Category Archives: General

General information

Offline method for Java installing

1. Go to the Manual download page

http://java.com/en/download/ie_manual.jsp
2. Click on Windows Offline.

java-offline
3. The File Download dialog box appears prompting you to run or save the download file

4.Click the Install  button to accept the license terms and to continue with the installation.

How to Activate or Renew Symate License

After your Symantec  trial expired what need to be do.Below the document shows how will activate or renew license.

How to Activate Symate License

License Types and Policy

SEP EE Licensing guide

Datasheet

symantec-endpoint-protection

Windows Authenticator(WinAuth)

WinAuth is a portable, open-source Authenticator for Windows that can

be used as a 2FA including Bitcoin / crypto-currency websites, any

service that requires the Google Authenticator, and games such as

World of Warcraft, Diablo III, Guild Wars 2, Rift, ArcheAge. WildStar,

Runescape and Steam.

YubiKey
WinAuth can use a YubiKey to encrypt its data, ensuring your

authenticators’ information cannot be read by anyone even when they

have physical access to your computer.

A YubiKey Standard or NEO 2.2.x or later is required.

HOTP / Counter-based Authenticator
A HOTP authenticator can be Adding a normal “Authenticator” and either

pasting in a counter-based KeyUri or choosing the counter option.

Code
CodeIssues
IssuesPull requests
Pull requestsPulse
PulseGraphs
GraphsHTTPS clone URL
Copy to clipboard Subversion checkout URL Copy to clipboard
You can clone with HTTPSor Subversion. Get help on which URL is right

for you.Clone in Desktop Download ZIP Authenticator for Battle.net /

Steam / Guild Wars 2 / Glyph / WildStar / Runescape / SWTOR / Bitcoin
https://winauth.com 367 commits 5 branches 55 releases 2

contributors C# 97.3% C 2.5% Other 0.2% C# C Other
Quickly jump between filesCompare, review, create a pull

requestBranch: master Switch branches/tags  Branches Tags 2.x MONO

master origin/master wiki Nothing to showWM6_0.5.1018 3.2.15

3.2.13 3.2.12 3.2.6 3.2.5 3.2.4 3.2.3 3.1.8 3.1.6 3.1.5

3.0.22.2 3.0.21 3.0.20 3.0.17 3.0.14 3.0.12 3.0.11 3.0.10

3.0.8 3.0.7 3.0.6 3.0.5 3.0.0 2.0.10 2.0.9 2.0.8 2.0.7 2.0.6

2.0.5 2.0.4 1.8.1323 1.7.1314 1.7.1311 1.5.1116 1.5.0 1.4.1170

1.4.1168 1.4.1166 1.4.1163 1.4.1161 1.4.1159 1.4.1156 1.3.1051

1.2.1045 1.2.1041 1.1.1035 1.0.1030 0.9.1025 0.8.1016 0.8.1010

0.7.107 0.5.103 0.4.1 0.4 Nothing to showwinauth /  You must be

signed in to make or propose changesFix #226: upgrade to .Net 4.5 and

force TLS

Copy SHA latest commit 618f11fbef
winauth authored Sep 23, 2015
Permalink  Failed to load latest commit information.
  Authenticator  Fix #226: upgrade to .Net 4.5 and force TLS  Sep 23,

2015
  Third Party  Fix #226: upgrade to .Net 4.5 and force TLS  Sep 23,

2015
  WinAuth.YubiKey  Clear password field.  Jul 1, 2015
  WinAuth  Fix #226: upgrade to .Net 4.5 and force TLS  Sep 23, 2015
  packages  Add Steam authenticator  May 28, 2015
  LICENSE  Initial upload of beta version.  Jul 27, 2010
  README.md  Add 3.2.16  Sep 17, 2015
  WinAuth.sln  Issue#201: don’t decode URI on TextChanged but on

button  Jun 18, 2015
  winauth3-preview.png  Update v3 preview  Jul 18, 2013

README.md
Windows Authenticator
WinAuth is a portable, open-source Authenticator for Windows that

provides a time-based RFC 6238 authenticator and common

implementations, such as the Google Authenticator. WinAuth can be used

with many Bitcoin trading websites as well as games, supporting

Battle.net (World of Warcraft, Hearthstone, Heroes of the Storm,

Diablo), Guild Wars 2, Glyph (Rift and ArcheAge), WildStar, RuneScape,

SWTOR and Steam.

