Security

25K

Solutions

24K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.

Share tech news, updates, or what's on your mind.

Sign up to Post

We are in the process of installing indoor/outdoor cams.  However, a question came up; what happens if the electricity is cut off or when there is a power outage.  

Is having a UPS is sufficient?
If so, what type of UPS?
What other considerations should we take into account with this issue of maintaining power when loss?
0
Webinar: What were the top threats in Q2 2018?
LVL 1
Webinar: What were the top threats in Q2 2018?

Every quarter, the WatchGuard Threat Lab releases an Internet Security Report that describes and analyzes the top threat trends impacting companies around the world. Are you ready to learn more about the top threats of Q2 2018? Register for our Sept. 26th webinar to learn more!

I've used Nexpose Community occasionally for a number of years.  Now I'm trying to get it installed and running.  But, the browser gives this response:
Can’t connect securely to this page

This might be because the site uses outdated or unsafe TLS security settings. If this keeps happening, try contacting the website’s owner.

Your TLS security settings aren’t set to the defaults, which could also be causing this error.

I'm not sure how to deal with this.  I've already tried a few TLS settings but to no avail.
Any suggestions?

I've tried this on the Windows 7 computer I used before, a Windows 10 computer I've used before, another Windows 10 computer and a Linux installation on a VM.  All act more or less the same way-although there have been "some" differences, they all quit.  The KEY is never asked for...
0
How DLP should be implemented in various SaaS solutions?

A bullet point response would be great.


Thanks,
0
Hello,
i have pfsens with snot package ... and i enabled on wan and lan wit block mode
i add some alerts so suppress lists for wan and lan ,,, already create two file one for wan and the second for lan
some alerts that is in suppress list is going to blocked ! so where is the problem ?
0
Ransomware Nozelesn
Is there a good decryption tool available for this ransomware encryption?
0
I manage a site for a utility company that does not do their own online billing. Rather they host links to the third party that does it.

I wanted to protect against Phishing attacks with these links.

The first thing I was going to do was add a plugin for a Yubikey.

Will that be sufficient or should I also do something else? I was thinking about signing the links with a PGP key, but that may be too complex for the users of the site.
0
I am having a problem accessing a remote share, from a windows 10 enterprise system, to a share that resides on a server 2016 machine.  Interestingly enough, I set up another 2016 system which I can access from the same windows 10 machine with no issue.  The system is currently not domain connected and I have tried accessing the hidden share on the d:\ drive of the remote 2016 machine.  I have also shared the drive out to the "Everyone" group with full permissions and I still cannot connect.

From the remote machine, I enter into a windows explorer window \\servername\share, but I never get prompted for a username/password.  Instead I get a window popup stating "Windows cannot access \\servername\share".  The error code is 0x80004005.  

In the event log, on the 2016 server, I am seeing an audit failure, in the Security log, stating "The user has not been granted the requested logon type at this machine"

On the second server, that I installed server 2016 on, I have no problem accessing the share, whether it's the hidden share or the share I set up to Everyone.  

I don't understand why I'm not being prompted to enter my credentials on my Windows 10 machine.  I have also confirmed with others, in my group and they too cannot access any of the shares on the problem 2016 server.

I have looked everywhere under the sun, but cannot find a resolution to this issue.  

Any help is appreciated.
0
Our security team  ran an external VM scan on DMZ and had some vulnerabilities.

i have 1 question:

SSL/TLS server supports TLSv1.0  vulnerability ( 38628) does not provide much info for windows server 2008 (R2) servers.
we looked at this article .  https://blog.qualys.com/ssllabs/2014/12/08/poodle-bites-tls

we are not sure if this is a legitimate vulnerability or false positive.

solution is to opnessl but we do not have it installed.

could you please let me know with some more information to see if this protocol (TLSv1.0) needs to be disabled or we can disregard.

there is 1 article i searched - https://blogs.msdn.microsoft.com/friis/2016/0725/disabling-tls-1-0-on-your-windows-2008-r2-server-just-because-you-still-have-one

above links list instructions to disable 1.0 and enable 1.1 and 1.2

i need to compile the list , can you provide any thoughts of the top  link above, how should i make changes ??
0
I am wanting to create security group for filtering purposes.

They do not exist yet and I am wanting to create them.

I would like to get all my AD user and select the value of the "Division" field.

With that field I'd like to add them to a group in an OU called "SafetyNet"

If the group that matches the name of their division exist - they would be added to that group. If not, the group would be created and then they would be added.

I imagine it would look something like this:



$users = get-aduser -properties * -filter {enabled -eq '$true' -and division -ne '$null'}

foreach ($user in $users)

{add-adgroupmember -Identity {

    Get-ADGroup $user.division 
    (if (unsure what goes here))

{}

else {
    new-adgroup -name $user.division -SamAccountName $user.division -GroupCategory Security -GroupScope global -path OU=safetynet,DC=smh,DC=org
}


}}

Open in new window

0
How can we use the secondary Citrix NetScaler Server, in an H.A. pair to safely test out new configurations before the same changes are propagated to the other NetScaler?

