Security

25K

Solutions

24K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hi, This may be the stupidest question ever asked here but I would like to know.  When you put Windows laptop to sleep, does that automatically prevent someone from accessing it via WIFI?  If you are not going to use it overnight, should you disable the WIFI for security reasons? Thanks
0
ON-DEMAND: 10 Easy Ways to Lose a Password
LVL 1
ON-DEMAND: 10 Easy Ways to Lose a Password

Learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees in this on-demand webinar. We cover the importance of multi-factor authentication and how these solutions can better protect your business!

This page opens when we open IE.
When we turn on the computer there is a popup lower right.
Maybe it stops after the deadline to save 50% and maybe not.
Does Windows 7 have some enemy list that we could add to?

0
In a meeting we were told that it is possible to know or identify if a user hit a specific page and it’s contents even if the page is locked.  We understand that when a page has a lock it means SSL and that the data to/fro from the site to computer is encrypted.  Is this possible that even thought the page has a lock, there is  a way to identify the encrypted page that the user visited and identify the contents, if it has form or just regular page?
0
I have installed an MS Access .accde in C:\Program Files (x86)\Contacts and when I run it I get the message 'A potential security concern has been identified.'

How do I overcome this?

Thanks in advance.
0
Does anyone know what's the maximum distance (if any) for the key readers in the building?  From the electronic panel to the key reader.  
We use keyfobs for the building.  Sometimes one or two doors key readers (out of 5 total) do not react to the keyfobs.  And that those that farthest away from the electronic panels inside the Telco room.   So my suspicious would be a distance limit but I would be completely wrong.
Any knowledge in this?  Thanks.
0
is it possible to track every item that is copied off the network or computer to an external device?
0
Getting Windows security prompts Win 7 Pro clients logging onto Synology NAS DS1515+ that worked until yesterday.  Domain users with admin access to the NAS are not able to login. Server is 2012 Foundation

Also getting multiple prompts when accessing the NAS via a web browser (revocation info not available, Synology certificate cannot be verified to a trusted certificate authority), integrity cannot be verified, ...) . Certificate is valid through 2036 & about 15 OKs allow the website to display.
That may or may not be related but is also recent.

Possible Windows not allowing logon with certificate issues?
0
Hi

We have an instance of Backup Exec 2012 running on a Server 2008 R2 box.  This server also runs Exchange Server 2013.

In order to comply with PCI DSS we have disabled TLS1.0, SSL 3.0 and Triple DES 168.  Exchange is working fine but we have noticed that we cannot start the Backup Exec services.

We are planning to change out backup solution shortly, so we don't want to upgrade, but in the meantime I have read that enabling FIPS compliant cryptography would fix the problem.  I can make this change but I am concerned about breaking Exchange.

Should I be able to enable FIPs in the interim ?

Thanks
0
I'm attempting to create new Group Policies which will improve security within my domain. Obviously, before I deploy the policies live, I'd like to test them to make sure they won't affect my clients connectivity. However, I'm having a hard time coming up with a good way to test policies which could affect connection between my clients and my servers. I have some old domain controllers and servers which I am unsure of whether or not they'll be capable of meeting the requirements I'm trying to implement.

Obviously, simply deploying the Group Policies to the entire network would be a bad idea. Ergo, I'd like to test the policies being applied to those servers on only select clients.
 However, I cannot come up with a good way to test those policies. We do have primary and secondary domain controllers, and it would be possible to use Item Level Targeting to isolate policies the secondary controllers, then point our testing machines at the secondary controllers and test. But when I consider the potential consequences of doing that, I can't help but wonder if there's a better way.

Does anybody have any suggestions? What am I missing, or forgetting about?
0
I need advice in setting up a Windows 10 Lab that resides on a domain.  All the computers will have the same login.  Its a lab for kids so you can imagine they will be trying to get onto bad stuff a lot.  Btw, all the computers are laptops, if that has any bearing.  At first I was thinking that maybe I need to get a software called deepfreeze so that the computer is new after each restart, but on second thought I'm thinking that I need to give the users a restricted account where they are able to not change much of anything.  Is there any way I can do this from Windows 2008 server and set a tight group policy or profile that would allow the least amount of changes to the computer?  Can I also create something that prevents them from saving documents or changing the browser settings?
0
Increase Security & Decrease Risk with NSPM Tools
Increase Security & Decrease Risk with NSPM Tools

Analyst firm, Enterprise Management Associates (EMA) reveals significant benefits to enterprises when using Network Security Policy Management (NSPM) solutions, while organizations without, experienced issues including non standard security policies and failed cloud migrations

Dear Experts

We would like to restrict users from internet (though they have login for the application server)  our objective is  users who have application login access  should still be allowed based on their mac address,  first level at our firewall check mac id allow or reject then second level application level authenticate , we are completely okay to allow the users who work from remote office which has strong firewall but the same users from their home or internet then mac id to be checked and it is not from the accepted mac id then it should deny the access . application is webbased linux , apache and mysql .below are my doubts
  I have been as asked this to implement however I am not sure the users who access this application is from their office  behind the firewall and they will have to pass their firewall in this case will it be still possible to validate user mac addess and grant or reject access from our firewall,  is this possible ,  through vpn is fine but what if vpn details are known to others and if they access from their systems hence mac restriction is been asked, can you please suggest control based on mac is it good to go or is there better solutions , thanks in advance.
0
I have a couple of servers that are not logging successful or failed logins.

