Search Results

Search found 16593 results on 664 pages for 'adf security deploy'.

Page 106/664 | < Previous Page | 102 103 104 105 106 107 108 109 110 111 112 113  | Next Page >

  • Help writing server script to ban IP's from a list

    - by Chev_603
    I have a VPS that I use as an openvpn and web server. For some reason, my apache log files are filled with thousands of these hack attempts: "POST /xmlrpc.php HTTP/1.0" 404 395 These attack attempts fill up 90% of my logs. I think it's a WordPress vulnerability they're looking for. Obviously they are not successful (I don't even have Wordpress on my server), but it's annoying and probably resource consuming as well. I am trying to write a bash script that will do the following: Search the apache logs and grab the offending IP's (even if they try it once), Sort them into a list with each unique IP on a seperate line, And then block them using the IP table rules. I am a bash newb, and so far my script does everything except Step 3. I can manually block the IP's, but that's tedious and besides, this is Linux and it's perfectly capable of doing it for me. I also want the script to be customizable so that I (or anyone else who wants to use it) can change the variables to suit whatever situation I/they may deal with in the future. Here is the script so far: #!/bin/bash ##IP LIST GENERATOR ##Author Chev Young ##Script to search Apache logs and list IP's based on custom filters ## ##Define our variables: DIRECT=~/Script ##Location of script&where to put results/temp files LOGFILE=/var/log/apache2/access.log ## Logfile to search for offenders TEMPLIST=xml_temp ## Temporary file name IP_LIST=ipstoban ## Name of results file FILTER1=xmlrpc ## What are we looking for? (Requests we want to ban) cd $DIRECT if [ ! -f $TEMPLIST ];then touch $TEMPLIST ##Create temp file fi cat $LOGFILE | grep $FILTER1 >> $DIRECT/$TEMPLIST ## Only interested in the IP's, so: sed -e 's/\([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+\).*$/\1/' -e t -e d $DIRECT/$TEMPLIST | sort | uniq > $DIRECT/$IP_LIST rm $TEMPLIST ## Clean temp file echo "Done. Results located at $DIRECT/$IP_LIST" So I need help with the next part of the script, which should ban the IP's (incoming and perhaps outgoing too) from the resulting $IP_LIST file. I don't care if it utilizes UFW or IPTables directly, as long as it bans the IP's. I'd probably run it as a cron task. What I'm having trouble with is understanding how to use line of the result file as a seperate variable to do something like: ufw deny $IP1 $IP2 $IP3, ect Any ideas? Thanks.

    Read the article

  • Design practice for securing data inside Azure SQL

    - by Sid
    Update: I'm looking for a specific design practice as we try to build-our-own database encryption. Azure SQL doesn't support many of the encryption features found in SQL Server (Table and Column encryption). We need to store some sensitive information that needs to be encrypted and we've rolled our own using AesCryptoServiceProvider to encrypt/decrypt data to/from the database. This solves the immediate issue (no cleartext in db) but poses other problems like Key rotation (we have to roll our own code for this, walking through the db converting old cipher text into new cipher text) metadata mapping of which tables and which columns are encrypted. This is simple when it's just couple of columns (send an email to all devs/document) but that quickly gets out of hand ... So, what is the best practice for doing application level encryption into a database that doesn't support encryption? In particular, what is a good design to solve the above two bullet points? If you had specific schema additions would love it if you could give details ("Have a NVARCHAR(max) column to store the cipher metadata as JSON" or a SQL script/commands). If someone would like to recommend a library, I'd be happy to stay away from "DIY" too. Before going too deep - I assume there isn't any way I can add encryption support to Azure by creating a stored procedure, right?

