Search Results

Search found 15415 results on 617 pages for 'security groups'.

Page 431/617 | < Previous Page | 427 428 429 430 431 432 433 434 435 436 437 438 | Next Page >

After setting ulimit to unlimited, I am not able to login to machine

- by user419534

In one of requirment, I had to set ulimit on one of my machine to unlimited. For this I changed following in /etc/security/limits.conf as below # End of file oracle soft nofile unlimited oracle hard nofile unlimited oracle soft nproc 131072 oracle hard nproc 131072 oracle soft core unlimited oracle hard core unlimited oracle soft memlock 50000000 oracle hard memlock 50000000 * soft nofile unlimited * hard nofile unlimited and changed /etc/profile if [ $USER = "oracle" ]; then if [ $SHELL = "/bin/ksh" ]; then ulimit -p unlimited ulimit -n unlimited else ulimit -u unlimited -n unlimited fi fi I logged out. I am not able to connect ot machine at all. could you please someone help on this.

Read the article
Is it necessary to have firewalls rules between trusted nodes communicating on their backend interfaces?

- by Tom

I have 6 nodes that have internet access on eth1 and private access to one another on eth0. Currently I have firewall rules for eth0, for things like memcached and NFS. Is this necessary? It's a real headache as NFS for example communicates on loads of different ports, and I recently introduced glusterfs which needs more still. Is the headache of figuring out what backend ports to unblock worth the security enhancement? I should mention that I will of course still have a firewall rule on eth0 to block servers owned by others in the same datacenter. Thanks

Read the article
IE8 Unable to download files

- by jetgunner

I recently installed Windows 7. I can browse to any webpage using IE8, but if I click on any links to download files, I receive the following error: Unable to download [filename] from [website]. Unable to open this Internet site. The requested site is either unavailable or cannot be found. Please try again later. I can download files perfectly fine using firefox, it's just IE that is having issues. There are no messages in the windows event log. I have no add-ins installed and have made no security changes as this is a fresh install. Any ideas?

Read the article
Share folder with active directory group permissions

- by Hihui

I have a Debian as a member of our AD (which is a 2k3). I want to share 2 folders from our Debian. 1 with full access for everyone, the second only readable by group "ADM", and "PROD". Part of smb.conf: [global] workgroup = MYDOMAIN realm = MYDOMAIN.LOCAL netbios name = SERV-FTP wins server = "IP serv 2k3" security = domain [JUKEBOX] // full access path = /media/JUKEBOX/JUKEBOX comment = sharing writable = yes browsable = yes public = yes read only = no valid users = @ASYLUM\prod_std admin users = @ASYLUM\ADM [SOFTWARE] comment = Software path = /media/JUKEBOX/SOFTWARE valid users = @ASYLUM\prod_adv, @ASYLUM\ADM writable = yes read only = no My log : [2013/10/25 09:24:37.316643, 0] smbd/service.c:1055(make_connection_snum) canonicalize_connect_path failed for service SOFTWARE, path /media/JUKEBOX/SOFTWARE And, from my Windows's client, if i want to access on that folder : Windows can't access to \serv-ftp\software Where is the problem ... ? Thx !

Read the article
Virtualise Excel in a browser

- by Macros

Is it possible to give users access to a virtualised instance of Excel - I don't want to give them access to a full OS (although this will clearly be running in the background, all they can access is Excel - they don't even see any other screens)? Secondly, if it is possible, is it possible to do within a browser? Edit I am building a system which is designed to test candidates skills in Excel and for this reason needs to use the full desktop version and not a web app. I don't want to have to ensure Excel is installed on the client machine as there will be issues around differing versions and security as the workbook(s) that are used in the test use VBA extensively to customise and mark the exercises. Ideally my web app would be able to open a session to the server which then just puts the user into an instance of Excel without ever seeing a desktop. I would also need to be able to pass in command line parameters in order to define which workbook to open and also pass in a unique token to identify the user

Read the article
How are file permissions applied for shared drives?

- by sleske

I have two computers: A (running Windows Vista) B (running XP). I shared C: on computer A (as \\A\C ), and require a username (X) plus pw to access it. If I browse the the share \A\C on computer B, after entering username+pw I can access most folders, but one folder "\\A\C\F" gives me "permission denied". I looked at that folder's permissions on A, and it has full access permissons for all "Administrators". I use the account "A\X" to authenticate when accessing the share on A. X is a user account (on A) that is an "Administrator" according to Window's user management. Still, I cannot access this folder. If I explicitly add the "X" account to the accounts that may access folder F (under Properties / Security), I can access it without problems. I do not understand why I need to explicitly grant permission for X to get access to F. Is it not enough that X is an Administrator account?

