Search Results

Search found 13059 results on 523 pages for 'security hole'.

Page 353/523 | < Previous Page | 349 350 351 352 353 354 355 356 357 358 359 360 | Next Page >

ServerName no longer works as SQL Server 2008 Default instance name?

- by TomK

Folks, Somehow in struggling to install something (Sage MIP), I have unsettled my system's SQL Server 2008 instance names. If I fired up SSMS and connected to "MySystemName" (while logged into MySystemName), I used to immediately connect and could view my databases. Now if I connect to "(local)" or "." I connect just fine...but "MySystemName" gives me a timeout error. If I log in with "." and do "SELECT @@SERVERNAME" it comes back with "MySystemName" just fine. I've double checked that my network name is in the Security\Logins list, and it is, as a dbadmin. Any suggestions? I thought that having SQL Server 2005 Express might be a problem (the "battle of the default instances"), so I uninstalled that. No better.

Read the article
Binding services to localhost and using SSH tunnels - can requests be forged?

- by Martin

Given a typical webserver, with Apache2, common PHP scripts and a DNS server, would it be sufficient from a security perspective to bind administration interfaces like phpmyadmin to localhost and access it via SSH tunnels? Or could somebody, who knew eg. that phpmyadmin (or any other commonly availible script) is listening at a certain port on localhost easily forge requests that would be executed if no other authentication was present? In other words: could somebody from somewhere in the internet easily forge a request, so that the webserver would accept it, thinking it originated from 127.0.0.1 if the server is listening on 127.0.0.1 only? If there were a risk, could it be somehow dealt with on a lower level than the application, eg. by using iptables? The idea being, that if someone found a weakness in a php script or apache, the network would still block this request because it did not arrive via a SSH-tunnel?

Read the article
why Apache with ssl but back end weblogic without ssl works?

- by huangli

Hello everyone. my question is very simple . The link below is a picture about my architecture. https://docs.google.com/open?id=0BxSXbpgYIZVOR212RVk4ZDN1Sm8. The pic above shows the architecture right now and it works correctly ! which means I could visit apache with url https//apchehost:8080, could not visit the web app with https served by weblogic but I could visit these app with https served by Apache(Apache is proxy server). My question is why the Apache is configured with ssl but weblogic without ssl works ? I think weblogic should also configured with ssl . If this works , what about security level ? Is the ssl really works if only Apache configured with ssl but Weblogic without it ? Thanks . condition: Apache 2.2.17 with weblogic module mod_wl_22.so Weblogic: 10.3 OS: Windows server 2003

Read the article
Can't access to access to my web server inside a network with Firewall on

- by ianenri

I set up a Web server with the following: There is the Internet Router, configured to Port Foward port 80 to my computer assigned to my PC's IP: 192.168.1.128 My PC is connected to that wireless router from wlan0 Then, my PC is also connected to my device (which is the webserver) with a crossover-cable usign eth0 having this anohter IP: 10.42.43.1 Finally, my device (the webserver) is connected with eth0 with this IP: 10.42.43.55 As you can see, I need to install a reverse-proxy to be able to resolve to my device's webserver. I installed pound (proxy server) in my PC and configured properly to make 192.168.1.128 resolve to 10.42.43.55 So, I just typing my ISP provided IP 200.x.x.x resolves to my device webserver. But there's a problem: I HAD TO STOP MY FIREWALL. I don't know how I need exactly configure the firewall in SUSE YAST2, or at least iptables. Stopping it is not an option, not for security reasons, just because there's port fowarding rule that is needed to give Internet access to my device too. I'm using openSUSE 12.1

Read the article
Ldap access lists users even if user has no rights...

- by Patkos Csaba

I am trying to set up a more complex Active Directory structure for some testing purposes. What I did so far: set up 2 windows (one 2008 and one 2003) to control the same domain set up an Organizational Unit (ou): Developers set up 2 child OUs: "one" and "two" each OU has it's admin: adminOne and adminTwo I denied all access to OU "two" by removing on the Security tab all the groups I don't want to access it. now, when I log in as adminOne and I try to click on OU "two" it says I don't have permissions to see the users and properties of "two" - this is perfect, it's what I want Here comes my problem: I do a LDAP query with the adminOne user on the "Developers" What I expect to happen: I expect to retrieve the users from Developer - One I expect to NOT be able to retrieve the users from Developers - Two What actually happens: ldap shows all the users, both from Developers - One and Developers - Two, even if the user should not have permissions to Developers - Two And now my question: is there any specific settings on Windows 2003 or 2008 Active Directory servers which allow or deny access over LDAP? I could not find any.

Read the article
Do TCP connections work differently within the same subnet?

- by Dean

I've encountered some network behaviour that confuses me while trying to get Java RMI working. I use netcat to connect to a local machine: [my_machine]$ nc -w 1 192.168.0.100 60000 && echo success success I try to do the same to my server: [my_machine]$ nc -w 1 my-servers-ip 60000 && echo success This doesn't work, unless I explicitly listen on the server socket: [amazon_ec2]$ nc -l 60000 [my_machine]$ nc -w 1 my-servers-ip 60000 && echo success success For the version that fails, the SYN packet receives a RST, ACK in response. I'm not too knowledgable about this stuff, at this point I only have wild theories such as the one in the question. Any ideas? Potentially useful details: Local Machine (192.168.0.100) - Macbook Remote Machine (Amazon EC2) - Amazon Linux AMI 2012.03 Security Group Settings: 22 (SSH) 0.0.0.0/0 1099 0.0.0.0/0 49152-65535 0.0.0.0/0 "iptables -L" shows no rules set

Read the article
Unable to connect to MySQL through port 3306

- by Ron

I read the answers about 3306 from a question posted in 2009. I have the same problem, but the answers I read didn't help. Port 3306 is open, even if I stop the windows-firewall, MySQL still can't access it. MySQL is running. I've run netstat firewall xxxxxx and get these results: 3306 TCP Enable MySQL Server and this from netstat -a -n: TCP [::]:3306 [::]:0 LISTENING 0 (I don't understand the [::]) I do have AVG Internet Security running but not the Firewall component. How can I find out what is blocking MySQL from accessing this port? And it's not just this specific port, but any port. I've asked on the MySQL forum, but no one is replying.

Read the article
WinXP on VPC - Unable to change the way users log on or off

- by kamleshrao

On my Win7 computer, I have setup a new Win-XP VPC. In the VPC window, when I click Ctrl+Alt+Del, it shows me Windows Task Manager. As per MS KB [ http://support.microsoft.com/kb/281980 ], we can change this behavior to show the regular Windows Security window. But while making this change, I am getting the following error: User Accounts Fast User Switching cannot be turned off from a remote connection to this computer. Log on to the computer locally to turn off Fast User Switching. OK Is there any way I can fix this setting?

Read the article
Restrict Administrators from changing system time - Windows XP machines (no domain)

- by user72128

I need to write a script that will remove all users under Local Computer Policy > Computer Configuration > Windows Settings > Security Settings > User Rights Assignment > Change the system time from the local group policy (gpedit.msc) on all Windows XP machines. These machines are not on the domain. I DO have a way to distribute and run the script automatically. Can someone point me in the right direction for creating a script like this?

Read the article
Can't change read only folder in windows 7

- by James Drinkard

I'm trying to run a Spring MVC 2.5 tutorial and when I run the ant script for a deploy, I get this error: deploy: [copy] Copying 2 files to C:\apache-tomcat-7.0.8\webapps\c:\projects\workspace\springapp BUILD FAILED C:\projects\workspace\springapp\build.xml:46: Failed to copy C:\projects\workspace\springapp\war\WEB-INF\web.xml to C:\apache-tomcat-7.0.8\webapps\c:\projects\workspace\springapp\WEB-INF\web.xml due to failed to create the parent directory for C:\apache-tomcat-7.0.8\webapps\c:\projects\workspace\springapp\WEB-INF\web.xml After reviewing the directory: springapp I saw the properties as read-only. No problem I thought as I'm logging in as administrator. However, changing the uac settings, going to a command prompt as admin and then trying to change the properties of the folder with attrib, making me the owner of the folder, changing the security settings etc... did nothing. I can't seem to change this folder to anything. So my question is, how do I change the settings on that folder so ANT can make changes to that folder?

Read the article
Windows 7 random black screen when idle

- by Omar

Occasionally, when I'm away from my computer for about 5 minutes, the computer screen will go black and all USB devices (keyboard/mouse) will lose power. Attempting to move the mouse or pressing keys does not 'wake up' the computer. This only started happening a few days ago but I'm not sure what changes I did could have caused this and I uninstalled programs (one by one) I installed before it started happening, but still having the same issue. The one thing I noticed different about my computer since it started happening is i've been getting random survey popups from www.insightexpress.com. I ran Microsoft Security Essentials scan, it picked up some Java related malware, I removed it but still the same issue. I'm running MBAM right now and will run SAS after. Edit: I just updated drivers for motherboard and video card and ran virus scans, still having the same issue.

