Search Results

Search found 15914 results on 637 pages for 'physical security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 147/637 | < Previous Page | 143 144 145 146 147 148 149 150 151 152 153 154  | Next Page >

  • Wipe free space on LVM-LUKS (dm-crypt) Volume

    - by peter4887
    My three partitions for my system are created with LVM on a LUKS partition (dm-crypt). These are /home, / and swap. The filesystem is ext4. They are encrypted, because they are on my laptop and I don't want that some laptop thieves get my data. But I often share my laptop with other people so they can access my encrypted partitions. I don't want that these people can recover my cache and all the data I deleted. So I'm now trying to wipe all my free space on /home to prevent against recovering with tools like photorec. (one overwrite should do, the need of multiple overwriting is just a rumor) But still I haven't found any solution to wipe this free space successfully. I tried dd if=/dev/zero of=/home/fillitup bs=512 count=[count of free sectiors] so my partition was complete full of data. df /dev/mapper/home said 100% is used and there are 0 sectors available. But I could still recover gigs of data with photorec, although I selected to recover just form the free space. photorec displays: /dev/mapper/home - 340 GB / 317 GiB (RO) , but df displays that the size of /home is just 313G, why are there these differences and what did the 340GB means? It looks like there is a place on my /dev/mapper/home partition, that I can't access to overwrite, but I can access it to recover. I also checked for corrupted sectors, but there aren't any. Maybe this is the space between my existing files? Did anyone knows why I can't wipe my free space with dd, and how I can find the location of the loads of recoverable files, to securely delete them?

    Read the article

  • How to troubleshoot this memory usage?

    - by Camran
    I have a classifieds website. I use PHP, MySql, and SOLR. Solr uses a Servlet Container, in my case JETTY, which is java application. I just noticed that something was terribly wrong on my website. I opened the terminal and entered the "top" command and noticed that JAVA was EATING all the cpu and mem. Now I thought "Ok, maybe I need more mem and cpu" So I increased it. But along with the increase the java app started eating more. This has never happened before, and it is either a bug, or a hack of some kind. Anyways, I need to troubleshoot this now, and so I wonder how do I do this? Can I somehow pinpoint exactly when the memory usage started to go up from some error log? How does one troubleshoot this? How do I prevent it? Is it possible to prevent too many requests somehow, if they are within a timeline? Thanks

    Read the article

  • Outbound ports to allow through firewall - core requirements

    - by dunxd
    This question was asked before, but in a rather general way. I'm asking more specifically based on my current requirements. We have a number of remote offices made up of a bunch of PCs and an ASA 5505 which is used as firewall and VPN termination point. In the offices we share the internet connection with one or more other organisations over whom we have very little control, asides from the config on the ASAs. For a bunch of reasons I'd like to lock down these ASA 5505s to only allow outbound traffic to ports used by applications we know we need. I'm putting a standard config to roll out to all the ASAs, and if we need to open up ports for the other orgs we can do it on request. But I want to leave open the most commonly required ports so we can get up and running without waiting on other folks technical staff to get back. I plan to allow the following TCP ports to support email and web access, which I know everyone will need: POP3 (110 and 995) HTTP (80 and 443) IMAP4 (143 and 993) SMTP (25 and and 465) The question really is, what other ports do I need to leave open to allow for "normal" working? I've seen UDP port 53 for DNS as one. Are there any others that would be worth opening up? Just to note - I'll also be setting up monitoring systems to keep an eye on the ports we do allow. Any of the above could be misused of course. We'll also back all this up with signed agreements. But I'm aiming for a technical solutions where I don't have to start out with the full requirements of everyone we share connections with. See also: outbound ports that are always open

    Read the article

  • iptables: separate clients from each other

    - by Florian Lagg
    Hello, is there a way to separate clients in a subnet so that they cannot reach each other? The infrastructure currently looks like this: 192.168.0.1/24 Gateway, a CentOS box with iptables. 192.168.0.10-20 Some clients which may reach each other 192.168.0.30 A single client which should not be able to reach the hosts 192.168.0.10-20 should be able to reach the gateway and the internet I don't know if it is possible, maybe you could give me your ideas how it could be done. I cannot influence the machine 192.168.0.30 because it is a virtual machine I want to rent to someone. Thanks.

