Posts

Showing posts from July, 2020

What is LM Compatibility

You might want to acquaint yourself with The Most Misunderstood Windows Setting of All Time. It’s the best written document on the relevant background for LMCompatibilityLevel. Review the NTLMv1 Known Problems and Workarounds for the most comprehensive resource available for the various problems associated with NTLMv1 being turned off. Note that NTLMv1 use can result from misconfigurations in a great number of places. And those misconfigurations can happen anywhere in the “authentication chain”. Misconfigurations can happen on the client endpoint, on a member server that provides the service the endpoint connects to, or any domain controller leveraged by the two. Most misconfiguration comes down to one of two things: the Windows LMCompatibilityLevel or browser configuration. If you are looking for the quickest way forward, we’d suggest using group policy to set a LMCompatibilityLevel=5 (“Send NTLMv2 response only. Refuse LM & NTLM.”) across all your computers. Doin...

What is Two-Tier Campus Network Architecture

To design and build a two-tier campus network architecture is everything like a three-tier hierarchical design and maximizes performance, network availability, and the ability to scale the network design. It is common to campus networks where the aggregation or distribution layer is merged with the core layer to create a unique and fully functional network for a good sized campus. However, many small enterprise networks do not grow significantly larger over time. Therefore, a two-tier hierarchical design where the core and distribution layers are collapsed into one layer is often more practical. A “collapsed core” is when the distribution layer and core layer functions are implemented by a single device. The primary motivation for the collapsed core design is reducing network cost, while maintaining most of the benefits of the three-tier hierarchical model.. To design and build a two-tier campus network architecture, a number of considerations must be taken into account. A k...

What is use of NTLM?

NTLM, a Windows network authentication protocol, is a challenge/response system that allows a client to prove its identity without sending a password to the server. The Windows domain controller challenges the client to perform a complex mathematical calculation on the user's domain password and send this encrypted password to the domain controller. The domain controller then uses the same calculation to decrypt the password. If the decoded password matches the password obtained from the Security Account Manager (SAM) database, then the client is authenticated and may log into the network and access network resources. NTLM is an abbreviation for Windows NT LAN Manager; it offers improved security over the now-obsolete LAN Manager protocol. The Indiana University network is configured to use only the latest version of this protocol: NTLMv2. This version provides increased security over NTLMv1. A Real Time Communication (RTC) application may specify RTCAU_NTLM in the tag t...

What is Email Security Settings

Internet security has a pretty high priority in our technology filled world. The safety of your private information and the safety of your computer should always be a primary concern. Browser-based email providers, such as Yahoo!, AOL and Hotmail, have spam and junk mail filters to keep your privacy and computer safe. By viewing the spam or junk mail settings and filters your email provider has in place, you can find out your level of security and make adjustments as needed. Step 1 Open your Web browser and go to the webpage of your email provider. Step 2 Log into your email account. Step 3 Find "Settings" or "Options" on the main screen of your email page. Typically, this is located on the right-hand side towards the top. Some email services have it located on the left. Step 4 Select "Spam" or "Junk" mail settings from the Settings or Options menu. Step 5 View the filter settings if they are available from your e...

What is Campus Network Architecture

To design and build a two-tier campus network architecture is everything like a three-tier hierarchical design and maximizes performance, network availability, and the ability to scale the network design. It is common to campus networks where the aggregation or distribution layer is merged with the core layer to create a unique and fully functional network for a good sized campus. However, many small enterprise networks do not grow significantly larger over time. Therefore, a two-tier hierarchical design where the core and distribution layers are collapsed into one layer is often more practical. A “collapsed core” is when the distribution layer and core layer functions are implemented by a single device. The primary motivation for the collapsed core design is reducing network cost, while maintaining most of the benefits of the three-tier hierarchical model.. To design and build a two-tier campus network architecture, a number of considerations must be taken into account. A k...

What is Email Security Settings

Internet security has a pretty high priority in our technology filled world. The safety of your private information and the safety of your computer should always be a primary concern. Browser-based email providers, such as Yahoo!, AOL and Hotmail, have spam and junk mail filters to keep your privacy and computer safe. By viewing the spam or junk mail settings and filters your email provider has in place, you can find out your level of security and make adjustments as needed. Step 1 Open your Web browser and go to the webpage of your email provider. Step 2 Log into your email account. Step 3 Find "Settings" or "Options" on the main screen of your email page. Typically, this is located on the right-hand side towards the top. Some email services have it located on the left. Step 4 Select "Spam" or "Junk" mail settings from the Settings or Options menu. Step 5 View the filter settings if they are available from you...

