Search Results

Search found 5864 results on 235 pages for 'secure gateway'.

Page 144/235 | < Previous Page | 140 141 142 143 144 145 146 147 148 149 150 151  | Next Page >

• Routing traffic to another internal network

  - by Jason

  OK, so here is the scenario. I have 4 Locations connected with an MPLS. I have installed an ASA at the primary location which is 10.20.1.0. Traffic is fine internally and to the world, however... I can't route traffic over the MPLS to another network. It is being blocked by an implicit deny rule even though there is a rule to allow any to any less secure interface (it should be using the same interface in/out, right?). I have a static route for the network in and the ASA can ping it - Just not traffic on the internal network of the ASA. -Jason

  Read the article

• MySQL 5.1.49 freezing every two days

  - by maximus

  Hi all, our mysql system is "freezing" every two days. By "freezing" i mean the following: it doesn't respond to ping we can't login with SSH we don't get any answer from MySQL there is no entry in the error logs! neither from linux neither from MySQL. we have already changed to a completely new hardware, we have the same problem, so it's definitely not a hardware problem. we do not have any other software installed except a firewall (iptables rule) we can restart the server from another server using rsyslog (www.rsyslog.com)(software reset) Could someone help me, by giving me some pointers what could i do to figure out the problem? I have included every detail about our settings. Thank you in advance for your help. Max. Our system parameters and settings: System-Memory: 12GB Processor: Intel 7-920 Quadcore Operating system: Debian 5 (lenny) 64bit MySQL 5.1.49 Databases: (a) a small phpbb forum (b) a 6GB database 3 tables with about 15 million rows my.cnf # # The MySQL database server configuration file. # # You can copy this to one of: # - "/etc/mysql/my.cnf" to set global options, # - "~/.my.cnf" to set user-specific options. # # One can use all long options that the program supports. # Run program with --help to get a list of available options and with # --print-defaults to see which it would actually understand and use. # # For explanations see # http://dev.mysql.com/doc/mysql/en/server-system-variables.html # This will be passed to all mysql clients # It has been reported that passwords should be enclosed with ticks/quotes # escpecially if they contain "#" chars... # Remember to edit /etc/mysql/debian.cnf when changing the socket location. [client] port = 3306 socket = /var/run/mysqld/mysqld.sock # Here is entries for some specific programs # The following values assume you have at least 32M ram # This was formally known as [safe_mysqld]. Both versions are currently parsed. [mysqld_safe] socket = /var/run/mysqld/mysqld.sock nice = 0 [mysqld] # # * Basic Settings # user = mysql pid-file = /var/run/mysqld/mysqld.pid socket = /var/run/mysqld/mysqld.sock port = 3306 basedir = /usr datadir = /var/lib/mysql tmpdir = /tmp language = /usr/share/mysql/english skip-external-locking # # Instead of skip-networking the default is now to listen only on # localhost which is more compatible and is not less secure. bind-address = our-ip-address # # * Fine Tuning # key_buffer = 16M max_allowed_packet = 16M thread_stack = 256K thread_cache_size = 32 max_connections = 300 table_cache = 2048 #thread_concurrency = 4 # Used for InnoDB tables recommended to 50%-80% available memory innodb_buffer_pool_size = 6G # 20MB sometimes larger innodb_additional_mem_pool_size = 20M # 8M-16M is good for most situations innodb_log_buffer_size = 8M # Disable XA support because we do not use it innodb-support-xa = 0 # 1 is default wich is 100% secure but 2 offers better performance innodb_flush_log_at_trx_commit = 1 innodb_flush_method = O_DIRECT #innodb_thread_concurency = 8 # Recommended 64M - 512M depending on server size innodb_log_file_size = 512M # One file per table innodb_file_per_table # # * Query Cache Configuration # query_cache_limit = 1M query_cache_size = 16M #query_cache_type = 1 #query_cache_min_res_unit= 2K #join_buffer_size = 1M # # * Logging and Replication # # Both location gets rotated by the cronjob. # Be aware that this log type is a performance killer. # As of 5.1 you can enable the log at runtime! #general_log_file = /var/log/mysql/mysql.log #general_log = 1 # # Error logging goes to syslog. This is a Debian improvement :) # # Here you can see queries with especially long duration log_slow_queries = /var/log/mysql/mysql-slow.log long_query_time = 2 log-queries-not-using-indexes # # The following can be used as easy to replay backup logs or for replication. #server-id = 1 log_bin = /var/log/mysql/mysql-bin.log # WARNING: Using expire_logs_days without bin_log crashes the server! See README.Debian! expire_logs_days = 10 max_binlog_size = 100M #binlog_do_db = include_database_name #binlog_ignore_db = include_database_name # # InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/. # Read the manual for more InnoDB related options. There are many! # * InnoDB plugin # As of MySQL 5.1.38, the InnoDB plugin from Oracle is included in the MySQL source code. # It has many improvements and better performances than the built-in InnoDB storage engine. # Please read http://www.innodb.com/products/innodb_plugin/ for more information. # Uncommenting the two following lines to use the InnoDB plugin. ignore_builtin_innodb plugin-load=innodb=ha_innodb_plugin.so # # * Security Features # # Read the manual, too, if you want chroot! # chroot = /var/lib/mysql/ # # For generating SSL certificates I recommend the OpenSSL GUI "tinyca". # # ssl-ca=/etc/mysql/cacert.pem # ssl-cert=/etc/mysql/server-cert.pem # ssl-key=/etc/mysql/server-key.pem [mysqldump] quick quote-names max_allowed_packet = 16M [mysql] #no-auto-rehash # faster start of mysql but no tab completition [isamchk] key_buffer = 16M # # * NDB Cluster # # See /usr/share/doc/mysql-server-*/README.Debian for more information. # # The following configuration is read by the NDB Data Nodes (ndbd processes) # not from the NDB Management Nodes (ndb_mgmd processes). # # [MYSQL_CLUSTER] # ndb-connectstring=127.0.0.1 # # * IMPORTANT: Additional settings that can override those from this file! # !includedir /etc/mysql/conf.d/ UPDATE After installing sysstat and configuring it to collect data after every minute i have the following datas. I used sar to generate the following output: The log-file is too big so coudn't enter it here but uploaded to box.net. The link is http://www.box.net/shared/xc6rh7qqob SECOND UPDATE We started a ping command in the background, and that solved the problem. Now the server does work since more then a week. We still don't know what's the problem.

