Search Results

Search found 20283 results on 812 pages for 'security context'.

Page 493/812 | < Previous Page | 489 490 491 492 493 494 495 496 497 498 499 500 | Next Page >

Automatically download files in Internet Explorer without getting prompted to Save / Cancel?

- by dimbasint

I am currently using IE7 with XP SP3. When a webpage download with unknown file type loads, I get a prompt asking me what I want to do with the file. My options are FIND SAVE CANCEL. How do I make it so that I don't get this popup prompt, but Internet explorer automatically downloads the file into a directory I choose without asking? PS. I have already tried Tools Internet Options Security Internet Custom Level Downloads Disable/Enable/Enable, but this doesn't help. Thanks for the reply. Unfortunately I have to use IE. I'm using it in connection with other proprietary software based on IE and its settings. And yes I'm aware it's not a great browser. (This is not for strictly personal use in the browsing sense. )

Read the article
How to disable passive mode in linux ftp command

- by nute

I am using the "ftp" command of linux to send data to a 3rd party provider. This company states that we need to "Disable passive mode in your FTP client", and I confirm it doesn't work in passive mode. However, when I googled the linux command, I see that the "-p" flag is "the default now for all clients (ftp and pftp) due to security concerns using the PORT transfer mode. The flag is kept for compatibility only and has no effect anymore." How do I disable passive mode then? And, is it that bad?

Read the article
Why does a group policy not applied to the domain administrator account?

- by Saariko

I have a working policy on my entire domain. I just found out, when logging with the domain administrator, that this policy is not applied (EDIT: Running : gpresult shows that the GPO's are applied - but, this GPO is for Drive Mappings, and the actual drive mappings are NOT shown) The administrator account - does not have any login script on his profile tab. My GPO's are mainly small/atomic settings: single GPO to handle each settings: UAC, Firewall, printers. GPO status for the object is enabled That's an overview of the Drive Maps: Reading on MS support site, I checked the delegation tab, and it is marked as applied to domain and enterprise admins. Every user gets these policies correctly. The OU that is set is the root of the domain. (for testing purpose - I did that to eliminate hierarchy issues - did not help) Block Inheritance is disabled. (never used it anyway) GPO link GPO Security Filterings

Read the article
Internet wireless connected with limited access, windows vista

- by r0ca

I had some malware in my computer so I did a bit of manual work to remove it including resetting TCP/IP. Now the malware is gone. I can see my home wireless network and I can get connected to it but when connected I get the Internet wireless connected with limited access message. When I go to the IE I cannot browse. When I tried to ping 192.168.1.1 I got an Error Code 1231 Unconnected Network Problem. I have deactivated my Windows firewall as I thought it could be hyperactive security. Still no luck. I have Norton but it is not active, I have also Avast and AVG installed but they are not active. Any ideas?

Read the article
Apache 2 Symbolic link not allowed or link target not accessible

- by djechelon

While the title of this question matches an already asked question, in my case I already set Options +FollowSymLinks. The setup is the following: my hosting setup includes htdocs/ directory that is the default document root for HTTP websites and htdocs-secure that is for HTTPS. They are meant for sites that need a different HTTPS version. In case both share the same files I create a link from htdocs-secure to htdocs by ln -s htdocs htdocs-secure but here comes the problem! Log still says Symbolic link not allowed or link target not accessible: /path/to/htdocs-secure Vhost fragment Header always set Strict-Transport-Security "max-age=500" DocumentRoot /path/to/htdocs-secure <Directory "/path/to/htdocs-secure"> allow from all Options +FollowSymLinks </Directory> I think it's a correct setup. The HTTP version of the site is accessible, so it doesn't look like a permission problem. How to fix this? [Add] other info: I use MPM-itk and I set AssignUserId to the owner/group of both the directories

Read the article
Loggon to Internet Hotspot from within Linux Terminal

- by Saif Bechan

For internet I use a local Hotspot service. I have internet when I start my browser and fill in my username and password. This stays as long as I do not shut down my PC for a while. I run some virtual machines, centos, debian, from the command line. I run these just for small test purposes, nothing special, and security is not an issue for me at all. I want to have these VM's connect directly to the hotspot if this is possible. So they each have there own IP. I have enough hotspot accounts to do so. I can do this with a bridged connection in VMware which works find with a GUI. But I run these OS's from the command line. I only need to know a way how to get the hotspot to validate my credentials. Is there a way of doing this without having a gui.

