Security

23K

Solutions

23K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.

Share tech news, updates, or what's on your mind.

Sign up to Post

Can loved one's or family members see my credit report if I put a security freeze on it?
0
On Demand Webinar: Networking for the Cloud Era
LVL 9
On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

I am just filling out and IT security review questionnaire  and not sure how to answer the following questions.
This is regards to an database over a secured internet connection using RSA.  I don't work in IT security and wondering if someone could explain me some basics  regarding  SSL and Two factor authentication.   I have read the RSA has a 128bit algorythm

Any network connection is encrypted through SSL or IPSec mechanisms when possible and symmetric encryption used is restricted to algorithms with a minimum key size of 128 bits..  

Thanks
0
I wanna save my user ID and password in excel, but i dont want people to see my password. I wish to convert password to ****** .

sample is attached.

Thank you in advance.
0
I had created a VM, then a checkpoint, but somehow it was deleted.  It was only a little test VM I had set up, no big deal to lose, so I deleted the VM from Hyper-V Manager.

Now, whenever I try to create a VM--*any* VM--it fails with a popup error:

popup
It doesn't matter what the VM name is, it always claims that the checkpoint %vmname%.vhdx is missing.

Example:

I try to create a VM in directory d:\vm\vms\ called VM-01.  I tell it to place the disk in d:\vm\vms\VM-01\vhd\.  I hit Finish.  It acts like it is creating everything, then I get the popup above.  The directories are created (e.g. d:\vm\vms\VM-01\Virtual MachinesError log reports:

'VM-01' is missing a checkpoint. The disk paths missing used to be located at: D:\vm\vms\VM-01\vhd\VM-01.vhdx. The system cannot find the file specified. (0x80070002) (Virtual Machine ID 24161C9C-6C8F-4015-A258-DC2B8D42C907.)

This will happen regardless of what I name the VM.  

Security on the directory:

SYSTEM:  FULL CONTROL
%MyDomainUserAcct%:  FULL CONTROL
%LocalMachine%\Administrators:  FULL CONTROL

I've removed/reinstalled Hyper-V, done a system restore to before the problem started etc.  Services are running and I am an admin on the machine.  I still choose to run Hyper-V Manager as admin and get the same results.

To make matters more confusing:  If I choose the Quick Create option it works just fine.  If I create a custom machine and place it in the same directory …
0
I have a website with a link back to a YouTube video.  I have various other you tube videos on the website that show without a problem.  I recently loaded anew one and got this message. It only shows in Explorer.  No message in chrome.  Just a blank space.

http://www.kingjames3music.com/artist-epk.html



This content can’t be shown in a frame
There is supposed to be some content here, but the publisher doesn’t allow it to be displayed in a frame. This is to help protect the security of any information you might enter into this site.
Try this

Here is the code.

<div class="videos-container">
          <div class="col-md-12">
          	<iframe class="videos-item-lg sec-q-pad-b" width="854" height="480" src="https://www.youtube.com/watch?v=bmHX722dY8g&feature=youtu.be" frameborder="0" allowfullscreen></iframe>
            
            
            
          </div>

Open in new window

0
Hello again!

I'm trying to find some sort of tutorial, or other information on the proper syntax and such for Nessus .audit files, specifically for Cisco products.

The "Nessus Compliance Reference" on Tenable's website doesn't explain nearly well enough the different meta-characters and their uses (I.E. ^, $, bracketing), nor does it explain how Nessus looks at IF/OR/AND statements.

Any help would be greatly appreciated!

EDIT: To explain better.

I understand the basic syntax:
<check_type: "Cisco"> 
  <item>
    type       : CONFIG_CHECK
    description: "Enable password is set and encrypted"
    info       : "Check to see if the enable password is encrypted"
    item       : "enable secret [^ ]+"
    required   : YES
    severity   : HIGH
  </item>
</check_type>

Open in new window


But the part on line 6 after ENABLE SECRET is part of what I don't understand (I am having to rewrite an .audit file to suit my organization's needs).

