Improve company productivity with a Business Account.Sign Up

x

Security

24K

Solutions

24K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.

Share tech news, updates, or what's on your mind.

Sign up to Post

Im not able to access my EMC VNX5300 Array anymore
When I try to access I have this message :

"Global security is not initialized. You must initialize global security in order to manage the system."

So I decided to use Navisphere to initialize the security but it doesnt work. below is the output:


c:\Program Files (x86)\EMC\Navisphere CLI>NaviSECCli.exe -address 10.10.4.213 security -adduser -user sysadmin -password sysadmin -scope global -role administrator
WARNING: You are about to add user:  sysadmin

Proceed?(y/n) yes
Add user operation failed. Failed to get version information from Control Station. Collect diagnostic data and contact your service provider.Error connecting SSL. Error details:  A system call error (errno=10057).
Normal-Connection-to-SPA.JPG
SPA_Setup.JPG
0
Easily Design & Build Your Next Website
Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

I am considering running openVPN on a linode and setting UFW to only accept connections from that IP Address. Would this be good security? I realize it may be redudent with Fail2Ban but I'm hungover today doing sys admin stuff and thought about doing this.

I'm a Cyber Security student but I haven't gotten to any major classes yet so I really don't know if this is a good idea or not.
0
Hi.

Windows 10 Pro /  Firefox
I have several users who need access to a website which requires login credentials.

They need access to the website (my account), but  I would to restrict that access to one computer which I control.

So, I would am looking for an app or other solution where the user could access the website, but never know the username/password    (or obfuscate the password at least).

Any ideas?

PS.. I have some skills in Microsoft Access VBA.

Thank you.
0
I am looking for admins who know a way to update the cpu microcode at runtime to enable windows to use protective measures against spectre 2.

I am aware that apart from having microcode updates delivered by the mainboard or system manufacturers, and apart from waiting for Microsoft to release further versions of their own patches (https://support.microsoft.com/en-us/help/4093836/summary-of-intel-microcode-updates ), some people are using this fling https://labs.vmware.com/flings/vmware-cpu-microcode-update-driver but apparently, even on systems that indicate the microcode got updated successfully and even though the microcode used was the most recent one and intel confirmed its suitability, the powershell cmdlet get-speculationcontrolsettings says, Hardware support for branch target injection mitigation is not present.

So is there another way that you know of?
0
Hi Guys,

I have a doubt on folder share permissions....

when we right click on folder -> security -> here we can see the list of groups and users are having access...

in my environment suddenly it shows users as domain\username instead of username@domain.com... and after few minutes it back to normal as username@domain.com...

could anyone tell me what is the issue????

Note: there is no issues everything seems to be working normal... i just want to know the cause for this..
0
Could someone advise me how you could set something up on AWS that would be like or exactly a streaming media server? I use that term because I heard others call it that. I want to play media from a website, and I do not want the user to be able to download the content. I do not mean something that is simple like; not have a download button. I mean when the user comes to the site with things like IDM it just cannot be done. I would like to accomplish this most simply. I do not want to pay anybody for this I want to learn about the technology to accomplish this myself. I am not asking how to do it; I am asking what technology do I have to learn about and implement on AWS to accomplish this (keywords links etc.). Thanks
0
Hi,

I'd like to buy an outdoor (porch) light with camera included but the camera should be discrete.
The camera should work with Synology Video Station.

Would like a design like this https://www.lovalight.com/en/philips-raindrop.html but don't find one.
Anybody ideas?

J.
0
Good day-
I'm attemtping to forward port inbound requests on port 80 to internal port 16000 for viewing of a DVR camera system.  Can someone guide me over policy manager? I'm not understanding the kb from watchguard.

Best,
Craig
0
I have already run virus-scans with both Microsoft Security Essentials and Malwarebytes PRO and they did not find anything.

Then I checked my system, and the battery and the fan did not pass the tests.

Battery can't have anything to do with this, but what about the fan, is it possible these Windows problems are due to the fan causing everything being overheated and thereby unresponsiveness and sluggishness and even freezing windows and a black window for a long time when I opened Google Chrome?

I have Windows 7 Home 64-bit.
0
Query:

Ccna security & ccnp security - use same asdm & asa5505 or above hardware ?
0
Worried about phishing attacks?
LVL 1
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

Cyberoam CR25ia Firmware Version 10.6.5 is not blocking Youtube , Facebook or any webtraffic that is using https, is there a way to block such traffic without applying certificates to all users browsers?

Unit is deployed in Bridge mode and there's no LDAP integration.

