Search Results

Search found 42331 results on 1694 pages for 'event log security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 119/1694 | < Previous Page | 115 116 117 118 119 120 121 122 123 124 125 126  | Next Page >

  • Subnet address in apache access log

    - by m0ntassar
    I was inspecting my apache access logs(I use default combined log format) and I came a cross a wired entry 69.171.247.0 - - [22/Oct/2012:18:15:20 +0200] "GET /some site resources HTTP/1.1" 404 514 "-" "facebookexternalhit/1.0 (+http://www.facebook.com/externalhit_uatext.php)" As u see, this query come from a facebook robot that extract objects from site when somebody post a link. What I find weird is the logged ip address : 69.171.247.0 Does anybody know how is that possible ?

    Read the article

  • Log all files saved on XP system.

    - by Jason Taylor
    I have a user that frequently saves items (or even forgets to save) to places that he forgets. Usually a simple search finds them, but not always. Is there any way to log/track the most recently saved files? It would be great to be the last "saved" files as the recent documents feature is unreliable if he constantly opens documents in his search for the file he just saved. Alternatively, any ideas on how to control this situation?

    Read the article

  • removing specific warnings in Apache error.log

    - by Tereno
    Here's my situation. I have a directive that goes something like this: Options MultiViews FollowSymLinks I have a location directive where I have Options +Includes This causes warning errors in my Apache error log: mod_include: Options +Includes (or IncludesNoExec) wasn't set, INCLUDES filter removed These warnings are gone when I add +Includes to my options but I don't want. I want to have the Includes filter removed but without having warning errors. If there's something unclear, feel free to ask. Thanks

    Read the article

  • Log onto a domain elsewhere

    - by Lars
    I am wondering if an user can log onto my domain outside the office, or are you only able to do this locally? (in the office) Can you be outside the town or even country login onto a company's domain? (windows server 2008)

    Read the article

  • 11??OTN????????

    - by OTN-J Master
    11??OTN???????????????????????????????????????????????????????????????????????????????????????URL?????????????????https://blogs.oracle.com/otnjp/category/Event ????????????? [11/14(?)??]  WebLogic Server??????????? & ???????????????? [11/21(?)??] Oracle Database Appliance ???????? [11/22(?)??] ?30? WebLogic Server???? 11?20?????DBA & Developer Day 2012?????????????????????????????????OTN???????????????????????????????????????????????????OTN???????????????????????????????>>??????????????????(oracle.com???)??????????????? [11/ 9(?)??]  JavaOne 2012 San Francisco ???  (??Java????????) [11/10(?)??] JJUG ???????????????? 2012 Fall (??Java????????)[11/28(?)??] 90?????!Oracle Database??????????????? (????????) JavaOne 2012 San Francisco ??? (??Java????????) ???: 11?9?(?)13:00~19:00???: ??(???·???????) ???: ???2012?9?30???10?4?????????????????JavaOne 2012?????????JavaOne?????????????????????????????????!>> ??????????? ?????? JJUG ???????????????? 2012 Fall (??Java????????)???: 11?10?(?) 10:00~19:15???: ??(??:???????) ???: ??Java??????????????????????????? 2012 Fall(??:JJUG CCC 2012 Fall)?????????Java????????????????????????????????????????????CCC?????????????????????????????????????????????! >>??·???????? ?????? ?93? ????! ???????? -WebLogic Server??????????? & ???????????????? ???: 11?14?(?)18:30 ~20:30???: ??(?????? ????????????) ???: 18?????????????????????! ????????????????????????????!???????????WebLogic Server ??????????????????Java???????????????WebLogic Server?JRockit????????????????????????????????????????????????????????????????????????????????WebLogic Server????????????????????????????????2???????????????WebLogic Server???????????????????????????????????????JDBC?????????????WebLogic Server??????????????????????????????????????????????????????????????????????????????????????????????????????????????????iPad??????????????????????????????????WebLogic Server???Oracle JDeveloper????? ?Oracle Application Development Framework (ADF)????????? ?WebCenter Framework ????????????????????????????????????????????????????????????????????Java EE??????WebLogic Server?????????????????????????????????????????????????????????????????????????????????????????????????????Java EE6???????????? >> ??·???????? ??????  Oracle Database Appliance ???????? ???: 11?21?(?)15:30 ~ 17:00???: ??(?????????? ?? 13F???????) ???:??????????????????????????????????·?????Oracle Database Appliance??????????????????????????????????????????????????????????????????·?????Oracle Database Appliance ?????????????????????? >>??????????? ?????? ?30? WebLogic Server??? ???: 11?22?(?)18:30~20:40???: ??(????????????) ???:?????WebLogic Server?????:??????JSF2.0????2???????????????WebLogic Server????????????????2?????????????????????·???????????????????? WebLogic Server???????????????????????????????WebLogic Server????????????????TIPS?????????WebLogic Server???????????????????????????JSF2.0???????Java EE 6?????JSF2.0???????????????JSF2.0????????????????JSF2.0????????RIA(??????????????????)????????????????JSF2.0??????Java EE 6?????????Web???????????????????????????????????????????????????WebLogic Server????????????????????????????????????WebLogic Server????????????WebLogic Server?????????????????????????????????????!>>??????????? ?????? 90?????!Oracle Database??????????????? [????????] ???: 11?28?(?) 19:00~20:30???: ??(??????????) ???:Oracle Database????????·?????????????????????Oracle Database??????/????????????????- ???????????????????????????????????? ?????- ???????????????????Oracle Database???????? ?????????????¦???????????¦???????????¦???????????(NetCA, Net Manager)¦???????¦Oracle?????????¦??????????????>> ??·???????? ??????

