Search Results

Search found 120608 results on 4825 pages for 'code access security'.

Page 362/4825 | < Previous Page | 358 359 360 361 362 363 364 365 366 367 368 369 | Next Page >

Most secure way of connecting an intranet to an external server

- by Eitan

I have an internal server that hosts an asp.net intranet application. I want to keep it completely and utterly secure and private however we need to expose some information through a WCF service to another server which hosts our external websites which CAN be accessed by the public. What is the best way to pass information between the two servers with regards to an IT setup, while keeping the intranet in house server completely secure and inaccessible? I've heard VPN was the way to go but I wanted to be sure this was the safest way. Another question what would be the most secure way of passing data in the WCF service?

Read the article
How to "flush tor circuit"

- by Jack

On Windows I have used XBBrowser, which provides a custom version of Firefox suited to using Tor. XBBrowser provides a button, flush tor circuit, which will setup an entirely new connection and exit node. I am wondering how to do the equivalent thing on Linux. ALl I can do is restart tor, which does not seem to make any difference. So, on Linux, how would I flush the circuit?

Read the article
How Do Online Virus Scanners Work?

- by user185812

I have seen a lot on free online virus scanners available online lately. I was considering trying one of them out, but I have a question. If I have company word documents, excel spreadsheets, etc on my computer, do these scanners just take a copy of everything on my hard drive, put it on their server, and search through them? Or do they just use virus definitions and scan through my computer without taking a copy of all my data?

Read the article
Other user SSHed from my hardware

- by Alex

While logged into our HPC cluster I used w to check out who else was logged in. I happened to notice that it looks like there's another user logged in from my (personal) computer; 19:04:47 up 40 days, 6:39, 44 users, load average: 0.10, 0.14, 0.18 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT ME pts/4 zerg.neuron12. 18:55 0.00s 0.09s 0.04s w SOMEONE_ELSE pts/35 zerg.neuron12. Sat14 2:27m 0.08s 0.08s -bash Is this something I should be worried out - I tried to kill the other session but had a permission denied message. Is it possible we just both have the same hardware name? I'd have thought that if this were the case the server would give one of us a different name (e.g. zerg1) when we logged in to prevent confusion. This is not an area I have any experience with, so any advice would be greatly appreciated!

Read the article
Setting up fail2ban to ban failed phpMyAdmin login attempts

- by Michael Robinson

We've been using fail2ban to block failed ssh attempts. I would like to setup the same thing for phpMyAdmin as well. As phpMyAdmin doesn't log authentication attempts to a file (that I know of), I'm unsure of how best to go about this. Does a plugin / config exist that makes phpMyAdmin log authentication attempts to a file? Or is there some other place I should look for such an activity log? Ideally I will be able to find a solution that involved modifying fail2ban config only, as I have to configure fail2ban with the same options on multiple servers, and would prefer not to also modify the various phpMyAdmin installations on said servers.

Read the article
Connect iPad to windows 7 VPN

- by Linuz

My iPad keeps spitting out the error: "A connection could not be established to the PPP server." I am trying to connect it to a VPN I set up with Windows 7 as an incoming connection. On the iPad, I went into the VPN settings, added a new PPTP VPN with the following information Server: Windows 7 Computer's IP RSA SecurID: OFF Account: Account Username Password: Account Password Encryption Level: Auto Send All Traffic: ON Proxy: Off Now I know that it is making some connection to the Windows 7 Computer because whenever I intentionally put in the wrong VPN password on the iPad, it makes me put in the correct one before trying to connect again. All the ports are forwarded on my router for PPTP, and my Windows 7 Firewall is even off to try to get this to work. Any help would be greatly appreciated, thanks.

