Search Results

Search found 374 results on 15 pages for 'hacked'.

Page 12/15 | < Previous Page | 8 9 10 11 12 13 14 15  | Next Page >

• Spam in Whois: How is it done and how do I protect my domain?

  - by user2964971

  Yes, there are answered questions regarding spam in Whois. But still unclear: How do they do it? How should I respond? What precautions can I take? For example: Whois for google.com [...] Server Name: GOOGLE.COM.ZOMBIED.AND.HACKED.BY.WWW.WEB-HACK.COM IP Address: 217.107.217.167 Registrar: DOMAINCONTEXT, INC. Whois Server: whois.domaincontext.com Referral URL: http://www.domaincontext.com Server Name: GOOGLE.COM.ZZZZZ.GET.LAID.AT.WWW.SWINGINGCOMMUNITY.COM IP Address: 69.41.185.195 Registrar: TUCOWS DOMAINS INC. Whois Server: whois.tucows.com Referral URL: http://domainhelp.opensrs.net Server Name: GOOGLE.COM.ZZZZZZZZZZZZZ.GET.ONE.MILLION.DOLLARS.AT.WWW.UNIMUNDI.COM IP Address: 209.126.190.70 Registrar: PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM Whois Server: whois.PublicDomainRegistry.com Referral URL: http://www.PublicDomainRegistry.com Server Name: GOOGLE.COM.ZZZZZZZZZZZZZZZZZZZZZZZZZZ.HAVENDATA.COM IP Address: 50.23.75.44 Registrar: PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM Whois Server: whois.PublicDomainRegistry.com Referral URL: http://www.PublicDomainRegistry.com Server Name: GOOGLE.COMMAS2CHAPTERS.COM IP Address: 216.239.32.21 Registrar: CRAZY DOMAINS FZ-LLC Whois Server: whois.crazydomains.com Referral URL: http://www.crazydomains.com [...] >>> Last update of whois database: Thu, 05 Jun 2014 02:10:51 UTC <<< [...] >>> Last update of WHOIS database: 2014-06-04T19:04:53-0700 <<< [...]

  Read the article

• Malicious content on server - next steps advice [closed]

  - by Under435

  Possible Duplicate: My server's been hacked EMERGENCY I just got an e-mail from my hosting company that they got a report of malicious content being hosted on my vps. I was unaware of this and started looking into it. I discovered a file called /var/www/mysite.com/osc.htm. Soon after I discovered some weird php files wp-includes.php and ndlist.php both recognized as being PHP/WebShell.A.1 virus. I removed all these files but I'm unsure of what to do next. Can anyone help me analyze the output below of sudo netstat -A inet -p -e and give advice on what's best to do next. Thanks very much in advance Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name tcp 0 0 localhost.localdo:mysql localhost.localdo:37495 TIME_WAIT root 0 - tcp 0 1 mysite.com:50524 xnacreators.net:smtp SYN_SENT Debian-exim 69746 25848/exim4 tcp 0 0 mysite.com:www tha165.thehealtha:37065 TIME_WAIT root 0 - tcp 0 0 localhost.localdo:37494 localhost.localdo:mysql TIME_WAIT root 0 - udp 0 0 mysite.com:59447 merlin.ensma.fr:ntp ESTABLISHED ntpd 3769 2522/ntpd udp 0 0 mysite.com:36432 beast.syus.org:ntp ESTABLISHED ntpd 4357 2523/ntpd udp 0 0 mysite.com:48212 formularfetischiste:ntp ESTABLISHED ntpd 3768 2522/ntpd udp 0 0 mysite.com:46690 formularfetischiste:ntp ESTABLISHED ntpd 4354 2523/ntpd udp 0 0 mysite.com:35009 stratum-2-core-a.qu:ntp ESTABLISHED ntpd 4356 2523/ntpd udp 0 0 mysite.com:58702 stratum-2-core-a.qu:ntp ESTABLISHED ntpd 3770 2522/ntpd udp 0 0 mysite.com:49583 merlin.ensma.fr:ntp ESTABLISHED ntpd 4355 2523/ntpd udp 0 0 mysite.com:56290 beast.syus.org:ntp ESTABLISHED ntpd 3771 2522/ntpd

