Search Results

Search found 15914 results on 637 pages for 'physical security'.

Page 102/637 | < Previous Page | 98 99 100 101 102 103 104 105 106 107 108 109  | Next Page >

  • Local Password Management

    - by ultimazombie88
    In our office (and I am sure many others) we access various websites and tend to share one account with our team. For example, we share credentials to Ebay and change them every few weeks to maintain some sense of security. However, we know this does not allow for any type of accountability for major changes. After some discussion we want to try to manage how we distribute credentials for sites that may not offer child accounts. Is there any smart and safe way to do this? If so how do you do it?

    Read the article

  • October 2012 Critical Patch Update and Critical Patch Update for Java SE Released

    - by Eric P. Maurice
    Hi, this is Eric Maurice. Oracle has just released the October 2012 Critical Patch Update and the October 2012 Critical Patch Update for Java SE.  As a reminder, the release of security patches for Java SE continues to be on a different schedule than for other Oracle products due to commitments made to customers prior to the Oracle acquisition of Sun Microsystems.  We do however expect to ultimately bring Java SE in line with the regular Critical Patch Update schedule, thus increasing the frequency of scheduled security releases for Java SE to 4 times a year (as opposed to the current 3 yearly releases).  The schedules for the “normal” Critical Patch Update and the Critical Patch Update for Java SE are posted online on the Critical Patch Updates and Security Alerts page. The October 2012 Critical Patch Update provides a total of 109 new security fixes across a number of product families including: Oracle Database Server, Oracle Fusion Middleware, Oracle E-Business Suite, Supply Chain Products Suite, Oracle PeopleSoft Enterprise, Oracle Customer Relationship Management (CRM), Oracle Industry Applications, Oracle FLEXCUBE, Oracle Sun products suite, Oracle Linux and Virtualization, and Oracle MySQL. Out of these 109 new vulnerabilities, 5 affect Oracle Database Server.  The most severe of these Database vulnerabilities has received a CVSS Base Score of 10.0 on Windows platforms and 7.5 on Linux and Unix platforms.  This vulnerability (CVE-2012-3137) is related to the “Cryptographic flaws in Oracle Database authentication protocol” disclosed at the Ekoparty Conference.  Because of timing considerations (proximity to the release date of the October 2012 Critical Patch Update) and the need to extensively test the fixes for this vulnerability to ensure compatibility across the products stack, the fixes for this vulnerability were not released through a Security Alert, but instead mitigation instructions were provided prior to the release of the fixes in this Critical Patch Update in My Oracle Support Note 1492721.1.  Because of the severity of these vulnerabilities, Oracle recommends that this Critical Patch Update be installed as soon as possible. Another 26 vulnerabilities fixed in this Critical Patch Update affect Oracle Fusion Middleware.  The most severe of these Fusion Middleware vulnerabilities has received a CVSS Base Score of 10.0; it affects Oracle JRockit and is related to Java vulnerabilities fixed in the Critical Patch Update for Java SE.  The Oracle Sun products suite gets 18 new security fixes with this Critical Patch Update.  Note also that Oracle MySQL has received 14 new security fixes; the most severe of these MySQL vulnerabilities has received a CVSS Base Score of 9.0. Today’s Critical Patch Update for Java SE provides 30 new security fixes.  The most severe CVSS Base Score for these Java SE vulnerabilities is 10.0 and this score affects 10 vulnerabilities.  As usual, Oracle reports the most severe CVSS Base Score, and these CVSS 10.0s assume that the user running a Java Applet or Java Web Start application has administrator privileges (as is typical on Windows XP). However, when the user does not run with administrator privileges (as is typical on Solaris and Linux), the corresponding CVSS impact scores for Confidentiality, Integrity, and Availability are "Partial" instead of "Complete", typically lowering the CVSS Base Score to 7.5 denoting that the compromise does not extend to the underlying Operating System.  Also, as is typical in the Critical Patch Update for Java SE, most of the vulnerabilities affect Java and Java FX client deployments only.  Only 2 of the Java SE vulnerabilities fixed in this Critical Patch Update affect client and server deployments of Java SE, and only one affects server deployments of JSSE.  This reflects the fact that Java running on servers operate in a more secure and controlled environment.  As discussed during a number of sessions at JavaOne, Oracle is considering security enhancements for Java in desktop and browser environments.  Finally, note that the Critical Patch Update for Java SE is cumulative, in other words it includes all previously released security fixes, including the fix provided through Security Alert CVE-2012-4681, which was released on August 30, 2012. For More Information: The October 2012 Critical Patch Update advisory is located at http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html The October 2012 Critical Patch Update for Java SE advisory is located at http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html.  An online video about the importance of keeping up with Java releases and the use of the Java auto update is located at http://medianetwork.oracle.com/video/player/1218969104001 More information about Oracle Software Security Assurance is located at http://www.oracle.com/us/support/assurance/index.html  

