Search Results

Search found 17646 results on 706 pages for 'security warning'.

Page 106/706 | < Previous Page | 102 103 104 105 106 107 108 109 110 111 112 113  | Next Page >

  • OS X stealth mode: where is it enacted?

    - by er4z0r
    I am working through the security guide from apple (which they did not update since Snow Leopard). In the firewall section it states that ipfw has a default allow rule: 65535 allow ip from any to any And if you enable the firewalls 'stealth mode' via the settings the following rule should be added: 33300 deny icmp from any to me in icmptypes 8 The funny thing is: I have stealth enabled and I do not see this rule when doing sudo ipfw print Any idea where stealth mode is enforced if not in the ipfw ruleset?

    Read the article

  • Is there another way to run Apache2 securely for end users without using CGI mode?

    - by Volomike
    Is there another way to run Apache2 securely for multiple end users (like hosting hundreds of blogs) without using CGI mode as required by suPHP? It just seems so inefficient to use CGI mode for PHP when if we could set up permissions properly, we could host PHP through mod_php perhaps? I mean, I do want to restrict these users to their home directories for their sites, but don't want any security issues.

    Read the article

  • KeePass justification

    - by Jeff Walker
    I work at a place that tries to take security seriously, but sadly, they often fail. Currently, one of the major ways they fail is password management. I personally have about 20 accounts (my personal user id on lots of machines). For shared "system" accounts, there are about 45 per environment; development, test, and production. I have access to 2 of those, so my personal total is somewhere around 115 accounts. Passwords have to be at least 15 characters with some extensive but standard complexity constraints, and have to be changed every 60 days or so (system accounts every year). They also should not be the same for different accounts, but that isn't enforced. Think DoD-type standards. There is no way to remember and keep up with this. It just isn't humanly possible, as far as I'm concerned. This might be a good justification of a centralized account management system, a la LDAP or ActiveDirectory, but that is a totally different battle. Currently the solution is an Excel spreadsheet. They use Excel to put a password on it, and then most people make a copy and remove the password. This makes my stomach turn. I use KeePass for this problem and it manages all of my account very well. I like the features like auto-typing, grouping, plugins, password generation, etc. It uses AES-256 encryption via the .Net framework, and while not FIPS compliant, it has a very good reputation. The only problem is that they are also very careful about using randomly downloaded software. So we have to justify every piece of software on our workstations. I have been told that they really don't want me to use this, be cause of the "sensitive nature" of storing passwords. sigh My justification has to be "VERY VERY strong". I have been tasked with writing a justification for KeePass, but as I am lazy, I would like any input that I can get from the community. What do you recommend? Is there something out there that is better or more respected than KeePass? Is there any security experts saying interesting things on this topic? Anything will help at this point. Thanks.

    Read the article

  • What do I need to do to prevent exploitation of my postfix server?

    - by Josiah
    I have a a web server that needs to send emails, but not recieve them. I have installed postfix (it came with nagios, also installed on this server) and now I need to make sure that my server does not get used as a spam server. What steps do I need to take to ensure that this does not happen? What additional security measures do I need to put in place? Server is Ubuntu 10.4

    Read the article

  • Turn off "unknown publisher" message for older Windows application?

    - by MikeJ
    Anyone know how to turn off or suppress the "unknown publisher" message for a specific application? The application is a legacy version of Delphi that we use to update a LOB application. I thought clicking, run as administrator would fix this and I don't want to turn off UAC entirely for security safety reasons. Anyone know how to tell Windows 7 that Borland or at least delphi.exe is a trusted application?

    Read the article

  • Wireless Password

    - by Campo
    I have a security policy question: I want to know how other admins handle the WIFI password in the office. Does everyone know it? Do you enter it in for the user or guest every time and keep it a secret. I am in camp 2. Just want to know what others do and their reasoning behind it.

