Search Results

Search found 13940 results on 558 pages for 'pci security'.

Page 388/558 | < Previous Page | 384 385 386 387 388 389 390 391 392 393 394 395 | Next Page >

Proxy Server suggestions

- by Jon Menefee

Here is the question I have that hopefully is not too general of a question. I have a network with approximately 25 PC's, 3 servers and 25 IP cameras. I have a firewall already on the network and it works fine for what I need, but my client is asking me if there is a way to put a Proxy server on the network to monitor where his employees are going when they surf the Internet. He is not wanting to block them (at least not thru the Proxy server), but he wants to make sure that they arent going to sites that would compromise the networked PCs. I have looked at TMG and it is a little more than what I want. I hesitate adding another firewall to the system because of the security cameras that are presently on the network (IP Cameras). I just want to put a policy in AD that would make certain Users (or Computers) use a Proxy server. Any suggestions on a good proxy server are welcome. Thank you

Read the article
Unable to connect to MySQL through port 3306

- by Ron

I read the answers about 3306 from a question posted in 2009. I have the same problem, but the answers I read didn't help. Port 3306 is open, even if I stop the windows-firewall, MySQL still can't access it. MySQL is running. I've run netstat firewall xxxxxx and get these results: 3306 TCP Enable MySQL Server and this from netstat -a -n: TCP [::]:3306 [::]:0 LISTENING 0 (I don't understand the [::]) I do have AVG Internet Security running but not the Firewall component. How can I find out what is blocking MySQL from accessing this port? And it's not just this specific port, but any port. I've asked on the MySQL forum, but no one is replying.

Read the article
Replicate portion of an LDAP directory to external server

- by colemanm

We're in the process of setting up a Jabber server on Amazon EC2 right now, and we'd like to have our internal users authenticate via LDAP so we don't have to create/manage a separate set of user accounts than the master directory in the office. My question is: is there a way to copy, unidirectionally, a segment of our internal LDAP directory (the user accounts OU) to an external LDAP server and authenticate Jabber against that? We're trying to work around having our externally hosted machines out in the cloud accessing our internal network directly... If we can replicate in one direction only a subset of the user accounts, then if that gets compromised we don't necessarily have a critical security breach into our internal network.

Read the article
Samba / smbd on Centos 6.5

- by Satalink

I've installed Samba4 and have the smb.conf file as follows: [global] workgroup = WORKGROUP server string = Samba Server realm = REXIALO.COM netbios name = REXIALO.COM security = user map to guest = Bad Password bind interfaces only = no interfaces = lo venet0 log file = /var/log/samba/samba.log max log size = 1000 [webroot] path = /usr/local/apache/htdocs comment = Example.com webroot directory read only = No I can connect from the same server with smbclient. Localhost: # smbclient -L localhost -U root Domain=[WORKGROUP] OS=[Unix] Server=[Samba 4.1.11] Sharename Type Comment --------- ---- ------- webroot Disk RexiAlo webroot directory IPC$ IPC IPC Service (RexiAlo Samba Server) Domain=[WORKGROUP] OS=[Unix] Server=[Samba 4.1.11] Server Comment --------- ------- Workgroup Master --------- -------Enter root's password: network: # smbclient -L rexialo.com -U Domain=[WORKGROUP] OS=[Unix] Server=[Samba 4.1.11] Sharename Type Comment --------- ---- ------- webroot Disk RexiAlo webroot directory IPC$ IPC IPC Service (RexiAlo Samba Server) Domain=[WORKGROUP] OS=[Unix] Server=[Samba 4.1.11] Server Comment --------- ------- Workgroup Master --------- ------- The problem is when I try to map to the smb webroot from Windows 7, it asks for user/pass but just times out and then prompts for credentials. The samba.log file does not show any activity other than the startup of the smbd process. Any help would be appreciated.