  Read the article

• How to stabilize PCIe sound card in its card slot?

  - by Josh

  I have a Soundblaster Recon 3d Fatal1ty sound card and randomly every once in a while my computer won't recognize it. I am almost 100% sure it is something to do with its PCIe slot. After I turn off the computer and just wiggle the card a bit, the computer recognizes the card once I restart. I can't really try it in the other PCIe slot because the video card gets in the way. It is a Biostar TA970XE motherboard. I don't know if it is something to do with the pins on the actual card or if it is something to do with the slot. I couldn't find any related issues about this card on Google. Is there anything I can do to help secure the card in its slot so that my computer will recognize it? Any help is appreciated.

  Read the article

• Detecting man-in-the-middle attacks?

  - by Ilari Kajaste

  There seem to be many possible ways to create man-in-the-middle attacks on public access points, by stealing the access point's local IP address with ARP spoofing. The possible attacks range from forging password request fields, to changing HTTPS connections to HTTP, and even the recently discovered possibilit of injecting malicious headers in the beginning of secure TLS connections. However, it seems to be claimed that these attacks are not very common. It would be interesting to see for myself. What ways are there to detect if such an attack is being attempted by someone on the network? I guess getting served a plain HTTP login page would be an obvious clue, and of course you could run Wireshark and keep reading all the interesting ARP traffic... But an automated solution would be a tiny bit more handy. Something that analyzes stuff on the background and alerts if an attack is detected on the network. It would be interesting to see for myself if these attack are actually going on somewhere.

