Search Results

Search found 4187 results on 168 pages for 'secure erase'.

Page 105/168 | < Previous Page | 101 102 103 104 105 106 107 108 109 110 111 112  | Next Page >

  • OMG. Is Webmin safe? I can see file codes in Chrome browser without login

    - by Arwana
    When Im in File Manager of Webmin, I can double click and see the codes of the files in new tab in Firefox with its specific URL. But when I remove ?rand=xxxx... after the file.php and paste the URL in Chrome browser, I still can see the codes. This is the URL I just pasted in the Chrome browser http://xxx.xxx.xxx.xxx:10000/file/show.cgi/var/www/html/mysite.com/files/file.php And then, I logout of webmin, and I change the file.php with other file, I can see the codes. OMG. Is Webmin safe? and how to secure this?

    Read the article

  • List iterator not dereferencable?

    - by Roderick
    Hi All I get the error "list iterator not dereferencable" when using the following code: bool done = false; while (!_list_of_messages.empty() && !done) { // request the next message to create a frame // DEBUG ERROR WHEN NEXT LINE IS EXECUTED: Counted_message_reader reader = *(_list_of_messages.begin()); if (reader.has_more_data()) { _list_of_frames.push_back(new Dlp_data_frame(reader, _send_compressed_frames)); done = true; } else { _list_of_messages.pop_front(); } } (The line beginning with "Counted_message_reader..." is the one giving the problem) Note that the error doesn't always occur but seemingly at random times (usually when there's lots of buffered data). _list_of_messages is declared as follows: std::list<Counted_message_reader> _list_of_messages; In the surrounding code we could do pop_front, push_front and size, empty or end checks on _list_of_messages but no erase calls. I've studied the STL documentation and can't see any glaring problems. Is there something wrong with the above code or do I have a memory leak somewhere? Thanks! Appreciated!

    Read the article

  • Enabling SFTP Access within PLESK

    - by spelley
    I have a client who wants to ensure his upload is secure, so we are trying to enable SFTP for him on our Linux PLESK server. I have enabled SSH access to bin/bash for FTP accounts, and created a new user. When I attempt to SFTP using either the IP address or the domain name, this is the error FileZilla is giving me: Error: Authentication failed. Error: Critical error Error: Could not connect to server Here is some basic information regarding the server: Operating system Linux 2.6.24.5-20080421a Plesk Control Panel version psa v8.6.0_build86080930.03 os_CentOS 5 I had read in some places that I should reboot the SSH Service in Server - Services, however, there is no SSH Service within the list. I'm not really a server guy so it's quite possible I'm missing something obvious. Thanks for any help that you guys can provide!

    Read the article

  • Which is better for multi-use auth, MySQL, PostgreSQL, or LDAP?

    - by Fearless
    I want to set up an Oracle Linux 6 server that gives users secure IMAP email (with dovecot), Jabber IM, FTP (with vsftpd), and calDav. However, I want each user logon to be able to authenticate all services (e.g. Joe Smith signs up once for a username and password that he can use for email, ftp, and his calendar). My question is, which database service will be best suited for that application? Also, is there a way to link the database with the preexisting server shell logins (e.g. so I can read the root account's LogCheck emails on a different device)?

    Read the article

  • Increase the compression performance of VPN

    - by Martin
    I am currently switching from a system with HPN-SSH tunnels and enabled compression to something VPN based. I have tried tinc and n2n so far, hamachi requires a library I do not have. In my primitive benchmarks I am not satisfied with the achievable bandwidth compared to the SSH tunnels. In tinc the low LZO setting performed best, but compression is only available in UDP mode. Ideally I would like to have a TCP-based VPN with a multi-threaded compression. Can you suggest me some ideas how to increase the performance? Would it be possible to somehow put a compression filter in front of the tun interface? Or are there any VPN implementations that might be better suited for my needs (fast compression, TCP-based, switch mode, does not have to be super-secure)? I would consider tunnelling Ethernet over SSH, but according to some articles it is not advisable.

