802.1x and Security scanning

Similar Messages

• I opened the attachment on a malicious email in error on my IPad and have been informed by the genuine company that it will download malware software. Is this possible on my IPad or is there a way of running a security scan to see if it has been infected?

  I received an email that I now know to be malicious and inadvertently opened up the attachment on my IPad that I've been informed will download malware or a virus. Can my IPad be infected this way or does anyone know if there is a way of running a security scan to check if there is a problem? I do have the most up to date IOS software installed.

  There is no anti-malware for iOS, at least none that actually does anything useful. The odds of getting any malware infection via an email attachment on an iOS device is quite low - practically non-existent. Unless you are seeing any issues, there isn't much to do, other than deleting the email and being more cautious in the future.

• Potential Security Hole with 802.1x and Voice VLANs?

  I have been looking at 802.1x and Voice VLANs and I can see what I think is a bit of a security hole.
  If a user has no authentication details to gain access via 802.1x - i.e. they have not been given a User ID or the PC doesn't have a certificate etc. If they attach a PC to a switchport that is configured with a Voice VLAN (or disconnect an IP Phone and plug the PC direct into the switchport) they can easily see via packet sniffing the CDP packets that will contain the Voice VLAN ID. They can then easily create a Tagged Virtual NIC (via the NIC utilities or driver etc) with the Voice VLAN 802.1q Tag. Assuming DHCP is enabled for the Voice VLAN they will get assigned an IP address and have access to the IP network. I appreciate the VLAN can be locked down at the Layer-3 level with ACL's so any 'non-voice related' traffic is blocked but in this scenario the user has sucessfully bypassed 802.1x authentication and gain access to the network?
  Has anyone done any research into this potential security hole?
  Thanks
  Andy

  Thanks for the reply. To be honest we would normally deploy some or all of the measures you list but these don't around the issue of being able to easily bypass having to authenticate via 802.1x.
  As I said I think this is a hole but don't see any solutions at the moment except 802.1x on the IP Phone, although at the moment you can't do this with Voice VLANs?
  Andy

• Security Scan found Weak and Medium strength ciphers port 389&636

  After a recent security scan on one of our Apple Servers running 10.9.5 (Mavericks) it has reported weak and medium strength ciphers on port 389&636 and also that SSLv2 and SSLv3 is enabled. The Server is running Profile Manager and therefore also Open Directory although we are not really using Open Directory for authentication as we have AD within the organisation.
  My question is how can I modify Open Directory to only use HIGH ciphers and not MEDIUM or LOW? I have found the httpd-ssl.conf file but that is only listening on port 443. I have also found the slapd.conf but can't see where I would make the change.
  Any help would be greatly appreciated.
  Thanks

  So would you believe it I've managed to get it working. I wanted to see if Yosemite suffered from the same 'issues' that Mavericks does with SSLv2 & SSLv3 support. Also the weak ciphers bsing used. Well they scannex that server and found exactly the same 'issues' as before. So I started working on it this morning editing slapd.conf, slapd.conf.default, slapd_macosxserver.conf and apache-ssl.conf it might sound overkill but I thought what the ****. I added the following lines to all conf files:
  SSLProtocol ALL -SSLv2
  SSLCipherSuite HIGH:!SSLv2:!ADH:!aNULL:!eNULL:!NULL
  TLSCipherSuite HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3
  and and it worked. Passed the scan with flying colours however might need to mod SLLv3 to keep theM happy.
  I need to replicate this on a Mavericks Server so hope the jist is the same.
  thanks for the advice Linc.

• Why does Adobe Reader and Adobe Flash player keep installing McaFee Security Scan on my system?

  Whenever I install the Adobe Flash player or Adobe Reader on my system, it downloads and installs McAfee Security Scan Plus at the same time. It does not ask if I want it or not, it instead forces it on me, so I have to then unistall it. I've unistalled it 3 or 4 times in the last week. I DO NOT WANT MCAFEE PRODUCTS on my computer!
  Please make this an option, give the users a choice so we don't have to keep removing the stupid thing.

