Network Security for a department

Similar Messages

• Network Security for amateurs

  Hey!
  I've had my Macbook for about a year and a half and I've just started learning more about network security. I realized the other day that my IP doesn't match the one given back to me by websites; as I understand it, this might mean that my network security has been compromised.
  I don't know yet what exactly is causing that, but I want to make sure no one can get into my system. I can't turn on FireVault because I don't have enough space on my hardrive. Do encryption softwares protect against proxies and ARP poisoning? Should I go through the effort of setting up static IPs?
  I know this is very general and probably quite simple, but I want to make sure I'm going in a good direction before I take the time to set up Ettercap. My apartment is set up with Roger's wireless and uses a WEP password. Any ideas?
  Message was edited by: Chessire

  I realized the other day that my IP doesn't match the one given back to me by websites; as I understand it, this might mean that my network security has been compromised.
  Your understanding is wrong
  There's nothing wrong or unusual with having a machine address different from your public address that other sites see. It typically means is that you're running in a NAT (Network Address Translation) environment which is generally a GOOD thing.
  NAT uses a series of private IP addresses (such as 192.168.x.x or 10.x.x.x) that exist only on your LAN. Your router translates that address to a separate public IP address provided by your ISP.
  In this setup, by default, no external user can get to your machine at all since the private address can't be routed over the internet. The only way someone can get to your machine is if you configure your router to permit specific traffic into your network (e.g. if you were running a web server in your LAN you could configure the router to permit incoming web traffic).
  So don't stress over your machine having one address while other sites see a different one.
  Do encryption softwares protect against proxies and ARP poisoning?
  No. I'm not sure what you think there is about 'proxies' that you need to protect against. They serve a useful purpose in certain network configurations. Even if you use one it's unlikely to be a valid attack vector against your machine.
  Should I go through the effort of setting up static IPs?
  Set up static IPs where? If you mean on your LAN it makes no difference since no one can get to your machine anyway. If you're talking about your public IP you'd need to involve your ISP.
  Either way, having a static vs. dynamic IP address doesn't necessarily improve your security.
  My apartment is set up with Roger's wireless and uses a WEP password
  Well, for one, switch to WPA. WEP has been proven to be insecure, with an average hacker being able to compromise the wireless network password within a few minutes.

• Network security for EP server

  Hi,
  If i have a portal server which talks to SAPR3 systems how should the network security be achieved, if the portal has to open to internet?
  where all will the firewall come into picture? How many DMZs to be there? Is there any SAP recommendation document on this...any info would be of great help
  regards,
  Sujesh

  Hi Sujesh,
  Normally SAP recommend (on their courses) that you have a reverse proxy in the DMZ, then a firewall, then portal, then a firewall, then backend SAP etc.
  However, it also depends on what you already have network architecture wise.
  Paul

• Add security for ITS Integrated

  I'm using the SAP ITS Integrated in the SAP ECC 50, them ITS and SAP ECC are into the same server.
  My user's can access the application from internet.
  --- Server: ECC + ITS -
  > Internet by ITS ---
  What I can do for add security in this scenario

  Hi,
  Service Market Place, SDN and SAP Help Portal contains many security related documents about the Web Application Server. Here just the most important ones:
  SAP Infrastructure Security
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/1095de90-0201-0010-90ae-adbdcd2d569f
  SAP Web Application Server Security Guide
  http://help.sap.com/saphelp_erp2004/helpdata/en/3e/cdad0dedc411d3a6510000e835363f/frameset.htm
  Service Marketplace Security Page
  http://service.sap.com/security
  Strong Infrastructure and Network Security for Heterogeneous Applications
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/9a71c790-0201-0010-1989-ba8660c08c91
  Best regards,
  Klaus

• HT4145 I'm trying to hook up a desk top and it's asking me for network security code i have a apple router

  I called the help desk from the phone company they sent me to my router owner which is an apple its asking me for network security code where do ii find this

  If you still have the box and instruction manual for your Apple router then pull it out.  Find the part of the manual that tells you how to do a factory reset of the router and follow the instructions to do so.  Once it restarts, then start at the beginning of the manual and follow the instructions carefully.  They will tell you how to install AirPort utility on your computer, and then how to connect to and configure the settings on the router.
  When setting up your router's wireless settings, make sure to choose a network name with no spaces (e.g. "MyRouter"), choose "WPA2 Personal" security, and then type in a strong passphrase (twice).  Make your passphrase at least 10 characters and reasonably complex (e.g. "MyR0uter!sVery5ecure").
  Once you have made the settings, and saved them (per the manual), then you should see your new network name show up as an available network from your computer.  Select the network, type in the wireless passphrase, and it should connect.

