Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Share tech news, updates, or what's on your mind.

Sign up to Post

Choose an Exciting Career in Cybersecurity
Choose an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

CloudFlare and APNIC have launched a free DNS service @ 1.1.1.1 that claims to prevent your ISP from selling your data:
https://blog.cloudflare.com/dns-resolver-1-1-1-1/

The claim to be the "fastest" comes with the caveat of "privacy-first" -- I wonder how it stacks up against DNS services that don't provide any inherent perceived privacy?

On a related note, the service is being hammered by multiple gbps of trash data:
https://www.zdnet.com/article/1-1-1-1-cloudflares-new-dns-attracting-gigabits-per-second-of-rubbish/

Personally, I've used Google's public DNS for years now, since it's always seemed to be more stable than my ISPs, but this CloudFlare option is really tempting. Handing over literally all of my browsing data to Google is probably not the best idea.
1
LVL 44

Expert Comment

by:noci
IPv6 patterns:
Google:
google-public-dns-a.google.com. 21599 IN AAAA   2001:4860:4860::8888

Cloudflare:
1dot1dot1dot1.cloudflare-dns.com. 299 IN AAAA   2606:4700:4700::1001
1dot1dot1dot1.cloudflare-dns.com. 299 IN AAAA   2606:4700:4700::1111

Quad9:
dns.quad9.net.          119     IN      AAAA    2620:fe::fe

level3 has no  ipv6...???
0
LVL 18

Expert Comment

by:Kyle Santos
I need an ELI5 version of what this does.  What am I doing by doing what they said here?
See https://1.1.1.1/ because it's that simple!
0

[Free Webinar] Ten Security Controls for effective Cybersecurity


cyber-webinar-1200x627.jpgWith cyberattacks evolving everyday organizations are forced to build a strong security layer to keep their data safe and maintain user privacy. With so much touch points to improve organization security, ManageEngine is here to facilitate things for you, by hand picking 10 primary security controls which you need to practice to keep the attackers at bay.

Attend our webinar about cybersecurity on April 24th, 11 am BST and make sure you have the best security measures in place for 2018.

Register Now: https://goo.gl/R16u4f
0
Did you know it only takes 2 hours for a security patch to be reversed engineered? Don’t let your company’s vulnerabilities go unsupervised. Enroll in March’s Course of the Month to begin training for your Certified Penetration Testing Engineer Certification today.
1
Obtain real-world security knowledge that allows you to recognize vulnerabilities, exploit system weaknesses, and safeguard threats. Enroll in March's Course of the Month to ensure you attain a higher level of cyber security.
0
Last week, Github was hit with the largest DDOS ever recorded:
https://githubengineering.com/ddos-incident-report/

Akamai Prolexic is who they use for DDOS mitigation and they apparently handled it in stride:
https://blogs.akamai.com/2018/03/memcached-fueled-13-tbps-attacks.html
0
onsite.jpgIntroducing our March Course of the Month: Certified Penetration Testing Engineer Series
Enroll today to learn from a cybersecurity expert with more than 20 industry-recognized certifications and add this invaluable training to your resume. Bonus: This series, valued at $3,000, is free for Premium Members, Qualified Experts, and Team Accounts.
0

Meltdown and Spectre: Battling the bugs in Intel, AMD, and ARM processors


Intel bugs exploiting your sensitive data, AMD and ARM also becomes victims to this exploit.

Read more: https://blogs.manageengine.com/desktop-mobile/2018/01/05/meltdown-and-spectre-battling-the-bugs-in-intel-amd-and-arm-processors.html

You can mitigate this threats to certain extent by patching your windows systems now, after checking the compatible AV's, if updated with incompatible AV's the system may crash, causing blue screen error. Update now and secure your sensitive data.

Attend this webinar to mitigate the bugs right away.
0
LVL 104

Expert Comment

by:John
Just keep patches up to date and use due care when surfing the web and downloading email.
1
1
Keep up with what's happening at Experts Exchange!
LVL 12
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

A29J_130789574330391040IMb0cMkpFw.jpgEdge router x by ubnt is a router which is not expensive but is has a lot of advanced futures. It has its down side to it that its GUI is hard to figure out, also vary little documentation available. But once you get to know it there is a lot you can do with it.
What I will be focusing is when having two networks on the router and you want to create a firewall between the two networks. This can be useful for example, where you have one secure network and one that is a not that secure [can be a wireless network, etc.] and you want to protect the secure network from any attack that my come from the not secured network.
A ubnt router could be configured by port, you can have as many networks as the amount of ports on the router (without having a vlan although you can have a vlan as well).
Now Let’s start with a example we have 2 networks one is 192.168.1.1 on eth0 which is not the secure network, and 192.168.2.1 on switch0 which runs on eth2/eth3/eth4/eth5 (eth1 we use for the WAN)  which is the secure network. You also want to restrict the .1.1 from having access to the .2.1 and from accessing the router management.
1-      Create a firewall port group that will include ssh port (22) http (80) https (443) and telnet (23).
2-       Go to the Firewall/NAT tab, firewall/add ruleset, name it, set the default action to accept.
3-      On the newly created ruleset, action/configuration/roles/add new rule, name it, action -drop, next move to advanced, check -established …
0
2-Post-Native-Image-360-x-200.jpgThe Private Question Feature is back on-site! Learn how we are protecting your tech question security.
2
Warning: If your device uses WiFi, it's at risk!
News broke today about the Krack Attack, a new cyber threat that can decrypt and potentially view everything users are doing online. The Krack Attack preys on a weakness in WPA2 protocol. Hackers near the vulnerable devices (Android and Linux are at greatest risk) can retrieve sensitive user data and information.
Steps to Protect:
1. Apply patches as they become available. For phones and computers, the patches will come in the usual update format. For wifi routers, the manufacturer's website will have the patches.
2. Don't use public WiFi, especially for sharing or sending any sensitive information.
3. Double check that you are browsing with HTTPS. If you are unsure, install this plug-in to encrypt your communications with major websites and make your browsing more secure. https://www.eff.org/https-everywhere
4. Otherwise, use Ethernet.

