Search Results

Search found 5560 results on 223 pages for 'brute force attacks'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 6/223 | < Previous Page | 2 3 4 5 6 7 8 9 10 11 12 13  | Next Page >

  • samba 3.5 "force user" doesn't seem to be sticking

    - by myCubeIsMyCell
    After installing a new OS with newer version of samba, I'm having trouble accessing my shares. I can browse to the specific share, but only to the top level. As best I can tell from the logs, it seems the "force user" in the samba config isn't sticking beyond the initial connection. Details below. I installed a new version of CentOS on my storage server. My old CentOS (4?)install had samba version 3.0.33, new CentOS is using 3.5.10. No domain/AD involved ... just home workgroup. no real security... just some shares hidden & some defined as read-only. here's my config: [global] workgroup = WORKGROUP server string = Samba Server Version %v netbios name = luna security = share # logs split per machine log file = /var/log/samba/log.%m log level = 2 # max 50KB per log file, then rotate max log size = 50 winbind use default domain = Yes [strge] comment = please path = /storage browseable = yes read only = no force user = windowsguest force group = users guest ok = yes So... the problem I'm running into is that the 'force user' only seems to hold for the initial connection & I see all the top level folders fine. When I drill into a folder I get access denied - which appears to be due to my windows user info being sent (trys to authenticate xuser - a non-existant user to samba, so maps to nobody & fails). Here's the smb error msg: [2012/11/29 14:30:27.326195, 2] auth/auth.c:314(check_ntlm_password) check_ntlm_password: Authentication for user [xuser] -> [xuser] FAILED with error NT_STATUS_NO_SUCH_USER [2012/11/29 14:30:27.326251, 2] auth/auth.c:314(check_ntlm_password) check_ntlm_password: Authentication for user [nobody] -> [nobody] FAILED with error NT_STATUS_NO_SUCH_USER Most of the top level directories are 755, some 777. Either way, can not access them. If I do a chown -R windowsguest.users ... no change... but if I do a chmod -R to 777 or 755 they become browsable... but still can't create files (even for 777 ones). Not sure what role it plays if any... but had to recreate the user windowsguest under the new os install, uid & gid match old user. Seems the main issue as far as I can tell is that samba isn't maintaining the 'force user' - but I could be wildly off base. Client OS is win7 pro x64. Thanks for any suggestions or advice!

