Search Results

Search found 20283 results on 812 pages for 'security context'.

Page 493/812 | < Previous Page | 489 490 491 492 493 494 495 496 497 498 499 500 | Next Page >

How can I use Windows Firewall to only permit the Windows Update service to make an outbound connection?

- by microsmash

I'm trying to tailor my Windows Firewall settings (using the Windows Firewall with Advanced Security console) to only permit programs that need to access the Internet with an outbound connection to do so. This works fine for normal applications as I can just allow the program, but services that load in the svchost.exe process are a problem. The only services I actually need to give access to are Windows Update and the Background Intelligent Transfer Service (and even that, I would only like Windows Update to be able to submit jobs to, but that's another issue.) Is there a method to only allow these to be permitted an outbound connection, and not any of the other services loaded in svchost?

Read the article
Loggon to Internet Hotspot from within Linux Terminal

- by Saif Bechan

For internet I use a local Hotspot service. I have internet when I start my browser and fill in my username and password. This stays as long as I do not shut down my PC for a while. I run some virtual machines, centos, debian, from the command line. I run these just for small test purposes, nothing special, and security is not an issue for me at all. I want to have these VM's connect directly to the hotspot if this is possible. So they each have there own IP. I have enough hotspot accounts to do so. I can do this with a bridged connection in VMware which works find with a GUI. But I run these OS's from the command line. I only need to know a way how to get the hotspot to validate my credentials. Is there a way of doing this without having a gui.

Read the article
My uncle is the family historian. We need to host about 5-15 TB of images and video. Any inexpensive

- by Citizen

Basically we have hq scans of thousands of old family photos. Plus tons of family video. We want to host them where we can still have total control over the content and restrict access. I'm a php programmer, so the security is not an issue. What is an issue is finding a host to store 10 TB of data and not be paying a ton of money. We really are not planning on a lot of traffic. Maybe 1-10 visitors a day; family only. Kind of like an online library.

Read the article
Chrome is reporting GMail has Invalid Server Certificate, how do I find out who's fiddling with my certs?

- by chillitom

Chrome is giving the following warning when ever I try and visit GMail or a bunch of other SSL sites. Invalid Server Certificate You attempted to reach mail.google.com, but the server presented an invalid certificate. You cannot proceed because the website operator has requested heightened security for this domain. This is the certificate the Chrome reports as invalid: -----BEGIN CERTIFICATE----- MIIDIjCCAougAwIBAgIQK59+5colpiUUIEeCdTqbuTANBgkqhkiG9w0BAQUFADBM MQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkg THRkLjEWMBQGA1UEAxMNVGhhd3RlIFNHQyBDQTAeFw0xMTEwMjYwMDAwMDBaFw0x MzA5MzAyMzU5NTlaMGkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh MRYwFAYDVQQHFA1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKFApHb29nbGUgSW5jMRgw FgYDVQQDFA9tYWlsLmdvb2dsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ AoGBAK85FZho5JL+T0/xu/8NLrD+Jaq9aARnJ+psQ0ynbcvIj36B7ocmJRASVDOe qj2bj46Ss0sB4/lKKcMP/ay300yXKT9pVc9wgwSvLgRudNYPFwn+niAkJOPHaJys Eb2S5LIbCfICMrtVGy0WXzASI+JMSo3C2j/huL/3OrGGvvDFAgMBAAGjgecwgeQw DAYDVR0TAQH/BAIwADA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLnRoYXd0 ZS5jb20vVGhhd3RlU0dDQ0EuY3JsMCgGA1UdJQQhMB8GCCsGAQUFBwMBBggrBgEF BQcDAgYJYIZIAYb4QgQBMHIGCCsGAQUFBwEBBGYwZDAiBggrBgEFBQcwAYYWaHR0 cDovL29jc3AudGhhd3RlLmNvbTA+BggrBgEFBQcwAoYyaHR0cDovL3d3dy50aGF3 dGUuY29tL3JlcG9zaXRvcnkvVGhhd3RlX1NHQ19DQS5jcnQwDQYJKoZIhvcNAQEF BQADgYEANYARzVI+hCn7wSjhIOUCj19xZVgdYnJXPOZeJWHTy60i+NiBpOf0rnzZ wW2qkw1iB5/yZ0eZNDNPPQJ09IHWOAgh6OKh+gVBnJzJ+fPIo+4NpddQVF4vfXm3 fgp8tuIsqK7+lNfNFjBxBKqeecPStiSnJavwSI4vw6e7UN0Pz7A= -----END CERTIFICATE----- I think someone or something (proxy, anti-virus, browser extension) is snooping on my SSL traffic. How can I determine who/what is doing this?