———————————————————————-

———-

Download Latest Version
The latest stable version is WinAuth 3.1.8, and is available to

download from this source repository to compile yourself, or as a

pre-compiled binary from WinAuth downloads.

———————————————————————-

———-

WinAuth 3.2 (development)
The next version of WinAuth is in development. This release includes

both the new Steam Guard Mobile Authenticator, integration with

YubiKey to enhance your authenticator security and a HOTP

implementation.

Steam Guard
WinAuth can be registered as a new mobile device to create a Steam

authenticator and displays the appropriate 5 character codes.

Please read about the Steam Guard Mobile Authenticator for more

information.

YubiKey
Anyone with a YubiKey can now use it with WinAuth to further protect

their data. This will help ensure the authenticators’ secret keys

cannot be read by anyone even when they have physical access to your

computer.

A YubiKey Standard / NEO 2.2.x or later is required.

WinAuth 3.2.16 is available to download.

This is a pre-release version and should not be used with live

accounts. The configuration file updated by 3.2 is not backward

compatible with 3.1. Please make a backup of your current

authenticator data first, which is store in c:\Users<username>

\AppData\Roaming\WinAuth\winauth.xml.

WinAuth 3.1 (stable)
WinAuth provides an alternative solution to combine various two-factor

authenticator services in one convenient place.

Download Latest Version (WinAuth-3.1.8)

License
This program is free software: you can redistribute it and/or modify

it under the terms of the GNU General Public License as published by

the Free Software Foundation, either version 3 of the License, or (at

your option) any later version.

This program is distributed in the hope that it will be useful, but

WITHOUT ANY WARRANTY; without even the implied warranty of

MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU

General Public License for more details.

You should have received a copy of the GNU General Public License

along with this program. If not, see http://www.gnu.org/licenses/.

Features include:

•Support for time-based RFC 6238 authenticators, and common

implementations such as Google Authenticator.
•Supports Battle.net (World of Warcraft, Hearthstone, Heroes of the

Storm, Diablo III), GuildWars 2, Trion / Glyph (Rift, ArcheAge),

RuneScape, WildStar, SWTOR and Steam
•Supports many Bitcoin trading websites such as Bitstamp, BTC-e,

Coinbase, Cryptsy
•Displays multiple authenticators simultaneously
•Codes displayed and refreshed automatically or on demand
•Data is encrypted with your own personal password and can be locked

to Windows machine or account
•Additional password protection per authenticator
•Restore features for supported authenticators, e.g. Battle.net and

Rift
•Selection of standard or custom icons
•Hot-key binding with standard or custom actions, such as code

notification, keyboard input, and copy to clipboard
•Portable mode preventing changes to other files or registry settings
•Export in UriKeyFormat
•Importing authenticators in UriKeyFormat and from Authenticator Plus

for Android

Download software from
https://github.com/winauth/winauth

Step by step
https://www.maketecheasier.com/google-authenticator-windows/

Is win32.exe is a windows file?

Most antivirus programs identify win32.exe as malware—e.g. Symantec identifies it as Trojan.Adclicker or Downloader, and Microsoft identifies it as TrojanSpy:Win32/Malintent or TrojanClicker:Win32/Hatigh.C.

Description: Win32.exe is not essential for Windows and will often cause problems. Win32.exe is located in the C:\Windows\System32 folder. Known file sizes on Windows 8/7/XP are 15,360 bytes (29% of all occurrences), 1,389,047 bytes and 8 more variants.
There is no information about the author of the file. The file is not a Windows system file. The program starts upon Windows startup (see Registry key: MACHINE\Run, Run, MACHINE\RunServices, Winlogon\Shell, User Shell Folders, RunOnce, DEFAULT\Run, DEFAULT\Runonce). The program has no visible window. The file is an unknown file in the Windows folder. The software listens for or sends data on open ports to a LAN or the Internet. Win32.exe is able to monitor applications, hide itself, record keyboard and mouse inputs and manipulate other programs. Therefore the technical security rating is 77% dangerous, however you should also read the user reviews.