    Read the article

  • 3 Root accounts in MySQl database

    - by hairbymaurice
    Hello, I have managed to get mySQL running under Ubuntu 8.10, I am now diligently trying to secure the database and am adding passwords for the root users. My question: I have a root user under the host "kickseed" with no password set I have no idea what kickseed is as the database is installed under localhost, on searching around i have discovered that this is something to do with the ubuntu OS itself. Is it safe to delete this user account from MySQL or is it used for something by the OS? If i need to keep it should i /can i protect it with a password? Also i have another root account under the host IP 127.0.0.1 again can i delete this? My absolute preference would be to have only one account with root access but i do not want to delete these accounts if they are necessary. Thanks for tolerating a newbie Regards Hairby

    Read the article

  • Visual Studio crashes when I add a .settings file in a C++ Windows form application

    - by Ant
    I'm trying to add a .settings file in a windows form application by adding a (whatever) file in the project and have it named smthng.settings. Right after it is created, it crashes (if I look into the project's directory the file is there, but it's not "in" the project). Am I doing it wrong or could it be that the problem lies elsewhere? Edit: It seems that it's the settings designer that crashes. Partially Solved:If I add a (whatever).config file, then rename it to .settings and change it's file type to C/C++ Code (don't ask how I figured this out..) then I can add to it settings, but if I do add something that has any connection to the form then automatically a (whatever).config with thew same name spawns (which is identical to the (whatever).setting even if change one of them) and at the stdafx.cpp a #include '(whatever).h' appears, which is a problem, because there is not such a header. (if I erase it or just create a blank (whatever).h it doesn't work. Apparently I have to somehow connect all the data in the (w/e).settings to (w/e).h as well or maybe something else) Anyone had this problem before? Anyone has any ideas?

    Read the article

  • Problems with Black Box KVM

    - by MrWizard54
    I just recieved a shipment of equipment orderd by my predicessor that includes brand new Dell Optiplex 990 computers, with standard mice and keyboards. Also included were Black Box ServSwitch Secure KVMs. I've worked with KVMs before and hypothetically they should be the easiest thing in the world to deal with, plug it all together, push the button, go. However, for the life of me I can't get the computers to recognize the mouse or keyboard when plugged into the KVM. We've seen this with multiple KVMs across the order. Any one know what I'm missing? Computers are all Dell 990 with Windows 7.

    Read the article

  • how to debug mysql has gone?

    - by fefe
    I have a virtual machine(Ubuntu 12.04, MySQL 5.5) running under VMware and is dedicated to host a mysql server. I connect to this server on internal IP. I'm trying to find out why I get mysql server has gone error. One my windows machines apache it stops because of this issue. I have been trying to fine tune my mysql my.cnf with the following parameters but did not bring the desired result. # Instead of skip-networking the default is now to listen only on # localhost which is more compatible and is not less secure. bind-address = 0.0.0.0 # # * Fine Tuning # wait_timeout = 180 key_buffer = 384M max_allowed_packet = 64M thread_stack = 192K thread_cache_size = 8 # This replaces the startup script and checks MyISAM tables if needed # the first time they are touched myisam-recover = BACKUP max_connections = 500 table_cache = 64 #thread_concurrency = 10 # # * Query Cache Configuration # query_cache_limit = 1M query_cache_size = 32M how to debug this issue what is missing from configuration to avoid this error?

