Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Share tech news, updates, or what's on your mind.

Sign up to Post

All of a sudden a user is getting an error when trying to connect to workstation through a site to site vpn that says "An error has occurred", If the VPN is diconnected and the WAN IP Address with the Port is used then the RDP works just fine. VPN is configured on  Sonicwall TZ215 and TZ100. We can also RDP on the same LAN as the system without issue.
0
Ransomware-A Revenue Bonanza for Service Providers
LVL 4
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Our apps team somehow has a way of detecting that 61.239.162.190 is an
IP of a credit card fraud : I'm not quite close to the team so anyone know
if there are IP list out there that blacklist it?

I've checked www.ipvoid.com & threatstop.com but this IP is not in their
extensive blacklists.

How can I find out the mode of fraud of this IP?  Does this source IP send
emails or via sort of application (credit card processing)?

I've heard of several Online Fraud Tools (by IBM & F5) but haven't managed
to play with them yet
0
Hello,

I wrote a script to create a folder path and it works OK, however, it creates folders read only and I am trying to avoid that. I do not want it read only because then another process cannot create some files within the DATA folder. This is what I wrote and it is still creating the folders read only. Can you please let me know what am I missing?

mkdir -p "C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA"
attrib -R "C:\Program Files\Microsoft SQL Server\*.*" /S /D
0
BecomingMalwaretech-SocialMedia-Nati.pngEver wondered what it takes to become a threat intel expert like Malwaretech? Check out our first Q&A release where Marcus discusses his background and predictions for the next threat in malware.
4
Compliance and data security require steps be taken to prevent unauthorized users from copying data. Here's one method to prevent data theft via USB drives (and writable optical media).
1
 
LVL 96

Author Comment

by:Lee W, MVP
Comment Utility
Ok, thanks!
0
 
LVL 8

Expert Comment

by:Senior IT System Engineer
Comment Utility
Thanks for sharing the great article.
0
Hello - we upgraded from a 5510 ASA to a 5516 recently.  On our old 5510, the home page of the ASA would present the ASDM tool.  the 5516 does not do this.  After spending an hour reading the Getting Started guide and online, I find lots of information about how the ASDM works - but hardly any help on how to actually launch the tool.  Need some help from the experts.  thanks
0
Hi Guys
I have a problem with Maximizer software that if everyone group does not have full permission to the c:\windows\temp on the server it will not work. I called Maximizer and they don't even know about this. They keep asking to reinstall it.
So to fix my problem I just give everyone full access to the c:\windows\temp and we are good to go for sometime 3 months other one day only. The reason is that the everyone group just disappear from there and I have to add it again.
Nobody other than me has access to the server so I can confirm that there is no other admin or user changing this.
Any idea what's going on? The Maximizer run on Terminal server 2012
0
A customer called a number claiming to be HP and spoke to someone who ran LogMeIn onto his PC, logged in, and told him that his computer has been the target of hacks and that people "in another state are using his computer to launch attacks."  Anyways, I logged onto his computer, did a full virus scan, reset his Windows Firewall settings, ran SFC, and checked all his startup programs and nothing come up unusual.  Is there anything else I can do to verify that there's no damage or back door left on his PC?
0
How to block unmanaged switches from network. I have already apply BBDU Guard on interface but where unmanaged switches attached port will not block. and in show spanning-tree interface detail command no BpDU received. So please help is required for block unmaanged switches fron network. Other than port security please
0
Experts Exchange got the opportunity to interview MalwareTech, the 22yr old who discovered the WannaCry kill switch. Check out his advice on security and future security threats, as well as his comments on the importance of tech communities.
5
 
LVL 31

Expert Comment

by:Zoppo
Once a customer called me and told our software tells him 'Hardlock not found' - after 10 minutes verifying everything (driver, service, client) was installed fine and running, just for fun and coz I was a little bit frustrated, I aksed if he really plugged in the hardlock - the customer was a bit surprised and answered "No, it's here, laying in front of me, on my desktop - do I have to plug it somewhere?"

