Search Results

Search found 25872 results on 1035 pages for 'document security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 174/1035 | < Previous Page | 170 171 172 173 174 175 176 177 178 179 180 181  | Next Page >

  • How to detect device type from device connected to router?

    - by molly
    I have a att router and there is an unknown device connected to my network. I can't seem to kick it off because of how att's router settings are created which is kind of dumb. I am able to see its local ip and mac address. I am on a mac with snow leopard. How can I get more information on the device with the information that I have? I want to see what kind of device it is, I have checked all devices that are connected to the router and none seem to match the local ip that is connected. I have WPA encryption setup with a strong password.

    Read the article

  • How do I properly check if a program is a virus/trojan in VMware?

    - by acidzombie24
    How I should check if a program is a virus in VMware? Some programs I do need admin ability to install and it makes sense. But how do I know if it's doing more than I want? Some thoughts are: How many processes open when I launch the application What is added to the startup tab in msconfig If any services are added. That's pretty much all my ideas. Even if it does something I recognize I wouldn't know if it's necessary or not. What are some rule of thumb? -Edit- What about registries, can I use that information to help? Maybe have a scanner tell me if the application I just used has messed with sections (like bootup) it shouldn't have?

    Read the article

  • Hardening Word and Reader against exploits

    - by satuon
    I have recently heard a lot about exploits for PDF and DOC files on Windows, which when opened in Reader or Word would infect the computer. I'm assuming most of those exploits rely on some kind of active content, I've heard that Reader allows JavaScript for example. I already have antivirus, but I've heard they often don't catch those types of exploits, so I want to try a little proactive defense. Is there a way to harden Reader and Word by disabling plugins or options that are often used by exploits?

    Read the article

  • How to copy password from Mono-executed KeePass2 to xterm on Linux?

    - by Steve Emmerson
    I use KeePass2 to access username/password information in a Dropbox file. This allows convenient access from multiple devices. I can't seem to copy a password to the clipboard on my Linux 2.6.27.41-170.2.117.fc10.x86_64 system, however, in order to supply the password to a prompt in an xterm(1). I've tried both Ctrl+C/Ctrl+V and highlighting and mouse button 2 clicking. The KeePass2 program on the Linux system is executed by Mono. How can I copy the password to the xterm(1)? [Aside: I think we need a "KeePass" tag.] ADDENDUM: My mouse buttons were misconfigured: button 2 wasn't set to "copy". Sorry for the false alarm.

    Read the article

  • Isolating Apache virtualhosts from the rest of the system

    - by JesperB
    I am setting up a web server that will host a number of different web sites as Apache VirtualHosts, each of these will have the possibility to run scripts (primarily PHP, possiblu others). My question is how I isolate each of these VirtualHosts from eachother and from the rest of the system? I don't want e.g. website X to read the configuration of website Y or any of the server's "private" files. At the moment I have set up the VirtualHosts with FastCGI, PHP and SUExec as described here (http://x10hosting.com/forums/vps-tutorials/148894-debian-apache-2-2-fastcgi-php-5-suexec-easy-way.html), but the SUExec only prevents users from editing/executing files other than their own - the users can still read sensitive information such as config files. I have thought about removing the UNIX global read permission for all files on the server, as this would fix the above problem, but I'm not sure if I can safely do this without disrupting the server function. I also looked into using chroot, but it seems that this can only be done on a per-server basis, and not on a per-virtual-host basis. I'm looking for any suggestions that will isolate my VirtualHosts from the rest of the system. PS I'm running Ubuntu 12.04 server

    Read the article

  • Does a VPS need a firewall?

    - by Camran
    Do I need a firewall on my VPS which I ordered today? If so, which one would you recommend? I plan on running a classifieds website with Java, php, mysql. My OS is ubuntu 9.10 Thanks Btw: What is iptables?

    Read the article

  • How would you secure a home router with a self-signed certificate?