Read the article
Multiple External IP Ranges on a Juniper SSG5

- by Sam

I have a Juniper SSG 5 firewall in a datacenter. The first interface (eth0/0) has been assigned a static IP address and has three other addresses configured for VIP Nat. I have a static route configured at the lowest priority for 0.0.0.0/0 to my hosting company's gateway. Now I need to configure a second IP block. I have the IPs assigned to the second interface (eth0/1) which is in the same security zone and virtual router as the first. However, with this interface enabled I (a) can't initiate outbound sessions (browse the internet, ping, DNS lookup, etc) even though I can access servers behind the firewall just fine from the outside and (b) can't ping the management IP of the firewall/gateway. I've tried anything I can think of but I guess this is a little above my head. Could anyone point me in the right direction? Interfaces: ethernet0/0 xxx.xxx.242.4/29 Untrust Layer3 ethernet0/1 xxx.xxx.152.0/28 Untrust Layer3 Routes: http://i.stack.imgur.com/60s41.png

Read the article
Using schtasks in interactive mode

- by CFP

Hello! I'd like to create a scheduled task from the command line, in interactive mode. The at hh:mm /interactive program command fails, stating that security policies do not allow interactive execution. I'd therefore like to use the schtasks command. But when I type something like schtasks /Create /TN MyTask /SC DAILY /ST "13:10" /TR "notepad.exe" /V1 /F I get a message asking for my password, although I haven't set a password for my session. And when I leave the field blank, the command line answers that the task won't be able to run. How can I fix this problem? And how can I make the task interactive? Using /RU SYSTEM prevents the task from being run in interactive mode. Thanks! CFP.

Read the article
Chrome is reporting GMail has Invalid Server Certificate, how do I find out who's fiddling with my certs?

- by chillitom

Chrome is giving the following warning when ever I try and visit GMail or a bunch of other SSL sites. Invalid Server Certificate You attempted to reach mail.google.com, but the server presented an invalid certificate. You cannot proceed because the website operator has requested heightened security for this domain. This is the certificate the Chrome reports as invalid: -----BEGIN CERTIFICATE----- MIIDIjCCAougAwIBAgIQK59+5colpiUUIEeCdTqbuTANBgkqhkiG9w0BAQUFADBM MQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkg THRkLjEWMBQGA1UEAxMNVGhhd3RlIFNHQyBDQTAeFw0xMTEwMjYwMDAwMDBaFw0x MzA5MzAyMzU5NTlaMGkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh MRYwFAYDVQQHFA1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKFApHb29nbGUgSW5jMRgw FgYDVQQDFA9tYWlsLmdvb2dsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ AoGBAK85FZho5JL+T0/xu/8NLrD+Jaq9aARnJ+psQ0ynbcvIj36B7ocmJRASVDOe qj2bj46Ss0sB4/lKKcMP/ay300yXKT9pVc9wgwSvLgRudNYPFwn+niAkJOPHaJys Eb2S5LIbCfICMrtVGy0WXzASI+JMSo3C2j/huL/3OrGGvvDFAgMBAAGjgecwgeQw DAYDVR0TAQH/BAIwADA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLnRoYXd0 ZS5jb20vVGhhd3RlU0dDQ0EuY3JsMCgGA1UdJQQhMB8GCCsGAQUFBwMBBggrBgEF BQcDAgYJYIZIAYb4QgQBMHIGCCsGAQUFBwEBBGYwZDAiBggrBgEFBQcwAYYWaHR0 cDovL29jc3AudGhhd3RlLmNvbTA+BggrBgEFBQcwAoYyaHR0cDovL3d3dy50aGF3 dGUuY29tL3JlcG9zaXRvcnkvVGhhd3RlX1NHQ19DQS5jcnQwDQYJKoZIhvcNAQEF BQADgYEANYARzVI+hCn7wSjhIOUCj19xZVgdYnJXPOZeJWHTy60i+NiBpOf0rnzZ wW2qkw1iB5/yZ0eZNDNPPQJ09IHWOAgh6OKh+gVBnJzJ+fPIo+4NpddQVF4vfXm3 fgp8tuIsqK7+lNfNFjBxBKqeecPStiSnJavwSI4vw6e7UN0Pz7A= -----END CERTIFICATE----- I think someone or something (proxy, anti-virus, browser extension) is snooping on my SSL traffic. How can I determine who/what is doing this?