    Read the article

  • How quickly do I need to complete the installation of Windows updates once they're available?

    - by DragonLord
    I know that Microsoft publishes most updates on the second Tuesday of each month. While I understand that it is important to install security updates as soon as possible, do I place my computer at a significant risk if I wait more than a few hours after the updates are available to install the updates and restart the computer to complete installation? I'm asking because 1) I can't always restart the computer immediately after the system prompts me to do so; and 2) the download process sometimes has to be manually started late in the day when I remember, much later than when they're released at 01:00 PM EST/EDT, because Windows Update only seems to check automatically once per day and does so as soon as I connect to the Internet. Ideally, answers should be detailed and objective, with citations to references as appropriate.

    Read the article

  • Can /etc/hosts.deny/allow be overridden?

    - by Tar
    I have security measures put in place to keep unwanted users out of my server. I've changed the SSH port, disabled root login, have a software firewall to block portscans, and have entries in hosts.deny and hosts.allow. I have various services denied to all but another server of mine should my IP change, and two other administrators + my own IP address. My question is, can hosts.deny/allow configuration be overridden so that they can gain access to my server? Does using chroot jail for running things like an IRC server and Teamspeak server prevent people from gaining access to my server and screwing with it?

    Read the article

  • Is email encryption practical enough?

    - by Dimitri C.
    All emails I have ever sent were sent as plain text. Like postcards, everybody on the way to the addressee could easily read and store them. This worries me. I know privacy is something of the past, but encrypting email is possible, at least in theory. However, I wonder whether it is practical enough. Is there anybody who has experience with email security? Is it easy to set up? And can you still send and receive email from all you friends and acquaintances?

    Read the article

  • screensavergraceperiod not working

    - by Ralf
    Good Morning, in windows XP there is a registry setting called ScreenSaverGracePeriod which lets you set a time period between the activation of the screensaver and locking of the screen. As as result, as soon as you see the screensaver beeing activated, you have X seconds to press a key or move the mouse in order to avoid having to log in again. Unfortunately, this setting isn't working on my machine. I tried everything I could find on the net (setting the period as stirng or number), but it still does not work. Could it be that some kind of security suite (Symantec) or anything else is blocking this feature? Cheers, Ralf

    Read the article

  • XML Schema For MBSA Reports

    - by Steve Hawkins
    I'm in the process of creating a script to run the command line version of Microsoft Baseline Security Analyzer (mbsacli.exe) against all of our servers. Since the MBSA reports are provided as XML documents, I should be able to write a script or small program to parse the XML looking for errors / issues. I'm wondering if anyone knows whether or not the XML schema for the MBSA reports is documented anywhere -- I have goggled this, and cant seem to find any trace of it. I've run across a few articles that address bits and pieces, but nothing that addresses the complete schema. Yes, I could just reverse engineer the XML, but I would like to understand a little more about the meaning of some of the tags. Thanks...

    Read the article

  • What compatibility trade-offs do we need to make in order to use a hardened SSL config for Nginx?