• I want to set up security for my linksys network.  I foll...

  I want to set up security for my linksys network.  I followed the directions outlined on the linksys web site.  I get through the process, create a password (key) and I save the settings.   When I try to log on from my laptop, I am asked for a password, however when I type the password in, the statement says "invalid number of caracters.  How do I get the password process to work so that I am able to secure my network.  Also, without security, can someone break into my laptop and corrupt my files.

  With WEP, you must enter WEP "key 1"  (found in the router)  into your computer, not the WEP password or passphase.
  However, you should be using WPA2, or at least WPA, and a strong password.
  If you use an unsecured wireless router, anyone within range can login and use your Internet connection. At a minumum, this means that they will be using your bandwidth. At worst, they could be uploading copyrighted music, sending spam email, distributing viruses, or downloading child pornography --- all from an account with your name on it!   Additionally, once someone is on your wireless network, they are in a very convenient spot to start attacking your computer.  They  have immediate access to all your shared files, and they could corrupt, steal, or delete them.  With some work, they could likely get to your other files also.  So my advice is --- secure your wireless network.
  To set up wireless security, you must use a computer that is wired to the router.
  Where to find the router settings: The router's login password is usually on one of the "Administration" pages. The other settings are all found in the "Wireless" section of the router's setup pages, located at 192.168.1.1
  First, give your router a unique SSID. Don't use "linksys".
  Make sure "SSID Broadcast" is set to "enabled".
  Next, leave the router at its default settings (except for the unique SSID), and then use your pc to connect wirelessly to the router. Test your wireless Internet connection and make sure it is working correctly. You must have a properly working wireless connection before setting up wireless security.
  To implement wireless security, you need to do one step at a time, then verify that you can still connect your wireless computer to the router.
  Next, encrypt your wireless system using the highest level of encryption that all of your wireless devices will support. Common encryption methods are:
  WEP - poor (see note below)
  WPA (sometimes called PSK, or WPA with TKIP) - good
  WPA2 (sometimes called PSK2, or WPA with AES) - best
  WPA and WPA2 sometimes come in versions of "personal" and "enterprise". Most home users should use "personal". Also, if you have a choice between AES and TKIP, and your wireless equipment is capable of both, choose AES. With any encryption method, you will need to supply a key (sometimes called a "password" ).
  The wireless devices (computers, printers, etc.) that you have will need to be set up with the SSID, encryption method, and key that matches what you entered in the router.
  Retest your system and verify that your wireless Internet connection is still working correctly.
  And don't forget to give your router a new login password.
  Picking Passwords (keys): You should never use a dictionary word as a password. If you use a dictionary word as a password, even WPA2 can be cracked in a few minutes. When you pick your login password and encryption key (or password or passphrase) you should use a random combination of capital letters, small letters, and numbers, but no spaces. A login password, should be 12 characters or more. WPA and WPA2 passwords should be at least 24 characters. Note: Your key, password, or passphrase must not have any spaces in it.
  Most home users should have their routers set so that "remote management" of the router is disabled. If you must have this option enabled, then your login password must be increased to a minumum of 24 random characters.
  One additional issue is that Windows XP requires a patch to run WPA2. Go to Microsoft Knowledge base, article ID=917021 and it will direct you to the patch.
  Sadly, the patch is not part of the automatic Windows XP updates, so lots of people are missing the patch.
  Note:
  WEP is no longer recommended. The FBI has demonstrated that WEP can be cracked in just a few minutes using software tools that are readily available over the Internet. Even a long random character password will not protect you with WEP. You should be using WPA or preferably WPA2 encryption.

• Which network security to I choose for my new IPhone 5.  I have cable internet with airport router.