Read the article
Duplicating keepass files instead of creating a new file

- by BlakBat

I'm currently using KeePass 2 and syncing them via dropbox. I have a few KeePass files (one for websites, one to store software licenses, etc...) Every time I need a new KeePass file, I just create a copy of the kbdx file, open it, remove all existing entries, change the key transformation rounds to another pseudo-random value. I do not change the master password. I want to know if this was unsafe practice, or was a security risk, compared to just creating a new KeePass file via the "File-New" menu. The reason I don't use the menu: i'm lazy enough to not want to reconfigure "database settings" every time.

Read the article
Do TCP connections work differently within the same subnet?

- by Dean

I've encountered some network behaviour that confuses me while trying to get Java RMI working. I use netcat to connect to a local machine: [my_machine]$ nc -w 1 192.168.0.100 60000 && echo success success I try to do the same to my server: [my_machine]$ nc -w 1 my-servers-ip 60000 && echo success This doesn't work, unless I explicitly listen on the server socket: [amazon_ec2]$ nc -l 60000 [my_machine]$ nc -w 1 my-servers-ip 60000 && echo success success For the version that fails, the SYN packet receives a RST, ACK in response. I'm not too knowledgable about this stuff, at this point I only have wild theories such as the one in the question. Any ideas? Potentially useful details: Local Machine (192.168.0.100) - Macbook Remote Machine (Amazon EC2) - Amazon Linux AMI 2012.03 Security Group Settings: 22 (SSH) 0.0.0.0/0 1099 0.0.0.0/0 49152-65535 0.0.0.0/0 "iptables -L" shows no rules set

Read the article
Why does OS X automatically logout my user?

- by MBA_fv

I have a new MacBook Air set up with filevault. In the Security preference pane I have "Require password 1 hour after sleep or screen saver begins" enabled, but the "Logout after 60 minutes of inactivity" is disabled. When I leave the computer on overnight I manually lock the screen (from the Keychain status menu bar, which I enabled via the Keychain Access preferences). Alas, in the morning I find that instead of a locked screen I see the login window, after my user was logged out with all applications terminated... (e.g. Firefox thinks it previously crashed when I launch it). This type of behavior only started after I enabled Filevault. Why is this happening? How do I prevent such auto-logout?

Read the article
Launching multiple applications with a single command/script/shortcut

- by Bill

I realized a few days ago that every time I sit down at work, I do a few things after unlocking my computer. First, I open up Firefox, then I open up Chrome, then I log in to Digsby. I realized I could probably save repeating this daily by writing a small batch script to open up Firefox and Chrome , but I couldn't figure out how to make it work.. and since the whole effort is to save time I don't want to bash my head around in the windows command prompt to do it. I also tired this in powershell but ran in to a bunch of security nonsense. Is there a way to do this that I am missing? Bonus points if somebody has figured out how to manipulate Digsby via COM , scripting, or python =)

Read the article
Can not find the source of Grant permission on a folder

- by Konrads

I have a security mystery :) Effective permissions tab shows that a few sampled users (IT ops) have any and all rights (all boxes are ticked). The permissions show that Local Administrators group has full access and some business users have too of which the sampled users are not members of. Local Administrators group has some AD IT Ops related groups of which the sampled users, again, appear not be members. The sampled users are not members of Domain Administrators either. I've tried tracing backwards (from permissions to user) and forwards (user to permission) and could not find anything. At this point, there are two options: I've missed something and they are members of some groups. There's another way of getting full permissions. Effective Permissions are horribly wrong. Is there a way to retrieve the decision logic of Effective Permissions? Any hints, tips, ideas?