    Read the article

  • Solr Multicore Admin Problem

    - by Daniel M
    Im trying to add a url based security constraint to solr deployed in websphere 6.1. If I specify the core name in the url of the constraint then the admin url for that core gives a 404. Has anyone had any success with this or any suggestions? Cheers Cross-posted with stackoverflow

    Read the article

  • Preventing brute force attacks against ssh?

    - by grieve
    What tool or technique do you use to prevent brute force attacks against your ssh port. I noticed in my Security logs, that I have millions of attempts to login as various users through ssh. This is on a FreeBSD box, but I imagine it would be applicable anywhere.

    Read the article

  • Just LB or also Web Servers in Demilitarized Zone?

    - by Bradford
    In a load balanced environment, is it necessary to have all of the web servers in the DMZ? Or will just having the Load Balancer in the DMZ achieve the desired security? If it matters, the web server and application server are the same -- GF, Tomcat fronted by httpd on the same server, OAS, etc... LB - WEB/APPLICATION - DB Also, would the setup be different if it was LB - Web Server - Application Server - DB Thanks, Bradford

    Read the article

  • Is it generally a bad idea to have other types of virtual appliances installed along side a firewall

    - by MGSoto
    I want to run my Firewall/NAT software (pfsense) and an internal NAS (looking at freenas right now) for my SOHO on one machine. Right now I have them separated on two different machines, but I'd like to consolidate them. Is this generally a bad idea? I see the security concern where if the firewall or host OS is compromised, then your data is essentially screwed. But is it really a concern for me?

    Read the article

  • SELinux vs. AppArmor vs. grsecurity

    - by Marco
    I have to set up a server that should be as secure as possible. Which security enhancement would you use and why, SELinux, AppArmor or grsecurity? Can you give me some tips, hints, pros/cons for those three? AFAIK: SELinux: most powerful but most complex AppArmor: simpler configuration / management than SELinux grsecurity: simple configuration due to auto training, more features than just access control

    Read the article

  • Process limit for user in Linux

    - by BrainCore
    This is the standard question, "How do I set a process limit for a user account in Linux to prevent fork-bombing," with an additional twist. The running program originates as a root-owned Python process, which then setuids/setgids itself as a regular user. As far as I know, at this point, any limits set in /etc/security/limits.conf do not apply; the setuid-ed process may now fork bomb. Any ideas how to prevent this?

    Read the article

  • Process limit for user in Linux

    - by BrainCore
    This is the standard question, "How do I set a process limit for a user account in Linux to prevent fork-bombing," with an additional twist. The running program originates as a root-owned Python process, which then setuids/setgids itself as a regular user. As far as I know, at this point, any limits set in /etc/security/limits.conf do not apply; the setuid-ed process may now fork bomb. Any ideas how to prevent this?

    Read the article

  • Is there Powershell way to re-apply a restored password for the IIS IUSR account?

    - by Philippe Monnet
    On one of our IIS web servers the IUSR account suddenly expired or got corrupted, I recovered the password from the IIS metabase (using Cscript adsutil.vbs get w3svc\anonymoususerpass after switching IsSecureProperty = False). I then reset the password accordingly. Now I have to re-key that password on the Directory Security tab of all virtual directories (for the anonymous account) of all web sites on that server. Is there a way to automate this using Powershell? (I have searched so far in vain)

    Read the article

  • Is the recent Java bug something to worry about?

    - by Keith
    Recently saw this announcement on the H blog about a big hole in Java: http://www.h-online.com/security/news/item/Java-exploit-launches-local-Windows-applications-974652.html But I can't seem to get anyone to think it's a big deal. The fact that I cn visit a web site and it runs calc.exe on my local box is just plain scary... Why is there no bigger response to this??

    Read the article

  • Used SQL Svr 2008 Config Manager to Set Service Account to Local System: What Did It Change?

    - by Frank Ramage
    Direct shot to foot moment... While setting-up individual non-admin accts for MSSQLSERVER services, I temporarily set Server service login to Local System account. I remembered later that: SQL Server Configuration Manager performs additional configuration such as setting permissions in the Windows Registry so that the new account can read the SQL Server settings. I want my Local System back . (Actually just restored to its original security profile) Any advice? Thanks!

