Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hi All,

My company Scenario:

I have connected the branch office to main office using VPN.

Main office is running under domain environment and using a Watch guard as a firewall.
Branch office is running in a work group environment and using a Billion VPN Wi Fi router.

VPN has been set up between Watchguard Firewall (XTM26) and Billion Wifi Router (Bi Pac 8920nz)

VPN is working fine. I am able to take remote of all the computers located in to the branch office using "Microsoft Remote Desktop" from the main office.  

Problem:

I am not able to ping any of the branch office computers. I can ping branch office wifi router and network printer only. What could be the reason?
0
Free Tool: IP Lookup
LVL 11
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Hi  all, please help me on this.
in the palo alto monitoring I see the ip is allowed by policy but the session end reason showing" tcp-rst-fromclient" means pls advice me this is the issue causing due to firewall denying or dropping traffic or issue on the client end.
0
hi all got an snmp alert received an hp spectrum which polls &  captures  snmp logs from all network devices within our network.a week earlier seen alert polled by hp spectrum showing management agent lost on Palo Alto passive firewall device ,no alert for active device but as verified the passive device status is up & able to reach all snmp poll servers but the alert still stays generally which will be cleared automatically as temp fix. verifying both the active passive snmp configurations observed no changes or different .can help what else need to be checked on these palo alto devices further which causing this alert.
0
Our Solarwinds admin guy said he can't set up rules unless a sample event is sent to solarwinds.

We have about 70 events from an app : so far the apps team only could get someone to login/logoff
to simulate once such event but for the other 69 events, need to do reboot etc which they can't
unless there's downtime.

Attached is the full list of snmp events our apps team gave to me.

I'm wondering :

a) what exactly our solarwinds admin is expecting or hinders him from creating rules?  He's
    elusive & extremely busy (ie no time to show me)

b) are there free tools like snmpwalk etc which I could trigger sample events?

I'm sure Cisco devices & Windows events which are currently sent to the solarwinds will
go through the same process to be monitored but really doubt the network chaps will
send the 100+ Cisco event types to Solarwinds for them to be monitored.
SAA-Event-Distribution-Snmp.XLSX
0
Hello All,
I'm working toward my CCNA security and I'm using GNS3 for labbing, everything seems to be working fine but for some reason the connection between my ASA and my local PC is very sporadic, it connects and disconnects on its own for no reason or that's what it seems like and its very frustrating, I've attached my topology.
My Local network is on a 192.168.1.x subnet, the cloud in the topology is representing my local pc.
I can ping 8.8.8.8 from the G/0 interface of the ASA and I can also ping the my local router at 192.168.1.1.
My Local pc is 192.168.1.11 which is on the same subnet but it doesn't always work, my pc's IP/MAC is in the arp table of the ASA and everything matches, I have no firewall enabled on my pc and no AV. Any help would be appreciated..
ccnasecurity-lab-topology.PNG
0
We decided not to spend that  60k/year on external consultants services to do scanning for rogue AP/SSIDs.

I noticed the consultant run a software tool on their laptop.  Any tool that could give a decent PDF report
certifying there's no rogue Wifi AP around will be most welcome.   Need something easy to use
0
Just  bought  Samsung Galaxy Tab S2 9,7 without Android 7.0 installed. Not I can't connector to my PC over wifi using Windows/Samba  connection.
File Expert hangs while trying to connector.
My old tablet with Android 4.4.2 connects  flawless.
Any suggestions?
0
Hello we're attempting to force users to log into Store Front using either their CAC or PKI Certs.  Reading the below article

https://docs.citrix.com/en-us/storefront/3-9/plan/user-authentication.html#par_anchortitle_904a

