Search Results

Search found 120608 results on 4825 pages for 'code access security'.

Page 372/4825 | < Previous Page | 368 369 370 371 372 373 374 375 376 377 378 379 | Next Page >

Could local ISP capture my location whenever i launch a VPN to a VPN server?

- by Ozgun Sunal

I am extremely concerned that my ISP collects any information once I am connected to a VPN server. For instance, as far as I know, when I start a connection to a HotSpotShield VPN server, an IP address is assigned to me just before a successful connection. Besides, I'll be having an extra IP address at the beginning with the TAP Adapter. An encryption tunnel is set up between me and the VPN server. Whenever my request for a website reaches them (VPN server), they decrypt the data and later they encrypt the reply which returns from the web (targeted) server. This works like that. So, the ISP can not see what I am watching, displaying and writing because the connection is encrypted. But, the targeted websites see and record all actions. Still, they can not identify my real IP address. I'm really concerned about if the ISP can see "my location". OK, it has an IP address from another country as my real IP address, but how does my ISP detect the traffic going through them? Can they find out who I am? Won't they say "Hey, there is a traffic but who is and what he is doing right now?", because I get the Internet from them?

Read the article
Multiple *NIX Accounts with Identical UID

- by Tim

I am curious whether there is a standard expected behavior and whether it is considered bad practice when creating more than one account on Linux/Unix that have the same UID. I've done some testing on RHEL5 with this and it behaved as I expected, but I don't know if I'm tempting fate using this trick. As an example, let's say I have two accounts with the same IDs: a1:$1$4zIl1:5000:5000::/home/a1:/bin/bash a2:$1$bmh92:5000:5000::/home/a2:/bin/bash What this means is: I can log in to each account using its own password. Files I create will have the same UID. Tools such as "ls -l" will list the UID as the first entry in the file (a1 in this case). I avoid any permissions or ownership problems between the two accounts because they are really the same user. I get login auditing for each account, so I have better granularity into tracking what is happening on the system. So my questions are: Is this ability designed or is it just the way it happens to work? Is this going to be consistent across *nix variants? Is this accepted practice? Are there unintended consequences to this practice? Note, the idea here is to use this for system accounts and not normal user accounts.

Read the article
Which ports to open on domain vs internet

- by zsharp

I have a web server/database/domainController. I notice that ports 137 and 138 on the public IP AND private IP are open on all machines there are also other open ports on 0.0.0.0.(ie. 135, 2002) Can and should I close 137-139 on the public IP only? will that interfere with any services.

Read the article
Google Chrome suspicious connections

- by Poni

I'm using Chrome at Windows and with TCPView (of the SysInternals freeware suit) I see that chrome.exe establish connections to these IPs: 173.194.37.104 209.85.146.138 Using http://www.ipaddresslocation.org/ I check about these IPs and see they're related to Google. Now, in order to clarify, these are the exact things I do: Open up chrome, the default page is set to BLANK (i.e no homepage whatsoever). Then I get into my website which has a blank page, so no "other" http requests are made. Right from this point there is a persistent connection, usually to '173.194.37.104'. What are these?? Very suspicious.. Edit #1: - I'm in 'incognito' mode right from start, when launching Chrome, using a shortcut with the '-incognito' switch. - I've turned off all phishing protections and other "advance" features in order to reduce Chrome's network activity.

Read the article
Lastpass VS Sxipper. which one is better at their thing?

- by Fellknight

Well, i've been using sxipper for some time now, but recently came across lastpass. I can't tell which one is more secure or has a better functionality, sxipper however seems easier to use.