Read the article
dead man's switch for remote networking interventions

- by ascobol

Hi, As I'm going to change the network configuration of a remote server, I was thinking of some security mechanisms to protect me from accidentally loosing control on the server. The level-0 protection I'm using is a scheduled system reboot: # at now+x minutes > reboot > ctrl+D where x is the delay before reboot. While this works relatevly well for very simple tasks like playing with iptables this method has at least two drawbacks: It's not very reactive, ie a connectivity problem should be detected automatically if for example an automatic remote ssh command fails does not work anymore for x seconds. It can obviously not work if one need to modify some configuration files and then reboot to test the changes. Are you guys using some tool for the second point ? I would love to have something able to revert the system configuration in a previously known stable state if I can't join the server X minutes after reboot. Thanks!

Read the article
How to update grub with puppet?

- by Tombart

I would like to change a line in /etc/default/grub with puppet to this: GRUB_CMDLINE_LINUX="cgroup_enable=memory" I've tried to used augeas which seems to do this magic: exec { "update_grub": command => "update-grub", refreshonly => true, } augeas { "grub-serial": context => "/files/etc/default/grub", changes => [ "set /files/etc/default/grub/GRUB_CMDLINE_LINUX[last()] cgroup_enable=memory", ], notify => Exec['update_grub'], } It seems to work, but the result string is not in quotes and also I want to make sure that any other values will be separated by space. GRUB_CMDLINE_LINUX=cgroup_enable=memory Is there some mechanism how to append values and escape the whole thing? GRUB_CMDLINE_LINUX="quiet splash cgroup_enable=memory"

Read the article
What is the S.M.A.R.T. page?

- by Mads Skjern

I've just listened to Steve Gibson talk about his SpinRite software, on the Security Now podcast episode 336 (transscript). At 33:20 he says: I can show and do show on the SMART page that sectors are being relocated and that errors are being corrected. That SMART analysis page sometimes scares people because it shows, wait a minute, this thing says we're correcting so many errors per megabyte. What is this SMART page? 1) Some information saved on the HD by SMART, that I can access with a SMART tool like smartmontools? 2) A page (tab) in his SpinRite software? In any case, can I see, in any way, what sectors are marked as bad, without using SpinRite? Preferably using smartmontools!

Read the article
Connecting to a secure, graphical, x session using a stateless thin client

- by npeterson

I'm looking for an open source, non-proprietery solution to this problem, any help would be appreciated. I'd like to setup a server running Ubuntu Server. I'd then like to connect to this server from a stateless thin client and use an x-session. This would occur mostly over local area networks, but also possibly over the internet. What would be the ideal set of software to accomplish this from a security, and usability standpoint? Are there any ready-made stateless thin clients that don't require proprietery software?

Read the article
Linking RSA with Logstash etc

- by Anuj

i was wondering whether we can use logstash or any other opn source or free Log management too to collect,index the data and then feed this index into RSA envision or any other enterprise SIEM tool. Will this be beneficial in any way? Also are the indexes of various Log Management and SIEM tools -- splunk,RSA envision,HP Arcsight Logger and Logstash etc compatiable with each other. My organization is planning to buy RSA envision appliance and is there any way to restrict or select only certian type of log files eg: security logs or apache logs .. so that onlt those are monitored and this will reduce the EPS(events per second).

