Search Results

Search found 14771 results on 591 pages for 'security policy'.

Page 145/591 | < Previous Page | 141 142 143 144 145 146 147 148 149 150 151 152  | Next Page >

• Exchange 2003 default permissions for ANONYMOUS LOGON and Everyone

  - by Make it useful Keep it simple

  ANONYMOUS LOGON and Everyone have the following top level permissions in our Exchange 2003 Server: Read Execute Read permissions List contents Read properties List objects Create public folder Create named properties in the information store Are these the "default" settings? In particular, are the "Read" and "Execute" permissions a problem? We have a simple small business setup, Outlook clients connect to the server on the local network, OWA is used from outside the network for browser and smartphone access. Thanks

  Read the article

• Grant permanent UAC permission to one program?

  - by dsimcha

  Is there a way to grant permanent UAC permission in Windows 7 to a single program? I have an old program that's supposed to start up in the background when Windows starts. I want to have it "just work" without the nagging, but keep UAC in all other cases.

  Read the article

• What permissions / ownership to set on PHP Sessions Folder when running FastCGI / PHP-FPM (as user "nobody")?

  - by Professor Frink

  I'm having trouble getting a number of scripts running because PHP-FPM can't write to my session folder: "2009/10/01 23:54:07 [error] 17830#0: *24 FastCGI sent in stderr: "PHP Warning: Unknown: open(/var/lib/php/session/sess_cskfq4godj4ka2a637i5lq41o5, O_RDWR) failed: Permission denied (13) in Unknown on line 0 PHP Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/var/lib/php/session) in Unknown on line 0" while reading upstream" Obviously this is a permission issue; my session folder's owner/group is the webserver's user, NGINX. PHP-FPM runs as nobody though, and hence adding it to the nginx group is not so trivial. A temporary solution is to set the permissions of /var/lib/php/session to 777 - I have a feeling that's not the "best practice" though. What is the best practice when you need to assign a daemon write access to a folder, but it is running as nobody ?

  Read the article

• How to securely delete files stored on a SSD?

  - by Chris Neuroth

  From a (very long, but definitely worth to read) article on SSDs: When you delete a file in your OS, there is no reaction from either a hard drive or SSD. It isn’t until you overwrite the sector (on a hard drive) or page (on a SSD) that you actually lose the data. File recovery programs use this property to their advantage and that’s how they help you recover deleted files. The key distinction between HDDs and SSDs however is what happens when you overwrite a file. While a HDD can simply write the new data to the same sector, a SSD will allocate a new (or previously used) page for the overwritten data. The page that contains the now invalid data will simply be marked as invalid and at some point it’ll get erased. So, what would be the best way to securely erase files stored on a SSD? Overwriting with random data as we are used to from hard disks (e.g. using the "shred" utility) won't work unless you overwrite the WHOLE drive...

  Read the article

• zip password crack possible?

  - by tm1rbrt

  I have a piece of software i have to install on company laptops. The installer needs a serial to work properly, but i don't have it (my manager isn't here so i cant ask him). The installer tells me to ring a phone number which doesnt appear to be connected anymore. I would download win32dasm and ollydbg and have a go at cracking the installer but i dont really have time and i havnt done it in years. There is a zip file on the disc that looks like it contains all the program files but it is passworded. Is it feasible to crack this or will it take ages?

  Read the article

• Disallow root to su on a user which is not listed in /etc/passwd

  - by marc.riera

  Hello, on linux we autenticate users against AD. The AD users are not listed on /etc/passwd. We are about to deploy a NFS solution to mount some extra space for each group of users. If a user(A) with sudo su privileges goes to root, then he can impersonate user(B) just by su user(B) and going to the NFS. Is there any way to disallow root to su user if the user is not listed on /etc/passwd ? Thanks.

  Read the article

• Which trojan is this?

  - by omgHelpMe

  Could you identify this trojan/keylogger based on the set of files? I've been able to find out that the file names are random except rp.dll. Also, the icons are always the same. Thanks guys.

