Search Results

Search found 22139 results on 886 pages for 'security testing'.

Page 555/886 | < Previous Page | 551 552 553 554 555 556 557 558 559 560 561 562  | Next Page >

• Dealing with LDAP failure when using it for PAM/NSS?

  - by Insyte

  I use a redundant pair of OpenLDAP servers for PAM auth and directory services via NSS. It's been 100% reliable so far, but nothing runs flawlessly forever. What steps should I take now so I have a fighting chance of recovering from failure of the LDAP server(s)? In my informal testing, it appears that even already authenticated shells are largely useless as all username/uid lookups hang until the directory server comes back. So far I've come up with only two things: Do not use NSS-LDAP and PAM-LDAP on the LDAP servers themselves. Create a root-level account on all boxes that only accepts publickey authentication from our local subnet and protect that key well. I'm not sure how much good this would do me as once I'm logged in, I suspect I wouldn't be able to accomplish anything since all the userid lookups would be hanging. Any other suggestions?

  Read the article

• Duplicating keepass files instead of creating a new file

  - by BlakBat

  I'm currently using KeePass 2 and syncing them via dropbox. I have a few KeePass files (one for websites, one to store software licenses, etc...) Every time I need a new KeePass file, I just create a copy of the kbdx file, open it, remove all existing entries, change the key transformation rounds to another pseudo-random value. I do not change the master password. I want to know if this was unsafe practice, or was a security risk, compared to just creating a new KeePass file via the "File-New" menu. The reason I don't use the menu: i'm lazy enough to not want to reconfigure "database settings" every time.

  Read the article

• Do TCP connections work differently within the same subnet?

  - by Dean

  I've encountered some network behaviour that confuses me while trying to get Java RMI working. I use netcat to connect to a local machine: [my_machine]$ nc -w 1 192.168.0.100 60000 && echo success success I try to do the same to my server: [my_machine]$ nc -w 1 my-servers-ip 60000 && echo success This doesn't work, unless I explicitly listen on the server socket: [amazon_ec2]$ nc -l 60000 [my_machine]$ nc -w 1 my-servers-ip 60000 && echo success success For the version that fails, the SYN packet receives a RST, ACK in response. I'm not too knowledgable about this stuff, at this point I only have wild theories such as the one in the question. Any ideas? Potentially useful details: Local Machine (192.168.0.100) - Macbook Remote Machine (Amazon EC2) - Amazon Linux AMI 2012.03 Security Group Settings: 22 (SSH) 0.0.0.0/0 1099 0.0.0.0/0 49152-65535 0.0.0.0/0 "iptables -L" shows no rules set

  Read the article

• Is there a way to only require password on waking from sleep and not on screensaver (In Snow Leopard

  - by Vitaly Kushner

  I hate it when it asks me for password when I'm at home getting away from a computer for a while. I do like it having a screensaver though. But for some reason I see that password settings for the screensaver is merged with the password settings for waking from sleep. And waking password is an essential security feature for me. Essentially when Im not in a secured environment I close the lid when going away from the laptop even for a minute, but at home I want it to stay open. Is there a way to have it ask for password only after sleep and not after screensaver?

  Read the article

• Binding services to localhost and using SSH tunnels - can requests be forged?

  - by Martin

  Given a typical webserver, with Apache2, common PHP scripts and a DNS server, would it be sufficient from a security perspective to bind administration interfaces like phpmyadmin to localhost and access it via SSH tunnels? Or could somebody, who knew eg. that phpmyadmin (or any other commonly availible script) is listening at a certain port on localhost easily forge requests that would be executed if no other authentication was present? In other words: could somebody from somewhere in the internet easily forge a request, so that the webserver would accept it, thinking it originated from 127.0.0.1 if the server is listening on 127.0.0.1 only? If there were a risk, could it be somehow dealt with on a lower level than the application, eg. by using iptables? The idea being, that if someone found a weakness in a php script or apache, the network would still block this request because it did not arrive via a SSH-tunnel?

  Read the article

• Launching multiple applications with a single command/script/shortcut

  - by Bill

  I realized a few days ago that every time I sit down at work, I do a few things after unlocking my computer. First, I open up Firefox, then I open up Chrome, then I log in to Digsby. I realized I could probably save repeating this daily by writing a small batch script to open up Firefox and Chrome , but I couldn't figure out how to make it work.. and since the whole effort is to save time I don't want to bash my head around in the windows command prompt to do it. I also tired this in powershell but ran in to a bunch of security nonsense. Is there a way to do this that I am missing? Bonus points if somebody has figured out how to manipulate Digsby via COM , scripting, or python =)

