Search Results

Search found 30932 results on 1238 pages for 'rogue security software'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 283/1238 | < Previous Page | 279 280 281 282 283 284 285 286 287 288 289 290  | Next Page >

  • How to secure svn+ssh checkout users?

    - by vvanscherpenseel
    All our SVN repositories are hosted on a dedicated machine on which all the developers have access. Every now and then we need to checkout a repository on a machine we don't own or operate ourselves. Currently we all use our own system (SSH) account for this, but instead I would like to use some generic 'checkoutsvn' user that can be used for this. This user is only used for checking out from a repository, but should not be allowed to log in to the system (no shell access). I tried to do this by setting the default shell of that account to /sbin/nologin but then SVN fails, as apparently svn+ssh requires shell access. How do you do this? Is there a good solution for this?

    Read the article

  • Connect iPad to windows 7 VPN

    - by Linuz
    My iPad keeps spitting out the error: "A connection could not be established to the PPP server." I am trying to connect it to a VPN I set up with Windows 7 as an incoming connection. On the iPad, I went into the VPN settings, added a new PPTP VPN with the following information Server: Windows 7 Computer's IP RSA SecurID: OFF Account: Account Username Password: Account Password Encryption Level: Auto Send All Traffic: ON Proxy: Off Now I know that it is making some connection to the Windows 7 Computer because whenever I intentionally put in the wrong VPN password on the iPad, it makes me put in the correct one before trying to connect again. All the ports are forwarded on my router for PPTP, and my Windows 7 Firewall is even off to try to get this to work. Any help would be greatly appreciated, thanks.

    Read the article

  • How do I remove the ServerSignature added by mod_fcgid?

    - by matthew
    I'm running Mod_Security and I'm using the SecServerSignature to customize the Server header that Apache returns. This part works fine, however I'm also running mod_fcgid which appends "mod_fcgid/2.3.5" to the header. Is there any way I can turn this off? Setting ServerSignature off doesn't do anything. I was able to get it to go away by changing the ServerTokens but that removed the customization I had added.

    Read the article

  • Windows - Decrypt encrypted file when user account is destroyed

    - by dc2
    I have a Virtual Machine running on my Windows Server 2008 computer that originally was received by me encryped, as the builder of the VM did it on a MAC, which decrypts files by default. I never thought to decrypt these files, as they automatically 'decrypt' when you have permission over them, so the VM has been running for over a year despite the encryption. I just upgraded my computer to Domain Controller (dcpromo.exe). Now when I try to access/run the VM, I can't because I don't have permission to decrypt the files as that was on another logon (local administrator) and now I am the domain administrator. Apparently the local admin is totally nuked when you upgrade to domain controller. I have tried EVERYTHING - taking ownership of the files, which works. Doesn't do anything for me. Adding full control to everyone on the files. I go to File Properties Advanced Details (under encryption) Users who can access this file. The only user is administrator@localcomputername, and there is a cert number. I try adding a new cert, I don't have permission. I don't have permission to: Decrypt the file (access is denied). Copy the file (to another computer) - access denied. I am totally stumped and this VM is a production machine and needs to get up right now. Does anyone have any ideas?

    Read the article

  • Permissions required to look up a domain user's group memberships

    - by adrianbanks
    I am writing some code to look up the members of particular domain groups. Does the user that this application runs as need any particular permissions on the domain to get this information? Background: I have already determined that the application needs to be run as a domain user to be able to query information from the domain. I have a list of group names and for each group, I need to look up the members of that group on the domain and get their names/usernames.

    Read the article

  • How to configure mercurial access controls using apache and hgweb?

    - by Gj1
    I have set up a mercurial repo to be served using apache+wsgi+hgweb on OS X. It is now completely open to anyone who stumbles upon my server on the correct port number.. How can I set it up so that only people with a username+password pair that I approve can pull and/or push from the repo? I know how to very easily achieve this using ssh, but in this specific case the requirement is that the solution doesn't require defining full fledged user accounts on the machine for each person whom I'd like to give access to the repo.

    Read the article

  • Securing debain with fail2ban or iptables

    - by Jimmy
    I'm looking to secure my server. Initially my first thought was to use iptables but then I also learnt about Fail2ban. I understand that Fail2ban is based on iptables, but it has the advantages of being able to ban IP's after a number of attempts. Let's say I want to block FTP completely: Should I write a separate IPtable rule to block FTP, and use Fail2ban just for SSH Or instead simply put all rules, even the FTP blocking rule within the Fail2Ban config Any help on this would be appreciated. James

    Read the article

  • How do I securely share my server?

