Search Results

Search found 16163 results on 647 pages for 'advanced security'.

Page 142/647 | < Previous Page | 138 139 140 141 142 143 144 145 146 147 148 149  | Next Page >

• Can remote LogMeIn Hamachi users access our local LAN?

  - by Kev

  Unknown to me, one of the kids has installed LogMeIn Hamachi on his PC so that he can access and play on his pal's Minecraft server, and vice versa. One of the things I did was disable the Client for Microsoft Networks and File and Printer Sharing for Microsoft Networks on the Hamachi NIC in Windows 7's Network Connections. However, my lack of fu when it comes to these types of services is leaving me feeling a little uncomfortable about him using this. Is there anything I should be worried about here? For example, can his friends access our local LAN (which has a number of NAS boxes with unsecured shares) and get up to no good?

  Read the article

• What could cause these "failed to authenticate" logs other than failed login attempts (OSX)?

  - by Tom

  I've found this in the Console logs: 10/03/10 3:53:58 PM SecurityAgent[156] User info context values set for tom 10/03/10 3:53:58 PM authorizationhost[154] Failed to authenticate user (tDirStatus: -14090). 10/03/10 3:54:00 PM SecurityAgent[156] User info context values set for tom 10/03/10 3:54:00 PM authorizationhost[154] Failed to authenticate user (tDirStatus: -14090). 10/03/10 3:54:03 PM SecurityAgent[156] User info context values set for tom 10/03/10 3:54:03 PM authorizationhost[154] Failed to authenticate user (tDirStatus: -14090). There are about 11 of these "failed to authenticate" messages logged in quick succession. It looks to me like someone is sitting there trying to guess the password. However, when I tried to replicate this I get the same log messages except that this extra message appears after five attempts: 13/03/10 1:18:48 PM DirectoryService[11] Failed Authentication return is being delayed due to over five recent auth failures for username: tom. I don't want to accuse someone of trying to break into an account without being sure that they were actually trying to break in. My question is this: is it almost definitely someone guessing a password, or could the 11 "failed to authenticate" messages be caused by something else? EDIT: The actual user wasn't logged in, or using a computer at the time of the log in attempts.

  Read the article

• Enabling Bitlocker in Native VHD Boot

  - by Trevor Sullivan

  I have a laptop with a single hard drive, using the GUID Partition Table (GPT) disk layout, with the following partitions: 120MB EFI System Partition 300MB Microsoft Reserved Partition (MSR) Remainder - GPT primary partition I have a Windows 8 Professional VHD configured as a native-boot VHD on the GPT primary partition. Can I use Bitlocker to encrypt my main partition, or to encrypt the VHD volume?

  Read the article

• Barring connections if VPN is down.

  - by Majid

  I have a VPN account and use it for sensitive communication. However the VPN connection sometimes is dropped while my main connection to the internet is still alive. The pages I visit through VPN are on HTTP (not secure) and have javascript code which pings the host every minute or so on a timer. So it happens sometimes that the VPN connection is dropped and yet js sends a request to the server (with the cookies). How could I restrict connections so they only happen if the VPN is live? Edit - Some required details were missing OS: Windows XP SP2 Browser (mostly used): Google Chrome Firewall: Windows default Sites to filter: not all traffic but all in a list of sites like abc.com, xyz.com

  Read the article

• Homegroup and NTFS permissions

  - by bytenik

  I'm running a copy of Windows 7 as a "server" at my home. I have several file shares that I want to make available to specific users only. I've modified the NTFS permissions to only allow these users to access their respective shares. However, while a locally logged on user can access the actual folders just fine, over the network the remote access is authenticating as HomeGroupUser$ rather than the actual user in question, as shown by the Computer Management panel for shares. I do have matching user accounts (i.e. my username locally is abc and a parallel account with username abc and the same password exists on the server machine). I don't want to disable homegroup because there are other shares where homegroup authentication would be desirable, especially for some people where they don't have a parallel account. Is there a way to get the system to authenticate first by matching username, and then by homegroup authentication if there's no matching user?

