Hot Solutions

Hi All,

This is a bit difficult for me to explain but i'll try to make it as simple as possible. I have a TMG server and Lync Server along with other servers all in one Network.

The TMG has 2 NICS, Public and private .. the LAN is connected...

I have received a lot of messages recently suggesting friends of mine wanting me to join Schoolfeed.
I am no stranger to internet scams and deceit. Is this a valid company? If they are in Nigeria, forget it.
Is it like a facebook of school...

I've been asked to configure HIPS to monitor tasks/events on a local machine. This request comes of a possible security violation and we want to monitor everything this user is doing for a while..  I've set HIPS to Log All but it's only giving me...

Hi,

I trying to get my Cisco catalyst switches (2960G) to use MS NPS as a RADIUS server so that AD accounts can be used to log into and manage the device.

I have read several guides on the internet including some posts here at EE - no...

using 'find my iphone' app requires location services to be turned on all the time.
the person who stole it would definitely turned off any wifi, etc such that remote wipe is difficult.

anyone has experience using other software that can...

We have a Joomla website and it appears it may have been hacked. The site URL gets rewritten from

https://www.ourdomain.ie/index.php?option=com_enrolcourses&view=enrolcourses&courseid=4&Itemid=18&countrytabs=0

to
...

Hello Experts.

Is Malwarebytes a replacement for a virusscanner or
do they complement eachother?

Hi,

Is there any way to determine experimental analysis on the  actual overhead(s)
produced by PGP during the file exchange process?

Is there any tool that I can use to calculate the overhead during the transmissions or any other method...

Our company uses Microsoft outlook 2007 pop3 email, and the hosting supplier is BT (btconnect.com)

All worked well until we got a notification from BT to update our email client settings and they provided a "BT Businesses Broadband Desktop...

Experts,

Today we noticed that one of our websites was hacked by a turkish hacking group "1923TURK-GROUP".

The affected website was running joomla 1.52. The attack basically overwrote the index.php file at root level, with some plain text...

Experts,

Looking for a Linux UTM firewall.  I would like a solution that can be webbased managed, that has proxy, firewall stop viruses all that good stuff to keep my network secure.

Thanks for any ideas.

Good Evening,

I have a .am4 file from a clients DVR security system. I downloaded this DVR player: http://www.securityfirstcamera.com/ddrivers/19DVR/Program/X_IRS(W)_VER_1.0.zip and I am able to play the file. However, the 4 channel file only...

Dear All,

 I want to block all the teamviewer and logme in my networks, i use Cisco ASA 5520, please advise what is the best way to block such programs.

Thankis

can someone explain  what WESTERN UNION BUG IS ?

I have Comodo Firewall v5.9 in my Windows 7 Pro PC.  Every time I connect to my home network, my office network or a public HotSpot, Comodo displays a “New Netwotk Detected”.  Then it gives 2 option (see pic included):

Secure communication...

Hi All,

We are getting this message logged every 10 seconds on ASA FW for one user.


3      Feb 29 2012      16:55:36      713232                              Group = SillikerRemoteST_vpn, Username = dvanginneken, IP = 78.239.46.10, SA lock refCnt = 0, bitmask = 00000080,...

I receive many PGP self decrypting windows executables every week. (which all have the same pass phrase) .I already found a way to automate this decryption process which is similar to the solution suggested in this link...

What, aside from restricting access to write data out to a thumb-drive, does "endpoint security" cover? Could anyone provide a list of perhaps the top 5 security controls that endpoint security enforces! Can you implement endpoint security...

At the moment we use Lumension Endpoint Security to lock down our desktops from USB use, and to force the encryption of USB removeable storage devices.  Due to the fact that using this solution in a thin client environment would mean greatly...

Hi Experts,

I'm writing a software and going to sell it soon. I will provide all PHP files to buyer, but then he can open those files in php editor and edit them easily and I wouldn't like it. My question is: Is there any way to encrypt php...

We have an Pavilion dv3-1075us with Windows 7 x64 installed (our own build, it originally shipped with Vista).

We have DigitalPersona 4.11.3826 installed.

When you are logged in to Windows, the reader works perfectly to lock/unlock the...

Hi All,
I am new to working on Juniper SRX firewalls and I would be using 3400. Could someone please help me with the configuration guide or CLI for the same?

Appreciate your help.

Thanks.

I have a computer running Windows 7 Professional.  I need this machine to access only one website.  What is the simplest most effective way to do this?  Content adviser using IE or editing the hosts files?  If its the host files what would the...

Greetings mates,

I have some sticky situations here.

First, all my files under Start are gone.

Only icon left there is Solitaire.

