Search Results

Search found 22139 results on 886 pages for 'security testing'.

Page 530/886 | < Previous Page | 526 527 528 529 530 531 532 533 534 535 536 537 | Next Page >

Creating Multiple Users on Single PHP-FPM Pool

- by Vince Kronlein

Have PHP-FPM/FastCGI up and running on my cPanel/WHM server but I'd like have it allow for multiple users off of a single pool. Getting all vhosts to run off a single pool is simple by adding this to the Apache include editor under Global Post Vhost: <IfModule mod_fastcgi.c> FastCGIExternalServer /usr/local/sbin/php-fpm -host 127.0.0.1:9000 AddHandler php-fastcgi .php Action php-fastcgi /usr/local/sbin/php-fpm.fcgi ScriptAlias /usr/local/spin/php-fpm.fcgi /usr/local/sbin/php-fpm <Directory /usr/local/sbin> Options ExecCGI FollowSymLinks SetHandler fastcgi-script Order allow,deny Allow from all </Directory> </IfModule> But I'd like to find a way to implement php running under the user, but sharing the pool. I manage and control all the domains that run under the pool so I'm not concerned about security of files per account, I just need to make sure all scripting can be executed by the user who owns the files, instead of needing to change file permissions for each account, or having to create tons of vhost include files.

Read the article
How to disable passive mode in linux ftp command

- by nute

I am using the "ftp" command of linux to send data to a 3rd party provider. This company states that we need to "Disable passive mode in your FTP client", and I confirm it doesn't work in passive mode. However, when I googled the linux command, I see that the "-p" flag is "the default now for all clients (ftp and pftp) due to security concerns using the PORT transfer mode. The flag is kept for compatibility only and has no effect anymore." How do I disable passive mode then? And, is it that bad?

Read the article
How can I use Windows Firewall to only permit the Windows Update service to make an outbound connection?

- by microsmash

I'm trying to tailor my Windows Firewall settings (using the Windows Firewall with Advanced Security console) to only permit programs that need to access the Internet with an outbound connection to do so. This works fine for normal applications as I can just allow the program, but services that load in the svchost.exe process are a problem. The only services I actually need to give access to are Windows Update and the Background Intelligent Transfer Service (and even that, I would only like Windows Update to be able to submit jobs to, but that's another issue.) Is there a method to only allow these to be permitted an outbound connection, and not any of the other services loaded in svchost?

Read the article
SQL 2008 Replication over Internet

- by Akash Kava

We have decided to put our servers in data centers on east and west coast of US, to keep high level redundancy. After evaluating number of replication options, apart from VPN there is no other way to do replication for SQL Server. We are investigating VPN but I have following questions. Our Large DB consists of media information (pictures/movies/audio/pdf) etc, so we are not very concerned about security because they are not financial sensitive data. SQL 2005 supports or can be configured to support replication over internet? If Yes then should we downgrade to 2005? If SQL 2008 Publisher is configured for Web Sync, can we write an automatic program (C# Windows Service) to act as pull subscriber and run on the subscriber server and replicate subscriber database? Or are there any API available in SQL where we can write our own program to do replication in very generic way? (In a nut shell, can we write our own C# Windows Service based Subscriber program?)

Read the article
Installing SDM on a Cisco 2821 ISR

- by Sam Sanders

I trying to change the configuration of our router, it's a Cisco 2821 Integrated Services Router. I don't know much about Cisco products. While looking at the PDF manual for the router I notices it talked about SDM Security Device Manager. But when I point my web browser at the IP address of the router, it give me a very simple web interface. It's sort of like a string builder for CLI commands. I'm guessing SDM was not installed on it. So my question how would I go about do that? I found this link (below), but I'm a bit new to networking. So any advice would be welcome. http://www.cisco.com/en/US/docs/routers/access/cisco_router_and_security_device_manager/software/quick/guide/SDMq7.html

Read the article
Googlebot cant access my site webmaster tools reply Unreachable robots.txt

