Search Results

Search found 41147 results on 1646 pages for 'database security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 220/1646 | < Previous Page | 216 217 218 219 220 221 222 223 224 225 226 227  | Next Page >

  • vagrant and puppet security for ssl certificates

    - by Sirex
    I'm pretty new to vagrant, would someone who knows more about it (and puppet) be able to explain how vagrant deals with the ssl certs needed when making vagrant testing machines that are processing the same node definition as the real production machines ? I run puppet in master / client mode, and I wish to spin up a vagrant version of my puppet production nodes, primarily to test new puppet code against. If my production machine is, say, sql.domain.com I spin up a vagrant machine of, say, sql.vagrant.domain.com. In the vagrant file I then use the puppet_server provisioner, and give a puppet.puppet_node entry of “sql.domain.com” to it gets the same puppet node definition. On the puppet server I use a regex of something like /*.sql.domain.com/ on that node entry so that both the vagrant machine and the real one get that node entry on the puppet server. Finally, I enable auto-signing for *.vagrant.domain.com in puppet's autosign.conf, so the vagrant machine gets signed. So far, so good... However: If one machine on my network gets rooted, say, unimportant.domain.com, what's to stop the attacker changing the hostname on that machine to sql.vagrant.domain.com, deleting the old puppet ssl cert off of it and then re-run puppet with a given node name of sql.domain.com ? The new ssl cert would be autosigned by puppet, match the node name regex, and then this hacked node would get all the juicy information intended for the sql machine ?! One solution I can think of is to avoid autosigning, and put the known puppet ssl cert for the real production machine into the vagrant shared directory, and then have a vagrant ssh job move it into place. The downside of this is I end up with all my ssl certs for each production machine sitting in one git repo (my vagrant repo) and thereby on each developer's machine – which may or may not be an issue, but it dosen't sound like the right way of doing this. tl;dr: How do other people deal with vagrant & puppet ssl certificates for development or testing clones of production machines ?

    Read the article

  • Understanding Security Certificates (and thier pricing)

    - by John Robertson
    I work at a very small company so certificate costs need to be absolutely minimal. However for some applications we do Need to have our customers get that warm fuzzy not-using-a-self-signed certificate feeling. Since creating a "certificate authority" with makecert really just means creating a public/private key pair, it seems pretty clear that creating a public/private key pair FROM such a "certificate authority" really just means generating a second public/private key pair and signing both with the private key that belongs to the "certificate authority". Since the keys are signed anyone can verify they came from the certificate authority I created, or if verisign gave me the pair they sign it with one of their own private keys, and anyone can use verisigns corresponding public key to confirm verisign as the source of the keys. Given this I don't understand when I go to verisign or godaddy why they have rates only for yearly plans, when all I really want from them is a single public/private key pair signed with one of their private keys (so that anyone else can use their public keys to confirm that, yes, they gave me that public/private key pair and they confirmed I was who I said I was so you can trust my public/private key pair as belonging to a legitimate third party). Clearly I am misunderstanding something, what is it? Does verisign retire their public/private key pairs periodically so that my verisign signed key pair "expires" and I need new ones? Edit: I learned that the certificate has an internal expiration date and it also maintains an internal value stating whether it can be used to sign other certificates (i.e. sign other private/public key pairs stored as certificates). Can't I get a few (even one) non-signing certificate signed by someone like verisign that I can use for authentication/encryption without a yearly subscription?

    Read the article

  • Security and data backup for Ubuntu usb installation

    - by AMS949
    Due to encryption on my corporate laptop I opted to install Ubuntu 9.10 on a flash drive and just use it as my hard drive. I tried the vmware but it crashed my xp a couple of times. Now I have a couple of concerns since I am totally new to Ubuntu and Linux. First, would it be possible for me to transfer my installation to a new usb drive? I now have a 4gb and it may get filled up soon, I don't seem to be able to see my actual files when I browse the usb drive. I also tried copying all files from this usb to another and boot from it but that failed. Second, whenever the system boots up I am never prompted for a password, it is always the username ubuntu. Which I guess means if I lose my usb drive my data is open wide. Is there a way to secure it or to use users and groups as on a regular hard drive installation? As a background, I created this by going into a working Ubuntu installation, System - Administration - USB Starter Disk Creator (was that the right way to start with?) Thanks!

