Security

26K

Solutions

25K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.

Share tech news, updates, or what's on your mind.

Sign up to Post

I am a heavy Twitter user and now I am hearing that the Indian government is hiring data experts and buying a surveillance/spy software to find people's whereabouts like in China. Because they don't like the dissent. There are many activists out there (myself included) who would like to be secured to the hilt against this new government spying software too.

What should I do beside running TOR.
Can they trace my phone number?

Any answer would be appreciated.

Vic
1
In a meeting we were told that it is possible to know or identify if a user hit a specific page and it’s contents even if the page is locked.  We understand that when a page has a lock it means SSL and that the data to/fro from the site to computer is encrypted.  Is this possible that even thought the page has a lock, there is  a way to identify the encrypted page that the user visited and identify the contents, if it has form or just regular page?
0
I have installed an MS Access .accde in C:\Program Files (x86)\Contacts and when I run it I get the message 'A potential security concern has been identified.'

How do I overcome this?

Thanks in advance.
0
We are randomly having issues with our barracuda backup of our SQL 2014 DB's. It will run for weeks and then get this error for several days. Sometimes a reboot works, other times it does not.
here is the application event id info:
 System

  - Provider

   [ Name]  SQLWRITER
 
  - EventID 24583

   [ Qualifiers]  0
 
   Level 2
 
   Task 0
 
   Keywords 0x80000000000000
 
  - TimeCreated

   [ SystemTime]  2018-07-13T02:03:27.000000000Z
 
   EventRecordID 79638946
 
   Channel Application
 
   Computer SQL2014.AbleHC.local
 
   Security
 

- EventData

   ICommandText::Execute
   0x80040e14
   SQLSTATE: 42000, Native Error: 3013 Error state: 1, Severity: 16 Source: Microsoft SQL Server Native Client 11.0 Error message: BACKUP DATABASE is terminating abnormally. SQLSTATE: 42000, Native Error: 3271 Error state: 1, Severity: 16 Source: Microsoft SQL Server Native Client 11.0 Error message: A nonrecoverable I/O error occurred on file "{9259D979-BF0D-4316-AAC5-29F290E39625}5:" 995(The I/O operation has been aborted because of either a thread exit or an application request.).
0
I am looking for a MFA (2FA) solution to secure local Administrator accounts on a domain, i have completed multiple implementations on 3rd party services and am looking for advice on a local implementation.

Windows domains
Server 2016 Domain controllers
Key accounts to protect are Administrators Group.

If this can then tie into MFA for VPN access as well (Sonic Firewall) this would be every beneficial. Any options/advice would be much appreciated (cost effective and easy to maintain)

Thanks
1
Does anyone know what's the maximum distance (if any) for the key readers in the building?  From the electronic panel to the key reader.  
We use keyfobs for the building.  Sometimes one or two doors key readers (out of 5 total) do not react to the keyfobs.  And that those that farthest away from the electronic panels inside the Telco room.   So my suspicious would be a distance limit but I would be completely wrong.
Any knowledge in this?  Thanks.
0
is it possible to track every item that is copied off the network or computer to an external device?
0
Getting Windows security prompts Win 7 Pro clients logging onto Synology NAS DS1515+ that worked until yesterday.  Domain users with admin access to the NAS are not able to login. Server is 2012 Foundation

Also getting multiple prompts when accessing the NAS via a web browser (revocation info not available, Synology certificate cannot be verified to a trusted certificate authority), integrity cannot be verified, ...) . Certificate is valid through 2036 & about 15 OKs allow the website to display.
That may or may not be related but is also recent.

Possible Windows not allowing logon with certificate issues?
0
We have recently installed a File server monitoring solution. I have setup file / folder auditing as outlined, and whilst monitoring the reports from this , I have noticed very high numbers of Failed Read Attempts on folders from some users. I doubted they were real Failed Read attempts as they all happen at practically the same moment  for a particular user. I have checked the security log on the file server and see lots of 4656 events , Failure audits. I have figured out that when one of our users does a windows search on a network share, all the failed read attempts are created at that point. So any folders that they don't have access to are showing up as failed read attempts, over and over again Does this indicate I have setup the auditing incorrectly?
0
We need to implement row level security on one of the column of the table that contains the group of the user in sql server 2017.

