Tag: password

Change Remote Machine’s Password over Internet

Symantec Community Leave a comment
I need a solution

Hello Masters, 

May i please request your support & assistance for this requirement i have with my company Your advice on this matter would be greaty appriciated. 

Requirement

A company owned laptop (with SEP installed in it) was stolen along with its username/password. In some cases the employee itself do not return their laptops as they move out of the firm.

On a data security perspective, we need to ensure that the local data resding in the laptop is not manupulated or transferred to any other sources. The best scinario would be to lock the machine down completely in such  a way that the user wont be even able to log in to the device, there after.

Option 1

Utlizing SEP lockdown over internet – would locking down Explorer.exe be effective in such scenarios? Would the user still be able to log in & do some data transfers after that?

Option 2

Remotely changing the local username/password (using VN script) so the user would be locked out and wont be able to log in back to the machine there after?

Script

strComputer = “.”

Set objUser = GetObject(“WinNT://” & strComputer & “/Administrator, user”)

objUser.SetPassword “09iuy%4e” objUser.SetInfo

0

Related:

  • No Related Posts

updating the “protect” password

Symantec Community Leave a comment
I need a solution

I’m getting ready to update the “protect” password for the first time since installation of DLP 15.0 using instructions found:

https://support.symantec.com/en_US/article.TECH220…

This article does not discuss options to roll back if there are problems.

Does anyone have experience with this process?

I do not have a test environment in which to walk through the process and want to make sure I have contingency plans before making the changes to the production environment.

TIA,
GiGi

0

Related:

  • No Related Posts

Cisco Network Assurance Engine CLI Access with Default Password Vulnerability

Cisco Leave a comment

A vulnerability in the management web interface of Cisco Network Assurance Engine (NAE) could allow an unauthenticated, local attacker to gain unauthorized access or cause a Denial of Service (DoS) condition on the server.

The vulnerability is due to a fault in the password management system of NAE. An attacker could exploit this vulnerability by authenticating with the default administrator password via the CLI of an affected server. A successful exploit could allow the attacker to view potentially sensitive information or bring the server down, causing a DoS condition.

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190212-nae-dos

Security Impact Rating: High

CVE: CVE-2019-1688

Related:

  • No Related Posts

Cisco Aironet Active Sensor Static Credentials Vulnerability

Cisco Leave a comment

A vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an unauthenticated, remote attacker to restart the sensor.

The vulnerability is due to a default local account with a static password. The account has privileges only to reboot the device. An attacker could exploit this vulnerability by guessing the account name and password to access the CLI. A successful exploit could allow the attacker to reboot the device repeatedly, creating a denial of service (DoS) condition. It is not possible to change the configuration or view sensitive data with this account.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-aas-creds

Security Impact Rating: Medium

CVE: CVE-2019-1675

Related:

  • No Related Posts