Search Results

Search found 2788 results on 112 pages for 'symantec endpoint protect'.

Page 60/112 | < Previous Page | 56 57 58 59 60 61 62 63 64 65 66 67  | Next Page >

• How to mount /tmp in /mnt on EC2?

  - by Claudio Poli

  I was wondering what is the best way to mount the /tmp endpoint in the ephemeral storage /mnt on an EC2 instance and give the ubuntu user default write permissions. Some suggest editing /etc/rc.local this way: mkdir -p /mnt/tmp && mount --bind -o nobootwait /mnt/tmp /tmp However that doesn't work for me (files differs). I tried editing the default fstab entry: /dev/xvdb /mnt auto defaults,nobootwait,comment=cloudconfig 0 2 replacing /mnt with /tmp and and giving it a umask=0777, however it doesn't work because of cloudconfig. I'm using Ubuntu 12.04. Thanks.

  Read the article

• Encrypted passwords for better security on server

  - by Ke

  Hi, I use wordpress and other CMS's and all these have plain text passwords in their config files e.g. in wp-config.php I wonder is this the normal way an administrator would protect security? I realise its possible to move the wp-config outside of the root web directory, but still if the server itself is compromised, its possible to find the wp-config file and the password inside, then the system is comprimised. Is there a way to encrypt all passwords on the system, so that in the web applications config files it uses the encrypted pass and not just plain text? Is there a sensible way of keeping plain-text passwords off the server? PS i use linux vps ubuntu servers Cheers Ke

  Read the article

• Fixing corrupt AVG vault? All files in USB drive are locked out.

  - by Kelsey

  I was doing a virus scan on an external USB drive and while AVG was scanning my system got locked up and required a reboot. Since that time all data on the external drive is no longer accessible. I can see all the files in the root and directorys but I cannot browse into any of them as Windows 7 gives an error stating they are corrupt. If I show hidden files there is a hidden AVG directory that I know was not there to begin with and I am assuming it is some type of vault to protect files while being scanned. Well not the entire drives contents are unaccessible because I think whatever does the managing of the scan failed during the roobt and left the headers or something in a corrupt state. Does anyone know how to 'unlock' or recover this data? Luckily I can recover this data from other sources as a last resort but I would like to fix this if possible. Any help would be appreciated. Thanks.

  Read the article

• DRS: Unknown JNLP Location

  - by Joe

  We are using Deployment Rule Sets to limit access to the older JRE to well-known applications like - but are running into a problem. One business critical applications has the following properties (*s to protect info): title: Enterprise Services Repository location: null jar location: http://app.*.com:52400/rep/repository/*.jar jar version: null isArtifact: true The application downloads a .jnlp file, and uses java web start to execute. Since the location is null, this application cannot be targeted by a location rule. And the certificate hash method only works when the application is cached (being ran more than once). If cache storing is off, which is the case in some situations, how can this application be targeted? Or at least told to run with an older JRE on start? This problem is specifically noted in this bug Thanks!

  Read the article

• Necesity of ModSecurity if Apache is behind Nginx

  - by Saif Bechan

  I have my Apache installed behind Nginx. So every request that comes in is first handeled by Nginx. If there is dynamic content needed the request is send to Apache which listens on port 8080. Pretty basic reverse proxy setup. Now with this setup the first entry point is Nginx. Is it still needed to install ModSecurity to protect Apache against unwanted request. Or should I just focus on protecting Nginx as this is the first entry point. All suggestions are welcome.

  Read the article

• Strongswan and OpenVPN together

  - by cmorgia

  I have an host in Amazon EC2 which is configured with an OpenVPN Access Server. The only client to this server is acting as a gateway from a private network. I installed StrongSWAN 5 on the same host to allow windows 7 and iOS clients to connect using IPSEC. Both services works but what I cannot figure out is how to configure StrongSWAN to consider the OpenVPN tunnel endpoint as the only gateway available to clients. Basically I want all the traffic that comes from IPSEC clients to be entirely forwarded to the OpenVPN tunnel. The remote OpenVPN client that is exposing the private network has forwarding enabled and appropriate masquerading configured. The only missing point is to have the OpenVPN tunnel as the gateway for IPsEC clients

  Read the article

• UDP packets to IP addresses other than specific ones not arriving and not shown in Wireshark

  - by Max

  I'm writing a service using UDP, but I can't manage to reply to the client. When sending to the client via the DHCP-assigned IP (192.168.1.143) Wireshark shows no sent packets. The server receives and Wireshark shows any packet sent by the client (broadcasted). If I send to a random, unassigned IP Wireshark doesn't show it. I thought the NIC would happily send it, since there is a router in the way - shouldn't Wireshark show it, even though it cannot possibly be received by a remote endpoint? If I send to either the router IP or another (specific, there is only one other) computer, the packet is shown in Wireshark. I am running Windows 7, the firewall is turned off using the control panel. Does the fact that wireshark doesn't show these packets mean that they aren't sent? What reason could there be for showing packets to one IP, but not another, on the same subnet?

