Search Results

Search found 492 results on 20 pages for 'abuse prevention'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 2/20 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Prevent abuse of public HTTP directory meant for images

    - by sutre
    The situation: Each user has their own public HTTP directory, meant for images only. This could easily be abused by users using it to serve large files, wasting bandwidth. The question: Is there any fairly simple way to prevent this abuse? Either by allowing the webserver to only images to be served, restricting size, or some other method.

    Read the article

  • Comparison of Firewall, Intrusion Prevention, Detection and Antivirus Technologies in Organizational

    - by Berkay
    in these days i'm reading about intrusion prevention/detection systems.When reading i really confused in some points. First, the firewall and antivirus technologies are known terms for years, however now IDS becomes popular. My question includes: in organizational network architectures when/where do we use these systems ? What are the benefits of using each ? Does Firewall contains all these others? If you give me some examples, it will help much. Thanks.

    Read the article

  • dlink arp spoofing prevention

    - by Wiploo
    someone can help me understanding arp spoofing prevention on dlink dgs-3100 (ftp://ftp2.dlink.com/PRODUCTS/DGS-3100-48P/REVA/DGS-3100-48P_MANUAL_3.60_EN.PDF). I'd like to protect my gateway MAC/IP from spoofing so I'have tryed to add a rule "IP: 192.168.1.1 MAC: aa-aa-aa-aa-aa-aa" flagging all the port of the switch as untrusted. When I apply the rule I lose connection to all pc attached to the switch. I certanly made some errors, but I can't understand what is wrong. Best Regards

    Read the article

  • Data Execution Prevention problem in Windows Server 2008

    - by naveen
    Hi guys, I am an ASP.NET developer, who has minimal knowledge in Server administration. I have a database hosted at Windows Server 2008. Today morning onwards it periodically stops working. The message given is something to the effect "The program is being shut down to prevent Data Execution Prevention error" Some other programs are also showing the behavior. I would like to know, what causes this all of a sudden? The server is UN-protected(IE: no anti-virus installed at all), could this be a possible anti-virus/ malware attack? What do we need to do to get the SOL running smoothly again? Regards, Naveen Jose

    Read the article

  • Does data mining qualify as an abuse?

    - by Hybryd
    Hi all, today I had a strange experience with my ISP. They disabled my password for internet connection, and when I called them, they enabled it again, but they didn't say why it happened. In the last couple of days I was running a data mining that I made for one forum to get some useful info about business that I'm in. So I thought, maybe my ISP figured that 10,000 page requests in couple of hours to the same site may be some kind of attack. What do you think, does it qualify as an attack? Is it even ok to data mine in that way?

    Read the article

  • How to report abuse to website hosting company (GoDaddy) [closed]

    - by lgratian
    I'm not sure if this is the right place to ask such a question... Let's say that a website posted a picture of me, without my consent, and I want it to be removed (it's something private, could compromise my career if it's seen by someone that shouldn't). I sent them an email asking nicely that they should remove it, but they didn't respond and the picture is still there. Using 'Whois' I found that the website is hosted by GoDaddy. Is there a way (an email address, for ex.) to report to GoDaddy that one of the sites they're hosting does something illegal and to force them to remove the photo? I searched the site and found nothing about such a thing. Thnaks in advance!

    Read the article

  • Imagemagick/File upload abuse causing my memory errors

    - by kidcapital
    I had been running out of memory on my server lately and I noticed some individuals uploading the same "file" over and over in quick succession which locks up my instance of mini_magick. Eventually the morgify gets stuck in an infinite look. I've taken care of it by having a daemon watch the morgify process if it get's out of control, but was wondering if there was a better solution You can see the same *.gif being uploading in quick succession. I tried downloading this file too, and it isn't even a gif. I don't know what it is (I can't open it). Anyone experience this kind of exploit before?

    Read the article

  • Prevent abuse of public HTTP directory meant for images

    - by sutre
    The situation: Each user has their own public HTTP directory, meant for images only. This could easily be abused by users using it to serve large files, wasting bandwidth. The question: Is there any fairly simple way to prevent this abuse? Either by allowing the webserver to only images to be served, restricting size, or some other method.

    Read the article

  • Brainstorm: Flood/DoS/DDoS Attack prevention ideas.

    - by Gnarly
    This is not a question asking how to stop an attack. This is simply a thread for anyone and everyone to discuss ideas for preventing, dealing with, and keeping your server alive during these attacks. Do not discuss using 3rd party software, this is a place to make your own ideas and read others. Post examples if you'd like. Post ideas how to filter out flood attacks. Post ideas how to keep your server alive while being under a heavy DDoS attack.

    Read the article

  • DNS Server Spoofed Request Amplification DDoS - Prevention

    - by Shackrock
    I've been conducting security scans, and a new one popped up for me: DNS Server Spoofed Request Amplification DDoS The remote DNS server answers to any request. It is possible to query the name servers (NS) of the root zone ('.') and get an answer which is bigger than the original request. By spoofing the source IP address, a remote attacker can leverage this 'amplification' to launch a denial of service attack against a third-party host using the remote DNS server. General Solution: Restrict access to your DNS server from public network or reconfigure it to reject such queries. I'm hosting my own DNS for my website. I'm not sure what the solution is here... I'm really looking for some concrete detailed steps to patch this, but haven't found any yet. Any ideas? CentOS5 with WHM and CPanel. Also see: http://securitytnt.com/dns-amplification-attack/

    Read the article

  • Track Data Execution Prevention (DEP) problem.