There are certain users that will have access on this table but we need to restrict them to access only the records for the group they belong.

Users belonging to IT Service group can see only his records that is sam1 , kane , robert can see 3 records.

Example Table Structure

employee_code    employee_name    position          level       status           noofyears     organization_level1   organization_level2
  76576                       Sam                         DBA                   9        married               6                        IT                                  Retail
  76576                       Sam1                       Network           3         married              2                        IT Service                    Infrastructure
  76576                       Kane                        Network           4         married              8                        IT Service                    Infrastructure
  76576                       Robert                     Network           5         married              3                        IT Service                    Infrastructure
0
I have one window user (Win10) that joined domain, so normally they will have no permission to make any changes on local computer, so i want to give permission on that domain user to be able only install any software on their computer but every strict permission keep as original, how to do that?
0
Hi

We have an instance of Backup Exec 2012 running on a Server 2008 R2 box.  This server also runs Exchange Server 2013.

In order to comply with PCI DSS we have disabled TLS1.0, SSL 3.0 and Triple DES 168.  Exchange is working fine but we have noticed that we cannot start the Backup Exec services.

We are planning to change out backup solution shortly, so we don't want to upgrade, but in the meantime I have read that enabling FIPS compliant cryptography would fix the problem.  I can make this change but I am concerned about breaking Exchange.

Should I be able to enable FIPs in the interim ?

Thanks
0
surface pro4 cant use fingerprint or facial recognition on sbs 2011 domain  keeps saying some settings are hidden or managed by my organization, security policies on this PC are preventing some options from being shown. so cant configure it to login.    dont know which security policy setting is stopping me from using them.  i already added the user to the local administrators group on the local pc but that didnt help
0
I'm attempting to create new Group Policies which will improve security within my domain. Obviously, before I deploy the policies live, I'd like to test them to make sure they won't affect my clients connectivity. However, I'm having a hard time coming up with a good way to test policies which could affect connection between my clients and my servers. I have some old domain controllers and servers which I am unsure of whether or not they'll be capable of meeting the requirements I'm trying to implement.

Obviously, simply deploying the Group Policies to the entire network would be a bad idea. Ergo, I'd like to test the policies being applied to those servers on only select clients.
 However, I cannot come up with a good way to test those policies. We do have primary and secondary domain controllers, and it would be possible to use Item Level Targeting to isolate policies the secondary controllers, then point our testing machines at the secondary controllers and test. But when I consider the potential consequences of doing that, I can't help but wonder if there's a better way.

Does anybody have any suggestions? What am I missing, or forgetting about?
0
I have a customer with an RDS server. they are connected with 30 people on this server.

management asked us to secure the server so that nobody can copy data out of it.

now if you right click copy in the RDS connection and you go to you local computer you can right click and paste data out of the server.

how do i prevent this?
0
I need advice in setting up a Windows 10 Lab that resides on a domain.  All the computers will have the same login.  Its a lab for kids so you can imagine they will be trying to get onto bad stuff a lot.  Btw, all the computers are laptops, if that has any bearing.  At first I was thinking that maybe I need to get a software called deepfreeze so that the computer is new after each restart, but on second thought I'm thinking that I need to give the users a restricted account where they are able to not change much of anything.  Is there any way I can do this from Windows 2008 server and set a tight group policy or profile that would allow the least amount of changes to the computer?  Can I also create something that prevents them from saving documents or changing the browser settings?
0
Dear Experts

We would like to restrict users from internet (though they have login for the application server)  our objective is  users who have application login access  should still be allowed based on their mac address,  first level at our firewall check mac id allow or reject then second level application level authenticate , we are completely okay to allow the users who work from remote office which has strong firewall but the same users from their home or internet then mac id to be checked and it is not from the accepted mac id then it should deny the access . application is webbased linux , apache and mysql .below are my doubts
  I have been as asked this to implement however I am not sure the users who access this application is from their office  behind the firewall and they will have to pass their firewall in this case will it be still possible to validate user mac addess and grant or reject access from our firewall,  is this possible ,  through vpn is fine but what if vpn details are known to others and if they access from their systems hence mac restriction is been asked, can you please suggest control based on mac is it good to go or is there better solutions , thanks in advance.
0
I have a couple of servers that are not logging successful or failed logins.