  Read the article

• My URL has been identified as a phishing site

  - by user2118559

  Some months before ordered VPS at Ramnode According to tutorial (ZPanelCP on CentOS 6.4) http://www.zvps.co.uk/zpanelcp/centos-6 Installed CentOS and ZPanel) Today received email We are requesting that you secure and investigate the phishing website identified below. This URL has been identified as a phishing site and is currently involved in identity theft activities. URL: hxxp://111.11.111.111/www.connet-itunes.fr/iTunesConnect.woasp/ //IP is modified (not real) This site is being used to display false or spoofed content in an apparent effort to steal personal and financial information. This matter is URGENT. We believe that individuals are being falsely directed to this page and may be persuaded into divulging personal information to a criminal, if the content is not immediately disabled. Trying to understand. Some hacker hacked VPS, placed some file (?) with content that redirects to www.connet-itunes.fr/iTunesConnect.woasp? Then questions 1) how can I find the file? Where it may be located? url is URL: hxxp://111.11.111.111/ IP address, not domain name 2) What to do to protect VPS (with CentOS)? Any tutorial? Where may be security problem? I mean may be someone faced something similar....

  Read the article

• Host ::1 resolves to remote IP

  - by thebuckst0p

  /etc/hosts files usually have this line, ::1 localhost. I thought ::1 was the equivalent of 127.0.0.1/localhost, and from my reading it seems to be the IPv6 version. So I was using it in Apache for firewalling, "Allow from ::1" and it only allowed local. Then suddenly that stopped working, so I pinged ::1 and got a remote IP address. I tracerouted it and it went through my ISP, through some Microsoft server, then another half dozen steps of asterisks... I'm not sure why this would be (the remote IP), but it doesn't seem good. I grep'd my hard drive for the remote IP and it doesn't appear anywhere. Is this some indicator that I'm being hacked, or normal behavior? Maybe my IPv6 settings are wrong? (This is a brand new MacBookPro with Snow Leopard.) Any ideas about this would be great - what is ::1 supposed to be, why would it be remote, should I be worried, how do I get it back to localhost? Thank you!

  Read the article

• I want to use OpenVPN to access the web and email from China. How?

  - by gaoshan88

  My question: How do I use my already existing OpenVPN setup to enable secure, remote web surfing and email checking from open wireless hotspots? Some long winded details: I am running Ubuntu and have OpenVPN up and working fine as a server. My client machine connects fine as well. However, that just gets me a secure connection to my home network. What I want is to be able to access my VPN server and surf the web or check email securely from anywhere with an open wireless connection. I am frequently in China and having secure, unblocked access would be a boon (especially since I like to work from tea houses and coffee shops and I've already had a password sniffed and hacked once). I already know how to tunnel over SSH via a SOCKS proxy using something like: ssh -ND 8887 -p 22 [email protected] but since I have OpenVPN I figure why not try it? So... what are the steps involved in making it so I can connect to my VPN and the surf and check mail to my hearts content (slowly to be sure but at least it wold be secure). Thx!

  Read the article

• Linux: prevent outgoing TCP flood

  - by Willem

  I run several hundred webservers behind loadbalancers, hosting many different sites with a plethora of applications (of which I have no control). About once every month, one of the sites gets hacked and a flood script is uploaded to attack some bank or political institution. In the past, these were always UDP floods which were effectively resolved by blocking outgoing UDP traffic on the individual webserver. Yesterday they started flooding a large US bank from our servers using many TCP connections to port 80. As these type of connections are perfectly valid for our applications, just blocking them is not an acceptable solution. I am considering the following alternatives. Which one would you recommend? Have you implemented these, and how? Limit on the webserver (iptables) outgoing TCP packets with source port != 80 Same but with queueing (tc) Rate limit outgoing traffic per user per server. Quite an administrative burden, as there are potentially 1000's of different users per application server. Maybe this: how can I limit per user bandwidth? Anything else? Naturally, I'm also looking into ways to minimize the chance of hackers getting into one of our hosted sites, but as that mechanism will never be 100% waterproof, I want to severely limit the impact of an intrusion. Cheers!

  Read the article

• Could it be that "chkrootkit" just doesn't like .hmac, .packlist, and .relocation-tag files?

