OS Security

21K

Solutions

23K

Contributors

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised, including authentication, passwords and threats to systems and programs.

Share tech news, updates, or what's on your mind.

Sign up to Post

Dear Experts, I want to ask about Folder Permissions in Windows Server 2012.

Is there any way that i can copy all the permissions/rights assign to folders ? Suppose when i will change the location of a folder (Copy/Move to a different location) I want the same user rights to be assigned back instead of doing this activity manually.
Thanks

Also can i create a Backup of Folder Rights (User rights / Folder Permissions)
0
Redefine Your Security with AI & Machine Learning
Redefine Your Security with AI & Machine Learning

The implications of AI and machine learning in cyber security are massive and constantly growing, creating both efficiencies and new challenges across the board. Check out our on-demand webinar to learn more about how AI can help your organization!

i am looking into account lockout best practice configurations for failed login attempts/brute force. for one of our web applications the administrator has configured locking an account after 10 failed login attempts in a 60 second window. This seems a rather unusual setting based on other recommendations I have read on account lockout. Does anyone have a view if this setting poses a risk in anyway, or if any password attack tools can be configured to work around this setting e.g. a slower approach on how many it attempts each minute, and if so a more suitable suggestion of values?
0
What is the easiest and most effective way to get rid of the Trojan.JS.Dropper.E?
1
We currently run MxcAfee VSE in a closed loop enviroment, so I've got to manaully update it on our systems.  I've downloaded & installed the latest patch (Patch 11) and applied all the latest DAT files but still get alert from McAfee stating definitions are outdated & must be updated manually.
0
Dear Team, our server 2008R2 has many AVP.exe processes (Kaspersky Endpoint Security) that we could not stop. It showed errors when we tried to end task:

avp.PNG
avp1.PNG
We also tried some commands on CMD/PowerShell but it did not help. Administrator has FuLL-control right but it keep showing "Access is denied"
taskkill /PID "number" /F
Get-Process -Name "avp" | Stop-Process -Force


Could you please suggest? Many thanks!
0
In AD Users and Computer we enabled the option 'Smart Card is required for interactive login'.  This forces Smart Card login via that AD user account... That way no matter what computer that user logs in on they are forced to use a Smart Card, however, this causes a problem.  We have a few mobile apps that use AD authentication.  When we try to log into these apps from our iOS / iPhone we are unable to do so.. This is because it's wanting a Smart Card...  What is the work around?  The only GPO that force Smart Card is computer based.. We don't want to force all users on all computers to use Smart Cards.. So... I don't see a work around unless the mobile apps support some type of cert based SSO?  Even then I don't think it will work for AD is looking for a Smart Card.
0
Suppose an attacker has the password hash of a user. If NTLM is disabled on Server-A would the pass the hash attack still work on SERVER-A over the SMB protocol?
0
Hi I am looking to do Pester test around my powershell code...but not sure about it ...can some help.

Bascially I need to pull Azurekeyvaultkey information using powershell and then do a pester test to do it, I managed to do poweshell bit but not sure how to do pester part....please I need help urgently.
0
I am trying to deploy local windows firewall rules to several separate Windows 7 laptops.  We have Novell NetWare in our environment; hence, using Group Policy from a WIndows Domain to propagation to the devices, is not a n option (unfortunately).

I have discovered that if one executes a batch file, with the command:

netsh advfirewall firewall add rule name="NetScaler Gateway Plug-in" dir=in action=allow profile=public program="C:\Program Files\Citrix\Secure Access Client\nsload.exe" protocol=TCP enable=yes

Open in new window


that works really well ( https://support.microsoft.com/en-us/help/947709/how-to-use-the-netsh-advfirewall-firewall-context-instead-of-the-netsh ); but, the problem is that when executing the above command you need to run the command prompt as an administrator.