Another example of stuff that I'm attempting to do, but not understanding how:
<if>
  <condition type:"OR">
    <item>
      type        : CONFIG_CHECK
      description : "Check for aaa auth login default"
      info        : "The network element must have DNS servers defined if it is configured as a client resolver."
      item        : "ip domain-lookup"
      item        : "ip name-server [^ ]+"
      severity    : MEDIUM
    </item>
    <item>
      type        : CONFIG_CHECK
      description : "Check for aaa auth login default"
      info        : "The network element must have DNS servers defined if it is configured as a client resolver."
      item        : "no ip domain-lookup"
      severity    : MEDIUM
    </item>
  </condition>

Open in new window


What I'm aiming for is that if either one of those checks is positive, then the system has passed that particular audit, as both of those will meet the requirements.
0
Dear Experts, our company is building IT policy based on this standard but we are not sure where to start. Can you suggest the links for download all documents? Many thanks in advance!
2
I have a unique situation. The legal department from my employer is requiring that I get a signed "Attestation of Compliance" document from my service provider.  I have a dedicated server in which my host is basically providing me the hardware, but all set up, security, user accounts, etc. are under my control.

The host is saying they won't sign an AOC because the only thing they control is the physical access to the machine (Items 7-10 of requirements). That makes sense to me. Why should they put themselves at risk for compliance when I have most of the control of vulnerabilities on the server.

Does anybody know of a hosting provider that would in fact provide an AOC for a service provider? Or of a work around for this?

Thanks.
0
I have encountered a security breach, the most likely explanation is packet sniffing of http data. The issue is that we have many companies each assigned to their own separate VLANs. Can packet sniffers sniff across different Vlans if they are connected to the same  the same switch or AP? I didn't think that was possible?
0
In Palo Alto Networks there is a test sec policy command that will let me know whether the traffic from source A to dest B for port C will pass or be denied. i.e. test sec policy 10.10.10.100 to 10.10.20.100:80 ALLOW (or DENY). Is there a similar function within VMWare NSX?
0
When ransomware hits your clients, what do you do?
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

I am looking for an AD script to help us audit our security groups. I would like to be able to get an output of all the Sec groups we have and their members. Is this possible?
0
Hi

Can't seem to get this service pack to install on Windows Vista SP1 (french)

I disabled vLite in the registry because at first the installer considered that some update was missing

Now it installs but gives up before finishing and states that SP2 couldn't be installed
It suggests that I execute hotfix KB947821-v35-x86, which I do but this just installs itself and brings no improvement

any ideas ?

thanks
yann
0
I have been in IT since the 80's so I am old and cranky lol.
I have a good understanding of Security, Networking, Ransom ware, phishing, DDoS attacks, Flooding, Virus, Trojan, SPAM V-Lans, VPNS and so on.....
But I am self taught and there are holes in my advanced knowledge.
Anyone have any suggestions where I can learn prevention techniques for what is coming down the pipe today and tomorrow?

I read other threads on this subject, but seems more geared to home users or beginners, not that there is anything wrong with that ;)

I may have missed something.

I appreciate everyone's input.
0
I am setting up spiceworks monitoring on my domain and "one" computer it cannot connect. I already opened the ports on the domain and in the firewall (Symantec) but still cannot connect.
I did a telnat but it shows ports listening that is not required in their documentation.
Is there a network tool that I could use to monitor to see what is blocking the server application to communicate with client
0
Dear All,

We have internet and intranet are separate on physical layer due to company security policy. We are using DHCP for ip release on both intranet and internet. At times user use the intranet computer on the internet by unplug the intranet cable and plug the internet which we do not want. To avoid this we have configured the static ip on the intranet computers and minimize the privileges to change the IP. Through this the user can not use the internet on the intranet computer due to non release of ip address.

My question is is there any way through firewall or Windows Active directory through which our intranet user cannot connect to internet on the intranet computer using dhcp. In other word , can we limit the user not to connect to internet.
0
Client has just traded in their BMW.  Their iPhone was paired with the car by Bluetooth.

How do we make sure that all the private data, contact information, navigation history, is securely removed from the car?


Thanks.
0
Is there a way I can add a linux box to my domain network for monitoring purposes?  I'm a complete novice on this particular topic and don't know if my question even makes sense, but I have lots of spare machines I could use and dozens of Linux software disks that have come with my subscriptions to LinuxUser  and to Admin.