  - by Danijel

  I just cleaned up my hacked CentOS server (due to not updating since versino 5.3). But still, "chkrootkit" says this: Possible t0rn v8 \(or variation\) rootkit installed /usr/lib/.libfipscheck.so.1.1.0.hmac /usr/lib/.libgcrypt.so.11.hmac /usr/lib/.libfipscheck.so.1.hmac /lib/.libcrypto.so.0.9.8e.hmac /lib/.libssl.so.0.9.8e.hmac /lib/.libssl.so.6.hmac /lib/.libcrypto.so.6.hmac /usr/lib/perl5/site_perl/5.8.8/i386-linux-thread-multi/auto/Text/Iconv/.packlist /usr/lib/perl5/5.8.8/i386-linux-thread-multi/.packlist /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/auto/HTML-Tree/.packlist /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/auto/Font/AFM/.packlist /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/auto/MLDBM/Sync/.packlist /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/auto/MLDBM/.packlist /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/auto/FreezeThaw/.packlist /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/auto/Apache/ASP/.packlist /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/auto/HTML-Format/.packlist /usr/lib/gtk-2.0/immodules/.relocation-tag /usr/lib/python2.4/plat-linux2/.relocation-tag /usr/lib/python2.4/distutils/.relocation-tag /usr/lib/python2.4/config/.relocation-tag Could it be that "chkrootkit" just doesn't like .hmac, .packlist, and .relocation-tag files? Are these realy still infected?

  Read the article

• Retrieve a user's Exchange database in powershell

  - by Paul

  Hey Everyone, I've scoured the interwebs for a few days now off and on to find this. I am creating a powershell script for email-enabling new user's(Exchange 2007). To give you a little background when we have a new hire, their AD account is created at our off-site helpdesk, but they don't create their email account. I'm trying to automate the process of mail-enabling the user which involves putting them in the same database as an existing user, disable imap pop activesync, and lastly email the requester of the ticket. I would like to just get prompted for the New User's name, User to Replicate(mailbox, storage group, database), and the person to email after it's been created. So if someone could just help with a command to Retrieve a user's Exchange database in powershell that would be great, but if people also want to help with my hacked up script please do so as well!!! Here is what I have so far: Write-output “ENTER THE FOLLOWING DETAILS” $DName = Read-Host “User Diplay Name" $RUser = Read-Host "Replicate User(Database Grab)" ***$RData = #get the Replicate user's mailbox database here*** $REmail = #either just use a Read-Host “Requester's Email address" or ask for Requester's name and pipe through their email address by digging for it w/ powershell Enable-Mailbox -Identity "$DName" -Database "$RData" Send-MailMessage -From "John Doe <[email protected]>" -To (put $REmail here which is the Requester's email) -Subject "Test Person's email account" -Body "Test Person's email account has been setup.`n`n`nJohn Doe`nGeneric Company`nSystems Administrator`nOffice: 123.456.7890`[email protected]" -SmtpServer genericexchange.exchange.com

  Read the article

• Terminal emulation has stopped working. Garbage escape chars

  - by oligofren

  To enable me to do some remote administration of our servers I started using a terminal emulation program called TouchTerm Pro on my iPhone. While not the smoothest experience, it has allowed me to leave my computer behind when going out of town, which makes the slightly painful experience worthwhile. As of late, the app unfortunately no longer works. Pressing up and down keys after logging on via ssh gives me garbage like ^[[A and ^[[B. Combinations with Ctrl - like you can see in the video - no longer works either. Writing full command lines and executing by the enter key works though. Being able to search my bash history was the difference between a usable app and endless frustration, so getting it to work is essential. The app has (of course) met its end of life, not getting updated anymore. I am not quite sure, which side (client or server) that has to be "fixed"/hacked to make the control sequences work again. But is there something I can do to make it work as intended? You can see a video of TouchTerm in operation here.