    - by nathan.f77
    I found some hardened SSL settings in github.com/ioerror/duraconf. Here is the header from the config: This is an example of a high security, somewhat compatible SSLv3 and TLSv1 enabled HTTPS proxy server. The server only allows modes that provide perfect forward secrecy; no other modes are offered. Anonymous cipher modes are disabled. This configuation does not include the HSTS header to ensure that users do not accidentally connect to an insecure HTTP service after their first visit. It only supports strong ciphers in PFS mode: ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; # Only strong ciphers in PFS mode ssl_ciphers ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA; ssl_protocols SSLv3 TLSv1; If we were to use these settings on our website, what does "somewhat compatible" mean? For example, would IE6 still be able to connect?

    Read the article

  • IOUG Webcast Series on Identity Management

    - by Tanu Sood
    Identity Management for Business Empowerment Identity Management has gone from the realm of IT tools to being a business solution. Security and Identity Management offer confidence in doing secure and compliant business. But more than that, Identity Management today contributes to business growth with secure social, cloud, mobile and internal & external ecosystem enablement. Cloud computing has heightened the interest in user access security, mobile computing brings access to information beyond the enterprise and a bring your own device culture in-house, social media has added a new dimension to user identity and increasing security compliance pressure has made organizations rethink their roles and entitlements strategy. To discuss the industry trends, maturity and framework for security, compliance and business empowerment with identity management, Oracle is proud to collaborate with IOUG to launch a series of live webcasts. Covering a span of topics from identity platform to entitlements managements, privilege access management and cloud, mobile and social security, these webcasts will provide direct access to subject matter experts and technology specialists. Hear first-hand about best practices, a pragmatic approach to security implementation, customer success stories and more. Register today for the individual webcasts or the series. And just a reminder that the conversation starts at COLLABORATE 12 in Las Vegas from April 22nd – 26th. In addition to our conference sessions, as an added value this year, we are offering a half-day deep dive session on Oracle Identity Management: Building a Security and Compliance Framework for Oracle Systems. The session is scheduled for Sunday, April 22nd from 9 am to 3 pm and will cover relevant topics such as: • A Primer on Identity Management • Security and Compliance with Oracle Identity Management • Security for Oracle Applications, Fusion Applications• Managing Identities in The Cloud and Mobile World • Best Practices: Building an Identity Roadmap and Getting Started To get a head start on your compliance and security program, pre-register for this session today.

    Read the article

  • Why are Linux-based operating systems considered safer than Windows?

    - by echoblaze
    I hear that Linux-based systems are better for security. Apparently they don't have viruses and do not need antivirus software. Even my university claims this - they refuse to have Windows on their servers, which is a real shame because we wanted to use the .NET framework to create some websites. The only reason I can see Linux being safer is because it's open-source, so bugs theoretically would get caught and fixed sooner. I know a bit about how operating systems work, but haven't really delved into how Linux and Windows implement their OS. Can someone explain the difference that makes Linux-based systems more secure?

    Read the article

  • Oracle buys Secerno

    - by Paulo Folgado
    Adds Heterogeneous Database Firewall to Oracle's Industry-leading Database Security SolutionsRedwood Shores, CA - May 20, 2010News FactsOracle has agreed to acquire Secerno, a provider of database firewall solutions for Oracle and non-Oracle databases.Organizations require a comprehensive security solution which includes database firewall functionality to prevent sophisticated attacks from reaching databases.Secerno's solution adds a critical defensive layer of security around databases, which blocks unauthorized activity in real-time.Secerno's products are expected to augment Oracle's industry-leading portfolio of database security solutions, including Oracle Advanced Security, Oracle Database Vault and Oracle Audit Vault to further ensure data privacy, protect against threats, and enable regulatory compliance.The combination of Oracle and Secerno underscores Oracle's commitment to provide customers with the most comprehensive and advanced security offering that helps reduce the costs and complexity of securing their information throughout the enterprise.The transaction is expected to close before end of June 2010. Financial details of the transaction were not disclosed.Supporting Quote:"The Secerno acquisition is in direct response to increasing customer challenges around mitigating database security risk," said Andrew Mendelsohn, senior vice president, Oracle Database Server Technologies. "Secerno's database firewall product acts as a first line of defense against external threats and unauthorized internal access with a protective perimeter around Oracle and non-Oracle databases. Together, Oracle's complete set of database security solutions and Secerno's technology will provide customers with the ability to safeguard their critical business information.""As a provider of database firewall solutions that help customers safeguard their enterprise databases, Secerno is a natural addition to Oracle's industry-leading database security solutions," said Steve Hurn, CEO Secerno. "Secerno has been providing enterprises and their IT Security departments strong assurance that their databases are protected from attacks and breaches. We are excited to bring Secerno's domain expertise to Oracle, and ensure continuity and success for our current customers, partners and prospects."Support Resources:About Oracle and SecernoGeneral PresentationFAQCustomer LetterPartner Letter