Is there a trade pub that would cover this, or a white paper?
0
Hi,
I have been asked to provide some computers for general use by about 100 people. They will use ONE generic account to login to Windows and access the internet, Microsoft Office etc.
How can I ensure that EVERY TIME someone logs off,  their whole windows session/user profile is wiped clean?
I don't think I want to restore Windows every time. That will take far too long.

Has anyone tried any applications that do this?
What are the these applications?
0
I freeze my credit report from 3 beaurues. Equifax, Transunion, Experian. I did that because some people knows my social and date of birth and I don't want they knows my new address. My question is what other agencies i can use to freeze my credit history?
0
Get 15 Days FREE Full-Featured Trial
LVL 1
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

What is a good anti virus software

Something that may combat ransomware
on windows 10
1
I am trying to open a port on the domain for all computers in the domain via group policy, I did the following;
Computer configurations/Windows settings/Security settings/Windows firewall with advanced security/inbound rules.
New rule
Port
TCP 155
Allow connection if secure
Entered the authorized computer that will be accessing via this port
Domain
Name - finish
Assigned the rule to the domain
Did a update cmd
But the port is not open
Working with a server 2012 and window 10
Open-155.JPGPort-155.JPG
0
I`ve been trying to configure my new toy and getting nowhere. When I put in "https://192.168.1.1/admin" I get the "This page can`t be displayed".

I`ve searched various boards and have been unable to find a solution.

http server  is enabled

zombie(config)# sh ver

Cisco Adaptive Security Appliance Software Version 9.2(4)
Device Manager Version 7.6(1)

Compiled on Tue 14-Jul-15 22:19 by builders
System image file is "disk0:/asa924-k8.bin"
Config file at boot was "startup-config"

zombie up 17 hours 14 mins

Hardware:   ASA5505, 512 MB RAM, CPU Geode 500 MHz,
Internal ATA Compact Flash, 128MB
BIOS Flash M50FW016 @ 0xfff00000, 2048KB

Encryption hardware device : Cisco ASA-5505 on-board accelerator (revision 0x0)
                             Boot microcode        : CN1000-MC-BOOT-2.00
                             SSL/IKE microcode     : CNLite-MC-SSLm-PLUS-2.06
                             IPSec microcode       : CNlite-MC-IPSECm-MAIN-2.09
                             Number of accelerators: 1

 0: Int: Internal-Data0/0    : address is 2c54.2d0f.88b0, irq 11
 1: Ext: Ethernet0/0         : address is 2c54.2d0f.88a8, irq 255
 2: Ext: Ethernet0/1         : address is 2c54.2d0f.88a9, irq 255
 3: Ext: Ethernet0/2         : address is 2c54.2d0f.88aa, irq 255
 4: Ext: Ethernet0/3         : address is 2c54.2d0f.88ab, irq 255
 5: Ext: Ethernet0/4         : address is 2c54.2d0f.88ac, irq 255
 6: Ext: Ethernet0/5         : address is 2c54.2d0f.88ad, irq …
0
Hi All,

We have just moved to Kaspersky EndPoint security 10 (10.3.0.6294) from Sophos.
Some of the users have complained that now it takes them few minutes when they start there computer in morning and when they shutdown.
Is there anyway we can monitor whats taking up resources when the computer starts and how can we minimize Kaspersky resource utilization?

thanks.
0
Hi Experts,
I got some errors when trying to install a Windows Service app on a production server.  The application deployed successfully on my machine, but not production\network server.

Here is the 1st error I got:
An exception occurred during the Install phase.
System.ComponentModel.Win32Exception: The trust relationship between the primary domain and the trusted domain failed

To fix the error above, I prefixed the Username with the domain (sample format:  Domain\username).  I also put in the correct password,

I then got  the 2nd error (see below):  
An exception occurred during the Install phase.
System.ComponentModel.Win32Exception: No mapping between account names and security IDs was done

Any idea what needs to be done to get my Windows Service deployed properly?  

Thank you in advance for your help,
Mrotor
0
Can someone recommend a safe Bit Torrent downloader for Mac OS X Sierra?  Previously the user has Utorrent, but MalwareBytes Mac 3  and Trend Micro quarantined them.

I told the user that the 'torrents' are where all the Ransomware for Mac seems to originate from, so they have been warned.  

Thanks.
0

Security

23K

Solutions

23K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.