  Read the article

• My server keeps sending emails to [email protected]

  - by xtrimsky

  When I type mailq on my server, I get: BB523653A62 4025 Wed Jun 4 10:40:07 MAILER-DAEMON (delivery temporarily suspended: host p3smtpout.secureserver.net[208.109.80.54] refused to talk to me: 554 p3plsmtpout002.prod.phx3.secureserver.net : DED : AJeb1o0334uf1Y801 : DED : You've reached your daily relay quota - IP.ADDRESS) [email protected] B33AD653A4A 4025 Wed Jun 4 08:20:07 MAILER-DAEMON (delivery temporarily suspended: host p3smtpout.secureserver.net[208.109.80.54] refused to talk to me: 554 p3plsmtpout002.prod.phx3.secureserver.net : DED : AJeb1o0334uf1Y801 : DED : You've reached your daily relay quota - IP.ADDRESS) [email protected] B77DF653A63 4025 Wed Jun 4 10:50:07 MAILER-DAEMON (delivery temporarily suspended: host p3smtpout.secureserver.net[208.109.80.54] refused to talk to me: 554 p3plsmtpout001.prod.phx3.secureserver.net : DED : AJvF1o00L4uf1Y801 : DED : You've reached your daily relay quota - IP.ADDRESS) [email protected] B943C653A3C 4025 Wed Jun 4 06:40:07 MAILER-DAEMON (delivery temporarily suspended: host p3smtpout.secureserver.net[208.109.80.54] refused to talk to me: 554 p3plsmtpout001.prod.phx3.secureserver.net : DED : AKBv1o00P4uf1Y801 : DED : You've reached your daily relay quota - IP.ADDRESS) [email protected] (there is probably about 50 of these, and I've cleared the queue today), do you know where these could be coming from ? is it my server sending some logs to "hostmaster" ? I've replaced my actual domain, with "MYDOMAIN". How can I find what could be sending these emails ? The server has recently been hacked so I'm also a bit worried. Thanks!

  Read the article

• Multi- authentication scenario for a public internet service using Kerberos

  - by StrangeLoop

  I have a public web server which has users coming from internet (via HTTPS) and from a corporate intranet. I wish to use Kerberos authentication for the intranet users so that they would be automatically logged in the web application without the need to provide any login/password (assuming they are already logged to the Windows domain). For the users coming from internet I want to provide traditional basic/form- based authentication. User/password data for these users would be stored internally in a database used by the application. Web application will be configured to use Kerberos authentication for users coming from specific intranet ip networks and basic/form- based authentication will be used for the rest of the users. From a security perspective, are there some risks involved in this kind of setup or is this a generally accepted solution? My understanding is that server doesn't need access to KDC (see Kerberos authentication, service host and access to KDC) and it can be completely isolated from AD and corporate intranet. The server has a keytab file stored locally that is used to decrypt tickets sent by the users coming from intranet. The tickets only contain username and domain of the incoming user. Server never sees the passwords of authenticated users. If the server would be hacked and the keytab file compromised, it would mean that attacker could forge tickets for any domain user and get access to the web application as any user. But typically this is the case anyway if hacker gains access to the keytab file on the local filesystem. The encryption key contained in the keytab file is based on the service account password in AD and is in hashed form, I guess it is very difficult to brute force this password if strong Kerberos encryption like AES-256-SHA1 is used. As the server has no network access to intranet, even the compromised service account couldn't be directly used for anything.

  Read the article

• Our clients site is redirecting to a pill scammy site [closed]

  - by Alex Demchak

  Possible Duplicate: My server's been hacked EMERGENCY We've usually host our clients site, but we aren't hosting this one. The website itself (weddle-funeral.com) works just fine. if you load google and search for weddle funeral stayton oregon - and click that link, the site links to a scammy pill site. I went through the site and there were some php files in the wordpress plugins that got quarantined by my antivirus. I removed ALL non essential files, and uploaded fresh versions of all the plugins, but it's STILL redirecting from google. I tried logging in to the cpanel (on a virtual private server), and the cpanel flashed a red warning screen The site's security certificate is not trusted! You attempted to reach XXXXX.com, but the server presented a certificate issued by an entity that is not trusted by your computer's operating system. This may mean that the server has generated its own security credentials, which Google Chrome cannot rely on for identity information, or an attacker may be trying to intercept your communications. You should not proceed, especially if you have never seen this warning before for this site. (Keep in mind, that's for the HOSTING accounts CPanel) Is there something in the SERVER probably that's causing the redirect? EDIT: .htaccess file contents # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> # END WordPress

