Search Results

Search found 120608 results on 4825 pages for 'code access security'.

Page 294/4825 | < Previous Page | 290 291 292 293 294 295 296 297 298 299 300 301 | Next Page >

General High-Level Assessment

- by tcarper

Guys and Gals, I've been tasked with a doozy of an assignment. The objective is something akin to "laying of hands" on several database servers which work in concert to provide data to various Web, Client-Server and Tablet-Sync'd distributed Client-Server programs. More specifically, I've been asked to come up with a "Maintenance Plan" which includes recommendations for future work to improve these machines' performance/reliability/security/etc. Might there be some good articles on teh interwebs ya'll could point me towards which would give me some good basis to start? Articles describing "These are the top 4 overarching categories and this is how you should proceed when drilling down on each of them" sort-of-thing would be fabulous. The Databases are all SQL 2005, however the compatibility level is 80 and they were originally created with ERwin based on SQL 6.5. The OSs are all Windows Server 2003. Thanks all! Tim

Read the article
Ubuntu cannot access internet, LAN is fine

- by Kevin Southworth

I have an Ubuntu 8.04 LTS server that is directly connected to our Comcast Business Gateway modem and I have configured it with 1 of our 5 allotted Static IPs. My other machines on our LAN can connect to this server (via ssh, web, ping, etc.) but I cannot access this server from outside our network, and this machine cannot get out to the internet either (ping google.com fails with unknown host). Here is my /etc/networking/interfaces file: auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 173.162.54.19 netmask 255.255.255.248 broadcast 173.162.54.23 gateway 173.162.54.22 and my /etc/resolv.conf: nameserver 68.87.77.130 nameserver 68.87.72.130 output from sudo route -n: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 173.162.54.16 0.0.0.0 255.255.255.248 U 0 0 0 eth0 0.0.0.0 173.162.54.22 0.0.0.0 UG 100 0 0 eth0 I have a Windows 2008 machine with an almost identical Static IP, static DNS setup and it works correctly, can access it within the LAN and also from public internet, the Windows machine and the Ubuntu machine are both directly connected to the Comcast Business Gateway. I have tried rebooting Ubuntu, rebooting my Comcast modem, but nothing seems to make it work. I'm an Ubuntu noob, is there some other config I need to apply to make this work? UPDATE: Yes I am able to ping my default gateway 173.162.54.22 output of iptables --list -n: Chain INPUT (policy DROP) target prot opt source destination ufw-before-input all -- 0.0.0.0/0 0.0.0.0/0 ufw-after-input all -- 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy DROP) target prot opt source destination ufw-before-forward all -- 0.0.0.0/0 0.0.0.0/0 ufw-after-forward all -- 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination ufw-before-output all -- 0.0.0.0/0 0.0.0.0/0 ufw-after-output all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-after-forward (1 references) target prot opt source destination LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix `[UFW BLOCK FORWARD]: ' RETURN all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-after-input (1 references) target prot opt source destination RETURN udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:137 RETURN udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:138 RETURN tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:139 RETURN tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:445 RETURN udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67 RETURN udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:68 LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix `[UFW BLOCK INPUT]: ' RETURN all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-after-output (1 references) target prot opt source destination RETURN all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-before-forward (1 references) target prot opt source destination ufw-user-forward all -- 0.0.0.0/0 0.0.0.0/0 RETURN all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-before-input (1 references) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED DROP all -- 0.0.0.0/0 0.0.0.0/0 ctstate INVALID ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 11 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 12 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68 ufw-not-local all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 224.0.0.0/4 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 224.0.0.0/4 ufw-user-input all -- 0.0.0.0/0 0.0.0.0/0 RETURN all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-before-output (1 references) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED ufw-user-output all -- 0.0.0.0/0 0.0.0.0/0 RETURN all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-not-local (1 references) target prot opt source destination RETURN all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL RETURN all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type MULTICAST RETURN all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix `[UFW BLOCK NOT-TO-ME]: ' DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-user-forward (1 references) target prot opt source destination RETURN all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-user-input (1 references) target prot opt source destination ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:80 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:22 RETURN all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-user-output (1 references) target prot opt source destination RETURN all -- 0.0.0.0/0 0.0.0.0/0

