Search Results

Search found 16642 results on 666 pages for 'wireless security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 176/666 | < Previous Page | 172 173 174 175 176 177 178 179 180 181 182 183  | Next Page >

  • Security Issue with Active Directory

    - by Will McCloskey
    The retard who was on the built-in Administrator login somehow (and this is what I'm guessing being as he is not here and I was not present when this occurred - Supposedly it was an "ACCIDENT") Denied the built-in Administrator account and every other account except for his personal one access to our domain - ie "Example.net" not just active directory or anything. I've been trying for literally 2 hours to find some sort of way to take control of the domain through the built-in Admin account with no success; I can't even open Active Directory. I'm not aloud to open DSA.MSC and there's no way for me to take ownership. Any ideas?

    Read the article

  • Windows 7 security and Avast antivirus turned off by themself

    - by Simon Verbeke
    I was just browsing around when at once I got messages that UAC, windows defender, Avast, etc. got turned off, without me doing anything. Then my PC turned by itself. I'm now running virus scans and I checked my eventlogs, but found nothing yet. Windows Update also failed to install a new definition after I rebooted. Any idea what this could've been? EDIT: Forgot to mention that everything was turned on again after rebooting. I have since the reboot got nothing abnormal.

    Read the article

  • Bypass insane corporate security system

    - by user1665154
    I'm searching for a posibility to bypass the "Firewall" for 3-4 days. I've tried everything I know, so I ask here for a answer. We have no admin rights and the OS is Windows Vista There is an HTTP Proxy with NTML Authentication (only way to access the internet) It requires a username and password We use smart cards, in fact I have only a user number and a pin. Port 80 and 443 are open - I have an SSH server at home which is listening on port 443 The problem is that I need this proxy to connect to anything. Internet access only works in IE, Chrome, Firefox when I set the proxy settings to "use system proxy settings", "proxy-autoconfig (proxy.pac)" or when I enter the proxy inside the proxy.pac file. However I can't understand where they take the username and password which the Proxy requires. What I've tried was using cntlm to connect to the proxy with authentication (altought I have no PW and username) and PuTTY to create the SSH tunnel over port 443 whit the SOCKS Proxy which I've created with cntml. I've never found some SSH client which includes a "use system proxy settings" function.

    Read the article

  • Fastest security check of file tree on NFS

    - by fungs
    I am currently experiencing very bad performance using the following on an NFS network folder: time find . | while read f; do test -L "$f" && f=$(readlink -m $f); grp="$(stat -c %G $f)"; perm="$(stat -c %A $f)"; done Question 1) Within the loop permissions are checked using the variables grp and perm. Is there a way to lower the amount of disc I/O for these kind of checks over the network (e.g. read all meta data at once using find)? Question 2) It seems like the NFS isn't tuned very well, the same operation on a similar network link via SSHFS take only one third of the time. All parameters are auto-negotiated. Any suggestions?

    Read the article

  • Security against IP spoofing [on hold]

    - by user1369975
    I am pursuing a college project, in which I am running three fake services on three ports to protect the main service (say running at port 80). The concept is that if the user is malicious, he'll try to bring the services down and access the fake services. These ports adopt a blocking process of a connection request and record the IP and port of the client. These are logged and aren't granted access on service on port 80. But what to do if the client spoofs his IP? How can I modify my system?

    Read the article

  • VLAN across a router to give wireless access to remote sites?

    - by Don
    I've been looking online for this answer, but getting conflicting information. I was under the impression that you couldn't use a VLAN across a router, but maybe it's possible (according to some documentation I see online)? I was hoping someone could clear it up for me. Here's what I'm working with: We have a remote site with a handful of users. We recently gave them an access point (Cisco 1142n) for internal wireless. It's plugged into a switch and working fine (getting IPs from the same DHCP scope as the wired users are getting). Private wireless is set on VL50. At the home office we have private wireless for our internal network working and on VL50, with a test VLAN setup for VL60, which points to our DSL line for the time being. Both private and public wireless works fine internally (not crossing a router). VL50 is named the same at both sites for consistency in naming. If we wanted to give the remote site access to the public wireless (VL60), would that be possible across the routers? For more information, currently the site is connected to the home office via a T1 connection, Cisco routers on both ends. I didn't think it was possible due to the nature of VLANS being layer 2. But, I am from from an expert on this and would appreciate any instruction as to the actual truth of the matter. The end result I'm going for is, how to get our remote sites access to a public (outside) connection along with their private connection, without actually having a DSL (or similar type line) dropped at their location? Thanks in advance for your thoughts.

