Search Results

Search found 5864 results on 235 pages for 'secure gateway'.

Page 152/235 | < Previous Page | 148 149 150 151 152 153 154 155 156 157 158 159 | Next Page >

Amazon EC2 firewall rules & VPN connections

- by John

I'm moving from Rackspace to Amazon EC2. One thing I like about our Rackspace setup is that it is extremely secure. The MySQL box can only be accessed via internal IPs, and we have a Cisco VPN firewall that allows us to dial in remotely and access port 3306 as though we were on the internal network. I'd like to figure out how to replicate this setup with EC2. How can I make the MySQL box so that port 3306 can only be accessed on the internal network? What about the VPN piece of things? I know Amazon has the VPC service, but it seems like that's for the purpose of connecting to an existing network. I don't have an existing network. I want to essentially create one inside Amazon and connect to that. What are my options? Any good tutorials on how to get started? Thanks in advance for your help

Read the article
Restrict VPN Clients to VPN Server

- by Sprotty

I've setup a VPN server using Debians pptpd. This all works, but I want to restrict incoming connections so they can only access ports on the VPN server and not get access to other machines on the VPN servers local network. I'm guessing this is a firewall rule? but i'm new to linux so am struggling a bit... ---- Additional info ----- The VPN Server is also hosting an SVN server, which is its real purpose, and the only service I want it to expose to incoming connections. I guess I could expose the SVN server directly, but I'm not confident that I could secure this correctly, so a VPN seemed to give an additional layer of security.

Read the article
How to take a percentage of a Credit Card transaction?

- by abszero

Essentially what I am trying to do is setup a work flow similar to PayPal. I have created an application that allows my clients to accept online donations and what I want to do is take % percent of that transaction off the top. The problems I have run into are: Authroize does not allow me to take on an additional fee that is paid out to my account I could run a report every month on all my clients transactions to determine what they owe but this is less than ideal All of the companies I looked at do not allow for aggregation where by all of the donation systems pay into my account then I remit payment to my clients Does anyone know of a company that allows for this or is my only option here going to be to setup my own Payment Gateway or is there a simpler solution?

Read the article
Form string data url encoded by some browsers .net

- by nLL

Hi, i came accross with a peculiar issue on my mobile site. some phones/gateways sends form post data as url encoded and a text such as "hey how are you?" in a form with method post stored in the db as "hey+how+are+you%3f" This is not the issue with many browsers but one single network from USA called Metro. I notice different phone models acting same way so i assue this is an issue with proxy/gateway. would simply putting _msg = HttpUtility.UrlDecode(_msg); solve my problem? any other suggestions? Thanks

Read the article
Defend PHP; convince me it isn't horrible

- by Jason L

I made a tongue-in-cheek comment in another question thread calling PHP a terrible language and it got down-voted like crazy. Apparently there are lots of people here who love PHP. So I'm genuinely curious. What am I missing? What makes PHP a good language? Here are my reasons for disliking it: PHP has inconsistent naming of built-in and library functions. Predictable naming patterns are important in any design. PHP has inconsistent parameter ordering of built-in functions, eg array_map vs. array_filter which is annoying in the simple cases and raises all sorts of unexpected behaviour or worse. The PHP developers constantly deprecate built-in functions and lower-level functionality. A good example is when they deprecated pass-by-reference for functions. This created a nightmare for anyone doing, say, function callbacks. A lack of consideration in redesign. The above deprecation eliminated the ability to, in many cases, provide default keyword values for functions. They fixed this in PHP 5, but they deprecated the pass-by-reference in PHP 4! Poor execution of name spaces (formerly no name spaces at all). Now that name spaces exist, what do we use as the dereference character? Backslash! The character used universally for escaping, even in PHP! Overly-broad implicit type conversion leads to bugs. I have no problem with implicit conversions of, say, float to integer or back again. But PHP (last I checked) will happily attempt to magically convert an array to an integer. Poor recursion performance. Recursion is a fundamentally important tool for writing in any language; it can make complex algorithms far simpler. Poor support is inexcusable. Functions are case insensitive. I have no idea what they were thinking on this one. A programming language is a way to specify behavior to both a computer and a reader of the code without ambiguity. Case insensitivity introduces much ambiguity. PHP encourages (practically requires) a coupling of processing with presentation. Yes, you can write PHP that doesn't do so, but it's actually easier to write code in the incorrect (from a sound design perspective) manner. PHP performance is abysmal without caching. Does anyone sell a commercial caching product for PHP? Oh, look, the designers of PHP do. Worst of all, PHP convinces people that designing web applications is easy. And it does indeed make much of the effort involved much easier. But the fact is, designing a web application that is both secure and efficient is a very difficult task. By convincing so many to take up programming, PHP has taught an entire subgroup of programmers bad habits and bad design. It's given them access to capabilities that they lack the understanding to use safely. This has led to PHP's reputation as being insecure. (However, I will readily admit that PHP is no more or less secure than any other web programming language.) What is it that I'm missing about PHP? I'm seeing an organically-grown, poorly-managed mess of a language that's spawning poor programmers. So convince me otherwise!

