Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hi all, i have a customer migrating on sharepoint online.
He choose sharepoint online cause he hasn't enough resources on local ict site, and has a good promo about office 365 licenses.
My question is simple, sharepoint online has a network security module available?
i know is a strange requst (talking about cloud resources) but my customer has 10 different branch office, and we want to make available sharepoint online only for public ip of these 10 offices.
can i configure sharepoint online to accept connection only by 10 public ip (for local office) and by devices with a personal certificate (for mobile devices?)
really thanks
sorry for my english, ask me please for details
Mattia
0
The Firewall Audit Checklist
The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

Hi guys

As part of the last question I asked about firewall rules, I am looking at our firewall right now and monitoring the traffic. I'm looking at the traffic between VPN connections from our stores to a main server. These stores are all using the same application to communicate with the server. However, I'm looking at the server and it is receiving connections from our various stores, but every single store is communicating via a different port. So one store will be coming through port 4274. The other one will send it via port 4288. My point is, are applications specifically written in this way to prevent security breaches from happening by constantly randomising their port sequences so that they can't be 'guessed' by a malicious attacker?

And if that is the case, surely going back to the answers being given previously, this does warrant the ability for the 'ANY' ports to be open from site A to site B via VPN.

Thank you
Yash
0
Hi All,

I need some assistance setting up the below. I've got 3 "subnets" to set up internally. All must be able to reach the internet through the suppliers router.

The networks are 2x /26 and 1x /27. VLANS 601 & 603 are desktop pc's. VLAN 602 will be Cisco phones. 601 and 603 do not need any seperation, they're just to cover the seperate DHCP ranges. DHCP will be provided by an external source (hopefully) through a VPN setup on the ASA Firewall. I'm looking to setup outside interface, inside interface and access for all vlans.

Is anyone able to provide a sample config on how I could get this working?

Network Overview
Thanks,

J
0
Dear Experts

We have hosted web based application which runs on linux, apache, mysql and php. data security is top most priority, we have installed ssl certificate and also deployed two factor authentication, when used the online ssl checker by going to https://ssltools.digicert.com/checker/views/checkInstallation.jsp  after the scan following shows up

1. Vulnerabilities checked
Heartbleed, Poodle (TLS), Poodle (SSLv3), FREAK, BEAST, CRIME, DROWN
Non-critical issues found
BEAST
Not mitigated server-side BEAST.

2. Secure Renegotiation: Enabled
Downgrade attack prevention:Enabled
Next Protocol Negotiation: Not Enabled
Session resumption (caching): Enabled
Session resumption (tickets): Enabled
Strict Transport Security (HSTS):Not Enabled
SSL/TLS compression:Not Enabled
Heartbeat (extension):Enabled
RC4:Not Enabled
OCSP stapling:Not Enabled

---------
Please help me to understand on above 1 and 2  and let me know the steps correct as per the best practice. thank you.
0
Dear Experts

We are solution implementer like crm application and even server hosting for those companies who require us to host and maintain servers. Recently few of clients are mentioning about soc2 compliance. Can you please help me understand with respect to solution implementation point of view what does soc2 compliance means and how does it help our business, thanks in advance.
0
I have set up a network security group in my Azure portal in order to control which IP Addresses can access
my Azure Virtual Machine (Windows 2016). Several inbound and outbound security rules were automatically
set up without me doing anything. I only added one rule (myInboundRule1), which is marked by a red arrow.
I only want people at IP addresses that I specify to access the system. Will any of the other rules in the list override this.
Thanks

 1
0
I want to add below cipher suits in my Windows Server 2008 R2 SP1 Standard as required by our security team. As per my research (see below links) these cipher suits are not supported by Windows Server 2008 R2 and are only available in Windows Server 2016.  Can someone conform me this? Also please let me know if there is any possibility to use these ciphers.