  Did you 'Uncheck" the relevant box pointed by the red arrow ? If not you accepted the installation with McAfee.

• What's listening on port 454 and 455 in Azure? Warning flagged by security scan

  We are about to go live with an Azure Website and, as a precaution, did a security scan on the IP address that has been allocated to us.
  There were a number of low severity warnings listed which we're not too worried about, however the scan did flag that something appears to be listening on port 454 and 455, and supports TLS1.0.
  RESULTS:
  Available non CBC cipher Server's choice SSL version
  RC4-SHA DES-CBC3-SHA TLSv1
  Does anyone know what this is? I can't find it obviously listed anywhere. If it's not necessary, can I switch it off? And if it is necessary, can I set it to require a more secure protocol?
  We're hosted in the "Australia East" datacentre, in case that's relevant.
  Crossposted to Stack Overflow here:
  http://stackoverflow.com/questions/27807505/whats-listening-on-port-454-and-455-in-azure-warning-flagged-by-security-scan

  Hello Michael,
  These ports are used for internal communication in Azure Websites infrastructure. They are not site specific and you cannot turn them off. It is safe to ignore them.
  Thanks,
  Petr

• Configuring Airptort Extreme for Optimum Speed and security 802.11n

  Hello,
  I am running a Airport Extreme 802.11n with a Macbook Pro Core 2Duo, I would like to configure the Airport Extreme to run in the fastest and most secure mode.
  Since I plan on only running .N devices I do not need backwards compatibility with other wireless device.
  What advanced settings can I make to the Airport in order to achieve the best wireless transfer rates and security (including firewall security)
  Thank you so much in advance!
  -Noah

  Thanks so much for the response.
  In terms of the firewall test I was running it from
  my Macbook Pro core duo 2 via Wireless 5ghz 802.11N
  Airport Extreme connection, I ran the firewall test
  from the grc.com Guards up firewall test (Test all
  ports) it showed that my system was not fully
  stealthed and responded to pings. I am trying to
  figure out how to best secure my network, I currently
  have WPA2 with 25character letters and numbers set on
  the router, as well as having my MacbookPro firewall
  set to on.
  Any suggestions for this setup?
  Thanks again!
  Get an even better 63-character WPA "strong" passcode (Maximum WPA Security is 63 characters/504 bits)). See these sites for generating one:
  http://www.yellowpipe.com/yis/tools/WPA_key/generator.php
  http://www.speedguide.net/wlan_key.php

• McAfee Security Scan Plus and Flash Player installer

  Hi.
  I went to update Flash Player earlier today by downloading the web installer from the website, but by mistake didn't uncheck the option to install McAfee Security Scan Plus with Flash. However, after comparing the two files that are downloaded when the option is/isn't unchecked, I noticed that the MD5/CRC hashes for both files are exactly the same. I opened the file, and noticed that the installer was downloading both Security Scan Plus and Flash. I canceled the installation which was fine, but I have several questions.
  How does the installer know if the user wants to install Security Scan if both files are the same?
  Is Security Scan installed as soon as the download is complete (as shown in the installer), or only after Flash finisheds downloading as well?
  Thanks.

  Bundling other software in the installer is a sign of a DYING company. Now I have to do more work and uninstall this stuff. Yeah, you got me. "Angry" is not strong enough. -Foffu.

• ACE connection limit and remote TCP security scans

  We are currently running remote TCP security scans on our networks and are running into a major problem where when the scans are taking place the ACE connection resource usage sky rockets and easily reaches the maximum 4 million connections.  This means that anyone can run a simple TCP scan and take down our ACE by maxing the connection limit.  We have the following parameter-map applied to all of our policies but it does not help to clear the connection count on the ACE in a reasonable amount of time.  parameter-map type connection CONNECTION_TIMEOUT   set timeout inactivity 300   set tcp timeout half-closed 60  I should note that we do have normalization turned off because it causes way more problems then it's worth (no resolution with TAC).  Does anyone have an tips on how to accommodate security scan's on networks behind the ACE while not saturating the connection count limit?

