Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x

Encryption

Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hi, I connected two asa5505 with a crossover cable to learn site2site vpn, I have these configures for both but it just not working, there are no activities on the outside interfaces. I have tested each asa5505 connected to my home LAN with internet access to make sure the interfaces are working. Thanks!


ASA Version 8.2(5)
!
hostname asa-a
domain-name asa-a.domain
enable password 2KFQnbNIdI.2KYOU encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
!
interface Ethernet0/0
 switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
 nameif inside
 security-level 100
 ip address 192.168.1.1 255.255.255.0
!
interface Vlan2
 nameif outside
 security-level 0
 ip address 10.1.1.1 255.255.255.0
!
ftp mode passive
dns server-group DefaultDNS
 domain-name asa-a.domain
access-list outside_1_cryptomap extended permit ip 192.168.1.0 255.255.255.0 10.2.2.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip 192.168.1.0 255.255.255.0 10.2.2.0 255.255.255.0
pager lines 24
logging asdm informational
mtu outside 1500
mtu inside 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 1 0.0.0.0 0.0.0.0
timeout xlate 3:00:00
timeout conn …
0
2017 Webroot Threat Report
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

I have a question in regards to encrypting email.
Does exchange 2013 encrypt email when going outside of the exchange server and if so, is this set by default?
0
Dear
 I have problem with a user machine who made all excel files encrypted on windows XP , unfortunately the machine needs to install windows 7 on it after that all encrypted files not opened how i can solve  this case
thanks
0
Hey all I am trying to figure out how to get the following to work or replace in order to make work:

Module1:
    Private oTest                   As Class1
    Private InitDone                As Boolean
    Private Map1(0 To 63)           As Byte
    Private Map2(0 To 127)          As Byte

    #If VBA7 Then
      Public Declare PtrSafe Function GetSystemMetrics Lib "user32" (ByVal nIndex As Long) As Long
    #Else
      Public Declare Function GetSystemMetrics Lib "user32" (ByVal nIndex As Long) As Long
    #End If

    Private Declare Sub CopyMemoryByref Lib "Kernel32.dll" & _
                        Alias "RtlMoveMemory" (ByRef dest As Integer, ByRef & _
                        source As Integer, ByVal numBytes As Integer)
      
    Private Declare Function VarPtr Lib "vb40032.dll" & _
                             Alias "VarPtr" (lpObject As Integer) As Long

    Public Function EncryptData(ByRef bytMessage() As Byte, ByRef bytPassword() As Byte) As Byte()
    		Dim bytKey(31) As Byte
    		Dim bytIn() As Byte
    		Dim bytOut() As Byte
    		Dim bytTemp(31) As Byte
    		Dim lCount, lLength As Integer
    		Dim lEncodedLength, lPosition As Integer
    		Dim bytLen(3) As Byte
    		
    		If Not IsInitialized(bytMessage) Then Exit Function
    		If Not IsInitialized(bytPassword) Then Exit Function
    		
    		For lCount = 0 To UBound(bytPassword)
    			bytKey(lCount) = bytPassword(lCount) : If lCount = 31 Then Exit For
    		Next lCount
    		
    		

Open in new window

0
our exchange server is pts-msx-1.ptsnewmexico.com.  Our email addresses end in  @ptsofficesystems.com.  I am having trouble getting our certificates correct.  Currently we are configured as follows:

Domain name
mail.ptsofficesystems.com

Encryption Strength
GoDaddy SHA-2

Validity Period
11/10/2014 - 8/13/2018  




Subject Alternative Names (SANs)
 owa.ptsnewmexico.com
 mail.ptsnewmexico.com
 pts-msx-1.ptsnewmexico.com
 autodiscover.pts-msx-1.ptsnewmexico.com

We still get certificate problems.  Any help on the sans would be appreciated.
0
We have a request to put the highest possible security on a folder.  We've been asked to put 2 FA on access, but only to those who need to access that folder and preferably only when they have to access that folder.

We can't see how this is directly possible using Duo or RSA, but if there is we'd love to know how.  If it is not, what kind of "out of the box" ways can we have a very high security folder within an environment?

We considered moving it to the cloud to secure it with 2FA, but this also then exposes a cloud/Internet component and they are looking for the tightest security possible.

Thanks to everyone who contributes!
0
Hello Experts!

OK, so I created an RSA Key Container using this code I got from the Microsoft Web Site:
https://msdn.microsoft.com/en-us/library/ca5htw4f(v=vs.110).aspx

I want to Export that RSA Key Container so I can Import it on another server...however when I try to do that it tells me:
"The RSA Key Container was not found"
When using this command:
aspnet_regiis -px "MyKeyContainer" "c:\keys.xml" -pri

Why?
0
I'm having difficulties with setting up a new site to site vpn to two other sites. I currently have a site to site working with from the 128.0 to the 2.0 networks.  I have a new site which I'm trying to configure a site to site vpn to the other two sites through the vpn wizard and they aren't connecting.  I went through the ASDM site to site vpn wizard and it worked for the first one but it doesn't for the new site to the others.  I have included the configs below.

