Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Share tech news, updates, or what's on your mind.

Sign up to Post

In a meeting we were told that it is possible to know or identify if a user hit a specific page and it’s contents even if the page is locked.  We understand that when a page has a lock it means SSL and that the data to/fro from the site to computer is encrypted.  Is this possible that even thought the page has a lock, there is  a way to identify the encrypted page that the user visited and identify the contents, if it has form or just regular page?
Get Cisco Certified in IT Security
Get Cisco Certified in IT Security

There’s a high demand for IT security experts and network administrators who can safeguard the data that individuals, corporations, and governments rely on every day. Pursue your B.S. in Network Operations and Security and gain the credentials you need for this high-growth field.

Limit host connections to a Switch port

sI have the topology above.  I have configured the switch SW  interface e0/0 as shown below

CiscoSwitch(config)#interface e0/0
CiscoSwitch(config-if)#switchport port-security maximum 1

Open in new window

however when I clear the Mac address table  of the Switch, then shutdown the interfaces of H1 and H2 , then bring them back up, the switch will show both Mac addresses of H1 and H2 on the Switch , it should allow just one.

CiscoSwitch#show mac address-table 
          Mac Address Table

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
   1    aabb.cc00.0100    DYNAMIC     Et0/0
   1    aabb.cc00.0200    DYNAMIC     Et0/0
Total Mac Addresses for this criterion: 2

Open in new window

Thank you

----OK now after a while  I can see one of the Mac addresses disappearing from the table,  then it will show up again on the table,  then the other Mac address will disappear from the table for a while then will show up again.
I guess this happens after aging time .
however the issue of having 2 Mac addresses on the table is still not resolved
Are 32 bit computers at a higher risk of Anti-Virus, Malware or Ransomware infections?

We have a few left and I need to know if I should trash them ASAP.

I'm using Server 2016, I've setup Folders with specific security groups attached and shared the folders.

when I use GPO for mapped drives the users can see all the mapped drives, even the ones they dont have access to. Security is working fine as they cant access the share.

please assist
Hi guys,

I know juniper has a default username “root”
Is there any way to change the username root to some other name ?
If root cannot be changed. Any ideas to secure  admin user account of juniper ? Because if it’s root, I think it can be easily guessed

I have a pfSense router at an office I manage.  I'm not very familiar with it but I've gone through the options on it and read up about it a bit.  I'm having a problem that I'm not sure how to resolve.  The ISP has notified the office that there has been malicious requests our IP address directed at other servers.  The information they sent shows that the "PORT HIT" was "x.x.x.x:49039->x.x.x.x:23".  I found a packet capture on the pfSense and set it to listen on the LAN interface and put 49039 in for the port number.  I started the packet capture but I don't see it reporting anything nor do I know where to find the log or output of the packet capture.  It looks like this pfSense router is from a July version in 2015 so it looks like the firmware needs to be updated.  This router looks very powerful and I'd like to learn more about it.  I'm used to using Sonicwalls routers mainly so this is a little different.  Oh, and here's a real strange thing that's going on there.  I called the ISP and told them that I wasn't sure where the IP address that is reporting the malicious activity is at.  The IP on the WAN side of the router ends in 69 and the reporting IP is 71.  They said that they were not able to see any devices ARPing to that IP address at that moment.

If I check the WAN IP on one of the networks in the office (there are 7 suites--so there are at least 8 VLANs), it ends in 71.  I've scanned all 8 of the computers on that reporting network but nothing came up …
As we do not know the various subnets/VLANs in the network and all the devices on it,
is there a feature in Nessus scanner that will 'auto discover or crawl' to get all subnets
& IP addresses?  What's this feature called in Nessus?

It will help give an inventory (hardware type and OS versions ie fingerprinting)
can we use letsencrypt certificates for Sonic wall firewall.
issue: DPI SSl is enabled for users & firewall self signed SSL certificate is pushed to clients by GPO. but when applying the filtering rules for mobile users (smart phones, Iphones, IPads & other computers that are not part of internal domain) they get SSL not trusted error. cannot perform https filtering with this error. so is there any way to use a publicly trusted certificate for my sonic wall local IP or any workaround to filter https for those clients.
Sonic OS 6.5 later  

thank you.