Read the article
Sql Server database logs "missing"

- by linkerro

Here's the problem we're having: In the applications that are using the databases we get errors like: The log for database 'redactedDatabaseName' is not available. Check the event log for related error messages. Resolve any errors and restart the database. Cannot close event log because there are still event handle users active. The server log says this: Error: 9001, Severity: 21, State: 1. Context: The server in question is holding databases for a multi-tenant application and lately it's been under quite heavy loads. It has something like 3k small databases on it and these errors have been coming in the last week. We have a work-around right now, which is taking the database offline then bringing it online again. Any ideas why this is happening and how we can fix it?

Read the article
Is there a maximum of open files per process in Linux?

- by Malax

My question is pretty simple and is actually stated in the title. One of my applications throws errors regarding "too many open files" at me, even tho the limit for the user the application runs with is higher than the default of 1024 (lsof -u $USER reports 3000 open fds). Because I cannot imagine why this happens, I guess there might be a maximum per process. Any idea is very appreciated! Edit: Some values that might help... root@Debian-60-squeeze-64-minimal ~ # ulimit -n 100000 root@Debian-60-squeeze-64-minimal ~ # tail -n 4 /etc/security/limits.conf myapp soft nofile 100000 myapp hard nofile 1000000 root soft nofile 100000 root hard nofile 1000000 root@Debian-60-squeeze-64-minimal ~ # lsof -n -u myapp | wc -l 2708

Read the article
Cannot remove wireless network profile even though admin account is used

- by David Karlsson

On my windows computer which is connected to a company domain. I have problems with the wireless networking. First of all the computer fails to connect. Second of all I cannot remove the network from the list of wireless profiles. The properties window simply claims that "This network is administered by the Administartor Account". I am currently logged in as the local administrator. I have also tried creating a new admin account and still get the same problem when trying to remove the network. My computer has only the microsoft security essentials antivirus and some VMWare+virtual box connections that I can figure might interfere, but disabling realtime protection has not helped me on this. I also cannot delete the virtual network adapters from the control panel / network adapters...

Read the article
bind9 dns proxy

- by Zulakis

We are offering multiple SSL-enabled services in our local network. To avoid certificate-warnings we bought certificates for server.ourdomain.tld and firewall.ourdomain.tld. We now created a zone in our local DNS-server in which we pointed the hosts to the corresponding private-ips. Now, each time another record for ourdomain.tld, like for example www.ourdomain.tld or alike are changed, we need to update it on both our public-dns-server AND the local dns-server. I would like our local bind-dns to serve all the information from our public-dns but serve different information for these 2 hosts. I know I could possibly have our private-ips in our public-dns but I don't want that for security reasons. The internet dns-server is being managed by a third party, while we have full control of the intranet one. Because of this I am looking for a solution which lets the intranet retrieve the records from the internet one.

Read the article
Block spam by using geoip filter?

- by faultyserver

We are looking for a way to be able to block spam based on geographic location by filtering using geoip. context: we rarely have any email correspondence outside of the USA, so we would like to block all incoming email outside the US except for maybe one or two countries. After a little Googling I have found a couple of solutions that may work (or not), but I would like to know what other sysadmins are currently doing or what they would recommend as a solution. Here is what I have found so far: Using PowerDNS and its GeoIP backend it is possible to use geoip for filtering. Normally this backend is used to help distribute load as a kind of load balancing but I dont see why it couldnt be used to kill spam as well? Possibly use the Maxmind lite country database and some scripting to do a similar job. Ideally what I am looking for is a solution that would handle decent load and scale well too...aren't we all! ;) Thanks in advance for your help! :-)

