Search Results

Search found 19179 results on 768 pages for 'ms security essentials'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 148/768 | < Previous Page | 144 145 146 147 148 149 150 151 152 153 154 155  | Next Page >

  • How to analyse logs after the site was hacked

    - by Vasiliy Toporov
    One of our web-projects was hacked. Malefactor changed some template files in project and 1 core file of the web-framework (it's one of the famous php-frameworks). We found all corrupted files by git and reverted them. So now I need to find the weak point. With high probability we can say, that it's not the ftp or ssh password abduction. The support specialist of hosting provider (after logs analysis) said that it was the security hole in our code. My questions: 1) What tools should I use, to review access and error logs of Apache? (Our server distro is Debian). 2) Can you write tips of suspicious lines detection in logs? Maybe tutorials or primers of some useful regexps or techniques? 3) How to separate "normal user behavior" from suspicious in logs. 4) Is there any way to preventing attacks in Apache? Thanks for your help.

    Read the article

  • How can I use fetchmail (or another email grabber) with OSX keychain for authentication?

    - by bias
    Every fetchmail tutorial I've read says putting your email account password clear-text in a config file is safe. However, I prefer security through layers (since, if my terminal is up and someone suspecting such email foolery slides over and simply types "grep -i pass ~/.*" then, oops, all my base are belong to them!). Now, with msmtp (as opposed to sendmail) I can authenticate using the OSX keychain. Is there an email 'grabber' that lets me use Keychains (specifically the OSX keychain) or at least, that lets me MD5 the password? This is a duplicate of my unanswered question on serverfault. I've put it on superuser because I'm doing this on a personal computer (viz. with OSX) so it's more of a superuser question.

    Read the article

  • How to access Windows Registry from DOS

    - by SEARAS
    How to access Windows Registry from DOS? I need to access registry from DOS, while I boot from DOS bootable disk. I've searched all the internet, and found only Offline NT Password and Registry Editor, which can not be used in DOS, as I understand. Also I've found RegView (from many mirrors), which isn't working too (I've tried many instructions). Is there any easy-in-usage tool, like reg.exe, which is able to load registry hives, so that I can change registry values?? Or any working instructions ?? Note: I already have a bootable drive, which can read/write to NTFS drives. Thanks in advance!

    Read the article

  • How can I set up VLANs in a way that won't put me at risk for VLAN hopping?

    - by hobodave
    We're planning to migrate our production network from a VLAN-less configuration to a tagged VLAN (802.1q) configuration. This diagram summarizes the planned configuration: One significant detail is that a large portion of these hosts will actually be VMs on a single bare-metal machine. In fact, the only physical machines will be DB01, DB02, the firewalls and the switches. All other machines will be virtualized on a single host. One concern that has been is that this approach is complicated (overcomplicated implied), and that the VLANs are only providing an illusion of security, because "VLAN hopping is easy". Is this a valid concern, given that multiple VLANs will be used for a single physical switch port due to virtualization? How would I setup my VLANs appropriately to prevent this risk? Also, I've heard that VMWare ESX has something called "virtual switches". Is this unique to the VMWare hypervisor? If not, is it available with KVM (my planned hypervisor of choice)?. How does that come into play?

    Read the article

  • "This file came from another computer..." - how can I unblock all the files in a folder without having to unblock them individually?

    - by Schnapple
    Windows XP SP2 and Windows Vista have this deal where zone information is preserved in downloaded files to NTFS partitions, such that it blocks certain files in certain applications until you "unblock" the files. So for example if you download a zip file of source code to try something out, every file will display this in the security settings of the file properties "This file came from another computer and might be blocked to help protect this computer" Along with an "Unblock" button. Some programs don't care, but Visual Studio will refuse to load projects in solutions until they've been unblocked. While it's not terribly difficult to go to every project file and unblock it individually, it's a pain. And it does not appear you can unblock multiple selected files simultaneously. Is there any way to unblock all files in a directory without having to go to them all individually? I know you can turn this off globally for all new files but let's say I don't want to do that

    Read the article

  • Securing a persistent reverse SSH connection for management

    - by bVector
    I am deploying demo Ubuntu 10.04 LTS servers in environments I do not control and would like to have an easy and secure way to administer these machines without having to have the destination firewall forward port 22 for SSH access. I've found a few guides to do this with reverse port (e.g. howtoforge reverse ssh tunneling guide) but I'm concerned with security of the stored ssh credentials required for the tunnel to be opened automatically. If the machine is compromised (primary concern is physical access to the machine is out of my control) how can I stop someone from using the stored credentials to poke around in the reverse ssh tunnel target machine? Is it possible to secure this setup, or would you suggest an alternate method?

