Search Results

Search found 22139 results on 886 pages for 'security testing'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 198/886 | < Previous Page | 194 195 196 197 198 199 200 201 202 203 204 205  | Next Page >

  • What advantages does mod_evasive have over mod_security2 in terms of DDOS protection?

    - by Martynas Sušinskas
    Good day, I'm running an Apache2 server in front of a Tomcat and I need to implement a DDOS protection mechanism on the Apache2 layer. I have two candidates: mod_evasive and mod_security2 with the OWASP core rule set. Mod_security is already installed for overall protection, but the question is: is it worth adding mod_evasive besides mod_security just for the DDOS (does it have any major advantages) or the OWASP crs rules in the /experimental_rules/ directory (modsecurity_crs_11_dos_protection.conf) provide the same protection? Or it's just a matter of preference? The sites are not very high traffic normally. Thank you for your answers, Martynas

    Read the article

  • How do I disable location services system wide?

    - by Daisetsu
    Google has an API which can determine someone's location based on the wifi router names which a user's computer can see. You will see this if you go to google maps and your browser may ask if you would like to share location data. I am wondering if there is any way to disable this on a system wide setting rather than just in each browser (Chrome can do this too). Is there any way I can limit which applications have a list of the wireless routers I can see?

    Read the article

  • How to keep Flash secured with EMET?

    - by Indrek
    I use EMET to secure a number of applications on my computer - web browsers, Office suite applications, PDF readers, as well as Adobe Flash. Overall it's working great, except that the Flash executables contain the version number in the file name, so every time there's an update, the file names change and I have to remember to re-add them manually to EMET. Is there a way to streamline this process? EMET does support wildcards, but only in the path itself, not the file name, so something like %windir%\system32\Macromed\Flash\*.exe wouldn't work. Is there any other way to add a whole folder to EMET so that any new executables in that folder are automatically secured?

    Read the article

  • Secure external connection to SQL Server (from third party software)

    - by Bart
    I have a SQL Express 2008 R2 server running on a server in an internal lan network. A few databases are used by some third party software to store data. A SQL-Server user is used by this application to connect to the database. Now I need to access this database using a local installation of the software from an external pc. In this particular case a VPN connection is not the solution I am looking for. I have access to an external linux server, so I tried ssh tunneling from the windows server to the linux server and use the external pc to tunnel it back from the linux server to the client, but this is working very very slow. What are my other options to allow this external connection in a safe way?

    Read the article

  • Is there a serious issue with setting the SUID bit on tcpdump?

    - by Dean
    I'm running tcpdump on a remote machine, and piping the output to Wireshark on my local machine over SSH. In order to do this, I had to set the SUID bit on tcpdump. For background, the remote machine is an Amazon EC2 running "Amazon Linux AMI 2012.09". On this image, there is no root password, and it is not possible to log in as root. You can't use sudo without a TTY, and therefore you have to set the SUID. What are the practical risks of setting this bit on tcpdump? Is there any need to be paranoid? Should I unset it whenever I'm not capturing?

    Read the article

  • Is it possible to have an external server with in a companies firewall?

    - by Jonathan
    Hi guys, I am sure this is server admin 101,but I am unsure of the answer and would love some help. I am a software developer I have built an application for a client and am currently hosting it successfully on SliceHost. We are now coming out of Beta and the client wants to have the application within their Firewall, but they do not want to deal with headache of hosting and maintaining the server. Is there a way I can recommend that we put our server at SliceHost within their Firewall? Is that an easy thing to do? If that is not possible, what should I recommend to my client? Thanks! Jonathan

    Read the article

  • A possible case of hacked email account. What kind of an attack is this?

    - by Rickesh John
    I own a Yahoo mail account. I am using this account for sending resumes and receive notifications from various job portals. But yesterday, I found that some 10-15 mails had been sent to random addresses from my account. Most of them had this format: hr@<companyname>.com I am pretty sure that I didn't send any mails to such addresses. Initially, I thought the job portals may be sending mails on my behalf and Yahoo is logging them, but then I saw the contents. The contents of all those mails were a URL, which I did not click. SCARED. Also, to top it off, my "Sending Name" has been changed to 'Nice Maria'!! o_0 I have taken the necessary measures and changed my password and the secret question. I cannot delete this account as this email is registered with all the job portals and other companies. Is this a simple case of my account being compromised or was I a victim of some web vulnerability? All the mails seem to be bot generated, with only a URL as the message body. Please advice.

