Security Help

Our Internal Audit is setting up a Teammate server (data & reports) plus a separate license
server (this license server needs to be authenticated by Teammate/ACL periodically).

Teammate will host financial data for auditors to analyse/review (using ACL, CAATS)
for frauds so it's considered sensitive data.

Q1:
Is it appropriate for both the license server as well as Teammate server to be SaaS
(like O365) or just the license server or it's best that they must not be SaaS? For sure
if they're in cloud, the VM must be located in our country due to cross-border restrictions

Q2:
Do we place the license server in DMZ & Teammate in the internal secure backend zone?

Q3:
What other security design considerations to take into account?
Restrict license server to Teammate/ACL/CAATS sites only & the Teammate server
to be accessible to Internal Auditors' subnet only?

1 Comment

OWASP Proactive Controls

LVL 12

Learn the most important control and control categories that every architect and developer should include in their projects.

LVL 68

Article by

btan

6h ago

Make the RIGHT Security by Building Your Security PIVOT

Take a step back to reflect where are we now and where we should be heading to in the next (and many more) tranches of getting to implement the RIGHT security. We need to build security PIVOT to stay in the cyber chase with the adversaries.

0 Comments

We had a past incident of an IT staff who elevated his/her sharepoint privilege
to Site Admin.

What are some of the easier ways to prevent this from happening other
than educating??

Any free tools or low-cost tools are welcome as well

4 Comments

I'm going for network engineer/security engineer position with a local company and part of the job is creating secure architecture diagrams, which I don't any experience with and need much information regarding this topic.

I'd like to know what tools are available, both paid and non-paid, utilities. Also, where can I get a crash course on this subject and maybe some type of hands-on soonest? The meat of the position is identifying threats and mitigations, but I would like the position and again, I'm weak on documention skills.

4 Comments

Did you forget the password for protected PDF documents? If yes, then go through this blog and get the best idea to remove security from Adobe files.

0 Comments

I have this php that looks if a user is part of a group if so Great you can view the full web page if not you can only view some of the web page.

<?php
//ini_set("display_errors",0);
//error_reporting(E_ALL);
error_reporting(E_ERROR);

$vistor = substr($_SERVER["AUTH_USER"], 20);

$myUsername = "work\jtest";

$myPassword = "password100";

// specify the LDAP server to connect to
$Groupconn = ldap_connect("192.168.1.1") or die("Could not connect to server");

ldap_set_option($Groupconn, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($Groupconn, LDAP_OPT_REFERRALS, 0);

$Groupbind = ldap_bind( $Groupconn, $myUsername, $myPassword );

    if ($Groupbind) {
// echo PHP_EOL . "LDAP bind successful...<br>" ;
    } else {
        echo PHP_EOL . "LDAP bind failed...";
    }


$Groupbase_dn = 'DC=work,DC=com';



$group = "CN=HR,OU=Security Groups,DC=work,DC=com";




$GroupFilter="(&(objectCategory=user)(sAMAccountName=".$vistor .")(memberOf=" .$group. "))";


$Groupresult = ldap_search($Groupconn, $Groupbase_dn, $GroupFilter) or die ("ldap search error");

$Groupinfo = ldap_get_entries($Groupconn, $Groupresult);

$Groupfound = false;

if ($Groupresult !== false) {
    $Groupcount = ldap_count_entries ($Groupconn, $Groupresult);
    if ($Groupcount !== false && $Groupcount > 0) {
     $Groupfound = true;
    }
}



if ($Groupfound === true) {
    $Groupyes = "1";
    echo "yes";
} else {
    $Groupyes = "0";
    Echo "no";
}

?>

Open in new window

THis code works great I

add

IF($Groupyes == "1"){
Echo "only cool people can see this";
}Else{
Echo "you are NOT cool";
};

Open in new window

But this only works for 1 Security Groups HR

I need to have levers

group 1 = ceo
group 2 = IT
group 3 = HR
group 4 = all other staff

then in the php code if I want only HR to see some thing but not IT I can do

IF($Groupyes == "3"){
Echo "HR can see this ";
}Else{
Echo "You are not HR";
};

Open in new window

or have more this 1 group able to see a part of the web site.

IF($Groupyes == "3" AND Groupyes == "1" ){
Echo "HR and the CEO can see this ";
}Else{
Echo "Sorry IT you can't see this. ";
};

Open in new window

0 Comments

LVL 1

Question by

franbel

2d ago

facebook please slow down

Hello,

I have this message when I try to log in Facebook account that request a security check with an SMS.
When I do continue after confirming my phone number I hav ethis message:

"It looks like you’re using this feature in a way it wasn’t meant to be used. Please slow down, or you could be blocked from using it."

Do anyone have an idea to get of of there?
Both my profile and buiness page are down.

Thanks

3 Comments

LVL 2

Question by

sara2000

2d ago

Centos upgrades

We have Centos release 6.10 (final) and want to apply the security patches assuming yum -y update -security will do the job. But there is a new version of Centos available.
Can i just issue yum upgrade to jump into next version .
I would appreciate your recommendation on this.