Read the article
WMI Remote connection objsWbemLocator.ConnectServer

- by Sam

I have an issue when connecting to remote machines using the following: Set objWMIService = objSWbemLocator.ConnectServer _ (sIP, "root\CIMV2", strUser, strPassword, "MS_409", "ntlmdomain:" + sDomain, 128) the problem is that some machines are not timing out and the process hangs. Is there a way to cancel the connect and continue with the next ip? I'm using vbscript. Thanks, Sam

Read the article
MAC and PC problems on home network

- by tombull89

Hello! At home we have a wireless router that my family want to use. We have our main computer physically connected to the router, and my laptop is connected wirelessly. When the network is like this then it is faultless. However, when my brother introduces is Apple MAC into the equation, both my laptop and the family machine gets all sorts of problems, primarily long load times and timeouts. The MAC, however, works fine. I think I've read something here or SF about a MAC continusly pinging a router which times it out, but I've not found any solution so far. Router: Belkin F5D7634uk4A-H Home Computer: XP SP3 My Laptop: Windows 7, Ultimate Mac: 13" Macbook Pro, Snow Lepoard

Read the article
Is it possible to detect nearby Wi-Fi enabled devices, not necessarily on the same network? [closed]

- by Sky

first question on StackExchange ever. I hope I got the right board. I'm trying to create a device (either from a standard AP or some other unconventional means) that will be able to detect nearby Wi-Fi enabled devices. For example, if a cellular phone (iPhone for instance) would be carried into the secured area, its MAC address will be logged. A cellular phone is a good example because it's the most common threat that should be detected. Some important points: The detection can be either active or passive, doesn't matter. The detected device might be connected to a different network, or might not be connected to anything at all. I assume most cellular phones are actively probing when not connected, but I'm not sure. It is important to not only identify the breach, but also to identify the device (MAC address). Conventional hardware is only optional. Distance of detection is at least 6 meters (20 feet). Handling one device at a time is good. Speed of detection is important, under 5 seconds is ideal. So my question is, is this even possible? If so, what can I use in order to make this a reality? Thank you for reading!

Read the article
Easiest way to send encrypted email?

- by johnnyb10

To comply with Massachusetts's new personal information protection law, my company needs to (among other things) ensure that anytime personal information is sent via email, it's encrypted. What is the easiest way to do this? Basically, I'm looking for something that will require the least amount of effort on the part of the recipient. If at all possible, I really want to avoid them having to download a program or go through any steps to generate a key pair, etc. So command-line GPG-type stuff is not an option. We use Exchange Server and Outlook 2007 as our email system. Is there a program that we can use to easily encrypt an email and then fax or call the recipient with a key? (Or maybe our email can include a link to our website containing our public key, that the recipient can download to decrypt the mail?) We won't have to send many of these encrypted emails, but the people who will be sending them will not be particularly technical, so I want it to be as easy as possible. Any recs for good programs would be great. Thanks.

Read the article
Good way to run commands on remote computer without its own public-facing IP address (Linux Centos)

- by Chris Dutrow

Have a few computers running Linux Centos 6.4. They are connected to an unmanaged switch, which in turn, is connected to a router (Verzion Fios issue). What is a good way to "log in" to one of the computers so that I can run commands? Do I need to use SSH, or something different? Since the computers do not have their own public-facing IP addresses, do I need to set up some kind of port forwarding within the router? What is a simple, reliable way to accomplish this? Thanks so much!

Read the article
Configuring port forwarding for SSH - no response outside LAN

- by WinnieNicklaus

I recently moved, and at the same time purchased a new router (Linksys E1200). Prior to the move, I had my old router set up to forward a port for SSH to servers on my LAN, and I was using DynDNS to manage the external IP address. Everything worked great. I moved and set up the new router (unfortunately, the old one is busted so I can't try things out with it), updated the DynDNS address, and attempted to restore my port forwarding settings. No joy. SSH connections time out, and pings go unanswered. But here's the weird part (i.e., key to the whole thing?): I can ping and SSH just fine from within this LAN. I'm not talking about the local 192.168.1.* addresses. I can actually SSH from a computer on my LAN to the DynDNS external address. It's only when the client is outside the LAN that connections are dropped. This surely suggests a particular point of failure, but I don't know enough to figure out what it is. I can't figure out why it would make a difference where the connections originate, unless there's a filter for "trusted" IP addresses, which is perhaps just restricted to my own. No settings have been touched on the servers, and I can't find any settings suggesting this on the router admin interface. I disabled the router's SPI firewall and "Filter anonymous traffic" setting to no avail. Has anyone heard of this behavior, and what can I do to get past it?