    Read the article

  • Trouble Extending Network with Apple Airport Extreme (PC won't connect with Ethernet)

    - by 0x783czar
    So I have an Apple Airport Extreme base station that I use to create a wifi network at my house. But on a separate story from this station i have a PC (running Windows 7) that does not have a wireless card. Luckily, I have another Airport Extreme Base Station, so I figured I'd have my second station "extend" the existing network. I asked Apple if this was possible, which it was, and walked through the setup wizard to extend the network. Then I ran an ethernet cable from the Station to my PC. However the PC refuses to connect to the Internet. It says it can access the network, "Unidentified Network (Limited Connectivity)", but that's it. It tells me that my computer does not have an IP address. I tried running the cable to another computer (my Apple MacBook Pro) and got a similar error. Any thoughts?

    Read the article

  • Ad-Hoc mode and Cell (how does it work)?

    - by Ori Cohen
    hello, I am setting up a wireless Ad-Hoc network manually in linux using iwconfig and ifconfig. I have gotten everything working, and I think I understand it all except access point. The part that confused me is this: If I have essid='some_id', channel=11, Mode=Ad-Hoc and appropriate routing/ip on both laptops, why do I need to make sure the Cell is the same? I was under the impression that Ad-Hoc worked independently of the access point. I can easily get around this, I just use iwconfig wlan0 ap 00:00:00:00:00:01 Why is this necessary? I've been unable to find a good tutorial on this. If anyone can clear this up I'd appreciate it. Thanks

    Read the article

  • No drop packets using the error models for wirelesss scenario ?

    I am trying to use the error model in ns2 with wireless links, I am using ns2.33. I tried the uniform error model and the markov chain model. No errors from ns but when I am trying to find the dropped packets due to corruption I can not find any of them using either the uniform or markov models. So please help me if I made any error in using the error model. to search for dropped packets I am using eid@eid-laptop:~/code/ns2/noisy$ cat mixed.tr | grep d My code is available here : http://pastebin.com/f68749435

    Read the article

  • joomla and allow_url_fopen [closed]

    - by liz
    so i have been reading of the pros and cons of allowing: allow_url_fopen. but i am still confused. after a recent hacking incident (which i believe had nothing to do with allow_url_fopen) my host turned allow_url_fopen off. so the thing i dont get is, in joomla 2.5.x there is an updating feature.you can search for new versions and be notified if things are out of date. there is a big security hole if joomla or its extensions get out of date. But the catch it needs allow_url_fopen turned on. so why did joomla build a security risk into a feature to improve security??is it okay to turn allow_url_fopen on and have the updating feature? to clarify: my question is. i have Joomla installed. I have CURl installed. when i run the discover updates through NATIVE joomla i get a request for fopen. shouldn't i not need to enable a security risk? i am running version 2.5.8 of joomla.

    Read the article

  • Coffeeshop limits Internet connection to 30 minutes -- how does it recognize me if I delete my cooki

    - by Andrew
    I was connected to the Internet in a coffeeshop earlier today, but I was only allowed 30 minutes of access. I tried deleting my cookies after my time was up (though admittedly I didn't delete my Flash cookies -- would that have solved the problem?), but the connection still recognized that I'd already used 30 minutes, so I couldn't connect again. How did the connection recognize me still? The wireless was unprotected (no code or password), it just had a portal you had to pass through upon the initial connection. I'm not terribly familiar with web development or computer networks, so just trying to get a better idea of what's happening (and possibly to know what to do next time I use up my minutes =)).

