Search Results

Search found 120608 results on 4825 pages for 'code access security'.

Page 316/4825 | < Previous Page | 312 313 314 315 316 317 318 319 320 321 322 323 | Next Page >

display internet usage agreement before users can use internet

- by Force Flow

I was looking for a way to display a usage agreement page in browsers that users must agree to before they are allowed to access the internet. This would be for users on public computers and public/open wifi. I'm using a sonicwall firewall which does support this feature, however, there is a rediculously low character limit which makes it impractical to use. I thought about setting the browser's homepage to a usage agreement page, but that can easily be bypassed by navigating to somewhere else. Are there any other approaches that may be worth considering? There is currently no server in place on the public network, though I can set one up if need be.

Read the article
Windows 7 : Any way to disable "show caracter" in WIFI network properties?!

- by Fox

Hi everyone, Here's my issue. I'm working in a school as IT Tech and I'm currently planning to roll out Windows 7 on students laptop. The issue is : When you go to the properties of a WIFI network, you have the fields to input the WIFI key, WPA2 key here in my case, and you also have a checkbox that allow you to "unmask" the caracters of the wifi key. This is actually the problem. Anyone who can access the WIFI network properties, will be able to see the WIFI key, which is really an issue in a school envrironnement where student are all eager to get the key for their precious IPod Touch, what I don't want to happen for obvious reasons... So, is there a way to disable that checkbox or else, make the field cleared out when the checkbox is checked, just like it was on Windows XP or Vista? Thanks all for your answer.

Read the article
Exchange 2010 SP2 Not Allowing Logon for Users with Expired Passwords

- by JJ.

When we provision users we set the "User must change password at next logon" flag and instruct them to go to OWA to login for the first time and change their password. Using the registry setting ChangeExpiredPasswordEnabled as explained here: http://technet.microsoft.com/en-us/library/bb684904.aspx worked well prior to SP2 installation. This allows users with 'expired' passwords to logon and forces a password change before they can access OWA. We just installed Exchange 2010 Service Pack 2 and now it's no longer working. Users with this flag set ('expired' passwords) can't login in at all unless we clear the flag. FYI here's the registry key configuration as set now with SP2 installed: Any suggestions as to how I might fix this? Or did MS break this feature in Service Pack 2?

Read the article
SFTP File Restrictions.

- by The Rook

Is it possible to use SFTP on Linux and restrict a user account to ONE directory such that no other directory listing can be obtained? Yes, I must use SFTP, FTP is only used by people that love getting hacked. For instance I want someone to modify files in /var/www/code/ but I don't want them to be able modify anything else. I don't even want them to see the contents /tmp/. (I will accept a "quick and dirty" solution, as long as it is secure.)

Read the article
Can I set up OpenVPN on two or more machines so that they can each act as client and server?

- by ianfuture

The question summarises what I want to achieve. In more detail: I have a Windows XP Pro PC at a work location that I want to be able to access my home Windows XP Pro PC and other home computers from. But I also want to be able to connect to the work PC from home. I think the term generally used is a "mesh" network. Can I do this with OpenVPN ? If so how would I do it? What are the most important things to remember to do? EDIT: The work Windows XP Pro PC is largely managed by IT Dept, I do have local admin rights to install things. Some settings are disabled. My main concern was firewalls and port forwarding on the work PC. Any suggestions?

Read the article
Powershell and long-running external tools?

- by leeand00

I'm trying to compact a MS-Access database using JetComp.exe using a powershell script. Here is the operative lines: # 4. Run JetComp LogWrite("Begin: Running JetComp") .\JETCOMP.EXE -src: $srcDB -dest: $dstDB | Out-Null #Run this command and wait for it to finish... IfErrorExit("Error Compacting Database") LogWrite("End: Running JetComp") The JETCOMP.EXE program seems to complete long before it is actually finished and the $dstDB ends up being smaller than the compact should even make it. Initially ($srcDB) it's about 1.8 GB and by the time the command finishes it's about 300,000 kb (about 0.29 gb) that's a pretty long way off from 1.8 gb which when compacted manually ends up being about 1.6 gb. Is there some sort of timeout I don't know about in powershell scripts? P.S. I know that when running JETCOMP.EXE manually, that the system often detects it as "not responding" even though it's actually getting the job done, and waiting long enough will allow it to complete.