    Read the article

  • Amazon EC2 firewall rules & VPN connections

    - by John
    I'm moving from Rackspace to Amazon EC2. One thing I like about our Rackspace setup is that it is extremely secure. The MySQL box can only be accessed via internal IPs, and we have a Cisco VPN firewall that allows us to dial in remotely and access port 3306 as though we were on the internal network. I'd like to figure out how to replicate this setup with EC2. How can I make the MySQL box so that port 3306 can only be accessed on the internal network? What about the VPN piece of things? I know Amazon has the VPC service, but it seems like that's for the purpose of connecting to an existing network. I don't have an existing network. I want to essentially create one inside Amazon and connect to that. What are my options? Any good tutorials on how to get started? Thanks in advance for your help

    Read the article

  • Restrict VPN Clients to VPN Server

    - by Sprotty
    I've setup a VPN server using Debians pptpd. This all works, but I want to restrict incoming connections so they can only access ports on the VPN server and not get access to other machines on the VPN servers local network. I'm guessing this is a firewall rule? but i'm new to linux so am struggling a bit... ---- Additional info ----- The VPN Server is also hosting an SVN server, which is its real purpose, and the only service I want it to expose to incoming connections. I guess I could expose the SVN server directly, but I'm not confident that I could secure this correctly, so a VPN seemed to give an additional layer of security.

    Read the article

  • Lost Page Write I/O Errors on CentOS LVM setup

    - by Gregg Leventhal
    I have a CentOS 6 box with LVM setup and one of the PVs is a USB disk (I know). One of them is getting the error: Oct 30 10:57:07 alpha01 kernel: lost page write due to I/O error on dm-3 Oct 30 10:57:07 alpha01 kernel: Buffer I/O error on device dm-3, logical block 4 Which is causing problems with all of the LVs on it. pvs shows the PV as unknown device. I can ls to the logical volumes and they show up in lvdisplay, but first I get a bunch of IO errors. I made sure the cables are secure between the USB drive. What should I do to get this back up and running for the meanwhile? Should I unmount each LV and run an fsck.ext4 on each one like fsck.ext4 -y /dev/vg1/lv_logvolname ?

    Read the article

  • Do superuser things with normal user

    - by OrangeTux
    I want to secure the SSH access to my server. One thing I read everywhere is to disable the root user login. To still have access via SSH I created another user via sudo adduser john How can I still do root things with this account? sudo command asks for a password of the user but gives john not in sudoer file. Action will be reported. When I use su I log in as root which I'm going to disable. How can I stil do root things with the normal account john?

    Read the article

  • SFTP: How to keep data out of the DMZ

    - by ChronoFish
    We are investigating solutions to the following problem: We have external (Internet) users who need access to sensitive information. We could offer it to them via SFTP which would offer a secure transport method. However, we don't want to maintain the data on server as it would then reside in the DMZ. Is there an SFTP server that has "copy on access" such that if the box in the DMZ were to be compromised, no actual data resided on that box? I am envisioning an SFTP Proxy or SFTP passthrough. Does such a product exist currently?

    Read the article

  • Defend PHP; convince me it isn't horrible

    - by Jason L
    I made a tongue-in-cheek comment in another question thread calling PHP a terrible language and it got down-voted like crazy. Apparently there are lots of people here who love PHP. So I'm genuinely curious. What am I missing? What makes PHP a good language? Here are my reasons for disliking it: PHP has inconsistent naming of built-in and library functions. Predictable naming patterns are important in any design. PHP has inconsistent parameter ordering of built-in functions, eg array_map vs. array_filter which is annoying in the simple cases and raises all sorts of unexpected behaviour or worse. The PHP developers constantly deprecate built-in functions and lower-level functionality. A good example is when they deprecated pass-by-reference for functions. This created a nightmare for anyone doing, say, function callbacks. A lack of consideration in redesign. The above deprecation eliminated the ability to, in many cases, provide default keyword values for functions. They fixed this in PHP 5, but they deprecated the pass-by-reference in PHP 4! Poor execution of name spaces (formerly no name spaces at all). Now that name spaces exist, what do we use as the dereference character? Backslash! The character used universally for escaping, even in PHP! Overly-broad implicit type conversion leads to bugs. I have no problem with implicit conversions of, say, float to integer or back again. But PHP (last I checked) will happily attempt to magically convert an array to an integer. Poor recursion performance. Recursion is a fundamentally important tool for writing in any language; it can make complex algorithms far simpler. Poor support is inexcusable. Functions are case insensitive. I have no idea what they were thinking on this one. A programming language is a way to specify behavior to both a computer and a reader of the code without ambiguity. Case insensitivity introduces much ambiguity. PHP encourages (practically requires) a coupling of processing with presentation. Yes, you can write PHP that doesn't do so, but it's actually easier to write code in the incorrect (from a sound design perspective) manner. PHP performance is abysmal without caching. Does anyone sell a commercial caching product for PHP? Oh, look, the designers of PHP do. Worst of all, PHP convinces people that designing web applications is easy. And it does indeed make much of the effort involved much easier. But the fact is, designing a web application that is both secure and efficient is a very difficult task. By convincing so many to take up programming, PHP has taught an entire subgroup of programmers bad habits and bad design. It's given them access to capabilities that they lack the understanding to use safely. This has led to PHP's reputation as being insecure. (However, I will readily admit that PHP is no more or less secure than any other web programming language.) What is it that I'm missing about PHP? I'm seeing an organically-grown, poorly-managed mess of a language that's spawning poor programmers. So convince me otherwise!

