Topics that don't fit in to the other categories
PFSense Route DNS Traffic

@mike-smith-0,

Take a look at your NAT rules. Check to see if you've also allowed for UDP to be NATed as well. TCP traffic may have been NATed but DNS (UDP) may not be NATed. This sould similar to the issue that you're having. Begin there.

read more
A+, Network+, Strata IT Fundamentals
CompTIA A+ Study Methods & When to sit the exam
C

@wes-bryan Thank you for the great advice! That helps a lot!

read more
CCENT, CCNA Routing & Switching, CCNA Security
Any way to set directly connected routes to a higher metric than OSPF or EIGRP for simulations
M

http://www.scsiraidguru.com/VIRL/VIRLSims/EIGRP2/

This has my Sh Run and other files

picture

iosv-2 has offset of 10000
iosv-6 has offset of 5000

iosv-1 only shows the 10000.

D 192.168.33.0 [90/3072] via 192.168.32.2, 00:20:28, GigabitEthernet0/2
192.168.34.0/30 is subnetted, 1 subnets
D 192.168.34.0 [90/3328] via 192.168.32.2, 00:20:16, GigabitEthernet0/2
192.168.35.0/30 is subnetted, 1 subnets
D 192.168.35.0 [90/3328] via 192.168.32.2, 00:20:16, GigabitEthernet0/2
192.168.36.0/30 is subnetted, 1 subnets
D 192.168.36.0
[90/13328] via 192.168.32.2, 00:20:16, GigabitEthernet0/2

read more
MTA, MCSA Windows 8, MCSE Windows Server 2012
stub zones
M

Thank you Adam but it is still unclear if this is a Wan scenario or an internet scenario. So the example I would have would be I have a publisher that is not part of my lan or wan but on the internet. Can a Sub Zone be used in this scenario?

read more
Security+, CASP, CEH, SSCP and CISSP
Pentesting methods and Legal jeopardy on both Consultant hired and client rendering services to.
C

I have a question about sample scenarios in consulting pen-testing with the typical littering the parking lot and public areas of the campus in the scope of the document. I could only assume some employee's might and could find those drives and instead of using them on the "scoped" target and security review take those drives home and their by put the Consultant pen-tester and the Company with the scope of work on the penetration tests.

Have colleagues come across this scenario and or have been brought into suit with employees of companies that later find out from an Email-blast or internal memorandum about the audit and lesson's learned.

I see it would be the due diligence for the consultant company to keep track / count / make model and serial numbers with custom malware for keylogging and persistence on systems but when and if that gets later discovered to have missing units and then having committed a crime under the computer fraud and abuse act.

I am very curious of this has happened, it bet this has happened and what are legal or SoW recommendations including additional run through with a Consultant's legal liability as well as your clients legal department assessing risk and damages.

read more
ACA, ACSP and ACTC
Jamf Casper Suite

@duncan-lawson238,

Sorry it's been a while since was able to reply. I was able to talk to Don about this for just a brief time. Currently, even though it's requested he doesn't see it making our schedule above the other more highly requested content.

I wanted to let you when I found something out.

read more