Search Results

Search found 30819 results on 1233 pages for 'software security'.

Page 770/1233 | < Previous Page | 766 767 768 769 770 771 772 773 774 775 776 777 | Next Page >

How Do I Disable URL Pre-Pending in the FireFox 3 Title Bar When Opeing A New Window With JavaScript

- by N Rahl

For (understandable) security reasons, Firefox does not allow JavaScript to open a new window without the address/location bar AND without pre-pending the page's URL to the title in the title bar. For example, when you set: <title>My Site</title> in the header, and open the page using location=no FireFox changes the header to read: http://www.mysite.com - My Site - Mozilla Firefox. I would like it to simply say: My Site Everything I've read suggests this behaviour can't be altered with scripting, and as such, this is not a scripting question. What I would like to know is, which setting(s) can I change in the browser itself to disable URL pre-pending to the title of new windows? This is for a company Intranet, and I control all of the computers/browsers that connect to the application.

Read the article
Group policy applied to AD OU attributes

- by Eric Smith

I'm not well-versed in AD, so would like to resolve a question I have with regards to AD information. I understand that it is possible to apply group policy to OU's, thereby restricting access. What I'd like to know is, is it possible to do the same with OU attributes. Some context would help. There's a requirement to store address information in AD (IMO, a natural fit), but for various reasons, although obviously things like name should be globally accessible, access restrictions are desired on the address. In this case, is it possible to apply security to the address portion of the OU attributes, or does each address have to be broken into a separate OU (a solution that feels smelly given that address doesn't have identity)?

Read the article
data replication from a production web server back to the staging web server

- by Dennis Smith

Have two web servers, development/staging and production. Code and some documentation is moved from the staging area to production either through on-demand jobs or nightly via a global replication job. The production server of course sits isolated in a DMZ. There is some content that gets uploaded to the live server that needs to be replicated back to staging. Our security team is locking the network down (and they should) and restricting access to the live server. Best suggestions for replication of "live" data back to "stage" and backing up the live server also.

Read the article
A different interface for the Sql Server Reporting Service?

- by AngryHacker

I have a SQL Server 2005 SQL Reporting Services implementation. It seems that the only way to actually access the reports is for the users to use Internet Explorer. The web page uses an ActiveX control to do its printing (and probably other functions as well). Does SSRS have a different way to access its functionality via the web browser? Like maybe Java or HTML based? If so, how do I actually turn it on? The reason I am asking is because the security is being tightened and ActiveX controls will be banished, thus the users won't be able to print.

Read the article
GDM login screen is not displayed with VNC

- by niboshi

Hi, I set up VNC server with xinetd. Also configured GDM so that XDMCP is enabled. VNC connection seems okay, but GDM login screen is not shown. Instead I can only see old bare X screen (gray meshed background and X-shaped mouse pointer), which I can't do any interaction with it. What can I do to fix the problem? No log is written below /var/log/. Server distribution: Ubuntu marverick /etc/xinetd.d/vnc is like below: service vnc1024 { disable = no socket_type = stream protocol = tcp wait = no user = nobody server = /usr/bin/Xvnc server_args = -inetd -query localhost -geometry 1024x768 -depth 24 -once securitytypes=none port = 12345 } /etc/gdm/custom.conf: [daemon] [security] DisallowTCP=false [xdmcp] Enable=true [gui] [greeter] [chooser] [debug] [servers] /etc/services is also configured. Thanks

Read the article
RAID 10: SPAN 2 vs SPAN 4

- by LaDante Riley

I am currently configuring RAID 10 (first time doing RAID ever) for a server at work. In the Configuration Utility. I am given the option of either span 2 or span 4. Having never done this before, I was curious if someone could tell me the pros and cons of for each span? Thanks The server is a Poweredge r620 with a PERC H710 mini (Security Capable) RAID controller. I have 8 600GB hard drives. I am creating this server as a network storage drive. I have SQL server historian database whose 1TB storage filled up and after 5 years of logging data.

Read the article
cannot connect to MS FTP 7.5 on Windows 2008 on Amazon EC2 instance

- by minerj

I have just installed the MS FTP 7.5 upgrade on my Windows 2008 Server (Service Pack 2) running on an Amazon EC2 instance. In the FTP Firewall Support settings for the server in IIS Manager I have set up the passive port range 45001 - 45005 and also set the External Firewall IP address to match the assigned Amazon Elastic IP address. Using the AWS Console I changed the Security Group for the server to allow access to the server through ports 21 and 45001 through 45005. Using an FTP client (either the command line FTP client or Windows Explorer) on the Amazon server I can connect to the FTP server but I cannot connect with an external FTP client. When I checked to see which ports were open on the server using Shields Up it shows that port 21 is open but ports 45001 to 45005 are closed. I assume I'm missing something. Any help greatly appreciated.