  Read the article

• Generating SSL certificates

  - by user73483

  Hi, I was wondering if anyone has any idea in how to generate a signed CA cert and key using openssl? I have found this website (http://dev.mysql.com/doc/refman/5.1/en/secure-create-certs.html) to generate the client and server certs for mysql server but the example is a self-signed certificate. I use the following command for running the server and client using openssl and the generated certs and keys: openssl s_server -accept 6502 -cert server-cert.pem -key server-key.pem -CAfile ca-cert.pem -www openssl s_client -connect 192.168.1.92:6502 -cert client-cert.pem -key client-key.pem -CAfile ca-cert.pem The error output I get is "Verify return code: 18 (self signed certificate)". Paul

  Read the article

• Finding out what user Apache is running as?

  - by Anna

  I want to secure a file upload directory on my server as described beautifully here, but I have one problem before I can follow these instructions. I don't know what user Apache is running as. I've found a suggestion that you can look in httpd.conf and there will be a "User" line, but there is no such line in my httpd.conf file, so I guess Apache is running as the default user. I can't find out what that is, though. So, my question is (are): how do I find out what the default user is do I need to change the default user if the answer is yes and I change the default user by editing httpd.conf, is it likely to screw anything up? Thanks! ----- UPDATE ------ Seems to have been answered here. Sorry, I got told off on StackOverflow and told to post it here, then posted it here, then it got answered on StackOverflow anyway!

  Read the article

• Wired network on computer to wifi

  - by user329592

  I just got myself a wifi capable cell phone, but I dont have a wireless internet at home. I do have a wired unlimited internet connection on my computer, and I wonder whether there is any gadget that I can plug into my computer (maybe at the usb port?) with which I can turn my computer into a wifi access point? I mean, a dongle or something which will enable me to connect my phone to my computer's internet through wi-fi? Also, I dont know anything about networking, so would it be hard for me to set up a secure wifi point? Thank you for reading this question through. Hope I can buy some sort of adapter which is comparitively cheap.

  Read the article

• My website is infected with JS:ScriptIP-inf [Trj]

  - by Rizwan Aaqil

  I am using Network Solutions hosting. I was recently attacked with JS:Illredir-S [Trj], I asked my hosting providers to clean it and they cleaned it and updated all passwords, but now after a week my site got infected again with JS:ScriptIP-inf [Trj]. Can anyone please suggest me how to secure my website properly ? Should I change my hosting provider ? I am fed up of these viruses again and again on my websites. I can't even find this virus in my files. Please post informative answers. Thanks

  Read the article

• NSD Daemon (DNS SERVER)

  - by Catalin

  While searching for a secure dns server I came across this http://www.nlnetlabs.nl/projects/nsd/ I was really impressed by what seemed to me the best option out there that's open source. One problem thought their 'tutorial' is really NOT noob friendly I have basic DNS knoledge but what's in there is out of my league. Any help in setting up this DNS server please ? I need to have multiple sites on this CentOs server I've recently got my hands on :). They also need to receive email. Details: I have a master host and would love to set this in the way described in the rows that follow: masterhost.com -> ns1.masterhost.com mail.masterhost.com www.masterhost.com addonhost.com -> ns1.masterhost.com mail.masterhost.com www.addonhost.com And so on, all answers and suggestions are welcomed, Thank you in advance.

  Read the article

• I never really understood: what is CGI?

