Search Results

Search found 97980 results on 3920 pages for 'code security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 222/3920 | < Previous Page | 218 219 220 221 222 223 224 225 226 227 228 229  | Next Page >

  • How to handle user accounts for many sites running on same server

    - by Simon Courtenage
    Background to this question: I want to host multiple e-commerce sites on the same server, each with their own separate customer login application. Each site's login application needs to be secured by SSL. I'm unsure how best to handle this. For example, do I need to acquire a separate SSL certificate for each site (in which case, how do I do this dynamically, as the sites are created), or do I handle this using ONE login gateway-style application, which handles it on behalf of all the sites via a kind of transparent redirect? I'd be grateful for any pointers or advice. Thanks.

    Read the article

  • Windows Server 2003 W3SVC Failing, Brute Force attack possibly the cause

    - by Roaders
    This week my website has disappeared twice for no apparent reason. I logged onto my server (Windows Server 2003 Service Pack 2) and restarted the World Web Publishing service, website still down. I tried restarting a few other services like DNS and Cold Fusion and the website was still down. In the end I restarted the server and the website reappeared. Last night the website went down again. This time I logged on and looked at the event log. SCARY STUFF! There were hundreds of these: Event Type: Information Event Source: TermService Event Category: None Event ID: 1012 Date: 30/01/2012 Time: 15:25:12 User: N/A Computer: SERVER51338 Description: Remote session from client name a exceeded the maximum allowed failed logon attempts. The session was forcibly terminated. At a frequency of around 3 -5 a minute. At about the time my website died there was one of these: Event Type: Information Event Source: W3SVC Event Category: None Event ID: 1074 Date: 30/01/2012 Time: 19:36:14 User: N/A Computer: SERVER51338 Description: A worker process with process id of '6308' serving application pool 'DefaultAppPool' has requested a recycle because the worker process reached its allowed processing time limit. Which is obviously what killed the web service. There were then a few of these: Event Type: Error Event Source: TermDD Event Category: None Event ID: 50 Date: 30/01/2012 Time: 20:32:51 User: N/A Computer: SERVER51338 Description: The RDP protocol component "DATA ENCRYPTION" detected an error in the protocol stream and has disconnected the client. Data: 0000: 00 00 04 00 02 00 52 00 ......R. 0008: 00 00 00 00 32 00 0a c0 ....2..À 0010: 00 00 00 00 32 00 0a c0 ....2..À 0018: 00 00 00 00 00 00 00 00 ........ 0020: 00 00 00 00 00 00 00 00 ........ 0028: 92 01 00 00 ... With no more of the first error type. I am concerned that someone is trying to brute force their way into my server. I have disabled all the accounts apart from the IIS ones and Administrator (which I have renamed). I have also changed the password to an even more secure one. I don't know why this brute force attack caused the webservice to stop and I don't know why restarting the service didn't fix the problem. What should I do to make sure my server is secure and what should I do to make sure the webserver doesn't go down any more? Thanks.

    Read the article

  • A non interactive alternative to makecert.

    - by mark
    Dear ladies and sirs. I have a need to create a self signed certificate non interactively. Unfortunately, the only tool that I know of (makecert) is interactive - it uses GUI to ask for a password. My OS is Windows (from XP to 2008). The only thing close that I managed to find is http://www.codeproject.com/Tips/125982/How-to-run-Makecert-without-password-window.aspx, however, it is still not good. Any ideas?

    Read the article

  • How to create a password-less service account in AD?

    - by Andrew White
    Is it possible to create domain accounts that can only be accessed via a domain administrator or similar access? The goal is to create domain users that have certain network access based on their task but these users are only meant for automated jobs. As such, they don't need passwords and a domain admin can always do a run-as to drop down to the correct user to run the job. No password means no chance of someone guessing it or it being written down or lost. This may belong on SuperUser ServerFault but I am going to try here first since it's on the fuzzy border to me. I am also open to constructive alternatives.

    Read the article

  • When a server gets rooted, should I disconnect network or power?

    - by Aleksandr Levchuk
    When a server gets rooted (e.g. a situation like this), one of the first things that should be done is containment. Quoting from Robert Moir's Answer: "disconnect the victim from its muggers" A server can be contained by pulling the network cable or the power cable. Taking into consideration the need for: Protecting victims from further damage Executing successful forensics (Possibly) Protecting valuable data on the server Which method is better?

    Read the article

  • hard drive forensics tool for linux

    - by Jack
    I am looking for an application I used in 2001. It was a curses application that displayed devices or files in hexadecimal format, and allowed searching through them and other functionality. I can't find anything remotely like this, does anyone have an idea?