Read the article
AWS RDS Timeout

- by warder57

I know next to nothing about networking/servers. So I'm assuming I'm missing something obvious. All of the resources I can find on this, either don't work or are outdated. I created a brand new AWS account on the free plan. I created a postgres RDS DB instance. I made sure that this RDS instance is set to publicly accessible. This RDS instance has the default VPC/Security Group settings. In order to connect to this DB from my local machine, I used pgadmin3 and followed the instructions provided on the AWS documentation page. Seen here: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ConnectToPostgreSQLInstance.html I've double checked all of the information required to connect: Host: whatever.whatever.us-west-2.rds.amazonaws.com Port: 5432 Username: USERNAME Password: PASSWORD When I try to connect to the database, my connection fails due to a timeout. (During step 4 in the above guide.) Can anyone point me to whatever I am missing? Thanks in advance

Read the article
Need help identiying a nasty rootkit in Windows

- by goofrider

I have a nasty rootkit that not tools seem to be able to idenity. I know for sure it's a rootkit, but I can figure out which rootkit it is. Here's what I gathered so far: It creates multiple copies of itself in %HOME%\Local Settings\Temp with names like Q.EXE, IAJARZ.exe, etc., and install them as hidden services. These EXE have SysInternals identifiers in them so they're definitely rootkits. It hooked very deep in the system, including file read/write, security policies, registry read/write, and possibly WinSock/TCP/IP. When going to Sophos.com to download their software, the rootkit inject something called Microsoft Ajax Tootkit into the page, which injects code into the email submission form in order to redirect it. (EDIT: I might have panicked. Looks like Sophos does use an AJAZ email form, their form is just broken on Chrome so it looked like a mail form injection attack, the link is http://www.sophos.com/en-us/products/free-tools/virus-removal-tool/download.aspx ) Super-Antispyware found a lot of spyware cookies, in the name of .kaspersky.2o7.net, etc. (just chedk 2o7.net, looks like it's a legit ad company) I tried comparing DNS lookup from the infected systems and from system in other physical locations, no DNS redirections it seems. I used dd to copy the MBR and compared it with the MBR provided by ms-sys package, no differences so it's not infecting MBR. No antivirus or rootkit scanner be able to identify it. Most of them can't even find it. I tried scanning, in-situ (normal mode), in safe mode, and boot to linux live CD. Scanners used: Avast, Sophos anti rootkit, Kasersky TDSSKiller, GMER, RootkitRevealer, and many others. Kaspersky reported some unsigned system files that ought to be signed (e.g. tcpip.sys), and reported a number of MD5 mismatches. But otherwise couldn't identify anything based on signature. When running Sysinternal RootkitRevealer and Sophos AntiRootkit, CPU usage goes up to 100% and gets stucked. The Rootkit is blocking them. When trying running/installing HiJackThis, RootkitRevealer and some other scanners, it tells me system security policy prevent running/installing it. The list of malicious acitivities go on and on. here's a sample of logs from all my scans. In particular, aswSnx.SYS, apnenfno.sys and PROCMON20.SYS has a huge number of hooks. It's hard to tell if the rootkit replaced legit program files like aswSnx.SYS (from Avast) and PROCMON20.SYS (from Sysinternal Process Monitor). I can't find whether apnenfno.sys is from a legit program. Help to identify it is appreciated. Trend Micro RootkitBuster ------ [HIDDEN_REGISTRY][Hidden Reg Value]: KeyPath : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg Root : 586bfc0 SubKey : Cfg ValueName : g0 Data : 38 23 E8 D0 BF F2 2D 6F ... ValueType : 3 AccessType: 0 FullLength: 61 DataSize : 32 [HOOKED_SERVICE_API]: Service API : ZwCreateMutant Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS OriginalHandler : 0x8061758e CurrentHandler : 0xaa66cce8 ServiceNumber : 0x2b ModuleName : aswSnx.SYS SDTType : 0x0 [HOOKED_SERVICE_API]: Service API : ZwCreateThread Image Path : c:\windows\system32\drivers\apnenfno.sys OriginalHandler : 0x805d1038 CurrentHandler : 0xaa5f118c ServiceNumber : 0x35 ModuleName : apnenfno.sys SDTType : 0x0 [HOOKED_SERVICE_API]: Service API : ZwDeleteKey Image Path : C:\WINDOWS\system32\Drivers\PROCMON20.SYS OriginalHandler : 0x80624472 CurrentHandler : 0xa709b0f8 ServiceNumber : 0x3f ModuleName : PROCMON20.SYS SDTType : 0x0 HiJackThis ------ O23 - Service: JWAHQAGZ - Sysinternals - www.sysinternals.com - C:\DOCUME~1\jeff\LOCALS~1\Temp\JWAHQAGZ.exe O23 - Service: LHIJ - Sysinternals - www.sysinternals.com - C:\DOCUME~1\jeff\LOCALS~1\Temp\LHIJ.exe Kaspersky TDSSKiller ------ 21:05:58.0375 3936 C:\WINDOWS\system32\ati2sgag.exe - copied to quarantine 21:05:59.0217 3936 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:05:59.0342 3936 C:\WINDOWS\system32\BUFADPT.SYS - copied to quarantine 21:05:59.0856 3936 BUFADPT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:05:59.0965 3936 C:\Program Files\CrashPlan\CrashPlanService.exe - copied to quarantine 21:06:00.0152 3936 CrashPlanService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:00.0246 3936 C:\WINDOWS\system32\epmntdrv.sys - copied to quarantine 21:06:00.0433 3936 epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:00.0464 3936 C:\WINDOWS\system32\EuGdiDrv.sys - copied to quarantine 21:06:00.0526 3936 EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:00.0604 3936 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe - copied to quarantine 21:06:01.0181 3936 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0321 3936 C:\Program Files\AddinForUNCFAT\UNCFATDMS.exe - copied to quarantine 21:06:01.0430 3936 OTFSDMS ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0492 3936 C:\WINDOWS\system32\DRIVERS\tcpip.sys - copied to quarantine 21:06:01.0539 3936 Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0601 3936 C:\DOCUME~1\jeff\LOCALS~1\Temp\TULPUWOX.exe - copied to quarantine 21:06:01.0664 3936 HKLM\SYSTEM\ControlSet003\services\TULPUWOX - will be deleted on reboot 21:06:01.0664 3936 C:\DOCUME~1\jeff\LOCALS~1\Temp\TULPUWOX.exe - will be deleted on reboot 21:06:01.0664 3936 TULPUWOX ( UnsignedFile.Multi.Generic ) - User select action: Delete 21:06:01.0757 3936 C:\WINDOWS\system32\Drivers\usbaapl.sys - copied to quarantine 21:06:01.0866 3936 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0913 3936 C:\Program Files\VMware\VMware Player\vmware-authd.exe - copied to quarantine 21:06:02.0443 3936 VMAuthdService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:02.0443 3936 vmount2 ( UnsignedFile.Multi.Generic ) - skipped by user 21:06:02.0443 3936 vmount2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:06:02.0459 3936 vstor2 ( UnsignedFile.Multi.Generic ) - skipped by user 21:06:02.0459 3936 vstor2 ( UnsignedFile.Multi.Generic ) - User select action: Skip

