Search Results

Search found 16593 results on 664 pages for 'adf security deploy'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 159/664 | < Previous Page | 155 156 157 158 159 160 161 162 163 164 165 166  | Next Page >

  • Is it okay to use an administrator account for everyday use if UAC is on?

    - by Valentin Radu
    Since I switched to Windows 7 about 3 years ago, and now using Windows 8.1, I have become familiar with the concept of User Account Control and used my PC the following way: a standard account which I use for every day work and the built-in Administrator account activated and used only to elevate processes when they request so, or to ”Run as administrator” applications when I need to. However, recently after reading more about User Account Control, I started wondering if my way of working is good? Or should I use an administrator account for every day work, since an administrator account is not elevated until requested by apps, or until I request so via the ”Run as administrator” option? I am asking this because I read somewhere that the built-in Administrator account is a true administrator, by which I mean UAC doesn't pop up when logged in within it, and I am scared of not having problems when potential malicious software come into scene. I have to mention that I do not use it on a daily basis, just when I need to elevate some apps. I barely log in into it 10 times a year... So, how's better? Thanks for your answers! And Happy New Year, of course! P.S. I asked this a year ago (:P) and I think I should reiterate it: is an administrator account as safe these days as a standard account coupled with the built-in Administrator account when needed?

    Read the article

  • Why some recovery tools are still able to find deleted files after I purge Recycle Bin, defrag the disk and zero-fill free space?

    - by Ivan
    As far as I understand, when I delete (without using Recycle Bin) a file, its record is removed from the file system table of contents (FAT/MFT/etc...) but the values of the disk sectors which were occupied by the file remain intact until these sectors are reused to write something else. When I use some sort of erased files recovery tool, it reads those sectors directly and tries to build up the original file. In this case, what I can't understand is why recovery tools are still able to find deleted files (with reduced chance of rebuilding them though) after I defragment the drive and overwrite all the free space with zeros. Can you explain this? I thought zero-overwritten deleted files can be only found by means of some special forensic lab magnetic scan hardware and those complex wiping algorithms (overwriting free space multiple times with random and non-random patterns) only make sense to prevent such a physical scan to succeed, but practically it seems that plain zero-fill is not enough to wipe all the tracks of deleted files. How can this be?

    Read the article

  • What is a good solution for an adaptive iptables daemon?

    - by Matt
    I am running a series of web servers and already have a pretty good set of firewall rules set up, however I'm looking for something to monitor the traffic and add rules as needed. I have denyhosts monitoring for bad SSH logins, and that's great - but I'd love something I could apply to the whole machine that would help prevent bute force attacks against my web applications as well, and add rules to block IPs that display evidence of common attacks. I've seen APF, but it looks as though it hasn't been updated in several years. Is it still in use and would it be good for this? Also, what other solutions are out there that would manipulate iptables to behave in some adaptive fashion? I'm running Ubuntu Linux, if that helps.

    Read the article

  • Software Engineer's explanation of Facebook photo privacy, with UML diagram?

    - by Alex R
    Facebook photo privacy is more complex than most people think - including the bloggers who fill the Internet trying to explain it in simple terms. Not only there is the basic album-level privacy setting to consider, but also what happens with Tagging (and related privacy settings) as well as the Share button when clicked by a Friend. Has anybody seen a good, engineering-type (e.g. UML) diagram? I envision it should include the various privacy "states" a photo can be in, what causes state transitions, and the characteristics of each state? Thanks

    Read the article

  • Why are email transfers between mail servers often not encrypted? Why aren't users warned about it?

    - by AmV
    Users can often choose if they want to access their email provider (such as Gmail) using a secure channel (e.g. using HTTPS). However, to the best of my knowledge, when it comes to mail-server-to-mail-server communications, most emails are still transferred in plain text and not encrypted, making it possible to anybody on the network to read their content. Are there any technologies that give the user some guarantees that his emails are sent securely from end to end ? Why not let the user know when encryption is not supported and let him choose if he wants his email to be still delivered ?

    Read the article

  • How to setup server to accept pem(private RSA key) login w/o password like EC2?

