Search Results

Search found 13454 results on 539 pages for 'ws security'.

Page 132/539 | < Previous Page | 128 129 130 131 132 133 134 135 136 137 138 139  | Next Page >

  • Can admins monitor my activity locally even when I use a VPN?

    - by Arjun Create
    My school has one of those super overreacting web blockers (specifically Fortisnet) that blocks things that should be accessible by a high-school senior trying to research projects. Despite many students' complaints the administration's hands are tied due to parents' complaints. I have setup a VPN account from http://www.vpnreactor.com. With this I am able to bypass the blocker. I know this service hides my IP from websites and servers on the web. I also know that the school pays an IT guy just to monitor sites and network traffic that the students are using. Basically, will he be able to see my network traffic? More importantly, will he be able to trace it to my computer or its MAC address? I am connecting over Wi-Fi, not ethernet.

    Read the article

  • Securing ColdFusion for internet facing server

    - by Goyuix
    What do I need to do to tighten down a ColdFusion server for internet facing apps? The only thing that specifically came to mind was to restrict the CFIDE and JRunScripts directories to a local subnet. Are there settings in the administrator I can tweak to make the applications more secure?

    Read the article

  • Can I disable Pam Loginuid? Can I find out options used to configure kernel?

    - by dunxd
    I am getting a lot of the following types of error in my secure log on a CentOS 5.4 server: crond[10445]: pam_loginuid(crond:session): set_loginuid failed opening loginuid sshd[10473]: pam_loginuid(sshd:session): set_loginuid failed opening loginuid I've seen discussion of this being caused when using a non-standard kernel without the correct CONFIG_AUDIT and CONFIG_AUDITSYSCALL options set. Where this is the case, it is advised to comment out some lines in the pam.d config files. I am running a Virtual Private Server where I need to use the kernel provided by the supplier. Is there a way to find out what options they used to configure the kernel? I want to verify if the above is the cause. If this turns out not to be the cause, what are the risk of disabling pam_loginuid for crond and sshd?

    Read the article

  • Cracking WEP with Aircrack and Kismet

    - by Jenny
    Just a minor question, but I notice with aircrack when it lists networks, it does not list the encryption type of each network. Which seems fair enough, as you can use Kismet, however on my machine when I end kismet and the server, the monitor interface is not removed and I cannot remove it manually, which screws with aircrack. SO, is kismet needed to view encryption types of networks, and if so how do you use it peacefully in unison with aircrack?

    Read the article

  • Has anyone had luck running 802.1x over ethernet using the stock Windows or other free supplicant?

    - by maxxpower
    I just wanted to see if anyone else has had luck implementing 802.1x over ethernet. So here's my basic setup. Switch sends out 3 eapol messages spaced out 5 seconds apart. if there's no response the machine gets put on a guest vlan with restricted access. If the machine is properly configured it will authenticate and be placed into a secure vlan. About 10% of my windows xp users are getting self assigned 169 addresses. I've used the Odyssey Access Client and it worked without a hitch. I'm using the setting to automatically use the users windows login to authenticate, but it's workign on 90% of the machines so I don't think that's the issue. Checking the logs on the dc it seems that the machines are trying to authenticate with computer credentials even though they are configured not to. I'm running Juniper switches with IAS for radius. I have radius configured for PEAP and MSvhapv2. Macs and linux boxes seem to have no issues authenticating. One last thing to add If I unplugging the ethernet cable and plug it back in usually resolves the issue, but I'd hardly call that acceptable for production. Kinda long winded and specific for a discussion, but just want to see if anyone else has had similar issues or experiences, or if anyone knows of a free XP supplicant that actually works with 802.1x over ethernet.

    Read the article

  • When a server gets rooted, should I disconnect network or power?

    - by Aleksandr Levchuk
    When a server gets rooted (e.g. a situation like this), one of the first things that should be done is containment. Quoting from Robert Moir's Answer: "disconnect the victim from its muggers" A server can be contained by pulling the network cable or the power cable. Taking into consideration the need for: Protecting victims from further damage Executing successful forensics (Possibly) Protecting valuable data on the server Which method is better?