    Read the article

  • How to Force Graphics Options in PC Games with NVIDIA, AMD, or Intel Graphics

    - by Chris Hoffman
    PC games usually have built-in graphics options you can change. But you’re not limited to the options built into games — the graphics control panels bundled with graphics drivers allow you to tweak options from outside PC games. For example, these tools allow you to force-enabling antialiasing to make old games look better, even if they don’t normally support it. You can also reduce graphics quality to get more performance on slow hardware. If You Don’t See These Options If you don’t have the NVIDIA Control Panel, AMD Catalyst Control Center, or Intel Graphics and Media Control Panel installed, you may need to install the appropriate graphics driver package for your hardware from the hardware manufacturer’s website. The drivers provided via Windows Update don’t include additional software like the NVIDIA Control Panel or AMD Catalyst Control Center. Drivers provided via Windows Update are also more out of date. If you’re playing PC games, you’ll want to have the latest graphics drivers installed on your system. NVIDIA Control Panel The NVIDIA Control Panel allows you to change these options if your computer has NVIDIA graphics hardware. To launch it, right-click your desktop background and select NVIDIA Control Panel. You can also find this tool by performing a Start menu (or Start screen) search for NVIDIA Control Panel or by right-clicking the NVIDIA icon in your system tray and selecting Open NVIDIA Control Panel. To quickly set a system-wide preference, you could use the Adjust image settings with preview option. For example, if you have old hardware that struggles to play the games you want to play, you may want to select “Use my preference emphasizing” and move the slider all the way to “Performance.” This trades graphics quality for an increased frame rate. By default, the “Use the advanced 3D image settings” option is selected. You can select Manage 3D settings and change advanced settings for all programs on your computer or just for specific games. NVIDIA keeps a database of the optimal settings for various games, but you’re free to tweak individual settings here. Just mouse-over an option for an explanation of what it does. If you have a laptop with NVIDIA Optimus technology — that is, both NVIDIA and Intel graphics — this is the same place you can choose which applications will use the NVIDIA hardware and which will use the Intel hardware. AMD Catalyst Control Center AMD’s Catalyst Control Center allows you to change these options on AMD graphics hardware. To open it, right-click your desktop background and select Catalyst Control Center. You can also right-click the Catalyst icon in your system tray and select Catalyst Control Center or perform a Start menu (or Start screen) search for Catalyst Control Center. Click the Gaming category at the left side of the Catalyst Control Center window and select 3D Application Settings to access the graphics settings you can change. The System Settings tab allows you to configure these options globally, for all games. Mouse over any option to see an explanation of what it does. You can also set per-application 3D settings and tweak your settings on a per-game basis. Click the Add option and browse to a game’s .exe file to change its options. Intel Graphics and Media Control Panel Intel integrated graphics is nowhere near as powerful as dedicated graphics hardware from NVIDIA and AMD, but it’s improving and comes included with most computers. Intel doesn’t provide anywhere near as many options in its graphics control panel, but you can still tweak some common settings. To open the Intel graphics control panel, locate the Intel graphics icon in your system tray, right-click it, and select Graphics Properties. You can also right-click the desktop and select Graphics Properties. Select either Basic Mode or Advanced Mode. When the Intel Graphics and Media Control Panel appears, select the 3D option. You’ll be able to set your Performance or Quality setting by moving the slider around or click the Custom Settings check box and customize your Anisotropic Filtering and Vertical Sync preference. Different Intel graphics hardware may have different options here. We also wouldn’t be surprised to see more advanced options appear in the future if Intel is serious about competing in the PC graphics market, as they say they are. These options are primarily useful to PC gamers, so don’t worry about them — or bother downloading updated graphics drivers — if you’re not a PC gamer and don’t use any intensive 3D applications on your computer. Image Credit: Dave Dugdale on Flickr     

    Read the article

  • Properly force SSL with .htaccess, no double authentication

    - by cwd
    I'm trying to force SSL with .htaccess on a shared host. This means there I only have access to .htaccess and not the vhosts config. I know you can put a rule in the VirtualHost config file to force SSL which will be picked up there (and acted upon first), preventing double authentication, but I can't get to that. Here's the progress I've made: Config 1 This works pretty well but it does force double authentication if you visit http://site.com - once for http and then once for https. Once you are logged in, it automatically redirects http://site.com/page1.html to the https coutnerpart just fine: RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] RewriteEngine on RewriteCond %{HTTP_HOST} !(^www\.site\.com*)$ RewriteRule (.*) https://www.site.com$1 [R=301,L] AuthName "Locked" AuthUserFile "/home/.htpasswd" AuthType Basic require valid-user Config 2 If I add this to the top of the file, it works a lot better in that it will switch to SSL before prompting for the password: SSLOptions +StrictRequire SSLRequireSSL SSLRequire %{HTTP_HOST} eq "site.com" ErrorDocument 403 https://site.com It's clever how it will use the SSLRequireSSL option and the ErrorDocument403 to redirect to the secure version of the site. My only complaint is that if you try and access http://site.com/page1.html it will redirect to https://site.com/ So it is forcing SSL without a double-login, but it is not properly forwarding non-SSL resources to their SSL counterparts. Regarding the first config, Insyte mentioned "using mod_rewrite to perform a simple redirect is a bit of overkill. Use the Redirect directive instead. It's possible this may even fix your problem, as I believe mod_rewrite rules are some of the last directives to be processed, just before the file is actually grabbed from the filesystem" I have not had no such luck on finding a force-ssl config option with the redirect directive and so have been unable to test this theory.

