Search Results

Search found 14771 results on 591 pages for 'security policy'.

Page 152/591 | < Previous Page | 148 149 150 151 152 153 154 155 156 157 158 159  | Next Page >

  • Best way to find the computer a user last logged on from?

    - by Garrett
    I am hoping that somewhere in Active Directory the "last logged on from [computer]" is written/stored, or there is a log I can parse out? The purpose of wanting to know the last PC logged on from is for offering remote support over the network - our users move around pretty infrequently, but I'd like to know that whatever I'm consulting was updating that morning (when they logged in, presumably) at minimum. I'm also considering login scripts that write the user and computer names to a known location I can reference, but some of our users don't like to logout for 15 days at a time. If there is an elegant solution that uses login scripts, definitely mention it - but if it happens to work for merely unlocking the station, that would be even better!

    Read the article

  • How to detect device type from device connected to router?

    - by molly
    I have a att router and there is an unknown device connected to my network. I can't seem to kick it off because of how att's router settings are created which is kind of dumb. I am able to see its local ip and mac address. I am on a mac with snow leopard. How can I get more information on the device with the information that I have? I want to see what kind of device it is, I have checked all devices that are connected to the router and none seem to match the local ip that is connected. I have WPA encryption setup with a strong password.

    Read the article

  • The Story of secure user-authentication in squid

    - by Isaac
    once upon a time, there was a beautiful warm virtual-jungle in south america, and a squid server lived there. here is an perceptual image of the network: <the Internet> | | A | B Users <---------> [squid-Server] <---> [LDAP-Server] When the Users request access to the Internet, squid ask their name and passport, authenticate them by LDAP and if ldap approved them, then he granted them. Everyone was happy until some sniffers stole passport in path between users and squid [path A]. This disaster happened because squid used Basic-Authentication method. The people of jungle gathered to solve the problem. Some bunnies offered using NTLM of method. Snakes prefered Digest-Authentication while Kerberos recommended by trees. After all, many solution offered by people of jungle and all was confused! The Lion decided to end the situation. He shouted the rules for solutions: Shall the solution be secure! Shall the solution work for most of browsers and softwares (e.g. download softwares) Shall the solution be simple and do not need other huge subsystem (like Samba server) Shall not the method depend on special domain. (e.g. Active Directory) Then, a very resonable-comprehensive-clever solution offered by a monkey, making him the new king of the jungle! can you guess what was the solution? Tip: The path between squid and LDAP is protected by the lion, so the solution have not to secure it. Note: sorry if the story is boring and messy, but most of it is real! =) /~\/~\/~\ /\~/~\/~\/~\/~\ ((/~\/~\/~\/~\/~\)) (/~\/~\/~\/~\/~\/~\/~\) (//// ~ ~ \\\\) (\\\\( (0) (0) )////) (\\\\( __\-/__ )////) (\\\( /-\ )///) (\\\( (""""") )///) (\\\( \^^^/ )///) (\\\( )///) (\/~\/~\/~\/) ** (\/~\/~\/) *####* | | **** /| | | |\ \\ _/ | | | | \_ _________// Thanks! (,,)(,,)_(,,)(,,)--------'

    Read the article

  • Software Engineer's explanation of Facebook photo privacy, with UML diagram?

    - by Alex R
    Facebook photo privacy is more complex than most people think - including the bloggers who fill the Internet trying to explain it in simple terms. Not only there is the basic album-level privacy setting to consider, but also what happens with Tagging (and related privacy settings) as well as the Share button when clicked by a Friend. Has anybody seen a good, engineering-type (e.g. UML) diagram? I envision it should include the various privacy "states" a photo can be in, what causes state transitions, and the characteristics of each state? Thanks

