Search Results

Search found 120608 results on 4825 pages for 'code access security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 266/4825 | < Previous Page | 262 263 264 265 266 267 268 269 270 271 272 273  | Next Page >

  • Can /etc/hosts.deny/allow be overridden?

    - by Tar
    I have security measures put in place to keep unwanted users out of my server. I've changed the SSH port, disabled root login, have a software firewall to block portscans, and have entries in hosts.deny and hosts.allow. I have various services denied to all but another server of mine should my IP change, and two other administrators + my own IP address. My question is, can hosts.deny/allow configuration be overridden so that they can gain access to my server? Does using chroot jail for running things like an IRC server and Teamspeak server prevent people from gaining access to my server and screwing with it?

    Read the article

  • Access to NTP via IP which doesn't change often

    - by faulty
    I'm trying to sync the clock of our production server located in a data center with pool.ntp.org. For security reason, our servers has no internet access unless we requested to open specific ip/port explicitly. I worked out a list of IPs based on 0.asia.ntp.org 1.asia.ntp.org 2.asia.ntp.org 3.asia.ntp.org Not realizing ntp.org is using round robin DNS and the servers being voluntary, they changes from time to time. In fact the IP I've got from 3.asia.ntp.org last month is no longer working now. I'm wondering if there's a publicly known NTP server that doesn't change as often or if there's a way to go around this without having to request an update to the firewall on a monthly basis. I believe many admin is facing the same issue here.

    Read the article

  • Allow only certain files to be exposed to the web on Lighttpd?

    - by darkAsPitch
    Just installed it on my linux desktop, and I only want 1 or 2 files accessible to the outside world. Everything else should only be accessibly via http://localhost/ for various privacy/security reasons. It is just a test server, don't want just anybody accessing my large batch files. How would you go about allowing only certain select files access to the internet and making everything else available only via http://localhost/?

    Read the article

  • What do I need to do to prevent exploitation of my postfix server?

    - by Josiah
    I have a a web server that needs to send emails, but not recieve them. I have installed postfix (it came with nagios, also installed on this server) and now I need to make sure that my server does not get used as a spam server. What steps do I need to take to ensure that this does not happen? What additional security measures do I need to put in place? Server is Ubuntu 10.4

    Read the article

  • KeePass justification

    - by Jeff Walker
    I work at a place that tries to take security seriously, but sadly, they often fail. Currently, one of the major ways they fail is password management. I personally have about 20 accounts (my personal user id on lots of machines). For shared "system" accounts, there are about 45 per environment; development, test, and production. I have access to 2 of those, so my personal total is somewhere around 115 accounts. Passwords have to be at least 15 characters with some extensive but standard complexity constraints, and have to be changed every 60 days or so (system accounts every year). They also should not be the same for different accounts, but that isn't enforced. Think DoD-type standards. There is no way to remember and keep up with this. It just isn't humanly possible, as far as I'm concerned. This might be a good justification of a centralized account management system, a la LDAP or ActiveDirectory, but that is a totally different battle. Currently the solution is an Excel spreadsheet. They use Excel to put a password on it, and then most people make a copy and remove the password. This makes my stomach turn. I use KeePass for this problem and it manages all of my account very well. I like the features like auto-typing, grouping, plugins, password generation, etc. It uses AES-256 encryption via the .Net framework, and while not FIPS compliant, it has a very good reputation. The only problem is that they are also very careful about using randomly downloaded software. So we have to justify every piece of software on our workstations. I have been told that they really don't want me to use this, be cause of the "sensitive nature" of storing passwords. sigh My justification has to be "VERY VERY strong". I have been tasked with writing a justification for KeePass, but as I am lazy, I would like any input that I can get from the community. What do you recommend? Is there something out there that is better or more respected than KeePass? Is there any security experts saying interesting things on this topic? Anything will help at this point. Thanks.

    Read the article

  • Is there another way to run Apache2 securely for end users without using CGI mode?

    - by Volomike
    Is there another way to run Apache2 securely for multiple end users (like hosting hundreds of blogs) without using CGI mode as required by suPHP? It just seems so inefficient to use CGI mode for PHP when if we could set up permissions properly, we could host PHP through mod_php perhaps? I mean, I do want to restrict these users to their home directories for their sites, but don't want any security issues.

    Read the article

  • Detecting man-in-the-middle attacks?