Read the article
Strange request - http://66.196.81.202/error/vote

- by mplungjan

Hi a friend of mine is asking about the request which can for example be found here: http://www.geoidee.ch/geodata/geoserver-2.0.0/logs/2010_11_23.request.log His original message: On a couple of hundred web sites worldwide, one of the 50 most popular "File not found" error 404 is caused by the following request: "GET http://66.196.81.202/error/vote HTTP/1.0" It originates from a user agent that purports to be an iPhone. The two requests that hit my servers appeared to originate near Frankfort, Germany. The IP address in the request is part of Yahoo although I doubt that Yahoo had any intentional part. fe1.buzz.vip.re1.yahoo.com The HTTP request has a host header 66.196.81.202 and a X-Forwarded-For of 96.6.99.16 and my IP address I expected to be able to do a Google search and find some kind of security bulletin on it, but I found nothing. It could just be that my search skills are deficient. Thanks for any pointers to what this could be

Read the article
TFS and Sharepoint integration

- by pho3nix

I using a Sharepoint 2007 and TFS 2010. I installed all with reports sharepoint integration but when i try create a TeamProject Collections always return this warning: Server was unable to process request. --- TF250029: No user was found within the context of a Web site. Verify that the site does not allow anonymous access. And in sharepoint web applications tfs console window when check my sharepoint portal /sites return a error saying is blocked by firewall or server extensions is not installed, but i have all ok. Anyone can helpme, please.

Read the article
Ubuntu 14.04 VPS won't boot the latest kernel on XEN

- by aztekk

I have a XEN VPS and it's been running Ubuntu for some years now. AUtomatic security upgrades are on and I've manually upgraded it continously and also done releas-upgrades whenever there's been a new release. All has been working great! But now, after upgradeing to 14.04 LTS, the VPS won't boot the latest kernel (3.13.0-24) even though it's set to default. It always failback to 3.2.0-60 and for some reason the VPS seams very unresponsive, compared the before. The support wrote in a ticket something about compiling my own kernel, with pvops enabled, but I'm not sure how to do that, or why I should compile my own kernel. Doesn't Ubuntu support to be run on a XEN host?

Read the article
Multiple External IP Ranges on a Juniper SSG5

- by Sam

I have a Juniper SSG 5 firewall in a datacenter. The first interface (eth0/0) has been assigned a static IP address and has three other addresses configured for VIP Nat. I have a static route configured at the lowest priority for 0.0.0.0/0 to my hosting company's gateway. Now I need to configure a second IP block. I have the IPs assigned to the second interface (eth0/1) which is in the same security zone and virtual router as the first. However, with this interface enabled I (a) can't initiate outbound sessions (browse the internet, ping, DNS lookup, etc) even though I can access servers behind the firewall just fine from the outside and (b) can't ping the management IP of the firewall/gateway. I've tried anything I can think of but I guess this is a little above my head. Could anyone point me in the right direction? Interfaces: ethernet0/0 xxx.xxx.242.4/29 Untrust Layer3 ethernet0/1 xxx.xxx.152.0/28 Untrust Layer3 Routes: http://i.stack.imgur.com/60s41.png

Read the article
Using schtasks in interactive mode

- by CFP

Hello! I'd like to create a scheduled task from the command line, in interactive mode. The at hh:mm /interactive program command fails, stating that security policies do not allow interactive execution. I'd therefore like to use the schtasks command. But when I type something like schtasks /Create /TN MyTask /SC DAILY /ST "13:10" /TR "notepad.exe" /V1 /F I get a message asking for my password, although I haven't set a password for my session. And when I leave the field blank, the command line answers that the task won't be able to run. How can I fix this problem? And how can I make the task interactive? Using /RU SYSTEM prevents the task from being run in interactive mode. Thanks! CFP.

Read the article
pdf creation software, for docx and odt

- by oxinabox.ucc.asn.au

Ok, I have a fairly large collection of docx and odt files. Minutes from meetings etc. Now I want to convert them to pdfs for distrobution. and also into one combined pdf. At the momement I'm using Adobe Acrobat 8 (Pro iirc). and on another machine I'm using foxit pdf printer. To do this I have to print them each individually to pdfs. and then I can combine them with Acrobat, cos acrobat doesn't support conversion stright from docx or odt to pdf - only via printing. Now this is annoying if you have to do it on a regular basis, since i don't keep the pdfs around (I have the orignals source controlled :-D) cos they go out of date pretty quick as I often have to go back and modify old versions (like ridiculously often). e Eg When I find out I've got something in the minutes wrong or I want to add more context for clarifaction. Anyone got a better solution?