    Read the article

  • 3 simple questions about file permissions

    - by Camran
    1- Wonder, is this a good setup of permissions in the /var directory? drwxr-xr-x 2 root root 4096 2010-05-30 03:34 backups drwxr-xr-x 7 root root 4096 2010-05-29 17:55 cache drwxr-xr-x 29 root root 4096 2010-05-29 17:55 lib drwxrwsr-x 2 root staff 4096 2009-07-14 04:36 local drwxrwxrwt 3 root root 60 2010-06-02 03:34 lock drwxr-xr-x 9 root root 4096 2010-06-02 03:34 log drwxrwsr-x 2 root man 4096 2009-09-20 20:36 mail drwxr-xr-x 2 root root 4096 2009-09-20 20:36 opt drwxrwxrwt 12 root root 420 2010-06-02 12:12 run drwxr-xr-x 4 root root 4096 2009-09-20 20:37 spool drwxrwxrwt 2 root root 4096 2009-07-14 04:36 tmp drwxr-xr-x 14 user root 4096 2010-05-30 22:21 www 2- Could you give me a brief explanation of the columns above? First one is which permissions they have. Second is a nr. Third and fourth says "root root" for example. fifth is another nr (4096 for example). and the others are obvious. 3- Could you give me a brief explanation of the folders above? Especially the "lock" and "tmp" folders. Lock contains an apache2 folder which seems empty. Thanks

    Read the article

  • Making Puppet manifests/modules available to a wide audience

    - by Kyle Smith
    Our team rolled puppet out to our systems over the last six months. We're managing all sorts of resources, and some of them have sensitive data (database passwords for automated backups, license keys for proprietary software, etc.). Other teams want to get involved in the development of (or at least be able to see) our modules and manifests. What have other people done to continue to have secure data moving through Puppet, while sharing the modules and manifests with a larger audience?

    Read the article

  • How do anti-viruses work?

    - by Phoshi
    So I was thinking about viruses recently, and wondering how exactly antiviruses keep up? Considering anybody who'd been coding for a few weeks could hack together something do do nasty, nasty things to somebody's PC, the quantity alone would make a simple list of hashes prohibitive, so how do antiviruses do it? Do they monitor process activity and have a 3 strikes rule for doing virus-like things? And if so, what's stopping it from triggering on perfectly harmless things (like me moving files around in \system32)? I did a bit of googling, but the regular places didn't particularly help, and I couldn't find a dupe here, so I thought it'd be good to ask :)

    Read the article

  • Finding proof of server being compromised by Black Hole Toolkit exploit

    - by cosmicsafari
    I recently took over maintenance of a company server. (Just Host, C Panel, Linux server), theres a tonne of websites on it which i know nothing about. It had came to my attention that a client had attempted to access one of the websites hosted on this server and was met with a warning from windows defender. It had blocked access because it said the website had been compromised by the Black Hole Toolkit or something to that effect. Anyway I went in and updated various plugins and deleted some old suspect websites. I have since ran the website in question through a few online malware scanners and its comes up clean everytime. However im not convinced. Do any of you guys know extensive ways i can check that the server isn't still compromised. I have no way to install any malware scanners or anti virus programs on the server as it is horribly locked down by Just Host.

    Read the article

  • Steps to make sure network is not blacklisted...Again

    - by msindle
    I have an interesting issue. I have a client that just got blacklisted due to spam being sent out over the last 2 days. I have my firewall configured to only allow mail to go outbound on port 25 from our mail server (Exchange 2010) exclusively and I have verified that there are no open relay's on our transport rules. We are running Vipre Business and after running deep scans with updated definitions all computers come back clean. I ran a message tracking report on our Exchange server that shows all mail sent via the mail server over the last couple of weeks and didn't see anything malicious or out of the ordinary. I have also verified that there are no home devices or rouge computers on the network. For all practical purposes it appears that the network is clean, but we still wound up on 5 or 6 blacklists...Where should I start looking next? Is there a "best practices" guide that can help eradicate this issue? Thanks in advance! msindle

