Search Results

Search found 20283 results on 812 pages for 'security context'.

Page 501/812 | < Previous Page | 497 498 499 500 501 502 503 504 505 506 507 508 | Next Page >

AWS RDS Timeout

- by warder57

I know next to nothing about networking/servers. So I'm assuming I'm missing something obvious. All of the resources I can find on this, either don't work or are outdated. I created a brand new AWS account on the free plan. I created a postgres RDS DB instance. I made sure that this RDS instance is set to publicly accessible. This RDS instance has the default VPC/Security Group settings. In order to connect to this DB from my local machine, I used pgadmin3 and followed the instructions provided on the AWS documentation page. Seen here: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ConnectToPostgreSQLInstance.html I've double checked all of the information required to connect: Host: whatever.whatever.us-west-2.rds.amazonaws.com Port: 5432 Username: USERNAME Password: PASSWORD When I try to connect to the database, my connection fails due to a timeout. (During step 4 in the above guide.) Can anyone point me to whatever I am missing? Thanks in advance

Read the article
Problem installing SSL on centos 5.2 with plesk

- by Haluk

Hello, I'm trying to install an ssl certificate to a dedicated centos 5.2 server. I followed the hosting company's instructions but the ssl is not working. When I try to access my website using https, Firefox gives the following error: uses an invalid security certificate. The certificate expired on 3/13/2010 11:56 AM. (Error code: sec_error_expired_certificate) I'm not sure where the problem is. You should also know that this server has plesk installed, even though I'm not using it, it could potentially be somehow overriding my httpd.conf or ssl.conf. Thanks!

Read the article
SSL certificate for FTPS, is it the same as for HTTPS?

- by BlackTigerX

This question is about "FTP over SSL", if I understand correctly FTPS and HTTPS are just the standard FTP and HTTP protocols running on top of SSL, is this correct? The actual question is: is the certificate that you use for FTPS the exact same that you can use for HTTPS? or are there any differences? To give you some context, I need to get a certificate for an FTPS server, I know I can generate one but it needs to be from an certificate authority, I just need to make sure that I can use the same type of certificate that we use here for HTTPS, otherwise need to know what type of certificate I need to get

Read the article
How to grant secure access to an untrusted developer to an exisiting virtual host?

- by Margaret Thorpe

Our security policy does not permit ftpd on our servers. Our trusted developers use ftps to access our webservers and they have full access to the server. How do we grant limited access to a single untrusted developer for an existing virtual host. Ive configured rssh to only allow sftp to our untrusted developer, but we dont want him browsing around our other sites. I've investigated chroot, but it seems overly complex and more for restricting access to their home folders. I want to limit access to /srv/www/vhostx/ and below. Whats the best solution?

Read the article
cant send using postfix from external ip address

- by daniel

i have postfix set up as a satellite to listen on port 587 i can send email outside fine trough the postfix(ubuntu) box from the local network with no problems when i try to connect to the postfix(ubuntu) box from a external ip and send mail it spits back a 554 5.7.1 Relay access denied error i can telnet to it fine, just cant send mail this is my main.cf : smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no append_dot_mydomain = no readme_directory = no smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = smtp_use_tls = no myhostname = cotiso-desktop alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = mydomainname.com, cotiso-desktop, localhost.localdomain, localhost relayhost = smtp.mydomainname.com mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all inet_protocols = all there is no security set up yet, i'm just trying to get it working first any ideas? thanks in advance

Read the article
How hard for a Software Developer to Maintain a Server

- by Samy

I'm a software developer and don't have much experience as a sysadmin. I developed a web app and was considering buying a server and hosting the web app on it. Is this a huge undertaking for a web developer? What's the level of difficulty of maintaining a server and keeping up with the latest security patches and all that kind of fun stuff. I'm a single user, and not planning to sell the service to others. Can someone also recommend an OS for my case, and maybe some good learning resources that's concise and not too overwhelming.

Read the article
cannot connect to MS FTP 7.5 on Windows 2008 on Amazon EC2 instance

- by minerj

I have just installed the MS FTP 7.5 upgrade on my Windows 2008 Server (Service Pack 2) running on an Amazon EC2 instance. In the FTP Firewall Support settings for the server in IIS Manager I have set up the passive port range 45001 - 45005 and also set the External Firewall IP address to match the assigned Amazon Elastic IP address. Using the AWS Console I changed the Security Group for the server to allow access to the server through ports 21 and 45001 through 45005. Using an FTP client (either the command line FTP client or Windows Explorer) on the Amazon server I can connect to the FTP server but I cannot connect with an external FTP client. When I checked to see which ports were open on the server using Shields Up it shows that port 21 is open but ports 45001 to 45005 are closed. I assume I'm missing something. Any help greatly appreciated.

