Search Results

Search found 30819 results on 1233 pages for 'software security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 266/1233 | < Previous Page | 262 263 264 265 266 267 268 269 270 271 272 273  | Next Page >

  • What permissions / ownership to set on PHP Sessions Folder when running FastCGI / PHP-FPM (as user "nobody")?

    - by Professor Frink
    I'm having trouble getting a number of scripts running because PHP-FPM can't write to my session folder: "2009/10/01 23:54:07 [error] 17830#0: *24 FastCGI sent in stderr: "PHP Warning: Unknown: open(/var/lib/php/session/sess_cskfq4godj4ka2a637i5lq41o5, O_RDWR) failed: Permission denied (13) in Unknown on line 0 PHP Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/var/lib/php/session) in Unknown on line 0" while reading upstream" Obviously this is a permission issue; my session folder's owner/group is the webserver's user, NGINX. PHP-FPM runs as nobody though, and hence adding it to the nginx group is not so trivial. A temporary solution is to set the permissions of /var/lib/php/session to 777 - I have a feeling that's not the "best practice" though. What is the best practice when you need to assign a daemon write access to a folder, but it is running as nobody ?

    Read the article

  • Blocking IP Range in .htaccess Problem

    - by Pedro
    Hi, I'm trying to block the access of one of my webapps using IP Filter in the .htaccess, the problem is that after updating the file with: order allow,deny deny from 58.14.0.0/15 allow from all I get the folowing error: Internal Server Error The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the server administrator, [email protected] and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log. What is wrong? Regards, Pedro

    Read the article

  • allowing index access only with .htaccess

    - by YsoL8
    Hello I have this in my .htaccess file, in the site root: Options -Indexes <directory ../.*> Deny from all </directory> <Files .htaccess> order allow,deny deny from all </Files> <Files index.php> Order allow,deny allow from all </Files> What I'm trying to achieve is to block folder and file access to anything that isn't called index.php, regardless of which directory is accessed. I have the folder part working perfectly and the deny from all rule is working as well - but my attempt to allow access to index.php is failing. Basically could someone tell me how to get it working?

    Read the article

  • allowing index access only with .htaccess

    - by YsoL8
    Hello I have this in my .htaccess file, in the site root: Options -Indexes <directory ../.*> Deny from all </directory> <Files .htaccess> order allow,deny deny from all </Files> <Files index.php> Order allow,deny allow from all </Files> What I'm trying to achieve is to block folder and file access to anything that isn't called index.php, regardless of which directory is accessed. I have the folder part working perfectly and the deny from all rule is working as well - but my attempt to allow access to index.php is failing. Basically could someone tell me how to get it working?

    Read the article

  • Ubuntu Server attack? how to solve?

    - by saky
    Hello, Something (Someone) is sending out UDP packets sent from our whole ip range. This seems to be multicast DNS. Our server host provided this (Our IP Address is masked with XX): Jun 3 11:02:13 webserver kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:30:48:94:46:c4:08:00 SRC=193.23X.21X.XX DST=224.0.0.251 LEN=73 TOS=0x00 PREC=0x00 TTL=255 ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=53 Jun 3 11:02:23 webserver kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:30:48:94:46:c4:08:00 SRC=193.23X.21X.XX DST=224.0.0.251 LEN=73 TOS=0x00 PREC=0x00 TTL=255 ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=53 Jun 3 11:02:32 webserver kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:30:48:94:46:c4:08:00 SRC=193.23X.21X.XX DST=224.0.0.251 LEN=73 TOS=0x00 PREC=0x00 TTL=255 ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=53 Jun 3 11:02:35 webserver kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:30:48:94:46:c4:08:00 SRC=193.23X.21X.XX DST=224.0.0.251 LEN=73 TOS=0x00 PREC=0x00 TTL=255 ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=53 I checked my /var/log/auth.log file and found out that someone from China (Using ip-locator) was trying to get in to the server using ssh. ... Jun 3 11:32:00 server2 sshd[28511]: Failed password for root from 202.100.108.25 port 39047 ssh2 Jun 3 11:32:08 server2 sshd[28514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.100.108.25 user=root Jun 3 11:32:09 server2 sshd[28514]: Failed password for root from 202.100.108.25 port 39756 ssh2 Jun 3 11:32:16 server2 sshd[28516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.100.108.25 user=root ... I have blocked that IP address using this command: sudo iptables -A INPUT -s 202.100.108.25 -j DROP However, I have no clue about the UDP multicasting, what is doing this? who is doing it? and how I can stop it? Anyone know?