I need assistance how I can disable / close network discovery on LAN for Servers and all Clients please.


I have five locations that have Sonicwalls and all five locations are connected by VPN.  The contract is up with the five Sonicwalls and the contract is up for renewal.  The owner wants to consider installing a different VPN firewall at each location.  He's has not been very happy with the Sonicwalls and doesn't want to renew the contracts for the Sonicwalls.  I've used Sonicwallls in the past and don't have any problem with them but the boss wants a change.  Each location has 4-5 Windows 7 or Windows 10 computers.  The owner wants to know if the Ubiquiti Edgerouter would be a secure solution using site-to-site VPN.  I've used the Edgerouter before but never in a situation like this so I don't know if it would be a good solution.  I was thinking about looking at a Fortinet VPN router to replace the Sonicwalls but I want to see what your suggestions are.  Why or why not would you recommend going with a Edgerouter for a site-to-site VPN between 5 locations?  Would Fortinet or Ubiquiti be a better (better value--same level of security) solution as a Sonicwall replacement?  Is there a better (better value) solution?  Thanks in advance for your help!
Turn Raw Data into a Real Career
Turn Raw Data into a Real Career

There’s a growing demand for qualified analysts who can make sense of Big Data. With an MS in Data Analytics, you can become the data mining, management, mapping, and munging expert that today’s leading corporations desperately need.

I'm trying to connect a Watchguard T30 to an AP320 through a Cisco Catalyst 2960.

I'm able to set up trunking on the Cisco so that I can see the AP320 through the controller, however when I connect to the WLAN I get no DHCP address, and I can't get online even when I hard code the IP. Based on some logging information I've seen on the Watchguard, it almost looks as though the Cisco switch is sending packets to the wrong gateway address.

It looks like when a device was requesting an IP on the VLAN subnet that request was sent to the lan gateway.

I'm extremely new to Cisco so it's entirely possible I'm missing something obvious, but when the VLAN's are set up on the router and then trunking is configured for those VLAN's on the Cisco, is there a place where you need to specify what Gateway to use for each trunk?
Does anyone recommend any good ethical hackers?  I want to ensure that I close any open security issues for my organization and I was thinking of hiring an organization or individual that can provide that service?  

Any reputable recommendations?
I have a question about defending against  DDoS attacks.  My ISP charges a large penny for service to protect me from DDoS attacks, it's basically the same amount for my internet, and it's not cheap.  Besides buying hardware, does anyone recommend any online companies that can provide the same kind of service as my ISP, but at a descent cost?

What other options do I have, or does anyone recommend a good solution?
I currently have my CISSP & CISA and I'm considering pursuing penetration tester certifications. I see that the Certified Ethical Hacker (CEH) certification is now on the DoD 8570 certification list under CSSP Incident Responder. Therefore I wanted to ask the experts if you think the CEH certification provides a good foundation prior to taking other more advanced courses related to penetration testing or is the CEH certification just not worth the money. Any additional information or thoughts on this topic are greatly appreciated. Thank you again.
I work for a small company with roughly 50 users and have been asked to have an outside vendor perform security/vulnerability testing.  We have several servers, ranging from SQL, to Exchange, to Remote Desktop with a hosted firewall through Windstream.  I thought I would appeal to the Experts in the Experts-Exchange community for advice and/or recommendations for a good vendor that specializes in such things.

I need to create an IE lock down group policy to block all internet access for some computers but allow exception for specified work related internet websites and also allow the internal websites

Please advise how this can be probably done.  

Many thanks.

With my Tenvis camera connected to my home's Wifi SSID and my laptop
connected to my home's Wifi, I could http://Tenvis_IP:7777  & see what
the camera sees.

However, at my company, I can't connect my Tenvis camera to the Guest
Wifi as it requires registration plus clicking a couple buttons on the
landing page before the device could connect to Guest network.

Now, I'm replacing the Tenvis with my iPhone using the steps below:

However, with both my iPhone & laptop assigned an IP each by Guest Wifi, my
laptop still can't ping the iPhone & can't see the videos despite that both iPhone
& laptop have registered successfully & clicked the necessary buttons to get
authenticated/connected to Guest.  How can I overcome this?