Read the article
Multiple SSIDs better or worse

- by swiss196

I'm just setting up a network in a student house with 10 rooms, 3 floors. Configuration at the moment is as follows: Virgin Media 100mb Cable Virgin SuperHub on ground floor broadcasting on SSID1 Second AP(Edimax) wired on middle floor broadcasting on SSID2 These two networks server all 3 floors fairly well but I was wondering whether it would be better to setup an individual SSID for each floor (both the routers allow me to configure up to 3 ssids on each!). Would this help with speed issues, i.e if someone on the top floor is downloading/streaming etc, this wouldn't affect someone on the middle floor on a different SSID Or, will it have no effect? Thanks, Dave

Read the article
Execute local script requiring arguments on Linux via plink

- by c_maker

Is it possible to execute (from windows) a local script with arguments on a remote linux system? Here's what I got: plink 1.2.3.4 -l root -pw mypassword -m hello.sh Is there a way to do this same thing, but able to give input parameters to hello.sh? I've tried many things, including: plink 1.2.3.4 -l root -pw mypassword -m hello.sh input1 input2 In this case it seems that plink thinks that input1 and input2 are its arguments.. which makes sense. What are my options?

Read the article
What will happen if I (accidentaly) pour a bucket of water inside my pc?

- by ULTRA_POROV

Is it dangerous what will happen to me and the PC? EDIT: It's a serious question, the other day i almost spilled a bottle of cola inside my pc (the case was open).

Read the article
Tools to Hide IP address for webapp

- by Jake Barti

I am looking out for a paid software where I can 'choose' an IP address from a different country and browse a site. So if I want to see how the site will look to US users, I should be able to choose the IP from US. We are building a web app that will be used in many countries and we want to make sure we test it before releasing. Any recommendations ?

Read the article
Recommend an SFTP solution for Windows (Server & Client) that integrates well with Dreamweaver

- by aaandre

Could you please recommend a secure FTP solution for updating files on a remote windows server from windows workstations? We would like to replace the FTP-based workflow with a secure FTP one. Windows Server 2003 on the remotely hosted webserver, WinXP on the workstations. We manage the files via Dreamweaver's built-in FTP. My understanding is Dreamweaver supports sFTP out of the box so I guess I am looking for a good sFTP server for Windows Server 2003. Ideally, that would not require cygwin. Ideally, the solution would use authentication based on the existing windows accounts and permissions. Thank you!

Read the article
Steps to make sure network is not blacklisted...Again

- by msindle

I have an interesting issue. I have a client that just got blacklisted due to spam being sent out over the last 2 days. I have my firewall configured to only allow mail to go outbound on port 25 from our mail server (Exchange 2010) exclusively and I have verified that there are no open relay's on our transport rules. We are running Vipre Business and after running deep scans with updated definitions all computers come back clean. I ran a message tracking report on our Exchange server that shows all mail sent via the mail server over the last couple of weeks and didn't see anything malicious or out of the ordinary. I have also verified that there are no home devices or rouge computers on the network. For all practical purposes it appears that the network is clean, but we still wound up on 5 or 6 blacklists...Where should I start looking next? Is there a "best practices" guide that can help eradicate this issue? Thanks in advance! msindle

Read the article
Using two Cisco Aironet 1100's

- by daniel

Is it possible to use two of these both providing connectivity to the same network name for additional signal by having one plugged into a hot data port and having the other only powered by the AC? It seems to have worked for one day, then it stopped and I have the middle light blinking, and the other "hot" one solid in the middle and flashing rapidly on the last light.

Read the article
Windows - How to remotely watch log files

- by weismat

I would like to look at some log files solely via the console on a standard Windows 7 machine. The logs are created by schedulded tasks and I find it a hazzle to use VNC for this purpose. What technology should I look at? Powershell, Cygwin via ssh or something else? The log files are written using log4Net - thus there might also be an easy way to reconfigure it to create events or something else for remote display.

Read the article
How do I format this regex so it will work in fail2ban?

- by chapkom

I've just installed fail2ban on my CentOS server in response to an SSH brute force attempt. The default regular expressions in fail2ban's sshd.conf file do not match any entries in audit.log, which is where SSH seems to be logging all connection attempts, so I am trying to add an expression that will match. The string I am trying to match is as follows: type=USER_LOGIN msg=audit(1333630430.185:503332): user pid=30230 uid=0 auid=500 subj=user_u:system_r:unconfined_t:s0-s0:c0.c1023 msg='acct="root": exe="/usr /sbin/sshd" (hostname=?, addr=<HOST IP>, terminal=sshd res=failed)' The regular expression I am attempting to use is: ^.*addr=<HOST>, terminal=sshd res=failed.*$ I've used regextester.com and regexr to try to build the regex. The testers give me a match for this regex:^.*addr=\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}, terminal=sshd res=failed.*$ but fail2ban-regex complains if I don't use the <HOST> tag in the regex. However, using ^.*addr=<HOST>, terminal=sshd res=failed.*$ gives me 0 matches. At this point, I am totally stuck and I would greatly appreciate any assistance. What am I doing wrong in the regex I am trying to use?

