Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Share tech news, updates, or what's on your mind.

Sign up to Post

Our apps team somehow has a way of detecting that is an
IP of a credit card fraud : I'm not quite close to the team so anyone know
if there are IP list out there that blacklist it?

I've checked & but this IP is not in their
extensive blacklists.

How can I find out the mode of fraud of this IP?  Does this source IP send
emails or via sort of application (credit card processing)?

I've heard of several Online Fraud Tools (by IBM & F5) but haven't managed
to play with them yet
On Demand Webinar - Networking for the Cloud Era
On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button


I wrote a script to create a folder path and it works OK, however, it creates folders read only and I am trying to avoid that. I do not want it read only because then another process cannot create some files within the DATA folder. This is what I wrote and it is still creating the folders read only. Can you please let me know what am I missing?

mkdir -p "C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA"
attrib -R "C:\Program Files\Microsoft SQL Server\*.*" /S /D
Hello - we upgraded from a 5510 ASA to a 5516 recently.  On our old 5510, the home page of the ASA would present the ASDM tool.  the 5516 does not do this.  After spending an hour reading the Getting Started guide and online, I find lots of information about how the ASDM works - but hardly any help on how to actually launch the tool.  Need some help from the experts.  thanks
Hi Guys
I have a problem with Maximizer software that if everyone group does not have full permission to the c:\windows\temp on the server it will not work. I called Maximizer and they don't even know about this. They keep asking to reinstall it.
So to fix my problem I just give everyone full access to the c:\windows\temp and we are good to go for sometime 3 months other one day only. The reason is that the everyone group just disappear from there and I have to add it again.
Nobody other than me has access to the server so I can confirm that there is no other admin or user changing this.
Any idea what's going on? The Maximizer run on Terminal server 2012
How to block unmanaged switches from network. I have already apply BBDU Guard on interface but where unmanaged switches attached port will not block. and in show spanning-tree interface detail command no BpDU received. So please help is required for block unmaanged switches fron network. Other than port security please
Our current McAfee NIDS is going to be EOSL soon so we're considering
whether to upgrade to Intel McAfee's   Threat Defense Lifecycle or
dedicated NIDS or integrate NIDS function into our existing Checkpoint
NGFW firewall?  

It's a perimeter NIDS (not internal network NIDS)

Kindly assess in terms of
a) performance : with dedicated NIDS, it won't affect firewall's performance?
b) however, dedicated NIDS, need an extra console?  Lack's integration with
     firewall (to block bad/malicious source IP ??) ?
c)  any other ...  ??

I see a trend by vendors coming out with unified products from Cisco,
Sophos, so does this mean this is the way to go ?
The product will come with its' operating system only , for training, does palo alto offer the service 30 days evaluation (like Microsoft) when expire you have to re-install it again.

Can anyone help in identifying why once my vpn client enabled. I can  ping all other internal IPs except DatabaseZone)  and My vpn client assigned which is in  the range ov VpHi,

Can anyone help in identifying why once my vpn client enabled. Cant ping any of internal IPs configuration like DatabaseZone) . My vpn client assigned which is in  the range of Vpnclients object-group configuration.nclients object-group configuration.

here attached output from "show vpn-sessiondb detail remote"
We want to implement some sort of WEB security filtering for group of remote offices.  We have two things on the table for us to consider.

1. Cisco NGIPS (Firepower), and management center.
2. Websense

I used Websense in the past.  Users who try to open up bad web links from their email or web browsers, they are not able to do it.

I am not familiar to Cisco Firepower.  Does someone know if it does the same thing as Websense?  What are their major differences in a high level perceptive?

Please advise.  


Anyone knows if there are any Windows base honeynet environments which one can easily download and configure accordingly without the need to setup everything from scratch? I have heard about KF Sensor but have yet to test it out. Maybe someone knows a library of VMs illustrating different honeypot server roles which can be deployed with some guidelines? Thanks in advance.
Does Your Cloud Backup Use Blockchain Technology?
Does Your Cloud Backup Use Blockchain Technology?