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

https://docs.microsoft.com/en-us/windows/desktop/secauthn/cipher-suites-in-schannel

https://docs.microsoft.com/en-us/windows/desktop/secauthn/tls-cipher-suites-in-windows-10-v1607

https://docs.microsoft.com/en-us/windows/desktop/secauthn/tls-cipher-suites-in-windows-7
0
I need to factory default a Calyptix AE800.  I took over this network from an IT company who will not share the login information.  I can't find any information on line, and there is no reset button on it.  Anyone who can help would be appreciated!  Thanks!
0
We would like to know EE opinion on wireless cams system.  We have been presented with Lorex wire free 4 cams system.  We know nothing 100% secure and everything is hackable, yet we would like you opinion how secure is this type cams really are.  And maybe any specific brand you guys have worked with.
0
Hi I am looking to do Pester test around my powershell code...but not sure about it ...can some help.

Bascially I need to pull Azurekeyvaultkey information using powershell and then do a pester test to do it, I managed to do poweshell bit but not sure how to do pester part....please I need help urgently.
0
IT Degree with Certifications Included
IT Degree with Certifications Included

Aspire to become a network administrator, network security analyst, or computer and information systems manager? Make the most of your experience as an IT professional by earning your B.S. in Network Operations and Security.

Hello Experts - I'm looking for advice with a shared dmarc in an office building.  We moved our office to this building about a year ago and it was empty at the time.  Since then, we've begun adding two new neighbors.  The data connections for everyone comes in downstairs at the dmarc and both of the other companies are in finance and (rightly) concerned about data security.  Verizon fiber comes in off the street and into the building.  It is plugged into a Verizon rack and then extended out to each tenant.  Not that I would do this, but there is nothing stopping me from going in and unplugging their data connection since I have access to the room and vice versa.  Or if I was nefarious, placing some kind of pass-through device between the Verizon gear and their extension to capture data passing through it.

We can't be the first company to deal with this but I'm not finding much information about how this normally gets handled.  I've inquired with my ISP about getting Verizon to setup separate gear for each tenant that can then be physically secured but I'm told that it is very difficult to get them to do this.  What do other companies in shared spaces do when data security is a concern?  Surely people aren't just relying on the good and trusting nature of fellow IT professionals to just not cause problems?
0
https://www.cscollege.gov.sg/programmes/Pages/Display%20Programme.aspx?ePID=pe8r29gaqc5voaoitct59bdi3m

Referring to the above, I've been googling for IM8 (Instruction Manual 8 for ICT)
to download but can't locate one.  Anyone knows where to download a copy
without attending the training?  A slightly outdated (say 2 yr old) copy is fine.
0
I want to sniff network traffic from my firewall to our SIP Cloud provider.  I have not used wireshark much.  Can someone give me simple rundown of how to do this?

I just downloaded the lates version of wireshark.
0
We use Office 365 for Exchange. One employee's email account was compromised. HR received a request for changing direct deposit bank, from this employee's email address, and HR replied the email. But the request wasn't from the employee. The employee could receive all the normal emails, but not the ones related to this request.

How can we trace the original request email? How can we fix this issue?
0
Is it Enough to configure DHCP Snooping without ARP Inspection

I would like to know if it is efficient to configure just DHCP Snooping and do not configure ARP Inspection.
 I thought DHCP snooping is enough to avoid having Rogue DHCP in the Network. So what  else that ARP Inspection adds to the DHCP Snooping ?

Thank you
0
if I wanted to test how secure the network is against being hacked or Ransomware attack - where would I start?

If I did something like the Certified Ethical Hacker Course or CREST Registered Penetration Tester. Would either of these courses help?

Thank

Ian
0
I'm getting familiar with the SANS 20 critical controls and wanted to know if there's a document that goes through every alert and specifies the available tools and or solutions at every control?  This would be specifically more valuable to me if it was within a couple of pages for quick reference.
0
I'm looking to put together a document that basically states why we need to replace 5 or 6 switches and need a template that will have ROI, business reasoning for the change and possibly cost analysis.  I'm not familiar with the process, but I would like to get this going and I'm assuming there might be some type of template available?  

I'm also looking into proposing an ISE implementation as well and also need some type of documents or templates for completing this as well.  We presently have 3560s in the environment and we're looking to replace these devices with the latest and greatest that will also be OSPF complaint as well as ISE complaint we well.

