FTP Server request time out problem.
Please provide more information about computer 2. Is it on the same network as computer 1? Is there a long distance between the computer 2 and the FTP server? If pings are intermittent and timing out, then this is likely more of a networking problem at computer 2 than it is a problem with the [...]
View Answer
| May 27, 2009 6:58 PM
FTP Server, Red Hat Enterprise Linux, RHEL, SFTP, Very Secure FTP Daemon, VSFTPD
Please provide more information about computer 2. Is it on the same network as computer 1? Is there a long distance between the computer 2 and the FTP server? If pings are intermittent and timing out, then this is likely more of a networking problem at computer 2 than it is a problem with the [...]
View Answer
| May 27, 2009 6:58 PM
FTP Server, Red Hat Enterprise Linux, RHEL, SFTP, Very Secure FTP Daemon, VSFTPD
How to locally authenticate users using PPTP on a local PIX firewall
It is easy to implement a RADIUS server using Microsoft Internet Authentication Services (IAS). You can use this method in combination with the PIX and authenticate users or configure local RADIUS on the PIX. Cisco has some example configurations for <a href=”http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080093f89.shtml”>PPTP using PIX</a>. <a href=”http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094a5a.shtml”>PPTP/LT2P</a>. Here’s another article that might be most useful on [...]
View Answer
| May 27, 2009 6:58 PM
Authentication, Datacenter Server, Firewalls, Network firewalls, Network security, Networking, PIX, Point-to-point tunneling protocol (PPTP), PPTP, Tunneling, Windows 2003 networking, Windows Server 2003
It is easy to implement a RADIUS server using Microsoft Internet Authentication Services (IAS). You can use this method in combination with the PIX and authenticate users or configure local RADIUS on the PIX. Cisco has some example configurations for <a href=”http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080093f89.shtml”>PPTP using PIX</a>. <a href=”http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094a5a.shtml”>PPTP/LT2P</a>. Here’s another article that might be most useful on [...]
View Answer
| May 27, 2009 6:58 PM
Authentication, Datacenter Server, Firewalls, Network firewalls, Network security, Networking, PIX, Point-to-point tunneling protocol (PPTP), PPTP, Tunneling, Windows 2003 networking, Windows Server 2003
Error 1920 while installing McAfee Antivirus 8.7
See if this <a href=”http://forums.mcafeehelp.com/showthread.php?t=127514″>McAfee community support thread</a> will help you with this issue. Check out this <a href=”http://community.mcafee.com/showthread.php?t=228123&highlight=error+1920″>thread on 8.7i patch 1</a> also. In the IT trenches? So am I – read my <a href=”http://itknowledgeexchange.techtarget.com/it-trenches”>IT-Trenches blog</a>
View Answer
| May 27, 2009 6:58 PM
Antivirus, Error 1920, McAfee Antivirus 8.7
See if this <a href=”http://forums.mcafeehelp.com/showthread.php?t=127514″>McAfee community support thread</a> will help you with this issue. Check out this <a href=”http://community.mcafee.com/showthread.php?t=228123&highlight=error+1920″>thread on 8.7i patch 1</a> also. In the IT trenches? So am I – read my <a href=”http://itknowledgeexchange.techtarget.com/it-trenches”>IT-Trenches blog</a>
View Answer
| May 27, 2009 6:58 PM
Antivirus, Error 1920, McAfee Antivirus 8.7
Microsoft ISA Server 2000 – Firewall service deliberately stopped – Want to allow ping.
It may be just a simple matter of opening any external firewall before the ISA box to permit ICMP to reach this ISA server. However, ICMP is not really a good thing to leave open really. It can be used as an attack vector. I would recommend enabling a firewall and permitting only ICMP from [...]
View Answer
| May 27, 2009 6:57 PM
Firewalls, ICMP, Internet Control Message Protocol, ISA Server, ISA Server 2000, Ping, Web security, Windows Server 2003
It may be just a simple matter of opening any external firewall before the ISA box to permit ICMP to reach this ISA server. However, ICMP is not really a good thing to leave open really. It can be used as an attack vector. I would recommend enabling a firewall and permitting only ICMP from [...]