    Read the article

  • secure user-authentication in squid

    - by Isaac
    once upon a time, there was a beautiful warm virtual-jungle in south america, and a squid server lived there. here is an perceptual image of the network: <the Internet> | | A | B Users <---------> [squid-Server] <---> [LDAP-Server] When the Users request access to the Internet, squid ask their name and passport, authenticate them by LDAP and if ldap approved them, then he granted them. Everyone was happy until some sniffers stole passport in path between users and squid [path A]. This disaster happened because squid used Basic-Authentication method. The people of jungle gathered to solve the problem. Some bunnies offered using NTLM of method. Snakes prefered Digest-Authentication while Kerberos recommended by trees. After all, many solution offered by people of jungle and all was confused! The Lion decided to end the situation. He shouted the rules for solutions: Shall the solution be secure! Shall the solution work for most of browsers and softwares (e.g. download softwares) Shall the solution be simple and do not need other huge subsystem (like Samba server) Shall not the method depend on special domain. (e.g. Active Directory) Then, a very resonable-comprehensive-clever solution offered by a monkey, making him the new king of the jungle! can you guess what was the solution? Tip: The path between squid and LDAP is protected by the lion, so the solution have not to secure it. Note: sorry for this boring and messy story! /~\/~\/~\ /\~/~\/~\/~\/~\ ((/~\/~\/~\/~\/~\)) (/~\/~\/~\/~\/~\/~\/~\) (//// ~ ~ \\\\) (\\\\( (0) (0) )////) (\\\\( __\-/__ )////) (\\\( /-\ )///) (\\\( (""""") )///) (\\\( \^^^/ )///) (\\\( )///) (\/~\/~\/~\/) ** (\/~\/~\/) *####* | | **** /| | | |\ \\ _/ | | | | \_ _________// Thanks! (,,)(,,)_(,,)(,,)--------'

    Read the article

  • SQL Server NETWORK SERVICE account permissions

    - by RemotecUk
    My SQL Server Windows service is set to use the NETWORK SERVICE account. The server is installed to C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL. However looking at the permissions on that folder, NETWORK SERVICE does not have any permissions. The groups which are allowed access to that folder are... CREATOR OWNER - who is this? SYSTEM - sounds fine - so that Windows can access the folder I presume? SQLServerMSSQLUser$Computer_Name$MSSQLSERVER - this is the interesting one - what is this? Administrators Users If NETWORK SERVICE is a user with minimal permissions on the system and looks to the O/S as someone connecting from a network how does it have permissions to access any files in the SQL Server install folder? Thanks.

    Read the article

  • Using IP Tables to deny packet patterns?

    - by Chris
    I'm not experienced with IP tables but it's something I'll be looking into if this is plausible. I'm looking to set up a system to inspect packets and look for a pattern similar to korek's chop chop attack. Is there a way to set up the IP tables to defend against this attack? Thanks

    Read the article

  • Encrypt shared files on AD Domain.

    - by Walter
    Can I encrypt shared files on windows server and allow only authenticated domain users have access to these files? The scenario as follows: I have a software development company, and I would like to protect my source code from being copied by my programmers. One problem is that some programmers use their own laptops to developing the company's software. In this scenario it's impossible to prevent developers from copying the source code for their laptops. In this case I thought about the following solution, but i don't know if it's possible to implement. The idea is to encrypt the source code and they are accessible (decrypted) only when developers are logged into the AD domain, ie if they are not logged into the AD domain, the source code would be encrypted be useless. Can be implemented this ? What technology should be used?

    Read the article

  • Encrypt shared files on AD Domain.

    - by Walter
    Can I encrypt shared files on windows server and allow only authenticated domain users have access to these files? The scenario as follows: I have a software development company, and I would like to protect my source code from being copied by my programmers. One problem is that some programmers use their own laptops to developing the company's software. In this scenario it's impossible to prevent developers from copying the source code for their laptops. In this case I thought about the following solution, but i don't know if it's possible to implement. The idea is to encrypt the source code and they are accessible (decrypted) only when developers are logged into the AD domain, ie if they are not logged into the AD domain, the source code would be encrypted be useless. How can be implemented this using EFS?

    Read the article

  • Setting permissions on user accounts

    - by Ron Porter
    We would like to lock a couple of accounts to prevent even domain admins from resetting the password without already knowing the current password. From what I can see in the permission sets, this looks possible. Anything I've found on the subject recommends against altering default permissions, but doesn't go into detail why. Assuming that domain admin retains the ability to reset passwords without knowing current passwords is it reasonable to prevent password resets on the domain admin account and maybe a couple of others? If not, why not?