Next-Gen Network Engineer

The art of networking is no easy feat. And as networking jobs encompass more than just networking, it’s not going to get any easier. It’s going to be about embracing advancements in data gathering, automation, and programming languages. In fact, it’s going to look a lot like DevOps. Here are five skills you can develop to meet the changing tides of the networking industry. Learn a Language It never hurts to learn a new programming language. To keep up with automation, network engineers need methods and tools to programmatically control equipment. This is where languages can come into play. If your organization is using software-defined networking (SDN), keep in mind the networks offer interfaces to scan and monitor automatically. Fully understanding the language these programs are speaking gives you an upper hand. Automation tools like Chef can handle some of the grunt work, freeing up time for your networking pros. But admins should still understand the process of writing...

Common Network Issues

Networks are networks. Despite best efforts to keep things smooth all the time every day, things happen. Here’s a look at some common network issues, some tips for quickly resolving them, and even better, how to prevent them from occurring again. 1. Duplicate IP Addresses When two devices attempt to share a single IP, you see the dreaded “Address Already in Use” error — with no ability to access the network. The Quick Fix: The blame for this often rests with your router’s default DHCP configuration. DHCP is probably trying to assign your new device an address at the beginning of your subnet, and another device may already occupy these low-numbered addresses with static IPs. If you’ve just introduced a new device or server to your network, it may have its own DHCP server. Simply disable the DHCP server on that device to restore sanity to your network. The Preventive Measure: You can take one simple step to avoid IP conflicts by modifying your router’s configuration to b...

what is Password Cracking

Before you learn how to use L0phtCrack with Win2K, it helps to understand how password cracking works in NT, and then extend that process to Win2K. (If you are already an expert NT password cracker, feel free to skip ahead.) NT stores a hash, but not the clear text password, of each user's password in the domain controller’s SAM database. If you're not familiar with the SAM, it is a Registry hive file found in %systemroot%\system32\config. Using your administrator authority, L0phtCrack pulls the hashes from the SAM and cracks the hashes by exploiting weaknesses in NT’s hashing algorithm. To crack a password hash, L0phtCrack first performs a dictionary attack by iterating through a list of common words. L0phtCrack hashes each word in the list and compares that hash to the hash from the SAM. If the hashes match, L0phtCrack has the password. Once L0phtCrack exhausts the dictionary, it iterates through the word list again using a hybrid attack that adds combinations of a few...

Where uses Onboard LAN?

A LAN (local area network) interconnects several computers using Ethernet technology. As technology advances, networking capabilities have begun shipping as a standard feature on most motherboards. Onboard LAN is a specialized chipset on the motherboard designed to handle networking responsibilities for the computer, such as home networking and Internet connectivity Local Area Networking Local area networks connect several computers within a limited physical proximity via Ethernet cables or wireless Ethernet, such as in homes, schools or businesses. In early computers, this capability was not a standard feature and required the installation of a network interface card (NIC). NIC installation was necessary until LANs became more common, requiring more efficient and less expensive networking capabilities. Onboard LAN controllers support numerous built-in hardware and software enhancements for networking, such as power management and input/output (I/O) scalability. Onboard LA...

What is IPv4 Subnetting?

A quick rundown of IP addresses and binary To understand subnetting, you should first understand the decimal and binary structure of an IP address. Let’s start with the basics. Here’s what an IP address looks like: 192.168.1.20 An IPv4 address is a 32-bit number. To make addresses more straightforward, they are divided into four 8-bit numbers — or octets — separated by a decimal point. These octets range in number from zero to 255. How to define the network portion of a subnet IP address During the early stages of the internet, organizations assigned IP addresses like crazy until we nearly ran out. Luckily, the designers of IP addressing came up with a way to end this wasteful practice: Dividing networks using subnetting. The process of taking an extensive network and splitting into smaller networks is known as subnetting — and it’s freeing up more public IPv4 addresses. There are two parts to an IP address: The network portion and the host portion. It’s ...

Corporate Network Security

As cyberthreats are constantly evolving in complexity and volume, the battle against them implies ‘spreading’ the protection across all the systems in the corporate network – servers, databases, services, installed software, etc. What’s more, attention should be paid to ensuring that the company’s employees understand and follow cybersecurity principles, and will not (un)intentionally compromise the corporate network security with their actions. However, cybersecurity measures applied inside the organization may differ depending on the company’s size, its financial capabilities, the industry it operates in (regulated or non-regulated), the information it has to deal with in the course of business activities, etc. The minimum of cybersecurity measures essential for the implementation is a properly configured firewall protection working together with regularly updated antivirus software. Firewalls scan network traffic to detect anomalous packets or packet fragments. Antiviruses ensure p...