    Read the article

  • If sudo is broken, what should be used instead?

    - by ivant
    I found the following answer to a FAQ question about a security problem in Oprofile: This "problem" only occurs if you actively, and mistakenly, configure access to OProfile via sudo. OProfile uses shell scripts which have not been audited (nor is it likely to happen) for use through the broken sudo facility (anything that lets you alter root's path arbitrarily counts as horribly broken). Do not use sudo! As I see it, the author of the answer suggests that sudo is broken, so that it should not be used not only with oprofile, but for other purposes as well. Are there better alternatives to sudo in Linux?

    Read the article

  • Mysterious login attempts to windows server

    - by Jim Balo
    I have a Windows 2008R2 server that is reporting failed login attempts from a number of workstations on our network. Some event log details: Event ID 4625, Status: 0xc000006d, Sub Status: 0xc0000064 Security ID: NULL SID, Account Name: joedoe, Account Domain: Acme Workstation Name: WINXP1, Source Network Address: 192.168.1.23, Source Port: 1904 Logon Process: NtLmSsp, Authentication Package: NTLM, Logon Type: 3 (network) I believe this is coming from some netbios service or similar (maybe the file explorer), keeping an inventory of its network neighborhood and also trying to authenticate. Is there a way to turn this off without having to turn off file sharing all together? In other words, clients authenticating against file servers that they use is of course no problem, but I want to eliminate clients trying to authenticate to servers that they are not using and have no business with. The above example is only one of thousands of log alerts for similar failed network authentications. What can I do to clean this up / handle this? Thanks.

    Read the article

  • IIS reveals internal IP address in content-location field - fix

    - by saille
    Referring: http://support.microsoft.com/kb/q218180/, there is a known issue in IIS4/5/6 whereby it will reveal the internal IP of a web server in the content-location field of the HTTP header. We have IIS 6. I have tried the fix suggested, but it has not worked. The website is configured to send all requests to ASP.NET, and I am wondering if this is why the fix, which addresses IIS configuration, has not worked for us. If this is the case, how would we fix this in ASP.NET? We need to fix this issue in order to pass a security audit.

