ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login
    1. Home
    2. Tags
    3. security
    Log in to post
    • All categories
    • OksanaO

      Microsoft Defender For DevOps: DevSecOps in Azure

      Starwind
      • starwind microsoft defender azure devops security • • Oksana
      1
      0
      Votes
      1
      Posts
      53
      Views

      No one has replied

    • scottalanmillerS

      Get Alert Whenever There is MS SQL Server Access

      IT Discussion
      • ms sql server database security • • scottalanmiller
      6
      0
      Votes
      6
      Posts
      152
      Views

      JaredBuschJ

      @scottalanmiller said in Get Alert Whenever There is MS SQL Server Access:

      It's a production database so there should be an email when the application connects and absolutely no user should ever, ever, ever be able to log in unless it's an admin doing an emergency backup and/or restore (likely alerts would be off during a restore.)

      I cannot imagine a MS SQL Server based client-server application that does not make a billion DB calls all day long. So you will have to exclude that system user from being audited.

      @scottalanmiller said in Get Alert Whenever There is MS SQL Server Access:

      There's no user ever authorized to just connect.

      The application user is always connecting. Repeatedly.

    • OksanaO

      Secure Connectivity, Azure Bastion, and Azure VWAN

      Starwind
      • starwind azure virtual machines vwan security • • Oksana
      1
      1
      Votes
      1
      Posts
      58
      Views

      No one has replied

    • scottalanmillerS

      Email 101: How It Really Works SAMIT Series

      Self Promotion
      • email smtp pop pop3 imap imap4 zimbra mailcow exchange security bbs bulletin board system • • scottalanmiller
      5
      2
      Votes
      5
      Posts
      150
      Views

      scottalanmillerS

      @travisdh1 thanks! 🙂

    • OksanaO

      How to Improve Network Infrastructure Security — Part 1

      Starwind
      • starwind microsoft azure azure azure vwan vwan security networking • • Oksana
      1
      1
      Votes
      1
      Posts
      68
      Views

      No one has replied

    • JaredBuschJ

      Proxmox hates security

      IT Discussion
      • proxmox proxmox 7 security • • JaredBusch
      12
      1
      Votes
      12
      Posts
      332
      Views

      Pete.SP

      @scottalanmiller said in Proxmox hates security:

      @Pete-S said in Proxmox hates security:

      @scottalanmiller said in Proxmox hates security:

      @Pete-S said in Proxmox hates security:

      I'm not saying Proxmox is insecure, I'm just saying it wasn't designed with security as it's primary focus.
      KVM by default for instance is managed by libvirt and by default doesn't open any tcp ports at all. That gives the administrator the option to decide what level of security versus convenience they want.

      Ignoring "by default" in that, ProxMox can be the same. You can close everything up and only manage however you like. You don't have to use the web interface on it, it can be totally shut down. Obviously defeating lots of the purpose, but plausible.

      I spend far more time on ProxMox via command line via MeshCentral than via the web interface and the web interface, while we don't lock it down from the LAN in most cases (we run a LOT of ProxMox these days) we primarily access it from the PM host itself from a jump box running on top of it for the cases when the web interface is needed. So while we don't go to the degree of locking it off from the LAN, we could and we wouldn't notice the difference most of the time.

      That's not a default, so obviously totally different. But it's a really simple setting.

      That's good to know.

      We don't use gui anymore either but we're moving away from pre-packaged hypervisors and to pure KVM with libvirt compatible management tools.

      We have found that to be the best solution for our use case (high degree of automation and customization).

      I'd like to see that for sure. There's a lot of benefit to that, potentially at least.

      We're automating a lot.

      But the real problem is not the automation itself. The real problem is that automation and standardization is time consuming.

    • scottalanmillerS

      SAMIT: Stop Using Secure Email

      Self Promotion
      • bbs email smtp security samit • • scottalanmiller
      16
      1
      Votes
      16
      Posts
      366
      Views

      JaredBuschJ

      @scottalanmiller said in SAMIT: Stop Using Secure Email:

      @JaredBusch said in SAMIT: Stop Using Secure Email:

      Also, accepting insecure email is different than allowing your organization to send insecure email.

      Very true. Accepting things insecurely is better than sending them.

      I accept email in any way that it is sent. But all sent email is required to be TLS or it will not send. I have a couple of people that the boss cannot email because of it, as well as one prior customer that is still running an ancient ass GroupWise 6 email server. They email asking for one off support for their routers sometimes.

    • JaredBuschJ

      Solved Unable to mark NAS location trusted in Office

      IT Discussion
      • microsoft office security trust center • • JaredBusch
      18
      1
      Votes
      18
      Posts
      778
      Views

      JaredBuschJ

      Tested and it works all the time by hostname instead of IP.

