Security

23K

Solutions

23K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hi Experts!

I'm wondering about the following scenario, in terms of security:

A high traffic website (www.site.com or site.com) with some other subdomains running Apache/PHP on top of Linux, the website is using cookies to store user's data, the cookie's header states "domain=.site.com", so its a wildcard, cookies are encrypted and over https.  Twenty (20) other sites are "hosted" on the same "site.com" using their own subdomain "blog1.site.com, blog2.site.com, etc). These hosted subdomains are a basic CNAME at the DNS level pointing to a FQDN hosted somewhere else.

Given the above scenario, in specific, would one of those 20 subdomains be able to view/read/alter Cookies from the main website (www.site.com or site.com) or one of its subdomains (me.site.com, app.site.com, my.site.com, etc) ?

What are the security risks in place? Are there techniques or best practices for dealing with such scenario, wanting to exclude a list of subdomains from accessing unprivileged cookies? Anything else I should be aware?

If you can share some knowledge I would appreciate, thank you!!
0
What, When and Where - Security Threats from Q1
What, When and Where - Security Threats from Q1

Join Corey Nachreiner, CTO, and Marc Laliberte, Information Security Threat Analyst, on July 26th as they explore their key findings from the first quarter of 2017.

Greeting Experts,

    I have a standard script I use to check to see if our content controls are working ( i.e. verifying users can't get websites like Playboy). I need to change the script so it can check for multiple sites and then come back with the results in a .csv or.txt file for auditors. Can somebody help me with this script below?   thanks for the help    


$url = "http://www.Playboy.com"
$objXmlHttp = New-Object -ComObject MSXML2.ServerXMLHTTP
$objXmlHttp.Open("GET", $url, $False)
$objXmlHttp.Send()
$content = $objXmlHttp.responseText
$status = $objXmlHttp.status
$statustext =$objXmlHttp.statusText
if ($status -eq 200) { 
Write-Host "Site is Not blocked at this Time: $URL" 
}

else {Write-Host "Site is blocked: $URL "}

Open in new window

0
I had installed Apache SVN over ubantu 16 . in which i am trying to put access base restriction for different path by AuthzSVNAccessFile /svn/net location.
 hear i am facing issue for [/]  groups are getting restricted but apart from this location any path is not getting restricted inspite of trying multiple combination in access file.

Server.conf
<Location /svn>
  DAV svn
  SVNParentPath /svn/repos/
  AuthzSVNAccessFile /etc/svn_serve.conf
  AuthType Basic
  AuthName "MITS"
  AuthUserFile /etc/svnpasswd
  Require valid-user
 </Location>

Access file

[groups]
admins=svnnet
designers=designer1
[/]
@admins=r
[/svn/net]
@designers=r
@admins=rw
0
Have a AR515-8 DVR DVS 8 channel and lost admin passcode.
How do I reset it. Tried everything including calling KNC and Hikivision.
They tell me they don't have firmware for this unit to send me code to upload to flash drive to enter new setup passcode.
Please help
0
Good afternoon Experts,

Our Security Manager asked me to upgrade his existing IP camera network from 10/100 to Gigabit from our Control Room to our guard stations, roughly 150 meters away. The existing network we have been using is 2 Comnet devices, model CNFE6+2USPOE. More details on this device here:

http://www.comnet.net/comnet-products/ethernet/self-managed-switches/cnfe62uspoe.html

I decided to purchase 2 Netgear, model ProSafe-GS110TP:

https://www.netgear.com/support/product/GS510TPP.aspx

Connected with TrendNET TEG-MGBSX SFP Modules

https://www.trendnet.com/products/proddetail?prod=200_TEG-MGBSX


My issue is that I get no link light when I set up a switches in both locations. I have tested the units side by side and it all works, but for some reason when I get them set up in their specific location I no longer get link lights. I'm using the existing fiber run that the Comnet devices are on, and have confirmed it's 50/125 fiber, and I've tested the new short fiber cables we bought and they work as well. The TrendNET SFP modules should be rated at 550 meters.

In my other experience things like this just fire up, then you make sure the VLAN's are correct, but in this case I get link down in the Netgear GUI and obviously no sweet flashing green light.

Am I missing the forest through the trees here?

Thank you for any guidance.
0
Hi Experts,

I'm trying to setup an application that should allow users adding/editing/deleting a single row at a time.

Now for security purposes, I would like to have these users not being able to view more then one record at a time.

Was thinking of designing a stored procedure that will accept a parameter and display just that one record selected.

However I'm stuck with the following
A- A stored procedure is probably read only in Access.
B- In order to have users select a record, I need a drop down displaying all records, how can I have it just avail to the combo box record source while in database container it should not appear?

PS. for deleting single record I came up with this function that will perform it, so I dont give this user access to delete anything in SQL BE, and just have a button in Access calling the following
Public Function DeleteRecord(sTable As String, lID As Long) As Integer

    Dim cnn As ADODB.Connection
    Dim rs As ADODB.Recordset
    Dim cmdString As String
    Dim i As Integer
    
    Set cnn = New ADODB.Connection
    cnn.ConnectionString = "driver={SQL Server};" & _
          "server=tcp:ServerName\Instance;uid=MyUser;pwd=MyPWD;database=MyDB"
    cnn.Open


    cmdString = "delete from " & sTable & " where id = " & lID
 
    cnn.Execute (cmdString), i
    cnn.Close
    DeleteRecord = i

End Function

Open in new window

So basically I'm looking to deploy the same idea for adding/editing records.