  Read the article

• Webserver logs: "Morfeus Fucking Scanner"

  - by Patrick

  I've just found these accesses in my web server log files: ::ffff:218.38.136.38 109.72.95.175 - [10/Jan/2011:02:54:12 +0100] "GET /user/soapCaller.bs HTTP/1.1" 404 345 "-" "Morfeus Fucking Scanner" ::ffff:218.38.136.38 109.72.95.174 - [10/Jan/2011:02:54:12 +0100] "GET /user/soapCaller.bs HTTP/1.1" 404 345 "-" "Morfeus Fucking Scanner" Should I start to worry ? Or is it just a normal attempt to hack my server ? thanks

  Read the article

• What is the difference between /sbin/nologin and /bin/false?

  - by Michael Hampton

  I have often heard it recommended that a user account should be disabled by setting its shell to /bin/false. But, on my existing Linux systems, I see that a great number of existing accounts (all of them service accounts) have a shell of /sbin/nologin instead. I see from the man page that /sbin/nologin prints a message to the user saying the account is disabled, and then exits. Presumably /bin/false would not print anything. I also see that /sbin/nologin is listed in /etc/shells, while /bin/false is not. The man page says that FTP will disable access for users with a shell not listed in /etc/shells and implies that other programs may do the same. Does that mean that somebody could FTP in with an account that has /sbin/nologin as its shell? What is the difference here? Which one of these should I use to disable a user account, and in what circumstances? What other effects does a listing in /etc/shells have?

  Read the article

• PCRE limits exceeded, but triggering rules are SQL related

  - by Wolfe

  [Mon Oct 15 17:12:13 2012] [error] [client xx.xx.xx.xx] ModSecurity: Rule 1d4ad30 [id "300014"][file "/usr/local/apache/conf/modsec2.user.conf"][line "349"] - Execution error - PCRE limits exceeded (-8): (null). [hostname "domain.com"] [uri "/admin.php"] [unique_id "UHx8LEUQwYEAAGutKkUAAAEQ"] And similar are spamming my error log for apache. It's only the admin side.. and only these two lines in the config: line 349: #Generic SQL sigs SecRule ARGS "(or.+1[[:space:]]*=[[:space:]]1|(or 1=1|'.+)--')" "id:300014,rev:1,severity:2,msg:'Generic SQL injection protection'" And line 356: SecRule ARGS "(insert[[:space:]]+into.+values|select.*from.+[a-z|A-Z|0-9]|select.+from|bulk[[:space:]]+insert|union.+select|convert.+\(.*from)" Is there a way to fix this problem? Can someone explain what is going on or if these rules are even valid to cause this error? I know it's supposedly a recursion protection.. but these protect against SQL injection so I'm confused.

  Read the article

• Correctly setting up UFW on Ubuntu Server 10 LTS which has Nginx, FastCGI and MySQL?

  - by littlejim84

  Hello. I'm wanting to get my firewall on my new webserver to be as secure as it needs to be. After I did research for iptables, I came across UFW (Uncomplicated FireWall). This looks like a better way for me to setup a firewall on Ubuntu Server 10 LTS and seeing that it's part of the install, it seems to make sense. My server will have Nginx, FastCGI and MySQL on it. I also want to be allow SSH access (obviously). So I'm curious to know exactly how I should set up UFW and is there anything else I need to take into consideration? After doing research, I found an article that explains it this way: # turn on ufw ufw enable # log all activity (you'll be glad you have this later) ufw logging on # allow port 80 for tcp (web stuff) ufw allow 80/tcp # allow our ssh port ufw allow 5555 # deny everything else ufw default deny # open the ssh config file and edit the port number from 22 to 5555, ctrl-x to exit nano /etc/ssh/sshd_config # restart ssh (don't forget to ssh with port 5555, not 22 from now on) /etc/init.d/ssh reload This all seems to make sense to me. But is it all correct? I want to back this up with any other opinions or advice to ensure I do this right on my server. Many thanks!