    Read the article

  • SOHO Netflix and network security

    - by TW
    I want to use WIFI for HiDef video, but I don't trust it for my office PC's. I've heard of VLANs but I have no idea how to set it up or what (SOHO) hardware to buy. Other than getting 2 different DSL lines, how can I be absolutely sure that the PC side doesn't get hacked? What if I want to use MS Home server as a backup device for both sides? Can I make it "read only" for the PC side, and physically change the cable if I need to restore? TW

    Read the article

  • SQL 2008 Datawarehouse Collection Agent Fails with Mirrored Databases on instance

    - by Dale Wright
    I have a data collection job that fails when a Database on the instance is in Recovery Mode. The database in recovery is the MIRROR partner in the database mirror. The Job that fails is as follows. collection_set_1_noncached_collect_and_upload The job consists of the following steps dcexec -u -s 1 -i "INSTANCE03" EXEC [dbo].[sp syscollector purge collection logs] dcexec -u -s 1 -i "INSTANCE03" The job fails at Step 1. I have run the steps manually and they all appear to be ok. If I change the mirror database to be the principal the job completes successfully.

    Read the article

  • Install Sybase SQL Anywhere 11 as windows service

    - by student
    we are using Sybase SQL Anywhere 11. I am using command line to install/init database, dbinit -dba %username%,%pwd% -p 4k %dbLocation%, and start database server, dbsrv11 %dbLocation%, in a batch file. What I really want is install my database as Windows service and can be start/running automatically when machine get reboot. But I want to keep using batch for easy intall/uninstall/change it. Any Sybase expert here?

    Read the article

  • Jungledisk file transfer security

    - by JC
    Does JungleDisk use https for file transfers? If so, does this mean a 3rd party cannot intercept content or even file names of files being backed up? (assume JungleDisks encrypt option is not being used)

    Read the article

  • Networked filesystem with user level security for linux

    - by Konrads
    Hi, I want to enable file sharing between servers and clients, both linux. I don't want to rely on machine trust like in NFSv4 because client users will have root privileges. What are my options besides SMB (SAMBA)? Does OpenAFS support user level authentication & access? Using mounted WebDAV/ftp/sshfs seems silly for LAN.

    Read the article

  • Grant users access to mysql with a dash in the database name

    - by Matt
    Unfortunately, I have a database name with a dash in it. How do I grant access to that database as mysql reports a syntax error. e.g. grant select,insert,update,delete on astpp.* to 'portal'@'localhost' identified by 'Ab7g12Xh35' with grant option; works, but grant select,insert,update,delete on astpp-eth01.* to 'portal'@'localhost' identified by 'Ab7g12Xh35' with grant option; Does not. Neither does: grant select,insert,update,delete on 'astpp-eth01'.* to 'portal'@'localhost' identified by 'Ab7g12Xh35' with grant option;

    Read the article

  • Security: Managing network shares remotely on Ubuntu?

    - by Industrial
    Hi everyone, I am about to setup a home network server running Ubuntu Server and I'm currently a bit worried about how to handle network shares and permissions in a good way. After working a bit lately with Netgears ReadyNAS's units, I have become really spoiled with how easy it was to set up network shares and giving a specific user different levels of network access to a specific share (forbidden access, read, read/write). How would I accomplish the same with my Ubuntu server through SSH? Thanks a lot

    Read the article

  • re-point LM to a new vCenter (share same database)

    - by CapiZikus
    1) I'm planning to create a new vCenter server which database point to the same db as current vCenter (the one LM pointing to atm), Then I'm planning to repoint the LM to a new vCenter, ( the new one will see the same esx host, datastore, etc) Is LM will be okay if I do this? 2) The currect VC is a dediated server and a new vCenter will be VM, the current vCenter has database installed on local machine (inc update manager as well) I'm planning to move the local db to cluster db then point the current vCenter to this new cluster and make sure everything is working before promote a new one. Update manager will also has it own VM and point to a new db cluster. Is anythingelse I miss out or need to pay more attention on? thanks

    Read the article

  • SQL Server Management Studio Reports: Why no open transactions?