    Read the article

  • Windows XP - Security Update for Windows XP (KB923561) (KB946648) (KB956572) (KB958644)

    - by leeand00
    My father's computer has Windows XP, but when I try to install the service packs it always fails. What gives? Here are the errors that I get in the event log: Date: 2/6/2010 Time: 12:02:18 AM Type: Error User: N/A Computer: EVO Source: Windows Update Agent Category: Installation Event ID: 20 Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Windows XP (KB946648). For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. 0000: 57 69 6e 33 32 48 52 65 Win32HRe 0008: 73 75 6c 74 3d 30 78 38 sult=0x8 0010: 30 30 37 30 30 30 32 20 0070002 0018: 55 70 64 61 74 65 49 44 UpdateID 0020: 3d 7b 38 33 44 31 41 44 ={83D1AD 0028: 46 35 2d 37 37 39 44 2d F5-779D- 0030: 34 30 31 36 2d 38 43 33 4016-8C3 0038: 31 2d 35 34 39 32 37 30 1-549270 0040: 46 36 37 42 33 46 7d 20 F67B3F} 0048: 52 65 76 69 73 69 6f 6e Revision 0050: 4e 75 6d 62 65 72 3d 31 Number=1 0058: 30 34 20 00 04 . Date: 2/6/2010 Time: 12:02:18 AM Type: Error User: N/A Computer: EVO Source: Windows Update Agent Catagory: Installation Event ID: 20 Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Windows XP (KB956572). For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. 0000: 57 69 6e 33 32 48 52 65 Win32HRe 0008: 73 75 6c 74 3d 30 78 38 sult=0x8 0010: 30 30 37 30 30 30 32 20 0070002 0018: 55 70 64 61 74 65 49 44 UpdateID 0020: 3d 7b 44 46 32 46 30 41 ={DF2F0A 0028: 39 38 2d 36 45 33 35 2d 98-6E35- 0030: 34 33 37 39 2d 41 42 33 4379-AB3 0038: 33 2d 41 30 33 30 33 45 3-A0303E 0040: 46 37 34 42 32 41 7d 20 F74B2A} 0048: 52 65 76 69 73 69 6f 6e Revision 0050: 4e 75 6d 62 65 72 3d 31 Number=1 0058: 30 32 20 00 02 . Date: 2/6/2010 Time: 12:02:18 AM Type: Error User: N/A Computer EVO Source: Windows Update Agent Event ID: 20 Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Windows XP (KB958644). For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. 0000: 57 69 6e 33 32 48 52 65 Win32HRe 0008: 73 75 6c 74 3d 30 78 38 sult=0x8 0010: 30 30 37 30 30 30 32 20 0070002 0018: 55 70 64 61 74 65 49 44 UpdateID 0020: 3d 7b 39 33 39 37 41 32 ={9397A2 0028: 31 46 2d 32 34 36 43 2d 1F-246C- 0030: 34 35 33 42 2d 41 43 30 453B-AC0 0038: 35 2d 36 35 42 46 34 46 5-65BF4F 0040: 43 36 42 36 38 42 7d 20 C6B68B} 0048: 52 65 76 69 73 69 6f 6e Revision 0050: 4e 75 6d 62 65 72 3d 31 Number=1 0058: 30 31 20 00 01 . Date: 2/6/2010 Time: 12:02:18 AM Type: Error User: N/A Computer: EVO Source: Windows Update Agent Category: Installation Event ID: 20 Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Windows XP (KB923561). For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. 0000: 57 69 6e 33 32 48 52 65 Win32HRe 0008: 73 75 6c 74 3d 30 78 38 sult=0x8 0010: 30 30 37 30 30 30 32 20 0070002 0018: 55 70 64 61 74 65 49 44 UpdateID 0020: 3d 7b 33 31 30 41 34 43 ={310A4C 0028: 30 38 2d 35 39 33 44 2d 08-593D- 0030: 34 31 41 33 2d 42 42 35 41A3-BB5 0038: 37 2d 38 33 42 33 38 36 7-83B386 0040: 44 37 37 33 42 35 7d 20 D773B5} 0048: 52 65 76 69 73 69 6f 6e Revision 0050: 4e 75 6d 62 65 72 3d 31 Number=1 0058: 30 33 20 00 03 . Thank you, Andrew

    Read the article

  • Remote Desktop failed logon event 4625 not logging correctly on 2008 Terminal Services server

    - by Zone12
    When I use the new remote desktop with ssl and try to log on with bad credentials it logs a 4625 event as expected. The problem is, it doesn't log the ip address, so I can't block malicious logons in our firewall. The event looks like this: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{00000000-0000-0000-0000-000000000000}" /> <EventID>4625</EventID> <Version>0</Version> <Level>0</Level> <Task>12544</Task> <Opcode>0</Opcode> <Keywords>0x8010000000000000</Keywords> <TimeCreated SystemTime="2012-04-13T06:52:36.499113600Z" /> <EventRecordID>467553</EventRecordID> <Correlation /> <Execution ProcessID="544" ThreadID="596" /> <Channel>Security</Channel> <Computer>ontheinternet</Computer> <Security /> </System> <EventData> <Data Name="SubjectUserSid">S-1-0-0</Data> <Data Name="SubjectUserName">-</Data> <Data Name="SubjectDomainName">-</Data> <Data Name="SubjectLogonId">0x0</Data> <Data Name="TargetUserSid">S-1-0-0</Data> <Data Name="TargetUserName">notauser</Data> <Data Name="TargetDomainName">MYSERVER-PC</Data> <Data Name="Status">0xc000006d</Data> <Data Name="FailureReason">%%2313</Data> <Data Name="SubStatus">0xc0000064</Data> <Data Name="LogonType">3</Data> <Data Name="LogonProcessName">NtLmSsp</Data> <Data Name="AuthenticationPackageName">NTLM</Data> <Data Name="WorkstationName">MYSERVER-PC</Data> <Data Name="TransmittedServices">-</Data> <Data Name="LmPackageName">-</Data> <Data Name="KeyLength">0</Data> <Data Name="ProcessId">0x0</Data> <Data Name="ProcessName">-</Data> <Data Name="IpAddress">-</Data> <Data Name="IpPort">-</Data> </EventData> </Event> It seems because the logon type is 3 and not 10 like the old rdp sessions, the ip address and other information is not stored. The machine I am trying to connect from is on the internet and not on the same network as the server. Does anyone know where this information is stored (and what other events are generated with a failed logon)? Any help will be much appreciated.

    Read the article

  • Security in shared hosting vs VPS 'virtual appliances'

    - by Pedro Loureiro
    I have to change my hosting provider. Right now I have a shared hosting account but I'm considering trying the LAMP stack appliance from turnkeylinux.org. I'm very comfortable with using linux, I've been using it for a long time. I have no problem ssh'ing into remote machines and do whatever I have to do (coding, reading logs, moving files, deploying, etc). The problem is that none of those tasks have involved securing the server/firewall. My experience has been as a desktop user or developer deploying apps/files in remote servers. Ignoring the security in the application logic (read: any scripts, frameworks, websites I might have created or installed) - I'm worried about things like base configuration of deamons, firewall, ports, executable scripts being readable from the outside and whatnot. My question is: how do you compare the (expected) out of the box security of the LAMP stack from turnkey and the (expected) security of a "regular" shared hosting provider? I was hoping to find some guides with a list of steps to do to protect my server but the only documentation I found was simply referring to ubuntu's documentation.

