Search Results

Search found 3707 results on 149 pages for 'secure'.

Page 85/149 | < Previous Page | 81 82 83 84 85 86 87 88 89 90 91 92 | Next Page >

How do I backup Credentials Manager passwords (Windows 7)

- by Andrew J. Brehm

I am trying to create a backup of my stored passwords in Credentials Manager. But after Windows switches to the secure desktop to get the password for the backup file it simply announced that "Your stored logon credentials could not be backed up" and gives as explanation "Element not found", neither of which is helpful. (In fact I hate the "X could not Y" type of error message). I am an administrator on the machine and there is only one password in Credentials Manager. The sole point of the backup is to create a nearly empty Credentials Manager so that I don't have to delete manually hundreds of password entries every time I have to change my domain password. (I think Microsoft haven't throught this through properly. There appears to be no way to delete more than one entry at a time.) Any ideas?

Read the article
Simple, user friendly and strong file encryption in Windows

- by Adam Matan

I want a colleague of mine to send me a sensitive MS-Word document via e-mail. Since Word's encryption is questionable, I would like to encrypt the file using a passphrase. Do you know of any user-friendly encryption tool that a novice user can easily use? I wouldn't like to prompt for keys or anything like this - just provide simple interface for single file encryption. EDIT: I have solved this using Putty Secure Copy, through a Linux box I have somewhere. The user downloaded scp to the same directory where the file was, and I have send him the exact scp command by mail. Nice! Another Edit I have some additions (mainly the usage of winscp and perhaps virtual machines). My detailed answer appears below, as requested in comments.

Read the article
Is it possible to re-lock a bitlocker drive?

- by Sean Edwards

I'm running a partition with bitlocker on a Windows 7 Ultimate machine, which contains secure data that I have to recover infrequently. Unlocking it to access the data is obviously no problem, but is there a way to re-lock the partition when I'm done? The best I've found so far is this: http://social.technet.microsoft.com/Forums/en-US/w7itprosecurity/thread/41607938-7452-440d-8253-67fe8657bc0f Currently I have a .bat script on that drive that I can run as administrator, and that re-locks the drive, but it feels like kind of a hackish solution. Does anyone have anything better? Any idea when Microsoft might release a fix for this?

Read the article
Erase all traces of Windows 8

- by user1032531

Just bought a new HP pavilion desktop with Windows 8. I wish to totally remove Windows 8 and all data on the hard drive, remove any windows partitions, delete all data, and then install a fresh Linux. Problem is I can seem to get to boot from USB or boot from CD. It appears that Windows 8 added the following two "features": UEFI which substitutes what we have known as the BIOS Secure Boot which prevents anything but the installed operating system How do I completely and totally erase all traces of Windows 8? Is it still possible to reformat the hard drive? I don't want a duel boot, I don't want to go back to Windows 7, I just want anything Windows gone.

Read the article
What are the challenges when my enterprise desires to move the processing component of an applicatio

- by Berkay

Assume that i have an enterprise accounting application that consists of a front-end interface, a processing tier, and a back-end database. This is an application that contains private business data, and thus is traditionally run in a secure private network environment within the enterprise. What are the challenges that appear when my enterprise desires to move the processing component of this application to a cloud computing data center in order to achieve greater scalability or to reduce IT costs ? Pls note: do i have to make significant changes to my own infrastructure to enable external access to formerly private resources? do i have to modify the application code to handle new network topology ? thanks, if you give your answers in a simple manner, really appreciated.

Read the article
Window Servers 2003 Security After Support Lifecycle

- by Daniel Fukuda

Hello, I wanted to ask if let's say that Microsoft has stopped supporting Windows Server 2003 now so there is no any security updates and I use that system for Domain Controller (Windows XP/7 Professional Clients) and File Server only + I'm using ESET NOD23 AntiVirus. Will my system be secure? I'm asking because I don't surf internet on that system nor I will install/open any programs/documents and that server is connected to router without any open ports. "On July 14, 2015, all Windows 2003 support, including security updates and security-related hotfixes, will be terminated."

Read the article
Linux or Windows for a server?