    Read the article

  • Browser window popups - risks and special features

    - by Sandeepan Nath
    1. What exactly is the security risk with popups? The new browsers provide settings to block window popups (on blocking, sites with active popups display a message to user). What exactly is the security risk with popups? If allowing popups can execute something dangerous, then the main window can too. Is it not the case. I think I don't know about some special powers of window popups. 2. Any special features of popup windows? Take for example the HDFC bank netbanking site. The entire netbanking session happens in a new window popup and a user neither manually edit the URL or paste the URL in the main browser window. it does not work. Is a popup window needed for this feature? Does it improve security? (Asking because everything that is there in this site revolves around security - so they must have done that for a reason too). Why otherwise they would implement the entire netbanking on a popup window? 3. Is it possible to override browser's popup blocking settings Lastly, the HDFC site succcessfully displays popup window even when in the browser settings popups are blocked. So, how do they do it? Is that a browser hack? To see this - go to http://hdfcbank.com/ Under the "Login to your account" section select "HDFC Bank NetBanking" and click the "Login" button. You can verify that even if popups are blocked/popup blocker is enabled in the browser settings, this site is able to display popups. The answers to this question say that it is not possible to display popup windows if it has been blocked in browser settings. Solved Concluded with Pointy's solution and comments under that. Here is a fiddle demonstrating the same.

    Read the article

  • How should I secure my webapp written using Wicket, Spring, and JPA?

    - by Martin
    So, I have an web-based application that is using the Wicket 1.4 framework, and it uses Spring beans, the Java Persistence API (JPA), and the OpenSessionInView pattern. I'm hoping to find a security model that is declarative, but doesn't require gobs of XML configuration -- I'd prefer annotations. Here are the options so far: Spring Security (guide) - looks complete, but every guide I find that combines it with Wicket still calls it Acegi Security, which makes me think it must be old. Wicket-Auth-Roles (guide 1 and guide 2) - Most guides recommend mixing this with Spring Security, and I love the declarative style of @Authorize("ROLE1","ROLE2",etc). I'm concerned about having to extend AuthenticatedWebApplication, since I'm already extending org.apache.wicket.protocol.http.WebApplication, and Spring is already proxying that behind org.apache.wicket.spring.SpringWebApplicationFactory. SWARM / WASP (guide) - This looks the newest (though the main contributor passed away years ago), but I hate all of the JAAS-styled text files that declare permissions for principals. I also don't like the idea of making an Action class for every single thing a user might want to do. Secure models also aren't immediately obvious to me. Plus, there isn't an Authn example. Additionally, it looks like lots of folks recommend mixing the first and second options. I can't tell what the best practice is at all, though.

    Read the article

  • Depmod - unresolved symbols in rt73 module

    - by Xolstice
    I'm trying to install a linux driver for my wireless network card (D-Link DWL-G510) on my Red Hat Linux 7.1 machine with a 2.4.37.9 kernel. I downloaded the serial monkey driver from the sourceforge site and was able to successfully compile the module. However, whenever I do a "make install", the make script executes a "depmod -a" command which then complains with the message: "Unresolved symbols in /lib/modules/2.4.37.9/extra/rt73.o". I then executed a "depmod -e" command to show unresolved symbols and it indicates the following information: request_firmware_Rsmp_38ce5074 release_firmware_Rsmp_33934162 I did a grep on the above information and it showed no source files making reference to it. I searched for it on google and it returned no results. Can anyone help?

    Read the article

  • encryption problem for wlan profile

    - by Jassi
    i am trying to encrypt keyMaterial element from wireless profile. so I want to convert byte array into OLECHAR but it is giving me wrong output not key sea the below code you may know the solution... DATA_BLOB in; DATA_BLOB out; BYTE pin=(BYTE)"FIPL2"; DWORD din=strlen((char*)pin)+1; in.pbData = pin; in.cbData = din; if(CryptProtectData(&in,L"what is it",NULL,NULL,NULL,0,&out)) { BYTE *b=out.pbData; USES_CONVERSION; bstr=SysAllocString(W2BSTR((const WCHAR *)b)); HRCALL(peSubS222->put_text(bstr), ""); SysFreeString(bstr); bstr=NULL; } else { cout<<"NOOOOOOOOOOOOOOOO :("; } what is missing please help me out

    Read the article

  • What prevents a user from adding controls to an ASP.NET page client side?

