Cybersecurity

270

Solutions

28

Articles & Videos

622

Contributors

The Cybersecurity specialization covers the fundamental concepts underlying the construction of secure systems, from the hardware to the software to the human-computer interface, with the use of cryptography to secure interactions. Cybersecurity focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change, theft or destruction. This includes controlling physical access to the hardware, as well as protecting against harm that may come via network access, data and code injection, and due to malpractice by operators, whether intentional, accidental, or due to them being tricked into deviating from secure procedures.

Share tech news, updates, or what's on your mind.

Sign up to Post

Experts,

On my victim Windows 7 professional domain joined machine when I go to connect to a network share, I send my NTLMv2 HASH.
But when I take a password hashdump, they are in NTLM format.  
While in a meterpreter connection, when I run hashdump, will it always be NTLM format? I don't remember ever seeing NTLMv2 when running hashdump.
0
Comprehensive Backup Solutions for Microsoft
LVL 4
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Hi All,

Is it possible to block a particular file, for eg a  malicious pdf, based on its Sha-256/Md5 hash value , from the firewall?

Regards,
T
0
Hi, just looking for a better way of managing WSUS v 6.3.9600.18228
We automatically approve Critical, Definition and Security updates
We sync Critical, Definition, Feature Packs, Security Updates, Service Packs, Updates roll ups, and Updates.

We get an email notification once a week of the synchronised updates, we have 3 different sites each running its own WSUS server, and its a constant struggle trying to wade through the print outs, as the print outs (synchronised report) contain all the updates that are automatically approved as well as ones which need checking to see if we want them or not.

This wastes time as we are checking updates unnecessarily. Is there a report that could be run instead that prints out just the items that aren't automatically approved and require attention?
We also find updates on the printout that are only a few days old, have already been superseded, again wasting time.

There must be a better way of doing this?
regards
Rick
0
When a user send email to an external address, she is getting this NDR: Your message couldn't be delivered because you weren't recognized as a valid sender.  

The public IP of her connection is blackedlisted.  We clean her computer, and put the computer to another network to connect.  She use OWA to email to her external senders again.  Same NDR.

Please advise.

Thanks.
0
Is there such a list of IP or smtp domains (doesn't have to be up to the hour up-to-date) list so
that we can block at our smtp?

Blocking by firewalls is not good as the emails will still come in
0
I need to implement TDE for an SQL Database, but we use SQL 2012 Web Edition and apparently TDE is only available for Enterprise Edition, but the difference in cost from Web Edition to Enterprise edition is great.
I want to see if there is another way or software we can use to encrypt the data at rest, preferably TDE in our current version of SQL (Web Edition)
Any help is appreciated.
0
I have a client with a Windows 2008 R2 Remote Desktop Services Server (Terminal Server). It has commend to my attention that a user account was compromised allowing an unknown person to gain access the network.

What utility can I use to view hidden accounts, view what accounts that have been given domain admin and or local admin access and discover any root kits or other hidden remote access accounts?

And, what utility can I use to notify and log each time someone logs into the Desktop Services Server or an administrators logs into one of the other servers?
0
Hello ,

Please clarify few doubt about Microsoft Security patch model as monthly rollup for  windows server .
As this update is released that contains all Security, non-security fixes and bug fixes, including all updates from previous monthly rollups.

Here are few queries based on the above definition.

1. What are updates comes under non-security fixes ?
2. Lets say my server last patched on Nov 2016 now I need to update with least patches for May 2017 month , If i will apply only one Monthy rollup patches for May month , will this cover all the all Security, non-security fixes and bug fixes since Dec to May month ?

Thanks
0
Hi to All of you,
during the last days, while we were all concentrated on the Wannacry ransomware, Wikileaks released more information/files on the VAult7 arsenal.
 
I've been asked to check and find samples and/or MD5 hashes on the following CIA's tools and frameworks in order to see if our network and clients have been compromised or not.
The tools are :
Archimedes
Assassin
AfterMidnight


to be homest I'm not sure these tools are already available but asking doesn't cost.
Thank you
Carlettus
0
I need to configure server to host my web site.
It's E-coomerce web site.
01. I need to know what is the upload /and download speed minimum. for example 1000 users access simulaniously.
02. do i need to buy Static IP address
03.i have search from Google typing ipaddress,then it will showing my Your public IP address IPaddress is xxx.xxx....
is it Static or Dynamic Address
04. I have domain name , how to connect IP address and Domain name
05.How to secure my server
0
Free Tool: Port Scanner
LVL 8
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

hi,

Right now as there are more and more zero day attack and security patch sometime is too slow to apply.

what is the way you guy used to deploy patch asap ? WSUS ? any robust way to do it ?

link/resource on how to setup the method is welcome .
0
Hi, I got this error when installing patches for MS17-010 and MS14-066. Window Update service is running, the patches is x64, same with Window. I checked CMD -> systeminfo but could not find the patches, so surely these patches have not been installed before.  Can you help, Ninjas? Thanks so much!

