Five Steps to Improve Internal Network Security. Chattanooga Information security Professionals

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Five Steps to Improve Internal Network Security. Chattanooga Information security Professionals"

Transcription

1 Five Steps to Improve Internal Network Security Chattanooga Information security Professionals

2 Who Am I? Security Analyst: Sword & Shield Blogger: averagesecurityguy.info Developer: github.com/averagesecurityguy I have been in IT since 2000 and in Information Security since I have worked as a programmer, technical trainer, system administrator, and information security auditor. I currently work as a Security Analyst at Sword & Shield, I maintain a blog at averagesecurityguy.info, and I have developed a few small projects, which are on github.com/ averagesecurityguy.

3 Since 1997 Sword & Shield Enterprise Security has been the trusted information security partner for more than 3,000 clients in all 50 states and 27 countries around the globe. We serve clients in the financial, health care, retail, manufacturing, energy & utilities, and education sectors.

4 Five Steps 1. Disable LM Hashes 2. Change Shared Local Admin Passwords 3. Disable Open File Shares 4. Change Default/Blank Passwords 5. Disable RDP Access

5 Disclaimer I see most things in black and white with a few shades of grey coming into focus once in while. Disable is very black and white and may not be suitable for all situations. If disabling RDP or open file shares does not work for you consider implementing other mitigating factors such as restricting access by IP address. As for the rest, I will remain emphatically black and white.

6 Disable LM Hashes LM is a weak hashing algorithm, which breaks 14 character or less passwords into two easily cracked 7 character or less passwords. Many tools exist to crack LM hashes. Ophcrack, John the Ripper, and Hashcat

7 Disable LM Hashes Group Policy 1. Open Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options 2. Network security: Do not store LAN Manager hash value on next password change. Local Machine 1. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control \Lsa 2. Add DWORD NoLMHash 3. Set the value to 1 LM hashes are disabled by default in Windows Vista and above including Server 2008.

8 Disable LM Hashes Are You Sure? LM Hashes are not saved to disk but are still created in memory, which means they can be extracted and cracked.* The only solution is to use 15 character passwords. *

9 Disable LM Hashes Rainbowtables provide the best results for cracking LM hashes. I use both rcracki_mt and ophcrack for cracking LM hashes. Rcracki_mt cracked all 114 passwords in ~38 minutes including the most complex passwords. Ophcrack was able to crack 96 of them in 7.5 minutes, failing to get only the most complicated passwords. Fortunately, one of the passwords cracked was a domain admin account.

10 Ophcrack Demo

11 Change Shared Local Admin Passwords It is very common for the same local administrator password to be used throughout an organization. Once an attacker has the shared password he has control of a large portion of the organization. A recent client had multiple AD domains in use. I compromised a machine in one domain and cracked the local administrator password. Since this password was reused throughout the organization, I was able to access machines in the other domains and eventually obtained Domain Admin access on multiple domains.

12 Change Shared Local Admin Passwords Here are some of the 240 computers in this organization using the same admin password.

13 These methods will apply the new passwords to all computers affected by the GPO, which defeats the purpose if all computers are under the same GPO. I would recommend having workstations, servers, and Domain Controllers placed in separate OUs with appropriate GPOs applied and a different admin password for each group. I would also recommend all local administrator passwords be at least 15 characters to avoid LM hashes. Change Shared Local Admin Passwords 2003 AD Domain You can create a VB script and place it in the logon scripts of the GPO or run it as a standalone script with a list of computers to modify AD Domain 1. Open Computer Configuration -> Preferences -> Control Panel Settings -> Local Users and Groups 2. Right-click and select New -> Local User 3. In the dialog box set the Action to Update, set the Username to Administrator, and put in the password twice. * When placing a script in the GPO you risk exposing the password of the domain admin account used in the script. One option would be to setup the script, force a reboot of the client machines so the script gets applied, and then remove the script. Another option would be to run the script as a domain admin outside of the GPO. A list of computers would need to be supplied to the script to automate the process.

14 Disable Open File Shares Client 1 All shares on the primary file server were open and I found Protected Health Information and the source code to the client s web site, including database credentials. Client 2 A user was sharing files with Windows Simple File Sharing in Windows XP. The user shared a document containing passwords used by the marketing department, including passwords to the Facebook account and mailing list system. Also look for anonymous FTP servers, which can be excellent sources of sensitive files.

15 Disable Open File Shares I was able to access his Password1 database and Dropbox data.

16 Disable Open File Shares World writeable root owned files on an NFS share. We could add a script here or modify an existing script to run malicious code. I believe this was because squash root was not configured properly.

17 Disable Open File Shares Notice the root folder and the HIPAA folder.

18 Disable Open File Shares This was the file server for a law firm. Lots of case files in here.

19 Disable Open File Shares Windows Shares 1. Open Folder Options 2. Go to the View tab 3. Uncheck Use Simple File Sharing 4. View the Properties for a Folder 5. Go to the Sharing tab and set the permissions to Everyone Full Control 6. Go to the Security tab and set appropriate NTFS permissions.

20 Disable Open File Shares NFS Shares 1. Edit/etc/exports to ensure only appropriate directories are listed. 2. For each directory, ensure only the appropriate IP addresses are granted access. 3. Check the options for each IP address to ensure read/write permissions are set correctly. 4. Ensure root is properly squashed.