Read this blog

http://www.file.net/process/win32.exe.html
http://malwaretips.com/blogs/win32-mediaget-removal/

Google Authenticator

Google Authenticator is an application that implements Time-based One-time Password Algorithm (TOTP) security tokens in mobile apps made by Google.The Authenticator can also generate codes for third-party applications or file hosting services.Previous versions of the software were open source but subsequent releases are proprietary.
GA
Working
The service provider generates an 80-bit secret key for each user (in contravention of RFC 4226 §4[33]). This is provided as a 16, 24 or 32 character base32 string or as a QR code. The client creates an HMAC-SHA1 using this secret key.
users will install the Authenticator app on their smartphone to log into a site or service that uses two-factor authentication, they provide user name and password to the site and run the Authenticator app which produces an additional six-digit one-time password. The user provides this to the site, the site checks it for correctness and authenticates the user.
how works fig2
How to two-step authentication is enabled for your Google account

1.Make sure that two-step authentication is enabled and configured for your account.
2.Download and install the app on your Android device or on your iPhone, iPad or iPod Touch
3.Login to your Google account at http://accounts.google.com. Choose “Security” from the left-side menu, then look for “2-step verification” and click “Edit”. You may need to login again.
Connect your Google Authenticator app to your Google account by following the prompts after “How to Connect” a Mobile Application.

Setting up for google applications.
fig1 fig5 fig4 fig3
Setting up OTP for  WordPress

GAwp1

GAwp2

GAwp3

GAwp4

GAwp5

GAwp6

GAwp7

GAwp8

Install Google Authenticator
https://support.google.com/accounts/answer/1066447?hl=en

Symantec VIP

Symantec Validation & ID Protection (VIP) Service provides online service providers and enterprises with increased security of their applications in the form of two-factor authentication and better
protection for their End Users against identity theft.
The VIP Network is governed by the VIP Network Policy (VIP Policy),which may be accessed from the repository link on http://www.verisign.com.

VIP Self-Service Portal:- A Symantec hosted web portal providing End Users with credential lifecycle services VIP Enterprise Gateway:- An enterprise-hosted software component providing integration with enterprise applications and directories.

VIP Manager:- A Symantec hosted web portal providing VIP Service customers with Service configuration, reporting and management capabilities.
One Time Password (OTP):- Credentials (VIP Credentials) can use for end users.

Benefits
Provides security and convenience: Meet IT’s security requirements and the user demand for convenience with two-factor authentication options that are as easy as one-touch Push verification and passwordless authentication
Accelerates time-to-security: Speeds deployments by eliminating infrastructure and physical tokens; and through user friendly self-service options for token registration and provisioning
Enables compliance: Helps enable compliance by establishing controls over access to sensitive networks, applications, and data

Reduces capital costs: Eliminates the expense of building and maintaining in-premise infrastructure
Delivers

Scalability: Carrier-class availability and reliability accommodates rapid changes in user base and allows for easy delivery of new VIP capabilities

Third-party Integration’s

Symantec VIP supports integration with many popular enterprise

applications. The following is a list of our current integration’s:
Apache Networks
Apache HTTP Server
Array Networks
Array SSL VPN
Barracuda Networks
Barracuda SSL VPN
Check Point
SSL VPN Software Blade
Firewall Software Blade
IPSec VPN Software Blade
Cirix System
Citrix Access Gateway
Citrix GoToMyPC
Citrix Netscaler
Citrix XenApp
Cisco Systems
Cisco Secure ACS
Cisco Adaptive Security Appliances
Cisco ISE
Cisco VPN
F5 Networks
BIG IP APM
Firepass VPN
IBM Corporation
IBM Tivoli Access Manager
Juniper Networks
Juniper SA VPN
Juniper Steel Belted Radius
Microsoft Corp.
Active Directory Federation Services
Microsoft Credential Provider
Threat Management Gateway (2010)
Internet Acceleration Server (2006)
Microsoft Forefront Unified Access Gateway
Microsoft GINA
Network Policy Server (NPS)
Internet Information Server (IIS) 7 and 8
Outlook Web Access
Remote Desktop Web Access
SharePoint Portal Server
Netmotion
Netmotion with SBR (Steel Belted Radius)
Oracle Corporation
OpenSSO
Oracle Access Manager
Oracle Corporation and Red Hat
Pluggable Authentication Modules
Salesforce
Salesforce integration with ADFS
SAP
Netweaver
SonicWALL
SonicWALL Aventail® SSL VPN
Third Party IDP
ADFS as IDP for SSP
VMWare
VMWare View 5.1

How does it works?.
how vip works screen

Installing the VIP Access Software
1. Get the Symantec VIP Access software.
2. You are required to install this on your mobile device, so go to your “store” and download the app:
Apple Devices: iPhone, iPad, etc. Search for “Symantec VIP” in the Apple App Store
Android Devices: Phones/Tablets. Search for “Symantec VIP” in the Play Store
Blackberry: Phones. Search for “Symantec VIP” in the Blackberry World Store
Microsoft Windows Devices: Search for “Symantec VIP” in the Windows Store
3. If you don’t have a mobile device (smart-phone/tablet), and only use a laptop or desktop computer, you will have to install the Symantec VIP application onto your desktop.