  Which network security do i choose for my new IPhone 5 If I have cable internet and an airport wireless router?

  You should choose WPA2 Personal (AES).
  See this Apple doc for more info -> iOS: Recommended settings for Wi-Fi routers and access points

• Network security: Configure encryption types allowed for Kerberos-Windows 2008

  If below setting has been enabled in domain policy on Windows 2008 R2 DC ; what is the effect on Windows 2008 Member server . that seeting is not present in Windows 2008.
  Network security: Configure encryption types allowed for Kerberos:
  Please advice & if possible please provide more info.
  AliahMurfy

  Hi,
  I found some related information is some type of the encrypt not supported on the server 2008, such as AES128_HMAC_SHA1.
  More detail information please refer the following KB:
  Network security: Configure encryption types allowed for Kerberos
  http://technet.microsoft.com/en-us/library/jj852180(v=ws.10).aspx
  Hope this helps.
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• I am trying to find the network security key for my airport extreme router

  I am trying to find the network security key for my airport extreme so I can hook up my pc lap top.

  I am afraid that the "key" will be of no use to you (it is 64 characters long).....but I hope I am wrong.
  Since you indicate that you are using an iPad, I assume that you are also using AirPort Utility on the iPad.
  On the iPad home screen, tap AirPort Utility
  Tap on the AirPort Extreme
  Tap on Edit
  Tap on Advanced
  Tap on Show Passwords
  Tap on Main Network and "key" will be revealed

• Network, security, ftp... How to approach writing file to network from LV?

  Sorry, but I don't know if this is more a LabVIEW question or a networking or ftp quesiton - how do I approach this need?
  We have a machine programmed in LabVIEW and we need it to write a text file of process run data to a folder on our network. I thought we were going to be able to see the folder as mapped to a drive on the PC that is running LV. That is, I thought we'd be able to have LV create a file called Q:\Data\ThursdayAM.txt and write into it.
  But the IT folks are telling me we can't do this because of security issues, something about what account the LV computer is running under. They have set something up so that Internet Explorer (not Windows Explorer) can navigate to the folder (with dialog boxes that ask for username and password), and they think they may be able to set up something using ftp. So, while a person standing there at the PC would be able to gain access to the folder, it wouldn't feel like accessing a disk drive feels.
  How can LabVIEW programmatically write a file under such circumstances? LV can't interact with Internet Explorer like a user, and type passwords into a dialog, can it? I see things in the help system about ftp but am not experienced with it and don't know whether to start down that path; for one thing I haven't found anything about authenticating to a network under program control with ftp.
  If there is a LabVIEW-centric approach to things like this, please point me in the right direction! Or, if this is really more a question about networking and security, please give me some tips about what to ask the IT group, as I'm not very up on networking.
  Thanks!!

  Thanks, all.
  As far as things like browser controls on the Front Panel, I think that would be solving the wrong problem. I don't want users of the machine to be able to browse folders or in any other way feel like they are using Internet Explorer. From my user's point of view, the machine will say "Your data are now available at Q:\Data\ThursdayTest.txt", and they will leave, and return to their own desktop machine, and will go grab the file and use it with whatever tools they would use to grab and read any text file on the fileserver. I think I want to programmatically get the file written to the correct folder, and am trying to understand how to do that, but the way I do it will never be visible to users. So, maybe there is something to do here, but not exactly browser controls.
  I will find out if I have the toolkits mentioned - thanks for pointing me at that.
  What they have me do with Internet Explorer to gain access to network folders is as follows: I'm already logged into the PC as a Windows user with a general purpose Guest account, and no password, and from the point of view of our network without any security credentials. I start Internet Explorer, and type an IP address 123.123.123.123 into the address bar. I get a dialog asking me for my username and password, and I enter the username and password that I would use for my desktop w/ network access or any of the other PCs on which I am already configured as a user. Now Internet Explorer shows folders for the different network locations that the network thinks I personally have rights to, and I can read, write, copy, paste, open and so forth. When I quit Internet Explorer this PC goes back to looking to me like a PC without any network features.
  The purpose of network access for this system has also been a bit confusing, but there are two main points. The big and, perhaps, only necessary thing is that my LV program can write files to a network folder, however it is that this works. It's one of the goals of this entire project to start giving users the ability to get their data without burning CDs or other sneakernet methods. As a secondary point, while I am programming and otherwise maintaining this system, I am backing up my VIs to the network, and passing things like manual docs from web sites in to the system computer for reference (its subnet does not allow internet access so I'm using my desktop machine to grab manuals and put them in the network folder), and miscellaneous other things like that. I'll probably copy this conversation into a text file when I think I have something to try, as another example. But these things are secondary conveniences - the only thing that is strictly necessary is the ability of my LV program to push data files into a network folder.