21 Change Default/Blank Passwords Blank sa passwords in MSSQL can lead to full machine compromise. Blank local administrator passwords allow full machine compromise. My favorite are default/blank passwords on devices like printers, scanners, UPSs, and blade management servers. Default and blank passwords are everywhere. I have compromised servers using blank sa passwords, blank local admin passwords, and default Apache Tomcat passwords. In one case I had access to the UPS web management server and could have shutdown the clients entire network by powering down the VM servers.

22 Change Default/Blank Passwords My preference is to put management systems on a separate network. If that is not possible then use a firewall to restrict access to the management interface. At a minimum a strong password should be used on the management interface.

23 Change Default/Blank Passwords Want to see every fax sent to the president of the company? Just change the address.

24 Change Default/Blank Passwords No credentials were necessary to access this page. Shall we launch a console?

25 Change Default/Blank Passwords A default password can get you console access?

26 Change Default/Blank Passwords Yes, I did get console access to the server but unfortunately no one was logged in at the console.

27 Change Default/Blank Passwords My personal favorite was a default password on an IBM iseries server. This is a screenshot of an FTP login but the default credentials also gave me SSH access and external Telnet access.

28 Change Default/Blank Passwords There is no automated method for fixing this issue. You can use tools like Nessus to help you identify vulnerable services but Nessus can not find everything. During a typical pentest, I manually browse to almost every web server found. Nessus will find most of the dangerous stuff like blank admin/root passwords, blank sa passwords, and Apache tomcat default passwords. Nessus can not determine weak passwords though.

29 Change Default/Blank Passwords Identify devices such as routers, switches, printers, and faxes. Disable any services not needed such as web servers and FTP. Put a strong password on any services that are not disabled. My preference is to disable the Web management functionality on most systems. If you can t do that, then restrict access to only specific IP addresses and make sure a strong password is used.

30 Change Default/Blank Passwords Default Password Lists:* *Visit these at your own risk. These are some web sites that maintain lists of default passwords. You can also do google searches for default passwords. For odd devices you can typically find the default passwords in the product manual.

31 Disable RDP Access Once logged in attacker has full control of machine. Local Administrator account cannot be logged out. (Morto Worm) MS12-020: Currently DOS only but RCE may become available soon. (Will be wormable.)

32 Disable RDP Access Morto Worm: The Morto worm scans a network for machines running RDP and attempts to login using the administrator account and a list of weak passwords. After it logs in it copies itself to the new machine, searches for other vulnerable machines and, it calls back to a C&C server to await commands.* *http://www.f-secure.com/v-descs/worm_w32_morto_a.shtml

33 Disable RDP Access MS12-020: The update in MS fixes a vulnerability in RDP, which is present in all versions of Windows.* Newer versions of RDP use network level authentication (NLA), which requires an attacker to authenticate to the server before connecting to the RDP service, but this does not fix the underlying vulnerability. The only fix is to apply the update. * **

34 Disable RDP Access Group Policy (Server 2003) 1. Open Computer Configuration -> Administrative Templates -> Windows Components -> Terminal Services 2. Set Allow users to connect remotely using Terminal Services to disabled.* * RDP is disabled by default in Windows XP / Server 2003 and above. Use Group Policy to ensure it stays disabled. Watch out for Windows 2000 machines, vendor system, etc. Use nmap to scan the network for RDP.

35 Disable RDP Access Group Policy (Server 2008) 1. Open Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Connections 2. Set Allow users to connect remotely using Remote Desktop Services to disabled.* *

36 Questions about the Five Steps? 1. Disable LM Hashes 2. Change Shared Local Admin Passwords 3. Disable Open File Shares 4. Change Default/Blank Passwords 5. Disable RDP Access

37 Five Steps to Improve Internal Network Security Chattanooga Information security Professionals

Five Steps to Improve Internal Network Security. Chattanooga ISSA

Five Steps to Improve Internal Network Security. Chattanooga ISSA Five Steps to Improve Internal Network Security Chattanooga ISSA 1 Find Me AverageSecurityGuy.info @averagesecguy stephen@averagesecurityguy.info github.com/averagesecurityguy ChattSec.org 2 Why? The methodical

More information

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users SyAM Management Utilities and Non-Admin Domain Users Some features of SyAM Management Utilities, including Client Deployment and Third Party Software Deployment, require authentication credentials with

More information

Application Note 8: TrendView Recorders DCOM Settings and Firewall Plus DCOM Settings for Trendview Historian Server

Application Note 8: TrendView Recorders DCOM Settings and Firewall Plus DCOM Settings for Trendview Historian Server Application Note 8: TrendView Recorders DCOM Settings and Firewall Plus DCOM Settings for Trendview Historian Server DCOM Configuration Introduction This document is intended to provide a check-list of

More information

Configuring a Windows 2000 Domain Controller as a Scan Repository

Configuring a Windows 2000 Domain Controller as a Scan Repository Xerox Multifunction Devices June 26, 2003 for the user Configuring a Windows 2000 Domain Controller as a Scan Repository Purpose This document describes the procedures to set up a Windows 2000 Domain Controller

More information

Kaseya Server Instal ation User Guide June 6, 2008

Kaseya Server Instal ation User Guide June 6, 2008 Kaseya Server Installation User Guide June 6, 2008 About Kaseya Kaseya is a global provider of IT automation software for IT Solution Providers and Public and Private Sector IT organizations. Kaseya's