Security

2 Comments

Trying to deploy Logmein via GPO and im getting Event ID 102. The install of application Logmein from policy Logmein failed. The error was %%1603.

I checked and the security of the MSI file is set to Everyone with full permissions. It even added the computer to the logmein control panel but there are no system files in the Logmein program folder.

3 Comments

What are Enterprise size businesses using to replace old FTP Server technology.

Where I work we are looking to update our technology and replace our FTP Server. I have been charged with researching alternative solutions to using an in house FTP server. This F.T.P. Server is used by our:

- Employees
- Customers

To share files from different locations. We want to have it secured so its not open to everyone on the internet. Citrix ShareFile is good; but, it is expensive. IS there any type of technology that we can use and setup on premises? That we cna install and have it work better and more securely than FTP?

Even if you need to pay a little bit that is fine. We wil need several dozen accounts to connect and share files to this alternative solution.

5 Comments

Learn SQL Server Core 2016

LVL 12

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

I am trying to find out if my system has been compromised or not. I have a simple Windows domain with two servers. One is for Active Directory and the other is an exchange server. The domain scheme was setup to be xyz.local and has been working for several years now. Today, we realized that something has changed and we can only now login with the credentials of xyzabc.local. When you look at the system properties on both servers, it still says xyz.local. Is there some way to check on this change was made? Thank you!

4 Comments

LVL 27

Question by

Fred Marshall

4d agoSolved

"Windows defender firewall is using settings that may make your device unsafe"

Windows 10 Version 1809 Build 17763.107
Windows Defender Security Center says:
"Windows defender firewall is using settings that may make your device unsafe"

I reset the firewall and it seemed to work in fixing this.,
Then I applied our standard script which adds firewall settings.
Now the message is back.
But how to find the problem?

7 Comments

Office 365 Security and Compliance.
I would like to structure a content search query so that it will return any email sent externally. I'm struggling with finding the syntax for it.

Example of the results I'm looking for.
Internal domain: dom.com
Should match: Recipients - joe@ext.com
Should match: Recipients - joe@ext.com, jane@test.com
Should match: Recipients - joe@ext.com, jack@dom.com, jill@dom.com
Should not match: Recipients - jack@dom.com, jill@dom.com
Should not match: Recipients - jack@dom.com

5 Comments

LVL 1

Question by

tbs_mnp

4d ago

Domain Admin Group Level Access

Domain Admin Group. As of now we have four actual people in the domain admin security group, the administrator account and then a handful of service accounts that primarily read AD...example a C# program logs in using windows credentials but uses the service account to authenticate with AD, another example is using service accounts to run services on specific servers.

My question. the four people only need access to this group for access to servers and network shares (I can get rid of this).
Administrator account of course has to stay.

This leaves my service accounts, whats the best way to go about removing these accounts from domain admin group while still allowing them permission to run the actions they run?
is it through group policy or local server access?

Looking for how we can minimize risk, also curious- how you treat your domain administrator account password? We have it pretty much limited to only access servers from a login standpoint, but who has access to this password, what do you guys use it for if anything?

4 Comments

I've got a problem with Exchange 2013, when I add recipients to security groups for access such as to shared mailboxes, and permissions do not seem to have any effect. If I add the users individually with the command below, then everything works as it should. There's no error or obvious issues, the users just confirm that they are unable to access the shared mailbox. Anyone seen this, or any ways to find out what the problem might be?

Add-MailboxPermission -Identity "sharedmailbox_name" -AccessRights FullAccess -User "recipient_name" -AutoMapping $true

1 Comment

Question by

Jacob C

4d agoPrivate

Cloud Email Security Solutions

Anyone have any experience with Cisco Cloud Email Security with the AMP add-on? We are currently using Office 365 for email and are looking for a more robust email security platform.

The Cisco solution is one we are looking into, does anyone else have any experience with any others or would be able to make any recommendations?

If you have used Cisco CES, how is it working out? Is there a big difference vs Office 365's built in security features?

3 Comments

We have an internal program that uses a public certificate for security. We need to lock down the application on devices so they do not have any access outside of the program (client connects to a server using several ports) and Logmein (for remote support).

I am using the Windows Firewall to block outbound traffic except for traffic we will allow for the program. The problem I am having is that the application will not run because the public certificate will not verify the certificate chain (for security on the user login). I have tried to turn off settings for revocation in Internet Options, but that is not what the problem is. It seems the app needs access to the internet to verify the certificate. So in Windows Firewall, I need to know what exactly do I need to open outbound?

2 Comments

LVL 1

Question by

Eric DeLong

5d agoSolved

Need to install this cert..to run CC machine

trying to install a Security Certificate, and get this message (there is more but these lines I think might be the important ones...