    - by jldugger
    littleblackbox is publishing "private keys" that are accessible on publicly available firmwares. Debian calls these "snake-oil" certs. Most of these routers are securing their HTTPS certs with these, and as I think about it, I've never seen one of these internal admin websites with certs that wasn't self signed. Given a webserver on IP 192.168.1.1, how do you secure it to the point that Firefox doesn't offer warnings (and is still secured)?

    Read the article

  • How would you secure a home router with a self-signed certificate?

    - by jldugger
    littleblackbox is publishing "private keys" that are accessible on publicly available firmwares. Debian calls these "snake-oil" certs. Most of these routers are securing their HTTPS certs with these, and as I think about it, I've never seen one of these internal admin websites with certs that wasn't self signed. Given a webserver on IP 192.168.1.1, how do you secure it to the point that Firefox doesn't offer warnings (and is still secured)?

    Read the article

  • Could it be that "chkrootkit" just doesn't like .hmac, .packlist, and .relocation-tag files?

    - by Danijel
    I just cleaned up my hacked CentOS server (due to not updating since versino 5.3). But still, "chkrootkit" says this: Possible t0rn v8 \(or variation\) rootkit installed /usr/lib/.libfipscheck.so.1.1.0.hmac /usr/lib/.libgcrypt.so.11.hmac /usr/lib/.libfipscheck.so.1.hmac /lib/.libcrypto.so.0.9.8e.hmac /lib/.libssl.so.0.9.8e.hmac /lib/.libssl.so.6.hmac /lib/.libcrypto.so.6.hmac /usr/lib/perl5/site_perl/5.8.8/i386-linux-thread-multi/auto/Text/Iconv/.packlist /usr/lib/perl5/5.8.8/i386-linux-thread-multi/.packlist /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/auto/HTML-Tree/.packlist /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/auto/Font/AFM/.packlist /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/auto/MLDBM/Sync/.packlist /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/auto/MLDBM/.packlist /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/auto/FreezeThaw/.packlist /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/auto/Apache/ASP/.packlist /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/auto/HTML-Format/.packlist /usr/lib/gtk-2.0/immodules/.relocation-tag /usr/lib/python2.4/plat-linux2/.relocation-tag /usr/lib/python2.4/distutils/.relocation-tag /usr/lib/python2.4/config/.relocation-tag Could it be that "chkrootkit" just doesn't like .hmac, .packlist, and .relocation-tag files? Are these realy still infected?

    Read the article

  • Locking down firmware to keep stolen laptop from being formatted?

    - by Matt Ridge
    On the Mac laptops there are ways through the terminal to lock down the computer so that if someone tries to format the computer they won't be able to do it without the password. This way locks down the firmware. Is there a universal way to do the same thing on a PC? I know there are brands out there such as Samsung, Dell, etc that utilize different fimware types, and in turn will mean that their firmware will be locked down differently. That being said is there a "command code" that will allow you to lock the firmware to keep theives from formatting the hard drive and wiping out your data? I know a person who has time, and knowledge can get any password, and hopefully the person is smart enough to use another password to lock down the firmware, but that's not what I'm asking. I'm asking if it's possible, and if so how? Does the standard PC user require a 3rd party app, or can it be done through the command line? Or Terminal if you are on Linux?

    Read the article

  • How to defend agains botnet http requests

    - by Killercode
    I have a server with WHM + CPanel and 5 of my costumer got infected with zbot. This means that the domains they have are constantly receiving requests to certain destinations. I tried to use mod_security but seems that it can't filter every requests... I don't really know why? I still see in the access log the connection comming in and it's consuming a LOT of bandwidth and server load Those accounts have already been clean so all of those requests go to error 404 (the ones catched on mod_security I am dropping the connection). Is there anymore ways to defend against this requests?

    Read the article

  • What is a good solution for an adaptive iptables daemon?

