Search Results

Search found 3707 results on 149 pages for 'secure'.

Page 89/149 | < Previous Page | 85 86 87 88 89 90 91 92 93 94 95 96 | Next Page >

Restrict VPN Clients to VPN Server

- by Sprotty

I've setup a VPN server using Debians pptpd. This all works, but I want to restrict incoming connections so they can only access ports on the VPN server and not get access to other machines on the VPN servers local network. I'm guessing this is a firewall rule? but i'm new to linux so am struggling a bit... ---- Additional info ----- The VPN Server is also hosting an SVN server, which is its real purpose, and the only service I want it to expose to incoming connections. I guess I could expose the SVN server directly, but I'm not confident that I could secure this correctly, so a VPN seemed to give an additional layer of security.

Read the article
How to build a private Wi-Fi Network server with VMware?

- by Maarten Schermer

For a school project, we have to build a Private network with VMware vSphere , which we can connect to with a Username and Password. On the network we want to create a folder for each Useraccount. Also we must have add a few groups (Admin,Customer,Manager). We must be able to connect to our network via the school Wi-Fi. We want to build a safe and secure network, with an easy way to access the network. Do you have any tips on how to approach this?

Read the article
Top ten security tips for non-technical users

- by Justin

I'm giving a presentation later this week to the staff at the company where I work. The goal of the presentation is to serve as a refresher/remidner of good practices that can help keep our network secure. The audience is made up of both programmers and non-technical staff, so the presentation is geared for non-technical users. I want part of this presentation to be a top list of "tips". The list needs to be short (to encourage memory) and be specific and relevant to the user. I have the following five items so far: Never open an attachment you didn't expect Only download software from a trusted source, like download.com Do not distribute passwords when requested via phone or email Be wary of social engineering Do not store sensitive data on an FTP server I have two questions: Do you suggest any additional items? Do you suggest any changes to existing items?

Read the article
SFTP: How to keep data out of the DMZ

- by ChronoFish

We are investigating solutions to the following problem: We have external (Internet) users who need access to sensitive information. We could offer it to them via SFTP which would offer a secure transport method. However, we don't want to maintain the data on server as it would then reside in the DMZ. Is there an SFTP server that has "copy on access" such that if the box in the DMZ were to be compromised, no actual data resided on that box? I am envisioning an SFTP Proxy or SFTP passthrough. Does such a product exist currently?

Read the article
Our company claims that the DLP system can even monitor the contents of HTTPS traffic, how is this possible?

- by Ryan

There is software installed on all client machines for DLP (Data Loss Prevention) and HIPAA compliance. Supposedly it can read HTTPS data clearly. I always thought that between the browser and the server, this was encrypted entirely. How can software sneak in and grab this data from the browser prior to it is encrypted or after it is decrypted? I am just curious as to how this could be possible. I would think that a browser wouldn't be considered very secure if this was possible.

Read the article
USB-keyboard & mouse powered off in windows-7

- by sinned

I have a problem with a pc where usb devices are not getting any power as soon as windows starts up (it works in preboot). This pc has no ps/2, so there is no chance for input, also not in secure boot mode. I "tidied up" using sysinternals autostart, so there is a chance I messed something up here, although I'm quite sure I only deleted some old printer drivers from autostart. I do not know how to reset this, I cant even log in because there is no input possible. I could use a linux live cd, but I don't know what to do there because there is no sysinternals from linux into a not running windows... To make things even worse, I have the windows installation completely encrypted with truecrypt, so I haven't even tried windows recovery cd yet. There is no loss of data since I can access the disc with a live-linux, I only want to use it again without resetting up everything. Any suggestions?

Read the article
Setting up SSL on Nginx, Passenger, Sinatra

- by 12preschph

I have a Sinatra app that runs both on locally and on Heroku. When visiting my site over HTTPS across Heroku, it will indeed work as Heroku provides this by default. How can I set up SSL to work on my localhost machine? I will enable my Sinatra app to only allow secure connections so I need to test this both in development and production. Currently, I am running the following locally: SERVER= nginx/1.6.0 + Phusion Passenger 4.0.42 Also, where is my nginx folder? I don't have it installed in the normal location (Ubuntu) so this must come custom with Passenger?

