Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Share tech news, updates, or what's on your mind.

Sign up to Post

Our HQ  (domain is  orgname.com) often have staff travelling to our country (different domain,
say org2name.com.au) as well as staff from our country often go there & we have separate AD,
DNS & MS Exchange servers.  In fact we are neighbouring countries.

We have a dedicated leased line between the HQ & us but with firewalls doing NAT in between.

Q1:
Will need to grant staff access to their mailboxes seamlessly without compromising
security.  What are the trusts to permit between our HQ & us?   We are regulated differently
by different financial regulators so credit card & our customers information can't be shared.

Q2:
We will maintain email Exchange servers and email filtering security tool (Proofpoint) separately.
Thing is staff who are seconded to be based here from HQ may go back once every 6-monthly
(for say a period of 3 weeks before returning): likely the staff seconded here will continue to
use HQ's mailbox but their laptops will login to our local country's AD/domain: any trust to
be permitted here & what are the best practices?  Usually staff seconded here (or vice-versa)
 for 1-3 years will go back to HQ once their term here expires

Q3:
We are also implementing email encryption (Voltage) & our HQ will implement it later (maybe
6-10 months later) : so need to consider this aspect as well.  Staff based here will use email
encryption of HQ & likewise staff from our country going there will use email encryption here.


Q4:
The staff that …
0
Free Tool: Path Explorer
LVL 10
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

I have been trying to connect to a Watchguard XTM 330 L2TP vpn using the windows client, keep getting the message that it can't resolve the server name. Using a Windows 2012 Radius server that I can authenticate to from inside the network. DNS is configured on the policy for the watchguard etc. When we use the Watchguard SSLVPN client it works just fine. We use roaming profiles so the SSLVPN client won't work with them. Anyone have any suggestions?
0
Looking for recommendations for a product that will allow tracking of files that are opened/moved/copied on a Windows Network.  I know there are many full blown enterprise level products that handle this, but I'm looking for a simpler, more localized equivalent.

I'm not aware of anything in native Windows Server that will allow this level of tracking.  Could be wrong about that.

Any recommendations appreciated.
0
Hello,

If you connect to a secure bank site, or even Facebook using HTTPS, on an open non secure WiFi, is the data between your computer and the site secure?
1
Warning: If your device uses WiFi, it's at risk!
News broke today about the Krack Attack, a new cyber threat that can decrypt and potentially view everything users are doing online. The Krack Attack preys on a weakness in WPA2 protocol. Hackers near the vulnerable devices (Android and Linux are at greatest risk) can retrieve sensitive user data and information.
Steps to Protect:
1. Apply patches as they become available. For phones and computers, the patches will come in the usual update format. For wifi routers, the manufacturer's website will have the patches.
2. Don't use public WiFi, especially for sharing or sending any sensitive information.
3. Double check that you are browsing with HTTPS. If you are unsure, install this plug-in to encrypt your communications with major websites and make your browsing more secure. https://www.eff.org/https-everywhere
4. Otherwise, use Ethernet.

For more tips on how to protect yourself: https://techcrunch.com/2017/10/16/heres-what-you-can-do-to-protect-yourself-from-the-krack-wifi-vulnerability/
4
When I browse a http site I got the following screen.Verizon.JPG
same is if I browse a https site but using the ad link in the browser instead of the direct link http.jpg
I did a trace from the router (not from the computer) I got the following results see attached

On another computer on the network I do not have the issue, but have a wireless access point that does have the issue

I already did a ipconfig /flushdns

Please help
Trace.txt
0
Sometimes legitimate websites such as for hotels or companies get flagged by my Malwarebytes Pro as scam websites (the websites get blocked):

"Malwarebytes blocked a suspected bad URL or an unwanted program."

In these cases, as I need to visit for example a hotel's website to make a booking, would it be safe to use a Chromebook instead? Or use another solution to visit this website?
0
Hi

I encrypted a USB drive using BitLocker To Go in Windows 10 Pro and when I inserted it into a new machine it prompted for the password. Once I entered it in I noticed a More Options section which allowed me to check Automatically unlock on this PC. I have since realized I don't want this to occur but I don't know how to make it go back to the way it was. I looked in Credential Manager with no luck. Sorry I'm new to BitLocker.
0
I was recently tasked with setting up a VPN for a client of ours for accessing files from home. We are able to successfully login however when we try to map drives or access resources we are unable to. Mapping drives errors as is we are not in that domain. Trying to access the drives through Explorer returns the same. Can anyone assist with this please?
0
Hi Everyone,

I would like to use the Meraki MDM SCEP service to hand out certificates for users enrolling to the Meraki System Manager platform. The certificates will then be used to authenticate against Cisco ISE for wireless access.