    - by Curtis White
    This goes back to my other question which I thought was sufficiently answers but upon reflect am not sure that it was (sorry). Backgrounder: I am generating a form dynamically. I am pulling from the database the controls. I must associate each control with a database ID which is not the user's session id. I do this currently by storing my ID in the ID for the web control with some other stuff to make it unique/clear what I am doing. On the post back, I iterate through all the controls on my web page checking for my special identifier, ie, MyGeneratedTextBox_ID_Unique. This process enables for 2 important steps, identifying the control was one I generated and also getting the ID for this input field. And, all of this works but I'm still concerned about the security of it. I do not see a security issue with showing the actual database ID's in this case, although agree it is not desirable. However, I am concerned of the following possibilities: If a user could add a nefarious control to my collection and use that for a SQL injection attack. More academic, but if a user could somehow store data for fields they do not have access too by changing the id's. I agree this is a "hack" of a way to do it. But my question is, is it a security risk and is there an 'easy' way to do it in a less hack way? I assume that only the controls that are created/instantiated on the page are added to the controls list.. thus all controls must be created server side and thus the security issue is address but just wanted to validate. Thanks again. PS: I could see adding a property for each control and encrypting the viewstate would be a little more secure.

    Read the article

  • Using VLANs/subnetting to separate management from services?

    - by YouAreTheHat
    Background: I recently purchased a server and a managed switch for my home in the hopes of getting more experience and some fun toys to play with. The devices and appliances I either have or plan to have cover a broad spectrum: router, DD-WRT AP, Dell switch, OpenLDAP server, FreeRADIUS server, OpenVPN gateway, home PCs, gaming consoles, etc. I intend to segment my network with VLANs and associated subnets (e.g., VID10 is populated by devices on 192.168.10.0/24). The idea is to secure the more sensitive appliances by forcing traffic through my router/FW. Setup: After thinking and planning for some time, I have tentatively decided on 4 VLANs: one for the WAN connection, one for servers, one for home/personal devices, and one for management. In theory, the home VLAN will have limited access to the servers, and the management VLAN will be totally isolated for security. Question: Since I want to restrict access to management interfaces, but some appliances have to be accessible to other devices, is it possible/wise to have only management (SSH, HTTP, RDP) available on one VLAN/IP and only services (LDAP, DHCP, RADIUS, VPN) available on other? Is this a thing that is done? Does it gain me the security I think it does, or hurt me in some way?

    Read the article

  • Windows 7: Windows Firewall: Logging/Notifying on Outgoing Request Attempts

    - by Maxim Z.
    I'm trying to configure Windows Firewall with Advanced Security to log and tell me when programs are trying to make outbound requests. I previously tried installing ZoneAlarm, which worked wonders for me with this in XP, but now, I'm unable to install ZA on Win7. My question is, is it possible to somehow monitor a log or get notifications when a program tries to do that if I set all outbound connections to auto-block, so that I can then create a specific rule for the program and block it.? Thanks! UPDATE: I've enabled all the logging options available through the Properties windows of the Windows Firewall with Advanced Security Console, but I am only seeing logs in the %systemroot%\system32\LogFiles\Firewall\pfirewall.log file, not in the Event Viewer, as the first answer suggested. However, the logs that I can see only tell me the request's or response's destination IP and whether the connection was allowed or blocked, but it doesn't tell me what executable it comes from. I want to find out the file path of the executable that each blocked request comes from. So far, I haven't been able to.

    Read the article

  • What to do before connecting Ubuntu Server to the internet for the first time?

    - by CodeMonkey
    I just finished installing Ubuntu Server 12.10 on an Asus Eee PC 1000H (to be used as a home server/sandbox) from USB. I installed this software during installation: OpenSSH server LAMP server Samba file server Virtual Machine host I won't use 2, 3 or 4 for a while though. Can/should I turn these off somehow? I have turned home directory encryption on. Security updates are installed automatically. I have chosen a strong password for the single user. I have never plugged in the internet cable so far. Before doing so I'd like to ask: What can/should I do/install to increase security before connecting to the internet? Firewall? Fail2ban? Users/Passwords? Encryption? Enable/Disable functionality? etc. I'm sorry if you get this question a lot. I've searched around quite a while, but it still feels like I might overlook something important.