    - by Chandler.Huang
    I am manage a group of VM and I need to setup all vm create a ssh tunnel to a specific host A. One way to do this is append public key of each VM to host's authorized_keys, but I guess I have to do the append each time i create a VM. So I am trying to config host A to accept pem or private key login without passowrd, just like EC2, client can use "ssh -i PEM" to login host A. But I have tried in vain for hours. I create a rsa public/private key and let VM use the private key to login, no matter what I do, host a still ask for password. Is there anything I missed ? Thanks.

    Read the article

  • Making Puppet manifests/modules available to a wide audience

    - by Kyle Smith
    Our team rolled puppet out to our systems over the last six months. We're managing all sorts of resources, and some of them have sensitive data (database passwords for automated backups, license keys for proprietary software, etc.). Other teams want to get involved in the development of (or at least be able to see) our modules and manifests. What have other people done to continue to have secure data moving through Puppet, while sharing the modules and manifests with a larger audience?

    Read the article

  • Got Hacked. Want to understand how.

    - by gaoshan88
    Someone has, for the second time, appended a chunk of javascript to a site I help run. This javascript hijacks Google adsense, inserting their own account number, and sticking ads all over. The code is always appended, always in one specific directory (one used by a third party ad program), affects a number of files in a number of directories inside this one ad dir (20 or so) and is inserted at roughly the same overnight time. The adsense account belongs to a Chinese website (located in a town not an hour from where I will be in China next month. Maybe I should go bust heads... kidding, sort of), btw... here is the info on the site: http://serversiders.com/fhr.com.cn So, how could they append text to these files? Is it related to the permissions set on the files (ranging from 755 to 644)? To the webserver user (it's on MediaTemple so it should be secure, yes?)? I mean, if you have a file that has permissions set to 777 I still can't just add code to it at will... how might they be doing this? Here is a sample of the actual code for your viewing pleasure (and as you can see... not much to it. The real trick is how they got it in there): <script type="text/javascript"><!-- google_ad_client = "pub-5465156513898836"; /* 728x90_as */ google_ad_slot = "4840387765"; google_ad_width = 728; google_ad_height = 90; //--> </script> <script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script> Since a number of folks have mentioned it, here is what I have checked (and by checked I mean I looked around the time the files were modified for any weirdness and I grepped the files for POST statements and directory traversals: access_log (nothing around the time except normal (i.e. excessive) msn bot traffic) error_log (nothing but the usual file does not exist errors for innocuous looking files) ssl_log (nothing but the usual) messages_log (no FTP access in here except for me)

    Read the article

  • Is there a filesystem firewall?

    - by Jenko
    Ever since firewalls appeared on the scene, it became hard for rogue programs to access the internet. But you and I know that running applications get unrestricted access to the filesystem. They can read your files and send them to poppa. (programs such as web browsers and IM clients, which are allowed thru the internet firewall) Any way to know which programs are accessing your files? or limit their access to a specific partition?

    Read the article

  • How to use basic auth for single file in otherwise forbidden Apache directory?

    - by mit
    I want to allow access to a single file in a directory that is otherwise forbidden. This did not work: <VirtualHost 10.10.10.10:80> ServerName example.com DocumentRoot /var/www/html <Directory /var/www/html> Options FollowSymLinks AllowOverride None order allow,deny allow from all </Directory> # disallow the admin directory: <Directory /var/www/html/admin> order allow,deny deny from all </Directory> # but allow this single file:: <Files /var/www/html/admin/allowed.php> AuthType basic AuthName "private area" AuthUserFile /home/webroot/.htusers Require user admin1 </Files> ... </VirtualHost> When I visit http://example.com/admin/allowed.php I get the Forbidden message of the http://example.com/admin/ directory. How can I make an exception for allowed.php? If not possible, maybe I could enumerate all forbidden files in another Files directive? Let's say admin/ contains also user.php and admin.php which should be forbidden in this virtual host.

    Read the article

  • Manually start screensaver with password protect

    - by gibberish
    Windows 7 I wish to manually lock the computer so I placed a shortcut to scrnsave.exe on the desktop. (I do not want the user to use Ctrl+Alt+Del -- Lock This Computer for various reasons) Problem is that when double-clicked, the screen saver starts but it's not password protected. However, in Personalization -- Screen Saver, that same screen saver is the selected one and it IS configured to display logon screen upon resume. And that works when Windows starts the screen saver. So how can I cause "On resume, display logon screen" behavior by manually starting a screen saver? (Scripting is an option if I know what to do.)