    Read the article

  • Win 2008 R2 terminal server and redirected printer queue security

    - by Ian
    I have a case where I need a non-priv account to be able to make a modification to the redirected printer. I know, its not advisable but we're not giving them access - changes will be made in code. So, following the docs (http://technet.microsoft.com/en-us/library/ee524015(WS.10).aspx) I modified the default security for new printer queues. This doesnt work though as windows doesn't seem to assign the privs you configure in the printer admin tool to redirected printer queues. As I test I added a non-priv test user to the default security tab in the printer admin tool (control panel - admin tools - printer admin. I assigned it all privs (its a test) and logged the user into the terminal server. The redirected printers duely appeared as usual. However if I open the printer properties - security tab, the user appears in the list of accounts/groups but the options I selected (all privs) are not set. Instead the user special privs box is marked and when I click on 'advanced options' and view them, there is nothing marked. So, something is clearing these options.... the question is, why and how can I convince it not to? Ian

    Read the article

  • (Some) security perms in WinXP corrupted (shows GUID instead of username)

    - by Andy
    I've been using my Win XP machine (part of a domain) over the holiday period, so until yesterday it hadn't rebooted for about five days. I used it yesterday perfectly fine and shut it down. When I switched it on this morning the majority (but not all) of my shortcut links in the Quick Launch toolbar showed as generic file icons. If you open the folder and get properties on one of the failing shortcuts it says ''Target type: This is not a valid shortcut''. Then in Outlook I noticed my signature wasn't showing (I checked my sent folder and the sig was ok yesterday). Checking the signature folder, I can't see the security tab on any of the sig files, and I have an access denied message on trying to open them. I can see the security tab on the signature folder itself, just none of the contents. If I try and use the parent folder's security tab and ''Replace permission entries on all child objects with entries shown here that apply to child objects'' it appears to work fine, but makes no actual difference. I logged in as administrator and saw that the owner of the files showed up as a GUID (clearly should've been my account in its place). Any ideas what might have made that happen? So far I haven't heard any similar complaints from anyone else at the office...

    Read the article

  • Using Oracle Proxy Authentication with JPA (eclipselink-Style)