    Read the article

  • How to build a private Wi-Fi Network server with VMware?

    - by Maarten Schermer
    For a school project, we have to build a Private network with VMware vSphere , which we can connect to with a Username and Password. On the network we want to create a folder for each Useraccount. Also we must have add a few groups (Admin,Customer,Manager). We must be able to connect to our network via the school Wi-Fi. We want to build a safe and secure network, with an easy way to access the network. Do you have any tips on how to approach this?

    Read the article

  • configure HTTPS server on a cisco router

    - by Sara
    For the past week I was trying to configure an HTTPS server on a cisco 2900 router, I've used the following commands and assigned a username and password to privilege 15 however, when Im trying to access a given ip it requires a username and password however when I insert the username and password I configured it does not allow me to enter and i'm not sure where the problem is. Router(config)# ip http secure-server Router(config)# ip http authentication local These were the commands i used for the https server and also I used the following to assign the username and password Router(config)#username name privilege 15 secret 0 password where 'name' and 'password' represent the username and password respectively I'm trying to access the 192.168.14.1 interface on the router and the username and password i created are not authorized to enter (I got the commands from a cisco router manual)

    Read the article

  • [linux] preventing access in shared hosting

    - by jack
    Hi Linux Admins I set up a small shared hosting that contains some sites. For each site, there is a user. I mean, for abcd.com, I created abcd.com user and put htdocs for web hosting. I have no idea on how to prevent abcd.com from accessing xyzd.com's data. I have chmoded by changing 0 to others permission, which makes access defined by Apache when I view it with browser. How can I secure access? Thanks.

    Read the article

  • Cloud services can't be reached from complex customer infrastructure

    - by Nock
    We have several services running on a cloud, they all are hosted on Windows Server 2012 R2, have public IP address and specific port. Some of our customers can't reach them because for "some reason" the ports are cut between a firewall between them and us. (some customers are using a shared internet connection in a multi tenant office and they can't change firewall communication) Well, you get it, we don't have the possibility to make all the firewall "allowing" the communication. My customers all runs Windows 7 at least. What is the best counter solution in such case, using Microsoft (Windows Server) technologies? The best would be some kind of tunneling communication or VPN, but the customer should also be able to access his/her enterprise resources. Bby the way, today we using IPSec using Windows Firewall to secure the communication, is IPSec tunneling a solution for us? Otherwise, is there a service in Windows to enable some kind of VPN between a client and a server but only for a given set of servers?

