Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Share tech news, updates, or what's on your mind.

Sign up to Post

hi guys

Our consultant teams have run a report for security and a good 10 people's email addresses are available on the dark web. What is the best practice from here for better securing ourselves? Change of password? 2 Factor Authentication for OWA?

Thanks for helping
Yashy
0
Four New Appliances. Same Industry-leading Speeds.
Four New Appliances. Same Industry-leading Speeds.

But don't take it from us.  The Firebox M370 is Miercom tested and Miercom approved, outperforming its competitors for stateless and stateful traffic throughput scenarios.  Learn more about the M370, M470, M570 and M670 and find the right solution for your organization today!

Is there a way I can add a linux box to my domain network for monitoring purposes?  I'm a complete novice on this particular topic and don't know if my question even makes sense, but I have lots of spare machines I could use and dozens of Linux software disks that have come with my subscriptions to LinuxUser  and to Admin.

Is there a trade pub that would cover this, or a white paper?
0
Hello there,

I"m reviewing the 802.1x's microsoft implementation to get handle on it  and consider its possible implementation in our environment. At this moment we don't have a domain, as a matter of fact we're mostly macs with no network os. I've been reading Microsoft documents and it seems to me 802.1x can be implemented without joining the computers to domain.  I've found quite a few hurdles as i keep reading and testing this so i figure it'd be a great idea to pick someone else's brain...
First, can i implement NPS in a non domain mac environment  environment? Should i consider open source for radius instead?
If any of you have implemented it, is there any lessons you would like to share with me as keep testing.

thanks for your help..
0
I am trying to open a port on the domain for all computers in the domain via group policy, I did the following;
Computer configurations/Windows settings/Security settings/Windows firewall with advanced security/inbound rules.
New rule
Port
TCP 155
Allow connection if secure
Entered the authorized computer that will be accessing via this port
Domain
Name - finish
Assigned the rule to the domain
Did a update cmd
But the port is not open
Working with a server 2012 and window 10
Open-155.JPGPort-155.JPG
0
Hello,

Trying to create a Site to Site between our TZ215 and Azure:
VNET1 - Address Space     = 10.1.0.0/16
               Subnet  range      = 10.1.0.0/24

GatewaySubnet                  = 10.1.1.0/24

Virtual Net Gateway           = VPN
                                               = Policy-based
                                               = VNET1
                                               = VNET1GWIP  (created Public IP)

Local Net Gateway             = RP_OFFICE
                                              = Public IP address of SonicWALL
                                              = 192.168.250.0/24 (LAN network on SonicWALL)

Connection                          = Site-to-Site (IPsec)
                                               = Virtual Net Gateway
                                               = RP_OFFICE
                                               = Shared key that matches what's configured in the SonicWALL

SonicWALL:
 General Tab                         = Site to Site, IKE using Preshared , IPsec Primary = Public IP of Azure, IPsec Secondary = 0.0.0.0, Local & 
                                                   Peer IKE ID = IPv4 address
Network Tab                         = LAN Subnets, Azure LAN network
Proposals Tab                       = Main Mode, Group 2, AES-256, SHA1, 28800, ESP, AES-256, SHA1, 3600
             
Seeing the following in the SonicWALL log:
  SENDING>>>> ISAKMP OAK INFO …
0
In the search tool - you can select source or destination address that EQUALS, NOT EQUALS, IS EITHER, IS NEITHER. But what I haven't figured out is how to search by subnet. e.g. show me all the traffic with Destination in the 10.12.67.0/24 subnet. Is that possible?
0
I have custom the CFS URL filtering on my new Sonicwall TZ300. It works fine from LAN to WAN.

Try to customize the same setting from my WLAN to WAN but it doesn't block those prohibted URLs as expected. Any idea ? Is there a place in Sonicwall to check where it is passed or blocked ?

Thx

CFS
0
What is the process to logon to or reset the logon username and password for a SonicWALL TZ600 router when the logon information isn't known?

We don't want to reset any information on the router we simply want to logon to it or reset the username and password.