- by Ahmad Ahmadi

When I try to fetch my site as a googlebot in webmaster tools it return Unreachable robots.txt, after investigate I understood google bot can see my server: tcpdump | grep google it return that google can access my server with IP 66.249.81.172 or 66.249.75.111. but there is not any think in access log or error log or other apache logs. cat access_log | grep google or cat error_log | grep 66.249.81.172 Other bot (bing,...) can access apache but google cant. there is not any problem in my robots.txt or its permissions because as you know robots.txt is not necessary so I delete it but again webmaster tools returned Unreachable robots.txt not 404 not found! information about server: Server OS : CentOS 6 Web Server : Apache 2.x Firewall : IPTables is stoped SELinux is Disabled There is not any think else for security on my server. how can I investigate the problem and is there any other command that can help me to find the problem.

Read the article
dead man's switch for remote networking interventions

- by ascobol

Hi, As I'm going to change the network configuration of a remote server, I was thinking of some security mechanisms to protect me from accidentally loosing control on the server. The level-0 protection I'm using is a scheduled system reboot: # at now+x minutes > reboot > ctrl+D where x is the delay before reboot. While this works relatevly well for very simple tasks like playing with iptables this method has at least two drawbacks: It's not very reactive, ie a connectivity problem should be detected automatically if for example an automatic remote ssh command fails does not work anymore for x seconds. It can obviously not work if one need to modify some configuration files and then reboot to test the changes. Are you guys using some tool for the second point ? I would love to have something able to revert the system configuration in a previously known stable state if I can't join the server X minutes after reboot. Thanks!

Read the article
Loggon to Internet Hotspot from within Linux Terminal

- by Saif Bechan

For internet I use a local Hotspot service. I have internet when I start my browser and fill in my username and password. This stays as long as I do not shut down my PC for a while. I run some virtual machines, centos, debian, from the command line. I run these just for small test purposes, nothing special, and security is not an issue for me at all. I want to have these VM's connect directly to the hotspot if this is possible. So they each have there own IP. I have enough hotspot accounts to do so. I can do this with a bridged connection in VMware which works find with a GUI. But I run these OS's from the command line. I only need to know a way how to get the hotspot to validate my credentials. Is there a way of doing this without having a gui.

Read the article
Chrome is reporting GMail has Invalid Server Certificate, how do I find out who's fiddling with my certs?

- by chillitom

Chrome is giving the following warning when ever I try and visit GMail or a bunch of other SSL sites. Invalid Server Certificate You attempted to reach mail.google.com, but the server presented an invalid certificate. You cannot proceed because the website operator has requested heightened security for this domain. This is the certificate the Chrome reports as invalid: -----BEGIN CERTIFICATE----- MIIDIjCCAougAwIBAgIQK59+5colpiUUIEeCdTqbuTANBgkqhkiG9w0BAQUFADBM MQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkg THRkLjEWMBQGA1UEAxMNVGhhd3RlIFNHQyBDQTAeFw0xMTEwMjYwMDAwMDBaFw0x MzA5MzAyMzU5NTlaMGkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh MRYwFAYDVQQHFA1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKFApHb29nbGUgSW5jMRgw FgYDVQQDFA9tYWlsLmdvb2dsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ AoGBAK85FZho5JL+T0/xu/8NLrD+Jaq9aARnJ+psQ0ynbcvIj36B7ocmJRASVDOe qj2bj46Ss0sB4/lKKcMP/ay300yXKT9pVc9wgwSvLgRudNYPFwn+niAkJOPHaJys Eb2S5LIbCfICMrtVGy0WXzASI+JMSo3C2j/huL/3OrGGvvDFAgMBAAGjgecwgeQw DAYDVR0TAQH/BAIwADA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLnRoYXd0 ZS5jb20vVGhhd3RlU0dDQ0EuY3JsMCgGA1UdJQQhMB8GCCsGAQUFBwMBBggrBgEF BQcDAgYJYIZIAYb4QgQBMHIGCCsGAQUFBwEBBGYwZDAiBggrBgEFBQcwAYYWaHR0 cDovL29jc3AudGhhd3RlLmNvbTA+BggrBgEFBQcwAoYyaHR0cDovL3d3dy50aGF3 dGUuY29tL3JlcG9zaXRvcnkvVGhhd3RlX1NHQ19DQS5jcnQwDQYJKoZIhvcNAQEF BQADgYEANYARzVI+hCn7wSjhIOUCj19xZVgdYnJXPOZeJWHTy60i+NiBpOf0rnzZ wW2qkw1iB5/yZ0eZNDNPPQJ09IHWOAgh6OKh+gVBnJzJ+fPIo+4NpddQVF4vfXm3 fgp8tuIsqK7+lNfNFjBxBKqeecPStiSnJavwSI4vw6e7UN0Pz7A= -----END CERTIFICATE----- I think someone or something (proxy, anti-virus, browser extension) is snooping on my SSL traffic. How can I determine who/what is doing this?

Read the article
My uncle is the family historian. We need to host about 5-15 TB of images and video. Any inexpensive

- by Citizen

Basically we have hq scans of thousands of old family photos. Plus tons of family video. We want to host them where we can still have total control over the content and restrict access. I'm a php programmer, so the security is not an issue. What is an issue is finding a host to store 10 TB of data and not be paying a ton of money. We really are not planning on a lot of traffic. Maybe 1-10 visitors a day; family only. Kind of like an online library.

Read the article
windows firewall and network location switch after establishing a vpn connection

- by Konrads

Hello, I am looking for a reasonable solution for network location switching after VPN connection is established for Windows 7. The scenario is as follows: For location public (employee plugging in his laptop in hotel, public wi-fi,etc) all inbound connections are restricted, only outbound VPN + www is enabled. Employee then initiates a VPN connection, VPN pushes routes to 10.0.0.0/8 subnet Now I would like to have lax security rules for traffic from/to 10.0.0.0/8 that comes through the VPN interface, while still protecting the laptop from traffic that comes via uplink interface as if it was private. How to achieve this switching and duality? One option I see is switching to IPSec...

Read the article
IPSec policies on Mac OSX

- by Helder

Is there a way to configure IPSec policies on a Mac OSX, in a similar way to what you can do in Windows, with "Connection Security Rules"? I need to implement a service that will use an IPSec tunnel, and I might have to provide it to Macs as well. As I don't have access to a Mac, I've done some reading, and it seems that there is something called "racoon" that handles IPSec. Can anyone confirm this? Further, we will need to use certificates for authenticating the IPsec tunnel as well (as opposed to pre-shared keys). Can anyone confirm that this is also possible from a Mac OSX? Thank you!

Read the article
Strange request - http://66.196.81.202/error/vote

- by mplungjan

Hi a friend of mine is asking about the request which can for example be found here: http://www.geoidee.ch/geodata/geoserver-2.0.0/logs/2010_11_23.request.log His original message: On a couple of hundred web sites worldwide, one of the 50 most popular "File not found" error 404 is caused by the following request: "GET http://66.196.81.202/error/vote HTTP/1.0" It originates from a user agent that purports to be an iPhone. The two requests that hit my servers appeared to originate near Frankfort, Germany. The IP address in the request is part of Yahoo although I doubt that Yahoo had any intentional part. fe1.buzz.vip.re1.yahoo.com The HTTP request has a host header 66.196.81.202 and a X-Forwarded-For of 96.6.99.16 and my IP address I expected to be able to do a Google search and find some kind of security bulletin on it, but I found nothing. It could just be that my search skills are deficient. Thanks for any pointers to what this could be

Read the article
Are animated GIFs supported in Google Chrome?

- by James Goodwin

I have recently been testing a website and found animated gif images that seem to show fine in IE and Firefox but in Google Chrome they only show briefly and then dissapear! This happens if I view the image on the page or view the file directly. Are there any reported problems in displaying GIFs in Chrome, or is it just being fussy? There seemed to have been some problems in older versions of Chrome, but it's hard to believe something as simple as this wouldn't have been fixed by now. The version of Google Chrome I am using is: 4.1.249.1021 Not sure if this is relevant, but some info about the image: Width: 216 pixels Height: 36 pixels Horizontal resolution: 96dpi Vertical resolution: 96dpi Bit Depth: 32 Frame Count: 3 EDIT: Seems to be a problem relating to the latest beta version of Chrome, as it works fine in 4.0.249

Read the article
rsync to windows (cygwin)

- by abergmeier

We have a windows file storage (don't ask) and now I want to rsync with the machine from Windows, Mac and Linux. So I installed freeSSHd (login shell is set to C:/cygwin64/bin/sh.exe), set up certificates and testing from Linux the test.dat has 0 bytes: ssh myuser@winmachinename "C:/cygwin64/bin/true.exe" > test.dat Even double checking with actual output works fine: ssh myuser@winmachinename "C:/cygwin64/bin/ls.exe" > test.dat Now, when I call rsync: rsync --progress -avz -e ssh myuser@winmachinename:/c/Users ~/test it fails with: protocol version mismatch -- is your shell clean? (see the rsync man page for an explanation) rsync error: protocol incompatibility (code 2) at compat.c(174) [Receiver=3.1.0] As far as reading the docs, this should not happen, when the first test is successful!? I am by now out of ideas - any recommendations how to debug this? EDIT: | OS | rsync version | |:--------------|:------------------------------------------| | Windows | rsync version 3.0.9 protocol version 30 | | Linux | rsync version 3.1.0 protocol version 31 |

Read the article
How best to set up MDT developement and production?

- by nray

What's your MDT 2010 test and prod setup? What do you consider best practice? Is it best to use linked deployment shares, and replicate from development to production when testing is complete? What about backing out, if something breaks? Does anyone run MDT shares in DFS, or is there no support in the WinPE boot image for DFS shares? Or what about moving the production share name from one deployment share to another, as you add and test more OS versions, drivers, attributes, etc?

Read the article
Ubuntu 14.04 VPS won't boot the latest kernel on XEN

- by aztekk

I have a XEN VPS and it's been running Ubuntu for some years now. AUtomatic security upgrades are on and I've manually upgraded it continously and also done releas-upgrades whenever there's been a new release. All has been working great! But now, after upgradeing to 14.04 LTS, the VPS won't boot the latest kernel (3.13.0-24) even though it's set to default. It always failback to 3.2.0-60 and for some reason the VPS seams very unresponsive, compared the before. The support wrote in a ticket something about compiling my own kernel, with pvops enabled, but I'm not sure how to do that, or why I should compile my own kernel. Doesn't Ubuntu support to be run on a XEN host?

Read the article
Problems enabling BitLocker on Windows 7 enterprise

- by ericl42

I had BitLocker turned on originally when I loaded the computer but had to turn it off to do some testing. I recently tried to turn it back on and I continue to get the following error: Blockquote A required TPM measurement is missing. If there is a bootable CD or DVD in your computer, remove it, restart the computer, and turn on BitLocker again. If the problem persists, ensure the master boot record is up to date. Blockquote I have verified that there is nothing in the DVD tray and that the laptop is not docked. I have also verified that TPM is running and I have no problems enabling BitLocker on a flash drive. I think it's a problem with my MBR since I am dual booting into Fedora as well but I am not sure how to fix it. (even though it did work a few months ago while I was also dual booted) Thank you for the help.

Read the article
Using schtasks in interactive mode

- by CFP

Hello! I'd like to create a scheduled task from the command line, in interactive mode. The at hh:mm /interactive program command fails, stating that security policies do not allow interactive execution. I'd therefore like to use the schtasks command. But when I type something like schtasks /Create /TN MyTask /SC DAILY /ST "13:10" /TR "notepad.exe" /V1 /F I get a message asking for my password, although I haven't set a password for my session. And when I leave the field blank, the command line answers that the task won't be able to run. How can I fix this problem? And how can I make the task interactive? Using /RU SYSTEM prevents the task from being run in interactive mode. Thanks! CFP.