    - by Matt
    I am running a series of web servers and already have a pretty good set of firewall rules set up, however I'm looking for something to monitor the traffic and add rules as needed. I have denyhosts monitoring for bad SSH logins, and that's great - but I'd love something I could apply to the whole machine that would help prevent bute force attacks against my web applications as well, and add rules to block IPs that display evidence of common attacks. I've seen APF, but it looks as though it hasn't been updated in several years. Is it still in use and would it be good for this? Also, what other solutions are out there that would manipulate iptables to behave in some adaptive fashion? I'm running Ubuntu Linux, if that helps.

    Read the article

  • Software Engineer's explanation of Facebook photo privacy, with UML diagram?

    - by Alex R
    Facebook photo privacy is more complex than most people think - including the bloggers who fill the Internet trying to explain it in simple terms. Not only there is the basic album-level privacy setting to consider, but also what happens with Tagging (and related privacy settings) as well as the Share button when clicked by a Friend. Has anybody seen a good, engineering-type (e.g. UML) diagram? I envision it should include the various privacy "states" a photo can be in, what causes state transitions, and the characteristics of each state? Thanks

    Read the article

  • Trouble getting started with the STEALTH monitoring package

    - by dlanced
    Is anyone here familiar with the Linux-based STEALTH package (for monitoring FS integrity of client systems)? I'm trying to get started with a very simple configuration, but I'm running into trouble (this is running under Ubuntu 14.04): Config line `USE BASE/root/stealth/10.0.0.79' invalid STEALTH (2.11.02) started at Fri, 30 May 2014 15:25:00 +0000 Program terminated due to non-zero exit value for -type f -exec /usr/bin/sha1sum {} \; (EOC Fri May 30 15:25:00 2014 127) Stealth is creating a binary tmp file in the Stealth server root and generating a "report" file in the start directory, but not much else. Regarding the "USE BASE...invalid" error, and just to be sure, I manually created the directories in /root, but it didn't help. And, by the way, I am running stealth with sudo. Everything seems to be configured correctly: I'm able to ssh into root@client from the stealth machine without a password Here's my "policy" file (I've removed the email directives just for simplicity): DEFINE SSHCMD /usr/bin/ssh [email protected] -T -q exec /bin/bash --noprofile DEFINE EXECSHA1 -xdev -perm +u+s,g+s ( -user root -or -group root ) \ -type f -exec /usr/bin/sha1sum {} \; USE BASE/root/stealth/10.0.0.79 USE SSH ${SSHCMD} USE DD /bin/dd USE DIFF /usr/bin/diff USE PIDFILE /var/run/stealth- USE REPORT report USE SH /bin/sh GET /usr/bin/sha1sum /root/tmp LABEL \nchecking the client's /usr/bin/find program CHECK LOG = remote/binfind /usr/bin/sha1sum /usr/bin/find LABEL \nsuid/sgid/executable files uid or gid root on the / partition CHECK LOG = remote/setuidgid /usr/bin/find / ${EXECSHA1} LABEL \nconfiguration files under /etc CHECK LOG = remote/etcfiles \ /usr/bin/find /etc -type f -not -perm /6111 \ -not -regex "/etc/(adjtime\|mtab)"\ -exec /usr/bin/sha1sum {} \; Any ideas? Thanks,

    Read the article

  • Is it okay to use an administrator account for everyday use if UAC is on?

    - by Valentin Radu
    Since I switched to Windows 7 about 3 years ago, and now using Windows 8.1, I have become familiar with the concept of User Account Control and used my PC the following way: a standard account which I use for every day work and the built-in Administrator account activated and used only to elevate processes when they request so, or to ”Run as administrator” applications when I need to. However, recently after reading more about User Account Control, I started wondering if my way of working is good? Or should I use an administrator account for every day work, since an administrator account is not elevated until requested by apps, or until I request so via the ”Run as administrator” option? I am asking this because I read somewhere that the built-in Administrator account is a true administrator, by which I mean UAC doesn't pop up when logged in within it, and I am scared of not having problems when potential malicious software come into scene. I have to mention that I do not use it on a daily basis, just when I need to elevate some apps. I barely log in into it 10 times a year... So, how's better? Thanks for your answers! And Happy New Year, of course! P.S. I asked this a year ago (:P) and I think I should reiterate it: is an administrator account as safe these days as a standard account coupled with the built-in Administrator account when needed?

