Search Results

Search found 4803 results on 193 pages for 'facebook hacker cup'.

Page 110/193 | < Previous Page | 106 107 108 109 110 111 112 113 114 115 116 117 | Next Page >

Launch an arbitrary application with a specific icon

- by Camilo Martin

I'm thinking about customizing my Windows 7's application icons, so that they all follow a specific theme (Token-like icons). This would involve using Resource Hacker (or similar) to patch each .exe. Not only this would be tiresome, but also it would require doing it again at each update of each application (nevermind that some could break just because it was tampered with). Instead, is there any way to launch an application with a specific icon? Ideally it would be something from the command-line (so I can make a shortcut), like this: launchwithicon.exe --app C:\myapp.exe --icon C:\myicon.ico Note that while it is possible to do something similar by setting the taskbar to "always combine, hide labels", I do not like this approach and instead am looking for something that works without combining the taskbar icons.

Read the article
How to change MySQL data directory?

- by Jonathan Frank

I want to place my databases in another directory, so I can store them in an ESB (elastic block storage, just a fancy name for a virtualized harddisk) together with my web-apps and other persistent data. I have tried to walk through a tutorial at http://crashmag.net/change-the-default-mysql-data-directory-with-selinux-enabled. Everything seems fine until I type this command: # semanage fcontext -a -t mysqld_db_t "/srv/mysql(/.*)?" Then the command fails and tells me that mysqld_db_t is an invalid SELinux context even if the default MySQL data directory is labelled with this context. I am running Fedora 15 on Virtualbox (behaves like an ordinary x86-compatible box) and Amazon EC2 (based on Xen) so the tutorial should be compatible. It is also worth to mention that turning off SELinux globally or just for the MySQL process is not an option, because such a solution will decrease the security of the system if a hacker gains access to the system via the MySQL server. I have never seen this problem before I changed to the Redhat/Fedora architecture, so it could be a distribution specific issue. Any help is highly appreciated

Read the article
How to whitelist external access to an internal webserver via Cisco ACLs?

- by Josh

This is our company's internet gateway router. This is what I want to accomplish on our Cisco 2691 router: All employees need to be able to have unrestricted access to the internet (I've blocked facebook with an ACL, but other than that, full access) There is an internal webserver that should be accessible from any internal IP address, but only a select few external IP addresses. Basically, I want to whitelist access from outside the network. I don't have a hardware firewall appliance. Until now, the webserver has not needed to be accessible externally... or in any case, the occasional VPN has sufficed when needed. As such, the following config has been sufficient: access-list 106 deny ip 66.220.144.0 0.0.7.255 any access-list 106 deny ip ... (so on for the Facebook blocking) access-list 106 permit ip any any ! interface FastEthernet0/0 ip address x.x.x.x 255.255.255.248 ip access-group 106 in ip nat outside fa0/0 is the interface with the public IP However, when I add... ip nat inside source static tcp 192.168.0.52 80 x.x.x.x 80 extendable ...in order to forward web traffic to the webserver, that just opens it up entirely. That much makes sense to me. This is where I get stumped though. If I add a line to the ACL to explicitly permit (whitelist) an IP range... something like this: access-list 106 permit tcp x.x.x.x 0.0.255.255 192.168.0.52 0.0.0.0 eq 80 ... how do I then block other external access to the webserver while still maintaining unrestricted internet access for internal employees? I tried removing the access-list 106 permit ip any any. That ended up being a very short-lived config :) Would something like access-list 106 permit ip 192.168.0.0 0.0.0.255 any on an "outside-inbound" work?