    - by olaf.heimburger
    Security is a very intriguing topic. You will find it everywhere and you need to implement it everywhere. Yes, you need. Unfortunately, one can easily forget it while implementing the last mile. The Last Mile In a multi-tier application it is a common practice to use connection pools between the business layer and the database layer. Connection pools are quite useful to speed database connection creation and to split the load. Another very common practice is to use a specific, often called technical, user to connect to the database. This user has authentication and authorization rules that apply to all application users. Imagine you've put every effort to define roles for different types of users that use your application. These roles are necessary to differentiate between normal users, premium users, and administrators (I bet you will find or already have more roles in your application). While these user roles are pretty well used within your application, once the flow of execution enters the database everything is gone. Each and every user just has one role and is the same database user. Issues? What Issues? As long as things go well, this is not a real issue. However, things do not go well all the time. Once your application becomes famous performance decreases in certain situations or, more importantly, current and upcoming regulations and laws require that your application must be able to apply different security measures on a per user role basis at every stage of your application. If you only have a bunch of users with the same name and role you are not able to find the application usage profile that causes the performance issue, or which user has accessed data that he/she is not allowed to. Another thread to your role concept is that databases tend to be used by different applications and tools. These tools can be developer tools like SQL*Plus, SQL Developer, etc. or end user applications like BI Publisher, Oracle Forms and so on. These tools have no idea of your applications role concept and access the database the way they think is appropriate. A big oversight for your perfect role model and a big nightmare for your Chief Security Officer. Speaking of the CSO, brings up another issue: Password management. Once your technical user account is compromised, every user is able to do things that he/she is not expected to do from the design of your application. Counter Measures In the Oracle world a common counter measure is to use Virtual Private Database (VPD). This restricts the values a database user can see to the allowed minimum. However, it doesn't help in regard of a connection pool user, because this one is still not the real user. Oracle Proxy Authentication Another feature of the Oracle database is Proxy Authentication. First introduced with version 9i it is a quite useful feature for nearly every situation. The main idea behind Proxy Authentication is, to create a crippled database user who has only connect rights. Even if this user is compromised the risks are well understood and fairly limited. This user can be used in every situation in which you need to connect to the database, no matter which tool or application (see above) you use.The proxy user is perfect for multi-tier connection pools. CREATE USER app_user IDENTIFIED BY abcd1234; GRANT CREATE SESSION TO app_user; But what if you need to access real data? Well, this is the primary use case, isn't it? Now is the time to bring the application's role concept into play. You define database roles that define the grants for your identified user groups. Once you have these groups you grant access through the proxy user with the application role to the specific user. CREATE ROLE app_role_a; GRANT app_role_a TO scott; ALTER USER scott GRANT CONNECT THROUGH app_user WITH ROLE app_role_a; Now, hr has permission to connect to the database through the proxy user. Through the role you can restrict the hr's rights the are needed for the application only. If hr connects to the database directly all assigned role and permissions apply. Testing the Setup To test the setup you can use SQL*Plus and connect to your database: $ sqlplus app_user[hr]/abcd1234 Java Persistence API The Java Persistence API (JPA) is a fairly easy means to build applications that retrieve data from the database and put it into Java objects. You use plain old Java objects (POJOs) and mixin some Java annotations that define how the attributes of the object are used for storing data from the database into the Java object. Here is a sample for objects from the HR sample schema EMPLOYEES table. When using Java annotations you only specify what can not be deduced from the code. If your Java class name is Employee but the table name is EMPLOYEES, you need to specify the table name, otherwise it will fail. package demo.proxy.ejb; import java.io.Serializable; import java.sql.Timestamp; import java.util.List; import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.Id; import javax.persistence.JoinColumn; import javax.persistence.ManyToOne; import javax.persistence.NamedQueries; import javax.persistence.NamedQuery; import javax.persistence.OneToMany; import javax.persistence.Table; @Entity @NamedQueries({ @NamedQuery(name = "Employee.findAll", query = "select o from Employee o") }) @Table(name = "EMPLOYEES") public class Employee implements Serializable { @Column(name="COMMISSION_PCT") private Double commissionPct; @Column(name="DEPARTMENT_ID") private Long departmentId; @Column(nullable = false, unique = true, length = 25) private String email; @Id @Column(name="EMPLOYEE_ID", nullable = false) private Long employeeId; @Column(name="FIRST_NAME", length = 20) private String firstName; @Column(name="HIRE_DATE", nullable = false) private Timestamp hireDate; @Column(name="JOB_ID", nullable = false, length = 10) private String jobId; @Column(name="LAST_NAME", nullable = false, length = 25) private String lastName; @Column(name="PHONE_NUMBER", length = 20) private String phoneNumber; private Double salary; @ManyToOne @JoinColumn(name = "MANAGER_ID") private Employee employee; @OneToMany(mappedBy = "employee") private List employeeList; public Employee() { } public Employee(Double commissionPct, Long departmentId, String email, Long employeeId, String firstName, Timestamp hireDate, String jobId, String lastName, Employee employee, String phoneNumber, Double salary) { this.commissionPct = commissionPct; this.departmentId = departmentId; this.email = email; this.employeeId = employeeId; this.firstName = firstName; this.hireDate = hireDate; this.jobId = jobId; this.lastName = lastName; this.employee = employee; this.phoneNumber = phoneNumber; this.salary = salary; } public Double getCommissionPct() { return commissionPct; } public void setCommissionPct(Double commissionPct) { this.commissionPct = commissionPct; } public