Blockchain technology has already revolutionized finance thanks to Bitcoin. Now it's disrupting other areas, including the realm of data protection. Learn how blockchain is now being used to authenticate backup files and keep them safe from hackers.

I just had it happen *again*. /opt went to 100% and management services croaked and wouldn't restart.
After rebooting the OS I was able to acs-config and run acsview replace-cleandb. This will make things
good for a few months. I only keep like three months of logging and show acs-logs didn't appear to have
that much in it anyhow. How do I prevent /opt from filling up and stopping services?
Hi guys,

I need some inputs from you guys so that I can set up my DMZ Lab. I have added a 2nd SME Mail Server in my DMZ and I also have my Web Server. In my Internal Network, I have my 1st SME Mail Server and AD/DNS.
I am using a pfSense Firewall with 3 NIC. I did some Port Forwarding so that my WAN users can access my Web Server.

Adding a 2nd SME Mail Server in the DMZ so that all Mails from outside or WAN will be forwarded in DMZ.
Internal Network users can send email and receive. I don't have idea and I want to understand how to do this.
Can please anyone help me ?

Thank you so much

I'm quite new with Firewalls and need some quick configuration tips, make zywall up and run with some basic open ports browsing, email (port 995), chat, youtube. Would like to know what do I get out-of-the-box when I start and switch on for first time my new Zywall usg100
Hello Everyone

I'm an aspiring Cyber Security Analyst and currently I'm studying for my Sec+. I currently have my A+ and want to move away from the Help Desk as I find this not in my passion to do but more so to be hands on and not dealing heavily with end user contact as much as a Help Desk position would. When I try to research entry level positions to become a Security Analyst it seems almost impossible because of the experience that is wanted/needed. I understand that. This is now starting to make me feel as if I chose the wrong path, I also as well have a strong interest in becoming a Sys Admin as well. These two are my primary focus. Any suggestions for someone who only have help desk experience to move into a more hands on role for a Cyber Security Analyst. Or is it best to become a Sys Admin and then transition into the Security field?

Thank you

Also any suggestions on tools or virtual labs that will help me learn cyber security tools and gain my own hands on practice

I'm in my last year of my Bsc. Degree in Computer Networks, and rather than finding a domain to choose from, I am searching for a proper title to which would not be wide open or very narrow for my research.

At 24 years old, I currently work as a CA administrator in an information security department with previous experience on administering SIEMs and Password Management Systems.

The areas of interest for my these can be found below, and would appreciate if advice can be provided on how to make the proposal titles more straight forward.

1. The benefits of implementing honeypots in small developing companies
2. Use of CAs, digital certificates for a particular scenario? Using encryption for a particular scenario maybe?
3. Illustration of 3 different routing technologies implemented in a common network with comparisons of their performance using different scenarios.
4. Illustration of an attack/malware/exploit of a vulnerability and the defence mechanisms available to mitigate the issue.

Also, please note I'm not that very much versed into software development, just basic scripting knowledge. Any new topics not mentioned above are highly welcome. Thanks in advance for the feedback :)
We are concerned with using the latest Chrome due to data loss/leakage
via whatsapp sidebar : does this feature enable files upload/downloading?

is there any way to remove/disable it & how to go about doing this?

If it's a data loss risk & not possible to disable, which previous latest
version of Chrome doesn't have this sidebar?  I'm thinking of using
the older version & hopefully Google still release patches for it

I just thought that since Whatsapp on my Android allows us to attach
files, this feature in Chrome may allow the same

The vendor who does our security audit express concern about SSL certificate we are using on our websites.  They mention version 3 and TLS v1 are not secured.  

I check the version of the cert we purchase is SHA-2.  

I usually purchase the latest version cert and apply it to my IIS website.  Are there additional things I need to do?

Please advise.  