Read the article
Jenkins projects not visible even though user has all privleges

- by Frank Rosario

We want to lock down Jenkins and specific jobs to certain personnel. I have my account with all global privileges granted with project based matrix security. A coworker has a similar account and has been granted all the same privileges. When I log in with my account, I can see all of the projects we have setup. When my coworker whom has the exact same privileges logs in, none of the projects are visible. I've double and triple checked the permissions matrix to make sure we have the same global privileges; we do. Some of the projects have project specific privileges setup as well, but again; I've confirmed that both of us have the same access to these projects as well. So why can I see all the projects and my coworker is unable to see any of the projects?

Read the article
postfix relay access denied from some IPs

- by Caballero

This is driving me nuts. I have Postfix/Dovecot set up on Centos 6 VPS for my emails. I can send and receive emails without any problems on my outlook (home broadband), on my Android phone (3G connection), however when I set up exactly the same email account on Outlook at my friends house I'm getting bouncebacks when I'm trying to send email (receiving works fine): 554 5.7.1 : Relay access denied Now if it wasn't working at all I'd understand, but why is it working on several internet connections, but not everywhere? Can someone shed some light on this? Where should I look for the problem?

Read the article
Setting a wireless access point on Ubuntu server 11.10

- by Solignis

I am trying to setup a wifi access point with my Ubuntu server. I have managed to get my phone to connect the wireless and now it get a DHCP lease. Though it still cannot ping out or get pinged by anything on my network. I am prety sure my problem is iptables, but I not sure what would be wrong. Here is what my rules look like. (The ones pertaining to the bridge interface) # Allow traffic to / from wireless bridge interface iptables -A INPUT -i br0 -j ACCEPT iptables -A OUTPUT -o br0 -j ACCEPT I am guessing my rules are a little lean, the bridge exists on the same subnet as everything else on my network, I am using a 10.0.0.0/24 subnet. EDIT Oh yeah I should mention also, when I do a ping test, I get Destination Host Unreachable as the error.

Read the article
DNS is resolving fine but can't access the server (unless changing /etc/hosts)

- by victor hugo

Hi all, I have a VPS server with a public IP, I added some A entries in my name server like svn.example.com - 1.1.1.1 Also I added some entries in my workstation /etc/hosts file in order to work with the domains meanwhile the DNSs were refreshed. It's been around 3 days from this and I configures everything in my server (using the hosts file), the DNSs are ready and I removed the entries but for my surprise I can access the servers nor anything in my domain or sub-domains (even a ping doesn't work). I've triple checked and the DNSs are OK. I don't know too much about DNSs . Any help would be appreciated. The IP address of my VPS is 74.63.223.43 I have these domain names, all pointing to the same IP (using A entries) hartoingenio.com www.hartoingenio.com svn.hartoingenio.com

Read the article
CommunityEngine + TinyMCE + Safari or Chrome + My server sometimes generate corrupted code

- by user31362

Hello All, I'm using Community engine. It is really a great job But I encountered a strange phenomenon I couldn't solve it. This problem happens only when I open any page contains tinymce by using safari or chrome browsers. It shows me a corrupted code and the page is damaged. kindly check the following photo: http://img190.imageshack.us/img190/5880/screenshot20100111at115.png notice "Delete this user" link then check the source code. There is a weird code injecting itself in the original code. The weird code is tinymce thing: <script type="text/javascript" src="http://ce.mysite.net/plugin_assets/ community_engine/javascripts/tiny_mce/themes/advanced/langs/en.js? 1260693864"></script> <script type="text/javascript" src="http://ce.mysite.net/plugin_assets/ community_engine/javascripts/tiny_mce/plugins/curblyadvimage/langs/ en.js?1260693864"></script> it injected between onclick=" and if (confirm.... I deployed CE on my laptop and my server. I didn't see this problem locally but sometimes (not always) this problem appears on my server. I'm sure that I installed all required gems on the server This bug is annoyed me and I wish to help me. Thanks

Read the article
How to access remotly to a mysql server?