I plan to put the iPhone in my car to monitor the car (using the laptop) as my car
is parked within the vicinity of the company.  I could sign up a data plan for the
iPhone but it's going to cost quite a bit to monitor 22 days, ten hrs per day so
tagging onto the free Guest Wifi.
After being hit with Ransomware, restoring from backup, and reinstalling applications as needed, I can't get the Quickbooks Database Server services started or the Quickbooks Database Server Manager to run. When I browse for files and 'Start Scan", it attempts to start the services after browsing the files, finding Quickbooks files. It claims the folder in which the company files live isn't shared. I guess that's technically true, but the directory one level up IS shared, so it's possible to browse to it from a network share. Then it tells me it is attempting to resolve Networking issues, and tells me after that to resolve network issues and try again later (not the exact syntax, obviously).

I have tried installing just the bare server (what we had done in the past), installing the full version of Quickbooks (2016 for the moment), uninstalling, rebooting the server (2008 R2), reinstalling just the database server, using the Quickbooks clean boot utility, disabling ALL firewalls (Kaspersky and WIndows Firewall), I can't get the QBDbMgrN to start and stay started. I can't get the QuickbooksDB26 started. For some reason it claims to be a service that should be started manually. I don't recall that having been the case in the past.  Also,  I don't think the QuickbooksDB26 ever disappeared, even after a clean install (using the Clean Install tool), an uninstall, and/or a reboot.

Previous to the ransomware, the server had Quickbooks 2015 and 2017 database servers installed. …

how many retention policy we can have
Become a Leader in Data Analytics
Become a Leader in Data Analytics

Gain the power to turn raw data into better business decisions and outcomes in your industry. Transform your career future by earning your MS in Data Analytics. WGU’s MSDA program curriculum features IT certifications from Oracle and SAS.  

I currently have a Watchguard Firebox in place and have recently purchased a Cisco Catalyst 2960 to server as our primary switch. Our Watchguard currently manages our WAP's (also Watchguard) which have a private and public wifi network which is segmented through the use of VLAN's.

I'm extremely new to Cisco and I'm trying to determine how I would go about configuring the ports on the switch to pass along all VLAN traffic which should allow the WAP's to continue functioning.
I was given a task to migrate NPS server from Windows 2008 R2 to Windows 2012 r2. The current NPS is at Domain controller and is being used for 802.1X. I read few articles of migrating, basically export and import the xml file to new server. Do they have to be in domain controller or we can migrate it to a server in a Domain? My other question, Do we have to have the same name for the migration server?
What are  the best practices and Guide lines to build a Security Operation Center - SOC ?

what  are  the components needed to build a SOC ?
I have my IT guy access my computer via Teamviewer so he can access my servers via RDP from my computer, and he doesn't have server login information.

If I give him RDP access to my computer instead of using TeamViewer, how can I secure files and data on my  servers?
Running Exchange 2010 with MS outlook 2010
 I have a share mailbox call  ( in my inbox has an auto forward all mails to my inbox.

what I need is a rule that will move (filter) the email that is auto forwarded to a specific subdirectory in my personnel inbox in  Outlook 2010

Screen shot attached.
Hi, i have an application running in a debian server, developed in delphi 7 for 32 bits, with postgresql as database, port 5433.
To get an easy way for updating the app, all the clients (windows platform, 32, 64 bits, xp, 7, and 10), reference the executable in the server, but execute it in a local folder, where an ini file configures the link to the database.
In a lot of customers (not all with a debian server, instead, there are windows servers and ubuntu server), and in this customer, this scheme works fine.
In one PC, with Win10, i have this strange problem:
1) if i use a link, that reference the exe in the server and execute the app, it doesn't work. I get an error (internal to the app), as if i can't reach postgresql server.
2) if i copy the exe, and execute in any folder, executing in the same folder as 1), the app works fine.
It seems to be something of the firewall... i disabled it.
It seems to be something of the antivirus... i disabled it (AVG).
pgAdmin, conects to the server.
I simply can't see any other posible solution...
Can anybody help?

Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.