Search Results

Search found 25503 results on 1021 pages for 'browser security'.

Page 203/1021 | < Previous Page | 199 200 201 202 203 204 205 206 207 208 209 210  | Next Page >

• Is it possible to detect nearby Wi-Fi enabled devices, not necessarily on the same network? [closed]

  - by Sky

  first question on StackExchange ever. I hope I got the right board. I'm trying to create a device (either from a standard AP or some other unconventional means) that will be able to detect nearby Wi-Fi enabled devices. For example, if a cellular phone (iPhone for instance) would be carried into the secured area, its MAC address will be logged. A cellular phone is a good example because it's the most common threat that should be detected. Some important points: The detection can be either active or passive, doesn't matter. The detected device might be connected to a different network, or might not be connected to anything at all. I assume most cellular phones are actively probing when not connected, but I'm not sure. It is important to not only identify the breach, but also to identify the device (MAC address). Conventional hardware is only optional. Distance of detection is at least 6 meters (20 feet). Handling one device at a time is good. Speed of detection is important, under 5 seconds is ideal. So my question is, is this even possible? If so, what can I use in order to make this a reality? Thank you for reading!

  Read the article

• Determining who is running with administrator rights?

  - by Alex C.

  I work at a small non-profit organization with about 55 desktop PCs running Windows XP Pro. The domain controller is running Windows Server 2003. I have a two-part question (note that I'm a bit of a newb when it comes to network administration). Part 1: Is there some simple way that I can determine which accounts are logged in with administrator rights? Part 2: Is there a way that I can remove administrator rights from users without sitting down at each individual machine? Thanks for considering my questions.

  Read the article

• Iptables - Redirect outbound traffic on a port to inbound traffic on 127.0.0.1

  - by GoldenNewby

  I will be awarding a +100 bounty to the correct answer once it is available in 48 hours Is there a way to redirect traffic set to go out of the server to another IP, back to the server on localhost (preferably as if it was coming from the original destination)? I'd basically like to be able to set up my own software that listens on say, port 80, and receives traffic that was sent to say, 1.2.3.4. So as an example with some code. Here would be the server: my $server = IO::Socket::INET->new( LocalAddr => '127.0.0.1', LocalPort => '80', Listen => 128, ); And that would receive traffic from the following client: my $client = IO::Socket::INET->new( PeerAddr => 'google.com', PeerPort => '80', ) So rather than having the client be connecting to google.com, it would be connecting to the server I have listening on localhost for that same server. My intention is to use this to catch malware connecting to remote hosts. I don't specifically need the traffic to be redirected to 127.0.0.1, but it needs to be redirected to an IP the same machine can listen to. Edit: I've tried the following, and it doesn't work-- echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 127.0.0.1:80 iptables -t nat -A POSTROUTING -j MASQUERADE

  Read the article

• Better way to stop/start Webmin and SSH

  - by Jake

  Hi, it would be a good idea to not have webmin running all the time... just start it via ssh when I need it... so, I just stop webmin,and leaving SSH always running... when I need to access webmin, I start it through SSH. but there are lots of people from many country trying to bruteforce my SSH. I can reduce bruteforce using iptables. but because Im feeling still not safe (about 3 months ago), so I stop SSH and leaving webmin always running through custom port. I just start SSH through webmin when I need. and the result, no more bruteforce on SSH, and no bruteforce on webmin (maybe because the attacker dont know my webmin custom port) but I think this is still not really safe. and I cannot restrict access to some IP because I use random IP. If I stop both SSH and webmin, I will lost access to my server. Anyone know the better way dealing with this?

  Read the article

• How can I prevent Virtualmin from storing passwords in cleartext?

  - by Josh

  I am really surprised at this behavior. In Virtualmin, I can see the password for any SSH user by clicking the "(Show..)" link next to the "Password ( ) Leave unchanged" option in a variety of locations. I have found that the passwords for all users including users with SSH access are stored in cleartext files in /etc/webmin/... This seems like an unnecessary risk! How can I prevent Virtualmin from storing passwords in this manner?

  Read the article

• (200 ok) ACCEPTED - Is this a hacking attempt?

  - by Byran

  I assume this is some type of hacking attempt. I've try to Google it but all I get are sites that look like they have been exploited already. I'm seeing requests to one of my pages that looks like this. /listMessages.asp?page=8&catid=5+%28200+ok%29+ACCEPTED The '(200 ok) ACCEPTED' is what is odd. But it does not appear to do anything. I'm running on IIS 5 and ASP 3.0. Is this "hack" meant for some other type of web server?

  Read the article

• Detecting man-in-the-middle attacks?

  - by Ilari Kajaste

  There seem to be many possible ways to create man-in-the-middle attacks on public access points, by stealing the access point's local IP address with ARP spoofing. The possible attacks range from forging password request fields, to changing HTTPS connections to HTTP, and even the recently discovered possibilit of injecting malicious headers in the beginning of secure TLS connections. However, it seems to be claimed that these attacks are not very common. It would be interesting to see for myself. What ways are there to detect if such an attack is being attempted by someone on the network? I guess getting served a plain HTTP login page would be an obvious clue, and of course you could run Wireshark and keep reading all the interesting ARP traffic... But an automated solution would be a tiny bit more handy. Something that analyzes stuff on the background and alerts if an attack is detected on the network. It would be interesting to see for myself if these attack are actually going on somewhere.

  Read the article

• Windows 7 : Any way to disable "show caracter" in WIFI network properties?!

  - by Fox

  Hi everyone, Here's my issue. I'm working in a school as IT Tech and I'm currently planning to roll out Windows 7 on students laptop. The issue is : When you go to the properties of a WIFI network, you have the fields to input the WIFI key, WPA2 key here in my case, and you also have a checkbox that allow you to "unmask" the caracters of the wifi key. This is actually the problem. Anyone who can access the WIFI network properties, will be able to see the WIFI key, which is really an issue in a school envrironnement where student are all eager to get the key for their precious IPod Touch, what I don't want to happen for obvious reasons... So, is there a way to disable that checkbox or else, make the field cleared out when the checkbox is checked, just like it was on Windows XP or Vista? Thanks all for your answer.

  Read the article

• Configure Windows firewall to prevent an application from listening on a specific port

  - by U-D13

  The issue: there are many applications struggling to listen on port 80 (Skype, Teamviewer et al.), and to many of them that even is not essential (in the sense that you can have a httpd running and blocking the http port, and the other application won't even squeak about being unable to open the port). What makes things worse, some of the apps are... Well, I suppose, that it's okay that the mentally impaired are being integrated in the society by giving them a job to do, but... Programming requires some intellectual effort, in my humble opinion... What I mean is that there is no way to configure the app not to use specific ports (that's what you get for using proprietary software) - you can either add it to windows firewall exceptions (and succumb to undesired port opening behavior) or not (and risk losing most - if not all - of the functionality). Technically, it is not impossible for the firewall to deny an application opening an incoming port even if the application is in the exception list. And if this functionality is built into the Windows firewall somewhere, there should be a way to activate it. So, what I want to know is: whether there exists such an option, and if it does how to activate it.

  Read the article

• Penetration testing - common examples?

  - by Mirek

  Hi, I was charged to do some basic penetration testing on our system. I tried to find some favoured practices but I was not successful. I guess SYN attack is retired (no NT here). Could anyone advice some basic steps of what to test in order to proceed at least very basic penetration test? Thanks

  Read the article

• Functional implications of differences in SSL and TLS

  - by Randell

  I know that TLS is essentially a newer version of SSL, and that it generally supports transitioning a connection from unsecured to secured (commonly through a STARTTLS command). What I don't understand is why TLS is important to an IT Professional, and why given the choice I would pick one over the other. Is TLS really just a newer version, and if so is it a compatible protocol? As an IT Professional: When do I use which? When do I not use which?

  Read the article

• Configuring port forwarding for SSH - no response outside LAN [migrated]

  - by WinnieNicklaus

  I recently moved, and at the same time purchased a new router (Linksys E1200). Prior to the move, I had my old router set up to forward a port for SSH to servers on my LAN, and I was using DynDNS to manage the external IP address. Everything worked great. I moved and set up the new router (unfortunately, the old one is busted so I can't try things out with it), updated the DynDNS address, and attempted to restore my port forwarding settings. No joy. SSH connections time out, and pings go unanswered. But here's the weird part (i.e., key to the whole thing?): I can ping and SSH just fine from within this LAN. I'm not talking about the local 192.168.1.* addresses. I can actually SSH from a computer on my LAN to the DynDNS external address. It's only when the client is outside the LAN that connections are dropped. This surely suggests a particular point of failure, but I don't know enough to figure out what it is. I can't figure out why it would make a difference where the connections originate, unless there's a filter for "trusted" IP addresses, which is perhaps just restricted to my own. No settings have been touched on the servers, and I can't find any settings suggesting this on the router admin interface. I disabled the router's SPI firewall and "Filter anonymous traffic" setting to no avail. Has anyone heard of this behavior, and what can I do to get past it?