- by ÉricP

Hi, I'm trying to access my remote mysql server from my own computer. I uncommented: bind-address = 80.10.65.45 I added 80.10.65.45 as a server in privilege root 80.10.65.45 yes ALL PRIVILEGES yes I'm using Sequel Pro on MacosX to connect via SSH here is the debug log: debug1: Authentication succeeded (password). debug1: Local connections to LOCALHOST:58517 forwarded to remote address 127.0.0.1:3306 debug1: Local forwarding listening on ::1 port 58517. debug1: channel 0: new [port listener] debug1: Local forwarding listening on 127.0.0.1 port 58517. debug1: channel 1: new [port listener] debug1: Entering interactive session. debug1: Connection to port 58517 forwarding to 127.0.0.1 port 3306 requested. debug1: channel 2: new [direct-tcpip] channel 2: open failed: connect failed: Connection refused debug1: channel 2: free: direct-tcpip: listening port 58517 for 127.0.0.1 port 3306, connect from 127.0.0.1 port 58519, nchannels 3

Read the article
Cannot access any remote resource after connecting to Cisco VPN on Vista

- by Deepak Singh Rawat

I have installed Cisco vpn client version 5.0.07.0290 on Vista Business SP2. I am able to successfully connnect to the vpn. But after connecting I am not able to access any resource in the vpn (like database, other computers in the network etc.). I have tried the following without any success : Older versions of the client Other vpn clients like Shrewsoft : same issue as the cisco vpn client Disabled Internet Connection Sharing service Installed the client in the root administrator account Run the installer as administrator Run the vpngui and ipsecdialer in XP compatibility mode and as administrator I am not sure how to troubleshoot this issue. Can somebody please help me in troubleshooting this issue? P.S : I've Zonealarm firewall, can that be an issue?

Read the article
Cannot access internet or remote network after connecting to Windows VPN

- by Kiewic

I set up a VPN by creating an incoming VPN connection (VPN server) in my Windows 8 machine at home (not a Windows Server). I forwarded the PPTP port in my router (port 1723) to this machine and enabled PPTP passthrough. In a second Windows 8 machine out of home, I created an outgoing VPN connection (VPN client). And I am able to connect to my home VPN, but I don't have access to any home resource or even internet. This is the output of the client ipconfig: And this are the settings of my VPN server: UPDATE: My VPN server has assigned the 192.168.1.144 IP adress at my home network. So, I tried setting the "IP address assignment" range from 192.168.1.150 to 192.168.1.200. And when a VPN client gets connected, it gets an address in that range, but it doesn't make any difference.

Read the article
SharePoint Server 2007 and HTML Forms - How to control access rights

- by Anarkie

I'm working with Hosted SharePoint 2007 with Forms Server. I need to allow client access to submit HTML forms designed in Infopath. Problem is, I need to make sure the clients don't see the library. There is sensitive data that will be on these forms. I also need to have a repeated library that is based on the Internal Admin records and requirements. Outside of making a seperate library per customer, does anyone have any suggestions? My Goal: 1: Customers enter their requests through a link or provided page 2: Internally address the requests and perform required arrangements, add billing and payment fields 3: Have SharePoint metrics, reports, etc... based on the provided intormation and status. Thanks in Advance!!

Read the article
Active Directory replication failing with Access is Denied

- by Justin Love

I recently discovered that Active Directory replication started failing about a month ago. If I attempt to Replicate Now from the failing domain controller, I receive The following error occurred during the attempt to synchronize the domain controllers: Access is denied. It is between two servers at a remote site. One is Windows 2003 and the other is Windows 2000; the Windows 2000 machines is experiencing the errors. The domain is older OUR_DOMAIN style. Attempts so far: I disabled Kerberos service on the Windows 2000 server and restarted RPC and RPC locater services have expected settings HKEY_Local_Machine\Software\Microsoft\Rpc\ClientProtocols missing ncacn_nb_tcp on Windows 20003 server (added) Portqry reports okay Firewall disabled netdom resetpwd (and reboot) on Windows 2000 server.

Read the article
How useful is mounting /tmp noexec?