From the ISE point-of-view, we might be looking to having a virtual appliance and also wanted to the know the pros/cons to this as opposed to having a physical device, if any.  Maybe the difference in cost as well.
0
Spectrum on behalf of Sony sent a client this e-mail: {Removed IP address below}

To whom it may concern,

Pursuant to Sony Interactive Entertainment LLC ("SIE") corporate policy, the below IP addresses were blacklisted from using our services because SIE detected activity that is abusive to our network services. In our determination, the abusive activity was not related to velocity or volume (many users behind the same IP address, i.e. NAT), but matched the specific patterns of known abuse of our publicly available services. This abuse may be the result of a computer on your network that has been compromised and is participating in a botnet abuse of our services.

The following table of IP addresses, dates and times should help you correlate the origin of the abusive activity.  The time stamps are approximate from our logs.  The actual timing of the events depend on the signature matched.  It is very likely to have occurred both before, during and following the times listed.

       Approximate Time Range (UTC),      IP Address, Reason
2018-07-23 12:46:00 ~ 2018-07-23 13:46:00 (UTC),   xxx.xxx.xxx.xxx, Account Takeover Attempts

It is most likely the attack traffic is directed at one of the following endpoints:

account.sonyentertainmentnetwork.com
auth.api.sonyentertainmentnetwork.com

These endpoints on our network are resolved by Geo DNS, so the IP addresses they resolve to will depend on the originating IP address.

The destination port will be TCP …
0
Starting with Angular 5
LVL 12
Starting with Angular 5

Learn the essential features and functions of the popular JavaScript framework for building mobile, desktop and web applications.

In the Gui, how can I check if UDP session timeout is set to 300 seconds?
0
Hi Everyone, our small SMB\company recently switched to hosted Office 365 Exchange based email. Before the switch, we had an "in-house" Exchange mail server.
We have about 10 or so domains registered for email delivery.

So here's the problem. Since switching to Office 365 our users are being bombarded with "Somewhat Legitimate" Phishing Emails that try and trick them into providing their logon credentials.
IE> Your account in box is full, click here to fix. Your account will be terminated if you don't click here and login .. and on and on and on.

I've mostly stemmed these by created rules in Mail Flow that block certain words and phrases contained in Subject\Body.

Thats said, any suggestions to better keep these emails out? This issue not nearly as bad when didn't host with Office 365.
0
Hello,
I install nginx with mod security … I want to use it as waf for backend web servers.
in this case do I have to enable reverse proxy on it ?
what's about the https servers ?
thanks.
0
I applied for a network engineer position and I was told verbally that I received the position from the American recruiter.  In the meantime, I received another job offer from a place I didn't want to work for...

The verbal was supposed to have been translated into a contract for me to sign, but it never did  and was told by the recruiter that the company had a management meeting and the position was postponed because of budgets or something to that affect.  I'm not 100% sure that this may have been so because I interviewed for the position once via phone and once on an in-person panel.  I'm not sure that the company would have invested so much time and energy to just have the position get postponed.  I did mention to the 3rd party recruiter that I received another job offer and he was supposed to speed things up, but maybe I caused my own dismay?

Do you think that I was past on the job offer or could this really have occurred?  This was for a very large company and the large companies I've worked for in the past, don't typically invest the time and energy for no results.  Since I went through a 3rd party recruiter and signed a representation contract, how long would I have until I would need to go through the 3r party, in case the opportunity does get signed off?   I do have the contact information of the company manager whom I met at the interview and I'm extremely tempted to send my resume with my contact information to this contact, but how can I do this without …
0
Hello Experts,
Just wanted to find out how do you guys dynamically update the Office 365 endpoints IPs and URLs that are published by MS for the proxy and firewall access? I know the RSS feed will be retired soon per what I read online and do you guys just run a PS script that grabs the info from the published XML file or there's a better solution/idea out there? Any input would be greatly appreciated!
0
I'm looking for opinions about setting up DMZ VLANs on switches that are also used for internal networking vs. using separate physical switches for DMZs and internal networks.  Any concerns or benefits you can think of for one over the other.  Assume Cisco equipment.
0

Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.