Search Results

Search found 4187 results on 168 pages for 'secure erase'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 106/168 | < Previous Page | 102 103 104 105 106 107 108 109 110 111 112 113  | Next Page >

  • Do superuser things with normal user

    - by OrangeTux
    I want to secure the SSH access to my server. One thing I read everywhere is to disable the root user login. To still have access via SSH I created another user via sudo adduser john How can I still do root things with this account? sudo command asks for a password of the user but gives john not in sudoer file. Action will be reported. When I use su I log in as root which I'm going to disable. How can I stil do root things with the normal account john?

    Read the article

  • AWS VPC - why have a private subnet at all?

    - by jkim
    In Amazon VPC, the VPC creation wizard allows one to create a single "public subnet" or have the wizard create a "public subnet" and a "private subnet". Initially, the public and private subnet option seemed good for security reasons, allowing webservers to be put in the public subnet and database servers to go in the private subnet. But I've since learned that EC2 instances in the public subnet are not reachable from the Internet unless you associate an Amazon ElasticIP with the EC2 instance. So it seems with just a single public subnet configuration, one could just opt to not associate an ElasticIP with the database servers and end up with the same sort of security. Can anyone explain the advantages of a public + private subnet configuration? Are the advantages of this config more to do with auto-scaling, or is it actually less secure to have a single public subnet?

    Read the article

  • Amazon EC2 firewall rules & VPN connections

    - by John
    I'm moving from Rackspace to Amazon EC2. One thing I like about our Rackspace setup is that it is extremely secure. The MySQL box can only be accessed via internal IPs, and we have a Cisco VPN firewall that allows us to dial in remotely and access port 3306 as though we were on the internal network. I'd like to figure out how to replicate this setup with EC2. How can I make the MySQL box so that port 3306 can only be accessed on the internal network? What about the VPN piece of things? I know Amazon has the VPC service, but it seems like that's for the purpose of connecting to an existing network. I don't have an existing network. I want to essentially create one inside Amazon and connect to that. What are my options? Any good tutorials on how to get started? Thanks in advance for your help

    Read the article

  • Best blog package/platform (java, php etc)?

    - by user50912
    Hi Folks, I want to set up a blog, but I want it to reside on a URL I've bought, I also don't want any of the ads and such that sit around other blogs on blog specific sites like blogspot and generally want more control. I was thinking of getting shared hosting with mysql and such to get it going (as opposed to a VM which would be overkill). Then I just need to decide on the easiest quickest (and most secure) way of getting something up there. After some googling, I see b2evolution.net which sits on php, or Apache Roller, which seems to sit on Java. Could anyone offer any advice on whats my best approach here? Are there security concerns with either or has anyone any experience in this area? I really want setup time to be minimal, so I can concentrate of the feel of the blog rather than whats under the hood. Many Thanks.

    Read the article

  • Strange RDP / Remote Desktop problem

    - by John Landheer
    I'll try to be as specific as I can be: Server is running SBS 2008 R2 (with all updates) Server is connected to the internet Server has 2 NIC's, one is disabled Server is running RDP Service (accessible directly from the internet, I know, not as secure as it should be) Computers A and B are on the same local net. Computers A and B are both Windows 7. Users X and Y are both admins on the server Computer A can connect as user X to the server with mstsc Computer A can connect as user Y to the server with mstsc Computer B can connect as user X to the server with mstsc computer B CANNOT connect as user Y to the server with mstsc! The last point is the problem, I get an authentication error. This used to work flawlessly for the last year. The server and desktops have been rebooted. I find it very strange....

    Read the article

  • 3 Root accounts in MySQl database

    - by hairbymaurice
    Hello, I have managed to get mySQL running under Ubuntu 8.10, I am now diligently trying to secure the database and am adding passwords for the root users. My question: I have a root user under the host "kickseed" with no password set I have no idea what kickseed is as the database is installed under localhost, on searching around i have discovered that this is something to do with the ubuntu OS itself. Is it safe to delete this user account from MySQL or is it used for something by the OS? If i need to keep it should i /can i protect it with a password? Also i have another root account under the host IP 127.0.0.1 again can i delete this? My absolute preference would be to have only one account with root access but i do not want to delete these accounts if they are necessary. Thanks for tolerating a newbie Regards Hairby