Long getDepartmentId() { return departmentId; } public void setDepartmentId(Long departmentId) { this.departmentId = departmentId; } public String getEmail() { return email; } public void setEmail(String email) { this.email = email; } public Long getEmployeeId() { return employeeId; } public void setEmployeeId(Long employeeId) { this.employeeId = employeeId; } public String getFirstName() { return firstName; } public void setFirstName(String firstName) { this.firstName = firstName; } public Timestamp getHireDate() { return hireDate; } public void setHireDate(Timestamp hireDate) { this.hireDate = hireDate; } public String getJobId() { return jobId; } public void setJobId(String jobId) { this.jobId = jobId; } public String getLastName() { return lastName; } public void setLastName(String lastName) { this.lastName = lastName; } public String getPhoneNumber() { return phoneNumber; } public void setPhoneNumber(String phoneNumber) { this.phoneNumber = phoneNumber; } public Double getSalary() { return salary; } public void setSalary(Double salary) { this.salary = salary; } public Employee getEmployee() { return employee; } public void setEmployee(Employee employee) { this.employee = employee; } public List getEmployeeList() { return employeeList; } public void setEmployeeList(List employeeList) { this.employeeList = employeeList; } public Employee addEmployee(Employee employee) { getEmployeeList().add(employee); employee.setEmployee(this); return employee; } public Employee removeEmployee(Employee employee) { getEmployeeList().remove(employee); employee.setEmployee(null); return employee; } } JPA could be used in standalone applications and Java EE containers. In both worlds you normally create a Facade to retrieve or store the values of the Entities to or from the database. The Facade does this via an EntityManager which will be injected by the Java EE container. Here is sample Facade Session Bean for a Java EE container. package demo.proxy.ejb; import java.util.HashMap; import java.util.List; import javax.ejb.Local; import javax.ejb.Remote; import javax.ejb.Stateless; import javax.persistence.EntityManager; import javax.persistence.PersistenceContext; import javax.persistence.Query; import javax.interceptor.AroundInvoke; import javax.interceptor.InvocationContext; import oracle.jdbc.driver.OracleConnection; import org.eclipse.persistence.config.EntityManagerProperties; import org.eclipse.persistence.internal.jpa.EntityManagerImpl; @Stateless(name = "DataFacade", mappedName = "ProxyUser-TestEJB-DataFacade") @Remote @Local public class DataFacadeBean implements DataFacade, DataFacadeLocal { @PersistenceContext(unitName = "TestEJB") private EntityManager em; private String username; public Object queryByRange(String jpqlStmt, int firstResult, int maxResults) { // setSessionUser(); Query query = em.createQuery(jpqlStmt); if (firstResult 0) { query = query.setFirstResult(firstResult); } if (maxResults 0) { query = query.setMaxResults(maxResults); } return query.getResultList(); } public Employee persistEmployee(Employee employee) { // setSessionUser(); em.persist(employee); return employee; } public Employee mergeEmployee(Employee employee) { // setSessionUser(); return em.merge(employee); } public void removeEmployee(Employee employee) { // setSessionUser(); employee = em.find(Employee.class, employee.getEmployeeId()); em.remove(employee); } /** select o from Employee o */ public List getEmployeeFindAll() { Query q = em.createNamedQuery("Employee.findAll"); return q.getResultList(); } Putting Both Together To use Proxy Authentication with JPA and within a Java EE container you have to take care of the additional requirements: Use an OCI JDBC driver Provide the user name that connects through the proxy user Use an OCI JDBC driver To use the OCI JDBC driver you need to set up your JDBC data source file to use the correct JDBC URL. hr jdbc:oracle:oci8:@(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=localhost)(PORT=1521))(CONNECT_DATA=(SID=XE))) oracle.jdbc.OracleDriver user app_user 62C32F70E98297522AD97E15439FAC0E SQL SELECT 1 FROM DUAL jdbc/hrDS Application Additionally you need to make sure that the version of the shared libraries of the OCI driver match the version of the JDBC driver in your Java EE container or Java application and are within your PATH (on Windows) or LD_LIBRARY_PATH (on most Unix-based systems). Installing the Oracle Database Instance Client software works perfectly. Provide the user name that connects through the proxy user This part needs some modification of your application software and session facade. Session Facade Changes In the Session Facade we must ensure that every call that goes through the EntityManager must be prepared correctly and uniquely assigned to this session. The second is really important, as the EntityManager works with a connection pool and can not guarantee that we set the proxy user on the connection that will be used for the database activities. To avoid changing every method call of the Session Facade we provide a method to set the username of the user that connects through the proxy user. This method needs to be called by the Facade client bfore doing anything else. public void setUsername(String name) { username = name; } Next we provide a means to instruct the TopLink EntityManager Delegate to use Oracle Proxy Authentication. (I love small helper methods to hide the nitty-gritty details and avoid repeating myself.) private void setSessionUser() { setSessionUser(username); } private void setSessionUser(String user) { if (user != null && !user.isEmpty()) { EntityManagerImpl emDelegate = ((EntityManagerImpl)em.getDelegate()); emDelegate.setProperty(EntityManagerProperties.ORACLE_PROXY_TYPE, OracleConnection.PROXYTYPE_USER_NAME); emDelegate.setProperty(OracleConnection.PROXY_USER_NAME, user); emDelegate.setProperty(EntityManagerProperties.EXCLUSIVE_CONNECTION_MODE, "Always"); } } The final step is use the EJB 3.0 AroundInvoke interceptor. This interceptor will be called around every method invocation. We therefore check whether the Facade methods will be called or not. If so, we set the user for proxy authentication and the normal method flow continues. @AroundInvoke public Object proxyInterceptor(InvocationContext invocationCtx) throws Exception { if (invocationCtx.getTarget() instanceof DataFacadeBean) { setSessionUser(); } return invocationCtx.proceed(); } Benefits Using Oracle Proxy Authentification has a number of additional benefits appart from implementing the role model of your application: Fine grained access control for temporary users of the account, without compromising the original password. Enabling database auditing and logging. Better identification of performance bottlenecks. References Effective Oracle Database 10g Security by Design, David Knox TopLink Developer's Guide, Chapter 98

