Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x

OS Security

21K

Solutions

23K

Contributors

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised, including authentication, passwords and threats to systems and programs.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hey all - anyone familiar with the exact requirements to be DFARS 252.204-7012 compliant? Thanks!
0
When ransomware hits your clients, what do you do?
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

How do we verify the patches effectively mitigate?
0
A Windows Server 2008 R2 installation has been infected with a Trojan horse that has encrypted files with the *.rapid extension.  The server had Avast for Business installed.  An AVG rescue CD was made and ran multiple times to eliminate instances of the Trojan horse.  After four times, the server is labeled clean from the AVG rescue CD.  I then uploaded two *.rapid files to nomoreransom.org and it came back saying that there was no fix for this.  Does anybody know of a trusted decryption software that can correct this problem?  I can attach a file if requested.
0
If a security group, e.g. EEusers had been granted full control over a file share, at both share and directory level, e.g. \\server\share - but there was a subdirectory \\server\share\dir1 which was not inheriting permissions from \\server\share, and had been configured with a different (more restrictive) directory ACL which did not include the EEusers group at all on the directory ACL............ if a member of the EEusers group went on the security tab of properties on the \\server\share folder, then went >advanced>change permissions, and then selected "replace all child object permissions with inheritable permissions from this object" - would this then grant the EEusers group access to the \\server\share\dir1 - essentially wiping out the existing more stringent ACL currently set at \\server\share\dir1?

I am not from a server admin role, but our server admin says he doesn't think it would 'wipe out' and more secure subdirectoryACL, whereas our security/risk team are concerned it would..Obviously removing full control at the root of the share for EEusers group would make the most sense to remove any possibility, but to settle an argument and help us assess the risk, feedback welcome.
0
What apps or methods will allow me to project what is playing on my iPhone X onto my iPad?
0
Any ideas what is causing the below weird issue since
I would like to see all folders when doing the
below step #3 and #10 ?

 1. login to Windows 2012 file server as "admin"
 2. open local C:
 3. see four of the five folders I created
 4. type "C:\hiddenfoldername" to see the hidden folder
 5. check to make sure above folder is NOT marked as hidden
 6. open "Server Manager, File and Storage Services, Shares"
 7. click "Tasks", select "New Share"
 8. select "Type a custom path"
 9. click "Browse", select "C:"
10. see four of the five folders I created
0
For some strange reason the patch will not install on any w10 v1607 in my entire domain. If I take that same machine and bring it up to v1709 and applied the appropriate Meltdown patch... It installs.
There is a know issue with Bloomberg and v1709 which why I must remain on 1607.

See screenshot below.
Meltdownw10v1607
0
There's a discussion internally within our corporate if it's a concern that an internal staff attempts to copy out
SAM & passwd  and then run a password cracking tool on it.

Q1:
Is this a valid concern?

Q2:
In DoD B2 (or is it C2), the file containing hashed passwd  'vanishes' : is the purpose to prevent someone from
copying out the hashes for cracking?  Or what's the purpose of doing this?

Q3:
What are the measures we can put in place to prevent internal staff from making cracking attempts on SAM
& a Unix file containing the hashed passwords?  Should stronger hash (what's the current best practice?)  or
encryption be used?
0
Appreciate if can point me to links / URLs on patches to download & availability for
a) MS Windows 2008 R2, 2012 R2, 2016,  7, 10
b) Dell & IBM hardware
c) ESXi Ver 6.1
d) Various Cisco switches & routers (we have 2xxx, 3xxx, 4xxx models)
e) EMC VNC & VMAX
f) Solaris x86 on AMD
g) McAfee AV
h) Bluecoat Proxy
i)  F5 LTM, GTM Ver 11.7.x
0
My Favorites for IE and Bookmarks for Chrome keep replicating/duplicating themselves to the tune of 24,000+. We are on Office 365. i've deleted them both in IE (on my laptop and on the site directly) and Chrome. but they keep coming back. I've even deleted the chrome bookmark file and started with a clean slate.
0
Cyber Threats to Small Businesses (Part 1)
Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

We disabled local administrator account (which we rarely use & we'll boot from CD to enable it back when needed).

Audit now asks: there are 30 very critical PCs : can we also disable the SYSTEM account (which I think
Desktop Central or possibly SCCM) uses?  

What's the impact/implications of disabling SYSTEM?

can it be disabled?   Is it an interactive logon  or   this account doesn't allow Interactive logon?

Any MS or authoritative links recommending not to disable/delete it?
0
https://bitnami.com/stack/mediawiki/installer

I refer to above tool that our developer wanted to use.  Can provide comments on
a) is there a site or source that regularly produce/track for new vulnerabilities for that software
b) are patches being produced regularly : is this considered an Opensource and release of patches is not contractually required?

If there's no regular patchings, what are the precautions we ought to take?  Eg: use it on an air-gap PC without Internet access?
0
I'm working a project for a company that needs to insure that the documents and files stored on the hard drives of its executives are completely unreadable if any of the IT employees copy these files from the executives' hard drives to their own computers.

While only a few employees have domain admin access and would be able to do this in the first place we need to insure that if this is ever done that the files that are copied will be highly encrypted and won't be able to be read since this has already been done by former domain admins.

What kind of whole hard drive encryption software will do this?

Is this something that Symantec PGP whole hard drive encryption will do once the entire Windows 10 OS and hard drive of a computer is encrypted?
0
What is the best whole hard drive encryption program for Windows 10?

