Search Results

Search found 14780 results on 592 pages for 'low level'.

Page 315/592 | < Previous Page | 311 312 313 314 315 316 317 318 319 320 321 322 | Next Page >

Security question pertaining web application deployment

- by orokusaki

I am about to deploy a web application (in a couple months) with the following set-up (perhaps anyways): Ubuntu Lucid Lynx with: IP Tables firewall (white-list style with only 3 ports open) Custom SSH port (like 31847 or something) No "root" SSH access Long, random username (not just "admin" or something) with a long password (65 chars) PostgreSQL which only listens to localhost 256 bit SSL Cert Reverse proxy from NGINX to my application server (UWSGI) Assume that my colo is secure (Physical access isn't my concern for the time being) Application-level security (SQL injection, XSS, Directory Traversal, CSRF, etc) Perhaps IP masquerading (but I don't really understand this yet) Does this sound like a secure setup? I hear about people's web apps getting hacked all the time, and part of me thinks, "maybe they're just neglecting something", but the other part of me thinks, "maybe there's nothing you can do to protect your server, and those things are just measures to make it a little harder for script kiddies to get in". If I told you all of this, gave you my IP address, and told you what ports were available, would it be possible for you to get in (assuming you have a penetration testing tool), or is this really protected well.

Read the article
HTTP Non-persistent connection and objects splitting

- by Fabio Carello

I hope this is the right board for my question about HTTP protocol with non-persistent connections. Suppose a single request for a html object that requires to be split in two different HTML response messages. My question is quite simple: do the connection will be closed after the first packet dispatch and then the other one will be sent on a new connection? I can't figure out if the non-persistent connection is applied at "single object level" (does't care if on multiples messages) or for every single message. Thanks for your answers!

Read the article
AIX network parameters to close TCP sockets of unplugged devices

- by ADD Geek

Hi there We have an AIX box, running what we call in banking "ATM Switch" not the ATM networking switch, but the bank ATM driver. where we have some ATM machines connected to two server processes. The problem is, when we disconnect any of these machines, the netstat -na| grep <port number> command shows that the socket established for this disconnected device is still established, we have to manually send a command from the software to make the socket aware that it is not live anymore. Is there a parameter on tcp level to make this connection aware within a minute or two that this device is not connected anymore? we had the following parameters set with root privileges: no -o tcp_keepidle=1000 no -o tcp_keepcnt=2 no -o tcp_keepintvl=150 no -o tcp_finwait2=100 it was originally having the default values. but even after we changed these parameters and restarted the server processes, the problem was still there.

Read the article
How to install Autoconf on OS X from source?

- by chacham15

I want to install autoconf, automake, m4, automake, etc. from the source. The problem is anything that I try and install i have to rely on autoconf. Therefore, I am trying to install autoconf i get configure.ac:30: require Automake 1.11, but have 1.10 I try to install automake, the bootstrap reports: configure.ac:20: error: Autoconf version 2.68 or higher is required configure.ac:20: the top level autom4te: /usr/bin/gm4 failed with exit status: 63 aclocal.tmp: error: autom4te failed with exit status: 63 Autoconf version: autoconf (GNU Autoconf) 2.61 Automake version: automake (GNU automake) 1.10 OS X Version: 10.7.2 XCode Version: 4.2.1

Read the article
How does java permgen relate to code size

- by brad

I've been reading a lot about java memory management, garbage collecting et al and I'm trying to find the best settings for my limited memory (1.7g on a small ec2 instance) I'm wondering if there is a direct correlation between my code size and the permgen setting. According to sun: The permanent generation is special because it holds data needed by the virtual machine to describe objects that do not have an equivalence at the Java language level. For example objects describing classes and methods are stored in the permanent generation. To me this means that it's literally storing my class def'ns etc... Does this mean there is a direct correlation between my compiled code size and the permgen I should be setting? My whole app is about 40mb and i noticed we're using 256mb permgen. I'm thinking maybe we're using memory that could be better allocated to dynamic code like object instances etc...

Read the article
Properly Hosting Multiple Sites on VDS

- by Aristotle

I'm going to be moving about 7-10 websites (5-8 with Databases - MySQL) onto our new Virtual Private Server. I'm curious what the best way to host many sites on a single server is though. Do I create a directory for each site immediately within my root directory, and then point the domain names for each site to http://123.123.123.123/siteDirectory - or is there a more appropriate way to do this? I'm very interested in maintining control over how many concurent connections each site can have at any given time - would I be able to do that on the directory-level, or am I required to limit the concurrent-connections to the VPS itself?

