Blue Flower

Security

computer Design Servers Security Encryption Decryption Tunneling Safety Protocols

This is the Security category. It contains articles and subcategories related to topics of Security that could not be categorized within other categories of Computer Related. Please look below for articles and subcategories. Submit requests for topics you want articles about. Guests articles are welcome too. Submit a request to have us publish your guest article that can have links back to your site or other articles.

If you see a big + sign, then click on it to toggle the listing of categories and/or articles.

Details: Written by Tech Notes; Category: Security; Published: 17 November 2014

List Of PDF Password Removers, Recovers, And Crackers.

This is a post for reference on free softwares I have found that I consider safe to install or use (meaning it is not malware or virus infected). A few listed here in case one stops working and also because they do not all have the same features. Note that I do not get paid to write these articles. Items are not listed in any priority or preference. One may be better for you than the other. I simply listed them in the order I found them.

Below are several download links. Once you have downloaded the file, then open it, which will execute the file, and install or run the software as needed. Some softwares do not require installation and just run once opened, which means you need to run it every time you need them.

Free PDF Password Remover 4dots

OSs: Windows XP, 2003, Vista, etc. Windows Server 2008, 7, etc.
Software Maker: 4dots Software.
Software Function: Unlock PDF documents and remove PDF passwords and restrictions.
Price: Free

Read here before downloading.
Last that I checked, a safe download link for it was here. This leads you to cnet's download site, which checks files for malware and viruses before providing them for download. After you follow the link, you will need to wait until a download windows shows and then you select Save or OK to save the file to your computer. After downloading the file run it (open/execute the file).

With Free PDF Password Remover 4dots, you can remove unknown owner passwords that set restrictions on printing, editing, copying, form filling, commenting, page extraction and others. This is in addition to removing known user passwords.

PDF Password Remover Tool

OSs: Windows operating system. Windows 98, Me, NT, 2000, XP, 2003, Vista, 7, etc.
Software Maker: PDF Technologies.
Software Function: Decrypt and remove passwords of password protected PDF files which have their "owner" password set.
Price: Free

Read here before downloading.
Last that I checked, a safe download link for it was here. Directly from the software developers site. After you follow the link, you will need to wait until a download windows shows and then you select Save or OK to save the file to your computer. After downloading the file run it (open/execute the file).

As indicated on the developers site, "The Password Remover tool will NOT work with PDF files that have a 'user password' set".

PDFCrack

OSs: Windows operating system. MS Windows (probably works on most windows, but unknown). Windows 7.
Software Maker: RubyPDF Technologies.
Software Function: Recovers both the user password and owner password from encrypted PDFs. Does not remove passwords.
Price: Free

Read here before downloading.
Last that I checked, a safe download link for it was here. Directly from the software developers site. An alternative download link used by developers is here. Downloading from either location should get you the latest version. After you follow the link, you will need to wait until a download windows shows and then you select Save or OK to save the file to your computer. After downloading the file run it (open/execute the file). PDFCrack is a command-line tool. Meaning you enter what are called Switches (commands at a command line prompt). I suspect this file runs in a DOS window environment, and so if it does not automatically open a DOS window and execute, then open a DOS window and run it. You can reference this image here for the help menu that shows: Screenshot

Something Interesting and SEPARATE from the PDFCrack mentioned above.
Interestingly, I found another older PDFCrack mention and info, but it was or is for Linux and FreeBSD OSs. No idea if the other PDFCrack is related to the PDFCrack mentioned here. If you got time, you can compare them, and let me know. For those who are interested here is an article from June of 2012 for "Linux / FreeBSD: PDFCrack A Command Line Password Recovery Tool For PDF Files". Here is another link for the LINUX software software from a developers site in which the developer states it's use it not recommended and it is out of date and broken at this time, but people can use it to experiment.

PDFCrypt

OSs: Windows operating system. MS Windows (probably works on most windows, but unknown). Windows 7.
Software Maker: RubyPDF Technologies.
Software Function: Unlock PDF documents and remove PDF passwords and restrictions.
Price: Free

Read here before downloading.
Last that I checked, a safe download link for it was here. Directly from the software developers site. Downloading from either location should get you the latest version. After you follow the link, you will need to wait until a download windows shows and then you select Save or OK to save the file to your computer. After downloading the file run it (open/execute the file). PDFCrack is a command-line tool. Meaning you enter what are called Switches (commands at a command line prompt). I suspect this file runs in a DOS window environment, and so if it does not automatically open a DOS window and execute, then open a DOS window and run it.