  Read the article

• Prevent rmdir -p from traversing above a certain directory

  - by thepurplepixel

  I hacked together this script to rsync some files over ssh. The --remove-source-files option of rsync seems to remove the files it transfers, which is what I want. However, I also want the directories those files are placed in to be gone as well. The current part of the find command, -exec rmdir -p {} ; tries to remove the parent directory (in this case, /srv/torrents), but fails because it doesn't have the right permissions. What I'd like to do is stop rmdir from traversing above the directory find is run in, or find another solution to get rid of all the empty folders. I've thought of using some kind of loop with find and running rmdir without the -p switch, but I thought it wouldn't work out. Essentially, is there an alternative way to remove all the empty directories under the parent directory? Thanks in advance! #!/bin/bash HOST='<hostname>' USER='<username>' DIR='<destination directory>' SOURCE='/srv/torrents/' rsync -e "ssh -l $USER" --remove-source-files -h -4 -r --stats -m --progress -i $SOURCE $HOST:$DIR find $SOURCE -mindepth 1 -type d -empty -prune -exec rmdir -p \{\} \;

  Read the article

• Web service for checking out / leasing a token

  - by JP Slavinsky

  I run a web site on AWS that has a number of web servers (say 4 of them) running behind a load balancer. For this particular web site, I have one license key of New Relic for doing instrumentation. At any one time, I only want one of the 4 web servers to be using the key. If that server goes offline, I want one of the remaining web servers to be able to begin using the license key. Does anyone know of a service that would let me manage this process? The service would not particularly need to store the key itself but rather just manage the fact that only one web server can lease out the right to use the key at any time. Something where the web servers would have to come back every few minutes and renew their lease, and if they don't it becomes available to someone else. I just realized I could maybe accomplish a hacked version of this using a file on S3, but that doesn't prevent race conditions / etc and is definitely hackish. Any thoughts welcome. FWIW, this site is built on Ruby on Rails. Thanks! JP

  Read the article

• Am I safe on Windows if I continue like this?

  - by max

  Of all the available tons of anti-malware software for Windows all over the internet, I've never used any paid solution(I am a student, I have no money). Since the last 10 years, my computers running Windows have never been hacked/compromised or infected so badly that I had to reformat them(of course I did reformat them for other reasons). The only program I have for security is Avast Home Edition, which is free, installed on my computers. It has never caused any problems; always detected malware, updated automatically, has an option to sandbox programs and everything else I need. Even if I got infected, I just did a boot-time scan with it, downloaded and ran Malwarebytes, scanned Autoruns logs, checked running processes with Process Explorer and did some other things and made sure I cleaned my computer. I am quite experienced and I've always taken basic precautions like not clicking suspicious executables, not going to sites which are suspicious according to WOT, and all that blah. But recently I've been doing more and more online transactions and since its 2012 now, I'm doubtful whether I need more security or not. Have I been just lucky, or do my computing habits obviate the need to use any more(or paid) security software?

  Read the article

• Using Plesk for webhosting on Ubuntu - Security risk or reasonably safe?

  - by user66952

  Sorry for this newb-question I'm pretty clueless about Plesk, only have limited debian (without Plesk) experience. If the question is too dumb just telling me how to ask a smarter one or what kind of info I should read first to improve the question would be appreciated as well. I want to offer a program for download on my website hosted on an Ubuntu 8.04.4 VPS using Plesk 9.3.0 for web-hosting. I have limited the ssh-access to the server via key only. When setting up the webhosting with Plesk it created an FTP-login & user is that a potential security risk that could bypass the key-only access? I think Plesk itself (even without the ftp-user-account) through it's web-interface could be a risk is that correct or are my concerns exaggerated? Would you say this solution makes a difference if I'm just using it for the next two weeks and then change servers to a system where I know more about security. 3.In other words is one less likely to get hacked within the first two weeks of having a new site up and running than in week 14&15? (due to occurring in less search results in the beginning perhaps, or for whatever reason... )

