Search Results

Search found 22139 results on 886 pages for 'security testing'.

Page 567/886 | < Previous Page | 563 564 565 566 567 568 569 570 571 572 573 574 | Next Page >

Mysql loses its root password

- by RubyDev

I am having a strange problem, my mysql loses/resets the root password automatically. By which I mean that it resets it to none. It has happened twice this month. I am worried that it can be a security issue as data is open waiting only for someone trying no password! Here is the version: mysql --version mysql Ver 14.14 Distrib 5.1.56, for redhat-linux-gnu (i386) using readline 5.1 Any help would be appreciated. Update: Output of select user, host, password from mysql.user; how it looks after the password got reset | root | localhost | | root | 127.0.0.1 | | | localhost | | | admin | localhost | ################################# | (I have removed the actual output with #) So all the passwords are blank, except for for another user named 'admin'

Read the article
How to set my Ubuntu account to super user at all times?

- by iaddesign

I have the latest Ubuntu installed and I'll be the only one using it off the network. My question is: how can I make myself super user at all times? Because when I try to delete a file it says I don't have privileges to do so. I know you are going to say it's a security risk but I'm off the network and want to learn all that I can. I don't want to delete the files through the terminal but want to do it through the user interface/explorer. I've installed LAMP and can't copy my site to the www directory. I've tried to remove the preinstalled index file and it won't let me.

Read the article
ssl problems between two tomcat servers

- by user1058410

I've got one tomcat 7 server(kind of like a web server) trying to talk to a tomcat 6 server(acting as a document server on another machine) over ssl and keep getting this error java.security.cert.CertificateException: No name matching rarity64 found. Where rarity64 is the name of the document server. I've tried exporting keys from both tomcats keystores and importing them into the others keystores using java keytool. I've even tried adding them to the other machines cacerts keystore. I've also used internet explorer to import both keys into the other machine. But nothing I try works. If it matters the real webserver is IIS 7.5, which the tomcat "webserver" talks too with arr, and they don't use SSL. But the problem seems to between the two tomcat servers

Read the article
How can I exclude a file in a folder from basic auth (regex help)?

- by simon180

Hi I have a folder on my site which contains admin files and I've added basic auth following a little unwanted attention. This works fine however a couple of the admin functions won't work through basic auth as they handle file uploads and so I want to exclude these files from the auth. It shouldn't have any security implications as any rogue user wouldn't be able to access the pages that could create a session to use these functions. I am using the following basic code to exclude a file: <FilesMatch "(index.php\/myadminfolder\/myurl\/myaction/someotherstuff?)$"> Satisfy Any Order allow,deny Allow from all Deny from none </FilesMatch> The URL exclusion is not working. The URL to exclude is in the form: index.php/directory/subdirectory/action/uniqueid/blah What is the correct URL string to add to FilesMatch to exclude any files that start with the pattern of index.php/directory/subdirectory/action - regardless of what comes after action? Thanks Simon

Read the article
having public computers without joining the domain

- by MCarter

Good Morning, I would like to know what is the best arrangement for setting up 24 computers at a facility. We do not want these computers to join our domain because of security concerns. We plan on having these public computers connect to our wifi network. If anyone knows of the best way to approach this, that would be great! We also need to add printers to these public computers. We would also like to lock each computer down. Since we are not connecting by network, I assume we would have to configure each group policy.

Read the article
Why can't I set Windows 7 folder to Writeable?

- by Clay Nichols

Moved a SATA HD from one PC to another. Copied almost all the files from old drive to new, except for one folder ("oldFolder") and it's subfolders and files. I tried to copy just a single file (to simplify things): Can't copy that file to same directory. (get above error) CAN copy file to Desktop. Can not copy files' container folder to Desktop. Under Properties for that OldFolder: Read Only is Checked. Security: Everyone set to Allow everything except "special permissions" All users are set to allow WRITE.

Read the article
How can I redirect HTTP(S) traffic to another gateway?