Read the article
installing Delphi5 pro in windows 64b

- by Larry

Please dont laugh . Over the past 15 years or so I've written all the software that runs my medical practice in D5. Last week when I went to DelphiArea to update a component I got attacked and my disk became unbootable/unrecoverable. I have my original D5p disk and all the components backed up but I want to migrate to W7. I don't care if my delphi apps look like vista/7, I just want to be able to install it and code on the machine again for maintenance purposes. 1) are there any tricks to install D5 so it works in W7? 2) is using a vm program really the only/best way? if so, which is suggested. Thanks in advance. My new Gateway zx6800-03 arrives tomorrow! Larry [email protected]

Read the article
Lost Page Write I/O Errors on CentOS LVM setup

- by Gregg Leventhal

I have a CentOS 6 box with LVM setup and one of the PVs is a USB disk (I know). One of them is getting the error: Oct 30 10:57:07 alpha01 kernel: lost page write due to I/O error on dm-3 Oct 30 10:57:07 alpha01 kernel: Buffer I/O error on device dm-3, logical block 4 Which is causing problems with all of the LVs on it. pvs shows the PV as unknown device. I can ls to the logical volumes and they show up in lvdisplay, but first I get a bunch of IO errors. I made sure the cables are secure between the USB drive. What should I do to get this back up and running for the meanwhile? Should I unmount each LV and run an fsck.ext4 on each one like fsck.ext4 -y /dev/vg1/lv_logvolname ?

Read the article
Cloud services can't be reached from complex customer infrastructure

- by Nock

We have several services running on a cloud, they all are hosted on Windows Server 2012 R2, have public IP address and specific port. Some of our customers can't reach them because for "some reason" the ports are cut between a firewall between them and us. (some customers are using a shared internet connection in a multi tenant office and they can't change firewall communication) Well, you get it, we don't have the possibility to make all the firewall "allowing" the communication. My customers all runs Windows 7 at least. What is the best counter solution in such case, using Microsoft (Windows Server) technologies? The best would be some kind of tunneling communication or VPN, but the customer should also be able to access his/her enterprise resources. Bby the way, today we using IPSec using Windows Firewall to secure the communication, is IPSec tunneling a solution for us? Otherwise, is there a service in Windows to enable some kind of VPN between a client and a server but only for a given set of servers?

Read the article
how to debug mysql has gone?

- by fefe

I have a virtual machine(Ubuntu 12.04, MySQL 5.5) running under VMware and is dedicated to host a mysql server. I connect to this server on internal IP. I'm trying to find out why I get mysql server has gone error. One my windows machines apache it stops because of this issue. I have been trying to fine tune my mysql my.cnf with the following parameters but did not bring the desired result. # Instead of skip-networking the default is now to listen only on # localhost which is more compatible and is not less secure. bind-address = 0.0.0.0 # # * Fine Tuning # wait_timeout = 180 key_buffer = 384M max_allowed_packet = 64M thread_stack = 192K thread_cache_size = 8 # This replaces the startup script and checks MyISAM tables if needed # the first time they are touched myisam-recover = BACKUP max_connections = 500 table_cache = 64 #thread_concurrency = 10 # # * Query Cache Configuration # query_cache_limit = 1M query_cache_size = 32M how to debug this issue what is missing from configuration to avoid this error?

Read the article
configure HTTPS server on a cisco router

- by Sara

For the past week I was trying to configure an HTTPS server on a cisco 2900 router, I've used the following commands and assigned a username and password to privilege 15 however, when Im trying to access a given ip it requires a username and password however when I insert the username and password I configured it does not allow me to enter and i'm not sure where the problem is. Router(config)# ip http secure-server Router(config)# ip http authentication local These were the commands i used for the https server and also I used the following to assign the username and password Router(config)#username name privilege 15 secret 0 password where 'name' and 'password' represent the username and password respectively I'm trying to access the 192.168.14.1 interface on the router and the username and password i created are not authorized to enter (I got the commands from a cisco router manual)

Read the article
SFTP: How to keep data out of the DMZ

- by ChronoFish

We are investigating solutions to the following problem: We have external (Internet) users who need access to sensitive information. We could offer it to them via SFTP which would offer a secure transport method. However, we don't want to maintain the data on server as it would then reside in the DMZ. Is there an SFTP server that has "copy on access" such that if the box in the DMZ were to be compromised, no actual data resided on that box? I am envisioning an SFTP Proxy or SFTP passthrough. Does such a product exist currently?

