Search Results

Search found 13222 results on 529 pages for 'security gate'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 142/529 | < Previous Page | 138 139 140 141 142 143 144 145 146 147 148 149  | Next Page >

  • how to protect php app (vbulletin) from hackers

    - by samsmith
    Our vBulletin system is under constant attack, raising cpu load and making the system very slow for legit users. The attack is a script type attack that is attempting to log in and/or create new login ids (mostly it is trying to create login ids in order to spam the site). In vBulletin, we have black listed large ranges of ips, which has helped a lot, but the attacks continue. Is there an automated way to protect the application or web server? ideally, the protection would detect the pages accessed and automatically black list the ip.

    Read the article

  • How to forbid postfix to send to external domains [closed]

    - by elhoim
    I have a local postfix server, and i want it to only relay emails to the only local domain (localdomain.be): myhostname = localdomain.be mydomain = localdomain.be alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = $myhostname mydestination = $myhostname relay_domains = $mydomain default_transport = smtp relayhost = mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 10.0.0.0/24 mailbox_size_limit = 64000000 message_size_limit = 1000000 recipient_delimiter = + inet_interfaces = all inet_protocols = all smtp_host_lookup = native This configuration works fine to allow relay mail locally and on external destination domains, but i would like it to be an impossibility to send to other domains (ie: gmail.com). relay_domains is supposed to ensure that but it does not seem to really filter since i can still send to my gmail address.

    Read the article

  • How do you prepare for death?

    - by klew
    I write programs, run a few websites (I have admin accounts and passwords), write some web services, I have some encrypted data on my computer - and I sometimes ask myself: what will happen to all those projects and data if I accidentally die? Did you prepare yourself for death? Did you make a will (or some kind of e-will)? How to protect innocent people for whom I did some work? Did you write a letter with passwords and put it in envelope in your desk?

    Read the article

  • securing hard drive when users boot from usb external

    - by eshriek
    I supervise the use of a 'community' desktop computer. I would like to allow the use of the desktop via an external drive to a specific individual. How do I secure the internal hard drive so that no access is possible while using the external drive? Primarily I want to avoid accidental modification of the hard drive. The desktop runs Vista. The external is Ubuntu.

    Read the article

  • Mac on My Router?

    - by Yar
    There is a computer that is not mine that is accessible on my network. I can even access its filesystem via AFP. What I want to know is how the computer could get on my network. My network is secured like this: Does that mean that they've used password cracking tools? The pass is not easy to guess but not hard to figure out via brute-force hacking, I guess. If I am being hacked, should I switch to WPA?

    Read the article

  • non-interactive ssh sudo... prompts for the password in plain text

    - by Iain
    I'm running some non-interactive ssh commands. The ssh authentication is taken care of fine through the ssh agent, but if I run a command that requires sudo then the password prompt in my terminal is plain text. For example: ssh remotemachine "sudo -u www mkdir -p /path/to/new/folder" will prompt me for the password in plain text. Does anyone know how I can get it to use the normal secure prompt or that I can pass the password via a switch? (as then I can set up a secure prompt on this side before I send the command) Any help is much appreciated.

    Read the article

  • Monitor someone on server

    - by edo
    Im in the unfortunate position of having to give someone who I do not fully trust privileged access to a webserver to finish work that they never completed. They will access the server remotely (ie I will not be able to see their screen). What can be done to a) proactively limit any potential damage and b) accurately log anything they do on the server for analysis afterwards, even if things seem ok? They will be updating a web application. Thanks in advance! --- More informtion: The server is a Ubuntu AWS server.

    Read the article

  • Netgear routers don't allow you to disable wireless admin??

    - by MousePad
    I just bought a new router, the NetGear WGR614. Nowhere in the settings can you disable the ability to administrate the router from a wireless connection, which opens it up to brute force attacks from outside the building. Furthermore, it doesn't require a direct connection to the router to admin either, you can admin it while you're connected to the Internet. This means it opens itself to the possibility of an attack from within the network. This is unbelievable to me. What am I missing? Can this be possible?

    Read the article

  • Cloud storage services offering one-time download links? [closed]

    - by TARehman
    Is anyone aware of consumer-targeted cloud storage services that allow users to generate a one-time download link for hosted files? Case in point: I have an encrypted container with some documents I need to send to a vendor. I would prefer to give them a one-time download link, so that I know when they have accessed the file, and then inform them of the passphrase by phone. I have heard that MediaFire offers 1-time links, but that they are buried in tons of advertising. At the moment, I'm not sure that I consider MediaFire fully legitimate; I'm more interested in solutions with Google Drive, Box.net, DropBox, etc.