Error Occurred in Certificate Process: System.InvalidCastException: Unable to cast COM object of type 'System._ComObject' to interface type

"this operation failed because the QueryInterface call on the COM component for the interface with IID

No such Interface supported

No clue here in the IT office what we should be looking to install/change/edit/fix.

Turned off firewall, AV, logged in as Local Admin. No luck.

2 Comments

LVL 1

Question by

bensonwalker

5d agoSolved

Exchange 2016 POP3 configuration

I have a Client that uses Reynolds & Reynolds to send and receive emails to/from customers with the program. They are able to send but not receive. Spoke with R&R support and they use POP3/port 995 to receive emails to the program. I'm trying to configure POP3 and think I have everything set but I'd rather be 120% sure rather than leave a security risk open.

In Management Shell I ran the >Set-PopSettings to configure everything and when i run Get-PopSettings I get

InternalConnectionSettings : {Exchange.Domain.local:995:SSL, Exchange.Domain.local:110:TLS}
ExternalConnectionSettings: {email.domain.com:110:TLS, email.domain.com:995:SSL}
UnencryptedOrTLSBindings: {x.x.x.x:110} (x.x.x.x = external exchange IP)
SSLBindings: {x.x.x.x:995} (x.x.x.x = external exchange IP)
Cert Name email.domain.com

Does this look correct? Should the Binding be the External IP or Internal? Testing using Microsoft Analyzer (https://go.microsoft.com/fwlink/p/?LinkID=313839) fails with

Test TCP port 995 on host email.domain.com to ensure its listening and open. The specified port is either blocked, not listening, or not producing the expected response.

Any help is appreciated and if you need more info let me know.

Thank you!

8 Comments

We are currently using a Meraki MX84 for VPN. It connects to our Active Directory to authenticate users.
I am setting up a Duo Authentication Proxy to tie into my Meraki MX84 so I can have Multi-Factor Authentication on my VPN. The Duo Auth Proxy is asking for a Radius Secret from the Meraki. I am not sure where to setup the connection on the Meraki side. Am I setting up sign in with my Radius Server under Access control?

6 Comments

Hi all,

The case:

We do have a bunch of users that need access to a bunch of different shared mailboxes.
I have found several answers that points in several directions on several forums, neither have delivered a workable solution.

Desired solution:

Use AD groups to grant access to the shared mailboxes, so they are usable within Outlook.

What have we tried so far:

Created a Universal Security Group that is mail enabled - doesn't work (but access is granted through webmail with Open Another mailbox option)
Added MailboxPermission to the shared mailbox with FullAccess rights and AutoMapping $true for the Universal Security Group
Added group (DN) to msExchDelegateListLink on the shared mailbox

Tech Spec.:

Exchange 2016 CU10 On-prem in hybrid mode
Exchange Online isn't used in this case (but could be in a possible solution)
Outlook v18.10 build 11001.20108 via Office 365 installation (C2R)
Windows 10 1709/1803

I'm not sure whether it's actually possible or not to use a group based acl for a shared mailbox.

Hopefully someone has invented the deep plate and accomplished this before...

Brgds.

Brian

2 Comments

When I type my domain name (e.g. "example.com") into Safari on my iPhone, I am directed to the unsecured version (http://example.com).

Same behavior with Edge on desktop: if I type example.com in the URL bar, I am directed to the unsecured version.

On Chrome however if I type example.com https://www.example.com is loaded.

My site is hosted on Heroku with DNS by Google domains:

Open in new window

How do I ensure the encrypted version of the site is always loaded?

5 Comments

We have set up several Windows Server Essentials 2012/R2 servers for remote web access (Anywhere Access) with the free Microsoft remote web access domain name and certificate (i.e., company.remotewebaccess.com). We are now receiving alerts on the server indicating that the remote access certificate is about to expire and needs to be "renewed with your Certification Authority." Could you please let me know the simplest, most efficient way to renew the Microsoft remotewebaccess.com certificate we originally set up?

If that cannot be done, what is the most straightforward way to resolve this problem and keep Anywhere Access working?

Security certificates are not something I am very familiar/experienced with,unfortunately.

Thanks very much.

4 Comments

Question by

DrPing

6d ago

VLan security

I have an HP E5406zl switch with several vlans that was set up by a vendor. The switch seamlessly routes traffic for all vlans... meaning there appears to be no security between vlans.
All subnets can reach each other.

Is it possible for the switch to route selectively? Can I create an access list that prohibits certain vlans from communicating? (or is this just wrong?)

I can use a firewall to protect a vlan, but I'd like to do it with the switch itself if that even possible.

Thank you!

2 Comments

I once uploaded an MSWord file in EE & one expert commented he could
see my name, the company I worked for & even the previous person who
edited the file was identified.

Was told in MS Office there's this metadata. Where/how can I check for
this metadata & how can we securely remove it? I'm using MS Ofc
2000 & 2016

Does PDF files also have such metadata?

8 Comments

Security

Related Topics

Security

Related Topics