    Read the article

  • Office 2007 Installer Not Logging When Run During Startup Script

    - by bshacklett
    I'm using a startup script to deploy Microsoft Office 2007 Standard. It's not working quite right and I'm trying to find logging information for it. Unfortunately, no log is being generated by setup. I've tried configuring the log at %temp%\, C:\, %systemroot%\temp and leaving it at defaults, all to no avail. Nothing is showing up in the event logs, either. Is there anywhere else I can go to look for information on what's going on with the installer?

    Read the article

  • Jenkins projects not visible even though user has all privleges

    - by Frank Rosario
    We want to lock down Jenkins and specific jobs to certain personnel. I have my account with all global privileges granted with project based matrix security. A coworker has a similar account and has been granted all the same privileges. When I log in with my account, I can see all of the projects we have setup. When my coworker whom has the exact same privileges logs in, none of the projects are visible. I've double and triple checked the permissions matrix to make sure we have the same global privileges; we do. Some of the projects have project specific privileges setup as well, but again; I've confirmed that both of us have the same access to these projects as well. So why can I see all the projects and my coworker is unable to see any of the projects?

    Read the article

  • Inexpensive degaussers or HDD shredders?

    - by Nicholas Knight
    I do a lot of work for a small cash-strapped business that has a lot of active hard drives, most are consumer-grade SATA of about five years of age, and predictably they are dying at an increasing rate, and a lot of the time they can't even be detected, let alone complete a zero-out cycle. Right now those drives are just being stored, but that can't continue forever. We've got a couple bad LTO tapes it'd be nice to deal with, too. There are very real security and legal issues that make dropping them off with someone who claims they'll be properly destroyed a gamble. I've looked around at degaussers and HDD shredders, and the ones that don't look like they come from some guy in his basement all seem to be $3000+, which is hard to swallow right now. Is there anything out there in the $500-1500 range that you would recommend? (Speed isn't a big issue, if it takes several minutes or even hours per drive, that's completely OK, we've only got 10 or so thus far.)

    Read the article

  • No Office XP Updates since installed Compatibility Pack from WSUS

    - by braindump
    Hey folks, we got a bunch of boxes, running Windows XP and Office XP. Since we installed the Office 2007 Compatibility Pack, Office XP does not get updates anymore. Our WSUS provides Office 2007 patches for these computers but no Office XP, e.g. the urgantly needed Serice Pack 3. We allready tried to remove the Compatibility Pack and Office XP, reinstalled Office but there was no change. Do you have any hints? PS: The Office XP has been installed from a compressed ISO, so no administrative installation point.

    Read the article

  • General High-Level Assessment

    - by tcarper
    Guys and Gals, I've been tasked with a doozy of an assignment. The objective is something akin to "laying of hands" on several database servers which work in concert to provide data to various Web, Client-Server and Tablet-Sync'd distributed Client-Server programs. More specifically, I've been asked to come up with a "Maintenance Plan" which includes recommendations for future work to improve these machines' performance/reliability/security/etc. Might there be some good articles on teh interwebs ya'll could point me towards which would give me some good basis to start? Articles describing "These are the top 4 overarching categories and this is how you should proceed when drilling down on each of them" sort-of-thing would be fabulous. The Databases are all SQL 2005, however the compatibility level is 80 and they were originally created with ERwin based on SQL 6.5. The OSs are all Windows Server 2003. Thanks all! Tim

    Read the article

  • How useful is mounting /tmp noexec?

    - by Novelocrat
    Many people (including the Securing Debian Manual) recommend mounting /tmp with the noexec,nodev,nosuid set of options. This is generally presented as one element of a 'defense-in-depth' strategy, by preventing the escalation of an attack that lets someone write a file, or an attack by a user with a legitimate account but no other writable space. Over time, however, I've encountered arguments (most prominently by Debian/Ubuntu Developer Colin Watson) that noexec is a useless measure, for a couple potential reasons: The user can run /lib/ld-linux.so <binary> in an attempt to get the same effect. The user can still run system-provided interpreters on scripts that can't be run directly Given these arguments, the potential need for more configuration (e.g. debconf likes an executable temporary directory), and the potential loss of convenience, is this a worthwhile security measure? What other holes do you know of that enable circumvention?

    Read the article

  • What are the replacement options for an IDE hard disk for a DOS based system?