Read the article
Script to Add an IMAP account to Outlook 2010

- by francisswest

Im looking to for a script that allows me to add an IMAP account to an already existing email profile. All of our users have an Exchange account as their main email account. We have several shared IMAP accounts that these users need access to. Rather than go to each machine and add each account they need access to over and over, Im hoping there is a script of some nature where I can plug in the needed info (username, password, server, security settings, etc) I then plan to run said script remotely on each machine using powershell. I have found a couple scripts in my searches, but nothing recent, and the majority of them revolve around creating profiles, not adding accounts to an already existing profile. Thoughts?

Read the article
Centrally manage Windows 7 computers without Active Directory

- by Sean W.

I manage three Windows PCs at home using the principle of least privilege. This means that practically every other day when a new version of Java is released, I have to manually install the update using my administrative credentials on each machine. This is starting to become more work than I had expected. I would love to set up an active directory domain at home, but Microsoft has discontinued Windows home server; its replacement, Windows server 2012 essentials is much more expensive (about $500). Are there any free (preferably as in speech) that would allow me to centrally manage the software installed on each machine in a manner similar to that of active directory? I'd also like to find a way to centrally manage security settings, but I doubt there's an equivalent of group policy. Samba 4 would be an ideal solution, but according to its own developers, it is not yet stable enough for production use.

Read the article
Replicate portion of an LDAP directory to external server

- by colemanm

We're in the process of setting up a Jabber server on Amazon EC2 right now, and we'd like to have our internal users authenticate via LDAP so we don't have to create/manage a separate set of user accounts than the master directory in the office. My question is: is there a way to copy, unidirectionally, a segment of our internal LDAP directory (the user accounts OU) to an external LDAP server and authenticate Jabber against that? We're trying to work around having our externally hosted machines out in the cloud accessing our internal network directly... If we can replicate in one direction only a subset of the user accounts, then if that gets compromised we don't necessarily have a critical security breach into our internal network.

Read the article
Computers displaying an unwanted password change prompt

- by evesirim

We run a small network of users from a central SBS 2008 server that handles group policy & AD. Most of our users operate under a policy that propts them for a password change every 6 months as a security measure, with a few administrator accounts & terminal machines not using the policy for the sake of ease as they are needed all the time. Recently all machines regardless of policy have started asking for a password change out of schedule. Some PCs run Windows 7 & some XP, though the password prompts don't seem to discriminate between OS. What could this be down to? Many thanks

Read the article
Internet wireless connected with limited access, windows vista

- by Wawa wiya

Hello I had some malware in my computer so I did a bit of manual work to remove it including resetting TCP/IP. Now the malware is gone. I can see my home wireless network and I can get connected to it but when connected I get the Internet wireless connected with limited access message. When I go to the IE I cannot browse. When I tried to ping 192.168.1.1 I got an Error Code 1231 Unconnected Network Problem. I have deactivated my Windows firewall as I thought it could be hyperactive security. Still no luck. I have Norton but it is not active, I have also Avast and AVG installed but they are not active. Any ideas?

Read the article
Best blog package/platform (java, php etc)?

- by user50912

Hi Folks, I want to set up a blog, but I want it to reside on a URL I've bought, I also don't want any of the ads and such that sit around other blogs on blog specific sites like blogspot and generally want more control. I was thinking of getting shared hosting with mysql and such to get it going (as opposed to a VM which would be overkill). Then I just need to decide on the easiest quickest (and most secure) way of getting something up there. After some googling, I see b2evolution.net which sits on php, or Apache Roller, which seems to sit on Java. Could anyone offer any advice on whats my best approach here? Are there security concerns with either or has anyone any experience in this area? I really want setup time to be minimal, so I can concentrate of the feel of the blog rather than whats under the hood. Many Thanks.