  Read the article

• This operation has been cancelled due to restrictions in effect on this computer

  - by Dan

  I have this HUGELY irritating problem on Windows 7 (x64). Whenever I click on ANY link (that exists on a Word document, Excel or Outlook), I get an alert box with the message: This operation has been canceled due to restrictions in effect on this computer I have been scouring my settings and the Internet for a solution, but to no avail. What is the reason for this problem? It even happens when I click anchors in word document. That is, I can't even click on an entry in a Table of Contents to go to the appropriate page - I get this same error then. Is this a Windows 7 thing? Is there any way to turn this off?

  Read the article

• My site was recently attacked. What do I do?

  - by ChrisH

  This is a first for me. One of the sites I run was recently attacked. Not at all an intelligent attack - pure brute force - hit every page and every non-page with every extension possible. Posted with garbage data to every form and tried to post to some random urls too. All tod, 16000 requests in one hour. What should I do to prevent/alert this kind of behavior? Is there a way to limit the request/hr for a given ip/client? Is there a place I should be reporting the user to? They appear to be from China and did leave what seems like a valid e-mail.

  Read the article

• Can Solaris RBAC roles be ported to Linux using SElinux only?

  - by Jimmy

  We are migrating an application from Solaris to Linux and the main user is allowed, through the use of RBAC roles, to run a few system commands like svccfg/svcadm (chkconfig on redhat). Is it possible, using only SElinux (no sudo), to allow a normal user to run chkconfig off/on (basically give it the ability to add remove services) ? My approach was to try to create an SElinux user with a corresponding SElinux role that manages the app's domain/type and is allowed to transition to all other domains required to run chkconfig, tcpdump or any other system utility usually restricted to root access only. All my attempts so far have failed, so my second question would be where could I find good documentation that applies to this specific problem ?

  Read the article

• Ubuntu server; Backup of server and MySql database, and Solr database

  - by Camran

  How is backup done on ubuntu servers? I have a server (Ubuntu 9.10) which has apache2 installed, php5, mysql etc... The website is a classifieds website where all classifieds are stored in mysql and Solr. I need to backup this server with all information to be able to fully restore it if something goes wrong. How should I start? Is it an automated task, or will I do backups manually? (prefer manually) Thanks

  Read the article

• May the file size returned by stat be compromised?

  - by codeholic

  I want to make sure that nobody changed a file. In order to accomplish that, I want not only to check MD5 sum of the file, but also check its size, since as far as I understand this additional simple check can sophisticate falsification by several digits. May I trust the size that stat returns? I don't mean if changes were made to stat itself. I don't go that deep. But, for instance, may one compromise the file size that stat returns by hacking the directory file? Or by similar means, that do not require superuser privileges? It's Linux.

  Read the article

• "Slave" user accounts in GNU/Linux

  - by Vi

  How to make one user account to be like root for some other user account, e.g. to be able to read, write, chmod all it's files, chown from this account to master and back, kill/ptrace all it's processes and to all thinks root can, but limited only to that particular slave account? Now I'm simulating this by allowing "master" user to "sudo -u slaveuser" and setting setfacl -dRm u:masteruser:rwx ~slaveuser. It is useful as I run most desktop programs in separate user accounts, but need to move files between them sometimes. If it requires some simple kernel patch it is OK.

  Read the article

• How can I read password protected Word files on OS X ?

  - by Ohad

  I receive Word documents by mail and read them using the built-in Gmail reader. Sometimes the documents are password protected and I need to obtain access to a Windows machine with Office installed in order to read them. Is there a quicker / less hassle requiring method ? I don't want to have to install Vmware / Parallels nor Office on my fresh and sterile macbook.

  Read the article

• how to detect device type from connected device to router?

  - by molly

  i have a att router and there is an unknown device connected to my network. i cant seem to kick it off because of how att's router settings are created which is kind of dumb. i am able to see its local ip and mac address. i am on a mac with snow leopard. how can i get more information on the device with the information that i have? i want to see what kind of device it is, i have checked all deviced that are connected to the router and non seem to match the local ip that is connected. i have wpa encryption setup with a strong password.

  Read the article

• How secure is a subnet?