    Read the article

  • d3.js force layout increase linkDistance

    - by user1159833
    How to increase linkDistance without affecting the node alignment, example: http://mbostock.github.com/d3/talk/20110921/force.html when I try to increase the circle radius and linkDistance the it collapse <script type="text/javascript"> var w = 1280, h = 800, z = d3.scale.category20c(); var force = d3.layout.force() .size([w, h]); var svg = d3.select("#chart").append("svg:svg") .attr("width", w) .attr("height", h); svg.append("svg:rect") .attr("width", w) .attr("height", h); d3.json("flare.json", function(root) { var nodes = flatten(root), links = d3.layout.tree().links(nodes); force .nodes(nodes) .links(links) .start(); var link = svg.selectAll("line") .data(links) .enter().insert("svg:line") .style("stroke", "#999") .style("stroke-width", "1px"); var node = svg.selectAll("circle.node") .data(nodes) .enter().append("svg:circle") .attr("r", 4.5) .style("fill", function(d) { return z(d.parent && d.parent.name); }) .style("stroke", "#000") .call(force.drag); force.on("tick", function(e) { link.attr("x1", function(d) { return d.source.x; }) .attr("y1", function(d) { return d.source.y; }) .attr("x2", function(d) { return d.target.x; }) .attr("y2", function(d) { return d.target.y; }); node.attr("cx", function(d) { return d.x; }) .attr("cy", function(d) { return d.y; }); }); }); function flatten(root) { var nodes = []; function recurse(node, depth) { if (node.children) { node.children.forEach(function(child) { child.parent = node; recurse(child, depth + 1); }); } node.depth = depth; nodes.push(node); } recurse(root, 1); return nodes; } </script>

    Read the article

  • What are the best practices for avoid xss attacks in a PHP site

    - by rikh
    I have PHP configured so that magic quotes are on and register globals are off. I do my best to always call htmlentities() for anything I am outputing that is derived from user input. I also occasionally seach my database for common things used in xss attached such as... <script What else should I be doing and how can I make sure that the things I am trying to do are always done.

    Read the article

  • Replay attacks for HTTPS requests

    - by MatthewMartin
    Let's say a security tester uses a proxy, say Fiddler, and records an HTTPS request using the administrator's credentials-- on replay of the entire request (including session and auth cookies) the security tester is able to succesfully (re)record transactions. The claim is that this is a sign of a CSRF vulnerability. What would a malicious user have to do to intercept the HTTPS request and replay it? It this a task for script kiddies, well funded military hacking teams or time-traveling-alien technology? Is it really so easy to record the SSL sessions of users and replay them before the tickets expire? No code in the application currently does anything interesting on HTTP GET, so AFAIK, tricking the admin into clicking a link or loading a image with a malicious URL isn't an issue.

    Read the article

  • Drupal SQL injection attacks prevention and apostrophe handling in Forms

    - by jini
    in typical PHP applications I used to use mysql_real_escape_string before I did SQL inserts. However I am unable to do that in Drupal so would need some assistance. And without any sort of function like that, user input with apostrophes is breaking my code. Please suggest. Thank You My SQL is as follows: $sql = "INSERT INTO some_table (field1, field2) VALUES ('$field1', '$field2')"; db_query($sql);

    Read the article

  • How should I protect against hard link attacks?

    - by Thomas
    I want to append data to a file in /tmp. If the file doesn't exist I want to create it I don't care if someone else owns the file. The data is not secret. I do not want someone to be able to race-condition this into writing somewhere else, or to another file. What is the best way to do this? Here's my thought: fd = open("/tmp/some-benchmark-data.txt", O_APPEND | O_CREAT | O_NOFOLLOW | O_WRONLY, 0644); fstat(fd, &st); if (st.st_nlink != 1) { HARD LINK ATTACK! } What's the right way? Besides not using a world-writable directory.

    Read the article

  • how to force an illegal netmask in ubuntu

    - by user1064232
    I want to force a netmask on my Ubuntu machine. For example, I want 11.0.0.1 to get a netmask of 255.255.255.0 I tried editing /etc/network/interfaces and I forced the desired netmask, but as soon as I restarted the interfaces it changed it back to the default value. When I used ifconfig the netmask that I gave survived the interface restart but it was reset as soon as I rebooted the machine. Is there a way to force an "illegal" netmask on an interface?

