Search Results

Search found 9715 results on 389 pages for 'bad passwords'.

Page 111/389 | < Previous Page | 107 108 109 110 111 112 113 114 115 116 117 118 | Next Page >

Top ten security tips for non-technical users

- by Justin

I'm giving a presentation later this week to the staff at the company where I work. The goal of the presentation is to serve as a refresher/remidner of good practices that can help keep our network secure. The audience is made up of both programmers and non-technical staff, so the presentation is geared for non-technical users. I want part of this presentation to be a top list of "tips". The list needs to be short (to encourage memory) and be specific and relevant to the user. I have the following five items so far: Never open an attachment you didn't expect Only download software from a trusted source, like download.com Do not distribute passwords when requested via phone or email Be wary of social engineering Do not store sensitive data on an FTP server Some clarifications: This is for our work network These need to be "best practices" tips for the end-user, not IT policy We have backups, OS patches, firewall, AV, etc, all centrally managed This is for a small business (less than 25 people) I have two questions: Do you suggest any additional items? Do you suggest any changes to existing items?

Read the article
Authenticating AIX Users Against OID (Oracle Internet Directory)

- by mwilkes

We have a need to authenticate local users on an AIX server against OID using LDAP. We have a branch within OID where we've placed and synchronized Active Directory users. We've also configured external authentication on OID so that it verifies username/passwords against AD. Has anyone configured authentication for AIX in this type of environment? We believe we need to populate unix specific attributes on the user's directory entry in OID, but are unsure which attributes are needed. Additionally, we are looking to authenticate Oracle database users against OID but because of external authentication we are unable to populate the ORCLPASSWORD attribute on the user's directory entry on OID (which is the attribute Oracle is looking for password in). Help with either or both are welcome.

Read the article
Can I be a wireless server WITHOUT offering internet?

- by Kenny Hendrick

I would like to pull into a truck stop and offer a folder of free documentaries to quell some of the ignorance LOL I run Linux ";-) Very happy to have made that switch by the way...and have an internal wireless in the laptop but my bus has an antenna on the roof which I connect via usb to create a wireless signal (this is the one I'd like to focus on since it will offer the most reach to all those truckers out there. My question is this. I'm running apache2 and have a bunch of videos tossed into the www folder and can access it locally and would like others that frown on paying to use the truckstops slow internet service and would like an alternative by simply logging onto me and getting the narrow content I offer freely without passwords and the like. Has anyone a good means of doing this? p.s. I've done this in the past but am getting old and forgetful (my crutch)

Read the article
Powershell script for setting password expiry

- by Pierre E

Due to mistakes by the helpdesk staff, I found that over a 100 user accounts in my company AD have been set so that their passwords never expire. To avoid the situation in which all these users suddenly find themselves unable to log in, I want to run a script to set the password expiry to a specified date. I'm using Quest AD cmdlets, but I've only used powershell for simple scripts to get lists of users. The attribute I'm trying to modify is 'PasswordStatus' and I want to set those with this attribute set as "password never expires' to a specific date. Not much of a scripting guy, so any help in this would be most welcome.

Read the article
My website is infected with JS:ScriptIP-inf [Trj]

- by Rizwan Aaqil

I am using Network Solutions hosting. I was recently attacked with JS:Illredir-S [Trj], I asked my hosting providers to clean it and they cleaned it and updated all passwords, but now after a week my site got infected again with JS:ScriptIP-inf [Trj]. Can anyone please suggest me how to secure my website properly ? Should I change my hosting provider ? I am fed up of these viruses again and again on my websites. I can't even find this virus in my files. Please post informative answers. Thanks