Read the article
Need help identiying a nasty rootkit in Windows

- by goofrider

I have a nasty rootkit that not tools seem to be able to idenity. I know for sure it's a rootkit, but I can figure out which rootkit it is. Here's what I gathered so far: It creates multiple copies of itself in %HOME%\Local Settings\Temp with names like Q.EXE, IAJARZ.exe, etc., and install them as hidden services. These EXE have SysInternals identifiers in them so they're definitely rootkits. It hooked very deep in the system, including file read/write, security policies, registry read/write, and possibly WinSock/TCP/IP. When going to Sophos.com to download their software, the rootkit inject something called Microsoft Ajax Tootkit into the page, which injects code into the email submission form in order to redirect it. (EDIT: I might have panicked. Looks like Sophos does use an AJAZ email form, their form is just broken on Chrome so it looked like a mail form injection attack, the link is http://www.sophos.com/en-us/products/free-tools/virus-removal-tool/download.aspx ) Super-Antispyware found a lot of spyware cookies, in the name of .kaspersky.2o7.net, etc. (just chedk 2o7.net, looks like it's a legit ad company) I tried comparing DNS lookup from the infected systems and from system in other physical locations, no DNS redirections it seems. I used dd to copy the MBR and compared it with the MBR provided by ms-sys package, no differences so it's not infecting MBR. No antivirus or rootkit scanner be able to identify it. Most of them can't even find it. I tried scanning, in-situ (normal mode), in safe mode, and boot to linux live CD. Scanners used: Avast, Sophos anti rootkit, Kasersky TDSSKiller, GMER, RootkitRevealer, and many others. Kaspersky reported some unsigned system files that ought to be signed (e.g. tcpip.sys), and reported a number of MD5 mismatches. But otherwise couldn't identify anything based on signature. When running Sysinternal RootkitRevealer and Sophos AntiRootkit, CPU usage goes up to 100% and gets stucked. The Rootkit is blocking them. When trying running/installing HiJackThis, RootkitRevealer and some other scanners, it tells me system security policy prevent running/installing it. The list of malicious acitivities go on and on. here's a sample of logs from all my scans. In particular, aswSnx.SYS, apnenfno.sys and PROCMON20.SYS has a huge number of hooks. It's hard to tell if the rootkit replaced legit program files like aswSnx.SYS (from Avast) and PROCMON20.SYS (from Sysinternal Process Monitor). I can't find whether apnenfno.sys is from a legit program. Help to identify it is appreciated. Trend Micro RootkitBuster ------ [HIDDEN_REGISTRY][Hidden Reg Value]: KeyPath : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg Root : 586bfc0 SubKey : Cfg ValueName : g0 Data : 38 23 E8 D0 BF F2 2D 6F ... ValueType : 3 AccessType: 0 FullLength: 61 DataSize : 32 [HOOKED_SERVICE_API]: Service API : ZwCreateMutant Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS OriginalHandler : 0x8061758e CurrentHandler : 0xaa66cce8 ServiceNumber : 0x2b ModuleName : aswSnx.SYS SDTType : 0x0 [HOOKED_SERVICE_API]: Service API : ZwCreateThread Image Path : c:\windows\system32\drivers\apnenfno.sys OriginalHandler : 0x805d1038 CurrentHandler : 0xaa5f118c ServiceNumber : 0x35 ModuleName : apnenfno.sys SDTType : 0x0 [HOOKED_SERVICE_API]: Service API : ZwDeleteKey Image Path : C:\WINDOWS\system32\Drivers\PROCMON20.SYS OriginalHandler : 0x80624472 CurrentHandler : 0xa709b0f8 ServiceNumber : 0x3f ModuleName : PROCMON20.SYS SDTType : 0x0 HiJackThis ------ O23 - Service: JWAHQAGZ - Sysinternals - www.sysinternals.com - C:\DOCUME~1\jeff\LOCALS~1\Temp\JWAHQAGZ.exe O23 - Service: LHIJ - Sysinternals - www.sysinternals.com - C:\DOCUME~1\jeff\LOCALS~1\Temp\LHIJ.exe Kaspersky TDSSKiller ------ 21:05:58.0375 3936 C:\WINDOWS\system32\ati2sgag.exe - copied to quarantine 21:05:59.0217 3936 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:05:59.0342 3936 C:\WINDOWS\system32\BUFADPT.SYS - copied to quarantine 21:05:59.0856 3936 BUFADPT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:05:59.0965 3936 C:\Program Files\CrashPlan\CrashPlanService.exe - copied to quarantine 21:06:00.0152 3936 CrashPlanService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:00.0246 3936 C:\WINDOWS\system32\epmntdrv.sys - copied to quarantine 21:06:00.0433 3936 epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:00.0464 3936 C:\WINDOWS\system32\EuGdiDrv.sys - copied to quarantine 21:06:00.0526 3936 EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:00.0604 3936 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe - copied to quarantine 21:06:01.0181 3936 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0321 3936 C:\Program Files\AddinForUNCFAT\UNCFATDMS.exe - copied to quarantine 21:06:01.0430 3936 OTFSDMS ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0492 3936 C:\WINDOWS\system32\DRIVERS\tcpip.sys - copied to quarantine 21:06:01.0539 3936 Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0601 3936 C:\DOCUME~1\jeff\LOCALS~1\Temp\TULPUWOX.exe - copied to quarantine 21:06:01.0664 3936 HKLM\SYSTEM\ControlSet003\services\TULPUWOX - will be deleted on reboot 21:06:01.0664 3936 C:\DOCUME~1\jeff\LOCALS~1\Temp\TULPUWOX.exe - will be deleted on reboot 21:06:01.0664 3936 TULPUWOX ( UnsignedFile.Multi.Generic ) - User select action: Delete 21:06:01.0757 3936 C:\WINDOWS\system32\Drivers\usbaapl.sys - copied to quarantine 21:06:01.0866 3936 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0913 3936 C:\Program Files\VMware\VMware Player\vmware-authd.exe - copied to quarantine 21:06:02.0443 3936 VMAuthdService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:02.0443 3936 vmount2 ( UnsignedFile.Multi.Generic ) - skipped by user 21:06:02.0443 3936 vmount2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:06:02.0459 3936 vstor2 ( UnsignedFile.Multi.Generic ) - skipped by user 21:06:02.0459 3936 vstor2 ( UnsignedFile.Multi.Generic ) - User select action: Skip