We have 2 x version 12.0 Citrix NetScaler Servers in our environment.  They both are setup for auto-sync and propagation by default; but according to websites:

- https://support.citrix.com/article/CTX124439 
- https://docs.citrix.com/zh-cn/netscaler/11/system/high-availability-introduction/configuring-command-propagation-high-availability.html

There are commands to that can be executed to turn the HA Sync and HA Propagation off and then back on later.  At my company we would like to test out a 2 factor authentication option (during a planned maintenance window) and see how that works before it is available for all of the users.  I am thinking of doing the following:

1.  Enable the 2 factor authentication settings on the Authentication server.
       a.  Whatever it may be, that is a separate topic from this question.

2.  Then after the Authentication server is ready, disable auto-sync and auto-propagation on the NetScaler HA-Pair.

3.  Then configure the secondary NetScaler to work with the 2nd factor Authentication server.
        a.  Then plan a maintenance window to temporarily make the secondary NetScaler Server into the new primary NetScaler Server.
        b.  When I fail over the primary server, the secondary server will then become the new 'primary' server …
0
10 Tips to Protect Your Business from Ransomware
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

We have home Folders for all users with security set as per below
  • Bob (Deny Delete this folder, Modify Files and SubFolders contained within)
  • Bob's Supervisor  (Deny Delete this folder, Read only Files and SubFolders contained within)

Bob is not a member of the supervisors group, nor any of the 12 staff who possess a named folder

The conundrum!!!!

  • When Bob creates a file in Word or Excel or even notepad and tries to save the file, a file is created in the folder with the name chosen of zero bytes in size, then generates an access denied error to Bob.  
  • When Bob wants to print to PDF he can save the "printed" output file to his folder without any access denied error.
  • Bob can delete files in the folder.

There are 12 folders being one for each employee and only some have this issue.  I have trolled thru the security on the files and folders and they are all configured identically.
For those affected by this I have deleted and recreated the Named Folder from scratch and get the same outcome.  This also affects the users whether they are logged on via a domain joined PC or Remote Desktop.

What am I missing here?  Please help put me out of my misery!
0
I have an interesting one.  A client created a number of training videos for employees, and he wants a way to prevent the users from copying the files period .  They are mp4 format files, so the users will need to play them, which my understanding via NTFS a read right includes copy.   Might this be a job for AD RMS?  Does installing it compromise or change the security on anything else on the box, that is, if it is a good choice, or can you simply point it to a/the training share?

Another option could be to leave the videos on external usb drives, if again there is a way to protect them from copying, but they are portable and therefore "could" disappear.
Thoughts ideas?  DC 2012, File server 2016.
Thanks!!!
Licompguy
0
Need an automated way to create Azure Dynamic Security Groups using PowerShell. These groups needs to be created based on an AD attribute i.e employee number. Any thoughts?
0
ASA 5525-X with ASA5525 VPN Premium license.  

When I log on via console I am not able to do basic functions like name an interface or assign an IP address.  Example from interface management 0/0:

host# conf t
host(config)# int management 0/0
host(config-if)# ?

Interface configuration commands:
  channel-group    Etherchannel/port bundling configuration
  default                 Set a command to its defaults
  description          Interface specific description
  duplex                  Configure duplex operation
  exit                       Exit from interface configuration mode
  flowcontrol         Configure flowcontrol operation
  help                      Interactive help for interface subcommands
  lacp                      LACP interface subcommands
  no                        Negate a command or set its defaults
  shutdown          Shutdown the selected interface
  speed                 Configure speed operation
host(config-if)#


Same options on all interfaces.

It feels like the thing is in transparent mode, but there is no firewall command in config mode.

Code version: 9.8(1)
0
Hi All,

I need some assistance setting up the below. I've got 3 "subnets" to set up internally. All must be able to reach the internet through the suppliers router.

The networks are 2x /26 and 1x /27. VLANS 601 & 603 are desktop pc's. VLAN 602 will be Cisco phones. 601 and 603 do not need any seperation, they're just to cover the seperate DHCP ranges. DHCP will be provided by an external source (hopefully) through a VPN setup on the ASA Firewall. I'm looking to setup outside interface, inside interface and access for all vlans.

Is anyone able to provide a sample config on how I could get this working?

Network Overview
Thanks,

J
0
I would like to set up different security levels, does someone have a good link on how to do this?
0
I have a stand-alone Exchange 2013 (CU11) server.  All has been well for about 2 years now with all mail and any mail flowing well inbound and Outbound.  We do use Trend Micro Hosted Email Security for Inbound filtering.  As I just mentioned, we never had any issues with messages staying in the queue up until 5 days ago.  