    Read the article

  • How to decouple development server from Internet?

    - by intoxicated.roamer
    I am working in a small set-up where there are 4 developers (might grow to 6 or 8 in cuople of years). I want to set-up an environment in which developers get an internet access but can not share any data from the company on internet. I have thought of the following plan: Set-up a centralized git server (Debian). The server will have an internet access. A developer will only have git account on that server, and won't have any other account on it. Do not give internet access to developer's individual machine (Windows XP/Windows 7). Run a virtual machine (any multi-user OS) on the centralized server (the same one on which git is hosted). Developer will have an account on this virtual machine. He/she can access internet via this virtual machine. Any data-movement between this virtual machine and underlying server, as well as any of the developer's machine, is prohibited. All developers require USB port on their local machine, so that they can burn their code into a microcontroller. This port will be made available only to associated software that dumps the code in a microcontroller (MPLAB in current case). All other softwares will be prohibited from accessing the port. As more developers get added, providing internet support for them will become difficult with this plan as it will slow down the virtual machine running on the server. Can anyone suggest an alternative ? Are there any obvious flaws in the above plan ? Some key details of the server are as below: 1) OS:Debian 2) RAM: 8GB 3) CPU: Intel Xeon E3-1220v2 4C/4T

    Read the article

  • a safer no password sudo?

    - by Stacia
    Ok, here's my problem - Please don't yell at me for being insecure! :) This is on my host machine. I'm the only one using it so it's fairly safe, but I have a very complex password that is hard to type over and over. I use the console for moving files around and executing arbitrary commands a LOT, and I switch terminals, so sudo remembering for the console isn't enough (AND I still have to type in my terrible password at least once!) In the past I have used the NOPASSWD trick in sudoers but I've decided to be more secure. Is there any sort of compromise besides allowing no password access to certain apps? (which can still be insecure) Something that will stop malware and remote logins from sudo rm -rf /-ing me, but in my terminals I can type happily away? Can I have this per terminal, perhaps, so just random commands won't make it through? I've tried running the terminal emulations as sudo, but that puts me as root.

    Read the article

  • How many guesses per second are possible against an encrypted disk? [closed]

    - by HappyDeveloper
    I understand that guesses per second depends on the hardware and the encryption algorithm, so I don't expect an absolute number as answer. For example, with an average machine you can make a lot (thousands?) of guesses per second for a hash created with a single md5 round, because md5 is fast, making brute force and dictionary attacks a real danger for most passwords. But if instead you use bcrypt with enough rounds, you can slow the attack down to 1 guess per second, for example. 1) So how does disk encryption usually work? This is how I imagine it, tell me if it is close to reality: When I enter the passphrase, it is hashed with a slow algorithm to generate a key (always the same?). Because this is slow, brute force is not a good approach to break it. Then, with the generated key, the disk is unencrypted on the fly very fast, so there is not a significant performance lose. 2) How can I test this with my own machine? I want to calculate the guesses per second my machine can make. 3) How many guesses per second are possible against an encrypted disk with the fastest PC ever so far?

    Read the article

  • compromised site

    - by pinniger
    So, I have a web site that has been compromised twice in two weeks. every index.php and .js file gets a script injecting into the source code of the file. The problem is that I have no idea how they're doing it. I've seen this done via sql injection before, but I don't know how they are actually writing to the file. I've dug through the Apache logs but didn't find anything interesting. The site is built using the cakephp framework on a godaddy shared server. Anybody know what secturity settings or log files to check to see how they are doing this?

    Read the article

  • permission for "users" directory for a mounted vmdk file

    - by rajmalhotraml
    I mounted one vmdk file in my windows 8 machine and I am able to access all the folders and files except those in "users\ directory. When I try to open, it says I dont have permission. I am not able to give the permission even. Any one can tell me how to open the users directory? I have very important files in the desktop folder which can be acessed through \users\\desktop. What is the alternate way of accessing the folder? I lost the password to boot up the vm image.

    Read the article

  • Unmasking fake IP address

    - by Omousso
    I need to unmask I masked IP..that has hacked my account & a family members account(s)... Can anyone help me...I have know no Idea where to start and know nothing about even where to begin. PLEASE someone reply, this is not a random hacking but someone trying to cause my family trouble...at least my instinct says so. My family member and myself both believe we know who it is.. They have gotten into several of my accounts and I've been acting is I don't know...tracking ip's..but I feel like they are masked! Also, my family member changed there email/password numerous time and they still got in....how?? Any & all help is appreciated!!