    Read the article

  • sudo apt-get update does not work for 12.10

    - by Brian Hawi
    hey i recently installed ubuntu 12.10 but the software center does not work i tried the sudo apt-get update because that worked when i was using ubuntu 11.04.... these are the errors hawi@hawi-HP-G62-Notebook-PC:~$ sudo apt-get update [sudo] password for hawi: Err http:ke.archive.ubuntu.com quantal InRelease Err http:ke.archive.ubuntu.com quantal-updates InRelease Err http:ke.archive.ubuntu.com quantal-backports InRelease Err http:ke.archive.ubuntu.com quantal Release.gpg Unable to connect to ke.archive.ubuntu.com:http: Err http:ke.archive.ubuntu.com quantal-updates Release.gpg Unable to connect to ke.archive.ubuntu.com:http: Err http:ke.archive.ubuntu.com quantal-backports Release.gpg Unable to connect to ke.archive.ubuntu.com:http: Err http:security.ubuntu.com quantal-security InRelease Err http:security.ubuntu.com quantal-security Release.gpg Unable to connect to security.ubuntu.com:http: [IP: 91.189.92.190 80] Err http:extras.ubuntu.com quantal InRelease Err http:extras.ubuntu.com quantal Release.gpg Unable to connect to extras.ubuntu.com:http: Reading package lists... Done W: Failed to fetch http:ke.archive.ubuntu.com/ubuntu/dists/quantal/InRelease W: Failed to fetch http:ke.archive.ubuntu.com/ubuntu/dists/quantal-updates/InRelease W: Failed to fetch http:ke.archive.ubuntu.com/ubuntu/dists/quantal-backports/InRelease W: Failed to fetch http:security.ubuntu.com/ubuntu/dists/quantal-security/InRelease W: Failed to fetch http:extras.ubuntu.com/ubuntu/dists/quantal/InRelease W: Failed to fetch http:ke.archive.ubuntu.com/ubuntu/dists/quantal/Release.gpg Unable to connect to ke.archive.ubuntu.com:http: W: Failed to fetch http:ke.archive.ubuntu.com/ubuntu/dists/quantal-updates/Release.gpg Unable to connect to ke.archive.ubuntu.com:http: W: Failed to fetch http:ke.archive.ubuntu.com/ubuntu/dists/quantal-backports/Release.gpg Unable to connect to ke.archive.ubuntu.com:http: W: Failed to fetch http:security.ubuntu.com/ubuntu/dists/quantal-security/Release.gpg Unable to connect to security.ubuntu.com:http: [IP: 91.189.92.190 80] W: Failed to fetch http:extras.ubuntu.com/ubuntu/dists/quantal/Release.gpg Unable to connect to extras.ubuntu.com:http: W: Some index files failed to download. They have been ignored, or old ones used instead. (note i have removed the // after http because the site does not allow me to post more than two links) what could be the issue?

    Read the article

  • IIS reveals internal IP address in content-location field

    - by saille
    Referring: http://support.microsoft.com/kb/q218180/, there is a known issue in IIS4/5/6 whereby it will reveal the internal IP of a web server in the content-location field of the HTTP header. We have IIS 6. I have tried the fix suggested, but it has not worked. The website is configured to send all requests to ASP.NET, and I am wondering if this is why the fix, which addresses IIS configuration, has not worked for us. If this is the case, how would we fix this in ASP.NET? We need to fix this issue in order to pass a security audit.

    Read the article

  • How to list all my packages from command line which can show package name, license, source url, etc?