    Read the article

  • Solr startup script problem

    - by Camran
    I have installed solr and it works finally... I have now problems setting it up to start automatically with a start command. I have followed a tutorial and created a file called solr in the /etc/init.d/solr dir... Here is that file: #!/bin/sh -e # SOLR auto-start # # description: auto-starts solr engine # processname: solr-production # pidfile: /var/run/solr-production.pid NAME="solr" PIDFILE="/var/run/solr-production.pid" LOG_FILE="/var/log/solr-production.log" SOLR_DIR="/etc/jetty" JAVA_OPTIONS="-Xmx1024m -DSTOP.PORT=8079 -DSTOP.KEY=stopkey -jar start.jar" JAVA="/usr/bin/java" start() { echo -n "Starting $NAME... " if [ -f $PIDFILE ]; then echo "is already running!" else cd $SOLR_DIR $JAVA $JAVA_OPTIONS 2> $LOG_FILE & sleep 2 echo `ps -ef | grep -v grep | grep java | awk '{print $2}'` > $PIDFILE echo "(Done)" fi return 0 } stop() { echo -n "Stopping $NAME... " if [ -f $PIDFILE ]; then cd $SOLR_DIR $JAVA $JAVA_OPTIONS --stop sleep 2 rm $PIDFILE echo "(Done)" else echo "can not stop, it is not running!" fi return 0 } case "$1" in start) start ;; stop) stop ;; restart) stop sleep 5 start ;; *) echo "Usage: $0 (start | stop | restart)" exit 1 ;; esac Whenever I do solr -start I get this error: "Error occurred during initialization of VM Could not reserve enough space for object heap" I think this is because of the file above... Also here is where I have solr installed: var/www/solr and here is the start.jar file located: var/www/start.jar Help me out if you know whats causing this. Thanks BTW: OS is ubuntu 9.10

    Read the article

  • How to close the logon process named NtLmSsp ?

    - by Aristos
    I have a windows 2003 server and time to time I am getting many login failures like this one. Logon Failure: Reason: Unknown user name or bad password User Name: administrator Domain: xx.xx.xx.xx Logon Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM Workstation Name: XLHOST Caller User Name: - Caller Domain: - Caller Logon ID: - Caller Process ID: - Transited Services: - Source Network Address: 173.45.70.100 <- hacker Source Port: 4722 AND Logon attempt by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 Logon account: user Source Workstation: XLHOST Error Code: 0xC0000064 The question is, how can I close this process of login ?, what I have left open and some one can try to login ? Some notes: I login to the server using tunneling, nothing is open except dns, email, and web ports, not even ftp, and all default ports are change and hidden. I also monitor port scan and capture any one that try to find the hidden ports. Probably it is something open... Thank you in advanced.

    Read the article

  • Best all in one linux based proxy,firewall, dhcp and wins server.

    - by BeStRaFe
    I help to run a lan in Sydney. We have a need for a proxy/gateway solution to allow those pesky games that require internet to work. I have been doing this with an ISA server and it has worked quite well. However now i wish to port this over to run on the same hardware as our cacti / nagios box under a vmware VM. ISA server is horridly nad due to the massive ram and i/o requirement for something is basically port blocking and handing out IP's. The needs are as follows. 1. DHCP 2. WINS (otherwise network devices fight over who is the WINS master) 3. Filtering based in PORT for outbound traffic. 4. Ability to whitelist IP/MAC's for internet access. 5. Web Interface. I had been thinking to use PFSENSE however there is no option for a WINS server and i cbf working my way around bsd.

    Read the article

  • Protecting PHP packages on server

    - by Jack
    Hi, I am a php developer and have recently decided to make one of my Magento extensions commercial. I have downloaded and configured MageParts CEM Server and that is all working perfectly in regard to licencing and delivery of module packages. The only issue is that the directory that the packages are stored in could be accessed by anyone. I tried this in a .htaccess file, but now it is not working. <Files services.wsdl> allow from all </Files> deny from all Clients are receiving a 403 Forbidden response. Have I done something wrong in the .htaccess file or would there be a better way to secure the directory? Any help would be greatly appreciated.

    Read the article

  • Is there a debian lenny patch to allow apt-get to work with sftp?

    - by MiniQuark
    I would like to write things like this in /etc/apt/sources.list: deb sftp://[email protected]/path other stuff When I try this, apt-get complains that there is no sftp method for apt: # apt-get update E: The method driver /usr/lib/apt/methods/sftp could not be found. Has anyone written a patch to add the sftp method for apt? All I could find in Google was this spec for Ubuntu. Thanks for your help.

    Read the article

  • Users in ubuntu; Cant figure it out

    - by Camran
    I am the only one who will have access to my website. Just installed my VPS and managed to get most stuff working. However, stuck on the "members" part. Currently, everything has been done as "root". I have read posts that I should create a user, because root isn't ideal. I have found thousand guides on how to create a user, but now what to do next. 1- Should I create a user with adduser username and then add the user to a group? But which group? 2- And will the user then be able to do everything as I have done logged on as "root"? 3- And somebody plz explain what "sudo" has to do with this? (if anything at all) Thanks

    Read the article

  • Restrict SSH user to connection from one machine

    - by Jonathan
    During set-up of a home server (running Kubuntu 10.04), I created an admin user for performing administrative tasks that may require an unmounted home. This user has a home directory on the root partition of the box. The machine has an internet-facing SSH server, and I have restricted the set of users that can connect via SSH, but I would like to restrict it further by making admin only accessible from my laptop (or perhaps only from the local 192.168.1.0/24 range). I currently have only an AllowGroups ssh-users with myself and admin as members of the ssh-users group. What I want is something that works like you may expect this setup to work (but it doesn't): $ groups jonathan ... ssh-users $ groups admin ... ssh-restricted-users $ cat /etc/ssh/sshd_config ... AllowGroups ssh-users [email protected].* ... Is there a way to do this? I have also tried this, but it did not work (admin could still log in remotely): AllowUsers [email protected].* * AllowGroups ssh-users with admin a member of ssh-users. I would also be fine with only allowing admin to log in with a key, and disallowing password logins, but I could find no general setting for sshd; there is a setting that requires root logins to use a key, but not for general users.