  Read the article

• Creating limited user account on Windows 7

  - by serena

  I'm sharing my PC (Win 7 x64 Home Premium) with a friend, and I wanna create a guest user for her. I don't want her to reach my files, Windows settings, program adjustments etc. She should just surf the net, create/edit her own Word, Excel documents, and simple things like these. How can I create this user account and make the necessary arrangements for limitations?

  Read the article

• Possible DNS Injection and/or SSL hijack?

  - by Anthony

  So if I go to my site without indicating the protocol, I'm taken to: http://example.org/test.php But if I go directly to: https://example.org/test.php I get a 404 back. If I go to just: https://example.org I get a totally different site (a page about martial arts). I went to the site via https not very long ago (maybe a week?) and it was fine. This is a shared server, as I understand it, and I do not have shell access, so I'm limited to the site's CPanel to do any further investigations. But when I go to: example.org:2083 I'm taken to https://example.org:2083, which, if someone has taken over the SSL port, could mean they have taken over the 2083 part as well (at least in my paranoid mind). I'm made more nervous by the fact that the cpanel login page at the above address looks very new (better, really) compared to the last time I went to it over the weekend. It's possible that wires got crossed somewhere after a system update, but I don't want to put in my name username and password in case it's a phishing attempt. Is there any way to know for sure without shell access to know for sure if someone has taken over? If I look up the IP address for the host name, the IP address matches what I have on a phpinfo page I can get to over http. If I go to the IP address directly on port 2083, I get the same login mentioned above (new and and suspiciously nice). But the SSL cert shows as good when I go this route. So if that's the case (I know the IP is right, the cert checks out, and there isn't any DNS involved), is that enough to feel safe at that point of entry? Finally, if I can safely log in via the IP, does anyone have any advice on where to check first on CPanel for why the SSL port is forwarding to a site on karate? Thanks.

  Read the article

• Using SSLv3 - Enabling Strong Ciphers Server 2008

  - by Igor K

  I've disabled SSLv2 and SSLv3 is on. However I cannot connect to a remote server which fails with The client and server cannot communicate, because they do not possess a common algorithm Ran an SSL check (http://www.serversniff.net/sslcheck.php) on the remote server and ours, and noticed none of the ciphers they accept we have on our server. How can this be configured? (Windows Web Server 2008) Remote Server Accepted SSL ciphers: DHE-RSA-AES256-SHA AES256-SHA EDH-RSA-DES-CBC3-SHA DES-CBC3-SHA DHE-RSA-AES128-SHA AES128-SHA Our server by default accepts: DES-CBC3-SHA RC4-SHA RC4-MD5

  Read the article

• tacacs integration with database

  - by chingupt

  We are setting up TACACS+ in our network which is a mix of Cisco AP's and other brands. However we have a centralized managemnet system which allows our customers to centrally configure services. Hence we would like to setup a tacacs+ server integrated with some database. Can this be done? I found the following package at www.shrubbery.net/tac_plus/ but it does not have the necessary plugins for database. Please let me know how to go about this. TIA Sachin

  Read the article

• Network vulnerability and port scanning services

  - by DigitalRoss

  I'm setting up a periodic port scan and vulnerability scan for a medium-sized network implementing a customer-facing web application. The hosts run CentOS 5.4. I've used tools like Nmap and OpenVAS, but our firewall rules have special cases for connections originating from our own facilities and servers, so really the scan should be done from the outside. Rather than set up a VPS or EC2 server and configuring it with various tools, it seems like this could just be contracted out to a port and vulnerability scanning service. If they do it professionally they may be more up to date than something I set up and let run for a year... Any recommendations or experience doing this?