Read the article
Sharepoint 2007 reset permission inheritance

- by e-mre

I have this SharePoint 2007 document library which has several levels of folders and files. Some folders in the middle of the hierarchy do not inherit permissions from their parents and have their unique permissions defined. It is a huge library and there are many folders like this. I am currently changing the permission model of my library and I want to reset all those unique permissions and have all of them inherit permissions from the library root. (Something like "Replace child object permissions" checkbox available in windows files system security window) If this is not possible, seeing a list of folders that have their unique permissions defined would also do.

Read the article
Block Domain User login

- by Param

I have created a Domain User id ( for example - Auser ). I have integrated my LDAP login with Firewall. I use this user to login in to firewall only. So, I want to block all the login for this User except on Firewall. Is there any way to accomplish this? As per my knowledge, we can specify :- By right click on Domain User -- Properties -- Account tab -- Logonto ( but here we have to specify Computer Name, we don't have any computer name for Firewall -- So i can't use this option ) Through Group Policy Window Setting -- Security Setting -- Local Policies -- User Rights Assignment -- Allow logon Locally (But it has to apply on Computer OU -- So i can't use this option also ) Any Other Option you know ??

Read the article
NTFS Folder has no owner, no permissions, can't be deleted

- by winnt93

Hi, I have a folder a 2003 member server which can't be deleted. Nothing has any permissions (domain admin and running up a cmd prompt as "nt authority\system" using psexec) - always "access denied". When I do a dir /q, the owner shows as "...". I've tried takeown.exe on the folder and also it's parent. The bad folder always reports "access denied". Also tried to reset using icacls, same thing. Explorer permissons has no sharing & security options or tabs. It works fine for other folders, even in the same directory. Bit stumped to say the least. g.

Read the article
Samba + Centos (Share not working)

- by mplacona

I've done this a few times already, but for some reason this time it's not working. I have a folder called ruby (root:root - 0777) on /home/placona I'm trying to see this folder from my WindowsXP box, but keep getting permission denied. I can see the global share though, but whenever I try clicking on the ruby share, it won't let me in. Here's my smb.conf settings: [global] log file = /var/log/samba/samba.%m guest account = nobody netbios name = DEVBOX server string = DEVBOX CENTOS workgroup = WORKGROUP encrypt passwords = yes security = share max log size = 50 [ruby] path = /home/placona/ruby I want to be able to open this folder without using password (hence the guest account = nobody). I tried even with password, but never seems to work. Can anyone spot anything wrong with my settings?

Read the article
Cannot send email from EC2 instance on port 587

- by Tahsin Mostafiz

I have written a mail service for our flask application that uses Celery and RabbitMQ to send emails (using gmail). I have got the celery consumer and producer communicating okay but I cannot get to send send emails. I am getting a socket.error: [Errno 101] Network is unreachable. I think this means that AWS is blocking port 587 - even though in my security group I opened both ports 587 and 25 (inbound and outbound). Any reason why this is happening? Any help will be highly appreciated.

Read the article
Apache Key: Which is it using?

- by quindraco

I'm running an Apache server on Ubuntu. When I restart it, it asks me for a pass phrase; here's what the dialog looks like: Apache/2.2.16 mod_ssl/2.2.16 (Pass Phrase Dialog) Some of your private key files are encrypted for security reasons. In order to read them you have to provide the pass phrases. Server 127.0.0.1:443 (RSA) Enter pass phrase: I've already worked out how to remove the pass phrase from the key file in question, but I can't find any information anywhere on how to determine which key file Apache is complaining about in the above dialog. I have dozens of key files on the server in question, although I don't know which ones are in active use (all I did is 'locate .pem' and ignore the false positives). Does anyone know how to track down which pem file I need to remove the passphrase from?

Read the article
NetDiag + TCP Blocking?