I've added the AD to the Meraki Platform and added the profile to be pushed down to ISE on the platform as well. Cisco ISE has also been added to the Meraki Platform.

As part of the SCEP process for Meraki I'm supposed to download the SCEP CA certificate and have it signed to the Microsoft CA. I assume I would need to export the .csr file and have it signed via web enrollment. However I'm not sure what template to use in order to have it signed for the correct use. When I import a standard user template it is signed for the account which i used to log into the web enrollment page (Admin user). Of course this is not the correct solution as the certificate needs to be for all users i.e. it needs to be for %User% so all users can get a certificate and enroll. I can then add this certificate to ISE. Can anyone help?
mer.PNG
0
2017 Webroot Threat Report
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

hi how can someone track the virus which is in LAN network how can i get rid of it
0
hi guys

Are any of you working on implementing GDPR that plans to come into effect next March?

If so, do you have a list of things that need to be implemented technically on infrastructure, storage and network security?
I am looking for something that would have a list of 'to-do's' like:

"Must implement password complexity of one letter, number and eight characters that change every 30 days"
"Transfer of data from local source to destination must be recorded and its location known"

I just made the above up, but basically are there any lists that one could follow as guidance for the entire infrastructure?

Thanks for helping
Yashy
0
Hello all,

I've been stumped on this issue for the past week and figured I'd ask around for possible solutions.

Issue:
Company's internal website (http://companyweb) redirects to an external website (colfaxcorp.com), BUT only on two local workstations. The redirect isn't profile specific, and only these two workstations are affected regardless of the web browser used.

What I've tried:
Clearing caches and cookies
Various malware scanners. malwarebytes, hitman pro, tddskiller, and more.    No threats found.
DNS flush on workstations
Modifying the host file. (which actually solved the immediate problem, but removing my changes reverts back to the same issue)

Anyone have any insight on this issue?
0
Hello all,
I will be migrating a Watchguard XTM505 to a Watchguard M370.  I understand the step by step portion of the policy manager.
My question is that before I import the configuration file from the policy manager to the new M370 do I need to activate the new M370 or do anything else to it?
Thanks,
Kelly W.
0
I am looking some advice.

Looking to test out a Network Security Tool for BotNet on our network.

Basically looking tool to scan network to check for BotNet and types - if any
0
Hi experts
I have an application that won’t to run as well without admin privilege even it’s run as admin with script so
I wanna know how to prevent domain admin user in active directory 2008 R2 environment from installing apps via GPO or VB script
0
https://www.experts-exchange.com/questions/29056334/Steps-to-block-AD-IDs-from-login-to-30-critical-PCs.html

Further to the question I posted above, besides the 30+ critical PCs (for Swift processing), we have about
20 Tally network printers used to print critical SWIFT messages : the PCs & printers are at various physical
locations : 1-3 PCs may spool print to one of those printers.

Heard that in Banglades bank's SWIFT heist, hacker intercepted print job, learnt how to send fabricated
data to the printer.   We can secure the PCs with Windows Firewall but what about the printers?

To create isolated VLANs & move these PCs & printers to the dedicated VLANs require changing IP addrs
of these PCs/printers & may incur downtime & if not planned carefully, disruptions.  Would creatiing
MAC addr ACLs on the switches that these PCs & printers are connected to help?

Our netwk support said it's no longer a common practice to do MAC-based ACLs? Is this true?
Or it's simply too much of an effort for the 30 PCs & 20 printers?

Can Layer 2 switch support MAC ACLs?
0
What monsters are hiding in your child's room? In this article I will share with you a tech horror story that could happen to anyone, along with some tips on how you can prevent it from happening to you.
3
My user cannot connect with Watchguard client or Shrewsoft client.  Switching users to myself I find that I cannot connect with Watchguard client but I can with Shrewsoft.  This is a Windows 7 Pro PC.  My windows 7 PC can use either client.  Why cant this user use the VPN?
0
Industry Leaders: We Want Your Opinion!
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

How can I find all traffic logged from 172.18.128 using Splunk search? This much be the simplest thing. But I can't get the dern thing to return a thing!
ScrnGrab2313-170929-12.56.jpg
ScrnGrab2314-170929-12.57.jpg
ScrnGrab2315-170929-12.58.jpg
0
Hi everyone!  I just wanted to thank everyone in advance for any advice or suggestions.