    • scottalanmillerS

      Understanding the Fake Microsoft Support Call Scam on SAMIT

      Self Promotion
      • scam security samit youtube microsoft end user • • scottalanmiller
      1
      0
      Votes
      1
      Posts
      204
      Views

      No one has replied

    • gjacobseG

      Unsolved ManageEngine: Desktop Central - MFA

      IT Discussion
      • manageengine desktopcentral mfa security annoyance time waster • • gjacobse
      5
      0
      Votes
      5
      Posts
      281
      Views

      travisdh1T

      @gjacobse said in ManageEngine: Desktop Central - MFA:

      @scottalanmiller

      It is a gas soaked bonfire waiting for a match.

      Fixed that for you.

    • scottalanmillerS

      Experience with NDR Solutions

      IT Discussion
      • ndr security • • scottalanmiller
      34
      0
      Votes
      34
      Posts
      924
      Views

      ObsolesceO

      @stacksofplates said in Experience with NDR Solutions:

      Why is Sally accessing this service from a non work computer at 3 am her time with a chinese IP address? Sure this request has the password but that doesn't sound valid.

      Which means you can automatically perform additional validation with MFA, or straight up deny access.

      There's a lot of options really. You can only allow access to certain systems and/or services via company devices enrolled in MDM, with up to date OS, encryption, and endpoint protection. You can verify endpoints and users with passwordless auth via Beyond Identity and in certain cases use additional MFA via Duo or whatever you want to set up.

      Sally is trying to log in to her company email. She's authenticated via passwordless auth via Beyond Identity on her work computer. Her work computer passes the health check seamlessly through BYID and allows her to access her email. Maybe she's also prompted for MFA always, or maybe only if she's logging in outside her normal geographic area on her work computer. Maybe (e.g. email) access is denied totally if from a non-company device. Options...

    • scottalanmillerS

      What Does the V- Stand for in Microsoft Email Addresses

      IT Discussion
      • microsoft security • • scottalanmiller
      7
      5
      Votes
      7
      Posts
      918
      Views

      dbeatoD

      @JaredBusch Yup, and they want to do a audit of devices using a deployment tool that is not even a Microsoft one.

    • Pete.SP

      Zoho Mail has new secure sending option

      IT Discussion
      • zoho zoho email security • • Pete.S
      5
      0
      Votes
      5
      Posts
      369
      Views

      Pete.SP

      @Dashrender said in Zoho Mail has new secure sending option:

      @Pete-S said in Zoho Mail has new secure sending option:

      @Dashrender Good to know.

      One purpose of the OTP is that you can't forward the email and have another person read it.

      Not directly forward - sure, but you could screen shot it and forward that to someone.

      I assume the OTP is more so that people don't have to create accounts in the Zoho system.

      It looks like Zoho had the forwarding thing specifically in mind since they mentioned that on their website. A lot of people will forward messages without thinking about the sensitive information that is usually longer down in the mail. I've seen that a lot when I get emails forwarded to me with information that is clearly not intended for me.

      In the MS system you have to create an account, same goes for Zix, even if you will only ever read this one message on that system.

      Yeah, I hate that. It's just to get more users. I love OTP though.

      I'll have to check how these secure feature works with sending huge mail attachments as well. Haven't tried it yet.

    • OksanaO

      New Names and Features for Microsoft Security Applications

      Starwind
      • starwind microsoft security azure security • • Oksana
      1
      1
      Votes
      1
      Posts
      246
      Views

      No one has replied

    • OksanaO

      How to Automate Azure Playbook Deployment?

      Starwind
      • starwind microsoft azure microsoft sentinel security devops • • Oksana
      1
      1
      Votes
      1
      Posts
      249
      Views

      No one has replied

    • OksanaO

      How to Secure Your VMware ESXi Hosts

      Starwind
      • starwind vmware esxi esxi security hypervisor • • Oksana
      1
      1
      Votes
      1
      Posts
      236
      Views

      No one has replied

    • StuartJordanS

      SSH Chinese Bots

      IT Discussion
      • security it security • • StuartJordan
      5
      0
      Votes
      5
      Posts
      372
      Views

      StuartJordanS

      @dafyre Connection closed by foreign host after a couple seconds lol

    • FredtxF

      Over a million GoDaddy Hosted WordPress Sites Breached

      News
      • security breach godaddy • • Fredtx
      2
      1
      Votes
      2
      Posts
      371
      Views

      scottalanmillerS

      @fredtx This is really GoDaddy breached. That they were running WordPress is kind of an aside.

    • notverypunnyN

      TacticalRMM - Security

      IT Discussion
      • tacticalrmm security block public • • notverypunny
      1
      3
      Votes
      1
      Posts
      272
      Views

      No one has replied

    • OksanaO

      StarWind Success Story: Boost the security of client data with StarWind VSAN

      Starwind
      • starwind starwind virtual san vsan virtualization security • • Oksana
      1
      1
      Votes
      1
      Posts
      188
      Views

      No one has replied

    • 1
    • 2
    • 3
    • 4
    • 5
    • 31
    • 32
    • 1 / 32