Read the article
Internet wireless connected with limited access, windows vista

- by r0ca

I had some malware in my computer so I did a bit of manual work to remove it including resetting TCP/IP. Now the malware is gone. I can see my home wireless network and I can get connected to it but when connected I get the Internet wireless connected with limited access message. When I go to the IE I cannot browse. When I tried to ping 192.168.1.1 I got an Error Code 1231 Unconnected Network Problem. I have deactivated my Windows firewall as I thought it could be hyperactive security. Still no luck. I have Norton but it is not active, I have also Avast and AVG installed but they are not active. Any ideas?

Read the article
When did Red Hat start shipping PHP 5.3 with 5.x?!?

- by Jason

Okay this is a PSA more than a question because I know the answer: January 13, 2011. See: https://rhn.redhat.com/errata/RHEA-2011-0069.html Colour me surprised though, didn't hear anything about in the blogosphere until I got a Security Errata notice today. I have been using the REMI repo for this in the past but will switch over to the Red Hat blessed PHP 5.3. Don't down-vote me bro! I'll select as the best answer the source that broke the news first (other than Red Hat of course). People have wanted this for so long I'm just amazed that it's finally happened!

Read the article
Web Deploy to IIS7 fails with 401 (Unauthorized)

- by Trex

we have IIS7 running on Windows Web Server 2008 R2 and it's set up to support Web Deploy. It worked fine when we used the default Administrator account. We recently disabled this account (for security reasons) and are now trying to deploy using another account which is member of the Administrators group, but the deploy fails with 401 (Unauthorized). More specifically, it says: Connected to '<IP>' using Web Deployment Agent Service, but could not authorize. Make sure you are an admin on '<IP>'. The remote server returned an error: (401) Unauthorized. Anybody has any ideas why this is happening? Thanks. Trex

Read the article
Android Jelly Bean: fix search button [migrated]

- by Jon Rodriguez

I just upgraded my Nexus S from Android 4.0.something (I forget the subversion) to Android 4.1.1. The magnifying glass button used to be really useful -- it would trigger a search function within whatever app I was using. For example pressing it within the Maps app would search for a place, or pressing it within the Facebook app would search for a friend. But now, the magnifying glass button launches a google search no matter what the context is! This is extremely annoying and makes a lot of apps harder to use, especially Maps. How can I use a setting or a patch to revert the magnifying glass button to its old behavior?

Read the article
Apache 2 Symbolic link not allowed or link target not accessible

- by djechelon

While the title of this question matches an already asked question, in my case I already set Options +FollowSymLinks. The setup is the following: my hosting setup includes htdocs/ directory that is the default document root for HTTP websites and htdocs-secure that is for HTTPS. They are meant for sites that need a different HTTPS version. In case both share the same files I create a link from htdocs-secure to htdocs by ln -s htdocs htdocs-secure but here comes the problem! Log still says Symbolic link not allowed or link target not accessible: /path/to/htdocs-secure Vhost fragment Header always set Strict-Transport-Security "max-age=500" DocumentRoot /path/to/htdocs-secure <Directory "/path/to/htdocs-secure"> allow from all Options +FollowSymLinks </Directory> I think it's a correct setup. The HTTP version of the site is accessible, so it doesn't look like a permission problem. How to fix this? [Add] other info: I use MPM-itk and I set AssignUserId to the owner/group of both the directories

Read the article
Puppet nodes cant' find master, ec2 public versus internal ip addresses and hosts files

- by Blankman

If I setup my hosts files such that they reference all other ec2 nodes using the internal ip addresses, will this work or do I have to use the external ip addresses? Do I need to specify anything in my security group to get internal ip addresses to work? e.g. /etc/hosts ip-10-11-12-13.internal some_node_name If I do this, can I reference some_node_name anywhere in my scripts where I would have used the ip address previously? On my puppet agent servers, I have a reference to my puppet master like: public-ip-here puppet When I reboot my puppet agent's, syslog shows they couldn't find the master with the message: getaddinfo : name or service not known I did get it to work by updating /etc/default/puppet and I added to the options: --server=public-ip-here From what I read, puppet will by default try using 'puppet', and I set this in my hosts file so why wouldn't it be picking this up?