    Read the article

  • secure user-authentication in squid: The Story

    - by Isaac
    once upon a time, there was a beautiful warm virtual-jungle in south america, and a squid server lived there. here is an perceptual image of the network: <the Internet> | | A | B Users <---------> [squid-Server] <---> [LDAP-Server] When the Users request access to the Internet, squid ask their name and passport, authenticate them by LDAP and if ldap approved them, then he granted them. Everyone was happy until some sniffers stole passport in path between users and squid [path A]. This disaster happened because squid used Basic-Authentication method. The people of jungle gathered to solve the problem. Some bunnies offered using NTLM of method. Snakes prefered Digest-Authentication while Kerberos recommended by trees. After all, many solution offered by people of jungle and all was confused! The Lion decided to end the situation. He shouted the rules for solutions: Shall the solution be secure! Shall the solution work for most of browsers and softwares (e.g. download softwares) Shall the solution be simple and do not need other huge subsystem (like Samba server) Shall not the method depend on special domain. (e.g. Active Directory) Then, a very resonable-comprehensive-clever solution offered by a monkey, making him the new king of the jungle! can you guess what was the solution? Tip: The path between squid and LDAP is protected by the lion, so the solution have not to secure it. Note: sorry for this boring and messy story! /~\/~\/~\ /\~/~\/~\/~\/~\ ((/~\/~\/~\/~\/~\)) (/~\/~\/~\/~\/~\/~\/~\) (//// ~ ~ \\\\) (\\\\( (0) (0) )////) (\\\\( __\-/__ )////) (\\\( /-\ )///) (\\\( (""""") )///) (\\\( \^^^/ )///) (\\\( )///) (\/~\/~\/~\/) ** (\/~\/~\/) *####* | | **** /| | | |\ \\ _/ | | | | \_ _________// Thanks! (,,)(,,)_(,,)(,,)--------'

    Read the article

  • Hide/Replace Nginx Location Header?

    - by Steven Ou
    I am trying to pass a PCI compliance test, and I'm getting a single "high risk vulnerability". The problem is described as: Information on the machine which a web server is located is sometimes included in the header of a web page. Under certain circumstances that information may include local information from behind a firewall or proxy server such as the local IP address. It looks like Nginx is responding with: Service: https Received: HTTP/1.1 302 Found Cache-Control: no-cache Content-Type: text/html; charset=utf-8 Location: http://ip-10-194-73-254/ Server: nginx/1.0.4 + Phusion Passenger 3.0.7 (mod_rails/mod_rack) Status: 302 X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 3.0.7 X-Runtime: 0 Content-Length: 90 Connection: Close <html><body>You are being <a href="http://ip-10-194-73-254/">redirect ed</a>.</body></html> I'm no expert, so please correct me if I'm wrong: but from what I gathered, I think the problem is that the Location header is returning http://ip-10-194-73-254/, which is a private address, when it should be returning our domain name (which is ravn.com). So, I'm guessing I need to either hide or replace the Location header somehow? I'm a programmer and not a server admin so I have no idea what to do... Any help would be greatly appreciated! Also, might I add that we're running more than 1 server, so the configuration would need to be transferable to any server with any private address.

    Read the article

  • Using IP Tables to deny packet patterns?

    - by Chris
    I'm not experienced with IP tables but it's something I'll be looking into if this is plausible. I'm looking to set up a system to inspect packets and look for a pattern similar to korek's chop chop attack. Is there a way to set up the IP tables to defend against this attack? Thanks

    Read the article

  • china and gmail attachs -

    - by doug
    "We have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists. Based on our investigation to date we believe their attack did not achieve that objective. Only two Gmail accounts appear to have been accessed, and that activity was limited to account information (such as the date the account was created) and subject line, rather than the content of emails themselves.” [source] I don't know much about how internet works, but as long the chines gov has access to the chines internet providers servers, why do they need to hack gmail accounts? I assume that i don't understand how submitting/writing a message(from user to gmail servers) works, in order to be sent later to the other email address. Who can tell me how submitting a message to a web form works?