Read the article
Is WEP used in conjunction with a wireless access list adequate security?

- by LeopardSkinPillBoxHat

I use a Netgear wireless router, with various wireless devices connecting to it. One of my wireless devices doesn't support WPA2 security, so I had to downgrade the security on the router to WEP. We all know WEP is broken, so as an added measure I enabled a wireless access list on the router so that only devices with specified MAC addresses which are in my access list are permitted to connect to the router. I know it is possible to spoof a MAC address from a device for the purposes of accessing a secure network like this. But is it easy? Is using WEP and a wireless access list good enough to prevent most hacking attacks? Or should I do whatever I can to ensure all devices support WPA2 in the future?

Read the article
What kind of SSL certificate do I need?

- by Christoffer

Hi, I want to install HTTPS on my server and I wonder what kind of certificate I will need and where I can buy it. The site is a web application that demands high security by it's users since they store sensitive business data. I am also integrating a third party payment gateway into the register process of the site and need a secure way to send credit card data one way. I do not intend to store this data in our own database. So, what do I need? And also, how do I install it on Ubuntu Server 9.10 / Apache2 ? Cheers! Christoffer

Read the article
OMG. Is Webmin safe? I can see file codes in Chrome browser without login

- by Arwana

When Im in File Manager of Webmin, I can double click and see the codes of the files in new tab in Firefox with its specific URL. But when I remove ?rand=xxxx... after the file.php and paste the URL in Chrome browser, I still can see the codes. This is the URL I just pasted in the Chrome browser http://xxx.xxx.xxx.xxx:10000/file/show.cgi/var/www/html/mysite.com/files/file.php And then, I logout of webmin, and I change the file.php with other file, I can see the codes. OMG. Is Webmin safe? and how to secure this?

Read the article
How ssl is usually set up on shared hosting (newbie question)?

- by spirytus

I am quite unclear on how ssl is usually set up on shared hosting. I have account with justhost.com and they provided me with public_html folder and (its sibling) ssl folder. When I create ssl certificates via cPanel it appears in SSL folder. Now, where I should put my html files to be accessible via https:// rather than http? normal files go into public_html (I figured this out ;) what about secure bunch? Also how can I specify that secured folder shouldn't be the ssl folder (if its the one in fact) but rather some other folder I specify? Is it possible at all with shared hosting? Thank you all for your help, I googled for hours and still am heavily confused as you see :)

Read the article
Web Server Users - Best Practice

- by Toby

I was wondering what is considered best practice when several developers/administrators require access to the same web server. Should there be one non-root user with a secure username and password unqiue to the web server which everyone logs in as or should there be a username for each person. I am leaning towards a username for each person to aid in logging etc however then does the same user keep the same credentials over several servers, or should at least their password change depending on the server they are on? Should any non-root user of the system be added to the sudoers file or is it best practice to leave everyone off it and only let root perform certain tasks? Any help would be greatly appreciated.

Read the article
Web Server Users - Best Practice

- by Toby

I was wondering what is considered best practice when several developers/administrators require access to the same web server. Should there be one non-root user with a secure username and password unqiue to the web server which everyone logs in as or should there be a username for each person. I am leaning towards a username for each person to aid in logging etc however then does the same user keep the same credentials over several servers, or should at least their password change depending on the server they are on? Should any non-root user of the system be added to the sudoers file or is it best practice to leave everyone off it and only let root perform certain tasks? Any help would be greatly appreciated.

Read the article
File sometimes doesn't download from my website

- by kylex

When I attempt to download this file, sometimes it only downloads about 700KB (the file is 40MB) then I get the message that the download is complete. If I try to download the file again, it works properly. The problem seems prevalent in IE, although I've had it happen in Chrome sometimes too. I have the following code: <input type="button" value="Agree to Terms and Download" onClick="location.href='/downloads/setup.exe';" /> If it matters, this is over a secure connection. I also tried zipping the file, and had the same issues.