    Read the article

  • Is there an apache module to slow down site scans?

    - by florin
    I am administering a few web servers. Each night, random hosts from the Internet are probing them for various vulnerabilities in php, phpadmin, horde, mysqladmin, etc. Is there a way (apache plugin?) to slow down the rate of attack? For SSH, I have a rate limiting rule on the firewall, which does not allow more than three connections per minute. But I don't want to rate limit all HTTP access, only the access that returns 404s. Is there such an apache module?

    Read the article

  • How to create limited user accounts in Linux

    - by James Willson
    I want to create a user account for each of the key programs installed on my debian server. For example, for the following programs: Tomcat Nginx Supervisor PostgreSQL This seems to be recommended based on my reading online. However, I want to restrict these user accounts as much as possible, so that they dont have a shell login, dont have access to the other programs and are as limited as possible but still functional. Would anyone mind telling me how this could be achieved? My reading so far suggests this: echo "/usr/sbin/nologin" /etc/shells useradd -s /usr/sbin/nologin tomcat But I think there may be a more complete way of doing it. EDIT: I'm using debian squeeze

    Read the article

  • Prevent registry changes by users

    - by graf_ignotiev
    Background: I run a small computer lab of 10 computers using Windows 7 x64 Enterprise. Our users are set up as limited users. For additional restrictions, I set up local group policy for non-administrators using the microsoft management console. Problem: Recently, I found out that some of these restrictions had been removed. Reviewing the settings MMC and in ntuser.pol showed that the settings should still be in place. However, the related registry settings were missing in ntuser.dat. I already have registry editing disabled in the GPO (though not in silent mode). Question: What is the best way to deal with this situation? Should I look into preventing registry setting changes? Should I set up registry auditing to found out how these keys are getting changed in the first place? Or should I give up the ghost and write some kind of logon script that enforces registry values if they've been change? Any other ideas?

    Read the article

  • Setting up Shibboleth to secure part of a website

    - by HorusKol
    I've installed the Shibboleth module for apache on Ubuntu 10.04 using aptitude to install libapache2-mod-shib2 as per https://groups.google.com/group/shibboleth-users/browse_thread/thread/9fca3b2af04d5ca8?pli=1 and enabled the module (I have checked in /etc/apache2/mods-enabled) I then proceeded to secure a directory on the server by placing a .htaccess file with the following directives: AuthType shibboleth ShibRequestSetting requireSession 1 Require valid-user Now - I haven't set up an SSL host yet - and I also haven't set up the IdP - but I would expect that the server would block access to this directory - but I'm getting the content without any problems. I have restarted the apache service and I have no errors in the log files.

    Read the article

  • Protecting PHP packages on server

    - by Jack
    Hi, I am a php developer and have recently decided to make one of my Magento extensions commercial. I have downloaded and configured MageParts CEM Server and that is all working perfectly in regard to licencing and delivery of module packages. The only issue is that the directory that the packages are stored in could be accessed by anyone. I tried this in a .htaccess file, but now it is not working. <Files services.wsdl> allow from all </Files> deny from all Clients are receiving a 403 Forbidden response. Have I done something wrong in the .htaccess file or would there be a better way to secure the directory? Any help would be greatly appreciated.

    Read the article

  • mystery Internet traffic to port 445

    - by Ben Collver
    Recently, I noticed traffic from the office network to TCP port 445 on the Internet [a]. Below are the Linux firewall log entries to Facebook's network [b] and Google's network [c]. I would like to identify the source of this traffic. My first guess is that Facebook and Google might be using multiple TCP ports for SSL load balancing. However, I could not confirm this based on the web proxy logs. What else might it be? [a] http://support.microsoft.com/kb/204279 [b] Sep 4 08:30:03 firewall01 kernel: IN=eth0 OUT=eth2 SRC=10.0.0.131 DST=69.171.237.34 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=14287 DF PROTO=TCP SPT=51711 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 [c] Aug 28 06:02:41 firewall01 kernel: IN=eth0 OUT=eth2 SRC=10.0.0.115 DST=173.194.33.47 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=4558 DF PROTO=TCP SPT=49294 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0

    Read the article

  • Windows Server 2012 - SSL Cypher Suite Order Not Long Enough

    - by Sam
    I want to re-order the cypher suites on our new Windows Server 2012 box to help mitigate the BEAST vulnerability for our clients. I went to Local Group Policy => Computer Configuration => Administrative Templates => Network => SSL Configuration Settings, opened SSL Cypher Suite Order, enabled it, and copied the values from the SSL Cypher Suites textbox. I pasted them into notepad, re-ordered them, then copied+pasted them back into the SSL Cypher Suites textbox. However, the box isn't long enough to hold them all, despite the fact that the length didn't change. I would have to drop the last 3 cyphers (SSL_CK_DES_192_EDE3_CBC_WITH_MD5,TLS_RSA_WITH_NULL_SHA256,TLS_RSA_WITH_NULL_SHA) in order for it to fit. Should I just drop them? Other ideas?