DOS_1
As you can see if the user does not have admin privileges or does not know the administrator password, then the only other thing I can think is to create 2 batch files and manually copy the files to the user's laptop.  1 file will have the  'runas' command to use the local administrator user account and then to trigger another batch file with the changes:

runas /user:administrator C:\data\mybatchfile.bat

Open in new window


https://www.windows-commandline.com/windows-runas-command-prompt/

So the batch file: mybatchfile.bat will actually have the code that adds the firewall rule(s):

netsh advfirewall firewall add rule name="NetScaler Gateway Plug-in" dir=in action=allow profile=public program="C:\Program Files\Citrix\Secure Access Client\nsload.exe" protocol=TCP enable=yes

Open in new window


Question1:  Is there a way to streamline the deployment approach because our users will require these local windows firewall rules and these users are not administrators on their company laptops.  

Question2:  Is there a way to elevate permissions for a batch file as the script begins executing?  So you will not be prompted for a password?
0
I took over for an IT manager who was let go.

Somehow or maybe not, windows updates seem to have disabled all the NICs.  Cant enable, need admin rights, dont have them.

I have never login to the server before so no admin cache credentials that I have access to.

Local Admin I dont know either.  The server I do need up, wiping not an option a this point.

I have tried removing from the domain, still need admins rights, which I have none.

Any ideas?  Or am I hosed?
0
Webinar: What were the top threats in Q2 2018?
LVL 1
Webinar: What were the top threats in Q2 2018?

Every quarter, the WatchGuard Threat Lab releases an Internet Security Report that describes and analyzes the top threat trends impacting companies around the world. Are you ready to learn more about the top threats of Q2 2018? Register for our Sept. 26th webinar to learn more!

I have an old Cisco 4506 and need to dispose of the device.  I wanted to know if there's a card or anything I should keep in order to make sure that our information is kept securely.  If there is a card or something I'm planning on destroying the card or supervisor or module.  

I also would like to backup the config, just in case.
0
https://www.straitstimes.com/singapore/method-of-attack-showed-high-level-of-sophistication

Refer to above Singhealth data breach incident.

Q1:
What mitigations could have been put in place to prevent / mitigate it in the 1st place?

Q2:
Will Database Activity Monitoring (eg: Imperva with its granular ACL) help or Privilege
Access Management besides dedicating/isolating PCs for general purpose/servers access?

Assume they're running MS SQL on Windows servers
0
Q1:
I recalled Cyberark ever presented a product that  could alert when sysadmins run or access a privileged (or one that we can programme to be alerted) tool or activity : what's the name of this product?

Q2:
Does this product make use of PSM video recording of the sysadmin's session access & perform OCR on the video (to get the text)?

Q3:
Can latest version of Cyberark DNA scan for Cisco network devices privileged accounts?
0
if you initiate an RDP connection to a terminal server from a windows 10 PC, would there be any event logs on the windows 10 machine to show when the RDP access was attempted, and which username they specified in the connection itself? the event logs on the server itself don't go back to far, but event logs on the PC's cover a couple of months worth, so it would be useful check those out also.
0
I have a Synology NAS that when I look at the property details on a file and view the user it shows some random numbers as the user.  I am using my domain users on the NAS and users are in the format of first name initial and last name, like asmith.
User details
0
Hi Everyone, our small SMB\company recently switched to hosted Office 365 Exchange based email. Before the switch, we had an "in-house" Exchange mail server.
We have about 10 or so domains registered for email delivery.

So here's the problem. Since switching to Office 365 our users are being bombarded with "Somewhat Legitimate" Phishing Emails that try and trick them into providing their logon credentials.
IE> Your account in box is full, click here to fix. Your account will be terminated if you don't click here and login .. and on and on and on.

I've mostly stemmed these by created rules in Mail Flow that block certain words and phrases contained in Subject\Body.

Thats said, any suggestions to better keep these emails out? This issue not nearly as bad when didn't host with Office 365.
0
Crypto protection. Best solutions? Tape, disk based backup, on site, off site, vendor specific, and reasoning behind your answer.
0
folder on computer C to access the database.

With computer A I have no issue. However, computer B has I issue connecting to computer C.