    Read the article

  • Creating deterministic key pairs in javascript for use in encrypting/decrypting/signing messages

    - by SlickTheNick
    So I have been searching everywhere and havn't been able to find anything with the sufficient information I need.. so Im a bit stumped on this one at the moment What I am trying to do is create a public/private key pair (like PGP) upon a users account creation, based on their passphrase and a random seed. The public key would be saved on the server, and ideally the private key would never be seen by the server whatsoever. The user could then sign in, and send a message to another user. Before the message is sent, the senders key pair would be re-generated on the fly based on their credentials (and maybe a password prompt) and used to encrypt the message. The receiver would then use their own re-generated private key to decrypt said message. The server itself should never see any plaintext passwords, private keys or readable messages. Bit unsure how on how I could go about implementing this. Iv been looking into PGP, specifically openPGP.js. The main trouble I am having is being able to regenerate the key-pair based off a specific seed. PGP seems to have a random output even if the inputs are the same. Storing the private key in a cookie or in HTML5 storage or something also isnt really an option, too unreliable. Can anyone point me in the right direction?

    Read the article

  • GPG Workflow in 11.04

    - by Ross Bearman
    At work we handle the transfer of small bits of sensitive data with GPG, usually posted on a secure internal website. Until Firefox 4 was released, we used FireGPG for inline decryption; however the IPC libraries that it relied upon were no longer present in FF4, making it unusable and it will no longer install in FF5. Currently I'm manually pasting the GPG blocks into a text file, then using the Nautilus context-menu plugin or the command line to decrypt the contents of the file. When we're handling large amount of these small files throughout the day this starts to become a real chore. I've looked around but can't seem to find much information on useful GPG clients in Ubuntu. A client that allowed me to paste in a GPG block and instantly decrypt it, and also paste in plaintext and easily encrypt it for multiple recipients would be ideal. So my question is does this exist? I can't seem to find anything about this with obvious searches on Google, so hopefully someone here can help, or offer an alternative workflow.

    Read the article

  • Steps after SQL Injection detected

    - by Zukas
    I've come across SQL injection vulnerabilities on my companies ecommerce page. It was fairly poorly put together. I believe I have prevented future attempts however we are getting calls about fraudulent credit card charges on our site and others. This leads me to believe that someone was able to get a list of our credit card numbers. What doesn't make sense is that we don't store that information and we use Authorize.net for the transaction. If someone was able to get the CC#s, what should I do next? Inform ALL of our customers that someone broken into our system and stole their information? I have a feeling that will be bad for business.

    Read the article

  • Is it reasonable to require passwords when users sign into my application through social media accounts?

    - by BrMcMullin
    I've built an application that requires users to authenticate with one or more social media accounts from either Facebook, Twitter, or LinkedIn. Edit Once the user has signed in, an 'identity' for them is maintained in the system, to which all content they create is associated. A user can associate one account from each of the supported providers with this identity. I'm concerned about how to protect potential users from connecting the wrong account to their identity in our application. /Edit There are two main scenarios that could happen: User has multiple accounts on one of the three providers, and is not logged into the one s/he desires. User comes to a public or shared computer, in which the previous user left themselves logged into one of the three providers. While I haven't encountered many examples of this myself, I'm considering requiring users to password authenticate with Facebook, Twitter, and LinkedIn whenever they are signing into our application. Is that a reasonable approach, or are there reasons why many other sites and applications don't challenge users to provide a user name and password when authorizing applications to access their social media accounts? Thanks in advance! Edit A clarification, I'm not intending to store anyone's user name and password. Rather, when a user clicks the button to sign in, with Facebook as an example, I'm considering showing an "Is this you?" type window. The idea is that a user would respond to the challenge by either signing into Facebook on the account fetched from the oauth hash, or would sign into the correct account and the oauth callback would run with the new oauth hash data.

    Read the article

  • Package denyhosts in Ubuntu Trusty Tahr is deleted: temporary or forever?

    - by Kees van Dieren
    While doing a test-upgrade of our Ubuntu server to 14.04, I found that the package DenyHosts is no longer available. Installing it gives following error: apt-get install denyhosts Reading package lists... Done Building dependency tree Reading state information... Done E: Unable to locate package denyhosts Apparently it has been deleted, according to launchpad. Will Denyhosts be available in the final release of Ubuntu 14.04?