  Read the article

• How can I connect a Windows 8 PC to a Samba domain

  - by Paul

  I am using Samba 3, and want to join my Windows 8 PC to the Samba domain. Windows 8 cannot join out of the box, so I added the following registry entries: HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters DWORD DomainCompatibilityMode 1 DWORD DNSNameResolutionRequired 0 And now it talks to the Samba server ok, however I get the following error: And I notice that the machine name created on the samba server does not match its name: win-8jq3fg1n74e$:x:30003:30003:Machine:/var/lib/nobody:/bin/false It is like it is using an internal name. The following is the error in the smb.log [2012/10/21 14:26:16.099520, 0] passdb/pdb_interface.c:348(pdb_default_create_user) _samr_create_user: Running the command `/usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false win-8jq3fg1n74e$' gave 9 [2012/10/21 14:26:28.143224, 0] lib/util_sock.c:474(read_fd_with_timeout) [2012/10/21 14:26:28.143420, 0] lib/util_sock.c:1441(get_peer_addr_internal) getpeername failed. Error was Transport endpoint is not connected read_fd_with_timeout: client 0.0.0.0 read error = Connection reset by peer.

  Read the article

• MikroTik ipv6 Tunnel

  - by MikeSmitty

  I've got a MikroTik router set up with the latest stable OS on it, and I just set up an ipv6 tunnel with Hurricane Electric, but I'm having an odd issue with it. I can't ping anything until I first ping the tunnel endpoint on HE's side. After that I can ping any ipv6 address fine, but give it a little time (say, maybe 30 sec) and I can't ping any ipv6 addresses again. Whenever it stops allowing ping to go through I notice the counter on my firewall rule that drops invalid connections goes up. this is my ipv6 firewall config: add action=accept chain=input comment="" connection-state=established \ disabled=no in-interface=sit1 add action=accept chain=input comment="" connection-state=related disabled=no \ in-interface=sit1 add action=accept chain=input comment="" disabled=no in-interface=bridge \ src-address=ipv6_address_here/64 add action=drop chain=input comment="" connection-state=invalid disabled=no \ in-interface=sit1 add action=drop chain=input comment="" disabled=no in-interface=sit1 Any ideas on what it could be?

  Read the article

• Connecting Small business network to Azure Site to Site VPN

  - by MarkKGreenway

  Would like to have connectivity between azure virtual machines and on LAN users. My current network has a Cisco ISA550 connected to the WAN (one Ethernet cable into the office the fiber transceiver is on a different floor)and any public servers can be one-to one NAT-ed to have a public and private IP. What is the best way to get a reliable connection. Between end users and the cloud? I want to know the preferred on site endpoint. Do the azure vm's have to have a local ip in the LAN subnet? (Right now 10.10.0.0/20 or 255.255.240.0 to give room if this is the case). If in purchased an asa550 would I put it behind or in front of the isa550. Would it be ahead or peer with the users switches? What is the best way to get a reliable connection. Between end users and the cloud servers?

  Read the article

• Cisco WebVPN RDP Plugin and NLA

  - by bab

  I'm having trouble finding anything in Cisco's docs or with Google searches, so I'm hoping someone out in ServerFault land might know. We've recently enabled NLA domain-wide to protect against some of the recent RDP vulnerabilities. However, we can no longer use the Cisco WebVPN on our ASA to connect to these boxes (Connection Failure). I assume this is because the RDP2 plugin (as of Apr 27 2012) doesn't support NLA? Is there another version of the plugin that does? Thanks!

  Read the article

• Recommended apps for securing/protecting a new desktop machine install?

  - by Eddie Parker

  I'm hoping to harness the collective tips of superuser to gather recommended apps/configurations to keep a new desktop clean, virus free, and hopefully lower software rot. I ask because I've recently come across tools like dropbox, deepfreeze, returnil, etc, and I'm curious what other ones are out there to protect a new box. I personally am interested in Windows, but feel free to comment on whatever OS you'd like, freeware or otherwise. Ideally specify the OS in your answer(s). One answer per program please. Then, rather than duplicate posts, vote for the program if it is already listed. UPDATE: It's been noted that there are other questions similar to this one [1], so I'd ask that these answers focus on security and protection. [1] Related questions: http://superuser.com/questions/1241/what-are-some-must-have-windows-programs http://superuser.com/questions/1191/what-are-some-must-have-mac-os-x-programs http://superuser.com/questions/1430/must-have-linux-software http://superuser.com/questions/3855/must-have-networking-security-tools