View Answer
| May 27, 2009 6:57 PM
Firewalls, ICMP, Internet Control Message Protocol, ISA Server, ISA Server 2000, Ping, Web security, Windows Server 2003
Use PowerShell to contact a certificate authority and get a list of issued certificates
Here’s a recent <a href=”http://www.microsoft.com/communities/newsgroups/en-us/default.aspx?dg=microsoft.public.windows.powershell&tid=350ff6af-1055-40d9-9ac2-3dadd8eecbb6&cat=en_US_3750E87B-4971-4A5C-A537-45F5D7ABBECC&lang=en&cr=US&sloc=&p=1″>Microsoft community thread</a> on this topic. Check out the <a href=”http://blogs.msdn.com/adpowershell/archive/2009/04/26/working-with-certificates.aspx”>AD Powershell blog about working with certificates</a>. In the IT trenches? So am I – read my <a href=”http://itknowledgeexchange.techtarget.com/it-trenches”>IT-Trenches blog</a>
View Answer
| May 27, 2009 5:58 PM
Certificate authority, PowerShell, Remote certificate
Here’s a recent <a href=”http://www.microsoft.com/communities/newsgroups/en-us/default.aspx?dg=microsoft.public.windows.powershell&tid=350ff6af-1055-40d9-9ac2-3dadd8eecbb6&cat=en_US_3750E87B-4971-4A5C-A537-45F5D7ABBECC&lang=en&cr=US&sloc=&p=1″>Microsoft community thread</a> on this topic. Check out the <a href=”http://blogs.msdn.com/adpowershell/archive/2009/04/26/working-with-certificates.aspx”>AD Powershell blog about working with certificates</a>. In the IT trenches? So am I – read my <a href=”http://itknowledgeexchange.techtarget.com/it-trenches”>IT-Trenches blog</a>
View Answer
| May 27, 2009 5:58 PM
Certificate authority, PowerShell, Remote certificate
email attachments
Unless someone intercepts your email by hacking your computer or account then the image you send them will only be viewable to them. Personal email is personal, not public. ================ Email logs may be maintained by hosts through which the messages travel. These logs may have the names of the attachment files and sizes. It [...]
View Answer
| May 26, 2009 2:29 PM
Email attachments, pictures, Search engines, Secure email
Unless someone intercepts your email by hacking your computer or account then the image you send them will only be viewable to them. Personal email is personal, not public. ================ Email logs may be maintained by hosts through which the messages travel. These logs may have the names of the attachment files and sizes. It [...]
View Answer
| May 26, 2009 2:29 PM
Email attachments, pictures, Search engines, Secure email
Security Audit Tips and Tricks for antivirus?
<a href=”http://technet.microsoft.com/en-us/sysinternals/bb896642.aspx”>Filemon</a> displays file system activity in real time. ===================== Try the following: Antivirus Strategy 1. Ensure that there is an Antivirus strategy documents. 2. Ensure that the Antivirus covers Servers as well as end user. 3. review the frequency of Antivirus update. 4.Ensure that the Antivirus server is updated whenever there is virus announcement. [...]
View Answer
| May 26, 2009 2:21 PM
Antivirus Security Audit
<a href=”http://technet.microsoft.com/en-us/sysinternals/bb896642.aspx”>Filemon</a> displays file system activity in real time. ===================== Try the following: Antivirus Strategy 1. Ensure that there is an Antivirus strategy documents. 2. Ensure that the Antivirus covers Servers as well as end user. 3. review the frequency of Antivirus update. 4.Ensure that the Antivirus server is updated whenever there is virus announcement. [...]
View Answer
| May 26, 2009 2:21 PM
Antivirus Security Audit
FOG, Smoothwall School Guardian and DHCP
Hey Following: http://www.fogproject.org/wiki/index.php?title=FOGUserGuide#Modifying_existing_DHCP_server_to_work_with_FOG On School Guardian, you’d implement as follows: – in Services > DHCP > DHCP Server, select your subnet and click the advanced button – under “TFTP server” enter the IP of your FOG server (“TFTP Server” field = DHCP “nextserver” field) – under “Network boot filename” enter the filename on the TFTP [...]
View Answer
| May 26, 2009 1:09 PM
DHCP Server Configuration, FOG, PXE, SchoolGuardian, Smoothwall
Hey Following: http://www.fogproject.org/wiki/index.php?title=FOGUserGuide#Modifying_existing_DHCP_server_to_work_with_FOG On School Guardian, you’d implement as follows: – in Services > DHCP > DHCP Server, select your subnet and click the advanced button – under “TFTP server” enter the IP of your FOG server (“TFTP Server” field = DHCP “nextserver” field) – under “Network boot filename” enter the filename on the TFTP [...]