Would this be Symantec PGP or are their better alternatives?
0
I am trying todiable the complex password in server 2016.when I navigate to Local Grup Policy Editor - Computer Configuration - Windows Setting - Security Setting - Account Policy - Password Policy  The Password must meet complexity requirerments is enabled and grayed out soI am not able to change it?
0
Hi Experts
My Mac Book system start with question mark on  afolder
i trying to use recovery mode but it asking about a password and i did't remember it
Please help
0
Desktop:Windows 8
VPN connection: Forticlient 5.6 or Sonicwall Netextender 8.0 used to connect to office network
Telus internet connection
Browser: Chrome, Firefox
Situation:
1. Telus internet connection works fine.
2. Without VPN connection, Chrome and Firefox access internet is normal, .
3. With VPN connection, Chrome works fine, only Firefox is very, very slow.
4. I turned off Firefox proxy server setting, Firefox works fine about two days then slowly again
5. Computer found unnormal login script error message, seems has malware in it.

Question:
How to block firefox access internet through VPN connection before I find a way kill the malware.
0
I have a group of about 50 users whose AD Id are members of 2 domain groups :
"Payment Staff" as well as "Domain Users" :
to be able to login to a group of sensitive payment PCs (about 15 of them), they need to be member of "Payment Staff" while for any other general PCs (to read emails, browse Internet etc), just being a member of "Domain Users" is enough.

Basically on the 15 PCs'  local "Users" group, I've removed "Domain Users" & added "Payment Staff" to "Users" group to effect this control.

Audit wants me to review the 50 users dormancy & dates/timings they login to the sensitive payment PCs, so is there any way I could assess if they have authenticated using the role that they're granted membership of "Payment Staff" ??   I'm not Wintel-trained so my request may sound odd.

Is there any PowerShell command or tool to query the AD to get a list of the "MEPS Staff" users who login to the 15 PCs
(with date & time) by the criteria that they managed to login due to their "MEPS Staff" membership, while excluding those records where they login by the fact that they are members of "Domain Users" ??


Or this is something that I can only extract from the 15 PCs'  event viewer logs ??  This decentralized method will mean more effort once the # of PCs group & have to send these decentralized logs to a common location for me to pick up
0
https://answers.microsoft.com/en-us/windows/forum/windows_7-security/how-do-i-view-login-history-for-my-pc-using/a0172887-1071-47fb-b0a3-6ca9360efdbf?auth=1

Link above shows how to view it fr Event Viewer logs but I'll need to extract & save it to a file
using a command in  Task Scheduler (say a daily task) for audit purposes.

Does the PS script below extract from Event Viewer?  Does it require admin rights to run?
https://www.petri.com/forums/forum/windows-scripting/general-scripting/56086-view-all-users-who-was-logged-into-particular-computer-during-last-day

I need to check for both AD as well as local accounts that login with the dates/time they login to a PC.

There's a tool below but I wanted to save into say a csv / text file, not view it from a GUI screen:
https://support.microsoft.com/en-sg/help/824209/how-to-use-the-eventcombmt-utility-to-search-event-logs-for-account-lo


My GOAL ultimately:
================
I have a group of about 50 users whose AD Id are members of our domain groups  "Payment Staff" as well as "Domain Users" : to be able to login to the sensitive payment PCs (about 15 of them), they need to be member of "Payment Staff" while for any other general PCs (to read emails, browse Internet etc), just being a member of "Domain Users" is enough.

Audit wants me to review the 50 users dormancy & dates/timings they login to the sensitive payment PCs, so is there any way I could assess if they have authenticated using the role that …
0
Evaluating UTMs? Here's what you need to know!
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Dear Guys
I am also having problem with clients computer with the administrator password the password that we are provided with does not work some time due to the Image of the computer so we have to crack this admin account to do our duties do you guys now of any free program i can use
0
Q1:
Care to share the reviews of veracode (esp compared to Fortify)?


Q2:
What are the key features to look for in a source code analyzer besides the languages that it support
& it ought to scan for OWASP top 10?
0
https://support.microsoft.com/en-us/help/814777/how-to-access-the-computer-after-you-disable-the-administrator-account
Is above recovery  for booting up in Safe Mode with Network connectivity BUT not joining domain?

Thing is our PCs have NAC (Network Access Control) such that we can't bring PCs from outside to connect up to our network.  If so, while in "Safe Mode with Networkg",  MS NAC may not work (though I've not tested it).

So how should we go about recovering an enabled local admin on Win 7 Enterprise?

It's to address audit requirement that we disable local administrator.
0
We are looking for a good network monitoring and management system that would give us notifications when a server or network is down, agent monitoring, and also allow unlocking AD accounts remotely. We had an issue 2 weeks ago with a virus that locked all AD accounts, and luckily we were able to get them unlocked by a soon to be former IT consulting firm. We would rather do it ourselves since we are establishing an internal IT department. Any suggestions for a product that is good and won't break the bank?
0
Where is the long term memory module on iPhone 4?
I actually disassembled it and took out the motherboard, but I am unsure which module is the long term memory.
Hope someone can help.
0
What are the risks associated with installing the above on a PC/laptop for doing data analysis?

Are the following mitigating measures valid?

a) apply regular patches for R & Python to fix vulnerabilities: as they're opensource, are the patches
               released quite timely/regularly.  I tend to think opensource is lacking in this area
b) if patches are not applied regularly, can we isolate the PCs such that they have no Internet
    access & no email clients to mitigate?  I tend to think most breaches result from Internet,
    emails activities & infected USB devices
c) is it common that emails contain malicious python attachments?
d) Where can we subscribe to  vulnerabilities news/updates for these 2 softwares?
e) Python and Ruby are dynamic platforms (free ware) , have to tighten the web application security if it’s being used for web applications, Python has flexible features that make it particularly useful for hacking?  
    Can we harden these & where to obtain such a hardening guide?
0

OS Security

21K

Solutions

23K

Contributors

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised, including authentication, passwords and threats to systems and programs.