Articles & Videos



Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.

Share tech news, updates, or what's on your mind.

Sign up to Post


I am doing some testing of spam filtering solutions. Is there a service that will just send you spam to an email address? Thanks.
Automating Your MSP Business
Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Hi everyone ,

I applied CU 15 on my exchnage 2013 mailbox server,but got an error on step 12 ,below is the full error ,should i consider this update as complete or i will have to run the setup again.

when i run below command to chekc the CU version

Get-ExchangeServer | Format-List Name, Edition, AdminDisplayVersion

it shows the serevr has latest CU version on which i got the error

The following error was generated when "$error.Clear();
          $name = [Microsoft.Exchange.Management.RecipientTasks.EnableMailbox]::DiscoveryMailboxUniqueName;
          $dispname = [Microsoft.Exchange.Management.RecipientTasks.EnableMailbox]::DiscoveryMailboxDisplayName;
          $dismbx = get-mailbox -Filter {name -eq $name} -IgnoreDefaultScope -resultSize 1;
          if( $dismbx -ne $null)
          $srvname = $dismbx.ServerName;
          if( $dismbx.Database -ne $null -and $RoleFqdnOrName -like "$srvname.*" )
          Write-ExchangeSetupLog -info "Setup DiscoverySearchMailbox Permission.";
          $mountedMdb = get-mailboxdatabase $dismbx.Database -status | where { $_.Mounted -eq $true };
          if( $mountedMdb -eq $null )
          Write-ExchangeSetupLog -info "Mounting database before stamp DiscoverySearchMailbox Permission...";
          mount-database $dismbx.Database;

          $mountedMdb = get-mailboxdatabase $dismbx.Database -status | where { $_.Mounted -eq $true };
          if( …
I have a task attached to an event the runs a powershell script to send an email when ever an event is logged
For actions I have start a program, entered powershell.exe with and path to script in arguments
It all works well except when ever the task runs I get an email with the event details and a 2nd email like below
can anyone tell me how to prevent the 2nd email>>

SubjectUserSid      S-1-5-21-2560493146-1397779600-2150419373-2289
SubjectUserName      service account name
SubjectDomainName      AD
SubjectLogonId      0x585dd7
ObjectServer      Security
ObjectType      Key
ObjectName      \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN
HandleId      0x304
TransactionId      {00000000-0000-0000-0000-000000000000}
AccessList      %%1538 %%4432 %%4435 %%4436
AccessReason      -
AccessMask      0x20019
PrivilegeList      -
RestrictedSidCount      0
ProcessId      0xc9c
ProcessName      C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
I have 300 Ubuntu 14 PC's that I block all internet except a whitelist - I do this by disabling dns, and have the central server do dns lookups for everything on whitelist and put it in a hosts file and have all the hosts use that. Obviously, this is a bit hacky but it worked.

The problem now - I have a need to whitelist * Slack says subdomains change too much, they cant provide a static list, or even a current list and then let me update it.

So I guess I need to enable DNS - what might be easy ways to still restrict to a whitelist of domains? I can easily run shell scripts on all 300 machines. (they check in with central server and grab a script and run it regularly). So anything I can install/configure via script is a viable option...

If it's not too hard I could set up an ubuntu machine to be a dns server.

Basically what I want is whatever is easiest so that I can just provide a whiltelist, that is allowed to have wild cards like * and block everything else. I suppose it doesn't actually have to be a DNS based block if there is some client app.

Whatever it is, I am OK to set up a server myself - but the clients, it needs to be scriptable install/config.

I want to be able to update the whitelist easily/quickly.

Any ideas/suggestions?
I know that my cipher suites are causing the issue with not being able to connect to certain sites - I'm not sure how or why but somehow it's only allow HTTP connections and is not allowing HTTPS connections (windows update can't check for updates, can only browse http websites)

I also can't connect to my IIS site as it's HTTPS as well - there are no errors in the logs

I know the cipher information is in computer\HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL

What do I need to do to check/fix to allow both http and https connections on this server?