The GPO Audit Policy is set and being properly assigned to the servers, validated by gpresult.

Audit account logon events     Success, Failure
Audit account management    Success, Failure
Audit logon events                     Success, Failure.

Is there a command line utility (e.g. auditpol) that can show me if there are any filters applied to cause failed logons to not show in the security event log?

Is there anything else I can check to find out if these events are getting filtered before they land in the security event log?

Getting a little nervous about this as the affected servers are production machines.

Any help is appreciated, thanks.
0
Windows Patching Question -

on the microsoft update history for windows 2008 r2 for the June 2018 you  you have the monthly rollup - KB4284826:

https://support.microsoft.com/en-gb/help/4284826 

Then you also have the security only - KB4284867:

https://support.microsoft.com/en-gb/help/4284867

is the mothly rollup KB4284826 security only updates - cumilative from the previous months and will include KB4284867.

Please Help!

Kelly
0
Can anyone please help?I have wasted almost a day on this,...Codebase I am working on has been analyzed by Checkmarks(i.e Its a tool which scan code for any security  issues), and it came back with a report containing a "Stored XSS" issue. The issue states:

Method retrieveDataTagsNames at line 47 of Correspondence
Template/sf/claims/api/correspondence/template/data/DataTagsNamesDao.java gets data from the database,
for the query element. This element’s value then flows through the code without being properly filtered or
encoded and is eventually displayed to the user in method retrieveDataTagsNamesDetails at line 52 of
Correspondence Template/sf/claims/api/correspondence/template/service/DataTagsNamesRestController.java.
This may enable a Stored Cross-Site-Scripting attack.

Code  for DataTagsNamesDao.java:-

public class DataTagsNamesDao {
    private static final Logger LOGGER = LoggerFactory.getLogger(DataTagsNamesDao.class);

    @Autowired
    private NamedParameterJdbcTemplate jdbcTemplate;

    @Autowired
    private Sql retrieveDataTagsNames;

    /**
     * This method retrieves data tags names and values  from a DB2
     * sequence object.
     * 
     * @return String (data tags names and values)
     */
    @Transactional(readOnly = true)
    public List<DataTagsNames> retrieveDataTagsNames(String templateId) {
	
	try {
	    return jdbcTemplate.query(retrieveDataTagsNames.getSql(),new MapSqlParameterSource().addValue("templateId", templateId) 

Open in new window

0
I have a machine well, a user's profile infected with Nozelesn ransomware.  Is there anyway to clean it?
0
Hi Guys,

We have a Windows 2012 file server with a document directory structure which includes security groups and user permissions on the domain.

We have a requirement for higher security, documents to be encrypted and a record of all files being opened, copied, printed, etc.

I guess a document management system is the ideal solution, but to which extend can a document be monitored once it is saved outside the document management system, such as on the users' desktop?

Any recommendations?
0
What settings need to be changed within the Server 2016 firewall settings to allow domain admins to browse the C$ shares?
0
Customer has a watchguard T10 firebox firewall for a pos system.  The POS server connects directly to the trusted network port. no other computers connect to that network.  

Customer wants to setup an access point for wifi.  The watchguard has a 3rd port.  I want to activate it as a second network and allow wireless devices to access the internet.  

The watchguard firewall does not have built in wifi.  We purchased an access point that we plan to connect to the 3rd port.

This is a restaurant, there are no office pc's or network printers.

Need suggestions on policy's, the device has contenfilter subscriptions.  I want to enforce them on the 3rd port too if possible.
0
i need help with opening and viewing the footage on a .n3r file
its from a panasonic camera unit and i dont have the viewer from the camera.
i have looked and tried various programs but no joy.
Any help that can br given is greatly appreciated.
Thank you.
0

Security

26K

Solutions

25K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.