  Read the article

• Few events I&rsquo;m speaking at in early 2013

  - by Mladen Prajdic

  2013 has started great and the SQL community is already brimming with events. At some of these events you can come say hi. I’ll be glad you do! These are the events with dates and locations that I know I’ll be speaking at so far.   February 16th: SQL Saturday #198 - Vancouver, Canada The session I’ll present in Vancouver is SQL Impossible: Restoring/Undeleting a table Yes, you read the title right. No, it's not about the usual "one table per partition" and "restore full backup then copy the data over" methods. No, there are no 3rd party tools involved. Just you and your SQL Server. Yes, it's crazy. No, it's not for production purposes. And yes, that's why it's so much fun. Prepare to dive into the world of data pages, log records, deletes, truncates and backups and how it all works together to get your table back from the endless void. Want to know more? Come and see! This is an advanced level session where we’ll dive into the internals of data pages, transaction log records and page restores.   March 8th-9th: SQL Saturday #194 - Exeter, UK In Exeter I’ll be presenting twice. On the first day I’ll have a full day precon titled: From SQL Traces to Extended Events - The next big switch This pre-con will give you insight into both of the current tracing technologies in SQL Server. The old SQL Trace which has served us well over the past 10 or so years is on its way out because the overhead and details it produces are no longer enough to deal with today's loads. The new Extended Events are a new lightweight tracing mechanism built directly into the SQLOS thus giving us information SQL Trace just couldn't. They were designed and built with performance in mind and it shows. The new Extended Events are a new lightweight tracing mechanism built directly into the SQLOS thus giving us information SQL Trace just couldn't. They were designed and built with performance in mind and it shows. Mastering Extended Events requires learning at least one new skill: XML querying. The second session I’ll have on Saturday titled: SQL Injection from website to SQL Server SQL Injection is still one of the biggest reasons various websites and applications get hacked. The solution as everyone tells us is simple. Use SQL parameters. But is that enough? In this session we'll look at how would an attacker go about using SQL Injection to gain access to your database, see its schema and data, take over the server, upload files and do various other mischief on your domain. This is a fun session that always brings out a few laughs in the audience because they didn’t realize what can be done.   April 23rd-25th: NTK conference - Bled, Slovenia (Slovenian website only) This is a conference with history. This year marks its 18th year running. It’s a relatively large IT conference that focuses on various Microsoft technologies like .Net, Azure, SQL Server, Exchange, Security, etc… The main session’s language is Slovenian but this is slowly changing so it’s becoming more interesting for foreign attendees. This year it’s happening in the beautiful town of Bled in the Alps. The scenery alone is worth the visit, wouldn’t you agree? And this year there are quite a few well known speakers present! Session title isn’t known yet.       May 2nd-4th: SQL Bits XI – Nottingham, UK SQL Bits is the largest SQL Server conference in Europe. It’s a 3 day conference with top speakers and content all dedicated to SQL Server. The session I’ll present here is an hour long version of the precon I’ll give in Exeter. From SQL Traces to Extended Events - The next big switch The session description is the same as for the Exeter precon but we'll focus more on how the Extended Events work with only a brief overview of old SQL Trace architecture.

  Read the article

• mysql backup and restore from ib_logfile failure

  - by i need help

  Here's the case: After computer being hacked, we are in a rush to backup all data out to other computer. As a result, the mysql databases are not backup out as sql statement. What we have done is backup out all the physical files/folders in the C drive to new computer. Eg: C:\Program Files\MySQL\MySQL Server 4.1\data In this case, all data for mysql are inside unreadable file. Inside data folder consist of files like ib_logfile0, ib_logfile1, but not ib_data1 All database's table structure format are inside each respective folder. (Some folder have .frm, .opt) (some other folder have .frm, .myd, .myi) How can I retrieve back the data from the database in a new computer? I tried to install the same mysql version(4.1) at new computer, then replace all backup files inside data folder into this mysql in new computer. Then restart mysql service. When I restart, it fail: Could not start mysql service on local computer. error 1067: process terminated unexpectedly. Error log showing: InnoDB: The first specified data file .\ibdata1 did not exist: InnoDB: a new database to be created! 090930 10:24:49 InnoDB: Setting file .\ibdata1 size to 10 MB InnoDB: Database physically writes the file full: wait... InnoDB: Error: log file .\ib_logfile0 is of different size 0 87031808 bytes InnoDB: than specified in the .cnf file 0 25165824 bytes! 090930 10:24:49 [ERROR] Can't init databases 090930 10:24:49 [ERROR] Aborting 090930 10:24:49 [Note] C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt: Shutdown complete