Can you please suggest best IT security vulnerability reporting software like hackerone which will be also cost effective.
I have a Windows 2016 Hyper-V server box that came with two network cards. First NIC is connected to internal LAN (192.168.1.x) and 2nd NIC is connected directly to ISP Internet modem (therefore, it receives a dynamic public IP address given by ISP DHCP server). On 2nd NIC,  I intend to create a virtual machine ("TESTVM") where I like to try to open some suspicious email attachments or click on website links (to find out whether they are malicious). I have installed Malwarebytes Anti-Exploits/Anti-Malware/Ransomware on this VM and it sends me email alerts whenever it detects "suspecious" activity.
I plan on connecting to this VM thru remote desktop connection program (port# 3389, 3390 .. etc) using Dynamic DNS.
Having said that, I know a lot of experts would go against the idea of exposing the server to public internet.

I know that I could put another router (192.168.2.x) between 2nd NIC and ISP internet modem to enhance security, but what I like to know is how am I venerable as it is?
How could hackers penetrate to this server when the only account is "administrator" with secure password?

Thanks you for your insight.
Get your Disaster Recovery as a Service basics
Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

I have a hacker who has compromised my network, devices and my life for over a year. I have found various devices connected to my lab top via blue tooth, unknown devices on my wifi network and have collected a bunch of networking logs and see things on there that shouldn't be there, I believe. It's a lot of information that I really don't know how to read and I don't know what information is important. So I'm looking to hire somebody to review the logs and information that I found and tell me what information should be looked at more closely, what information needs to be investigated further, etc.

Definitely willing to pay.. Contact me privately if you have history in this area.

I am working on a tenable nessus audit file for ibm aix.

What i am trying to achieve is 2 compliance check on the /etc/hosts.equiv file:

1. To find all UID less that 100 and UID not equals to the default system user ids (0,1,2,3,4,5)

2. To find all GID less that 100 and GID not equals to the default system group ids (0,1,2,3,4,5)

type: CMD_EXEC
description: "UID less than 100 and not system default UID"
cmd: ""
expect: ""

type: CMD_EXEC
description: "GID less than 100 and not system default GID"
cmd: ""
expect: ""

I am really new to working with tenable and also new to aix.

Really apperciate if anyone can help me out with what i should put for the cmd and expect statement on how to make the compliance check work.

Thanks really apperciate it!

We need to have a standalone IPS solution put in.  We currently run two pfSense firewalls in an HA setup.  I was looking around on eBay and saw a Tipping Point 210E (two of them).  Are they still good with updates to definitions?  Any other less cost recommendations?
pfSense HA works a little odd too, so I'm not sure if this will even work.
Firewall 1 WAN IP x.x.x.1
Firewall 2 WAN IP x.x.x.2
Firewall Shared WAN IP x.x.x.3

Same setup with internal LAN IPs.  Each firewall has its own physical connection to the modem via ethernet for the WAN side and LAN side.
I plan to give a contractor TeamViewer access to my Windows 10 computer, which accesses my Windows Server 2012 via RDP.

If Windows Server 2012 has FTP disabled or NOT installed, can the contractor download huge 10GB+ files to his computer without me knowing?

If so, how can I prevent this?
Hopefully, someone may have a little bit of input, or knowledge regarding such a rare setup,

We deployed an open-source network monitoring tool called "NetForce Defender" by a company called MainNerve.

In order to comply with the developer's prerequisites, we built a server running Ubuntu Linux server and installed the software on there. We also needed to dedicate two NIC interfaces, one with a static IP address that is used as a management port, and the other as the monitoring port (we connected this port directly to our default gateway on a port that the main uplink port to our ASA is being mirrored/spanned to in order for the NetForce server to monitor all inbound/outbound traffic. The second NIC interface is configured as IDS/promiscuous mode.

In order to view the output/events/statistics being monitored, you would enter the IP of the management NIC into a web browser and a gui will pop up (it's called Kibana).

I see no evidence that the firewall is actually being monitored/audited... not sure if I am looking in the wrong place, the port mirroring on our gateway is not properly set up, or I goofed up somewhere in the process of installing NetForce defender. It's a very complicated process configuring everything and it took me literally a week.

If there is a way to verify that the ASA is even being monitored, any tips would be appreciated.
Hi Experts,

I need to set up MAB authentication on Cisco ACS 5.6 for one of our wireless networks.

Can someone please outline the steps I need to take?

I have attempted to set it up using tutorial videos and forum answers but can't get it working.

Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.