Under Smart Cards, it says "you configure Citrix Receiver for Windows for pass-through authentication and enable domain pass-through authentication to StoreFront."  is there a way to centrally configure Citrix Receiver, or does this have to happen locally on users machines?  Our domain has only user accounts, the only machines are our servers.
0
Where and how can I see Azure password policy?  Or is it all based on AD password policy?
0
i have 4 networks connected to firewall and all routed and working fine

now i need to stop 2 networks communicating with each other

need a simple way.
0
NEW Veeam Agent for Microsoft Windows
LVL 1
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Our company are using Palo Alto Firewall ,we received the critical alert "Top 5 attackers" and the source is from one of the application server. What does it mean and what should I do .Please advice.Thanks
0
I am trying to create a policy to enable/block specific traffic that my T30-W is handling. I haven't been able to find a good answer as to what each column in the Traffic Monitor means.
0
Hi Guys

I need to find a way to allow the 10.0.0.0/24 network to be reached from 10.10.1.0/24 – 10.10.3.0/24 networks. Given little documentation, I need the help to allow for communication between the networks, trying to achieve the below (sorry, I know it is sketchy)
 
10.10.1.0/24 >>> PING >>>> 10.0.0.0/24
10.10.3.0/24 >>> PING >>>> 10.0.0.0/24
 
10.0.0.0/24 >>> PING >>>> 10.10.1.0/24
10.0.0.0/24 >>> PING >>>> 10.10.3.0/24

The below is .conf file I pulled from our OpenSwan 2.2.6, this .conf file is for our 10.10.1.10/24 network (the 10.10.3.0/24 network is similar)
 
conn ifly-pen
        auto=start
        type=tunnel
        left=%defaultroute
        leftsubnets={172.17.0.0/16 10.0.0.0/24}
        leftid=54.153.249.30
        right=115.70.193.138
        rightid=115.70.193.138
        rightsubnets={10.10.1.0/24}
        authby=secret
        ike=aes128-sha1;modp1024
        esp=aes128-sha1
        pfs=no
        forceencaps=yes
        force_keepalive=yes
        keep_alive=10
        ikelifetime=8h
        keylife=8h
 
You can see, the leftsubnets allows for communication to the 10.0.0.0/24 network from the 10.10.1.0/24 network. However, in the 10.10.1.0/24 network, when I ping the 10.0.0.1 IP address I get no response, see Ping.png and Tracert.png
 
Our OpenSwan IP is 172.17.0.6 and it is a VM in AWS, you can see the above is routing through the 10.10.1.1 (on the 10.10.1.0 network, router), through to the 172.17.0.6 but then goes …
0
Hey

All external mails shows as "X-MS-Exchange-Organization-AuthAs: internal"

How to change to anonymous?

(We have a WatchGuard XCS as spam)

Mike
0
Hello, I started to configure a PFSense, version 2.4.1. I want to know if it is possible to configure an IPsec multi-WAN failover

Has anyone had any experience configuring this? I already configured the DUAL WAN Failover on the PFSense

I would like that the VPN tunnel can be able to stay up if the WAN fails over.

Thanks in advance
0
Hello,

We have a manager expecting emails coming from worknwearuniforms.com.  

Our Office 365 messaging system is blocking the emails coming from worknwearuniforms.com because the spam confidence level is high.  

I just want to see if there is anything we could do or investigate before we do the unblock.

Please advise.

Thanks.
0
Hi
Wanted to open this discussion - to prevent a ransomware attack or malware from spreading across a network

Seems most SMB networks have domain admins (most of which have separate accounts, so the domain admins don't log into a computer with the domain admin account unless performing some sort of work that requires domain admin access), but I've seen a lot of networks where the domain user that logs onto a particular machine is given local admin rights on that machine.  