  Read the article

• Information about recent code injection from http://superiot.ru

  - by klennepette

  Hello, I manage the hosting for a few dozen websites. Since about a week I've been finding this code in 12 different websites in theindex.php files: <script type="text/javascript" src="http://superiot.ru/**.js"></script> // The name of the actual javascript file differs <!-- some hash here--> Some of the websites are on different servers, some aren't. I'm just wondering if anyone else has been seeing this too. Edit with some more information: All servers are centOS 5.3 PHP versions are either 5.2.9 or 5.2.4 Apache versions are either 2.2.3 or 1.3.39

  Read the article

• Sensitive data in init scripts

  - by Steve Jorgensen

  I'm adapting some examples I've found by Googling to build an init script to run a VirtualBox OSE virtual machine as a daemon. I would like to specify a password for VNC access to the VM, and this must be given as an argument to the VBoxHeadless command. Conventionally, init scripts are readable by standard users, and this seems like a useful convention, but I also don't want the VNC password for this VM to be stored in easily accessible plain text. What's the most appropriate/conventional way to handle this kind of situation? Maybe put a root-readable supporting data file someplace, and have the init script load the value from there?

  Read the article

• How to stop registration attempts on Asterisk

  - by Travesty3

  The main question: My Asterisk logs are littered with messages like these: [2012-05-29 15:53:49] NOTICE[5578] chan_sip.c: Registration from '<sip:[email protected]>' failed for '37.75.210.177' - No matching peer found [2012-05-29 15:53:50] NOTICE[5578] chan_sip.c: Registration from '<sip:[email protected]>' failed for '37.75.210.177' - No matching peer found [2012-05-29 15:53:55] NOTICE[5578] chan_sip.c: Registration from '<sip:[email protected]>' failed for '37.75.210.177' - No matching peer found [2012-05-29 15:53:55] NOTICE[5578] chan_sip.c: Registration from '<sip:[email protected]>' failed for '37.75.210.177' - No matching peer found [2012-05-29 15:53:57] NOTICE[5578] chan_sip.c: Sending fake auth rejection for device <sip:[email protected]>;tag=cb23fe53 [2012-05-29 15:53:57] NOTICE[5578] chan_sip.c: Sending fake auth rejection for device <sip:[email protected]>;tag=cb23fe53 [2012-05-29 15:54:02] NOTICE[5578] chan_sip.c: Registration from '<sip:[email protected]>' failed for '37.75.210.177' - No matching peer found [2012-05-29 15:54:03] NOTICE[5578] chan_sip.c: Registration from '<sip:[email protected]>' failed for '37.75.210.177' - No matching peer found [2012-05-29 21:20:36] NOTICE[5578] chan_sip.c: Registration from '"55435217"<sip:[email protected]>' failed for '65.218.221.180' - No matching peer found [2012-05-29 21:20:36] NOTICE[5578] chan_sip.c: Registration from '"1731687005"<sip:[email protected]>' failed for '65.218.221.180' - No matching peer found [2012-05-30 01:18:58] NOTICE[5578] chan_sip.c: Sending fake auth rejection for device "unknown" <sip:[email protected]>;tag=dEBcOzUysX [2012-05-30 01:18:58] NOTICE[5578] chan_sip.c: Sending fake auth rejection for device "unknown" <sip:[email protected]>;tag=9zUari4Mve [2012-05-30 01:19:00] NOTICE[5578] chan_sip.c: Sending fake auth rejection for device "unknown" <sip:[email protected]>;tag=sOYgI1ItQn [2012-05-30 01:19:02] NOTICE[5578] chan_sip.c: Sending fake auth rejection for device "unknown" <sip:[email protected]>;tag=2EGLTzZSEi [2012-05-30 01:19:04] NOTICE[5578] chan_sip.c: Sending fake auth rejection for device "unknown" <sip:[email protected]>;tag=j0JfZoPcur [2012-05-30 01:19:06] NOTICE[5578] chan_sip.c: Sending fake auth rejection for device "unknown" <sip:[email protected]>;tag=Ra0DFDKggt [2012-05-30 01:19:08] NOTICE[5578] chan_sip.c: Sending fake auth rejection for device "unknown" <sip:[email protected]>;tag=rR7q7aTHEz [2012-05-30 01:19:10] NOTICE[5578] chan_sip.c: Sending fake auth rejection for device "unknown" <sip:[email protected]>;tag=VHUMtOpIvU [2012-05-30 01:19:12] NOTICE[5578] chan_sip.c: Sending fake auth rejection for device "unknown" <sip:[email protected]>;tag=JxZUzBnPMW I use Asterisk for an automated phone system. The only thing it does is receives incoming calls and executes a Perl script. No outgoing calls, no incoming calls to an actual phone, no phones registered with Asterisk. It seems like there should be an easy way to block all unauthorized registration attempts, but