More information

Kepware Technologies Remote OPC DA Quick Start Guide (DCOM)

Kepware Technologies Remote OPC DA Quick Start Guide (DCOM) Kepware Technologies Remote OPC DA Quick Start Guide (DCOM) March, 2013 Ref. 03.10 Kepware Technologies Table of Contents 1. Overview... 1 1.1 What is DCOM?... 1 1.2 What is OPCEnum?... 1 2. Users and

More information

LepideAuditor Suite for File Server. Installation and Configuration Guide

LepideAuditor Suite for File Server. Installation and Configuration Guide LepideAuditor Suite for File Server Installation and Configuration Guide Table of Contents 1. Introduction... 4 2. Requirements and Prerequisites... 4 2.1 Basic System Requirements... 4 2.2 Supported Servers

More information

Setting Up Scan to SMB on TaskALFA series MFP s.

Setting Up Scan to SMB on TaskALFA series MFP s. Setting Up Scan to SMB on TaskALFA series MFP s. There are three steps necessary to set up a new Scan to SMB function button on the TaskALFA series color MFP. 1. A folder must be created on the PC and

More information

Quick Start Guide for Parallels Virtuozzo

Quick Start Guide for Parallels Virtuozzo PROPALMS VDI Version 2.1 Quick Start Guide for Parallels Virtuozzo Rev. 1.1 Published: JULY-2011 1999-2011 Propalms Ltd. All rights reserved. The information contained in this document represents the current

More information

How to use edgebox as a PDC and to Share Files

How to use edgebox as a PDC and to Share Files edgebox V4.5 How to use edgebox as a PDC and to Share Files Rev - 1.1 1 Storage and Print - Windows Domain Storage & Print EdgeBOX may be configured to interact with other hosts as if it was a Windows

More information

Scanning Guide for Small Colour MFD s

Scanning Guide for Small Colour MFD s Scanning Guide for Small Colour MFD s This guide covers the following machines: Bizhub C10/ Magicolor 2590MF Bizhub C20/ Magicolor 4690MF/4695MF Magicolor 1690MF LinkMagic Software Version 2.5-1 - Created

More information

Step-by-Step Guide to Securing Windows XP Professional with Service Pack 2 in Small and Medium Businesses

Step-by-Step Guide to Securing Windows XP Professional with Service Pack 2 in Small and Medium Businesses Step-by-Step Guide to Securing Windows XP Professional with Service Pack 2 in Small and Medium Businesses 2004 Microsoft Corporation. All rights reserved. This document is for informational purposes only.

More information

IIS, FTP Server and Windows

IIS, FTP Server and Windows IIS, FTP Server and Windows The Objective: To setup, configure and test FTP server. Requirement: Any version of the Windows 2000 Server. FTP Windows s component. Internet Information Services, IIS. Steps:

More information

Quick Start Guide for VMware and Windows 7

Quick Start Guide for VMware and Windows 7 PROPALMS VDI Version 2.1 Quick Start Guide for VMware and Windows 7 Rev. 1.1 Published: JULY-2011 1999-2011 Propalms Ltd. All rights reserved. The information contained in this document represents the

More information

ILTA HANDS ON Securing Windows 7

ILTA HANDS ON Securing Windows 7 Securing Windows 7 8/23/2011 Table of Contents About this lab... 3 About the Laboratory Environment... 4 Lab 1: Restricting Users... 5 Exercise 1. Verify the default rights of users... 5 Exercise 2. Adding

More information

Networking Lab - Vista Public Network Sharing

Networking Lab - Vista Public Network Sharing Networking Lab - Vista Public Network Sharing After completing the lab activity, you will be able to: Explain the differences between Windows XP and Windows Vista network sharing. Explain the purpose of

More information

Create, Link, or Edit a GPO with Active Directory Users and Computers

Create, Link, or Edit a GPO with Active Directory Users and Computers How to Edit Local Computer Policy Settings To edit the local computer policy settings, you must be a local computer administrator or a member of the Domain Admins or Enterprise Admins groups. 1. Add the

More information

Activity 1: Scanning with Windows Defender

Activity 1: Scanning with Windows Defender Activity 1: Scanning with Windows Defender 1. Click on Start > All Programs > Windows Defender 2. Click on the arrow next to Scan 3. Choose Custom Scan Page 1 4. Choose Scan selected drives and folders

More information

TrueEdit Remote Connection Brief

TrueEdit Remote Connection Brief MicroPress Server Configuration Guide for Remote Applications Date Issued: February 3, 2009 Document Number: 45082597 TrueEdit Remote Connection Brief Background TrueEdit Remote (TER) is actually the same

More information

Security Considerations White Paper for Cisco Smart Storage 1

Security Considerations White Paper for Cisco Smart Storage 1 Security Considerations White Paper for Cisco Smart Storage An open network is like a bank s vault with windows Bill Thomson Network-Attached Storage (NAS) is a relatively simple and inexpensive way to

More information

Tharo Systems, Inc. 2866 Nationwide Parkway P.O. Box 798 Brunswick, OH 44212 USA Tel: 330.273.4408 Fax: 330.225.0099