Read the article
nginx dynamic servername with regular expression doesn't work for co.uk

- by redn0x

I'm trying to setup a nginx server which dynamically loads content from a folder for a domain. To do this I'm using regular expressions in the server name like so: server_name ((?<subdomain>.+)\.)?(?<domain>.+)\.(?<tld>.*); This will create a 3 variables for nginx to use later on, for example when using the following url: test.foo.example.com this will evaluate to: $subdomain = test.foo $domain = example $tld = com The problem arises when the co.uk top-level domain is used. In this case when using the url test.foo.example.co.ukit will evaluate to: $subdomain = test.foo.cedira $domain = co $tld = uk How can I edit the regular expression so that it will also work for co.uk?

Read the article
Mail server hammering

- by Rodrigo

I've noticed a quick increase on smtp connections coming to my server, investigating it further i figured out that there's a botnet hammering my smtp server. I've tried to stop it by adding a rule at iptables: -N SMTP-BLOCK -A SMTP-BLOCK -m limit --limit 1/m --limit-burst 3 -j LOG --log-level notice --log-prefix "iptables SMTP-BLOCK " -A SMTP-BLOCK -m recent --name SMTPBLOCK --set -j DROP -A INPUT -p tcp --dport 25 -m state --state NEW -m recent --name SMTPBLOCK --rcheck --seconds 360 -j SMTP-BLOCK -A INPUT -p tcp --dport 25 -m state --state NEW -m recent --name SMTP --set -A INPUT -p tcp --dport 25 -m state --state NEW -m recent --name SMTP --rcheck --seconds 60 --hitcount 3 -j SMTP-BLOCK -A INPUT -p tcp --dport 25 -m state --state NEW -j ACCEPT That would avoid them from hammering "too fast", however the problem still, there's like 5 tries per second, it's going insane, i had to incrase the maximum number of childs of sendmail/dovecot. There's too many ips to filter out manually and simply changing the smtp to another port is not practical since i got many other clients on that server. I'm using sendmail with dovecot, any ideas to have this filtered out more efficiently?

Read the article
How to avoid Memory "Hard Fault/sec"

- by Flavio Oliveira

i've a problem on my windows 2008 server x64, and i cannot understand how can i solve it. i'm looking to Resource Monitor and see about 100 to 200 hard faults/sec. and generally the machine is slow. As i've readed a bit it is caused by a "memory Page" that is no longer available on physical memory and causes a io operations (disk) and it is a problem. The current hardware is a intel core2duo E8400 (3.0GHz) with 6GB RAM on a Windows Server Web 64-bit. Actually the machine have about 2GB Ram used what having 4Gb available to use, Why is the machine requires that high level of Disk operations? what can i do to increase the performance? Im experiencing a memory issues? what should be my starting point?

Read the article
How secure is Remote Desktop from Mac OS X to Windows Server 2003?

- by dwhsix

It's unclear to me exactly how secure Remote Desktop access from Mac OS X to a Windows Server 2003 machine is. Is the communication encrypted by default? What level of encryption? Are there best practices for making this as secure as possible? I found http://www.mobydisk.com/techres/securing_remote_desktop.html but it's unclear how much of that is still relevant for current versions of RDP and Windows Server. I know I can tunnel RDP over ssh, but is that overkill or redundant?

Read the article
DB2 users and groups

- by Arun Srini

Just want to know everyone's experience and take on managing users/authentication on a multi-node db2 cluster with users groups. I have 17 apps in production (project based company, only 2 online apps), and some 30 users with 7 groups. prodsel - group that has select privilege on all tables produpdt - update group on selective tables (as required by the apps) proddel - delete prodins - insert permissions for the group Now what my company does is when an app uses certain user (called app1user), and needs select and insert privilege on a table, they 1. grant select and insert for prodsel, prodins respectively 2. add the user under those two groups... now this creates one to many relationship between user and privileges, and this app1user also gets select on other tables granted for the prodsel group. I know this is wrong. Before I explain, I need to know how this is done elsewhere. Please share your experiences, even if you use other Databases that uses OS level authentication.

Read the article
Umbraco on Windows 7 64-bit

- by HeavyWave

I'm trying to install Umbraco CMS on Windows 7 64-bit and I get the following exception: [HttpException (0x80004005): Could not load file or assembly 'ImageManipulation, Version=1.0.2105.41209, Culture=neutral, PublicKeyToken=null' or one of its dependencies. Failed to grant minimum permission required. The application pool's trust mode is set to 'Full', all the user permissions are just as on other sites hosted on the same machine. I went through all relevant topics on Umbraco's forum, but all advices are about the trust level. How do I fix this?