Would like to know what is the simplest way to accomplish it.

Thanks in Advance.
0
The below script created a user SQL\srvSSISAcc on all my databases and granted datawriter and datareader to all databases but the use is not created in the security login, I need this name to be created on Security login before granting user mapping to all datbases

USE master

GO

DECLARE @DatabaseName VARCHAR(32)   
DECLARE @SQL NVARCHAR(max)
DECLARE @User VARCHAR(64)
SET @User = '[SQL\srvSSISAcc]' --Your User

DECLARE Grant_Permission CURSOR LOCAL FOR
SELECT name FROM MASTER.dbo.sysdatabases
WHERE name NOT IN ('master','model','msdb','tempdb')  

OPEN Grant_Permission  
FETCH NEXT FROM Grant_Permission INTO @DatabaseName  
WHILE @@FETCH_STATUS = 0  
BEGIN  

    SELECT @SQL = 'USE '+ '[' + @DatabaseName + ']' +'; '+ 'CREATE USER ' + @User + 
    'FOR LOGIN ' + @User + '; EXEC sp_addrolemember N''db_datareader'', 
    ' + @User + '; EXEC sp_addrolemember N''db_datawriter'', ' + @User + ''

    EXEC sp_executesql @SQL
    PRINT @SQL

FETCH NEXT FROM Grant_Permission INTO @DatabaseName  
END  
CLOSE Grant_Permission  
DEALLOCATE Grant_Permission

Open in new window

0
Hi all,

This is our setup:
- Sonic Firewall TZ300
- Barracuda Email security
- Server 2012 r2 with Exhange 2016
Latest updates are installed.

OWA works fine, outlook anywhere works fine.
Application Symprex for email signatures has an error trying to connect locally
MigrationWiz for migrating mailboxes doesn't work either.

Checking testconnectivity.microsoft.com results in error. Contacted above application providers: could be the problem with autodiscover.

Error is:
Attempting to test potential Autodiscover URL https://autodiscover.domain.nl:443/Autodiscover/Autodiscover.xml
       Testing of this potential Autodiscover URL failed.
       
      Additional Details
       
Elapsed Time: 1860 ms.
       
      Test Steps
       
      Attempting to resolve the host name autodiscover.domain.nl in DNS.
       The host name resolved successfully.
       
      Additional Details
       
IP addresses returned: 123.123.123.123 (correct of course)
Elapsed Time: 730 ms.
      Testing TCP port 443 on host autodiscover.domain.nl to ensure it's listening and open.
       The port was opened successfully.
       
      Additional Details
       
Elapsed Time: 510 ms.
      Testing the SSL certificate to make sure it's valid.
       The SSL certificate failed one or more certificate validation checks.
       
      Additional Details
       
Elapsed Time: 619 ms.
       
      Test Steps
       
      The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server autodiscover.domain.nl on port 443.
       The Microsoft Connectivity …
0
Does anyone have a workaround for June 2017 security update that cause attachments in Outlook to be blocked due to extra (...) ?
0
Post MS security patch KB3191898 all of my Outlook 2007 users are receiving error "The program used to create this object is Outlook. That program is not installed on your computer." trying to open attachments sent in rich text format. The main issue seems to be meeting requests that no longer have the option to send as html and are rich text only.

The only workaround we have found is to copy/paste to say desktop and then open the attachment. We are not quite ready to upgrade and my security officer will not let us remove the 'vulnerability' patch which I understand. Any ideas on a better work around or a way to default Outlook 2007 meeting requests to html format?

Thanks in advance.
for-experts.PNG
0
How Blockchain Is Impacting Every Industry
LVL 4
How Blockchain Is Impacting Every Industry

Blockchain expert Alex Tapscott talks to Acronis VP Frank Jablonski about this revolutionary technology and how it's making inroads into other industries and facets of everyday life.

Hi, I purchased a Qsee DVR, Its working fine and I changed the Pwd after some days and forgot now.
Kindly explain me how to reset the DVR.
0
The installer is long gone, and did not leave us the password for the DVR. We had a break in and need to review the video, as well as make copies for the police and insurance. Is there a way to get to the recordings without resetting the system?
0
Dear Guys, we are having this issue: After moved to a new seat, an user's PC could not access only some domestic websites, she still could access to foreign sites, such as yahoo, facebook, gmail... Anyone can suggest a solution, please?

I tested and these are some results:
- Plug in a laptop in that PC's place, it CAN access Internet normally
- Bring that PC to other places, it CAN access Internet normally
- We checked in the Router and Switches but there is no sticky command matched with PC's MAC address
- There is no ACL involved in permit/deny traffic
- 2 users stayed here before but they COULD access Internet normally
- We scanned virus, reinstall PC but could not help
0
Hello Experts,

I want to segment my wireless network traffic into Guest, student and teacher.We have sonicwall, multiple switches and Access point.

