Search Results

Search found 22139 results on 886 pages for 'security testing'.

Page 535/886 | < Previous Page | 531 532 533 534 535 536 537 538 539 540 541 542 | Next Page >

Force local IP traffic to an external interface

- by calandoa

I have a machine with several interfaces that I can configure as I want, for instance: eth1: 192.168.1.1 eth2: 192.168.2.2 I would like to be able to forward all the traffic to one of these local address trhough the other interface. For instance, all requests to an iperf, ftp, http server at 192.168.1.1 are not just routed internally, but forwarded through eth2 (and the external network will take care of re-routing the packet to eth1). I tried and looked at several commands, like iptables, ip route, etc... but nothing worked. The closest behavior I could get was done with: ip route change to 192.168.1.1/24 dev eth2 which send all 192.168.1.x on eth2, except for 192.168.1.1 which is still routed internally. The goal of this setup is to do interface driver testing without using two PCs. I am using Linux, but if you know how to do that with Windows, I'll buy it!

Read the article
File apparently doesn't exist when attempting to delete it

- by Alex Yan

A month or so back, I untarred the Linux source in a folder in Cygwin (I was curious as to whether or not it would compile with MinGW 'cause my other computer running Linux is a slow single core Sempron). I tried deleting it, but there's 1 file left, and it will not delete... Cygwin resides in C:\cygwin, and I untarred the source in C:\cygwin\src\linux-3.7.1. It didn't compile... So I tried deleting the folder. It was going well, until at the end, when I realized not all files are deleted. I tried deleting linux-3.7.1 folder again, and an error popped up: I opened the folder, and found that there's 1 source file left: aux.c, which is in C:\cygwin\src\linux-3.7.1\drivers\gpu\drm\nouveau\core\subdev\i2c\aux.c. It will not: Delete Open Move General properties: Security properties: How do I remove this file?

Read the article
Amazon EC2 migration from one region to the other

- by Gnanam

I'm using the following Amazon EC2 resources in the US East (Virginia) region: 1 Running Instance 1 Elastic IP 2 EBS Volumes 100 EBS Snapshots 1 Key Pair 2 Security Groups 5 My Own AMIs (customized based on my application stack) My instance is based on Linux distribution (CentOS) and my AMIs are S3-backed. Both EBS volumes are mounted on this running instance. We're planning to migrate our deployment to US-West region. Because Amazon EC2 resources are not shared across regions, my questions are: What are all the factors that I need to consider in advance? What are all the recommended & different ways of migrating each EC2 resources from one region to the other? Are there any hidden risks involved during and/or after the migration? Experts ideas/suggestions/recommendations on this are highly appreciated.

Read the article
USB driver problems (Windows 8.1)

- by HelloWorld

Every time I turn on my laptop the USB ports don't work and the drivers have an error. In order to fix this I'm forced to start the Device Manager, uninstall all the USB drivers, open the Control Panel, click Find and fix problems (under System and Security), click Configure a device (under Hardware and Sound) and then when that window pops up just hit Next until I can see my USB drivers reinstalled and working in the Device Manager window under Universal Serial Bus controllers. I found this way to fix it but I would like a permanent solution so that I don't have to do this every time I turn on the machine. Any ideas? When I bought the machine it had Window 7 installed but I later upgraded it to Windows 8.0 and then 8.1 after that.

Read the article
Managing DroboShare SSH usernames and passwords

- by user17067

The default login for SSH on the droboshare is a user name of root with a password of giveit2me. With the command passwd the password can be changed. However I can't find anyway to change the default user name. Since any Unix based has a user named root this kinda bugs me as a minor security issue. Does anyone know how to change the user name for droboshare SSH logins? The SSH program being used is a variant of dropbear if that is any help.

Read the article
Allow image upload - most efficient way?

- by K-P

Hey everyone, In my site, I currently only allow users to import images from other sites rather than uploading it themselves. The main reason for this is because I don't have much storage space on my host (relatively speaking). The host charges quite a bit for additional space. What are the alternatives to hosting images users upload (max 1mb size). Would it be a good idea to purchase separate cheap hosting with "unlimited space" (I know that's not true, but I'm guessing it's more than 1gb)? Or are there some caveats with this approach (e.g. security since the site should not be browsable, but accessed via another server)? Are there alternative ideas that I could employ? Thanks for any suggestions

Read the article
How to stop blanking screen although I am active on Ubuntu Karmic on old IBM Laptop

- by Glen S. Dalton

How to stop blanking screen although I am active on Ubuntu Karmic on old IBM Laptop 600E? After some time of working on the machine the screen goes blank. When I hit ESC on the built-in keyboard (not on the attached USB keyboard where I work) it comes back and everything works fine until the next screen-blanking. I suspect it is some power management issue. When I use an old keyboard that has a ps2 connector it does not happen. So my guess is that the usb keyboard does not update the power management timer that detects when the session was last used? I am using fluxbox window manager. I do not want to disable power management because it is nice that the fan only works at the necessary speed (the fan spped is regulated which I can hear) But I could disable power management for testing purposes.