Read the article
Optimizing MySQL for small VPS

- by Chris M

I'm trying to optimize my MySQL config for a verrry small VPS. The VPS is also running NGINX/PHP-FPM and Magento; all with a limit of 250MB of RAM. This is an output of MySQL Tuner... -------- General Statistics -------------------------------------------------- [--] Skipped version check for MySQLTuner script [OK] Currently running supported MySQL version 5.1.41-3ubuntu12.8 [OK] Operating on 64-bit architecture -------- Storage Engine Statistics ------------------------------------------- [--] Status: -Archive -BDB -Federated +InnoDB -ISAM -NDBCluster [--] Data in MyISAM tables: 1M (Tables: 14) [--] Data in InnoDB tables: 29M (Tables: 301) [--] Data in MEMORY tables: 1M (Tables: 17) [!!] Total fragmented tables: 301 -------- Security Recommendations ------------------------------------------- [OK] All database users have passwords assigned -------- Performance Metrics ------------------------------------------------- [--] Up for: 2d 11h 14m 58s (1M q [8.038 qps], 33K conn, TX: 2B, RX: 618M) [--] Reads / Writes: 83% / 17% [--] Total buffers: 122.0M global + 8.6M per thread (100 max threads) [!!] Maximum possible memory usage: 978.2M (404% of installed RAM) [OK] Slow queries: 0% (37/1M) [OK] Highest usage of available connections: 6% (6/100) [OK] Key buffer size / total MyISAM indexes: 32.0M/282.0K [OK] Key buffer hit rate: 99.7% (358K cached / 1K reads) [OK] Query cache efficiency: 83.4% (1M cached / 1M selects) [!!] Query cache prunes per day: 48301 [OK] Sorts requiring temporary tables: 0% (0 temp sorts / 144K sorts) [OK] Temporary tables created on disk: 13% (27K on disk / 203K total) [OK] Thread cache hit rate: 99% (6 created / 33K connections) [!!] Table cache hit rate: 0% (32 open / 51K opened) [OK] Open file limit used: 1% (20/1K) [OK] Table locks acquired immediately: 99% (1M immediate / 1M locks) [!!] InnoDB data size / buffer pool: 29.2M/8.0M -------- Recommendations ----------------------------------------------------- General recommendations: Run OPTIMIZE TABLE to defragment tables for better performance Reduce your overall MySQL memory footprint for system stability Enable the slow query log to troubleshoot bad queries Increase table_cache gradually to avoid file descriptor limits Variables to adjust: *** MySQL's maximum memory usage is dangerously high *** *** Add RAM before increasing MySQL buffer variables *** query_cache_size (> 64M) table_cache (> 32) innodb_buffer_pool_size (>= 29M) and this is the config. # # The MySQL database server configuration file. # # You can copy this to one of: # - "/etc/mysql/my.cnf" to set global options, # - "~/.my.cnf" to set user-specific options. # # One can use all long options that the program supports. # Run program with --help to get a list of available options and with # --print-defaults to see which it would actually understand and use. # # For explanations see # http://dev.mysql.com/doc/mysql/en/server-system-variables.html # This will be passed to all mysql clients # It has been reported that passwords should be enclosed with ticks/quotes # escpecially if they contain "#" chars... # Remember to edit /etc/mysql/debian.cnf when changing the socket location. [client] port = 3306 socket = /var/run/mysqld/mysqld.sock # Here is entries for some specific programs # The following values assume you have at least 32M ram # This was formally known as [safe_mysqld]. Both versions are currently parsed. [mysqld_safe] socket = /var/run/mysqld/mysqld.sock nice = 0 [mysqld] # # * Basic Settings # # # * IMPORTANT # If you make changes to these settings and your system uses apparmor, you may # also need to also adjust /etc/apparmor.d/usr.sbin.mysqld. # user = mysql socket = /var/run/mysqld/mysqld.sock port = 3306 basedir = /usr datadir = /var/lib/mysql tmpdir = /tmp skip-external-locking # # Instead of skip-networking the default is now to listen only on # localhost which is more compatible and is not less secure. bind-address = 127.0.0.1 # # * Fine Tuning # key_buffer = 32M max_allowed_packet = 16M thread_stack = 192K thread_cache_size = 8 sort_buffer_size = 4M read_buffer_size = 4M myisam_sort_buffer_size = 16M # This replaces the startup script and checks MyISAM tables if needed # the first time they are touched myisam-recover = BACKUP max_connections = 100 table_cache = 32 tmp_table_size = 128M #thread_concurrency = 10 # # * Query Cache Configuration # #query_cache_limit = 1M query_cache_type = 1 query_cache_size = 64M # # * Logging and Replication # # Both location gets rotated by the cronjob. # Be aware that this log type is a performance killer. # As of 5.1 you can enable the log at runtime! #general_log_file = /var/log/mysql/mysql.log #general_log = 1 log_error = /var/log/mysql/error.log # Here you can see queries with especially long duration #log_slow_queries = /var/log/mysql/mysql-slow.log #long_query_time = 2 #log-queries-not-using-indexes # # The following can be used as easy to replay backup logs or for replication. # note: if you are setting up a replication slave, see README.Debian about # other settings you may need to change. #server-id = 1 #log_bin = /var/log/mysql/mysql-bin.log expire_logs_days = 10 max_binlog_size = 100M #binlog_do_db = include_database_name #binlog_ignore_db = include_database_name # # * InnoDB # # InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/. # Read the manual for more InnoDB related options. There are many! # # * Security Features # # Read the manual, too, if you want chroot! # chroot = /var/lib/mysql/ # # For generating SSL certificates I recommend the OpenSSL GUI "tinyca". # # ssl-ca=/etc/mysql/cacert.pem # ssl-cert=/etc/mysql/server-cert.pem # ssl-key=/etc/mysql/server-key.pem [mysqldump] quick quote-names max_allowed_packet = 16M [mysql] #no-auto-rehash # faster start of mysql but no tab completition [isamchk] key_buffer = 16M # # * IMPORTANT: Additional settings that can override those from this file! # The files must end with '.cnf', otherwise they'll be ignored. # !includedir /etc/mysql/conf.d/ The site contains 1 wordpress site,so lots of MYISAM but mostly static content as its not changing all that often (A wordpress cache plugin deals with this). And the Magento Site which consists of a lot of InnoDB tables, some MyISAM and some INMEMORY. The "read" side seems to be running pretty well with a mass of optimizations I've used on Magento, the NGINX setup and PHP-FPM + XCACHE. I'd love to have a kick in the right direction with the MySQL config so I'm not blindly altering it based on the MySQLTuner without understanding what I'm changing. Thanks