    Read the article

  • Looking for a host based network monitor solution

    - by Ole Martin Handeland
    Hi all! Problem So, my hosting company has a network usage graph for my dedicated server. It seems that one day earlier this month, my network usage suddenly spiked with several hundred megabytes transferred (usually it's in the tens, not hundreds). It was probably me, but i just can't be sure who or what it was. Question So my question is; does anyone know of any host based solution for monitoring network usage that would tell me the client's IP-address, the port/service he/she used? What I don't want I'm just guessing that someone will suggest i use nagios, munin, zabbix, cacti, mrtg - I've also looked at those, but a graph over network usage will not give me the answers I'm looking for. :-) Almost there I've already looked at a lot of monitoring solutions, and I've tried [ntop][http://www.ntop.org/], [darkstat][http://unix4lyfe.org/darkstat/] and others. Darkstat just didn't give me the answers. Although it listed a lot of statistics, and i could list the clients - it doesn't show me the network usage for a particular period. Ntop is by far the best I've seen so far - but i think it mostly shows current network usage, not the historical part. I could run apt-get upgrade and download a whole bunch of software, but not see it in the log afterwards.

    Read the article

  • Recommended way to restrict Apache users

    - by Dor
    Following on why should we restrict Apache users, another two questions arises: What is the recommended method of restricting the places Apache users can traverse & read in the file system? What to do against fork bombs and other shell scripting problems? (bash scripting is allowed) My possible solutions (I prefer to know which solution you choose and why): chroot OR mod_chroot disable bash OR use Restricted BASH Please offer another solutions if you find appropriate. (perhaps selinux is?) Current status: Users are allowed to executed bash scripts (via PHP for example) suexec is active Apache requested are served with FastCGI for PHP

    Read the article

  • Is it possible to have a portable plotter that can print QR codes on burlap?

    - by Brian Ballsun-Stanton
    This is a hardware question. Is there a class of plotters that are portable and accept sharpies? The use case: I have a burlap sack. It will be taking very specific potsherds from an archaeological dig. It needs an indelible QR code (or bar code) printed on the burlap. (Stickers have far far too short a lifetime). It was my thought that a plotter that uses sharpies and that works in the field would be the optimal solution for this problem. Is a portable plotter the right solution? If so, who makes them? If not, what is a better solution?

    Read the article

  • hardening a server: disallow password-login for sudoers and log unusual ips

    - by Fabian Zeindl
    Two question regarding sudo-login into an ubuntu-system (debian tips welcome as well): Is it possible to require sudoers on my box to only login with publickey-authentication? Is it possible to log which ip sudoers log in from and check that for "unusual activity" or take actions? I'm thinking about temporarily removing sudo-rights if sudoers don't log in from whitelisted IPs. Or is that too risky to be exploited?

    Read the article

  • Securing ColdFusion for internet facing server

    - by Goyuix
    What do I need to do to tighten down a ColdFusion server for internet facing apps? The only thing that specifically came to mind was to restrict the CFIDE and JRunScripts directories to a local subnet. Are there settings in the administrator I can tweak to make the applications more secure?

    Read the article

  • Bacula Director and Storage in LAN

    - by B14D3
    I have two networks LAN and DMZ.. Machines in DMZ are accesible from internet ( only over http). In LAN I have servers that see all LAN and all DMZ machines but machinse from DMZ don't see any LAN servers. Machines in LAN have access only to all LAN and DMZ, no direct access to internet and no access from internet. DMZ <------ LAN DMZ ----X--->LAN I'm planning to configure Bacula as major backup system. My plan is to install Bacula Director and Storage deamon on the same server in LAN for safety reasons. So my question is: Will this configuration work, is it posible for bacula director and storage deamon installed on server in LAN to makes backup servers that are in my DMZ? Or in this network configuration Bacula should be in DMZ? (If yes will I can backup with it servers in LAN ?)

    Read the article

  • Basic IIS7 permissions question

    - by Tom Gullen
    We have a website, with a file: www.example.com/apis/httpapi.asp This file is used by the site internally to make requests joining two systems on the website together (one is Classic ASP, the other ASP.net). However, we do not want the public to be able to access the file. In IIS7.5, is there a setting I can do to make this file internal only? I've tried rewriting the URL for it but this rewrite is also applied internally so the scripts stop working as they fetch the rewritten url. Thanks for any help!