• Network Security Requirement : Confidential - Not Enforced

  I am having a perplexing problem with the network security requirement feature in SJSAS 8 Update 1.
  In deploytool, under my WAR, in the security tab, for my only SecurityConstraint, I set the Network Security Requirement to CONFIDENTIAL. This should cause any access to thse objects over port 80 to be redirected to https via for 443.
  The failure is that it does not redirect clients accessing over port 80 to a secure connection. The tricky part is that it fails in a completely random way. Sometimes for some WARs it will work as expected, then after X number of server restarts / redeployments, some of the same WARs will not do the redirect as expected. Through continuous redeploys and restarts during development, all WARs will or will not do the redirect in any given situation.
  Has anyone else experienced this problem and worked around it? Any help is greatly appreciated! Thanks in advance!
  mod_critical

  The following is the deployment descriptor for one of the WARs (this problem affects them all, on multiple different machines with different setups).
  The following is from the Security Contraint:
  <security-constraint> <display-name>SecurityConstraint</display-name> <web-resource-collection> <web-resource-name>WRCollection</web-resource-name> <url-pattern>/participant/*</url-pattern> <url-pattern>/assetmodel/*</url-pattern> <url-pattern>/*</url-pattern> <http-method>POST</http-method> <http-method>GET</http-method> </web-resource-collection> <auth-constraint> <role-name>asadmin</role-name> <role-name>cvbdataentry</role-name> <role-name>cvbadmin</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>
  The rest is as follows:
  <?xml version='1.0' encoding='UTF-8'?> <web-app xmlns="http://java.sun.com/xml/ns/j2ee" version="2.4" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" > <display-name>CVBadmin</display-name> <servlet> <display-name>assetmodel/OpenRecord</display-name> <servlet-name>assetmodel/OpenRecord</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.OpenRecord</servlet-class> </servlet> <servlet> <display-name>participant/personell/account/Lookup</display-name> <servlet-name>participant/personell/account/Lookup</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.account.Lookup</servlet-class> </servlet> <servlet> <display-name>participant/personell/account/record</display-name> <servlet-name>participant/personell/account/record</servlet-name> <jsp-file>/participant/personell/account/record.jsp</jsp-file> </servlet> <servlet> <display-name>assetmodel/line/Remove</display-name> <servlet-name>assetmodel/line/Remove</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.line.Remove</servlet-class> </servlet> <servlet> <display-name>participant/location/record</display-name> <servlet-name>participant/location/record</servlet-name> <jsp-file>/participant/location/record.jsp</jsp-file> </servlet> <servlet> <display-name>assetmodel/Save</display-name> <servlet-name>assetmodel/Save</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.Save</servlet-class> </servlet> <servlet> <display-name>syncError</display-name> <servlet-name>syncError</servlet-name> <jsp-file>/syncError.jsp</jsp-file> </servlet> <servlet> <display-name>participant/Search</display-name> <servlet-name>participant/Search</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.Search</servlet-class> </servlet> <servlet> <display-name>participant/location/List</display-name> <servlet-name>participant/location/List</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.location.List</servlet-class> </servlet> <servlet> <display-name>participant/personell/account/Create</display-name> <servlet-name>participant/personell/account/Create</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.account.Create</servlet-class> </servlet> <servlet> <display-name>participant/personell/listresults</display-name> <servlet-name>participant/personell/listresults</servlet-name> <jsp-file>/participant/personell/listresults.jsp</jsp-file> </servlet> <servlet> <display-name>participant/record</display-name> <servlet-name>participant/record</servlet-name> <jsp-file>/participant/record.jsp</jsp-file> </servlet> <servlet> <display-name>participant/personell/account/Passwd</display-name> <servlet-name>participant/personell/account/Passwd</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.account.Passwd</servlet-class> </servlet> <servlet> <display-name>participant/location/Create</display-name> <servlet-name>participant/location/Create</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.location.Create</servlet-class> </servlet> <servlet> <display-name>Logout</display-name> <servlet-name>Logout</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.Logout</servlet-class> </servlet> <servlet> <display-name>participant/location/Remove</display-name> <servlet-name>participant/location/Remove</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.location.Remove</servlet-class> </servlet> <servlet> <display-name>participant/Save</display-name> <servlet-name>participant/Save</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.Save</servlet-class> </servlet> <servlet> <display-name>assetmodel/listresults</display-name> <servlet-name>assetmodel/listresults</servlet-name> <jsp-file>/assetmodel/listresults.jsp</jsp-file> </servlet> <servlet> <display-name>assetmodel/line/record</display-name> <servlet-name>assetmodel/line/record</servlet-name> <jsp-file>/assetmodel/line/record.jsp</jsp-file> </servlet> <servlet> <display-name>assetmodel/line/List</display-name> <servlet-name>assetmodel/line/List</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.line.List</servlet-class> </servlet> <servlet> <display-name>participant/personell/Save</display-name> <servlet-name>participant/personell/Save</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.Save</servlet-class> </servlet> <servlet> <display-name>assetmodel/line/Create</display-name> <servlet-name>assetmodel/line/Create</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.line.Create</servlet-class> </servlet> <servlet> <display-name>participant/personell/List</display-name> <servlet-name>participant/personell/List</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.List</servlet-class> </servlet> <servlet> <display-name>assetmodel/Create</display-name> <servlet-name>assetmodel/Create</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.Create</servlet-class> </servlet> <servlet> <display-name>participant/Remove</display-name> <servlet-name>participant/Remove</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.Remove</servlet-class> </servlet> <servlet> <display-name>participant/Create</display-name> <servlet-name>participant/Create</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.Create</servlet-class> </servlet> <servlet> <display-name>assetmodel/line/listresults</display-name> <servlet-name>assetmodel/line/listresults</servlet-name> <jsp-file>/assetmodel/line/listresults.jsp</jsp-file> </servlet> <servlet> <display-name>participant/personell/Remove</display-name> <servlet-name>participant/personell/Remove</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.Remove</servlet-class> </servlet> <servlet> <display-name>assetmodel/List</display-name> <servlet-name>assetmodel/List</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.List</servlet-class> </servlet> <servlet> <display-name>assetmodel/record</display-name> <servlet-name>assetmodel/record</servlet-name> <jsp-file>/assetmodel/record.jsp</jsp-file> </servlet> <servlet> <display-name>participant/searchresults</display-name> <servlet-name>participant/searchresults</servlet-name> <jsp-file>/participant/searchresults.jsp</jsp-file> </servlet> <servlet> <display-name>menu</display-name> <servlet-name>menu</servlet-name> <jsp-file>/menu.jsp</jsp-file> </servlet> <servlet> <display-name>assetmodel/line/OpenRecord</display-name> <servlet-name>assetmodel/line/OpenRecord</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.line.OpenRecord</servlet-class> </servlet> <servlet> <display-name>participant/location/listresults</display-name> <servlet-name>participant/location/listresults</servlet-name> <jsp-file>/participant/location/listresults.jsp</jsp-file> </servlet> <servlet> <display-name>exception</display-name> <servlet-name>exception</servlet-name> <jsp-file>/exception.jsp</jsp-file> </servlet> <servlet> <display-name>participant/OpenRecord</display-name> <servlet-name>participant/OpenRecord</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.OpenRecord</servlet-class> </servlet> <servlet> <display-name>participant/location/Save</display-name> <servlet-name>participant/location/Save</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.location.Save</servlet-class> </servlet> <servlet> <display-name