- by PsyStyle

I have a network like 192.168.0.0/15 with the default gateway set to 192.168.0.1. All the workstations of the network use this gateway for all kind of accesses to the Internet. Now I am testing a new Internet connection with another provider and for that I'm using a second gateway on the same subnet with 192.168.0.2 as IP address. I want to redirect only HTTP and HTTPS traffic to this second gateway keeping untouched the address of the default gateway set inside every workstation. How can I accomplish this task? What I have to change inside the first's gateway firewall configuration or routes? I tried with a DNAT like: DNAT loc:192.168.0.1 loc:192.168.0.2 tcp 80 but nothing worked. I use Shorewall for simplicity in configuration but I can understand even theorical answers which I will try to adapt to my case.

Read the article
What's the best practice for taking MySQL dump, encrypting it and then pushing to s3?

- by HalogenCreative

This current project requires that the DB be dumped, encrypted and pushed to s3. I'm wondering what might be some "best practices" for such a task. As of now I'm using a pretty straight ahead method but would like to have some better ideas where security is concerned. Here is the start of my script: mysqldump -u root --password="lepass" --all-databases --single-transaction > db.backup.sql tar -c db.backup.sql | openssl des3 -salt --passphrase foopass > db.backup.tarfile s3put backup/db.backup.tarfile db.backup.tarfile # Let's pull it down again and untar it for kicks s3get surgeryflow-backup/db/db.backup.tarfile db.backup.tarfile cat db.backup.tarfile | openssl des3 -d -salt --passphrase foopass |tar -xvj Obviously the problem is that this script everything an attacker would need to raise hell. Any thoughts, critiques and suggestions for this task will be appreciated.

Read the article
want to make my pages end with HTML

- by user41997

here is my current .htaccess For security reasons, Option followsymlinks cannot be overridden. Options +FollowSymlinks Options +SymLinksIfOwnerMatch ErrorDocument 404 /404.php RewriteEngine on rewritecond %{http_host} ^jugep.com [nc] rewriterule ^(.*)$ http://www.jugep.com/$1 [r=301,nc] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^peliculas/([^/]+)$ pelicula.php?pelicula=$1 [L] RewriteRule ^descargar/([^/]+)$ descargar.php?descargar=$1 [L] RewriteRule ^peliculas$ peliculas.php [L] RewriteRule ^peliculas/$ peliculas.php [L] RewriteRule ^buscar$ buscar.php [L] RewriteRule ^buscar/$ buscars.php [L] RewriteRule ^contactar$ contactar.php [L] RewriteRule ^contactar/$ contactars.php [L] +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Can someone help me out here, I would like my links to end with a HTML for every link currently a link on my site looks like this (http://www.jugep.com/peliculas/Casino_Royale) I would like it to look like this(http://www.jugep.com/peliculas/Casino_Royale.html) any help is greatly apreciated

Read the article
Local System Account in Windows Server 2008

- by user31676

Hi, Have the security persmission or anything else changed for the Local System Account in Windows Server 2008 versus Windows Server 2003? We have a service, that logs on as the Local System Account, that creates folders on the server (same server as the service is installed). It works perfectly when installed on Windows Server 2003 however when installed in Windows Server 2008 the folders do not get created. It appears as if the Local System Account does not have persmission to create the folders. Any insight that anyone can provide is greatly appreciated. Thanks, Scott

Read the article
Is there good FAT driver for FUSE? (Lightweight, not mountlo)

- by Vi.

FUSE filesystem list show some FuseFat and FatFuse. Both are old, FatFuse is read-only , FuseFat is non-buildable and probably depends on glib. Now I'm using mountlo for the task (mounting USB drives in generic way without root access or suid things (except of fusermount itself)), but it looks too big for such task. Using FUSE to mount external storage devices is good both for security and for flexibility reason: the kernel sees only block reads and writes while actual code that deals with filesystem details runs with user privileges, allowing user to use custom filesystems and preventing from kernel filesystem exploits. Is there good vfat FUSE driver?

Read the article
Is there any IP which refers to the internet?

- by victorferreira

Hello, guys, good morning. 127.0.0.1 is the local IP, isnt it? Is there a IP that I can use in order to refer to the any user in the internet? The thing is: i want to block a specific file to be accessed by the internet using IIS6. but i doesnt show me a clear way to do this. But i can define some security rules, for example: give IP restrictions for some file. So, i can deny for everybody (using that IP i am asking about) and allow for the internal IP. any suggestions?