Read the article
Black screen during startup

- by Juanillo

Hello, I've got a friend with a weird problem. When he starts his computer the screen is completely black untile the computer is completely started. So the screen is black until it suddenly shows the windows desktop. He said that this is happening since a technical service repaired his computer, but that repairment is not now in warranty. Recently the computer stopped working, but as the screen is black he cannot access to Bios or to secure start-up (by pressing F8). When he inserts the Windows Vista DVD the system doesn't boot from DVD (it musn't be configured in this way in the Bios.) Maybe there´s a problem with the hardware (maybe the graphic card). Can anyone explain a reason why the screen is black during start-up? Any idea of what to do with the computer to restore it? Thanks.

Read the article
Allowing users in from an IP address without certificate client authentication

- by John

I need to allow access to my site without SSL certificates from my office network and with SSL certificates outside. Here is my configuration: <Directory /srv/www> AllowOverride All Order deny,allow Deny from all # office network static IP Allow from xxx.xxx.xxx.xxx SSLVerifyClient require SSLOptions +FakeBasicAuth AuthName "My secure area" AuthType Basic AuthUserFile /etc/httpd/ssl/index Require valid-user Satisfy Any </Directory> When I'm inside network and have certificate - I can access. When I'm inside network and haven't certificate - I can't access, it requires certificate. When I'm outside network and have certificate - I can't access, it shows me basic login screen When I'm outside network and haven't certificate - I can't access, it shows me basic login screen and following configuration works perfectly <Directory /srv/www> AllowOverride All Order deny,allow Deny from all Allow from xxx.xxx.xxx.xxx AuthUserFile /srv/www/htpasswd AuthName "Restricted Access" AuthType Basic Require valid-user Satisfy Any </Directory>

Read the article
Is it possible to hide the SSID of the Windows 7 soft AP

- by Goro

I know it is possible to create a sofware AP in windows 7 using command prompt: netsh wlan set hostednetwork ... But is it possible to set such a network not to broadcast its SSID? I realize that this does not gain any security - or may even make the system more secure, but I am not asking about security here. I want to know if it is possible, through the netsh command interface, to hide the SSID. If my client wants to hide the SSID, then I will make them aware of security implications, but in the end it is their decision.

Read the article
Do superuser things with normal user

- by OrangeTux

I want to secure the SSH access to my server. One thing I read everywhere is to disable the root user login. To still have access via SSH I created another user via sudo adduser john How can I still do root things with this account? sudo command asks for a password of the user but gives john not in sudoer file. Action will be reported. When I use su I log in as root which I'm going to disable. How can I stil do root things with the normal account john?

Read the article
how to make SFTP work on Windows

- by cyberkiwi

What is the correct way to set up sshwindows for SSH key authentication? Does the user need to be created in Windows first or can a login be inserted into passwd without a Windows equivalent? I've searched on Google and have tried the tutorials and quick start guides. So far, exactly 0 have worked. None pointed out that to work in Windows 2008 R2, you need to change the properties of cygrunsrv.exe to "Windows XP SP3" compability mode to even get past the service startup "error 1067". Although it is running, no amount of configuration allowed me to log on to the SFTP server, even though I tried (from another machine): same user account added using "mkpasswd" + windows password same user account added using "mkpasswd" + public ssh key (added to /home/theuser/.ssh) On Windows 2003 R2 (a different attempt), the service would crash every time it started up. Some links I went through http://pigtail.net/LRP/printsrv/cygwin-sshd.html http://forevergeeks.com/how-to-setup-a-secure-ftp-sftp-site-with-openssh-on-windows/ http://support.moonpoint.com/os/windows/server2003/openssh-service-not-starting.html