Read the article
Choosing between cloud (Cloudfoundry ) and virtual servers - for developers

- by Mike Z

I just came across some articles on how to setup your own cloud using Cloudfoundry and Ubuntu, this got me thinking, choosing our infrastructure, if we want to use our own servers what's the advantage of cloud on virtual servers vs just using virtual servers, VPN? If we now develop for the cloud later if we need help we can quickly move on to a cloud provider, but other than that what's the advantage and disadvantage of private cloud in these areas? speed of development, testing, deployment server management security having an extra layer (cloud) will that have a hit on server performance, how big? any other advantage/disadvantage?

Read the article
Cannot remove wireless network profile even though admin account is used

- by David Karlsson

On my windows computer which is connected to a company domain. I have problems with the wireless networking. First of all the computer fails to connect. Second of all I cannot remove the network from the list of wireless profiles. The properties window simply claims that "This network is administered by the Administartor Account". I am currently logged in as the local administrator. I have also tried creating a new admin account and still get the same problem when trying to remove the network. My computer has only the microsoft security essentials antivirus and some VMWare+virtual box connections that I can figure might interfere, but disabling realtime protection has not helped me on this. I also cannot delete the virtual network adapters from the control panel / network adapters...

Read the article
Is there a free-embedded SSH solution ?

- by ereOn

Hi, I'm working for an important company which has some severe network policies. I'd like to connect from my work, to my home linux server (mainly because it allows me to monitor my home-automated installation, but that's off-topic) but of course, any ssh connection (tcp port 22) to an external site is blocked. While I understand why this is done (to avoid ssh tunnels I guess), I really need to have some access to my box. (Well, "need" might be exagerated, but that would be nice ;) Do you know any web-based solution that I could install on my home linux server that would give me some pseudo-terminal (served using https) embedded in a web page ? I'm not necessarily looking for something graphical: a simple web-embedded ssh console would do the trick. Or do you guys see any other solution that wouldn't compromise network security ? Thank you very much for your solutions/advices.