    Read the article

  • Correctly setting up UFW on Ubuntu Server 10 LTS which has Nginx, FastCGI and MySQL?

    - by littlejim84
    Hello. I'm wanting to get my firewall on my new webserver to be as secure as it needs to be. After I did research for iptables, I came across UFW (Uncomplicated FireWall). This looks like a better way for me to setup a firewall on Ubuntu Server 10 LTS and seeing that it's part of the install, it seems to make sense. My server will have Nginx, FastCGI and MySQL on it. I also want to be allow SSH access (obviously). So I'm curious to know exactly how I should set up UFW and is there anything else I need to take into consideration? After doing research, I found an article that explains it this way: # turn on ufw ufw enable # log all activity (you'll be glad you have this later) ufw logging on # allow port 80 for tcp (web stuff) ufw allow 80/tcp # allow our ssh port ufw allow 5555 # deny everything else ufw default deny # open the ssh config file and edit the port number from 22 to 5555, ctrl-x to exit nano /etc/ssh/sshd_config # restart ssh (don't forget to ssh with port 5555, not 22 from now on) /etc/init.d/ssh reload This all seems to make sense to me. But is it all correct? I want to back this up with any other opinions or advice to ensure I do this right on my server. Many thanks!

    Read the article

  • Malicious content on server - next steps advice [closed]

    - by Under435
    Possible Duplicate: My server's been hacked EMERGENCY I just got an e-mail from my hosting company that they got a report of malicious content being hosted on my vps. I was unaware of this and started looking into it. I discovered a file called /var/www/mysite.com/osc.htm. Soon after I discovered some weird php files wp-includes.php and ndlist.php both recognized as being PHP/WebShell.A.1 virus. I removed all these files but I'm unsure of what to do next. Can anyone help me analyze the output below of sudo netstat -A inet -p -e and give advice on what's best to do next. Thanks very much in advance Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name tcp 0 0 localhost.localdo:mysql localhost.localdo:37495 TIME_WAIT root 0 - tcp 0 1 mysite.com:50524 xnacreators.net:smtp SYN_SENT Debian-exim 69746 25848/exim4 tcp 0 0 mysite.com:www tha165.thehealtha:37065 TIME_WAIT root 0 - tcp 0 0 localhost.localdo:37494 localhost.localdo:mysql TIME_WAIT root 0 - udp 0 0 mysite.com:59447 merlin.ensma.fr:ntp ESTABLISHED ntpd 3769 2522/ntpd udp 0 0 mysite.com:36432 beast.syus.org:ntp ESTABLISHED ntpd 4357 2523/ntpd udp 0 0 mysite.com:48212 formularfetischiste:ntp ESTABLISHED ntpd 3768 2522/ntpd udp 0 0 mysite.com:46690 formularfetischiste:ntp ESTABLISHED ntpd 4354 2523/ntpd udp 0 0 mysite.com:35009 stratum-2-core-a.qu:ntp ESTABLISHED ntpd 4356 2523/ntpd udp 0 0 mysite.com:58702 stratum-2-core-a.qu:ntp ESTABLISHED ntpd 3770 2522/ntpd udp 0 0 mysite.com:49583 merlin.ensma.fr:ntp ESTABLISHED ntpd 4355 2523/ntpd udp 0 0 mysite.com:56290 beast.syus.org:ntp ESTABLISHED ntpd 3771 2522/ntpd

    Read the article

  • Secure email crashes Outlook 2007

    - by Josh
    I have a number of secure emails sent to my Outlook 2007 client. Most arrive fine and display the prompt with regards to granting access to the certificate and then open. Today I received two that crash Outlook whenever I try to open them. I've tried restarting Outlook and my computer but still have the same problem. Any ideas what might be causing this, and how I can fix it? I'm working on Windows Vista Ultimate 64-bit.

    Read the article

  • How to run Firefox jailed without serious performance loss?