  Read the article

• Sharing session state between 2 ASP.NET applications using SQL Server

  - by Dave

  Hi I'm working on a site that has a requirement to share session between a cms application and an online store application on the same domain eg. mydomain.com and store.mydomain.com I've made some progress with it and it works on my local build between localhost/cms and localhost/store Basically I have done what is suggested in this article http://blogs.msdn.com/toddca/archive/2007/01/25/sharing-asp-net-session-state-across-applications.aspx and hacked the TempGetAppID Stored Procedure to return the same application id (1). This appears to work as it creates sessions with ids like 'abv5d2urx1asscfwuzw3wp4500000001', which is what I'd expect. My issue is that when I deploy it to our testing environment, it creates a new session when I navigate between the 2 sites. So when I start a session on the cms site, if I navigate to the store, it creates a new session. These are set up as 2 different websites in IIS7. In the web.config files for both sites, the and elements are both the same and are as follows (minus sensitive information) Has anyone got an ideas why this might not be working? I am sharing Forms Authentication across the 2 sites and that works fine. Any help or ideas would be greatly appreciated! Many thanks Dave

  Read the article

• Authlogic, logout, credential capture and security

  - by Paddy

  Ok this is something weird. I got authlogic-oid installed in my rails app today. Everything works perfectly fine but for one small nuisance. This is what i did: I first register with my google openid. Successful login, redirection and my email, along with my correct openid is stored in my database. I am happy that everything worked fine! Now when i logout, my rails app as usual destroys the session and redirects me back to my root url where i can login again. Now if i try to login it still remembers my last login id. Not a big issue as i can always "Sign in as a different user" but i am wondering if there is anyway to not only logout from my app but also logout from google. I noticed the same with stack overflow's openid authentication system. Why am i so bothered about this, you may ask. But is it not a bad idea if your web apps end user, who happens to be in a cyber cafe, thinks he has logged out from your app and hence from his google account only to realize later that his google account had got hacked by some unworthy loser who just happened to notice that the one before him had not logged out from google and say.. changed his password!! Should i be paranoid? Isn't this a major security lapse while implementing the openid spec? Probably today someone can give me a workaround for this issue and the question is solved for me. But what about the others who have implemented openid in their apps and not implemented a workaround?

  Read the article

• Authlogic, logout and credential capture

  - by Paddy

  Ok this is something weird. I got authlogic-oid installed in my rails app today. Everything works perfectly fine but for one small nuisance. This is what i did: I first register with my google openid. Successful login, redirection and my email, along with my correct openid is stored in my database. I am happy that everything worked fine! Now when i logout, my rails app as usual destroys the session and redirects me back to my root url where i can login again. Now if i try to login it still remembers my last login id. Not a big issue as i can always "Sign in as a different user" but i am wondering if there is anyway to not only logout from my app but also logout from google. I noticed the same with stack overflow's openid authentication system. Why am i so bothered about this, you may ask. But is it not a bad idea if your web apps end user, who happens to be in a cyber cafe, thinks he has logged out from your app and hence from his google account only to realize later that his google account had got hacked by some unworthy loser who just happened to notice that the one before had not logged out from google and say.. changed his password!! Should i be paranoid?

  Read the article

• Relay WCF Service

  - by Matt Ruwe

  This is more of an architectural and security question than anything else. I'm trying to determine if a suggested architecture is necessary. Let me explain my configuration. We have a standard DMZ established that essentially has two firewalls. One that's external facing and the other that connects to the internal LAN. The following describes where each application tier is currently running. Outside the firewall: Silverlight Application In the DMZ: WCF Service (Business Logic & Data Access Layer) Inside the LAN: Database I'm receiving input that the architecture is not correct. Specifically, it has been suggested that because "a web server is easily hacked" that we should place a relay server inside the DMZ that communicates with another WCF service inside the LAN which will then communicate with the database. The external firewall is currently configured to only allow port 443 (https) to the WCF service. The internal firewall is configured to allow SQL connections from the WCF service in the DMZ. Ignoring the obvious performance implications, I don't see the security benefit either. I'm going to reserve my judgement of this suggestion to avoid polluting the answers with my bias. Any input is appreciated. Thanks, Matt