The status of not connecting changes sometimes I get windows cannot access\\computerC check the spelling of the name otherwise there might be a problem with... Error code 0x80004005. Sometimes I can access computer c but the connection to the database is not stable, and sometimes it asks for credentials and does not accept it.

I check in the sharing options on both computers everything is set to on.
In the adopter settings, file and printer sharing are checked.
I updated the driver for the network adapter.
All computers are in the same Workgroup.
Checked the firewall setting the allow public and private file and printer.
Uninstalled third-party anti-virus.
Disabled windows firewall.
Enabled guest user and cleared the password.
Turned off password protected setting.
The folder has everyone in the share and security permissions

Window 10
0
I'm following the instructions on setting up Direct Access on a Server 2016 server using the steps found here.

What steps do I need to follow to "Obtain a server certificate for IP-HTTPS connections, with a subject name that matches the FQDN of the server" (step 3)?

I would like to do this with an internal certification authority.

Please provide me with the exact steps on how to do this.
0
Fundamentals of JavaScript
LVL 12
Fundamentals of JavaScript

Learn the fundamentals of the popular programming language JavaScript so that you can explore the realm of web development.

I use the Microsoft Sysinternals Autologon program within my test network.

Lately, the Autologon program hasn't been automatically logging onto the Hyper-V virtual Server 2016 and Windows 10 computers (with the domain administrator (administrator) account like it used to.

I have uninstalled the Autologn program, rebooted, and then reinstalled it and retyped in the Administrator username and password but this hasn't fixed the problem.

This Autologon program is only being used within my test environment (which is behind several locked doors and is completely isolated from any production networks.

What can I do to fix this issue so that I can continue to use the Autologon program to automatically logon to these Server 2016 and Windows 10 computers? I need to be able to automatically login to these computers since they are older and take longer to do things and so that my testing can be done properly.

The homepage for Autologon is here.
0
Are 32 bit computers at a higher risk of Anti-Virus, Malware or Ransomware infections?

We have a few left and I need to know if I should trash them ASAP.
0
I need to know how to create a GPO group policy to Deny Users the ability to save files to their computers C drive and Desktop, when they login to the Domain.
The GPO should be applied to the " Computer " not the users account to deny access.

They are logging into a Windows 2008r2 environment, and their computers are Windows 7.
0
Hi Experts - we currently manage Microsoft Updates for about 100 Windows Servers from Server 2008r2 -2016.   We use 2 methods to install updates,

1. Via LogMeIn Central's "Updates" console, which allows you to granular selection of servers and updates to install, schedule the reboot after the updates install, see progress, etc  
2. Log directly into the Server and install them via Updates GUI

LogMeIn's console works for MAYBE 1/2 of the machines, the rest we have to login manually and install updates.  

Servers are all on different WAN connections.  

I'm looking to cut down the time we have to spend on this as the updates need to be installed and machines rebooted after hours.

I'm open to something moderate to low cost, or free.  Currently we pay for the LogMeIn Central subscription exclusively for that functionality.   Looking for something fairly easy to setup and maintain.
0
Hi,

My company have some VM which running IIS web server on Windows OS. Based on BitSight - Web Server Vulnerabilities.

My tasks are assigned as follow.

Services require to reverted back
2. Where to disable SSLv2 and SSLv3 protocol, the Diffie-Hellman encryption length also require to use 2048bit
3. How to update those outdated IIS server

Ps advice me accordingly as i've never done this before as require by our Cyber team.

If there is any best practice to perform hardening, ps advice and share for my knowledge.

Tks.

Lcuky
0
I received advice on another question I posted here that I could do without antivirus in Android:

What is the best anti-virus for Android (paid or unpaid)?

But I don't understand that advice because from what I've read Android is the OS for smartmobiles that is most targeted by hackers.

For example, would I be safe if I download apps from other places than Google Play?

And for using apps like for Uber, map apps other than Google Maps etc., would I be safe without anti-virus?
0

OS Security

21K

Solutions

23K

Contributors

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised, including authentication, passwords and threats to systems and programs.