Read the article
Migrating to new dovecot server; Dovecot fails to authenticate using old password database

- by Ironlenny

I am migrating my companies intranet from a OS X server to an Ubuntu 12.04 server. We use a flat file to store user names and passwords hashs. This file is used by Apache and Dovecot to authenticate users. The Ubuntu server is running Dovecot 2.0 while the OS X server is running Dovecot 1.2. I have already migrated WebDav which uses Apache for authentication. Authentication works. I'm in the process of migrating our Prosody server which uses Dovecot for authentiation. Dovecot is up and running, but when I test authentication using either telnet a login username password or doveadm sudo doveadm auth username, I get dovecot: auth: passwd-file(username): unknown user dovecot: auth: Debug: client out: FAIL#0111#011user=username in my log file. I can use sudo dovecot user username to perform a user lookup and it will return the user's info. I can generate a password hash locally and Dovecot will authenticate the test password just fine.

Read the article
Running 'sudo' over SSH

- by Wesho

I'm writing a script which is to log onto a bunch of remote machines and run a command on them. I've set up keys so the user running the script does not have to type the password of each machine, but only type in the passphrase in the beginning of the script. The problem is that the command on the remote machines requires sudo to run. And at the same time the whole point of the script is to rid the user of having to type in passwords multiple times. Is there way to avoid typing in the password for sudo? Changing permissions of the command on the remote machines is not an option.

Read the article
Change Groupwise 7 User Password from NetWare Server Console

- by Scott Wolf

I have a Groupwise 7 server in place that we use for testing purposes. The previous administrator didn't bother to make a note of any of the account passwords on the machine. I have access to the Server Console...but I can't login via ConsoleOne or anything like that. Is there a command line utility that I can run from the Server Console to reset a Groupwise user password? I just need to have one account up and running for testing. If there's a CLI utility I can use to be able to create a new account, that would work just as well. Any help would be greatly appreciated...I'm kinda stuck at this point.

Read the article
SASL + postfixadmin - SMTP authentication with hashed password

- by mateo

Hi all, I'm trying to set up the mail server. I have problem with my SMTP authentication using sasl. I'm using postfixadmin to create my mailboxes, the password is in some kind of md5, postfixadmin config.inc.php: $CONF['encrypt'] = 'md5crypt'; $CONF['authlib_default_flavor'] = 'md5raw'; the sasl is configured like that (/etc/postfix/sasl/smtpd.conf): pwcheck_method: auxprop auxprop_plugin: sql sql_engine: mysql mech_list: plain login cram-md5 digest-md5 sql_hostnames: 127.0.0.1 sql_user: postfix sql_passwd: **** sql_database: postfix sql_select: SELECT password FROM mailbox WHERE username = '%u@%r' log_level: 7 If I want to authenticate (let's say from Thunderbird) with my password, I can't. If I use hashed password from MySQL I can authenticate and send an email. So I think the problem is with hash algorithm. Do you know how to set up the SASL (or postfixadmin) to work fine together. I don't want to store my passwords in plain text...

Read the article
How can I automatically boot to my new Windows 7 installation?

- by Walkerneo

When I bought a new computer, I reinstalled windows on the larger hard drive it came with, but kept the old hard drive as well. I'm keeping the old Windows installation on the hard drive in case I need saved passwords or other data only accessible after signing in. On the boot screen, it gives me the option to boot into the installation I'm currently using, or the "recovered" installation. Attempting to boot into the second one fails anyway. Is there a way I can automatically boot into this installation while still maintaining the possibility of booting into the old installation?