I am trying to implement simple Network Printer MAC Authentication on our Network.  I've configured my HP A5120 switch with global and port specific MAC settings, I've created a 2016 NPS "Connection Request Policy", and I've created a new Active Directory user using the printer's MAC address as the username and password.  However, I cannot get a successful MAC authentication between the Printer<->Switch<->NPS Radius Server.  I've tried using the config for user-name-format both as "with-hyphen" and "without-hyphen".  It's probably something silly and really simple, but I'm stuck.  If someone could verify my Switch and NPS configurations, I would be super grateful.

Below are my configurations and terminal debugging for reference:

***[HP A 5120 configuration]***
#Configure A5120 port which Printer is connected to…
# Enable MAC authentication globally.
mac-authentication
# Enable MAC authentication on Int GigabitEthernet 2/0/22
int gig 2/0/22
mac-authentication
#Specify domain for MAC Auth
mac-authentication domain hcd.ca.gov
#Config MAC auth to use MAC-based accounts. MAC usernames and paswords are NOT hyphenated
mac-authentication user-name-format mac-address with-hyphen lowercase
# Enable MAC authentication on GigabitEthernet 1/0/8, and specify a guest-vlan VLAN
mac-authentication guest-vlan 25
#Critical Mac Auth Vlan
mac-authentication critical vlan 30…
0
I am trying to configure my Watchguard firewall [XTM 515 - Fireware 11.9.4] to allow certain machines access to the update site of a software provider. Unfortunately this software vendor does not hold the updates on systems that can be referenced via  fixed ip addresses but rely on referencing their infrastructure via a DNS name.  I don't seem to be able to setup a route using packet filters or proxies. Does anybody know of a way of doing this?
0
Very strange, this morning when I turned on the computer I got a message that Malwarebytes (I have Pro version) has been turned off. When I turned it on, the option "Protection against malicious code" was switched off, and I can not switch it on! All other options are selectable and can be switched on, but not this option.

Last time I was in Manila I had similar problems with strange things happening. Then when I left the problems disappeared. And most often here in Manila I get warnings when connecting to the hotel wifi about insecure network or dangerous connection.

All kinds of small problems since 2 days when suddenly I got this problem with the message "Waiting for proxy tunnel" in Google Chrome and "TLS handshake" in Mozilla Firefox:

https://www.experts-exchange.com/questions/29058931/How-should-I-get-rid-of-the-message-Waiting-for-Proxy-Tunnel-in-Google-Chrome.html

Other problems: Can not use Google API any longer for connection to Google Translate API for my CAT tool. Can not switch input language any longer. Can not run Windows Update any longer:

https://www.experts-exchange.com/questions/29058918/Why-do-I-get-Windows-could-not-search-for-new-updates-in-my-Windows-7-Home-when-checking-for-updates.html

Other problems (continued):

Takes ages to save a text document or other document ("Not responding").
"Google has authentication problems" when logged in to Gmail.

Etc. etc. (new issues coming up all the time).
0
We access an external vendor's site who provided us some sort of service.

However, about 300 of our staff, mostly contract staff needs to access this
service but they currently are not granted Internet access on their PCs, so
we permit by firewall rules for entire organization to access that vendor's
site as going by proxy, we'll need to grant 300 proxy entries (ie by their
AD Id) to 3 URLs as that site will call/redirect to 2 other URLs.

By permitting at firewall rules & letting these contract staff bypass the
proxy, the contract staff can only access these 3 URLs & not any other
links/sites on Internet so this is still "secure" in my view as these 3
URLs are "trusted" sites.   This method of bypassing proxy is also to
facilitate that should new contract staff joins, the staff could access
as the 3 URLs while if we go by proxy, each time a new staff joins,
have to request for it & each time a staff leaves, have to remove that
staff's AD Id from proxy: quite an enormous admin task (for the
proxy admin as well as supervisors of these staff).

Q1:
Now, we just found that this vendor has coded another module to call
Google's "Captcha" service (which is  www.google.com/..... ) : what's
the entire subnet range of google.com ?  Is it a Class A, B or C or a
mix of many Class C  ranges ?

Q2:
Our firewalls can't resolve via public DNS currently so if permit to
access a large range of public IP, what's the security/risk implications?
Any other safe way …
0
Running a Nessus scan produces loads of results. Can anyone recommend a tool for building a coherent report that reasonably easy to use?
0

Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.