Search Results

Search found 22139 results on 886 pages for 'security testing'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 211/886 | < Previous Page | 207 208 209 210 211 212 213 214 215 216 217 218  | Next Page >

  • Users in ubuntu; Cant figure it out

    - by Camran
    I am the only one who will have access to my website. Just installed my VPS and managed to get most stuff working. However, stuck on the "members" part. Currently, everything has been done as "root". I have read posts that I should create a user, because root isn't ideal. I have found thousand guides on how to create a user, but now what to do next. 1- Should I create a user with adduser username and then add the user to a group? But which group? 2- And will the user then be able to do everything as I have done logged on as "root"? 3- And somebody plz explain what "sudo" has to do with this? (if anything at all) Thanks

    Read the article

  • How to reliably keep an SSH tunnel open?

    - by Peltier
    I use an SSH tunnel from work to go around various idotic firewalls (it's ok with my boss :)). The problem is, after a while the ssh connection usually hangs, and the tunnel is broken. If I could at least monitor the tunnel automatically, I could restart the tunnel when it hangs, but I haven't even figured a way of doing that. Bonus points for the one who can tell me how to prevent my ssh connection from hanging, of course!

    Read the article

  • how to detect device type from connected device to router?

    - by molly
    i have a att router and there is an unknown device connected to my network. i cant seem to kick it off because of how att's router settings are created which is kind of dumb. i am able to see its local ip and mac address. i am on a mac with snow leopard. how can i get more information on the device with the information that i have? i want to see what kind of device it is, i have checked all deviced that are connected to the router and non seem to match the local ip that is connected. i have wpa encryption setup with a strong password.

    Read the article

  • Finding proof of server being compromised by Black Hole Toolkit exploit

    - by cosmicsafari
    I recently took over maintenance of a company server. (Just Host, C Panel, Linux server), theres a tonne of websites on it which i know nothing about. It had came to my attention that a client had attempted to access one of the websites hosted on this server and was met with a warning from windows defender. It had blocked access because it said the website had been compromised by the Black Hole Toolkit or something to that effect. Anyway I went in and updated various plugins and deleted some old suspect websites. I have since ran the website in question through a few online malware scanners and its comes up clean everytime. However im not convinced. Do any of you guys know extensive ways i can check that the server isn't still compromised. I have no way to install any malware scanners or anti virus programs on the server as it is horribly locked down by Just Host.

    Read the article

  • Configuring linux server firewall to allow access from a certain range of IP addresses

    - by eggman20
    Hi Guys, I'm new to linux server. I'm currently trying to get an Ubuntu 10.10 server up and running for the first time and I'm using Webmin for administration. I'm stuck on the setting up the firewall. What I need to do is to ONLY allow a range of IPs (e.g 128.171.21.1 - 128.171.21.100) to access the HTTP server and Webmin. I've seen a lot of tutorials but none of them fits what I needed. Thanks in advance!

    Read the article

  • Windows: View "all" permissions of a specific user or group

    - by peterchen
    For a Windows domain, is there a way to see for a certain user or group, where the user/group has permissions? Primarily: List which files / folders the user can access on a certain network share. (Kind of a recursive "effective permissions") However, other permissions would be cool as well. I believe I've seen such a tool in action, but I can't remember anything beyond that - so this might be a false memory. Recommendations?

    Read the article

  • How to set up Drupal Plugin Manager on MAMP in a secure way?

    - by Andrei
    Hi, I use MAMP PRO as global webserver. First of all, is it a good idea? Secondly, my objective is to run a Drupal website with as easy management as possible. Now I want to use Plugin Manager module to install additional modules and themes for my website. It wants to use ftp for that, and I know that if I open access to FTP port then IT-department guys will come to me and ask to shut it down. So I wonder if there is a way to allow Plugin Manager to install modules, having the port 21 closed somehow?

    Read the article

  • Recommended offline on-demand virus scanners

    - by ashh
    I have never run full anti-virus on my Windows XP systems. Instead I use various anti-malware tools to manually perform scans every few weeks. This approach, combined with Windows updates and general care about what web-sites I visit and what files I download has kept me 99% free of problems. The remaining 1% has occurred when I download files that I know may contain malware, but still decide the risk is worth it. When on 2 occasions in 10 years I did get caught doing this, I realised that being able to easily scan them would most likely have avoided getting infected. I don't need, or want, to run a "stay resident" anti-virus. Also, the online scanners such as Kaspersky etc limit uploads to small files, so these are not always useful. In summary I would like to simply be able to download a file and then manually initiate an on demand anti-virus scan, on the downloaded file only. I'm sure some/most Anti-Virus do both, however once again I don't really want to pay for or need the stay resident part. Any recommendations (commercial or free)? UPDATE: This is not an exact duplicate, nor a possible duplicate. I searched for and read other questions on anti-virus here at SuperUser and found none that answered my question. I am specifically asking about anti-virus scanners that run ON-DEMAND locally on the computer, not online scanners.