For mobile devices
https://m.vip.symantec.com/home.v
For desktop
https://vip.symantec.com/desktop/home.v
For tokens
https://vip.symantec.com/orderstart.v

Registering your credentials in the VIP Self Service Portal
Go to the VIP Self Service Portal to register your credentials

Logging into the web Portal
Log into the Haas Portal using credentials received in your device.

Below document shows how can use Symantec VIP
how vip works

Refferences
vip-service-descriptionvip-service-description
Self_Service_Portal_User_Guide_v1Self_Service_Portal_User_Guide_v1_2(1)
sms-otp-service-descriptionsms-otp-service-description

Adding certificates using commands

Unix
cat foo.crt > /etc/pki/certs/ca.crt

Enable the dynamic CA configuration feature:
update-ca-trust enable

Debian
copy and update store
sudo cp foo.crt /usr/local/share/ca-certificates/foo.crt

Update the CA store

sudo update-ca-certificates

Windows
Certutil –addstore –f “TrustedPublisher” <pathtocertificatefile>
Certutil –addstore –f “CA” <pathtocertificatefile> for intermediate
certutil -addstore “Root” “c:\cacert.cer” for root
certutil -addstore “MY” “<pathtocertificatefile>” for local/personal
certutil -addstore “spc” “<pathtocertificatefile>” for software publisher certificates
certutil -addstore “user_created_store “<pathtocertificatefile>” for name of a user-created certificate store

AddressBook -> specifies “Other People” store
Trust -> specifies “Enterprise Trust” store
TrustedPublisher -> specifies “Trusted Publishers” store

certutil –f –p [certificate_password] –importpfx C:\[certificate_path_and_name].pfx

How to disable Symantec NTP

Below is a document to disabling Symantec firewall.

sepm_firewalNTP-disable

customized(modify)Symantec setup

Here describing how to customizing/modifying Symantec components.

Symantec_modify setup

Open DNS

OpenDNS is a company provide DNS resolution service acquired by Cisco On June 30, 2015(https://www.opendns.com/).OpenDNS provides the following recursive name server addresses for public use.
208.67.222.222 (resolver1.opendns.com)
208.67.220.220 (resolver2.opendns.com)
208.67.222.220
208.67.220.222

OpenDNS also provides the following recursive nameserver addresses as part of their FamilyShield parental controls which block pornography, proxy servers, and phishing sites:
208.67.222.123
208.67.220.123

OpenDNS supports the DNSCrypt protocol, which authenticates DNS traffic between the user’s computer and the name servers.This requires installing free software onto supported devices.

Similar service providers

Norton ConnectSafe is a free public DNS service offered by Symantec Corporation.

Policy A — Security
This policy blocks all sites hosting malware, phishing sites, and scam sites. To choose Policy A, use the following IP addresses as preferred and alternate DNS server addresses:
199.85.126.10
199.85.127.10

Policy B — Security + Pornography
In addition to blocking unsafe sites, this policy also blocks access to sites that contain sexually explicit material. To choose Policy B, use the following IP addresses as preferred and alternate DNS server addresses:
199.85.126.20
199.85.127.20

Policy C — Security + Pornography + Non-Family Friendly
This policy is ideal for families with young children. In addition to blocking unsafe sites and pornography sites, this policy also blocks access to sites that feature mature content, abortion, alcohol, crime, cults, drugs, gambling, hate, sexual orientation, suicide, tobacco, or violence. To choose Policy C, use the following IP addresses as preferred and alternate DNS server addresses
199.85.126.30
199.85.127.30

FreeDNS is an open, free and public DNS Server(http://freedns.zone/en/).
server addresses
37.235.1.174
37.235.1.177

Google Public DNS(https://developers.google.com/speed/public-dns/)
IP addresses 8.8.8.8 and 8.8.4.4

Open NIC(https://www.opennicproject.org/)
server addresses
103.250.184.85
103.25.202.192

%d bloggers like this: