Search Results

Search found 13059 results on 523 pages for 'security hole'.

Page 347/523 | < Previous Page | 343 344 345 346 347 348 349 350 351 352 353 354  | Next Page >

• Not able to login to new AMI on EC2 - moveing from micro to small instance

  - by zengr

  I had a t1.micro instance (old_server) on Linux on EC2 and now I need to upgrade my server to m1.small Linux (new_server). So, here is what I did: Shutdown old_server and create an AMI. Launch the new AMI with m1.small configuration. (I kept the key and security group same as old_server) I tried to login by: ssh -i my_key.pem [email protected] But, it gives a connection timeout error. My login to old_server works fine. So, my question is: What is the correct way to scale up (vertically) an EC2 instance? Where am I going wrong in the above mentioned step? When I create an AMI in step 1, is the EBS (data) also copied.

  Read the article

• Saving a compressed text attachment results in empty file

  - by Brandon

  I have a text document with compressed text in it, the text is auto generated by a program. The text document is fine on my machine (Vista 32-bit), and can be used normally. The other person can also create and use these files just fine. (XP 32-bit) However when I email it to someone else (Outlook 2003 on both machines) the attachment is sent fine (5kb) but when the other person tries to save it somewhere, the saved file is empty. (64b) At first I thought Outlook didn't like compressed text files (security risk maybe?), but I can receive the text files just fine. Is there a setting somewhere on the other persons machine that tells Outlook not to trust compressed text? Can anyone think of a reason why these files are being saved as empty text documents?

  Read the article

• Outlook 2007 disconnecting after sending email to specific email

  - by Michael

  So when a user emails another tech in my domain they get the prompt for username/password as though they got disconnected. I have not seen any issues in the event logs, tried deleting the email address from his auto correct, ran Outlook in safe mode and searched online as well. I am kind of lost. Checked the event logs on the exchange server as well in the security and still nothing. Exchange 2010, Client OS: Vista x64, Outlook 2007. Thanks!

  Read the article

• EC2 server in VPC stops responding joining domain

  - by Geoff

  We have a EC2 Windows Server set up and running in our VPC, connected to our network via a Juniper 5GT. This is working well, with the tunnel up and stable. If I then join the server to our local domain, it appears to work - I can then log on using domain credentials, and use domain accounts when applying security to folders etc. After I log out, if I give it around an hour, the box becomes unresponsive. I can't ping it, although a tracert goes all the way barring the last hop - so the tunnel is ok. I can't RDP into it. If I reboot it, then it works for a while before doing the same thing. Un-joining it from the domain fixes the problem, and it stays up and stable. The event logs don't show anything obvious, at least to me. Any ideas?

  Read the article

• Apply Group Policy to Remote Desktop Services users but not when they log on to their local system

  - by Kevin Murray

  Running Windows Server 2008 Service Pack 2 with Remote Desktop Services role. I want to hide the servers drives using a GPO, but not the users local drives when they are logged on to their local system. Using a GPO, I went to "User Configuration - Policies - Administrative Template - Windows Components - Windows Explorer" and enabled "Hide these specified drives in My Computer" and "Prevent access to drives from My Computer" and in both used "Restrict all drives". Then under "Security Filtering" for the GPO, I restricted it to the system running Remote Desktop Services and the specific users who will be using RDS. I then applied the GPO to our domain and it worked a little too well. Not only was I successful in getting the GPO to work for RDS users, but it also affected those same users at their local systems as well. I've tried everything I can think of, but can't figure out how to apply this just to the RDS but not at their local system. What am I missing?

  Read the article

• PHP + IIS Application Pool Identity Windows\Temp permissions

  - by Matt Boothman

  I am currently running PHP (5.3) on IIS 7.5 on a Win2k8 R2 Web Edition Server and would like to know what, if any, problems or security vulnerabilities I may introduct into a system by assigning Read, Write, Modify & Execute permissions to either IUSR account or the IIS_USERS group for %SystemRoot%\Temp? Should I be altering permissions to that folder at all (as Windows reminds me I probably shouldn't when i attempt to change them)? Should I create a temp folder somewhere else and set permissions accordingly? The problem is when i set Anonymous Authentication (I'm guessing is a more secure option???) to use the App Pool identity, when starting sessions PHP gets stuck in a loop because it's unable to create session files in the %SystemRoot%\Temp folder due to lack of permission on the application pool user or IIS_USERS group. Another problem being ImageMagick (PHP Extension) is being denied access to %SystemRoot%\Temp to write temporary files so is throwing exceptions. I have tried searching Google however have not found anything that touches upon this subject specifically. Any help greatly appreciated.

  Read the article

• How can I prevent Ask.com Toolbar from being installed every time Java is updated?

  - by abstrask

  As many are painfully aware of, Oracle continues to not only bundle the Java installation with the useless Internet browser toolbar from Ask.com, but also enable its installation by default. In addition to the toolbar, Ask also replaces your favourite search engine in your browser with Ask. Furthermore, the Java installation goes as far as to actually recommend installing this useless junk, meaning that any non IT-savvy person is more than likely to leave it checked and install it (after all, it was enabled by default and the friendly Java installer did recommend it, right?). To add insult to injury, even if you remove the Ask Toolbar, you can be sure to see it again soon, when the next Java update hits you (which seem to happen quite often lately, due to loads of security fixes for Java, but that's another story). I'll duly remove the check-mark to install Ask Toolbar, whenever I update Java, but when supporting my family and friends, it's obvious they don't. How can I prevent the pesky Ask.com Toolbar from being installed in the first place?

  Read the article

• Thoughts on Apache log file sizes?

  - by Nathan Long

  Do you place any limits on the size of Apache log files - access.log and error.log? Specifically, can you give: Reasons to limit log file sizes Disk space Any other? Reasons NOT to limit log file sizes Research into performance issues or security breaches Any other? Methods of doing so Cron job that periodically deletes the file, or the first N lines? Any other? Anything you might salvage before deleting For example, grep out how many times a file was downloaded before deleting the access logs I'd like get the thoughts of experienced sysadmins before I do anything. (Marking as community wiki since this may be a matter of opinion.)

  Read the article

• Linux Bridge, Samba netbios name/hostname access

  - by Christopher Wilson

  I am currently running a linux bridge in the following configuration ADSL Modem: 192.168.1.1 Linux Bridge: eth0: 192.168.1.2 eth1: no address Wireless Router: 192.168.0.1 My issue is that i cannot access the "Linux Bridge" shares using the WINS name of the server via client systems (yes i understand it is a transparent bridge but i can access it via the 192.168.1.2 address this is not on the same subnet as the client systems). This is the global section of my SMB.CONF [global] unix extensions = off os level = 20 netbios name = server guest account = nobody server string = 447 Server security = share #unix extensions = no #wins support = yes #wins server = 192.168.0.1 name resolve order = wins lmhosts hosts bcast interfaces bridge1 eth0 eth1 lo bind interfaces only = yes Can i access a bridged server using it's WINS name to access samba shares? Cheers Chris

  Read the article

• Connect to MySQL EC2 Instance outside of VPC

  - by Brian W

  I have a VPC setup with a few EC2 instances inside. I'm attempting to connect to a MySQL database on an EC2 instance outside the VPC, with no luck. I have the security groups on the VPC EC2 instances set to outbound 0.0.0.0/0 which I assumed would let it connect to any outbound connection. I also followed a tutorial on creating a NAT, but wasn't exactly sure how to use it to connect to an external database. In any case, if anyone has experience and knows the proper way to connect to a database outside the VPC, it would be greatly appreciated!

  Read the article

• reverse proxy only from one internal server

  - by hrost

  I have configured a reverse proxy and is working ok for one internal server, for example our mail server. Now, I like to know if it is possible to configure a reverse proxy for only one server /application (in this case our web intranet). Our problem is Intranet call another aplication inside same intranet server and another internal servers, and the only way that I know to publish this resources is make a reverse proxy in our dmz apache for all apllications servers, but I like that from our DMZ reverse apache only intranet will be called, and other applications will be called by intranet server, and not reverse proxy. I like to configure with this system for security reason, and only allow external access to one server. I have configured With Debian Squeeze and apache 2.2 It is possible? How?

  Read the article

• Scheduled task username changed

  - by Ernst

  I posted this originally on stack overflow where I was told I should ask it here: Hi, I created a user on our exchange server, but later changed the username. Now, when I create a scheduled task for that user, and change it's settings (run only when logged on), the username is automatically changed back to the old username. What's causing this and how do I make sure the correct, new username is used for the task (otherwise it won't run), security settings are okay. I did already log in with a different user to delete the profile on the computer and tried again with this user to no avail. The OS is windows xp, the exchange server is on windows server 2003. Thanks

  Read the article

• lamp server permissions on development server

  - by user101289

  I run a LAMP server on a ubuntu laptop I use only for development. I am not greatly concerned with security, since the server is never accessible outside the local network, and it's turned off when I'm not using it. My question is what is the simplest and 'best' way to set permissions/users/groups so that when my myself user creates, edits or writes files in the webroot, I won't need to go through and CHMOD / CHOWN everything back to the www-data user? Should I add myself to the www-data group? Or chown the webroot to www-data:myself? Or is there a best practice for this situation so I don't have to keep re-setting the ownership of these files? Thanks

  Read the article

• Why is my ethernet interface in promiscuous mode

  - by nhed

  I read that seeing a flag of M in netstat -i is the way to tell which of your interfaces is in promiscuous mode I run it and I see that eth1 is in promiscuous mode $ netstat -i Kernel Interface table Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg eth1 1500 0 1770161198 0 0 0 57446481 0 0 0 BMRU lo 16436 0 97501566 0 0 0 97501566 0 0 0 LRU This seems to be the case on all the machines I checked (All Centos6.0, both virtual and physical), any idea why ethernet devices would be in such a mode unless someone was running any pcap based app (sudo lsof | grep pcap shows nothing)? I did not see any mention of promiscuous in any of the config files (sudo grep -r promis /etc) Any ideas what puts the interface into that mode and why? p.s. most of the posts I see seem to be security related, this is not that

  Read the article

• How do I install and run Tomcat on port 80 as my only web server? (Rooted Ubuntu box)

  - by gav

  Hi All, tl;dr - I have a rooted linux box that I want to run tomcat on as a server (No Apache Web Server) how would you set this up avoiding common security pitfalls? I've written a Grails App that I want to run on a VPS I rent. The VPS has very little memory and I am using it for the sole purpose of running this application so I don't need the apache web server. This is my first venture into Server administration and I'm sure to fall into some well known traps. Should I use iptables to redirect requests from port 80 to 8080? Should I run tomcat as root or as it's own user? What configuration settings would be good for a low memory system expecting less than 10 concurrent users? Hopefully an easy one for you! Anyone who could link to a tutorial would be a personal hero destined for great things no doubt. Gav

  Read the article

• Detect damage done by virus

  - by user38471

  Hey, this morning after I went to college a virus infected my pc without any user interaction at my end. When I came home my computer was completely frozen and infected with lots of trojans. I have not typed anything important since returning so keys cannot be logged. However I want to know exactly when my computer crashed from the time of infection to see what could potentially be done remotely by a hacker. The virus my pc was diagonosed with was "fakespypro" http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Win32%2fFakeSpypro on a fully updated windows 7 installation with firewall enabled. My computer was connected to an internal dorm room network, so probably that has had to do something with it. Any further information about how I could backtrace this virus infection or ways to discover what data might be stolen would be greatly appriciated.

  Read the article

• Is there any danger in disabling windows firewall on a azure worker role?

  - by NullReference

  I'm trying to troubleshoot a bug on our Azure worker role where we occasionally get the error "Unable to read data from the transport connection: An established connection was aborted by the software in your host machine". This error occurs when we are connecting to outside resources like google auth servers. A few people have recommended disabling the firewall\antivirus on the server. I'm just wondering what kind of security risk we would take by doing this. The server doesn't have iis installed but would it be vulnerable to hacking without the firewall? Thanks

  Read the article

• diagnostic software for wifi adapter

  - by Nathan Fellman

  I'm having trouble with my wifi connection. Is there any software out there that can help me determine if the problem is in the drivers or in the hardware? Regretfully, I'm working on Vista Edit: The problem I'm having is that the Vista reports that the wireless radio is connected, shows an IP and all, the router also shows that the computer is connected, but there's no connectivity. I can't logon to the router, and I can't even ping it. When I ping it I get the response: General Failure I have tried connecting with and without various wireless security protocols. I have tried disabling the wireless adapter and re-enabling it from the Device Manager I have tried updating the driver None of this has helped. When I connect via Ethernet (with a cable, that is), everything works fine. Edit: I'm not using any firewall on the computer, that I'm aware of. The IP address for the WIFI adapter is similar to the one for the LAN adapter. They differ by one.

  Read the article

• Choosing a home network layout

  - by James M.

  I have a server, 4 PC's, a network printer, a switch and an ADSL modem. Currently the server runs Red Hat 9 and sits between the internet and the other PCs like in http://upload.wikimedia.org/wikipedia/en/1/12/Sample-network-diagram.png I have bought a new server PC to replace the old one, and I plan to install Fedora Core linux on it. The server acts as web and file server. The PCs all run Windows. Alternatively, I could connect the new server and all PCs to the switch, and connect the switch to the modem. (Sorry, couldn't find an image.) What are the pros and cons of these network layouts? Eg. in terms of reliability, security and flexibility? I am not a Linux guru but know of (and am not afraid of) iptables, dhcpd et al. Thank you for any tips, pointers and links.

  Read the article

• Using Internet Explorer 8 and 9 beta under internet options -advanced java does not show to check the box

  - by Michael Bishop

  I am using internet 8 and under internet options advanced there is not box to check to enable java. I was told to reset which did nto work. I have tried to uninstall java 6-21 32 bit but I get windows installer error 1723. I brought up the java console and made sure it was pointing to the right target. But I guess the main thing is I have no enable java under internet options, advanced. It was under security to enable java scripting. Any answers?

  Read the article

• How can I keep websites from knowing where I live?

  - by D Connors

  This questions is related to issues and practicality, not security. I live in Brazil and, apparently, every single website I visit knows about it. Usually that's ok, but there are quite a few sites that don't make use of that information adequately. For instance: Bing keeps thinking that brazilian pages are way more relevant to me than american ones (which they're not). Google.com always redirects me to google.com.br. Microsoft automatically sends me to horribly translated support pages in portuguese (which would just be easier to read in english). These are just a few examples. Usually it's stuff I can live with (or work around), but some of them are just plain irritating. I have geolocation disabled in firefox, so I guess they're either getting this information from my IP or from windows itself (which I bought here). Is there a way to avoid this? Either tell them nothing or make them think I live somewhere else? Thanks

  Read the article

• SSL Certificate for local web server

  - by Firefly

  Is it at all possible to create a self-signed certificate for use on multiple machines on a local network which would stop the browser complaining it is not a trusted site? We have a product which is basically a computer running lighttpd to serve a web interface for configuring the computer (sort of how a router has a web interface). There can also be many of these machines running on the same network with dynamic IP's. What I basically want to do is enable SSL for extra security but I don't want people who are on the local network to be given a browser warning about the certificate not being trusted. Is this at all possible?

  Read the article

• Import Java Trusted Certificate to JRE

  - by Zalastax

  I need to install a certificate from a Java app to a lot of people. I want to use a one click program or batch file to import it as a Trusted Certificate(in Control Panel-Security-Certificate). Then they won't need to press always allow first time they use the application. I have extracted the needed certificate as both a .csr and as a .cer (the .csr via Control Panel and the .cer via keytool). Now I need to get one of them back without any clicking in menus. I don't really understand the documentation of importing .cer with keytool and would like an example. Or are there an easier way than using keytool?

  Read the article

• File ownership and permissions on web site PHP files

  - by columbo

  Hello, I am learning the basics of linux servers so I am green. I have an Ubuntu server upon which there are websites that I have inherited. In a fit of security worry I decided to check out the ownership of the web site files. They are all 2016:sites. If I run the command 'cat /etc/group | more' I can see that the group exists. But when I run 'lastlog' the user 2016 does not appear. I started to worry that 2016 might be the username of web users connecting from the web so I set the permissions on a testfile to chmod 600, giving read permissions to only the file owner. Sure enough I could still access the file from the web. Can anyone suggest what is going on here? I tried creating a new user and giving them file ownership but then when I access the file from the web it wants me to have all directories up stream owned by the same person. Thanks

  Read the article

• SSL certificates with password encrypted key at hosting provider

  - by Jurian Sluiman

  We are a software company and offer hosting to our clients. We have a VPS at a large Dutch datacenter. For some of the applications, we need an SSL certificate which we'd like to encrypt with a password protected keyfile. Our VPS reboots now and then because of updates whatsoever, but that means our apache doesn't start right away because the passwords are needed. This results in downtime and is of course a real big problem. We can give the passwords to our VPS datacenter, or create certificates based on keyfiles without passwords. Both solutions seem not the best one, because they compromise the security of our certificates. What's the best solution for this issue?

  Read the article

< Previous Page | 343 344 345 346 347 348 349 350 351 352 353 354  | Next Page >