Read the article
Elastic Load Balancer & SSL termination

- by Aaron Scruggs

I am setting up a Rails app on AWS that: 1) all traffic must ssl encrypted 2) will highly fluctuate in traffic on a weekly basis 3) will by maintained by someone that is a stronger coder than sysadmin, but will be responsible for both I am thinking that SSL termination on an elastic load balancer backed by small ec2 instances running nginx and unicorn A small subset of the requests will take longer than 10s, because of this I am also debating using 'thin' instead of 'unicorn'. My question is this: Is this sane? I am stepping into a quagmire of cost, maintainability, security or performance problems?

Read the article
Sun Java keytool importing EV certificates into a single keystore

- by ss0

At my current job we are using tomcat, customers have custom web portals setup on their own local machines. EV certs are new to me, they have 2 part intermediary and a primary certificate. For our product to work it appears I need to get all three parts installed under a single keystore entry. How can I roll all three parts into a single x.509 compliant file for import? They syntax I am using is as follows: /blah/system/j2sdk/bin/keytool -import -alias foo -keystore /zix/system/jdk1.5.0_06/jre/lib/security/cacerts -file certname.pem -trustcacerts where foo = the keystore name and certname.pem is the main cert. I have tried importing the intermediate certs under their own names into the keystore and I don't know if it's just the product I have to work with (not vanilla tomcat) or what but it doesn't see those. I have seen a working system and all three certs were under the single keystore alias. Anyone have any ideas?

Read the article
Multisession burn in Imgburn

- by blntechie

Is Multisession burn available in Imgburn? If not, any idea whether it will be implemented in future? I almost recommended Imgburn instead of Nero or Roxio to one of my friend. He requires multisession burning and I found no options to enable it,if available in Options. Note: Please don't question the question. Like, Why would you want multisession anyway? or Isn't USB stick/RW Disk is what you need instead of a RO CD/DVD? Please keep the answers in context. I know that I can use USB sticks instead of CD/DVD and my friend require mulisession anyway. May be I can ask him to keep Nero as a backup for this purpose if Imgburn don't support this.

