From the console:
config system interface
edit wan1
set netbios-forward enable
end
| Shortcut key | Description |
| CTRL+ALT+HOME | Activates the connection bar. |
CTRL+ALT+BREAK or one of these shortcuts:
|
Switches the client between full-screen mode and window mode. If these shortcuts don’t work, or the keys aren’t available, you can try the following alternative:
|
| CTRL+ALT+END | Brings up the Windows Security dialog box for the Remote Desktop Session Host (RD Session Host) (provides the same functionality as pressing CTRL+ALT+DEL on the local computer). |
The following table describes the standard Windows shortcut keys and their equivalent Remote Desktop shortcuts that are different. (For example, Ctrl+Z is generally the ‘Undo’ shortcut on both standard Windows and Remote Desktop.)
| Table 2 | ||
| Windows shortcut | Remote Desktop shortcut | Description |
| ALT+TAB | ALT+PAGE UP | Switches between programs from left to right. |
| ALT+SHIFT+TAB | ALT+PAGE DOWN | Switches between programs from right to left. |
| ALT+INSERT | Cycles through the programs in the order they were started. | |
| Windows key or CTRL+ESC |
ALT+HOME | Displays the Start menu. |
| ALT+SPACE BAR | ALT+DELETE | Displays the system menu. |
| ALT+PRINT SCREEN | CTRL+ALT+MINUS SIGN (-) | Places a snapshot of the active window, within the client, on the clipboard. |
| PRINT SCREEN | CTRL+ALT+PLUS SIGN (+) | Places a snapshot of the entire client windows area on the clipboard . |
The FS-ISAC, or the Financial Services Information Sharing and Analysis Center, is the global financial industry’s go to resource for cyber and physical threat intelligence analysis and sharing. FS-ISAC is unique in that it was created by and for members and operates as a member-owned non profit entity.
Here are some examples of phishing emails that member banks have received over the past few days. I’m sending them to you to familiarize you with the types of emails that you might receive. If you DO receive any emails that appear suspicious, PLEASE notify the helpdesk, or Bill or myself. Thank you.
YOU HAVE A PACKAGE WITH DHL – DHL / Adobe Themed Phishing Email
An FS-ISAC member reported receiving a phishing e-mail purporting to be from DHL with the subject “YOU HAVE A PACKAGE WITH DHL”, containing a .pdf file attachment with an embedded URL that leads to an Adobe Online-themed credential harvesting site.
Important Account Notification – Capital One-Themed Phishing E-mail
An FS-ISAC member reported receiving a phishing e-mail purporting to be from Capital One with subject “Important Account Notification”, containing an embedded URL.
Closing Settlement Disclosure – Google Docs-Themed Phishing Email
An FS-ISAC member reported receiving a phishing e-mail with the subject “Helmsmortgage spreedsheet”, containing a .pdf file attachment with an embedded URL that leads to a Google Docs-themed credential harvesting site.
Electronic Shipping Documents Now Ready – NanoCore-RAT Phishing Email
An FS-ISAC member reported receiving a phishing e-mail with the subject “Electronic Shipping Documents Now Ready”, containing a malicious .ace file attachment that leads to Nanocore – Remote Access Trojan.
Inv <#####> – Ursnif Phishing Emails
An FS-ISAC member reported receiving phishing e-mails with subject lines in the following format: “Inv <#####>”, containing a malicious .docx file attachment that leads to Ursnif malware.
Your Email Will Be Blocked. – Webmail-themed Phishing E-mail
An FS-ISAC member reported receiving phishing e-mails with the subject line “Your Email Will Be Blocked.”, containing an embedded URL that leads to a Webmail-themed credential harvesting site.
the exorcists list – Phishing E-mail
An FS-ISAC member reported receiving a phishing e-mail with the subject “the exorcists list” containing a suspicious .doc file attachement and URLs.
Re:invoice – Phishing E-mail
An FS-ISAC member reported receiving a phishing e-mail with the subject “Re:invoice”, containing a malicious .ace file attachment that leads to a Trojan.
Total messages: 23 – Phishing E-mail
An FS-ISAC member reported observing a phishing email with the subject “Total messages: 23” containing a malicious URL.