    - by Sleepless
    On a server with several hundred user connections, when I open the SQL Server 2008 SP1 Management Studio report "Database - User Statistics", the result page shows the following results: Login Name: appUser Active Sessions: 243 Active Connections: 243 Open Transactions: 374 Still, when I open the report "Database - All Transactions" on the same DB, it doesn't show any connections ("Currently, there are no transactions running for [Database Name] Database"). What gives? Is this a bug in Management Studio? This is not the only report where this kind of behavious happens... Thanks all!

    Read the article

  • Database modularity with EBS volumes

    - by Eclyps19
    I would like to add modularity to my websites on EC2 instances by encapsulating the site files and the mysql files in their own EBS volumes. The end result that I'm going for is the ability to quickly mount a volume or two to different servers running the same AMI (for testing/development/emergency maintenance, etc), as well as maintain separate snapshots of each. I'm able to do this fairly easily with a single database by symlinking my mounted database EBS to the appropriate places (/var/lib/mysql, /etc/my.cnf, /var/log/mysqld.log), but I'm not sure if it would even be possible be possible to have multiple databases on different EBS volumes running concurrently. Example: /website1/www.website.com /database1/ /website2/www.otherwebsite.com /database2/ Could anybody shed some light on this for me? Is it possible? Is it a bad idea? Thanks.

    Read the article

  • Using SQL Server specific code in Access linked to SQL Server database

    - by Brennan Vincent
    Hi, I have an access file that is linked (through an ODBC connection) to a SQL Server 2008 database. I am trying to write some reports against this database. However, Access chokes when I write the select query of the report with SQL syntax specific to SQL Server that doesn't exist in access. Shouldn't this work, since it's the SQL Server engine running the queries and just sending the data back to Access to display? Is there any way to get this to work? Need this to work on any combination of Access 2007 and 2010, and SQL Server 2005 and 2008. Edit Note: I cannot create a SQL Server stored procedure or function, or otherwise modify the original (SQL Server) schema in any way.

    Read the article

  • VS 2010 Security Warning When Opening My Own Projects

    - by Zian Choy
    Whenever I try to open my own projects in VS 2010 Express, I get the following message: You should only open projects from a trustworthy source I can click OK on the message and open the solution, but I would prefer to not get warned every time I open my solution. The files were not downloaded from the Internet; they are sitting right on my department's network drive. There's nothing to unblock if I look at the Properties window for the project file. Any tips for squashing this bug will be appreciated.

    Read the article

  • Can I grant permissions on files in windows 7 using a security identifier from another machine

    - by Thomas
    I have an external hard drive, and I wish to grant permissions on some files to users from 2 different computers without having to hook it up to the 2 different computers. I know the SID of the user on the other computer, I'd like to know if and how I can grant permissions to files using the SID. I'm running Windows 7 Professional 64 bits, and "The Other" computer Win 7 Home Premium 64 bits, they are not in a domain, but separate computers on a home network (not even same homegroup). Note: Duplicated question with: Is there a way to give NTFS file permissions to users from other Windows installations?

