Posts Tagged ‘security’

How to assign permissions for Domain User * This didn’t work straight away so had to create local user and auth that way

vserver cifs users-and-groups local-group add-members -vserver %Vserver% -group-name BUILTIN\Administrators -member-names domain\username

Verify permissions 

vserver cifs users-and-groups local-group show-members

cifs share access-control show

vserver security file-directory show -vserver %Vserver% -path /CIFS/Folder

How to assign permissions for Local User 

vserver cifs users-and-groups local-user create -vserver syg-svm03 -user-name CIFSSERVER\adminlocal -full-name “adminlocal”

GD Star Rating
loading...
GD Star Rating
loading...

When they initially onboarded, there was no filtering or security in any form:

Running a simple audit against Azure AD>Sign-ins showed the extent, even more when you export a CSV.

2000+ failed attempts within 24 hours:

Step 1) Sort or filter the CSV to find common trends (specific user account/IP/Country:

In this case, the client doesn’t have staff in China, nor should anyone be accessing from there

Step 2) Create a Blacklist – AzureAD>Conditional Access.

  • Create a Named location – in this case I named it ‘Blacklist’

 

 

  • Add any IPs to the blacklist

 

  • Create a policy – Name accordingly

 

  • Filter by a test account if appropriate, same for specific apps (don’t filter all apps if the admin account is included!! This can lock you out of the portal if you make a mistake!)

  • Set the blacklist location

  • Block the blacklist (or if you’re creating a whitelist, just allow instead of reject)

  • Enable the policy, then click the ‘What If’ button and test

 

 

Make sure it works as intended!

 

 

End result:

GD Star Rating
loading...
GD Star Rating
loading...

When going through the commands to enable WPA on cisco Wireless Account point


ap(config)#interface Dot11Radio0
ap(config-if)# encryption mode ciphers aes-ccm

Then


ap(config-ssid)#authentication open
ap(config-ssid)#authentication key-management wpa version 2

I was shown Error: Encryption mode cipher is not configured.

Turns out this setting needs to be applied to each VLAN presented to the SSID

ap(config)#interface Dot11Radio0

ap(config-if)#encryption vlan 13 mode ciphers aes-ccm tkip

I could then run

ap(config-ssid)#authentication open

ap(config-ssid)#authentication key-management wpa version 2

ap(config-ssid)#guest-mode

ap(config-ssid)#wpa-psk ascii WirelessPassword

GD Star Rating
loading...
GD Star Rating
loading...