We have physical access to this router.

How can this be done?
0
TMG 2010 is blocking some websites, when I try to create a rule to bypass the proxy setting of the TMG again I am not able to access the sites, should we say that the status of the TMG now does not accept creating rules or why is it like that? Help me team.
0
Our apps team somehow has a way of detecting that 61.239.162.190 is an
IP of a credit card fraud : I'm not quite close to the team so anyone know
if there are IP list out there that blacklist it?

I've checked www.ipvoid.com & threatstop.com but this IP is not in their
extensive blacklists.

How can I find out the mode of fraud of this IP?  Does this source IP send
emails or via sort of application (credit card processing)?

I've heard of several Online Fraud Tools (by IBM & F5) but haven't managed
to play with them yet
0
On Demand Webinar: Networking for the Cloud Era
LVL 9
On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

Hello,

I wrote a script to create a folder path and it works OK, however, it creates folders read only and I am trying to avoid that. I do not want it read only because then another process cannot create some files within the DATA folder. This is what I wrote and it is still creating the folders read only. Can you please let me know what am I missing?

mkdir -p "C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA"
attrib -R "C:\Program Files\Microsoft SQL Server\*.*" /S /D
0
Hello - we upgraded from a 5510 ASA to a 5516 recently.  On our old 5510, the home page of the ASA would present the ASDM tool.  the 5516 does not do this.  After spending an hour reading the Getting Started guide and online, I find lots of information about how the ASDM works - but hardly any help on how to actually launch the tool.  Need some help from the experts.  thanks
0
A customer called a number claiming to be HP and spoke to someone who ran LogMeIn onto his PC, logged in, and told him that his computer has been the target of hacks and that people "in another state are using his computer to launch attacks."  Anyways, I logged onto his computer, did a full virus scan, reset his Windows Firewall settings, ran SFC, and checked all his startup programs and nothing come up unusual.  Is there anything else I can do to verify that there's no damage or back door left on his PC?
0
How to block unmanaged switches from network. I have already apply BBDU Guard on interface but where unmanaged switches attached port will not block. and in show spanning-tree interface detail command no BpDU received. So please help is required for block unmaanged switches fron network. Other than port security please
0
Hi Experts,

I am installing new wireless equipment at a very small motel this week. They have AT&T business internet and just want to provide an SSID and password/key to guests to connect. No splash screen or anything like that. They were originally using Netgear signal boosters that you plug into wall outlets, but customers stole them.

I told them I would only use pro-level equipment, so I have ordered 2 UAP-AC-PROs and the Ubiquiti 8-port 60w PoE Switch for 12 rooms. Eight rooms are in a 2-floor building, four on each floor and the other building is just four rooms on a single floor. I plan to install one AP on the ceiling in room 3 (middle, bottom room) of each building, including the two floor building. The rooms are small so I think this will suffice.

Questions:

Do I need to order a security device or new router? Can I use the AT&T provided router and connect it to the Ubiquiti PoE switch and configure the WAPs using the Ubiquiti controller software installed on the office PC? And will that software without a security device or new router be able to provide two SSIDs?

The owners are trying to save money (of course!) so I wanted to see if any other gear was necessary. It appears that the solution I've provided will do the trick, but it is not ideal security-wise. Any advice is appreciated!

Thanks,

Rich
0
I understand the exposure of having a public facing website with username root.

So, I have created a new username and changed my WordPress site to use that new username.

Shall I delete the "root" username?

Thanks.
1
I have a DVR system for my IP camera systems and I have a sonicwall firewall. I need to access my dvr through my public IP address while out of office. I did the following steps:

Creating the necessary Address Objects

step 1
Then I did

step 2

Creating the appropriate NAT Policies which can include Inbound, Outbound, and Loopback

Then I did

Step 3

Creating the necessary Firewall Access Rules

then Firewall.png

I did these steps and still cant access the DVR system when outside my network.
1
Our current McAfee NIDS is going to be EOSL soon so we're considering
whether to upgrade to Intel McAfee's   Threat Defense Lifecycle or
dedicated NIDS or integrate NIDS function into our existing Checkpoint
NGFW firewall?  

