Search Results

Search found 14878 results on 596 pages for 'mod security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 162/596 | < Previous Page | 158 159 160 161 162 163 164 165 166 167 168 169  | Next Page >

  • Reviewing firewall rules

    - by chmeee
    I need to review firewall rules of a CheckPoint firewall for a customer (with 200+ rules). I have used FWDoc in the past to extract the rules and convert them to other formats but there was some errors with exclusions. I then analyze them manually to produce an improved version of the rules (usually in OOo Calc) with comments. I know there are several visualization techniques but they all go down to analyzing the traffic and I want static analysis. So I was wondering, what process do you follow to analyze firewall rules? What tools do you use (not only for Checkpoint)?

    Read the article

  • File auditing software for Windows Server 2003

    - by David Collantes
    I am looking for a program or program suite that will allow the auditing of network shared resources (specifically storage space), and render reports (who created, deleted, moved, modified files, etc). Yes, I know I can turn on auditing on Windows, but the Event Log isn't quite the "charmer" for the job.

    Read the article

  • Problem during installing certificate on Windows 7

    - by Rodnower
    Hello, I have Windows 7 installed and some certificate in .pfx format. I succeed installing it to local store and store of domain user with administrator privileges, but when I connect with local administrator and try to install it I get error: The import failed because the store was read-only, the store was full, or the store did not open correctly. Any ideas? Thank you for ahead.

    Read the article

  • zip password crack possible?

    - by tm1rbrt
    I have a piece of software i have to install on company laptops. The installer needs a serial to work properly, but i don't have it (my manager isn't here so i cant ask him). The installer tells me to ring a phone number which doesnt appear to be connected anymore. I would download win32dasm and ollydbg and have a go at cracking the installer but i dont really have time and i havnt done it in years. There is a zip file on the disc that looks like it contains all the program files but it is passworded. Is it feasible to crack this or will it take ages?

    Read the article

  • TeamViewer - only allow domain logins

    - by BloodyIron
    I recently started a Systems Admin job where teamviewer is used pretty frequently here. Another admin recently left, and the concern is they still have access to all our systems due to how teamviewer works. I want to migrate the entire environment to domain authentication. The documentation shows that setting up windows auth (domain) is easy, but I want to be sure that it is the only way to be authenticated with a teamviewer session here. I cannot yet find anything which explicitly says this. We have licensing for teamviewer 5 and 6, I think. Right now we have 7 in the environment, but I think most are in a trial version, so I am likely to revert to 5 or 6.

    Read the article

  • shibboleth: tomcat failing to start IdP listener

    - by HorusKol
    I have installed a Shibboleth Identity Provider as per http://www.edugate.ie/workshop-guides/shibboleth-2-identity-provider-installation-linux-debian-or-ubuntu However, testing only gave me a 404 from Tomcat, and when I checked the Tomcat logs, I saw that the IdP listener was not starting: 10/01/2011 11:25:31 AM org.apache.catalina.startup.HostConfig deployDescriptor INFO: Deploying configuration descriptor idp.xml 10/01/2011 11:25:32 AM org.apache.catalina.core.StandardContext start SEVERE: Error listenerStart 10/01/2011 11:25:32 AM org.apache.catalina.core.StandardContext start SEVERE: Context [/idp] startup failed due to previous errors The IdP descriptor file has the following context: <Context docBase="/opt/shibboleth-idp/war/idp.war" privileged="true" antiResourceLocking="false" antiJARLocking="false" unpackWAR="true" /> I have confirmed that the WAR file is located as the Context above specifies - as I have found similar issues from other people where the WAR file was not found. However, the logs posted by those people indicate that the descriptor file was correctly read by Tomcat and their problem was with the WAR file itself. I'm assuming this is some kind of syntax error with the idp.xml, but cannot determine what it might be. Also - setting the Tomcat logging level to FINEST does not provide any additional information in the logs for this error.