    Read the article

  • Best practices for SQL Server audit trail

    - by Ducain
    I'm facing a situation today where it would be very beneficial to me and my company if we knew who had logged into SQL and performed some deletions. We have a situation where at least 2 (sometimes 3) people login to SQL using SQL Server Management Studio, and perform various functions. What we need is an audit trail. If someone deletes records (mistakenly or otherwise), I'd like to know what was done. Is there any way to make this happen?

    Read the article

  • Best way to find the computer a user last logged on from?

    - by Garrett
    I am hoping that somewhere in Active Directory the "last logged on from [computer]" is written/stored, or there is a log I can parse out? The purpose of wanting to know the last PC logged on from is for offering remote support over the network - our users move around pretty infrequently, but I'd like to know that whatever I'm consulting was updating that morning (when they logged in, presumably) at minimum. I'm also considering login scripts that write the user and computer names to a known location I can reference, but some of our users don't like to logout for 15 days at a time. If there is an elegant solution that uses login scripts, definitely mention it - but if it happens to work for merely unlocking the station, that would be even better!

    Read the article

  • Which is the most independent and secure email service? [closed]

    - by Rafal
    I'm looking for a provider with a secure transfer protocol (like https) Secured (as much as it is possible) from being hacked or spied on. One that won't scan my email in order to display more accurate ads. One that won't sell my personal information. One that won't disclose my emails to some sort of government (it probably must be based outside of US or Chinese jurisdiction I reckon) Encrypted if possible. It can be simple and without huge storage. If you know/use any similar service I would be really grateful if you could point me there. Cheerz

    Read the article

  • USB key to pass password in Centos 6

    - by Andrew
    I had a room mate that put a livecd in my desktop and looked around on my machine. I caught him in the act and threw him out. I haven't had a room mate for a while now and so as to avoid the livecd issue again I encrypted the hard drive, the machine is running centos 6.3. Is there anyway that I can avoid typing the password in each time if I have usb key in the machine to feed the password to the system? Additional question. Is there anything you can suggest to solve the problem I have ? Thanks

    Read the article

  • Failed to generate a user instance of SQL Server

    - by Goondocks
    I'm using Windows 7 Beta and trying to install a web application locally. This web site uses Microsoft SQL Server 2005 Express (SQLEXPRESS) and a MDB file in the web site's ~/App_Data folder. I was instructed to configure IIS7 to use Classic .NET AppPool for this web application. Each time the web site loads, I receive the following error: There was an error trying to connect to the Database Server: Failed to generate a user instance of SQL Server due to failure in retrieving the user's local application data path. Please make sure the user has a local user profile on the computer. The connection will be closed. The Internet is packed with articles written on this subject. The prevailing wisdom seems to be: Configure the SQL Express Service to use the Local System account. Delete the following directory: C:\Users\username\AppData\Microsoft\Microsoft SQL Server Data\SQLEXPRESS Neither of these fixes have made any impact. I have tinkered with permissions and settings for hours to no avail. Can anyone suggest a fix or help me understand how to get more detailed information about the problem.

    Read the article

  • Is there a way to check if a user has specific rights?

    - by Vadim
    In my application I'm using ntrights.exe, that is part of Windows Resource Kit, to grant and revoke a specific user right. For example to grant a user "Log on as a server" right, I execute using shell object following command: ntrights -u User +r SeServiceLogonRight However ntrights doesn't allow you to check if a user has a specific right. Can you tell me how I can check if a user has a specific right?

    Read the article

  • Remote hosts accessing AD's registry

    - by smitty user
    I have a situation here. I have an intrusion detection system and it constantly alerts me that a remote host is accessing our AD's registry remotely. Our remote hosts are mainly Windows XP and our ADs are W2K8. The remote hosts access them over SMB port 445 Is it normal for Windows hosts to access AD's remote registry? My colleagues confirmed with me that both host and AD is clean from virus with endpoint protection enabled. Thanks.

