Search Results

Search found 5623 results on 225 pages for 'prevent deletion'.

Page 113/225 | < Previous Page | 109 110 111 112 113 114 115 116 117 118 119 120 | Next Page >

Locking down a box on the web

- by glowcoder

I'm a Java developer who is looking to put a game on the web. I'm not much of a web or server guy, though, and frankly I seem a little lost at where I should start with putting something on the web. My application works fine on my machine, and I'm sure I can make it work fine on any box I put it on. But the security of that box is pretty important. If I sign up for a standard hosting package (let's say from GoDaddy or something) can I simply tell them "make port 12345 open for communication" and let them handle the rest of the security details? If I can't, what are the things I'm going to need to know to prevent my game server from getting hacked to shreds? (Links to solid resources fine by me!) Thanks!

Read the article
Safely Remove Hardware (USB drive) needs End Process for rundll32.exe - Windows XP SP3

- by Michael Warner

Image Name PID Modules ========================= ====== ============================================= rundll32.exe 252 ntdll.dll, kernel32.dll, msvcrt.dll, GDI32.dll, USER32.dll, IMAGEHLP.dll, ShimEng.dll, AcGenral.DLL, ADVAPI32.dll, RPCRT4.dll, Secur32.dll, WINMM.dll, ole32.dll, OLEAUT32.dll, MSACM32.dll, VERSION.dll, SHELL32.dll, SHLWAPI.dll, USERENV.dll, UxTheme.dll, guard32.dll, fltlib.dll, comctl32.dll, comctl32.dll, NvMcTray.dll, SETUPAPI.dll, IMM32.dll, nvapi.dll I have to end the rundll32.exe process to safely remove my USB drive. Given the modules rundll32.exe is running, do you know which running module(s) would prevent the USB drive from being safely removed, and if so is there a more permanent straightforward solution such as changing an automatic service (the list from services.msc) into a disabled/manual service or maybe something else you can think of?

Read the article
Apache redirect from one domain to another domain

- by cpuguru

Like many users, we tend to register the *.com and *.net versions of our domain names to prevent nefarious squatters. So if we wanted "foo.com" we'd also register "foo.net" and have them both resolve to the same IP address. Trying to set up Apache for the first time and need to know the proper way to redirect requests to "foo.net" to go to "foo.com" instead so that if a user types in "foo.net" they get magically redirected to "foo.com". I've been reading through the Apache URL Rewriting guide (http://httpd.apache.org/docs/1.3/misc/rewriteguide.html) and it's not readily apparent how to do this seemingly simple task. Please advise this apprentice oh wise Apache jedi...

Read the article
How to tell X.org to reload input device module?

- by Vi

When X.org boots up, Synaptics touchpad works well. But when I remove the module it falls back to /dev/input/mice and don't use normal driver even when touchpad is available again. Xorg.0.log: ... (II) XINPUT: Adding extended input device "Synaptics Touchpad" (type: TOUCHPAD) (--) Synaptics Touchpad: touchpad found # { rmmod psmouse && echo mem /sys/power/state && modprobe psmouse; } (WW) : No Device specified, looking for one... (II) : Setting Device option to "/dev/input/mice" ... How to tell X.org to try it's InputDevice again (without restarting X server)? P.S. rmmod psmouse is needed to prevent crashing of Acer Extensa 5220 when resuming from suspend-to-ram. Update: Found answer myself: Doing xinput set-int-prop "Synaptics Touchpad" "Device Enabled" 8 1 after reloading the kernel module reloads touchpad. Now suspend-to-ram works OK.

Read the article
Lock down SFTP access on OpenSolaris

- by Simon

Hi all, I have an OpenSolaris 2009.06 server and I'd like to enable a user to remotely change files in a specific directory, ideally via SFTP or FTP-via-SSH. This user does not yet have an account on the machine and I'd like to create it so it's as restricted as possible. Is there a canonical way of doing this? I know about OpenSolaris' role-based access control and authorizations model, but I figure it's a lot of work (i.e., a lot I can mess up) to really lock down a full-blown user account (prevent fork bombs, make sure there's really no other file in the file system which can be written to...). Any hint is greatly appreciated. Thanks, Simon

Read the article
Proper way to cleanup dynamic engines and can they be loaded twice?