    Read the article

  • How to hide process arguments from other users?

    - by poolie
    A while ago, I used to use the grsecurity kernel patches, which had an option to hide process arguments from other non-root users. Basically this just made /proc/*/cmdline be mode 0600, and ps handles that properly by showing that the process exists but not its arguments. This is kind of nice if someone on a multiuser machine is running say vi christmas-presents.txt, to use the canonical example. Is there any supported way to do this in Ubuntu, other than by installing a new kernel? (I'm familiar with the technique that lets individual programs alter their argv, but most programs don't do that and anyhow it is racy. This stackoverflow user seems to be asking the same question, but actually just seems very confused.)

    Read the article

  • Botnet Malware Sleeps Eight Months Activation, Child Concerns

    Daily Safety Check experts used a computer forensic analysis of a significant botnet that consisted of Carberp and SpyEye malware to come up with the details for their report. The analysis found that the botnet profiled the behavior of the slave computers it infected, similar to surveillance techniques used by law enforcement agencies, for an average of eight months. During the eight months, the botnet analyzed each computer's users and assigned ratings to certain activities to form a complete profile for each. Doing so allowed those behind the scheme to determine which were the most favora...

    Read the article

  • Is there an application or method to log of data transfers?

    - by Gaurav_Java
    My friend asked me for some files that I let him take from my system. I did not see he doing that. Then I was left with a doubt: what extra files or data did he take from my system? I was thinking is here any application or method which shows what data is copied to which USB (if name available then shows name or otherwise device id) and what data is being copied to Ubuntu machine . It is some like history of USB and System data. I think this feature exists in KDE This will really useful in may ways. It provides real time and monitoring utility to monitor USB mass storage devices activities on any machine.

    Read the article

  • Moving between sites using SAML

    - by System Down
    I'm tasked with developing an SSO system, and was guided towards using the SAML spec. After some research I think understand the interaction between a Service Provider and an ID Provider and how a user's identity is confirmed. But what happens when I redirect the user to another Service Provider? How do I ascertain the user's identity there? Do I send his SAML assertion tokens along with the redirect request? Or does the second Service Provider need to contact the ID Provider all over again?

    Read the article

  • How to hide process arguments from other users?

    - by poolie
    A while ago, I used to use the grsecurity kernel patches, which had an option to hide process arguments from other non-root users. Basically this just made /proc/*/cmdline be mode 0600, and ps handles that properly by showing that the process exists but not its arguments. This is kind of nice if someone on a multiuser machine is running say vi christmas-presents.txt, to use the canonical example. Is there any supported way to do this in Ubuntu, other than by installing a new kernel? (I'm familiar with the technique that lets individual programs alter their argv, but most programs don't do that and anyhow it is racy. This stackoverflow user seems to be asking the same question, but actually just seems very confused.)

    Read the article

  • Website address hacked, emails created but not showing in manage your account

    - by ProfMJMcG
    I have a website, thebleudoor.com. It is hosted by yahoo. It gets 2000-3000 hits a day and has been for at least 5 years. A few months ago, as admin of the website, I started getting bounced back emails from newly created emails like [email protected]. Yahoo only shows 2 emails for my account. They said they can't do anything about it. Now, my "spam hacked email accounts" are getting spam. They haven't altered or used my website or email or bank info, just the good name of my website. Is there anything I can do? Do I need to be concerned? Changing my provider won't really help will it? Thank you.

    Read the article

  • Microsoft Releasing Windows 8 in Late October

    The one thing Microsoft did not give was the exact date in October that this latest operating system would become available. But that may be difficult to predict. Brandon LeBlanc, Microsoft communications manager, stated only that Windows 8 is on track for a release to manufacturers (RTM) in August. The company, on average, produces a new version of Windows every three years; the last one to come out was Windows 7, back in October of 2009. The operating system will enjoy a widespread release, coming out in 109 languages across 231 markets throughout the world. It will be used not only in PCs...