Read the article
How to setup Database Permissions on SqlServer Express 2008

- by Timo Willemsen

I'm using a code-first approach of using the Entity Framework. When I first run the application it will try to create the database matching my MVC models. However, it doesn't have permission to create it I think. I get the following error: CREATE DATABASE permission denied in database 'master'. What user is trying to access the SqlServer and how can I add it's permissions to let it work? This is the connectionstring I'm using (which should be right...) <add name="ContextDb" connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;initial catalog=ContextDb" providerName="System.Data.SqlClient"/> Cheers

Read the article
google sitemap generator installation selinux

- by adnan

when i trying to install google sitemap generator i received this error Change security context of to system_u:object_r:httpd_modules_t install: WARNING: ignoring --context (-Z); this kernel is not SELinux-enabled Program files successfully copied. ./install.sh: line 488: 14284 Segmentation fault "$DEST_DIR/$BIN_DIR/$DAEMON_BIN" update_setting $update_setting_flags "apache_conf=$APACHE_CONF" "apache_group=$APACHE_GROUP" > /dev/null after choosing the submiting file settings i tried to unistall it & excute this getenforce try again but the same problem when i enter this dir /etc/sysconfig/selinux. it is not contain the selinux file my os centos 6 X86_64

Read the article
Exchange can't send emails with attachments

- by Jack

No one in our organization can send emails with attachments. Emails without attachments go through fine, but if an attachment is included, an error appears in the Server Failures folder under Sync Issues. The error is "The following message had an error and synchronization of it was skipped (0xc0090081)". We are using Symantec Mail Security, which we shut down to try to troubleshoot the problem, and now that fails to load. Any ideas as to what to check? I'm sorry I don't have more complete information, but I'm helping someone try to figure this out. I'm not the admin myself. Thanks.