    Read the article

  • How to know if a file has 'access' monitor in linux

    - by J L
    I'm a noob and have some questions about viewing who accessed a file. I found there are ways to see if a file was accessed (not modified/changed) through audit subsystem and inotify. However, from what I have read online, according to here: http://www.cyberciti.biz/tips/linux-audit-files-to-see-who-made-changes-to-a-file.html it says to 'watch/monitor' file, I have to set a watch by using command like: # auditctl -w /etc/passwd -p war -k password-file So if I create a new file or directory, do I have to use audit/inotify command to 'set' watch first to 'watch' who accessed the new file? Also is there a way to know if a directory is being 'watched' through audit subsystem or inotify? How/where can I check the log of a file?

    Read the article

  • What are the best linux permissions to use for my website?

    - by Nic
    This is a Canonical Question about File Permissions on a Linux web server. I have a Linux web server running Apache2 that hosts several websites. Each website has its own folder in /var/www/. /var/www/contoso.com/ /var/www/contoso.net/ /var/www/fabrikam.com/ The base directory /var/www/ is owned by root:root. Apache is running as www-data:www-data. The Fabrikam website is maintained by two developers, Alice and Bob. Both Contoso websites are maintained by one developer, Eve. All websites allow users to upload images. If a website is compromised, the impact should be as limited as possible. I want to know the best way to set up permissions so that Apache can serve the content, the website is secure from attacks, and the developers can still make changes. One of the websites is structured like this: /var/www/fabrikam.com /cache /modules /styles /uploads /index.php How should the permissions be set on these directories and files? I read somewhere that you should never use 777 permissions on a website, but I don't understand what problems that could cause. During busy periods, the website automatically caches some pages and stores the results in the cache folder. All of the content submitted by website visitors is saved to the uploads folder.

    Read the article

  • what are these weird IP address connections in resource monitor?

    - by bill
    I decided to check out Resource Monitor (on the 'Performance' tab in Task Manager, Windows 7) and I noticed in the "Network" section that the 'System' image name kept making a bunch (~5 at a time) of connections to random IP addresses, it would show anywhere from 1-500 bytes/sec 'sent'. They would stay connected for 1-2 minutes. -All web browsers are closed So, first thing I did was run a trace from network-tools.com on some of these IP addresses. 8/10 were outside of US and did not resolve to any host name. Of the 10 IP addresses I traced, 2 were in US, 4 showed origins in China, and one each to Algeria, Russia, Pakistan, Korea. (!) So, the next thing I did was turn off my wireless card, watch the connections disappear, then turn the card back on, and within 30 seconds more random connections were created by System, with different IP addresses from the first time. The next thing I did was go open Task Manager, Show Processes From All Users, then I killed just about everything that wasn't (what appeared to be) a windows process. Turned on wi-fi, and again within 30 seconds, random IP addresses connect for ~ 1 min at a time, new ones coming and going. I occasionally use bit torrent on this machine, but there was definitely no process that seemed related to bt running after I went through task manager, and bt wasn't open to begin with. So, any ideas on what these connections might be for? I have been using Ad-Aware Free and AVG Free on this computer for a while now, always up to date..

    Read the article

  • no internet mail group / mail sending and delivery restrictions

    - by Jeff
    I run a win 2k8 a/d server and an win 2k8 exchange 07 server I have a group called 'No Internet Mail', i made it a distribution group. I tried to setup a transport rule on the exchange server that is configured as follows for outgoing: from a member of no internet mail and sent to users outside the organization redirect the message to administrator and send message refused, forwarded to administrator. Please talk to management for external email use. however , when i enable this it forwards everyones emails to me regardless if they are a member of the no internet mail group or not. not sure what im doing wrong, thanks in advanced.

    Read the article

  • An device with an unknown MAC address is connected to my router

    - by Yar
    There is a computer that is not mine that is accessible on my network. I can even access its filesystem via AFP. What I want to know is how the computer could get on my network. My network is secured like this: Does that mean that they've used password cracking tools? The pass is not easy to guess but not hard to figure out via brute-force hacking, I guess. If I am being hacked, should I switch to WPA?

    Read the article

  • Program for keeping encrypted files.

    - by Giorgi
    I am looking for a program which will encrypt files specified by me and allow me to view/edit/delete those files without creating a virtual disk. I do not want to have virtual disk as a domain administrator can access it so truecrypt is not the possibility. One possibility is to use winrar with password protected archive but winrar serves a different goal so it is not very user friendly for this purpose. If it's possible it would be nice if the program does not creates temp files while I open the files. Any suggestions?