    Read the article

  • Cloud services can't be reached from complex customer infrastructure

    - by Nock
    We have several services running on a cloud, they all are hosted on Windows Server 2012 R2, have public IP address and specific port. Some of our customers can't reach them because for "some reason" the ports are cut between a firewall between them and us. (some customers are using a shared internet connection in a multi tenant office and they can't change firewall communication) Well, you get it, we don't have the possibility to make all the firewall "allowing" the communication. My customers all runs Windows 7 at least. What is the best counter solution in such case, using Microsoft (Windows Server) technologies? The best would be some kind of tunneling communication or VPN, but the customer should also be able to access his/her enterprise resources. Bby the way, today we using IPSec using Windows Firewall to secure the communication, is IPSec tunneling a solution for us? Otherwise, is there a service in Windows to enable some kind of VPN between a client and a server but only for a given set of servers?

    Read the article

  • Using Windows Azure storage for backup

    - by Bruno
    I am currently looking at Windows Azure blobs as an option for backing up archive data. I want to be able to upload files from an external windows machine via the internet but I don't know enough about Windows Azure storage to make a decision. Some of the questions I have are How do I upload the files. Is there a client application, can I use robocopy? Would it be fast enough? i.e. Could I download or upload 1TB of data in a week? Is it secure? Hopefully someone smarter than me can help me :-)

    Read the article

  • File sometimes doesn't download from my website

    - by kylex
    When I attempt to download this file, sometimes it only downloads about 700KB (the file is 40MB) then I get the message that the download is complete. If I try to download the file again, it works properly. The problem seems prevalent in IE, although I've had it happen in Chrome sometimes too. I have the following code: <input type="button" value="Agree to Terms and Download" onClick="location.href='/downloads/setup.exe';" /> If it matters, this is over a secure connection. I also tried zipping the file, and had the same issues.

    Read the article

  • Ownership/permissions of uploaded files

    - by Cudos
    Hello. I want to find out if I am on the right track. My script uploads files to the directory "images". The directory has this setup: owner/group = www-data Permissions = 700 Questions: Is this a good way to secure the directory from a hacker uploading files? Will the hacker be able to upload the files directly to the directory? Note: I have a bunch of other security measures in my upload script + an .htaccess script in the directory that disables script Execution. I just what to know if the permissions on the directory is sensible. I run apache 2.2

    Read the article

  • Got root, now how should I configure my server?

    - by L. De Leo
    I've been a developer for years and by trade I had to know a little bit of server side configuration. But now I find myself needing to manage my own VPS instance (Amazon EC2) and I'm lost. I'd like to know what are the common ways to configure an Apache and MySQL server that is secure and efficient. For example right now I'm doing everything as root but I doubt that's the best way at all. My whole Apache is configured to serve 1 site when I'd like it to be able to serve multiple sites. Where do I start?

    Read the article

  • Putting a whole linux server under source control (git)

    - by Tobias Hertkorn
    I am thinking about putting my whole linux server under version control using git. The reason behind it being that that might be the easiest way to detect malicious modifications/rootkits. All I would naively think is necessary to check the integrity of the system: Mount the linux partition every week or so using a rescue system, check if the git repository is still untempered and then issue a git status to detect any changes made to the system. Apart from the obvious waste in disk space, are there any other negative side-effects? Is it a totally crazy idea? Is it even a secure way to check against rootkits since I most likely would have to at least exclude /dev and /proc ?

    Read the article

  • How to use ssh-agent (and graphic passphrase dialog) in Kubuntu 10.10?

    - by halo
    I have recently switched from Ubuntu to kubuntu, both version 10.10. Unfortunately in KDE the ssh passphrase dialog doesn't work out of the box. Everytime my ssh private key is used I need to enter my password. This is neither secure nor comfortable. I have done comprehensive research on the net but only found out dated documentation. Several things I tried didn't work out. Current status: SSH setup working with direct passphrase input ssh-agent running in X session $SSH_AUTH_SOCK set to ssh-agent's socket in X session How to enable ssh-agent for keeping the passphrase in memory for ~15mins and as a bonus always use a graphical dialog for its input? I use asymmetric SSH key pairs for pushing/pulling in Git VCS logging remotely into different server systems

    Read the article

  • ssl_error_rx_record_too_long error on IIS - site was working, suddenly stopped

    - by JK01
    I am suddenly getting this error connecting to localhost IIS on my development machine. It has been working fine for ages, and now suddenly has this error in Firefox: Secure Connection Failed An error occurred during a connection to localhost. SSL received a record that exceeded the maximum permissible length. (Error code: ssl_error_rx_record_too_long) I have googled and found no clear explanation. In IE it says: Internet Explorer cannot display the webpage\ In Chrome it says: Oops! This link appears to be broken.

