ShadowTrackr

Log in >
RSS feed

Automatically trust Microsoft O365 certificates

23 April 2023
Some clients reported that Microsoft required them to have certain DNS records available for their Office 365 cloud account. Two (fictive) examples are lyncdiscover.shadowtrackr.com and sip.shadowtrackr.com. You are not required to actually have a website running on those URLs. Microsoft will forward them to their proper cloud servers, serve a standard Microsoft O365 TLS certificate, and that's it.

Or is it?

Some services will start complaining about not trusting the TLS certificate since you now have a domain mismatch. Microsoft itself explains here that you should just trust these certificates and get on with it.

That works, but ShadowTrackr willlist your TLS certificate as a problem since the domain mismatch is still there. If you do not want that, you now have te option to force ShadowTrackr to always trust Microsoft TLS certificates. It's available under Settings->general

If you enable this, it will only work for valid Microsoft TLS certificates on ip addresses that are in the Microsoft cloud range. If any of these conditions is not true you will still see an error appearing in your reports (as you should).

Data quality improvements

16 April 2023
The new logging infrastructure provided new options for bug hunting, and that is where time was spent these last few weeks. You might be able the notice this in data quality. More ports, certificates and whois records are found.

The internet standards scan on hosts running many websites (like proxy servers) regularly had trouble determining if websites where reachable over ipv6, and then incorrectly stated they were not. This is fixed now too. It can still be hard to keep all websites up to date if you have hundreds running on the same ip (work in progress), but the internet standards check will correctly show if they are reachable over ipv6.

Internet standards report as PDF

26 March 2023
The internet standards report can now be exported als csv, xls and ... as a fancy pdf with colored icons!

It is also possible to schedule it and have it send automagically per email. I'm not yet happy with the current reports page in the GUI. The user experience is not what I want, and it will be redesigned sometime soon.
Older posts >

Resources
API
Blog
Documentation
Integrations
Shodan
OpenCTI