192.168.1.0 NETWORK
:
ASA Version 9.1(6)
!
hostname ciscoasa
enable password OlOxQ1nyrZ49h6MK encrypted
names
!
interface Ethernet0/0
 switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
 nameif inside
 security-level 100
 ip address 192.168.1.1 255.255.255.0
!
interface Vlan2
 nameif outside
 security-level 0
 ip address 104.201.x.x 255.255.255.252
!
ftp mode passive
object network obj_any
 subnet 0.0.0.0 0.0.0.0
object network EMAIL
 host 192.168.1.253
 description Woodchuck
object network Webserver
 host 192.168.1.254
 description ETIMAIN
object network cl
 subnet 192.168.2.0 255.255.255.0
object network NETWORK_OBJ_192.168.1.0_24
 subnet 192.168.1.0 255.255.255.0
object network SC
 subnet 172.172.128.0 255.255.255.0
object-group protocol TCPUDP
 protocol-object udp
 protocol-object tcp
access-list…
0
When trying to decrypt from shared dasd to mainframe using gpg decryption.  The file shiows up on the mainframe decrypted but with extra blank lines after each row.
Here is the decryption command... not sure why the extra spacing.... Any ideas ??

//STDIN    DD *                                                  
file=inputfilename.pgp                                  
ip=/folder path on shared dasd/$file  
sudo gpg -d --batch --yes --passphrase n1aCEvJns4 $ip            
//                  
                                           
Thank You !!
0
After a recent external penetration test, in responding to findings I used the IISCrypto.exe tool to harden our Exchange 2010 server (using the best practices template), disabling old protocols and weak ciphers, as well as reordering the cipher suite order.  After this was done, one of our vendors is unable to receive email from us.  Every other recipient is fine.  When we email them, we don't get the undeliverable right away, it waits 24 hours then we get the NDR as shown below.  I backed out the changes and went back to the server defaults, but we still have the same issue.  I've worked with our encryption vendor, who hosts the outgoing smart host virtual appliance, and they don't see anything other than possible network issues with the vendor's MX records.  I've also been working with the vendor, but their help is only to a certain extent, as they state no one else is having issues emailing them.  My question is, has anyone seen this behavior before?  Is there anything that needs to be reset or do certificates need to be renewed....anything related to the changes I made that could fix this issue?  I don't want to have to rebuild the Exchange server, but will if needed although that doesn't seem like the valid solution.  Any help or at least pointing in the right direction is much appreciated.  Below is a copy of an NDR we are receiving.  Thanks

Michael Deaton
IT Security Officer
Clark County Credit Union
702-939-3147

Diagnostic information for administrators:
0
Free Tool: Port Scanner
LVL 10
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

One of of our users has forgotten the exact details of their encryption password. They can remember the characters they used e.g. RTYD67H but they can't remember what was lower case and what wasn't. Does anyone know of anything that might generate all the variants of that password e.g. rTYD67H, RtYD67H and then we can enter them manually? Or is there anything we can run against this laptop that will test all those variants for us?  the laptop was encrypted with TrueCrypt.

Thanks
0
Hi I am using BouncyCastle OpenPGP. I am trying to do Encrypt, Sign, Decrypt, Verify. Encryption with larger file(200 MB) is working pretty much faster But when i try to decrypt the encrypted file its taking 15 mins. Please let me know how to recover that by reducing the decryption time.
0
As a part of everyday process, I need to download an encrypted file from sFTP server and decrypt it with key and password.
Please help me with BATCH script to automate this process without manual interruption in GPG2
0
Through Shellscript ,executing encrypt command

gpg --recipient F13456 -keyring/home/appldev/.gnupg/pubring.gpg   --encrypt ABC.txt

The above command is neither giving error nor the file is getting encrypted.

Is that the way specifying the keyrings folder to check for the public key .

If not specified the keyrings,its getting executed in command line but through shell script it says "NO Public Key",encryption skipped.

Need you help on this.
0
Hi Experts,

Is there any encryption tool for Asp.NET Project?

Regards,
D Patel
0
We get a lot of zip files from MAC users. When any of our users extract the files in Windows 7 to our server, they appear Green (fine, I know Windows 7 has issues with Mac created ZIP files...) however, the only user who can decrypt the files is the user who extracted them and until they do so no other users can access them. Is there any way to get round this? If the user who extracted the files is off and someone else needs access then they are stuffed. Is there any other way to decrypt the files? I know at some point we will end up with encrypted files that have been extracted by a user who is no longer with the company and their account deleted so we won't be able to log on as that user and decrypt them.
0
Hi All,

I need to upgrade the EMC PowerPath drivers from 5.5.0.5 to  6.1.0.0 and EMC ODM drivers from 6.0.0.5 to 6.0.0.6.