- by CrazyNick

We are facing some issue with the sharepoint 2007 timer jobs everyday at a specific time, so decide to track the tcp blocking informartion during those hours using NetDiag tool. We are not able to find the required information if we uses "netdiag /test:ipsec", what is the command that can be used to pull the TCP blocking information and how to configure it? if i ran the command "netdiag /test:ipsec /debug" it is returning "IP Security test . . . . . . . . . : Skipped", what does it mean?

Read the article
Git push on localhost with htaccess

- by Rooneyl

I am looking into setting up a remote git repo. To start with I have created it on my Windows machine using xampp following this guide. All works fine except when I try to add some security, as per step 6 of the guide (for when I migrate it to my main web server). I have added passwords by using passwd and adding htaccess to the htdocs folder. This works fine (I have checked in my web browser), but when I try and push I get prompted for my password the it fails with a error (code 22). $ git push origin master Password for 'http://git@localhost': error: Cannot access URL http://git@localhost/s.git/, return code 22 fatal: git-http-push failed Any ideas?

Read the article
/etc/environment and cron

- by clorz

I've got two machines: Fedora and CentOS. And a cronjob 0-59 * * * * env > /home/me/env.log On CentOS I can see that /etc/environment is affecting the output while on Fedora it does not. I want Fedora to be like CentOS. What do I need to make it happen? /etc/pam.d/crond on Fedora auth sufficient pam_rootok.so auth required pam_env.so auth include system-auth account required pam_access.so account include system-auth session required pam_loginuid.so session include system-auth /etc/pam.d/crond on CentOS auth sufficient pam_env.so auth required pam_rootok.so auth include system-auth account required pam_access.so account include system-auth session required pam_loginuid.so session include system-auth /etc/security/pam_env.conf is the same on both systems and consists of commented out lines. Even if I make /etc/pam.d/cron.d files the same, problem still persists.

Read the article
Problem with Ctrl key on a hp 2510p

- by Ernelli

I have a tricky problem with my corporate Compaq hp 2510p, the ctrl key is not working properly at all times. I belive that it is hooked in some filter chain that processes certain ctrl+[key] combinations which is very annoying. I would like some pointers on how to proceed when analysing what application/setup can can cause this kind of keyboard filtering to happen. Anyway some more background info: Ctrl works together with X, C, V. Both in editors and terminals (Ctrl-C, Z etc) but Ctrl-Shift-Esc and Ctrl-Alt-Del does not work. Very annoying so my only option for logging in us using HP's security app. Shift-Arrow works for selecting text, but not Ctrl-shift arrow to select word by word, but Ctrl-Arrow works when moving the caret word by word. Now the strange thing is that everything works ok with an external USB keyboard so it might be the driver, but still, google yields 0 when searching for the problem description. I have vm-ware player installed (but not running it), HP Protect Tools installed, if any of these could affect the keyboard driver.

Read the article
Which TCP ports to use?

- by rowatt

Is there a TCP port range which I can be sure will not be used by anything else for traffic between two machines? If I am reading RFC6335 correctly, I can be sure that no other applications will use specific ports in the Dynamic/Private/Ephemeral range of 49152-65535. However, if I understand correctly, it also states (section 8.1.2) that an application shouldn't assume that any given port in that range is available at any given time, which would mean I can't be 100% sure that it will be unused all the time. Specifically, I want to assign specific SSH traffic to a different port for the security benefit and so I can classify it differently for QoS purposes, and not have to worry about changing the port in the future.

Read the article
IPSec VPN IP addresses

- by Randomblue

I have an IPSec VPN on my Windows 7 machine (all using the native Windows 7 gateway). The host I am connecting to has different ISAKMP "Phase 1" and "Phase 2" IP addresses. As I understand, the Phase 1 address is that of the IPsec endpoint, to which I can connect just fine. The Phase 2 address is found in their "crypto map", and the addresses need to match. At the moment, both my Phase 1 and Phase 2 addresses are configured the same. On my side, I get the error "Error 791: The L2TP connection attempt failed because security policy for the connection was not found" How can I configure the Phase 2 IP address for my Windows 7 IPSec VPN to be different to the IPSec endpoint address?

Read the article
Does admin=true and root has the same privileges on AIX?

- by Boaz Tirosh

Does a user in /etc/security/user with the parameter admin set to true (admin = true) has the same privileges as the root user? According to IBM (full information here): admin Defines the administrative status of the user. Possible values are: true The user is an administrator. Only the root user can change the attributes of users defined as administrators. false The user is not an administrator. This is the default value. Is there another type of user, or are admin and root the same?