    Read the article

  • Remove identifying information from SSH.

    - by The Rook
    When I do an nmap -sV 127.0.0.1 -p 22 of my system I get the following information: SF-Port22-TCP:V=4.62%I=7%D=11/9%Time=4916402C%P=i686-pc-linux-gnu%r(NULL,2 SF:7,"SSH-2.0-OpenSSH_5.1p1\x20Debian-3ubuntu1\r\n"); How do I go about chaining these two pieces of information? i686-pc-linux-gnu and SSH-2\.0-OpenSSH_5\.1p1\x20Debian-3ubuntu1.

    Read the article

  • Creating limited user account on Windows 7

    - by serena
    I'm sharing my PC (Win 7 x64 Home Premium) with a friend, and I wanna create a guest user for her. I don't want her to reach my files, Windows settings, program adjustments etc. She should just surf the net, create/edit her own Word, Excel documents, and simple things like these. How can I create this user account and make the necessary arrangements for limitations?

    Read the article

  • Webserver logs: "Morfeus Fucking Scanner"

    - by Patrick
    I've just found these accesses in my web server log files: ::ffff:218.38.136.38 109.72.95.175 - [10/Jan/2011:02:54:12 +0100] "GET /user/soapCaller.bs HTTP/1.1" 404 345 "-" "Morfeus Fucking Scanner" ::ffff:218.38.136.38 109.72.95.174 - [10/Jan/2011:02:54:12 +0100] "GET /user/soapCaller.bs HTTP/1.1" 404 345 "-" "Morfeus Fucking Scanner" Should I start to worry ? Or is it just a normal attempt to hack my server ? thanks

    Read the article

  • Blocking IP Range in .htaccess Problem

    - by Pedro
    Hi, I'm trying to block the access of one of my webapps using IP Filter in the .htaccess, the problem is that after updating the file with: order allow,deny deny from 58.14.0.0/15 allow from all I get the folowing error: Internal Server Error The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the server administrator, [email protected] and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log. What is wrong? Regards, Pedro

    Read the article

  • allowing index access only with .htaccess

    - by YsoL8
    Hello I have this in my .htaccess file, in the site root: Options -Indexes <directory ../.*> Deny from all </directory> <Files .htaccess> order allow,deny deny from all </Files> <Files index.php> Order allow,deny allow from all </Files> What I'm trying to achieve is to block folder and file access to anything that isn't called index.php, regardless of which directory is accessed. I have the folder part working perfectly and the deny from all rule is working as well - but my attempt to allow access to index.php is failing. Basically could someone tell me how to get it working?

    Read the article

  • allowing index access only with .htaccess

    - by YsoL8
    Hello I have this in my .htaccess file, in the site root: Options -Indexes <directory ../.*> Deny from all </directory> <Files .htaccess> order allow,deny deny from all </Files> <Files index.php> Order allow,deny allow from all </Files> What I'm trying to achieve is to block folder and file access to anything that isn't called index.php, regardless of which directory is accessed. I have the folder part working perfectly and the deny from all rule is working as well - but my attempt to allow access to index.php is failing. Basically could someone tell me how to get it working?

    Read the article

  • Using the right folder for the right job. Article link, please?

    - by Droogans
    There are specific folders designed for specific tasks. /var/www holds your web sites, /usr/bin contains files to run your applications...yet I still find myself putting nearly all of my work in ~. Is it possible to overuse my home directory? Will it come back to haunt me? Anyone have a good link to an article of best practices for organizing your files so that they are placed in their "correct" place? Is there even such a thing in Linux? I am referring specifically to user-generated content. I do not compile applications from source, I use apt-get for those tasks. This article has a great introduction to what I'm looking for. Table 3-2, "Subdirectories of the root directory" is the sort of thing I'm looking for, but with more details/examples.