Second, when I attempted to install malwarebytes, I was unable to.

Half way through the install, I...

Hello Experts,

I am a network admin trying to run some vulnerability testing on my network. Backtrack is highly ranked but their online courses are not on my budget.

Is any one familiar on a website where I can get some information and how...

How do I switch off the warning in IE8.0.6 which says "Do you want to view only the webpage content that was delivered securely"?

Hello experts - the problem is:  the upload side of my internet connection is saturated with unwanted traffic.  Using a packet analyzer I see a lot of outbound traffic from port 3389.  This traffic is coming from multiple machines on my network,...

Does there exist any free alternative to forensics packages like Encase?
That perhaps handles both acquisition and analysis?
How do they compare? What cant they do that the commercial packages can?

We keep getting a message in the Ad-Aware Live! Icon as follows:

Ad-Watch Live!
detected that a malicious process is running and started a scab in background mode. You will be able to clean any infection safely after the scan is finished

I...

I have a network security project I am doing for a class that I am taking. The assignment is to capture text or passwords in the open (unsecured) and encrypted (e.g. SSL) and show the difference between the two. The bonus challenge is to setup a...

We have a client that wants to monitor her teens use of her computer.

What sort of freeware is recommended that could covertly track mouse clicks, web sites visited, applications opened, keystrokes, et cetera?  If it isn't freeware or doesn't...

I'm having an issue regarding opening up a PDF document.  I keep on receiving an error stating that access is denied as far as opening up the document, but I can view it if I save it to my desktop.

Any ideas on how to resolve?

If on facebook/twitter etc you see an update or post from a freind/contact that looks like spam, i.e. looks like they are selling something for say a drugs company with a link to a website. And then you ask why they are posting that and they say...

Is it legal for a company to constantly communicate with clients "On behalf" of an ex-employee?

My company network is protect by a Cisco pix 501 firewall router. recenty found that many user use BT software in the network to download/upload large amount of data. it affects to the whole network performance. Which ports i should block the BT...

I'm thinking about getting certified as an ethical hacker, and found a website at http://www.eccouncil.org
that claims to get me certified, but for about $2000!
anybody have other, less expensive ways to get certified? I'm out of a job at the...

I'm trying to clean up a Vista laptop. It was infected with System Check. In the start menu, everything is missing except shutdown.

How do I clean it up?

Hi,
Up until a week or so ago, my certificate based WAP stopped authenticating against my Radius server, after about a 1 year of trouble free service.
Radius (server 2008 R2)
WAPs (cisco 1140 APs)
Clients log into Enterprise CA, install user...

Trying to find an ip camera that will work in Southeast Alaska where we get lots of inclement weather.  I need the camera to be able to:
* use ftp with a programmed user and password.  
*send photos to a website via ftp and I need to be able...

hi all
i need any online resource (i can pay !!) that will help me to know the latest internet threats in terms of worms, viruses, threats...etc..

I found free ones but they are not helpful.

I have read many articles about renaming the default windows administrator and guest accounts names for securtiy purposes. But:
1) when you can run tools like dumpsec to list all local users, is it essetnially a complete waste of time? i.e. just...

In environments that use SCCM and currently XP as the client but will in future be Windows 7 - we have a HR policy that says users can only take data onto encrypted USB. Is there any technical way to enforce this? I.e. an approved model of...

hi all

i new in the company and there was some meeting and some solution for WAF( WEB APPLICATION FIREWALL) was made on Citrix Netscaler .

now i suggested, based on things i heard and learned , that the best-of-bread in WAP are
Imperva...

I found http://technet.microsoft.com/en-us/library/cc526440.aspx

And it says


"Remove All Unnecessary File Shares
Remove all unnecessary file shares on the system to prevent possible information disclosure and to prevent malicious users...

Is there any free tool/script along the same lines of microsoft baseline security analyzer that will give a top level vulnerability assessment of a linux/unix server and an exportable format? Please provide details, ideally with the kind of...

Dear,
My external hard drive is always connected to my server which have real ip.
I do remote connection to it always.
I want a software which can disable it from accessing, and dont enable it else with password.
How to do that?
Thx

Is it seen as overkill for you to provide company hardened devices that users can use from home to access remote access facilities like citrix? Or wheres the risk in not providing them corporate kit and letting them use whatever they want?

Say...

Is it secure to pay debt or check bank account by iphone?


I assume to use 3G or Wi-Fi in any public area.

We have a group policy that disables access to Internet Options. This is because we're using proxy settings to prevent access to all but approved sites. This would work great if it weren't for google chrome. A user can use chrome, access the...