    Read the article

  • Putting a Windows DC, Exchange in a DMZ

    - by blsub6
    I have one guy at my company telling me that I should put FF:TMG in between my main Internet-facing firewall (Cisco 5510) and put my Exchange server and DC on the internal network. I have another guy telling me that I should put the Exchange server and DC in a DMZ I don't particularly like the idea of having my mailboxes and DC's usernames/passwords in a DMZ and I think that Windows authentication would require me opening up so many ports between my DMZ and my internal network that it would be a moot point to have it out there anyways. What are some thoughts? How do you have it set up?

    Read the article

  • Retrieve malicious IP addresses from Apache logs and block them with iptables

    - by Gabriel Talavera
    Im trying to keep away some attackers that try to exploit XSS vulnerabilities from my website, I have found that most of the malicious attempts start with a classic "alert(document.cookie);\" test. The site is not vulnerable to XSS but I want to block the offending IP addresses before they found a real vulnerability, also, to keep the logs clean. My first thought is to have a script constantly checking in the Apache logs all IP addresses that start with that probe and send those addresses to an iptables drop rule. With something like this: cat /var/log/httpd/-access_log | grep "alert(document.cookie);" | awk '{print $1}' | uniq Why would be an effective way to send the output of that command to iptables? Thanks in advance for any input!

    Read the article

  • Windows XP: Consequences of setting a password for an account

    - by sleske
    I do not quite understand how Windows (specifically Windows XP) handles accounts with/without passwords. As far as I can see, on a fresh Windows XP install I have one default account which has admin rights does not have a password will auto-login (without password prompt) when the computer boots What happens if I set a password for this account? Will it still auto-login? Or will it always prompt for the PW? And generally, what consequences does it have if I set a password? I noted that Scheduled Tasks apparently cannot run under an account w/o password (creating a scheduled task will prompt for the account PW). Is there anything that will not work with a password set? Why is it even possible to have accounts without a password? I have some Unix/Linux background, but the concepts appear a little different under Windows.

    Read the article

  • Can remote LogMeIn Hamachi users access our local LAN?

    - by Kev
    Unknown to me, one of the kids has installed LogMeIn Hamachi on his PC so that he can access and play on his pal's Minecraft server, and vice versa. One of the things I did was disable the Client for Microsoft Networks and File and Printer Sharing for Microsoft Networks on the Hamachi NIC in Windows 7's Network Connections. However, my lack of fu when it comes to these types of services is leaving me feeling a little uncomfortable about him using this. Is there anything I should be worried about here? For example, can his friends access our local LAN (which has a number of NAS boxes with unsecured shares) and get up to no good?

    Read the article

  • Windows Server 2008 r2 Hardening [on hold]

    - by Natasha
    I have created windows server 2008 r2, running on VM, Where Running services in Server Manager 1) File services ( in Role) 2) Telnet Client ( Features) Windows Firewall Disabled and we are using TOMCAT APACHE WEB SERVER, here i want to harden the windows server, While running SCW by simply clicking with default NEXT, at last when i have clicked SAVE and RUN now in SCW, immediately my remote desktop services disabled. May I Know the things i want to add in Roles,features and finally want to harden windows ? and also what about audit policy and network settings in that ? Please help me out, Don't Ignore.

    Read the article

  • How secure is Remote Desktop from OSX to Windows Server 2003?

    - by dwhsix
    It's unclear to me exactly how secure Remote Desktop access from OSX to a Windows Server 2003 machine is. Is the communication encrypted by default? What level of encryption? Are there best practices for making this as secure as possible? I found http://www.mobydisk.com/techres/securing_remote_desktop.html but it's unclear how much of that is still relevant for current versions of RDP and Windows Server. I know I can tunnel RDP over ssh, but is that overkill or redundant? Thanks...

    Read the article

  • Enabling Bitlocker in Native VHD Boot

    - by Trevor Sullivan
    I have a laptop with a single hard drive, using the GUID Partition Table (GPT) disk layout, with the following partitions: 120MB EFI System Partition 300MB Microsoft Reserved Partition (MSR) Remainder - GPT primary partition I have a Windows 8 Professional VHD configured as a native-boot VHD on the GPT primary partition. Can I use Bitlocker to encrypt my main partition, or to encrypt the VHD volume?