Read the article
Google Chrome not loading web pages correctly unless multiple refreshes

- by Brandon Wilson

Webpages in Google Chrome do not load correctly from time to time. I can't reproduce it, it just happens. Some times it happens when I load the browser other times it happens when I am just browsing. Just now I went to five different web sites which 3 out of 5 of them did not load correctly. I have attached a photo of how Super User loaded the first time I loaded it. If I refreshed it it will load correctly. Facebook is bad like this. Some times Facebook will load correctly but some of there back end scripting may not load so the page may not refresh automatically. Not sure what is going on. I have tried other browsers (Firefox and Internet Explorer) and they seem to be working correctly. Chrome seems to be acting up only on this computer. All my computers are running Windows 8 and I have removed Chrome completely off this computer and re-installed. I even disabled all extensions and cleared all the caches. I even tried running Chrome without being logged in. Not sure what else to do at this point. An example of superuser.com not loading correctly: When I refresh the problem will go away until it happens again. Sometimes it takes two or three refreshes in order for it to correctly load.

Read the article
At what year in history was computers first used to store porn? [closed]

- by Emil H

Of course this sounds like a joke question, but it's meant seriously. I remember being told by an old system administrator back in the early nineties about people asking about good FTPs for porn, and that they would as a joke always tell them to connect to 127.0.0.1. They would come back saying that there was a lot of porn at that address, but that oddly enough it seemed like they already had it all. Point being, it seems like it's been around for quite a while. Anyway. Considering that a considerable portion of the internet is devoted to porn these days, it would be interesting to know if someone has any kind of idea as to when and where the phenomena first arose? There must be some mention of this in old hacker folk lore? (Changed to CW to emphasize that this isn't about rep, but about genuine curiousity. :)

Read the article
Does Hotmail really offer two-factor authentication? [closed]

- by Brian Koser

I've read multiple news articles that claim Hotmail offers two-factor authentication. One of the articles describes Hotmail's system, saying ...whenever you go to Hotmail...you can choose to get a single-use code–a string of numbers that will be sent via text message to your phone–to use instead of your password. Is this an accurate description of Hotmail's system? If so, does Hotmail really offer two-factor authentication? If you can use either your password or a single-use code, it seems to me that it does not. Is this system really more secure than just having a password? Doesn't this just make an additional "key" available to a hacker? (I must be wrong here, I know the folks at Microsoft are much smarter than I am).

Read the article
CentOS Vulnerabilities - Exploits/Payloads

- by Joao Heleno

Greetings. I'm doing an academic work where I have to find vulnerabilities in CentOS and show how to take advantage of those same vulnerabilities. I'm no hacker and I'm finding this task to be of great difficulty, that is, I see all the security alerts and their descriptions but no explanation of how to take advantage. Maybe I'm being a little naive but all I want to know is if there is any tool I can use to show that CentOS 5.0 vulnerability XPTO exists and to show it "working". If possible something like CVE-2007-0001 exploit tool, CVE-2007-0002 payload and so on. Thanks.

Read the article
Reinstall after a Root Compromise?

- by Zoredache

After reading this question on a server compromise, I started to wonder why people continue to seem to believe that they can recover a compromised system using detection/cleanup tools, or by just fixing the hole that was used to compromise the system. Given all the various root kit technologies and other things a hacker can do most experts suggest you should reinstall the operating system. I am hoping to get a better idea why more people don't just take off and nuke the system from orbit. Here are a couple points, that I would like to see addressed. Are there conditions where a format/reinstall would not clean the system? Under what types conditions do you think a system can be cleaned, and when must you do a full reinstall? What reasoning do you have against doing a full reinstall? If you choose not to reinstall, then what method do you use to be reasonably confident you have cleaned and prevented any further damage from happening again.

Read the article
How could I safely fix my walking "dead pixel" bug?

- by Cawas

I need suggestions. I've got a live little bug inside my macbook pro screen for 2 days now. I've tried to film it using my iPhone, but it ain't that good. :( Should I try to open it? o_O C'mon, looking for ideas here! :) edit: Here's an alike video. It's not moving anymore for now... I hope it isn't dead! Right when I've found a possible solution along with many ideas on that link: suction cup; monitor off and lamp on to attract it out; scratching the screen (made it move a little); and got to know there's no warranty for this "feature" (also known as bad design in a jargon). edit2: It's been "fixed" on its own. Just check the answer.

Read the article
How to setup Secure SemiPublic Revision Control System

- by user24912

I have a windows server with a project configured with a revision control system. Suppose it's GIT or SVN or .... Suppose there are 10 people around the globe working on this project. The first thing that comes in to mind is to secure the connection between these programmer and the server with SSH. but my problem is that the a hacker can destroy the server if he gets the SSH username and password user account (tell me if i'm wrong). So I need a secure way to let thoes programmers push their revision to the server. Any ideas would be lovely

Read the article
public key infrastructure - distribute bad root certificates

- by iamrohitbanga

Suppose a hacker launches a new Linux distro with firefox provided with it. Now a browser contains the certificates of the root certification authorities of PKI. Because firefox is a free browser anyone can package it with fake root certificates. Can this be used to authenticate some websites. How? Many existing linux distros are mirrored by people. They can easily package software containing certificates that can lead to such attacks. Is the above possible? Has such an attack taken place before?

Read the article
Finding ALL currently used IP addresses of Website

- by Patrick R

What steps would you take to discover all (or close to all) IP addresses that are currently used by a website? How would you be as exhaustive as possible without calling a website admin and asking for the list of IP addresses? ;) nslookup works but will vary based on dns server queried. whois is another good tool. Dig, not bad. Let's use Facebook for example. I'm blocking that site for the majority our our company's users, but some are approved for "research". I can not easily use OpenDNS because we all appear to come from the same request IP address. I could change that but don't want to add more vlans than I already have. I also could use block something like regex facebook1 "facebook\.com" (I'm running a cisco firewall) but that's pretty easy to sidestep. All that being said, I'm asking about specifically about finding ip addresses for a domain and not for other methods that I can block a domain name.

Read the article
Archive Recorded Show from DVR

- by BillN

IF I have an AT&T U-Verse DVR, is there a way to copy the information off the DVR to an PC for Archiving/burning to a DVD? I know that I could connect the A/V outs on the DVR to the A/V inputs on a DVD Recorder, or to a capture card on a PC, and Play the show, and record in real-time on the DVD or PC, but if the show is say a World Cup Game, this would take 2-3 hours per. My thought is that the DVR is just a HardDrive, and the files have to be stored in an digital format, it should be possible to do a copy of some sort. I'm currently recording all of the WC games, but if I don't watch them right away, I'm concerned that I will push other programming that the rest of the family has recorded out, making me unpopular at home. Note, I'm talking about archiving for personal use, not redistribution or anything.

Read the article
Java works under Firefox but crashes Internet Explorer

- by Dominic Grenier

Java works under Firefox and Chrome but not under IE. Here's what I tried (the advice normally given on forums): Java applet activated in tools - internet options - security tab - personnalise - Java applets Activated in tools - manage add-ons - tool bars and extensions - Java (tm) SSV2 helper - Activate Activated in tools - internet options - advanced tab - Use JRE for applet I've also deleted my temporary internet files (with Ccleaner), Reinstalled IE8 It is also set as the default Java for IE through the control panel - Java - Advanced tab - default Java for browsers - Microsoft Internet Explorer IE version: 8.0.6001.18702 Java version: 1.7.0_03. (also tried with 1.6.0_31) Windows XP SP3. Any advice? Thanks :) edit: I have activated the ActiveX controls through manage add-ons - all add-ons but now, although the coffe cup loading screen appears (which did not before) it makes IE crash (which is new). I might have fiddled too much with the registry by trying to completely remove Java to reinstall it, so I ran "rereg" (a tool to repair dlls and their registry entries) without success.

Read the article
Exploratory Question for Security Admins (/etc/passwd + PHP)

- by JPerkSter

Hi everyone, I've been seeing a few issues lately on a few of my servers where an account gets hacked via outdated scripts, and the hacker uploads a cPanel / FTP Brute forcing PHP script inside the account. The PHP File reads /etc/passwd to get the usernames, and than uses a passwd.txt file to try and brute force it's way in to 127.0.0.1:2082. I'm trying to think of a way to block this. It doesn't POST anything except "GET /path/phpfile.php", so I can't use mod_security to block this. I've been thinking of maybe changing permissions on /etc/passwd to 600, however I'm unsure how this will result in regards to my users. I was also thinking of rate-limiting localhost connections to :2082, however I'm worried about mod_proxy being affected. Any suggestions?