I believe my localsettings.php file has been compromised and so need to generate a new $wgProxyKey. I'm tempted just to change it manually in that php file, but is that safe? Would it be better to go through the install process over again?

Hi,

I need to secure an Access database with different users having different access to different areas.  Now that Access 2010 doesn't provide User Level Security, what is the best practice?

Can the front-end open an encrypted back-end in a...

I need some help fast. I run my own email server and I use Norton Anti Virus on the box and it is up to date, however someone and something has turned my mail server into a spam source and the anti virus on there is not enough to stop it. Can you...

I am curious if I can use a AIP-SSM-20 Module in a ASA5510?  I can't really find any documentation from Cisco Stating this.  Any help would be greatly appreciated.  Thanks.

I have a Sonicwall NSA E Class and a Sonicwall Pro series firewall that I need to export the firewall rules, settings, and policies for an external security audit review.

Is there an easy way to do this such that it would be readable by...

Forgive me for asking such a broad question, but I recently agreed to spend more time on the security side of things and I was surprised to see just how much things have changed.

Basically, I'm seeing that pretty much everyone has the basics...

1) Our IT department seem of the view that if citrix remote access gateawy requires 2 factor authentication then we are pretty secure? Whats your view on that opinion?

2) If you only publish citrix to the world, are there still other attack...

Is ITIL more geared towards audit as opposed to vulnerability assessment?
Say for example if you looked at a set of web servers and found they were insecure due to multiple vulnerabilities, it is really an "as is" type review, as opposed to an...

We are reviewing a document on mobile application security and one of the topics is: Implement Controls to Prevent Unauthorized Access to Paid-For Resources.  Under this topic is the following comment which I need help on:

"Minimize data...

Hello.

I have lot of media on my server (video and images).
I want to block the access to the files directly and allow to view the files when there are embed in my  webpage. (for example: www.example.com)

What is the best way to do it?
...

Hi,

Please tell me what security test should I perform against Apache+Tomcat.
Linux platform.

Thank you.

I am fooling around with Nmap self studying for my CEH and have a few questions.

I am trying to use the name server lookup utility in Nmap to find the ip address of a website. Would it be "nmap -sn www.site.com"?

How would I then determine...

First, let me state that I'm not looking to do anything sinister. But, someone close to me is getting involved with someone that may have a questionable background. Is there a free and legal way to do a criminal background check on someone? I've...

I would like to block the use of specific user passwords from being used in AD and would like to know if there is a way using a Microsoft GPO or AD entries to do it or do we need to use a third party tool.  If it is a third party tool, is there...

I too am having this issue after getting a popup virus.  I went into the registry and deleted the files associated with it.  it was a vun.exe and uvu.exe virus.  After doing that and rebooting, everything i try to open gets the popup for choose...

Hi all,

I was recently hit with a bad case of malware which caused most of my files and programs to be hidden. Not exactly sure where the virus came from, possibly a bad torrent...

I believe I was able to get rid of the virus thanks to...

Hi all experts

An user windows vista home premium totaly falis because a iertutil.dll missing, I think is a virus or somthing that crashes the computer, im try to run roguekiller and do not allow me
do not allow me to do nothing
any advice...

I'm looking for a reasonable+ means of securing a document that needs to be shared online or via e-mail.

The data resides on my home computer, but I am asking about delivering a document to a couple of recipients, what is a decent solution and...

I am trying to get my head around TCP/IP protocols and map them to a modern day information system for risk assessment/vulnerability assessment purposes.

Say for example a modern day “payroll app” which is thin client app so users view it in a...

We rebooted our VM server and once it was back up and running the FW mgmt service crashed and the following output was logged.

fw-mgmt cpboot: cpstart: Power-Up self tests passed successfully fw-mgmt cpboot: cpstart: Product SVN Foundation not...

Dear,

I have a question about WPAD security.

I know that DNS on windows server 2008 blocks wpad by default ( global query block list).


WPAD is enabled be default on IE....  IE uses DNS, DHCP or broadcast to detect wpad settings.

MY...

Hi there

I'm trying to make sure I have the hang of AGDLP and its implementation before I start cleaning up an AD and file structuring that has been left to fend for itself for more than 6 years with everything that entails up to and including...

I need to make severe tests on my servers, and I wish I were given a software for windows, which made ¿¿the brute force ftp function efficiently. I tried a few but very poor in resources and efficiency. thank you

Hello,

I have written a little ISAPI dll that reads a document database and returns a document as a PDF by setting the reponse stream to the document.

It is very simple and works fantastically.

However i need to secure it so that not...