    Read the article

  • Enter response once prompt returns?

    - by mjb
    It's neither a secure idea nor one I'd recommend elsewhere, but I have a situation when occasionally it takes a while for my Ansible ad-hoc command to respond. I'd love to pipe or args or whatever is needed to push the required text into the prompt so I can walk away and know it will finish. Ex: $ ansible all -m shell -a "reboot" --ask-pass Password: blah blah blah it worked I'd love to send an argument or << or something to get the password in. Is that possible?

    Read the article

  • LDAP replication breaking referrals

    - by MasterZ
    We have an issue that we believe is caused by ldap replication changing the port of the referal from 686 (secure) to 389 (unsecure). If we setup a new referral everything works, but then as soon as we change someone's password it changes on the master, and then the master replicates and the referral breaks. Any further attempts to modify someone's account give the error "PAM: Cannot connect to LDAP". We used snoop and monitored the firewall to see what was going on. The first password attempt (the one that works) goes over port 686 (as it is supposed to) but every subsequent attempt attempts to use port 389, and therefore fails. We only have 1 referral configured on the client, port 686

    Read the article

  • Client-side certificates

    - by walshms
    My company purchased a wildcard certificate from a vendor. This certificate was successfully configured with Apache 2.2 to secure a subdomain. Everything on the SSL side works. Now I'm required to generate x509 client-side certificates to issue for this subdomain. I'm following along this page: (http://www.vanemery.com/Linux/Apache/apache-SSL.html), starting with "Creating Client Certificates for Authentication". I've generated the p12 files and successfully imported them into Firefox. When I browse to the site now, I get an error in FireFox that says "The connection to the server was reset while the page was loading." I think my problem is coming from not signing the client-side correctly. When I sign the client-side certificate, I'm using the PEM file (RapidSSL_CA_bundle.pem) from RapidSSL (who we bought the certificate from) for the -CA argument. For the -CAkey argument, I'm using the private key of the server. Is this correct?

    Read the article

  • Problem with domain getting turned to IP address for https

    - by user229133
    I have a website that is using Windows Server 2003. The site is called https://mysite.com/ and at ip address 111.1.1.1. Now when I log into the site all my relative links that are generated using NavURL (<%# NavURL("Images/Menu/img.gif")%) are saying "http://111.1.1.1/Images/Menu/img.gif" instead of "https://mysite.com/Images/Menu/img.gif". This is causing an error because it needs to be secure. I'm sure there is a setting on the server somewhere to point to the name and not the ip, but I don't know where. Thanks for your help.

    Read the article

  • Cannot access Nagios Web Interface

    - by Dominiqs
    After successfully installing Nagios core 3.4.1 (i also installed plug-in1.4.11) on our linux rhel 5.3 server i cannot login to the nagios web interface.I am running apache 2.2.3 I am using internet explorer 8 and also firefox 3.6.3 When i try to enter the url http//localhost/nagios/ on a desktop (on the same network as the Nagios server)it does seem to like it but if i try http//x.x.x.x/nagios/ (where x.x.x.x is the IP address of my nagios server) it likes it but then the authentication popup appears after entering the password and username(nagiosadmin) it throws the errors below The server x.x.x.x at Nagios access requires a username and password Warning this server is requesting that your username and password be sent in an insecure manner(basic authentication without a secure connection) After a few attempts i get error 401 authentication required error from internet explorer ;this server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials or your browser doesnt understand how to supply the credentials required. Help Please anyone..seems like an authentication issue

    Read the article

  • Possible to redirect from HTTPS to HTTP behind load-balancer?

