Latest Technology News

For many computer virus writers and cybercriminals, the objective is to distribute their virus, worm or Trojan virus to as many computers or mobile phones as possible – so that they can maximise malware penetration. There are three main ways in which this can be achieved: Via social engineering By infecting a system without the user’s knowledge A combination of both of these methods In addition, the malware creator will often take steps to prevent the infection being detected by antivirus programs. Discover more in the following articles: Social Engineering Malware Implementation Techniques Combining Social Engineering & Malware Implementation Techniques Why Cybercriminals Try to Combat Antivirus Software Find more about :  r ansomware prevention software

It's possible to force the user to supply a password to encrypt RAR archives so a file can be extracted. If you have an encrypted archive for which you don't know the password, or if you've simply forgotten a password you assigned yourself, there are a handful of tricks you can attempt. Step 1 Check the source of the archive. If you downloaded it from a website, look around the site for a mention of the password (after all, it's unlikely someone offered an unopenable archive for download.) If the person you downloaded it from can be contacted, send them an email asking for the password. Step 2 Try a few likely-seeming passwords. The name of the source website may work, as may the name or Internet handle of the archive creator. Step 3 Try a brute-force approach. This involves simply cycling through every possibility, one by one, until something works. You can technically do this yourself, but it would take forever and be extremely tedious. Fortunately there

In windows server 2008, if we go to Network Security: LAN manager authentication level(gpedit.msc -> Computer Configuration -> WindowsSettings -> SecuritySettings LocalPolicies -> securityoptions ) and right click on it, we cannot change the value of the authentication level. It is greyed out. To change this we need to go to following registry entry.. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\LmCompatibilityLevel and set the value. LmCompatibilityLevel should be 0 for Send LM & NTLM responses 1 for Send LM & NLTM - use NTLMv2 session security if negotiated 2 for Send NTLM response only 3 for Send NTLMv2 response only 4 for Send NTLMv2 response only\refuse LM 5 for Send NTLMv2 response only\refuse LM & NTLM know more :  lan manager authentication level

Wake on LAN" is a powerful and convenient feature that enables users to remotely power up their computer over a network, saving energy while also allowing remote access to the computer when needed. However, Wake on LAN, like many features that offer additional convenience, can also create a security risk by enabling power up capability on a computer which should only be powered up locally. Disabling the Wake on LAN feature is a simple process. Step 1 Click the "Start" button. Right-click "My Computer" (on Windows XP) or right-click "Computer" (on Windows 7 or Vista). Click "Manage" in the drop-down menu that appears. Step 2 Click "Device Manager" in the next window that appears. Click the "Network Adapters" header from the list of devices displayed in the right pane of the "Computer Management" window. Step 3 Right-click the network adapter that is currently connected to the network and then click &quo

Most people are familiar with PPP - Point-to-Point Protocol. PPP is most commonly used for dial-up Internet access. PPP is also used by some ISPs for DSL and cable modem authentication, in the form of PPP over Ethernet. PPP is part of Layer 2 Tunneling Protocol, a core part of Microsoft's secure remote access solution for Windows 2000 and beyond. What is PPP PPP evolved beyond its original use as a dial-up access method and is now used all over the Internet. One piece of PPP defines an authentication mechanism. With dial-up Internet access, that's the username and password you're used to using. PPP authentication is used to identify the user at the other end of the PPP line before giving them access. What is EAP? Most enterprises want to do more for security than simply employing usernames and passwords for access, so a new authentication protocol, called the Extensible Authentication Protocol (EAP), was designed. EAP sits inside of PPP's authentication protocol

Microsoft has begun their development process for the next update to Windows Server under the code name 20H1. We track those builds which are released as part of the Windows Server Insider Program. As part of the Windows Server Insider Program, Microsoft makes it possible for IT Pros and System Admins to test development versions of the next feature update for Windows Server. Microsoft's Windows Server Insider Program allows business and enterprise customers to access pre-release builds of the companies latest server operating system. This early access is intended to assist those organizations in discovering new features, capabilities, and to test compatibility for their own software and services. This tracker will keep you updated on testing builds which are released for Windows Server vNext (20H1). If you are also testing the client operating system, you can follow those pre-release builds using our Windows 10 (20H1) Build Tracker for PCs to keep an eye on those updates.

Network switches for home and small office use are typically stand-alone units, while switches for larger networks are usually rack-mounted. Either way, they typically use either Cat5 or Cat6 ethernet cables. Switches allow multiple computers to connect to a single Internet connection, but rather than simply passing the signal through, like a network hub, a switch can manage that network traffic. Switches differ in the way they handle network traffic, but all of them are installed in a very similar way. Step 1 Provide power to the switch, if required. For a stand-alone switch, this simply means plugging in the power supply. For rack-mounted switches, this means using a slot that has power supplied to it. Step 2 Connect the incoming network cable to the switch. Although any slot can be used on most network switches, it is a good idea to use the first slot so anyone can quickly identify the incoming cable. For home and small office applications, the incoming cable will be the one

The primary objective of the information security program is to implement the strategy in the most cost effective manner while at the same time maximizing support of business functions and minimizing operational disruptions. In Information Security Governance (ISG) and Information Risk Management (IRM) the governance and risk objectives for a security program were defined and incorporated into an overall strategy. The level of understanding that candidates need to have obtained in ISG and IRM will determine the degree of clarity in understanding information security program development objectives. For example, if candidates are able to come up with a well-developed security strategy, it would be less stressful for them to turn a high-level strategy into a meaningful, logical and physical reality. Despite a well-formed security strategy, candidates must be able and prepared to modify or reconsider certain elements during the program design, development and administration, depending