    Read the article

  • How to change user for more rights on a SFTP client?

    - by Zenklys
    It is always suggested on first step to disable the remote root login for the SSH protocol. I have a low-right user able to connect via SSH and once connected, I simply su in order to gain more rights. Now when using a sFTP client, I use my low-right user and am thus able to do next to nothing. My question is : Is it possible to change user after login using 3rd party client, such as Transmit, Cyberduck, Filezilla ? PS : Mac clients would be great ;)

    Read the article

  • Running Solr on VPS problem

    - by Camran
    I have a VPS with Ubuntu OS. I run solr om my local machine (windows xp laptop) just fine. I have configured Jetty, and Solr just the same way as on my computer, but on the server. I have also downloaded the JRE and installed it on the server. However, whenever I try to run the start.jar file, the PuTTY terminal shows a bunch of text but gets stuck. I could pase the text here but it is very long, so unless somebody wants to see it I wont. Also, I cant view the solr admin page at all. Does anybody have experience in this kind of problem? Maybe java isn't correctly installed? It is a VPS so maybe installation is different. Thanks UPDATE: These are the last lines from the terminal, in other words, this is where it stops every time: INFO: [] webapp=null path=null params={event=firstSearcher&q=static+firstSearcher+warming+query+from+solrconfig.xml} hits=0 status=0 QTime=9 May 28, 2010 8:58:42 PM org.apache.solr.core.QuerySenderListener newSearcher INFO: QuerySenderListener done. May 28, 2010 8:58:42 PM org.apache.solr.handler.component.SpellCheckComponent$SpellCheckerListener newSearcher INFO: Loading spell index for spellchecker: default May 28, 2010 8:58:42 PM org.apache.solr.core.SolrCore registerSearcher INFO: [] Registered new searcher Searcher@63a721 main Also you should know that I installed jetty by just dragging the folders from my HD to the VPS server.

    Read the article

  • Disable modsec2 blacklist rule for specific hostname

    - by KevinL
    I have a server running Apache2 with mod_security2. In modsec2.user.conf, there is a blacklist rule: ###BLACKLIST### SecRule REQUEST_URI "mkdir" I need to disable that rule for just one hostname on the server. I realize I could just remove it entirely but I'd rather keep it on for the other sites. I realize you can use the SecRuleRemoveByID directive, based on each rule's ID, but as you can see above, this has no ID, it's just a string. How do I disable that rule for just www.example.com, is there something I can do in custom.conf, whitelist.conf or exclude.conf ?

    Read the article

  • Is the guideline: don't open email attachments or execute downloads or run plug-ins (Flash, Java) from untrusted sites enough to avert infection?

    - by therobyouknow
    I'd like to know if the following is enough to avert malware as I feel that the press and other advisory resources aren't always precisely clear on all the methods as to how PCs get infected. To my mind, the key step to getting infected is a conscious choice by the user to run an executable attachment from an email or download, but also viewing content that requires a plug-in (Flash, Java or something else). This conscious step breaks down into the following possibilities: don't open email attachments: certainly agree with this. But lets try to be clear: email comes in 2 parts -the text and the attachment. Just reading the email should not be risky, right? But opening (i.e. running) email attachments IS risky (malware can be present in the attachment) don't execute downloads (e.g. from sites linked from in suspect emails or otherwise): again certainly agree with this (malware can be present in the executable). Usually the user has to voluntary click to download, or at least click to run the executable. Question: has there ever been a case where a user has visited a site and a download has completed on its own and run on its own? don't run content requiring plug-ins: certainly agree: malware can be present in the executable. I vaguely recall cases with Flash but know of the Java-based vulnerabilities much better. Now, is the above enough? Note that I'm much more cautious than this. What I'm concerned about is that the media is not always very clear about how the malware infection occurs. They talk of "booby-trapped sites", "browser attacks" - HOW exactly? I'd presume the other threat would be malevolent use of Javascript to make an executable run on the user's machine. Would I be right and are there details I can read up on about this. Generally I like Javascript as a developer, please note. An accepted answer would fill in any holes I've missed here so we have a complete general view of what the threats are (even though the actual specific details of new threats vary, but the general vectors are known).

    Read the article

  • My servers been hacked EMERGENCY

    - by Grant unwin
    I'm on my way into work at 9.30 pm on a Sunday because our server has been compromised somehow and was resulting in a DOS attack on our provider. The servers access to the Internet has been shut down which means over 5-600 of our clients sites are now down. Now this could be an FTP hack, or some weakness in code somewhere I'm not sure till j get there. Does anyone have any tips on how I can track this down quickly. Were in for a whole lot of litigation if I dont get the server back up asap. Any help appreciated.