Read the article
Funky mail sorting and grouping in Outlook 2007

- by laurie

In outlook 2007 I group mails in a folder by subject with mails in each subject group sorted by Received date (newest to oldest) This works fine; I tick 'Subject' and 'Show in groups' in the context menu of the folder's table header. Life is good. But the subject groups in the mail folder are sorted alphabetically. I would like the group which has the newest mail to be the first group. Similar to how the arrange by 'Conversation' works Can this be done? I'm not averse to an add-in/macro type solution if anyone can point me at examples of implementing custom sorting in Outlook

Read the article
Restoring permissions on Windows 2008

- by Andrey

I have played with folder permissions due to SVN not being able to write to a folder and now I got into a state where I go to any folder of C: drive in Windows Explorer and when I right-click it takes 30 seconds to show the context menu and it just hangs the window after that. It definitely has something to do with permissions as it was all working fine until I started tweaking permissions about an hour ago. My login belongs to two groups Users and Administrators. I changed ownership of C drive to Administrators group and I think it screwed everything, but I can't change it back because I don't even remember what it was :) Oh, and only Administrators group has access to drive C now. Any way to reset permissions to some previous state or some workable state?

Read the article
Packaging python software with custom dependencies

- by viraptor

Hi, I'm looking for a good way to package a Python application that is going to be deployed on a Debian server. The application itself depends on some modules which are not included in base Debian repository, although they might be in the future. This creates some problems... I depend on some patches to those modules. If the original module gets installed one day, the application will break. However if I install everything I need in a virtualenv just for that application, I lose the ability to upgrade Python itself (in case of security updates). The third option would be to rename my fork of the upstream module and just treat it as a completely separate one. But that would mean changing the code (not much work, but it wouldn't be that clean / universal anymore). Are there any other options that I missed? Are there any pros / cons I didn't see in the solutions above?

Read the article
How to authenticate users in nested groups in Apache LDAP?

- by mark

I've working LDAP authentication with the following setup AuthName "whatever" AuthType Basic AuthBasicProvider ldap AuthLDAPUrl "ldap://server/OU=SBSUsers,OU=Users,OU=MyBusiness,DC=company,DC=local?sAMAccountName?sub?(objectClass=*)" Require ldap-group CN=MySpecificGroup,OU=Security Groups,OU=MyBusiness,DC=company,DC=local This works, however I've to put all users I want to authenticate into MySpecificGroup. But on LDAP server I've configured that MySpecificGroup also contains the group MyOtherGroup with another list of users. But those users in MyOtherGroup are not authenticated, I've to manually add them all to MySpecificGroup and basically can't use the nested grouping. I'm using Windows SBS 2003. Is there a way to configure Apache LDAP to do this? Or is there a problem with possible infinite recursion and thus not allowed?

Read the article
Unable to connect to another computer from the Task Scheduler on Windows 7

- by Clem

I am getting the following error when trying to connect to another computer from the Task Scheduler on Windows 7: "The remote computer was not found." The computer that I am trying to connect to is definitely on the network as I can ping it and browse its shared folders in Windows Explorer. Note that I get the same error message when trying to perform the same operation from Performance Monitor. This suggests that I need to something to enable remote connection to the Task Scheduler. I am not very experienced with Windows administration and I am not sure where to look. To give a bit more context, I want to use the Task Scheduler to automatically start Perf Mon on a few machines at my company. I'd like to setup the Task Scheduler remotely. Does anyone know what I need to do?

Read the article
What is this "Change to Display" of math equations and why does it change the equation style in Word 2010?

- by ysap

I am writing an equation with the "new" Equation Editor in MS Word 2010 (Insert - Equation). When using one of the "large operators", for example the Sigma, with lower and upper limits, there are two styles for displaying the limits - below and above the Sigma, or to the right as super/subscripts. I am choosing the first style - limits above and below to get the standard notation, but Word formats the equation the other way. Now, the object has a bounding box with a context menu on its right. In this menu, I can select Change to Display and the equation is moved to a new line, w/o adjacent text - but, now the sigma limits appear as requested! Then, selecting Change to Inline reverts to the previous form. So, I want to know if there is away to force the requested form with an "inline" attribute? I know that I can use a MS Equation 3.0 object, but I want to remain with the new, "native" editor.

Read the article
multiple file systems for mysql

- by RainDoctor

Does mysql support multiple file systems for a single database with most of the tables being on MyISAM? Context: we have a 1.5TB mysql database, which is increasing at the rate of 200GB per month. The storage is directly attached, whose slots are almost full. I can add another DAS, and increase the file system. But resizing volume, resizing file system, etc are getting messy. Is there a concept of "tablespace, datafile" (like in oracle) in MySql world? Or how you guys manage mysql db with these kind of constraints?

Read the article
Redhat 6 gui installation VS kickstart gives me different packages?