    - by dummzeuch
    I have got a few "embedded" systems running MSDOS 6.2 which boot from and store data to IDE hard disks. Since these drives are nearing their end of life, the question arises how we can replace them. The requirements are: DOS must be able to install and boot from these drives. They must be able to sustain heavy (mostly) write access. If possible, they should be able to survive moderate vibrations (not too bad since the current hard disks have survived several years of that) I considered the following options so far: other ide hard drives: Unfortunately modern IDE drives are too large so DOS cannot boot from them even if I create small partitions. Older IDE drives are just that: old, so they are probably not the most reliable ones any more. SSDs: There are a few SSDs with IDE interface available. I have not yet tried them. Does anybody have any experience with them? They look like the ideal replacement provided that DOS can boot from them and that writing speed does not deteriorate too much (the old hard disks are no race cars either). Compact Flash: There are adapters for using CF with IDE controllers and they work fine. DOS can boot from them and they have no problems at all with vibrations. What I am not sure about is their durability. DOS uses FAT so some very few sectors are written every time the medium is being written to. IDE to SATA converters: I have no idea whether they are any good. Has anybody tried them? It might be an option to use one of these to connect an SATA SSD to the system. Are there any alternatives that I have missed? (We are working on replacing these systems, but it will still take a few years.)

    Read the article

  • How do I search my mail and Office Communicator conversations from inside Outlook?

    - by Anthony Mastrean
    I am running Office Communicator 2007 R2 and Outlook 2010 on a Microsoft Exchange Server 2010. I am storing my conversation history from Communicator in Exchange in the default folder, "Conversation History". I'm using the conversation view in Outlook. And I have a Gmail-like macro to archive my conversations to an "Archive" folder. I want to search all my mail and conversations at once. By default, Outlook is searching in the current folder only. I tried creating a rule to move the conversations to my Archive folder, but couldn't configure it correctly.

    Read the article

  • How do I securely share / allow access to a drive?

    - by sleske
    To simplify backing up a laptop (Windows Vista), I'm planning on sharing its C: drive (with password protection) and using that to back it up from another computer. What are the security implications of this? If I share C: with a reasonable password, how big is the risk of compromise if the system is e.g. inadvertently used on a public WLAN or similar? Background: I'm planning to use [Areca Backup][1] to back up two systems (Windows XP and Vista). My current plan is to install Areca on the XP box, and share the Vista system's C: as a shared folder, so the XP system can read it. Then I can set up the drive as a network drive and have Areca read it like a local drive. Of course, if you can think of a more elegant way of doing this, I'm open to suggestions.

    Read the article

  • Administrator can run a application but produces error while a administrator previllaged user can run without error

    - by tough
    I have an application which can run as admin prevailed user without error but while administrator runs it it produces error. The input string was not in correct format-application error. I tried to figure it out but not possible, since most of the people are looking for admin privilege to run it, me looking why can't a admin run the program without errors? The program is related to mssql-2008 r2. The SQL log-in settings are same for both the users.

    Read the article

  • Apache trailing slash added to files problem

    - by Francisc
    Hello! I am having a problem with Apache. What it does is this: Take /index.php file containing an code with src set to relative path myimg.jpg, both in the root of my server. So, www.mysite.com would show the image as would www.mysite.com/index.php. However, if I access www.mysite.com/index.php/ (with a trailing slash) it does the odd thing of executing index.php code as it would be inside an index.php folder (e.g. /index.php/index.php), thus not showing the image anymore. This is a simple example that's easy to solve with absolte addressing etc, the problem I am getting from this a security one that's not so easily fixed. So, how can I get Apache to give a 403 or 404 when files are accessed "as folders"? Thank you.

    Read the article

  • What rights does an employer have to the employee's computer?

    - by Terrence Brannon
    What access rights should an employee grant an employer for a work computer? For instance, let's assume that the business people come to the IT lab late at night for discussions with the CIO and they use my computer for reading email and general web surfing. In a sense, this means that they are taking full or partial responsibility for any security issues that crop up that get traced back to the employee's machine. Perhaps the proper way to provide a computer to an employee is to give him full and exclusive use of it while employed. Only supervised access (such as hardware/software maintenance) should be acceptable.