Read the article
Amazon EC2 firewall rules & VPN connections

- by John

I'm moving from Rackspace to Amazon EC2. One thing I like about our Rackspace setup is that it is extremely secure. The MySQL box can only be accessed via internal IPs, and we have a Cisco VPN firewall that allows us to dial in remotely and access port 3306 as though we were on the internal network. I'd like to figure out how to replicate this setup with EC2. How can I make the MySQL box so that port 3306 can only be accessed on the internal network? What about the VPN piece of things? I know Amazon has the VPC service, but it seems like that's for the purpose of connecting to an existing network. I don't have an existing network. I want to essentially create one inside Amazon and connect to that. What are my options? Any good tutorials on how to get started? Thanks in advance for your help

Read the article
Standalone server setup for compute capacity

- by mikera

I'm developing an application for my company that will require a lot of compute capacity (running some very big mathematical calculations), and looking for some form of server setup to do this. For various reasons, we want to run this on-site in our office rather than hosting it externally. It's been a while since I last had to set up my own servers so I thought I would tap into the collective wisdom of serverfault! My broad requirements are: Budget $30-50k, with an aim to get as much compute capacity as possible for that budget 64-bit servers suitable to run Ubuntu Linux + Java Some relatively standalone rack that can be installed in secure office space Fast/low latency network connections between the servers, but don't really care about connectivity to the outside world Storage capacity shared between the servers - they don't necessarily need their own storage providing they can be booted from a common image Downtime can be tolerated (since the calculations are run in batch mode) The software itself is fault-tolerant, so there is no need for extra resiliency in the server setup (cheap replaceable commodity parts will be fine in general) Given these requirements what kind of setup would you recommend and why?

Read the article
Ownership/permissions of uploaded files

- by Cudos

Hello. I want to find out if I am on the right track. My script uploads files to the directory "images". The directory has this setup: owner/group = www-data Permissions = 700 Questions: Is this a good way to secure the directory from a hacker uploading files? Will the hacker be able to upload the files directly to the directory? Note: I have a bunch of other security measures in my upload script + an .htaccess script in the directory that disables script Execution. I just what to know if the permissions on the directory is sensible. I run apache 2.2

Read the article
Best blog package/platform (java, php etc)?

- by user50912

Hi Folks, I want to set up a blog, but I want it to reside on a URL I've bought, I also don't want any of the ads and such that sit around other blogs on blog specific sites like blogspot and generally want more control. I was thinking of getting shared hosting with mysql and such to get it going (as opposed to a VM which would be overkill). Then I just need to decide on the easiest quickest (and most secure) way of getting something up there. After some googling, I see b2evolution.net which sits on php, or Apache Roller, which seems to sit on Java. Could anyone offer any advice on whats my best approach here? Are there security concerns with either or has anyone any experience in this area? I really want setup time to be minimal, so I can concentrate of the feel of the blog rather than whats under the hood. Many Thanks.

Read the article
3 Root accounts in MySQl database

- by hairbymaurice

Hello, I have managed to get mySQL running under Ubuntu 8.10, I am now diligently trying to secure the database and am adding passwords for the root users. My question: I have a root user under the host "kickseed" with no password set I have no idea what kickseed is as the database is installed under localhost, on searching around i have discovered that this is something to do with the ubuntu OS itself. Is it safe to delete this user account from MySQL or is it used for something by the OS? If i need to keep it should i /can i protect it with a password? Also i have another root account under the host IP 127.0.0.1 again can i delete this? My absolute preference would be to have only one account with root access but i do not want to delete these accounts if they are necessary. Thanks for tolerating a newbie Regards Hairby

Read the article
Using Windows Azure storage for backup

- by Bruno

I am currently looking at Windows Azure blobs as an option for backing up archive data. I want to be able to upload files from an external windows machine via the internet but I don't know enough about Windows Azure storage to make a decision. Some of the questions I have are How do I upload the files. Is there a client application, can I use robocopy? Would it be fast enough? i.e. Could I download or upload 1TB of data in a week? Is it secure? Hopefully someone smarter than me can help me :-)

Read the article

< Previous Page | 85 86 87 88 89 90 91 92 93 94 95 96 | Next Page >