Read the article
Looking for a software to keep track of backup media

- by Tarnschaf

Hi, I am looking for a software that allows me to enter my used backup media (e.g. DVD1, DVD2) my backed-up assets in high-level (such as "family-photos from 2003", "laptop drivers") details of the assets ("Ninas Birthday 2003") where the backup media is currently stored when the media has been burned (to re-burn in case of media degeneration) Of course it should be possible to navigate from media to assets and backwards. I also thought about marking assets as "deprecated". If all assets on a media are deprecated, the program should tell me so I don't have to keep it any more. Does anybody know a program with this feature-set or will I have to start my own in say Access?

Read the article
Considerations for a business looking to transition from PSTN to IP Telephony

- by Bryce Thomas

Full disclosure - This is related to a homework assignment question. I am not asking you to do my work for me, I am merely looking for some pointers and considerations to direct me in my further research. I have an assignment I'm working on where I've been given a scenario where a business wants to look into transitioning to using "Internet Telephone" as opposed to a traditional PSTN/PBX system and I need to write a report on it. I'm after some high level pointers from people, especially anyone that has been involved in a real life transition of this nature, on what some of the most important considerations are. These can be financial considerations, initial setup considerations, ongoing administrative considerations, quality of service considerations or anything else that is pertinent to performing such a transition.

Read the article
How many users are "many users"?

- by kemp

I need to find a solution for a website which is struggling under load. The site gets ~500 simultaneous connections during peak time, and counts around 42k hits per day. It's a wordpress based site bridged with a vbulletin forum with a lot of contents and a fairly complex structure which makes intensive use of the database. I already implemented code level full page caching (without this the server just crashes), and configured all other caching directives as well as combining css files and the like to limit http requests as much as possible. I need to understand if there is more that can be done via software or if the load is just too much for the server to handle and it needs to be upgraded, because the server goes down occasionally during peak times. Can't access the server now, but it's a dedicated CentOS machine (I think 4GB ram, can't say what CPU) running apache/mysql. So back to the main question: how can I know when the users are just too many?

Read the article
Visual Studio 2005 Open Project Dialog Slow as Molasses

- by futureelite7

Whenever I try to open a project in Visual Studio 2005 (Windows XP), my open project dialog become slow as molasses - navigating down one level of folders typically takes almost 60 seconds. Finding the project and opening it can take up 4-5 minutes, which is just ridiculous. I've checked the open project dialogs of other programs - only VS2005 is acting this way. What could be causing this problem and how do I go about solving it (apart from reinstalling VS2005 / windows) (Edit: Even VS2008 on the same machine does not have this problem. I don't know what's wrong.) Thanks!

Read the article
Linux Logitech QuickCam Pro 9000 - microphone issues

- by drahnr

I got a Logitech Quickcam Pro 9000, the cam itself is working as it honors the UVC spec. This fancy WebCam has a integrated mic which worked some time before but now, it does no more. (Note: I use pulseaudio as it is a USB Mic and I am not really keen on the hassle of ALSA setup) Things I check already are if it gets detected at all: $ lsusb |grep Logi Bus 002 Device 002: ID 046d:0809 Logitech, Inc. Webcam Pro 9000 is muted in alsa-mixer - not the case, volume at 100 pavucontrol shows it too, but no input level bar! On top of that, if I open the gnome3 (fallback mode) audio panel(from the desktop panel), and disabel/reenable it in the hardware tab, it works "for some time"... Any hints? Any ideas? I am really out options for now, and the fact it worked like 6 months ago (perfectly) makes it no better.

Read the article
how to rotate one squid user among multiple IPs based on number of requests processed by each IP

- by Arvind

I want to set up a Squid ACL in the following manner-- For example, my Squid Proxy Server has 10 IP addresses- now I have a user 'demouser'. I want that for the very first request sent to 'demouser' this user uses IP address #1, for the second request it uses IP address #2, for the 3rd request of the day it uses IP address #3 and so on till it uses up all IPs. One more level of control I would like is that once the user has used up all available IP addresses once per address, then it does not allow the proxy request to go through. How do I set up such a configuration on Squid Proxy server ACL? Even a document or how to would be very helpful. The official wiki talks about one 'weird' case- choosing an IP address based on time of day the request was made to the proxy server. The other cases are all regular use cases which are not even remotely near my requirement as specified above.

Read the article
Can an LDAP query on AD provide the netbios domain name for a single account when using the Global Catalog?