    Read the article

  • What is the EGG environment variable?

    - by Randall
    A user on our (openSuSE) linux systems attempted to run sudo, and triggered an alert. He has the environment variable EGG set - EGG=UH211åH1ÒH»ÿ/bin/shHÁSH211çH1ÀPWH211æ°;^O^Ej^A_j<X^O^EÉÃÿ This looks unusual to say the least. Is EGG a legitimate environment variable? (I've found some references to PYTHON_EGG_CACHE - could be related? But that environment variable isn't set for this user). If it's legit, then I imagine this group has the best chance of recognizing it. Or, given the embedded /bin/sh in the string above, does anyone recognize this as an exploit fingerprint? It wouldn't be the first time we had a cracked account (sigh).

    Read the article

  • Real benefits of tcp TIME-WAIT and implications in production environment

    - by user64204
    SOME THEORY I've been doing some reading on tcp TIME-WAIT (here and there) and what I read is that it's a value set to 2 x MSL (maximum segment life) which keeps a connection in the "connection table" for a while to guarantee that, "before your allowed to create a connection with the same tuple, all the packets belonging to previous incarnations of that tuple will be dead". Since segments received (apart from SYN under specific circumstances) while a connection is either in TIME-WAIT or no longer existing would be discarded, why not close the connection right away? Q1: Is it because there is less processing involved in dealing with segments from old connections and less processing to create a new connection on the same tuple when in TIME-WAIT (i.e. are there performance benefits)? If the above explanation doesn't stand, the only reason I see the TIME-WAIT being useful would be if a client sends a SYN for a connection before it sends remaining segments for an old connection on the same tuple in which case the receiver would re-open the connection but then get bad segments and and would have to terminate it. Q2: Is this analysis correct? Q3: Are there other benefits to using TIME-WAIT? SOME PRACTICE I've been looking at the munin graphs on a production server that I administrate. Here is one: As you can see there are more connections in TIME-WAIT than ESTABLISHED, around twice as many most of the time, on some occasions four times as many. Q4: Does this have an impact on performance? Q5: If so, is it wise/recommended to reduce the TIME-WAIT value (and what to)? Q6: Is this ratio of TIME-WAIT / ESTABLISHED connections normal? Could this be related to malicious connection attempts?

    Read the article

  • How is my password sent across when I check gmails/access bank site [closed]

    - by learnerforever
    What encryption is used when my password is sent across in gmails/when I do online banking? RSA? DSA? Public-private key encryption?. In key encryption, which entity is assigned a public/private key? Does each unique machine with unique MAC address has a unique public/private key? Does each instance of browser have unique key? Does each user have unique private/public key? How does session key come into picture? How do machines receive their keys?

    Read the article

  • Where does PGP keep its license file within OSX?

    - by romant
    I was using a trial from PGP. Now have a license supplied by the company I work for. Upon trying to overwrite/upgrade - PGP is reporting that its using the 'old', namely trial license. Which has long expired. How can I completely rid my machine of PGP - and thus be able to install a fresh copy? Where does this pesky license file reside? OS: 10.6.2 PGP: 10

    Read the article

  • How to securely delete files stored on a SSD?

    - by Chris Neuroth
    From a (very long, but definitely worth to read) article on SSDs: When you delete a file in your OS, there is no reaction from either a hard drive or SSD. It isn’t until you overwrite the sector (on a hard drive) or page (on a SSD) that you actually lose the data. File recovery programs use this property to their advantage and that’s how they help you recover deleted files. The key distinction between HDDs and SSDs however is what happens when you overwrite a file. While a HDD can simply write the new data to the same sector, a SSD will allocate a new (or previously used) page for the overwritten data. The page that contains the now invalid data will simply be marked as invalid and at some point it’ll get erased. So, what would be the best way to securely erase files stored on a SSD? Overwriting with random data as we are used to from hard disks (e.g. using the "shred" utility) won't work unless you overwrite the WHOLE drive...