    Read the article

  • Fedora error log file

    - by user111196
    I am running a java application using this wrapper service yajsw. The problem it just stopped without any error in its logs file. So I was wondering will there be any system log file which will indicate the cause of it going down? Partial of the log file. Apr 6 00:12:20 localhost kernel: imklog 3.22.1, log source = /proc/kmsg started. Apr 6 00:12:20 localhost rsyslogd: [origin software="rsyslogd" swVersion="3.22.1" x-pid="2234" x-info="http://www.rsyslog.com"] (re)start Apr 6 00:12:20 localhost kernel: Initializing cgroup subsys cpuset Apr 6 00:12:20 localhost kernel: Initializing cgroup subsys cpu Apr 6 00:12:20 localhost kernel: Linux version 2.6.27.41-170.2.117.fc10.x86_64 ([email protected]) (gcc version 4.3.2 20081105 (Red Hat 4.3.2-7) (GCC) ) #1 SMP Thu Dec 10 10:36:29 EST 2009 Apr 6 00:12:20 localhost kernel: Command line: ro root=UUID=722ebf87-437f-4634-9c68-a82d157fa948 rhgb quiet Apr 6 00:12:20 localhost kernel: KERNEL supported cpus: Apr 6 00:12:20 localhost kernel: Intel GenuineIntel Apr 6 00:12:20 localhost kernel: AMD AuthenticAMD Apr 6 00:12:20 localhost kernel: Centaur CentaurHauls Apr 6 00:12:20 localhost kernel: BIOS-provided physical RAM map: Apr 6 00:12:20 localhost kernel: BIOS-e820: 0000000000000000 - 00000000000a0000 (usable) Apr 6 00:12:20 localhost kernel: BIOS-e820: 0000000000100000 - 00000000cfb50000 (usable) Apr 6 00:12:20 localhost kernel: BIOS-e820: 00000000cfb50000 - 00000000cfb66000 (reserved) Apr 6 00:12:20 localhost kernel: BIOS-e820: 00000000cfb66000 - 00000000cfb85c00 (ACPI data) Apr 6 00:12:20 localhost kernel: BIOS-e820: 00000000cfb85c00 - 00000000d0000000 (reserved) Apr 6 00:12:20 localhost kernel: BIOS-e820: 00000000e0000000 - 00000000f0000000 (reserved) Apr 6 00:12:20 localhost kernel: BIOS-e820: 00000000fe000000 - 0000000100000000 (reserved) Apr 6 00:12:20 localhost kernel: BIOS-e820: 0000000100000000 - 0000000330000000 (usable) Apr 6 00:12:20 localhost kernel: DMI 2.5 present. Apr 6 00:12:20 localhost kernel: last_pfn = 0x330000 max_arch_pfn = 0x3ffffffff Apr 6 00:12:20 localhost kernel: x86 PAT enabled: cpu 0, old 0x7040600070406, new 0x7010600070106 Apr 6 00:12:20 localhost kernel: last_pfn = 0xcfb50 max_arch_pfn = 0x3ffffffff Apr 6 00:12:20 localhost kernel: init_memory_mapping Apr 6 00:12:20 localhost kernel: last_map_addr: cfb50000 end: cfb50000 Apr 6 00:12:20 localhost kernel: init_memory_mapping Apr 6 00:12:20 localhost kernel: last_map_addr: 330000000 end: 330000000 Apr 6 00:12:20 localhost kernel: RAMDISK: 37bfc000 - 37fef6c8 Apr 6 00:12:20 localhost kernel: ACPI: RSDP 000F21B0, 0024 (r2 DELL ) Apr 6 00:12:20 localhost kernel: ACPI: XSDT 000F224C, 0084 (r1 DELL PE_SC3 1 DELL 1) Apr 6 00:12:20 localhost kernel: ACPI: FACP CFB83524, 00F4 (r3 DELL PE_SC3 1 DELL 1) Apr 6 00:12:20 localhost kernel: ACPI: DSDT CFB66000, 4974 (r1 DELL PE_SC3 1 INTL 20050624) Apr 6 00:12:20 localhost kernel: ACPI: FACS CFB85C00, 0040 Apr 6 00:12:20 localhost kernel: ACPI: APIC CFB83078, 00B6 (r1 DELL PE_SC3 1 DELL 1) Apr 6 00:12:20 localhost kernel: ACPI: SPCR CFB83130, 0050 (r1 DELL PE_SC3 1 DELL 1) Apr 6 00:12:20 localhost kernel: ACPI: HPET CFB83184, 0038 (r1 DELL PE_SC3 1 DELL 1) Apr 6 00:12:20 localhost kernel: ACPI: MCFG CFB831C0, 003C (r1 DELL PE_SC3 1 DELL 1) Apr 6 00:12:20 localhost kernel: ACPI: WD__ CFB83200, 0134 (r1 DELL PE_SC3 1 DELL 1) Apr 6 00:12:20 localhost kernel: ACPI: SLIC CFB83338, 0176 (r1 DELL PE_SC3 1 DELL 1) Apr 6 00:12:20 localhost kernel: ACPI: ERST CFB6AAF4, 0210 (r1 DELL PE_SC3 1 DELL 1) Apr 6 00:12:20 localhost kernel: ACPI: HEST CFB6AD04, 027C (r1 DELL PE_SC3 1 DELL 1) Apr 6 00:12:20 localhost kernel: ACPI: BERT CFB6A974, 0030 (r1 DELL PE_SC3 1 DELL 1) Apr 6 00:12:20 localhost kernel: ACPI: EINJ CFB6A9A4, 0150 (r1 DELL PE_SC3 1 DELL 1) Apr 6 00:12:20 localhost kernel: ACPI: TCPA CFB834BC, 0064 (r1 DELL PE_SC3 1 DELL 1) Apr 6 00:12:20 localhost kernel: No NUMA configuration found Apr 6 00:12:20 localhost kernel: Faking a node at 0000000000000000-0000000330000000 Apr 6 00:12:20 localhost kernel: Bootmem setup node 0 0000000000000000-0000000330000000 Apr 6 00:12:20 localhost kernel: NODE_DATA [0000000000015000 - 0000000000029fff] Apr 6 00:12:20 localhost kernel: bootmap [000000000002a000 - 000000000008ffff] pages 66 Apr 6 00:12:20 localhost kernel: (7 early reservations) ==> bootmem [0000000000 - 0330000000] Apr 6 00:12:20 localhost kernel: #0 [0000000000 - 0000001000] BIOS data page ==> [0000000000 - 0000001000] Apr 6 00:12:20 localhost kernel: #1 [0000006000 - 0000008000] TRAMPOLINE ==> [0000006000 - 0000008000] Apr 6 00:12:20 localhost kernel: #2 [0000200000 - 0000a310cc] TEXT DATA BSS ==> [0000200000 - 0000a310cc] Apr 6 00:12:20 localhost kernel: #3 [0037bfc000 - 0037fef6c8] RAMDISK ==> [0037bfc000 - 0037fef6c8] Apr 6 00:12:20 localhost kernel: #4 [000009f000 - 0000100000] BIOS reserved ==> [000009f000 - 0000100000] Apr 6 00:12:20 localhost kernel: #5 [0000008000 - 000000c000] PGTABLE ==> [0000008000 - 000000c000] Apr 6 00:12:20 localhost kernel: #6 [000000c000 - 0000015000] PGTABLE ==> [000000c000 - 0000015000] Apr 6 00:12:20 localhost kernel: found SMP MP-table at [ffff8800000fe710] 000fe710 Apr 6 00:12:20 localhost kernel: Zone PFN ranges: Apr 6 00:12:20 localhost kernel: DMA 0x00000000 -> 0x00001000 Apr 6 00:12:20 localhost kernel: DMA32 0x00001000 -> 0x00100000 Apr 6 00:12:20 localhost kernel: Normal 0x00100000 -> 0x00330000 Apr 6 00:12:20 localhost kernel: Movable zone start PFN for each node Apr 6 00:12:20 localhost kernel: early_node_map[3] active PFN ranges Apr 6 00:12:20 localhost kernel: 0: 0x00000000 -> 0x000000a0 Apr 6 00:12:20 localhost kernel: 0: 0x00000100 -> 0x000cfb50 Apr 6 00:12:20 localhost kernel: 0: 0x00100000 -> 0x00330000 Apr 6 00:12:20 localhost kernel: ACPI: PM-Timer IO Port: 0x808 Apr 6 00:12:20 localhost kernel: ACPI: LAPIC (acpi_id[0x01] lapic_id[0x00] enabled) Apr 6 00:12:20 localhost kernel: ACPI: LAPIC (acpi_id[0x02] lapic_id[0x04] enabled) Apr 6 00:12:20 localhost kernel: ACPI: LAPIC (acpi_id[0x03] lapic_id[0x02] enabled) Apr 6 00:12:20 localhost kernel: ACPI: LAPIC (acpi_id[0x04] lapic_id[0x06] enabled) Apr 6 00:12:20 localhost kernel: ACPI: LAPIC (acpi_id[0x05] lapic_id[0x01] enabled) Apr 6 00:12:20 localhost kernel: ACPI: LAPIC (acpi_id[0x06] lapic_id[0x05] enabled) Apr 6 00:12:20 localhost kernel: ACPI: LAPIC (acpi_id[0x07] lapic_id[0x03] enabled) Apr 