Appreciate your help
0
We have 30+ small office branches that connects to our Data Centre via WAN routers
& these WAN routers connect to a core switch in DC.  

Each branch has 2 flat Class C subnets : one for wired LAN & one to our corporate
Wifi LAN.   We don't expect more than 100 PCs/devices in each branch.  All devices
& PCs at each branch are connected to L2 switches (including the branch WAN router).

There are PCs & devices (Cashiers, cameras, small robots/automation, scanners and mini
databases) in the branches that run applications that do not need to communicate to
servers in the DC other than to AV EPO, SCCM patching, central encryption management
servers, HIPS (endpoint IPS) console & the likes  but backups are taken by NAS located at
branches.

However, there are some semi critical mini servers & databases which we deem ought to
be segregated from the rest of the organization to prevent DoS  though PCs for emails
& Internet access will need to go back to the DC.

Q1:
What are among the best practices for such branches network traffic?
Hub & spoke design?   Layered security?  Micro-segmentation within each branch?

Q2:
Do we treat each branch's network to be of lower, equal or higher trust levels than
DMZ, applications servers zone or backend servers zones (typical network trust
zones)?

Q3:
For traffic filtering / microsegmentation, is it best practice to configure
a) ACLs at each branches' WAN routers (as switches at branches are Layer 2 &
    at most …
0
is it possible to create dynamic security groups in AD based on say extensionattribute1?
i need to create a group and have it automatically populated
0
Hello:

I would like to know how to disable the Java security warning screen below from coming up each time run a jnlp file from my desktop.  The users complain that this is distracting because you always have to click the check box and the run button every time before the Java program starts.  To run the file you need to enable Java security HIGH and add this site to the exception site http://asycuda.customs.gov.bb/awclient/ASYCUDAWorld.jnlp which we already did but it still isn't disabled.  

What additional setting or command line parameters would disable the warning screen below?

Java Security Warning Screen
0
HI James ..... I´m back here .... Sadly
I've another computer infected with Fairytail .... I think it´s the same version that i've cleaned earlier.
I´ve Just downloaded your decryptor but i think something went wrong with it.
The earlier version worked fine with me .... but this one seems to give me some trouble. I used it in 3 different PCs' and i received the same error. All of them were running Windows 10 64 bits.
I have a clean file and the same file encrypted to use in the decryptor.
But as soon i select the encrypted file, i receive the error i attach
0
I have been trying to restrict scheduling of meetings to a room called TestRoom to only members of the group ACL_TestRoom( universal security group-email enabled). There are three users in ACL_TestRoom group: User1, User2, and User3.  User 4 and User 5 are test users created to test scheduling of the room to see if it is restricted.

What I 've done from start:

- Created room TestRoom
- Created ACL_TestRoom univeral security group
- Added User1, User2, and User3 to group ACL_TestRoom
- email enabled ACL_TestRoom
- Added ACL_TestRoom group to TestRoom-> Properties-> Resources In-Policy Requests in "Specify users who are allowed to submit in-policy meeting requests that will be automatically approved"  

If I log on as User4 which is not a member of ACL_TestRoom group, I am still able to reserve the room and invite users 1-3. I also don't get a notification stating that the scheduling was   approved or rejected for that matter. But the meeting does show up on the calendar. From articles, I 've read this is supposed to work but it is not.


I have also tried setting up  Properties->Mail Flow Settings->Message Delivery Restrictions to "only senders in the following list" and add ACL_TestRoom but when I try to schedule room I get  an email error which is what I expected but it still schedules the room and sends the email to the other users(1-3) that I invited.

Any ideas on what to try next, or am i doing somthing wrong?
0
In SQL Server 2014 - I need to give users access to a view but not the underlying tables that the view queries.  I have two databases.  ODS_DHW and DDH.
The tables are populated and reside in ODSDWH and the views are created in a schema in DDH.

The error the users are getting is DataSource.Error: Microsoft SQL: The server principal "UserId" is not able to access the database "ODS_DHW" under the current security context.
Destails:
  DataSourceKind=SQL
  DataSourcePath=db05;ddh
  Message=The server principal "UserId" is not able to access the database "ODS_DHW" under the current security context.
  Number=916
  Class=14
0
I am not an expert or well versed person in computers. For tryout, I set a built in HDD password in my lenovo system as guided by one of my friend. But I completely forgotten the passowrd in the meantime.
I am a owner of laptop and having personal data on it. I don't want to loose the data so I am trying to find out solution for it and for 3 yrs i have kept that laptop as it is. Trying to find out a person who can help em to restore the password. Can you guide me if I realy can recover the data ?
0
Hello,
I need to bypass a XSS check which is using stripos to prevent using script tags by detecting the work "script"
<?php
if (stripos($a, 'script') !== false) return false; return true;
?>