>participant/personell/OpenRecord</display-name> <servlet-name>participant/personell/OpenRecord</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.OpenRecord</servlet-class> </servlet> <servlet> <display-name>participant/personell/Create</display-name> <servlet-name>participant/personell/Create</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.Create</servlet-class> </servlet> <servlet> <display-name>participant/personell/account/Remove</display-name> <servlet-name>participant/personell/account/Remove</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.account.Remove</servlet-class> </servlet> <servlet> <display-name>participant/personell/record</display-name> <servlet-name>participant/personell/record</servlet-name> <jsp-file>/participant/personell/record.jsp</jsp-file> </servlet> <servlet> <display-name>assetmodel/Remove</display-name> <servlet-name>assetmodel/Remove</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.Remove</servlet-class> </servlet> <servlet> <display-name>assetmodel/PreRecord</display-name> <servlet-name>assetmodel/PreRecord</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.PreRecord</servlet-class> </servlet> <servlet> <display-name>assetmodel/line/Save</display-name> <servlet-name>assetmodel/line/Save</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.line.Save</servlet-class> </servlet> <servlet> <display-name>participant/location/OpenRecord</display-name> <servlet-name>participant/location/OpenRecord</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.location.OpenRecord</servlet-class> </servlet> <servlet-mapping> <servlet-name>assetmodel/OpenRecord</servlet-name> <url-pattern>/assetmodel/openrecord</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/account/Lookup</servlet-name> <url-pattern>/participant/personell/account/lookup</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/account/record</servlet-name> <url-pattern>/participant/personell/account/record</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/line/Remove</servlet-name> <url-pattern>/assetmodel/line/remove</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/location/record</servlet-name> <url-pattern>/participant/location/record</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/Save</servlet-name> <url-pattern>/assetmodel/save</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>syncError</servlet-name> <url-pattern>/syncError</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/Search</servlet-name> <url-pattern>/participant/search</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/location/List</servlet-name> <url-pattern>/participant/location/list</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/account/Create</servlet-name> <url-pattern>/participant/personell/account/create</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/listresults</servlet-name> <url-pattern>/participant/personell/listresults</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/record</servlet-name> <url-pattern>/participant/record</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/account/Passwd</servlet-name> <url-pattern>/participant/personell/account/passwd</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/location/Create</servlet-name> <url-pattern>/participant/location/create</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>Logout</servlet-name> <url-pattern>/logout</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/location/Remove</servlet-name> <url-pattern>/participant/location/remove</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/Save</servlet-name> <url-pattern>/participant/save</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/listresults</servlet-name> <url-pattern>/assetmodel/listresults</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/line/record</servlet-name> <url-pattern>/assetmodel/line/record</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/line/List</servlet-name> <url-pattern>/assetmodel/line/list</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/Save</servlet-name> <url-pattern>/participant/personell/save</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/line/Create</servlet-name> <url-pattern>/assetmodel/line/create</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/List</servlet-name> <url-pattern>/participant/personell/list</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/Create</servlet-name> <url-pattern