Search Results

Search found 18808 results on 753 pages for 'security updates'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 157/753 | < Previous Page | 153 154 155 156 157 158 159 160 161 162 163 164  | Next Page >

  • Is there a debian lenny patch to allow apt-get to work with sftp?

    - by MiniQuark
    I would like to write things like this in /etc/apt/sources.list: deb sftp://[email protected]/path other stuff When I try this, apt-get complains that there is no sftp method for apt: # apt-get update E: The method driver /usr/lib/apt/methods/sftp could not be found. Has anyone written a patch to add the sftp method for apt? All I could find in Google was this spec for Ubuntu. Thanks for your help.

    Read the article

  • Is adding users to the group www-data safe on Debian?

    - by John
    Many PHP applications do self-configuration and self-updating. This requires apache to have write access to the PHP files. While chgrp'ing them all to www-data appears like a good practice to avoid making them world writable, I also wish to allow users to create new files and edit existing one. Is adding users to the group www-data safe on Debian? For example: 775 root www-data /var/www 644 john www-data /var/www/johns_php_application.php 660 john www-data /var/www/johns_php_applications_configuration_file

    Read the article

  • Malicious content on server - next steps advice [closed]

    - by Under435
    Possible Duplicate: My server's been hacked EMERGENCY I just got an e-mail from my hosting company that they got a report of malicious content being hosted on my vps. I was unaware of this and started looking into it. I discovered a file called /var/www/mysite.com/osc.htm. Soon after I discovered some weird php files wp-includes.php and ndlist.php both recognized as being PHP/WebShell.A.1 virus. I removed all these files but I'm unsure of what to do next. Can anyone help me analyze the output below of sudo netstat -A inet -p -e and give advice on what's best to do next. Thanks very much in advance Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name tcp 0 0 localhost.localdo:mysql localhost.localdo:37495 TIME_WAIT root 0 - tcp 0 1 mysite.com:50524 xnacreators.net:smtp SYN_SENT Debian-exim 69746 25848/exim4 tcp 0 0 mysite.com:www tha165.thehealtha:37065 TIME_WAIT root 0 - tcp 0 0 localhost.localdo:37494 localhost.localdo:mysql TIME_WAIT root 0 - udp 0 0 mysite.com:59447 merlin.ensma.fr:ntp ESTABLISHED ntpd 3769 2522/ntpd udp 0 0 mysite.com:36432 beast.syus.org:ntp ESTABLISHED ntpd 4357 2523/ntpd udp 0 0 mysite.com:48212 formularfetischiste:ntp ESTABLISHED ntpd 3768 2522/ntpd udp 0 0 mysite.com:46690 formularfetischiste:ntp ESTABLISHED ntpd 4354 2523/ntpd udp 0 0 mysite.com:35009 stratum-2-core-a.qu:ntp ESTABLISHED ntpd 4356 2523/ntpd udp 0 0 mysite.com:58702 stratum-2-core-a.qu:ntp ESTABLISHED ntpd 3770 2522/ntpd udp 0 0 mysite.com:49583 merlin.ensma.fr:ntp ESTABLISHED ntpd 4355 2523/ntpd udp 0 0 mysite.com:56290 beast.syus.org:ntp ESTABLISHED ntpd 3771 2522/ntpd

    Read the article

  • Users in ubuntu; Cant figure it out

    - by Camran
    I am the only one who will have access to my website. Just installed my VPS and managed to get most stuff working. However, stuck on the "members" part. Currently, everything has been done as "root". I have read posts that I should create a user, because root isn't ideal. I have found thousand guides on how to create a user, but now what to do next. 1- Should I create a user with adduser username and then add the user to a group? But which group? 2- And will the user then be able to do everything as I have done logged on as "root"? 3- And somebody plz explain what "sudo" has to do with this? (if anything at all) Thanks

    Read the article

  • Duplicate GET request from multiple IPs - can anyone explain this?