The LM hash is computed as follows: The user’s ASCII password is converted to uppercase. This password is null-padded to 14 bytes. The 14-byte password is split into two 7-byte halves. These values are used to create two DES keys, one from each 7-byte half. Each of the two keys is used to DES-encrypt the constant ASCII string "KGS!@#$%", resulting in two 8-byte cipher-text values. These two cipher-text values are concatenated to form a 16-byte value, which is the LM hash. There are a lot of security weaknesses outlined in the linked Wikipedia article and talked about elsewhere, but I'm particularly interested in steps 3 through 6. I'm curious about what led to this design. Is there any real security advantage to splitting a password, encrypting the two halves separately, then combining the two halves to form one hash again? Or is this just an example of "security through obscurity"? find more :  lm hash generator

Juniper has made steady gains in the marketplace for some time, and although they are unlikely to displace Cisco any time soon, Juniper is well worth consideration as a technology choice — and also as a career direction. In this post, we take a look at where and why Juniper is better than its competition and why it’s a good bet both for users and for networking professionals. Cisco presents itself as a one-stop shop for a wide range of networking needs, including enterprise and service provider networks, data center networks, mobility solutions, network security, cloud, conferencing, and collaboration. Juniper does not try to be all things to all people. Their focus is clearly on providing top of the line solutions for routing, switching, and security. Juniper’s reputation is for speed and throughput; their products avoid the feature overload that may tend to slow down the equivalent Cisco product. Juniper’s Junos operating system is much more modular and robust than Cisco’s fea

When it comes to having a wireless network at your home or business, having wireless security is essential. Having good wireless security can make your wireless network less susceptible to hackers and can make connecting to the network difficult for those who you do not want to have access. Regardless of your wireless router, configuring wireless security on your router merely requires going to the correct section of the administration control panel. Step 1 Type your router's administration control panel address into Internet Explorer. For Linksys/Cisco routers, the address is 192.168.1.1. For D-Link and Netgear routers, the address is either 192.168.0.1 or 192.168.1.1. For other routers the address may be 192.168.1.1, 192.168.0.1 or 192.168.2.1. If none of these work for you, consult your router's user manual. Step 2 Type in your user name and password for the administration control panel of your router, and click "OK." For Linksys/Cisco routers, the default u

Before purchasing a domain name and setting up a website with an Internet Service Provider (ISP), consider using local web pages to perform simple web-related tasks. Local web pages allow you to create useful web applications, photo galleries and media players that run in your browser. You can even bookmark them for quick access. Local web pages are also useful for dissecting other websites and enhancing your web development skills. Step Open an HTML editor or Notepad and paste the following code into a new document. !DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> http://www.w3.org/1999/xhtml"> This will create an empty HTML document with no elements or controls. know more :  lanmanserver windows 7

Local Area Networks (LANs) are the small networks to which many business and home computer user initially connect. These networks enable such functions as file, drive, and printer sharing while also directing traffic to and from the Internet. Depending on the age and type of computer, network users may be connecting with one of several different types of LAN connectors, and may be subject to some interesting considerations. Function Regardless of the type of connector, LAN connectors serve the same general purpose: transferring data between the individual computer and the network to which it is connected. By passing data through the LAN connector, the computer is able to exchange information and share resources with other nearby computers as well as access information on machines located around the world (assuming the LAN has a gateway to the Internet). The protocol used by the LAN connector depends entirely on the type of network to which the computer is connected, though most mo

Both Windows XP and Windows 2000 support several authentication methods, including LAN Manager (LM), NT LAN Manager (NTLM), and NTLM version 2 (NTLMv2). LM stores passwords in a hashed format that's easy to crack. Starting with Win2K Service Pack 2 (SP2), Microsoft addressed this weakness by adding the ability to disable the storage of LM hashes. To disable LM hashes in Win2K, perform the following steps: Start the registry editor (regedit.exe) on the domain controller (DC). Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa. From the Edit menu, select New, Key. Enter a name of NoLMHash, set the value to 1, and press Enter. Close the registry editor. Restart the computer for the change to take effect. To disable LM hashes in XP, perform steps 1 and 2 above. At step 3, from the Edit menu, select New, DWORD value. Complete the process by performing steps 4 through 6 above. This change won't take effect until each user changes his or her password. In

Network Security Payoffs Network security has a number of benefits for defending your clients’ businesses against threats. Obviously the number one advantage is minimizing the level of risk for attacks, infections, and breaches. For most companies, reaching an acceptable level of security can be difficult, if not impossible, to achieve on their own, even for organizations that have their own IT staff and help desk. With the right network security tools, however, MSPs can offload the security yoke from organizations and protect their clients’ computer systems, networks, files, and data from attacks and breaches. Keeping files free from infection is particularly important in today’s collaborative workplace, where information is shared among co-workers inside a company as well as with partners, consultants, analysts, and others outside the company. Network security also keeps sensitive data, such as personal information and confidential business materials, away from unauthorized

Based on research gleaned from literally billions of login attempts to its Azure cloud service, Microsoft updates its password recommendations – and throws out several long-held industry best practices. Microsoft has recently published a white paper, “Microsoft Password Guidance” that explains their new password guidance, based on the massive amount of data they’re collecting at Azure AD login. (They see more than 10 million username / password attacks every day.) Some of it is what you might think…but some of it defies conventional password wisdom. The author (Robyn Hicock on the Microsoft Identity Protection Team with a long list of contributors from her fellow team members, Microsoft Research, and Microsoft IT) states that long-held password practices fall down in the face of modern credentials-oriented attacks. Further, some of these policies actually increase the ease with which passwords can be compromised and should thus be changed or abandoned all together. Microsoft re