Read the article
"Clear Text Credential Access Enabled" field

- by Dave

Searching for answers about the "Clear Text Credential Access Enabled" field, I found a question on an oracle forum that was my exactly what I was trying to find out. Thinking that my answer would soon be found, I happily click on the link only to find zero replies. All hope was lost. I am posting the question here, hoping that someone on this site will know the answer. Can somebody please explain the usage of "Clear Text Credential Access Enabled" checkbox under "-Security-Advanced tab for Weblogic 11g? What is the difference if we set or unset this flag? If I dont set this flag I get an exception like "Access to sensitive attribute in clear text is not allowed due to the setting of ClearTextCredentialAccessEnabled attribute in SecurityConfigurationMBean" when I try to set a value for the "Credential" field. But what should be the value for "Credential" field if I dont set the "Clear Text Credential Access Enabled"flag?

Read the article
Ubuntu server 9.10 freezes up after ~10 minutes - unconventional

- by L33tCh

There is a topic by essentially the same name, but my answer leads to another question which I would like answered so... My case is as follows: I connect through SSH to my server... no problems for many months on Ubuntu Server 9.04. Eventually I decided to updgrade and straight away I get the 10 minutes freeze problem. I went through all the possible fixes (many can be found here but my quick fix, the only that worked, leaves me with no real answer as to why and how to properly correct it... As ridiculous as it sounds... while I leave a keyboard plugged in... it runs without flaw. Can anyone make sense of this? For the sake of completeness, (although none of the following made any difference upon subsequent completion), some of the permanent changes I have made while trying to correct the issue are: replacing samba config file with 9.04 backup, booting with noapic and modifying sysctl.conf, just uncommenting additional settings for enhanced security.

Read the article
Applications on my laptop crashees every 10-20 minutes [closed]

- by user1731110

In my windows 7 home premium, several of my application crashes after some minutes even wehn I am not touching system. For example I have outlook 2007, that works fine, but suddenly crashes. The same about visual studio 2012. It is also crashes after some minute no matter if I am working on a project or I am not touching it. the same behaviour is there, for other applications (skype, oovoo and ...). I use Microsoft security essential and there is no virus on my system. I also checked my system with Sophos anti root kit and there is no root kit there. What would be the problem?

Read the article
Check SSD stability before returning it as broken?

- by data_jepp

I have the Transcend SSD 720 256GB 2,5" 7mm disk. And randomly I get disk IO in utorrent and large files copying to external will fail. I have removed it from my laptop since I need max stability. I use my laptop on exams. How can I really bench/make-it-sweat whilst connected to my desktop? I want to re-create some of the fails as I need proof if I am to return it. Firmware is updated. BIOS on laptop is updated. I could just completely nul the disk and then check for bad sectors, but is there anything else I could use for testing? Edit: It has 7 bad sector replacement operations. What does it mean?

Read the article
Windows 7 100% Memory Usage (without any process listed as using that much memory)

- by Paul Tarjan

When I plug my external USB 2TB hard drive into my windows 7 box, my RAM usage climbs up to all 4 Gigs (but in task manager it shows that all process are small) and the hard drive is churning like crazy. My CPU is only about 20% utilized All I can think of is there is a Virus scanner or an indexer running like crazy. I've tried to kill all virus scanners (AVG and Windows Security Essentials) and it still keeps going. My computer is completely unusable as everything is constantly swapping. I've tried leaving it on for 2 days now and it still hasn't finished whatever it was doing. Any ideas?

Read the article
Is it normal that Software installs in Admin user folder?

- by RoToRa

I've got a new computer with Windows 7, which I'm using for the first time. For security I decided to create a standard user for everyday work instead of using an admin account. However when I install programs logged in as the standard user (such as Aptana right now) they always try to install in the admin's user folder (C:\Users\Admin\AppData...). I'd expect the programs to install to the standard user's folder or Progran Files as in XP. This also leads to that I need to grant admin rights whenever I start such a program. Of course I could just change the installation path every time, but I find this behavior strange. Ist it normal, or did I somehow mess up the Windows 7 installation?