Currently we have on servers as below

root@:/home/root # lslpp -l | grep -i EMC
  EMC.CELERRA.aix.rte        6.0.0.5  COMMITTED  EMC CELERRA AIX Support
  EMC.CLARiiON.aix.rte       6.0.0.5  COMMITTED  EMC CLARiiON AIX Support
  EMC.CLARiiON.fcp.rte       6.0.0.5  COMMITTED  EMC CLARiiON FCP Support
  EMC.Symmetrix.aix.rte      6.0.0.5  COMMITTED  EMC Symmetrix AIX Support
  EMC.Symmetrix.fcp.rte      6.0.0.5  COMMITTED  EMC Symmetrix FCP Support
  EMCpower.base              5.5.0.5  COMMITTED  PowerPath Base Driver and
  EMCpower.encryption        5.5.0.5  COMMITTED  PowerPath Encryption with RSA
  EMCpower.migration_enabler
  EMCpower.mpx               5.5.0.5  COMMITTED  PowerPath Multi_Pathing
  devices.common.IBM.modemcfg.data

root@:/usr # oslevel
7.1.0.0
root@:/usr # uname -a
AIX hl 1 7 00CEBE734C00
root@:/usr #

Thanks in advance
0
Hello - we need to send some encrypted emails for only a few users for HIPAA requirements. What do you recommend?
0
i have lost my encryption key , can i recover the same for encrypting data 9928873103
0
Concerto's Cloud Advisory Services
LVL 4
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Hi experts!

I enabled BitLocker, which appeared to encrypt the drive successfully, then rebooted my Dell Latitude Windows 10 laptop (TPM enabled).

Unfortunately Windows won't boot any more; initially it was booting to a cmd prompt 'LoginUI.exe' and allowing me to enter my username and password, but then saying that the windows event notification service failed to start.

Now it doesn't even get that far; it boots straight in to the repair mode, and I've tried every option without any luck. Auto repair fails to find a problem, reset this PC doesn't work, system restore, startup repair, go back to previous build etc. I also tried all the bootrec commands without any joy.

Any ideas please? Otherwise I'll just have to throw a new SSD in and try recover my files.

Thanks
0
Hi!

Is it possible to encrypt/decrypt data that is being transmitted through serial connection (RS232) for two devices without using any hardware?

Thanks,

Randy
0
After configuring the RC4-HMAC-NT, AES128-SHA1 or AES256-SHA1 Kerberos authentication mode is set but when using the DES-BSC-CRC or DES-CBC-MD5 encryption type, from the client machine [windows 8.1] while connecting to the principal
 Kerberos authentication mode is not set and while trying to login it asks for password.


 To perform the kerberos connection test configuration is done as follows:

1. Set up AD DC on windows server 2012 R2 and windows client 8.1 is used

2. Created a domain user and checked the corresponding option in case of DES-CBC-CRC and DES-CBC-MD5 "Use Kerberos DES encryption types for this account".


 3. On the windows server 2012 R2, in local Policies->Security Options ->"Network Security: configure encryption type allowed for Kerberos" DES_CBC_CRC or DES_CBC_MD5 along with  RC4_HMAC_NT is selected.


 4. On windows 2012 R2, by using ADSIEDIT.msc, value of  msDS-SupportedEncryptionTypes is set to 5 or 6 accordingly.


 5. On the windows client machine [windows 8.1] which is in same domain, in local Policies->Security Options ->"Network Security: configure encryption type allowed for Kerberos" DES_CBC_CRC or DES_CBC_MD5 along with  RC4_HMAC_NT is selected.


 6. Created keytab file on windows 2012 Server R2 by using the KTPASS command [corresponding encryption type is used with -crypto option]


 ktpass -princ host/<host name>@domain name -mapuser <domain user name> -pass <passwd of domain user> -crypto DES-CBC-MD5 -ptype …
0
One of my client system got encrypted with the frogo file extension. Is any tool available for decrypt these files.
0
My Testing Lab.

AD1 192.168.100.1/24
AD2 192.168.100.2/24
EX1 192.168.100.4/24 ( exchange server 2016)
EX2 192.168.100.5 /24 (exchange server 2016)
Haproxy 192.168.100.7/24

On the client outlook direct ex1 or ex 02 can connect with POP3 with 995  & 110 .

HA proxy health check is ok for  995 only . 110 service is down .

On the client outlook direct  Haproxy can connect  110 only .When i connect with POP3 (995) . Following error show

Log onto incoming mail server (POP3): Your server does not support the connection encryption type you have specified. Try changing the encryption method. Contact your mail server administrator or Internet service provider (ISP) for additional assistance.

I don't know what is my problems.
0
This has been going on way too long. I tried to force quit by shutting down after unlocking the decryption but it won't work...help!!
0

Encryption

Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.