Also have heard it's not a good idea for a domain admin account to ever log onto a user's workstation

Compromising of credentials stored in memory via LSASS seems pretty easy

As far as how many users have domain admin rights, this seems pretty straightforward; that the fewer domain admins the better, and instead of automatically creating a domain admin account any time a service account is required, it would be better for a service account to use a regular domain user account, but one that's local admin on the server it needs (rather than a full out domain admin account)

What are your thoughts on this?
0
I'm looking for a list of pre PT Questionnaire, for an application based penetration test.
Thank you in advance,
Danny
0
Hi, I need to install the program on all the user's machines. it's a lot of users, how to do without install individually, one time install for every one.Any idea highly appriciated
0
Technology Partners: We Want Your Opinion!
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

We seem to be having an issue with IE 11 retaining cookies on websites listed in the favorites.  We have IE 11 settings configured to delete browsing history on exit.  We also have the setting check marked to Preserve Favorites website data.  We have one particular website that we know of that requires cookies to be present to not prompt for security questions on login.  Our users are continually getting prompted for these questions on computers that should be retaining cookies and not prompting them.  Has anyone seen this issue and have a way to make it work correctly?  Thanks
0
I have a main office running OpenVPN on Untangle v9.4 (I know, but they don't want to spend the money to upgrade and reconnect all of the offices) The remote offices are all on different subnets, and I have no problem reaching the main office by IP address or hostname from the remote office computers. From the main office, I am unable to ping or communicate with any of the remote offices. There are no issues with the main office connecting to the internet, but I am unable to communicate with the connected networks. The OpenVPN connectivity at each office is using a Ubiquiti Edgerouter-X with the config file imported and I use my laptop to support the various offices via a software client OpenVPN connection. When I connect to the OpenVPN server at the main office using my laptop, I am able to ping, use RDP, whatever, I can even use NSLOOKUP from the DC in the main office as the server and get the IP Addresses for the systems in the remote offices. Trying to run a tracert from the cli on the DC server in the main office gives me a first hop that is the LAN address of the Untangle box, but times out on every other hop. This looks like a route issue to me, but I haven't been able to add a static route in any form that allows me to communicate with the remote networks. Help!
0
Hello,

Our messaging system shows a few unuaual user login from Lkorodu, Lagos in Nigeria.  

Is there any good website or is it possible to list networks being used by Lkorodu, Lagos instead of the entire Nigeria?

Please advise.
0
We're getting more and more requests from clients for recommendations and implementation of two security related systems: vulnerability assessments and file/folder encryption software. Our clients are:

1.  Law firms.
2.  Small (10 to 75 users).
3.  Networked; servers are virtualized.
4.  Windows OS (2008/2012/2016 on servers, 7/8/10 on workstations).
5.  Have perimeter firewalls suited to the size of the firm (mostly WatchGuard).

These requests for vulnerability assessments and encryption are prompted by requirements of certain clients of these firms, such as banks and insurance companies.  We're looking for tools that we can use/recommend to our clients for assessing vulnerabilities and providing encryption for files/folders.  Generally they don't require full disk encryption, as only a portion of their work product is affected by these outside requirements.  Full disk encryption, however, may be required for laptops.

We have a product for email encryption in place in some cases, but any thoughts or specific recommendations in that area would also be welcomed.
0
Which is considered stronger security?
0
I have 7 Intellinet 24 POE Switches, installed in the past 3 months.  2 have never reset.  They are in a building on a separate subnet.
I also have two smaller 8 port Netgear POE switches, they have never reset.

There are 5 units that have at least once reset.  Details below

There are two VLANs, 1 (default) and 2 (VOIP), when everything is working it all works very well, data and VOIP traffic is good

Since their installation I have had three incidents where 1, 2, or 4 of the 9 switches were suddenly and with out explanation reset to Factory Defaults.  (I can duplicate this condition be pressing the reset button as you know)

Incident 1 - several weeks after initial installation and roll out of phones, I came in to find that 4 of the 9 switches were factory reset.

I blamed this on my having not changed the default password on the device.  I restored programming, changed the passwords and also put the switches on a private subnet.

Incident 2 - Several weeks later, two of the switches were found in Factory Reset.   Both switches are in areas of our buildings that are accessible to staff (not locked up), I spoke with management and got permission to put a camera in one of the utility closets.  I have not put the camera in, but the belief shared by everyone is that I have.

Incident 3 - 2 weeks later 1 switch (one of the two in Incident 2 , but not the one with the phantom camera.
I reprogrammed the switch, and restored VOIP service.

Some other facts: Two …
0

Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.