Stații de lucru

OS - Windows 8832 Solutii

Reguli si plangeri 9 Solutii

OS - OS X 410 Solutii

Reguli de configurare 12 Solutii

Licentiere 18 Solutii

Securitate 181 Solutii

Copie de rezerva (Backup) 68 Solutii

Antivirus 72 Solutii

Aplicatii specifice 5039 Solutii

Hardware 290 Solutii

Configuring a secure private network on Windows 11 using Built-in VPN and Multi-Factor Authentication

In today’s context, network security is a top priority. The increase in cyberattacks, data leaks, and traffic interception makes using a VPN (Virtual Private Network) and Multi-Factor Authentication (MFA) essential for both workplace and personal use.

Windows 11 natively supports VPN configuration and allows enabling MFA through a Microsoft account without third-party apps. This project demonstrates the steps to configure a secure VPN connection in Windows 11 and activate MFA, ensuring data protection and traffic confidentiality.

[mai mult...]

Deploying a guest network with Client/AP isolation

Wireless Guest Network is a very common feature for an Access Point device. In this article, I’ll explain why do we need such network and how exactly it is implemented in a typical access point.

As the name suggests Guest Network is for the guest. Now a days, almost all, if not all, organisation provides wireless network in the office for their employees to connect and access various network resources. However when some external customers, employee’s friend, relatives, interviewee etc comes to visit the office, how the organisation can provide internet connectivity to them? Of Course not, it’s a grave security concern. We need to find a way to allow guest internet access, at the same time deny any access to LAN resources.

Let’s consider above topology. Real office topology can be way more complex or simpler depending on the size of organisation. My intention here is is just make it complex enough to demonstrate the concept.

Employee connected to emp_ssid should be able to reach to server1, server2, server3, server4 as well as internet. Firewall can do routing when server2 or server3 are accessed Or there can be an L3 switch in the mix or some router also can be there for routing. Let’s assume some magic box is there to route between resources on switch1 & switch2 side and switch3 side. With this assumption, let’s put the requirements for Guest Network (guest_ssid).

  1. Guest should be able to connect to guest_ssid network with authentication configured in the guest_ssid.
  2. Guest shouldn’t be able to reach out to any resources on the LAN (server1, server2, server3 , server4 or any other employees devices that are connected to emp_ssid).
  3. If admin wants, may provide access to specific IP:Port on the LAN. Let’s say server4:port1111 made accessible.
  4. Guest should be able to get internet connection.
  5. One Guest Device shouldn’t be able to reach another Guest Device.

Whenever we think about traffic isolation, the default option come to our mind is VLAN. We can isolate guest traffic using VLAN without using guest network feature of access point. Most, if NOT all, access point supports VLAN configuration for a specific network (a.k.a SSID). We can put guest_ssid network on a specific VLAN other than the ones where LAN resources are . But there is a catch here. We have to be very careful about routing part in the magic box. We have to make sure that routing for guest VLAN subnet must not happen to switch3 side.

Even though VLAN can handle the Guest, it requires a certain level of competency. But most of the access point provides a very simple, one click solution for the same.

Press enter or click to view image in full size

Sophos AP, single click guest network

Single click fulfils all of the requirements, but let’s see how all of those requirements are achieved. I have seen two kind of implementation in the access points.

This feature makes sure that clients connected to same AP, can’t talk to each other. Typically, it’s a single click and when guest network is chosen, this is also chosen by default.

Press enter or click to view image in full size

Underlying implementation is done at the wireless driver level. I have found some wireless driver code in github and providing link of the same. Client Isolation selection results in setting up IEEE80211_F_NOBRIDGE flag in the driver. At wireless driver data delivery path there is a check if this flag is set or not. If not set (i.e. client isolation is disabled) then that means bridging within the wirless interface will be attempted. If destination is connected to same interface, data is retransmitted to same, without pushing the packets to network stack. If destination is doesn’t belong to same interface or IEEE80211_F_NOBRIDGE flag is set, packets are pushed to kernel network stack.

Now the biggest question is which method to use for securing the network so that guest can’t access network ?

VLAN is the fundamental element in networking, used for traffic isolation, but it requires a some technical competency. If competency is available, one must use VLAN to isolate guest traffic. On the other hand Guest network, combined with Client Isolation is also a robust mechanism to restrict guest for any other access and configuration is just few clicks and a layman can do it. Any attempt to access private network will be dropped at access point itself.

One must use guest network and if competency is there, guest network with VLAN is the best option.

[mai mult...]

How to safely and permanently delete your files in Windows 10/11 with Cipher

On Windows 11, those deleted files can be recoverable. Use the Cipher tool to remove them permanently from the hard drive.

  • To erase deleted files beyond recovery on Windows 11 (or 10), use the “cipher /w:DRIVE-LETTER:\FOLDER-PATH\” or “cipher /w:DRIVE-LETTER:\” command.

On Windows 11, you can use the “Cipher” tool to wipe out deleted data from the hard drive to make it unrecoverable without formatting the entire storage, and in this guide, I’ll walk you through the steps to use this tool.

Cipher.exe is a command-line tool that has been around for a long time in the client and server versions of the operating system. Microsoft designed the utility to encrypt and decrypt data from drives using the NTFS file system. However, you can also use it to overwrite deleted data to prevent recovery.

When you delete a file or folder, the system does not immediately remove the data from the hard drive. Instead, it marks the data for deletion and keeps it available until other data overwrites it. It’s why you can recover accidentally deleted data and why it is always best to stop using the device immediately after accidental deletion to improve your chances of recovery using special software.

If you have deleted data beyond the Recycle Bin and want to ensure it’s unrecoverable, you can use the Cipher tool in Command Prompt to overwrite it with zeros and ones, making it difficult to recover.

Use Cipher to overwrite deleted data on Windows 11

To wipe out deleted data from the drive with Cipher on Windows 11 (or 10), use these steps:

  1. Open Start on Windows 11.
  2. Search for Command Prompt, right-click the top result, and choose the Run as administrator option.
  3. Type the following command to securely erase deleted data and press Enter/p> 
    cipher /w:DRIVE-LETTER:\FOLDER-PATH\

    Cipher overwrite deleted data command

    In the command, replace “DRIVE-LETTER” with the drive letter with the deleted content and “FOLDER-PATH” with the path to the folder to completely erase from the hard drive. For example, this command uses Cipher to wipe out the “aws-rclone-test” folder that I previously deleted: cipher /w:c:\aws-rclone-test

  4. Type the following command to securely erase the free space that may contain deleted data information and press Enter: 
    cipher /w:DRIVE-LETTER:\

    In the command, replace “DRIVE-LETTER” with the drive letter of the storage you want to wipe out the free space. For example, this command wipes out only the free available space of the “C:\” that may contain recoverable data: cipher /w:c:\

  5. (Optional) Type the following command to overwrite deleted data with multiple passes and press Enter: 
    cipher /w:DRIVE-LETTER:\ /p3

    In the command, replace “DRIVE-LETTER” with the drive letter of the storage you want to wipe out the free space. You can also change “3” for the number of passes you wish to use. The greater the number, the more time it will take to complete the process.

Once you complete the steps, Cipher will overwrite the deleted data, making it very difficult for anyone to use recovery software to reconstruct and restore the files and folders from the hard drive. Cipher only overwrites free available space where deleted data may still reside. It doesn’t wipe out the existing and accessible data. You can also run this tool in the “C:\” drive where the operating system is installed.

[mai mult...]