Enabling .Net Framework 3.5 in Windows Server 2012 using Command prompt
Enabling .Net Framework 3.5 in Windows Server 2012 using Command prompt
You need
- Media of Windows Server 2012
insert your media in your dvd drive or mound it via iLo or pendrive
please not your drive letter which is assigned to that media
now open up your command prompt
press windows key and R key same time now run windows will appear , now type CMD then press enter
this will open your command prompt
now mound your drive letter
in this case my drive letter is ” D “
so i need to type D: in the command prompt
now type following command
dism /online /enable-feature /featurename:NetFx3 /All /Source:d:/sources/sxs
Note* in command line letter d may vary
now wait for some time
done !
lets check on server manager
Some Security Softwares
and host-based :
security software to detect malicious activity, protect systems and data, and support incident response efforts. Accordingly, security software is a major source of computer security log data. Common types of network-based and host-based security software include the following
Network Quarantine Servers : Some organizations check each remote host’s security posture before allowing it to join the network. This is often done through a network quarantine server and agents placed on each host. Hosts that do not respond to the server’s checks or that fail the checks are quarantined on a separate virtual local area network segment. Network quarantine servers log information about the status of checks, including which hosts were quarantined and for what reasons.
Routers : Routers may be configured to permit or block certain types of network traffic based on a policy. Routers that block traffic are usually configured to log only the most basic characteristics of blocked activity.
Web Proxies : Web proxies are intermediate hosts through which Web sites are accessed. Web proxies make Web page requests on behalf of users, and they cache copies of retrieved Web pages to make additional accesses to those pages more efficient. Web proxies can also be used to restrict Web access and to add a layer of protection between Web clients and Web servers. Web proxies often keep a record of all URLs accessed through them.
Vulnerability Management Software : Vulnerability management software, which includes patch management software and vulnerability assessment software, typically logs the patch installation history and vulnerability status of each host, which includes known vulnerabilities and missing software updates.5 Vulnerability management software may also record additional information about hosts’ configurations. Vulnerability management software typically runs occasionally, not continuously, and is likely to generate large batches of log entries.
Remote Access Software : Remote access is often granted and secured through virtual private networking (VPN). VPN systems typically log successful and failed login attempts, as well as the dates and times each user connected and disconnected, and the amount of data sent and received in each user session. VPN systems that support granular access control, such as many Secure Sockets Layer (SSL) VPNs, may log detailed information about the use of resources.
Antimalware Software : The most common form of antimalware software is antivirus software, which typically records all instances of detected malware, file and system disinfection attempts, and file quarantines. 3 Additionally, antivirus software might also record when malware scans were performed and when antivirus signature or software updates occurred. Antispyware software and other types of antimalware software (e.g., rootkit detectors) are also common sources of security information.
Intrusion Detection and Intrusion Prevention Systems : Intrusion detection and intrusion prevention systems record detailed information on suspicious behavior and detected attacks, as well as any actions intrusion prevention systems performed to stop malicious activity in progress. Some intrusion detection systems, such as file integrity checking software, run periodically instead of continuously, so they generate log entries in batches instead of on an ongoing basis.
Firewalls : Like routers, firewalls permit or block activity based on a policy; however, firewalls use much more sophisticated methods to examine network traffic.6 Firewalls can also track the state of network traffic and perform content inspection. Firewalls tend to have more complex policies and generate more detailed logs of activity than routers.
Authentication Servers : Authentication servers, including directory servers and single sign-on servers, typically log each authentication attempt, including its origin, username, success or failure, and date and time.
Network Threat : The Trojan Horse
What is a Trojan Horse ?
A trojan horse is used to enter a victim’s computer, granting the attacker ‘wrapped’ into a program meaning that this program may therefore have hidden fuctions that you are not aware of.
unrestricted access to the data stored on that computer and causing great damage to the victim. A trojan can be a hidden program that runs on your system without your information,
or it can be
Different types of trojans :
1) FTP torjans : These trojans open an FTP server on the victim’s machine that might store and serve illegal software and/or sensitive data, and allow attackers to connect to your machine via FTP.
2) Destructive trojans : The only function of these trojans is to destroy and delete files. This makes them very simple to use. They can automatically delete all the core system files on your machine. The trojan can either be activated by the attacker or can work like a logic bomb that starts on a specific day and time.
A destructive trojan is a danger to any computer network. In many ways, it is similar to a virus, but thedestructive trojan has been created purposely to attack you, and therefore is unlikely to be detected by your antivirus software.
3) Proxy trojans : These trojans turn the victim’s computer into a proxy server, making it available to the whole world or to the attacker alone. It is used for anonymous Telnet, ICQ, etc., to make purchases with stolen credit cards, and for other such illegal activities. This gives the attacker complete anonymity and the opportunity to do everything from YOUR computer, including the possibility to launch attacks from your network.
4) Denial of Servce (DoS) attack trojans : These trojans give the attacker the power to start a Distributed Denial of Service attack if there are enough victims. The main idea is that if you have 500 infected ADSL users and you attack the victim simultaneously from each, this will generate HEAVY traffic, causing its access to the Internet to shut down.
5) Security software disablers : These are special trojans, designed to stop/kill programs such as antivirus software, firewalls, etc. Once these programs are disabled, the hacker is able to attack your machine more easily.
6) Data-sending trojans : The purpose of these trojans is to send data back to the hacker with information such as passwords (ICQ, IRC, FTP, HTTP) or confidential information such as chat logs, address lists, etc. The trojan could look for specific information in particular locations or it could install a key-logger and simply send all recorded keystrokes to the hacker.
7) Remote access trojans : These are probably the most publicized trojans, because they provide the attacker with total control of the victim’s machine. Example : Back Orifice trojans. The idea behind them is to give the attacker COMPLETE access to someone’s machine, and therefore full access to files, private conversations, accounting data, etc. Some trojans can also automatically connect to IRC and can be controlled through IRC commands almost anonymously, without the attacker and the victim ever making a real TCP/IP connection.
Another question : How can I get infected ?
Generally, attack are being done through :
1) Infection via attachment ( of course emails : the most common way )
2) Infection by downloading files from a website (another common way )
Now most important thing, how to protect your network from trojans ?
Ok, if you think that anti-viruses are really helpful and they’ll protect your system and network from trojan attacks, then you are wrong. Anti-viruses just help us to some extent.
To effectively protect your network against trojans, you must follow a multi-level security strategy:
1. You need to implement gateway virus scanning and content checking at the perimeter of your network for email, HTTP and FTP – It is no good having email anti-virus protection, if a user can download a trojan from a website and infect your network.
2. You need to implement multiple virus engines at the gateway – Although a good virus engine usually detects all known viruses, it is a fact that multiple virus engines jointly recognize many more known trojans than a single engine.
3. You need to quarantine/check executables entering your network via email and web/FTP at the gateway. You have to analyze what the executable might do.
4. Do not open unsolicited attachments in email messages.
5. Do not follow unsolicited links.
7. Use an Internet firewall.
8. Securing your web browser.
9. Keep your system patched.