Read the article
Secure Login add on stopped working after installing BitDefender

- by ldigas

I'm using FF 3.5.4. with Secure Login 0.9.3 add on (lovely little thing). After a lot of persuading, my sys admin finally got to me, and I let him install BitDefender on my machine as well ... and naturally, like all anti virus programs do, it had to screw up something, and it was that add on. It says now in the add onns menu, that it isn't compatible with FF 3.5.4. (which is possible, I don' know, but it did work until one hour ago). What to do to make it work again? All ideas welcomed. I really hate writing all that logins/passwords by ahnd.

Read the article
autofs mac os x afp not loading as correct user?

- by Stephen Furlani

Hello, I am way out of my depth, and I am trying to get all of my nodes on a cluster to mount a drive on my head node. I've got /etc/auto_master and /etc/auto_afp configured according to Apple's "Autofs: Automatically Mounting Network File Shares in Mac OS X" White Paper: /etc/auto_master +auto_master # Use directory service /net -hosts -nobrowse,hidefromfinder,nosuid /home auto_home -nobrowse,hidefromfinder /Network/Servers -fstab /- -static /- auto_afp /etc/auto_afp /Volumes/userA -fstype=afp afp://userA:[email protected]:/ /Volumes/userB -fstype=afp afp://userB:[email protected]:/ I am logged into a compute-node as userA. automount appears to mount both /Volumes/userA and /Volumes/userB to head-node.local:/Users/userA/Documents/ even though I have usernames, passwords, and user-directory specified in the afp url. If I go and login with Finder - it mounts userB appropriately. File sharing and cd/dvd sharing is enabled on all computers involved. Am I doing the right thing, and if so, what did I do wrong? -Stephen

Read the article
Scriptable FTPS client able to send Keep Alive to control port?

- by schultkl

We need a FTP client that satisfies the following constraints: Windows Command-line scriptable, so we can automate it...sorry, FileZilla (?) FTPS, as it seems to perform better than SFTP The ability to send KeepAlive commands to the FTPS control port No passwords sent on the command line...sorry, curl Number 4, above, is critical: we have set KeepAlive in some other clients (e.g., CoreFTP LE) but we seem to have some routing equipment in the server environment which drops our connection when transferring a 7GB+ file. We have also set passive mode and "resume transfer" functionality seems currently broken with this secure file transport server...so we need to download the file in one go. What FTPS clients might meet our needs?

Read the article
Cannot access Windows 7 share from Windows XP

- by artfulrobot

I have a new Windows 7 machine named PAP44 in the PAP workgroup. The networking is set to "Work" mode for the wired LAN. I have a couple of users and I've shared a folder and set it so both users can read/write. Confusingly for me, rather than sharing just that folder (as I'm used to with older versions of Windows) it appears to be sharing a path (\\pap44\users\...\myFolder) From another machine on the LAN, running XP, when I go to \\PAP44\Users I'm asked for a username and password, but neither of the usernames+passwords work. It just jumps back to the username and password dialogue, except that the username I entered gets prefixed with PAP44\ My end goal is to get my Debian/Ubuntu machines to be able to access this share, but first of all I thought I'd try to get it working in Windows, after all, that's supposed to be easy! Is there another step? (PS. I am not a "hit and run" case!)

Read the article
jboss 4: enable UsersRolesLoginModule, where must users.properties files be placed?

- by golemwashere

I have an application (CQ5) that requires enabling unauthenticatedIdentity on jbossdir/conf/login-config.xml I used: <authentication> <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule" flag = "required" > <module-option name="unauthenticatedIdentity">nobody</module-option> </login-module> </authentication> then I tried to copy jbossdir/conf/props/jmx-console-users.properties,jmx-console-roles.properties into users.properties and roles.properies (same dir). I still get this error: ERROR [org.jboss.security.auth.spi.UsersRolesLoginModule] Failed to load users/passwords/role files java.io.IOException: No properties file: users.properties or defaults: defaultUsers.properties found where should I put those files?

Read the article
POST data not being received

- by Alexander

I've got an iPhone App that is supposed to send POST data to my server to register the device in a MySQL database so we can send notifications etc... to it. It sends it's unique identifier, device name, token, and a few other small things like passwords and usernames as a POST request to our server. The problem is that sometimes the server doesn't receive the data. And by this I mean, its not just receiving blank values for the POST inputs but, its not receiving ANY post data at all. I am logging all POST inputs to my server into some log files and when the script that relies on the POST data from the device fails (detects no data) I notice that its because NO POST data was sent. Is this a problem on the server, like refusing data or something or does this have to be on the client's side? What could be causing this?