Read the article
Setting up SVN+SSH for multiple users through one local user.

- by Warlax

Hi, I need to make our SVN repository accessible through the firewall - but without creating a local user for each potential external user. Instead, I would like to set-up SVN+SSH to route all external users through a single local user name. We would like each external user to authenticate with SSH the regular way but then treat their instance of svnserve as if they're all that single local user and possibly, control what parts of the repository each external user can access. I know that I will need to set my svnserve config according to the official guide. I tried, but the instructions are fuzzy and I am relatively a Linux n00b. What exactly are the steps to proceed? and how would you go about testing this? Thanks for your help.

Read the article
Bridging VirtualBox over OpenVPN TAP adapter on Windows

- by Sean Edwards

I'm trying to configure a virtual machine (VirtualBox guest running Backtrack 4) with a bridged adapter over a VPN connection. The VPN is is hosted by the cybersecurity club at my university, and connects to a sandboxed LAN designed for penetration testing against various servers that the club has built. My host (Windows 7 Ultimate) connects to the VPN fine and is assigned an IP through DHCP, but for some reason the VM can't do the same thing, and I'm not sure why. It's like OpenVPN is filtering out packets from the MAC address it doesn't recognize. I want the virtual machine to bridge over the VPN connection, because our IT office has very strict policies about what you can and can't do on the network. I want to be able to run active attacks (ARP spoofing, nmap, Nessus scans) in the sandbox environment without risking the traffic accidentally going over the university network and getting my internet access revoked. Bridging over the VPN connection and running all attacks from inside the VM would solve that problem. Any idea why the host can use this interface, but the VM can't?

Read the article
MySQL Stored Procedure Parameters are NULL

- by emmilely

I am stumped, and was hoping someone here would have a quick and easy answer. I did a fresh install of MySQL 5.5 and am trying to pass parameters into a stored procedure. The parameter values aren't being read by the stored procedure. MySQL doesn't throw an error and processes the code with null parameters. Here is the code: DELIMITER $$ CREATE DEFINER=`root`@`%` PROCEDURE `testing`(IN parameter INTEGER) BEGIN UPDATE table_name SET valueToChange = 'Test' WHERE mainID = @parameter; END And here is the query I'm using to call it: USE database_name; CALL testing(72); Can anyone help?

Read the article
Dell laptop doesn't wake from hibernation after installing Windows 8.1

- by Mike Cole

My laptop worked flawlessly before upgrade to Windows 8.1 from 8. Now when I close the lid of my laptop and it goes into hibernation, it will not wake again. The LED lights seem to work properly but I don't get any video. I have to hold the power key to turn off then turn it back on again. It wakes from sleep properly. All Windows Updates have been installed. There are 2-3 items in the Device Manager that do not have compatible 8.1 drivers, but I believe those are security related items like fingerprint scanner.

Read the article
How can I make the iTunes podcast count ignore selected podcasts?

- by Relequestual

Hi all, Until recently I have only listened to news type podcasts with people talking, like TWiT and Security Now. I also like music, so decided to subscribe to some other music related podcasts, however I don't want these to appear in my podcasts count in iTunes on the left hand side. I downloaded a load of old ones from the music related podcasts, and now I can't see at a glance how many news podcasts I have to listen to. I know it sounds really picky, but if it can be done, I would be a little bit happier. Of course I did some googling, but turned up a blank. Would guess it needs some form of plugin. Using the latest version of iTunes at the time of posting. Thanks in advance.

Read the article
Why am I unable to turn off recursion in ISC BIND?

- by nbolton

Here's my named.conf.options file: options { directory "/var/cache/bind"; dnssec-enable yes; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; # disable recursion recursion no; }; I've tried adding allow-recursion { "none"; } before recursion but this also has no effect; I'm testing it by using nslookup on Windows, and using google.com. as the query (and it returns an IP, so I assume recursion is on). This issue occurs on two servers with similar setups.

Read the article
benchmark tcp: ab or iperf like tool to send hex/binary/pcap data?