    - by dwq
    We've seen a pattern in our webserver access logs which we're having problem explaining. A GET request appears in the access log which is a legitimate, but private, url as part of normal e-commerce website use (by private, we mean there is a unique key in a url form variable generated specifically for that customer session). Then a few seconds later we get hit with an identical request maybe 10-15 times within the space of a second. The duplicate requests are all from different IP addresses. The UserAgent for the duplicates are all the same (but different from the original request). The reverse DNS lookup on the IPs for all the duplicates requests resolve to the same large hosting company. Can anyone think of a scenario what would explain this? EDIT 1 Here's an example that's probably anonymised beyond being any actual use, but it might give an idea of the sort of pattern we're seeing (it's from a search query as they sometimes get duplicated too): xx.xx.xx.xx - - [21/Jun/2013:21:42:57 +0100] "GET /search.html?search=widget&Submit=Search HTTP/1.0" 200 5475 "http://www.ourdomain.com/index.html" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)" xx.xx.xx.xx - - [21/Jun/2013:21:43:03 +0100] "GET /search.html?search=widget&Submit=Search HTTP/1.0" 200 5475 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_7) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.91 Safari/534.30" xx.xx.xx.xx - - [21/Jun/2013:21:43:03 +0100] "GET /search.html?search=widget&Submit=Search HTTP/1.0" 200 5475 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_7) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.91 Safari/534.30" xx.xx.xx.xx - - [21/Jun/2013:21:43:04 +0100] "GET /search.html?search=widget&Submit=Search HTTP/1.0" 200 5475 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_7) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.91 Safari/534.30" xx.xx.xx.xx - - [21/Jun/2013:21:43:04 +0100] "GET /search.html?search=widget&Submit=Search HTTP/1.0" 200 5475 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_7) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.91 Safari/534.30" xx.xx.xx.xx - - [21/Jun/2013:21:43:04 +0100] "GET /search.html?search=widget&Submit=Search HTTP/1.0" 200 5475 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_7) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.91 Safari/534.30" xx.xx.xx.xx - - [21/Jun/2013:21:43:04 +0100] "GET /search.html?search=widget&Submit=Search HTTP/1.0" 200 5475 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_7) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.91 Safari/534.30" xx.xx.xx.xx - - [21/Jun/2013:21:43:04 +0100] "GET /search.html?search=widget&Submit=Search HTTP/1.0" 200 5475 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_7) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.91 Safari/534.30" xx.xx.xx.xx - - [21/Jun/2013:21:43:04 +0100] "GET /search.html?search=widget&Submit=Search HTTP/1.0" 200 5475 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_7) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.91 Safari/534.30" xx.xx.xx.xx - - [21/Jun/2013:21:43:04 +0100] "GET /search.html?search=widget&Submit=Search HTTP/1.0" 200 5475 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_7) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.91 Safari/534.30" xx.xx.xx.xx - - [21/Jun/2013:21:43:04 +0100] "GET /search.html?search=widget&Submit=Search HTTP/1.0" 200 5475 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_7) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.91 Safari/534.30" UPDATE 2 Sometimes it is part of a checkout flow that's duplicated to I'd think twitter is unlikely.

    Read the article

  • Script for checking the nologin accounts and then disable the account

    - by suma
    "Could you please share the scripts which does the below ?" I have written a script that scans all the relevent logs daily, makes a list of people that have had any activity that day, and maintains database (just a text file) of users and the last time they logged in. Then I have a second script that examines the database for dates more than x days ago, an notifies the user and administrator 2 weeks prior to locking the account. And if there are any dates more than x+y days ago, deletes the account altogether. This seems to be working for me - but I would like to use a non-proprietary solution if one is available. "Could you please share the scripts?"

    Read the article

  • Multiple *NIX Accounts with Identical UID

    - by Tim
    I am curious whether there is a standard expected behavior and whether it is considered bad practice when creating more than one account on Linux/Unix that have the same UID. I've done some testing on RHEL5 with this and it behaved as I expected, but I don't know if I'm tempting fate using this trick. As an example, let's say I have two accounts with the same IDs: a1:$1$4zIl1:5000:5000::/home/a1:/bin/bash a2:$1$bmh92:5000:5000::/home/a2:/bin/bash What this means is: I can log in to each account using its own password. Files I create will have the same UID. Tools such as "ls -l" will list the UID as the first entry in the file (a1 in this case). I avoid any permissions or ownership problems between the two accounts because they are really the same user. I get login auditing for each account, so I have better granularity into tracking what is happening on the system. So my questions are: Is this ability designed or is it just the way it happens to work? Is this going to be consistent across *nix variants? Is this accepted practice? Are there unintended consequences to this practice? Note, the idea here is to use this for system accounts and not normal user accounts.