Read the article
china and gmail attacks

- by doug

"We have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists. Based on our investigation to date we believe their attack did not achieve that objective. Only two Gmail accounts appear to have been accessed, and that activity was limited to account information (such as the date the account was created) and subject line, rather than the content of emails themselves.” [source] I don't know much about how internet works, but as long the chines gov has access to the chines internet providers servers, why do they need to hack gmail accounts? I assume that i don't understand how submitting/writing a message(from user to gmail servers) works, in order to be sent later to the other email address. Who can tell me how submitting a message to a web form works?

Read the article
Revert "Deny" permissions in Windows 7

- by saurabhj

I made a very dumb mistake and I am hoping there is a way to fix this without having to boot in through a Linux Live CD and extracting the data. My user login to my Windows 7 system is: John John is part of the Administrator's group. I have a folder called "C:\Users\John" I tried to make this folder accessible to ONLY John (and deny from all other Administrators) by going to the Folder, Right Click Secturity tab and then selecting all the checkboxes under "Deny" while having selected the "Administrators" group. As a result, I cannot access this folder from any of the accounts: "John" and "Administrator" as both of them belong to the Administrators groupd and deny permissions out-weigh the "Allow Permissions" Is there any way I could revert this back? Thanks a million!

Read the article
Configuring Server with no monitor

- by Scandalist

Sitting in front of me is an HP DL 380 Generation 4 with no monitor. I'd like to install an OS on the thing but for reasons obvious, I can't. I got excited when I found the ILO port on the back but unless you have a subscription it has limited functionality. I was thinking maybe there was some software out there that booted into some kind of remote access server? When I tested it with a monitor (A friends) I set the BIOS to boot from USB so anything I can load onto a stick should boot. Ideas? Hacks?

Read the article
How secure is Remote Desktop from Mac OS X to Windows Server 2003?

- by dwhsix

It's unclear to me exactly how secure Remote Desktop access from Mac OS X to a Windows Server 2003 machine is. Is the communication encrypted by default? What level of encryption? Are there best practices for making this as secure as possible? I found http://www.mobydisk.com/techres/securing_remote_desktop.html but it's unclear how much of that is still relevant for current versions of RDP and Windows Server. I know I can tunnel RDP over ssh, but is that overkill or redundant?

Read the article
secure email crashes outlook 2007

- by Josh

I have a number of secure emails sent to my outlook 2007 client. most arrive fine and display the prompt with regards to granting access to the certificate and then open. today i received two that when i try and open them they crash outlook. i have tried restarting outlook and my computer. please can you give me some ideas of what it could be or how i can troubleshoot this issue. i am working on Vista Utlimate x64. thanks. Josh

Read the article
Setting up routing for MS DirectAccess to a VMWare EsXi Host

- by Paul D'Ambra

I'm trying to set up DirectAccess on a virtual machine so I can demonstrate it's value and then if need be add a physical machine to host it. I'm hitting a problem because the Direct Access machine (DA01) needs to have 2 public addresses actually configured on the external adapter but there is a Zyxel Zywall USG300 between the VMware ESXi host and the outside world. I've summarised my setup in this diagram If I ping from the LAN to 212.x.y.89 I get a response but if I ping from the VM I get destination host unreachable. I used "route add 212.x.y.89 192.c.d.1" and get request timed out. At that point I see outbound traffic allowed on the Zyxel firewall but nothing coming back. I'm past my understanding of routing and VMWare so am not sure how to tie down where my problem lies (or even if this setup is possible). So any help massively appreciated. Paul

Read the article
How to create a user account for a child in Linux Mint?

- by zenstealth

Recently I have renovated an old computer which once belonged to my dad (the old HDD crashed, and I just bought a new one to replace it). My parents want me to fix this computer for my 5-year-old sister to use. I decided to use Linux Mint as the OS because everything (flash, mp3, etc.) is already configured. How do I create a user account in Linux Mint with limited access for my sister, so that it won't mess up the entire system? All she does is surf the web, so I'm just worried that she might accidentally mess up a system setting that I eventually will have to fix it.