Read the article
"Deny log on through Terminal Serivces" insists on "Everyone"

- by Trueblood

We've got a standalone (non-domain) server where "Deny log on through Terminal Services" contains "Everyone" -- ok, we didn't want that, not sure how it got set, but whatever. We removed it ...and "Everyone" came back. Tried adding "Guest" to the deny list, removing "Everyone" ...which ended up with the setting containing "Everyone, Guest" Clearly there's another setting somewhere that's preempting this one, but it beats me which one. Any ideas? ("Everyone" is being shown as reset upon reloading the Local Security Settings window, so it's possible that it's not actually being changed in the underlying store, and just shows the change in the UI)

Read the article
Computers displaying an unwanted password change prompt

- by evesirim

We run a small network of users from a central SBS 2008 server that handles group policy & AD. Most of our users operate under a policy that propts them for a password change every 6 months as a security measure, with a few administrator accounts & terminal machines not using the policy for the sake of ease as they are needed all the time. Recently all machines regardless of policy have started asking for a password change out of schedule. Some PCs run Windows 7 & some XP, though the password prompts don't seem to discriminate between OS. What could this be down to? Many thanks

Read the article
Is there a way to only require password on waking from sleep and not on screensaver (In Snow Leopard

- by Vitaly Kushner

I hate it when it asks me for password when I'm at home getting away from a computer for a while. I do like it having a screensaver though. But for some reason I see that password settings for the screensaver is merged with the password settings for waking from sleep. And waking password is an essential security feature for me. Essentially when Im not in a secured environment I close the lid when going away from the laptop even for a minute, but at home I want it to stay open. Is there a way to have it ask for password only after sleep and not after screensaver?

Read the article
Unable to mount Amazon Public Dataset using ec2-create-volume

- by the0ther

I am trying to use a Public Dataset with the snapshot id of snap-e1608d88. I am looking at these instructions, but they do not seem to help. The first suggestion there says I should click on Volumes and create a new volume, set it's size and availability zone, as well as specifying the snapshot id. The problem is, snapshot id is a dropdown, not a text field, and there are over 100 options in the dropdown. Next I installed the ec2 command line tools and tried to run the ec2-create-volume command. For my first attempt I tried ec2-create-volume --snapshot snap-e1608d88 --availability-zone us-east-1 but that gave output indicating I need to provide a certificate with the --cert switch. Which certficate exactly? I tried my SSH cert at ~/.ssh/id_rsa. No dice. I got the following Java error: "org.codehaus.xfire.fault.XFireFault: General security error;"

Read the article
Prevent member of administrator group loging in via Remote Desktop

- by Chris J

In order to support some build processes on our Server 2003 development servers, we require a common user account that has administrative privs. Unfortuantly, this also means that anyone that knows the password can also gain admin privs on a server. Assume that trying to keep the password secret is a failed exercise. Developers that need admin privs already have admin privs so should be able to log in as themselves. So the question is a simple one: is there anything I can configure to prevent people (ab)using the account to gain administrator on servers they shouldn't have administrator on? I'm aware that devs could disable anything that is put in place, but that's then down to process and auditing to track and manage. I don't mind where or how: it can be via the local security policy, group policy, a batch file executed in the user's profile, or something else.

Read the article
Can not find the source of Grant permission on a folder

- by Konrads

I have a security mystery :) Effective permissions tab shows that a few sampled users (IT ops) have any and all rights (all boxes are ticked). The permissions show that Local Administrators group has full access and some business users have too of which the sampled users are not members of. Local Administrators group has some AD IT Ops related groups of which the sampled users, again, appear not be members. The sampled users are not members of Domain Administrators either. I've tried tracing backwards (from permissions to user) and forwards (user to permission) and could not find anything. At this point, there are two options: I've missed something and they are members of some groups. There's another way of getting full permissions. Effective Permissions are horribly wrong. Is there a way to retrieve the decision logic of Effective Permissions? Any hints, tips, ideas?

Read the article
Local Group Policy Editor reverting setting to default

- by Timur Aydin

On my Windows 7 Ultimate 32bit system, I have changed the following setting: Local Computer Policy - Computer Configuration - Windows Settings - Security Settings - Local Policies - User Right Assignment - Deny access to this computer from the network This setting was by default "Guest" and I deleted this so that Guest can access a defined network share over the LAN. But later, I have changed my mind and wanted to return this setting to its default. So I edited that setting and specified Guest. But the setting became MYWINPC\Guest. So my question is, what is the difference between the previous setting "Guest" and MYWINPC\Guest? And how do I return this setting to its default value, "Guest"?

Read the article
Logging on to server creates duplicate user profiles in Documents & Setting

- by Tech

Windows Server 2003. I am having a problem with the creation of new user profiles when logging in remotely to a terminal server. The new user profile gets added under Documents & Settings as username.domainname. Deleting the new profile does not allow the original profile to be reverted to. Went logging on to the server again, it creates another new user profile. Nothing was changed in the Active Directory or security settings. How do I get the original profile to be used?

Read the article

< Previous Page | 349 350 351 352 353 354 355 356 357 358 359 360 | Next Page >