    - by Blue
    I have a large dedicated server running Debian and I want to share it with about 6 friends of mine. I know I can simply just use adduser to create user accounts for them, but I want to know if they can, even as a regular user without root permissions, do anything malicious. I know by default they have read permissions for other users in the /home, and can solve that with chmod, but I just want to make sure that there's nothing else they can do. And also, is there any kind of script or program that makes it easier to create and manage shell users on a server?

    Read the article

  • Any FTP clients for Mac OS X that support upload via temporary filename?

    - by Chris582
    Hi, does anybody know of a FTP client (for Mac OS X) that supports uploading to a temporary filename? When overwriting a file on the server, most FTP clients first empty the file and then proceed to upload new content. (Which is how FTP is supposed to work, so everything is fine.) However, what I would like to see is that the FTP client uploads content to a temporary file and once all the content is on the server, replaces original file. This is good feature, because existing file is upgraded almost instantaneously; otherwise, it would be "broken" while the upload is still in progress. On Windows, this feature is available in WinSCP, but I have not found any options for Mac, so far. Any recommendations?

    Read the article

  • Protecting a SVN server

    - by user35072
    For various reasons we are finding it increasingly difficult to work with remote workers. We are a very small developer shop and it's becoming impractical to do manual merges on a daily basis. So we're left with little choice (?) but to consider opening up our SVN servers. I'm looking into the following: Full HTTPS session Running non-80 port Strong password policy Is this enough to prevent someone hacking and stealing data? I will also look into VPN but first would like to understand any alternative solutions.

    Read the article

  • Client-side certificates

    - by walshms
    My company purchased a wildcard certificate from a vendor. This certificate was successfully configured with Apache 2.2 to secure a subdomain. Everything on the SSL side works. Now I'm required to generate x509 client-side certificates to issue for this subdomain. I'm following along this page: (http://www.vanemery.com/Linux/Apache/apache-SSL.html), starting with "Creating Client Certificates for Authentication". I've generated the p12 files and successfully imported them into Firefox. When I browse to the site now, I get an error in FireFox that says "The connection to the server was reset while the page was loading." I think my problem is coming from not signing the client-side correctly. When I sign the client-side certificate, I'm using the PEM file (RapidSSL_CA_bundle.pem) from RapidSSL (who we bought the certificate from) for the -CA argument. For the -CAkey argument, I'm using the private key of the server. Is this correct?

    Read the article

  • Several border firewalls in the same network

    - by nimai
    I'm currently analyzing the consequences of multipath connections for the firewalls. In that context, I'm wondering if it's really uncommon to have several firewalls at the borders of a network to protect it. The typical case I'd imagine would be a multihomed network, for which the administrator would have different policies for links from different (or not) ISPs. Or maybe even in an ISP's network. What would be the practical (dis)advantages of such a configuration? Could you provide an example of an existing topology using several border firewalls?

    Read the article

  • Rookie file permissions question

    - by Camran
    What is the ending 'r' for and the leading 'd' for in file permissions on Linux? Example: drwxr-xr-x I know about the user, group, others part, and I know w=write, r=read, x=execute. But I don't know about the leading 'd' and the trailing 'r'. Care to explain? Thanks

    Read the article

  • TCP: Treason uncloaked!

    - by hurikhan77
    On one linux server (Gentoo hardened), we are experiencing bursts of the following messages in dmesg from time to time: TCP: Treason uncloaked! Peer xx.xx.xxx.xxx:65039/80 shrinks window 4094157295:4094160199. Repaired. Is there anything we should take care of or is this normal?

    Read the article

  • Why is it good to have website content files on a separate drive other than system (OS) drive?