Read the article
kinit gives me a Kerberos ticket, but no AFS token

- by Tomas Lycken

I'm trying to setup access to my university's IT environment from my laptop running Ubuntu 12.04, by (mostly) following the IT-department's guides on AFS and Kerberos. I can get AFS working well enough so that I can navigate to my home folder (located in the nada.kth.se cell of AFS), and I can get Kerberos working well enough to forward tickets and authenticate me when I connect with ssh. However, I don't seem to get any AFS tokens locally, on my machine, so I can't just go to /afs/nada.kth.se/.../folder/file.txt on my machine and edit it. I can't even stand in /afs/nada.kth.se/.../folder and run ls without getting Permission denied errors. Why doesn't kinit -f [email protected] give me an AFS token? What do I need to do to get one?

Read the article
Monitoring remote laptops

- by kaerast

We're looking for something to monitor around 30 remote laptops that are constantly out on the road, never returning to base except for when there are serious hardware faults that need repairing. These laptops won't always be connected to the internet, they'll have mobile broadband and may work offline most of the time. They will be running a mixture of Windows XP, Vista and 7 and there is currently no server setup. We're primarily interested in making sure that Windows Updates and antivirus updates are happening, and I guess we should also be monitoring remaining disk space, what software is installed and ideally hardware health. It might also be nice if we could gain remote access to perform work on them. My main reason for wanting to monitor them is that it's going to be a real pain to get them back to base if anything goes wrong, so I want to be proactive in ensuring they last as long as possible. Can you recommend what I should be monitoring to ensure a long life? What tools would you use to monitor and maintain these computers?

Read the article
Blocking IP Range in .htaccess Problem

- by Pedro

Hi, I'm trying to block the access of one of my webapps using IP Filter in the .htaccess, the problem is that after updating the file with: order allow,deny deny from 58.14.0.0/15 allow from all I get the folowing error: Internal Server Error The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the server administrator, [email protected] and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log. What is wrong? Regards, Pedro

Read the article
How to create chroot jail with ability to change some system settings

- by Tadeck

How to properly create chroot jail (on Ubuntu, or some some other Linux if not applicable) to make user able to edit system settings (eg. with ifconfig) and be able to communicate with external scripts? The use case would be to enable user to authenticate using SSH and then be able to perform very limited set of actions from command line. Unfortunately the tricky part is the access to system settings. I have considered multiple options and the alternative is to setup fake SSH server (eg. with Twisted), try to use restricted shell (however, I seem to need chroot still), or write a script on top of the shell (?).

Read the article
Install remote desktop session host remotely

- by Jorge

I've removed the remote desktop host role from one of my Azue VM, so I can't RDP into it. I have tried to recreate the endpoints and even the VM with no luck. I can't either access remotely with Server Manager; getting this error: The client cannot connect to the destination specified in the request. Verify that the services on the destination is running" I cannot connect remotely to the registry Make sure this computer is on the network, has remote administration enabled, and that both computers are running the remote registry service PsPing tells me The remote computer refuses the network connection Which workaround can I follow to solve this?

Read the article
TeamViewer - only allow domain logins

- by BloodyIron

I recently started a Systems Admin job where teamviewer is used pretty frequently here. Another admin recently left, and the concern is they still have access to all our systems due to how teamviewer works. I want to migrate the entire environment to domain authentication. The documentation shows that setting up windows auth (domain) is easy, but I want to be sure that it is the only way to be authenticated with a teamviewer session here. I cannot yet find anything which explicitly says this. We have licensing for teamviewer 5 and 6, I think. Right now we have 7 in the environment, but I think most are in a trial version, so I am likely to revert to 5 or 6.

Read the article
How to protect an OS X Server from an anautorized physical connection?

- by GJ

Hi I have an OS X 10.6 server, which I administer via SSH and VNC (via SSH tunnel). I can't leave it at the login window since then VNC connections are refused. Therefore I currently leave it logged with my user account. Since it doesn't have a monitor attached, it doesn't go into screen saver mode, which means it doesn't require a password to retake control. This means it is very easy for anyone connecting a keyboard/mouse and monitor to take control of the system. The screen saver password protection, which I can't get to activate, unlike the system's login window, is perfectly compatible with VNC connections. How could I prevent such direct access to the server without connecting a monitor and without blocking my ability to connect with VNC? Thanks!