Another time I sent a PDF docu to a customer - he answered with a mail asking me what to do with this PDF. I wrote 'just open it to read or print it' - he answered he doesn't know what 'open' means and asked me if it would be possible that I open the PDF and send it to him 'opened'.

And one of my favorites, allthough it wasn't directly me: Once surprisingly I heard my colleague (usually a relaxed guy) yelling loud into the telephone "NO! STOP! Stop EVERYTHING! DON'T TOUCH the mouse! DON'T TOUCH ANYTHING! When I tell you 'click', click EXACTLY ONCE with the LEFT mouse button! WHEN I TELL YOU 'double click', click EXACTLY TWICE with the LEFT mouse button! As long as I don't tell you anything DON'T TOUCH ANYTHING!!!"
0
Simple, centralized multimedia control
Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

Does someone have experience with SaaS solution for network security management?
0
 
LVL 16

Expert Comment

by:Kyle Santos
Hi Asher,

Welcome to Experts Exchange.

Do you have a project in mind that you need someone to work on for you?
If yes, check out our Gigs platform.
https://www.experts-exchange.com/gigs/

If you want to look at members on the site you can go to navigation menu > Browse > Members.  There you can filter what type of expert you're looking for.
3
Hi Experts,

I am installing new wireless equipment at a very small motel this week. They have AT&T business internet and just want to provide an SSID and password/key to guests to connect. No splash screen or anything like that. They were originally using Netgear signal boosters that you plug into wall outlets, but customers stole them.

I told them I would only use pro-level equipment, so I have ordered 2 UAP-AC-PROs and the Ubiquiti 8-port 60w PoE Switch for 12 rooms. Eight rooms are in a 2-floor building, four on each floor and the other building is just four rooms on a single floor. I plan to install one AP on the ceiling in room 3 (middle, bottom room) of each building, including the two floor building. The rooms are small so I think this will suffice.

Questions:

Do I need to order a security device or new router? Can I use the AT&T provided router and connect it to the Ubiquiti PoE switch and configure the WAPs using the Ubiquiti controller software installed on the office PC? And will that software without a security device or new router be able to provide two SSIDs?

The owners are trying to save money (of course!) so I wanted to see if any other gear was necessary. It appears that the solution I've provided will do the trick, but it is not ideal security-wise. Any advice is appreciated!

Thanks,

Rich
0
I understand the exposure of having a public facing website with username root.

So, I have created a new username and changed my WordPress site to use that new username.

Shall I delete the "root" username?

Thanks.
1
I have a DVR system for my IP camera systems and I have a sonicwall firewall. I need to access my dvr through my public IP address while out of office. I did the following steps:

Creating the necessary Address Objects

step 1
Then I did

step 2

Creating the appropriate NAT Policies which can include Inbound, Outbound, and Loopback

Then I did

Step 3

Creating the necessary Firewall Access Rules

then Firewall.png

I did these steps and still cant access the DVR system when outside my network.
1
Our current McAfee NIDS is going to be EOSL soon so we're considering
whether to upgrade to Intel McAfee's   Threat Defense Lifecycle or
dedicated NIDS or integrate NIDS function into our existing Checkpoint
NGFW firewall?  

It's a perimeter NIDS (not internal network NIDS)

Kindly assess in terms of
a) performance : with dedicated NIDS, it won't affect firewall's performance?
b) however, dedicated NIDS, need an extra console?  Lack's integration with
     firewall (to block bad/malicious source IP ??) ?
c)  any other ...  ??