    - by Vi
    My Firefox configuration is tricky: Firefox runs at separate restricted user account which cannot connect to main X server. Firefox uses Xvfb (virtual "headless" X server) as X server. x11vnc is running on that Xvfb. On the main X server there is vncviewer running that connect to this x11vnc On powerful laptop (Acer Extensa 5220) it seems to work more or less well, but on "Acer Aspire One" netbook it is slowish (on a background that firefox is loaded with lots of extensions). How to optimise this scheme? Requirements: Browser cannot connect to main X server. Browser should be in chroot jail (no "suid" scripts, readonly for many things) Browser should have a lot of features (like in AutoPager, NoScript, WoT, AdBlockPlus)

    Read the article

  • My server appears to have been hacked+ scanssh run by zabbix is it normal?

    - by Niro
    I'm running a few EC2/Scalr instances with zabbix monitoring. I received complaints about one of my servers port scanning other servers. the logs show it is accessing port 22 on consecutive IP addresses. I looked at the processes list and saw scanssh is running under the user Zabbix. My question is- Is scanssh part of zabbix? Is it suppesd to run? I have active autodiscovery on zabbix but it is looking at another IP addresses and definately not port 20. Is it possible that something in the config of zabbix agent is controlling it and not the settings on zabbix server? What can I do to find out if zabbix is somehow misbehaving or it is a hacker? Any advice is highly appreciated.

    Read the article

  • Limiting Failed SSH Logins

    - by nitins
    I would like to limit failure retries on my Fedora machine to 5. I think I can accomplish it with PAM. But was unable to to do this. I have referred to this article to do this http://www.puschitz.com/SecuringLinux.shtml Please provide suggestions

    Read the article

  • Recommended offline on-demand virus scanners

    - by ashh
    I have never run full anti-virus on my Windows XP systems. Instead I use various anti-malware tools to manually perform scans every few weeks. This approach, combined with Windows updates and general care about what web-sites I visit and what files I download has kept me 99% free of problems. The remaining 1% has occurred when I download files that I know may contain malware, but still decide the risk is worth it. When on 2 occasions in 10 years I did get caught doing this, I realised that being able to easily scan them would most likely have avoided getting infected. I don't need, or want, to run a "stay resident" anti-virus. Also, the online scanners such as Kaspersky etc limit uploads to small files, so these are not always useful. In summary I would like to simply be able to download a file and then manually initiate an on demand anti-virus scan, on the downloaded file only. I'm sure some/most Anti-Virus do both, however once again I don't really want to pay for or need the stay resident part. Any recommendations (commercial or free)? UPDATE: This is not an exact duplicate, nor a possible duplicate. I searched for and read other questions on anti-virus here at SuperUser and found none that answered my question. I am specifically asking about anti-virus scanners that run ON-DEMAND locally on the computer, not online scanners.

    Read the article

  • How do I format this regex so it will work in fail2ban?

    - by chapkom
    I've just installed fail2ban on my CentOS server in response to an SSH brute force attempt. The default regular expressions in fail2ban's sshd.conf file do not match any entries in audit.log, which is where SSH seems to be logging all connection attempts, so I am trying to add an expression that will match. The string I am trying to match is as follows: type=USER_LOGIN msg=audit(1333630430.185:503332): user pid=30230 uid=0 auid=500 subj=user_u:system_r:unconfined_t:s0-s0:c0.c1023 msg='acct="root": exe="/usr /sbin/sshd" (hostname=?, addr=<HOST IP>, terminal=sshd res=failed)' The regular expression I am attempting to use is: ^.*addr=<HOST>, terminal=sshd res=failed.*$ I've used regextester.com and regexr to try to build the regex. The testers give me a match for this regex:^.*addr=\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}, terminal=sshd res=failed.*$ but fail2ban-regex complains if I don't use the <HOST> tag in the regex. However, using ^.*addr=<HOST>, terminal=sshd res=failed.*$ gives me 0 matches. At this point, I am totally stuck and I would greatly appreciate any assistance. What am I doing wrong in the regex I am trying to use?

    Read the article

  • How to run specific program with root privileges (Ubuntu OS) when no sudo user log into system?

    - by makulia
    How to run specific program with root privileges (Ubuntu OS) when no sudo user log into system? Program need root privileges to function correctly. Normal user shouldn't be able to shutdown this process. For example, I have to users. Admin and Client. Program should start only when Client log into system. It needs root privileges and Client shouldn't be able to shut this process down.

    Read the article

  • Is adding users to the group www-data safe on Debian?

    - by John
    Many PHP applications do self-configuration and self-updating. This requires apache to have write access to the PHP files. While chgrp'ing them all to www-data appears like a good practice to avoid making them world writable, I also wish to allow users to create new files and edit existing one. Is adding users to the group www-data safe on Debian? For example: 775 root www-data /var/www 644 john www-data /var/www/johns_php_application.php 660 john www-data /var/www/johns_php_applications_configuration_file

    Read the article

< Previous Page | 128 129 130 131 132 133 134 135 136 137 138 139  | Next Page >