- by Matt

I'm a Linux guy when it comes to (web) servers for the following reasons Legally free Fast software updates (Unless you're running Cent OS :) Powerful CLI management of services Easy to secure (in terms of users and groups) Web server software is, well, built for Linux... Apache, PHP, Python, etc, are Linux programs that get ported to Windows - I'm 90% sure of this Unless the web server needed to run ASP, I wouldn't use Windows. My boss' IT friend is a Windows guy, though. He recently got a server setup in the office to run Microsoft Exchange and some other shit. What I'm asking is, if he wanted to start running websites on this thing, what would be good reasoning to convince him otherwise? He's not very bright in terms of IT and the IT friend is all Windows. So it's two against one here... What would you say to running a Windows web server?

Read the article
Database/Web Server and SQL Server Setup - Security?

- by Jess

This seems really basic, but I couldn't find an answer already ... we are looking to deploy a website to an IIS server, and a database to a separate server. We aren't sure how to best secure this for access by internal users and internet. The IIS Server is not connected to the domain, and neither is the database at the moment. Should it be? Also, if we use SQL Server authentication instead of Windows Authentication, should we just hard-code the user/password into our internal apps?

Read the article
CentOS / Redhat: Give file permission for apache and vsftp

- by paskster

I use CentOS 5.5 and Apache Webserver on my dedicated Server. My Folder "/var/www/myWebApp" is owned by apache, so that apache can read, write logs, etc.. But now I would like to use very secure FTP (vsftp) to upload my new files. I used to give every user rwx -Acess to "/var/www/myWebApp", but I guess this is way to insecure. On CentOS I created another user "ftpuser" for uploading files and that has "/var/www/myWebApp" as its home directory. How can I give him the permission to write into the "/var/www/myWebApp" without giving every user the same rights?

Read the article
Anonymous user with proftpd on fedora

- by stukerr

Hi there, I am trying to setup an anonymous user account on our server to enable people to downlaod technical manuals for our products etc. and I would like this to be as secure as possible! I was just wondering if anyone knew a series of steps that will allow me to create an anonymous ftp account linked to a directory on the server that enables download only ? Also how could i make a corresponding ftp account with write priviledges to this account to allow people within our company to upload new files ? Sorry i'm a bit new to all this! Many Thanks, Stuart

Read the article
Why does a browser dialog come up when an xmlhttprequest sends the wrong / no auth?

- by Kyle

How come the major browsers all bring up a login dialog when an xmlhttprequest does auth wrong or doesn't send it? I mean isn't this poor UI? Now a days it seems like a lot of people try http auth in jQuery, because theoretically it is quite easy - until the user fails to enter the correct data and is presented with the browsers dialog, which gets in their way, and they might have no idea what to do with it or why it's there? I don't know too much about these low level browser specifications but can someone bring this up with the RFC or webkit/gecko developers? jQuery digest auth could be powerful and user friendly if this was fixed. ** It seems like apache could also fix the problem on their side by not sending the header, but whichever one is the most secure way of doing this would be nice.

Read the article
I'm receiving an SSL error in various browsers, but I can't find non-SSL content

- by Scott Vercuski

I'm receiving an error with my SSL connection. Using google chrome I see the following error: Your connection is encrypted with 128-bit encryption ... however this page includes other resources which are not secure I've scoured the source code, scripts and rendered code in the browser but cannot find where an http:// call is made. I've also used Fiddler2 to examine the traffic and everything is coming across via HTTPS. Has anyone run into this issue before and if so how did you go about finding the culprit. The website is running ASP.NET MVC3 in C#. The page in question is a simple payment page. The only external call is the google analytics tracking code. The page appears to load correctly, all images and scripts are in place.

Read the article
DD-WRT login does not work on Linux in Virtualbox

- by superuser

I am running on Windows 8 and installed Lubuntu 13.04 in VirtualBox. I cannot login to DD-WRT in Virtualbox. I can login to DD-WRT on Windows 8. I have used the same credentials and tried many times, but to no avail. How can I login successfully to DD-WRT in VirtualBox? I have even tried searching on the Internet but I could not find any relevant solutions. Additional Information: Using Chromium ( I have tried it on Firefox and it does not work ) Enabled secure shell: but it still does not work. If you require more information, please kindly make a comment below.

Read the article
unwanted password prompt pops up on web server?