- by Novelocrat

Many people (including the Securing Debian Manual) recommend mounting /tmp with the noexec,nodev,nosuid set of options. This is generally presented as one element of a 'defense-in-depth' strategy, by preventing the escalation of an attack that lets someone write a file, or an attack by a user with a legitimate account but no other writable space. Over time, however, I've encountered arguments (most prominently by Debian/Ubuntu Developer Colin Watson) that noexec is a useless measure, for a couple potential reasons: The user can run /lib/ld-linux.so <binary> in an attempt to get the same effect. The user can still run system-provided interpreters on scripts that can't be run directly Given these arguments, the potential need for more configuration (e.g. debconf likes an executable temporary directory), and the potential loss of convenience, is this a worthwhile security measure? What other holes do you know of that enable circumvention?

Read the article
What do you think about RefactoringManifesto.org?

- by Gan

Quite some time ago, on December 19 2010, a site called RefactoringManifesto.org was launched. The site is to voice concerns about refactoring. It lists ten main points as shown below (head over the website to see more details): Make your products live longer! Design should be simple so that it is easy to refactor. Refactoring is not rewriting. What doesn't kill it makes it stronger. Refactoring is a creative challenge. Refactoring survives fashion. To refactor is to discover. Refactoring is about independence. You can refactor anything, even total crap. Refactor – even in bad times! What do you think about this? Would you sign the manifesto? If not, why?

Read the article
Does anyone do hardware benchmarks on compiling code?

- by Colen

I've seen a bunch of sites that benchmark new hardware on gaming performance, zipping some files, encoding a movie, or whatever. Are there any that test the impact of new hardware (like SSDs, new CPUs, RAM speeds, or whatever) on compile and link speeds, either linux or windows? It'd be really good to find out what mattered the most for compile speed and be able to focus on that, instead of just extrapolating from other benchmarks.

Read the article
SQL Profiler Through StreamInsight Sample Solution

In this postI show how you can use StreamInsight to take events coming from SQL Server Profiler in real-time and do some analytics whilst the data is in flight. Here is the solution for that post. The download contains Project that reads events from a previously recorded trace file Project that starts a trace and captures events in real-time from a custom trace definition file (Included) It is a very simple solution and could be extended. Whilst this example traces against SQL Server it would be trivial to change this so it profiles events in Analysis Services. Enjoy.

Read the article
GParted tells me my partition has 1.30 GiB used space but I cannot access its contents

- by reprogrammer

I've a ext4 partition (/dev/sda7) for my Linux. And, another (/dev/sda5) for keeping my data. When I installing Ubuntu 10.04 LTS, I set the mount point of /dev/sda5 to "/" and that of /dev/sda5 to "/data". GParted tells me that 1.30 GiB out of 70.12 GiB of /dev/sda5 has been used up. But, the mounted directory "/data" is empty. So, it looks like that my data is there but I cannot access it. Besides, when I set the mount point, I didn't check the "format" box. So, it shouldn't have been formatted. How can I check whether the partition has been formatted? How can I recover my files?

Read the article
Firefox: getting access to the list of tabs/windows to restore on startup

- by robb

Sometimes Firefox fails to restore the previously open tabs/windows. This might be happening when some of the URLs to be opened are no longer reachable (e.g. behind a VPN) or after the underlying OS (Windows) has been forcibly restarted (e.g. to complete an automated patch installation). Anyway, after restarting, can this list of URLs be recovered somehow? Say for example, I was daft enough to have clicked on "start new session". Can I still get access to the old list of open URLs? There is the browser history of course, but it contains a lot of stuff - the URLs that were open when Firefox last exited are not obvious. It would be neat if they were marked in some way - tagged for example.

Read the article
Inexpensive degaussers or HDD shredders?

- by Nicholas Knight

I do a lot of work for a small cash-strapped business that has a lot of active hard drives, most are consumer-grade SATA of about five years of age, and predictably they are dying at an increasing rate, and a lot of the time they can't even be detected, let alone complete a zero-out cycle. Right now those drives are just being stored, but that can't continue forever. We've got a couple bad LTO tapes it'd be nice to deal with, too. There are very real security and legal issues that make dropping them off with someone who claims they'll be properly destroyed a gamble. I've looked around at degaussers and HDD shredders, and the ones that don't look like they come from some guy in his basement all seem to be $3000+, which is hard to swallow right now. Is there anything out there in the $500-1500 range that you would recommend? (Speed isn't a big issue, if it takes several minutes or even hours per drive, that's completely OK, we've only got 10 or so thus far.)