    Read the article

  • SMTP hacked by spammer using base64 encoding to authenticate

    - by Throlkim
    Over the past day we've detected someone from China using our server to send spam email. It's very likely that he's using a weak username/password to access our SMTP server, but the problem is that he appears to be using base64 encoding to prevent us from finding out which account he's using. Here's an example from the maillog: May 5 05:52:15 195396-app3 smtp_auth: SMTP connect from (null)@193.14.55.59.broad.gz.jx.dynamic.163data.com.cn [59.55.14.193] May 5 05:52:15 195396-app3 smtp_auth: smtp_auth: SMTP user info : logged in from (null)@193.14.55.59.broad.gz.jx.dynamic.163data.com.cn [59.55.14.193] Is there any way to detect which account it is that he's using?

    Read the article

  • stunnel crashing

    - by Jay
    I'm trying to use stunnel to secure a legacy application's communications. I can't seem to get it setup and working. Can anyone provide any hints where I'm going wrong? Here's what I'm trying to accomplish: A windows service on a client machine connects to a server on port 7000 using TCP. I'd like to encrypt the communication between client and server. Here's what I've tried: Created a new server that accepts ssl connections on port 7443. Got a certificate for the server and installed it. That seems to work with my test setup. Installed stunnel on my windows machine (version 7.43 from the distribution archive file). Installed libssl32.dll and libeay32.dll in the same directory as stunnel.exe ( from the openssl-0.9.8h-1 binary distribution). Installed it as a service using "stunnel -install" Configured stunnel as follows: debug=7 output=C:\p4\internal\Utility\Proxy\proxy.log service=Proxy taskbar=no [exchange] accept=7000 client=yes connect=proxy.blah.com:7443 I changed my hosts file to trick the old application into connecting through stunnel: server.blah.com 127.0.0.1 # when client looks up server it goes to stunnel proxy.blah.com IP-address-of-server.blah.com # stunnel connects to new server "server.blah.com" now resolves to the machine it's running on (i.e. stunnel). "proxy.blah.com" goes to the real server. stunnel should connect to the server. I start the stunnel service and try to connect. It looks like it's working but the stunnel service just shuts down with no message. 2010.04.19 13:16:21 LOG5[4924:3716]: stunnel 4.33 on x86-pc-mingw32-gnu with OpenSSL 0.9.8h 28 May 2008 2010.04.19 13:16:21 LOG5[4924:3716]: Threading:WIN32 SSL:ENGINE Sockets:SELECT,IPv6 2010.04.19 13:16:49 LOG5[4924:3748]: Service exchange accepted connection from 127.0.0.1:4134 2010.04.19 13:16:49 LOG6[4924:3748]: connect_blocking: connecting x.80.60.32:7443 2010.04.19 13:16:49 LOG5[4924:3748]: connect_blocking: connected x.80.60.32:7443 2010.04.19 13:16:49 LOG5[4924:3748]: Service exchange connected remote server from x.253.120.19:4135 2010.04.19 13:20:24 LOG5[3668:3856]: Reading configuration from file stunnel.conf 2010.04.19 13:20:24 LOG7[3668:3856]: Snagged 64 random bytes from C:/.rnd 2010.04.19 13:20:24 LOG7[3668:3856]: Wrote 1024 new random bytes to C:/.rnd 2010.04.19 13:20:24 LOG7[3668:3856]: RAND_status claims sufficient entropy for the PRNG 2010.04.19 13:20:24 LOG7[3668:3856]: PRNG seeded successfully 2010.04.19 13:20:24 LOG7[3668:3856]: SSL context initialized for service exchange 2010.04.19 13:20:24 LOG5[3668:3856]: Configuration successful 2010.04.19 13:20:24 LOG5[3668:3856]: No limit detected for the number of clients 2010.04.19 13:20:24 LOG7[3668:3856]: FD=312 in non-blocking mode 2010.04.19 13:20:24 LOG7[3668:3856]: Option SO_REUSEADDR set on accept socket 2010.04.19 13:20:24 LOG7[3668:3856]: Service exchange bound to 0.0.0.0:7000 2010.04.19 13:20:24 LOG7[3668:3856]: Service exchange opened FD=312 2010.04.19 13:20:24 LOG5[3668:3856]: stunnel 4.33 on x86-pc-mingw32-gnu with OpenSSL 0.9.8h 28 May 2008 2010.04.19 13:20:24 LOG5[3668:3856]: Threading:WIN32 SSL:ENGINE Sockets:SELECT,IPv6 2010.04.19 13:21:02 LOG7[3668:4556]: Service exchange accepted FD=372 from 127.0.0.1:4156 2010.04.19 13:21:02 LOG7[3668:4556]: Creating a new thread 2010.04.19 13:21:02 LOG7[3668:4556]: New thread created 2010.04.19 13:21:02 LOG7[3668:3756]: Service exchange started 2010.04.19 13:21:02 LOG7[3668:3756]: FD=372 in non-blocking mode 2010.04.19 13:21:02 LOG5[3668:3756]: Service exchange accepted connection from 127.0.0.1:4156 2010.04.19 13:21:02 LOG7[3668:3756]: FD=396 in non-blocking mode 2010.04.19 13:21:02 LOG6[3668:3756]: connect_blocking: connecting x.80.60.32:7443 2010.04.19 13:21:02 LOG7[3668:3756]: connect_blocking: s_poll_wait x.80.60.32:7443: waiting 10 seconds 2010.04.19 13:21:02 LOG5[3668:3756]: connect_blocking: connected x.80.60.32:7443 2010.04.19 13:21:02 LOG5[3668:3756]: Service exchange connected remote server from x.253.120.19:4157 2010.04.19 13:21:02 LOG7[3668:3756]: Remote FD=396 initialized 2010.04.19 13:21:02 LOG7[3668:3756]: SSL state (connect): before/connect initialization 2010.04.19 13:21:02 LOG7[3668:3756]: SSL state (connect): SSLv3 write client hello A 2010.04.19 13:21:02 LOG7[3668:3756]: SSL state (connect): SSLv3 read server hello A 2010.04.19 13:21:02 LOG7[3668:3756]: SSL state (connect): SSLv3 read server certificate A 2010.04.19 13:21:02 LOG7[3668:3756]: SSL state (connect): SSLv3 read server done A 2010.04.19 13:21:02 LOG7[3668:3756]: SSL state (connect): SSLv3 write client key exchange A 2010.04.19 13:21:02 LOG7[3668:3756]: SSL state (connect): SSLv3 write change cipher spec A 2010.04.19 13:21:02 LOG7[3668:3756]: SSL state (connect): SSLv3 write finished A 2010.04.19 13:21:02 LOG7[3668:3756]: SSL state (connect): SSLv3 flush data 2010.04.19 13:21:02 LOG7[3668:3756]: SSL state (connect): SSLv3 read finished A The client thinks the connection is closed: No connection could be made because the target machine actively refused it 127.0.0.1:7000 at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress) at System.Net.Sockets.Socket.Connect(EndPoint remoteEP) at Service.ConnUtility.Connect() Any suggestions?