- by jonaz

If i do the graphical install and select basic server + aide and screen i get a system with 535 installed packages. If i look at the /root/anaconda-ks.cfg file in that freshly installed system i see: %packages @base @console-internet @core @debugging @directory-client @hardware-monitoring @java-platform @large-systems @network-file-system-client @performance @perl-runtime @security-tools @server-platform @server-policy @system-admin-tools pax python-dmidecode oddjob sgpio certmonger pam_krb5 krb5-workstation nscd pam_ldap nss-pam-ldapd perl-DBD-SQLite aide screen If i then install a NEW system using a kickstart only containing those packages i get 620 installed packages. So basicly my question is why does the system install almost 100 more packages when using kickstart compared to the GUI installation when the exact same packagegroups are selected?

Read the article
I can not watch any videos on youtube

- by hamed

I can not watch any videos on Youtube with any browser ( Chrome 20 , Firefox 13 , IE 8 ). I get this error An error accurred. Please try again later. My OS is Windows 7 (32bit) and the antivirus is zonealarm extreme security 10.1.079.000 . I installed flash player 11 but no success. I exited zone alarm to watch video, but no success again and error is the same. I don't know what's the problem . I searched a lot but didn't find the problem. I'd appreciate any idea.

Read the article
how to connect public web server to internal LAN

- by DefSol

I have a VPS which is my public web server for all my clients. It's running server 2008 and I would like to have it connect via secure connection to my internal LAN. I would like this to be a route so access is bi-derectional. Have read about Server & Domain isolation, but am concerned this may prevent public views to the webs sites on the server. I currently have a PPTP tunnel, but I'm wanting better security (IPSec or SSL etc) and it's not given my bi derectional access. (In fact my backups aren't copying accross but this could be an acl issue) The goal is to provide easy/automated backups of data & sql db's to my internal LAN, as well as a means to provision new sites & db's from a workflow occuring internally. Internal lan is windows based with ISA 2006 at the perimeter. Thanks

Read the article
kvm -net only passing broadcast, multicast, and guest destination traffic

- by user52874

Figured this out just last week, but I can't find it now. Even printed it out. Can't find that either. Frustrating...so...help! Configured a 'monitoring' nic on a kvm guest (running 'Security Onion, if it matters). I read (somewhere) that the default nic configuration for a kvm guest is to only pass broadcast traffic, multicast traffic, and traffic with the guest's mac as a destination. There is an option to override this behaviour, and pass all traffic. It's something like --mac-filtering=no, or --mac-restriction=no, or something like that. Worked beautifully. Does this look at all familiar to anyone who can clue me in to the exact option syntax? thx.

Read the article
Are there any sFTP clients that support a proxy that uses NTLM authentication?

- by Iraklis

The title pretty much summarizes the question. We have deployed an sFTP server that needs to be accessed from our client's MS Windows Pc's that reside within a restricted local area network. The only way they can get out for their Intranet is to use an HTTP proxy that requires NTLM authentication. From what I understand all open-source sFTP clients (FilleZilla,WinSCP,etc) do NOT support NTLM authentication (Because of legal issues). I know that there are workarounds to this (installing a local proxy at the machine that understands NTLM) but this would break all sorts of security policies of our client. So my question is : Does anyone know of any sFTP client that supports a NTLM Proxy?

Read the article
software to allow a friend to look on your screen

- by acidzombie24

I want a friend of mine to review my code. I have a mic built into my laptop but i can use another software for voice chat. So i would like to have him to either view my screen (taking control might be fine) or show me his screen so he can talk about a specific piece of code. What software is good for this? We both think about security so an MS product (netmeeting? if that still exist on normal msn live installs) or an open source would be preferred. Should be free.

Read the article
Sharing a wifi connection between different user profiles on Windows XP

- by crowne

I've set-up two separate user profiles on an old laptop running Windows-XP, and noted the following strange behaviour. When the wireless network is setup using WEP both user profiles can connect to the internet and I can switch between user profiles, without network connectivity issues. However when I changed the wireless security to WPA2, the first user to connect gets access to the internet, when switching to the second profile the connection fails. The behaviour is the same regardless of which of the two profiles logs on first. I also tried this with one user with admin rights and one without, and got the same result. I'm not too concerned about a fix for this other than forcing the users to log-off when sharing the laptop, but I'd be interested to know if anyone can corroborate my findings. The network config was done using Intel® PROSet/Wireless.

Read the article

< Previous Page | 497 498 499 500 501 502 503 504 505 506 507 508 | Next Page >