MyFax message from “<COMPANY NAME>” – 4 page(s), Caller-ID: 1-516-799-6300″ – Adwind – RAT Phishing E-mail
FS-ISAC members reported receiving phishing e-mails with the subject “MyFax message from “<COMPANY NAME>” – 4 page(s), Caller-ID: 1-516-799-6300″ containing a malicious .zip file attachment that leads to the Adwind – Remote Access Trojan.
Complaint Letter – AutoIT Wrapped-Trojan Phishing Email
An FS-ISAC member received a phishing e-mail with the subject “Complaint Letter”, containing a malicious .zip file attachment that leads to AutoIT Wrapped – Trojan.
http://www.gfi.com/blog/101-free-admin-tools/
We need to go to the Computer Configuration ““> Administrative Tools ““> Windows Components ““> Internet Explorer ““> Internet Control Panel ““> Security Page and then double click to the zone assignment list in the right pane as you can see below.
After you double click on site to the zone assignment list you will see a window to enable the settings and configure it. Click enabled. Then click show. On the show contents screen click add.
By clicking add we can add URLs and specify what zone we want them to be placed in like so:
The number 2 denotes the number of the zone. In this case it is the trusted zone. Microsoft breaks down the settings as follows:
After clicking OK you can wait for your default refresh of Group Policy which is 15 minutes by default or you can run gpupdate.exe from any workstation to see if it worked. You can also restart the workstations to force the update.
Edit the /etc/rc.d/rc.firewall.local file and add our new SMTP blocking rules. Open the file with vi or nano, then look for the line “## add your ‘start’ rules here” and put your new rules under it.
# allow smtp from some allowed ips
/sbin/iptables -A CUSTOMFORWARD -p tcp -i eth0 -s 10.1.0.6 –dport 25 -j ACCEPT
# log stuff that is not the mail server
/sbin/iptables -A CUSTOMFORWARD -p tcp -i eth0 -s ! 10.1.0.6 –dport 25 -j LOG –log-prefix “SMTP”
# block all other outgoing SMTP traffic
/sbin/iptables -A CUSTOMFORWARD -p tcp -i eth0 -s ! 10.1.0.6 –dport 25 -j REJECT
Open the Group Policy Management and create a new GPO, and edit.
1 – Computer Configuration > Policies > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile > “Windows Firewall: Allow Inbound Remote Desktop Exception”
2 – Computer Configuration > Policies > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Connections > enable the policy “Allow Users to connect remotely using Remote Desktop Services” Note: this used to be > Windows Components > Terminal Services > “Allow users to connect remotely using Terminal Services”
CTRL-ALT-END is the key combo to send a CTRL-ALT-DEL to the remote RDP desktop. Useful for changing passwords on workstations and servers remotely.
Complete these steps:
http://www.digitalspy.com/tech/news/a564741/google-clarifies-email-scanning-policy.html
Google has updated its terms of service to offer more transparency regarding its email-scanning practices. The web giant confirmed that Gmail messages are automatically scanned when content passes between its servers. Google has staunchly defended this policy, insisting that email scanning is necessary to provide tailored content and protect users against malware.
After 12 years, support for Windows XP will end on April 8, 2014. There will be no more security updates or technical support for the Windows XP operating system. Customers moving to a modern operating system will benefit from dramatically enhanced security, broad device choice for a mobile workforce, higher user productivity, and a lower total cost of ownership through improved management capabilities.
Get more here….
http://wp.me/P2YEZ7-cd
To add additional networks behind your IPCop firewall for OpenVPN clients you must PUSH routes to the client. To do this, in /var/ipcop/ovpn/server.conf add the following line:
push “route 10.1.0.0 255.255.0.0”
The following lines allow SMTP and HTTP traffic through an IPTABLES firewall. But this information is not automatically saved and reloaded if the service restarts.
iptables -I INPUT -p tcp –dport 25 -m state –state NEW,ESTABLISHED -j ACCEPT
iptables -I INPUT -p tcp –dport 80 -m state –state NEW,ESTABLISHED -j ACCEPT
iptables-save
Whenever you make a change to your firewall, on a Fedora/CentOS type system, you will want to save the changes.
The output can be redirected to a file.
# iptables-save > /root/firewall-rules
The following command line restores all rules from /root/firewall-rules assuming that the file /root/firewall-rules exists.
# iptables-restore < /root/firewall-rules
By default, iptables-restore deletes all existing rules before restoring the saved rules. If the saved rules are to be appended to existing rules, use the -n or –noflush option.