    Read the article

  • china and gmail attacks

    - by doug
    "We have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists. Based on our investigation to date we believe their attack did not achieve that objective. Only two Gmail accounts appear to have been accessed, and that activity was limited to account information (such as the date the account was created) and subject line, rather than the content of emails themselves.” [source] I don't know much about how internet works, but as long the chines gov has access to the chines internet providers servers, why do they need to hack gmail accounts? I assume that i don't understand how submitting/writing a message(from user to gmail servers) works, in order to be sent later to the other email address. Who can tell me how submitting a message to a web form works?

    Read the article

  • Howt to grant network access to LocalSystem account?

    - by Ian Boyd
    How do you grant access to network resources of the LocalSystem (NT AUTHORITY\SYSTEM) account? When accessing the network, the LocalSystem account acts as the computer on the network: ...and acts as the computer on the network. Or to say the same thing again: The LocalSystem account acts as the computer on the network: When a service runs under the LocalSystem account on a computer that is a domain member, the service has whatever network access is granted to the computer account, or to any groups of which the computer account is a member. How does one grant a "computer" access to a shared folder and files? Note: Computer accounts typically have few privileges and do not belong to groups. So how would i grant a computer access to one of my shares; considering that "Everyone" already has access? Note: workgroup

    Read the article

  • Reinstall after a Root Compromise?

    - by Zoredache
    After reading this question on a server compromise, I started to wonder why people continue to seem to believe that they can recover a compromised system using detection/cleanup tools, or by just fixing the hole that was used to compromise the system. Given all the various root kit technologies and other things a hacker can do most experts suggest you should reinstall the operating system. I am hoping to get a better idea why more people don't just take off and nuke the system from orbit. Here are a couple points, that I would like to see addressed. Are there conditions where a format/reinstall would not clean the system? Under what types conditions do you think a system can be cleaned, and when must you do a full reinstall? What reasoning do you have against doing a full reinstall? If you choose not to reinstall, then what method do you use to be reasonably confident you have cleaned and prevented any further damage from happening again.

    Read the article

  • Can an external server be used to encrypt all traffic

    - by Pasta
    My work takes me to a number of places with WiFi connection. I want to be able to encrypt the traffic between my laptop and the internet. Can I do this with a VPN server? What is the best way to get this done? Is there a secure and reliable service that will help me do this? This is fairly important and might be shared by upto 2 people at a time. Is it better to get a server setup on a cloud hosting solution? Amazon?

    Read the article

  • What could cause these "failed to authenticate" logs other than failed login attempts (OSX)?

    - by Tom
    I've found this in the Console logs: 10/03/10 3:53:58 PM SecurityAgent[156] User info context values set for tom 10/03/10 3:53:58 PM authorizationhost[154] Failed to authenticate user (tDirStatus: -14090). 10/03/10 3:54:00 PM SecurityAgent[156] User info context values set for tom 10/03/10 3:54:00 PM authorizationhost[154] Failed to authenticate user (tDirStatus: -14090). 10/03/10 3:54:03 PM SecurityAgent[156] User info context values set for tom 10/03/10 3:54:03 PM authorizationhost[154] Failed to authenticate user (tDirStatus: -14090). There are about 11 of these "failed to authenticate" messages logged in quick succession. It looks to me like someone is sitting there trying to guess the password. However, when I tried to replicate this I get the same log messages except that this extra message appears after five attempts: 13/03/10 1:18:48 PM DirectoryService[11] Failed Authentication return is being delayed due to over five recent auth failures for username: tom. I don't want to accuse someone of trying to break into an account without being sure that they were actually trying to break in. My question is this: is it almost definitely someone guessing a password, or could the 11 "failed to authenticate" messages be caused by something else?

    Read the article

  • Implications and benefits of removing NT AUTHORITY\SYSTEM from sysadmin role?

