Wednesday, 26 November 2014

reply

Good News

WindowsNetworking.com - Hemoco Lansweeper - Voted WindowsNetworking.com Readers' Choice Award Winner - Network Inventory

Just Published

Hemoco Lansweeper - Voted WindowsNetworking.com Readers' Choice Award Winner - Network Inventory
Date: 26 Nov. 2014 | Author: The Editor
Hemoco Lansweeper was selected the winner in the Network Inventory category of the WindowsNetworking.com Readers' Choice Awards. ClearApps Network Inventory Advisor and Solarwinds Network Topology Mapper were runner-up and second runner-up respectively.

Recent Articles & Tutorials

  • Active Directory Migration Considerations (Part 4)
    The fourth article in this series discusses some things you should be aware of when planning a forest or domain migration or consolidation using ADMT.
  • The Role of Reverse Proxy in Application Delivery
    This article looks at what reverse proxy is and how it works.
  • PowerShell Essentials (Part 4)
    This article continues the discussion of PowerShell basics by explaining why some PowerShell code might not appear to use the standard PowerShell command syntax.
  • Advanced Network Adapter Driver Settings
    Here I list and discuss many of the advanced network settings for Ethernet connections, giving you some idea of what they do and how you can utilize them. There are the basic ones, like where you can edit the MAC address and speed settings, but there are also many settings to help improve network performance and reduce power consumption.

Latest News

Latest Admin Tips

 

Discover more on Twitter!

     
sumit seth,
 
     
 
 
 

Twitter has suggestions for you!

Did you know that Twitter generates personalized Who To Follow suggestions for you? Following the ones you like will help you stay informed on what matters the most to you today and discover what might matter to you tomorrow.

 
     

Suggestions for you to follow

Andrew Yochum @yochum
Technology Architect, #Scrum Master & Coach, #LAMP, #Foodie, #Wine Lover, Photographer, Geek. Better half: @AliceMartin8
Follow
Andrew C Sterling @AndrewCSterling
Realtor® at AndrewCSterling.com
Follow
Adam Tal @adamtal
Simple ideas @ online marketing & monetization.
Follow
 
     
 
 
We have more great suggestions for you.
  Check out more people to follow  
 
 
     

WindowSecurity.com - Secure Sharing: Collaboration without Compromise (Part 2)

Just Published

Secure Sharing: Collaboration without Compromise (Part 2)
Date: 26 Nov. 2014 | Author: Deb Shinder
In this, Part 2 of our series on secure sharing, we'll discuss data classification and some do’s and don’ts for sharing ultra-sensitive data with collaborators both inside and outside the company.

Recent Articles & Tutorials

Latest Blog Posts

 

Mahesh Chauhan has a birthday today

Wish Mahesh Chauhan a happy birthday Wednesday, November 26th Mahesh Chauhan
facebook
Wish Mahesh Chauhan a happy birthday
Wednesday, November 26th
Write on Mahesh's Timeline
Plan an Event
This message was sent to iertbittu@gmail.com. If you don't want to receive these emails from Facebook in the future, please unsubscribe.
Facebook, Inc., Attention: Department 415, PO Box 10005, Palo Alto, CA 94303

Employers want to see your updated CV

Shine.com
Employers want to see your updated CV

Dear sumit,

According to a recently conducted survey for recruiters, we have found that 90% of recruiters prefer hiring job seekers who update their resume regularly.  Companies hiring are unable to shortlist you for interviews as you have not updated your resume.

Global markets are changing and hence there has been a great impact on job market. Because of sudden requirements, some of the top companies accross industries are aggressively hiring candidates like you. 

View my profile now  img

Your current profile on Shine.com img Update your details
Email seth_19880@rediff.com
Your Last Login 2013-02-03
Resume Update
Completing your account and applying to jobs will show recruiters that you are interested in jobs posted by them, thereby multiplying your chances of getting contacted by recruiters for interviews. Wipro, Cognizant, GE India, Jet Airways are some of the top companies out of 9400+ companies that are hiring on Shine.com. We are sure that you would immediately update your profile and resume to make yourself the best fit for employers.
 