    - by Derek Hunziker
    I have a basic ASP.NET application that sits behind an F5 load-balancer. Incoming SSL requests (over HTTPS) terminate at the load-balancer and all internal communication between the load-balancer and my application servers is unsecure (over HTTP). When a unsecure request comes in, my app is able to use Response.Redirect("https://...") to redirect a secure URL with no problems. However, the other direction appears to be impossible - I cannot redirect from HTTPS to HTTP using Response.Redirect() from my application. The URL remains HTTPS for the client and does not change. Could the F5 be preventing the redirect for ever reaching the client? Is there any special configuration necessary to let this happen?

    Read the article

  • What are the current options to encrypted a partition on mac os x ?

    - by symbion
    I recently got my laptop stolen with some sensitive informations on it (personal source code, bank details in a secure file, passwords, etc) and I learnt the lesson: encrypt your sensitive data. Now, I am wondering what are the options to encrypt a partition (not an encrypt disk image) ? Aim: The aim is to prevent anyone (except me) to access those data. Requirement 0: The software must be able to encrypt non system partition. Requirement 1: Plausible deniability is required but preventing cold boot attack is however not an absolute requirement (I am not famous enough or have sensitive enough info to have this kind of requirement). Requirement 2 : Software taking advantage of AES hardware encryption are very welcome as I intent to get a Macbook Pro with i7 CPU (with AES-NI enabled instructions). I will have avirtual machine running in the encrypted partition. Requirement 3 : Free or reasonably cheap. Requirement 4 : Software must run on Mac OS X Snow Leopard or Lion. So far, TrueCrypt is the only option I have found. Regards,

    Read the article

  • Configure session length with htaccess

    - by brianpartridge
    My home web server is running the stock OSX Apache 2 install. I have some directories with content that I want to secure, so I setup htaccess files for those areas. However, I find it annoying to have to login to those areas as frequently as I do. Once I'm logged in I'd like to not have to login again for a long time, similar to setting a long time in a cookie. But, I'd like to increase the life time of the authenticated session with htaccess. I've googled but haven't found what I'm looking for, maybe because I'm looking for the wrong term. I want to configure the 'session length', 'session timeout', 'time limit', or 'expiration' for users authenticated via htaccess. Any thoughts?

    Read the article

  • nginx + reverse proxy question

    - by Joe Pilon
    Hello, I am using nginx right now for our production sites with the reverse proxy to apache that's on the same server and it works fantastic. I'm wondering if I can do this: Install nginx on box #1 in say Canada and have it reverse proxy http requests to box #2 in a datacenter in the USA. I know there may be some latency or delays in loading the page etc but that would probably be not noticable to the end user especially if both servers have 100mb ports. Box #2 only does the apache requests, all images are served from box #1 via nginx. Now, would the end visitor be able to tell in any which way that there are 2 boxes being used? Box #2 has sensitive data which we can't have stolen in the event of hacking etc, so this method helps keep things a bit more secure. Anyone know if this is possible or have done something similar?

    Read the article

  • iOS 7: Best way to implement an textview that presents previous input but is easy to clear

    - by Frank R.
    I'm porting a Mac app to the iPhone and I've run into an unexpected problem. On the Mac there's a text field that is automatically pre-selected (= first responder) when a dialog shows up. The text field shows the text you entered in the field the last time and the text is pre-selected so that if you just start typing it gets cleared away. If you want to edit the existing text instead you just hit the forwards or backwards arrow. On the iPhone this behavior seems very hard to implement. The text view shows up with the old text and I can even get it to pre-select but whatever I do the result is not quite right. When I use [aTextView setMarkedText: myText selectedRange: newRange]; the text does show up as marked and if I just start typing the old text goes away. However there's no equivalent to the cursor keys on iOS, so I cannot NOT erase the text.. which is hardly the point. What kind of iOS idiom would be appropriate for giving the option to either edit or overwrite existing text? Best regards, Frank

    Read the article

  • Windows File Checksums - Is my system hacked?

    - by rism
    I would like to know if there is a utility to verify the checksums of every windows file on my Win 7 Ultimate system. It seems on the surface such an obvious utility but I dont ever remember seeing one? I had a very weird experience while surfing earlier today and now Im not entirely sure my system is secure. I have a collection of tools in the WSCC suite but these tools no doubt just make system calls to the win32 api and if that has been subverted then the tools are practically useless. How do I know my Win 7 files are actually Win 7 files? I am particularly interested in verifying the integrity of all network TCP/IP files.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 102 103 104 105 106 107 108 109 110 111 112 113  | Next Page >