    - by Cade Roux
    Disclaimer: I am not a DBA. I am a database developer. A DBA just sent a report to our data stewards and is planning to remove the NT AUTHORITY\SYSTEM account from the sysadmin role on a bunch of servers. (The probably violate some audit report they received). I see a MSKB article that says not to do this. From what I can tell reading a variety of disparate information on the web, a bunch of special services/operations (Volume Copy, Full Text Indexing, MOM, Windows Update) use this account even when the SQL Server and Agent service etc are all running under dedicated accounts.

    Read the article

  • outgoing DNS flood targeted to non-ISP hosts

    - by radudani
    Below is the specific traffic monitored at the network perimeter and originating from a user PC on Vista platform. My question is not about the effects of the flood, but about the nature of the source of it. Is this some known infection, or just an application went out of control? a standard NOD32 scan didn't find anything, as the user told me. Thank you for any hint. 14:40:10.115876 IP 192.168.7.42.4122 > 67.228.0.181.53: S 2742536765:2742536765(0) win 16384 <mss 1460,nop,nop,sackOK> 14:40:10.115943 IP 192.168.7.42.4124 > 67.228.181.207.53: S 3071079888:3071079888(0) win 16384 <mss 1460,nop,nop,sackOK> 14:40:10.116015 IP 192.168.7.42.4126 > 67.228.0.181.53: S 3445199428:3445199428(0) win 16384 <mss 1460,nop,nop,sackOK> 14:40:10.116086 IP 192.168.7.42.4128 > 67.228.181.207.53: S 2053198691:2053198691(0) win 16384 <mss 1460,nop,nop,sackOK> 14:40:10.116154 IP 192.168.7.42.4130 > 67.228.0.181.53: S 2841660872:2841660872(0) win 16384 <mss 1460,nop,nop,sackOK> 14:40:10.116222 IP 192.168.7.42.4132 > 67.228.181.207.53: S 3150822465:3150822465(0) win 16384 <mss 1460,nop,nop,sackOK> 14:40:10.116290 IP 192.168.7.42.4134 > 67.228.0.181.53: S 1692515021:1692515021(0) win 16384 <mss 1460,nop,nop,sackOK> 14:40:10.116358 IP 192.168.7.42.4136 > 67.228.181.207.53: S 3358275919:3358275919(0) win 16384 <mss 1460,nop,nop,sackOK> 14:40:10.116430 IP 192.168.7.42.4138 > 67.228.0.181.53: S 930184999:930184999(0) win 16384 <mss 1460,nop,nop,sackOK> 14:40:10.116498 IP 192.168.7.42.4140 > 67.228.181.207.53: S 1504984630:1504984630(0) win 16384 <mss 1460,nop,nop,sackOK> 14:40:10.116566 IP 192.168.7.42.4142 > 67.228.0.181.53: S 546074424:546074424(0) win 16384 <mss 1460,nop,nop,sackOK> 14:40:10.116634 IP 192.168.7.42.4144 > 67.228.181.207.53: S 4241828590:4241828590(0) win 16384 <mss 1460,nop,nop,sackOK> 14:40:10.116702 IP 192.168.7.42.4146 > 67.228.0.181.53: S 668634627:668634627(0) win 16384 <mss 1460,nop,nop,sackOK> 14:40:10.116769 IP 192.168.7.42.4148 > 67.228.181.207.53: S 3768119461:3768119461(0) win 16384 <mss 1460,nop,nop,sackOK> 14:40:10.117360 IP 192.168.7.42.4111 > 67.228.0.181.53: 12676 op8 Resp12*- [2128q][|domain] 14:40:10.117932 IP 192.168.7.42.4112 > 67.228.181.207.53: 44190 op7 NotAuth*|$ [29103q],[|domain] 14:40:10.118726 IP 192.168.7.42.4113 > 67.228.0.181.53: 49196 inv_q [b2&3=0xeea] [64081q] [28317a] [43054n] [23433au] Type63482 (Class 5889)? M-_^OS>M-JM-m^_M-i.[|domain] 14:40:10.119934 IP 192.168.7.42.4114 > 67.228.181.207.53: 48131 updateMA Resp12$ [43850q],[|domain] 14:40:10.121164 IP 192.168.7.42.4115 > 67.228.0.181.53: 46330 updateM% [b2&3=0x665b] [23691a] [998q] [32406n] [11452au][|domain] 14:40:10.121866 IP 192.168.7.42.4116 > 67.228.181.207.53: 34425 op7 YXRRSet* [39927q][|domain] 14:40:10.123107 IP 192.168.7.42.4117 > 67.228.0.181.53: 56536 notify+ [b2&3=0x27e6] [59761a] [23005q] [33341n] [29705au][|domain] 14:40:10.123961 IP 192.168.7.42.4118 > 67.228.181.207.53: 19323 stat% [b2&3=0x14bb] [32491a] [41925q] [2038n] [5857au][|domain] 14:40:10.132499 IP 192.168.7.42.4119 > 67.228.0.181.53: 50432 updateMA+ [b2&3=0x6bc2] [10733a] [9775q] [46984n] [15261au][|domain] 14:40:10.133394 IP 192.168.7.42.4120 > 67.228.181.207.53: 2171 notify Refused$ [26027q][|domain] 14:40:10.134421 IP 192.168.7.42.4121 > 67.228.0.181.53: 25802 updateM NXDomain*-$ [28641q][|domain] 14:40:10.135392 IP 192.168.7.42.4122 > 67.228.181.207.53: 2073 updateMA+ [b2&3=0x6d0b] [43177a] [54332q] [17736n] [43636au][|domain] 14:40:10.136638 IP 192.168.7.42.4123 > 67.228.0.181.53: 15346 updateD+% [b2&3=0x577a] [61686a] [19106q] [15824n] [37833au] Type28590 (Class 64856)? [|domain] 14:40:10.137265 IP 192.168.7.42.4124 > 67.228.181.207.53: 60761 update+ [b2&3=0x2b66] [43293a] [53922q] [23115n] [11349au][|domain] 14:40:10.148122 IP 192.168.7.42.4125 > 67.228.0.181.53: 3418 op3% [b2&3=0x1a92] [51107a] [60368q] [47777n] [56081au][|domain]