    Read the article

  • Finding the reason of a force shutdown of a VM

    - by Ricardo Reyes
    We have a linux VM running under XenServer that reboots itself with no apparent reason. Checking the /var/log files in Xen we noticed that it's sending a force shutdown to the VM, like this: messages:Dec 6 15:01:07 XenSrvDell2 BLKTAP-DAEMON[7309]: /local/domain/0/backend/tap/19/51728: got start/shutdown watch on /local/domain/0/backend/tap/19/51728/tapdisk-request What we can't find is the reason why the force-shutdown was initiated. Is there any "higher level log" that might tell us who or why triggered the shutdown?

    Read the article

  • Force Pinned taskbar items to be "icon only" all the time in Windows 7

    - by Robert
    By default (at least in my installation), pinned items on the taskbar will be "icon only" when they have no active windows, but when there are active window, the icon expanded to include text (typically some portion of the title text). I'm looking for a way to either: A (preferred option): For any single pinned item, force this pinned item to always display as just the icon even if it has active windows. OR B (acceptable option): Force ALL pinned items to always display as icon only in the taskbar

    Read the article

  • SQL SERVER Force Index Scan on Table Use No Index to Retrieve the Data Query Hint

    Recently I received the following two questions from readers and both the questions have very similar answers.Question 1: I have a unique requirement where I do not want to use any index of the table; how can I achieve this?Question 2: Currently my table uses clustered index and does seek operation; how can I convert [...]...Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

    Read the article

  • Force SSL using 301 Redirect on IIS7 gets 401.1 Error

    - by user2879305
    I've got a site that is using an Execute URL in the 403.4 error page slot that calls a page named forcessl.aspx. Here's the contents of the file: strWork = Replace(strQUERY_STRING, "http", "https") strWork = Replace(strWork, "403;", "") strWork = Replace(strWork, "80", "") strSecureURL = strWork Response.Write(strSecureURL) Response.Redirect(strSecureURL) Catch ex As Exception End Try End If % This particular site gets a 401.1 error if https:// is not added to the url. I have several other sites using the same method that work fine and this one mirrors those in all ways that I can tell (folder permissions, etc). This new site is just a subdomain of the same domain that the other sites are using. The main domain has a wildcard SSL cert. What else should I check?

    Read the article

  • force recompilation of war file including its Jar dependencies

    - by Mik378
    I have a project A (a webapp), depending on project B (B.jar) and this one depending on project C (C.jar). I would like to create a maven goal named "Rebuild War", that clean all compiled code for these 3 projects and rebuild the whole in order to obtain a fresh War file. I tried mvn clean package on project A, but I noticed that B and C are not recompiled. Indeed, B.jar and C.jar that are contained in local repository don't have a changing creation date. Is there an adapted maven command for this requirement ?

    Read the article

  • Force apt to remove all emacs*

    - by wishi
    Hi! I have a bug-problem with the apt-packages of emacs: >>Error occurred processing debian-ispell.el: File error (("Opening input file" "no such file or directory" "/usr/share/emacs23/site-lisp/dictionaries-common/debian-ispell.el")) >>Error occurred processing ispell.el: File error (("Opening input file" "no such file or directory" "/usr/share/emacs23/site-lisp/dictionaries-common/ispell.el")) >>Error occurred processing flyspell.el: File error (("Opening input file" "no such file or directory" "/usr/share/emacs23/site-lisp/dictionaries-common/flyspell.el")) emacs-install: /usr/lib/emacsen-common/packages/install/dictionaries-common emacs23 failed at /usr/lib/emacsen-common/emacs-install line 28, <TSORT> line 30. dpkg: error processing emacs23-lucid (--configure): subprocess installed post-installation script returned error exit status 1 dpkg: dependency problems prevent configuration of emacs: emacs depends on emacs23 | emacs23-lucid | emacs23-nox; however: Package emacs23 is not installed. Package emacs23-lucid which provides emacs23 is not configured yet. Package emacs23-nox which provides emacs23 is not installed. Package emacs23-lucid is not configured yet. Package emacs23-nox is not installed. dpkg: error processing emacs (--configure): dependency problems - leaving unconfigured No apport report written because the error message indicates its a followup error from a previous failure. Errors were encountered while processing: emacs23-lucid emacs E: Sub-process /usr/bin/dpkg returned an error code (1) In fact I would be satisfied with just emacs23-nox, a couple of plugins - from apt. But I can neither --purge nor --purge reinstall, nor remove the packages. It always processes until this certain bug. I did some google-searching, found some stuff on Launchpad suggesting: sudo apt-get install --reinstall --purge emacsen-common But this is the same... so I hope there a way to tell app to just remove everything releated to emacs, and to start from scratch again? Thanks, Marius

