Security

26K

Solutions

25K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.

Share tech news, updates, or what's on your mind.

Sign up to Post

I have a web-based file manager system that allows users to log on and browse folders and files via a php script.

I use the google doc viewer to display the files.

My problem is that if anyone works out the URL of the file, then they could bypass the file manager system and just access the file in any browser.

Please can someone advise the best way to secure access to the files with IIS from direct URL browser access, but allow the PHP script, and the google doc viewer, to access it.
0
I am trying to install SSL certificate on F5, I keep getting Import error (Screenshot attached) I have tried entering password, and changing the option for Key security, it doesnt work.

The certificate i am selecting is in .pem format, have selected .crt and .p7b as well, none of them works.

Have anyone experienced the same error?

Thanks for your help.
0
How can I fix the security certificate trust for an server that is only accessed internally?

I have tried to install the cert but still keep getting the same error.   It is a Host server that I access all the time.     I can continue but it still shows the certificate error.  I can successfully launch the vsphere web client.   Just trying to eliminate the error.  I also get an error when I try to import a file into the Datastore because of the certificate error.    Is there a way to fix this problem?
0
Hi,

I have a user on a HP elitebook, and I have setup fingerprints in HP Client Security, but it doesn't work when trying to unlock his PC.

When he swipes his finger, nothing happens.

Nothing happens when he tries to log in with fingerprint either.

I installed the HP Client security manager, and he scanned his fingerprints no problem, and the reader is working because when we went back into HP Client security manager it asked him to authenticate with password or fingerprint, and he successfully authenticated with fingerprint.

Within Windows 10 itself, the sign in options are poor. Finger print just says:  "This option is corrently unavailable - click to learn more" and "Something went wrong. Try again later".

Please help, many thanks.
0
O365 Risk Watch and Fortify for Protection

Have couple of questions about these two products. how does these 2 products work. Does they come under ATP.
0
I created a GPO to add some needed trusted sites to to the local intranet in the security tab of IE which works fine. The only problem is that some users, because of their job function, need to add to this list but cannot because it is managed by GPO. Is there a way around this? We have too many computers in our domain spread across multiple locations so doing this manually is not feasible. We are in the process of integrating Force Point in our environment so adding the trusted sites is necessary.
0
We are having loads of trouble configuring a Site2Site VPN with a pair of Watchguard T35 firewalls.
Neither is configured pretty much outside of the initial setup wizard.
The current site 2 site vpn is stock from the vpn configuration guide from Watchguard.

We tried a number of different configs, but have currently deleted them to restart fresh.
Also we are trying to set the connection to initiate from SiteB to SiteA just to limit randomness, but can set bidirection or SiteA to SiteB as initiator.  Doesn't really matter to us

My theories may be off, so I'll just throw out the logs from each to see what you may think is happening.

Thank you in advance.


Site A
*** WG Diagnostic Report for Gateway "AA-to-TC-Gateway" ***
Created On: Tue Oct 29 09:22:49 2019

[Conclusion]
	Error Messages for Gateway Endpoint #1(name "AA-to-TC-Gateway")
		        Oct 29 09:22:35 2019 ERROR  0x02030015 Message retry timeout. Check the connection between local and remote gateway endpoints.


[Gateway Summary]
	Gateway "AA-to-TC-Gateway" contains "1" gateway endpoint(s). IKE Version is IKEv1.
	  Gateway Endpoint #1 (name "AA-to-TC-Gateway") Enabled
		Mode: Main
		PFS: Disabled 	AlwaysUp: Disabled
		DPD: Enabled 	Keepalive: Disabled
		Local ID<->Remote ID: {IP_ADDR(A.A.A.A) <-> IP_ADDR(B.B.B.B)}
		Local GW_IP<->Remote GW_IP: {A.A.A.A <-> B.B.B.B}
		Outgoing Interface: eth0 (ifIndex=4)
			ifMark=0x10000
			linkStatus=0 (0:unknown, 1:down, 2:up)
		Stored user messages:
		        

Open in new window

0
MyPhoneExplorer 1.8.12 released      2019-06-17

They say:
Simply explore your Android phone !
Connect your phone via WiFi, cable or bluetooth and you'll be surprised how easy and efficient it will be to manage your phone with our software. Since it's first release MyPhoneExplorer evolved into the most popular freeware tool for smartphones. The software is constantly updated with new features.

Anyone have experience with this app?

My main question: in syncing data, does the transfer between android phone and PC get sent encrypted, or can anyone read it?