- by Paul

my web server randomly asks for a password as though basic authentication is turned on. It's an IIS 7 web server and you have to specifically install basic authentication in the roles section. It isn't installed. The message that pops up is "Warning: This server is requesting that your username and password be sent in an insecure manner (basic authentication without a secure connection)" I cannot reproduce the problem but a number of customers have reported the problem and it only seems to appear to a small number of customers. It pops up when they visit the homepage, nothing is generated by the IIS logs to indicate a password box is being served (e.g. no 401 errors etc) Can anyone offer any advice? Thanks

Read the article
Why is autologon in Windows 7 a security risk

- by Phenom

If I set my Windows 7 account to automatically logon so I don't have to type a password, and I don't have to click my username on the logon screen, I heard it's a security risk. From Windows 7 Auto Login: Although I don’t personally recommend this, there are some people out there who don’t want to bother with using a password to protect their Windows user account. Of course, using a password in Windows isn’t required, only suggested. But even if you don’t fill one in, you still have to click your user icon to start the login process. An easier way - although again much less secure - is to enable auto-logins for your Windows PC. This is possible in Windows 7, as it was in prior versions, but it takes a little finagling to do so. (And for good reason, darn it.) What is risky about it besides people being able to logon locally? Does it make it easier for hackers to logon remoately?

Read the article
CentOS PAM+LDAP login and host attribute

- by pianisteg

My system is CentOS 6.3, openldap is configured well, PAM authorization works fine. But after turning pam_check_host_attr to yes, all LDAP-auths fail with message "Access denied for this host". hostname on the server returns correct value, the same value is listed in user's profile. "pam_check_host_attr no" works fine and allows everyone with correct uid/password a piece of /var/log/secure: Sep 26 05:33:01 ldap sshd[1588]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=my-host user=my-username Sep 26 05:33:01 ldap sshd[1588]: Failed password for my-username from 77.AA.BB.CC port 58528 ssh2 Sep 26 05:33:01 ldap sshd[1589]: fatal: Access denied for user my-username by PAM account configuration Another two servers (CentOS 5.7 Debian) authorizes on this LDAP server correctly. Even with pam_check_host_attr yes! I didn't edit /etc/security/access.conf, it is empty, only default comments. I don't know what to do! How to fix this?

Read the article
Implementing a form of port knocking + Phone Factor = 2 Factor auth for RDP?

- by jshin47

I have been looking into how to secure a publicly-available RDP endpoint and want to implement our two-factor authentication RADIUS server, PhoneFactor. I would like to implement the following process: User opens up web app in browser In web app, user enters username + password, initiates RADIUS auth Phone factor calls user to complete auth Once user is authenticated, port 3389 is opened on user's IP on pfSense firewall. After some amount of time, firewall rule is removed for that IP I would like to know the following: Is this a typical setup? If it is a bad idea, please explain why. If it is possible, are there any packages that assist with this? Specifically, the third step, where the appropriate firewall rule would need to be added... Edit: I am aware of TS Web Gateway, but I want the users to be able to use the traditional RDP client...

Read the article
Using mod_wsgi with mpm_itk: socket permission issue

- by djechelon

I'm using mod_itk as MPM for increased security in shared environment. I also have a Firefox Sync Server within one of the VHosts I host. That vhost is restricted to a certain user via AssignUserId user group. The problem is that the socket /var/run/wsgi...whatever.sock is chmodded srwx------ and owned by Apache's wwwrun. While I configured the vhost with WSGIProcessGroup sync WSGIDaemonProcess sync user=djechelon group=djechelon processes=1 threads=5 I still get the error that Apache wants to access a socket that is not accessible and because of this gets an error. Is it possible to configure mod_wsgi in order to create different sockets with different owners for different applications or to chmod its socket in a different way (less secure)? Currently, I'm running Firefox Sync as the only WSGI application. Moving it to a vhost that doesn't AssignUserId could solve this problem but will force me to change URL (and buy an additional SSL certificate), so I wouldn't consider this

Read the article
fail2ban and denyhosts constantly ban me on Ubuntu

- by Trey Parkman

I just got an Ubuntu instance on Linode. To secure the SSH on it, I installed fail2ban (using apt-get), but then had a problem: fail2ban kept banning my IP (for limited durations, thankfully) even though I was entering the correct password. So I removed fail2ban and installed denyhosts instead. Same problem, but more severe: It seems like every time I SSH in, my IP gets banned. I remove it from /etc/hosts.deny, restart denyhosts and log in again, and my IP gets banned again. The only explanation I can think of is that I've been SSH-ing in as root (yes, yes, I know); maybe something is set somewhere that blocks anyone who SSH-es in as root, even if they log in successfully? This seems bizarre to me. Any ideas? (Whitelisting my IP is a temporary fix. I don't want to only be able to log on from one IP.)