Do not get this PDFCrypt confused with another that is also named PDFCrypt and found at cnet download site. The other is from Sanface Software, and used to only encrypt, while this PDFCrypt mentioned here is used to unlock pdf files, remove their restrictions and passwords.

Feel Free To Leave A Good Comment. :)

Look around, and you may find other useful articles. Add this site to your Bookmarks/Favorites for easy return for new articles. Consider submitting technical articles for publication, including your embedded links. I will even create a new category if needed.

Details: Written by Tech Notes; Category: Security; Published: 03 November 2014

Disabling SSL 3 Support On Servers And Softwares

Initial Comments

Due to limited time at the time of writing this, I needed to dumped fast info here and did not have time to provide pics or elaborate. I do not get paid to do these articles.

It is assumed on this article that you know how to get access to command level on your server of interest.

On Apache 2.2.23 and Newer have this in the ssl.conf file:

SSLProtocol ALL -SSLv2 -SSLv3

You will need to locate your ssl.conf, but here are some typical example locations for the ssl.conf:
General Linux, Fedora, RHL, Centos: /etc/httpd/conf.d/ssl.conf
Ubuntu: /etc/apache2/mods-available/ssl.conf

On Apache 2.2.22 and Older have this in the ssl.conf file (if I recall correctly a while back, it could also be in the httpd.conf file):

SSLProtocol TLSv1

You can see more on SSLProtocol Directive here by scrolling half way on that page.

For For Apache that has mod_nss do this:

Modify (your choice of text or code editor; such as VIM/VI, or notepad) the file /etc/httpd/conf.d/nss.conf to allow only TLS 1 and higher by having this line in that file:

NSSProtocol TLSv1.0,TLSv1.1

NSSProtocol TLSv1.0,TLSv1.1,TLSv1.2

On Microsoft IIS

This example references Windows 2012:

Make a full backup of your Windows Registry.
Edit Windows Registry while logged in as the OS Administrator (Owner).
Run the command regedit.exe.
1. If needed you can Right-click on regedit.exe indicate to Run as administrator.
Once in the Registry Editor, do the following carefully:
1. Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\
2. Assuming a "SSL 3.0" is not already showing, Right-click on Protocols, and select New, and then select Key.
3. Name the key "SSL 3.0".
4. Right-click on the new SSL 3.0 key that you just made, and select select New, and then select Key, like before.
5. Name the key Client.
6. Again, Right-click on the new SSL 3.0 key, and select select New, and then select Key, like before.
7. Name the key Server.
8. Expanding the SSL 3.0, right-click on Client, and select New, and then select DWORD (32-bit) Value.
9. Name the value DisabledByDefault.
10. Again, under SSL 3.0, select Client and then double click on the DisabledByDefault DWORD value in the right pane.
11. Change the "Value data" field to 1 (this is in the window that is titled "Edit DWORD (32-bit) Value") and click OK.
12. Again, under SSL 3.0, right-click on Server, and select New, and then select DWORD (32-bit) Value.
13. Name the value Enabled.
14. Again, under SSL 3.0, select Server and then double click on the Enabled DWORD value shown in the right pane window.
15. Similar to above, change the "Value data" field to 0, click OK.
16. Restart your Windows server.

For Sendmail 8.9.x and Newer versions

Modify the LOCAL_CONFIG section in the sendmail.mc file. You will need to locate your sendmail.mc file used. Often at /etc/mail/sendmail.mc. Have the following in it:

CipherList=HIGH

ServerSSLOptions=+SSL_OP_NO_SSLv2 +SSL_OP_NO_SSLv3 +SSL_OP_CIPHER_SERVER_PREFERENCE

ClientSSLOptions=+SSL_OP_NO_SSLv2 +SSL_OP_NO_SSLv3

For Postfix SMTP

My understanding is that if you do not have your Postfix setup to use encryption all times, then this may not be needed to be done. If it, then do the following. Edit the main Postfix configuration file, which you will need to locate. Often at /etc/postfix/main.cf. Have it modified to have this line:

smtpd_tls_mandatory_protocols=!SSLv2,!SSLv3

I believe it also work if you have a space after the comma.

For Courier-imap