    - by Jeffrey
    I am wondering what benefits will give me to move all website content files from the default inetpub directory (C:) to something like D:\wwwroot. By default IIS creates separate application pool for each website and I am using the built-in user and group (IURS) as the authentication method. I’ve made sure each site directory has the appropriate permission settings so I am not sure what benefits I will gain. Some of the environment settings are as below: VMWare Windows 2008 R2 64 IIS 7.5 C:\inetpub\site1 C:\inetpub\site2 Also as this article (moving the iis7 inetpub directory to a different drive) points out, not sure if it's worth the trouble to migrate files to a different drive: PLEASE BE AWARE OF THE FOLLOWING: WINDOWS SERVICING EVENTS (I.E. HOTFIXES AND SERVICE PACKS) WOULD STILL REPLACE FILES IN THE ORIGINAL DIRECTORIES. THE LIKELIHOOD THAT FILES IN THE INETPUB DIRECTORIES HAVE TO BE REPLACED BY SERVICING IS LOW BUT FOR THIS REASON DELETING THE ORIGINAL DIRECTORIES IS NOT POSSIBLE.

    Read the article

  • Computer Invisible On Domain

    - by Giawa
    Good afternoon, I'm sorry that this isn't a programming question specifically, but stackoverflow has been great at answering questions in the past, so I thought I'd give it a shot. One of our Linux users attempted to install Cygwin on our Windows Server 2008 Domain Controller. Now it is no longer possible to browse the domain and see all of the computers. For example, \\my_domain_name will just bring up a username/password dialog box (that will not accept any username or password, even the domain administrator) and no computers will ever be listed. However, I can still connect to computers based on their name or IP address. So \\eridanus or \\192.168.1.85 still work to connect to the shared directories of computers on our network. Does anyone know where I can find these settings? and how I can fix this problem? Thanks, Giawa

    Read the article

  • Our server hosting provider asked for our root password

    - by Andreas Larsson
    I work at a company that develops and hosts a small business critical system. We have an "Elastic cloud server" from a professional hosting provider. I recently got an email from them saying that they've had some problems with their backup solution and that they needed to install a new kernel. And they wanted us to send them the root password so they could do this work. I know that the email came from them. It's not [email protected] or anything like that. I called them and asked them about this, and they were like "yep, we need the password to do this". It just seems odd to send the root password over email like this. Do I have any reason to be concerned?

    Read the article

  • Pass parameters to a script securely

    - by codeholic
    What is the best way to pass parameters to a forked script securely? E. g. passing parameters through command line operands is not secure, since someone who has an account on the host can run ps and see them. Unnamed pipe is quite secure, as far as I understand, isn't it? I mean, passing parameters to STDIN of the forked process. What about passing parameters in environment vars? Is it secure? What about passing parameters by other means I didn't mention?

    Read the article

  • How to set up Drupal Plugin Manager on MAMP in a secure way?

    - by Andrei
    Hi, I use MAMP PRO as global webserver. First of all, is it a good idea? Secondly, my objective is to run a Drupal website with as easy management as possible. Now I want to use Plugin Manager module to install additional modules and themes for my website. It wants to use ftp for that, and I know that if I open access to FTP port then IT-department guys will come to me and ask to shut it down. So I wonder if there is a way to allow Plugin Manager to install modules, having the port 21 closed somehow?

    Read the article

  • How to know if a file has 'access' monitor in linux

    - by J L
    I'm a noob and have some questions about viewing who accessed a file. I found there are ways to see if a file was accessed (not modified/changed) through audit subsystem and inotify. However, from what I have read online, according to here: http://www.cyberciti.biz/tips/linux-audit-files-to-see-who-made-changes-to-a-file.html it says to 'watch/monitor' file, I have to set a watch by using command like: # auditctl -w /etc/passwd -p war -k password-file So if I create a new file or directory, do I have to use audit/inotify command to 'set' watch first to 'watch' who accessed the new file? Also is there a way to know if a directory is being 'watched' through audit subsystem or inotify? How/where can I check the log of a file?

    Read the article

  • Cannot access an application folder in Program files

    - by GiddyUpHorsey
    I recently installed Windows 7 Professional 64bit on a new machine. I installed an application using a ClickOnce installer. The application runs fine, but I cannot access the application folder it created in c:\Program files (x86). It bombs with access denied. I try to view the properties on the folder and it takes about 1 minute to display (other folders take 1 second). It says I cannot view any information because I'm not the owner. It doesn't say who the current owner is (instead - Unable to display current owner.) but says I can take ownership. When I try it fails again with Access Denied, even though I have administrative permissions. Why can't I access this folder nor take ownership?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 279 280 281 282 283 284 285 286 287 288 289 290  | Next Page >