    Read the article

  • Why some recovery tools are still able to find deleted files after I purge Recycle Bin, defrag the disk and zero-fill free space?

    - by Ivan
    As far as I understand, when I delete (without using Recycle Bin) a file, its record is removed from the file system table of contents (FAT/MFT/etc...) but the values of the disk sectors which were occupied by the file remain intact until these sectors are reused to write something else. When I use some sort of erased files recovery tool, it reads those sectors directly and tries to build up the original file. In this case, what I can't understand is why recovery tools are still able to find deleted files (with reduced chance of rebuilding them though) after I defragment the drive and overwrite all the free space with zeros. Can you explain this? I thought zero-overwritten deleted files can be only found by means of some special forensic lab magnetic scan hardware and those complex wiping algorithms (overwriting free space multiple times with random and non-random patterns) only make sense to prevent such a physical scan to succeed, but practically it seems that plain zero-fill is not enough to wipe all the tracks of deleted files. How can this be?

    Read the article

  • Does anyone know how to "tcpdump" traffic decrypted by Mallory MITM? [migrated]

    - by chriv
    I'm looking for some help in capturing network traffic that I can analyze in Wireshare (or other tools). The tool I'm using is mallory. If anyone is familiar with mallory, I could use some help. I've got it configured and running correctly, but I don't know how to get the output that I want. The setup is on my private network. I have a VM (running Ubuntu 12.04 - precise) with two NICs: eth0 is on my "real" network eth1 is only on my "fake" network, and is using dnsmasq (for DNS and DHCP for other devices on the "fake" network) Effectively eth0 is the "WAN" on my VM, and eth1 is the "LAN" on my VM. I've setup mallory and iptables to intercept, decrypt, encrypt and rewrite all traffic coming in on destination port 443 on eth1. On the device I want intercepted, I have imported the ca.cer that mallory generated as a trusted root certificate. I need to analyze some strange behavior in the HTTPS stream between the client and server, so that's why mallory is setup in between for this MITM. I would like to take the decrypted HTTPS traffic and dump it to either a logfile or a socket in a format compatible with tcpdump/wireshark (so I can collect it later and analyze it). Running tcpdump on eth1 is too soon (it's encrypted), and running tcpdump on eth2 is too late (it's been re-encrypted). Is there a way to make mallory "tcpdump" the decrypted traffic (in both directions)?

    Read the article

  • Managing service passwords with Puppet

    - by Jeff Ferland
    I'm setting up my Bacula configuration in Puppet. One thing I want to do is ensure that each password field is different. My current thought is to hash the hostname with a secret value that would ensure each file daemon has a unique password and that password can be written to both the director configuration and the file server. I definitely don't want to use one universal password as that would permit anybody who might compromise one machine to get access to any machine through Bacula. Is there another way to do this other than using a hash function to generate the passwords? Clarification: This is NOT about user accounts for services. This is about the authentication tokens (to use another term) in the client / server files. Example snippet: Director { # define myself Name = <%= hostname $>-dir QueryFile = "/etc/bacula/scripts/query.sql" WorkingDirectory = "/var/lib/bacula" PidDirectory = "/var/run/bacula" Maximum Concurrent Jobs = 3 Password = "<%= somePasswordFunction =>" # Console password Messages = Daemon }

