Search Results

Search found 120608 results on 4825 pages for 'code access security'.

Page 103/4825 | < Previous Page | 99 100 101 102 103 104 105 106 107 108 109 110  | Next Page >

  • Can I lose files when changing security on an XP drive within Windows 7?

    - by Will
    Hard to come up with a title for this one, sheesh. Have a friend whose computer went down. He asked me to get all his data off his drive. His old computer was running XP. So, I've plugged it into my Windows 7 computer. When I attempt to open up his Documents and Settings folder, I get prompted to elevate in order to "permanently get access to this folder." If I do this, will I be able to access the files in this directory, or will all the current files be lost? I may be overly paranoid about this, but I can't find any information about exactly what will happen when I do this. TIA.

    Read the article

  • Why does this work: Windows same local admin username and password, able to access other computer?

    - by Ankush
    I've two machines MachineA and MachineB. Both have two local accounts which have same username . Both accounts are local admin on those machines. If they have same password, I'm able to access \\MachineA\C$ from MachineB. But if I change any one password above doesn't work. And it prompts for username and password. Now if I provide MachineA\username and password, it then connects. Why isn't there a prompt for password when passwords are same? I expected passwords to be hashed with random salt, how does windows know passwords are same and authorize access? These machines are running Windows Server 2008 R2. PS. I've created following reg key to enable drive access HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\LocalAccountTokenFilterPolicy to 1

    Read the article

  • Searching For a Desktop Security Software to harden Windows machines, anybody?

    - by MosheH
    I'm a network administrator of a small/medium network. I'm looking for a software (Free or Not) which can harden Windows Computers (XP And Win7) for the propose of hardening standalone desktop computers (not in domain network). Note: The computers are completely isolated (standalone), so i can't use active directory group policy. moreover, there are too many restriction that i need to apply, so it is not particle to set it up manual (one by one). Basically what I’m looking for is a software that can restrict and disable access for specific user accounts on the system. For Example: User john can only open one application and nothing else -- He don’t see no icon on the desktop or start menu, except for one or two applications which i want to allow. He can't Right click on the desktop, the task-bar icons are not shown, there is no folder options, etc... User marry can open a specific application and copy data to one folder on D drive. User Dan, have access to all drives but cannot install software, and so on... So far ,I've found only the following solutions, but they all seems to miss one or more feature: Desktop restriction Software 1. Faronics WINSelect The application seems to answer most of our needs except one feature which is very important to us but seems to be missing from WINSelect, which is "restriction per profile". WINSelect only allow to set up restrictions which are applied system-wide. If I have multiple user accounts on the system and want to apply different restrictions for each user, I cant. Deskman (No Restriction per user)- Same thing, no restriction per profile. Desktop Security Rx - not relevant, No Win7 Support. The only software that I've found which is offering a restriction per profile is " 1st Security Agent ". but its GUI is very complicated and not very intuitive. It's worth to mention that I'm not looking for "Internet Kiosk software" although they share some features with the one I need. All I need is a software (like http://www.faronics.com/standard/winselect/) that is offering a way to restrict Windows user interface. So if anybody know an Hardening software which allows to set-up user restrictions on Windows systems, It will be a big, big, big help for me! Thanks to you all

    Read the article

  • Ldap access lists users even if user has no rights...

    - by Patkos Csaba
    I am trying to set up a more complex Active Directory structure for some testing purposes. What I did so far: set up 2 windows (one 2008 and one 2003) to control the same domain set up an Organizational Unit (ou): Developers set up 2 child OUs: "one" and "two" each OU has it's admin: adminOne and adminTwo I denied all access to OU "two" by removing on the Security tab all the groups I don't want to access it. now, when I log in as adminOne and I try to click on OU "two" it says I don't have permissions to see the users and properties of "two" - this is perfect, it's what I want Here comes my problem: I do a LDAP query with the adminOne user on the "Developers" What I expect to happen: I expect to retrieve the users from Developer - One I expect to NOT be able to retrieve the users from Developers - Two What actually happens: ldap shows all the users, both from Developers - One and Developers - Two, even if the user should not have permissions to Developers - Two And now my question: is there any specific settings on Windows 2003 or 2008 Active Directory servers which allow or deny access over LDAP? I could not find any.

    Read the article

  • How to collect Security Event Logs for a single category via Powershell

    - by Darktux
    I am trying to write a script which collects security log from all of our domain controllers hourly and stores them remotely; i can collect the security logs , but is there a way to collect the security logs by category or event number from the DC? please do let me know if any additional questions. My Code: $Eventlogs = Get-WmiObject -Class Win32_NTEventLogFile -ComputerName $computer Foreach($log in $EventLogs) { if($Log.LogFileName -eq "Security") { $Now = [DateTime]::Now $FileName = "Security" +"_"+$Now.Month+$Now.Day+$Now.Year+"_"+$Now.Hour+$Now.Minute+$Now.Second $path = "\\{0}\c$\LogFolder\$folder\$FileName.evt" -f $Computer $ErrBackup = ($log.BackupEventLog($path)).ReturnValue if($clear) { if($ErrBackup -ne 0) { "Backup failed" "Backup Error was " + $ErrBackup } } } } Copy-EventLogsToArchive -path $path -Folder $Folder }

    Read the article

  • What sites/publications are good for staying current on security and malware trends?

    - by Holocryptic
    In my ever expanding quest for knowledge, I'm at the point where I feel like I need to be more up to date with the current security trends, as well as malware and such that are in the wild. I'd like to be able to say, "I've heard of that and the fix is...." versus, "Oh, yeah, I had that eat up half my network before I contained it...." What sites and publications are good for keeping up with these things?

    Read the article

  • putty 0.61 : why do I see "Access Denied" message after I enter my login id?

    - by anjanbacchu
    I use putty to login to my RHEL 5.3 server. I'm prompted to enter my login as "login as " and I enter my login Id. as soon as I press ENTER, I see a "Access Denied" message following which I'm prompted with password. I successfully enter password and I'm through -- no problems. I tried the same with putty 0.60(as opposed to above putty 0.61) but in this version, I don't get any "access denied" error. What should I make of this ? Is putty 0.61 version buggy ? P.S : If I login using ssh.exe(from cygwin), then I'm fine -- I don't get any "access denied" errors. Thank you,

    Read the article

  • How can I ensure an ex-administrator of Exchange doesn't still have email access somewhere?

    - by Tony T
    I work for a company in which an ex-employee had administrative access to Microsoft Exchange 2007, and I understand that at some points this person had email which was sent to other employees also forwarded on to him. Upon taking over the administration of the server, of course all of his known accounts were closed, and any of those forwarding rules were removed. However, I would like to ensure that we didn't miss anything. What would be the best way to ensure that: (1) There isn't still some sort-of email being forwarded on to him somewhere? (2) That he doesn't have some sort-of other access to an inbox or another employee's email? I am less concerned about access to the box itself as I am that there is an existing email rule somewhere that is still getting run, or that there is a distribution list that we missed, etc.

    Read the article

  • What are possible security issues with an SSH daemon?

    - by Zhenya
    I'd like to be able to SSH to my Ubuntu 10.04 office PC from the outside. I am thus thinking to start up an SSH daemon on the PC. What are the security issues, possible glitches, specific configuration settings, etc. I should be aware of? In case it matters: this is essentially for my own use only, I don't think there will be other people using it; it's an Ubuntu 10.04 PC in a mostly Windows 7/Vista/XP environment.

    Read the article

  • When a new user is created on Centos 6, it takes a while (30 mins) before he can access his group folder

    - by Diepseun
    I created a new user and made it part of a certain group which has full access (777) to a folder. Checked the user in Samba, password the same as his Windows (XP) password, rebooted his desktop but he didn't have access to the folder. Checked the Samba group and config file and the user was defined as a member of the group. It didn't make sense and I then did something else for a while. When I tried again, without doing anything further about it, the user had access to the folder. I did restart the Samba server after my original changes. Thanks in advance.

    Read the article

  • Possible to view PHP code of a website?

    - by Camran
    Is it possible to somehow view another websites php files/codes? Or to rephrase the question, Can my php codes be viewed by anybody except for those who have access to the file? If so, how cant I best prevent this? Thanks Ps: Server OS is Ubuntu 9.10 and PHP version is 5+ (Apache2)

    Read the article

  • Is canvas security model ignoring access-control-allow-origin headers?