    Read the article

  • Is it worth running nessus as well as OpenVAS?

    - by kdt
    Apparently OpenVAS originated as a fork of Nessus. It is very easy to install and use OpenVAS because it's, well, open. However, am I kidding myself if I just use that instead of Nessus? Should I be using both, or if I use Nessus then is OpenVAS surplus to requirements? To break it down into non-subjective sub-questions: * Is openvas a superset or subset of nessus? * Is one updated more often than the other? * Does one have a bigger vulnerability database than the other? * ...or are there other qualitative differences that I may be missing?

    Read the article

  • Tools to Hide IP address for webapp

    - by Jake Barti
    I am looking out for a paid software where I can 'choose' an IP address from a different country and browse a site. So if I want to see how the site will look to US users, I should be able to choose the IP from US. We are building a web app that will be used in many countries and we want to make sure we test it before releasing. Any recommendations ?

    Read the article

  • How to create limited user accounts in Linux

    - by James Willson
    I want to create a user account for each of the key programs installed on my debian server. For example, for the following programs: Tomcat Nginx Supervisor PostgreSQL This seems to be recommended based on my reading online. However, I want to restrict these user accounts as much as possible, so that they dont have a shell login, dont have access to the other programs and are as limited as possible but still functional. Would anyone mind telling me how this could be achieved? My reading so far suggests this: echo "/usr/sbin/nologin" /etc/shells useradd -s /usr/sbin/nologin tomcat But I think there may be a more complete way of doing it. EDIT: I'm using debian squeeze

    Read the article

  • Nginx : Proper use of limit_req_zone and limit_req

    - by xperator
    I have 2 website running on VPS. Their purpose is sharing music files and publishing news. Both of them use wordpress. What I am trying is that I want to prevent little hackers from flooding the webserver and putting stress on the server to make it crash. The problem is that after using limit_req_zone and limit_req my website became very slow. Browsing Wordpress control panel takes a long long time. I tried changing values but it didn't improve much. I guess the problem is Wordpress because it's the only script I am using on both front and back end. Here is the last setting which seems to be more responsive than others : limit_req_zone $binary_remote_addr zone=flood:5m rate=10r/m; location ~ \.php$ { limit_req zone=flood burst=100 nodelay; } What are the optimal values that should be used in my case (wp) ? I want the website have it's normal behavior, On the other hand stopping lifeless people from flooding. Another question, Is it safe and enough to use limit_req only on php files ?

    Read the article

  • hardening a server: disallow password-login for sudoers and log unusual ips

    - by Fabian Zeindl
    Two question regarding sudo-login into an ubuntu-system (debian tips welcome as well): Is it possible to require sudoers on my box to only login with publickey-authentication? Is it possible to log which ip sudoers log in from and check that for "unusual activity" or take actions? I'm thinking about temporarily removing sudo-rights if sudoers don't log in from whitelisted IPs. Or is that too risky to be exploited?

    Read the article

  • Secure email crashes Outlook 2007

    - by Josh
    I have a number of secure emails sent to my Outlook 2007 client. Most arrive fine and display the prompt with regards to granting access to the certificate and then open. Today I received two that crash Outlook whenever I try to open them. I've tried restarting Outlook and my computer but still have the same problem. Any ideas what might be causing this, and how I can fix it? I'm working on Windows Vista Ultimate 64-bit.

    Read the article

  • Limiting Failed SSH Logins

    - by nitins
    I would like to limit failure retries on my Fedora machine to 5. I think I can accomplish it with PAM. But was unable to to do this. I have referred to this article to do this http://www.puschitz.com/SecuringLinux.shtml Please provide suggestions

    Read the article

  • Recommended way to restrict Apache users

    - by Dor
    Following on why should we restrict Apache users, another two questions arises: What is the recommended method of restricting the places Apache users can traverse & read in the file system? What to do against fork bombs and other shell scripting problems? (bash scripting is allowed) My possible solutions (I prefer to know which solution you choose and why): chroot OR mod_chroot disable bash OR use Restricted BASH Please offer another solutions if you find appropriate. (perhaps selinux is?) Current status: Users are allowed to executed bash scripts (via PHP for example) suexec is active Apache requested are served with FastCGI for PHP