Read the article
Do superuser things with normal user

- by OrangeTux

I want to secure the SSH access to my server. One thing I read everywhere is to disable the root user login. To still have access via SSH I created another user via sudo adduser john How can I still do root things with this account? sudo command asks for a password of the user but gives john not in sudoer file. Action will be reported. When I use su I log in as root which I'm going to disable. How can I stil do root things with the normal account john?

Read the article
Oracle access from iOS

- by Michael Lowman

I'm developing an iPad app that needs read-only access to an Oracle database. Is there any way to do this? As far as I can see, the only options are using OCI, which requires a prebuilt binary in the form of the instant client (and not built for ARM), or OJDBC drivers. Both of these seem to be out of the question. In my research I have discovered that libmysqlclient compiles for arm with minimal tuning. This is a stretch, but is there any possible way to use this to my advantage? I have seen this product providing odbc connectivity through the use of a Windows gateway machine using the ODBC client libraries, but this solution really isn't an option for me at the present time. Any ideas?

Read the article
How to build a private Wi-Fi Network server with VMware?

- by Maarten Schermer

For a school project, we have to build a Private network with VMware vSphere , which we can connect to with a Username and Password. On the network we want to create a folder for each Useraccount. Also we must have add a few groups (Admin,Customer,Manager). We must be able to connect to our network via the school Wi-Fi. We want to build a safe and secure network, with an easy way to access the network. Do you have any tips on how to approach this?

Read the article
[linux] preventing access in shared hosting

- by jack

Hi Linux Admins I set up a small shared hosting that contains some sites. For each site, there is a user. I mean, for abcd.com, I created abcd.com user and put htdocs for web hosting. I have no idea on how to prevent abcd.com from accessing xyzd.com's data. I have chmoded by changing 0 to others permission, which makes access defined by Apache when I view it with browser. How can I secure access? Thanks.

Read the article
Standalone server setup for compute capacity

- by mikera

I'm developing an application for my company that will require a lot of compute capacity (running some very big mathematical calculations), and looking for some form of server setup to do this. For various reasons, we want to run this on-site in our office rather than hosting it externally. It's been a while since I last had to set up my own servers so I thought I would tap into the collective wisdom of serverfault! My broad requirements are: Budget $30-50k, with an aim to get as much compute capacity as possible for that budget 64-bit servers suitable to run Ubuntu Linux + Java Some relatively standalone rack that can be installed in secure office space Fast/low latency network connections between the servers, but don't really care about connectivity to the outside world Storage capacity shared between the servers - they don't necessarily need their own storage providing they can be booted from a common image Downtime can be tolerated (since the calculations are run in batch mode) The software itself is fault-tolerant, so there is no need for extra resiliency in the server setup (cheap replaceable commodity parts will be fine in general) Given these requirements what kind of setup would you recommend and why?

Read the article
Our company claims that the DLP system can even monitor the contents of HTTPS traffic, how is this possible?

- by Ryan

There is software installed on all client machines for DLP (Data Loss Prevention) and HIPAA compliance. Supposedly it can read HTTPS data clearly. I always thought that between the browser and the server, this was encrypted entirely. How can software sneak in and grab this data from the browser prior to it is encrypted or after it is decrypted? I am just curious as to how this could be possible. I would think that a browser wouldn't be considered very secure if this was possible.

