Quantcast
Channel: Security forum
Viewing all 12072 articles
Browse latest View live

Pound Sign in passwords £

January 11, 2019, 3:50 am
$
0
0

Hi Gurus,<o:p></o:p>

I have recently configured Azure password sync and configured
NPS radius authentication for VPN solution.<o:p></o:p>

I have noticed that for some reasons the £ sign (UK Pound Sign)
is not accepted in the passwords when users try to authenticate to the VPN.<o:p></o:p>

Also on the office365 it only accept it when you
change it on premise AD and it sync to AAD as it travels as cryptographic hash but
if you try to change it from AAD it tells you that it’s weak and if you replace
the £ with another symbol it tells you that it’s strong.<o:p></o:p>

Am I missing something here?<o:p></o:p>

Thank you,<o:p></o:p>


Search

SHA1 to SHA2 Migration

December 7, 2015, 2:04 pm
$
0
0

Hi,

We are planning to Migrate the SHA1 to SHA2 by build a Parallel environment(Side by Side Migration). 

I have a question before to start with migration of SHA1 to SHA256.

1) We have multiple Issuing CA servers and We have more number of Customized templates with different configurations in each CA server. Is there any possibility to migrate those templates to the new SHA256 Environment

Thanks in Advance

//Bala R 

AutoEnroll - JVM Keystore - Microsoft CA

January 11, 2019, 8:59 am
$
0
0

Hello -

I am looking for a way to use a Microsoft CA along with JVM Keystores on my client machines.  Is it possible to use auto-enrollment for windows client machines with JVM <g class="gr_ gr_174 gr-alert gr_spell gr_inline_cards gr_run_anim ContextualSpelling" data-gr-id="174" id="174">keystores</g> and a <g class="gr_ gr_189 gr-alert gr_spell gr_inline_cards gr_run_anim ContextualSpelling ins-del multiReplace" data-gr-id="189" id="189">microsoft</g> CA?  I can't seem to bridge the certificate being moved to the JVM <g class="gr_ gr_258 gr-alert gr_spell gr_inline_cards gr_run_anim ContextualSpelling" data-gr-id="258" id="258">keystore</g>.

Thanks,

Justin

Justin Almli

How can we stop Ransom:Win32/WannaCrypt malware spread?

January 7, 2019, 8:18 pm
$
0
0

Hi, Guys.

How can we stop Ransom:Win32/WannaCrypt malware spread? As you know, this malware has worm functionality which attempts to infect unpatched outdated Windows machines. 

Yes, there are good AVs which can detect and quarantine this threat. If we receive multiple ransomware detections reported by our AV, how can we track down instead the infected system which spreads the malware to other vulnerable computers? Assuming this infected system was not detected by our AV for some reason (i.e. AV was not installed)

I can see an article states that the threat creates a service named mssecsvc2.0, whose function is to exploit the SMB vulnerability in other computers accessible from the infected system.

How can we track endpoints also that has this mssecsvc2.0 service running on them via powershell script? Thank you

Multiple authentication errors in Security from single source

January 6, 2019, 9:42 pm
$
0
0

Hi,

There are more number of failure alerts in security log in multiple windows (2003 and 2000) servers from same source. Below are the error log details.

Event ID: 680

MICROSOFT_AUTHENTICATION_PACKAGE_V1_0

Error Code:0xC0000064

Logon account: Domain Controller local account (i.e, Computername$)

Source Workstation: Domain Controller

Is there any way to track this, why this DC trying to authenticate with these computers and what it is trying?

There are more number of alerts we are getting like this.

vicky

MBSA

January 13, 2019, 2:50 am
$
0
0

Guys,

what happened to the MBSA. is it still available? I cant find to download it at a Microsoft website for 2012R2/2016, i can only find it for 2008 and at creapy website.