Read the article
"Deny log on through Terminal Serivces" insists on "Everyone"

- by Trueblood

We've got a standalone (non-domain) server where "Deny log on through Terminal Services" contains "Everyone" -- ok, we didn't want that, not sure how it got set, but whatever. We removed it ...and "Everyone" came back. Tried adding "Guest" to the deny list, removing "Everyone" ...which ended up with the setting containing "Everyone, Guest" Clearly there's another setting somewhere that's preempting this one, but it beats me which one. Any ideas? ("Everyone" is being shown as reset upon reloading the Local Security Settings window, so it's possible that it's not actually being changed in the underlying store, and just shows the change in the UI)

Read the article
Binding services to localhost and using SSH tunnels - can requests be forged?

- by Martin

Given a typical webserver, with Apache2, common PHP scripts and a DNS server, would it be sufficient from a security perspective to bind administration interfaces like phpmyadmin to localhost and access it via SSH tunnels? Or could somebody, who knew eg. that phpmyadmin (or any other commonly availible script) is listening at a certain port on localhost easily forge requests that would be executed if no other authentication was present? In other words: could somebody from somewhere in the internet easily forge a request, so that the webserver would accept it, thinking it originated from 127.0.0.1 if the server is listening on 127.0.0.1 only? If there were a risk, could it be somehow dealt with on a lower level than the application, eg. by using iptables? The idea being, that if someone found a weakness in a php script or apache, the network would still block this request because it did not arrive via a SSH-tunnel?

Read the article
Can't access to access to my web server inside a network with Firewall on

- by ianenri

I set up a Web server with the following: There is the Internet Router, configured to Port Foward port 80 to my computer assigned to my PC's IP: 192.168.1.128 My PC is connected to that wireless router from wlan0 Then, my PC is also connected to my device (which is the webserver) with a crossover-cable usign eth0 having this anohter IP: 10.42.43.1 Finally, my device (the webserver) is connected with eth0 with this IP: 10.42.43.55 As you can see, I need to install a reverse-proxy to be able to resolve to my device's webserver. I installed pound (proxy server) in my PC and configured properly to make 192.168.1.128 resolve to 10.42.43.55 So, I just typing my ISP provided IP 200.x.x.x resolves to my device webserver. But there's a problem: I HAD TO STOP MY FIREWALL. I don't know how I need exactly configure the firewall in SUSE YAST2, or at least iptables. Stopping it is not an option, not for security reasons, just because there's port fowarding rule that is needed to give Internet access to my device too. I'm using openSUSE 12.1

Read the article
Can't change read only folder in windows 7

- by James Drinkard

I'm trying to run a Spring MVC 2.5 tutorial and when I run the ant script for a deploy, I get this error: deploy: [copy] Copying 2 files to C:\apache-tomcat-7.0.8\webapps\c:\projects\workspace\springapp BUILD FAILED C:\projects\workspace\springapp\build.xml:46: Failed to copy C:\projects\workspace\springapp\war\WEB-INF\web.xml to C:\apache-tomcat-7.0.8\webapps\c:\projects\workspace\springapp\WEB-INF\web.xml due to failed to create the parent directory for C:\apache-tomcat-7.0.8\webapps\c:\projects\workspace\springapp\WEB-INF\web.xml After reviewing the directory: springapp I saw the properties as read-only. No problem I thought as I'm logging in as administrator. However, changing the uac settings, going to a command prompt as admin and then trying to change the properties of the folder with attrib, making me the owner of the folder, changing the security settings etc... did nothing. I can't seem to change this folder to anything. So my question is, how do I change the settings on that folder so ANT can make changes to that folder?

Read the article
Is there a way to only require password on waking from sleep and not on screensaver (In Snow Leopard

- by Vitaly Kushner

I hate it when it asks me for password when I'm at home getting away from a computer for a while. I do like it having a screensaver though. But for some reason I see that password settings for the screensaver is merged with the password settings for waking from sleep. And waking password is an essential security feature for me. Essentially when Im not in a secured environment I close the lid when going away from the laptop even for a minute, but at home I want it to stay open. Is there a way to have it ask for password only after sleep and not after screensaver?

Read the article
Why do mapped drives only reappear after logging out and back in, and not after a reboot?