    - by Nicolas
    Hi, When running one of our software, a tester was faced with the data execution prevention dialog of Windows. We try to reproduce this situation on a developer computer for debugging purposes : with no success. Does anyone know how to find what may cause the DEP protection to kill the application? Is there any existing tools available for this? Any advices are welcome, Thanks, Nic

    Read the article

  • Which static electricity prevention tools do actually work?

    - by Boris_yo
    I need a device that would discharge static electricity from my body in order to safely work with electronics. I have looked and found some that interested me, but I don't know whether they work: Anti-Static Wrist Strap Anti-Static Release Discharger Keychain Anti-Dissipative Wrist Strap Anti-Static Rubber Finger Stalls Which of above mentioned actually do something? Do I also need and anti-static screw box? It has holes that screws get put in. Will I need magnetic screwdriver to pull screws out?

    Read the article

  • Is there Java counterpart for Aspnet 4's <%: %> XSS prevention?

    - by Tomas Tintera
    I'm developer moving from C# to Java. Heard about new ASP net feature. <%: %. It renders object with html encoding. Only these impolementing IHtmlString interface are not encoded (to prevent double encoding). See more in http://weblogs.asp.net/scottgu/archive/2010/04/06/new-lt-gt-syntax-for-html-encoding-output-in-asp-net-4-and-asp-net-mvc-2.aspx Is such cute tool in Java side? I mean a way to output a string to webpage and (not)encode it based on it's type.

    Read the article

  • Hacking prevention, forensics, auditing and counter measures.

    - by tmow
    Recently (but it is also a recurrent question) we saw 3 interesting threads about hacking and security: My server's been hacked EMERGENCY. Finding how a hacked server was hacked File permissions question The last one isn't directly related, but it highlights how easy it is to mess up with a web server administration. As there are several things, that can be done, before something bad happens, I'd like to have your suggestions in terms of good practices to limit backside effects of an attack and how to react in the sad case will happen. It's not just a matter of securing the server and the code but also of auditing, logging and counter measures. Do you have any good practices list or do you prefer to rely on software or on experts that continuously analyze your web server(s) (or nothing at all)? If yes, can you share your list and your ideas/opinions?

    Read the article

  • Windows7 corrupted profile - prevention exists?

    - by Radek
    I have dedicated Windows7 (not on domain) virtual machine for overnight automation testing. Some commands (mySQLdump, tscon.exe) must be run under administrator account. Last week administrator account's profile was corrupted. I fixed it by renaming it in the registry and logging in as administrator. And today it is corrupted again. I use administrator account only to run above commands via runas. Also the computer is restarted via cmd - shutdown command - quite often. Especially every night before automation testing starts. I checked the comp for viruses - did full scan using avast although I believed that the comp is clean. Any idea how to prevent the profile to get corrupted again? update So the first log entry in event log is today from 1.15am and one of my scripts ran runas command as administrator exactly at 1.15am. It was second time that runas war executed though after the testing started. The same happened second day in a row. Before the testing starts I need to copy one file that is locked. So I run handle.exe from runas to unlock it. That is what I think causing the profile to get corrupted. I am not able to reproduce it by myself. The message from event viewer is Windows cannot load the locally stored profile. Possible causes of this error include insufficient security rights or a corrupt local profile. DETAIL – The process cannot access the file because it is being used by another process.

    Read the article

  • Bridge Intrusion Prevention Vyatta

    - by Steve
    I am trying to create a bridge with ThreatStop, IPS and block a few ports. This bridge will sit in front of my servers. All is working apart from the IPS. I have read the documentation on configuring IPS, I have something configured that it hasn't complained about and nothing is logged so I believe that it isn't working. Is it possible to set-up IPS on a vyatta bridge? Also is it possible to read the logs/events with Snorby? I have also posted this on the Vyatta forums

    Read the article

  • Dust prevention for home servers [closed]

    - by Payson Welch
    I found some posts on here about dealing with dust relating to servers but nothing that specifically addressed my question. I have several servers at home for research and as you can probably guess they are not cheap. It is impossible for me to remove 100% of the dust from my home as much as I may try. Does anyone know of any practical solutions to filtering the air that will go into the servers? For instance maybe place some sort of material over the bezel to catch dust particles before they enter? I realize the ideal home solution would be to have a small room with environmental controls but I'm not there yet. Thanks!

    Read the article

  • client generated double submit cookie, cross site request forgery prevention

    - by james
    in a double-submitted cookie csrf prevention scheme, is it necessary for the server to provide the cookie? it seems i could have javascript on the clients page generate and set a cookie "anti_csrf", then double submit that (once as a cookie, done by the browser, and once in the body of the request). a foreign domain would not be able to read or write the "anti_csrf" cookie to include it in the body of a request. is this secure, or am i overlooking something?

    Read the article

  • Practical way to implement prevention of IP Spoofing

    - by user1369975
    I am an undergraduate Computer Science student and was hoping to gain some knowledge of ways to help prevent IP spoofing but all the resources I have tried out elaborate this concept in a theoretical way. I want to try out my hands at one of the techniques like: http://en.wikipedia.org/wiki/Port_knocking http://en.wikipedia.org/wiki/SYN_cookies How do I simulate this whole situation in my own system were I myself am the attacker and I myself have to defend it? And once I have gained an understanding of it, then how do I start translating that into programming terms?

    Read the article

  • How can I prevent spam on sites which I control?

    - by danlefree
    This is a general, community wiki question to address all non-specific spam prevention questions. If your question was closed as a duplicate of this question and you feel that the information provided here does not provide a sufficient answer, please open a discussion on Pro Webmasters Meta. For purposes of this question, spam will include: Any automated post Manually-posted content which includes links to spammers' sites Manually-posted content which includes instructions to visit a spammer's site

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >