Bypassing Trustwave NAC
I’m currently doing a penetration test for a client, who are using Trustwave NAC to prevent unauthorized physical access to their network. I would like to know if there are any possible ways to bypass...
View ArticleIs MAC address filtering effective on a wifi router? [closed]
I want to improve the security of my home wifi. My neighbor wants to crack my Wi-Fi password with a nutcracker. I tried to activate the protection by MAC address, but now my laptop and smartphone don’t...
View ArticleIs a firewall an access control list?
I want to know if a firewall is considered an access control list (ACL). I know there are other types of ACLs, but am specifically interested in knowing if a firewall is an ACL. Edit: It appears from...
View ArticleWhy the Websense blocks same site when used with http & not when used https?...
I have been working in a IT firm. I have access to some social sites. When I try to open site Links in mail (that are having http://), the websense prompts me that the access is blocked. However, when...
View ArticleWhat level of protection does the secure remote password protocol provide...
What level of protection does the secure remote password protocol provide against the Pass the Hash attack? I have read a lot about the secure remote password, and in the Stanford “What is it?” page...
View ArticleHow can I set up DHCP so that domain devices get a certain block of IP...
Is there a way for me to set up DHCP so that only domain devices get an IP Address from a certain subnet, say 192.168.12.x, and other non-domain devices would be assigned to a different subnet? Edit:...
View ArticleSuch a thing as too much network segregation?
One of the biggest points of friction I see between networking teams, security teams, and users is around the idea of network segregation. For instance, the network team wants to isolate everyone...
View ArticleDeny attacker access to my router
I was experiencing very low connectivity on my wireless, so I checked the router logs. Here’s what I saw: Jul 09 11:07:24 Per-source ACK Flood Attack Detect (ip=74.125.130.129) Packet Dropped Jul 09...
View ArticleHow to restrict access to the internet for some computers on the network?
I’d like to differentiate machines (or, possibly, users) on my small business network so that only some of them have access to the internet. The solution I’ve been using to this day is quite terrible:...
View ArticlePrevent fake gateway device attached to PC's network card
Office. Several PCs with Linux. Internet is limited on gateway level, so nobody could do POST-requests over HTTP. We prepared several measures to prevent data leakage on infrastructure level, but...
View ArticleWhat is East-West traffic [closed]
I’ve heard the terms East-West and North-South mentioned in respect to network traffic or network design. What does it refer to and in what scenarios is it relevant?
View ArticleWhat's the best way to block all external proxy IP's which could be used for...
At the simplest form – the question is to block external proxy due to an emergency situation due to which management have forced technical teams to get a solution to block all the external proxy or...
View ArticleHow well is 802.1x-2010 generally supported?
I have often come across 802.1x (2004) deployments in internal company networks. The problem with that protocol is that after the handshake, the network traffic is not encrypted. This means that, for...
View ArticleCould this piece of code be harmful ?
I just wrote these 2 functions in C#.net and it can get any user’s system IP and MAC address. Isn’t this harmful since I got help from microsoft documentation. Could these lead to potential damage or...
View ArticleUsing Digital Signatures in isolated networks
Is it possible to use Digital signatures in isolated environments which do not have access to internet and work only on internal network. How does the certificate authentication happen in such case
View Article