Tharo Systems, Inc. 2866 Nationwide Parkway P.O. Box 798 Brunswick, OH 44212 USA Tel: 330.273.4408 Fax: 330.225.0099 Introduction EASYLABEL 6 has several new features for saving the history of label formats. This history can include information about when label formats were edited and printed. In order to save this history,

More information

Livezilla How to Install on Shared Hosting http://www.jonathanmanning.com By: Jon Manning

Livezilla How to Install on Shared Hosting http://www.jonathanmanning.com By: Jon Manning Livezilla How to Install on Shared Hosting By: Jon Manning This is an easy to follow tutorial on how to install Livezilla 3.2.0.2 live chat program on a linux shared hosting server using cpanel, linux

More information

Kaseya 2. Installation guide. Version 7.0. English

Kaseya 2. Installation guide. Version 7.0. English Kaseya 2 Kaseya Server Setup Installation guide Version 7.0 English September 4, 2014 Agreement The purchase and use of all Software and Services is subject to the Agreement as defined in Kaseya s Click-Accept

More information

LifeCyclePlus Version 1

LifeCyclePlus Version 1 LifeCyclePlus Version 1 Last updated: 2014-04-25 Information in this document is subject to change without notice. Companies, names and data used in examples herein are fictitious unless otherwise noted.

More information

Case Closed Installation and Setup

Case Closed Installation and Setup 1 Case Closed Installation and Setup Contents Installation Overview...2 Microsoft SQL Server Installation...3 Case Closed Software Installation...5 Register OCX for Printing...6 External Programs...7 Automatic

More information

E-Notebook SQL 12.0 Desktop Database Installation Guide. E-Notebook SQL 12.0 Desktop Database Installation Guide

E-Notebook SQL 12.0 Desktop Database Installation Guide. E-Notebook SQL 12.0 Desktop Database Installation Guide E-Notebook SQL 12.0 Desktop Database Installation Guide 1. Introduction... 3 2. Database System... 3 2.1. Software requirements... 3 2.2. Database Creation and Configuration... 4 2.2.1. Create and share

More information

SchoolBooking SSO Integration Guide

SchoolBooking SSO Integration Guide SchoolBooking SSO Integration Guide Before you start This guide has been written to help you configure SchoolBooking to operate with SSO (Single Sign on) Please treat this document as a reference guide,

More information

1. Set Daylight Savings Time... 3. 2. Create Migrator Account... 3. 3. Assign Migrator Account to Administrator group... 4

1. Set Daylight Savings Time... 3. 2. Create Migrator Account... 3. 3. Assign Migrator Account to Administrator group... 4 1. Set Daylight Savings Time... 3 a. Have client log into Novell/Local Machine with Administrator Account...3 b. Access Adjust Date/Time...3 c. Make sure the time zone is set to Central Time...3 2. Create

More information

How to monitor AD security with MOM

How to monitor AD security with MOM How to monitor AD security with MOM A article about monitor Active Directory security with Microsoft Operations Manager 2005 Anders Bengtsson, MCSE http://www.momresources.org November 2006 (1) Table of

More information

SAFETICA INSIGHT INSTALLATION MANUAL

SAFETICA INSIGHT INSTALLATION MANUAL SAFETICA INSIGHT INSTALLATION MANUAL SAFETICA INSIGHT INSTALLATION MANUAL for Safetica Insight version 6.1.2 Author: Safetica Technologies s.r.o. Safetica Insight was developed by Safetica Technologies

More information

Test Note Phone Manager Deployment Windows Group Policy Sever 2003 and XP SPII Clients

Test Note Phone Manager Deployment Windows Group Policy Sever 2003 and XP SPII Clients Test Note Phone Manager Deployment Windows Group Policy Sever 2003 and XP SPII Clients Note: I have only tested these procedures on Server 2003 SP1 (DC) and XP SPII client, in a controlled lab environment,

More information

Penetration Testing Report Client: Business Solutions June 15 th 2015

Penetration Testing Report Client: Business Solutions June 15 th 2015 Penetration Testing Report Client: Business Solutions June 15 th 2015 Acumen Innovations 80 S.W 8 th St Suite 2000 Miami, FL 33130 United States of America Tel: 1-888-995-7803 Email: info@acumen-innovations.com

More information

Configuring Color Access on the WorkCentre 7120 Using Microsoft Active Directory Customer Tip

Configuring Color Access on the WorkCentre 7120 Using Microsoft Active Directory Customer Tip Configuring Color Access on the WorkCentre 7120 Using Microsoft Active Directory Customer Tip October 21, 2010 Overview This document describes how to limit access to color copying and printing on the

More information

2. Using Notepad, create a file called c:\demote.txt containing the following information:

2. Using Notepad, create a file called c:\demote.txt containing the following information: Unit 4 Additional Projects Configuring the Local Computer Policy You need to prepare your test lab for your upcoming experiments. First, remove a child domain that you have configured. Then, configure

More information

Administration guide. Océ LF Systems. Connectivity information for Scan-to-File

Administration guide. Océ LF Systems. Connectivity information for Scan-to-File Administration guide Océ LF Systems Connectivity information for Scan-to-File Copyright 2014, Océ All rights reserved. No part of this work may be reproduced, copied, adapted, or transmitted in any form

More information

Stellar Active Directory Manager

Stellar Active Directory Manager Stellar Active Directory Manager What is the need of Active Directory Manager? Every organization uses Active Directory Services (ADMS) to manage the users working in the organization. This task is mostly

More information

PLANNING AND DESIGNING GROUP POLICY, PART 1

PLANNING AND DESIGNING GROUP POLICY, PART 1 84-02-06 DATA SECURITY MANAGEMENT PLANNING AND DESIGNING GROUP POLICY, PART 1 Melissa Yon INSIDE What Is Group Policy?; Software Settings; Windows Settings; Administrative Templates; Requirements for Group

More information

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0.

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0. Medical Device Security Health Imaging Digital Capture Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0 Page 1 of 9 Table of Contents Table of Contents... 2 Executive Summary...

More information

Bitrix Site Manager ASP.NET. Installation Guide

Bitrix Site Manager ASP.NET. Installation Guide Bitrix Site Manager ASP.NET Installation Guide Contents Introduction... 4 Chapter 1. Checking for IIS Installation... 5 Chapter 2. Using An Archive File to Install Bitrix Site Manager ASP.NET... 7 Preliminary

More information

Freshservice Discovery Probe User Guide

Freshservice Discovery Probe User Guide Freshservice Discovery Probe User Guide 1. What is Freshservice Discovery Probe? 1.1 What details does Probe fetch? 1.2 How does Probe fetch the information? 2. What are the minimum system requirements

More information

Network Setup Instructions

Network Setup Instructions Network Setup Instructions This document provides technical details for setting up the Elite Salon & Spa Management program in a network environment. If you have any questions, please contact our Technical

More information

Alpha High Level Description

Alpha High Level Description Alpha High Level Description Alpha is a Windows Domain Controller (DC) and Domain Name System (DNS) Server. Because Alpha was the first DC in the aia.class domain, it is also (by default) the Windows global

More information

Internal Penetration Test

Internal Penetration Test Internal Penetration Test Agenda Time Agenda Item 10:00 10:15 Introduction 10:15 12:15 Seminar: Web Application Penetration Test 12:15 12:30 Break 12:30 13:30 Seminar: Social Engineering Test 13:30 15:00

More information

OPC and DCOM: 5 things you need to know Author: Randy Kondor, B.Sc. in Computer Engineering

OPC and DCOM: 5 things you need to know Author: Randy Kondor, B.Sc. in Computer Engineering OPC and DCOM: 5 things you need to know Author: Randy Kondor, B.Sc. in Computer Engineering OPC technology relies on Microsoft's COM and DCOM to exchange data between automation hardware and software;

More information

SplendidCRM Deployment Guide

SplendidCRM Deployment Guide SplendidCRM Deployment Guide Version 5.x Last Updated: December 14, 2010 Category: Deployment This guide is for informational purposes only. SPLENDIDCRM SOFTWARE MAKES NO WARRANTIES, EXPRESS OR IMPLIED,

More information

TestElite - Troubleshooting

TestElite - Troubleshooting TestElite - Troubleshooting Revision Sheet 1.0 Balázs Mayer 2014 TestElite. All Rights Reserved. Troubleshooting This document is a collection of the frequented asked questions (FAQ) for solving the general,

More information

Universal Management Service 2015

Universal Management Service 2015 Universal Management Service 2015 UMS 2015 Help All rights reserved. No parts of this work may be reproduced in any form or by any means - graphic, electronic, or mechanical, including photocopying, recording,

More information

XStream Remote Control: Configuring DCOM Connectivity

XStream Remote Control: Configuring DCOM Connectivity XStream Remote Control: Configuring DCOM Connectivity APPLICATION BRIEF March 2009 Summary The application running the graphical user interface of LeCroy Windows-based oscilloscopes is a COM Automation

More information

WINDOWS 7 & HOMEGROUP

WINDOWS 7 & HOMEGROUP WINDOWS 7 & HOMEGROUP SHARING WITH WINDOWS XP, WINDOWS VISTA & OTHER OPERATING SYSTEMS Abstract The purpose of this white paper is to explain how your computers that are running previous versions of Windows

More information

Deployment of Keepit for Windows

Deployment of Keepit for Windows Deployment of Keepit for Windows Keepit A/S October 13, 2010 1 Introduction When deploying Keepit in larger setups with many desktops and servers, installing Keepit individually on each computer is cumbersome

More information

ANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details

ANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details Sub: Supply, Installation, setup and testing of Tenable Network Security Nessus vulnerability scanner professional version 6 or latest for scanning the LAN, VLAN, VPN and IPs with 3 years License/Subscription

More information

Novell ZENworks Asset Management 7.5

Novell ZENworks Asset Management 7.5 Novell ZENworks Asset Management 7.5 w w w. n o v e l l. c o m October 2006 INSTALLATION GUIDE Table Of Contents 1. Installation Overview... 1 If you are upgrading... 1 Installation Choices... 1 ZENworks

More information

Installation Troubleshooting Guide

Installation Troubleshooting Guide Installation Troubleshooting Guide Firebird Database Connection Errors DBA Next Generation uses the Firebird Database server for connections to the database. If you have a connection error when launching

More information

Security Guidelines for MapInfo Discovery 1.1

Security Guidelines for MapInfo Discovery 1.1 Security Guidelines for MapInfo Discovery 1.1 This paper provides guidelines and detailed instructions for improving the security of your Mapinfo Discovery deployment. In this document: Overview.........................................