Thanks!

OT
0
When you have a business that has say 5 Access Points in a building is all you really need to do is set the SSID and Security the same on all of them so anyone in the building can Roam at which point they will transparently move from AP to AP?

   That is more in the Client's ability isn't it?
0
We get an audit finding from one of the Big Four audit firms as follows:
"A study should be conducted to determine the granularity of the segmentation of end-users. Minimally,
  IT administrators should be in a separate network segment from the rest of the end-users."
"Inadequate network segmentation increases the ease and risk of lateral movement by cyber-
  attacks, if a server or device in the segment is compromised."

As sysadmins have "privileged" access to servers & compromise of their PCs will risk compromising
the servers in a 'privileged' way, we'll adopt the recommendation.

I'll need some good points/arguments to support our stand of not further segmenting each
departments from each other:

a) the main exposures are from "Internet surfing" & emails access (lots of malicious attachments,
    phishing, spam emails seen in email gateways) besides USB ports

b) all other users belong to same trust domain as they read emails & surf internet (yes, the
     sysadmins are encouraged to surf internet on PCs not used to surf Net & read emails)

c) for workstations used for Industrial Control Systems/Operations Tech, they don't have email
    access & Internet surfing &  have been rightfully segregated as per existing set-up

d) To prevent lateral attacks, EDR, AV & email security (forwarding of malicious emails to
     other colleagues) are in place with SIEM for detecting such events in the pipeline

e) if we were to segregate every departments (eg:…
0
Hi All,

I would like to create a "Dynamic" security group in Active Directory. So basically my need is as following:

I need a security group which will contain 3 computer objects. These computers will be reimaged ever now and then, but they will always have the same hostname. I need those objects in the same Security Group after they rejoined the domain. A colleague of mine attended me on "Dynamic" Security Groups, yet i cant find any usable information. Does this exist? Maybe you guys have more information

Thanks in advance!
0
Hi, I'm using the Quarantine feature from Watchguard and this creates a Quarantine website users can log onto. But the problem is that it's an intranet server and as such doesn't have an 'official' SSL certificate. I tried to create a self-signed one etc but I keep on failing ... could someone please give me step-by-step instructions on how to create a self-signed certificate and attach it to that website so that the browsers won't throw their security warnings anymore? Thanks!
0
I've searched the internet and I still don't understand what it means when NCA\ANONYMOUS LOGON locks and/or unlocks the domain administrator account.
Below is an extract from the event viewer in an easy to read format. Can anyone explain the best way to determine if it is an intrusion attempt or a process, application or service causing this?

An event has occurred in which you are on the notification list.
Time Stamp: 10/23/2019 11:56:45 PM
Perpetrator: CN=Anonymous Logon,CN=WellKnown Security Principals,CN=Configuration,DC=***,DC=local
Perpetrator Name: ***\ANONYMOUS LOGON
Event Source Type: Active Directory
Domain Name: ***
Policy Name: AD: User Account Lockouts
Event Name: Object Modified
Event Name Translated: Account unlocked
Originating Server: ***\***-DC01
Originating Server IP:   *.*.*.10
Target Host: n/a
Target Host IP: n/a
Class Name: user
DN: CN=Administrator,CN=Users,DC=***,DC=local
Affected Object SID: S-1-5-21-3359379490-2354048252-4260778802-500
Affected Object Account Name: ***\administrator
Operation Successful: True
Operation Status: Success
Blocked Event: False
Perpetrator Sid: S-1-5-7
Originating Client: AUTH:***-DC01
Originating Client Host: ***-DC01.****.LOCAL
Originating Client IP: x.x.x.10
Originating Client Protocol: AUTH
Originating Client MAC: **:**:**:**:**:FF
Events Count: 1

Open in new window

Thanks in advance.

David
0
Hi Experts,

I have a question regarding AD scurity groups.
Lets say I have two security groups.
One group is filled with users (modify rights).
The other group is filled with FullAccess Users.

Lets say one teamleader is in both groups, which group counts ?
The group with the highest right or lowest ?
1
I recently took away users local admin privileges from all the end users computers.  The people who seem to be affected by this the most are the programmers. They have issues with running docker which needs to be run with elevated privileges (Just one example so far ).  I would be interested in hearing what other sys admins are doing with the more technical end users to let them work properly?