    Read the article

  • Virus cleanup + dying drive = XP Automatic Updates crashing in esent.dll

    - by quack quixote
    Background I'm doing system recovery on an old WinXP SP1 system brought to me on suspicion of virus infection. After taking preliminary backups, I used MalwareBytes to detect and clean the infection. I might've even gotten it all. In the process, I've discovered (a) the system drive is showing signs of impending failure, and (b) the owner has been using the system's old crusty IE-6 instead of the up-to-date Firefox I've provided for him. So naturally, thinking I had a relatively stable system, I tried to hit the Windows Update site to install IE-8, in case further training doesn't stick. The update site told me it needed to update the installer, and I started that process. Soon after, wuauclt.exe started crashing, reporting addresses in module esent.dll. There's a Microsoft KB (910437) on a problem with that DLL, so I downloaded the hotfix and installed. The crashing did not stop. I attempted to install SP3 from the offline installer, but that didn't fix the issue either. The system is reporting a few hard drive / IDE controller errors, but they don't correlate to the crashes, so they aren't the direct cause. I've also attempted to rollback to the time between the infection removal and the first crashes, but that doesn't help. Question The hotfix I tried to install dealt with problem in transaction logs of the Extensible Storage Engine (ESE) database. I suspect this issue is similar, but that the database itself (whatever the ESE database is) is corrupted. Is there a way to clean or clear this database so that system operation returns to normal? Can someone enlighten me as to what the ESE database actually is, and where it resides? Can I just locate some files and delete them to bring this under control?

    Read the article

  • How does geolocation based on IP address work?

    - by Martin
    As all Internet users, I've visited web sites which appear to know in which country and city I'm located. I understand that these web sites typically look up my IP address in a database which maps IP address to country / city which works fairly well. I've also seen companies selling this type of database. How is this database, which maps an IP address to a country / city, created in the first place? Is there a central database somewhere where each ISP registers the link between IP address and country/city? Or does the companies selling geolocation databases contact different ISP's and purchase the mapping information from them? Or is there some organization 'above' ISP's who keeps track of this?

    Read the article

  • Cannot open SQL 2005 database in SQL server Management Studio 2008 R2 on Windows 7

    - by Darryl Lawrence
    I have Windows 7 64bit as my OS + SQL Server 2008 R2 installed. I can connect to SQL Databases (2008), but cannot connect to a SQL 2005 database. I can, however, connect to the 2005 SQL Database on a PC that has Windows XP as the OS and also has SQL Server 2008 R2 installed. So it seems that it works fine on XP but not on Windows 7 (32 or 64bit). is this an Operating System issue? Error message: Cannot connect to OMRSQLV016\PRODSQL002. =================================== A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified) (.Net SqlClient Data Provider) For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&EvtSrc=MSSQLServer&EvtID=-1&LinkId=20476 Error Number: -1 Severity: 20 State: 0

    Read the article

  • Jenkins: Accessed denied after turning on global security. How to revert?

    - by serverFaulter
    Need help figuring this one out. How can I fix this issue? I think I enabled global security and saw this error immediately. (while accessing localhost:8080 I get the following...) A problem occurred while processing the request. Please check our bug tracker to see if a similar problem has already been reported. If it is already reported, please vote and put a comment on it to let us gauge the impact of the problem. If you think this is a new issue, please file a new issue. When you file an issue, make sure to add the entire stack trace, along with the version of Jenkins and relevant plugins. The users list might be also useful in understanding what has happened. Stack trace hudson.security.AccessDeniedException2: anonymous is missing the Overall/Read permission at hudson.security.ACL.checkPermission(ACL.java:54) at hudson.model.Node.checkPermission(Node.java:418) at jenkins.model.Jenkins.getTarget(Jenkins.java:3658) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:656) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:858) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:631) at org.kohsuke.stapler.Stapler.service(Stapler.java:225) at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:686) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1494) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:96) at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:88) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:48) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:46) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1474) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) at org.eclipse.jetty.server.Server.handle(Server.java:370) at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489) at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:949) at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1011) at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644) at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235) at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668) at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918) at java.lang.Thread.run(Thread.java:695)

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 216 217 218 219 220 221 222 223 224 225 226 227  | Next Page >