Thanks for any help.

certutil -syncWithWU = Access denied

January 13, 2019, 7:19 am
$
0
0

Hi!

d:\cert>certutil -generateSSTFromWU WURoots.sst
Access is denied. 0x80070005 (WIN32: 5) -- authrootstl.cab
CertUtil: -generateSSTFromWU command FAILED: 0x80070005 (WIN32: 5)
CertUtil: Access is denied.

d:\cert>certutil -syncWithWU d:\cert
Access is denied. 0x80070005 (WIN32: 5) -- authrootstl.cab
CertUtil: -syncWithWU command FAILED: 0x80070005 (WIN32: 5)
CertUtil: Access is denied.

Why?

Win7 and Win 10 (x64, not a server). Running from elevated CMD. Tried disabling UAC -> no changes.

Adding New CDP URLs with same path

January 13, 2019, 11:35 pm
$
0
0
Hello All,

We are moving on premises CA to Cloud so we going to keep existing CDP in cloud and adding new CDPs in on premises in two different location(Locations A and B)
we have offline Root  CA and 1 issuing CA so all the locations certificates are issued from this issuing CA.
we not going to renew certificates so if we add new CDP http url existing issued not going to updated in the client certificates with new CDP locations, so we planning to use same URL for the all 3 CDP locations, depends upon crl request locations(Cloud or Location A or B) client will reach respective CDP.
please advice the above solution is possible
1. without renew the certificates will reach respective location since url is same?
2.Should we need to use LB to divert the request to correct CDP.
3.Windows NLB can be used for this?
4.OCSP can be used without renew certificates?
Search

Does AD CS now support Azure Key Vault Premimum (HSM) as it's KSP (key service provider)

January 9, 2019, 1:35 am

EFS - Utility Cipher.exe with option /u [/n] returns "The system cannot find the file specified" when encryption never occurred

January 14, 2019, 5:28 am
$
0
0

Hello, as kindly suggested in the Directory services forum I post the question here.

I'm running in a strange issue. If I run the above command on a system from where I launched previously the encryption command, either trough the GUI or with the cipher.exe /e command, it correctly looks for encrypted files. Instead, if I run it on a system where I never encrypted any file before it returns "The system cannot find the file specified" just after I hit <Enter>. It's like there's some service not started but I don't know which one. EFS service is started. Or maybe it looks for something that is "generated" when you ecrypt some stuff.

Please note: it's not related to the presence o absence of encrypted files on the system where I run the command (i.e. the case when remotely you encrypt files from a client on a file server), but to the fact whether I encrypted some stuff locally on that system earlier (i.e. on the console of the file server I issue an encrypt command). And it's not OS related (it happens on W7, WS2012, W10...)

Maybe Cipher.exe does look for and want an encryption certificate (Filesystem ecryption 1.3.6.1.4.1.311.10.3.4) in the store before it can start looking for encrypted files?

Hope you can help. Thank you.

Francesco B.




Security Problem

January 15, 2019, 6:11 am
$
0
0
It appears that now Bill Gates is gone, security doesm't matter amy more.

Windows Firewall rules. After a Windows Update, the following INBOUND rules are re-enabled : cortana, Mail and calendar, MS Edge, MS Photos, MS Store, Work or school account and Your account. Admins cannot firewall off these items on the perimeter firewall as the firewall is not capable of seeing the applications. It may have went through security testing. But new vulnerabilities are constantly being found. Just look at www.exploit=db.com and https://github.com/offensive-security/exploitdb . Script kiddies are constantly monitoring these sites and pounding us with up to the minute attacks, and they are getting through. Allow us admins to disable those firewall rules please.

Security Problem

January 15, 2019, 6:15 am
$
0
0
It appears that now Bill Gates is gone, security doesm't matter any more.