    - by Ilari Kajaste
    There seem to be many possible ways to create man-in-the-middle attacks on public access points, by stealing the access point's local IP address with ARP spoofing. The possible attacks range from forging password request fields, to changing HTTPS connections to HTTP, and even the recently discovered possibilit of injecting malicious headers in the beginning of secure TLS connections. However, it seems to be claimed that these attacks are not very common. It would be interesting to see for myself. What ways are there to detect if such an attack is being attempted by someone on the network? I guess getting served a plain HTTP login page would be an obvious clue, and of course you could run Wireshark and keep reading all the interesting ARP traffic... But an automated solution would be a tiny bit more handy. Something that analyzes stuff on the background and alerts if an attack is detected on the network. It would be interesting to see for myself if these attack are actually going on somewhere.

    Read the article

  • Allowing Remote Connection in IIS on Windows 7

    - by GiddyUpHorsey
    I'm trying to give access to a website in IIS on my Win 7 machine to another person on my network. He's unable to access it. I was wondering if perhaps it was because IIS isn't configured to allow remote connections (I seem to remember having to do this sort of thing on Win XP). I've hunted around in IIS and googled but am not finding a way to configure remote connections on Win 7. Some of the answers I've found seem to refer to Win Server 2008 and talk about a management service in IIS Manager, but it doesn't appear to be present on my machine.

    Read the article

  • Turn off "unknown publisher" message for older Windows application?

    - by MikeJ
    Anyone know how to turn off or suppress the "unknown publisher" message for a specific application? The application is a legacy version of Delphi that we use to update a LOB application. I thought clicking, run as administrator would fix this and I don't want to turn off UAC entirely for security safety reasons. Anyone know how to tell Windows 7 that Borland or at least delphi.exe is a trusted application?

    Read the article

  • Secure external connection to SQL Server (from third party software)

    - by Bart
    I have a SQL Express 2008 R2 server running on a server in an internal lan network. A few databases are used by some third party software to store data. A SQL-Server user is used by this application to connect to the database. Now I need to access this database using a local installation of the software from an external pc. In this particular case a VPN connection is not the solution I am looking for. I have access to an external linux server, so I tried ssh tunneling from the windows server to the linux server and use the external pc to tunnel it back from the linux server to the client, but this is working very very slow. What are my other options to allow this external connection in a safe way?

    Read the article

  • Wireless Password

    - by Campo
    I have a security policy question: I want to know how other admins handle the WIFI password in the office. Does everyone know it? Do you enter it in for the user or guest every time and keep it a secret. I am in camp 2. Just want to know what others do and their reasoning behind it.

    Read the article

  • Aruba Wireless Controller 200 and AP70 manual

    - by techie
    I have an Aruba wireless system that is currently in use but there is no documentation from the previous person in charge. I have no manuals or login information for the wireless controllers and APs. I checked the Aruba website and you need to register to access the support information but registration isn't instant and takes several days. I've waited for quite a while now and have tried googling and checking the Aruba forums but have found no indication of a manual. What I really need is the ability to reset the controller and APs so I can access the device with the default username and password. There is no reset button on this device so I have no idea how you go about resetting the controller and APs. Hm it seems I can't create a new tag as a new user. If possible can someone add an "Aruba" tag?

    Read the article

  • How can I leave the remote screen locked when I ARD/VNC/etc. to my Mac?

    - by Dominic Cooney
    I'm currently using Jolly's Fast VNC and Mac OS X's built-in VNC server (System Preferences, Sharing, Screen Sharing) to access my iMac remotely. Here's my problem: When I'm using the iMac remotely, the screensaver deactivates and the screen is unlocked. If someone had physical access to my iMac they could walk up to it and start using it. Is there some way I can set things up so that when I'm using my iMac remotely the screen stays locked, like Windows XP Professional does when you're using RDP? I know I can use X remotely with the iMac locked, but I would like to use Mac applications remotely, too.

    Read the article

  • Internet wireless connected with limited access, windows vista

    - by r0ca
    I had some malware in my computer so I did a bit of manual work to remove it including resetting TCP/IP. Now the malware is gone. I can see my home wireless network and I can get connected to it but when connected I get the Internet wireless connected with limited access message. When I go to the IE I cannot browse. When I tried to ping 192.168.1.1 I got an Error Code 1231 Unconnected Network Problem. I have deactivated my Windows firewall as I thought it could be hyperactive security. Still no luck. I have Norton but it is not active, I have also Avast and AVG installed but they are not active. Any ideas?