  For vips, this particular context only has one class C applied to a class-map.  Not all IP's are in use but regardless the ACE creates connections for those as well.  I've set the timeout inactivity to 120 seconds and I still see connections from the remote scanning host idling well over 45mins for connections destined to the vip's.  Is turning on normalization my only option?  I know there are others who have turned off normalization due to performance and connectivity issues so there must be other ways around this.  Thanks for your help.

• When I downloaded Firefox for windows, the security scan wouldnt allow it. I operate on windows 7 and was downloading mozzila firefox8

  When I downloaded Firefox for windows, the security scan wouldnt allow it. I operate on windows 7 and was downloading mozzila firefox8

  Hi annarepublic78,
  As per the above mentioned error, your Win CS6 download was not complete, either it was in process or was interrupted. This is the only reason you see the MasterCollection_CS6_LS16.7z.crdownload. Here .crdownload means the download is in process.
  Please try to download it again on the Desktop and please make sure that the download completes successfully(without the .crdownload extension).
  Regards,
  Romit SInha

• TS3212 i am trying to download itunes and it shows it downloads until it gets to 99% and then it says it is running a security scan and then says it couldnt be downloaded?

  I am trying to donload itunes to my computer and it shows it downloads and then it says running security scan and it says it cannot be downloaded....

  Hi there krashman,
  I would recommend taking a look at the troubleshooting steps found in the article below.
  Trouble installing iTunes or QuickTime for Windows
  http://support.apple.com/kb/HT1926
  -Griff W.

• Nokia N9 can not connect with 802.1x WLAN security

  Hi,
  Can anybody please help me how to connect with 802.1x WLAN security network. All of other symbian devices N8, E7 can connect with it. I have the N9 latest phone from Nokia and it dont even support 802.1x in WLAN security options. I have searched through a lot of forums and this topic isn't even anywhere. Please help

  1st of all 802.1X is not even listed in Security method for of WLAN settings in Nokia N9 PR1.1. However same is listed in Symbian^3 for Nokia N8 and E7. 2ndly same settings works on N8 and E7 but not on N9. N9 showing me "something's wrong with network connection". In the syslog, i am getting these error msges.
  Feb 7 12:46:29 (2012) icd2 0.201.2+0m6[1271]: WLAN: Asked data for ssid "mobily" but got 5 results but no req ssid, ignoring all results (up=0x1249c)
  Feb 7 12:46:30 (2012) EAP[2691]: EAP 2.1.50+0m6 quitting.
  Feb 7 12:46:30 (2012) kernel: [ 465.324401] wl1271: down
  Feb 7 12:46:31 (2012) icd2 0.201.2+0m6[1271]: Removing active IAP 0x367b8/(nil)/(nil)/(nil)
  Feb 7 12:46:38 (2012) wlancond[1037]: Scan command failed: -100
  I am adding snapshots of Nokia E7 & N9 for comarison of settings
  Attachments:
  E7 1.jpg ‏40 KB
  E7 2.jpg ‏31 KB
  E7 3.jpg ‏50 KB

• Have been advised by my email provider (recently blocked account requiring password reset) that they will only reset the password after a proven anti viru and malware scan has been done on ipad and iphone. Is this necessary and if so what do i use

  Have been advised by my email provider (recently blocked account requiring password reset) that they will only reset the password after a proven anti virus and malware scan has been done on ipad and iphone. Is this necessary and if so what do i use

  As KP has pointed out, there actually aren't any anti-virus programs in the App Store. There are a few that allow you to scan e-mail or stuff like that, and a few that provide you with information about malware and new threats for other systems. But none are available that can scan your iOS device for malware, because the security restrictions in iOS do not permit any apps to have that kind of access to anything. Which means that you also cannot be infected with a virus (unless you have jailbroken your device).
  If your account got compromised, that had nothing whatsoever to do with your iPad. Someone simply hacked it remotely. Happens all the time. It's really amazing that, in this day and age, e-mail providers are so ignorant of technology and how their own systems get compromised that they would try to require you to run software that does not exist!