  - by HorusKol

  I have an unfortunate complication in my network - some users/computers are attached to a completely private and firewalled office network that we administer (10.n.n.x/24 intranet), but others are attached to a subnet provided by a third party (129.n.n.x/25) as they need to access the internet via the third party's proxy. I have previously set up a gateway/router to allow the 10.n.n.x/24 network internet access: # Allow established connections, and those !not! coming from the public interface # eth0 = public interface # eth1 = private interface iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -m state --state NEW ! -i eth0 -j ACCEPT iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow outgoing connections from the private interface iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT # Masquerade (NAT) iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE # Don't forward any other traffic from the public to the private iptables -A FORWARD -i eth0 -o eth1 -j REJECT However, I now need to enable access to users on our 129.n.n.x/25 subnet to some private servers on the 10.n.n.x/24 network. I figured that I could do something like: # Allow established connections, and those !not! coming from the public interface # eth0 = public interface # eth1 = private interface #1 (10.n.n.x/24) # eth2 = private interface #2 (129.n.n.x/25) iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -m state --state NEW ! -i eth0 -j ACCEPT iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -i eth0 -o eth2 -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow outgoing connections from the private interfaces iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT iptables -A FORWARD -i eth2 -o eth0 -j ACCEPT # Allow the two public connections to talk to each other iptables -A FORWARD -i eth1 -o eth2 -j ACCEPT iptables -A FORWARD -i eth2 -o eth1 -j ACCEPT # Masquerade (NAT) iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE # Don't forward any other traffic from the public to the private iptables -A FORWARD -i eth0 -o eth1 -j REJECT iptables -A FORWARD -i eth0 -o eth2 -j REJECT My concern is that I know that the computers on our 129.n.n.x/25 subnet can be accessed via a VPN through the larger network operated by the provider - therefore, would it be possible for someone on the provider's supernet (correct term? inverse of subnet?) to be able to access our private 10.n.n.x/24 intranet?

  Read the article

• Putting a Windows DC, Exchange in a DMZ

  - by blsub6

  I have one guy at my company telling me that I should put FF:TMG in between my main Internet-facing firewall (Cisco 5510) and put my Exchange server and DC on the internal network. I have another guy telling me that I should put the Exchange server and DC in a DMZ I don't particularly like the idea of having my mailboxes and DC's usernames/passwords in a DMZ and I think that Windows authentication would require me opening up so many ports between my DMZ and my internal network that it would be a moot point to have it out there anyways. What are some thoughts? How do you have it set up?

  Read the article

• How to reliably keep an SSH tunnel open?

  - by Peltier

  I use an SSH tunnel from work to go around various idotic firewalls (it's ok with my boss :)). The problem is, after a while the ssh connection usually hangs, and the tunnel is broken. If I could at least monitor the tunnel automatically, I could restart the tunnel when it hangs, but I haven't even figured a way of doing that. Bonus points for the one who can tell me how to prevent my ssh connection from hanging, of course!

  Read the article

• Retrieve malicious IP addresses from Apache logs and block them with iptables

  - by Gabriel Talavera

  Im trying to keep away some attackers that try to exploit XSS vulnerabilities from my website, I have found that most of the malicious attempts start with a classic "alert(document.cookie);\" test. The site is not vulnerable to XSS but I want to block the offending IP addresses before they found a real vulnerability, also, to keep the logs clean. My first thought is to have a script constantly checking in the Apache logs all IP addresses that start with that probe and send those addresses to an iptables drop rule. With something like this: cat /var/log/httpd/-access_log | grep "alert(document.cookie);" | awk '{print $1}' | uniq Why would be an effective way to send the output of that command to iptables? Thanks in advance for any input!

  Read the article

• Windows Server 2008 r2 Hardening [on hold]

  - by Natasha

  I have created windows server 2008 r2, running on VM, Where Running services in Server Manager 1) File services ( in Role) 2) Telnet Client ( Features) Windows Firewall Disabled and we are using TOMCAT APACHE WEB SERVER, here i want to harden the windows server, While running SCW by simply clicking with default NEXT, at last when i have clicked SAVE and RUN now in SCW, immediately my remote desktop services disabled. May I Know the things i want to add in Roles,features and finally want to harden windows ? and also what about audit policy and network settings in that ? Please help me out, Don't Ignore.