    - by luklatlug
    It seems that even if you set the access-control-allow-origin header to allow access from mydomain.org to an image hosted on domain example.org, the canvas' origin-clean flag gets set to false, and trying to manipulate that image's pixel data will trigger a security exception. Shouldn't canvas' obey the access-control-allow-origin header and allow access to image's data without throwing an exception?

    Read the article

  • aptitude update gives 404's for intrepid

    - by dotjoe
    I'm having issues trying to update my packages. I haven't used this server since last September and now I'm getting 404 errors on all the intrepid repos. How do I fix this? Thanks aptitude update Err http://security.ubuntu.com intrepid-security/main Packages 404 Not Found [IP: 91.189.92.166 80] Err http://security.ubuntu.com intrepid-security/restricted Packages 404 Not Found [IP: 91.189.92.166 80] Err http://security.ubuntu.com intrepid-security/main Sources 404 Not Found [IP: 91.189.92.166 80] Err http://security.ubuntu.com intrepid-security/restricted Sources 404 Not Found [IP: 91.189.92.166 80] Err http://security.ubuntu.com intrepid-security/universe Packages 404 Not Found [IP: 91.189.92.166 80] Err http://security.ubuntu.com intrepid-security/universe Sources 404 Not Found [IP: 91.189.92.166 80] Ign http://us.archive.ubuntu.com intrepid-updates/multiverse Packages Ign http://us.archive.ubuntu.com intrepid-updates/multiverse Sources Err http://us.archive.ubuntu.com intrepid/main Packages 404 Not Found [IP: 91.189.88.31 80] Err http://us.archive.ubuntu.com intrepid/restricted Packages 404 Not Found [IP: 91.189.88.31 80] Err http://us.archive.ubuntu.com intrepid/main Sources 404 Not Found [IP: 91.189.88.31 80] Err http://security.ubuntu.com intrepid-security/multiverse Packages 404 Not Found [IP: 91.189.92.166 80] Err http://us.archive.ubuntu.com intrepid/restricted Sources 404 Not Found [IP: 91.189.88.31 80] Err http://us.archive.ubuntu.com intrepid/universe Packages 404 Not Found [IP: 91.189.88.31 80] Err http://us.archive.ubuntu.com intrepid/universe Sources 404 Not Found [IP: 91.189.88.31 80] Err http://us.archive.ubuntu.com intrepid/multiverse Packages 404 Not Found [IP: 91.189.88.31 80] Err http://us.archive.ubuntu.com intrepid/multiverse Sources 404 Not Found [IP: 91.189.88.31 80] Err http://us.archive.ubuntu.com intrepid-updates/main Packages 404 Not Found [IP: 91.189.88.31 80] Err http://security.ubuntu.com intrepid-security/multiverse Sources 404 Not Found [IP: 91.189.92.166 80] Err http://us.archive.ubuntu.com intrepid-updates/restricted Packages 404 Not Found [IP: 91.189.88.31 80] Err http://us.archive.ubuntu.com intrepid-updates/main Sources 404 Not Found [IP: 91.189.88.31 80] Err http://us.archive.ubuntu.com intrepid-updates/restricted Sources 404 Not Found [IP: 91.189.88.31 80] Err http://us.archive.ubuntu.com intrepid-updates/universe Packages 404 Not Found [IP: 91.189.88.31 80] Err http://us.archive.ubuntu.com intrepid-updates/universe Sources 404 Not Found [IP: 91.189.88.31 80] Err http://us.archive.ubuntu.com intrepid-updates/multiverse Packages 404 Not Found [IP: 91.189.88.31 80] Err http://us.archive.ubuntu.com