I see a trend by vendors coming out with unified products from Cisco,
Sophos, so does this mean this is the way to go ?
0
The product will come with its' operating system only , for training, does palo alto offer the service 30 days evaluation (like Microsoft) when expire you have to re-install it again.
0
Abstract Network traffic is volume of data moving across the system at any given time. The traffic encapsulates in packets to provide load, it effect organization network resources by assisting to ensure good quality in service. Data is important resources of any business organization; its security
0
Hi,



Can anyone help in identifying why once my vpn client enabled. I can  ping all other internal IPs except 192.168.4.1(interface DatabaseZone)  and 192.168.3.1. My vpn client assigned 192.168.5.100 which is in  the range ov VpHi,



Can anyone help in identifying why once my vpn client enabled. Cant ping any of internal IPs configuration like 192.168.4.1(interface DatabaseZone) . My vpn client assigned 192.168.5.100 which is in  the range of Vpnclients object-group configuration.nclients object-group configuration.

here attached output from "show vpn-sessiondb detail remote"
vpn-sesssiondb-detail.txt
0
Hello,

we woud llike to configure firepower 2100 in our datacenter,  here  is our plan:

We do the cabling from our Router to  Firepower 2100(IPs)  , and the do cabling from Firepower2100 to our network switch.  We monitor incoming and outgoing traffic on Firepower port.

Is it the proper design?
0
Ready to trade in that old firewall?
Ready to trade in that old firewall?

Whether you need to trade-up to a shiny new Firebox or just ready to upgrade from whatever appliance you're using now, WatchGuard has the right appliance for you! Find your perfect Firebox today with appliance sizing tool!

Hello experts, I have a client running Server 2012 with 10 client PCs, the Symantec anti virus flagged up a dodgy file this morning, it blocked it but it prompted me to investigate. I found that one of the client PCs shows logon activity using the computername$ account at about the same time as the file was found, and later on the server computername$ account. The system is using a draytek router, which had Remote desktop enabled previously, this has been turned off since January but when I checked the firewall, port 3389 was still enabled. I have disabled that and rebooted the router. I am currently only using VPN as remote access.
So far, all appears OK on the system. My question is regarding the $ accounts, I was aware of them but never used them, can they be used without a password to gain full access, is there anything that can be done to guard against this?
0
We want to implement some sort of WEB security filtering for group of remote offices.  We have two things on the table for us to consider.

1. Cisco NGIPS (Firepower), and management center.
2. Websense

I used Websense in the past.  Users who try to open up bad web links from their email or web browsers, they are not able to do it.

I am not familiar to Cisco Firepower.  Does someone know if it does the same thing as Websense?  What are their major differences in a high level perceptive?

Please advise.  

Thanks.
0
Hi,

Anyone knows if there are any Windows base honeynet environments which one can easily download and configure accordingly without the need to setup everything from scratch? I have heard about KF Sensor but have yet to test it out. Maybe someone knows a library of VMs illustrating different honeypot server roles which can be deployed with some guidelines? Thanks in advance.
1
I just had it happen *again*. /opt went to 100% and management services croaked and wouldn't restart.
After rebooting the OS I was able to acs-config and run acsview replace-cleandb. This will make things
good for a few months. I only keep like three months of logging and show acs-logs didn't appear to have
that much in it anyhow. How do I prevent /opt from filling up and stopping services?
0
Hi guys,

I need some inputs from you guys so that I can set up my DMZ Lab. I have added a 2nd SME Mail Server in my DMZ and I also have my Web Server. In my Internal Network, I have my 1st SME Mail Server and AD/DNS.
I am using a pfSense Firewall with 3 NIC. I did some Port Forwarding so that my WAN users can access my Web Server.

Adding a 2nd SME Mail Server in the DMZ so that all Mails from outside or WAN will be forwarded in DMZ.
Internal Network users can send email and receive. I don't have idea and I want to understand how to do this.
Can please anyone help me ?

Thank you so much

Novice
0
I'm quite new with Firewalls and need some quick configuration tips, make zywall up and run with some basic open ports browsing, email (port 995), chat, youtube. Would like to know what do I get out-of-the-box when I start and switch on for first time my new Zywall usg100
0

Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.