Read the article
How to give virtual machine access to the Internet, but block from LAN?

- by Pekka

I am setting up a virtual machine using Microsoft Virtual PC in Windows 7. The VM will run a Windows XP. I want to set up a public-facing server in it for web pages, subversion and other things, and instruct the router to port forward any requests to that Virtual Machine. I managed to do that - I assigned the VM to the network adapter, and it is now acting as just another DHCP client - but to increase security I would like to block the VM from the rest of the LAN, so it accepts only incoming connections from the Internet. For this to be effective in case of a compromise, it would have to happen on VM level as far as I can see. Can this be done?

Read the article
cannot connect to MS FTP 7.5 on Windows 2008 on Amazon EC2 instance

- by minerj

I have just installed the MS FTP 7.5 upgrade on my Windows 2008 Server (Service Pack 2) running on an Amazon EC2 instance. In the FTP Firewall Support settings for the server in IIS Manager I have set up the passive port range 45001 - 45005 and also set the External Firewall IP address to match the assigned Amazon Elastic IP address. Using the AWS Console I changed the Security Group for the server to allow access to the server through ports 21 and 45001 through 45005. Using an FTP client (either the command line FTP client or Windows Explorer) on the Amazon server I can connect to the FTP server but I cannot connect with an external FTP client. When I checked to see which ports were open on the server using Shields Up it shows that port 21 is open but ports 45001 to 45005 are closed. I assume I'm missing something. Any help greatly appreciated.

Read the article
cant send using postfix from external ip address

- by daniel

i have postfix set up as a satellite to listen on port 587 i can send email outside fine trough the postfix(ubuntu) box from the local network with no problems when i try to connect to the postfix(ubuntu) box from a external ip and send mail it spits back a 554 5.7.1 Relay access denied error i can telnet to it fine, just cant send mail this is my main.cf : smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no append_dot_mydomain = no readme_directory = no smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = smtp_use_tls = no myhostname = cotiso-desktop alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = mydomainname.com, cotiso-desktop, localhost.localdomain, localhost relayhost = smtp.mydomainname.com mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all inet_protocols = all there is no security set up yet, i'm just trying to get it working first any ideas? thanks in advance

Read the article
Problem installing SSL on centos 5.2 with plesk

- by Haluk

Hello, I'm trying to install an ssl certificate to a dedicated centos 5.2 server. I followed the hosting company's instructions but the ssl is not working. When I try to access my website using https, Firefox gives the following error: uses an invalid security certificate. The certificate expired on 3/13/2010 11:56 AM. (Error code: sec_error_expired_certificate) I'm not sure where the problem is. You should also know that this server has plesk installed, even though I'm not using it, it could potentially be somehow overriding my httpd.conf or ssl.conf. Thanks!

Read the article
How to grant secure access to an untrusted developer to an exisiting virtual host?

- by Margaret Thorpe

Our security policy does not permit ftpd on our servers. Our trusted developers use ftps to access our webservers and they have full access to the server. How do we grant limited access to a single untrusted developer for an existing virtual host. Ive configured rssh to only allow sftp to our untrusted developer, but we dont want him browsing around our other sites. I've investigated chroot, but it seems overly complex and more for restricting access to their home folders. I want to limit access to /srv/www/vhostx/ and below. Whats the best solution?

Read the article
Elastic Load Balancer & SSL termination

- by Aaron Scruggs

I am setting up a Rails app on AWS that: 1) all traffic must ssl encrypted 2) will highly fluctuate in traffic on a weekly basis 3) will by maintained by someone that is a stronger coder than sysadmin, but will be responsible for both I am thinking that SSL termination on an elastic load balancer backed by small ec2 instances running nginx and unicorn A small subset of the requests will take longer than 10s, because of this I am also debating using 'thin' instead of 'unicorn'. My question is this: Is this sane? I am stepping into a quagmire of cost, maintainability, security or performance problems?

Read the article
Sun Java keytool importing EV certificates into a single keystore

- by ss0

At my current job we are using tomcat, customers have custom web portals setup on their own local machines. EV certs are new to me, they have 2 part intermediary and a primary certificate. For our product to work it appears I need to get all three parts installed under a single keystore entry. How can I roll all three parts into a single x.509 compliant file for import? They syntax I am using is as follows: /blah/system/j2sdk/bin/keytool -import -alias foo -keystore /zix/system/jdk1.5.0_06/jre/lib/security/cacerts -file certname.pem -trustcacerts where foo = the keystore name and certname.pem is the main cert. I have tried importing the intermediate certs under their own names into the keystore and I don't know if it's just the product I have to work with (not vanilla tomcat) or what but it doesn't see those. I have seen a working system and all three certs were under the single keystore alias. Anyone have any ideas?