  Read the article

• Easy Deployment Split Tunnel VPN Connection

  - by Joey Harris

  I was wondering if anybody could offer some insight as to how I can mass deploy VPN connection settings that support split tunneling. It has to work on both Mac and Windows systems though if a script is used, it obviously can be 2 separate scripts for both platforms. I will be setting up a Windows server with a file server and Exchange server and to access the file server I will have the clients go through VPN because we will have sensitive data. I don't want the servers network to be bogged down with the clients normal internet traffic so I will be needing some way to setup split tunneling on the clients without them having to put in a few commands every time to setup the static routes. Ive looked at Cisco VPN client but I want to try and stick with windows RRAS and avoid buying a Cisco VPN endpoint. Im basically looking for a good VPN client that can support split tunneling and mass deployment.

  Read the article

• Truecrypt or default Disk Utility on Mac?

  - by Kaushik Gopal

  Windows by default doesn't come with a password protect folder option (other that Win7 ultimate), so I used to swear by Truecrypt which was great. But I've read in a couple of places that Mac OS X by default has a way of protecting folders using the Default Disk Utility. So my question is which is better, using TrueCrypt on the Mac or just sticking with the default Disk Utils app? Can somebody let me know the advantages of one over the other? A summary from the very helpful answers below: if you're looking for cross-platform usage Truecrypt is the obvious tool of choice if you're looking for convenience, and intend to stick only to the Mac platform, use the default Disk Utils app.

  Read the article

• dead man's switch for remote networking interventions

  - by ascobol

  Hi, As I'm going to change the network configuration of a remote server, I was thinking of some security mechanisms to protect me from accidentally loosing control on the server. The level-0 protection I'm using is a scheduled system reboot: # at now+x minutes > reboot > ctrl+D where x is the delay before reboot. While this works relatevly well for very simple tasks like playing with iptables this method has at least two drawbacks: It's not very reactive, ie a connectivity problem should be detected automatically if for example an automatic remote ssh command fails does not work anymore for x seconds. It can obviously not work if one need to modify some configuration files and then reboot to test the changes. Are you guys using some tool for the second point ? I would love to have something able to revert the system configuration in a previously known stable state if I can't join the server X minutes after reboot. Thanks!

  Read the article

• In Puppet, how would I secure a password variable (in this case a MySQL password)?

  - by Beaming Mel-Bin

  I am using Puppet to provision MySQL with a parameterised class: class mysql::server( $password ) { package { 'mysql-server': ensure => installed } package { 'mysql': ensure => installed } service { 'mysqld': enable => true, ensure => running, require => Package['mysql-server'], } exec { 'set-mysql-password': unless => "mysqladmin -uroot -p$password status", path => ['/bin', '/usr/bin'], command => "mysqladmin -uroot password $password", require => Service['mysqld'], } } How can I protect $password? Currently, I removed the default world readable permission from the node definition file and explicitly gave puppet read permission via ACL. I'm assuming others have come across a similar situation so perhaps there's a better practice.

  Read the article

• Azure VM with many IPs or SSL certificates

  - by timmah.faase

  I am looking to move our hosting environment to Azure and by doing so have created a sandpit VM to figure things out. We host around 300-400 websites in IIS and about 2% of these sites have unique, non wildcard certificates all requiring a unique public IP in our current setup. Can you get a range of IPs pointing to 1 VM/Endpoint? Or is it possible to create an SSL proxy? I've never created an SSL proxy but like the idea of it. I'd need advise here on how to proceed if this is the best option. Sorry if this has been answered! Sorry also if my question isn't worded eloquently.

  Read the article

• how can make transparent proxy on more than one port?

  - by ermya

  i want to make transparent proxy with linux ( centos) , i want all incoming connection on port 1000 - 2000 on eth0 forward to eth1 on port 1000 - 2000 in transparent mode i have 2 server 1- linux ( proxy server) 2- windows i want protect my windows server with my linux server firewall also i must make transparent proxy with my linux server linux server have 2 interface one for public network an another for private network connected to windows server so all incoming connection must connect to the linux server (at eth0 public network) first and after checking , must forward to the windows server on private network (with linux interface eth1 ) i can use squid for making transparent proxy but i dont know how i must config the squid for multi port because i want listen in more than 1000 ports for example from port 1000 to 2000 anyone know how can i do ?

  Read the article

• s3fs: how to force remount on errors?