The most recent release of Windows 10 has hidden the NETBIOS service and is no longer discoverable by 'SC query'. Now granted it is important to users who wants to join a domain or do folder sharing. But if a user has no use for those two, then she should be allowed to find and disable it. What makes NETBIOS a holy cow? Look at SMBv1 - it has been in use for 10+ years and was considered stable and safe. It has been ported to Linux. It is used by routers to share hard drives. But a security flaw was found nevertheless, and used in active exploitation like WannaCry. We admins should be allowed to control what runs on our systems. If we don't need a feature, then we should be allowed to control and disable it. Make security a #1 priority again.

server restart unexpectedly!

January 15, 2019, 11:43 pm
$
0
0

Good Afternoon

We had deployed CIS-benchmarks in our environment, all the CIS-benchmarks were applied successfully which we already test in our test environment then we applied in our production.

now, we are facing the "server restart unexpectedly"

please let me know what will be the rote cause of abnormal restart because we are running very critical servers which must be online 24/7.

i read it's logs, but could not identify the rote cause of the issue.

how to resolve this issue? we are facing this issue in the following MS server version:

1. Windows Server 2008 R-2

2. Windows Server 2012 R-2

Note:

* we did not faced this issue In windows server 2016 R-2

* we have planned to upgrade our 2008 R-2 & 2012 R-2 into 2016-R-2 in future, in the meanwhile i am very worried due to that issue, please help me out to resolve this issue.

with kind regards,



Enterprise AD Group Entitlement for an Enterprise Issuing CA

January 16, 2019, 3:50 am
$
0
0

I am installing an ADCS enterprise issuing CA, which will be subordinated by an offline root CA.  I know it is required to have Enterprise Admin entitlement to create an ADCS enterprise CA and I am working in an environment where the admins are (sensibly) loathe to support the delegation of Enterprise Admin for any longer that strictly necessary.

In a nutshell, my process encompasses three distinct phases:
A. Create the issuing CA CSR using the following command
Install-AdcsCertificationAuthority -AllowAdministratorInteraction -CAType EnterpriseSubordinateCA -CACommonName "My CA" -KeyLength 2048 -HashAlgorithmName SHA256 -CryptoProviderName "RSA#nCipher Security World Key Storage Provider" -OutputCertRequestFile "C:\PKI\My CA.req" -Confirm -Verbose
B. Create the issuing CA certificate at the offline Root CA

C.  Install the issuing CA certificate using the Enterprise CA MMC: Certification Authority (Local)|My CA|All Tasks...|Install CA Certificate...

My question: is Enterprise Admin entitlement required for both step A and step C, or just step A... or just step C?

Guidance would be greatly appreciated, Dave

Migrating Microsoft CA to AWS cloud

January 16, 2019, 9:09 pm
$
0
0

Hello,

We are migrating the on-premises Microsoft CA to cloud and our AD infra also moving to aws cloud.

We have below infra for CA, we just going to do lift and shift just taking image and migrating so there will be no changes in configurations.

Root CA(offline)

Issuing CA+HTTP CRL Distribution point

Question is what are the factors needs to be considered

1, Since our CRL is moving to cloud will affect users?

2. Any port needs to be opened?

3.Auto enrollment will work as expected?

Please help me to get if any documentation for this.

Search

Hardening & Security Templates & Security Tools (Windows Server 2016)

January 10, 2019, 1:12 am
$
0
0

Hi,

where can I download on the MS site the up-to-date security tools & security templates, etc. for Windows Server 2016 hardening (DCs, Member Servers, SQL, Exchange, etc.)?

Best regards

Birdal

W2K3 security tab missing

June 8, 2008, 2:56 pm
$
0
0
Hi

I have a couple of folders on our main file server which have lost their security tab. I can't open them, Get an Access is denied error. This is the same from a RDP session to the server itself. The server is also the DC, so I cannot log in as a local administrator, as it doesn't have this account. I log in as the Domain Admin, and I still don't have access.

I can't take ownership, not even from the level above and apply to child objects, it errors out when it reaches the effected folder.

I know have about 5 folders on this server which this has happened to. 4 in one folder and 1 at the root of the share.