    Read the article

  • Network tools not working with a 3G connection

    - by gAMBOOKa
    Some of my network tools stopped working after I switched to a 3G connection from a DSL one. Cain and Abel's sniffer, Metasploit, even the NMAP scanner. I'm using Windows 7. The 3G device in question is the Huawei E180. Here's the error I get when running NMAP WARNING: Using raw sockets because ppp2 is not an ethernet device. This probably won't work on Windows. pcap_open_live(ppp2, 100, 0, 2) FAILED. Reported error: Error opening adapter: The system cannot find the device specified. (20). Will wait 5 seconds then retry. pcap_open_live(ppp2, 100, 0, 2) FAILED. Reported error: Error opening adapter: The system cannot find the device specified. (20). Will wait 25 seconds then retry. Call to pcap_open_live(ppp2, 100, 0, 2) failed three times. Reported error: Error opening adapter: The system cannot find the device specified. (20) Metasploit's refused connection to my websites too.

    Read the article

  • Can a malicious hacker share Linux distributions which trust bad root certificates?

    - by iamrohitbanga
    Suppose a hacker launches a new Linux distro with firefox provided with it. Now a browser contains the certificates of the root certification authorities of PKI. Because firefox is a free browser anyone can package it with fake root certificates. Thus a fake root certificate would contain a the certification authority that is not actually certified. Can this be used to authenticate some websites. How? Many existing linux distros are mirrored by people. They can easily package software containing certificates that can lead to such attacks. Is the above possible? Has such an attack taken place before?

    Read the article

  • How do I securely execute commands as root via a web control panel?

    - by Chris J
    I would like to build a very simple PHP based web based control panel to add and remove users to/from and add and remove sections to/from nginx config files on my linode vps (Ubuntu 8.04 LTS). What is the most secure way of executing commands as root based on input from a web based control panel? I am loathe to run PHP as root (even if behind an IP tables firewall) for the obvious reasons. Suggestions welcome. It must be possible as several commercial (and bloated, for my needs) control panels offer similar functionality. Thanks

    Read the article

  • What is wrong with my Watcher (incron-like) daemon?

    - by eric01
    I have installed Watcher this way: both watcher.py and watcher.ini are located in /etc I also installed pyinotify and it does work when I use python -m pyinotify -v /var/www However, I want to use the daemon and when I start watcher.py, I get weird lines on my watcher.log (see below). I also included my watcher.ini file. Note: I have the latest version of Python. The watcher.py can be found here What is wrong with what I did? Also, do I really need pyinotify? Thanks a lot for your help watcher.ini: [DEFAULT] logfile=/var/log/watcher.log pidfile=/var/run/watcher.pid [job1] watch=/var/www events=create,delete,modify recursive=true command=mkdir /home/mockfolder ## just using this as test watcher.log: 2012-09-22 04:28:23.822029 Daemon started 2012-09-22 04:28:23.822596 job1: /var/www Traceback (most recent call last): File "/etc/watcher.py", line 359, in <module> daemon.start() File "/etc/watcher.py", line 124, in start self.run() File "/etc/watcher.py", line 256, in run autoadd = self.config.getboolean(section,'autoadd') File "/usr/lib/python2.7/ConfigParser.py", line 368, in getboolean v = self.get(section, option) File "/usr/lib/python2.7/ConfigParser.py", line 618, in get raise NoOptionError(option, section) ConfigParser.NoOptionError: No option 'autoadd' in section: 'job1'

    Read the article

  • Disallow root to su on a user which is not listed in /etc/passwd

    - by marc.riera
    Hello, on linux we autenticate users against AD. The AD users are not listed on /etc/passwd. We are about to deploy a NFS solution to mount some extra space for each group of users. If a user(A) with sudo su privileges goes to root, then he can impersonate user(B) just by su user(B) and going to the NFS. Is there any way to disallow root to su user if the user is not listed on /etc/passwd ? Thanks.

