All posts tagged internet

How to Block Internet Access with Group Policy (GPO)

This how to will show you how to block internet access for a user, users or computer within an Active Directory Group Policy Object.  I’ve tested this on Windows 7 and Windows 10 and it works great!

There are plenty of tutorials out there detailing a way to block access is via enforcing a non-existent proxy. This method will work for some things, but the problem is not all software necessarily uses these settings to connect to the internet and doesn’t necessarily stop a determined user or bad guy.

Continue reading →

Enforcing Microsoft Office 365 and Azure Tennancy with McAfee Web Gateway (MWG)

McAfee Web Gateway (MWG) is a pretty phenominal product, if you’re looking for a commercial web filtering solution then MWG should certainly be something you should investigate.  If however you already have a MWG and are looking at a rule base to make sure that your users can only logon to your approved Microsoft Office 365 domains then read on.

Microsoft Office 365 (O365) is a pretty phenominal product, if you’re looking for a collaboration system then O365 should be something you should investigate.  If however you want to make sure that only your organisation can log on to O365 via your network then read on.

Continue reading →

Steam & Valve IP Ranges

After spending a fair amount of time trying to find the IP subnets which Steam uses I came up a blank, so I went to Arin.

Continue reading →

Easy(ish) IPSec VPN with Shared ECDSA Certificates for Host to Host Connections

Let me start off by saying that using certificates for your IPSec VPNs adds another layer of complexity onto your connections. However what I’ve tried to do is to make this how to guide as easy to follow as I possibly can.

By using certificates we can negate the requirements to use pre shared keys and thus are considered more secure and if we have lots of tunnels it means we don’t have to worry about having a separate key for each connection therefore providing a great deal of scalability.

Continue reading →

Configuring Suite B, VPN-A and VPN-B in IPSec with Strongswan

Many vendors have got the various IPSec standards already implemented within their products for ease of use.  This is my configuration for matching these standards with Strongswan.

It’s always nice to use a standard; they come from RFCs so have some level of scrutiny and make things interoperable.  These suites in my experience tend to be the ones which are implemented most widely.  As a security professional I’m happy that someone has investigated the best solutions with which to use.

Continue reading →