More information

The SSL device also supports the 64-bit Internet Explorer with new ActiveX loaders for Assessment, Abolishment, and the Access Client.

The SSL device also supports the 64-bit Internet Explorer with new ActiveX loaders for Assessment, Abolishment, and the Access Client. WatchGuard SSL v3.2 Release Notes Supported Devices SSL 100 and 560 WatchGuard SSL OS Build 355419 Revision Date January 28, 2013 Introduction WatchGuard is pleased to announce the release of WatchGuard

More information

Preparing Your Server for an MDsuite Installation

Preparing Your Server for an MDsuite Installation Preparing Your Server for an MDsuite Installation Introduction This document is intended for those clients who have purchased the MDsuite Application Server software and will be scheduled for an MDsuite

More information

Windows Attack - Gain Enterprise Admin Privileges in 5 Minutes

Windows Attack - Gain Enterprise Admin Privileges in 5 Minutes Windows Attack - Gain Enterprise Admin Privileges in 5 Minutes Compass Security AG, Daniel Stirnimann Compass Security AG Glärnischstrasse 7 Postfach 1628 CH-8640 Rapperswil Tel +41 55-214 41 60 Fax +41

More information

Chapter 2 Editor s Note:

Chapter 2 Editor s Note: [Editor s Note: The following content was excerpted from the free ebook The Tips and Tricks Guide to Securing Windows Server 2003 (Realtimepublishers.com) written by Roberta Bragg and available at http://www.netiq.com/offers/ebooks.]

More information

Outpost Office Firewall

Outpost Office Firewall Technical Reference Outpost Office Firewall Office Firewall Software from Agnitum Abstract This document provides advanced technical information on administering Outpost Office Firewall in a corporate

More information

IBM Security QRadar SIEM Version 7.1.0 MR1. Vulnerability Assessment Configuration Guide

IBM Security QRadar SIEM Version 7.1.0 MR1. Vulnerability Assessment Configuration Guide IBM Security QRadar SIEM Version 7.1.0 MR1 Vulnerability Assessment Configuration Guide Note: Before using this information and the product that it supports, read the information in Notices and Trademarks

More information

Quick Start Guide. Cerberus FTP is distributed in Canada through C&C Software. Visit us today at www.ccsoftware.ca!

Quick Start Guide. Cerberus FTP is distributed in Canada through C&C Software. Visit us today at www.ccsoftware.ca! Quick Start Guide Cerberus FTP is distributed in Canada through C&C Software. Visit us today at www.ccsoftware.ca! How to Setup a File Server with Cerberus FTP Server FTP and SSH SFTP are application protocols

More information

ilaw Installation Procedure

ilaw Installation Procedure ilaw Installation Procedure This guide will provide a reference for a full installation of ilaw Case Management Software. Contents ilaw Overview How ilaw works Installing ilaw Server on a PC Installing

More information

How To - Implement Single Sign On Authentication with Active Directory

How To - Implement Single Sign On Authentication with Active Directory How To - Implement Single Sign On Authentication with Active Directory Applicable to English version of Windows This article describes how to implement single sign on authentication with Active Directory

More information

CONNECT-TO-CHOP USER GUIDE

CONNECT-TO-CHOP USER GUIDE CONNECT-TO-CHOP USER GUIDE VERSION V8 Table of Contents 1 Overview... 3 2 Requirements... 3 2.1 Security... 3 2.2 Computer... 3 2.3 Application... 3 2.3.1 Web Browser... 3 2.3.2 Prerequisites... 3 3 Logon...

More information

Pearl Echo Installation Checklist

Pearl Echo Installation Checklist Pearl Echo Installation Checklist Use this checklist to enter critical installation and setup information that will be required to install Pearl Echo in your network. For detailed deployment instructions

More information

E-Notebook SQL13.0 Desktop Migration and Upgrade Guide

E-Notebook SQL13.0 Desktop Migration and Upgrade Guide E-Notebook SQL13.0 Desktop Migration and Upgrade Guide Last Modified: October 09, 2012 TABLE OF CONTENTS 1 Introduction... 3 2 Software Requirements... 3 2.1 Single User... 3 2.2 Remote (Shared Database

More information

Aradial Installation Guide

Aradial Installation Guide Aradial Technologies Ltd. Information in this document is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless otherwise noted. No part of this document

More information

HELP DOCUMENTATION E-SSOM DEPLOYMENT GUIDE

HELP DOCUMENTATION E-SSOM DEPLOYMENT GUIDE HELP DOCUMENTATION E-SSOM DEPLOYMENT GUIDE Copyright 1998-2013 Tools4ever B.V. All rights reserved. No part of the contents of this user guide may be reproduced or transmitted in any form or by any means

More information

NT Authentication Configuration Guide

NT Authentication Configuration Guide NT Authentication Configuration Guide Version 11 Last Updated: March 2014 Overview of Ad Hoc Security Models Every Ad Hoc instance relies on a security model to determine the authentication process for

More information

Latitude NVMS Windows XP SP2 Configuration

Latitude NVMS Windows XP SP2 Configuration Latitude NVMS Windows XP SP2 Configuration Table of Contents 1 INTRODUCTION...1 1.1 NETWORK CHANGES IN WINDOWS XP SERVICE PACK 2...1 1.1.1 DCOM Security...1 1.1.2 Windows Firewall...2 2 EFFECT OF WINDOWS