>/assetmodel/create</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/Remove</servlet-name> <url-pattern>/participant/remove</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/Create</servlet-name> <url-pattern>/participant/create</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/line/listresults</servlet-name> <url-pattern>/assetmodel/line/listresults</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/Remove</servlet-name> <url-pattern>/participant/personell/remove</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/List</servlet-name> <url-pattern>/assetmodel/list</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/record</servlet-name> <url-pattern>/assetmodel/record</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/searchresults</servlet-name> <url-pattern>/participant/searchresults</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>menu</servlet-name> <url-pattern>/menu</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/line/OpenRecord</servlet-name> <url-pattern>/assetmodel/line/openrecord</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/location/listresults</servlet-name> <url-pattern>/participant/location/listresults</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>exception</servlet-name> <url-pattern>/exception</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/OpenRecord</servlet-name> <url-pattern>/participant/openrecord</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/location/Save</servlet-name> <url-pattern>/participant/location/save</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/OpenRecord</servlet-name> <url-pattern>/participant/personell/openrecord</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/Create</servlet-name> <url-pattern>/participant/personell/create</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/account/Remove</servlet-name> <url-pattern>/participant/personell/account/remove</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/record</servlet-name> <url-pattern>/participant/personell/record</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/Remove</servlet-name> <url-pattern>/assetmodel/remove</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/PreRecord</servlet-name> <url-pattern>/assetmodel/prerecord</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/line/Save</servlet-name> <url-pattern>/assetmodel/line/save</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/location/OpenRecord</servlet-name> <url-pattern>/participant/location/openrecord</url-pattern> </servlet-mapping> <session-config> <session-timeout>60</session-timeout> </session-config> <error-page> <error-code>500</error-code> <location>/exception.jsp</location> </error-page> <security-constraint> <display-name>SecurityConstraint</display-name> <web-resource-collection> <web-resource-name>WRCollection</web-resource-name> <url-pattern>/participant/*</url-pattern> <url-pattern>/assetmodel/*</url-pattern> <url-pattern>/*</url-pattern> <http-method>POST</http-method> <http-method>GET</http-method> </web-resource-collection> <auth-constraint> <role-name>asadmin</role-name> <role-name>cvbdataentry</role-name> <role-name>cvbadmin</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <realm-name>ldap</realm-name> <form-login-config> <form-login-page>/login.jsp</form-login-page> <form-error-page>/loginFail.jsp</form-error-page> </form-login-config> </login-config> <security-role> <role-name>asadmin</role-name> </security-role> <security-role> <role-name>cvbdataentry</role-name> </security-role> <security-role> <role-name>cvbadmin</role-name> </security-role> <security-role> <role-name>customer</role-name> </security-role> <security-role> <role-name>accountant</role-name> </security-role> <security-role> <role-name>participant</role-name> </security-role> <ejb-local-ref> <ejb-ref-name>ejb/DataAccessBean</ejb-ref-name> <ejb-ref-type>Session</ejb-ref-type> <local-home>com.deerteck.cvb.ejb.session.DataAccessLocalHome</local-home> <local>com.deerteck.cvb.ejb.session.DataAccessLocalObject</local> <ejb-link>ejb-jar-ic1.jar#DataAccessBean</ejb-link> </ejb-local-ref> <ejb-local-ref> <ejb-ref-name>ejb/LDAPBean</ejb-ref-name> <ejb-ref-type>Session</ejb-ref-type> <local-home>com.deerteck.cvb.ejb.session.LDAPLocalHome</local-home> <local>com.deerteck.cvb.ejb.session.LDAPLocalObject</local> <ejb-link>ejb-jar-ic1.jar#LDAPBean</ejb-link> </ejb-local-ref> </web-app>

