vi. However, when I try to communicate to my web server, it does not work. It requires an authentication. I am able to open http://ipaddress in my browser from my machine using username and password. Can someone help with Authentication string requirement for GET method?
  so far the string is:
  GET /index/ HTTP/1.1
  Host: http://xx.xx.xx.xx

  An easy option would be to try http://userassword@server syntax for the URL.
  Else I posted a Twitter fetcher once (won't work anymore since Twitter moved to Oauth authentication) at LAVA. Based on code from @cloew.
  The code is part of this LLB.
  Ton
  Free Code Capture Tool! Version 2.1.3 with comments, web-upload, back-save and snippets!
  Nederlandse LabVIEW user groep www.lvug.nl
  My LabVIEW Ideas
  LabVIEW, programming like it should be!

• The MAC signature found in the HTTP request '***' is not the same as any computed signature. Server used following string to sign: 'POST

  Hi,
  When trying with Postman sending a REST call to Azure Storage Queues I get:
  The MAC signature found in the HTTP request '***' is not the same as any computed signature. Server used following string to sign: 'POST.
  The code I have for creating the Authorization Header:
  var accountName = "my_account";
  string key = ConfigurationManager.AppSettings["my_access_key"];
  DateTime dt = DateTime.Now;
  string formattedDate = String.Format("{0:r}", dt);
  var canonicalizedHeaders = "x-ms-date:" + formattedDate + "\n" + "x-ms-version:2009-09-19" + "\n" ;
  var canonicalizedResource = "/my_account/myqueue/messages";
  var stringToSign = String.Format("POST,\n\n\n\n\n\n\n\n\n\n\n{0}{1}", canonicalizedHeaders, canonicalizedResource);
  stringToSign = HttpUtility.UrlEncode(stringToSign);
  HMACSHA256 hmac = new HMACSHA256(Encoding.UTF8.GetBytes(key));
  var signature = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(stringToSign)));
  var authorizationHeader = String.Format(CultureInfo.InvariantCulture, "SharedKey {0}:{1}", accountName, signature);
  return authorizationHeader;
  Anyone any idea what I'm missing/doing wrong?
  Additional question: do i have to create for every message I want to send a new Authorization header? Or is there an option (as with Service Bus Topics) to create a header that can be used for a certain timeframe?
  Thanks.

  One issue is with this line of code:
  HMACSHA256 hmac = new HMACSHA256(Encoding.UTF8.GetBytes(key));
  Please use the following:
  HMACSHA256 hmac = new HMACSHA256(Convert.FromBase64String(key));
  and that should take care of the problem.
  Regarding your question, "do i have to create for every message I want to send a new Authorization header? Or is there an option (as with Service Bus Topics) to create a header that can be used for a certain timeframe?"
  With your current approach, the answer is yes. What you can do is create a Shared Access Signature on the queue which will be valid for certain duration and then use that for posting messages to a queue using simple HttpWebRequest/HttpWebResponse.
  Hope this helps.

• SOAP receiver adapter - SOAP request over HTTPS to ther port than 443?

  Hi guys!
  Is it possible to send SOAP request from XI to target web service over HTTPS to other target port than 443? Our 3rd party web service is running other port..
  Thanx a lot, Olian

  Hi Olian,
  Check out this,
  http://www.grc.com/port_443.htm
  http://en.wikipedia.org/wiki/HTTPS
  The port 443 is just the default port. One can theoretically run protocols over any port. Port assignments are just suggestions to the world as to what to expect on certain ports
  Regards,
  Prateek

• I have a Macbook Pro 13.3 i5 w/ no hdmi port. How can I connect my Mac to TV to watch video, photo ?  Is the Thunderbolt port a mini display port where I can use a mini display port to HDMI cable? If not, what are my options??

  I have a Macbook pro 13.3 w/ i5 that has no hdmi port. I want to be able to connect the Mac to my TV set to watch Video, Photos and files from Mac to TV.
  Is the Thunderbolt port similar to a display port or mini display port? Can I use thunderbolt port to connect thru a mini displayport to HDMI cable or converter?
  Been trying to locate a USB to HDMI cable or converter (at a reasonable price) but all I found is a displayport or mini displayport to HDMI cable/converter.
  What other options are available ?
  Thanks a lot for your assistance.