  - by claws

  CGI is a Comman Gateway Interface. As the name says, it is a "common" gateway interface for everything. It is so trivial and naive from the name. I feel that I understood this and I felt this every time I encountered this word. But frankly, I didn't. I'm still confused. I am a PHP programmer. I did lot of web development. user (client) request for page --- webserver(-embedded PHP interpreter) ---- Server side(PHP) Script --- MySQL Server. Now say my PHP Script can fetch results from MySQL Server && MATLAB Server && Some other server. So, now PHP Script is the CGI? because its interface for the between webserver & All other servers? I don't know. Sometimes they call CGI, a technology & othertimes they call CGI a program or someother server. What exactly is CGI? Whats the big deal with /cgi-bin/*.cgi? Whats up with this? I don't know what is this cgi-bin directory on the server for. I don't know why they have *.cgi extensions. Why does Perl always comes in the way. CGI & Perl (language). I also don't know whats up with these two. Almost all the time I keep hearing these two in combination "CGI & Perl". This book is another great example CGI Programming with Perl Why not "CGI Programming with PHP/JSP/ASP". I never saw such things. CGI Programming in C this confuses me a lot. in C?? Seriously?? I don't know what to say. I"m just confused. "in C"?? This changes everything. Program needs to be compiled and executed. This entirely changes my view of web programming. When do I compile? How does the program gets executed (because it will be a machine code, so it must execute as a independent process). How does it communicate with the web server? IPC? and interfacing with all the servers (in my example MATLAB & MySQL) using socket programming? I'm lost!! They say that CGI is depreciated. Its no more in use. Is it so? What is its latest update? Once, I ran into a situation where I had to give HTTP PUT request access to web server (Apache HTTPD). Its a long back. So, as far as I remember this is what I did: Edited the configuration file of Apache HTTPD to tell webserver to pass all HTTP PUT requests to some put.php ( I had to write this PHP script) Implement put.php to handle the request (save the file to the location mentioned) People said that I wrote a CGI Script. Seriously, I didn't have clue what they were talking about. Did I really write CGI Script? I hope you understood what my confusion is. (Because I myself don't know where I'm confused). I request you guys to keep your answer as simple as possible. I really can't understand any fancy technical terminology. At least not in this case. EDIT: I found this amazing tutorial "CGI Programming Is Simple!" - CGI Tutorial Which explains the concepts in simplest possible way. I've only have one complaint about this tutorial. Just to make what ever he explained complete he should have shown the C code he used for generating response for those GET / POST requests. I've also added link to this tutorial to Wikipedia's article : http://en.wikipedia.org/wiki/Common_Gateway_Interface

  Read the article

• Unique SMS sender id?

  - by Pascal

  Hello, I want to build an app that send SMS to people. However, I want my users to know that the SMS comes from the app and nothing else so they can't fake it. Is there a way to guarantee that the sender ID is unique to my app? It seems that sending a SMS by phone is with a unique SENDER ID for each phone number. But, from what I read, I don't think it is the case when sending a SMS through a web gateway. Is this correct? I am not an expert in mobile phone security. Of course, I am willing to pay the price for a unique sender id, if such thing is possible. Regards, Pascal

  Read the article

• =~ (equal-sign tilde) and m" ... " in .htaccess directive [closed]

  - by Lèse majesté

  I saw this bit of code on an old forum post: SSLRequire %{HTTP_HOST} =~ m"\.secure\.powweb\.com" And I was just wondering what the =~ and m" ... " meant. I've been searching online and in the Apache documentation for any mention of the equal-sign tilde operator, but I've found no mention of it. I know that some directives can take a tilde to use a regular expression, but I've never seen the m" ... " form used before. What exactly is that m" ... " for? Where else would you see this form?

  Read the article

• Are there any FIPS-140-2 certified solutions for Linux?

  - by Mark Renouf

  I'm not even 100% certain what this involves, but my current understanding is this: use of only approved cryptographic algorithms for network traffic (easy, we use SSL and lock down the algorithms to only the really strong ones). Some form of physical data protection, involving disk encryption and physical tamper evident packaging. Obviously we're on our own if we need a tamper-proof product. But what about software for encrpytion. My guess is just using LUKS (although secure) will not be certified because it's open source (gov't seems a bit biased towards proprietary solutions here). Guardian Edge was mentioned by someone, but that appears to be complete Windows-based. So we need something like it, certified FIPS-140 compliant we can use on Linux.