    Read the article

  • If I scp a file through an intermediate server, is the file stored temporarily on the server?

    - by Blacklight Shining
    For the sake of simplicity (I find it easier to remember names than arbitrary letters), I will dispense with letters and use names to refer to the machines in this scenario. Say I have two machines, applejack and pinkie-pie, each on their own separate LANs and not in the same physical location. I also have a server, cadance, with a direct Internet-facing connection. I want to copy a file from applejack to pinkie-pie, so to avoid dealing with port forwarding and such, I set up an ssh tunnel from pinkie-pie to cadance (ssh -R etc cadance). Now I can connect to pinkie-pie from anywhere, by connecting to cadance and specifying an alternate port to use. I can also easily copy files to pinkie-pie with scp -P $that_port $some_file cadance:$some_path. My understanding of how it works is this: A secure connection is made from applejack to cadance I am authenticated to cadance A secure connection is made from applejack to pinkie-pie that spans the existing reverse tunnel and the new connection from step 1. I am authenticated to pinkie-pie Files are copied directly from applejack to pinkie-pie over this connection. Am I correct here? How secure is this approach? If I'm wrong…are files copied this way decrypted at cadance before being passed on to pinkie-pie? Is there a possibility that traces of unencrypted data could remain on cadance?

    Read the article

  • Revert "Deny" permissions in Windows 7

    - by saurabhj
    I made a very dumb mistake and I am hoping there is a way to fix this without having to boot in through a Linux Live CD and extracting the data. My user login to my Windows 7 system is: John John is part of the Administrator's group. I have a folder called "C:\Users\John" I tried to make this folder accessible to ONLY John (and deny from all other Administrators) by going to the Folder, Right Click Secturity tab and then selecting all the checkboxes under "Deny" while having selected the "Administrators" group. As a result, I cannot access this folder from any of the accounts: "John" and "Administrator" as both of them belong to the Administrators groupd and deny permissions out-weigh the "Allow Permissions" Is there any way I could revert this back? Thanks a million!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 194 195 196 197 198 199 200 201 202 203 204 205  | Next Page >