  Thunderbolt uses a Mini DisplayPort adapter to send video and audio to HDMI. Here's some on Amazon http://www.amazon.com/s/ref=nb_sb_ss_c_2_8?url=search-alias%3Dcomputers&field-ke   ywords=mini+displayport+to+hdmi&sprefix=mini+dis%2Caps%2C249#/ref=nb_sb_noss?ur l  =search-alias%3Dcomputers&field-keywords=mini+displayport+to+hdmi+with+audio&rh =  n%3A172282%2Cn%3A!493964%2Cn%3A541966%2Ck%3Amini+displayport+to+hdmi+with+audio

• CSS11501 - URL Redirect for Multiple Servers For Both Ports 80 & 443

  Can the CSS rules be configured such that it can be used to direct requests to different Web servers based upon,
  URL path? 
  For Both Ports 80 & 443/HTTPS (with SSL Certificate running on the back-end servers)
  For example:
  http://app.ti.com/path1/file.html goes to Web servers A & B -> old servers
  https://app.ti.com/path1/file.html goes to Web servers A & B -> "
  http://app.ti.com/path2/file.html goes to Web servers C & D -> new servers
  https://app.ti.com/path2/file.html goes to Web servers C & D -> "
  We're trying to understand what are plans are for a phased migration from old site to new site, and if it requires new URLs ???
  Fort port 443, since the CSS is load balancing SSL encrypted traffic, is the means that the CSS can’t look at URL thus this is not possible?
  Please help, thanks.

  Hi Martin,
  1) Clients are using http://domain/, thus I need to define url "//domain/.." as you have stated.
  2) I'm still waiting for the "actual" URL paths from the application team in order to decide which method to use - Regexp vs URLQ definition - to begin testing.
  I know I have limited memory resource (as listed below) & will try not to make it complicated:
  System Resources for CSS501-SCM-INT:
  Installed Memory:   268,435,456 (256 MB)
  Free Memory:        135,414,448 (129 MB)  ****
  CPU:                0% (5Sec)     1% (1Min)     0% (5Min)
  Buffer Statistics:
  Buffer Pool: 0
     Size:2048  Total:3072  Available:2792  Failures:  0  Low Buffer Count: 2748
  Buffer Pool: 1
     Size:2048  Total:3072  Available:2800  Failures:  0  Low Buffer Count: 2800
  Buffer Pool: 2
     Size:2048  Total:2048  Available:1956  Failures:  0  Low Buffer Count: 1900
  Thanks Martin, you've been a big help!
  Diane Ly  

• Minimal open ports for groupwise to use by vpn

  Hi,
  What are the minimal ports that need to be open to use groupwise online
  remotely (by use of vpn) ?
  We use the novell client 4.91sp4 and groupwise 7.0.3hp on windows xp sp2.
  - dns resolving for both udp and tcp are authorized and an user
  authenticates to the FQDN like mail.domain.com
  - port 1677 is open, but then it takes 10 minutes, before you can do
  anything.
  - after monitoring with an account with full rights to every protocol and
  port, we see NCP being used, so after having this authorized, it is already
  much better.
  Still have to wait 1 minute.
  Could it have something to do with the primary or dns suffix entries?
  We do not use primary or dns suffix entries, so these are empty. The
  connection suffix is being set by the dhcpserver. So this name differs for
  each person at home.
  What we see in the capture is that the groupwise server name is being
  accessed by its hostname, like <servername>.<connection suffix>
  An enduser can not resolve these server names remotely, unless the FQDN is
  being used.
  We do not wish to change primary of dns suffix entries, and prefer changes
  on the serverside instead of clientside, but is this possible in this
  situation?
  Anyone has experience with this ?
  Also some icmp request are being made. Is it required to allow icmp to the
  groupwise server?
  regards,
  Marcel
  by the way : if we remove the novell client, then only port 53, 1677 are ok
  and performance is ok (within 10 seconds groupwise client opens)