Open in new window

The web server also has a CSP policy (default-src none; script-src: nonce-key) and requires a nonce parameter within the script tag.
Thank you for your help.
0
Get 10% Off Your First Squarespace Website
Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

https://blog.trendmicro.com/trendlabs-security-intelligence/autoit-used-to-spread-malware-and-toolsets/

Users are requesting for AutoIT to automate their tasks (mouse clicks, repetitive keystrokes etc)
but I have concerns like what's listed in link above.

What are the mitigations we can put in place to balance between work productivity & IT security risks?

Are the following valid mitigations?

1. air-gap those PC running AutoIT, namely remove Internet access & email access as these two are
    top vectors of malwares.  Users told me they don't need these 2 functions on the PCs running
    AutoIT but the AutoIT programmer wants it on his PC as he doesn't want to switch around
    between PCs when developing AutoIT scripts & using email/Internet

2. I heard we can compile the scripts & then uninstall AutoIT : so if a hacker got into the PC, he
    can't develop keyloggers/malicious scripts (that capture credentials).  The programmer felt
    this is restrictive but to work around, I heard we can create config file for scripts to read in
    parameters/variables to give more flexibilities or options for the scripts to operate: is this
    so?  Is this a good mitigation?

Pls add on any further mitigations.

I've heard of VB & Java scripts being risks : are they of similar nature as the risks of AutoIT?
0
I want to make sure what I am doing is correct.   I get this XML response:

<s:Envelope 
        xmlns:s="http://www.w3.org/2003/05/soap-envelope" 
        xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
        <s:Header>
            <VsDebuggerCausalityData 
                xmlns="http://schemas.microsoft.com/vstudio/diagnostics/servicemodelsink">uIDPo4tYpt6X40FEk+VSAe5mc8MAAAAAP497cBuXfk+uFIOY80O0iuLtIW56q7hLktgVYPhbnHMACQAA
            </VsDebuggerCausalityData>
            <o:Security s:mustUnderstand="1" 
                xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
                <o:BinarySecurityToken u:Id="uuid-10490fb0-8ee0-4a4c-a8db-77242c9a3b7f-2" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">MIIF+TCCBOGgAwIBAgIQIWv3OdE866kXP/....t</o:BinarySecurityToken>
                <e:EncryptedKey Id="_0" 
                    xmlns:e="http://www.w3.org/2001/04/xmlenc#">
                    <e:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
                        <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" 
                            xmlns="http://www.w3.org/2000/09/xmldsig#" />
                    </e:EncryptionMethod>
                    <KeyInfo 
               

Open in new window

0
Hi Experts,

We mainly offer workstation and server support in the UK. The client here has broadband with another supplier, and we supplied the router only. However, now we have been asked a comprehensive questionnaire for PCI compliance (Credit card payments). We are wondering how to respond because it’s fairly involved. Any advice please?


Is there a current network diagram that documents all connections between the cardholder data environment and other networks, including any wireless networks?

Is there a process to ensure the diagram is kept current?

Is a firewall required and implemented at each Internet connection and between any demilitarized zone (DMZ) and the internal network zone?

Is the current network diagram consistent with the firewall configuration standards?

Do firewall and router configuration standards include a documented list of services, protocols, and ports, including business justification and approval for each?

Are all insecure services, protocols, and ports identified, and are security features documented and implemented for each identified service?

Is inbound and outbound traffic restricted to that which is necessary for the cardholder data environment?

Is all other inbound and outbound traffic specifically denied (for example by using an explicit "deny all" or an implicit deny after allow statement)?

Are perimeter firewalls installed between all wireless networks and the cardholder data environment, and are these …
0
What are the steps or processes I can follow to run a Windows 10 program under the system context?
0
We have a SonicWall TZ600.  A manager wants to know in easy to understand terms what the security benefits the firewall is providing us.  Can someone help me word something that would be understandable?  I am new to SonicWall.  We were using a CISCO ASA.
0
As the administrator for our MS Server 2016 Essentials network, I sometimes need to  view coworkers c drive.

I simply use WinKey R  > \\JanesCpu\c$   and supply my network admin credentials.  

For the rest of the day I can view  JanesCpu without supplying the credentials.

Clearly the admin credentials are being saved somewhere, but where are they, and how can I delete them when I am done?
0

Security

24K

Solutions

24K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.