  Read the article

• routing problems

  - by user174050

  I have an windows 7 laptop and I have installed openvpn 2.2x as client. The laptop has 2 ethernet cards, one of them is wireless. The wireless lan is 192.168.1.0/24 The Fix lan is 192.168.2.0/24 If I connect to the openvpn server useing the Fix lan the I can connect properly and for testing I ping to my openvpn server 10.0.0.1 that answers correctly. But if I connect to the openvpn server useing the wireless lan, I can establish the connection but pinging to the server isn´t possible. The packets goes allways lost. Why can this happen? In an other laptop where windows xp is installed and with the same lan configuratio everything works propperly. In both cases the firewall is configured to access the vnc server and the server directories useing samba. With the XP I have no problems. I will thank you for all help Ignacio

  Read the article

• backuppc - how to backup remote (over the internet) clients?

  - by Scott

  I am testing out backuppc, which works great so far backing up windows clients on a LAN via SMB (no backup client/agent required). However I have quite a few laptops and desktops that are in various remote locations - some of which move around. I need some way to have that remote computer create an outgoing connection for backup purposes (Windows XP/7). I know backuppc supports smb, rsync and 'tar', but I believe these are all connections going from the server TO the client. SO, I either need a way to vpn the client on a timed basis, or it would be a lot better if the client could some how connect to the server (ssh?) and initiate it's own backup somehow (rsync?). Of course this all needs to be pre-installed by me and require no maintenance by the end user, no dialogs on their side. What do you think?

  Read the article

• Can't access to access to my web server inside a network with Firewall on

  - by ianenri

  I set up a Web server with the following: There is the Internet Router, configured to Port Foward port 80 to my computer assigned to my PC's IP: 192.168.1.128 My PC is connected to that wireless router from wlan0 Then, my PC is also connected to my device (which is the webserver) with a crossover-cable usign eth0 having this anohter IP: 10.42.43.1 Finally, my device (the webserver) is connected with eth0 with this IP: 10.42.43.55 As you can see, I need to install a reverse-proxy to be able to resolve to my device's webserver. I installed pound (proxy server) in my PC and configured properly to make 192.168.1.128 resolve to 10.42.43.55 So, I just typing my ISP provided IP 200.x.x.x resolves to my device webserver. But there's a problem: I HAD TO STOP MY FIREWALL. I don't know how I need exactly configure the firewall in SUSE YAST2, or at least iptables. Stopping it is not an option, not for security reasons, just because there's port fowarding rule that is needed to give Internet access to my device too. I'm using openSUSE 12.1

  Read the article

• web based source control management software [closed]

  - by tom smith

  hi. not sure if this is the right place, but hopefully someone might have thoughts on a solution/vendor. Starting to spec out a project that will require multiple (50-100) developers to be able to manipulate source files/scripts for a large scale project. The idea is to be able to have each app go through a dev/review/test process, where the users can select (or be assigned) the role they're going to have for the given app. I'm looking for web-based, version control, issue tracking, user roles/access, workflow functionality, etc... Ideally, the process will also allow for the reviewed/valid app to then be exported to a separate system for testing on the test server/environment. This can be hosted on our servers, or we can do the colo process. I've checked out Alassian/Collabnet, but any thoughts you can provide would me appreciated as well. thanks

  Read the article

• Solution to Manage and Monitor (Ubuntu) Machines

  - by Elmar Weber

  I'm looking for a tool like Canonical (system management and monitoring for Ubuntu) that is Open Source and free. The goal is to manage a dozen or so KVM machines for private testing purposes. I know of puppet and munin or RHQ as separate tools to manage and monitor, but I'd prefer something integrated. Any tips? Basic requirements would be: system package management and update (individual selection for each managed node) configuration of basic system services (Users, NFS, cron, ideally also Apache) monitoring (charting of system resources, disk, io, memory, etc) and alerting, ideally a default configuration with sensible values for alerts

  Read the article

• Can't change read only folder in windows 7

  - by James Drinkard

  I'm trying to run a Spring MVC 2.5 tutorial and when I run the ant script for a deploy, I get this error: deploy: [copy] Copying 2 files to C:\apache-tomcat-7.0.8\webapps\c:\projects\workspace\springapp BUILD FAILED C:\projects\workspace\springapp\build.xml:46: Failed to copy C:\projects\workspace\springapp\war\WEB-INF\web.xml to C:\apache-tomcat-7.0.8\webapps\c:\projects\workspace\springapp\WEB-INF\web.xml due to failed to create the parent directory for C:\apache-tomcat-7.0.8\webapps\c:\projects\workspace\springapp\WEB-INF\web.xml After reviewing the directory: springapp I saw the properties as read-only. No problem I thought as I'm logging in as administrator. However, changing the uac settings, going to a command prompt as admin and then trying to change the properties of the folder with attrib, making me the owner of the folder, changing the security settings etc... did nothing. I can't seem to change this folder to anything. So my question is, how do I change the settings on that folder so ANT can make changes to that folder?