  Read the article

• Disabling weak ciphers on Windows 2003

  - by Kev

  For PCI-DSS compliance you have to disable weak ciphers. PCI-DSS permits a minimum cipher size of 128 bits. However for the highest score (0 I believe) you should only accept 168 bit ciphers but you can still be compliant if you permit 128 bit ciphers. The trouble is that when we disable all but 168 bit encryption it seems to disable both inbound and out bound secure channels. For example we'd like to lock down inbound IIS HTTPS to 168 bit ciphers but permit outbound 128 bit SSL connections to payment gateways/services from service applications running on the server (not all payment gateways support 168 bit only we just found out today). Is it possible to have cipher asymmetry on Windows 2003? I am told it is all or nothing.

  Read the article

• Why are Linux-based operating systems considered safer than Windows?

  - by echoblaze

  I hear that Linux-based systems are better for security. Apparently they don't have viruses and do not need antivirus software. Even my university claims this - they refuse to have Windows on their servers, which is a real shame because we wanted to use the .NET framework to create some websites. The only reason I can see Linux being safer is because it's open-source, so bugs theoretically would get caught and fixed sooner. I know a bit about how operating systems work, but haven't really delved into how Linux and Windows implement their OS. Can someone explain the difference that makes Linux-based systems more secure?

  Read the article

• SMS: AT COMMANDS

  - by I__

  i am trying to set up an SMS gateway on my computer here's some code i found: AT OK AT+CMGF=1 OK AT+CMGL="ALL" +CMGL: 1,"REC READ","+85291234567",,"06/11/11,00:30:29+32" Hello, welcome to our SMS tutorial. +CMGL: 2,"REC READ","+85291234567",,"06/11/11,00:32:20+32" A simple demo of SMS text messaging. OK can this be done in windows? what steps do i have to take in order to set this up? what is the compiler? how do i get started?

  Read the article

• Error pushing to remote with git

  - by pcm2a

  I have a fresh Centos 6 server stood up and I have installed git version 1.7.1 through yum. I am using the smart http method through apache for access. When I try to push to the remote server this is what I get: $ git push origin master Password: Counting objects: 6, done. Compressing objects: 100% (3/3), done. Writing objects: 100% (6/6), 436 bytes, done. Total 6 (delta 0), reused 0 (delta 0) error: unpack failed: index-pack abnormal exit I have tried these things which made no difference: chown -R apache:apache /path/to/git/repository (httpd runs as apache) chown -R apache:users /path/to/git/repository chmod -R 777 /path/to/git/repository (obviously not secure but wanted to eliminate this being a file permission problem) What can I try to get pushing to work?

  Read the article

• best ftp program (paid - not free)

  - by Victor Kimura

  Just would like some feedback on the best ftp program (not free). The requirements I'm looking for is: - secure ftp - for use on mac, linux, windows - backup utility with scheduler - for use on more than one computer (multi-license) I'm using wsftp from 2007 right now but it's only good for windows. It's license is only good for one computer. And after some vista updates it's making some strange noises. I tried to turn off the noise (via control panel) and it's still making that noise and I turned off the sound within wsftp too. I like the program but I think it's time to look for a new one. Thank you, Victor

  Read the article

• Paypal Express Checkout api credentials - How to store them properly?

  - by Sequence

  I've been searching the internet and I've come up with a lot of answers of how to store paypal API credentials(Used in Paypal Express Checkout.) They say to hash the credentials using salt. But what I don't understand is how and where to store the salt. If they get access to the salt, can't they just un-hash the credentials? That doesn't seem very secure to me. They say not to hard-code the API credentials, but any other way still seems really vulnerable. Thanks for taking the time to look at my questions. I'd really appreciate help.

  Read the article

• Win7 to Win7 Remote Desktop Not working, Xp to 7 working fine

  - by vlad b.