  Read the article

• phpmyadmin login should not expire on ubuntu 10.04

  - by mit

  On ubuntu 10.04 the phpmyadmin config is a little bit scattered. I want to set the loginexpiration time to zero, should never expire, this is a secured setup behind a firewall. I think it is 3600 by default but cannot find the setting. Where is it? Edit: I actually changed it in /etc/phpmyadmin/conf.inc.php which seems the recommended place for ubuntu. The other files mentioned below might be overwritten on updates.

  Read the article

• How to wipe an IPod with DBAN

  - by Matt Powers

  I'm looking to use a utility such as Darik's Boot And Nuke (www.dban.org) to wipe my iPod (classic fifth generation) so I can sell it on Ebay (without having to worry about my data being recovered.) Any suggestions on how to do this?

  Read the article

• Change the number of consecutive frequent ssh login before temporary blocking the user login

  - by Kenneth

  my server currently would temporarily refuse a user to login for certain amount of time (maybe ~20min) if the user consecutively frequent ssh login for 3 times. Can I change this behaviour (say relaxed the definition of frequent maybe from 'within 5 sec' to 'within 10 sec'; or increase the # of consecutive login from 3 to 5)? Thanks. Added: Ah.. now I think the problem was not with the ssh. I just tried on another newly installed server. consecutive successful login won't block the user. I have no sudo permission on the server I mentioned above. Now I suspect this behaviour may cause by the firewall in the system. Thanks everyone's comments. ADDED 2: Ah... after some searches. I think the server is using /sbin/iptables to do it as I can see the iptables program is there even though I don't have permission to list the rules. Thanks everyone, special thank to jaume and Mark!

  Read the article

• SFTP File Restrictions.

  - by The Rook

  Is it possible to use SFTP on Linux and restrict a user account to ONE directory such that no other directory listing can be obtained? Yes, I must use SFTP, FTP is only used by people that love getting hacked. For instance I want someone to modify files in /var/www/code/ but I don't want them to be able modify anything else. I don't even want them to see the contents /tmp/. (I will accept a "quick and dirty" solution, as long as it is secure.)

  Read the article

• How to prepare and secure a Macbook Pro for work/office?

  - by sunpech

  I plan to use my Macbook Pro at work/office. Before I do so, I will need to speak to my manager on how to properly prepare and secure it since this is the first Mac that will be regularly used on the network in the office and company intranet. The intranet comprises mostly of PCs running Microsoft Windows XP, Server 2003, and Windows 7. So there's definitely a Microsoft-only culture in the office, and the infrastructure/networking team are mostly unfamiliar with non-Microsoft technology and software. What steps and software would I need to prepare and secure my Macbook Pro for work/office? Antivirus/Spyware software for Mac required/necessary? What options do I have to encrypt files, or possibly the whole drive/partition? What network/firewall settings should be enabled?

  Read the article

• Configuring port forwarding for SSH - no response outside LAN

  - by WinnieNicklaus

  I recently moved, and at the same time purchased a new router (Linksys E1200). Prior to the move, I had my old router set up to forward a port for SSH to servers on my LAN, and I was using DynDNS to manage the external IP address. Everything worked great. I moved and set up the new router (unfortunately, the old one is busted so I can't try things out with it), updated the DynDNS address, and attempted to restore my port forwarding settings. No joy. SSH connections time out, and pings go unanswered. But here's the weird part (i.e., key to the whole thing?): I can ping and SSH just fine from within this LAN. I'm not talking about the local 192.168.1.* addresses. I can actually SSH from a computer on my LAN to the DynDNS external address. It's only when the client is outside the LAN that connections are dropped. This surely suggests a particular point of failure, but I don't know enough to figure out what it is. I can't figure out why it would make a difference where the connections originate, unless there's a filter for "trusted" IP addresses, which is perhaps just restricted to my own. No settings have been touched on the servers, and I can't find any settings suggesting this on the router admin interface. I disabled the router's SPI firewall and "Filter anonymous traffic" setting to no avail. Has anyone heard of this behavior, and what can I do to get past it?