    Read the article

  • Nginx : Proper use of limit_req_zone and limit_req

    - by xperator
    I have 2 website running on VPS. Their purpose is sharing music files and publishing news. Both of them use wordpress. What I am trying is that I want to prevent little hackers from flooding the webserver and putting stress on the server to make it crash. The problem is that after using limit_req_zone and limit_req my website became very slow. Browsing Wordpress control panel takes a long long time. I tried changing values but it didn't improve much. I guess the problem is Wordpress because it's the only script I am using on both front and back end. Here is the last setting which seems to be more responsive than others : limit_req_zone $binary_remote_addr zone=flood:5m rate=10r/m; location ~ \.php$ { limit_req zone=flood burst=100 nodelay; } What are the optimal values that should be used in my case (wp) ? I want the website have it's normal behavior, On the other hand stopping lifeless people from flooding. Another question, Is it safe and enough to use limit_req only on php files ?

    Read the article

  • Encrypted WiFi with no password?

    - by Ian Boyd
    Is there any standard that allows a WiFi connection to be encrypted, but not require a password? i know that (old, weak) WEP, and newer WPA/WPA2 require a password (i.e. shared secret). Meanwhile my own wireless connections are "open", and therefore unencrypted. There is no technical reason why i can't have an encrypted link that doesn't require the user to enter any password. Such technology exists today (see public key encryption and HTTPS). But does such a standard exist for WiFi? Note: i only want to protect communications, not limit internet access. i get the sense that no such standard exists (since i'm pretty capable with Google), but i'd like it confirmed. Claraification: i want to protect communcations, not limit internet access. That means users are not required to have a password (or its moral equivalent). This means users are not required: to know a password to know a passphrase to enter a CAPTCHA to draw a secret to have a key fob to know a PIN to use a pre-shared key have a pre-shared file to possess a certificate In other words: it has the same accessibility as before, but is now encrypted.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 218 219 220 221 222 223 224 225 226 227 228 229  | Next Page >