Thank you.
0
Within splunk enterprise, when I am running a search and see the matching term suggestion pop up, is there a keystroke I can hit to select the matching term?  Currently I have to click it with my mouse.
 See picture.
pic2.PNG
0
Script to audit memory on a remote machine.

Does anyone know of or have a Powershell script that will loop through a text file (where i add computer names) and check the memory on each of these and write back to a CSV file with the headers - COMPUTERNAME | MEMORY

I have found scripts but I am unable to use Get-WmiObject for security reasons will not allow on any machine (Get-WmiObject : The RPC server is unavailable)

Any help would be appreciated

Thank you
1
Android 9, Oreo.

New phone.

Samsung A7.

Got a notification from...Find My Mobile.

Don't have this app.

Clicking the notification it says "These notifications can't be turned off."

What can I do?  Need notifications from Apps I use.  Don't want ads.

Thanks!

OT
0
How can I lower the Java Security Rules for internal networks only?

Currently our users are needing to manually enter an internal web address in their Java Exception list.  I have been charged with trying to make the process more automatic for our users.  Specifically to allow all URL's for internal web addresses to allow the Java Applet.

I did find a way to create an Exception list for the computer:  https://community.spiceworks.com/how_to/123766-java-site-exceptions-list-and-certificates-for-all-users

but, this option takes away the user's ability to have their own list or to add the web sites that they want and the list will be managed by the local administrator.  Equally important, if I used the above mentioned web page documentation then it will overwrite any Java exception list that the user already created.  We do not want to go that route.

Is there a way to allow internal web addresses to have a lower Java Security level then external web addresses?  TO actually allow Java to be run on those internal web url's.
0
I would like to find a way to see which security protocols/ciphers are being used with IIS 6 on our windows 2008r2 server.
Where is the right place in the registry, or IIS to look for these settings?

Thanks,
0
I have a domain network that needs to have a security warning appear just before the user logs onto their computer account.   I have never done this nor have any idea where to start.  It is on a Windows 7 computer, soon to be a Windows 10.  Any directions on how to do this?
0
Have a new Samsung A7, Android 8.0.0 OS.

Can't see the option for encrypting the PHONE.  

Have encrypted the SD card.

Have set up a PIN & fingerprint sensor unlock.

I recall there was an option to encrypt the phone - had one with my Sasumg J5.

But, can't find the option to encrypt anything beyond the SD card on this phone.

What am I doing wrong?

Many thanks!

OT
0
Hello,

Our users are having issues with sending emails with zip file attachments. I have looked at our exchange server setting and I can seem to find anything that pops out. I also verified our email security gateway and did not find anything. I have not changed anything in our server or Barracuda email security gateway. Below is the error I get. Any help would be greatly appreciated.


Delivery has failed to these recipients or groups:
Starlyn.Sarmiento@amormeus.org
The email system had a problem processing this message. It won't try to deliver this message again.





Diagnostic information for administrators:
Generating server: xxx.amormeus.org
Starlyn.Sarmiento@amormeus.org
Remote Server returned '554 5.6.0 Invalid content'
Original message headers:
Received: from xxx.amormeus.org ([::1]) by xxx.amormeus.org
 ([::1]) with mapi id 15.00.1473.005; Mon, 21 Oct 2019 07:48:36 -0500
MIME-Version: 1.0
Content-Type: text/plain
Date: Mon, 21 Oct 2019 07:48:36 -0500
X-MS-Exchange-Transport-FromEntityHeader: Hosted
Message-ID: <c444d4072b8544aaafe8cf98e980babb@xxx.amormeus.org>
Subject: this is a test
0
FileZilla-Server-Connection-Issues-.docxFileZilla Server SFTP connection issue from outside network. I need help resolving issues with sftp connection to filezilla server from outside network. Please see attachment for details for my current Router, FileZilla Server, and FileZilla Client configurations.
0
Goal:
Only allow domain users to use a simple user interface and the least needed settings for their daily work.
For security, privacy concerns. Administrators are not affected.
Missions:
1.  Standard taskbar system icons and notification icons by Group Policy. For example, hide Windows Ink Workspace, show Input Indicator, etc...
2. Only show specific apps on the start layout by Group Policy. For example, show Photos app icon, hide MS store, games, xbox, etc...

Could I have some advice or guidelines on which Group Policies can do that? I already imported the Windows 10 GPO templates into the Domain Controller, but do not know which policies can meet my missions. Thank you.

Environment:
Server 2012 R2 AD, Windows 10 professional
0

Security

26K

Solutions

25K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.