6 00:12:20 localhost kernel: ACPI: LAPIC (acpi_id[0x08] lapic_id[0x07] enabled) Apr 6 00:12:20 localhost kernel: ACPI: LAPIC_NMI (acpi_id[0xff] high edge lint[0x1]) Apr 6 00:12:20 localhost kernel: ACPI: IOAPIC (id[0x08] address[0xfec00000] gsi_base[0]) Apr 6 00:12:20 localhost kernel: IOAPIC[0]: apic_id 8, version 0, address 0xfec00000, GSI 0-23 Apr 6 00:12:20 localhost kernel: ACPI: IOAPIC (id[0x09] address[0xfec81000] gsi_base[64]) Apr 6 00:12:20 localhost kernel: IOAPIC[1]: apic_id 9, version 0, address 0xfec81000, GSI 64-87 Apr 6 00:12:20 localhost kernel: ACPI: IOAPIC (id[0x0a] address[0xfec84000] gsi_base[160]) Apr 6 00:12:20 localhost kernel: IOAPIC[2]: apic_id 10, version 0, address 0xfec84000, GSI 160-183 Apr 6 00:12:20 localhost kernel: ACPI: IOAPIC (id[0x0b] address[0xfec84800] gsi_base[224]) Apr 6 00:12:20 localhost kernel: IOAPIC[3]: apic_id 11, version 0, address 0xfec84800, GSI 224-247 Apr 6 00:12:20 localhost kernel: ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl) Apr 6 00:12:20 localhost kernel: ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level) Apr 6 00:12:20 localhost kernel: Setting APIC routing to flat Apr 6 00:12:20 localhost kernel: ACPI: HPET id: 0x8086a201 base: 0xfed00000 Apr 6 00:12:20 localhost kernel: Using ACPI (MADT) for SMP configuration information Apr 6 00:12:20 localhost kernel: SMP: Allowing 8 CPUs, 0 hotplug CPUs Apr 6 00:12:20 localhost kernel: PM: Registered nosave memory: 00000000000a0000 - 0000000000100000 Apr 6 00:12:20 localhost kernel: PM: Registered nosave memory: 00000000cfb50000 - 00000000cfb66000 Apr 6 00:12:20 localhost kernel: PM: Registered nosave memory: 00000000cfb66000 - 00000000cfb85000 Apr 6 00:12:20 localhost kernel: PM: Registered nosave memory: 00000000cfb85000 - 00000000cfb86000 Apr 6 00:12:20 localhost kernel: PM: Registered nosave memory: 00000000cfb86000 - 00000000d0000000 Apr 6 00:12:20 localhost kernel: PM: Registered nosave memory: 00000000d0000000 - 00000000e0000000 Apr 6 00:12:20 localhost kernel: PM: Registered nosave memory: 00000000e0000000 - 00000000f0000000 Apr 6 00:12:20 localhost kernel: PM: Registered nosave memory: 00000000f0000000 - 00000000fe000000 Apr 6 00:12:20 localhost kernel: PM: Registered nosave memory: 00000000fe000000 - 0000000100000000 Apr 6 00:12:20 localhost kernel: Allocating PCI resources starting at d1000000 (gap: d0000000:10000000) Apr 6 00:12:20 localhost kernel: PERCPU: Allocating 65184 bytes of per cpu data Apr 6 00:12:20 localhost kernel: Built 1 zonelists in Zone order, mobility grouping on. Total pages: 3096524 Apr 6 00:12:20 localhost kernel: Policy zone: Normal Apr 6 00:12:20 localhost kernel: Kernel command line: ro root=UUID=722ebf87-437f-4634-9c68-a82d157fa948 rhgb quiet Apr 6 00:12:20 localhost kernel: Initializing CPU#0 Apr 6 00:12:20 localhost kernel: PID hash table entries: 4096 (order: 12, 32768 bytes) Apr 6 00:12:20 localhost kernel: Extended CMOS year: 2000 Apr 6 00:12:20 localhost kernel: TSC: PIT calibration confirmed by PMTIMER. Apr 6 00:12:20 localhost kernel: TSC: using PMTIMER calibration value Apr 6 00:12:20 localhost kernel: Detected 1994.992 MHz processor. Apr 6 00:12:20 localhost kernel: Console: colour VGA+ 80x25 Apr 6 00:12:20 localhost kernel: console [tty0] enabled Apr 6 00:12:20 localhost kernel: Checking aperture... Apr 6 00:12:20 localhost kernel: No AGP bridge found Apr 6 00:12:20 localhost kernel: PCI-DMA: Using software bounce buffering for IO (SWIOTLB) Apr 6 00:12:20 localhost kernel: Placing software IO TLB between 0x20000000 - 0x24000000 Apr 6 00:12:20 localhost kernel: Memory: 12324244k/13369344k available (3311k kernel code, 253484k reserved, 1844k data, 1296k init) Apr 6 00:12:20 localhost kernel: SLUB: Genslabs=13, HWalign=64, Order=0-3, MinObjects=0, CPUs=8, Nodes=1 Apr 6 00:12:20 localhost kernel: Calibrating delay loop (skipped), value calculated using timer frequency.. 3989.98 BogoMIPS (lpj=1994992) Apr 6 00:12:20 localhost kernel: Security Framework initialized Apr 6 00:12:20 localhost kernel: SELinux: Initializing. Apr 6 00:12:20 localhost kernel: Dentry cache hash table entries: 2097152 (order: 12, 16777216 bytes) Apr 6 00:12:20 localhost kernel: Inode-cache hash table entries: 1048576 (order: 11, 8388608 bytes) Apr 6 00:12:20 localhost kernel: Mount-cache hash table entries: 256 Apr 6 00:12:20 localhost kernel: Initializing cgroup subsys ns Apr 6 00:12:20 localhost kernel: Initializing cgroup subsys cpuacct Apr 6 00:12:20 localhost kernel: Initializing cgroup subsys devices Apr 6 00:12:20 localhost kernel: CPU: L1 I cache: 32K, L1 D cache: 32K Apr 6 00:12:20 localhost kernel: CPU: L2 cache: 4096K Apr 6 00:12:20 localhost kernel: CPU 0/0 -> Node 0 Apr 6 00:12:20 localhost kernel: CPU: Physical Processor ID: 0 Apr 6 00:12:20 localhost kernel: CPU: Processor Core ID: 0 Apr 6 00:12:20 localhost kernel: CPU0: Thermal monitoring enabled (TM1) Apr 6 00:12:20 localhost kernel: using mwait in idle threads. Apr 6 00:12:20 localhost kernel: ACPI: Core revision 20080609 Apr 6 00:12:20 localhost kernel: ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1 Apr 6 00:12:20 localhost kernel: CPU0: Intel(R) Xeon(R) CPU E5335 @ 2.00GHz stepping 07 Apr 6 00:12:20 localhost kernel: Using local APIC timer interrupts. Apr 6 00:12:20 localhost kernel: Detected 20.781 MHz APIC timer. Apr 6 00:12:20 localhost kernel: Booting processor 1/4 ip 6000 Apr 6 00:12:20 localhost kernel: Initializing CPU#1 Apr 6 00:12:20 localhost kernel: Calibrating delay using timer specific routine.. 3990.05 BogoMIPS (lpj=1995026) Apr 6 00:12:20 localhost kernel: CPU: L1 I cache: 32K, L1 D cache: 32K Apr 6 00:12:20 localhost kernel: CPU: L2 cache: 4096K Apr 6 00:12:20 localhost kernel: CPU 1/4 -> Node 0 Apr 6 00:12:20 localhost kernel: CPU: Physical Processor ID: 1 Apr 6 00:12:20 localhost kernel: CPU: Processor Core ID: 0 Apr 6 00:12:20 localhost kernel: CPU1: Thermal monitoring enabled (TM2) Apr 6 00:12:20 localhost kernel: x86 PAT enabled: cpu 1, old 0x7040600070406, new 0x7010600070106 Apr 6 00:12:20 localhost kernel: CPU1: Intel(R) Xeon(R) CPU E5335 @ 2.00GHz stepping 07 Apr 6 00:12:20 localhost kernel: checking TSC synchronization [CPU#0 -> CPU#1]: passed. Apr 6 00:12:20 localhost kernel: Booting processor 2/2 ip 6000 Apr 6 00:12:20 localhost kernel: Initializing CPU#2 Apr 6 00:12:20 localhost kernel: Calibrating delay using timer specific routine.. 3990.05 BogoMIPS (lpj=1995029)