Read the article
how to make SFTP work on Windows

- by cyberkiwi

What is the correct way to set up sshwindows for SSH key authentication? Does the user need to be created in Windows first or can a login be inserted into passwd without a Windows equivalent? I've searched on Google and have tried the tutorials and quick start guides. So far, exactly 0 have worked. None pointed out that to work in Windows 2008 R2, you need to change the properties of cygrunsrv.exe to "Windows XP SP3" compability mode to even get past the service startup "error 1067". Although it is running, no amount of configuration allowed me to log on to the SFTP server, even though I tried (from another machine): same user account added using "mkpasswd" + windows password same user account added using "mkpasswd" + public ssh key (added to /home/theuser/.ssh) On Windows 2003 R2 (a different attempt), the service would crash every time it started up. Some links I went through http://pigtail.net/LRP/printsrv/cygwin-sshd.html http://forevergeeks.com/how-to-setup-a-secure-ftp-sftp-site-with-openssh-on-windows/ http://support.moonpoint.com/os/windows/server2003/openssh-service-not-starting.html

Read the article
Spam mail through SMTP and user spoofing

- by Josten Moore

I have noticed that it's possible to telnet into a mailserver that I own and send spoofed messages to other clients. This only works for the domain that the mail server is regarding; I cannot do it for other domains. For example; lets say that I own example.com. If I telnet example.com 25 I can successfully send a message to another user without authentication: HELO local MAIL FROM: [email protected] RCPT TO: [email protected] DATA SUBJECT: Whatever this is spam Spam spam spam . I consider this a big problem; how do I secure this?

Read the article
Client-side certificates

- by walshms

My company purchased a wildcard certificate from a vendor. This certificate was successfully configured with Apache 2.2 to secure a subdomain. Everything on the SSL side works. Now I'm required to generate x509 client-side certificates to issue for this subdomain. I'm following along this page: (http://www.vanemery.com/Linux/Apache/apache-SSL.html), starting with "Creating Client Certificates for Authentication". I've generated the p12 files and successfully imported them into Firefox. When I browse to the site now, I get an error in FireFox that says "The connection to the server was reset while the page was loading." I think my problem is coming from not signing the client-side correctly. When I sign the client-side certificate, I'm using the PEM file (RapidSSL_CA_bundle.pem) from RapidSSL (who we bought the certificate from) for the -CA argument. For the -CAkey argument, I'm using the private key of the server. Is this correct?

Read the article
Mysql refusing connection: a very special connection issue

- by k to the z

I have my programers remoting into a web server with windows rdp. This web server is the only machine that can access another mysql server in a secure zone. When I remote into the web server from my machine I am able to connect to the mysql server through the mysql workbench on the web server. However, when I try this same procedure from another person's computer I can get into the server via rdp. I just can't connect to mysql using the workbench. I have checked and re checked the credentials and connection information. They match. I've had other people check and re check the credentials. As far as mysql permissions are concerned this user is allowed to connect from any machine. Plus I'm remoting into the same web server. The only difference seems to be which computer is remoting into the webserver. wtf?

Read the article
Ownership/permissions of uploaded files

- by Cudos

Hello. I want to find out if I am on the right track. My script uploads files to the directory "images". The directory has this setup: owner/group = www-data Permissions = 700 Questions: Is this a good way to secure the directory from a hacker uploading files? Will the hacker be able to upload the files directly to the directory? Note: I have a bunch of other security measures in my upload script + an .htaccess script in the directory that disables script Execution. I just what to know if the permissions on the directory is sensible. I run apache 2.2

Read the article
Best blog package/platform (java, php etc)?

- by user50912

Hi Folks, I want to set up a blog, but I want it to reside on a URL I've bought, I also don't want any of the ads and such that sit around other blogs on blog specific sites like blogspot and generally want more control. I was thinking of getting shared hosting with mysql and such to get it going (as opposed to a VM which would be overkill). Then I just need to decide on the easiest quickest (and most secure) way of getting something up there. After some googling, I see b2evolution.net which sits on php, or Apache Roller, which seems to sit on Java. Could anyone offer any advice on whats my best approach here? Are there security concerns with either or has anyone any experience in this area? I really want setup time to be minimal, so I can concentrate of the feel of the blog rather than whats under the hood. Many Thanks.

Read the article
Forward svn port

- by ankimal

We have our svn server on a machine not accessible from the internet. But we need to be able to check out code from the internet over ssh. Given that we can do port forwarding on a machine accessible from the internet, whats the best way to set this up? Internet -> A machine on our network - > svn server (Port forward here? ) If not port forwarding, whats the most secure way of doing this, if there is any?

Read the article
Using Windows Azure storage for backup

- by Bruno

I am currently looking at Windows Azure blobs as an option for backing up archive data. I want to be able to upload files from an external windows machine via the internet but I don't know enough about Windows Azure storage to make a decision. Some of the questions I have are How do I upload the files. Is there a client application, can I use robocopy? Would it be fast enough? i.e. Could I download or upload 1TB of data in a week? Is it secure? Hopefully someone smarter than me can help me :-)

Read the article

< Previous Page | 148 149 150 151 152 153 154 155 156 157 158 159 | Next Page >