Read the article
Options for remote desktop software for helping remote users?

- by Nick G

I need an easy way to jump on someone elses machine to help them solve a problem. It needs to be really easy for them to install (preferably doesn't actually require an "install" but just running an exe?). It must punch through any firewalls automatically using a relay server or P2P (so Remote Desktop itself is no use to me). I've found commercial products like MeetMeNow but they're really expensive. I want something that you can either buy a cheap pack of sessions or minutes, or preferably something free. I'm not in the business of commerical support and would only use it once every couple of months perhaps.

Read the article
Restrict SSH user to connection from one machine

- by Jonathan

During set-up of a home server (running Kubuntu 10.04), I created an admin user for performing administrative tasks that may require an unmounted home. This user has a home directory on the root partition of the box. The machine has an internet-facing SSH server, and I have restricted the set of users that can connect via SSH, but I would like to restrict it further by making admin only accessible from my laptop (or perhaps only from the local 192.168.1.0/24 range). I currently have only an AllowGroups ssh-users with myself and admin as members of the ssh-users group. What I want is something that works like you may expect this setup to work (but it doesn't): $ groups jonathan ... ssh-users $ groups admin ... ssh-restricted-users $ cat /etc/ssh/sshd_config ... AllowGroups ssh-users [email protected].* ... Is there a way to do this? I have also tried this, but it did not work (admin could still log in remotely): AllowUsers [email protected].* * AllowGroups ssh-users with admin a member of ssh-users. I would also be fine with only allowing admin to log in with a key, and disallowing password logins, but I could find no general setting for sshd; there is a setting that requires root logins to use a key, but not for general users.

Read the article
QR vcard with a photo

- by Cayetano Gonçalves

I am about to get a ton of business cards printed from my new corporation, and I am allowed to have a QR code on it, and I would really like to be able to add a photo to be attached to the vcard. I know in the raw vcard you can add a photo like this: BEGIN:VCARD VERSION:4.0 N:Gump;Forrest;;; FN: Forrest Gump ORG:Bubba Gump Shrimp Co. TITLE:Shrimp Man PHOTO:http://www.example.com/dir_photos/my_photo.gif TEL;TYPE=work,voice;VALUE=uri:tel:+1-111-555-1212 TEL;TYPE=home,voice;VALUE=uri:tel:+1-404-555-1212 ADR;TYPE=work;LABEL="42 Plantation St.\nBaytown, LA 30314\nUnited States of America" :;;42 Plantation St.;Baytown;LA;30314;United States of America EMAIL:[email protected] REV:20080424T195243Z END:VCARD But I can't find any way to include the photo field into a QR code, any suggestions would be greatly appreciated.

Read the article
Code deploy system [closed]

- by Turnaev Evgeny

Currently we deploy code to servers in a various ways: freebsd package freebsd ports part of config files and static just svn up'ed and a symlink is changed to new upped folder The distribution of freebsd packages to target servers is done through custom tool that uses ssh. I am looking for a code deploy system that will allow: deploy several packages (freebsd or linux) atomic (ether deploy all or none of them to server) can save a history of last stable version - so in case of bad deploy i can easily rollback to last working version all servers ease deployment of config and static files - and integrate those into atomic deploy/rollback system. should work with freebsd or linux (apt-get system)

Read the article
SQL Server: how to check securables

- by jrara

I would like to make a t-sql query to check which logins have 'view server state' permission in server type securables. How to achieve this? This query from mssqltips don't show this: http://www.mssqltips.com/tip.asp?tip=1718 SELECT prin.[name] [User], sec.state_desc + ' ' + sec.permission_name [Permission] FROM [sys].[database_permissions] sec JOIN [sys].[database_principals] prin ON sec.[grantee_principal_id] = prin.[principal_id] WHERE sec.class = 0 ORDER BY [User], [Permission];

Read the article
How to decide where to purchase a wildcard SSL certificate?