- by Becky

Hello - I am having problems loading Engine PKCS #11 as a dynamic engine using python and M2Crypto. I am trying to access an Aladdin USB eToken. Here are the important steps from my python code: dynamic = Engine.load_dynamic_engine("pkcs11", "/usr/local/ssl/lib/engines/engine_pkcs11.so") pkcs11 = Engine.Engine("pkcs11") pkcs11.ctrl_cmd_string("MODULE_PATH", "/usr/lib/libeTPkcs11.so") pkcs11.engine_init_custom() # initialize engine with custom M2Crypto patch # next few steps which I deleted pass password and grab key & cert off token Engine.cleanup() This works fine the first time this method gets run. The second time, it fails when loading the dynamic engine (see error below). Traceback (most recent call last): File "", line 1, in ? File "/usr/local/lib/python2.4/site-packages/M2Crypto/Engine.py", line 98, in load_dynamic_engine e.ctrl_cmd_string("LOAD", None) File "/usr/local/lib/python2.4/site-packages/M2Crypto/Engine.py", line 38, in ctrl_cmd_string raise EngineError(Err.get_error()) M2Crypto.Engine.EngineError: 4002:error:260B606D:engine routines:DYNAMIC_LOAD:init failed:eng_dyn.c:521: Is it impossible to load engines twice in a python session? Am I missing some kind of engine cleanup/deletion? The OpenSSL docs talk about engine_finish() but I don't think M2Crypto offers that. Is there a method to tell if the engine is already loaded? Thanks!

Read the article
Disable ability to add startup items in Windows 7?

- by Gam Erix

Note: This is not the question "How to disable startup items" because the simple answer is: "Use msconfig". Now as for my question: I recently am very annoyed that some programs add startup items to my PC without my knowledge after installation, I always have 2 programs which startup - Temperature monitor and the Catalyst Control Center Tray. Now, sometimes I install something and it adds startup entries, how can I make sure that no startup entries can be added to windows anymore? So what I would like to do: -Disable adding scheduled tasks (even for administrator accounts, so programs installing from them can't add startup entries too) -Disable adding startup entries to the registry (even for administrators, would changing the permissions in HKLM on the Microsoft\Windows\CurrentVersion\Run to read only be enough?) -Disable all other methods of startup in Windows 7 I don't know -Set default startup of NEW installed services to "Start Manually" instead of/and block "Start Automaticly" and "Start Automaticly (Delayed)" How can I accomplish this? This is also a nice way to prevent most viruses fom running after machine reboot (if this can be accomplished).

Read the article
htaccess rewrite and auth conflict

- by Michael

I have 2 directories each with a .htaccess file: html/.htaccess - There is a rewrite in this file to send almost everything to url.php RewriteCond %{REQUEST_URI} !(exported/?|\.(php|gif|jpe?g|png|css|js|pdf|doc|xml|ico))$ RewriteRule (.*)$ /url.php [L] and html/exported/.htaccess AuthType Basic AuthName "exported" AuthUserFile "/home/siteuser/.htpasswd" require valid-user If I remove html/exported/.htaccess the rewriting works fine and the exported directory can be access. If I remove html/.htaccess the authentication works fine. However when I have both .htaccess files exported/ is being rewritten to /url.php. Any ideas how I can prevent it?

Read the article
Regarding Reinstalling PostgreSQL

- by Vivalavista

I was using PostgreSQL 8.4. I tried removing it through Synaptic Manager and then I tried to install 9.1, but I still version 8.4. I deleted all the files associated with postgresql. Now I am unable to install any version of PostgreSQL. When I try I get this error: Setting up postgresql-9.1 (9.1.3-1~lucid) ... .: 12: Can't open /usr/share/postgresql-common/maintscripts-functions dpkg: error processing postgresql-9.1 (--configure): subprocess installed post-installation script returned error exit status 2 dpkg: dependency problems prevent configuration of postgresql: postgresql depends on postgresql-9.1; however: Package postgresql-9.1 is not configured yet. dpkg: error processing postgresql (--configure): dependency problems - leaving unconfigured No apport report written because the error message indicates its a followup error from a previous failure. Errors were encountered while processing: postgresql-9.1 postgresql E: Sub-process /usr/bin/dpkg returned an error code (1) Please tell me the way to remove postgres completely so I can install a fresh version.

Read the article
database replication for new user signup

- by Jeff Storey

I have a database that stores the users of my application. When a new user signs up, a record is inserted into the database for that user. I have a replicated version (slave) of this database (using mysql for now). What I'm concerned about is this scenario: step 1: user signs up and user record is inserted into the database step 2: user then tries to login, and the login process queries the database for the user. however, this query hits the slave database, but the user record has not yet been replicated in the slave and it returns an error that the user does not exist. This is a pretty trivial example, but I can see how it can apply to a lot of cases. Is there a strategy for configuring replicated databases to help prevent this situation?