• Cisco Systems vs "CSIRO" 802.11a and 802.11g infringed upon the '069 patent

  Hi,
  any news about Cisco Systems and the "CSIRO" 802.11a and 802.11g infringed upon the '069 patent ?
  http://www.buffalotech.com/products/wireless/
  Dear Customer
  As you may be aware, Commonwealth Scientific and Industrial Research Organisation ("CSIRO") sued Buffalo, Inc. and Buffalo Technology (USA), Inc. ("Buffalo"), for alleged infringement of United States Patent No. 5,487,069 ("the '069 patent"). Subsequently, CSIRO also asserted its patent against the entire wireless LAN industry, including, Microsoft, Intel, Accton, SMC and Netgear.
  In it's lawsuit against Buffalo, CSIRO claimed certain Buffalo wireless networking products compliant with IEEE standards 802.11a and 802.11g infringed upon the '069 patent. Buffalo believed at that time and continues to believe that there are no grounds for CSIRO's allegations of infringement. The United States district court, however, found Buffalo to infringe the '069 patent and enjoined the importation and sale of Buffalo's IEEE 802.11a and 802.11g compliant products.
  CSIRO's lawsuits are against the entire wireless LAN industry and could affect the supply of wireless LAN products by any manufacturer, not just Buffalo. The entire industry is resisting CSIRO's attempts to enjoin the sale of wireless LAN products. Recently, Microsoft, 3COM Corporation, SMC Networks, Accton Technology Corporation, Intel, Atheros Communications, Belkin International, Dell, Hewlett-Packard, Nortel Networks, Nvidia Corporation, Oracle Corporation, SAP AG, Yahoo, Nokia, and the Consumer Electronics Association filed briefs in support of Buffalo's position that injunctive relief is inappropriate in this case.
  During the period of time that the injunction is in effect (10/1/2007), Buffalo cannot offer for sale, sell, import, or use its IEEE 802.11a and 802.11g compliant products in the United States. A list of the products covered by the injunction is attached here . The injunction does not prohibit sales of pre-existing inventories of products by Buffalo's customers. In addition, Buffalo has secured CSIRO's agreement to permit the replacement of defective products under warranty. None of Buffalo's other products are currently affected by this injunction.
  While Buffalo believes that it will be successful in reversing the district court's decision and will obtain a stay of the injunction pending a decision on the merits, the Court of Appeals has not yet issued a decision. Should the Court of Appeals issue a decision staying the injunction, you will be promptly notified. After the stay is issued or a favorable decision on the merits is obtained, Buffalo will be able to resume the supply of IEEE 802.11a and 802.11g products
  Please rest assured that Buffalo continues to stand behind their products and will continue to support all of our loyal customers as it relates to product warranties, technical support and the like without interruption.

  I suspect after reading the patent and the litigation that you mentioned above, that the US District Court decision will be reversed as the patent appears to be very vague in its contsruction and verbage. Furthermore, the intent to hold the IEEE hostage on the ratification of 802.11n will not bode well in the court's eyes. If in fact the case is reversed, I believe that the members of CSIRO will be in danger of lost profits litigation from Buffalo. Stay tuned to this bat channel.

• Flashing "Running Security Scan..."

  On Windows 7, 64-bit, MS Office 2010; when I try to launch an online software that integrates a fillable-form into my Adobe Acrobat 9 Standard, at the bottom of my IE9 screen, flashing nearly 2 times per second, I see messages that say:  "Running Security Scan...".  I have to quite IE and force Adobe Acrobat to quit to stop it.  How can I fix this so that I can properly run the software?  (It works okay on my old slow XP, 32-bit coomputer, Office 2007, but the manufactureres say it is not an Office 2010 problem, nor Windows 7, 64-bit).  Also, this happens whether or not my Trend Micro Anti-virus software is running.

  That's something local on your computer or browser; not the Adobe download site.
  Try from http://get.adobe.com/reader/enterprise/