    Read the article

  • DNS configuration to force root domain to www

    - by kolosy
    we have an app running on heroku. the dns setup is like this: A record for domain.com - heroku front end ip addresses CNAME for www.domain.com - specific host name for our app provided by heroku we also have an SSL cert for www.domain.com. the issue is that if someone goes to https://domain.com/secure_stuff, they will get heroku's SSL cert, instead of ours, causing lots of fear. We can do things on our end to make sure that all of our URLs point to https://www.domain.com, but it still won't solve this specific issue. is there a way to configure the DNS record to redirect all root domain traffic to the www subdomain?

    Read the article

  • Force Blank TextBox with ASP.Net MVC Html.TextBox

    - by Doug Lampe
    I recently ran into a problem with the following scenario: I have data with a parent/child data with a one-to-many relationship from the parent to the child. I want to be able to update parent and existing child data AND add a new child record all in a single post. I don't want to create a model just to store the new values. One of the things I LOVE about MVC is how flexible it is in dealing with posted data.  If you have data that isn't in your model, you can simply use the non-strongly-typed HTML helper extensions and pass the data into your actions as parameters or use the FormCollection.  I thought this would give me the solution I was looking for.  I simply used Html.TextBox("NewChildKey") and Html.TextBox("NewChildValue") and added parameters to my action to take the new values.  So here is what my action looked like: [HttpPost] public ActionResult EditParent(int? id, string newChildKey, string newChildValue, FormCollection forms) {     Model model = ModelDataHelper.GetModel(id ?? 0);     if (model != null)     {         if (TryUpdateModel(model))         {             if (ModelState.IsValid)             {                 model = ModelDataHelper.UpdateModel(model);             }             string[] keys = forms.GetValues("ChildKey");             string[] values = forms.GetValues("ChildValue");             ModelDataHelper.UpdateChildData(id ?? 0, keys, values);             ModelDataHelper.AddChildData(id ?? 0, newChildKey, newChildValue);             model = ModelDataHelper.GetModel(id ?? 0);         }        return View(report);     }    return new EmptyResult(); } The only problem with this is that MVC is TOO smart.  Even though I am not using a model to store the new child values, MVC still passes the values back to the text boxes via the model state.  The fix for this is simple but not necessarily obvious, simply remove the data from the model state before returning the view: ModelState.Remove("NewChildKey"); ModelState.Remove("NewChildValue"); Two lines of code to save a lot of headaches.

    Read the article

  • How to change system time or force a time sync

    - by cpury
    My laptop is probably running out of CMOS battery, I know I have to fix it soon, but until then, this very annoying issue keeps me from using it. Scenario: My system clock is reset to 15/12/08 11:00 AM every time I turn on my computer. This has all sorts of side-effects, one of the more annoying being that I can't log into my gmail. At first I just waited for a time sync to happen, as I have that activated and all. It never happened. I googled and didn't find any way of enforcing a time sync, which I found very strange. Is there really none? Setting the time and date by hand is also a problem. For my 12.10 installation, the time & date settings are bugged. I remember it being for my last, older installation as well, though. Of course the easiest way should be to just manually edit the date and time fields by entering a new date. This is possible in theory, but the changes are reverted as soon as the text boxes loose focus. The other way to do it is to click the +-buttons for a long, long time. The first time I did that, the changes weren't stored either. I found out that afterwards I have to switch from manual to internet-sync mode and wait ~5 seconds until the in the top left corner of my system the new time is shown, or otherwise it won't have effect. So a nice solution would be one of the following: Setting the time/date by hand, maybe via terminal, so I can just enter the right values. Or, a command that would enforce an immediate time sync, that I can run after booting. I know I have to change the batteries soon, but this is seriously keeping me from working...