Read the article
Best Linux Distribution [closed]

- by kamalbhai

hi I am right now on Windows 7 alongwith a newly bought Dell Laptop .I want to install Linux too . I have been using Ubuntu 10.10 before . now I want to try a different flavour in Linux which has a good audio/video options & is security enhanced . Right now I have the following distributions : Ubuntu 10.10 OpenSuse 11.0 Fedora 13 . among the three mentioned above which might be the best to learn out things n get more close to linux .I am a student & eager to learn a lot of new things .... so which of the above would be the best for me ?

Read the article
Is there any IP which refers to the internet?

- by victorferreira

Hello, guys, good morning. 127.0.0.1 is the local IP, isnt it? Is there a IP that I can use in order to refer to the any user in the internet? The thing is: i want to block a specific file to be accessed by the internet using IIS6. but i doesnt show me a clear way to do this. But i can define some security rules, for example: give IP restrictions for some file. So, i can deny for everybody (using that IP i am asking about) and allow for the internal IP. any suggestions?

Read the article
Seperating paid and free users on SQl Server 2008 R2

- by Alex

Right now we have hundreds of "free demo" trial users on the same db server/database with our paid mission critical users. I see this as both a security risk and a load issue. I have also seen cases where demo users run large reports and crash the server.. Does it make sense to separate these users into separate databases on SQL? Rather than just have one DB for all users? My thinking is so one group of users has no effect on the other? Can one group still pose a risk if we do this? I plan to have them on separate web servers also (windows 2008 r2, iis 7, .net 4.0)

Read the article
What is the equivalent of domain admin on Sharepoint 2010?

- by user54266

I have to support Sharepoint on a daily basis but do not have the equivalent of domain access so I'm constantly having to ask the guy in charge of Sharepoint to add me to a new security group to complete my task. Rather than having to bug him all the time (he is only somewhat technical) it would be easier to simply have the equivalent of domain admin access for Sharepoint (I'm a sys admin and have domain admin access already but this doesn't seem to carry over to FOSS). What is the equivalent of domain admin access on Sharepoint 2010? Thanks in advance.

Read the article
Citrix on ESX 4 U1 - Slow login times

- by thomps01

I'm sure they'd be just as slow if not slower using ESX 3 but I'm looking for some assistance. On a physical Citrix server, logins are 1 - 4 seconds. The virtual - 16 - 23 seconds. I'm looking for performance enhancements that I can make to me VMs to try and reduce the login wait times. The hardware is fine (HP BL685 (24 cores, 64GB RAM). And there's nothing pushing it yet. Network 10Gb I'm planning to test the configuration with VMXNET3 tomorrow, but does anyone have a list a best practices I can use when testing?

Read the article
Webserver - Memory-bound or CPU-bound? [closed]

- by JJP

Possible Duplicate: How do you do Load Testing and Capacity Planning for Web Sites I'm installing a social network using Zend Framework & MySql, with lots of plugins & queries. I want Webserver & Sql server on one box. I'm trying to choose between two machines (on hetzner.de): A) intel i7-2600 3.4 GHz 16 GB DDR3 RAM B) intel i7-920 2.6 GHz 24 GB DDR3 RAM B has 50% more RAM but 30% slower clock speed. Q is: is it obvious where the bottleneck will be? Would I ever need 24GB of RAM, even with lots of concurrent users?

Read the article
Automate the process of looking for CVE (new vulnerabilities) related to our infrastructure

- by skinp

Is there any service available where you simply list the services, programs and versions you use, and when some CVE comes out about it, you automatically get alerted? Also, is there any other place to look for this kind of information. Do some people release security vulnerabilities to other places than CVE? So in general, how do you guys keep up to date with what might be vulnerable in your infrastructure? Edit: Since I've been asked, we are a Unix shop with mostly Red Hat and some HP-UX. I would still prefer a high level solution which are OS independent. What happens if we use software versions which are not in the official repositories of Red Hat/HP/... or simply not supported by them.

Read the article

< Previous Page | 563 564 565 566 567 568 569 570 571 572 573 574 | Next Page >