    Read the article

  • Password Cracking Windows Accounts

    - by Kevin
    At work we have laptops with encrypted harddrives. Most developers here (on occasion I have been guilty of it too) leave their laptops in hibernate mode when they take them home at night. Obviously, Windows (i.e. there is a program running in the background which does it for windows) must have a method to unencrypt the data on the drive, or it wouldn't be able to access it. That being said, I always thought that leaving a windows machine on in hibernate mode in a non-secure place (not at work on a lock) is a security threat, because someone could take the machine, leave it running, hack the windows accounts and use it to encrypt the data and steal the information. When I got to thinking about how I would go about breaking into the windows system without restarting it, I couldn't figure out if it was possible. I know it is possible to write a program to crack windows passwords once you have access to the appropriate file(s). But is it possible to execute a program from a locked Windows system that would do this? I don't know of a way to do it, but I am not a Windows expert. If so, is there a way to prevent it? I don't want to expose security vulnerabilities about how to do it, so I would ask that someone wouldn't post the necessary steps in details, but if someone could say something like "Yes, it's possible the USB drive allows arbitrary execution," that would be great! EDIT: The idea being with the encryption is that you can't reboot the system, because once you do, the disk encryption on the system requires a login before being able to start windows. With the machine being in hibernate, the system owner has already bypassed the encryption for the attacker, leaving windows as the only line of defense to protect the data.

    Read the article

  • Running multiple sites on a LAMP with secure isolation

    - by David C.
    Hi everybody, I have been administering a few LAMP servers with 2-5 sites on each of them. These are basically owned by the same user/client so there are no security issues except from attacks through vulnerable deamons or scripts. I am builing my own server and would like to start hosting multiple sites. My first concern is... ISOLATION. How can I avoid that a c99 script could deface all the virtual hosts? Also, should I prevent that c99 to be able to write/read the other sites' directories? (It is easy to "cat" a config.php from another site and then get into the mysql database) My server is a VPS with 512M burstable to 1G. Among the free hosting managers, is there any small one which works for my VPS? (which maybe is compatible with the security approach I would like to have) Currently I am not planning to host over 10 sites but I would not accept that a client/hacker could navigate into unwanted directories or, worse, run malicious scripts. FTP management would be fine. I don't want to complicate things with SSH isolation. What is the best practice in this case? Basically, what do hosting companies do to sleep well? :) Thanks very much! David

    Read the article

  • How (in)secure are cell phones in reality?

    - by Aron Rotteveel
    I was recently re-reading an old Wired article about the Kaminsky DNS Vulnerability and the story behind it. In this article there was a quote that came across a little bit exaggerated to me: "The first thing I want to say to you," Vixie told Kaminsky, trying to contain the flood of feeling, "is never, ever repeat what you just told me over a cell phone." Vixie knew how easy it was to eavesdrop on a cell signal, and he had heard enough to know that he was facing a problem of global significance. If the information were intercepted by the wrong people, the wired world could be held ransom. Hackers could wreak havoc. Billions of dollars were at stake, and Vixie wasn't going to take any risks. When reading this I could not help but feel like it was a bit blown-up and theatrical. Now, I know absolutely nothing about cell phones and the security problems involved, but to my understanding, cell phone security has quite improved over the past few years. So my question is: how insecure are cell phones in reality? Are there any good articles that dig a bit deeper into this matter?

    Read the article

  • Web Application Publishing on Citrix with Restricted Access

    - by Kanini
    We have a Citrix setup enabling users to access our applications from home. Basically, they login to our site using the Windows Authentication. Once, the are successfully logged in, they see the following icons Desktop - Full Screen (which provides them the Desktop as they would see when the login in our office) We now have a requirement where we would like to publish a web application, hxxp://ourlibrary on Citrix with the following security requirement. (this application is already accessible if the users launch the desktop and launch IE within it and navigate to it) The requirement is this - When the are successfully authenticated to our site, they should be able to see The Internet Explorer icon only, NOT the Dekstop - Full Screen icon. On clicking on the icon, Internet Explorer should open up and should automatically navigate to hxxp://ourlibrary They should not be able to access any other URL, such as Google, Hotmail etc., They should not be able to go FileOpen and Browse They should not be able to do FileSave and Browse In effect, they should be able to view the site and that should be it. Any ideas on how to accomplish the security feature? We have already published the application.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 172 173 174 175 176 177 178 179 180 181 182 183  | Next Page >