We're moving into a "fiber-lit" residential building. The whole apartment is Ethernet wired. However, I didn't see any sign of a termination point inside the apartment. I'm guessing the router is in the basement or something. I haven't had a...

I did a little reading on perimeter network security and the same phrase kept coming up, our "main firewall" is XYZ. Does that mean companies will utilise more than one perimeter firewall? If so - why, why would you use more than 1? Is there a...

Hello!

I have a folder full of hundreds of sub folders.  The parent folder has one set of permissions that we would like to keep and then we would like to customize the sub folder permissions as needed over time.  In order to arrange for this,...

Hi,

We currently have one Enterprise CA running on Windows Server 2003. This server also is a DC/GC.

I would like to move this CA from the 2003 server onto a new 2008R2 box.

The new machine already is a DC/GC and is also a DNS server....

Win XP
IE 8, Not sure of Firefox version - Less than 8 I assume.

Recently upgraded to XP SP3

Whenever I search in Google, either with the built-in search in IE and FF, or from a Web Page, the results I used to get are not there.  Instead...

Hi
We have an Active Directory domain controller running on server 2008 R2, and currently one person has the main administrator password.

Is it possible to give the following rights to another person/persons without giving them the main admin...

So I want to know how easy and how much risk is involved by having an IP address that can be RDP'd into from anywhere.

What ways could someone get into my system if any?

i have forgot the password for my external western digital hard drive
is trhere any thing i can do?
its a WD SmartWave Drive Unlock password

I received this e-mail from "GMX Team" yesterday:

http://screencast.com/t/z5nKzwmrrQ

However, I'm almost certain it must be an attempt to gain access to my e-mail account by some criminal. The sender (database7@gmx.com) could be anyone!
...

I'm trying to use GPG with Outlook 2010, I have GPA and Kleopatra installed but don't see a way to make Outlook see it.
Thunderbird or another e-mail client is not an option.

We have plan to evaluate Windows 7 Bitlocker on our domain PCs and laptops.  Some of the system models are old.  

Does a PC or laptop need to have a TPM chip in order for us to encrypt its C drive?  

Please advise.

Our management are keen to engage a 3rd party to assess our citrix access gateway for security flaws/misconfigurations/best practice from the outside (the internet). My understanding is citrix access gateway uses 2-factor in this instance, SSL...

I wanted to know what sites are avialable for asking questions regarding how to crack wifi, downloading content, and basically testing my networks security.

What is the main security standard used by the U.S. military to secure their systems?  What other security standards are there?

Just doing some basic research and am curious as to the different security standards, thanks,

1) Do the common vuln scanners i.e. nessus, openVAS etc check for out of date anti-virus definition databases and AV clients?
2)If so where are they (the vuln scanner) pulling the latest versions from?
3) Is there a website or something with...

By what names will hardening systems/applications and vulnerability management polcies be referred? Do you have such a policy at your companies or do these areas fit into an over arching policy, are they referred to as something else, or do they...

Upgrading my wireless router to N and a network of three XP's caused the printer
to fail when accessed remotely with the error message:
"RPC server unavailable"

The security was set to WEP in order to attempt to allow printing.

How do I...

I am using AES encryption in my project; the encryption takes place on one server decryption on another. The encryption goes through fine, but at decryption I am getting the error below:

Cipher Text**: [B@191d3bc
 Bad Padding...

Hello Experts,

I have an issue that is occurring on one of my sites that I have no idea as to why it is occurring and it is kind of freaking me out.

Recently, I put out a promotion for one of my sites, and I noticed that after I did that,...

Does anyone know of a way to back up a security camera DVR offsite?  These DVRs have a USB port that you can use to manually back up footage but is there a more automated way to do this?  Possibly with an online backup service?

Thank You

Hello Experts -

I have an ASP.NET web application providing membership-based software as a service.

The app does not process payments, but stores client data and creates invoices for the users to send to their clients. Although it is...

I want to find out how prevalent a specific user password is in our network AD.  I would like to create a script that attempts to login to each user account in AD and tries this specific password 1 time and then logs whether it worked or didn't...

I have a Windows 2008 R2 Enterprise Certificate Server and am using a GPO to automatically push certs to users in an OU.
 
The GPO settings enabled are Computer Configuration/Policies/Windows Settings/Security Settings/Public Key Policies then...

When I tried to log into my account I could not and I had to reset when I received the email from facebook.   Then I receive an email from Facebook that someone from a certain IP addressed from a certain city had changed my password in the...

My boss sent me this link today. We're quite concerned (about IS security when our employees travel overseas), and I thought I might post it here. We're a small business to business consulting firm and sometimes have our consultants travel to...