Read the article
windows 7 file permission problem

- by user20989

i download one zip folder and extract it in windows 7. after extracting it shows file names with green color. now when i try to open any file, it give error access denied. even i set the permission on that file for full control, same error is coming. if i extract same folder in windows vista or xp no error. actually attribute of file is AE and when i right click on file and then select properties-- general-- advance -- encrypt contents to secure data is selected. if uncheck this option i can't apply it again gives error permission denied. Thanks

Read the article
Industry Standard DNS & Authentication?

- by James Murphy

I'm just curious as to what is considered industry standard when it comes to doing DNS and authentication on an environment with mainly linux machines? Do people use Windows DNS & Windows AD to do it all if they have at least one windows server (well - alot might, but should they)? Does ANYONE use hosts files or local only user accounts on each server? What would people like Facebook/Google use for their DNS and authentication on their servers? We have an environment where we have about 10-15 linux servers and 1-2 windows servers. We are currently using Windows AD and Windows DNS but it doesn't seem like it's the most secure/stable/scalable way to do it for a mainly linux environment? We use RHEL as our linux environment.

Read the article
Multiple client connecting to master MySQL over SSL

- by Bastien974

I successfully configured a MySQL replication over SSL between 2 servers accross the internet. Now I want a second server in the same location as the replication slave, to open a connection to the master db over ssl. I used the same command found here http://dev.mysql.com/doc/refman/5.1/en/secure-create-certs.html to generate a new set of client-cert.pem and client-key.pem with the same master db ca-cert/key.pem and I also used a different Common Name. When I try to initiate a connection between this new server and the master db, it fails : mysql -hmasterdb -utestssl -p --ssl-ca=/var/lib/mysql/newcerts/ca-cert.pem --ssl-cert=/var/lib/mysql/newcerts/client-cert.pem --ssl-key=/var/lib/mysql/newcerts/client-key.pem ERROR 2026 (HY000): SSL connection error It's working without SSL.

Read the article
FTP in DMZ, TCP Ports for LDAP Auth

- by sam

szenario: (outside)---(ASA5510)---(inside) -Windows2008 DC .....................(dmz) ..........-Win2008 FTP Server Which Ports do I need to open from DMZ-Inside that FTP Users can authentificated on the Inside DC? I have allready opend 389 (Ldap), 636 (secure Ldap) and 53 (dns). But the ftp Client stucks allways after processing the credentials and the FTP Server gives you an eventlog "logon error". the error messages indicates that there could be an issue with closed ports. if I turn the ACL to "IP", that means all ports are open, everything is working fine.

Read the article
Does anybody wish to help a poor researcher publish a paper?

- by Mihai Todor

I don't know if this is a good place to beg for help, but here it goes: basically, I need to run a secure recommender system simulation (C++ console application) in order to meet tonight's deadline, and the faculty's server grid decided to go offline. I could really use something like 10+ (actually, about 16 would be required to meet the deadline) virtual instances of some Linux that has GMP installed... Ideally, they should all have the same specs, because a part of the simulation will represent performance benchmarks. If my question is inappropriate in any way, I kindly ask the administrators to remove it.

Read the article
Ubuntu Startup xsp4

- by Chin Ye

when i type in terminal command are working fine root@syscomp:/var/www/WebSite2# xsp4 xsp4 Listening on address: 0.0.0.0 Root directory: /var/www/WebSite2 Listening on port: 9000 (non-secure) Hit Return to stop the server. but i m using script in /etc/init/GPS_WebSite.conf when the script are running fine, but not running in background when the script run one time and then closed, that is why my mono server are not running all the time, this is my GPS_WebSite.conf script, what i need to change to be running forever in background? start on login-session-start script exec > /tmp/debug-my-script.txt 2>&1 sleep 10 cd /var/www/WebSite2 xsp4 end script

Read the article

< Previous Page | 81 82 83 84 85 86 87 88 89 90 91 92 | Next Page >