I can't restart at the server at present, but when I can I will schedule a chkdsk. Is there anything else I can do to check the folders, securites and disk integrity in the mean time?

Anyone know why this would happen?

Thanks

Dave

Compre licencia de conducir, pasaporte, tarjeta de identificación, IELTS, TOEFL, VISA, ((237665431530)), ((nickentuki@gmail.com)), certificado de nacimiento, diplomas escolares, certificado de matrimonio, GREENCARD de EE. UU, SSN y muchos otros documentos

January 17, 2019, 1:19 am
$
0
0

Compre licencia de conducir, pasaporte, tarjeta de identificación, IELTS, TOEFL, VISA, ((237665431530)), ((nickentuki@gmail.com)), certificado de nacimiento, diplomas escolares, certificado de matrimonio, GREENCARD de EE. UU, SSN y muchos otros documentos en menos de cinco días hábiles

(nickentuki@gmail.com) (+ 237665431530)

WhatsApp ............. +237665431530

NB: hacemos esto para ayudar a las personas que tienen una necesidad urgente.

Solicite un pasaporte registrado real, visa, licencia de conducir, tarjetas de identificación, certificados de matrimonio, diplomas, etc. para vender. Pasaporte, ciudadanía, tarjetas de identificación, licencia de conducir, diplomas, títulos y certificados también están disponibles. Servicios de visa de turista y de negocios disponibles para residentes de los 50 estados de los EE. UU. Y de todas las nacionalidades del mundo. Somos productores únicos de pasaportes auténticos de alta calidad, pasaportes auténticos registrados y no registrados de la base de datos auténticos y otros documentos de ciudadanía. Podemos garantizarle una nueva Identidad a partir de un Certificado de Nacimiento, Tarjeta de Identificación, Licencia de Conducir, Pasaportes, Tarjeta de Seguro Social con SSN, archivos de crédito y tarjetas de crédito, diplomas escolares, títulos escolares, todos nuevos y nuevos, todo con un nombre completamente nuevo emitido y Registrado en el sistema de base de datos del gobierno. Utilizamos equipos y materiales de alta calidad para producir documentos auténticos y falsificados. Todas las características secretas de los pasaportes reales están cuidadosamente duplicadas para nuestros documentos registrados y no registrados. Somos productores únicos de documentos falsos y reales de calidad. Somos los productores únicos de los documentos anteriores y otros productos para varios países como: Estados Unidos, Australia, Bélgica, Brasil, Canadá, Italia, Finlandia, Francia, Alemania, Israel, México, Países Bajos, Sudáfrica, España, Reino Unido. , Italia, Turquía, etc. tenemos un equipo completo y efectivo de socios vinculados en todos los países del mundo.

CONTACTE CON NUESTROS APOYOS

Contáctenos en >>>>>>>>>>>>>>>>> nickentuki@gmail.com

Soporte general >>>>>>>>>>>>>>>>> nickentuki@gmail.com

WhatsApp (teléfono) ............. +237665431530

SOLICITE CUALQUIER DOCUMENTO UNIVERSAL DE SU NECESIDAD

 

• PASAPORTES

  •             Tarjeta de identificación
  •             Tarjeta de seguro Social

• Licencias de conducir

• Tarjetas de Canadá

• Tarjetas de Estados Unidos

• Tarjetas de estudiante

• Tarjetas internacionales

• Tarjetas privadas

• Certificados de adopción

  •             Certificados de nacimiento

• Certificados de defunción

• Certificados de Divorcio

• Certificados de matrimonio

• Certificados personalizados

• Diplomas de secundaria

• G.E.D. Diplomas

• Diplomas de la escuela de casa

  •             Titulos universitarios
  •             Títulos universitarios

• Certificados de habilidades comerciales

• Validar el número de SSN

• tarjetas verdes de Estados Unidos

• Productos Espía

• Cambiadores de voz

• Dispositivos de escucha

  •             Tinta invisible

• Consulta de registro del DMV

• Verificación de antecedentes

 