    Read the article

  • "Slave" user accounts in GNU/Linux

    - by Vi
    How to make one user account to be like root for some other user account, e.g. to be able to read, write, chmod all it's files, chown from this account to master and back, kill/ptrace all it's processes and to all thinks root can, but limited only to that particular slave account? Now I'm simulating this by allowing "master" user to "sudo -u slaveuser" and setting setfacl -dRm u:masteruser:rwx ~slaveuser. It is useful as I run most desktop programs in separate user accounts, but need to move files between them sometimes. If it requires some simple kernel patch it is OK.

    Read the article

  • SQL Server: how to check securables

    - by jrara
    I would like to make a t-sql query to check which logins have 'view server state' permission in server type securables. How to achieve this? This query from mssqltips don't show this: http://www.mssqltips.com/tip.asp?tip=1718 SELECT prin.[name] [User], sec.state_desc + ' ' + sec.permission_name [Permission] FROM [sys].[database_permissions] sec JOIN [sys].[database_principals] prin ON sec.[grantee_principal_id] = prin.[principal_id] WHERE sec.class = 0 ORDER BY [User], [Permission];

    Read the article

  • How do I format this regex so it will work in fail2ban?

    - by chapkom
    I've just installed fail2ban on my CentOS server in response to an SSH brute force attempt. The default regular expressions in fail2ban's sshd.conf file do not match any entries in audit.log, which is where SSH seems to be logging all connection attempts, so I am trying to add an expression that will match. The string I am trying to match is as follows: type=USER_LOGIN msg=audit(1333630430.185:503332): user pid=30230 uid=0 auid=500 subj=user_u:system_r:unconfined_t:s0-s0:c0.c1023 msg='acct="root": exe="/usr /sbin/sshd" (hostname=?, addr=<HOST IP>, terminal=sshd res=failed)' The regular expression I am attempting to use is: ^.*addr=<HOST>, terminal=sshd res=failed.*$ I've used regextester.com and regexr to try to build the regex. The testers give me a match for this regex:^.*addr=\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}, terminal=sshd res=failed.*$ but fail2ban-regex complains if I don't use the <HOST> tag in the regex. However, using ^.*addr=<HOST>, terminal=sshd res=failed.*$ gives me 0 matches. At this point, I am totally stuck and I would greatly appreciate any assistance. What am I doing wrong in the regex I am trying to use?

    Read the article

  • My site was recently attacked. What do I do?

    - by ChrisH
    This is a first for me. One of the sites I run was recently attacked. Not at all an intelligent attack - pure brute force - hit every page and every non-page with every extension possible. Posted with garbage data to every form and tried to post to some random urls too. All tod, 16000 requests in one hour. What should I do to prevent/alert this kind of behavior? Is there a way to limit the request/hr for a given ip/client? Is there a place I should be reporting the user to? They appear to be from China and did leave what seems like a valid e-mail.

    Read the article

  • How safe is the quicken encryption of files?

    - by jmvidal
    Quicken has a password-protection option where you type in a password and your file is encrypted. How good is this encryption and how does it depend on the length or complexity of my password? A google search reveals a lot of "quicken password recovery" programs, like this one, which make me feel like the password is just for keeping the really dumb criminals away, not the ones with large computers.

    Read the article

  • KB2667402 update fails to install with 0x80004005. Yet it's also showing as installed

