Posts

must-have tools for network working admins

  Networking tools for Windows are typically command-line programs or desktop applications. Under Windows 10, there’s a third format: apps that you download from the online Microsoft Store. Here we’re highlighting 10 networking tools that are available in the Microsoft Store and can be pinned as tile icons on the Windows 10 Start menu for convenient access. They’re all useful, and they’re all free. All My LAN lists your network's IP address, its profile name, and its maximum upload and download speeds. The amount of data that has been sent and received over the network is depicted in two line charts. By moving a slider, you can adjust the charts to represent the amount of data that was transmitted throughout the current day or up to the last 30 days. The charts can be combined to view as one chart. This app can also scan for any multicast DNS services or UPnP devices that are connected to your network. Clicking the name of a found device or service pulls up information about it, su...

Common DNS Issues

  Running into an error with the Domain Name System — simply called a DNS error — means you won't be able to get access to the internet, which is frustrating if it happens regularly. Learning the most common causes of DNS issues and the best methods for fixing them can help you get back online with minimal effort. Essentially the DNS translates the domain names we use to access websites into IP addresses, which is what your computer actually uses to access the website. In most cases, a DNS problem is easy to fix Network Problems In many cases, an error attributed to DNS could be a simple connection problem (especially if you're connecting wirelessly using a laptop) that doesn't really relate to the DNS at all. Before blaming DNS errors, go to your "Network and Sharing Center" and run the troubleshooter. This will identify and fix many common connectivity issues and can help you narrow down the cause of the issue. Duplicate IP Addresses When two devices attempt to ...

IPv4 Subnetting in network operations

  A quick rundown of IP addresses and binary To understand subnetting, you should first understand the decimal and binary structure of an IP address. Let’s start with the basics. Here’s what an IP address looks like: 192.168.1.20 An IPv4 address is a 32-bit number. To make addresses more straightforward, they are divided into four 8-bit numbers — or octets — separated by a decimal point. These octets range in number from zero to 255. How to define the network portion of a subnet IP address During the early stages of the internet, organizations assigned IP addresses like crazy until we nearly ran out. Luckily, the designers of IP addressing came up with a way to end this wasteful practice: Dividing networks using subnetting. The process of taking an extensive network and splitting into smaller networks is known as subnetting — and it’s freeing up more public IPv4 addresses. There are two parts to an IP address: The network portion and the host portion. It’s like the address for a ho...

SmartScreen in Windows

  Windows 10 Creators Update introduced a number of changes to the user interface, so disabling Smart Screen can be a bit confusing. In this article, we'll see how to properly disable SmartScreen in it. The SmartScreen filter is a technology which was initially designed for Internet Explorer to protect users from malicious websites and web applications. It was integrated with IE8 and IE9 (as the successor to IE7's Phishing filter). Starting with Windows 8, Microsoft implemented Internet Explorer's SmartScreen feature directly into the operating system so files are screened for being potentially harmful. SmartScreen is also integrated for Windows Store apps. If enabled, the Windows SmartScreen filter sends information about every application you download and run to Microsoft’s servers, where that information will be analyzed and compared with their malicious apps database. If Windows gets a negative feedback about the app from the server, it will prevent you from running the...

network authentication protocol

  NTLM, a Windows network authentication protocol, is a challenge/response system that allows a client to prove its identity without sending a password to the server. The Windows domain controller challenges the client to perform a complex mathematical calculation on the user's domain password and send this encrypted password to the domain controller.  The domain controller then uses the same calculation to decrypt the password. If the decoded password matches the password obtained from the Security Account Manager (SAM) database, then the client is authenticated and may log into the network and access network resources. NTLM is an abbreviation for Windows NT LAN Manager; it offers improved security over the now-obsolete LAN Manager protocol. The Indiana University network is configured to use only the latest version of this protocol: NTLMv2. This version provides increased security over NTLMv1. A Real Time Communication (RTC) application may specify RTCAU_NTLM in the tag to i...

What is weak authentication in cybersecurity

  You might want to acquaint yourself with The Most Misunderstood Windows Setting of All Time. It’s the best written document on the relevant background for LMCompatibilityLevel. Review the NTLMv1 Known Problems and Workarounds for the most comprehensive resource available for the various problems associated with NTLMv1 being turned off. Note that NTLMv1 use can result from misconfigurations in a great number of places. And those misconfigurations can happen anywhere in the “authentication chain”. Misconfigurations can happen on the client endpoint, on a member server that provides the service the endpoint connects to, or any domain controller leveraged by the two. Most misconfiguration comes down to one of two things: the Windows LMCompatibilityLevel or browser configuration. If you are looking for the quickest way forward, we’d suggest using group policy to set a LMCompatibilityLevel=5 (“Send NTLMv2 response only. Refuse LM & NTLM.”) across all your computers. Doing this will...

Security Architecture in network level

  Each type of information system platform (e.g., workstations, servers, storage area network, switches, firewalls, routers, virtualization, or cloud computing) that makes up the information technology infrastructure has its own unique vulnerabilities. Security architecture is fundamental to enforcing security policies that can be applied at different layers for each type of system platform. This architecture is based on how the enterprise will handle each of the following: Allowable and disallowable services and protocols Vulnerability scanning Patch management Firmware or software upgrades A security professional then sets standards for safeguards and controls for each platform. When designing the security architecture, a security architect or engineer should take the stance of an attacker to eliminate major vulnerabilities or reduce risks at each of the various platforms. This would entail a network engineer or security professional to use the same methods and tools that a hacke...