Read the article
looking for a clean way of how to bring down a ftp server for maintenance

- by harald

hello, i'm currently thinking of a clean way of how to bring an ftp server down for maintenance. i wonder, if anybody out there could give me some hints of how to solve this: i don't want to interrupt any current uploads, but want to block any new connects / uploads and wait, till uploads have finished, before taking down the ftp server is there a way of dynamically prevent user-logins and show a message eg.: "ftp currently down for maintenance" when a user tries to log in? are my thoughts on this very uncommon or how do others handle this -- i feel, that just halting ftp server and killing any current uploads is not the right way for this ... i use proftpd (with SQL backend) btw, maybe there are some specific solutions for this -- or are there any generic tools to achieve this? many thanks!

Read the article
Corrupt file indicative of corrupt hard drive?

- by Elipsicon

I have noticed that two files on my (almost full) 2 TB hard drive have been corrupted. One file has 20 kB (!) corrupted, i.e. consecutive 20 kB have changed, even though the modification date of the file hasn't changed and I haven't worked with this file for over a year. This tells me that something "below" the file system level has messed with the data and the only thing I can think of is hardware failure, most likely hard disk failure. I've tested my RAM already and it works flawlessly. I'm using ext4 on Linux, if that is of any help. Is this normal? Is it time to change my hard drive disk before something worse happens? What can I do to prevent that from happening in the future? Is there some built-in feature of, or extension to ext4 that includes additional error correcting code and/or watches files for changes that haven't been caused by the OS?

Read the article
puppet duplicate resources and virtual resources

- by user45097

Overview Hi just started using Puppet and have been unable to suss something. Problem Because of normalization when I add 2 classes to a node with packages that have the same dependencies it fails. In simple terms have duplicate resources - in this case the package libssl. Note: packages are being held to prevent latest packages being installed. QUestion What's the best practice way to get round this? class ssh { package { 'openssh-server': ensure = installed, require = libssl } package { 'libssl': ensure = installed, } } class apache { package { 'apache': ensure = installed, require = libssl, } package { 'libssl': ensure = installed, } } node server { include apache include openssl-server

Read the article
What are the pros/cons of blocking a program from running in %appdata%, %temp%, etc.?

- by poke

While researching ways to prevent CryptoLocker, I saw a forum post that advised using Group Policy Objects (GPO) and/or antivirus software to block run access in the following locations: %appdata% %localappdata% %temp% %UserProfile% Compressed archives Obviously, anything written in a forum should be taken with caution. I do see advantages to do doing this, though, primarily because malware likes to execute out of these locations. Of course, this could impact legitimate programs as well. What are the drawbacks to blocking run access to these locations? What are the advantages?

Read the article
How can I make it difficult to install a new operating system on a certain computer?

- by D W

I want to host a website on a desktop computer running Ubuntu with a Windows virtual machine. I will give away the computer in exchange for a number of months of remote web hosting. I want to add some kind of lock (hardware or otherwise) so that the end users will have difficulty just reinstalling Windows and using the machine as they want, in contradiction to the contract. Ideally, I'd want the machine to die if reinstallation of the OS is attempted. It doesn't have to be completely insurmountable, but it has to be difficult enough to prevent casual reinstallation. Perhaps on bootup the system can check whether certain files exist on the computer and refuse to boot if they do not. I don't know if this is possible, but maybe BIOS is password protected, and searches for files before boot up. The files it looks for could be date sensitive, i.e. require remote replacement on a schedule.

Read the article
Can /etc/hosts.deny/allow be overridden?

- by Tar

I have security measures put in place to keep unwanted users out of my server. I've changed the SSH port, disabled root login, have a software firewall to block portscans, and have entries in hosts.deny and hosts.allow. I have various services denied to all but another server of mine should my IP change, and two other administrators + my own IP address. My question is, can hosts.deny/allow configuration be overridden so that they can gain access to my server? Does using chroot jail for running things like an IRC server and Teamspeak server prevent people from gaining access to my server and screwing with it?