  Hi Craig,
  Thanks for your answer, but how do you explain that adding ncp (524) over
  tcp is decreasing the timeout?
  In the Groupwise client options the archive and views are all located on a
  netware server using the UNC syntax.
  I do not see the public ip in the traces. In fact when tracing with a client
  with restricted rights, I do not see anything at all. I need to trace with
  all rights, to see what possibly could be used as protocol. Then I noticed
  ncp (524) being accessed. So after that I authorized that and it was like a
  dream came true.
  However.... like I said. only with the novell client (4.91sp4) being used.
  without novell client it just works fine. In vista with both novell client
  and vpn client the slow gwclient also does not appear.
  regards,
  Marcel
  "Craig Johnson" <[email protected]> wrote in message
  news:[email protected]..
  > GroupWise client only needs port 1677. TCP for GW Client, UDP for GW
  > Notify.
  >
  > I often open filter exceptions to the POA for tcp port 1677 for people
  > to connect remotely to the client without VPN. That's all they need.
  >
  > If you are trying to connect on that port, and the traffic is taking a
  > long time, you might be seeing some sort of redirection attempt trying
  > to take you to a public address instead of using the private IP of the
  > POA.
  >
  > Craig Johnson
  > Novell Support Connection SysOp
  > *** For a current patch list, tips, handy files and books on
  > BorderManager, go to http://www.craigjconsulting.com ***
  >
  >

• How can ftp service on non-standard port be load balanced using Cisco ACE.

  How can ftp service on non-standard port be load balanced using Cisco ACE.For example ftp service required on tcp 2000 port

  Hi Samarjit,
  you can do this by specifying the port number in the class map that you create . Please find the below mentioend config guide where you can specify the tcp/udp port , range or ports or even the wild card to match the port.
  http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/ace/v3.00_A1/configuration/administration/guide/mapolcy.html#wp1318826
  Regards
  Abijith

• The access to our new chess hall may be blocked by your local firewall. You would need to reconfigure your firewall to open port 15010 for TCP traffic.

  How do I do the following so I can get into my chess program??
  The access to our new chess hall may be blocked by your
  local firewall. You would need to reconfigure your firewall to open port 15010
  for TCP traffic.

  This is not really Firefox related.
  What you need to do here is to read the firewall manual which usually explains how to create a rule for what you want to do.
  If you're using the Windows XP firewall, see this Microsoft article: http://windows.microsoft.com/en-US/windows-vista/Firewall-frequently-asked-questions

• How I can solve this problem or manipulate it ports 80,443 are closed by ISP and they don't want to open it

  hi,
   I see that I have a particulier abonnee of my ISP , which has closed all the ports for security reason and they don't want to open  any of it 80,443 ect.
  suppose If I want to use Essential server 2012  how I can solve this problem , essential wants domain name whith A record.
  I asked DDNS service provider if I lease from them a domain name whith A record  would that help to open or manipulate the port 80,443  they said that I have to solve this problem myself . they lease only domain names with dynamic dns records.  
   so what can be a solution the ISP provider won't open this ports , how I can solve this problem .   domain name with ip adres is not helping so what it's go to help?
  thanks
  johan
  h.david

  The domain name in this instance is only used for remote access, and is seperate from the active directory domain name.
  If your ISP blocks port 80 and 443, and you dont intend to use remote access anyway, the wizard will likely not complete successfully whether you have a valid domain name or not.
  Robert Pearman SBS MVP
  itauthority.co.uk |
  Title(Required)
  Facebook |
  Twitter |
  Linked in |
  Google+

• Can't update iOS 8 on my iPhone5 through iTunes on Windows 8 (error 3004, 3194). Updated host file, opened port 80, 443; turned off security system and firewall, etc. But nothing works. How to solve this problem?

  Can't update iOS 8 on my iPhone5 through iTunes on Windows 8 (error 3004, 3194). Updated host file, opened port 80, 443; turned off security system and firewall, etc. But nothing works. How to solve this problem?