More information

IT HEALTHCHECK TOP TIPS WHITEPAPER

IT HEALTHCHECK TOP TIPS WHITEPAPER WHITEPAPER PREPARED BY MTI TECHNOLOGY LTD w: mti.com t: 01483 520200 f: 01483 520222 MTI Technology have been specifying and conducting IT Healthcheck s across numerous sectors including commercial, public

More information

SCP - Strategic Infrastructure Security

SCP - Strategic Infrastructure Security SCP - Strategic Infrastructure Security Lesson 1 - Cryptogaphy and Data Security Cryptogaphy and Data Security History of Cryptography The number lock analogy Cryptography Terminology Caesar and Character

More information

INNOV-04 The SANS Top 20 Internet Security Vulnerabilities

INNOV-04 The SANS Top 20 Internet Security Vulnerabilities INNOV-04 The SANS Top 20 Internet Security Vulnerabilities (and what it means to OpenEdge Applications) Michael Solomon, CISSP PMP CISM Solomon Consulting Inc. www.solomonconsulting.com (Thanks to John

More information

Online Vulnerability Scanner Quick Start Guide

Online Vulnerability Scanner Quick Start Guide Online Vulnerability Scanner Quick Start Guide Information in this document is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless otherwise noted.

More information

WhatsUp Event Analyst v10.x Quick Setup Guide

WhatsUp Event Analyst v10.x Quick Setup Guide WhatsUp Event Analyst v10.x Quick Setup Guide Contents WhatsUp Event Analyst Quick Setup Guide WhatsUp Event Analyst Quick Setup Guide... 2 Installation Requirements... 3 Before You Begin... 4 Microsoft

More information

Dell UPS Local Node Manager USER'S GUIDE EXTENSION FOR MICROSOFT VIRTUAL ARCHITECTURES Dellups.com

Dell UPS Local Node Manager USER'S GUIDE EXTENSION FOR MICROSOFT VIRTUAL ARCHITECTURES Dellups.com CHAPTER: Introduction Microsoft virtual architecture: Hyper-V 6.0 Manager Hyper-V Server (R1 & R2) Hyper-V Manager Hyper-V Server R1, Dell UPS Local Node Manager R2 Main Operating System: 2008Enterprise

More information

PaperStream Connect. Setup Guide. Version 1.0.0.0. Copyright Fujitsu

PaperStream Connect. Setup Guide. Version 1.0.0.0. Copyright Fujitsu PaperStream Connect Setup Guide Version 1.0.0.0 Copyright Fujitsu 2014 Contents Introduction to PaperStream Connect... 2 Setting up PaperStream Capture to Release to Cloud Services... 3 Selecting a Cloud

More information

Installation and Deployment

Installation and Deployment Installation and Deployment Help Documentation This document was auto-created from web content and is subject to change at any time. Copyright (c) 2016 SmarterTools Inc. Installation and Deployment SmarterStats

More information

Recommended Network Setup

Recommended Network Setup Recommended Network Setup Greater Giving Event Software uses Windows File Sharing to allow multiple computers to connect to the same database within your network. This document uses Windows XP as the default

More information

DCOM & Control List Genetec Information Systems Page i Win2003 Service Pack 1

DCOM & Control List Genetec Information Systems Page i Win2003 Service Pack 1 Windows 2003 SP1 configuration DCOM & Control List Genetec Information Systems Page i Win2003 Service Pack 1 Table of Contents 1 INTRODUCTION...1 1.1 NETWORK CHANGES IN WINDOWS 2003 SERVER SP1...3 1.1.1

More information

Synchronizer Installation

Synchronizer Installation Synchronizer Installation Synchronizer Installation Synchronizer Installation This document provides instructions for installing Synchronizer. Synchronizer performs all the administrative tasks for XenClient

More information

Computer Networks. Lab 4

Computer Networks. Lab 4 1 159.334 Computer Networks Lab 4 Objectives: 1) Manage user accounts in windows 2) Familiarise yourself with FTP, Network Drive, Network Printer and Terminal Services 3) Configure IP filtering Note: Unless

More information

Agency Pre Migration Tasks

Agency Pre Migration Tasks Agency Pre Migration Tasks This document is to be provided to the agency and will be reviewed during the Migration Technical Kickoff meeting between the ICS Technical Team and the agency. Network: Required

More information

NetWrix USB Blocker. Version 3.6 Administrator Guide

NetWrix USB Blocker. Version 3.6 Administrator Guide NetWrix USB Blocker Version 3.6 Administrator Guide Table of Contents 1. Introduction...3 1.1. What is NetWrix USB Blocker?...3 1.2. Product Architecture...3 2. Licensing...4 3. Operation Guide...5 3.1.