    Read the article

  • Yahoo Mail Does Not Have https

    - by Daniel
    Why is yahoo mail behind in security, they don't support https yet. Gmail and many others do, I'm shocked that yahoo still doesn't have https? Why is this? What is the logic behind not supporting https in their mail client?

    Read the article

  • Looking for a Software to harden Windows machines

    - by MosheH
    I'm a network administrator of a small/medium network. I'm looking for a software (Free or Not) which can harden Windows Computers (XP And Win7) for the propose of hardening standalone desktop computers (not in domain network). Note: The computers are completely isolated (standalone), so i can't use active directory group policy. moreover, there are too many restriction that i need to apply, so it is not particle to set it up manual (one by one). Basically what I’m looking for is a software that can restrict and disable access for specific user accounts on the system. For Example: User john can only open one application and nothing else -- He don’t see no icon on the desktop or start menu, except for one or two applications which i want to allow. He can't Right click on the desktop, the task-bar icons are not shown, there is no folder options, etc... User marry can open a specific application and copy data to one folder on D drive. User Dan, have access to all drives but cannot install software, and so on... So far ,I've found only the following solutions, but they all seems to miss one or more feature: Desktop restriction Software 1. Faronics WINSelect The application seems to answer most of our needs except one feature which is very important to us but seems to be missing from WINSelect, which is "restriction per profile". WINSelect only allow to set up restrictions which are applied system-wide. If I have multiple user accounts on the system and want to apply different restrictions for each user, I cant. Deskman (No Restriction per user)- Same thing, no restriction per profile. Desktop Security Rx - not relevant, No Win7 Support. The only software that I've found which is offering a restriction per profile is " 1st Security Agent ". but its GUI is very complicated and not very intuitive. It's worth to mention that I'm not looking for "Internet Kiosk software" although they share some features with the one I need. All I need is a software (like http://www.faronics.com/standard/winselect/) that is offering a way to restrict Windows user interface. So IF anybody know an Hardening software which allows to set-up user restrictions on Windows systems, It will be a big, big, big help for me! Thanks to you all

    Read the article

  • Secure data hosting...

    - by kylex
    I've looked online and can't seem to find a proper answer. We have a client that requires very sensitive data be stored in a database. Is there a hosting company that provides high-level database security (this is for a bank).

    Read the article

  • How do I login to SQL Server without having to use "Run as Administrator" when starting Management S

    - by MedicineMan
    When I start Management Studio, unless I use the "Run as Administrator" selection, I cannot login to my local SQL Server. Is this normal? I am a normal developer and don't believe I have a need for high security on my local machine. I'm running SQL Server 2008, Windows 7. The error I get is: Cannot connect to (local) Additional Information Login failed for user 'MYCOMPUTER\MyName'. (Microsoft SQL Server, Error: 18456)

    Read the article

  • XP, how can I copy permissions from one partition to another, had no permssions and getting access denied trying to fix ?

    - by Jules
    For some reason, I'm not sure why, I have no permissions in the security tab/advanced tab for one partition. I'm trying to add them back by copying them manually from another partition. However when I try to replace permissions entries on some files it says access denied, then I have to click continue. I haven't much clue what this is all about, but I'd like to fix this as some folders in my partition aren't accessible in shares from other machines.

    Read the article

  • How can I use fetchmail (or another email grabber) with OSX keychain for authentication?

    - by bias
    Every fetchmail tutorial I've read says putting your email account password clear-text in a config file is safe. However, I prefer security through layers (since, if my terminal is up and someone suspecting such email foolery slides over and simply types "grep -i pass ~/.*" then, oops, all my base are belong to them!). Now, with msmtp (as opposed to sendmail) I can authenticate using the OSX keychain. Is there an email 'grabber' that lets me use Keychains (or at least, that lets me MD5 the password)?

    Read the article

< Previous Page | 102 103 104 105 106 107 108 109 110 111 112 113  | Next Page >