Tag Archives: security

AWS Installing AWS Inspector Agent on Windows EC2 Instance

Hi everyone,

Just a quick post on installing the AWS Inspector Agent on a Windows EC2 instance.

Open PowerShell and run the following command:

(new-object System.Net.WebClient).DownloadFile('https://inspector-agent.amazonaws.com/windows/installer/latest/AWSAgentInstall.exe','C:\Users\Administrator\Desktop\AWSAgentInstall.exe')

On your desktop, right click on AWSAgentInstall.exe and select run as administrator. Follow the prompts.

Go to run, and execute services.msc. You should now see the Amazon SSM Agent:

If you go to your amazon console > amazon inspector > assessment targets > Click on your relevant target > Preview Target:

Your agent status should now be healthy.

Thanks to these links for the info:

System.Security.SecurityException Failed to negotiate HTTPS Connection – Fiddler

Hi everyone,

I hit the following error when trying to execute a composed request with Fiddler:

[Fiddler] The connection to ‘abc.com’ failed.
System.Security.SecurityException Failed to negotiate HTTPS connection with server.fiddler.network.https> HTTPS handshake to abc.com (for #32) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The function requested is not supported

All that was required to fix it was to add tls 1.2:

  • Tools
  • Options
  • Protocols
  • Add tls1.2 to the end of the list and click ok

Thanks to this link for the info: https://www.telerik.com/forums/some-https-sites-are-unaccessible-when-using-fiddler

Remote Desktop: An authentication error has occurred. – This could be due to CredSSP encryption oracle remediation.

Hi everyone,

I ran into an auth issue with remote desktop today:

An authentication error has occurred.
The function requested is not supported.
Remote computer: XXXX

This could be due to CredSSP encryption oracle remediation.
For more information, see hhtps://go.microsoft.com/fwlink/?linkid=866660

The solution is to add the May 2018 Windows Security Update on both the remote and local machines. If that’s not possible a registry entry can be added to the local machine to circumvent the issue. This can be done by running the following command in a command prompt as administrator:

REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters\ /v AllowEncryptionOracle /t REG_DWORD /d 2

You can also add the entry manually via regedit.

The cause is actually because of a security update in windows. If either the remote or local machine has the update and the other does not the error is triggered. There’s more info available on the following page: https://github.com/stascorp/rdpwrap/issues/480