- by razumny

I work in a corporate environment, where we use mostly Windows 7 Professional computers, though some legacy applications are still being run on Windows XP. We have security in place on the network not to allow access to network resources to computers that are not members of Active Directory. When logging in, our users get their home folder and a common network drive mapped to H: and F:, respectively. Sometimes, this does not happen, and the drives are not mapped. The solution is to have the user log off, and back in to Windows. If they reboot, the drives remain unmapped. Does anyone know why this may be?

Read the article
why Apache with ssl but back end weblogic without ssl works?

- by huangli

Hello everyone. my question is very simple . The link below is a picture about my architecture. https://docs.google.com/open?id=0BxSXbpgYIZVOR212RVk4ZDN1Sm8. The pic above shows the architecture right now and it works correctly ! which means I could visit apache with url https//apchehost:8080, could not visit the web app with https served by weblogic but I could visit these app with https served by Apache(Apache is proxy server). My question is why the Apache is configured with ssl but weblogic without ssl works ? I think weblogic should also configured with ssl . If this works , what about security level ? Is the ssl really works if only Apache configured with ssl but Weblogic without it ? Thanks . condition: Apache 2.2.17 with weblogic module mod_wl_22.so Weblogic: 10.3 OS: Windows server 2003

Read the article
ServerName no longer works as SQL Server 2008 Default instance name?

- by TomK

Folks, Somehow in struggling to install something (Sage MIP), I have unsettled my system's SQL Server 2008 instance names. If I fired up SSMS and connected to "MySystemName" (while logged into MySystemName), I used to immediately connect and could view my databases. Now if I connect to "(local)" or "." I connect just fine...but "MySystemName" gives me a timeout error. If I log in with "." and do "SELECT @@SERVERNAME" it comes back with "MySystemName" just fine. I've double checked that my network name is in the Security\Logins list, and it is, as a dbadmin. Any suggestions? I thought that having SQL Server 2005 Express might be a problem (the "battle of the default instances"), so I uninstalled that. No better.

Read the article
Internet wireless connected with limited access, windows vista

- by Wawa wiya

Hello I had some malware in my computer so I did a bit of manual work to remove it including resetting TCP/IP. Now the malware is gone. I can see my home wireless network and I can get connected to it but when connected I get the Internet wireless connected with limited access message. When I go to the IE I cannot browse. When I tried to ping 192.168.1.1 I got an Error Code 1231 Unconnected Network Problem. I have deactivated my Windows firewall as I thought it could be hyperactive security. Still no luck. I have Norton but it is not active, I have also Avast and AVG installed but they are not active. Any ideas?

Read the article
Windows 7 random black screen when idle

- by Omar

Occasionally, when I'm away from my computer for about 5 minutes, the computer screen will go black and all USB devices (keyboard/mouse) will lose power. Attempting to move the mouse or pressing keys does not 'wake up' the computer. This only started happening a few days ago but I'm not sure what changes I did could have caused this and I uninstalled programs (one by one) I installed before it started happening, but still having the same issue. The one thing I noticed different about my computer since it started happening is i've been getting random survey popups from www.insightexpress.com. I ran Microsoft Security Essentials scan, it picked up some Java related malware, I removed it but still the same issue. I'm running MBAM right now and will run SAS after. Edit: I just updated drivers for motherboard and video card and ran virus scans, still having the same issue.