    - by YumYumYum
    How to get all the installed package list with there license, source url? Such as following only shows name of the package only. $ dpkg --get-selections acpi-support install acpid install adduser install adium-theme-ubuntu install aisleriot install alacarte install For example in Fedora/CentOS (RED HAT LINUX BRANCH), you can see that: $ yum info busybox Loaded plugins: auto-update-debuginfo, langpacks, presto, refresh-packagekit Available Packages Name : busybox Arch : i686 Epoch : 1 Version : 1.18.2 Release : 5.fc15 Size : 615 k Repo : updates Summary : Statically linked binary providing simplified versions of system commands URL : http://www.busybox.net License : GPLv2 Description : Busybox is a single binary which includes versions of a large number : of system commands, including a shell. This package can be very : useful for recovering from certain types of system failures, : particularly those involving broken shared libraries. Follow up: /var/lib/apt/lists$ ls extras.ubuntu.com_ubuntu_dists_natty_main_binary-amd64_Packages extras.ubuntu.com_ubuntu_dists_natty_main_source_Sources extras.ubuntu.com_ubuntu_dists_natty_Release extras.ubuntu.com_ubuntu_dists_natty_Release.gpg lock partial security.ubuntu.com_ubuntu_dists_natty-security_main_binary-amd64_Packages security.ubuntu.com_ubuntu_dists_natty-security_main_source_Sources security.ubuntu.com_ubuntu_dists_natty-security_multiverse_binary-amd64_Packages security.ubuntu.com_ubuntu_dists_natty-security_multiverse_source_Sources security.ubuntu.com_ubuntu_dists_natty-security_Release security.ubuntu.com_ubuntu_dists_natty-security_Release.gpg security.ubuntu.com_ubuntu_dists_natty-security_restricted_binary-amd64_Packages security.ubuntu.com_ubuntu_dists_natty-security_restricted_source_Sources security.ubuntu.com_ubuntu_dists_natty-security_universe_binary-amd64_Packages security.ubuntu.com_ubuntu_dists_natty-security_universe_source_Sources us.archive.ubuntu.com_ubuntu_dists_natty_main_binary-amd64_Packages us.archive.ubuntu.com_ubuntu_dists_natty_main_source_Sources us.archive.ubuntu.com_ubuntu_dists_natty_multiverse_binary-amd64_Packages us.archive.ubuntu.com_ubuntu_dists_natty_multiverse_source_Sources us.archive.ubuntu.com_ubuntu_dists_natty_Release us.archive.ubuntu.com_ubuntu_dists_natty_Release.gpg us.archive.ubuntu.com_ubuntu_dists_natty_restricted_binary-amd64_Packages us.archive.ubuntu.com_ubuntu_dists_natty_restricted_source_Sources us.archive.ubuntu.com_ubuntu_dists_natty_universe_binary-amd64_Packages us.archive.ubuntu.com_ubuntu_dists_natty_universe_source_Sources us.archive.ubuntu.com_ubuntu_dists_natty-updates_main_binary-amd64_Packages us.archive.ubuntu.com_ubuntu_dists_natty-updates_main_source_Sources us.archive.ubuntu.com_ubuntu_dists_natty-updates_multiverse_binary-amd64_Packages us.archive.ubuntu.com_ubuntu_dists_natty-updates_multiverse_source_Sources us.archive.ubuntu.com_ubuntu_dists_natty-updates_Release us.archive.ubuntu.com_ubuntu_dists_natty-updates_Release.gpg us.archive.ubuntu.com_ubuntu_dists_natty-updates_restricted_binary-amd64_Packages us.archive.ubuntu.com_ubuntu_dists_natty-updates_restricted_source_Sources us.archive.ubuntu.com_ubuntu_dists_natty-updates_universe_binary-amd64_Packages us.archive.ubuntu.com_ubuntu_dists_natty-updates_universe_source_Sources

    Read the article

  • How difficult is it to setup a mailserver?

    - by Jacob R
    I want a secure mail solution, as I am looking to move away from Google and other parties looking into my private data. How much of a PITA is it to setup my own mailserver? Should I go for an external provider with a good privacy policy and encrypted data instead? I have a VPS running Debian (with a dedicated IP + reverse DNS), and I'm a fairly capable Linux administrator, having setup a couple of webservers, home networks, and looking over the shoulder of sysadmins at work. The security I currently have on the VPS is limited to iptables and installing/running the bare minimum of what I need (currently basically irssi and lighttpd). When setting up a mail server, is there a lot of stuff to take into consideration? Will my outgoing mail be marked as spam on other servers if I don't implement a number of solutions? Will reliable spam filtering be difficult to setup? Can I easily encrypt the stored mail?

    Read the article

  • secure synchronization of large amount of data

    - by goncalopp
    I need to automatically mirror a large amount (terabytes) of files in two unix machines over a slow link (1 Mbps). This needs to be done frequently, but the data doesn't change too much (delta transmission doesn't saturate the link). The usual solution would be rsync, but there's an additional requirement: it's undesirable, from a security standpoint, that either the source or destination machines have (keyless) ssh keys to each other, or any kind of filesystem access. All communication between the two machines should thus be initialized (and mediated) through a third machine. I've asked a separate question about rsync in particular here. Are there other obvious solutions I'm missing?

    Read the article

  • Running .net application over a network

    - by Marlon
    Hello, I need some advice please. I need to enable a .Net application to run over a network share, the problem is that this will be on clients network shares and so the path will not be identical. I've had a quick look at ClickOnce and the publish options in VS2008 but it wants a specific network share location - and I'm assuming this location gets stored somewhere when it does its thing. At the moment the job is being done with a old VB6 application and so gets around all these security issues, but that application is poorly written and almost impossible to maintain so it really needs to go. Is it possible for the domain controller to be set up to allow this specific .Net application to execute? Any other options would be welcomed as I want to get this little application is very business critical. I aught to say that the client networks are schools, and thus are often quite locked down as are the client machines, so manually adding exceptions to each client machine is a big no no. Marlon

    Read the article

  • How to force WinXP to ask for password before software installation/uninstall?