- by olan

Hello all, I have written a server in Twisted for a current project I'm working on, and now I need to test it. It receives TCP packets, with the payload consisting of just a serialised binary string. I want to be able to test the server for concurrency/throughput using the binary data as the payload, but can not find any tool that will allow me to do this. I tried iperf -F but it didn't work, as I think it was sending the binary/hex data as chars. I've also looked at ab which seems to be perfect - if only for http. As well as these, I've had a look at tcpreplay, but it doesn't perform any testing (or establish TCP connections) so it's not much use. Any help would be greatly appreciated as I'm rather stuck on this one!

Read the article
Should I replace libapache2-mod-php5-filter with libapache2-mod-php5 on Debian 6 Apache 2.2.16?

- by luison

Upgrading various virtual machines we are having an issue with the Debian package upgrade to version 2.2.16 The upgrade (surprisingly) seems to remove libapache2-mod-php5 replacing it with libapache2-mod-php5-filter. This gave us some headache as the php.ini was pointing to the "old" one and some of the apache.conf conditional module rules stopped working. We can fix all those but we can't figure out if there would be any issues if we just "reversed" this and simply install libapache2-mod-php5 again and load that module instead of the "filter" one or in there is anyway to "alias" a module. I tend to think that the change "has a reason" but after reading apache2 and php5: module or filter I understand the module differences are to do with post delivery security issues.

Read the article
how to change document root to public_html from root directory

- by manish

For testing I hosted my website on free server from 000webhost.com They have a directory structure:- (root folder) \ (public folder) \public_html this directory structure enables to keep all the library files in root folder and all public data in \public_html, so I developed my website accordingly, and my final structure looked like:- / /include(this folder contains library files) /logs(log files) /public_html /public_html/index.php /public_html/home.php /public_html/and other public files on 000webhost makes only public_folder available to be accessed via url and my url looked neat and clean like www.xample.com/index.php or www.example.com/home.php but after completion of development I moved website to shared host purchased from go-daddy.com, now they do not have any such kind of directory permission, all the files are kept in root folder and are accessible via url also url has become like:- www.example.com/public_html/home.php or www.example.com/public_html/index.php How should I redirect url request to public_html folder again so as to make library file unavailable to public access and make url neat and clean.

Read the article
Keeping websites from knowing where I live

- by D Connors

This questions is related to issues and practicality, not security. I live in Brazil and, apparently, every single website I visit knows about it. Usually that's okay. But there are quite a few sites that don't make use of that information adequately. For instance: Bing keeps thinking that Brazilian pages are way more relevant to me than American ones (which they're not). google.com always redirects me to google.com.br Microsoft automatically sends me to horribly translated support pages in Portuguese (which would just be easier to read in English). These are just a few examples. Usually it's stuff I can live with (or work around), but some of them are just plain irritating. I have geolocation disabled in Firefox, so I guess they're either getting this information from my IP or from Windows itself (which I bought here). Is there a way to avoid this? Either tell them nothing or make them think I live somewhere else?

Read the article
Need to setup a RADIUS server to authenticate a Windows client to a Windows server

- by drosenblatt

I have a server that I have technicians who need to be able to access using shared credentials. However, doing that violates our security policy (!). I need each user to be able to authenticate using their own credentials, but the server in question has to be logged in with a certain login (these two requirements are clearly diametrically opposed). I thought that this would be a great application for a RADIUS server. I know how to setup RADIUS to go from Windows -- Cisco, but I have no idea how to use RADIUS to authenticate Windows -- Windows. Can this be done? If so, how?

Read the article
CentOS PAM+LDAP login and host attribute

- by pianisteg

My system is CentOS 6.3, openldap is configured well, PAM authorization works fine. But after turning pam_check_host_attr to yes, all LDAP-auths fail with message "Access denied for this host". hostname on the server returns correct value, the same value is listed in user's profile. "pam_check_host_attr no" works fine and allows everyone with correct uid/password a piece of /var/log/secure: Sep 26 05:33:01 ldap sshd[1588]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=my-host user=my-username Sep 26 05:33:01 ldap sshd[1588]: Failed password for my-username from 77.AA.BB.CC port 58528 ssh2 Sep 26 05:33:01 ldap sshd[1589]: fatal: Access denied for user my-username by PAM account configuration Another two servers (CentOS 5.7 Debian) authorizes on this LDAP server correctly. Even with pam_check_host_attr yes! I didn't edit /etc/security/access.conf, it is empty, only default comments. I don't know what to do! How to fix this?

Read the article
persistant data in tor browser bundle?