    Read the article

  • Can't connect using Jail SFTP account

    - by Fazal
    I've been following this tutorial "Limiting Access with SFTP Jails on Debian and Ubuntu" and whilst I've had no errors setting it up, I've had issues on Ubuntu 10.04LTS logging in as a user on a virtualhost. I've changed my SSH port to 22022, and enter all the credentials when attempting to login. I ran these commands to add a user to the virtualhost: # useradd -d /srv/www/[domain] [username] # passwd [username] # usermod -G filetransfer [username] # chown [username]:[username] /srv/www/[domain]/public_html I should add that this is the only time I've setup the user they have no other /home directories or such. The directory that does exist is at /srv/www/example.com/public_html When I try using a desktop package such as cyberduck to login to the site, I keep getting a "Login failed with this username or password". I am completely lost as what to do next... The reason why I'm trying this method is because I want my clients to use SFTP and not FTP to upload files to their websites. Any help or direction is appreciated.

    Read the article

  • How to protect an OS X Server from an anautorized physical connection?

    - by GJ
    Hi I have an OS X 10.6 server, which I administer via SSH and VNC (via SSH tunnel). I can't leave it at the login window since then VNC connections are refused. Therefore I currently leave it logged with my user account. Since it doesn't have a monitor attached, it doesn't go into screen saver mode, which means it doesn't require a password to retake control. This means it is very easy for anyone connecting a keyboard/mouse and monitor to take control of the system. The screen saver password protection, which I can't get to activate, unlike the system's login window, is perfectly compatible with VNC connections. How could I prevent such direct access to the server without connecting a monitor and without blocking my ability to connect with VNC? Thanks!

    Read the article

  • Bad ways to secure wireless network.

    - by Moshe
    I was wondering if anybody had any thoughts on this, as I recently saw a Verizon DSL network set up where the WEP key was the last 8 characters of the router's MAC address. (It's bad enough that hey were using WEP in the first place...)

    Read the article

  • Ubuntu Server attack? how to solve?

    - by saky
    Hello, Something (Someone) is sending out UDP packets sent from our whole ip range. This seems to be multicast DNS. Our server host provided this (Our IP Address is masked with XX): Jun 3 11:02:13 webserver kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:30:48:94:46:c4:08:00 SRC=193.23X.21X.XX DST=224.0.0.251 LEN=73 TOS=0x00 PREC=0x00 TTL=255 ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=53 Jun 3 11:02:23 webserver kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:30:48:94:46:c4:08:00 SRC=193.23X.21X.XX DST=224.0.0.251 LEN=73 TOS=0x00 PREC=0x00 TTL=255 ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=53 Jun 3 11:02:32 webserver kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:30:48:94:46:c4:08:00 SRC=193.23X.21X.XX DST=224.0.0.251 LEN=73 TOS=0x00 PREC=0x00 TTL=255 ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=53 Jun 3 11:02:35 webserver kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:30:48:94:46:c4:08:00 SRC=193.23X.21X.XX DST=224.0.0.251 LEN=73 TOS=0x00 PREC=0x00 TTL=255 ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=53 I checked my /var/log/auth.log file and found out that someone from China (Using ip-locator) was trying to get in to the server using ssh. ... Jun 3 11:32:00 server2 sshd[28511]: Failed password for root from 202.100.108.25 port 39047 ssh2 Jun 3 11:32:08 server2 sshd[28514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.100.108.25 user=root Jun 3 11:32:09 server2 sshd[28514]: Failed password for root from 202.100.108.25 port 39756 ssh2 Jun 3 11:32:16 server2 sshd[28516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.100.108.25 user=root ... I have blocked that IP address using this command: sudo iptables -A INPUT -s 202.100.108.25 -j DROP However, I have no clue about the UDP multicasting, what is doing this? who is doing it? and how I can stop it? Anyone know?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 158 159 160 161 162 163 164 165 166 167 168 169  | Next Page >