  Hello, I have a small home network and recently i tried to enable remote desktop for one of the pc's. I have a mix of Windows 7, Windows Vista and Xp runing alongside ubuntu, centos and others (some virtual, some real). I have a few Windows 7 pc`s that can be connected to using remote desktop from inside and outside the network (port redirects on routers, etc, etc) and some Xp ones. The trouble is when i tried to do the same thing to a Win7 laptop i discovered i can't connect to it from another win7 pc inside the home network. To sum it up Working: xp -- win7 not working: win7 -- win7 What i tried - disable and enable remote desktop (my computer - remote settings) - removing and adding users to the remote settings window - adding a new user to the machine, administrator or 'normal' user - checking the firewall settings on the machine and set 'allow' to remote desktop for both 'home/work' and 'public'networks Any tips on what should i do next? It displays ' .. secure connection' and after that the window with 'Your security credentials did not work' and it lets me try again with another user/password..

  Read the article

• Does Hotmail really offer two-factor authentication? [closed]

  - by Brian Koser

  I've read multiple news articles that claim Hotmail offers two-factor authentication. One of the articles describes Hotmail's system, saying ...whenever you go to Hotmail...you can choose to get a single-use code–a string of numbers that will be sent via text message to your phone–to use instead of your password. Is this an accurate description of Hotmail's system? If so, does Hotmail really offer two-factor authentication? If you can use either your password or a single-use code, it seems to me that it does not. Is this system really more secure than just having a password? Doesn't this just make an additional "key" available to a hacker? (I must be wrong here, I know the folks at Microsoft are much smarter than I am).

  Read the article

• How to keep Flash secured with EMET?

  - by Indrek

  I use EMET to secure a number of applications on my computer - web browsers, Office suite applications, PDF readers, as well as Adobe Flash. Overall it's working great, except that the Flash executables contain the version number in the file name, so every time there's an update, the file names change and I have to remember to re-add them manually to EMET. Is there a way to streamline this process? EMET does support wildcards, but only in the path itself, not the file name, so something like %windir%\system32\Macromed\Flash\*.exe wouldn't work. Is there any other way to add a whole folder to EMET so that any new executables in that folder are automatically secured?

  Read the article

• activesync not working with forms based authentication

  - by Chad

  I have an Exchange 2003 SP2 single backend server with an SSL cert. I was having trouble getting OMA to work so I found a MS article about making a reg hack and creating a new Exchange-OMA virtual directory. I am able to connect and access content from my mailbox by using secure mail.domainname.com/oma and using my credentials. ActiveSync was not working on a Windows mobile phone or iPhone. I found another article about using Forms Based Authenication and SSL on a single Exchange server environment and the fix was to elliminate FBA and SSL for the Exchange virtual directory. That allows ActiveSync to now work. I have very few mobile users, but they are management, so I need to make ActiveSync work but I would like to get back to using SSL. http://support.microsoft.com/kb/817379 Any ideas about this setup? Thanks.

  Read the article

• Returning errors from AMFPHP on purpose.

  - by Morieris

  When using flash remoting with amfphp, what can I write in php that will trigger the 'status' method that I set up in my Responder in Flash? Or more generally, how can I determine if the service call has failed? The ideal solution for me would be to throw some exception in php serverside, and catch that exception in flash clientside... How do other people handle server errors with flash remoting? var responder = new Responder( function() { trace("some normal execution finished successfully. this is fine."); }, function(e) { trace("how do I make this trigger when my server tells me something bad happened?"); } ); myService = new NetConnection; myService.connect("http://localhost:88/amfphp/gateway.php"); myService.call("someclass.someservice", responder);

  Read the article

• How to use nginx PAM module?

  - by Noirello

  I would like to use nginx PAM module to authenticate a site with existing users on a FreeBSD system. I tried to use pam_unix.so, but no luck. It's just not let me in with my usr/psw pair. :( nginx conf: location / { root html; auth_pam "Secure Zone"; auth_pam_service_name "nginx"; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /var/www/$fastcgi_script_name; include fastcgi_params; } The nginx file in the /usr/local/etc/pam.d dir:auth required pam_unix.so account required pam_unix.so I would appreciate if someone could tell me a working configuration. :)

  Read the article

< Previous Page | 140 141 142 143 144 145 146 147 148 149 150 151  | Next Page >