    - by growse
    I've got 15 Windows 2008 R2 x64 servers that I manage with SCCM2012. I've noticed during my Windows updates reporting that there's two boxes that are showing as 'error' for total updates installed. Digging around, it looks like the update that is failing to install is KB2667402. The Software Centre on the server itself shows the following: The software change returned error code 0x80004005(-2147467259). So SCCM thinks it hasn't installed the update. However, if I go to the Programs and Features application and select 'Windows Updates', I can see an entry for KB2667402: If I try and uninstall this, I get an error: An error occurred. Not all of the updates were successfully uninstalled If I try and download the patch from Microsoft directly, I get the same error installing as displayed in Software Centre. The only odd thing about this setup that I can think would affect this is that I run the RDP service on a non-standard port. However, I do this across all the servers, so it seems odd that it would fail on just 2 out of 15. The tail of the WindowsUpdate.log file is below: 2012-06-26 15:33:53:184 3924 1608 COMAPI ------------- 2012-06-26 15:33:53:190 3924 1608 COMAPI -- START -- COMAPI: Install [ClientId = CcmExec] 2012-06-26 15:33:53:190 3924 1608 COMAPI --------- 2012-06-26 15:33:53:190 3924 1608 COMAPI - Allow source prompts: No; Forced: No; Force quiet: Yes 2012-06-26 15:33:53:190 3924 1608 COMAPI - Updates in request: 1 2012-06-26 15:33:53:190 3924 1608 COMAPI - ServiceID = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7} Managed 2012-06-26 15:33:53:199 860 1198 Agent ************* 2012-06-26 15:33:53:199 860 1198 Agent ** START ** Agent: Installing updates [CallerId = CcmExec] 2012-06-26 15:33:53:199 860 1198 Agent ********* 2012-06-26 15:33:53:199 860 1198 Agent * Updates to install = 1 2012-06-26 15:33:53:201 860 1198 Agent * Title = Security Update for Windows Server 2008 R2 x64 Edition (KB2667402) 2012-06-26 15:33:53:201 860 1198 Agent * UpdateId = {48859BE4-1331-4CD2-8E70-3B537180A0D0}.103 2012-06-26 15:33:53:201 860 1198 Agent * Bundles 1 updates: 2012-06-26 15:33:53:201 860 1198 Agent * {D854ECF1-99A7-4D67-B435-2D041BF79565}.103 2012-06-26 15:33:53:204 3924 1608 COMAPI - Updates to install = 1 2012-06-26 15:33:53:204 3924 1608 COMAPI <<-- SUBMITTED -- COMAPI: Install [ClientId = CcmExec] 2012-06-26 15:33:53:221 860 1198 Agent WARNING: failed to calculate prior restore point time with error 0x80070002; setting restore point 2012-06-26 15:33:53:222 860 1198 Agent WARNING: LoadLibrary failed for srclient.dll with hr:8007007e 2012-06-26 15:33:53:322 860 1198 DnldMgr Preparing update for install, updateId = {D854ECF1-99A7-4D67-B435-2D041BF79565}.103. 2012-06-26 15:33:53:325 5700 117c Misc =========== Logging initialized (build: 7.5.7601.17514, tz: +0100) =========== 2012-06-26 15:33:53:325 5700 117c Misc = Process: C:\Windows\system32\wuauclt.exe 2012-06-26 15:33:53:325 5700 117c Misc = Module: C:\Windows\system32\wuaueng.dll 2012-06-26 15:33:53:324 5700 117c Handler ::::::::::::: 2012-06-26 15:33:53:325 5700 117c Handler :: START :: Handler: CBS Install 2012-06-26 15:33:53:325 5700 117c Handler ::::::::: 2012-06-26 15:33:53:330 5700 117c Handler Starting install of CBS update D854ECF1-99A7-4D67-B435-2D041BF79565 2012-06-26 15:33:53:342 5700 117c Handler CBS package identity: Package_for_KB2667402~31bf3856ad364e35~amd64~~6.1.2.0 2012-06-26 15:33:53:366 5700 117c Handler Installing self-contained with source=C:\Windows\SoftwareDistribution\Download\44059e0415033d6f699a50ef69dd5ff2\windows6.1-kb2667402-v2-x64.cab, workingdir=C:\Windows\SoftwareDistribution\Download\44059e0415033d6f699a50ef69dd5ff2\inst 2012-06-26 15:33:56:270 5700 3b8 Handler FATAL: CBS called Error with 0x80004005, 2012-06-26 15:33:56:402 5700 117c Handler FATAL: Completed