Read the article
Windows Filtering Platform not turning off until admin logon. Win2008R2sp1

- by rjt

Just installed Windows Server 2008R2 SP1 to see if it would fix this problem, but it didn't. Until an administrator logs onto the domain controller, there are many events that WFP blocked a connection from Server60 to Server60 or Server60 to Server70. Both server60 and server70 are the domain controllers. One the admin logs on, the WFP events stop. The firewall is off by default GPO. Yes, i know that the WFP kicks in during the boot up sequence until the firewall takes over or in my case does not take over (since Vista), but i clearly should not have to autologon to a domain controller and call autolock or something. Example event LEVEL = Information Source = Microsoft Windows Security Auditing EventID = 5152 "Filtering Platform Packet Drop" and its evil twin id = 5157 "Filtering Platform Connection" "The Windows Filtering platform has blocked a connection." Direction %%14593 SourceAddress 192.168.10.60 SourcePort 49677 DestAddress 192.168.10.60 DestPort 389 Protocol 6 FilterRTID 65667 LayerName %%14611 LayerRTID 48 RemoteUserID S-1-0-0 RemoteMachineID S-1-0-0 windows-server-2008-r2 WFP BFE WindowsFilteringPlatform BaseFilteringEngine

Read the article
Best blog package/platform (java, php etc)?

- by user50912

Hi Folks, I want to set up a blog, but I want it to reside on a URL I've bought, I also don't want any of the ads and such that sit around other blogs on blog specific sites like blogspot and generally want more control. I was thinking of getting shared hosting with mysql and such to get it going (as opposed to a VM which would be overkill). Then I just need to decide on the easiest quickest (and most secure) way of getting something up there. After some googling, I see b2evolution.net which sits on php, or Apache Roller, which seems to sit on Java. Could anyone offer any advice on whats my best approach here? Are there security concerns with either or has anyone any experience in this area? I really want setup time to be minimal, so I can concentrate of the feel of the blog rather than whats under the hood. Many Thanks.

Read the article
Restrict Administrators from changing system time - Windows XP machines (no domain)

- by user72128

I need to write a script that will remove all users under Local Computer Policy > Computer Configuration > Windows Settings > Security Settings > User Rights Assignment > Change the system time from the local group policy (gpedit.msc) on all Windows XP machines. These machines are not on the domain. I DO have a way to distribute and run the script automatically. Can someone point me in the right direction for creating a script like this?

Read the article
MD5 and SHA1 checksum uses for downloading

- by Zac

I notice that when downloading a lot of open source tools (Eclipse, etc.) there are links for MD5 and SHA1 checksums, and didn't know what these were or what their purpose was. I know these are hashing algorithms, and I do understand hashing, so my only guess is that these are used for hashing some component of the download targets, and to compare them with "official" hash strings stored server-side. Perhaps that way it can be determined whether or not the targets have been modified from their correct version (for security and other purposes). Am I close or completely wrong, and if wrong, what are they?!?! Thanks!

Read the article
Hide directory contents from showing when accessing the URL directly

- by SoLoGHoST

On my site, if you browse to http://example.com/images/ the contents of the entire directory are shown like so: How can I make it so that this doesn't show up when people browse directly to http://example.com/images/? Can I create an .htaccess file in that directory? Or is there a better way? I really don't want people being able to do this for the entire site (i.e. every directory on that site). What can I do to prevent this? I figure it's either something that has to be done in Apache or using an global .htaccess file and placing it in the public_html folder perhaps? EDIT I diverted this using an index.php file, but I still feel that security is an issue here, how can I fix this permanently?

Read the article
OS X software updates download but don't install

- by ridogi

I've got three 10.6 computers that won't install OS X updates. Checking for new software will show about a dozen updates (Security updates, Safari, iPhoto, printers, etc) and if choose install it downloads them. After downloading and then clicking restart the computer sits at the purplish sky desktop with no progress bar, and then after about 3 minutes it goes back to the login window (without ever installing or restarting). If I then select check for updates the same updates will all be presented and I can repeat the process. Manually downloading and installing an update such as 10.6.8 combo updater works as it should, and then check for updates no longer presents that particular update as an option. This seems to be the result of some setting or 3rd party application as I've got 3 out 7 computers experiencing this exact same problem. What could cause this and how can I fix it?

Read the article

< Previous Page | 384 385 386 387 388 389 390 391 392 393 394 395 | Next Page >