  Hi the_mad_movies,
  It seems like this article will be the best option for addressing this issue:
  Error 3194, Error 17, or "This device isn't eligible for the requested build"
  http://support.apple.com/kb/ts4451
  Thanks for coming to the Apple Support Communities!
  Cheers,
  Braden

• Error Message "The Remote device or resourse wont accept connection, not set up to accept connection from port https"

  I get this error message when trying to open and log into an online casino "The Remote device or resource wont accept connection, not set up to accept connection from port https".
  I am on a desktop computer my connection to the net is with a USB Virgin Mobile hotspot device.
  I also have issues with some downloads not installing right for instance SKYPE wont work. If the problems are related I don't know
  Thanks

  Starting in Firefox 14, Firefox will guess an address and place it in the address bar (AutoFill feature). If you have ever connected to the site using a secure (HTTPS) connection, then Firefox will try to connect security to the address suggested by the AutoFill feature. To work around this you can:
  * Edit the address to force Firefox to interpret your entry literally. For example, if there is a trailing / you can remove it.
  * Turn off the URL bar AutoFill feature and just use the AutoSuggest drop-down.
  * Clear Firefox's memory of the site so it doesn't default to a secure connection (however, this also removes any bookmarks you have to pages on the site).
  To disable the in-address-bar autofill without losing the suggestions that appear below the bar:
  (1) In a new tab, type or paste '''about:config''' in the address bar and press Enter. Click the button promising to be careful.
  (2) In the filter box, type or paste '''autofill''' and pause while the list is filtered
  (3) Double-click '''browser.urlbar.autoFill''' to toggle it from true to false. You're done with about:config and you can close this tab.
  "Forget about this site" will clear cache, history, bookmarks, and permissions for the site, and probably any saved certificate. There are two ways to get to this:
  * History > Show All History, right-click an entry for the site > "Forget about this site"
  * Type or paste about:permissions in the address bar and press Enter, then select the site from the list on the left side, and click the "Forget about this site" button on the right side
  Depending on the size of your history and cache, this may lock Firefox up for a minute or two while everything is cleansed.

• Used "find my iphone app" and now that I have found my iphone, no one can hear me talk? how do I let Apple know I have found my Iphone so I can use my Iphone?

  used "find my iphone app" and now that I have found my iphone, no one can hear me talk? how do I let Apple know I have found my Iphone so I can use my Iphone?
  so frustrated.

  Well its defintiely nothing that Apple can activate to fix this. They would be able to troubleshoot with you though. This may be able to be resolved if its something software related.
  You can chat into Apple by visiting https://getsupport.apple.com

• Invoking HTTP Restful services using OSB

  Hi,
  We have a reuirement to invoke below three URL's from OSB in sequence .
  like
  1.http://<IP Address:Port>/login
  2.http://<IP Address:Port>/getlist
  3.http://<IP Address:Port>/logout
  I have used three service callouts to invoke the same.
  Login service callout is giving the success response but the 2nd service is throwing the error as "Unauthorized"
  Three url's should be invoked in the same session i.e 2nd service should be invoked in the same session as of login service or else it will give error.
  I have enabled the "Transaction Required" flag and also set the QoS to "Exactly Once" but still giving the error.
  Can anybody please let me know if there is any another way to maintain the session.
  Thanks in advance.

  401 Unauthorized most likely means you have lost a cookie.
  On your first call to login the server sets HTTP header Set-Cookie; you get it back as User Headers. In response flow of the login call you need to get the value of the Set-Cookie and save it into a variable.
  On the second and third call you'll have to set Custom Header "Cookie" to the value you get from Set-Cookie.
  This is purely HTTP mechanism, transactions or QoS have nothing to do with it.

• [svn:fx-trunk] 5029: Extending the mxmlc warning to apply to any application that uses a type selector (i.e.

  Revision: 5029
  Author: [email protected]
  Date: 2009-02-20 16:10:37 -0800 (Fri, 20 Feb 2009)
  Log Message:
  Extending the mxmlc warning to apply to any application that uses a type selector (i.e. not a universal selector) in the subject when the
  QE: If we could create a negative test cases for the warning that'd be great.
  Doc: Not yet, this will be captured in the Advanced CSS spec.
  Checkintests: Pass
  mustella: Advanced CSS, Button, MenuBar all Pass
  Reviewer: For Paul.
  Bugs:
  SDK-19272 - [Advanced CSS] Pseudo selectors shouldn't be allowed in mxml components
  Ticket Links:
  http://bugs.adobe.com/jira/browse/SDK-19272
  Modified Paths:
  flex/sdk/trunk/modules/compiler/src/java/flex2/compiler/css/StylesContainer.java

  Thanks for the crash log  It looks like you have AIR 3.2 installed.  Could you try updating to 3.3 and generate another log?
  http://get.adobe.com/air