install of CBS update with type=0, requiresReboot=0, installerError=1, hr=0x80004005 2012-06-26 15:33:56:405 5700 117c Handler ::::::::: 2012-06-26 15:33:56:406 5700 117c Handler :: END :: Handler: CBS Install 2012-06-26 15:33:56:406 5700 117c Handler ::::::::::::: 2012-06-26 15:33:56:433 860 1198 Agent ********* 2012-06-26 15:33:56:433 860 1198 Agent ** END ** Agent: Installing updates [CallerId = CcmExec] 2012-06-26 15:33:56:433 860 1198 Agent ************* 2012-06-26 15:33:56:433 860 d14 AU Can not perform non-interactive scan if AU is interactive-only 2012-06-26 15:33:56:450 3924 e40 COMAPI >>-- RESUMED -- COMAPI: Install [ClientId = CcmExec] 2012-06-26 15:33:56:450 3924 e40 COMAPI - Install call complete (succeeded = 0, succeeded with errors = 0, failed = 1, unaccounted = 0) 2012-06-26 15:33:56:450 3924 e40 COMAPI - Reboot required = No 2012-06-26 15:33:56:450 3924 e40 COMAPI - WARNING: Exit code = 0x00000000; Call error code = 0x80240022 2012-06-26 15:33:56:451 3924 e40 COMAPI --------- 2012-06-26 15:33:56:451 3924 e40 COMAPI -- END -- COMAPI: Install [ClientId = CcmExec] 2012-06-26 15:33:56:451 3924 e40 COMAPI ------------- 2012-06-26 15:33:56:536 860 13a4 AU Triggering Offline detection (non-interactive) 2012-06-26 15:33:56:536 860 d14 AU ############# 2012-06-26 15:33:56:536 860 d14 AU ## START ## AU: Search for updates 2012-06-26 15:33:56:536 860 d14 AU ######### 2012-06-26 15:33:56:539 860 d14 AU <<## SUBMITTED ## AU: Search for updates [CallId = {2DBB046C-2265-421B-A37B-93BDECC6C261}] 2012-06-26 15:33:56:539 860 1788 Agent ************* 2012-06-26 15:33:56:539 860 1788 Agent ** START ** Agent: Finding updates [CallerId = AutomaticUpdates] 2012-06-26 15:33:56:539 860 1788 Agent ********* 2012-06-26 15:33:56:539 860 1788 Agent * Online = No; Ignore download priority = No 2012-06-26 15:33:56:539 860 1788 Agent * Criteria = "IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1 or IsInstalled=0 and DeploymentAction='Uninstallation' and RebootRequired=1" 2012-06-26 15:33:56:539 860 1788 Agent * ServiceID = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7} Managed 2012-06-26 15:33:56:539 860 1788 Agent * Search Scope = {Machine} 2012-06-26 15:33:58:562 860 1788 Agent * Found 0 updates and 70 categories in search; evaluated appl. rules of 180 out of 1072 deployed entities 2012-06-26 15:33:58:565 860 1788 Agent ********* 2012-06-26 15:33:58:565 860 1788 Agent ** END ** Agent: Finding updates [CallerId = AutomaticUpdates] 2012-06-26 15:33:58:565 860 1788 Agent ************* 2012-06-26 15:33:58:650 860 f2c AU >>## RESUMED ## AU: Search for updates [CallId = {2DBB046C-2265-421B-A37B-93BDECC6C261}] 2012-06-26 15:33:58:650 860 f2c AU # 0 updates detected 2012-06-26 15:33:58:650 860 f2c AU ######### 2012-06-26 15:33:58:650 860 f2c AU ## END ## AU: Search for updates [CallId = {2DBB046C-2265-421B-A37B-93BDECC6C261}] 2012-06-26 15:33:58:650 860 f2c AU ############# 2012-06-26 15:33:58:650 860 f2c AU Featured notifications is disabled. 2012-06-26 15:33:58:651 860 f2c AU Successfully wrote event for AU health state:0 2012-06-26 15:33:58:652 860 f2c AU Successfully wrote event for AU health state:0

    Read the article

  • Picking up a lot of failed authentications for various accounts

    - by Josh K
    My server is getting a lot of various failed authentication attempts for various accounts. The most common one (that I've seen ) or the root account. I have since enabled Fail2Ban and ran several rootkit / malware checks to ensure I wasn't compromised. Is there anything else I should do? I only have three accounts enabled, and SSH access for only two. I have a full 48hr ban on anyone making more then six failed SSH login attempts. I do not have FTP enabled.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 153 154 155 156 157 158 159 160 161 162 163 164  | Next Page >