    Read the article

  • Enabling the Power State Change Beep

    - by digitxp
    I have a Thinkpad T430s. I found on other Thinkpads there's a beep when you plug or unplug the AC cord. While I hear a lot of people say it's annoying it seems like a very useful security feature. However, when I go into the Power Manager the option to beep on plugging/unplugging ("Power State Change Beep") isn't there, even though it's in the help file already. I know it would be easy to rig a software solution to this event, but it would kind of defeat the purpose if it doesn't beep when it's in sleep. Is there a way to get this beep on my laptop?

    Read the article

  • Why does Windows Firewall show "Unidentified network" as one of my "Active public networks"?

    - by MousePad
    I have a machine that has wifi and ethernet. I have wifi active, and am not using ethernet. My Windows firewall shows two active networks, one is the wifi network I connect to, and the other is "Unidentified network". What is this unidentified network? I can't seem to be able to get rid of it because I can't find where it is even defined. How can you detect this and know whether this is just something appropriate or possibly a security problem? I am on Windows 7 64bit.

    Read the article

  • Is it secure to store the cert/key on a private AMI?

    - by Phillip Oldham
    Are there any major security implications to bundling a private AMI which contains the private key/certificate & environment variables? For resiliency I'm creating an EC2 image which should be able to boot and configure itself without any intervention. After boot it will attempt to: Attach & mount specific EBS volume(s) Associate a specific Elastic IP Start issuing backups of the EBS volume(s) to S3 However, to do this it will need the private key/pem files and will need certain environment variables to be available on start-up. Since this is a private AMI I'm wondering if it will be "safe" to store these variables/files directly in the image so that I don't need to specify any user-data information and can therefore start a new instance remotely (from my iPhone, if needed) should the instance be terminated for any reason.

    Read the article

  • Double Click to open Office docs is slow, File -> Open is fast.

    - by Keith
    I have 2 unique networks. They both share similar architecture: Windows 2003 SBS SP2 Running Symantec Endpoint Running Symantec Information Foundation Shared drives off a data partition Clients running Office 2003 or 2007 Connect to file server through mapped drives When users try to open a file from their local PC by double clicking, it will take 30-60 seconds to open. When they do File - Open, those same documents open up almost immediately. So far I've tried the following - CCleaner to parse the registry of outdated mapped drives - Disabled "using DDE" - Disabled A/V - Reboot Any ideas beyond that? Figured this question belongs here instead of SU since its the same issue on different networks.

    Read the article

  • How to get full write permission on my second drive after dual boot?

    - by Shaul
    I had a WinXP installation on my hard drive. Then I bought a 2nd drive and installed Win7. Dual boot working fine. But when I'm in the Win7 environment, it appears that I don't have full admin permission on the "D" drive (that's the drive with WinXP). Even though the user I'm logged in as has admin permissions, I have to run my apps with administrator privileges in order to get write access to the D drive. This is not the case when I do stuff on the C drive. I could just get into running those apps that access the D drive in admin mode, but that seems like overkill. Is there some secret switch I can flip so that my D drive acts like my C drive, security-wise?

    Read the article

  • Office 2010 OCT Outlook Filepaths

    - by vlannoob
    I'm playing around with customizing Office 2010 installs on my network, normally I just do a full manual install, but as the environment grows and the lazier I get its becoming a pain to do it manually every time. I've read up and downloaded the Office 2010 OCT tool and it looks relatively straight forward - with one exception - the Outlook Profile. I can 'get around it' by just leaving it all as default (or not enabling offline use) but I'd like to customise it slightly so that its all setup no matter who logs onto the PC. The only issue I have, and my question is: In the OCT - Outlook section What do you enter into the Path and Filename for the OST file and the Offline Address book seetings under Enable Offline Use section? I'm sweet with everything else - just that one section, and I think if I bugger that one it will kill the whole Outlook Profile?? It would need to go into each users unique filepath for their profile correct? I have a fair idea of what should be there but I'm struggling with the correct syntax. I know this is a stupid question....but its late in the day and my brain is fried ;) As usual - any and all help/assistance is appreciated ;)

    Read the article

  • Any problems with using a 301 redirect to force https traffic in IIS?

    - by Jess
    Is there any problem with using a 301 redirect to force all traffic to go to a secure-only site? We originally had redirect rules, but enforcing SSL-only seemed more secure. Here is how we set it up: Site 1: https://example.com/ Require SSL set Bound to 443 only Site 2: http://example.com Bound to 80 only Empty folder - no actual html or other data 301 Redirects to https://example.com This seems to work beautifully, but are there any issues with doing this? Would any browsers not recognize the 301 redirect, or could there be security warnings during the redirect?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 144 145 146 147 148 149 150 151 152 153 154 155  | Next Page >