Tag Archives: network

How to Block Brute Force Attacks

IPinfo allows you to reliably identify important information about an abusive IP including City, Region and Country. It also provides abuse information that will allow you to report the abuse to the netblock owner, you will usually need to provide Firewall and/or event logs that detail the attack. In some instances the attack may have been made from an anonymous VPN service, they are unlikely to have any logs of who undertook the attack but may be able to block your IP address or IP Range from their network.

https://ipinfo.io/

It’s very useful to be able to block traffic based on the country its originating from, so many of the Brute Force attacks that we face on a daily basis originate from a small number of countries. Many popular Firewalls provide this feature either as standard or as part of an additional security service subscription.

Watchguard – Geolocation

Fortinet – Geo IP block list

Sophos Firewall – country-based firewall rule

SonicWall – Geo-IP filter

Smoothwall – GeoBlocking

Draytek – Country Object or Geo-Blocking

Untangle NG Firewall – geolocation

pfSense (with pfBlockerNG Package) – geo-blocking

Windows Server 2012 and Windows 8 client/server readiness cumulative update released

Windows Server 2012 and Windows 8 client/server readiness cumulative update has been released

This update provides performance and reliability improvements that will improve the Windows Server 2012 and Windows 8

The update includes the following performance and reliability improvements:

  • Addresses PowerShell issue with certain localized languages when a Language Interface Pack is installed
  • Improves SMB service and client reliability under certain stress conditions
  • Improves clustered server performance and reliability in Hyper-V and Scale-Out File Server scenarios

You can obtain the update from Microsoft Article KB 2758246 http://support.microsoft.com/kb/2758246

Kerberos.dll – Pre Service Pack 2 Revision History for Windows 7 SP1, Windows Server 2008 R2 SP1 and Windows Small Business Server 2011 (SBS 2011)

Kerberos.dll – Pre Service Pack 2 Revision History for Windows 7 SP1, Windows Server 2008 R2 SP1 and Windows Small Business Server 2011 (SBS 2011)

04-Apr-2015 – 6.1.7601.23017 – Kerberos.dll – x86/x64 – https://support.microsoft.com/en-us/kb/3061518 – MS15-055: Vulnerability in Schannel could allow information disclosure: May 12, 2015

04-Apr-2015 – 6.1.7601.18812 – Kerberos.dll – x86/x64 – https://support.microsoft.com/en-us/kb/3061518 – MS15-055: Vulnerability in Schannel could allow information disclosure: May 12, 2015

29-Jul-2014 – 6.1.7601.22755 – Kerberos.dll – x64 – http://support.microsoft.com/kb/2987849 – Logon fails after you restrict client RPC to DC traffic in Windows Server 2012 R2 or Windows Server 2008 R2

11-Jul-2014 – 6.1.7601.22741 – Kerberos.dll – x86/x64 – http://support.microsoft.com/kb/2982706 – You cannot access network shares after the computer restarts in Windows 8.1 or Windows 7

07-Jul-2014 – 6.1.7601.22736 – Kerberos.dll – x86/x64 – http://support.microsoft.com/kb/2982378 – Microsoft Security Advisory: Update to improve credentials protection and management for Windows 7 and Windows Server 2008 R2: September 9, 2014

07-Jul-2014 – 6.1.7601.18526 – Kerberos.dll – x86/x64 – http://support.microsoft.com/kb/2982378 – Microsoft Security Advisory: Update to improve credentials protection and management for Windows 7 and Windows Server 2008 R2: September 9, 2014

04-Mar-2014 – 6.1.7601.22616 – Kerberos.dll – x86/x64 – https://support.microsoft.com/kb/2871997 – Microsoft Security Advisory: Update to improve credentials protection and management: May 13, 2014

04-Mar-2014 – 6.1.7601.18409 – Kerberos.dll – x86/x64 – https://support.microsoft.com/kb/2871997 – Microsoft Security Advisory: Update to improve credentials protection and management: May 13, 2014

09-May-2013 – 6.1.7601.22320 – Kerberos.dll – x86/x64 – http://support.microsoft.com/kb/2845626 – Cached credentials are not updated when you change your password in Windows

11-Aug-2012 – 6.1.7601.22084 – Kerberos.dll – x86/x64 – http://support.microsoft.com/kb/2743555 – MS12-069: Vulnerability in Kerberos could allow denial of service: October 9, 2012

11-Aug-2012 – 6.1.7601.17926 – Kerberos.dll – x86/x64 – http://support.microsoft.com/kb/2743555  – MS12-069: Vulnerability in Kerberos could allow denial of service: October 9, 2012

10-Jul-2012 – 6.1.7601.22048 – Kerberos.dll – x64 – http://support.microsoft.com/kb/2732595 – Lsass.exe crashes and error code 255 is generated in Windows Server 2008 R2

05-Jul-2012 – 6.1.7601.22045 – Kerberos.dll – x86/x64 – http://support.microsoft.com/kb/2719712 – KDC cannot process an S4U2Self ticket request on a Windows Server 2008 R2-based computer

29-Feb-2012 – 6.1.7601.21932 – Kerberos.dll – x86/x64 – http://support.microsoft.com/kb/2678068 – Remote Assistance invitation fails in an Active Directory environment in Windows 7 or in Windows Server 2008 R2

02-Jul-2011 – 6.1.7601.21762 – Kerberos.dll – x86/x64 – http://support.microsoft.com/kb/2566059 – RC4 pre-authentication failure for the Network Service account in Windows Server 2008 R2 or in Windows 7

11-May-2011 – 6.1.7601.21725 – Kerberos.dll – x86/x64 – http://support.microsoft.com/kb/2526946 – An SSO solution that calls the LsaLogonUser function to pass a KERB_TICKET_LOGON structure for Kerberos authentication does not work in Windows 7 SP1 or in Windows Server 2008 R2 SP1

11-May-2011 – 6.1.7601.17614 – Kerberos.dll – x86/x64 – http://support.microsoft.com/kb/2526946 – An SSO solution that calls the LsaLogonUser function to pass a KERB_TICKET_LOGON structure for Kerberos authentication does not work in Windows 7 SP1 or in Windows Server 2008 R2 SP1

18-Dec-2010 – 6.1.7601.21624 – Kerberos.dll – x86/x64 – http://support.microsoft.com/kb/2425227 – MS11-013: Description of the security update for Kerberos in Windows 7 and in Windows Server 2008 R2: February 8, 2011

17-Dec-2010 – 6.1.7601.17527 – Kerberos.dll – x86/x64 – http://support.microsoft.com/kb/2425227 – MS11-013: Description of the security update for Kerberos in Windows 7 and in Windows Server 2008 R2: February 8, 2011

Tdx.sys – Pre Service Pack 3 Revision History for Windows Vista SP2, Windows Server 2008 SP2 and Windows Small Business Server 2008 (SBS 2008)

Tdx.sys – Pre Service Pack 3 Revision History for Windows Vista SP2, Windows Server 2008 SP2 and Windows Small Business Server 2008 (SBS 2008)

14-May-2010 – 6.0.6002.22405 – Tdx.sys – x86/x64 – http://support.microsoft.com/kb/2029048 – Applications that use the TDI driver for network traffic may stop responding in Windows Server 2008 or in Windows Vista