Regards,
Shine.com
Update Your Profile Now Jobs in Top Industries
 
 
Please add alert@shine-alerts.com to your Address Book or Safe List to prevent future
Shine Updates from being classified as Junk / Bulk Mail

Can't see images, click here to view this message in your browser
 
unsubscribe
 

WindowSecurity.com - Monthly Newsletter - November 2014

WindowSecurity.com - Monthly Newsletter - November 2014

Welcome to the WindowSecurity.com newsletter by Richard Hicks (MCSE, MCITP:EA, Enterprise Security MVP), Technical Services Director for Celestix Networks. Each month we will bring you interesting and helpful information pertaining to Windows Security. We want to know what all of *you* are interested in hearing about, so please send your questions and suggestions for future newsletter content to winsec@richardhicks.com.


Editor's Corner

Just a few days prior to sitting down to write this month’s WindowSecurity.com monthly newsletter, Microsoft released their biannual Security Intelligence Report. This is the 17th edition of the report in which Microsoft provides deep insight into the threat landscape and specifically how it affects the Microsoft ecosystem. I look forward to each edition of the report as it outlines how cybercriminals are leveraging their attacks, and more importantly, when and how they are being successful. In addition to providing the usual threat assessment information regarding vulnerabilities, exploits, and malicious software, the report includes guidance for securing account credentials and highlights the challenge posed by expired security software. In addition, how the Microsoft Digital Crimes Unit (DCU) fights malware using the legal system is documented. The report also includes detailed information on how Microsoft deals with security threats on their vast internal network. They’ve been quite successful with keeping their systems up to date and defending against attacks in spite of the large and unique environment they support, and I’m certain that many organizations could benefit from implementing some of the practices they use.

--Rich

Microsoft Security Intelligence Report (SIR) Volume 17

Passwords are awesome! Ok, not really. And that’s pretty much the message conveyed by the first feature of the Microsoft Security Intelligence Report (SIR) volume 17. The latest report begins with an overview of the current state of passwords, outlining the challenges posed by the continued use of usernames and static passwords in today’s world. The basic premise of account credentials, that being the tried and true combination of username and password, is continuing to fall short when it comes to providing the level of security necessary. Users typically need to authenticate against numerous systems, often more than 25 per day. Evidence shows that users tend to reuse passwords across sites, and at best use a handful of passwords for them. With so many different systems to log into, password fatigue quickly sets in and, out of necessity, users resort to using simple passwords, reusing passwords, or using unique passwords that end up being predictable. Complicating matters is the fact that the many data breaches in recent history provide valuable data for attackers to assess which passwords are most common and what patterns people tend to use with regularity. I was shocked to learn that a recent study of 6 million user-generated passwords, an astonishing 98.8 percent of users chose a password that was on the list of the most common 10,000 passwords! It’s no wonder dictionary attacks are so effective. Making things worse is that successful attacks and breaches continue, providing yet more valuable data for cybercriminals to further refine their password dictionaries. Clearly the time has come for something better than static passwords.

The report goes on to provide guidance for organizations storing passwords, which include strong encryption and key protection when access to the password is required, and the use of strong hashing algorithms and salts when not required. Additional guidance for agencies who have recovered evidence of compromised accounts and how organizations should protect that information is also included. Finally, recommendations are provided for improving password security, including the use of randomly generated passwords and the use of secure credential stores to make the use of unique passwords per application or site feasible.

The SIR also provides interesting insight into the challenge of expired security software and its effects on protection. Not surprisingly, expired security software is really not much better than nothing at all. This is somewhat unique to consumer systems, as new computers are often bundled with trial versions of popular antivirus software. This is not usually the case with enterprise systems, as they are proactively managed. Interestingly though, the report breaks out statistics by domain-joined and non-domain joined computers and the domain-joined computers reported being out of date 4.3% of the time, compared to just 2.7% for non-domain joined computers. I can’t imagine why enterprise-managed systems would be less up to date than consumer systems, but the data doesn’t lie.

The report continues by providing insight into activities conducted by the Microsoft Digital Crimes Unit (DCU) and their efforts to leverage the legal system to fight malware and provide further protection for the Windows platform.