    Read the article

  • Can remote LogMeIn Hamachi users access our local LAN?

    - by Kev
    Unknown to me, one of the kids has installed LogMeIn Hamachi on his PC so that he can access and play on his pal's Minecraft server, and vice versa. One of the things I did was disable the Client for Microsoft Networks and File and Printer Sharing for Microsoft Networks on the Hamachi NIC in Windows 7's Network Connections. However, my lack of fu when it comes to these types of services is leaving me feeling a little uncomfortable about him using this. Is there anything I should be worried about here? For example, can his friends access our local LAN (which has a number of NAS boxes with unsecured shares) and get up to no good?

    Read the article

  • Web Server Users - Best Practice

    - by Toby
    I was wondering what is considered best practice when several developers/administrators require access to the same web server. Should there be one non-root user with a secure username and password unqiue to the web server which everyone logs in as or should there be a username for each person. I am leaning towards a username for each person to aid in logging etc however then does the same user keep the same credentials over several servers, or should at least their password change depending on the server they are on? Should any non-root user of the system be added to the sudoers file or is it best practice to leave everyone off it and only let root perform certain tasks? Any help would be greatly appreciated.

    Read the article

  • Web Server Users - Best Practice

    - by Toby
    I was wondering what is considered best practice when several developers/administrators require access to the same web server. Should there be one non-root user with a secure username and password unqiue to the web server which everyone logs in as or should there be a username for each person. I am leaning towards a username for each person to aid in logging etc however then does the same user keep the same credentials over several servers, or should at least their password change depending on the server they are on? Should any non-root user of the system be added to the sudoers file or is it best practice to leave everyone off it and only let root perform certain tasks? Any help would be greatly appreciated.

    Read the article

  • Hardening Word and Reader against exploits

    - by satuon
    I have recently heard a lot about exploits for PDF and DOC files on Windows, which when opened in Reader or Word would infect the computer. I'm assuming most of those exploits rely on some kind of active content, I've heard that Reader allows JavaScript for example. I already have antivirus, but I've heard they often don't catch those types of exploits, so I want to try a little proactive defense. Is there a way to harden Reader and Word by disabling plugins or options that are often used by exploits?

    Read the article

  • Permissions required to look up a domain user's group memberships

    - by adrianbanks
    I am writing some code to look up the members of particular domain groups. Does the user that this application runs as need any particular permissions on the domain to get this information? Background: I have already determined that the application needs to be run as a domain user to be able to query information from the domain. I have a list of group names and for each group, I need to look up the members of that group on the domain and get their names/usernames.

    Read the article

  • Firewall Deep Inspection Updates and Antivirus Subscription, worth it?

    - by msemack
    I realize that this is a subjective question, but I'm trying to get some experiences We have Juniper firewalls in our organization (SSG-320M, SSG-5, and some old NS-5GT). We have the option of a yearly subscription for: Deep Inspection Signature Updates Juniper-Kaspersky Antivirus I seem similar services available from other Firewall vendors. We have Symantec Endpoint Protection deployed to all workstations and servers, plus a dedicated appliance for e-mail spam/virus filtering. So, I'm not sure what these firewall-base services will bring to the table that I don't already have. I would appreciate some feedback from people using these firewall services (Juniper or otherwise). Are these services generally worth it? Do they really catch anything? Do they interfere with normal traffic (false positives)?

    Read the article

  • Execute build task in Hudson with root privilages

    - by jensendarren
    I have a build script which executes apt-get and therefore requires root privileges. What is the best way to run this script in Hudson? Currently the only solution I have found that works is to add an entry to the sudoers file for the user hudson like so: hudson ALL=(ALL) NOPASSWD:ALL However, although my build script now runs without error in Hudson, I am not entirely comfortable with this solution. Is there a better way?

    Read the article

< Previous Page | 148 149 150 151 152 153 154 155 156 157 158 159  | Next Page >