More information

STATISTICA VERSION 12 STATISTICA ENTERPRISE SMALL BUSINESS INSTALLATION INSTRUCTIONS

STATISTICA VERSION 12 STATISTICA ENTERPRISE SMALL BUSINESS INSTALLATION INSTRUCTIONS STATISTICA VERSION 12 STATISTICA ENTERPRISE SMALL BUSINESS INSTALLATION INSTRUCTIONS Notes 1. The installation of STATISTICA Enterprise Small Business entails two parts: a) a server installation, and b)

More information

Comodo LoginPro Software Version 1.5

Comodo LoginPro Software Version 1.5 Comodo LoginPro Software Version 1.5 User Guide Guide Version 1.5.030513 Comodo Security Solutions 1255 Broad Street STE 100 Clifton, NJ 07013 Table of Contents 1.Introduction to Comodo LoginPro... 3 1.1.System

More information

Advanced Event Viewer Manual

Advanced Event Viewer Manual Advanced Event Viewer Manual Document version: 2.2944.01 Download Advanced Event Viewer at: http://www.advancedeventviewer.com Page 1 Introduction Advanced Event Viewer is an award winning application

More information

Abila MIP. Installation User's Guide

Abila MIP. Installation User's Guide This is a publication of Abila, Inc. Version 2014.x Copyright 2013 Abila, Inc. All rights reserved. Abila, the Abila logos, and the Abila product and service names mentioned herein are registered trademarks

More information

Installation Instruction STATISTICA Enterprise Server

Installation Instruction STATISTICA Enterprise Server Installation Instruction STATISTICA Enterprise Server Notes: ❶ The installation of STATISTICA Enterprise Server entails two parts: a) a server installation, and b) workstation installations on each of

More information

Security. TestOut Modules 12.6 12.10

Security. TestOut Modules 12.6 12.10 Security TestOut Modules 12.6 12.10 Authentication Authentication is the process of submitting and checking credentials to validate or prove user identity. 1. Username 2. Credentials Password Smart card

More information

Configuring the WT-4 for ftp (Ad-hoc Mode)

Configuring the WT-4 for ftp (Ad-hoc Mode) En Configuring the WT-4 for ftp (Ad-hoc Mode) Windows XP Introduction This document provides basic instructions on configuring the WT-4 wireless transmitter and a Windows XP Professional SP2 ftp server

More information

Using Remote Desktop to access your Office Computer or Faculty Remote Desktop Server August, 2005 This document consists of two main parts and an

Using Remote Desktop to access your Office Computer or Faculty Remote Desktop Server August, 2005 This document consists of two main parts and an Using Remote Desktop to access your Office Computer or Faculty Remote Desktop Server August, 2005 This document consists of two main parts and an addendum. The first part will be the steps required to

More information

Password Policy Enforcer

Password Policy Enforcer Password Policy Enforcer Evaluator s Guide V7.6 Copyright 1998-2013 ANIXIS. All rights reserved. ANIXIS, ANIXIS Password Reset, Password Policy Enforcer, PPE/Web, Password Policy Client, Password Policy

More information

Step-by-Step Setup Guide Wireless File Transmitter FTP Mode

Step-by-Step Setup Guide Wireless File Transmitter FTP Mode EOS Step-by-Step Setup Guide Wireless File Transmitter FTP Mode Infrastructure Setup Windows XP 2012 Canon U.S.A., Inc. All Rights Reserved. Reproduction in whole or in part without permission is prohibited.

More information

This document is intended to make you familiar with the ServersCheck Monitoring Appliance

This document is intended to make you familiar with the ServersCheck Monitoring Appliance ServersCheck Monitoring Appliance Quick Overview This document is intended to make you familiar with the ServersCheck Monitoring Appliance Although it is possible, we highly recommend not to install other

More information

Host Hardening. OS Vulnerability test. CERT Report on systems vulnerabilities. (March 21, 2011)

Host Hardening. OS Vulnerability test. CERT Report on systems vulnerabilities. (March 21, 2011) Host Hardening (March 21, 2011) Abdou Illia Spring 2011 CERT Report on systems vulnerabilities Source: CERT Report @ http://www.kb.cert.org/vuls/bymetric 2 OS Vulnerability test Source: http://www.omninerd.com/articles/2006_operating_system_vulnerabilit

More information

Microsoft Baseline Security Analyzer (MBSA)

Microsoft Baseline Security Analyzer (MBSA) Microsoft Baseline Security Analyzer Microsoft Baseline Security Analyzer (MBSA) is a software tool released by Microsoft to determine security state by assessing missing security updates and lesssecure

More information

Step-by-Step Setup Guide Wireless File Transmitter FTP Mode

Step-by-Step Setup Guide Wireless File Transmitter FTP Mode EOS Step-by-Step Setup Guide Wireless File Transmitter FTP Mode Ad Hoc Setup Windows XP 2012 Canon U.S.A., Inc. All Rights Reserved. Reproduction in whole or in part without permission is prohibited. 1

More information

Deploying BitDefender Client Security and BitDefender Windows Server Solutions

Deploying BitDefender Client Security and BitDefender Windows Server Solutions Deploying BitDefender Client Security and BitDefender Windows Server Solutions Quick Install Guide Copyright 2010 BitDefender; 1. Installation Overview Thank you for selecting BitDefender Business Solutions

More information

SECURITY BEST PRACTICES FOR CISCO PERSONAL ASSISTANT (1.4X)

SECURITY BEST PRACTICES FOR CISCO PERSONAL ASSISTANT (1.4X) WHITE PAPER SECURITY BEST PRACTICES FOR CISCO PERSONAL ASSISTANT (1.4X) INTRODUCTION This document covers the recommended best practices for hardening a Cisco Personal Assistant 1.4(x) server. The term

More information