    Read the article

  • secure user-authentication in squid: The Story

    - by Isaac
    once upon a time, there was a beautiful warm virtual-jungle in south america, and a squid server lived there. here is an perceptual image of the network: <the Internet> | | A | B Users <---------> [squid-Server] <---> [LDAP-Server] When the Users request access to the Internet, squid ask their name and passport, authenticate them by LDAP and if ldap approved them, then he granted them. Everyone was happy until some sniffers stole passport in path between users and squid [path A]. This disaster happened because squid used Basic-Authentication method. The people of jungle gathered to solve the problem. Some bunnies offered using NTLM of method. Snakes prefered Digest-Authentication while Kerberos recommended by trees. After all, many solution offered by people of jungle and all was confused! The Lion decided to end the situation. He shouted the rules for solutions: Shall the solution be secure! Shall the solution work for most of browsers and softwares (e.g. download softwares) Shall the solution be simple and do not need other huge subsystem (like Samba server) Shall not the method depend on special domain. (e.g. Active Directory) Then, a very resonable-comprehensive-clever solution offered by a monkey, making him the new king of the jungle! can you guess what was the solution? Tip: The path between squid and LDAP is protected by the lion, so the solution have not to secure it. Note: sorry for this boring and messy story! /~\/~\/~\ /\~/~\/~\/~\/~\ ((/~\/~\/~\/~\/~\)) (/~\/~\/~\/~\/~\/~\/~\) (//// ~ ~ \\\\) (\\\\( (0) (0) )////) (\\\\( __\-/__ )////) (\\\( /-\ )///) (\\\( (""""") )///) (\\\( \^^^/ )///) (\\\( )///) (\/~\/~\/~\/) ** (\/~\/~\/) *####* | | **** /| | | |\ \\ _/ | | | | \_ _________// Thanks! (,,)(,,)_(,,)(,,)--------'

    Read the article

  • How to use basic auth for single file in otherwise forbidden Apache directory?

    - by mit
    I want to allow access to a single file in a directory that is otherwise forbidden. This did not work: <VirtualHost 10.10.10.10:80> ServerName example.com DocumentRoot /var/www/html <Directory /var/www/html> Options FollowSymLinks AllowOverride None order allow,deny allow from all </Directory> # disallow the admin directory: <Directory /var/www/html/admin> order allow,deny deny from all </Directory> # but allow this single file:: <Files /var/www/html/admin/allowed.php> AuthType basic AuthName "private area" AuthUserFile /home/webroot/.htusers Require user admin1 </Files> ... </VirtualHost> When I visit http://example.com/admin/allowed.php I get the Forbidden message of the http://example.com/admin/ directory. How can I make an exception for allowed.php? If not possible, maybe I could enumerate all forbidden files in another Files directive? Let's say admin/ contains also user.php and admin.php which should be forbidden in this virtual host.

    Read the article

  • Got Hacked. Want to understand how.

    - by gaoshan88
    Someone has, for the second time, appended a chunk of javascript to a site I help run. This javascript hijacks Google adsense, inserting their own account number, and sticking ads all over. The code is always appended, always in one specific directory (one used by a third party ad program), affects a number of files in a number of directories inside this one ad dir (20 or so) and is inserted at roughly the same overnight time. The adsense account belongs to a Chinese website (located in a town not an hour from where I will be in China next month. Maybe I should go bust heads... kidding, sort of), btw... here is the info on the site: http://serversiders.com/fhr.com.cn So, how could they append text to these files? Is it related to the permissions set on the files (ranging from 755 to 644)? To the webserver user (it's on MediaTemple so it should be secure, yes?)? I mean, if you have a file that has permissions set to 777 I still can't just add code to it at will... how might they be doing this? Here is a sample of the actual code for your viewing pleasure (and as you can see... not much to it. The real trick is how they got it in there): <script type="text/javascript"><!-- google_ad_client = "pub-5465156513898836"; /* 728x90_as */ google_ad_slot = "4840387765"; google_ad_width = 728; google_ad_height = 90; //--> </script> <script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script> Since a number of folks have mentioned it, here is what I have checked (and by checked I mean I looked around the time the files were modified for any weirdness and I grepped the files for POST statements and directory traversals: access_log (nothing around the time except normal (i.e. excessive) msn bot traffic) error_log (nothing but the usual file does not exist errors for innocuous looking files) ssl_log (nothing but the usual) messages_log (no FTP access in here except for me)

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 170 171 172 173 174 175 176 177 178 179 180 181  | Next Page >