In the Microsoft link below, are the Windows 10 releases listed with an expired "End date", still covered by the Windows patching cycle?
https://docs.microsoft.com/en-us/lifecycle/products/windows-10-enterprise-and-education
Is there any official AWS GUI like S3 file explorer for Windows?
I know there's plenty non-official like S3 Browser but, I am avoiding using third-party software.
I would like to know if it's a good idea to make a CentOS AWS golden image in VMware and then export it to AWS format (AMI) using the AWS Import/Export service?
I'm asking this because AWS might tweak the CentOS kernel parameters for their infrastructure and when you export it to AMI you might lose this optimisation.
Apart from File Sharing what are good reasons to not disable the Windows SMB service by default on a corporate environment?
This protocol seems to have a lot of security vulnerabilities and been using extensively for malicious lateral moves within the network.
Good day,
As an ISP, We currently have an open SMTP relay that we allow access from our customer's IP ranges. This is a very low volume email platform.
We are considering to move this service to the AWS using the Simple Email Service (SES) platform for its attractive prices. However it doesn't seem to support non-authenticated relay filtered by IP addresses range.
Anyone can confirm if this is achievable or you mandatory need SMTP auth?
On our corporate network we're detecting workstations opening too many connections to the IP address 75.126.196.159 (port 3478) causing the Cisco ASA Firewall 5550 to detect a "SYN Attack" and reach its limit in terms of connections, causing a severe traffic degradation over the legit traffic.
We have Symantec Endpoint Protection (SEP) v12.1 with the latest definitions on every workstation, thus it does not detect any anomaly behavior.
As a mitigation mechanism I'm adding a local SEP (Firewall) rule to block all traffic inbound/outbound to the IP address in cause 75.126.196.159
Any other suggestion to mitigate and resolute this issue?
I have experience with Linux server administration, however when it comes to Windows I'm pretty much a newbie.
I have a lot third-parties applications that use an AD admin account to perform its authentication against the enterprise Active Directory. In total I found more than 40 admin accounts, which from a compliance regulatory perspective is a red flag!
I'm sure there is a way to overcome this situation. My intention is to have a AD ready only account capable to query the AD Forrest and return to the application if the username/password is valid or not. This account must not have any write.
What is your recommendation for this kind of situations?
Is it possible to find out the geographical location (IP Address/host) that I'm streaming a specific Youtube video?
I believe not all videos stream from the same Youtube Cache server, correct?
By nslookup the v1.lscache1.c.youtube.com it seems by unicast I get resolved to a local cache but I doubt that all videos stream from this locations.
Regards,
I understand the root DNS servers (A to M). What I don't exactly get it is the difference between, let's say the "F Root DNS" and the "A Root DNS".
Why is there 49 total "F" DNS's and only "A" DNS's?
Isn't the DNS record database from A to M the same?
I have a router and I have the chance to receive the WAN connection either from a Serial port (Smart Serial) or T1/E1. I have both cards for Serial and E1/T1 interfaces. I really don't know what are the pros/cons from one to another.
Can anyone help me?
Our company´s main owner (telecon group) wants us to deploy anti-DDoS mechanisms, such as Arbor Pravail, which is a great idea.
Although... I have a question... If our main ISP Backbone provider have no anti-DDoS mechanism, means that there is no point we get the Arbor Pravail?
An DDoS attack can make damage uniquely the destination IP or to the whole network that the DDoS packets go through?
Regards,
I'm my company we want to deploy SSL certificates to some websites we own, and our RADIUS server as well (Cisco ACS).
What is the practical difference from acquiring 5-10 single host certificates or a single wildcard certificate for the whole domain (ie: common to all the hosts) ?
All hosts are in the same domain. I'm not sure what certificate to choose.
Thanks,
Is a Self Signed SSL certificate a false sense of security?
If you are being eavesdropped, the user will simply accept the certificate like he/she always does.
We are a ISP in Africa (bandwidth is expensive, more than 800 USD per Mbit). Instead of investing in more bandwidth I believe it can be worthy to invest on web proxy appliance.
I prefer to use mature appliances instead of opensource tools. BlueCoat or BarracudaNetworks are my first possibilities.
We have currently 50 Mbits and we plan until the end of the year to have 100 Mbits, we're growing considerably.
My questions are:
- Which Proxy/Cache appliance do you recommend? Preferable to have 2 on load balance or failover.
- How does "Web acceleration proxy" works?
What are the differences from the Adv. Enterprise firmware and the Adv. IP Services?
From the 2610XM perspective.
Regards,
I'm looking for a network incident report template.
Is there any template that you use in your company?
What happen if I have both ENABLED spanning-tree BPDUFILTER and BPBDUGUARD on a specific port?
I work on a ISP in Africa. Our customers were being redirected to Google cache in South Africa. Apparently with no reason, they start being redirected to Google US, which for us has higher latencies (avg: 400 ms).
How can I contact Google to fix this DNS Geolocation issue? Or, what can I do?
In our company we have a range of /21 (2048) IPv4 public addresses.
We have a bunch of Cisco routers and servers.
How to get started with IPv6? What can we do to provide internet to our clients with IPv6 compliment as well?
I work in a ISP where bandwidth is limited. We want to provide our customers a mirror for windows updates, so we can save bandwidth and provide to our customers a faster connection.
How can we achieve this?