Read the article
robot hammering apache2

- by user1571418

My apache2 log is bombarded with lines like: 108.5.114.118 - - [03/Aug/2012:15:23:28 +0200] "GET http://xchecker.net/tmp_proxy2012/http/engine.php HTTP/1.0" 404 1690 "http://xchecker.net/tmp_proxy2012/http/engine.php" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; Win 9x 4.90)" I am puzzled by this -- why is a request for some weird xchecker.net domain ending up on my server in the first place?! The request comes every few dozens of seconds, must be a robot. Any ideas what it is? Btw that URL is valid -- apparently it contains some test page...

Read the article
Configure Windows firewall to prevent an application from listening on a specific port

- by U-D13

The issue: there are many applications struggling to listen on port 80 (Skype, Teamviewer et al.), and to many of them that even is not essential (in the sense that you can have a httpd running and blocking the http port, and the other application won't even squeak about being unable to open the port). What makes things worse, some of the apps are... Well, I suppose, that it's okay that the mentally impaired are being integrated in the society by giving them a job to do, but... Programming requires some intellectual effort, in my humble opinion... What I mean is that there is no way to configure the app not to use specific ports (that's what you get for using proprietary software) - you can either add it to windows firewall exceptions (and succumb to undesired port opening behavior) or not (and risk losing most - if not all - of the functionality). Technically, it is not impossible for the firewall to deny an application opening an incoming port even if the application is in the exception list. And if this functionality is built into the Windows firewall somewhere, there should be a way to activate it. So, what I want to know is: whether there exists such an option, and if it does how to activate it.

Read the article
Change the number of consecutive frequent ssh login before temporary blocking the user login

- by Kenneth

my server currently would temporarily refuse a user to login for certain amount of time (maybe ~20min) if the user consecutively frequent ssh login for 3 times. Can I change this behaviour (say relaxed the definition of frequent maybe from 'within 5 sec' to 'within 10 sec'; or increase the # of consecutive login from 3 to 5)? Thanks. Added: Ah.. now I think the problem was not with the ssh. I just tried on another newly installed server. consecutive successful login won't block the user. I have no sudo permission on the server I mentioned above. Now I suspect this behaviour may cause by the firewall in the system. Thanks everyone's comments. ADDED 2: Ah... after some searches. I think the server is using /sbin/iptables to do it as I can see the iptables program is there even though I don't have permission to list the rules. Thanks everyone, special thank to jaume and Mark!

Read the article
the right way to do deployment with capistrano

- by com

I look for good practices for deploying with capistrano. I would like to start out with a short description how I used to do deployment. capistrano is installed locally on a developer's computer. I deploy thought gateway with capistrano option :gateway. Firstly, I thought that with :gateway option I need to have ssh connection only to gateway host, but it turns out that I need ssh connection (public key) to all hosts where I want to deploy to. I would like to find a convenient and secure way to deploy application. For example, in case when new developer starts working, is much more convinient to put his *public_key* only on gateway server and not on all applications servers. On the other hand I don't want him to have any connection to servers in particular ssh to gateway, just because he is developer, he needs to do only deployments. If you are aware of good practices for deploying with capistrano, please, let us know.

Read the article
Functional implications of differences in SSL and TLS

- by Randell

I know that TLS is essentially a newer version of SSL, and that it generally supports transitioning a connection from unsecured to secured (commonly through a STARTTLS command). What I don't understand is why TLS is important to an IT Professional, and why given the choice I would pick one over the other. Is TLS really just a newer version, and if so is it a compatible protocol? As an IT Professional: When do I use which? When do I not use which?

Read the article
How to wipe an IPod with DBAN

- by Matt Powers

I'm looking to use a utility such as Darik's Boot And Nuke (www.dban.org) to wipe my iPod (classic fifth generation) so I can sell it on Ebay (without having to worry about my data being recovered.) Any suggestions on how to do this?

Read the article
Remotely turn on a device that is powered off?