Read the article
squid3 auth thru samba using ntlm to AD doesn't work

- by derty

some users here are spending to much time exploring the WWW. So big boss whats to get this under control. We use a squid3 just for some security reason and chace benefits. and now i'm trying to set up a new proxy on a different server (Debian 6) Permissions are defined in AC and the squid3 should get the auth thru samba/winbind by using the ntlm protocol. but i'll get all the time Access, denited. it only works by using LDAP but thats not the way i need it. here some log and confs squid access.log 1326878095.784 1 192.168.15.27 TCP_DENIED/407 4049 GET http://at.msn.com/? -NONE/- text/html 1326878095.791 1 192.168.15.27 TCP_DENIED/407 4294 GET http://at.msn.com/? - NONE/- text/html 1326878095.803 9 192.168.15.27 TCP_DENIED/403 4028 GET http://at.msn.com/? kavan NONE/- text/html 1326878095.848 0 192.168.15.27 TCP_DENIED/403 3881 GET http://www.squid-cache.org/Artwork/SN.png kavan NONE/- text/html 1326878100.279 0 192.168.15.27 TCP_DENIED/403 3735 GET http://www.google.at/ kavan NONE/- text/html 1326878100.296 0 192.168.15.27 TCP_DENIED/403 3870 GET http://www.squid-cache.org/Artwork/SN.png kavan NONE/- text/html 1326878155.700 0 192.168.15.27 TCP_DENIED/407 4072 GET http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml - NONE/- text/html 1326878155.705 2 192.168.15.27 TCP_DENIED/407 4317 GET http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml - NONE/- text/html 1326878155.709 3 192.168.15.27 TCP_DENIED/403 4026 GET http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml kavan NONE/- text/html squid chace 2012/01/18 10:12:49| Creating Swap Directories 2012/01/18 10:12:49| Starting Squid Cache version 3.1.6 for x86_64-pc-linux-gnu... 2012/01/18 10:12:49| Process ID 17236 2012/01/18 10:12:49| With 65535 file descriptors available 2012/01/18 10:12:49| Initializing IP Cache... 2012/01/18 10:12:49| DNS Socket created at [::], FD 7 2012/01/18 10:12:49| DNS Socket created at 0.0.0.0, FD 8 2012/01/18 10:12:49| Adding nameserver 192.168.15.2 from /etc/resolv.conf 2012/01/18 10:12:49| Adding nameserver 192.168.15.19 from /etc/resolv.conf 2012/01/18 10:12:49| Adding nameserver 192.168.15.1 from /etc/resolv.conf 2012/01/18 10:12:49| Adding domain schoenbrunn.local from /etc/resolv.conf 2012/01/18 10:12:49| helperOpenServers: Starting 5/5 'squid_ldap_auth' processes 2012/01/18 10:12:49| helperOpenServers: Starting 10/10 'ntlm_auth' processes 2012/01/18 10:12:49| helperOpenServers: Starting 10/10 'squid_kerb_auth' processes 2012/01/18 10:12:49| squid_kerb_auth: INFO: Starting version 1.0.5 2012/01/18 10:12:49| squid_kerb_auth: INFO: Starting version 1.0.5 2012/01/18 10:12:49| squid_kerb_auth: INFO: Starting version 1.0.5 2012/01/18 10:12:49| squid_kerb_auth: INFO: Starting version 1.0.5 2012/01/18 10:12:49| squid_kerb_auth: INFO: Starting version 1.0.5 2012/01/18 10:12:49| squid_kerb_auth: INFO: Starting version 1.0.5 2012/01/18 10:12:49| squid_kerb_auth: INFO: Starting version 1.0.5 2012/01/18 10:12:49| squid_kerb_auth: INFO: Starting version 1.0.5 2012/01/18 10:12:49| helperOpenServers: Starting 5/5 'squid_ldap_group' processes 2012/01/18 10:12:49| squid_kerb_auth: INFO: Starting version 1.0.5 2012/01/18 10:12:49| squid_kerb_auth: INFO: Starting version 1.0.5 2012/01/18 10:12:49| Unlinkd pipe opened on FD 73 2012/01/18 10:12:49| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec 2012/01/18 10:12:49| Store logging disabled 2012/01/18 10:12:49| Swap maxSize 0 + 262144 KB, estimated 20164 objects 2012/01/18 10:12:49| Target number of buckets: 1008 2012/01/18 10:12:49| Using 8192 Store buckets 2012/01/18 10:12:49| Max Mem size: 262144 KB 2012/01/18 10:12:49| Max Swap size: 0 KB 2012/01/18 10:12:49| Using Least Load store dir selection 2012/01/18 10:12:49| Set Current Directory to /var/spool/squid3 2012/01/18 10:12:49| Loaded Icons. 2012/01/18 10:12:49| Accepting HTTP connections at [::]:3128, FD 74. 2012/01/18 10:12:49| HTCP Disabled. 2012/01/18 10:12:49| Squid modules loaded: 0 2012/01/18 10:12:49| Adaptation support is off. 2012/01/18 10:12:49| Ready to serve requests. 2012/01/18 10:12:50| storeLateRelease: released 0 objects smb.conf # Domain Authntication Settings workgroup = <WORKGROUP> security = ads password server = <DOMAINNAME>.LOCAL realm = <DOMAINNAME>.LOCAL ldap ssl = no # logging log level = 5 max log size = 50 # logs split per machine log file = /var/log/samba/%m.log # max 50KB per log file, then rotate ; max log size = 50 # User settings username map = /etc/samba/smbusers idmap uid = 10000-20000000 idmap gid = 10000-20000000 idmap backend = ad ; template primary group = <ad group> template shell = /sbin/nologin # Winbind Settings winbind separator = + winbind enum users = Yes winbind enum groups = Yes winbind netsted groups = Yes winbind nested groups = Yes winbind cache time = 10 winbind use default domain = Yes #Other Globals unix charset = LOCALE server string = <SERVERNAME> load printers = no printing = cups cups options = raw ; printcap name = /etc/printcap #obtain list of printers automatically on SystemV ; printcap name = lpstat ; printing = cups squid.conf auth_param ntlm program /usr/bin/ntlm_auth --require-membership-of=<DOMAINNAME>\\INTERNETZ --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 10 auth_param basic program /usr/lib/squid3/squid_ldap_auth -R -b "dc=<dcname>,dc=local" -D "cn=administrator,cn=Users,dc=<domainname>,dc=local" -w "******" -f sAMAccountName=%s -h 192.168.15.19:3268 auth_param basic realm "Proxy Authentifizierung. Bitte geben Sie Ihren Benutzername und Ihr Passwort ein!" #means insert you PW in an other language - # external_acl_type InetGroup %LOGIN /usr/lib/squid3/squid_ldap_group -R -b "dc=<domainname>,dc=local" -D "cn=administrator,cn=Users,dc=<domainname>,dc=local" -w "******" -f "(&(objectclass=person)(sAMAccountName=%v) (memberof=cn=%a,cn=internetz,dc=<domainname>,dc=local))" -h 192.168.15.19:3268 auth_param negotiate program /usr/lib/squid3/squid_kerb_auth -d auth_param negotiate children 10 auth_param negotiate keep_alive on acl localnet proxy_auth REQUIRED acl InetAccess external InetGroup Internetz http_access allow InetAccess http_access deny all acl auth proxy_auth REQUIRED http_access allow auth and a very suspicious is that by adding the proxy server to the Domain i see 2 new entries in the PC one with the original computer-name leopoldine and one with leopoldine CNF:f8efa4c4-ff0e-4217-939d-f1523b43464d ?!? I tried a lot, really... but i stuck on this problem... i actually i even reinstalled all dependent programs and reconfigured them from default. Group exists and has me in it. Firefox running on the old proxy and i use IE for testing the new one. But i'll get all the time Access-Denited and to be honest i'm quite a beginner, so please don't be to prude. I'll interested in improving, i'll get the information we need to fix this but i started working 2 month ago and got only 1 1/2 year's training and not a single sec. in linux ;)