    - by crosenblum
    I really like some of the linux security measures it uses. So what i'd like to do is have WinXP Pro SP3 ask for my user password everytime i try to install/remove software. I know I can't make windows be as secure as linux, but i'd love to adopt some of the great ideas and measures used, as possible, to make windows more secure. Any suggestions? P.S. Are there other people out there, who try to make their windows feel more linux like? Just curious.

    Read the article

  • How dangerous can javascript be?

    - by CrazyJugglerDrummer
    I have recently started using noscript (in addition to ABP). It took a little while to get used to it and can occasionally require some clicking when visiting a new site to investigate why the site's not working and where I need to allow javascript from. Is the extra security worth it? Some of the controversy is discussed here. I suppose it boils down to a matter of whether javascript is a genuine threat to your computer or not. Any thoughts on this?

    Read the article

  • Remove SID with ICACLS

    - by chris
    I am trying to remove an obsolete SID (the account was apparently deleted). I've tried to run the following on the server (win2003) and a client (win7): icacls c:\path /remove *S-1-5-21-1883347182-1220252494-433279356-1095 /T But I always get the output Successfully processed 0 files; Failed processing 0 files without it doing anything. How can I get it to work? Update: I've used AccessEnum to get the SID because icacls only says "No mapping between account names and security IDs was done." but doesn't show the sid. The output from AccessEnum is: "Path" "Read" "Write" "Deny" "c:\path" "Administrators, S-1-5-21-1883347182-1220252494-433279356-1095, ..." "Administrators, S-1-5-21-1883347182-1220252494-433279356-1095, ..." ""

    Read the article

  • Does removing admin rights really mitigate 90% of Critical Windows 7 vulnerabilities found to date?

    - by Jordan Weinstein
    Beyondtrust.com published a report, somewhat recently, claiming among other quite compelling things, "90% of Critical Microsoft Windows 7 Vulnerabilities are Mitigated by Eliminating Admin Rights" Other interesting 'facts' they provide say that these are also mitigated by NOT running as a local admin: 100% of Microsoft Office vulnerabilities reported in 2009 94% of Internet Explorer and 100% of IE 8 vulnerabilities reported in 2009 BUT, reading the first page or so of the report I saw this line: A vulnerability is considered mitigated by removing administrator rights if the following sentence is located in the Security Bulletin’s Mitigating Factors section, ?Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. could be sounds pretty weak to me so and I wondered how valid all this really is. I'm NOT trying to say it's not safer to run without admin rights, I think that is well known. I just wonder if these stats are something you would use as ammo in an argument, or use to sell a change like that (removing users as local admins) to business side? Thoughts? Link to the report (pdf) [should this supposed to be a community wiki?]

    Read the article

  • Unexpected Access Denied error while accessing EFS encrypted file

    - by pozi
    I am getting Access Denied error when I try to access some files. ACL is OK, all ACE's all intherited, I have full access to these files and I am the owner of these files. ACE's are exactly same as other files in the same directory which are accessible without problems (doublechecked through Security Tab on file properties and cacls command). Files are EFS encrypted, however I should have access to these files, because they were encrypted by the same user account I am trying to access (decrypt) them. EFS settings are exactly same as other files in the same directory which are also encrypted and accessible without problems (doublechecked through cipher command and efsdump command (SysInternals)). In ProcMon utility (SysInternals) I am getting Access Denied entry while accessing these files. Files are not used (locked), checked by Unlocker utility. Up to now, I tought I understand NTFS ACL's and EFS mechanisms fairly well, but now I am completely stuck and I do not know how to access these files. Any thoughts?

    Read the article

< Previous Page | 98 99 100 101 102 103 104 105 106 107 108 109  | Next Page >