    Read the article

  • Can Solaris RBAC roles be ported to Linux using SElinux only?

    - by Jimmy
    We are migrating an application from Solaris to Linux and the main user is allowed, through the use of RBAC roles, to run a few system commands like svccfg/svcadm (chkconfig on redhat). Is it possible, using only SElinux (no sudo), to allow a normal user to run chkconfig off/on (basically give it the ability to add remove services) ? My approach was to try to create an SElinux user with a corresponding SElinux role that manages the app's domain/type and is allowed to transition to all other domains required to run chkconfig, tcpdump or any other system utility usually restricted to root access only. All my attempts so far have failed, so my second question would be where could I find good documentation that applies to this specific problem ?

    Read the article

  • How to detect device type from device connected to router?

    - by molly
    I have a att router and there is an unknown device connected to my network. I can't seem to kick it off because of how att's router settings are created which is kind of dumb. I am able to see its local ip and mac address. I am on a mac with snow leopard. How can I get more information on the device with the information that I have? I want to see what kind of device it is, I have checked all devices that are connected to the router and none seem to match the local ip that is connected. I have WPA encryption setup with a strong password.

    Read the article

  • In Windows XP, is it possible to disable user credential caching for particular users

    - by kdt
    I understand that when windows caches user credentials, these can sometimes be used by malicious parties to access other machines once a machine containing cached credentials is compromised, a method known as "pass the hash"[1]. For this reason I would like to get control over what's cached to reduce the risk of cached credentials being used maliciously. It is possible to prevent all caching by zeroing HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\CachedLogonsCount, but this is too indiscriminate: laptops users need to be able to login when away from the network. What I would like to do is prevent the caching of credentials of certain users, such as administrators -- is there any way to do that in Windows XP? http://www.lbl.gov/cyber/systems/pass-the-hash.html

    Read the article

  • How can I protect files on my NGiNX server?

    - by Jean-Nicolas Boulay Desjardins
    I am trying to protect files on my server (multiple types), with NGiNX and PHP. Basically I want people to have to sign in to the website if they want to access those static files like images. DropBox does it very well. Where by they force you to sign in to access any static files you put on there server. I though about using NGiNX Perl Module. And I would write a perl script that would check the session to see if the user was sign in to give them access to a static file. I would prefer using PHP because all my code is running under PHP and I am not sure how to check a session created by PHP with PERL. So basically my question is: How can I protect static files of any types that would need the user to have sign in and have a valid session created with a PHP script?

    Read the article

  • How to report a malicious site to Google, Microsoft, Mozilla, etc. so that they will warn users

    - by Jayapal Chandran
    I completed a project a year ago. Now a few modification were needed. While trying to test the site, there was an index.html file with a malicious script which had an iframe to another site's jar file. Kaspersky antivirus blocked it. I browsed via ftp to find the file and I deleted it. I also disabled directory listing. Maybe the ftp details of the site owner would have been hacked. I want to report this site to Google, Microsoft, Mozilla, and other antivirus providers. How do I do that? I hope kaspersky would have updated it in their database, but I still want to explicitly report this. Here is the popup kaspersky showed:

    Read the article

  • This operation has been cancelled due to restrictions in effect on this computer

    - by Dan
    I have this HUGELY irritating problem on Windows 7 (x64). Whenever I click on ANY link (that exists on a Word document, Excel or Outlook), I get an alert box with the message: This operation has been canceled due to restrictions in effect on this computer I have been scouring my settings and the Internet for a solution, but to no avail. What is the reason for this problem? It even happens when I click anchors in word document. That is, I can't even click on an entry in a Table of Contents to go to the appropriate page - I get this same error then. Is this a Windows 7 thing? Is there any way to turn this off?

    Read the article

  • Apache httpOnly Cookie Information Disclosure CVE-2012-0053

    - by John
    A PCI compliance scan, on a CentOS LAMP server fails with this message. The server header and ServerSignature don't expose the Apache version. Apache httpOnly Cookie Information Disclosure CVE-2012-0053 Can this be resolved by simply specifying a custom ErrorDocument for the 400 Bad Request response? How is the scanner determining this vulnerability, is it invoking a bad request then looking to see if it's the default Apache 400 response?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 207 208 209 210 211 212 213 214 215 216 217 218  | Next Page >