Save Your Firewall and Load on Restart
You will need to edit the /etc/sysconfig/iptables-config as root to help iptables save and reload your firewall correctly. Be sure the following settings are changed to “yes”.
# Unload modules on restart and stop
# Value: yes|no, default: yes
# This option has to be ‘yes’ to get to a sane state for a firewall
# restart or stop. Only set to ‘no’ if there are problems unloading netfilter
# modules.
IPTABLES_MODULES_UNLOAD=”yes”
# Save current firewall rules on stop.
# Value: yes|no, default: no
# Saves all firewall rules to /etc/sysconfig/iptables if firewall gets stopped
# (e.g. on system shutdown).
IPTABLES_SAVE_ON_STOP=”yes”
# Save current firewall rules on restart.
# Value: yes|no, default: no
# Saves all firewall rules to /etc/sysconfig/iptables if firewall gets
# restarted.
IPTABLES_SAVE_ON_RESTART=”yes”
Snapchat’s Hack: What Users Should Do Now, http://fxn.ws/1kchy8I
Love Snapchat? Here’s a reason to stop, http://fxn.ws/1g6ILEy
Four tips for creating stronger passwords
It’s complicated. But that’s a good thing.
2 million Facebook, Google accounts compromised: How to protect yourself, http://fxn.ws/1hzSCWv
Create NAT Rule
Create Access Rule
The five scariest hacks we saw last week
http://www.cnn.com/2013/08/05/tech/mobile/five-hacks/index.html
The five scariest hacks we saw last week
http://www.cnn.com/2013/08/05/tech/mobile/five-hacks/index.html
So you think your dvr is safe. Hackers can listen to your baby monitor and turn your lights on! Hackers break into homes — electronically
http://www.cnn.com/2013/08/02/tech/innovation/hackable-homes/index.html
After winning Pentagon security approval, Samsung is close to a deal with the FBI and Navy. http://news.cnet.com/8301-1035_3-57594476-94/samsung-said-to-be-near-deals-to-supply-devices-to-fbi-navy/
Always backup the original key first (just in case)!
# cp www.key www.key.orig
Then unencrypt the key with openssl. You’ll need the passphrase for the decryption process:
# openssl rsa -in www.key -out new.key
Now copy the new.key to the www.key file and you’re done. Next time you restart the web server, it should not prompt you for the passphrase.
Public Wi-Fi can alarm your browser, don’t let it alarm you
Wi-Fi networks with Web logins can be a hassle, but they add security.
How to fly under the radar online
Here are some privacy-friendly sites to help you keep a hold on your personal information.
http://usat.ly/11Oc1dg Surveillance revelations from Facebook, Microsoft Facebook says government orders for user data in latter half of 2012 involved 19,000 accounts.
Apple adding ‘kill switch’ to iPhones http://www.cnn.com/2013/06/11/tech/mobile/iphone-ios7-kill-switch/index.html
With all of the news of the NSA data security program, this puts the pieces of the puzzle together. http://news.cnet.com/8301-1009_3-57588253-83/what-is-the-nsas-prism-program-faq/
The Exchange 2007 self signs a certificate when the server role is first added for all the Exchange services that run in unison with IIS (smtp & owa etc). The certificate expires after one year from the date the server was first installed or the date the certificate was assigned manually.
First, check the status of the certificate by opening the Exchange Management Shell and executing the command ‘Get-ExchangeCertificate |FL’ – this displays all information about the currently assigned certificates and the status of each certificate.
It is common that they may be more than one certificate listed in the display – if that is the case, find the certificate that shows an expired date in the field ‘NotAfter‘ – as this defines when each certificate becomes invalid/expired. An expired certificate may cause problems such as connectivity to web services, SMTP transport and Outlook prompting certificate security warnings.
Use the following steps to generate a new certificate and enable it to run IIS services:
1. Type ‘Get-ExchangeCertificate |FL’ – This only lists details of certificates that are assigned to Exchange Services. Then note down the Thumbprint of the expired certificate.
2. Then type ‘Get-ExchangeCertificate –Thumbprint “9E6DD4B4EA2865CA9E6C34B42329A9AC994EBF63” | New-ExchangeCertificate’ . This generates a new certificate, and you will then be prompted to confirm if you want to overwrite the expired certificate and use the new one for the SMTP service.