Read the article
JPA association table is not deletable

- by Marcel

Hi I have a problem with JPA (EclipseLink). I am not able to delete a association table. This is the situation: Product 1:n to ProductResource Resource 1:n to ProductResource I first set the product and resource attributes of ProductResource. If I then try to delete the ProductResource object nothing happens (no sql is generated - no exception). If I comment out both OneToMany annotations in ProductResource I can delete the object. I can also delete the object when product and resource attributes are not set. If I comment out only the annotation above the ressource attribut the ProductResource object gets deleted upon the deletion of the product object (cascade=CascadeType.ALL). I hope someone could give me a hint. Thank you. Product Resource: public class ProductResource implements Serializable { @ManyToOne(fetch=FetchType.EAGER, cascade=CascadeType.MERGE) private Product product; @ManyToOne(fetch=FetchType.EAGER, cascade=CascadeType.MERGE) private Resource resource; Product: public class Product implements Serializable { @OneToMany(mappedBy="product", fetch=FetchType.EAGER, cascade=CascadeType.ALL) private List<ProductResource> productResources = new ArrayList<ProductResource>(); Resource: public class Resource implements Serializable { @OneToMany(mappedBy="resource", fetch=FetchType.EAGER, cascade=CascadeType.ALL) private List<ProductResource> productResources = new ArrayList<ProductResource>(); Greetings Marcel

Read the article
Macos default paths prepend my defined paths in vim

- by Bogdan Gusiev

I am trying to call some shell command from vim with like :!ls command. But unfortunately there are some default PATHS that prepends PATHs defined in the original shell. Here is the echo $PATH output in the original shell: /usr/local/heroku/bin:/Users/bogdan/.rvm/gems/ruby-1.9.3-p194/bin:/Users/bogdan/.rvm/gems/ruby-1.9.3-p194@global/bin:/Users/bogdan/.rvm/rubies/ruby-1.9.3-p194/bin:/Users/bogdan/.rvm/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/X11/bin:/Users/bogdan/.rvm/bin:/Users/bogdan/bin:/Users/bogdan/.rvm/bin:/usr/local/Cellar/git/1.7.12.2/libexec/git-core:/Users/bogdan/.rvm/bin and shell called within vim: /usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/X11/bin:/Users/bogdan/.rvm/gems/ruby-1.9.3-p194@devauc/bin:/Users/bogdan/.rvm/gems/ruby-1.9.3-p194@global/bin:/Users/bogdan/.rvm/rubies/ruby-1.9.3-p194/bin:/Users/bogdan/.rvm/bin:/Users/bogdan/bin:/usr/local/Cellar/git/1.7.12.2/libexec/git-core:/Users/bogdan/.rvm/bin Why they appeared right there? How can I prevent that and make vim shell has original PATH variable.

Read the article
Disabling kextcache on 10.5.8 and 10.6.3

- by Jeff Kelley

We use Radmind to manage our Mac OS X loadsets and, as such, often run into difficulty when new OS releases come out due to, among other things, updated kernel extensions. The workflow in the past (OS revisions <= 10.4) was to delete the kernel extension cache, update the extensions, and then reboot. That worked just fine, as the system would re-create missing caches on boot. In Leopard, you need to delete the caches after replacing the kernel extensions with their new versions, as the system will automatically start creating them when you replace them; the only way to ensure that you don't have invalid extensions cached is to delete the cache before rebooting. I'm looking for a way to prevent the kernel extensions cache from being re-created until the next reboot. If you modify the contents of /System/Library/Extensions/, kextcache will start up automatically. I've looked through /System/Library/LaunchDaemons/ and other places, but I can't find whatever it is that's starting kextcache. Any ideas?

Read the article
Strategy and AI for the game 'Proximity'