The heart of the report, as always, is the current state of the threat landscape over the reporting period for the report, which is the first half of 2014. Vulnerabilities, exploits, malware, email threats, and malicious web sites are outlined in detail, providing a broad view of current tactics employed by cybercriminals. Security administrators should pay close attention to current prevalent malware families and common attack vectors and focus their efforts on mitigating those risks in high priority. Once again, thorough and consistent patching is highlighted, especially for third-party software. A continuing trend illuminated by this report is that malware authors are far less successful attacking the core operating system, indicating that Microsoft’s efforts to protect the OS are paying off. However, it’s worth noting that the most common vulnerability being targeted in the operating system is a Windows shell vulnerability that was patched over four years ago! The report also contains the usual heat maps that provide a visual cue to where malware is most prevalent and where attacks tend to originate from. This can be valuable information for evaluating network traffic logs during incident response or simply for evaluating anomalous network behavior.

This 166 page report from Microsoft is not a quick read, but it should be considered essential reading for anyone responsible for providing security and protection for computer systems of all types. You can download the Microsoft Security Intelligence Report volume 17 here.

Bulletproof SSL and TLS

With recent revelations of wide spread surveillance by government agencies, a strong push is on to encrypt all types of communication regardless of sensitivity. With the popularity and ubiquity of web-based communication, Secure Sockets Layer (SSL) and Transport Layer Security (TLS) have quickly become essential tools to provide the highest level of security and protection for network communication. 

Ivan Ristic, one of the foremost experts in the field of SSL and TLS, recently released a comprehensive guide for deploying secure web servers and applications using SSL and TLS. The book provides a valuable overview of the SSL and TLS protocols along with PKI, and also includes detailed, prescriptive guidance for configuring and deploying systems using SSL and TLS, both Windows and open source.

Order your copy of Bulletproof SSL and TLS today!

Image

Click here to order your copy today!


Microsoft Security Bulletins for November 2014

For the month of November, Microsoft released 14 security bulletins to address 33 individual CVEs. 4 of them are rated critical, 8 are rated important, and 2 are rated moderate. Affected software includes Windows, Office, .NET Framework, and Internet Explorer. For more information about November’s security bulletins click here. Pay close attention to MS14-064, which addresses a vulnerability in Windows OLE, and MS14-066, a vulnerability in Schannel. Both are remotely exploitable and should be deployed as quickly as possible.

Microsoft Security Advisories for November 2014

Microsoft has published 2 security advisories in November. Security advisory 2755801 addresses an update for vulnerabilities in Adobe Flash player in Internet Explorer, and security advisory 3010060 addresses a vulnerability in Microsoft OLE that could allow remote code execution (also addressed with security bulletin MS14-064).

 


Security Articles of Interest

  1. Office 365 continues to make strides in the area of security and protection, recently gaining IRS 1075 compliance for their Office 365 for Government offering.
    http://www.microsoft.com/en-us/government/blogs/office-365-helps-customers-with-irs-1075-regulatory-compliance/default.aspx

  2. Security technology is continually improving, and of course that means new security features in the latest preview release of Windows 10. The latest release of Windows includes new identity protection and access controls with an emphasis on strong, multifactor authentication. Essential information protection is provided using new, integrated Data Loss Prevention (DLP) features, and enhanced threat resistance is accomplished by allowing administrators to restrict application installation to those from trusted sources.
    http://blogs.windows.com/business/2014/10/22/windows-10-security-and-identity-protection-for-the-modern-world/

  3. Pass-the-Hash (PtH) is a form of credential theft where an attacker steals credentials from a compromised device and uses those to gain access to additional systems. Often this technique is used for lateral movement once the attacker has already compromised an internal system, typically in an effort to find a valued target or to find a vulnerable system with which to execute privilege escalation. Microsoft recently posted some informative videos answering common questions about PtH. You can view them here:
    http://technet.microsoft.com/en-us/security/dn785092

  4. According to a recent report released by McAfee, nearly one-third of the organizations surveyed admitted they disabled advanced protection features on their next-generation firewalls (NGFW) in order to improve performance. It begs the question then…why implement a NGFW if you’re simply going to disable its most important protection mechanisms? Security always involves trade-offs, but there are better ways to resolve this issue than disabling essential security mechanisms. Proper capacity planning and thorough load testing are critical to the success of NGFW deployments.
    http://www.scmagazine.com/operators-disable-firewall-features-to-increase-network-performance-survey-finds/article/380341/

  5. More security enhancements for the cloud! Recently Microsoft announced that it would include antimalware for Azure cloud services and virtual machines for free. Great idea!
    http://azure.microsoft.com/blog/2014/10/30/microsoft-antimalware-for-azure-cloud-services-and-virtual-machines/