- by njboot

Verbatim from the interview between Brian Williams and Edward Snowden last night: Snowden: Any intelligence service in the world that has significant funding and a real technological research team can own that phone [refering to Williams' iPhone] as soon as it connects to a network; it can be theirs. Williams: Can anyone turn it on remotely if it's off? Snowden: They can absolutely turn it on with the power turned off on the device. I concede Snowden's first point, fine. But the last? Does Snowden's last claim, that a powered off mobile device can be remotely turned, have any merit? It seems highly improbable and seemingly impossible.

Read the article
Determining who is running with administrator rights?

- by Alex C.

I work at a small non-profit organization with about 55 desktop PCs running Windows XP Pro. The domain controller is running Windows Server 2003. I have a two-part question (note that I'm a bit of a newb when it comes to network administration). Part 1: Is there some simple way that I can determine which accounts are logged in with administrator rights? Part 2: Is there a way that I can remove administrator rights from users without sitting down at each individual machine? Thanks for considering my questions.

Read the article
(200 ok) ACCEPTED - Is this a hacking attempt?

- by Byran

I assume this is some type of hacking attempt. I've try to Google it but all I get are sites that look like they have been exploited already. I'm seeing requests to one of my pages that looks like this. /listMessages.asp?page=8&catid=5+%28200+ok%29+ACCEPTED The '(200 ok) ACCEPTED' is what is odd. But it does not appear to do anything. I'm running on IIS 5 and ASP 3.0. Is this "hack" meant for some other type of web server?

Read the article
phpmyadmin login should not expire on ubuntu 10.04

- by mit

On ubuntu 10.04 the phpmyadmin config is a little bit scattered. I want to set the loginexpiration time to zero, should never expire, this is a secured setup behind a firewall. I think it is 3600 by default but cannot find the setting. Where is it? Edit: I actually changed it in /etc/phpmyadmin/conf.inc.php which seems the recommended place for ubuntu. The other files mentioned below might be overwritten on updates.

Read the article
Configuring port forwarding for SSH - no response outside LAN [migrated]

- by WinnieNicklaus

I recently moved, and at the same time purchased a new router (Linksys E1200). Prior to the move, I had my old router set up to forward a port for SSH to servers on my LAN, and I was using DynDNS to manage the external IP address. Everything worked great. I moved and set up the new router (unfortunately, the old one is busted so I can't try things out with it), updated the DynDNS address, and attempted to restore my port forwarding settings. No joy. SSH connections time out, and pings go unanswered. But here's the weird part (i.e., key to the whole thing?): I can ping and SSH just fine from within this LAN. I'm not talking about the local 192.168.1.* addresses. I can actually SSH from a computer on my LAN to the DynDNS external address. It's only when the client is outside the LAN that connections are dropped. This surely suggests a particular point of failure, but I don't know enough to figure out what it is. I can't figure out why it would make a difference where the connections originate, unless there's a filter for "trusted" IP addresses, which is perhaps just restricted to my own. No settings have been touched on the servers, and I can't find any settings suggesting this on the router admin interface. I disabled the router's SPI firewall and "Filter anonymous traffic" setting to no avail. Has anyone heard of this behavior, and what can I do to get past it?

Read the article
mysql remote connection [closed]

- by Fel

I spoke with my host supporter to find what is my sql hostname. He said that the only way is add permissions in mysql remote (cpanel) to my actual ip. So the config in heidiSQL for example will be localhost userxxx passxxx But i have a dynamic ip, so i need to change the permissions every time, correct? Add the flag % probably is not a good idea, so how can I solve this problem? Why I dont have something like mysql.something.com ? Sorry, if this question is too basic.

Read the article
Is there a serious issue with setting the SUID bit on tcpdump?

- by Dean

I'm running tcpdump on a remote machine, and piping the output to Wireshark on my local machine over SSH. In order to do this, I had to set the SUID bit on tcpdump. For background, the remote machine is an Amazon EC2 running "Amazon Linux AMI 2012.09". On this image, there is no root password, and it is not possible to log in as root. You can't use sudo without a TTY, and therefore you have to set the SUID. What are the practical risks of setting this bit on tcpdump? Is there any need to be paranoid? Should I unset it whenever I'm not capturing?

Read the article

< Previous Page | 358 359 360 361 362 363 364 365 366 367 368 369 | Next Page >