intrepid-updates/multiverse Sources 404 Not Found [IP: 91.189.88.31 80] Reading package lists... sources.list # # deb cdrom:[Ubuntu-Server 8.10 _Intrepid Ibex_ - Release i386 (20081028.1)]/ intrepid main restricted # deb cdrom:[Ubuntu-Server 8.10 _Intrepid Ibex_ - Release i386 (20081028.1)]/ intrepid main restricted # See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to # newer versions of the distribution. deb http://us.archive.ubuntu.com/ubuntu/ intrepid main restricted deb-src http://us.archive.ubuntu.com/ubuntu/ intrepid main restricted ## Major bug fix updates produced after the final release of the ## distribution. deb http://us.archive.ubuntu.com/ubuntu/ intrepid-updates main restricted deb-src http://us.archive.ubuntu.com/ubuntu/ intrepid-updates main restricted ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team. Also, please note that software in universe WILL NOT receive any ## review or updates from the Ubuntu security team. deb http://us.archive.ubuntu.com/ubuntu/ intrepid universe deb-src http://us.archive.ubuntu.com/ubuntu/ intrepid universe deb http://us.archive.ubuntu.com/ubuntu/ intrepid-updates universe deb-src http://us.archive.ubuntu.com/ubuntu/ intrepid-updates universe ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team, and may not be under a free licence. Please satisfy yourself as to ## your rights to use the software. Also, please note that software in ## multiverse WILL NOT receive any review or updates from the Ubuntu ## security team. deb http://us.archive.ubuntu.com/ubuntu/ intrepid multiverse deb-src http://us.archive.ubuntu.com/ubuntu/ intrepid multiverse deb http://us.archive.ubuntu.com/ubuntu/ intrepid-updates multiverse deb-src http://us.archive.ubuntu.com/ubuntu/ intrepid-updates multiverse ## Uncomment the following two lines to add software from the 'backports' ## repository. ## N.B. software from this repository may not have been tested as ## extensively as that contained in the main release, although it includes ## newer versions of some applications which may provide useful features. ## Also, please note that software in backports WILL NOT receive any review ## or updates from the Ubuntu security team. # deb http://us.archive.ubuntu.com/ubuntu/ intrepid-backports main restricted universe multiverse # deb-src http://us.archive.ubuntu.com/ubuntu/ intrepid-backports main restricted universe multiverse ## Uncomment the following two lines to add software from Canonical's ## 'partner' repository. This software is not part of Ubuntu, but is ## offered by Canonical and the respective vendors as a service to Ubuntu ## users. # deb http://archive.canonical.com/ubuntu intrepid partner # deb-src http://archive.canonical.com/ubuntu intrepid partner deb http://us.archive.ubuntu.com/ubuntu/ intrepid-security main restricted deb-src http://us.archive.ubuntu.com/ubuntu/ intrepid-security main restricted deb http://us.archive.ubuntu.com/ubuntu/ intrepid-security universe deb-src http://us.archive.ubuntu.com/ubuntu/ intrepid-security universe deb http://us.archive.ubuntu.com/ubuntu/ intrepid-security multiverse deb-src http://us.archive.ubuntu.com/ubuntu/ intrepid-security multiverse