  Read the article

• Delphi - OnKeyPress occurs before TStringGrid updates cell with new character

  - by JMTyler

  Coding in Delphi, attaching an OnKeyPress event handler to a TStringGrid: The OnKeyPress event fires before the grid cell that the user is typing into has actually updated its value with the key that has been pressed. This is obviously a problem, when I want to know what the contents of that cell are at this moment, as in, as the user modifies it. The "hacked" solution is simple, if you're not considering every detail: just grab the value from the cell and, since the OnKeyPress event comes along with a Key parameter, append that value to the end - now you have the current value of the cell! False. What if the user has selected all the text in the cell (ie: "foo") and they are now typing 'b'. Since they selected the text, it will be erased and replaced with the letter 'b'. However, the value of the cell will still display as "foo" in OnKeyPress, and the value of Key will be 'b', so the above logic would lead the application to conclude that the cell now contains "foob", which we know is not true. So. Does anybody know how to get around this problem? Is there a way to make OnKeyPress react after the grid's contents have been updated, or perhaps a way to force an update at the start of the handler? I am desperately avoiding the use of the OnKeyUp event here, so any suggestions aside from that would be greatly appreciated.

  Read the article

• Emulating a web browser

  - by Sean

  Hello, we are tasked with basically emulating a browser to fetch webpages, looking to automate tests on different web pages. This will be used for (ideally) console-ish applications that run in the background and generate reports. We tried going with .NET and the WatiN library, but it was built on a Marshalled IE, and so it lacked many features that we hacked in with calls to unmanaged native code, but at the end of the day IE is not thread safe nor process safe, and many of the needed features could only be implemented by changing registry values and it was just terribly unflexible. Proxy support JavaScript support- we have to be able to parse the actual DOM after any javascript has executed (and hopefully an event is raised to handle any ajax calls) Ability to save entire contents of page including images FROM THE loaded page's CACHE to a separate location ability to clear cookies/cache, get the cookies/cache, etc. Ability to set headers and alter post data for any browser call And for the love of drogs, an API that isn't completely cryptic Languages acceptable C++, C#, Python, anything that can be a simple little console application that doesn't have a retarded syntax like Ruby. From my own research, and believe me I am terrible at google searches, I have heard good things about WebKit... would the Qt module QtWebKit handle all these features?

  Read the article

• Serialization Performance and Google Android

  - by Jomanscool2

  I'm looking for advice to speed up serialization performance, specifically when using the Google Android. For a project I am working on, I am trying to relay a couple hundred objects from a server to the Android app, and am going through various stages to get the performance I need. First I tried a terrible XML parser that I hacked together using Scanner specifically for this project, and that caused unbelievably slow performance when loading the objects (~5 minutes for a 300KB file). I then moved away from that and made my classes implement Serializable and wrote the ArrayList of objects I had to a file. Reading that file into the objects the Android, with the file already downloaded mind you, was taking ~15-30 seconds for the ~100KB serialized file. I still find this completely unacceptable for an Android app, as my app requires loading the data when starting the application. I have read briefly about Externalizable and how it can increase performance, but I am not sure as to how one implements it with nested classes. Right now, I am trying to store an ArrayList of the following class, with the nested classes below it. public class MealMenu implements Serializable{ private String commonsName; private long startMillis, endMillis, modMillis; private ArrayList<Venue> venues; private String mealName; } And the Venue class: public class Venue implements Serializable{ private String name; private ArrayList<FoodItem> foodItems; } And the FoodItem class: public class FoodItem implements Serializable{ private String name; private boolean vegan; private boolean vegetarian; } IF Externalizable is the way to go to increase performance, is there any information as to how java calls the methods in the objects when you try to write it out? I am not sure if I need to implement it in the parent class, nor how I would go about serializing the nested objects within each object.

  Read the article

< Previous Page | 8 9 10 11 12 13 14 15  | Next Page >