  Read the article

• Hardening Word and Reader against exploits

  - by satuon

  I have recently heard a lot about exploits for PDF and DOC files on Windows, which when opened in Reader or Word would infect the computer. I'm assuming most of those exploits rely on some kind of active content, I've heard that Reader allows JavaScript for example. I already have antivirus, but I've heard they often don't catch those types of exploits, so I want to try a little proactive defense. Is there a way to harden Reader and Word by disabling plugins or options that are often used by exploits?

  Read the article

• How to copy password from Mono-executed KeePass2 to xterm on Linux?

  - by Steve Emmerson

  I use KeePass2 to access username/password information in a Dropbox file. This allows convenient access from multiple devices. I can't seem to copy a password to the clipboard on my Linux 2.6.27.41-170.2.117.fc10.x86_64 system, however, in order to supply the password to a prompt in an xterm(1). I've tried both Ctrl+C/Ctrl+V and highlighting and mouse button 2 clicking. The KeePass2 program on the Linux system is executed by Mono. How can I copy the password to the xterm(1)? [Aside: I think we need a "KeePass" tag.] ADDENDUM: My mouse buttons were misconfigured: button 2 wasn't set to "copy". Sorry for the false alarm.

  Read the article

• Apache httpOnly Cookie Information Disclosure CVE-2012-0053

  - by John

  A PCI compliance scan, on a CentOS LAMP server fails with this message. The server header and ServerSignature don't expose the Apache version. Apache httpOnly Cookie Information Disclosure CVE-2012-0053 Can this be resolved by simply specifying a custom ErrorDocument for the 400 Bad Request response? How is the scanner determining this vulnerability, is it invoking a bad request then looking to see if it's the default Apache 400 response?

  Read the article

• Lotus Notes Access Logs - Where are the Logs found in Domino?

  - by RSXAdmin

  Where are the logs found in Domino? In particular, I am looking for access (login access times and IP address) logs for Lotus Notes web mail. Is it possible to view who logged in to a user's mailbox and when it was done?

  Read the article

• Setting the secure flag on cookies from Outlook Web Access

  - by Cheekysoft

  I'm running Exchange 2007 SP3 which is exposing outlook web access over only HTTPS. However the server delivers the sessionid cookie without the secure flag set. Even though I don't have port 80 open, this cookie is still vulnerable to being stolen over port 80 in the event of a man-in-the-middle attack. It also contributes to a PCI-DSS failure Does anyone know if I can persuade the web server/application to set the secure flag?

  Read the article

• How can I protect files on my NGiNX server?

  - by Jean-Nicolas Boulay Desjardins

  I am trying to protect files on my server (multiple types), with NGiNX and PHP. Basically I want people to have to sign in to the website if they want to access those static files like images. DropBox does it very well. Where by they force you to sign in to access any static files you put on there server. I though about using NGiNX Perl Module. And I would write a perl script that would check the session to see if the user was sign in to give them access to a static file. I would prefer using PHP because all my code is running under PHP and I am not sure how to check a session created by PHP with PERL. So basically my question is: How can I protect static files of any types that would need the user to have sign in and have a valid session created with a PHP script?

  Read the article

• Apache httpd: Send error logs to syslog and local disk? Without touching /etc/syslog.conf?

  - by Stefan Lasiewski

  I have an Apache httpd 2.2 server. I want to log all messages using syslog, so that the requests are sent to our central syslog server. I also want to ensure that all log messages are sent to local disk, so that a sysadmin can have easy access to the log files on the local system. It is easy to send HTTP access logs to both the local disk and to syslog. One common method is: LogFormat "%V %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined CustomLog logs/access_log combined CustomLog "|/usr/bin/logger -t httpd -i -p local4.info" combined But it is not easy to do this for error logs. The following configuration doesn't work, because the error logs only use the last ErrorLog stanza. The first ErrorLog stanza is ignored. ErrorLog logs/error_log ErrorLog syslog:local4.error How can I ensure that Apache errors logs are written to the local disk and are sent to syslog? Is it possible to do this without touching /etc/syslog.conf ? I am fine if my users want to manage their own Apache configuration files, but I do not want them touching system files such as /etc/syslog.conf

  Read the article

< Previous Page | 138 139 140 141 142 143 144 145 146 147 148 149  | Next Page >