The GPO Audit Policy is set and being properly assigned to the servers, validated by gpresult.

Audit account logon events     Success, Failure
Audit account management    Success, Failure
Audit logon events                     Success, Failure.

Is there a command line utility (e.g. auditpol) that can show me if there are any filters applied to cause failed logons to not show in the security event log?

Is there anything else I can check to find out if these events are getting filtered before they land in the security event log?

Getting a little nervous about this as the affected servers are production machines.

Any help is appreciated, thanks.
0
I have a machine well, a user's profile infected with Nozelesn ransomware.  Is there anyway to clean it?
0
Hi Guys,

We have a Windows 2012 file server with a document directory structure which includes security groups and user permissions on the domain.

We have a requirement for higher security, documents to be encrypted and a record of all files being opened, copied, printed, etc.

I guess a document management system is the ideal solution, but to which extend can a document be monitored once it is saved outside the document management system, such as on the users' desktop?

Any recommendations?
0
i need help with opening and viewing the footage on a .n3r file
its from a panasonic camera unit and i dont have the viewer from the camera.
i have looked and tried various programs but no joy.
Any help that can br given is greatly appreciated.
Thank you.
0
Windows 10 Version 1803, not getting applied with any GPOs. The Domain is windows 2008 R2. Updated with Windows 10 April 2018 Update (1803) Policy definitions to the central store.  Tried with  new GPOs but in vain. UNC path access for SYSVOL and NETLOGON are ok from the client side.
Can someone help me out?
0
I have a local domain that has never had Microsoft Exchange setup. I'm migrating from one cloud-based email solution to Exchange Online (Office 365). There is *not* an on-premise Exchange server and will not be, as I know this is possible if there were. Without an on-premise Exchange, is it possible to mail-enable my security groups sync'd up?
0
I need help -

From PayPal -
Merchants and partners use HTTPS to securely connect with PayPal’s servers. We use the Transport Layer Security (TLS) protocol to encrypt these communications. To ensure the security of our systems and adhere to industry best practices, PayPal is updating its services to require TLS 1.2 for all HTTPS connections. At this time, PayPal will also require HTTP/1.1 for all connections.


I can't get this to work on my Azure VM.
0
This message is sent to me, from me and on behalf of me. Upon clicking the reply key I see the real sender. I have tried to options and add to the blocked list and also open the blocked content and unsubscribe them (meggannsmith6) to hopefully get them blocked by the actual company with the unsubscribe link.
This person is sending me multiple messages each day in two accounts and I changed the passwords and no luck.
What is the solution?
0
Managing Security & Risk at the Speed of Business
Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

Are 32 bit computers at a higher risk of Anti-Virus, Malware or Ransomware infections?

We have a few left and I need to know if I should trash them ASAP.
0
Distribution Group to Security Group

I have a Domain Local\Distribution group in Active Directory, that I need to add to Mailbox Delegation in Exchange server, but when I try it in Mailbox Delegation, I can not see the Distribution group listed. Then I thought probably I need to convert the Distribution Group to Security Group, However I am not sure what would be the negative impact.
is the group going to loose any rights somewhere/somehow  or will it gain extra rights ?

any help on this ?

Thank you
0
How can I use " Loopback processing "  In Group Policy Management  to apply a user configuration to a computer. ?

For Example I want to stop users from saving files to their hard drives on their computer.  
The problem I have is the policy I need to do this is located in " user configuration " instead being in computer configuration  and I want to apply the Policy directly to the computer.

Thanks
0
I need stop users from Saving files locally onto their " computers" hard drives.     I am open to different methods as follows.  How can I do any of these.
1. Editing the registry
2. Creating a security group
3. Changing the rights on the computer  C drives themselves.
4. Changing GPO locally on the computer.

The computer is Windows 7 professional, the domain they login to is Windows 2008r2.
0
Will submitting a login form with a POST request over HTTPS be enough security or are there other precautions I should take? This project is also being built in Angular if there are any specific considerations.
0
As we do not know the various subnets/VLANs in the network and all the devices on it,
is there a feature in Nessus scanner that will 'auto discover or crawl' to get all subnets
& IP addresses?  What's this feature called in Nessus?

It will help give an inventory (hardware type and OS versions ie fingerprinting)
0

Security

25K

Solutions

24K

Contributors

Security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. Computer systems now include a very wide variety of "smart" devices, including smartphones, televisions and tiny devices as part of the Internet of Things -– and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.