    Read the article

  • Exchange 2003 default permissions for ANONYMOUS LOGON and Everyone

    - by Make it useful Keep it simple
    ANONYMOUS LOGON and Everyone have the following top level permissions in our Exchange 2003 Server: Read Execute Read permissions List contents Read properties List objects Create public folder Create named properties in the information store Are these the "default" settings? In particular, are the "Read" and "Execute" permissions a problem? We have a simple small business setup, Outlook clients connect to the server on the local network, OWA is used from outside the network for browser and smartphone access. Thanks

    Read the article

  • TeamViewer - only allow domain logins

    - by BloodyIron
    I recently started a Systems Admin job where teamviewer is used pretty frequently here. Another admin recently left, and the concern is they still have access to all our systems due to how teamviewer works. I want to migrate the entire environment to domain authentication. The documentation shows that setting up windows auth (domain) is easy, but I want to be sure that it is the only way to be authenticated with a teamviewer session here. I cannot yet find anything which explicitly says this. We have licensing for teamviewer 5 and 6, I think. Right now we have 7 in the environment, but I think most are in a trial version, so I am likely to revert to 5 or 6.

    Read the article

  • What's the most popular portable applications manager?

    - by Andy Mikula
    I have a bunch of applications I carry around on a small flash drive, but I find it hard to keep everything up to date. I know about portableapps.com, but are there any other websites / repositories / resources on the subject? Ideally I'd like something that can manage both the 'installation' and updates for a range of tools.

    Read the article

  • Scriptable BitTorrent clients?

    - by James McMahon
    In an effort further automate all the little computer house keeping tasks that can waste my time I am looking into BitTorrent clients that have the ability to script common tasks. I've done some Googling and it looks like Transmission might have some of said such capabilities, but there site wasn't very clear on the details. Things I am looking to do; Prioritize and label torrents based on trackers Set seed length based on trackers and filesize Set additional seed time when a torrent's seed time expires based on a number of factors, like time spent seeding, remaining disk space and ratio. Move torrents to appropriate places post seeding based on labels and tracker Basically, while I could Python or Bash script things like moving torrents around and other simple actions, I need away to talk to the client to figure out things like the torrent seed time, tracker, labels, filesize, etc. Is there any client out there that would allow me to all or a subset these actions? I have access to Linux, Mac and Windows and am not tied to any particular torrent client. I am a programmer so I have no problems writing scripts, but examples of torrent scripting would also be helpful.

    Read the article

  • Sensitive data in init scripts

    - by Steve Jorgensen
    I'm adapting some examples I've found by Googling to build an init script to run a VirtualBox OSE virtual machine as a daemon. I would like to specify a password for VNC access to the VM, and this must be given as an argument to the VBoxHeadless command. Conventionally, init scripts are readable by standard users, and this seems like a useful convention, but I also don't want the VNC password for this VM to be stored in easily accessible plain text. What's the most appropriate/conventional way to handle this kind of situation? Maybe put a root-readable supporting data file someplace, and have the init script load the value from there?

    Read the article

  • What is the difference between /sbin/nologin and /bin/false?

    - by Michael Hampton
    I have often heard it recommended that a user account should be disabled by setting its shell to /bin/false. But, on my existing Linux systems, I see that a great number of existing accounts (all of them service accounts) have a shell of /sbin/nologin instead. I see from the man page that /sbin/nologin prints a message to the user saying the account is disabled, and then exits. Presumably /bin/false would not print anything. I also see that /sbin/nologin is listed in /etc/shells, while /bin/false is not. The man page says that FTP will disable access for users with a shell not listed in /etc/shells and implies that other programs may do the same. Does that mean that somebody could FTP in with an account that has /sbin/nologin as its shell? What is the difference here? Which one of these should I use to disable a user account, and in what circumstances? What other effects does a listing in /etc/shells have?