Read the article
Can SBS2003 Monitoring and Reporting service work without Exchange?

- by Magnetic_dud

Hi, we have an SBS2003 server. Recently I decided to switch to hmailserver as i feel it's better than exchange 2003, so i disabled it. Of course i don't receive the Monitoring and Reporting emails from my server anymore, there is a way to change the setting? I think it directly interacts with Exchange, but maybe there is an smtp option out there Otherwise there is an alternative? I tried the paessler monitor on a vm, but i feel it's too much for my use: i just need to get a daily report of the security violations in the event log and something else

Read the article
SQL Server 2012 LocalDB

- by user3061846

I´m a noobie so please be patient ! I developed an app using C# and SQL Server Express 2012 with a local database, my connection string is"Data Source=localhost ; Initial Catalog = scalnet ; Integrated Security=SSPI; Trusted_Connection=Yes"; Everything worked ok till the time I made a setup and tried to install my app in another computer. My first question is: - What version of SQL should I install is this machine? it should be as ligth as possible. - I tried to install SQL exprees 2012 but it gives me an error when I execute my app "A network related or instance specific error occurred while establishing a ..... (provider:Named Pipes Provider, error:40 - Could not open a connection to SQL server." This probably should be a problem with the server configuration but I have no ideia how to solve this... Can anyone point me to the rigth direction ? ? Thanks

Read the article
Super user in LDAP?

- by John8894

I am running 10 Linux machines that is doing different types of work. The machines are configured to use LDAP authentication so when one user is configured in slapd he can login on all the machines. To make maintenance easier i want to create a root account in slapd so i can use this instead of the local root accounts when installing applications etc. but i am not sure on how to do this. Is it enough to create a user with the name root and gid/uid 0? should the local root be disabled somehow? I am fully aware that this is normally not a good idea from a security perspective, but as mentioned before this is a special case.

Read the article
What is your approach to draw a representation of your network ?

- by Kartoch

Hello, I'm looking to the community to see how people are drawing their networks, i.e. using symbols to represent complex topology. You can have hardware approach, where every hardware unit are represented. You can also have "entity" approach, where each "service" is shown. Both are interesting but it is difficult to have both on the same schema (but this is needed, especially using virtualization environment). Furthermore, it is difficult to have complex informations on such representation. For instance security parameters (encrypted link, need for authentication) or specific details (protocol type, ports, encapsulation). So my question is: where your are drawing a representation of your network, what is your approach ? Are you using methodology and/or specific softwares ? What is your recommendations for information to put (or not) ? How to deal with the complexity when the network becomes large and/or you want to put a lot of information on it ? Examples and links to good references will be appreciated.

Read the article
Windows 7 system CPU bogged by windows services, no explanation

- by Alex

I'm looking at a laptop for a colleague which is running terribly slow. A quick look showed that the CPU was 100% used by 2-3 SVCHost processes, which off course doesn't tell much since those are just 'cover' processes with services running underneath them. So I fired up process explorer in hopes of finding a shady rogue service which was bogging the system, but to my suprise I found genuine MS Windows processes (or at least damn-good disguised ones) are bogging down the system: dnscache (DNS Client) IKEEXT (IKE and AuthIP IPSec Keyring modules) iphlpsvc (IP Helper) Seen separately, these processes might seem odd to be using a lot of CPU, but taking a step back one can conclude that all three services are quite closely related to networking. I've tried running: netsh int ip reset log.txt which has helped me save bizarre network-related problems in the past, but this didn't help Off course I though about a virus, but both MS Security Essentials as well as malwarebytes (let both run a full scan).

Read the article
Outgoing only SMTP server

- by Din

I want to setup on my Debian outgoing only SMTP server, so my Web-applications will be able to send mail via it. I don't want to use other hosts because of security and customizability of my own setup. I want to setup Postfix and configure it only in outgoing mode (I don't want it to be a relay). So I want to ask an advice how to do it in the best way. There's no need in users, virtual users, endpoints and other options that Postfix provides. I suppose that I should only attach Postfix to some hostname so my IP address can resolve to it. I also think that Postfix maybe a bit complicated solution for this task. If you know much simpler tool for it, let me know. Thanks.

Read the article

< Previous Page | 427 428 429 430 431 432 433 434 435 436 437 438 | Next Page >