3. If you run the cmdlet in step 1 you will notice the new certificate is not used to secure IIS services anymore. Make a note of the new thumbprint and run the following command typing the new thumbprint between the quotation marks: ‘Enable-ExchangeCertificate – Thumbprint “7A843B04EA2865CA9E6C34B42329AEE4456F9013” –Services IIS’
4. Be sure to verify all the services are working correctly after renewing and enabling the certificate – test Outlook clients by closing and opening Outlook to esnure there are no security certificate warnings.
6. Finally, Remove the old certificate by typing the following cmdlet into the management shell: Remove-ExchangeCertificate –Thumbprint “9E6DD4B4EA2865CA9E6C34B42329A9AC994EBF63″.
Hijacking of Facebook accounts spikes
The Koobface worm on the move again, luring Facebook users to click on tainted links
How do I reset Windows Update components?
http://support.microsoft.com/default.aspx/kb/971058
Once the Windows Update components are reset, try installing the updates again. To do so,
1. Open Windows Update by clicking the Start button, clicking All Programs, and then clicking Windows Update.
2. Click on the Change settings option in the navigation bar on the left. You will now be at a screen where you will be able to set up how Windows Vista will download and install updates on your computer.
3. Select the option Check for updates but let me choose whether to download and install them. When you are done configuring the options as you wish, press the OK button to save these settings. You will now be back at the main Windows Update screen.
4. In the left pane, click Check for updates, and then wait while Windows looks for the latest updates for your computer.
5. You may then download the updates one or two at a time.
6. Click on install updates to install the currently selected updates.
7. Repeat the steps 5 and 6 till you get all the updates you want on your PC.
Verizon’s latest report on data breach statistics offers security pros a guide to the most persistent threats and where attention should be focused to defend against them.
The report contains a wealth of information that paints a clear picture of the motives and techniques used by attackers to compromise their target organizations. It’s an interesting read and there are many lessons that can be found within.
The Android threat landscape is growing in both size and complexity with cybercriminals adopting new distribution methods and building Android-focused malware services, according to a report from Finnish security vendor F-Secure.
Last month, Sen. Mark Udall and a handful of other privacy-focused politicians persuaded the IRS to promise to cease warrantless searches of Americans’ private correspondence.
http://news.cnet.com/8301-13578_3-57583743-38/senator-demands-doj-fbi-seek-warrants-to-read-e-mail/
Last month, Sen. Mark Udall and a handful of other privacy-focused politicians persuaded the IRS to promise to cease warrantless searches of Americans’ private correspondence.
http://news.cnet.com/8301-13578_3-57583743-38/senator-demands-doj-fbi-seek-warrants-to-read-e-mail/
BEWARE!!! Google Aims To Patent Policy Violation Checker, Potentially Revolutionizing Email Snooping http://huff.to/13ZlQVa
File System Auto-Protect is malfunctioning
http://www.symantec.com/docs/TECH102962
Try these Steps as well.
1) Go to services.msc
2) Stop all the symantec services
3) Open task manager
4) Kill rtvscan.exe and smc.exe
5) Again, restart the service
6) If that does not fix, repairing from add/remove programs should fix the issue.
http://usat.ly/1214yE2 Cyber attack on popular daily deals site The attack impacts 50 million customers of the daily deal site.
The Twitter accounts for CBS News programs “60 Minutes” and “48 Hours” were used by hackers earlier today to send out messages accusing the U.S. of aiding terrorists, the network confirmed.
http://news.cnet.com/8301-1009_3-57580604-83/hackers-send- bogus-tweets-from-60-minutes-account/
A security certificate problem triggered warnings not to use Bing over a secure Web connection Friday, and Microsoft said an issue with network service provider Akamai is to blame.
Browsers displayed prominent error messages and warnings at about 9 a.m.
http://news.cnet.com/8301-1009_3-57580459-83/security-certificate-problem-trips-up-bing-web-site/
Video service Vudu began warning users today that it has instituted a systemwide password reset following an office break-in last month.
A burglary March 24 resulted in the loss of hard drives that contained users’ sensitive personal information, including names, e-mail addresses, postal addresses, phone numbers, account activity, dates of birth, and the last four digits of some credit card numbers, Vudu Chief Technology Officer Prasanna Ganesan informed customers in an e-mail. He said no complete credit card numbers were stolen because the company does not store that information.