    Read the article

  • Does Juniper Networks provide keyloggers with their software?

    - by orokusaki
    I noticed that I had a "USB Mass Storage Device" plugged in when there wasn't in fact anything plugged in to any USB port. I turned it off via Windows (XP), but it's quite concerning. This was after installing Juniper Networks' software for VPN access to an IT guy's stuff. I also notice there is a service called "dsNcService.exe" which apparently is sending information over the internet (even when I'm not in VPN access). The process restarts itself when I end it. Should I be worried that this software is tracking my keystrokes and broadcasting them to my IT guy?

    Read the article

  • Monitor the shell activity of a user on your Unix system?

    - by Joseph Turian
    Trust, but verify. Let's say I want to hire someone a sysadmin, and give them root access to my Unix system. I want to disable X windows for them, only allow shell usage (through SSH, maybe), so that all operations they perform will be through the shell (not mouse operations). I need a tool that will log to a remote server all commands they issue, as they issue them. So even if they install a back door and cover their tracks, that will be logged remotely. How do I disable everything but shell access? Is there a tool for instantaneously remotely logging commands as they are issued?

    Read the article

  • Solr Multicore Admin Problem

    - by Daniel M
    Im trying to add a url based security constraint to solr deployed in websphere 6.1. If I specify the core name in the url of the constraint then the admin url for that core gives a 404. Has anyone had any success with this or any suggestions? Cheers Cross-posted with stackoverflow

    Read the article

  • Can't access Administrator account on Windows XP after adding local user account

    - by bwerks
    I have an installation of windows XP, and it's not part of a domain. Previously, it just had only the administrator account, and upon creating a different user account, all access was lost to the administrator account. When the machine starts up, only the new local account is offered for login, which seemed strange. I've checked that the administrator account was not disabled, nor are any rights missing from the local security policy. Furthermore, the administrator account is accessible via remote desktop, where an opportunity is given to type the desired account. REALLY strange. Upon deletion of the new local user account, the administrator account appeared again. Can anyone tell me what's going on?

    Read the article

  • How Can I Restrict VSFTPD to a Particular Local Group?

    - by Aaron Copley
    I'd like to control VSFTPD access by adding users to a group such that only members of the defined group can access the FTP services. I am thinking I can do this by modifying /etc/pam.d/vsftpd, but am not sure how to get started. Or is this only for virtual users in VSFTPD? I am aware of user_list and this does not seem to support groups. This doesn't provide the function I am looking for which is described above. If I am mistaken though this would be great. Thanks, Aaron

    Read the article

  • Advantages / disadvantages of having DynDNS access on a computer vs the router

    - by Margaret
    I have a shiny new toy, a Cisco Wireless-N Gigabit Security Router with VPN (WRVS4400N). While looking through the instruction manual, I discovered that it had support for DynDNS built-in. We've currently got the DynDNS client running on one of the servers (that people SSH to, as documented in this question); but the reason for the router update is to move away from SSH to VPN. To that end, is there any difference in behaviour/functionality/maintainability to run it off the computer, as opposed to the router? Thus far, DynDNS has more or less a set-and-forget setup, but since the feature was there, I wanted to know if it was a better location for the process...

    Read the article

  • Unable to delete a directory from NTFS drive: "Access is denied"

    - by Evgeny
    I'm running Windows XP Pro x64 SP2. I have a directory on an NTFS drive that was created by a Maven build. A subsequent build attempted to delete this directory and failed. I now get the error "Access is denied" whenever I try to do anything with that directory: change to it, delete it, rename it. This happens both in Windows Explorer and from a command prompt. The properties dialog in Windows Explorer doesn't even contain the Security tab. I created the directory, so I don't think this is truly a permissions issue. I've occasionally had this error happen in the past is well. I believe the error is misleading, but the question is: what is the real problem and how do I fix it?

    Read the article

  • Preventing brute force attacks against ssh?

    - by grieve
    What tool or technique do you use to prevent brute force attacks against your ssh port. I noticed in my Security logs, that I have millions of attempts to login as various users through ssh. This is on a FreeBSD box, but I imagine it would be applicable anywhere.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 262 263 264 265 266 267 268 269 270 271 272 273  | Next Page >