    Read the article

  • Windows/global setting to allow only SSL when on public Wifi?

    - by hungry
    Rather than going through each of my apps and modifying settings, or tweaking individual browser settings (I use three different browsers) or just being careful not to type non-SSL URLs into the web address bar, is there a solution at the Windows level that will prevent anything from connecting to the web from my laptop unless it's using SSL? I also have mini apps installed like Gmail checker, etc that connect to the web of their own volition using my usernames, passwords and such, so it goes beyond just web browsers. The reason I'm asking is I want to work securely on the general Internet when on public Wifi (e.g. coffee shops) without a lot of hassle or having to remember everything that needs to be locked down. When I'm back home I want to go back to full access mode using any kind of protocol on the web. If a website doesn't support SSL when I'm out in public then I just don't surf it - that's not a worry to me.

    Read the article

  • What does the NTFS encryption protect against?

    - by Ray
    I have encrypted a folder from the (PropertiesAdvancedEncrypt contents to secure data). However when I change my user profile to another one which is also an administrator the folder seems to be accessible as if nothing happened. What exactly does this encryption protect against. I'm looking to encrypt folders that no other user, or another OS or even if the HDD were to be removed and plugged to another device will be accessible. My OS is Windows 7 Ultimate. Any suggestions?

    Read the article

  • Unix / linux permissions setup for shared hosting with Apache

    - by weiyin
    I'm in the process of setting up a server from a clean CentOS 5 install. What is the best permission structure (users, groups, unix permissions) for running a single instance of apache for multiple users? Ideally, it should satisfy these requirements: Each user's websites are stored in a subdirectory of their home directory. Users can edit files and permissions. Apache can read the websites of all users. No user can read the website files of other users. Bonus question: how to add PHP and/or Perl and/or Ruby to Apache without allowing any users to access any other user's files?

    Read the article

  • need help setting up a VPN for remote computer connection

    - by Chowdan
    I am on a low budget right now. I am currently in the process of starting a computer company. I am in need of a VPN network so I can run Dameware tools for working on customers/partners computers remotely. I will be working with Windows and some Apple and linux machines. I have desktop with an AMD Phenom II 965BE(currently running stable at 3.8Ghz) processor with 8 GB of ram and a radeon hd 6870(i know graphics aren't too useful) and about 1.5TB of HDD space. I am attempting to create a network out of my office based all on one machine that would also be secure for me to remotely connect to my partners computers so when they have issues I would be able to connect and do the diagnosing and repairs remotely. What types of servers besides a VPN server would i need to create this? I have access to all Microsoft products so I can run Windows Server 2012, Windows Server 2008 R2, or any other Microsoft Software. thanks for the help all

    Read the article

  • How to securely control access to a backend key server?

    - by andy
    I need to securely encrypt data in my database so that if the database is dumped, hackers are unable to decrypt the data. I'm planning on creating a simple key server on a different machine, and allowing the DB server access to it (restricted by IP address on the key server to permit the DB server). The key server would contain the key required to encrypt/decrypt data. However, if a hacker were able to get a shell on the DB server, they could request the key from the key server and therefore decrypt the data in the database. How could I prevent this (assuming all firewalls are in place, DB is not connected directly to the internet, etc)? i.e. is there some method I could use that could secure a request from the DB server to the key server so that even if a hacker had a shell on the DB server they'd be unable to make those same requests? Signed requests from the DB server could make issuing these requests less trivial - I suppose that'd help increase the amount of time it'd take to compromise the key server, something a hacker probably wouldn't have much of. As far as I can see, if someone can get a shell on the DB server everything's lost anyway. This could be mitigated by using one key per data item in the DB so at least there's not a single "master" key, but multiple keys that the hacker would need to access. What would be a secure method of ensuring requests from the DB server to the key server were authentic and could be trusted?

    Read the article

  • domain screensaver control software

    - by Pec
    I'm looking to buy a screensaver control product with granular control. I have about 2000 workstations which require dozens of different timeout values, lock/not locked on resume settings, different screen saver files (that can be frequently updated depending on department), etc. It's looking to be quite an undertaking accomplishing this with domain group policies so I'm hoping you guys have some suggestions of products to use. Hopefully such products would integrate with AD. Thanks

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 138 139 140 141 142 143 144 145 146 147 148 149  | Next Page >