    Read the article

  • Cannot remove script virus in Ubuntu [duplicate]

    - by Daniel Yunus
    This question already has an answer here: Should I be worried about a possible threat? 2 answers After I scan via clamav/clamtk, I found 1 possible threat that I cannot remove/quarantine. How to remove virus? Or Is this false positive? /usr/lib/ruby/1.9.1/rdoc/generator/template/darkfish/js/thickbox-compressed.js PUA.Script.Packed-1

    Read the article

  • Is there supposed to be a Windows Network folder in the file manager?

    - by Cindy
    I pulled my hard drive out of my computer and started with a bootable usb version of Ubuntu, which I am using that at this point. At first boot, I see that there is a Windows folder when browsing network. Since there is no operating system present, besides the usb that I boot from, should there be a Windows network folder? Original question First of all I just want to say, I wish I had tried Ubuntu a couple years ago when I first heard about it, but I was like a lot of the population and went with the "easy way" and stuck with Windows because I didn't want to take the time to learn something new. Well, about 3 months ago I realized someone had hacked into my computer, and then found they had hacked my facebook account so I decided I had better do a complete credit check. I found student loans (totalling about 30,000 so far) had recently showed up on my credit report. I think it's going to be a long, long road to recovery now but I'm hoping Ubuntu will be a start and definitely an eye opener. My relationship with Windows is over. I had 3 antivirus programs running, none were protecting me like I thought they were. Turned out a free program that I downloaded was the only one that could detect and clean the virus, but by then it was too late. Anyhow, my question is, I pulled my hard drive out of my computer and started with a bootable usb version of Ubuntu, which I am using that at this point. At first boot, I see that there is a Windows folder when browsing network. Since there is no operating system present, besides the usb that I boot from, should there be a Windows network folder? I am using a local ISP (and won't be much longer because I am very paranoid at this point) and I want to make sure all is ok before I put my new hard drive in and install Ubuntu. Any help would be appreciated. Also, I want to thank Ubuntu and the community for giving people an alternative.

    Read the article

  • Why do password strength requirements exist? [migrated]

    - by Bozho
    Password strength is now everything, and they force you to come up with passwords with digits, special characters, upper-case letters and whatnot. Apart from being a usability nightmare (even I as a developer hate it when a website requires a complex password), what are the actual benefits of having strong passwords (for website authentication)? Here are the prerequisites of a system that handles authentication properly: store passwords using bcrypt (or at least use salt+hash) - hard-to-impossible to find the original password when an attacker gets the database lock subsequent password attempts with a growing cooldown - no brute-force via the site

    Read the article

  • What are some ways people deploy relational database changes using Node.js? [closed]

    - by JamesEggers
    I've been diving more and more into Node.js and hosting services like Heroku and Nodejitsu recently and have been trying to figure out how to best deploy database changes for postgres or mysql. There are a few migration projects under npm that I can see; however, all seem to be really buggy or just not work. I currently manage the Monarch migration project on npm, but it's currently buggy itself and my experiences developing such utilities are in other, more procedural, languages. So what do people use to deploy changes to their databases on these environments? What has worked for people? I'm looking for a better understanding of what the current situation/process looks like.

    Read the article

  • Microsft Targets Graymail and New Patch Tuesday

    The first critical bulletin will patch a vulnerability contained within Windows and Internet Explorer. Microsoft said that if the vulnerability was exploited, it would give hackers an avenue to spread malicious code on a remote basis. The bug affects the Windows XP, Windows Vista, and Windows 7 operating systems, plus Internet Explorer versions 6, 7, and 8. The Windows Server 2003 and 2008 platforms have been identified to be affected by the bug as well. The second critical bulletin addresses a .NET and Silverlight bug that makes remote code execution possible. With the vulnerability in pl...