CONTACTE CON NUESTROS APOYOS

Contáctenos en >>>>>>>>>>>>>>>>> nickentuki@gmail.com

Soporte general >>>>>>>>>>>>>>>>> nickentuki@gmail.com

WhatsApp ............. +237665431530

Para pasaporte registrado y no registrado de todos los países; Visas, pasaporte biométrico, títulos, licencia de conducir, tarjetas de identificación. Certificados de capacitación M GCSE, A-niveles, Certificados de diploma de escuela secundaria, GMAT, MCAT y Certificados de examen LSAT, Certificados de Nacimiento, Matrimonio y Defunción de Novedad Novedades y Paquetes de Nueva Identidad, Replicados, Grados Reales / Diplomas de la mayoría de las instituciones postsecundarias de en todo el mundo (tenemos más de 3000 plantillas en archivo), todas diseñadas para parecer 100% idénticas a las originales. Impresión personalizada (si aún no tenemos la plantilla en el archivo, simplemente envíenos una copia por correo electrónico y podremos realizar cualquier modificación o modificación según sus instrucciones). Segundo, ciudadanía, identidad, identificación, documentos, diplomático, nacionalidad, cómo dónde, obtener, obtener, comprar, comprar, hacer, construir un pasaporte, identificación británica, Honduras, Reino Unido, EE. UU., Canadá, canadiense, extranjera, visa, suiza, tarjeta, identificaciones, documento

COMPRA DOCUMENTOS REALES

nuestros contactos incluyen ex investigadores privados, consulados, personal de alto rango del gobierno y expertos experimentados, tenemos conexiones sólidas con personal superior en todas las áreas de documentos de registro real y cambio de pasaporte en estos países que están vinculados a la agencia de pasaportes en cada uno de estos países ¡y con la ayuda de sus conexiones, todos nuestros clientes que exigen cualquier documento de ciudadanía o pasaporte de cualquier país cuentan con una garantía del 100%, así como con la garantía de recibir documentos auténticos reales de muy alta calidad que nunca se pueden identificar como falsos! ¡Ni siquiera un funcionario o una máquina de expertos puede dictar el documento como falso ya que el documento no es diferente del emitido por el gobierno real! Todos los documentos de ciudadanía registrados de nuestra verdadera base de datos auténticos tienen sus datos personales registrados en el sistema de la base de datos y son 100% legibles por máquina. Siéntase libre de obtener la información detallada adicional sobre nuestros servicios. Sinceramente espero encontrar una manera de cooperar con usted. Si alguno de estos productos le interesa, no dude en contactarnos. Le daremos nuestro mejor precio después de recibir su consulta detallada.

Correo electrónico: …………… nickentuki@gmail.com

WhatsApp …………. : +237665431530

Multiple authentication errors in Security from single source

January 6, 2019, 9:42 pm
$
0
0

Hi,

There are more number of failure alerts in security log in multiple windows (2003 and 2000) servers from same source. Below are the error log details.

Event ID: 680

MICROSOFT_AUTHENTICATION_PACKAGE_V1_0

Error Code:0xC0000064

Logon account: Domain Controller local account (i.e, Computername$)

Source Workstation: Domain Controller

Is there any way to track this, why this DC trying to authenticate with these computers and what it is trying?

There are more number of alerts we are getting like this.

vicky

Clients Receiving (or auto-enrolling) certificates daily)

December 14, 2018, 1:25 am
$
0
0

Hi hope some one can give me some pointers to check on this issues. We have a single domain.

  • With an offline RootCa and online CA. 
  • 2012R2 domain controllers and windows 2012R2 domain level functionality

the Clients on this domain seem to be getting a new Server/Client Certificate every day !! or sometimes 2 a day.

I don't know whats causing this, i have checked PKIView and all CRL's are correct and OK.

can anyone give me any pointers where to check.

Many thanks

Mark

Viewing all 12072 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>