Read the article
Users can't change password trough OWA for Exchange 2010

- by Rémy Roux

Here's our problem, users who want to change their password trough OWA get this error "The password you entered doesn't meet the minimum security requirements.", even if users are respecting the minimum security requirements. With these settings, we have the error: Enforced password history 1 passwords remembered Maximum password age 185 days Minimum password age 1 day Minimum password length 7 characters Password must meet complexity requirements enabled With these test settings, we don't have an error: Enforced password history not defined Maximum password age not defined Minimum password age not defined Minimum password length not defined Password must meet complexity requirements not defined People can change their password but there is no more security! Just changing one parameter of the GPO for example "Enforced password history", brings back this error. Here's our server configuration : Windows Server 2008 R2 Exchange Server 2010 Version: 14.00.0722.000 If anybody has a clue it would very helpful !

Read the article
OpenLDAP Password Expiration with pwdReset=TRUE?

- by jsight

I have configured the ppolicy overlay for OpenLDAP to enable password policies. These things work: Password lockouts on too many failed attempts Password Change required once pwdReset=TRUE added to user entry Password Expirations If the account is locked out due to intrusion attempts (too many bad passwords) or time (expiration time hit), the account must be reset by an administrator. However, when the administrator sets pwdReset=TRUE in the profile, this seems to also override the expiration policy. So, the password that the administrator sent out (which should be a temporary password) ends up being valid permanently. Is there a way in OpenLDAP to have a password that must be changed, but also MUST expire?

Read the article
Are there any data remanence issues with flash storage devices?

- by matt

I am under the impression that, unlike magnetic storage, once data has been deleted from a flash drive it is gone for good but I'm looking to confirm this. This is actually relating to my smart phone, not my computer, but I figured it would be the same for any flash type memory. Basically, I have done a "Factory Reset" on the phone, which wipes the Flash ROM clean but I'm wondering is it really clean or is the next person that has my phone, if they are savvy enough going to be able to get all my passwords and what not? And yes, I am wearing my tinfoil hat so the CIA satellites can't read my thoughts, so I'm covered there.

Read the article
Shared login in a computer network?

- by Donald

Hi, I need to understand how a network works: Several PCs running Windows XP One server The PCs are all network connected, as well as the server. Each computer share the logins. I need to understand what happens if I take off the server. Can I still login in each PC? Is the username:passwords on the server or in each computer? My final goal is to take off the server from the network and I need to know what is the server doing. What can he be doing? Thanks.

Read the article
Usermin (Webmin)- Users can't login

- by Armadillo

I've installed Webmin in my server. The users of my Unix server must be able to change their passwords. So, for that, they use Usermin. But users just can't login in Usermin module. I get always this message: Login failed. Please try again. What is the reason for this behavior? How can I give access to Usermin to my users? I'm able to login as any user when viewing "Current Login Sessions" - "Switch to Usermin user:", with the Admin user.

Read the article
OpenLDAP Password Expiration with pwdReset=TRUE?

- by jsight

I have configured the ppolicy overlay for OpenLDAP to enable password policies. These things work: Password lockouts on too many failed attempts Password Change required once pwdReset=TRUE added to user entry Password Expirations If the account is locked out due to intrusion attempts (too many bad passwords) or time (expiration time hit), the account must be reset by an administrator. However, when the administrator sets pwdReset=TRUE in the profile, this seems to also override the expiration policy. So, the password that the administrator sent out (which should be a temporary password) ends up being valid permanently. Is there a way in OpenLDAP to have a password that must be changed, but also MUST expire?

Read the article
How to locate chrome bookmarks in linux

- by xenon

I upgraded from Karmic Koala to Lucid Lynx beta, was working fine for a while (was even rebooting). But, after some time, it is not booting and i cant find a solution. I have tried installing the grub again, doesn't help. Well, the problem is all my settings, bookmarks and passwords are blocked in that partition. I cant find where the Chrome stores bookmarks in Ubuntu. Can you help me either getting my system rebooted or getting the bookmarks ? Thanks. p.s. I am currently on liveusb.

Read the article
Trucrypt or any HDD encryption solution with a bypass?

- by sorrrydoctorforlove

Hello experts, in my environment here we have started using trucrypt to encrypt and protect our laptops that are being brought out of the office. The issue comes with the password, we can document the passwords and assign them to users but if they simply use the program to change the password, and then forget it we are in trouble. We backup our data to external locations so it should be fine, but is there any way to install a bypass to be able to boot the laptop or stpo users changing their password (while they have local admin access)? Or should we try another solution? thanks.

Read the article

< Previous Page | 107 108 109 110 111 112 113 114 115 116 117 118 | Next Page >