  6. The so-called “Internet of Things” (IoT) represents a significant change in the way we view security. In this hyper-connected world of ubiquitous network access for everything from kitchen appliances to light bulbs, no doubt there will be some that think that IoT security is an oxymoron. As the folks in the Trustworthy Computing team at Microsoft demonstrate, it doesn’t have to be. Details here:
    http://blogs.microsoft.com/cybertrust/2014/11/05/iot-security-does-not-have-to-be-an-oxymoron/
    http://blogs.microsoft.com/cybertrust/2014/11/10/iot-security-does-not-have-to-be-an-oxymoron-part-2/

  7. I love the cloud! I'm a big fan of Microsoft Azure and make regular use of the Infrastructure-as-a-Service offering by leveraging it to extend my on-premises test labs. Many organizations are migrating applications and services to the public cloud as well. However, there are many scenarios in which the public cloud might not be the best choice. Thankfully Microsoft provides all of the components to build a private cloud on premises. Recently Microsoft released several key pieces of documentation on private cloud security. If you're considering building out your own on-premises private cloud, these documents will serve as a valuable security reference for your implementation.
    http://blogs.technet.com/b/privatecloud/archive/2014/11/09/private-cloud-security-considerations-guide-introduction-and-overview.aspx
    http://blogs.technet.com/b/privatecloud/archive/2014/11/09/private-cloud-security-considerations-guide-security-challenges.aspx
    http://blogs.technet.com/b/privatecloud/archive/2014/11/09/private-cloud-security-considerations-guide-security-design-considerations.aspx

  8. A whitepaper recently released by Microsoft outlines their use of threat simulation to practice incident response and improve threat detection for the Microsoft Azure public cloud. Through the use of “red teams”, Microsoft proactively tests breach detection systems and validates the security of their cloud platforms. Download the whitepaper here:
    http://download.microsoft.com/download/C/1/9/C1990DBA-502F-4C2A-848D-392B93D9B9C3/Microsoft_Enterprise_Cloud_Red_Teaming.pdf

  9. Microsoft has been aggressively implementing improved encryption technologies in its latest on-premises software platforms as well as their various cloud-based offerings. This month Microsoft announced that it would also be bringing these state-of-the-art encryption technologies, previously only available in Windows 8.1 and Windows Server 2012 R2, to older operating systems such as Windows 7, Windows 8, Windows Server 2008 R2, and Windows Server 2012.
    http://blogs.microsoft.com/cybertrust/2014/11/11/hundreds-of-millions-of-microsoft-customers-now-benefit-from-best-in-class-encryption/

  10. An update for the popular Microsoft Enhanced Mitigation Experience Toolkit 5.0 is now available. This update, 5.1, includes a number of improvements and addresses some previous application compatibility issues. You can download the update here: https://support.microsoft.com/kb/3015976

WindowSecurity.com Articles of Interest

  1. Planning Considerations for BYOD and Consumerization of IT – Part 5
  2. Planning Considerations for BYOD and Consumerization of IT – Part 6
  3. Tenable Nessus voted WindowSecurity.com Readers’ Choice Award Winner – Security Scanner Software
  4. Is Microsoft Windows Security Essentials Enough for Enterprise Security?
  5. Secure Sharing: Collaboration without Compromise – Part 1

Windows Security Tip of the Month

Have you deployed IPv6 in your environment yet? If you answered “no”, you’ve probably answered incorrectly! If your network includes hosts running anything newer than Windows Vista or Windows Server 2008, or any modern version of Linux, the answer is actually “yes”! Beginning with Windows Vista and Windows Server 2008, IPv6 is enabled by default and preferred. So, in reality, you have deployed IPv6, you just aren’t managing or monitoring it. From a security perspective, it really is a bad situation when you have a communication protocol in use on your network without having the proper visibility and controls in place to manage it.

I recommend that network engineers and security administrators get up to speed on IPv6 as soon as possible. The best place to start, in my opinion, is to join a community of IPv6 professionals and begin by learning about the fundamental operation of the protocol. GoGo6 is a great starting point and has a mature and robust IPv6 user community to leverage, along with various training and service offerings. They also have a handy client utility that can be used to connect your machine to the IPv6 Internet so you can begin building up operational expertise with the new protocol. Check it out today!