• Network security:LAN manager authentication level setting on GPO

  Hi,
  We have a requirement from project team to change the one of the security setting on default domain policy for all computers in domain. Below are the security setting which we need to modify.
  computer configuration-->windows settings-->security settings-->local policies-->security options-->
  Network security: LAN manager authentication level 
  this setting need to be changed to - Send LM & NTLM - use NTLMv2 session security if negotiated.
  The project team facing issue with Apache web server and they found the solution on below link.(we have tested this  by changing local group policy and this solution works as expected)
  https://www.sysaid.com/Sysforums/posts/list/9065.page 
  We need to know what is the impact after enabling this on domain computers.
  Need help on this to go-head on this.

  Hi,
  you have a weaker domain security overall. "
  LM Hash Generation 
  The algorithm introduces several weaknesses that attackers can exploit. First, all lowercase characters are set to uppercase, reducing the number of possible characters. Second, it splits a long, strong, password into two seven-character chunks.
  Both the LM and NTLM protocols operate essentially the same way; the only difference is the password hash.
  REF: The Most Misunderstood Windows Security Setting of All Time
  This post is provided AS IS with no warranties or guarantees, and confers no rights.
  ~~~
  Questo post non fornisce garanzie e non conferisce diritti

• How to Make Wirless Network SECURE

  I am running my desktop hard line to a comcast modem which runs XP Pro. My Laptop which is running Vista is set up wireless via the WRT54GS Linksys Router.
  The wireless network is running great but it is identified as UNSECURED!
  After three 30 minute waits last night, 2 disconnects when I was not understanding them ( not a computer whiz but I do ok) and 1 live chat tech that copy and pasted the directions on how to set it up but not how to make it secure and then a quick disconnect    .
  Can anyone tell me exactly HOW TO MAKE THIS NETWORK SECURED and WHAT computer shall I use to perform this?
  Thank you for any help you can give me,
  SWAT
  JohnDoe sorry for violating any rules.
  (Edited post for guideline compliance. Thanks!)
  Message Edited by JOHNDOE_06 on 08-27-2007 11:04 AM
  Message Edited by SWAT on 08-27-2007 11:13 AM

  SWAT wrote:
  Sbatch...you click on the pull down window to the settings.....I click on WPA then I input the code I wanted (only room for 1 code) then scroll all the way down to click on save settings.
  That method does not secure my laptop wireless settings?
  **No, that secures your router's wireless settings.
  or
  Is this the only method to secure the network?
  With some investigation I can find have found the following:
  If I right click on my Network Icon in my tool bar and then click Connect to Network and then right click on the Network and right click Properties I get a box with the following:
  Tab for connection and a tab for security with pull down bars which can be changed...
  1) Security Types -No Authentication (open), shared, wpa2 personal, wpa personal, wpa2 enterprise, wpa enterprise and 802.1x
  2) Encryption Types -WEP
  Current settings on my laptop Linksys wireless network security is
  Security Type- OPEN
  Encryption- NONE
  sBatch when I perform the WPA on my desktop my laptop must be off or not on the network correct?
  Doesn't matter, once you change the security settings onthe router, you will be prompted for the settings to reconnect to it.
  Has anyone found the LinkSys hyperlink for setting the WRT54GS router as SECURED?
  Define "secured".  Wired, only physical connection have access.
  Wireless, once you add WPA or WEP (WPA is better) it's secured.
  Sincerely,
  SWAT
  Does that help?

• How to locate my network security key

  I wrote this same request a month or so ago and can no longer locate my 'saved' message.  Would someone please forward me the link again on how to locate the network security key so I may add another computer to my wi-fi.
  And another question, will there be any change that more than one security key will appear and if so, how will I determine which key is the proper key to use?
  Thank you much.

  The "key" is another word for your normal wireless network "password", sometimes called a "pass phrase".
  The password generates a 64 character code of random letters and numbers. I doubt that this would be of any use to you, but if you want to see it.....
  Open AirPort Utility on your Mavericks Mac
  Click the AirPort icon, the click Edit
  Click the Base Station icon at the top of the screen
  Click Show Passwords
  More likely, you have a Windows Firewall issue, or Microsoft Security Essentials...if installed....is blocking the connection.  The anti-virus program can do the same thing.

• Virus Barrier X4 question and a Top 10 Network/Security question

  I am currently running Norton AV/Mac. It runs fine, no problems, no slow down, am happy! However, I know that there are some very experienced Mac users who are very down on Norton AV as far as causing problems/hogging resources/slowing things down...again, I don't have any problem, but I am still a newbie. I see however that one of the top 10 Network/Security downloads is Virus Barrier X4. If I want to run an AV program, could someone shed some light on wht this would be a better application? Also the number 1 download in this category is Mac Scan. I am confused, Forget virus's, I thought there was no Spyware/Malware? Why would so many people make this such a popular download..Curious! Thanks, Bill

  Bostonfan49,
  Spyware is a self-inflicted injury.
  To prevent drive-bys, remember to uncheck the Open "safe" files after downloading box in the Safari>Preferences>General tab and make sure that you're blocking pop-up windows.
  Configure your firewall correctly (turn off ALL unused services) and stealth it.
  Don't use P2P (Limewire and the like) or visit "dodgy" (unknown, copyright infringing, skanky, pr0n, etc.) Web sites.
  Never, ever install any program or give any installer your admin password unless you are certain that you know and trust the source.
  Create a separate administrator account for installing software and updates and make your normal user account an ordinary, nonadminstrative user.
  OS X is not immune to spyware: The spyware would still have to be coded to run in OS X. Requiring an administrator account and click-the-"Yes"-box user permission to install and run didn't prevent KaZaa (and its bundled nasties) from being downloaded and installed by millions, so this OS X "barrier" to malware is subject to the same vulnerability. That said, I'm not aware of much of anything in the way of spyware for Macs.
  -Wayne