Read the article
Internet wireless connected with limited access, windows vista

- by r0ca

I had some malware in my computer so I did a bit of manual work to remove it including resetting TCP/IP. Now the malware is gone. I can see my home wireless network and I can get connected to it but when connected I get the Internet wireless connected with limited access message. When I go to the IE I cannot browse. When I tried to ping 192.168.1.1 I got an Error Code 1231 Unconnected Network Problem. I have deactivated my Windows firewall as I thought it could be hyperactive security. Still no luck. I have Norton but it is not active, I have also Avast and AVG installed but they are not active. Any ideas?

Read the article
Python server does not excecute PHP script: permission denied

- by krisvandenbergh

I am trying to execute a PHP file through a Python server. However, I get the following error: File "/System/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/CGIHTTPServer.py", line 255, in run_cgi os.execve(scriptfile, args, os.environ) OSError: [Errno 13] Permission denied The python server is running though. What have I done so far? Chmod'ed recursively all directories to (chmod -R a+x) (I know this is not secure but its just for testing purposes) for both Python installation directories and my scripts. Tried to find out if python server is running as root through ps aux grep py I am out of ideas. What could be going wrong else? Thanks for the feedback.

Read the article
Visual Query Builder

- by johnnyArt

If been using "dbForge Query Builder" lately and I'm gotten used to the ease of building and testing a query, specially for those complex ones with inner joins, aliases and multiple conditionals. The expiry date of the trial is about to come, and while wanting to remain on the legal side for this I'd rather not pay the 50USD it costs (although I must say it's pretty cheap for what it does). So my question would be: Are there any free alternatives to replace this visual query builder? I've failed to find any and fear that my only two options are paying for it, or going to the dark side.

Read the article
Multiple External IP Ranges on a Juniper SSG5

- by Sam

I have a Juniper SSG 5 firewall in a datacenter. The first interface (eth0/0) has been assigned a static IP address and has three other addresses configured for VIP Nat. I have a static route configured at the lowest priority for 0.0.0.0/0 to my hosting company's gateway. Now I need to configure a second IP block. I have the IPs assigned to the second interface (eth0/1) which is in the same security zone and virtual router as the first. However, with this interface enabled I (a) can't initiate outbound sessions (browse the internet, ping, DNS lookup, etc) even though I can access servers behind the firewall just fine from the outside and (b) can't ping the management IP of the firewall/gateway. I've tried anything I can think of but I guess this is a little above my head. Could anyone point me in the right direction? Interfaces: ethernet0/0 xxx.xxx.242.4/29 Untrust Layer3 ethernet0/1 xxx.xxx.152.0/28 Untrust Layer3 Routes: http://i.stack.imgur.com/60s41.png

Read the article
Changing Network Path of Offline Files

- by Adam

Many of our users have their Home folder set as Available Offline. Their Windows 7 laptops will not be back on our network for a few weeks. In the mean time, we're setting up new servers and reorganizing our files, so the network path to the Home folder is going to be completely different. Based on some testing I did, when the users return, any files they've created or modified while offline will be gone, and the new Home folder will be there and not set to sync. The offline cache of the old Home folder is still accessible through the Sync Center, but they're not going to want to dig through that and try to find what's missing. Avoiding this would involve keeping the old server around and moving everyone to the new location in person, so we know for sure they're synced first. Is there any way to avoid this that isn't as tedious, like a quick registry edit or something that will point the old offline cache to the new location?

Read the article
When did Red Hat start shipping PHP 5.3 with 5.x?!?

- by Jason

Okay this is a PSA more than a question because I know the answer: January 13, 2011. See: https://rhn.redhat.com/errata/RHEA-2011-0069.html Colour me surprised though, didn't hear anything about in the blogosphere until I got a Security Errata notice today. I have been using the REMI repo for this in the past but will switch over to the Red Hat blessed PHP 5.3. Don't down-vote me bro! I'll select as the best answer the source that broke the news first (other than Red Hat of course). People have wanted this for so long I'm just amazed that it's finally happened!

Read the article

< Previous Page | 526 527 528 529 530 531 532 533 534 535 536 537 | Next Page >