    Read the article

  • tacacs integration with database

    - by chingupt
    We are setting up TACACS+ in our network which is a mix of Cisco AP's and other brands. However we have a centralized managemnet system which allows our customers to centrally configure services. Hence we would like to setup a tacacs+ server integrated with some database. Can this be done? I found the following package at www.shrubbery.net/tac_plus/ but it does not have the necessary plugins for database. Please let me know how to go about this. TIA Sachin

    Read the article

  • Disallow root to su on a user which is not listed in /etc/passwd

    - by marc.riera
    Hello, on linux we autenticate users against AD. The AD users are not listed on /etc/passwd. We are about to deploy a NFS solution to mount some extra space for each group of users. If a user(A) with sudo su privileges goes to root, then he can impersonate user(B) just by su user(B) and going to the NFS. Is there any way to disallow root to su user if the user is not listed on /etc/passwd ? Thanks.

    Read the article

  • Which trojan is this?

    - by omgHelpMe
    Could you identify this trojan/keylogger based on the set of files? I've been able to find out that the file names are random except rp.dll. Also, the icons are always the same. Thanks guys.

    Read the article

  • Correctly setting up UFW on Ubuntu Server 10 LTS which has Nginx, FastCGI and MySQL?

    - by littlejim84
    Hello. I'm wanting to get my firewall on my new webserver to be as secure as it needs to be. After I did research for iptables, I came across UFW (Uncomplicated FireWall). This looks like a better way for me to setup a firewall on Ubuntu Server 10 LTS and seeing that it's part of the install, it seems to make sense. My server will have Nginx, FastCGI and MySQL on it. I also want to be allow SSH access (obviously). So I'm curious to know exactly how I should set up UFW and is there anything else I need to take into consideration? After doing research, I found an article that explains it this way: # turn on ufw ufw enable # log all activity (you'll be glad you have this later) ufw logging on # allow port 80 for tcp (web stuff) ufw allow 80/tcp # allow our ssh port ufw allow 5555 # deny everything else ufw default deny # open the ssh config file and edit the port number from 22 to 5555, ctrl-x to exit nano /etc/ssh/sshd_config # restart ssh (don't forget to ssh with port 5555, not 22 from now on) /etc/init.d/ssh reload This all seems to make sense to me. But is it all correct? I want to back this up with any other opinions or advice to ensure I do this right on my server. Many thanks!

    Read the article

  • PCRE limits exceeded, but triggering rules are SQL related

    - by Wolfe
    [Mon Oct 15 17:12:13 2012] [error] [client xx.xx.xx.xx] ModSecurity: Rule 1d4ad30 [id "300014"][file "/usr/local/apache/conf/modsec2.user.conf"][line "349"] - Execution error - PCRE limits exceeded (-8): (null). [hostname "domain.com"] [uri "/admin.php"] [unique_id "UHx8LEUQwYEAAGutKkUAAAEQ"] And similar are spamming my error log for apache. It's only the admin side.. and only these two lines in the config: line 349: #Generic SQL sigs SecRule ARGS "(or.+1[[:space:]]*=[[:space:]]1|(or 1=1|'.+)--')" "id:300014,rev:1,severity:2,msg:'Generic SQL injection protection'" And line 356: SecRule ARGS "(insert[[:space:]]+into.+values|select.*from.+[a-z|A-Z|0-9]|select.+from|bulk[[:space:]]+insert|union.+select|convert.+\(.*from)" Is there a way to fix this problem? Can someone explain what is going on or if these rules are even valid to cause this error? I know it's supposedly a recursion protection.. but these protect against SQL injection so I'm confused.

    Read the article

  • My website is infected, I restored a backup of the uninfected files, how long will it take to un-mark as dangerous?

    - by Cyclone
    My website www.sagamountain.com was recently infected by a malware distributor (or at least I think it may have been). I have removed all external content, google ads, firefly chat, etc. I uploaded a backup from a few weeks ago, when there was no issue. I patched the SQL injection hole. Now, how long will it take to unmark it as dangerous? Where can I contact google? I am not sure if this is the right place to post it, but since it may have been a server issue I may as well. Can sites inject base64 code via a virus on the whole server, or is it only via sql injection? Thanks for the help, viruses freak me out. Is there an online virus scanner that can scan my page and tell me what is wrong?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 262 263 264 265 266 267 268 269 270 271 272 273  | Next Page >