For more tips on how to protect yourself: https://techcrunch.com/2017/10/16/heres-what-you-can-do-to-protect-yourself-from-the-krack-wifi-vulnerability/
5
2
6
LVL 5

Expert Comment

by:Juana Villa
I have always found sad that people use their skills and knowledge to hinder/hurt others. So, I really like that this article is encouraging people to use their skills on an ethical way.
1
LVL 31

Expert Comment

by:Thomas Zucker-Scharff
Just donated all my waiting shirts.
1
What technology do you think is a fad that won’t last?

Not sure it really qualifies as a "fad" because it's been around so long, but I'd say that a lot of existing password guidelines (special characters, changing them every 90 days, capitalization rules, etc.) are on their way out. Don't believe me? Even the creator of those rules now regrets them.

Although, I'm really looking forward to the day when passwords can just go away almost completely...
2
LVL 18

Expert Comment

by:Kyle Santos
Meanwhile, I just got this.  xD

Screenshot_2.png
Arrrggghhhhhh!
1
LVL 18

Expert Comment

by:Kyle Santos
Come to think of it.  After I graduated high school and started using computers more often I realized how difficult it was to remember passwords that had all those wacky requirements, so I started choosing last names of random people which is kind of similar to what xkcd had mentioned about four random words.  Admittedly, I was doing my best to try and work around difficult password requirements by making it easier for me to remember!  Take that, Bill Burr!
1
What is your favorite password manager?  I use the hell out of LastPass.  Love it's versatility and reliability, especially across multiple platforms.  It's ease of use and short learning curve has made it a valuable part of helping my clientele manage access to specific resources with fantastic results.  What are your go to's?
4
LVL 11

Expert Comment

by:Brandon Lyon
LastPass is the one I prefer. It's easy to use on most browsers & major platforms.
1
LVL 13

Expert Comment

by:Brian Murphy
Agree, as of this writing.  LastPass.
0
2
Does someone have experience with SaaS solution for network security management?
0
LVL 18

Expert Comment

by:Kyle Santos
Hi Asher,

Welcome to Experts Exchange.

Do you have a project in mind that you need someone to work on for you?
If yes, check out our Gigs platform.
https://www.experts-exchange.com/gigs/

If you want to look at members on the site you can go to navigation menu > Browse > Members.  There you can filter what type of expert you're looking for.
3
The IT Degree for Career Advancement
The IT Degree for Career Advancement

Earn your B.S. in Network Operations and Security and become a network and IT security expert. This WGU degree program curriculum was designed with tech-savvy, self-motivated students in mind – allowing you to use your technical expertise, to address real-world business problems.

0
Today is the last day to enroll in June’s Course of the Month. With ransomware attacks on the rise this year, we encourage all members of our community to enroll and avoid becoming part of 2017's statistics. Premium members, Team Account members, and Qualified Experts will have 30 days after enrollment to complete the course. Don’t miss this opportunity to enhance your security!
3
3
4
LVL 5

Expert Comment

by:Juana Villa
Can people user their intelligence to help others? or ... at least not hurt them in any way?
1
Update on Petya Attack
As noted by our on-site expert, krakatoa, the current vaccine for Petya involves creating a file called perfc in the C://Windows folder and making it read only.  No kill-switch has been discovered, only a local vaccine.  
If you see the reboot notification below, your device has been infected. Turn off your device to prevent future encryption. Petya begins encrypting the device an hour after the initial infection.
**Update: Petya begins encrypting your the first 1MB of your files prior to the reboot. See new post for the updated information. **petyareboot.JPG
6
LVL 2

Expert Comment

by:Phillip Monk
.dat
1
LVL 12

Author Comment

by:Experts Exchange
According to our knowledge, file extensions .dat and .dll for perfc. Check out this article for more info!
0
Gain the added security of knowing you are prepared and properly protected against future ransomware attacks, such the Petya attack, with this free course! Premium members, Team Account members, and Qualified Experts have 3 days to enroll for June’s Course of the Month. Once you enroll, you have 30 days to complete the course.

5

Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.