View Answer
| May 26, 2009 1:09 PM
DHCP Server Configuration, FOG, PXE, SchoolGuardian, Smoothwall
Exchange Client extensions in Outlook 2007
Do you have an image you use to install the OS on your client pc’s? If so update the image with an installation of Symantec that does not include the outlook extension. If you do a complete install from scratch, then make sure this is not included when you run the symantec install. As for [...]
View Answer
| May 25, 2009 9:31 PM
Exchange administration, Exchange Client Extensions, Outlook, Outlook 2007, Symantec AntiVirus
Do you have an image you use to install the OS on your client pc’s? If so update the image with an installation of Symantec that does not include the outlook extension. If you do a complete install from scratch, then make sure this is not included when you run the symantec install. As for [...]
View Answer
| May 25, 2009 9:31 PM
Exchange administration, Exchange Client Extensions, Outlook, Outlook 2007, Symantec AntiVirus
Some of my users cannot see other computers in domain
Hello Mehnaz please chek the permissions of your users make the users member of domain users then go to start->run->”gpupdate” then logoff login with administrator,this will solve your problem. (as well as update your antivirus regularly and scan it daily as you are the internet user).
View Answer
| May 23, 2009 12:17 PM
User Permissions, Windows Server 2003, Windows Server 2003 administration, Windows XP
Hello Mehnaz please chek the permissions of your users make the users member of domain users then go to start->run->”gpupdate” then logoff login with administrator,this will solve your problem. (as well as update your antivirus regularly and scan it daily as you are the internet user).
View Answer
| May 23, 2009 12:17 PM
User Permissions, Windows Server 2003, Windows Server 2003 administration, Windows XP
iSeries on the Web – some pages HTTP, some HTTPS?
You can make one site non SSL and another site with SSL for example, http://www.web.com and https://secure.web.com. This is a <a href=”http://www.codeproject.com/KB/web-security/WebPageSecurity_v2.aspx”>good article </a>on how to set this up using a web.config file.
View Answer
| May 22, 2009 11:16 PM
HTTP, HTTPS, iSeries, iSeries security, Web security
You can make one site non SSL and another site with SSL for example, http://www.web.com and https://secure.web.com. This is a <a href=”http://www.codeproject.com/KB/web-security/WebPageSecurity_v2.aspx”>good article </a>on how to set this up using a web.config file.
View Answer
| May 22, 2009 11:16 PM
HTTP, HTTPS, iSeries, iSeries security, Web security
Wireless Network design puzzle
This is an interesting approach. Seems a little complex if you’re just looking for basic connectivity. What’s your philosophy behind this? ————————————————— Place an access point at each server for redundency and put a bridge at each end point. That should preserve your IP schema. Look for devices that can be remotely managed. Since you [...]
View Answer
| May 22, 2009 2:43 PM
3Com Wireless 7760 Access Point, Bridge pc, Bridges, Linux desktops, Network design, PtMP, PtP, Static IP, Windows Server, Wireless Access Points, Wireless networking
This is an interesting approach. Seems a little complex if you’re just looking for basic connectivity. What’s your philosophy behind this? ————————————————— Place an access point at each server for redundency and put a bridge at each end point. That should preserve your IP schema. Look for devices that can be remotely managed. Since you [...]
View Answer
| May 22, 2009 2:43 PM
3Com Wireless 7760 Access Point, Bridge pc, Bridges, Linux desktops, Network design, PtMP, PtP, Static IP, Windows Server, Wireless Access Points, Wireless networking
How to configure Cisco PIX 525 to record SSH logon connections?
I think you need to use AAA to get it logging. This can use the local information in the config, but has to implicitly use AAA and it is the accounting bit that generates the syslog message. Have a look at the following, but just ignore all the ACS bit, but the final section shows [...]
View Answer
| May 22, 2009 7:11 AM
AIX, Cisco, Cisco Firewall, Cisco PIX 525, Firewalls, PIX 525, SSH, Syslog
I think you need to use AAA to get it logging. This can use the local information in the config, but has to implicitly use AAA and it is the accounting bit that generates the syslog message. Have a look at the following, but just ignore all the ACS bit, but the final section shows [...]
View Answer
| May 22, 2009 7:11 AM
AIX, Cisco, Cisco Firewall, Cisco PIX 525, Firewalls, PIX 525, SSH, Syslog
iipsec vpn between cisco routers, using dsl modem(NAT ROUTER)
I would make sure that the dsl modem is configured to pass all protocols, and is not trying to do the VPN itself, that is a common reason for problems. If it still does the nat, that is OK, but also make sure that the nat translates the ‘real’ fixed IP address and forwards that [...]