    Read the article

  • User permission settings on DNS with windows 2003 server R2 standard edition

    - by Ghost Answer
    I have windows server 2003 r2 standard edition and some XP OS clients systems. I have created the DNS and profiles for all user. Now I want to authorized some users to installation of softwares, remove softwares and other such kind of things. How to I make such kind of policies for all different users on DNS. Please help me. May be this question can be same for another but I didn't get the solutions.

    Read the article

  • Explanation of nodev and nosuid in fstab

    - by Ivan Kovacevic
    I see those two options constantly suggested on the web when someone describes how to mount a tmpfs or ramfs. Often also with noexec but I'm specifically interested in nodev and nosuid. I basically hate just blindly repeating what somebody suggested, without real understanding. And since I only see copy/paste instructions on the net regarding this, I ask here. This is from documentation: nodev - Don't interpret block special devices on the filesystem. nosuid - Block the operation of suid, and sgid bits. But I would like a practical explanation what could happen if I leave those two out. Let's say that I have configured tmpfs or ramfs(without these two mentioned options set) that is accessible(read+write) by a specific (non-root)user on the system. What can that user do to harm the system? Excluding the case of consuming all available system memory in case of ramfs

    Read the article

  • Avoiding users to corrupt and use a script

    - by EverythingRightPlace
    Is it possible to deny the right to copy files? I have a script which should be executable by others. They are also allowed to read the file (though it would not be a problem to forbid reading). But I don't want the script to be changed and executed. It's not a problem to set those permissions, but one could easily copy, change and run the script. Can this even be avoided? /edit The OS is Red Hat Enterprise Linux Workstation release 6.2 (Santiago).

    Read the article

  • 3 simple questions about file permissions

    - by Camran
    1- Wonder, is this a good setup of permissions in the /var directory? drwxr-xr-x 2 root root 4096 2010-05-30 03:34 backups drwxr-xr-x 7 root root 4096 2010-05-29 17:55 cache drwxr-xr-x 29 root root 4096 2010-05-29 17:55 lib drwxrwsr-x 2 root staff 4096 2009-07-14 04:36 local drwxrwxrwt 3 root root 60 2010-06-02 03:34 lock drwxr-xr-x 9 root root 4096 2010-06-02 03:34 log drwxrwsr-x 2 root man 4096 2009-09-20 20:36 mail drwxr-xr-x 2 root root 4096 2009-09-20 20:36 opt drwxrwxrwt 12 root root 420 2010-06-02 12:12 run drwxr-xr-x 4 root root 4096 2009-09-20 20:37 spool drwxrwxrwt 2 root root 4096 2009-07-14 04:36 tmp drwxr-xr-x 14 user root 4096 2010-05-30 22:21 www 2- Could you give me a brief explanation of the columns above? First one is which permissions they have. Second is a nr. Third and fourth says "root root" for example. fifth is another nr (4096 for example). and the others are obvious. 3- Could you give me a brief explanation of the folders above? Especially the "lock" and "tmp" folders. Lock contains an apache2 folder which seems empty. Thanks

    Read the article

  • Why not block ICMP?

    - by Agvorth
    I think I almost have my iptables setup complete on my CentOS 5.3 system. Here is my script... # Establish a clean slate iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT iptables -F # Flush all rules iptables -X # Delete all chains # Disable routing. Drop packets if they reach the end of the chain. iptables -P FORWARD DROP # Drop all packets with a bad state iptables -A INPUT -m state --state INVALID -j DROP # Accept any packets that have something to do with ones we've sent on outbound iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT # Accept any packets coming or going on localhost (this can be very important) iptables -A INPUT -i lo -j ACCEPT # Accept ICMP iptables -A INPUT -p icmp -j ACCEPT # Allow ssh iptables -A INPUT -p tcp --dport 22 -j ACCEPT # Allow httpd iptables -A INPUT -p tcp --dport 80 -j ACCEPT # Allow SSL iptables -A INPUT -p tcp --dport 443 -j ACCEPT # Block all other traffic iptables -A INPUT -j DROP For context, this machine is a Virtual Private Server Web app host. In a previous question, Lee B said that I should "lock down ICMP a bit more." Why not just block it altogether? What would happen if I did that (what bad thing would happen)? If I need to not block ICMP, how could I go about locking it down more?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 155 156 157 158 159 160 161 162 163 164 165 166  | Next Page >