  Read the article

• fastcgi-mono-server with Nginx is much slower than xsp4

  - by marxin

  We started testing our MVC4 app on xsp4 server compiled with mono-3.0.3, speed was enough and we decided to set up production fastcgi-mono-server4 (version 2.11.0.0) with nginx (1.2.6-r1). Single query that loads some JSON query took ~200ms on XSP4, but Nginx serves the query in about 1.2s and I am wondering where could be such a slow down? I followed nginx configuration: http://www.mono-project.com/FastCGI_Nginx and fastcgi-mono-server4 uses socket for listening nginx. Do you have any ideas how to log some time stamp which will help me? Thanks

  Read the article

• "Deny log on through Terminal Serivces" insists on "Everyone"

  - by Trueblood

  We've got a standalone (non-domain) server where "Deny log on through Terminal Services" contains "Everyone" -- ok, we didn't want that, not sure how it got set, but whatever. We removed it ...and "Everyone" came back. Tried adding "Guest" to the deny list, removing "Everyone" ...which ended up with the setting containing "Everyone, Guest" Clearly there's another setting somewhere that's preempting this one, but it beats me which one. Any ideas? ("Everyone" is being shown as reset upon reloading the Local Security Settings window, so it's possible that it's not actually being changed in the underlying store, and just shows the change in the UI)

  Read the article

• Logical move of a server to UK, what do I do with the SSL certificates

  - by flyfishr64

  I have been asked to move a rails application from the US to the UK. This involves bringing up the rails stack on Ubuntu 8.04.4; that's completed. I'm stumped with the SSL configuration though. The plan was to bring this server up with the same domain name but temporarily use a subdomain (app2.xxx.com instead of app.xxx.com) during the move and for testing, then rename it to app.xxx.com when we're ready for the cutover (does that make sense?). In the meantime, we need a new cert for the app2 subdomain. So to generate a CSR, I need a server key but do I need a new one, or should I copy the one from the existing production server?

  Read the article

• Internet wireless connected with limited access, windows vista

  - by Wawa wiya

  Hello I had some malware in my computer so I did a bit of manual work to remove it including resetting TCP/IP. Now the malware is gone. I can see my home wireless network and I can get connected to it but when connected I get the Internet wireless connected with limited access message. When I go to the IE I cannot browse. When I tried to ping 192.168.1.1 I got an Error Code 1231 Unconnected Network Problem. I have deactivated my Windows firewall as I thought it could be hyperactive security. Still no luck. I have Norton but it is not active, I have also Avast and AVG installed but they are not active. Any ideas?

  Read the article

• How to properly start gvfs without gnome?

  - by 9000

  I have a Debian testing box with Xfce (no Gnome, no Nautilus). It has all gvfs-related stuff installed, including all backends and fuse interface. But any attempts to gvfs-mount anything (like sftp://... or smb://...) fail with error opening file: Operation not supported, and gigolo shows only 'unix device (file)' in the list of supported protocols. My ~/.gvfs has rwx permissions, and I'm a member of fuse group; other fuse-related stuff works for me. What do I do? Where to look?

  Read the article

• why Apache with ssl but back end weblogic without ssl works?

  - by huangli

      Hello everyone. my question is very simple . The link below is a picture about my architecture. https://docs.google.com/open?id=0BxSXbpgYIZVOR212RVk4ZDN1Sm8.      The pic above shows the architecture right now and it works correctly ! which means I could visit apache with url https//apchehost:8080, could not visit the web app with https served by weblogic but I could visit these app with https served by Apache(Apache is proxy server).      My question is why the Apache is configured with ssl but weblogic without ssl works ? I think weblogic should also configured with ssl . If this works , what about security level ? Is the ssl really works if only Apache configured with ssl but Weblogic without it ? Thanks . condition: Apache 2.2.17 with weblogic module mod_wl_22.so Weblogic: 10.3 OS: Windows server 2003

  Read the article

• How to install a proxy LDAP

  - by Jean-Claude

  I have to install an LDAP proxy on a compute cluster frontend. The idea is to avoid the compute nodes to make too many requests on the campus LDAP server. How can I install this to make it work with the school's LDAP? The frontend OS is a RHEL 6.2. I found that I have to install the LDAP server and configure it as a proxy. But all I can find is examples of /etc/openldap/slapd.conf file configuration but after testing different configuration, no results. Furthermore, according to RHEL 6 - Deployment Guide, this config file is obsolete: OpenLDAP no longer reads its configuration from the /etc/openldap/slapd.conf file. Instead, it uses a configuration database located in the /etc/openldap/slapd.d/ directory. Any help is welcomed. Thank you