  - by Alexander Gladysh

  I use s3fs 1.33 on Ubuntu 9.10. Regularily it gives me errors like this: rsync: writefd_unbuffered failed to write 4 bytes to socket [sender]: Broken pipe (32) rsync: close failed on "/mnt/s3/mybucket/filename": Software caused connection abort (103) rsync error: error in file IO (code 11) at receiver.c(731) [receiver=3.0.6] rsync: connection unexpectedly closed (86 bytes received so far) [sender] rsync error: error in rsync protocol data stream (code 12) at io.c(600) [sender=3.0.6] Any attempt to work with mounted directory after that gives this error: Transport endpoint is not connected To get rid of this, I have to remount. Is there a way to force a remount automatically?

  Read the article

• CheckPoint SecuRemote / SecureClient on Vista 64

  - by cliff.meyers

  According to this page, CheckPoint's SecuRemote client is not supported on Vista 64: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit%5FdoGoviewsolutiondetails=&solutionid=sk36681 Unfortunately in working with the systems team they will not confirm if the other two clients (SSL Network Extender or Endpoint Connect) are supported by their environment. Does anyone know if it would be possible to do the following? Install VMware Workstation on my Vista 64 system (host) install a Vista 32-bit OS in a virtual machine (guest) Install SecuRemote VPN client within the guest (Vista 32) Get my Vista 64 machine (host) to use the VPN connection from the guest Any other ideas are more than welcome.

  Read the article

• How to setup anonymous access in WinSSHD

  - by Shrike

  I have a Windows server (Win2008R2) with WinSSHD installed. I need to allow anonymous access to a particular folder on the server. Actually it's a git repositiory for bower registy but it doesn't matter. I want WinSSHD allow me to connect to an endpoint like "ssh://[email protected]/" I've created a virtual user "bower" with password only auth. No keys. But if I leave empty password then WinSSHD doesn't allow connection with error "Incorrect virtual account password". How to setup a SSH access without any authentication?

  Read the article

• How good is PDF password protection?

  - by Tim

  It appears that Word's password protection is not really good, at least until Office 2003, if I read this SU entry correctly. I'm under the impression that Acrobat's PDF password protection should be better (it says 128-bit AES for Acrobat 7 and higher). Is that true? Of course, it depends on the strength of the password used, but assuming I protect my PDF with a password like sd8Jf+*e8fh§$fd8sHä, am I on the safe side? Like, say, for sending confidential patient information - not really valuable, but potentially highly sensitive.

  Read the article

• Restricted blogspot account. Unable to subscribe using Google Reader?

  - by keisimone

  I used blogspot.com and restricted its viewership to just its authors. However I cannot use Google Reader to subscribe to the RSS feed. Is there a workaround? I need to be notified somehow whenever somebody posts to that private blog. I am one of its authors. My blogspot.com allows me to set the readership to just its authors. So that is what I have done. I did not do any password protect settings at all.

  Read the article

• Security question pertaining web application deployment

  - by orokusaki

  I am about to deploy a web application (in a couple months) with the following set-up (perhaps anyways): Ubuntu Lucid Lynx with: IP Tables firewall (white-list style with only 3 ports open) Custom SSH port (like 31847 or something) No "root" SSH access Long, random username (not just "admin" or something) with a long password (65 chars) PostgreSQL which only listens to localhost 256 bit SSL Cert Reverse proxy from NGINX to my application server (UWSGI) Assume that my colo is secure (Physical access isn't my concern for the time being) Application-level security (SQL injection, XSS, Directory Traversal, CSRF, etc) Perhaps IP masquerading (but I don't really understand this yet) Does this sound like a secure setup? I hear about people's web apps getting hacked all the time, and part of me thinks, "maybe they're just neglecting something", but the other part of me thinks, "maybe there's nothing you can do to protect your server, and those things are just measures to make it a little harder for script kiddies to get in". If I told you all of this, gave you my IP address, and told you what ports were available, would it be possible for you to get in (assuming you have a penetration testing tool), or is this really protected well.

  Read the article

• Send individual e-mails to each contact in Gmail?

  - by Robert C. Cartaino

  I'm trying to send an e-mail to a group of contacts in Gmail (200 recipients, no spam). Is there a way to force Gmail to send the e-mail as 200 individual e-mails, each addressed to that specific person in the list? But I'm trying to protect their privacy: Sending to a contact group puts all their e-mail addresses in the To: field. Adding their addresses to the cc: field means everyone can see all the addresses. Adding their addresses to the bcc: field means that no one sees their address (not even their own) in the to: field. That looks odd and seems like that would trigger a lot of spam filters. So how can I force Gmail to send the e-mail addressed specifically to each contact in the list?

  Read the article

< Previous Page | 56 57 58 59 60 61 62 63 64 65 66 67  | Next Page >