Read the article
pdf creation software, for docx and odt

- by oxinabox.ucc.asn.au

Ok, I have a fairly large collection of docx and odt files. Minutes from meetings etc. Now I want to convert them to pdfs for distrobution. and also into one combined pdf. At the momement I'm using Adobe Acrobat 8 (Pro iirc). and on another machine I'm using foxit pdf printer. To do this I have to print them each individually to pdfs. and then I can combine them with Acrobat, cos acrobat doesn't support conversion stright from docx or odt to pdf - only via printing. Now this is annoying if you have to do it on a regular basis, since i don't keep the pdfs around (I have the orignals source controlled :-D) cos they go out of date pretty quick as I often have to go back and modify old versions (like ridiculously often). e Eg When I find out I've got something in the minutes wrong or I want to add more context for clarifaction. Anyone got a better solution?

Read the article
Smartcards for storing gpg/ssh keys (Linux) - what do I need?

- by Ninefingers

Hi All, I'm interested in storing my SSH keys and gpg keys on a smartcard for added security. However, I'm a bit uncertain on a few points, which are as follows: How many keys can I get on a card? I assume both SSH and GPG can store keys on the card. Is there a limit to key size? I see a lot of cards saying they support 2048-bit keys, what about larger sizes? Hardware: can anyone recommend a card/reader combination that works well? I've done a fair amount of research and it seems PC/SC readers can be a bit iffy - is this your experience? Have I missed anything I should be asking? Are there any other hurdles? I'm aware fsf europe give away cards with membership - I'm not sure I want to join, but... are these cards any good?

Read the article
My uncle is the family historian. We need to host about 5-15 TB of images and video. Any inexpensive

- by Citizen

Basically we have hq scans of thousands of old family photos. Plus tons of family video. We want to host them where we can still have total control over the content and restrict access. I'm a php programmer, so the security is not an issue. What is an issue is finding a host to store 10 TB of data and not be paying a ton of money. We really are not planning on a lot of traffic. Maybe 1-10 visitors a day; family only. Kind of like an online library.

Read the article
How to set printer permissions using PowerShell / some other script?

- by Borek

I need to update printer's permissions in a script, i.e. do the same as I would manually do this way: Open Devices and Printers applet Double-click the default printer (open its queue) Go to Printer - Properties In the properties dialog, go to Security tab Change permissions for Everyone (e.g., check Manage documents permissions) How to do that? For example, in PowerShell, I can do Get-WmiObject -class win32_printer -filter Default=True to get the default printer and there are then methods getSecurityDescriptor() and setSecurityDescriptor() but for instance this command: (Get-WmiObject -class win32_printer -filter Default=True).getsecuritydescriptor().Descriptor return null so I'm not sure if I'm doing it the right way. Does anyone have a working example to set printer permissions? Am I on the right path or should I use something other than WMI entirely? Thanks.

Read the article
Choosing between cloud (Cloudfoundry ) and virtual servers - for developers

- by Mike Z

I just came across some articles on how to setup your own cloud using Cloudfoundry and Ubuntu, this got me thinking, choosing our infrastructure, if we want to use our own servers what's the advantage of cloud on virtual servers vs just using virtual servers, VPN? If we now develop for the cloud later if we need help we can quickly move on to a cloud provider, but other than that what's the advantage and disadvantage of private cloud in these areas? speed of development, testing, deployment server management security having an extra layer (cloud) will that have a hit on server performance, how big? any other advantage/disadvantage?

Read the article
Web Deploy to IIS7 fails with 401 (Unauthorized)

- by Trex

we have IIS7 running on Windows Web Server 2008 R2 and it's set up to support Web Deploy. It worked fine when we used the default Administrator account. We recently disabled this account (for security reasons) and are now trying to deploy using another account which is member of the Administrators group, but the deploy fails with 401 (Unauthorized). More specifically, it says: Connected to '<IP>' using Web Deployment Agent Service, but could not authorize. Make sure you are an admin on '<IP>'. The remote server returned an error: (401) Unauthorized. Anybody has any ideas why this is happening? Thanks. Trex

Read the article

< Previous Page | 489 490 491 492 493 494 495 496 497 498 499 500 | Next Page >