It's a perimeter NIDS (not internal network NIDS)

Kindly assess in terms of
a) performance : with dedicated NIDS, it won't affect firewall's performance?
b) however, dedicated NIDS, need an extra console?  Lack's integration with
     firewall (to block bad/malicious source IP ??) ?
c)  any other ...  ??

I see a trend by vendors coming out with unified products from Cisco,
Sophos, so does this mean this is the way to go ?
0
Hi,



Can anyone help in identifying why once my vpn client enabled. I can  ping all other internal IPs except 192.168.4.1(interface DatabaseZone)  and 192.168.3.1. My vpn client assigned 192.168.5.100 which is in  the range ov VpHi,



Can anyone help in identifying why once my vpn client enabled. Cant ping any of internal IPs configuration like 192.168.4.1(interface DatabaseZone) . My vpn client assigned 192.168.5.100 which is in  the range of Vpnclients object-group configuration.nclients object-group configuration.

here attached output from "show vpn-sessiondb detail remote"
vpn-sesssiondb-detail.txt
0
Simplifying Server Workload Migrations
LVL 4
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Hello,

we woud llike to configure firepower 2100 in our datacenter,  here  is our plan:

We do the cabling from our Router to  Firepower 2100(IPs)  , and the do cabling from Firepower2100 to our network switch.  We monitor incoming and outgoing traffic on Firepower port.

Is it the proper design?
0
Hello experts, I have a client running Server 2012 with 10 client PCs, the Symantec anti virus flagged up a dodgy file this morning, it blocked it but it prompted me to investigate. I found that one of the client PCs shows logon activity using the computername$ account at about the same time as the file was found, and later on the server computername$ account. The system is using a draytek router, which had Remote desktop enabled previously, this has been turned off since January but when I checked the firewall, port 3389 was still enabled. I have disabled that and rebooted the router. I am currently only using VPN as remote access.
So far, all appears OK on the system. My question is regarding the $ accounts, I was aware of them but never used them, can they be used without a password to gain full access, is there anything that can be done to guard against this?
0
We want to implement some sort of WEB security filtering for group of remote offices.  We have two things on the table for us to consider.

1. Cisco NGIPS (Firepower), and management center.
2. Websense

I used Websense in the past.  Users who try to open up bad web links from their email or web browsers, they are not able to do it.

I am not familiar to Cisco Firepower.  Does someone know if it does the same thing as Websense?  What are their major differences in a high level perceptive?

Please advise.  

Thanks.
0
Hi,

Anyone knows if there are any Windows base honeynet environments which one can easily download and configure accordingly without the need to setup everything from scratch? I have heard about KF Sensor but have yet to test it out. Maybe someone knows a library of VMs illustrating different honeypot server roles which can be deployed with some guidelines? Thanks in advance.
1
I'm quite new with Firewalls and need some quick configuration tips, make zywall up and run with some basic open ports browsing, email (port 995), chat, youtube. Would like to know what do I get out-of-the-box when I start and switch on for first time my new Zywall usg100
0
Hello Everyone

I'm an aspiring Cyber Security Analyst and currently I'm studying for my Sec+. I currently have my A+ and want to move away from the Help Desk as I find this not in my passion to do but more so to be hands on and not dealing heavily with end user contact as much as a Help Desk position would. When I try to research entry level positions to become a Security Analyst it seems almost impossible because of the experience that is wanted/needed. I understand that. This is now starting to make me feel as if I chose the wrong path, I also as well have a strong interest in becoming a Sys Admin as well. These two are my primary focus. Any suggestions for someone who only have help desk experience to move into a more hands on role for a Cyber Security Analyst. Or is it best to become a Sys Admin and then transition into the Security field?

Thank you

Also any suggestions on tools or virtual labs that will help me learn cyber security tools and gain my own hands on practice
0

Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.