Read the article
Redhat 6 gui installation VS kickstart gives me different packages?

- by jonaz

If i do the graphical install and select basic server + aide and screen i get a system with 535 installed packages. If i look at the /root/anaconda-ks.cfg file in that freshly installed system i see: %packages @base @console-internet @core @debugging @directory-client @hardware-monitoring @java-platform @large-systems @network-file-system-client @performance @perl-runtime @security-tools @server-platform @server-policy @system-admin-tools pax python-dmidecode oddjob sgpio certmonger pam_krb5 krb5-workstation nscd pam_ldap nss-pam-ldapd perl-DBD-SQLite aide screen If i then install a NEW system using a kickstart only containing those packages i get 620 installed packages. So basicly my question is why does the system install almost 100 more packages when using kickstart compared to the GUI installation when the exact same packagegroups are selected?

Read the article
How to authenticate users in nested groups in Apache LDAP?

- by mark

I've working LDAP authentication with the following setup AuthName "whatever" AuthType Basic AuthBasicProvider ldap AuthLDAPUrl "ldap://server/OU=SBSUsers,OU=Users,OU=MyBusiness,DC=company,DC=local?sAMAccountName?sub?(objectClass=*)" Require ldap-group CN=MySpecificGroup,OU=Security Groups,OU=MyBusiness,DC=company,DC=local This works, however I've to put all users I want to authenticate into MySpecificGroup. But on LDAP server I've configured that MySpecificGroup also contains the group MyOtherGroup with another list of users. But those users in MyOtherGroup are not authenticated, I've to manually add them all to MySpecificGroup and basically can't use the nested grouping. I'm using Windows SBS 2003. Is there a way to configure Apache LDAP to do this? Or is there a problem with possible infinite recursion and thus not allowed?

Read the article
I can not watch any videos on youtube

- by hamed

I can not watch any videos on Youtube with any browser ( Chrome 20 , Firefox 13 , IE 8 ). I get this error An error accurred. Please try again later. My OS is Windows 7 (32bit) and the antivirus is zonealarm extreme security 10.1.079.000 . I installed flash player 11 but no success. I exited zone alarm to watch video, but no success again and error is the same. I don't know what's the problem . I searched a lot but didn't find the problem. I'd appreciate any idea.

Read the article
Sharing a wifi connection between different user profiles on Windows XP

- by crowne

I've set-up two separate user profiles on an old laptop running Windows-XP, and noted the following strange behaviour. When the wireless network is setup using WEP both user profiles can connect to the internet and I can switch between user profiles, without network connectivity issues. However when I changed the wireless security to WPA2, the first user to connect gets access to the internet, when switching to the second profile the connection fails. The behaviour is the same regardless of which of the two profiles logs on first. I also tried this with one user with admin rights and one without, and got the same result. I'm not too concerned about a fix for this other than forcing the users to log-off when sharing the laptop, but I'd be interested to know if anyone can corroborate my findings. The network config was done using Intel® PROSet/Wireless.

Read the article
how to connect public web server to internal LAN

- by DefSol

I have a VPS which is my public web server for all my clients. It's running server 2008 and I would like to have it connect via secure connection to my internal LAN. I would like this to be a route so access is bi-derectional. Have read about Server & Domain isolation, but am concerned this may prevent public views to the webs sites on the server. I currently have a PPTP tunnel, but I'm wanting better security (IPSec or SSL etc) and it's not given my bi derectional access. (In fact my backups aren't copying accross but this could be an acl issue) The goal is to provide easy/automated backups of data & sql db's to my internal LAN, as well as a means to provision new sites & db's from a workflow occuring internally. Internal lan is windows based with ISA 2006 at the perimeter. Thanks

Read the article
Are there any sFTP clients that support a proxy that uses NTLM authentication?

- by Iraklis

The title pretty much summarizes the question. We have deployed an sFTP server that needs to be accessed from our client's MS Windows Pc's that reside within a restricted local area network. The only way they can get out for their Intranet is to use an HTTP proxy that requires NTLM authentication. From what I understand all open-source sFTP clients (FilleZilla,WinSCP,etc) do NOT support NTLM authentication (Because of legal issues). I know that there are workarounds to this (installing a local proxy at the machine that understands NTLM) but this would break all sorts of security policies of our client. So my question is : Does anyone know of any sFTP client that supports a NTLM Proxy?

Read the article

< Previous Page | 766 767 768 769 770 771 772 773 774 775 776 777 | Next Page >