Scenario:

1.  ALL inbound email is fine and flowing nicely.
2.  A handful of email domain suffixes will not go through.  For example, one of them is OUTBOUND mail to Sympatico.ca never leaves the Exchange Queue (also same with Bell.net and a few others).  90% of other outbound emails to other domains go through just fine.
3.  Tested DNS and appears to be resolving well
5.  Restarted the Transport Service numerous times to no avail
6.  No smoking gun in the Event Viewer
7.  Not using a smarthost on my Send Connector, using "MX record associated with recipient address" for delivery
8.  ISP even added a PTR record for my MX record.
9. get-ServerComponentState returns everything as Active

Really not sure what else to try or what typically causes only certain outbound email from specific domains from leaving the queue...  Here is what I see from one of the messages stuck in the queue (with replaced company specific info)...

================================================================
Identity: <InternalServerName>\2718\102499394519069
Subject: Test
Internet Message ID: …
0
I have been asked to look into creating an emergency account that has the permissions to reset passwords\enable\disable on Domain Admin level accounts but only that - no RDP, logging on rights etc.

I have a Service Desk group that has been delegated rights in AD where necessary but as they are not DAs, cannot reset DA accounts. I know of the adminSDHolder flag attribute and would rather not remove this from DA accounts as it's implemented by design and is a layer of protection for DA accounts.

I know of GPO settings that can be used to prevent interactive logons but wouldn't that be overridden by an account with DA rights?

So, is there a way to achieve all this?
0
Hello,
i have a apache with mod security enable
i want to create a rule that block any page contain when open  for example c:\windows
thanks,
0
Exploring ASP.NET Core: Fundamentals
LVL 12
Exploring ASP.NET Core: Fundamentals

Learn to build web apps and services, IoT apps, and mobile backends by covering the fundamentals of ASP.NET Core and  exploring the core foundations for app libraries.

Dear Experts

We have hosted web based application which runs on linux, apache, mysql and php. data security is top most priority, we have installed ssl certificate and also deployed two factor authentication, when used the online ssl checker by going to https://ssltools.digicert.com/checker/views/checkInstallation.jsp  after the scan following shows up

1. Vulnerabilities checked
Heartbleed, Poodle (TLS), Poodle (SSLv3), FREAK, BEAST, CRIME, DROWN
Non-critical issues found
BEAST
Not mitigated server-side BEAST.

2. Secure Renegotiation: Enabled
Downgrade attack prevention:Enabled
Next Protocol Negotiation: Not Enabled
Session resumption (caching): Enabled
Session resumption (tickets): Enabled
Strict Transport Security (HSTS):Not Enabled
SSL/TLS compression:Not Enabled
Heartbeat (extension):Enabled
RC4:Not Enabled
OCSP stapling:Not Enabled

---------
Please help me to understand on above 1 and 2  and let me know the steps correct as per the best practice. thank you.
0
Hi Guys,

We would like to limit RDP users from viewing  / accessing folders in C: drive on a specific server.
Such as C:\PROGRAM FILES, C:\WINDOWS, etc

Users have dedicated folders to which they have shortcuts on the desktop, thus they don't need to browse folders.

One way is to setup a security group for RDP users
Then add a Deny permission entry for this group on C: root

Thus folders in C: root should be visible to everyone, but the RDP users

Any ideas, Is this safe to do?
0
Hi

I have a Windows 2016 Server running on my Azure account. I want to add a good level of security to it.
According to the following article https://docs.microsoft.com/en-us/azure/security/azure-security-antimalware
it already has Windows Defender software on it. I am not sure where to find this. Is it in my Network
Security Group?
The article also says that the "Azure VM Antimalware extension" can be added. How do I do this. I tried
to create a resource in Azure but couldn't see it.

Any other suggestions on how to bolster my VM security would be greatly appreciated


Thanks
0
I have set up a network security group in my Azure portal in order to control which IP Addresses can access
my Azure Virtual Machine (Windows 2016). Several inbound and outbound security rules were automatically
set up without me doing anything. I only added one rule (myInboundRule1), which is marked by a red arrow.
I only want people at IP addresses that I specify to access the system. Will any of the other rules in the list override this.
Thanks

 1
0
Hi, I have a user that is running iVMS-4200 from Hikvision to monitor their security cameras.  This station in question is a Windows 7 16 gigs of ram, Geforce 750 video card, dual monitors in hi resolution with two curved Samsung 34 inch displays.  

When we try to open the iVMS client we get an error message "display resolution is less that 1024*768, are you sure you want to start the program?".  We say yes, but the client goes in wierd resolution and we can't do anything but ctrl alt delete our way out.
0
I need to upgrade fail2ban 0.8.14 to 0.10.3.  I am on a Linux 2 server which prevents me from loading any repositories or using Yum to install it.

So, I need to know the steps to get my fail2ban upgraded.  

Thanks,
0

Security

25K

Solutions

24K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.