Read the article
Pictures clicked on Start Menu's Recent Items list opens in non default program

- by jay

I am using Picasa Photo Viewer and have associated all JPG and PNG files to open with it. However when I open an image from the Recent Items list in the Windows 7 Start Menu it opens with Windows Photo Viewer. The context menu for such items reveals no actions that would make it go to Windows Photo Viewer, and the default (one in bold) opens with the Picasa viewer as you'd expect. It's just that the left click behaves differently for some reason. Any ideas on how to fix this?

Read the article
Automatically download files in Internet Explorer without getting prompted to Save / Cancel?

- by dimbasint

I am currently using IE7 with XP SP3. When a webpage download with unknown file type loads, I get a prompt asking me what I want to do with the file. My options are FIND SAVE CANCEL. How do I make it so that I don't get this popup prompt, but Internet explorer automatically downloads the file into a directory I choose without asking? PS. I have already tried Tools Internet Options Security Internet Custom Level Downloads Disable/Enable/Enable, but this doesn't help. Thanks for the reply. Unfortunately I have to use IE. I'm using it in connection with other proprietary software based on IE and its settings. And yes I'm aware it's not a great browser. (This is not for strictly personal use in the browsing sense. )

Read the article
Smartcards for storing gpg/ssh keys (Linux) - what do I need?

- by Ninefingers

Hi All, I'm interested in storing my SSH keys and gpg keys on a smartcard for added security. However, I'm a bit uncertain on a few points, which are as follows: How many keys can I get on a card? I assume both SSH and GPG can store keys on the card. Is there a limit to key size? I see a lot of cards saying they support 2048-bit keys, what about larger sizes? Hardware: can anyone recommend a card/reader combination that works well? I've done a fair amount of research and it seems PC/SC readers can be a bit iffy - is this your experience? Have I missed anything I should be asking? Are there any other hurdles? I'm aware fsf europe give away cards with membership - I'm not sure I want to join, but... are these cards any good?

Read the article
What is the S.M.A.R.T. page?

- by Mads Skjern

I've just listened to Steve Gibson talk about his SpinRite software, on the Security Now podcast episode 336 (transscript). At 33:20 he says: I can show and do show on the SMART page that sectors are being relocated and that errors are being corrected. That SMART analysis page sometimes scares people because it shows, wait a minute, this thing says we're correcting so many errors per megabyte. What is this SMART page? 1) Some information saved on the HD by SMART, that I can access with a SMART tool like smartmontools? 2) A page (tab) in his SpinRite software? In any case, can I see, in any way, what sectors are marked as bad, without using SpinRite? Preferably using smartmontools!

Read the article
Connecting to a secure, graphical, x session using a stateless thin client

- by npeterson

I'm looking for an open source, non-proprietery solution to this problem, any help would be appreciated. I'd like to setup a server running Ubuntu Server. I'd then like to connect to this server from a stateless thin client and use an x-session. This would occur mostly over local area networks, but also possibly over the internet. What would be the ideal set of software to accomplish this from a security, and usability standpoint? Are there any ready-made stateless thin clients that don't require proprietery software?

Read the article

< Previous Page | 489 490 491 492 493 494 495 496 497 498 499 500 | Next Page >