Cybersecurity

281

Solutions

647

Contributors

The Cybersecurity specialization covers the fundamental concepts underlying the construction of secure systems, from the hardware to the software to the human-computer interface, with the use of cryptography to secure interactions. Cybersecurity focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change, theft or destruction. This includes controlling physical access to the hardware, as well as protecting against harm that may come via network access, data and code injection, and due to malpractice by operators, whether intentional, accidental, or due to them being tricked into deviating from secure procedures.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hello,
     We use RealVNC to to monitor a couple of PCs that are at a remote location. We have never had a problem using it but since upgrading the firmware on our  Sonicwall NSA 220 the firewall now stops the connection with the following alert: IPS Prevention Alert: MISC RealVNC Authentication Bypass, SID: 5828, Priority: Medium. How can I stop the firewall from blocking these events?

Thank you
0
Are You Headed to Black Hat USA 2017?
Are You Headed to Black Hat USA 2017?

Getting ready for Black Hat next week? Kick things off with the WatchGuard Badge Challenge and test your puzzle and cipher skills. Do you have what it takes to earn our limited edition Firebox Badge? Get started today - https://crimsonthorn.net

I installed Crashplan on a windows machine and have a mapped network path as drive letter f: and crashplan cannot back it up, but on a MAC I installed Crashplan and it can backup the same network path. What is the limitation in windows that prevents this and is there a work around? I have even attempted mapping the drive in windows then creating a symbolic link and it still does not work.
0
hi experts,

 I've been asked to design it, present it as to why it needs to be done and implemented. Can someone with experience in this subject on how to proceed , what information I need to gather and what steps actions need to be taken to secure and protect uers/network/workstations from ramsomware.
0
Experts,

On my victim Windows 7 professional domain joined machine when I go to connect to a network share, I send my NTLMv2 HASH.
But when I take a password hashdump, they are in NTLM format.  
While in a meterpreter connection, when I run hashdump, will it always be NTLM format? I don't remember ever seeing NTLMv2 when running hashdump.
0
We developed some apps for our customers.  Besides scanning our mobile/IOS
website, auditors have required that we scan the IOS/Android apps that we have
developed for our customers IOS devices.

Q1:
is this a feasible or common practice to scan the apps running on clients IOS?

Q2:
What are some of these scanning tools that anyone can suggest?

Q3:
My view is to scan the mobile portal that we offers, not client's mobiles/iPad
0
Can someone recommend a syntax on john the ripper using the default word list that I can use to crack an ntlmv2 hash for the password below in under 5 minutes?

DaLLasTexas!!
0
Hi All,

Is it possible to block a particular file, for eg a  malicious pdf, based on its Sha-256/Md5 hash value , from the firewall?

Regards,
T
0
I have a hacker who is aggressively attacking my network and need advice on which router is the most secure/encrypted?
0
is there any technique/command/tool that can be used to remotely report the system centre endpoint protection status from a remote PC (definitions created on, definitions last updated, virus definition version, spyware definition version).
0
Hi, just looking for a better way of managing WSUS v 6.3.9600.18228
We automatically approve Critical, Definition and Security updates
We sync Critical, Definition, Feature Packs, Security Updates, Service Packs, Updates roll ups, and Updates.

We get an email notification once a week of the synchronised updates, we have 3 different sites each running its own WSUS server, and its a constant struggle trying to wade through the print outs, as the print outs (synchronised report) contain all the updates that are automatically approved as well as ones which need checking to see if we want them or not.

This wastes time as we are checking updates unnecessarily. Is there a report that could be run instead that prints out just the items that aren't automatically approved and require attention?
We also find updates on the printout that are only a few days old, have already been superseded, again wasting time.

There must be a better way of doing this?
regards
Rick
0
Get proactive database performance tuning online
LVL 2
Get proactive database performance tuning online

At Percona’s web store you can order full Percona Database Performance Audit in minutes. Find out the health of your database, and how to improve it. Pay online with a credit card. Improve your database performance now!

When a user send email to an external address, she is getting this NDR: Your message couldn't be delivered because you weren't recognized as a valid sender.  

The public IP of her connection is blackedlisted.  We clean her computer, and put the computer to another network to connect.  She use OWA to email to her external senders again.  Same NDR.

Please advise.

Thanks.
0
Is there such a list of IP or smtp domains (doesn't have to be up to the hour up-to-date) list so
that we can block at our smtp?

Blocking by firewalls is not good as the emails will still come in
0
I need to implement TDE for an SQL Database, but we use SQL 2012 Web Edition and apparently TDE is only available for Enterprise Edition, but the difference in cost from Web Edition to Enterprise edition is great.
I want to see if there is another way or software we can use to encrypt the data at rest, preferably TDE in our current version of SQL (Web Edition)
Any help is appreciated.
0
I have a client with a Windows 2008 R2 Remote Desktop Services Server (Terminal Server). It has commend to my attention that a user account was compromised allowing an unknown person to gain access the network.

What utility can I use to view hidden accounts, view what accounts that have been given domain admin and or local admin access and discover any root kits or other hidden remote access accounts?