I dont want filtering on computers those are connected through ethernet. i just want to segment my wireless network and assign them to Iboss security device for content filtering .

Any suggestions???

Thanks
Nakul
0
refer to attached zipped slides:
any reviews / views on accuracy & thoroughness of this service is appreciated.

I think it relies on a list of questionnairres that customers feedback/input to
them, so I guess it will not be as accurate as doing actual penetration test scans
or vulnerability scans in our actual environment
cybint.zip
0
Our apps team somehow has a way of detecting that 61.239.162.190 is an
IP of a credit card fraud : I'm not quite close to the team so anyone know
if there are IP list out there that blacklist it?

I've checked www.ipvoid.com & threatstop.com but this IP is not in their
extensive blacklists.

How can I find out the mode of fraud of this IP?  Does this source IP send
emails or via sort of application (credit card processing)?

I've heard of several Online Fraud Tools (by IBM & F5) but haven't managed
to play with them yet
0
Hi all,

Existing domain xxxxx.local, new domain xx.local. Existing domain is controlled by an sbs (2011). New domain DC is server 2012 R2 and a seperate server (again 2012 R2) hosting exchange 2016.

Subnet .252. some computers on 54.x and all others (inc;luding all servers) on 55.x. (52.x and 53.x to be utilized later on for voip/guest wifi).

Old AD is a complete mess, better to start from scratch than attempt migration. New AD has been set up correctly, all ad accounts exist, clean security groups, new mailboxes to boot.

Need to 2 phase the site migration as too much work to squeeze in over a single weekend whilst offering client a mostly live environment (they need to remain operational during most of the weekend too).

Phase 1 exchange migration, the intention is to set all outlook (2010 and 2013 mix) clients on site machines to have new profiles that are pointing at the new exchange server using outlook over http, using remote.<external domain>. Exchange 2016 virtual directories all configured to use the external domain, including autodiscover. New SSL cert for remote.<external domain> installed to new exchange 2016 server. The intention is at the point of phase 1 of migration, change sbs dns forward for remote.<external domain> from itself to the new exchange server.

Phase 2: over a weekend move all pc's to new domain and change domain on data server (which is seperate to the sbs but hosted on its own physical box currently on the sbs's domain).

0
Hello,

When do you do network design, do you have dns record for firewall and  loadbalancer ? It is easier to see where packet is dropping.
Or any security concern on putting in DNS record?
0
I'm using 11.2.0.4 for Windows 64bit. It comes with Java 5 as part of the install (I'm assuming so you don't need to have Java installed to use Oracle). How do I update that version of Java? I'm running into an error where I need the unlimited crypto package but I can't use it on Java 5 (I tried and it grenaded parts of Windows if I update the security files). I did then install Java 8 on the system but Oracle seems to look at it's own vs what is installed outside of Oracle.
0
2017 Webroot Threat Report
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Hi all,

Not quite sure where this question sits, as its not really a break/fix issue, but relates to the bigger IT security picture.

We have a large number of Cisco and Huawei equipment, as well the usual lump of window and linux based platforms, and we are struggling to get a managed security policy in place to protect and block access to these network devices when previous admins and root access holders leave.
These devices are not protected by a VPN policy, and all are local accounts

So the questions here are;

  • can cisco and huawei access be defined on a centrally managed platform or database
  • can passwords for the above be remotely bulk changed
  • is there a best practises document for this

regards

phil
0
Hi,

Can anybody please help me on this i want to configure checkpoint security gateway as HTTP/HTTPS Proxy in cloud environment.

Thanks in advance
 
SAT
0
When I try to setup permissions on one clients server and add a user to a security group that is for a certain  share or folder
the user still cannot access the share. Even giving the user modify or full rights not recommended just for testing.
What could cause this? Could there be a policy stopping this? I get no popups or errors.
0
ive been hit with a ransomware attack
I can still use the computer but all word docs have been encrypted
I can open docs but they are blank
is my only option paying or can I get these back?
they are requesting over £800
0
Hi,

Very long story short, I am the new IT Engineer at a small business and I had the task to delete a shared network drive folder. Sounds easy right. Well, some of the sub folders don't have permissions on and I get the "The requested security information is either unavailable or can't be displayed" message in the security tab of the folders. I have tried the following:

•Taken ownership and applied Admin, my own user ID and Authenticated users permissions on the parent folder and applied the "Replace all child object permissions with inheritable permissions from this object"
•3rd party take ownership programs on the subfolders
•Rename/delete the sub folders via cmd

Anything I try can't seem to grant me permission of ownership of the sub folders. Unfortunately I don't know what was done to these sub folders as the old engineer must have done this. Any advice is greatly appreciated. Thanks!
0
How to block unmanaged switches from network. I have already apply BBDU Guard on interface but where unmanaged switches attached port will not block. and in show spanning-tree interface detail command no BpDU received. So please help is required for block unmaanged switches fron network. Other than port security please
0

Security

23K

Solutions

23K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.