    Read the article

  • Integrating Code Metrics in TFS 2010 Build

    - by Jakob Ehn
    The build process template and custom activity described in this post is available here: http://cid-ee034c9f620cd58d.office.live.com/self.aspx/BlogSamples/CodeMetricsSample.zip Running code metrics has been available since VS 2008, but only from inside the IDE. Yesterday Microsoft finally releases a Visual Studio Code Metrics Power Tool 10.0, a command line tool that lets you run code metrics on your applications.  This means that it is now possible to perform code metrics analysis on the build server as part of your nightly/QA builds (for example). In this post I will show how you can run the metrics command line tool, and also a custom activity that reads the output and appends the results to the build log, and also fails he build if the metric values exceeds certain (configurable) treshold values. The code metrics tool analyzes all the methods in the assemblies, measuring cyclomatic complexity, class coupling, depth of inheritance and lines of code. Then it calculates a Maintainability Index from these values that is a measure f how maintanable this method is, between 0 (worst) and 100 (best). For information on hwo this value is calculated, see http://blogs.msdn.com/b/codeanalysis/archive/2007/11/20/maintainability-index-range-and-meaning.aspx. After this it aggregates the information and present it at the class, namespace and module level as well. Running Metrics.exe in a build definition Running the actual tool is easy, just use a InvokeProcess activity last in the Compile the Project sequence, reference the metrics.exe file and pass the correct arguments and you will end up with a result XML file in the drop directory. Here is how it is done in the attached build process template: In the above sequence I first assign the path to the code metrics result file ([BinariesDirectory]\result.xml) to a variable called MetricsResultFile, which is then sent to the InvokeProcess activity in the Arguments property. Here are the arguments for the InvokeProcess activity: Note that we tell metrics.exe to analyze all assemblies located in the Binaries folder. You might want to do some more intelligent filtering here, you probably don’t want to analyze all 3rd party assemblies for example. Note also the path to the metrics.exe, this is the default location when you install the Code Metrics power tool. You must of course install the power tool on all build servers. Using the standard output logging (in the Handle Standard Output/Handle Error Output sections), we get the following output when running the build: Integrating Code Metrics into the build Having the results available next to the build result is nice, but we want to have results integrated in the build result itself, and also to affect the outcome of the build. The point of having QA builds that measure, for example, code metrics is to make it very clear how the code being built measures up to the standards of the project/company. Just having a XML file available in the drop location will not cause the developers to improve their code, but a (partially) failing build will! To do this, we need to write a custom activity that parses the metrics result file, logs it to the build log and fails the build if the values frfom the metrics is below/above some predefined treshold values. The custom activity performs the following steps Parses the XML. I’m using Linq 2 XSD for this, since the XML schema for the result file is available, it is vey easy to generate code that lets you query the structure using standard Linq operators. Runs through the metric result hierarchy and logs the metrics for each level and also verifies maintainability index and the cyclomatic complexity with the treshold values. The treshold values are defined in the build process template are are sent in as arguments to the custom activity If the treshold values are exceeded, the activity either fails or partially fails the current build. For more information about the structure of the code metrics result file, read Cameron Skinner's post about it. It is very simpe and easy to understand. I won’t go through the code of the custom activity here, since there is nothing special about it and it is available for download so you can look at it and play with it yourself. The treshold values for Maintainability Index and Cyclomatic Complexity is defined in the build process template, and can be modified per build definition: I have taken the default value for these settings from my colleague Terje Sandström post on Code Metrics - suggestions for approriate limits. You’ll notice that this is quite an improvement compared to using code metrics inside the IDE, where Red/Yellow/Green limits are fixed (and the default values are somewaht strange, see Terjes post for a discussion on this) This is the first version of the code metrics integration with TFS 2010 Build, I will proabably enhance the functionality and the logging (the “tree view” structure in the log becomes quite hard to read) soon. I will also consider adding it to the Community TFS Build Extensions site when it becomes a bit more mature. Another obvious improvement is to extend the data warehouse of TFS and push the metric results back to the warehouse and make it visible in the reports.

    Read the article

  • How to Add the Windows Calculator to the Quick Access Toolbar in Microsoft Excel 2013

    - by Lori Kaufman
    Do you use the Windows Calculator to perform quick calculations while building spreadsheets in Excel? You can save time by adding the Calculator to the Quick Access Toolbar in Excel so you don’t have to leave the program to access the Calculator. To do this, click the down arrow on the right side of the Quick Access Toolbar and select More Commands from the drop-down menu. On the Quick Access Toolbar screen on the Excel Options dialog box, select Commands Not in the Ribbon from the Choose commands from drop-down list. Scroll down in the long list and select Calculator. Click Add to add the Calculator to the Quick Access Toolbar. Click OK to accept the change and close the Excel Options dialog box. You’ll see a Calculator icon on the Quick Access Toolbar. When you move your mouse over the icon, a hint displays saying “Custom.” Despite the label, when you click the icon, the Windows Calculator opens. The same procedure works for adding the Windows Calculator to Excel 2010, as well.     

    Read the article

  • GPL'ing code of a third party?

    - by Mark
    I am facing the following dilemma at the moment. I am using code from a scientific paper in a commercial project. So basically I copied and pasted the code from the paper's pdf into my code editor and use it in my own code. The code in the paper does not have any copy restrictions or license(like the GPL) so I thought I would be ok using it in a commercial project. However, I have seen several gpl licensed open source projects that use the exact same code from the paper to the point of having the same variable names like in the paper. So what happened here is that a gpl license was put on a third parties non gpl'ed code. Are these open source projects in violation of the gpl or would I be in violation of the gpl because I use code which has been gpl'ed? My common sense tells me it is not allowed to gpl somebody elses non-gpl'ed (like in this case from the paper) code but I though I would ask anyway.