I tried in CMD but got this error:
C:\Windows\System32>Dism.exe /online /Add-Package /PackagePath:E:\MS14-066\Windo
ws6.1-KB3018238-x64.cab

Deployment Image Servicing and Management tool
Version: 6.1.7600.16385

Image Version: 6.1.7600.16385

Processing 1 of 1 - Adding package Package_for_KB3018238~31bf3856ad364e35~amd64~
~6.1.1.2


Error: 0x800f081e

The specified package is not applicable to this image.


The DISM log file can be found at C:\Windows\Logs\DISM\dism.log


Attached file is the log.
dism.log
0
Does anyone know where i can find the MS Patch for SBS2011 to patch against WananCry Ransomware?

I know SBS2011 is based on Server 2008R2, tried those but it tells me its not for this system

Many Thanks
1
Hi All, i am desperately trying to disable SMBv1 on my clients SBS2011 but i cannot locate any method to do this, does anyone know an way to dot this that wont mess up and network shares to SBS2011
0
We are looking at doing a DNS web filtering service. We have public WiFi so we feel this is the easiest way to avoid an ssl mismatch.
If we did do DNS filtering, would it be logical for us to block all connections to port 53 UDP unless it's to the web filtering DNS servers? This way someone can bypass it by changing their DNS servers?
0
Hello Experts - I am looking for a way to better protect my company from the cryptovirus malware that seems to be everywhere these days.  I have a basic level of security with a Barracuda email filter, TrendMicro antivirus, and websense web filtering but stuff still gets through all the time and despite nearly weekly emails imploring people not to open questionable emails, they still do.  We've been hit twice in the past with cryptoviruses which I was fortunately able to catch early thanks to a canary on the file server looking for signature files.  I also have good backups but I'd really prefer not to use them and instead do more to prevent these things from causing problems in the first place.

In addition to the basics that I have setup now, what other services or techniques can I check out that will help protect my data from this malware?  I'd very much appreciate any advice, thanks!
0
Dear
How  I Can protect my servers running server 2008r2 , data center 2012r2 and 2016 from Ransomware attack these days , i have already Kaspersky endpoint security last version with last updates running on these servers , but I would like to know if there is any other recommendation to prevent any attack such this .
Thanks
0
Hello Experts,
What are the safe steps we can take to protect our machines
 and the computers of our customers from this cyber attack...??

Any patch, or antivirus... or maybe other procedures?
how abotu servers and stations?
 
I feel like i have no protection at all..
Please your advice...
0
I heard that the ransomware that screwed up the british health system and many others.... that was because they were running win xp machines?

or is it more than that?

Any tips on protection?

I saw this page:

https://pbs.twimg.com/media/C_w_rWlUAAAtWs

that talks of turning off smb 1 protocol for file sharing.

What's the downside / what problems would that cause if we do that on each machine?

Those powershell commands are for win 8 and above.

running those commands on win 7 gets error messages about that command not found.

are there comparable commands to run on win 7?   it's not safe by default / nothing to worry about?

thanks!
1
Three Reasons Why Backup is Strategic
LVL 4
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Hi guys

Could you help me with few settings please? how to setup it etc

-      Only computers with the latest updates can login into our network ? via remote access and vpn  ?
-      Should we disable SMB v1? on all computers?  
-      How to block 139, 445 port on the sonicwall
-      how can I block  HTA extension file from downloading ?

thank you
0
Hi Everybody,

I am looking for a  virtual cyber security range solution for the  university which I work for so that the students can do their labs. The requirements are the following :- Accessible, secure and seamless access must be provided to the remote virtual lab.The remote virtual server must reliably serve a significant number of concurrent users with limited resources.The virtual machine (VM) must be configured with the appropriate operating system(s) and include the required security tools for each lab exercise.Students must have privileged access rights on the virtual machines to execute security or network tools.

I am wondering if it is a good idea to  use VMware vCloud Automation Center for such solution. If somebody has got an architectural design for such type of solution I would appreciate if you could send me a copy.
Regards

Soobash
0
In my experience connecting to a corporate VPN makes my computer a part of another network.  This means that my computer and possibly other computers on my network are now visible to the corporate vpn.  Would this also hold true of retail vpn suppliers now being able to probe my local network for vulnerabilities?
0
Can anyone recommend a multi-factor authentication vendor that supports SMS that can be used for shared accounts.  For example - needing 2 factor to protect a 365 admin account but rather then go to 1 user's phone that may be out of the office, to go to a shared location that all techs can access
0
Hi Experts
After i lost all data by ransomware attack i need to know that

1- How can i protect my files from this type of virus.
2- How can i protect my Shadow Volume Copies from delete or encrypt.
3- What is the best security polices i need to apply for servers and clients
1
Hi experts
I have mikrotik router board v5
Using hotspot
I need antivirus rule for my system
0

Cybersecurity

270

Solutions

28

Articles & Videos

622

Contributors

The Cybersecurity specialization covers the fundamental concepts underlying the construction of secure systems, from the hardware to the software to the human-computer interface, with the use of cryptography to secure interactions. Cybersecurity focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change, theft or destruction. This includes controlling physical access to the hardware, as well as protecting against harm that may come via network access, data and code injection, and due to malpractice by operators, whether intentional, accidental, or due to them being tricked into deviating from secure procedures.