- by user664833

Recently I needed to purchase a wildcard SSL certificate (because I need to secure a number of subdomains), and when I first searched for where to buy one I was overwhelmed with the number of choices, marketing claims, and price range. I created a list to help me see passed the marketing gimmicks that the greater majority of the Certificate Authorities (CAs) plaster all over their sites. In the end my personal conclusion is that pretty much the only things that matter are the price and the pleasantness of the CA's website. Question: Besides price and a nice website, is there anything worthy of my consideration in deciding where to purchase a wildcard SSL certificate?

Read the article
How safe is the quicken encryption of files?

- by jmvidal

Quicken has a password-protection option where you type in a password and your file is encrypted. How good is this encryption and how does it depend on the length or complexity of my password? A google search reveals a lot of "quicken password recovery" programs, like this one, which make me feel like the password is just for keeping the really dumb criminals away, not the ones with large computers.

Read the article
How to use windows desktop from a linux machine in a local network?

- by Hristo Hristov

I have a computer running Windows 7 with no monitor or keyboard, connected to a local network. I have a few laptops running linux, also connected to the local network. I want to feel like I'm sitting in front of the windows, but using one of the linux laptops. How to do that? Maybe I can use some linux software to connect to remote desktop? Or I have to install client/server software on both machines? As this is a local network, I expect excellent experience with no lag. Thank you!

Read the article
How to set up a easy-to-use proxy for the whole system with WinXP client and server?

- by Pekka

I am working together intensively with a colleague on the Canary Islands. We speak through live messenger and work together using a RDP software. She has frequent problems with connections to certain big-name and small-name sites (amongst others live.com, google.com, gmx.de) very likely to be caused by the spanish provider (the connections simply time out, this has been going on for weeks already). I have been thinking about setting up my computer as a proxy to make these connections work. I have a DSL connection and am behind a NAT capable router that I control. Does anybody know a simple, "one-click" way to transport ALL network traffic through a remote proxy? Without having to set proxy settings for each application that uses the internet? VPN is not an option, because I am behind a firewall that supports protocol 47 and such, but I have never succeeded in getting an incoming VPN connection to work. I can however redirect normal traffic using NAT. A VPN solution that does not need strange protocols would also be an option.

Read the article
What does ActiveSync on Android(Nexus One) actually do?

- by aaronls

Under the accounts settings of my nexus one I added a Microsoft ActiveSync account and pointed it to our OWA url. It doesn't seem to do anything, and I'm not really sure what it is supposed to do. I have both email sync and contacts sync enabled in the settings, but none of the email I get through outlook shows up on the phone nor are there any contacts added to my contacts list. When I setup the account settings if I type something in wrong it gives me an error, so it is doing something to test the connection, so to some extent I must have it setup right. It just doesn't seem to do anything. What is it actually supposed to do? Where would the contacts and emails show up if it sync'd successfully? How can I test it to ensure I have the correct URL specified?

Read the article
Can I disable Pam Loginuid? Can I find out options used to configure kernel?

- by dunxd

I am getting a lot of the following types of error in my secure log on a CentOS 5.4 server: crond[10445]: pam_loginuid(crond:session): set_loginuid failed opening loginuid sshd[10473]: pam_loginuid(sshd:session): set_loginuid failed opening loginuid I've seen discussion of this being caused when using a non-standard kernel without the correct CONFIG_AUDIT and CONFIG_AUDITSYSCALL options set. Where this is the case, it is advised to comment out some lines in the pam.d config files. I am running a Virtual Private Server where I need to use the kernel provided by the supplier. Is there a way to find out what options they used to configure the kernel? I want to verify if the above is the cause. If this turns out not to be the cause, what are the risk of disabling pam_loginuid for crond and sshd?

Read the article

< Previous Page | 368 369 370 371 372 373 374 375 376 377 378 379 | Next Page >