• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

network/security issue on small company network

$ReaPeR$

$ReaPeR$

Joined
Jul 14, 2008
Messages
872 (0.14/day)
Location
Copenhagen, Denmark
System Specs
System Name Ryzen/Laptop/htpc
Processor R9 3900X/i7 6700HQ/i7 2600
Motherboard AsRock X470 Taichi/Acer/ Gigabyte H77M
Cooling Corsair H115i pro with 2 Noctua NF-A14 chromax/OEM/Noctua NH-L12i
Memory G.Skill Trident Z 32GB @3200/16GB DDR4 2666 HyperX impact/24GB
Video Card(s) TUL Red Dragon Vega 56/Intel HD 530 - GTX 950m/ 970 GTX
Storage 970pro NVMe 512GB,Samsung 860evo 1TB, 3x4TB WD gold/Transcend 830s, 1TB Toshiba/Adata 256GB + 1TB WD
Display(s) Philips FTV 32 inch + Dell 2407WFP-HC/OEM/Sony KDL-42W828B
Case Phanteks Enthoo Luxe/Acer Barebone/Enermax
Audio Device(s) SoundBlasterX AE-5 (Dell A525)(HyperX Cloud Alpha)/mojo/soundblaster xfi gamer
Power Supply Seasonic focus+ 850 platinum (SSR-850PX)/165 Watt power brick/Enermax 650W
Mouse G502 Hero/M705 Marathon/G305 Hero Lightspeed
Keyboard G19/oem/Steelseries Apex 300
Software Win10 pro 64bit
Hey guys :)
A problem has occurred on the device network at my place of work, and since I'm the official technician, I'm in charge of dealing with it. Although my major was in networking, I have a very limited practical experience so this may well be a very stupid/easy problem to fix. Anyway, the problem is as follows.
There are 7 PCs connected to the network + a server, all the pc's show the following image when trying to load various pages in ie/chrome/firefox, the pages are unrelated to each other and they are "safe", it does it even when trying to load the "steam" homepage, but not on all computers, some of them load it normally. The pc's are usually used to browse porn. (due to the nature of the place) (sorry for my syntax/grammar, English is not my mother tongue)
Thank you in advance :)
work problem.jpg
 
Check client PCs with this issue for any similarities (same browser, same AV, any adblocker/security add-ons etc)
Check if there is any consistency between client IPs on which websites are being blocked (in case there is some long-forgotten firewall setting or anything of a kind running on your server). Re-check firewall settings on your server and see if there is any kind of URL or content blocking.
That's about all I can think of.

$ReaPeR$ said:
The pc's are usually used to browse porn.
Click to expand...
Are you, guys, hiring?
 
What are you guys using for security (anti virus, web filter, etc.)? That could be a web filter though usually there's a logo.

Are you guys using any kind of proxy?

Are you using a business-grade router/firewall for your gateway? Is it being properly maintained and support contracts renewed?

Have you changed ISP's or have they introduced DNS filtering security-related services (similar to OpenDNS)?
 
silentbogo said:
Check client PCs with this issue for any similarities (same browser, same AV, any adblocker/security add-ons etc)
Check if there is any consistency between client IPs on which websites are being blocked (in case there is some long-forgotten firewall setting or anything of a kind running on your server). Re-check firewall settings on your server and see if there is any kind of URL or content blocking.
That's about all I can think of.


Are you, guys, hiring?
Click to expand...
Thanks for the reply mate :) actually if u live in Copenhagen there might be a chance for that :D to the point tho.. all the pcs have this issue on all available browsers, all on win 7 64 bit except for one which is using win 10 pro 64 bit. nothing has been changen on the network, but the server did do some updates the last time i checked it, ie 2 days ago. you think that could be an issue?

Kursah said:
What are you guys using for security (anti virus, web filter, etc.)? That could be a web filter though usually there's a logo.

Are you guys using any kind of proxy?

Are you using a business-grade router/firewall for your gateway? Is it being properly maintained and support contracts renewed?

Have you changed ISP's or have they introduced DNS filtering security-related services (similar to OpenDNS)?
Click to expand...
also thank for the reply :) the router is home grade, and very weird i might add, its "made" by a local company but it seems to have a broadcom chip. also im not aware of any proxy, im the "new" guy and the previous fellow is not to be bothered so.. im on my own on figuring everything out..
 
Porn sites are notorious for having malware and linking to other 'bad sites'. You're infected with something, and something strong. I would do nothing short of imaging all the systems if you have image backups. Otherwise, destroy and re-format and re-install everything.

And to prevent this type of thing in the future, I would highly encourage using something like deep freeze or reboot restore to keep the systems in a steady state. Better yet, use windows embedded thin clients and reboot daily.
 
$ReaPeR$ said:
Hey guys :)
A problem has occurred on the device network at my place of work, and since I'm the official technician, I'm in charge of dealing with it. Although my major was in networking, I have a very limited practical experience so this may well be a very stupid/easy problem to fix.
Click to expand...

Wow great admittance! I respect people that know they are too deep, a trait that is unfortunately getting more rare in the industry.


Kursah said:
What are you guys using for security (anti virus, web filter, etc.)? That could be a web filter though usually there's a logo.

Are you guys using any kind of proxy?

Are you using a business-grade router/firewall for your gateway? Is it being properly maintained and support contracts renewed?

Have you changed ISP's or have they introduced DNS filtering security-related services (similar to OpenDNS)?
Click to expand...

I think this is what it is as well, alternatively if those machines have any end point security those as well can interrupt requests.

The first things I would do, with network aside do any of these machine have any software in common? AV products? same DNS servers? what are the DNS servers? Google? Router? some other IP?
 
You must log in or register to reply here.
Back
Top