See attached photo

I've seen this issue before but cannot for the life of me remember what I need to do to resolve it

IIS 7.5 - Win Server 2008 R2
Over the past month we have built 2 Tier 2 PKI environments for our domains. One of them appears to be working correctly and the certificates from the templates are being pushed (Workstation Authentication, RDP Auth) as normal. However on our second domain this is not the case. I have setup both PKI environments for the domains exactly the same (minus the domain names) as i read through the same article for both installs. I did notice that some of my servers in the partially functioning PKI have gotten the Workstation Authentication cert, however i can only get the RDP Auth template to work if i am on a server and i put in a Certificate request. The Active Directory call comes up and when i request the RDP Auth certificate it pulls from my new PKI Environment. I'm doing a controlled decommission of the old CA (no templates present and slowly revoking certificates) but as i am not seeing the new environment push out new certificates correctly i am stalled.

On the new PKI Templates i made sure that Domain computers has Read Enroll and Auto Enroll. I also made sure that Cert Publishers on the domain has the computer that is my Subordinate Ca as a member. I also verified that in our Default Domain Policy the settings for Auto enrollment under the Security Policy is configured per Microsoft articles i have found. I did a tab by tab comparison of the working PKI to the "Non working PKI" for RDP Auth and the settings are the same.

I am not sure what else to look at now and am…
OK this seems shocking to me.  I've just started a new sys admin role (my 1st sys admin role) and I am looking after a clients SBS2011 server which has over 35000 updates waiting to be approved/installed.  I've got the number down a bit by removing superseded updates but I'm after some advice.  I'll be starting with Critical and then Security updates 1st by trickling them in but should I be looking at installing all of them or can I get by on just the Critical/Security updates?

A bit of extra background.  The current sys admin is leaving and the only other guy here is more 1st/2nd line so isn't much help.  Google has been my only friend so far.  That being said, advice is definitely required so feel free to chip in with your thoughts.
Can you please suggest best IT security vulnerability reporting software like hackerone which will be also cost effective.

Can you please suggest best Employee Safety and Security solution in software as a service?

How could i provide security in webservice(authentication)
Free NetCrunch network monitor licenses!
Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Hi All,

We have a certificate installed and it contains private key in it... we cannot export private key  as that is grayed out.
not sure who installed it.
my question is if we missed to enable both (Allow private key as exportable and Mark key as exportable) then is there any chance to export .pfx format from installed certificate??
Is there any update windows (such as windows 7) update patch for dealing with wanna cry threat?
I got hit with Amnesia Ransomeware...
Any help to decrypt?

We are very worried because we have just find out that some users can "send as" emails, sent on behalf,...

How could this be possible?

Hi all,

I'm after your thoughts.  USB drives are a big risk to any network.  However, if a business enforces the encryption of USB Drives once they have been attached to a computer and are also scanned by an anti virus product, just how much risk do they now pose?

Any corporate data on there is now encrypted incase it is lost or stolen and any malware/virus should be detected before it is able to run (as long is it is not 0 day for example).

Should we still be concerned?  Many in the business want USB drives disabled by default, where as other think that the above controls mitigate the risks and will only force people to start printing (and losing) paper documents.
I have created root certificate while signing sub ca certificate using root key basic constraints , Key usage as Certificate signing and not coming in certificate. below is the openssl config file.

# OpenSSL example configuration file.
# This is mostly being used for generation of certificate requests.

# This definition stops the following lines choking if HOME isn't
# defined.
HOME                  = .
RANDFILE            = $ENV::HOME/.rnd

#oid_file            = $ENV::HOME/.oid
oid_section            = new_oids

# To use this configuration file with the "-extfile" option of the
# "openssl x509" utility, name here the section containing the
# X.509v3 extensions to use:
# extensions            =
# (Alternatively, use a configuration file that has only
# X.509v3 extensions in its main [= default] section.)

[ new_oids ]

# We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
# Add a simple OID like this:
# testoid1=
# Or use config file substitution like this:
# testoid2=${testoid1}.5.6

# Policies used by the TSA examples.
tsa_policy1 =
tsa_policy2 =
tsa_policy3 =

[ ca ]
default_ca      = CA_default            # The default ca section

[ CA_default ]

dir            = ./demoCA            # Where everything is kept

I want to wipe some hard disks. And the software I use uses:

US DoD 5220.22-M

The write head passes over each sector three times. The first time is with zeros (0x00), the second time with 0xFF and the third time with random characters. There is one final pass to verify random characters by reading.

My question is this can take a long time to do.

So assuming I use the above method. Is it actually possible for somebody to
get the data back. Some sort of tool that would run for days or longer as an example.

I know there are data recovery companies out there.

So how safe is it in practice.

Any evadence or labority test to prove it works? i.e cant be recovered?

Any links and articles referenceing this would be great.



for any SQL server install SSL security , under what situation your customer will do it ? usually company I work with install SSL only in web server login page.

to protect DB backup from getting restore to other DB ? so using TDE ?  but TDE must use SSL cerification from a known provider like symantec ?
I'm writing a doc to list out the circumstances / criteria when we need to engage a
professional forensic IT service or when engaging our HQ's forensic team (which
we don't have locally).

Blocking a malicious IP or source of a spam & phishing sites (that resemble ours),
recovering from a malware using our AV & backup is something we have
competencies to do.

We don't know how to use Windows sysinternals tool & possibly most forensic tools

What are the criteria people out there resort to when engaging professional IT
forensics ?
[Webinar] How Hackers Steal Your Credentials
[Webinar] How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Is MS Windows AV defender bundled free with Win 10?  Any specific
version of Win10 that it comes free?

Win AV defender was touted as blocking the execution of Java, VB
scripts etc: does McAfee or Trendmicro do this as well?  How does
Win AV defender compares in terms of ransomware protection
against other major AV vendors' ?

Can Win AV defender coexist say with McAfee AV & McAfee HIPS agent?

Do we need a separate EPO (just like McAfee) to update Win AV defender
signatures on users' PCs/laptops or WSUS will do?   A few hundred PCs/
laptops in our corporate don't have Internet access
Can you please direct me as to how to reset my password for the Admin?
Hi,  I'm seeking guidance from team and sort out things out.  I currently hold a Security+ cert that's due to expire in 11/17 and at the same time moving to a new position that requires Linux support on the (desktop) client side.  So my question is, instead of renewing my Security+, study for Linux cert and use it as a CE for my Security+.  I'm required to maintain my security+ cert due to the nature of m y job but I'm interested in adding another cert to my resume.  
What do you guys think and the best place to start and plus study material?
I ordered "Red Hut Enterprise Linux 4 for DUMMIES" BOOK from eBay and it has CD as well.  I've a spare laptop and a desktop and enough resources to install Linux but I need guidance. BTW, I've been a Windows professional for many years and would like to mix things up a bit.
Your thoughts ??
I am trying to give a folder: C:\ProgramData\Adobe, security permisison for the Domain Administrator. I right-click on the folder > Properties >  Security > Advanced > Changed Permissions > Add, then add the domain administrator.  When I click 'Apply' it does apply this setting to the folder, and some sub-folder and files, but I get the error "Access Denied" on others, for example "C:\ProgramData\Adobe\Adobe PDF". See image. This happens on lots of other folders too: C:\ProgramData\Documents, C:\Users (lots). Why? This only appears to be happening on this one workstation. How can I fix this?
Knowing public access to our Internal CA is a HUGE security risk, is there a way to perform this in a more secure manor?

Is the best practice to up a known public CA?

We are in the process of setting up RAS for remote vpn
I have a phone server that needs to send email out. I setup a receive connector on our Exchange server 2013 on the same subnet as an application relay choice and setup the scope at the top with the phone server IP and the bottom is all IPv4 and port 25. Security is Permission group, anonymous users. However, we are getting an error message: status=bounced (host said: 550 5.7.1 Unable to relay (in reply to RCPT TO command)). What am I missing?





Articles & Videos



Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.