Read the article
Unix domain socket firewall

- by lagab

Hello, everyone. I've got a problem with my debian server. Probably there is some vulnerable script at my web-serser, which is running from www-data user. I also have samba with winbind installed, and samba is joined to windows domain. So, probably this vulnerable script allows hacker to bruteforce out domain controller through winbind unix domain socket. Actually I have lots of such lines at netstat -a output: unix 3 [ ] STREAM CONNECTED 509027 /var/run/samba/winbindd_privileged/pipe And our DC logs contain lots of recorded authentication attems from root or guest accounts. How can I restrict my apaches access to winbind? I had an idea to use some kind of firewall for IPC sockets. Is it possible?

Read the article
My wifi internet router connection resets when more devices connected

- by joeeoj

The wifi internet router is connected directly to Internet cable. The main Pc is attached to it via LAN cable, while 1 laptop and 3 mobile phones connect to it via wifi. Whenever 2 or more devices connect via wifi, the internet connection breaks after one minute and internet connection resets. I tracked this behaviour for weeks, and came to conclusion: It seems like some 'device 1' got IP then it went to suspend mode. Then 'device 2' connected to router and got the same IP. Then the 'device 1' woke up from suspend mode and tried to use his old IP. The router sees that 2 same IP addresses exists and automatically reset internet connection. Is this possible? Have I tracked the problem correctly and how to solve it? The router is set to lease 100 IP addresses to devices who try to connect. The password is strong and no hacker's device is being connected to my wifi network. Tried changing password and AP's name.

Read the article
Patch msp into msi package

- by Kvad

The latest update of Windows Live Messenger is an msp added to the package. I want to patch a msp into an msi. Reference download http://wl.dlservice.microsoft.com/download/8/3/D/83D75746-DF04-45E9-8374-BD31B9419128/en/wlsetup-all.exe I extract all msi and msps from this. (To get the msp and msi's I did the following Use resource hacker to open up wlsetup-all.exe In the left hand tree browse to PACKAGE Right click PACKAGE, save PACKAGE resources Save to a new temp folder Eg. D:\temp\package.rc This will output a whole lot of .bin files These are just cab files so we need to do a mass rename “ren *.bin *.cab” Once done select all cab files and extract to a new sub folder \extracted In \extracted you will see all the msi, msp and 7z files you need) I try to apply the msp directly with no result msiexec /p messenger.msp /a messenger.msi I also try doing a admin install with nothing being extracted.

Read the article
Detect damage done by virus

- by user38471

Hey, this morning after I went to college a virus infected my pc without any user interaction at my end. When I came home my computer was completely frozen and infected with lots of trojans. I have not typed anything important since returning so keys cannot be logged. However I want to know exactly when my computer crashed from the time of infection to see what could potentially be done remotely by a hacker. The virus my pc was diagonosed with was "fakespypro" http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Win32%2fFakeSpypro on a fully updated windows 7 installation with firewall enabled. My computer was connected to an internal dorm room network, so probably that has had to do something with it. Any further information about how I could backtrace this virus infection or ways to discover what data might be stolen would be greatly appriciated.

Read the article
Favicon on gmail has changed from the envelope to a black gun. How do i change it back and why did i

- by Victoria

I think my gmail account might have been hacked because I've recently noticed a change in the favicon displayed in the url and the tab, when I logged onto my gmail account. It used to be the common red and white envelope and now it's a black gun. Can anyone tell if this is enough to conclude that my account has been hacked or tampered with? I know someone that would be capable and most probably willing to cause problems to my account among other things. This would be my opsessive ex who's best friend is a hacker. Can anyone help? I need to know if someone has reigns to my computer. And how do I change the favicon back to its orginial image? The black gun really bothers me. Thanks everyone!!!