Read the article
Can't connect using Jail SFTP account

- by Fazal

I've been following this tutorial "Limiting Access with SFTP Jails on Debian and Ubuntu" and whilst I've had no errors setting it up, I've had issues on Ubuntu 10.04LTS logging in as a user on a virtualhost. I've changed my SSH port to 22022, and enter all the credentials when attempting to login. I ran these commands to add a user to the virtualhost: # useradd -d /srv/www/[domain] [username] # passwd [username] # usermod -G filetransfer [username] # chown [username]:[username] /srv/www/[domain]/public_html I should add that this is the only time I've setup the user they have no other /home directories or such. The directory that does exist is at /srv/www/example.com/public_html When I try using a desktop package such as cyberduck to login to the site, I keep getting a "Login failed with this username or password". I am completely lost as what to do next... The reason why I'm trying this method is because I want my clients to use SFTP and not FTP to upload files to their websites. Any help or direction is appreciated.

Read the article
LDAP for privilege control?

- by neoice

I've been wondering for a while if LDAP can be used to control user privileges. For example, if I have UNIX and web logins, is there an easy way to grant a user access to just or just UNIX (or even both?) My current attempt at solving this very problem was to create 'login' and 'nologin' groups, but this doesn't seem fine-grained enough to meet the ideas I have in my head. I'm also still in the situation where all UNIX users are web users, which isn't a problem so much as an indicator of the limitations. Does anyone have any input on this? Has this problem already been solved?

Read the article
What permissions / ownership to set on PHP Sessions Folder when running FastCGI / PHP-FPM (as user "nobody")?

- by Professor Frink

I'm having trouble getting a number of scripts running because PHP-FPM can't write to my session folder: "2009/10/01 23:54:07 [error] 17830#0: *24 FastCGI sent in stderr: "PHP Warning: Unknown: open(/var/lib/php/session/sess_cskfq4godj4ka2a637i5lq41o5, O_RDWR) failed: Permission denied (13) in Unknown on line 0 PHP Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/var/lib/php/session) in Unknown on line 0" while reading upstream" Obviously this is a permission issue; my session folder's owner/group is the webserver's user, NGINX. PHP-FPM runs as nobody though, and hence adding it to the nginx group is not so trivial. A temporary solution is to set the permissions of /var/lib/php/session to 777 - I have a feeling that's not the "best practice" though. What is the best practice when you need to assign a daemon write access to a folder, but it is running as nobody ?

Read the article
How to protect an OS X Server from an unauthorized physical connection?

- by GJ

Hi I have an OS X 10.6 server, which I administer via SSH and VNC (via SSH tunnel). I can't leave it at the login window since then VNC connections are refused. Therefore I currently leave it logged with my user account. Since it doesn't have a monitor attached, it doesn't go into screen saver mode, which means it doesn't require a password to retake control. This means it is very easy for anyone connecting a keyboard/mouse and monitor to take control of the system. The screen saver password protection, which I can't get to activate, unlike the system's login window, is perfectly compatible with VNC connections. How could I prevent such direct access to the server without connecting a monitor and without blocking my ability to connect with VNC? Thanks!

Read the article
Encrypt LAN and wifi traffic on small private network

- by Grimlockz

I need some advice about encrypt all traffic on a small private network running wi-fi and LAN traffic on 192.168.0.x network. The network would comprise of client laptops connecting to the wi-fi router (192.168.0.254) via ethernet connection or wireless. The main purpose of the server is for the client laptops to talk to two servers on different IP's (192.168.0.200 and 192.168.0.201) on ports 80 and 433. My main concern is having packet sniffers and what not getting access to the data. The only ways I see at the moment is to have VPN running on the network or use IPSec policy's to do this. Any other ways guys?

Read the article

< Previous Page | 312 313 314 315 316 317 318 319 320 321 322 323 | Next Page >