And, what utility can I use to notify and log each time someone logs into the Desktop Services Server or an administrators logs into one of the other servers?
0
Hello ,

Please clarify few doubt about Microsoft Security patch model as monthly rollup for  windows server .
As this update is released that contains all Security, non-security fixes and bug fixes, including all updates from previous monthly rollups.

Here are few queries based on the above definition.

1. What are updates comes under non-security fixes ?
2. Lets say my server last patched on Nov 2016 now I need to update with least patches for May 2017 month , If i will apply only one Monthy rollup patches for May month , will this cover all the all Security, non-security fixes and bug fixes since Dec to May month ?

Thanks
0
Hi to All of you,
during the last days, while we were all concentrated on the Wannacry ransomware, Wikileaks released more information/files on the VAult7 arsenal.
 
I've been asked to check and find samples and/or MD5 hashes on the following CIA's tools and frameworks in order to see if our network and clients have been compromised or not.
The tools are :
Archimedes
Assassin
AfterMidnight


to be homest I'm not sure these tools are already available but asking doesn't cost.
Thank you
Carlettus
0
I need to configure server to host my web site.
It's E-coomerce web site.
01. I need to know what is the upload /and download speed minimum. for example 1000 users access simulaniously.
02. do i need to buy Static IP address
03.i have search from Google typing ipaddress,then it will showing my Your public IP address IPaddress is xxx.xxx....
is it Static or Dynamic Address
04. I have domain name , how to connect IP address and Domain name
05.How to secure my server
0
hi,

Right now as there are more and more zero day attack and security patch sometime is too slow to apply.

what is the way you guy used to deploy patch asap ? WSUS ? any robust way to do it ?

link/resource on how to setup the method is welcome .
0
Hi, I got this error when installing patches for MS17-010 and MS14-066. Window Update service is running, the patches is x64, same with Window. I checked CMD -> systeminfo but could not find the patches, so surely these patches have not been installed before.  Can you help, Ninjas? Thanks so much!

I tried in CMD but got this error:
C:\Windows\System32>Dism.exe /online /Add-Package /PackagePath:E:\MS14-066\Windo
ws6.1-KB3018238-x64.cab

Deployment Image Servicing and Management tool
Version: 6.1.7600.16385

Image Version: 6.1.7600.16385

Processing 1 of 1 - Adding package Package_for_KB3018238~31bf3856ad364e35~amd64~
~6.1.1.2


Error: 0x800f081e

The specified package is not applicable to this image.


The DISM log file can be found at C:\Windows\Logs\DISM\dism.log


Attached file is the log.
dism.log
0
Migrating Your Company's PCs
LVL 4
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Does anyone know where i can find the MS Patch for SBS2011 to patch against WananCry Ransomware?

I know SBS2011 is based on Server 2008R2, tried those but it tells me its not for this system

Many Thanks
1
Hi All, i am desperately trying to disable SMBv1 on my clients SBS2011 but i cannot locate any method to do this, does anyone know an way to dot this that wont mess up and network shares to SBS2011
0
We are looking at doing a DNS web filtering service. We have public WiFi so we feel this is the easiest way to avoid an ssl mismatch.
If we did do DNS filtering, would it be logical for us to block all connections to port 53 UDP unless it's to the web filtering DNS servers? This way someone can bypass it by changing their DNS servers?
0
Hello Experts - I am looking for a way to better protect my company from the cryptovirus malware that seems to be everywhere these days.  I have a basic level of security with a Barracuda email filter, TrendMicro antivirus, and websense web filtering but stuff still gets through all the time and despite nearly weekly emails imploring people not to open questionable emails, they still do.  We've been hit twice in the past with cryptoviruses which I was fortunately able to catch early thanks to a canary on the file server looking for signature files.  I also have good backups but I'd really prefer not to use them and instead do more to prevent these things from causing problems in the first place.

In addition to the basics that I have setup now, what other services or techniques can I check out that will help protect my data from this malware?  I'd very much appreciate any advice, thanks!
0
Dear
How  I Can protect my servers running server 2008r2 , data center 2012r2 and 2016 from Ransomware attack these days , i have already Kaspersky endpoint security last version with last updates running on these servers , but I would like to know if there is any other recommendation to prevent any attack such this .
Thanks
0
Hello Experts,
What are the safe steps we can take to protect our machines
 and the computers of our customers from this cyber attack...??

Any patch, or antivirus... or maybe other procedures?
how abotu servers and stations?
 
I feel like i have no protection at all..
Please your advice...
0

Cybersecurity

281

Solutions

647

Contributors

The Cybersecurity specialization covers the fundamental concepts underlying the construction of secure systems, from the hardware to the software to the human-computer interface, with the use of cryptography to secure interactions. Cybersecurity focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change, theft or destruction. This includes controlling physical access to the hardware, as well as protecting against harm that may come via network access, data and code injection, and due to malpractice by operators, whether intentional, accidental, or due to them being tricked into deviating from secure procedures.