I have struggled with this for a long time. It seems like there should be a more effective way to prevent these attempts from even getting far enough to reach my Asterisk logs. Some setting I could turn on/off that doesn't allow registration attempts at all or something. Is there any way to do this? Also, am I correct in assuming that the "Registration from ..." messages are likely people attempting to get access to my Asterisk server (probably to make calls on my account)? And what's the difference between those messages and the "Sending fake auth rejection ..." messages? Further detail: I know that the "Registration from ..." lines are intruders attempting to get access to my Asterisk server. With Fail2Ban set up, these IPs are banned after 5 attempts (for some reason, one got 6 attempts, but w/e). But I have no idea what the "Sending fake auth rejection ..." messages mean or how to stop these potential intrusion attempts. As far as I can tell, they have never been successful (haven't seen any weird charges on my bills or anything). Here's what I have done: Set up hardware firewall rules as shown below. Here, xx.xx.xx.xx is the IP address of the server, yy.yy.yy.yy is the IP address of our facility, and aa.aa.aa.aa, bb.bb.bb.bb, and cc.cc.cc.cc are the IP addresses that our VoIP provider uses. Theoretically, ports 10000-20000 should only be accessible by those three IPs.+-------+-----------------------------+----------+-----------+--------+-----------------------------+------------------+ | Order | Source Ip | Protocol | Direction | Action | Destination Ip | Destination Port | +-------+-----------------------------+----------+-----------+--------+-----------------------------+------------------+ | 1 | cc.cc.cc.cc/255.255.255.255 | udp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 10000-20000 | | 2 | any | tcp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 80 | | 3 | any | tcp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 2749 | | 4 | any | tcp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 443 | | 5 | any | tcp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 53 | | 6 | any | tcp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 1981 | | 7 | any | tcp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 1991 | | 8 | any | tcp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 2001 | | 9 | yy.yy.yy.yy/255.255.255.255 | udp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 137-138 | | 10 | yy.yy.yy.yy/255.255.255.255 | tcp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 139 | | 11 | yy.yy.yy.yy/255.255.255.255 | tcp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 445 | | 14 | aa.aa.aa.aa/255.255.255.255 | udp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 10000-20000 | | 17 | bb.bb.bb.bb/255.255.255.255 | udp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 10000-20000 | | 18 | any | tcp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 1971 | | 19 | any | tcp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 2739 | | 20 | any | tcp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 1023-1050 | | 21 | any | all | inbound | deny | any on server | 1-65535 | +-------+-----------------------------+----------+-----------+--------+-----------------------------+------------------+ Set up Fail2Ban. This is sort of working, but it's reactive instead of proactive, and doesn't seem to be blocking everything (like the "Sending fake auth rejection ..." messages). Set up rules in sip.conf to deny all except for my VoIP provider. Here is my sip.conf with almost all commented lines removed (to save space). Notice at the bottom is my attempt to deny all except for my VoIP provider:[general] context=default allowguest=no allowoverlap=no bindport=5060 bindaddr=0.0.0.0 srvlookup=yes disallow=all allow=g726 allow=ulaw allow=alaw allow=g726aal2 allow=adpcm allow=slin allow=lpc10 allow=speex allow=g726 insecure=invite alwaysauthreject=yes ;registertimeout=20 registerattempts=0 register = user:pass:[email protected]:5060/700 [mysipprovider] type=peer username=user fromuser=user secret=pass host=sip.mysipprovider.com fromdomain=sip.mysipprovider.com nat=no ;canreinvite=yes qualify=yes context=inbound-mysipprovider disallow=all allow=ulaw allow=alaw allow=gsm insecure=port,invite deny=0.0.0.0/0.0.0.0 permit=aa.aa.aa.aa/255.255.255.255 permit=bb.bb.bb.bb/255.255.255.255 permit=cc.cc.cc.cc/255.255.255.255

  Read the article

• Does WD Drive Lock encrypt the data?