View Answer
| May 21, 2009 8:29 PM
Cisco Routers, IPsec, IPsec VPN, NAT, VPN, VPN design
I would make sure that the dsl modem is configured to pass all protocols, and is not trying to do the VPN itself, that is a common reason for problems. If it still does the nat, that is OK, but also make sure that the nat translates the ‘real’ fixed IP address and forwards that [...]
View Answer
| May 21, 2009 8:29 PM
Cisco Routers, IPsec, IPsec VPN, NAT, VPN, VPN design
Information about SOCs
Sorry I haven’t been very clear with what i mean by SOC – I am after some information regarding Security Analysts. Please can any one help? Thanks!
View Answer
| May 21, 2009 2:53 PM
Security, Security operations center, SOC
Sorry I haven’t been very clear with what i mean by SOC – I am after some information regarding Security Analysts. Please can any one help? Thanks!
View Answer
| May 21, 2009 2:53 PM
Security, Security operations center, SOC
How to do a security assessment in a hospital environment?
Your question is very broad. In what context? What type of employee? What type of assessment (technical or operational)?
View Answer
| May 19, 2009 3:26 PM
Risk management, Security accessment, Security audits
Your question is very broad. In what context? What type of employee? What type of assessment (technical or operational)?
View Answer
| May 19, 2009 3:26 PM
Risk management, Security accessment, Security audits
Obfuscation of destination IP address
I am sceptical as well… As far as a router is concerned, the destination IP is just 32 bits. The router examines the 32 bit number to determine whether it has a route that the destination IP address falls under. If it does, it forwards the packet out the appropriate interface, if it does not, [...]
View Answer
| May 18, 2009 10:41 PM
catq, Hacking tools and techniques, IP address, Network security, Obfuscation, Packets, Routers
I am sceptical as well… As far as a router is concerned, the destination IP is just 32 bits. The router examines the 32 bit number to determine whether it has a route that the destination IP address falls under. If it does, it forwards the packet out the appropriate interface, if it does not, [...]
View Answer
| May 18, 2009 10:41 PM
catq, Hacking tools and techniques, IP address, Network security, Obfuscation, Packets, Routers
Audit Question – Force user signoff after inactivity
Hi, *ENDJOB will terminate the job and *DSCJOB wil put it in a temporary disconnection state and will be restored when user sign-in again. Regards, Wilson
View Answer
| May 18, 2009 6:52 PM
AS/400 passwords, AS/400 security, DSCJOB, ENDJOB, Password synchronization, QINACTMSGQ
Hi, *ENDJOB will terminate the job and *DSCJOB wil put it in a temporary disconnection state and will be restored when user sign-in again. Regards, Wilson
View Answer
| May 18, 2009 6:52 PM
AS/400 passwords, AS/400 security, DSCJOB, ENDJOB, Password synchronization, QINACTMSGQ
How do you deny a local administrator the capability to RDP?
Add those accounts to the “Deny log on through Remote Desktop Services” policy either locally on the server in question, or via GPO. Works on everything Windows 2000 SP2 and newer.
View Answer
| May 17, 2009 4:48 AM
Deny RDP, Local Administrator Rights, Local Administrators Group, RDP, Remote desktop management, User Permissions
Add those accounts to the “Deny log on through Remote Desktop Services” policy either locally on the server in question, or via GPO. Works on everything Windows 2000 SP2 and newer.
View Answer
| May 17, 2009 4:48 AM
Deny RDP, Local Administrator Rights, Local Administrators Group, RDP, Remote desktop management, User Permissions
Restore configuration for ASA 5520
Well,.. Show Running config in new window gives you a CLI script, that u can paste in global config mode to paste it back.. thats how i prefer.. Not really sure how it can be done with ASDM
View Answer
| May 16, 2009 8:11 PM
ASDM, Cisco ASA, Cisco ASA 5520, Cisco ASA Backup, Cisco ASA Backup & Restore
Well,.. Show Running config in new window gives you a CLI script, that u can paste in global config mode to paste it back.. thats how i prefer.. Not really sure how it can be done with ASDM
View Answer
| May 16, 2009 8:11 PM
ASDM, Cisco ASA, Cisco ASA 5520, Cisco ASA Backup, Cisco ASA Backup & Restore