    Read the article

  • Fully secured gateway web sites

    - by SeaShore
    Hello, Are there any web sites that serve as gateways for fully encrypted communication? I mean sites with which I can open a secured session, and then to exchange through them with other sites in a secure way both URLs and content? Thanks in advance. UPDATE Sorry for not being clear. I was wondering if there was a way to access any site over the Internet (http or https) without letting any Intranet-proxy read the requested URL or the received content. My question is whether such a site exists, e.g.: I am connected to that site via https, I send it a URL in a secured way, the site gets the content from the target site (possibly in a non-secured way) and returns to me the requested content in a secured way.

    Read the article

  • Windows File Checksums - Is my system hacked?

    - by rism
    I would like to know if there is a utility to verify the checksums of every windows file on my Win 7 Ultimate system. It seems on the surface such an obvious utility but I dont ever remember seeing one? I had a very weird experience while surfing earlier today and now Im not entirely sure my system is secure. I have a collection of tools in the WSCC suite but these tools no doubt just make system calls to the win32 api and if that has been subverted then the tools are practically useless. How do I know my Win 7 files are actually Win 7 files? I am particularly interested in verifying the integrity of all network TCP/IP files.

    Read the article

  • Ubuntu server users question

    - by Camran
    I have read this article: https://help.ubuntu.com/9.04/serverguide/C/user-management.html But it doesn't go into depth with the privileges section. I need to know how to set privileges of me (as a user). I am the only user, but I want access to everything, but I don't want to manage my VPS logged in as root. So I am creating a username. Anybody have a list of privileges, what they mean and how to set them? Thanks

    Read the article

  • On my Mac, under the 'Shared' folder it shows another computer in my house, am I hacked?

    - by user27449
    I didnt' setup any connection to another computer in my house (its a PC), and I just noticed under my 'Shared' folder in the file explorer on my Mac laptop I see the name of the PC. How could this have shown up when I didn't even try to connect to it before? Could I possibly be hacked or is this normal it just scanned our internal wireless network? I havent' setup any kind of network really, just have a wireless modem that other computers share.

    Read the article

  • Jail user to home directory while still allowing permission to create and delete files/folders

    - by Sevenupcan
    I'm trying to give a client SFTP access to the root directory of their site on my server (Ubuntu 10.10) so they can manager their website themselves. While I have been successful in jailing a user to a directory and giving them SFTP access; they are only allowed to create and delete new files in sub directories (the directories they own). This means that I must give them access to the parent directory to the root of their site. How can I limit them to the root of their site (for example public_html) while still allowing them the ability create and delete files. All the tutorials I have read suggest that the root must be the owner of the user's home directory, which prevents them from write access inside that directory. I'm relatively new to managing my own server so any advice would be very grateful. Many thanks.

    Read the article

  • How to automatically copy a file uploaded by a user by FTP in Linux (CentOS)?

    - by Buttle Butkus
    Outside contractor says they need read/write/execute permissions on part of the filesystem so they can run a script. I'm ok with that, but I want to know what they're running, in case it turns out there is some nefarious code. I assume they are going to upload the file, run it, and then delete it to prevent me from finding out what they've done. How can I find out exactly what they've done? My question specifically asks for a way of automatically copying the file, which would be one way. But if you have another solution, that's fine. For example, if the file could be automatically copied to /home/root/uploaded_files/ that would be awesome.

    Read the article

  • How to forbid postfix to send to external domains [closed]

    - by elhoim
    I have a local postfix server, and i want it to only relay emails to the only local domain (localdomain.be): myhostname = localdomain.be mydomain = localdomain.be alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = $myhostname mydestination = $myhostname relay_domains = $mydomain default_transport = smtp relayhost = mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 10.0.0.0/24 mailbox_size_limit = 64000000 message_size_limit = 1000000 recipient_delimiter = + inet_interfaces = all inet_protocols = all smtp_host_lookup = native This configuration works fine to allow relay mail locally and on external destination domains, but i would like it to be an impossibility to send to other domains (ie: gmail.com). relay_domains is supposed to ensure that but it does not seem to really filter since i can still send to my gmail address.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 143 144 145 146 147 148 149 150 151 152 153 154  | Next Page >