- by smci

'Proximity' is a strategy game of territorial domination similar to Othello, Go and Risk. Two players, uses a 10x12 hex grid. Game invented by Brian Cable in 2007. Seems to be a worthy game for discussing a) optimal strategy then b) how to build an AI Strategies are going to be probabilistic or heuristic-based, due to the randomness factor, and the high branching factor (starts out at 120). So it will be kind of hard to compare objectively. A compute time limit of 5s per turn seems reasonable. Game: Flash version here and many copies elsewhere on the web Rules: here Object: to have control of the most armies after all tiles have been placed. Each turn you received a randomly numbered tile (value between 1 and 20 armies) to place on any vacant board space. If this tile is adjacent to any ally tiles, it will strengthen each tile's defenses +1 (up to a max value of 20). If it is adjacent to any enemy tiles, it will take control over them if its number is higher than the number on the enemy tile. Thoughts on strategy: Here are some initial thoughts; setting the computer AI to Expert will probably teach a lot: minimizing your perimeter seems to be a good strategy, to prevent flips and minimize worst-case damage like in Go, leaving holes inside your formation is lethal, only more so with the hex grid because you can lose armies on up to 6 squares in one move low-numbered tiles are a liability, so place them away from your main territory, near the board edges and scattered. You can also use low-numbered tiles to plug holes in your formation, or make small gains along the perimeter which the opponent will not tend to bother attacking. a triangle formation of three pieces is strong since they mutually reinforce, and also reduce the perimeter Each tile can be flipped at most 6 times, i.e. when its neighbor tiles are occupied. Control of a formation can flow back and forth. Sometimes you lose part of a formation and plug any holes to render that part of the board 'dead' and lock in your territory/ prevent further losses. Low-numbered tiles are obvious-but-low-valued liabilities, but high-numbered tiles can be bigger liabilities if they get flipped (which is harder). One lucky play with a 20-army tile can cause a swing of 200 (from +100 to -100 armies). So tile placement will have both offensive and defensive considerations. Comment 1,2,4 seem to resemble a minimax strategy where we minimize the maximum expected possible loss (modified by some probabilistic consideration of the value ß the opponent can get from 1..20 i.e. a structure which can only be flipped by a ß=20 tile is 'nearly impregnable'.) I'm not clear what the implications of comments 3,5,6 are for optimal strategy. Interested in comments from Go, Chess or Othello players. (The sequel ProximityHD for XBox Live, allows 4-player -cooperative or -competitive local multiplayer increases the branching factor since you now have 5 tiles in your hand at any given time, of which you can only play one. Reinforcement of ally tiles is increased to +2 per ally.)

Read the article
How do I deny all requests not from cloudflare?

- by phillips1012

I've recently gotten denial of service attacks from multiple proxy ips, so I installed cloudflare to prevent this. Then I started noticing that they're bypassing cloudflare by connecting directly to the server's ip address and forging the host header. What is the most performant way to return 403 on connections that aren't from the 18 ip addresses used by cloudflare? I tried denying all then explicitly allowing the cloudflare ips but this doesn't work since I've set it up so that CF-Connecting-IP sets the ip allow tests for. I'm using nginx 1.6.0.

Read the article
check_mk IPMI PCM sensor reading randomly fails

- by Julian Kessel

I use check_mk_agent for monitoring a server with IPMI and the freeipmi-tools installed. As far as I can see, the monitoring randomly detects no value returned by the IPMI Sensor "Temperature_PCH_Temp". That's a problem since it results in a CRITICAL state triggering a notification. The interruption lasts only over one check, the following is always OK. The temperature is in no edge area and neither the readings before the fail nor after show a Temp that is tending to overrun a treshold. Has someone an idea on what could be the reason for this behaviour and how prevent it?

Read the article
Redirect HTTP requests based on subdomain address without changing accessed URL?

- by tputkonen

Let's say I have a domain: www.mydomain.com And I ordered a new domain: abc.newdomain.com Both domains are hosted in the same ISP, so currently requests to either of those addresses result in the same page being shown. I want to redirect all requests to abc.newdomain.com to folder /wp so that when users access abc.newdomain.com they would see whatever is inside folder /wp without seeing the URL change. Questions: 1) How can I achieve this using .htaccess? 2) How can I prevent users from accessing directly /wp directory (meaning that www.mydomain.com/wp would be blocked)?

Read the article
Other user SSHed from my hardware

- by Alex

While logged into our HPC cluster I used w to check out who else was logged in. I happened to notice that it looks like there's another user logged in from my (personal) computer; 19:04:47 up 40 days, 6:39, 44 users, load average: 0.10, 0.14, 0.18 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT ME pts/4 zerg.neuron12. 18:55 0.00s 0.09s 0.04s w SOMEONE_ELSE pts/35 zerg.neuron12. Sat14 2:27m 0.08s 0.08s -bash Is this something I should be worried out - I tried to kill the other session but had a permission denied message. Is it possible we just both have the same hardware name? I'd have thought that if this were the case the server would give one of us a different name (e.g. zerg1) when we logged in to prevent confusion. This is not an area I have any experience with, so any advice would be greatly appreciated!

Read the article
Postfix: how to use simple file for SASL authentication?

- by Jonathan

I'd like to run Postfix on a Debian VPS to send e-mails from my application. The application (running on other VPSes) would connect to Postfix via SMTP. Postfix does not have to handle incoming email; it's just about sending the outgoing messages. To prevent being an open relay, SASL authentication should be used. However, I don't want to run Dovecot or MySQL for SASL authentication. How can I setup SASL authentication using a simple file (containing usernames and passwords)? I already found a similar question; however, no satisfying answers where given there.

Read the article

< Previous Page | 109 110 111 112 113 114 115 116 117 118 119 120 | Next Page >