  Read the article

• Windows Filtering Platform not turning off until admin logon. Win2008R2sp1

  - by rjt

  Just installed Windows Server 2008R2 SP1 to see if it would fix this problem, but it didn't. Until an administrator logs onto the domain controller, there are many events that WFP blocked a connection from Server60 to Server60 or Server60 to Server70. Both server60 and server70 are the domain controllers. One the admin logs on, the WFP events stop. The firewall is off by default GPO. Yes, i know that the WFP kicks in during the boot up sequence until the firewall takes over or in my case does not take over (since Vista), but i clearly should not have to autologon to a domain controller and call autolock or something. Example event LEVEL = Information Source = Microsoft Windows Security Auditing EventID = 5152 "Filtering Platform Packet Drop" and its evil twin id = 5157 "Filtering Platform Connection" "The Windows Filtering platform has blocked a connection." Direction %%14593 SourceAddress 192.168.10.60 SourcePort 49677 DestAddress 192.168.10.60 DestPort 389 Protocol 6 FilterRTID 65667 LayerName %%14611 LayerRTID 48 RemoteUserID S-1-0-0 RemoteMachineID S-1-0-0 windows-server-2008-r2 WFP BFE WindowsFilteringPlatform BaseFilteringEngine

  Read the article

• Restrict Administrators from changing system time - Windows XP machines (no domain)

  - by user72128

  I need to write a script that will remove all users under Local Computer Policy > Computer Configuration > Windows Settings > Security Settings > User Rights Assignment > Change the system time from the local group policy (gpedit.msc) on all Windows XP machines. These machines are not on the domain. I DO have a way to distribute and run the script automatically. Can someone point me in the right direction for creating a script like this?

  Read the article

• Delegation Permissions to admins in Active Directory/Taskpads

  - by user1569537

  I am trying to provide taskpads to few admins to operate on few tasks delegated to them at OU level.I ran into the following problem; lets say i delegated access to the admin on OU X and which is ability to modify groups such as sample group X1 , he must be able to add any users from OU X to the group X1. The issue here is while testing i found out the admin can do the above but also can add a user Y1 from the OU Y(which he doesnt have delegated permissions) to the group X1.What am i missing? how to restrict admin from adding users out of OU to the groups he has modify access to? Please ask me if any more details/clarification required.

  Read the article

• VMWare Workstation Dev Machine Disks: one fast or four echofriendly raid?

  - by Avi

  I'm building a new dev computer. It will be running a few VMWare Worksation virtual machines - A dev machine running VS-2010, a build machine, a version-control machine, a web server for testing, a "personal" machine running office etc. I'll be connecting the computer to my stereo, so I'll also be running iTunes (possible on a dedicated VM) and I want the computer to be a silent one. I'll probably use an Antec P183 case. I was advised on Serverfault to use Raid10 for performance. Raid 10 uses 4 disks. So, my question is as follows: In terms of heat, noise, reliability, warranty, price, capacity and performance, what would you suggest: A Raid10 4 disk array using eco-friendly disks such as the $94 1TB Western Digital Caviar Green, or one high performance disk such as the 2TB Western Digital Caviar Black at $280?

  Read the article

• PGP - MailCloak/Gpg4Win/etc

  - by ericl42

  Hello, I have used Gpg4Win in the past along with FireGPG to have encryption on my emails. I am needing to roll this out to quite a few more people and was wondering if anyone else had some products they preferred better. The criteria I need is free and as user friendly as possible. I looked at MailCloak but I have had some issues with it on 1 of the 2 computers I've been testing on. It seems like it might work pretty well as a overall solution but on my computer I keep getting "Identity cannot be created." and not sure whats going on with that. Thanks for the info.

  Read the article

• Windows 7 random black screen when idle

  - by Omar

  Occasionally, when I'm away from my computer for about 5 minutes, the computer screen will go black and all USB devices (keyboard/mouse) will lose power. Attempting to move the mouse or pressing keys does not 'wake up' the computer. This only started happening a few days ago but I'm not sure what changes I did could have caused this and I uninstalled programs (one by one) I installed before it started happening, but still having the same issue. The one thing I noticed different about my computer since it started happening is i've been getting random survey popups from www.insightexpress.com. I ran Microsoft Security Essentials scan, it picked up some Java related malware, I removed it but still the same issue. I'm running MBAM right now and will run SAS after. Edit: I just updated drivers for motherboard and video card and ran virus scans, still having the same issue.

  Read the article

< Previous Page | 551 552 553 554 555 556 557 558 559 560 561 562  | Next Page >