    Read the article

  • Approach to Authenticate Clients to TCP Server

    - by dab
    I'm writing a Server/Client application where clients will connect to the server. What I want to do, is make sure that the client connecting to the server is actually using my protocol and I can "trust" the data being sent from the client to the server. What I thought about doing is creating a sort of hash on the client's machine that follows a particular algorithm. What I did in a previous version was took their IP address, the client version, and a few other attributes of the client and sent it as a calculated hash to the server, who then took their IP, and the version of the protocol the client claimed to be using, and calculated that number to see if they matched. This works ok until you get clients that connect from within a router environment where their internal IP is different from their external IP. My fix for this was to pass the client's internal IP used to calculate this hash with the authentication protocol. My fear is this approach is not secure enough. Since I'm passing the data used to create the "auth hash". Here's an example of what I'm talking about: Client IP: 192.168.1.10, Version: 2.4.5.2 hash = 2*4*5*1 * (1+9+2) * (1+6+8) * (1) * (1+0) Client Connects to Server client sends: auth hash ip version Server calculates that info, and accepts or denies the hash. Before I go and come up with another algorithm to prove a client can provide data a server (or use this existing algorithm), I was wondering if there are any existing, proven, and secure systems out there for generating a hash that both sides can generate with general knowledge. The server won't know about the client until the very first connection is established. The protocol's intent is to manage a network of clients who will be contributing data to the server periodically. New clients will be added simply by connecting the client to the server and "registering" with the server. So a client connects to the server for the first time, and registers their info (mac address or some other kind of unique computer identifier), then when they connect again, the server will recognize that client as a previous person and associate them with their data in the database.

    Read the article

  • Microsoft Launches Outlook.com

    Microsoft announced the news in its Outlook blog, calling the new service modern email for the next billion mailboxes. The company is touting a fresh, clean user interface with fewer pixels in the header and no display ads; it should work well on portable devices. Another key point: it uses Exchange ActiveSync to synchronize your mail, calendar and social experience across your smartphone, tablet and desktop computer. Perhaps the biggest advance, though, is that Microsoft is connecting the email service to Facebook, Twitter, LinkedIn, Google; Skype will be part of this list, too, though i...

    Read the article

  • Microsoft Offers Cheap Windows 8 Upgrade

    Though the software giant hasn't answered all of the questions, Computerworld collected many of them in one place and included the answers. You can also visit Microsoft's blog post for the details. Starting at general availability, if your PC is running Windows XP, Windows Vista, or Windows 7 you will qualify to download an upgrade to Windows 8 Pro for just $39.99 in 131 markets. And if you want, you can add Windows Media Center for free through the 'add features' option within Windows 8 Pro after your upgrade, the Microsoft blog post helpfully states. If you choose to upgrade, the Windows 8...

    Read the article

  • How to enable home directory encryption for a particular user?

    - by Ivan
    I prefer to have a dedicated "administrator" user for technical purposes and that was one I've set up during installation. I've also refused to encrypt the home folder of the user. Now, as I've added a user account for my actual work usage I want my (but not the "administrator") home folder to be encrypted. How to turn this on? If it is not possible then how to enable encryption for all users home directories on a system already installed? I've found questions and answers about how to disable it but am not sure how to enable it.

    Read the article

  • Is using dirname(__FILE__) a good practice?

    - by webose
    Looking at the code of Joomla I see that in the first line of the index, it defines the base path of installation with dirname(__FILE__). Is this a possible risk for the site? If a non controlled error message show the internal path of the Joomla directory, because of, for example a failed include, can it be used to perform some kind of attack to the site? If yes, is it convenient to use this function?

    Read the article

  • How to suspend a user from coming back on my website and register again? any ideas? [closed]

    - by ahmed amro
    i am an outsourcing person not a programmer and i am working on shopping website like ebay , so my question might be beginner for everyone.my website will need a user suspension in case he violates the terms and conditions. here is some thoughts on my mind: -IP address tracking -User information ( email address or any information are going to be repeated on second time of registration after suspension) -session Id cookies are also a way to identify the users after log in any more creative suggested ideas to avoid fraud and scammers, it it possible to make 100% impossible to avoid those bad users from coming back ?

    Read the article

< Previous Page | 102 103 104 105 106 107 108 109 110 111 112 113  | Next Page >