Read the article
Blocking HTTPS and P2P Traffic

- by Genboy

I have a Debian server running at the gateway level on a LAN. This runs squid for creating block lists of websites - for eg. blocking social networking on the LAN. Also uses iptables. I am able to do a lot of things with squid & iptables, but a few things seem difficult to achieve. 1) If I block facebook through their http url, people can still access https://www.facebook.com because squid doesn't go through https traffic by default. However, if the users set the gateway IP address as proxy on their web browser, then https is also blocked. So I can do one thing - using iptables drop all outgoing 443 traffic, so that people are forced to set proxy on their browser in order to browse any HTTPS traffic. However, is there a better solution for this. 2) As the number of blocked urls increase in squid, I am planning to integrate squidguard. However, the good squidguard lists are not free for commercial use. Anyone knows of a good squidguard list which is free. 3) Block yahoo messenger, gtalk etc. There are so many ports on which these Instant Messenger softwares work. You need to drop lots of outgoing ports in iptables. However, new ports get added, so you have to keep adding them. And even if your list of ports is current, people can still use the web version of gtalk etc. 4) Blocking P2P. Haven't been able to figure out how to do this till now.

Read the article
Detecting damage done by virus

- by user38471

This morning after I went to college, a virus infected my PC without any user interaction at my end. When I came home my computer was completely frozen and infected with lots of trojans. I have not typed anything important since returning so keys cannot be logged. However I want to know exactly when my computer crashed from the time of infection to see what could potentially be done remotely by a hacker. The virus my pc was diagnosed with was "fakespypro" on a fully updated Windows 7 installation with firewall enabled. My computer was connected to an internal dorm room network, so probably that has had to do something with it. Any further information about how I could backtrace this virus infection or ways to discover what data might be stolen would be greatly appreciated.

Read the article
How to close the logon process named NtLmSsp ?

- by Aristos

I have a windows 2003 server and time to time I am getting many login failures like this one. Logon Failure: Reason: Unknown user name or bad password User Name: administrator Domain: xx.xx.xx.xx Logon Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM Workstation Name: XLHOST Caller User Name: - Caller Domain: - Caller Logon ID: - Caller Process ID: - Transited Services: - Source Network Address: 173.45.70.100 <- hacker Source Port: 4722 AND Logon attempt by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 Logon account: user Source Workstation: XLHOST Error Code: 0xC0000064 The question is, how can I close this process of login ?, what I have left open and some one can try to login ? Some notes: I login to the server using tunneling, nothing is open except dns, email, and web ports, not even ftp, and all default ports are change and hidden. I also monitor port scan and capture any one that try to find the hidden ports. Probably it is something open... Thank you in advanced.

Read the article
My server appears to have been hacked+ scanssh run by zabbix is it normal?

- by Niro

I'm running a few EC2/Scalr instances with zabbix monitoring. I received complaints about one of my servers port scanning other servers. the logs show it is accessing port 22 on consecutive IP addresses. I looked at the processes list and saw scanssh is running under the user Zabbix. My question is- Is scanssh part of zabbix? Is it suppesd to run? I have active autodiscovery on zabbix but it is looking at another IP addresses and definately not port 20. Is it possible that something in the config of zabbix agent is controlling it and not the settings on zabbix server? What can I do to find out if zabbix is somehow misbehaving or it is a hacker? Any advice is highly appreciated.

Read the article
How do you map a solo press of a modifier key to its own function or mapping on Windows?

- by Conrad.Dean

Today on hacker news there was a clever article on custom shortcut keys. The author talks about a technique for remapping a modifier key such as CTRL to ESC if CTRL were pressed without a modifier. This is useful in vim because of how often you need to press ESC. Another technique he describes is mapping the open parenthesis, ( to the left shift key, and ) to the right shift key. If another key is pressed when shift is held down, the shift key behaves normally. The author describes the software he uses on OSX, but is there a way to do this on Windows? I've heard of AutoHotKey but it seems to only fire macros when simple keys are pressed, rather than the conditional state switch that this would require.

Read the article

< Previous Page | 106 107 108 109 110 111 112 113 114 115 116 117 | Next Page >