    Read the article

  • How can I discourage the use of Access?

    - by Greg Buehler
    Lets pretend that a very large company (revenue numbers with more than 8 figures) is looking to do a refresh on a software system, particularly the dashboard used by employees. This system was originally put together in the early 1990's to handle inventory tracking and storage across a variety of facilities (10+). Since this large company is now in the process of implementing some of these inventory processes with SAP they are in need of a major refresh. The existing system: Microsoft Access project performs dashboard duties Unique shipping/receiving configurations at different facilities require unique forms and queries within the Access project Uses 3rd party libraries referenced by Access to directly interface with at control system (read: motors, conveyors, and counters) Individual SQL Server 2000 instances (some traces of pre-update SQL Server 6.0 documents) at each facility The Issue: This system started as a home brewed inventory tracking scheme with a single internal sponsor who is still in charge of the technical direction. The original sponsor prescribing the desired deliverables that are being called for in the current RFP. The RFP describes a system based around a single Access project. Any suggestion that Access is ill suited for a project of this scope are shot down under the reasoning that "it works for the scope now". Are there any case studies, notices, or statements that can be used to disuade this potential customer from repeating their mistake? Does Microsoft make any statements directly about when it is highly recommended to ditch Access?

    Read the article

  • "// ..." comments at end of code block after } - good or bad?

    - by gablin
    I've often seen such comments be used: function foo() { ... } // foo while (...) { ... } // while if (...) { ... } // if and sometimes even as far as if (condition) { ... } // if (condition) I've never understood this practice and thus never applied it. If your code is so long that you need to know what this ending } is then perhaps you should consider splitting it up into separate functions. Also, most developers tools are able to jump to the matching bracket. And finally the last is, for me, a clear violation to the DRY principle; if you change the condition you would have to remember to change the comment as well (or else it could get messy for the maintainer, or even for you). So why do people use this? Should we use it, or is it bad practice?

    Read the article

  • Who owns the code, who owns the algorithm, who owns the idea?

    - by Vorac
    This question got me thinking what products of the programming effort belong to the employer, and what don't. The two extremes are (0) the code - it apparently belongs to the employer and (1) the learned personal and technical skills. But what is in between? Who owns the pseudocode/algorithm? Who owns the general idea of the algorithm? Who owns the know-how that such an algorithm may serve some useful purpose (e.g. on this site questions are values, as well as answers)? Also: Who owns an idea on the web?

    Read the article

  • "// ..." comments at end of code block after } - good or bad?

    - by gablin
    I've often seen such comments be used: function foo() { ... } // foo while (...) { ... } // while if (...) { ... } // if and sometimes even as far as if (condition) { ... } // if (condition) I've never understood this practice and thus never applied it. If your code is so long that you need to know what this ending } is then perhaps you should consider splitting it up into separate functions. Also, most developers tools are able to jump to the matching bracket. And finally the last is, for me, a clear violation to the DRY principle; if you change the condition you would have to remember to change the comment as well (or else it could get messy for the maintainer, or even for you). So why do people use this? Should we use it, or is it bad practice?

    Read the article

  • Role based access to resources for a RESTful service

    - by mutex
    I'm still wrapping my head around REST, but I wonder if someone can help with any suggestions or approaches to role based access control for a RESTful service, particularly from the point of view of securing the data and how the URLs might look. It's probably best to consider an example: Say I have a REST service for Customers, and want to split the users of this REST service into Admin, Editor and Reader roles: Admins can change all attributes of a Customer resource Editors can change only some Readers can only view them. Access control rights are assigned to the Customers entities individually. So for example a user of the service might have admin rights to Customers 1,2 and 3 but Editor access to 4,5 and Reader access to 7,8,9. Now consider the user calling the service. What is a good way to seperate the list of Customers for the current User? GET /Customer - this might get a list of all customers that the current user has Admin\Editor\Reader access to. But then on each Customer the consumer would need an indication of what role they have. Or would it be "better" having something like GET /Customer/Admin - return all customers the current user has Admin access to. Just looking for some high level pointers or reading on a decent way to secure\filter the resources based on roles of the current user.

    Read the article

< Previous Page | 99 100 101 102 103 104 105 106 107 108 109 110  | Next Page >