Read the article
Suggestions on providing HA access to an external (fibre) RAID subsystem

- by user145198

We are looking at upgrading our storage capacity with an external RAID subsystem that has redundant (2) fibre controllers, each controller has 4 x 8 Gbps fibre ports. I would like to make access to this storage system occur via HA Linux. Ideally I would connect 2 fibre ports from each controller into each Linux server, and then export either NFS or iSCSI via a 10 Gbe interface. I have seen plenty of references to DRBD, however all of those references tend to use block storage that is solely attached to each machine, rather than having a shared block storage device, so I am unsure if DRBD could (or should) be used in this case. Ideas?

Read the article
Netgear VPN can't access specific server

- by Critologist

I have a Netgear FVS318N configured with a VPN. I'm trying to access my call recorder with the provided software from another office. I've already setup the VPN connection, and it works. I can connect and ping the remote router and a few other things on the network. However, I can't ping or connect to my call recorder. If I move outside of the office network (i.e. connect directly to the cable modem or via a mobile hotspot), I can connect and ping the call recorder just fine. The office has a simple Linksys WRT54G router and is using AT&T Uverse. The remote location is using Charter Cable with a Netgear FVS318N. Has anyone ever encountered anything like this before? I've setup an identical VPN previously for a different client using similar hardware and never encountered this. Thanks in advance!

Read the article
Restrict access to SSH for one specific user

- by j0nes

I am looking for a way to secure my servers with the following setup: I have a server where I can log in via SSH. The main account there (named "foo") is secured by a keybased login with password. I have another user account (named "bar") that I use to log in via cronjobs running on other servers - this one also has keybased login, but without password. Now I want to limit access to this machine for the "bar" account. The account should only be accessible via known IPs. However, the "foo" account should not be affected by this, this one should basically be accessible from any IP. How can I manage this? Or is there a simpler solution to everything?

Read the article
Server refusing access from every host except itself

- by mezamashiman

I have media content on a hosted server that I want to be accessed by another domain. In the configuration file, even if I "Allow from all," all hosts except itself will fetch the hosting company's generic landing page, which puzzles me. I test it with curl, with the command: curl -H "Host: anything.com" http://mydomain.com and it just shows the hosting company's page. If I do: curl -H "Host: mydomain.com" http://mydomain.com it will show my content. How do I allow other hosts to access my content? I thought it would work with "Allow" in .htaccess, but it doesn't.

Read the article
Is having 'Util' classes a cause for concern? [closed]

- by Matt Fenwick

I sometimes create 'Util' classes which primarily serve to hold methods and values that don't really seem to belong elsewhere. But every time I create one of these classes, I think "uh-oh, I'm gonna regret this later ...", because I read somewhere that it's bad. But on the other hand, there seem to be two compelling (at least for me) cases for them: implementation secrets that are used in multiple classes within a package providing useful functionality to augment a class, without cluttering its interface Am I on the way to destruction? What you say !! Should I refactor?

Read the article
Google déploie Android 4.2 et publie son code source ainsi que son SDK

Fuite des fonctionnalités d'Android 4.2 : nouveau Google Play, gestion du multi-utilisateur et contrôle parental Google a récemment envoyé des invitations à la presse pour un évènement Android le 29 octobre prochain à New York. Au cours de cet évènement, l'éditeur pourrait dévoiler Android 4.2, une mise à jour mineure de la version 4.1, Jelly Bean. Cette nouvelle a laissé place à des rumeurs qui viennent dévoiler quelques-unes des nouvelles fonctionnalités et améliorations qu'apportera cette version d'Android. Selon le site spécialisé Android Police, la prochaine mise à jour de l'OS mobile de Google apportera une nouvelle version de la galerie d'applications...

Read the article

< Previous Page | 290 291 292 293 294 295 296 297 298 299 300 301 | Next Page >