  Read the article

• What advantages does mod_evasive have over mod_security2 in terms of DDOS protection?

  - by Martynas Sušinskas

  Good day, I'm running an Apache2 server in front of a Tomcat and I need to implement a DDOS protection mechanism on the Apache2 layer. I have two candidates: mod_evasive and mod_security2 with the OWASP core rule set. Mod_security is already installed for overall protection, but the question is: is it worth adding mod_evasive besides mod_security just for the DDOS (does it have any major advantages) or the OWASP crs rules in the /experimental_rules/ directory (modsecurity_crs_11_dos_protection.conf) provide the same protection? Or it's just a matter of preference? The sites are not very high traffic normally. Thank you for your answers, Martynas

  Read the article

• the right way to do deployment with capistrano

  - by com

  I look for good practices for deploying with capistrano. I would like to start out with a short description how I used to do deployment. capistrano is installed locally on a developer's computer. I deploy thought gateway with capistrano option :gateway. Firstly, I thought that with :gateway option I need to have ssh connection only to gateway host, but it turns out that I need ssh connection (public key) to all hosts where I want to deploy to. I would like to find a convenient and secure way to deploy application. For example, in case when new developer starts working, is much more convinient to put his *public_key* only on gateway server and not on all applications servers. On the other hand I don't want him to have any connection to servers in particular ssh to gateway, just because he is developer, he needs to do only deployments. If you are aware of good practices for deploying with capistrano, please, let us know.

  Read the article

• How to detect form spamming on your web servers?

  - by splattne

  If you run hundred of web sites on your servers, what it is the most efficient, automated way to detect if bots are using your HTML forms to send spam email, even if your forms have some kind of protection?

  Read the article

• Why can`t we treat SSL Certs like Pgp keys instead of trusting CAs?

  - by yarun can

  I am dumb and stupid and I do not know all the technical aspects of SSL and server/client side implications and implementations. However I understand them good enough from user point of view to use SSL and encyrption daily. I was thinking that how silly it is to trust some unknown/known CAs when it comes to our our certificates for our servers. There had been many cases of misconduct, misuse, compromises and theft of certificates/ca keys from those places. On top of those known issues we also have to pay these guys regularly. I am wondering why can not we use/treat web server certificates like we use our pgp keys? So I sign a SSL certificate and send to a central server. And then each user accessing my site checks the validity and the keys from some central server (like pgp key servers). Is this a stupid idea? If so what could be a better idea than current system of issuing valid certificates. I am looking for a better than more secure idea. Naturally this is not a solution to an existing problem, rather it will be a hypothetical solution for some future implementation of a currently messed up web of trust on the internet due to recent news about NSA and their criminal buddies around the world. thanks

  Read the article

• Shibboleth: found encrypted assertions, but no CredentialResolver was available

  - by HorusKol

  I've gotten a Shibboleth Server Provider (SP) up and running, and I'm using the TestShib Identity Provider (IdP) for testing. The configuration appears to be all correct, and when I requested my secured directory I was sent to the IdP where I logged in and then was sent back to https://example.org/Shibboleth.sso/SAML2/POST where I am getting a generic error message. Checking the logs, I am told: found encrypted assertions, but no CredentialResolver was available I have rechecked the configuration, and there I have: <CredentialResolver type="File" key="/etc/shibboleth/sp-key.pem" certificate="/etc/shibboleth/sp-cert.pem"/> Both of these files are present at those locations. I've restarted apache and retried, but still get the same error. I don't know if it makes a difference - but only a subdirectory of the site has been secured - the documentroot is publicly available.

  Read the article

• How can someone be running shell commands through my site, and how can I stop them?

  - by Oliver Bayes-Shelton

  I believe that someone is running shell commands on my server via my site. How could a user be doing this? How can I stop stop them from doing this?

  Read the article

• Best practices for SQL Server audit trail

  - by Ducain

  I'm facing a situation today where it would be very beneficial to me and my company if we knew who had logged into SQL and performed some deletions. We have a situation where at least 2 (sometimes 3) people login to SQL using SQL Server Management Studio, and perform various functions. What we need is an audit trail. If someone deletes records (mistakenly or otherwise), I'd like to know what was done. Is there any way to make this happen?

  Read the article

< Previous Page | 199 200 201 202 203 204 205 206 207 208 209 210  | Next Page >