- by Kirk Liemohn

I am using ADSI Edit to look at LDAP properties of a single user account in AD. I see properties such as userPrincipalName, but I do not see one for the fully qualified domain name (FQDN) or the netbios domain name. We will be setting up the Global Catalog (GC) to give us LDAP access to multiple domains and through configuration in an application we map LDAP properties to user profile properties within the application. With typical AD the FQDN and netbios domain name are the same for all users, but with the GC involved we need this additional information. We really only need the netbios domain name (the FQDN is not good enough). Maybe there is a LDAP query that can be done to request this information from a more top-level object in AD?

Read the article
Architecture behind live streaming [on hold]

- by l19

I'm a Comp Sci undergraduate student, and I'm currently trying to understand the architecture behind streaming. I hear several terms and I'm not quite sure how they are related (e.g. streaming, broadcasting, ingesting, etc.) Is there a blog post or book that explains: How it all works in a high-level view (the workflow) The architecture (i.e. I capture content using my camera and want to display it real-time to an audience. I imagine that the content will be transferred to a server, but how does that server transmit the information to several users simultaneously?) Thanks!

Read the article
Can Resource Governor for SQL Server 2008 be scripted?

- by blueberryfields

I'm looking for a method to, in real-time, automatically, adjust Resource Governor settings. Here's an example: Imagine that I have 10 applications, each hitting a different database on the same database machine. For normal operations, they do not hit the database very hard, so I might want each one to have 10% CPU power reserved. Occasionally, though, one or two of them might spike, and run an operation which could really use the extra power to run faster. I'd like to be able to adjust to compensate (say, reducing the non-spiking apps to 3%, and splitting the difference between the spiking apps). This is a kind of poor man's method of trying to dynamically adjust resource allocation and priorities. Scripts (or something script-like) is preferred, since the requirement is for meta-level adjustments to be possible in real-time, also.

Read the article
Blocking the Apple OS X App Store

- by Jon Rhoades

Being the evil corporate IT overlords we need to block the new OS X App Store. As you may be aware the 10.6.6 update installs the App Store App which allows users to download and install apps without admin privileges. Some Suggestions: Don't update to 10.6.6+ Use parental controls Presumably some OD policy (if you have an OD server which we don't) Block the App store by DNS or Proxy Not updating to 10.6.6+ isn't really a long term solution as it contains security fixes and new Macs will come with it anyway. Blocking the App store at a network level doesn't solve laptop users. Ideally a simple system preference or editing of a plist that can be pushed out by ARD would be the best solution. Please note the question isn't should we block the App store, it's how we can block the App store.

Read the article
Visual Studio 2005 Open Project Dialog Slow as Molasses

- by futureelite7

Hi, Whenever I try to open a project in Visual Studio 2005 (Windows XP), my open project dialog become slow as molasses - navigating down one level of folders typically takes almost 60 seconds. Finding the project and opening it can take up 4-5 minutes, which is just ridiculous. I've checked the open project dialogs of other programs - only VS2005 is acting this way. What could be causing this problem and how do I go about solving it (apart from reinstalling VS2005 / windows) (Edit: Even VS2008 on the same machine does not have this problem. I don't know what's wrong.) Thanks!

Read the article
creating TAGS for Ruby and emacs

- by hortitude

I ran the following from my top level Ruby on Rails directory find . -name "*.rb" | etags - Then within emacs I visited that tag file. This works reasonably well to find some of the methods and most of the files, however it is having trouble finding some of the extra methods/classes that I use in my helpers directory. e.g. I have a file in my helpers dir called my_foo_helper.rb If I search my tags for that file, it finds it. However, if I try to find a tag for one of the methods within that module it doesn't find it at all. If I use Aptana or something like that it seems to be able to locate those methods. Any thoughts? Thanks!

Read the article
Shaping outbound Traffic to Control Download Speeds with Linux

- by Kyle Brandt

I have a situation where a server makes lots of requests from big webservers all at the same time. Currently, I have not control over the amount of requests or the rate of the requests from the application that does this. The responses from these webservers is more than the internet line can handle. (Basically, we are launching a DoS on ourselves). I am going to get push to get this fixed at the application level, but for the time being, is there anyway I can use traffic shaping on the Linux server to control this? I know I can only shape outbound traffic, but maybe there is a way I can slow the TCP responses so the other side will detect congestion and this will help my situation? If there is anything like this with tc, what might the configuration look like? The idea is that the traffic control might help me control which packets get dropped before they reach my router.

Read the article

< Previous Page | 311 312 313 314 315 316 317 318 319 320 321 322 | Next Page >