    Read the article

  • When selecting Bookmarks in Chromium causes force close

    - by pst007x
    Chromium or Google Chrome in Ubuntu 12.04, selecting Bookmarks from the drop down menu causes Chromium/Chrome to close. Terminal: pst007x@pst007x-Serval-Professional:~$ google-chrome ALSA lib pcm_dmix.c:957:(snd_pcm_dmix_open) The dmix plugin supports only playback stream ALSA lib pcm_dmix.c:957:(snd_pcm_dmix_open) The dmix plugin supports only playback stream [466:466:24874766730:ERROR:gles2_cmd_decoder.cc(4932)] GL ERROR :GL_INVALID_VALUE : glDeleteProgram: unknown program ALSA lib pcm_dmix.c:957:(snd_pcm_dmix_open) The dmix plugin supports only playback stream ALSA lib pcm_dmix.c:957:(snd_pcm_dmix_open) The dmix plugin supports only playback stream [466:466:24877302452:ERROR:gles2_cmd_decoder.cc(4932)] GL ERROR :GL_INVALID_VALUE : glDeleteProgram: unknown program [466:466:24878889327:ERROR:gl_context_glx.cc(163)] Couldn't make context current with X drawable. [466:466:24878999015:ERROR:x11_util.cc(1273)] X Error detected: serial 150, error_code 146 (GLXBadDrawable), request_code 135, minor_code 5 (Unknown) Aborted I have deleted my profile, I have installed the latest Chromium/Chrome and tried BETA and UNSTABLE releases. It seems to be an issue with my Ubuntu installation. Any ideas? Thanks Current Chromium Version: 23.01246.0r153452-Oubuntu1 (precise) Current Chrome Version: 21.0.1180.89-r154005 (Stable) pst007x@pst007x-Serval-Professional:~$ lsb_release -a LSB Version: core-2.0-amd64:core-2.0-noarch:core-3.0-amd64:core-3.0-noarch:core-3.1-amd64:core-3.1-noarch:core-3.2-amd64:core-3.2-noarch:core-4.0-amd64:core-4.0-noarch Distributor ID: Ubuntu Description: Ubuntu 12.04.1 LTS Release: 12.04 Codename: precise pst007x@pst007x-Serval-Professional:~$

    Read the article

  • Force ntfs volumes to be treated like any other by default

    - by soandos
    I have a 20 GB NTFS volume that I was planning on using for a variety of purposes, including being readable by windows with little effort. Unfortunately, for some reason, I cannot execute any files on the drive, even after following the answer here (I was able to mount the volume just fine, but the error persists). How can I fix this? Output from mount: /dev/sda1 on / type ext4 (rw,errors=remount-ro) proc on /proc type proc (rw,noexec,nosuid,nodev) sysfs on /sys type sysfs (rw,noexec,nosuid,nodev) none on /sys/fs/cgroup type tmpfs (rw) none on /sys/fs/fuse/connections type fusectl (rw) none on /sys/kernel/debug type debugfs (rw) none on /sys/kernel/security type securityfs (rw) udev on /dev type devtmpfs (rw,mode=0755) devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=0620) tmpfs on /run type tmpfs (rw,noexec,nosuid,size=10%,mode=0755) none on /run/lock type tmpfs (rw,noexec,nosuid,nodev,size=5242880) none on /run/shm type tmpfs (rw,nosuid,nodev) none on /run/user type tmpfs (rw,noexec,nosuid,nodev,size=104857600,mode=0755) none on /sys/fs/pstore type pstore (rw) systemd on /sys/fs/cgroup/systemd type cgroup (rw,noexec,nosuid,nodev,none,name=systemd) gvfsd-fuse on /run/user/1000/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,user=daniel)

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 2 3 4 5 6 7 8 9 10 11 12 13  | Next Page >