  - by ssg

  I wonder if WD Drive Lock ineed encrypts the data on a Western Digital My Book Essential device or just puts a firmware-level password on the device. If it's just a password the data surely could be retrieved by a third party. I could not find anything on about that on user manuals. I found a blog saying "data is secured with AES256" bla bla but that doesn't say anything about if the password could be compromised or not. Because I don't see any delays when I add/remove the password. On the other hand when I enable BitLocker, it takes hours before it encrypts everything with my password.

  Read the article

• How do I disable administrator prompt in Windows 8?

  - by Arnold Zokas

  I am using Windows 8 Enterprise on my development machine. Most of the time, I need full administrator for debugging, changing system files, etc. In Windows 7, setting UAC to "never notify" would disable any administrator prompts. In Windows 8 this is no longer the case. Even with UAC disabled I get prompted to grant programs elevated privileges. Is there a way disable this behaviour? Note: I am fully aware of the repercussions. I have antivirus, firewall, etc and am generally quite careful about what I download or install on my machine.

  Read the article

• Open source system for swipe card access?

  - by Moduspwnens

  We're looking at replacing our campus-wide magnetic swipe card system with something more robust. The "programmer" side of me says there's got to be an open-source, scalable solution that already does this, but all I've been able to find are proprietary vendor-specific solutions. Ideally, it'd have the following: Based on some open standard that allows us to select from a wide selection of card readers (like IMAP or HTTP) Support different kinds of card access (magnetic strip, RFIDs, etc.) Future-proof (to the extent possible) The lack of information I'm finding leads me to believe I'm not searching for the right things... or such a solution doesn't exist. Is there not some basic, open-source solution to this (like MySQL for databases, or Moodle for an LMS, or Apache for a web server)?

  Read the article

• Bad ways to secure wireless network.

  - by Moshe

  I was wondering if anybody had any thoughts on this, as I recently saw a Verizon DSL network set up where the WEP key was the last 8 characters of the router's MAC address. (It's bad enough that hey were using WEP in the first place...)

  Read the article

• How to securely store and update backup on remote server via ssh/rsync

  - by Sergey P. aka azure

  I have about 200 Gb of pictures (let's say about 1 mb/file, 200k files) on my desktop. I have access (including root access) to remote linux server. And I want to have updateable backup of my pictures on remote server. rsync seems to be the right tool for such kind of job. But other people also have access (including root access) to this server and I want to keep my pictures private. So the question is: what is the best way to keep private files on remote "shared" linux server securely?

  Read the article

• how insecure is my short password really?

  - by rika-uehara

  Using systems like TrueCrypt, when I have to define a new password I am often informed that using a short password is insecure and "very easy" to break by brute-force. I always use passwords of 8 characters in length, which are not based on dictionary words, which consists of characters from the set A-Z, a-z, 0-9 I.e. I use password like sDvE98f1 How easy is it to crack such a password by brute-force? I.e. how fast. I know it heavily depends on the hardware but maybe someone could give me an estimate how long it would take to do this on a dual core with 2GHZ or whatever to have a frame of reference for the hardware. To briute-force attack such a password one needs not only to cycle through all combinations but also try to de-crypt with each guessed password which also needs some time. Also, is there some software to brute-force hack truecrypt because I want to try to brute-force crack my own passsword to see how long it takes if it is really that "very easy".

  Read the article

< Previous Page | 141 142 143 144 145 146 147 148 149 150 151 152  | Next Page >