- by Snesticle

What sort of persistent data is generated by bundled Tor? I recently did an experiment using the Tor Browser Bundle for GNU-Linux. I created two directories, A and B, and placed an identical copy of Tor in each one. Next I placed a simple python script in directory A that both launched the vidalia package and, when exiting the network, deleted the entire contents of A with the exception of itself and rebuilt the bundle from the original archive. What surprises me is that after about ten hours of browsing each, A and B now show a distinct difference in startup time. Also curious is that I get a message in the log of B that never shows up in A: new control connection open which is a notice level advisory. This has nothing to do with what I was originally testing but now I'm interested in what exactly is going on. By the way I do not have to rely on Tor for my personal safety as many are forced to do so even if you just have a hunch I'd be interested in hearing it.

Read the article
Windows Server 2003 Hacked - Files Being Uploaded

- by jreedinc

Blank directories are being created on my Windows Server 2003 virtual server with sub directories that are weird (for example: "88ÿ ÿ ÿÿþþ þþ13þ"). It looks like they are uploading bootlegged DVDs and pirated software. All of my bandwidth and file space is being eaten up. Could this be a shared permissions issue? Where should I look to further investigate this? My security permissions for the directory that is being hit are as followed: Administrators - ALL GRANTED IIS_WPG - Read & Execute, List Folder Contents, Read Internet Guest - DENY SYSTEM - ALL GRANTED Users - Read & Execute, List Folder Contents, Read My Event Viewer is showing many Logon/Logoff with NO IP?

Read the article
Backup software for Windows Server 2008 R2 Enterprise with 4 virtual machines (Exchange, SQL, AD, SharePoint)

- by MadBoy

What are the options for backup software for: HOST - Windows Server 2008 R2 Enterprise with HyperV VIRTUAL - Windows Server 2008 R2 Enterprise with Exchange 2010 VIRTUAL - Windows Server 2008 R2 Enterprise with SQL Express / SharePoint VIRTUAL - Windows Server 2008 R2 Enterprise with Terminal Services (10 users working on it) VIRTUAL - Windows Server 2008 R2 Enterprise with AD/DNS What I'm looking at is possibility of having an offsite backup thru FTP, maybe copy to usb/esata/lan drives for easy taking backup data outside of company. What I've been looking at: - Symantec Exec Backup 2010 System Recovery has an offsite backup but I would need 5 licenses and it doesn't have granular recovery. - Symantec Exec Backup 2010 seems OK but a bit expensive - Microsoft DPM 2010 requires full SQL Standard and for each machine I would need 4 Enterprise licenses. But does it allow Offsite backup without need for additional license and server outside of company (for doing DPM backup of DPM). What other options? This is 10 people company and so the costs matter but also convenience and security. Offsite backup is requirement.

Read the article
Database modularity with EBS volumes

- by Eclyps19

I would like to add modularity to my websites on EC2 instances by encapsulating the site files and the mysql files in their own EBS volumes. The end result that I'm going for is the ability to quickly mount a volume or two to different servers running the same AMI (for testing/development/emergency maintenance, etc), as well as maintain separate snapshots of each. I'm able to do this fairly easily with a single database by symlinking my mounted database EBS to the appropriate places (/var/lib/mysql, /etc/my.cnf, /var/log/mysqld.log), but I'm not sure if it would even be possible be possible to have multiple databases on different EBS volumes running concurrently. Example: /website1/www.website.com /database1/ /website2/www.otherwebsite.com /database2/ Could anybody shed some light on this for me? Is it possible? Is it a bad idea? Thanks.

Read the article
How to remove IIS/ASP.NET Response Headers

- by Redbeard 0x0A

I have a couple IIS/6.0 servers that security is asking me to remove a couple of response headers that are sent to client browsers on requests. They are concerned about divulging platform information through response headers. I have removed all the HTTP-HEADERS out of the IIS configuration for the website (X-Powered-By or some such header). (I personally do know that this information can be easily found out, even if it is hidden, but it isn't my call.) Headers I want to remove: Server - Microsoft-IIS/6.0 X-AspNet-Version - 2.0.50727 I also know that ASP.NET MVC also emits its own header too, if you know how to remove it also, that would be helpful. X-AspNetMvc-Version - 1.0

Read the article
Snow Leopard: Optimization

- by Shyam

Hi, I have bunch of questions: I have a Mac network, which has five Mac's. Right now, they are individually getting software updates. Is there a way to download the patches/security updates in a single place (repository) and point all machines to this location? Personally, I have tools like Monolingual and Onyx, but are there tools you could recommend that affect the performance of the Operating System positively? Tweaks would be nice. Links and pointers, would be really appreciated. I've read about Time machine, is there a way to backup all machines to a network drive using this tool? Thanks!

Read the article

< Previous Page | 531 532 533 534 535 536 537 538 539 540 541 542 | Next Page >