    Read the article

  • What tool or scripts do you use to audit a Linux box?

    - by Sharjeel Sayed
    I use the following tools for my auditing needs A) System Auditing and Hardening (One time) 1) Linux Security Auditing Tool (Security centric,Text based output ) 2) Dmidecode ( Retrieves info from BIOS ) 3) Systeminfo ( Generates a nice html report) 4) Syssumm (Inactive since Oct 2000) 5) Rootkit Hunter (Does a basic config check in addition to rootkit checks) 6) CIS benchmarks 7) Bastille ( Interactive hardening and a security scoring tool) B) Automatic Auditing (as a cron job or a service) 1) Logwatch 2) Psad C) Remote Auditing 1) Nmap (Port scanning) 2) Nessus ( Remote Vulnerability check) D) Wikipedia 1) System profiler Any other tools/scripts which you can recommend?

    Read the article

  • Missing "log on to" field in Windows 2008 password change dialog

    - by Dmitri Chubarov
    I have to setup an embedded standalone CIFS server outside of domain environment. I shall refer to the server as storage_gateway. The default password setting for the Administrator account is Password must be changed. Until Administrator password is changed other local accounts are disabled. While the server is on default password connecting to a share causes fails with NT_STATUS_PASSWORD_MUST_CHANGE error. $ smbclient -L //storage_gateway -U Administrator session setup failed: NT_STATUS_PASSWORD_MUST_CHANGE I have a mixed Linux/Windows environment and prefer smbclient for diagnostics. To change the password in Windows 2003 Server I could press CTRL-ALT-DEL to get into the Windows Security window and change password for the remote server specifying the server name or ip address (xx.xx.xx.xx) in the system password change dialog. (the name root is just an example, I have edited the dialogs to translate them) However in Windows 2008 the corresponding dialog lacks the Log on to field. Is there a way to change a remote password in Windows 2008 Server/Windows 7?

    Read the article

  • Implications of allowing Windows clients to use NTLMv1?

    - by Boden
    I have a web application that I'd like to authenticate to using pass-through NTLM for SSO. There is a problem, however, in that NTLMv2 apparently will not work in this scenario (without the application storing an identical password hash). I enabled NTLMv1 on one client machine (Vista) using its local group policy: Computer-Windows Settings-Security Settings-Network Security: LAN Manager authentication level. I changed it to Send LM & NTLM - use NTLMv2 session security if negotiated. This worked, and I'm able to login to the web application using NTLM. Now this application would be used by all of my client machines... so I'm wondering what the security risks are if I was push this policy out to all of them (not to the domain controller itself though)?

    Read the article

  • windows service log on as user a/c on different PC on same workgroup

    - by maruti
    trying to run a service (logon as admin@PC2) from PC1, when both are in work-group fails. why could this happen? OS is win-2003 and please let me know if any windows remote services have to be turned on or firewall configuration? does having PC's on same workgroup help? let me clarify the question: I am unable to see other computers from "Services Logon Tab select User" Object types available are only "users, built in security principals" Location is only local computer. But this is available from mmc console..add snap in how can this be available on services control panel?

    Read the article

  • SWATCH - what am I doing wrong?

    - by Brian Dunbar
    What I want/need/desire is to log when a user logs into my FTP server. Problem: I can't make swatch work the way I should be able to. This data is logged to a file - but of course these logs are not kept very long. I can't keep the logs around forever, but I can extract data from then, analyze it, store results elsewhere. If there is a better way to do this than the following, I'm all ears. Swatch version 3.2.3 Perl 5.12 FTP: VSFTP OS (Test): OS X 10.6.8 OS (Production): Solaris From man I see I can pass contents to a command .. so I should be able to echo those values to file, do a sed/cut/uniq thing on them for stats. $ man swatch (snip) exec command Execute command. The command may contain variables which are substituted with fields from the matched line. A $N will be replaced by the Nth field in the line. A $0 or $* will be replaced by the entire line. Swatch file .swatchrc watchfor /OK LOGIN/ echo=red pipe "echo "0: $0 1:$1 2:$2 3:$3 4:$4 5:$5" >> /Users/bdunbar/dev/ftplog/output.txt" Launch with $ swatch -c /Users/bdunbar/.swatchrc --script-dir /Users/bdunbar/dev/ftplog -t /Users/bdunbar/dev/ftplog/vsftpd.log & Test echo "Mon July 9 03:11:07 2012 [pid 14938] [aetech] OK LOGIN: Client "206.209.255.227"" >> vsftpd.log Results - it's echoing to TTY. This is not needed or desired on the server, but it does tell me things are working. ftplog *** swatch version 3.2.3 (pid:25780) started at Mon Jul 9 15:23:33 CDT 2012 Mon July 9 03:11:07 2012 [pid 14938] [aetech] OK LOGIN: Client 206.209.255.227 Results - bad! I appear to not be sending the variables to text. $ tail -f output.txt 0: /Users/bdunbar/dev/ftplog/.swatch_script.25780 1: 2: 3: 4: 5:

    Read the article

  • Anonymous Login attemps from IPs all over Asia, how do I stop them from being able to do this?

    - by Ryan
    We had a successful hack attempt from Russia and one of our servers was used as a staging ground for further attacks, actually somehow they managed to get access to a Windows account called 'services'. I took that server offline as it was our SMTP server and no longer need it (3rd party system in place now). Now some of our other servers are having these ANONYMOUS LOGIN attempts in the Event Viewer that have IP addresses coming from China, Romania, Italy (I guess there's some Europe in there too)... I don't know what these people want but they just keep hitting the server. How can I prevent this? I don't want our servers compromised again, last time our host took our entire hardware node off of the network because it was attacking other systems, causing our services to go down which is really bad. How can I prevent these strange IP addresses from trying to access my servers? They are Windows Server 2003 R2 Enterprise 'containers' (virtual machines) running on a Parallels Virtuozzo HW node, if that makes a difference. I can configure each machine individually as if it were it's own server of course... UPDATE: New login attempts still happening, now these ones are tracing back to Ukraine... WTF.. here is the Event: Successful Network Logon: User Name: Domain: Logon ID: (0x0,0xB4FEB30C) Logon Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM Workstation Name: REANIMAT-328817 Logon GUID: - Caller User Name: - Caller Domain: - Caller Logon ID: - Caller Process ID: - Transited Services: - Source Network Address: 94.179.189.117 Source Port: 0 For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Here is one from France I found too: Event Type: Success Audit Event Source: Security Event Category: Logon/Logoff Event ID: 540 Date: 1/20/2011 Time: 11:09:50 AM User: NT AUTHORITY\ANONYMOUS LOGON Computer: QA Description: Successful Network Logon: User Name: Domain: Logon ID: (0x0,0xB35D8539) Logon Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM Workstation Name: COMPUTER Logon GUID: - Caller User Name: - Caller Domain: - Caller Logon ID: - Caller Process ID: - Transited Services: - Source Network Address: 82.238.39.154 Source Port: 0 For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

    Read the article

  • When to use an MS SQL instance vs. different database on same instance

    - by BoxerBucks
    We have some MS SQL servers that are setup with different instances on the same server to separate applciation DB's as well as some servers that are setup with all DB's on the same instance, just separated with security settings. When is it advisable to create a new instance for SQL server and install your DB's in that instance as opposed to just creating a new DB on the same instance and putting security around the database itself? Is there more to the decision that just a security aspect?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 115 116 117 118 119 120 121 122 123 124 125 126  | Next Page >