    Read the article

  • Client-side certificates

    - by walshms
    My company purchased a wildcard certificate from a vendor. This certificate was successfully configured with Apache 2.2 to secure a subdomain. Everything on the SSL side works. Now I'm required to generate x509 client-side certificates to issue for this subdomain. I'm following along this page: (http://www.vanemery.com/Linux/Apache/apache-SSL.html), starting with "Creating Client Certificates for Authentication". I've generated the p12 files and successfully imported them into Firefox. When I browse to the site now, I get an error in FireFox that says "The connection to the server was reset while the page was loading." I think my problem is coming from not signing the client-side correctly. When I sign the client-side certificate, I'm using the PEM file (RapidSSL_CA_bundle.pem) from RapidSSL (who we bought the certificate from) for the -CA argument. For the -CAkey argument, I'm using the private key of the server. Is this correct?

    Read the article

  • Standalone server setup for compute capacity

    - by mikera
    I'm developing an application for my company that will require a lot of compute capacity (running some very big mathematical calculations), and looking for some form of server setup to do this. For various reasons, we want to run this on-site in our office rather than hosting it externally. It's been a while since I last had to set up my own servers so I thought I would tap into the collective wisdom of serverfault! My broad requirements are: Budget $30-50k, with an aim to get as much compute capacity as possible for that budget 64-bit servers suitable to run Ubuntu Linux + Java Some relatively standalone rack that can be installed in secure office space Fast/low latency network connections between the servers, but don't really care about connectivity to the outside world Storage capacity shared between the servers - they don't necessarily need their own storage providing they can be booted from a common image Downtime can be tolerated (since the calculations are run in batch mode) The software itself is fault-tolerant, so there is no need for extra resiliency in the server setup (cheap replaceable commodity parts will be fine in general) Given these requirements what kind of setup would you recommend and why?

    Read the article

  • Forward svn port

    - by ankimal
    We have our svn server on a machine not accessible from the internet. But we need to be able to check out code from the internet over ssh. Given that we can do port forwarding on a machine accessible from the internet, whats the best way to set this up? Internet -> A machine on our network - > svn server (Port forward here? ) If not port forwarding, whats the most secure way of doing this, if there is any?

    Read the article

  • Spam mail through SMTP and user spoofing

    - by Josten Moore
    I have noticed that it's possible to telnet into a mailserver that I own and send spoofed messages to other clients. This only works for the domain that the mail server is regarding; I cannot do it for other domains. For example; lets say that I own example.com. If I telnet example.com 25 I can successfully send a message to another user without authentication: HELO local MAIL FROM: [email protected] RCPT TO: [email protected] DATA SUBJECT: Whatever this is spam Spam spam spam . I consider this a big problem; how do I secure this?

    Read the article

  • Our company claims that the DLP system can even monitor the contents of HTTPS traffic, how is this possible?

    - by Ryan
    There is software installed on all client machines for DLP (Data Loss Prevention) and HIPAA compliance. Supposedly it can read HTTPS data clearly. I always thought that between the browser and the server, this was encrypted entirely. How can software sneak in and grab this data from the browser prior to it is encrypted or after it is decrypted? I am just curious as to how this could be possible. I would think that a browser wouldn't be considered very secure if this was possible.

    Read the article

  • mod_rewrite ssl redirect

    - by Thomas
    Hi all, I want to use mod_rewrite to ensure that certain pages are served with SSL and all others normally, but I am having trouble getting it to work This works (redirect to SSL when request uri is for users or cart) RewriteCond %{SERVER_PORT} 80 RewriteCond %{REQUEST_URI} users [OR] RewriteCond %{REQUEST_URI} cart RewriteRule ^(.*)$ https://secure.host.tld/$1 [R,L] So, to accomodate for a user not to keep browsing the site with ssl, when requesting other uris, I thought the below, but doesn't work: (when port is 443 and request uri is not one of uris that need to be served by ssl, redirect back to normal host) RewriteCond %{SERVER_PORT} 443 RewriteCond %{REQUEST_URI} !^/users [OR] RewriteCond %{REQUEST_URI} !group RewriteRule ^/?(users|groups)(.*)$ http://host.tld/$1 [R,L] Any help? Thanks

    Read the article

< Previous Page | 101 102 103 104 105 106 107 108 109 110 111 112  | Next Page >