Sql Server security Issue
- by MZT
how to add Sql server user for specific database with backup and restore permission only ??
Search Results
Search found 68155 results on 2727 pages for 'data security'.
Page 203/2727 | < Previous Page | 199 200 201 202 203 204 205 206 207 208 209 210 | Next Page >
-
-
Strict security and virtual host isolation with Nginx?
- by Hach-Que
I currently have an Apache web server set up under which each virtual host is isolated using HTTPD-ITK and the AppArmor module. Each virtual host's workers are setuid/setgid by the server and are then placed in an AppArmor profile. I'm looking to use Nginx but I can't find any documentation on setting it up so that rather than the worker processes being shared between all virtual hosts, worker processes are per virtual host (and thus can be setuid / setgid). Is there any way to do this under Nginx?Read the article
-
Does pointing *.[int].mydomain.com to 192.168.1.[int] constitute a security threat
- by Dave
For testing purposes, I've found it's really useful to point whatever.machineIP.mydomain.com to 192.168.1.machineIP : that way we can test each other's code without fidgetting with hosts files. I'm aware that this identifies our local IP addresses to the outside world, but if someone could access the network, it'd be trivial to sniff which of the local IP addresses respond to port 80 anyway. Is there anything I'm not seeing? Credit for the idea: http://news.ycombinator.com/item?id=1168896Read the article
-
RemoteApp Security Warning
- by nairware
I have a Windows 2012 Standard x64 RemoteApps RDWeb portal where I can launch apps. We have one remote app in particular which is RDP (mstsc.exe). Whenever a user launches it, they receive three different prompts--the second one is this alert (shown below). How can I get rid of this alert? I have other RemoteApps launching as well, and they do not throw errors or alerts like this one. And they are applications with the .exe extension, so I do not understand what is so unique about the RDP RemoteApp that would cause this alert. One thing perhaps worth mentioning is this particular RDP remote app points directly to the mstsc.exe executable residing on a particular session host/terminal server (as shown in the "From" value of the warning). As such, a gateway server would not be used to load-balance and choose the RDP client launched from a session host at random. This RDP RemoteApp is explicitly associated with one particular terminal server.Read the article
-
Windows 7 security model - differences between Windows XP and Active Directory
- by Rafael
I have a Delphi procedure to validate user credentials on my system integrated with Active Directory. On Windows XP/2000, when the user presents invalid credentials, the program/system performs as expected. On a Windows 7 system, the procedure doesn't validate the credentials and allows the user to continue without a check.Read the article
-
DB2 Integrity Checks and Exception Tables
- by imthefirestartr
I am working on planning a migration of a DB2 8.1 database from a horrible IBM encoding to UTF-8 to support further languages etc. I am encountering an issue that I am stuck on. A few notes on this migration: We are using db2move to export and load the data and db2look to get the details fo the database (tablespaces, tables, keys etc). We found the loading process worked nicely with db2move import, however, the data takes 7 hours to load and this was unacceptable downtime when we actually complete the conversion on the main database. We are now using db2move load, which is much faster as it seems to simply throw the data in without integrity checks. Which leads to my current issue. After completing the db2move load process, several tables are in a check pending state and require integrity checks. Integrity checks are done via the following: set integrity for . immediate checked This works for most tables, however, some tables give an error: DB21034E The command was processed as an SQL statement because it was not a valid Command Line Processor command. During SQL processing it returned: SQL3603N Check data processing through the SET INTEGRITY statement has found integrity violation involving a constraint with name "blah.SQL120124110232400". SQLSTATE=23514 The internets tell me that the solution to this issue is to create an exception table based on the actual table and tell the SET INTEGRITY command to send any exceptions to that table (as below): db2 create table blah_EXCEPTION like blah db2 SET INTEGRITY FOR blah IMMEDIATE CHECKED FOR EXCEPTION IN blah USE blah_EXCEPTION NOW, here is the specific issue I am having! The above forces all the rows with issues to the specified exception table. Well that's just super, buuuuuut I can not lose data in this conversion, its simply unacceptable. The internets and IBM has a vague description of sending the violations to the exception tables and then "dealing with the data" that is in the exception table. Unfortunately, I am not clear what this means and I was hoping that some wise individual knows and could help me out and let me know how I can retrieve this data from these tables and place the data in the original/proper table rather than these exception tables. Let me know if you have any questions. Thanks!Read the article
-
vagrant and puppet security for ssl certificates
- by Sirex
I'm pretty new to vagrant, would someone who knows more about it (and puppet) be able to explain how vagrant deals with the ssl certs needed when making vagrant testing machines that are processing the same node definition as the real production machines ? I run puppet in master / client mode, and I wish to spin up a vagrant version of my puppet production nodes, primarily to test new puppet code against. If my production machine is, say, sql.domain.com I spin up a vagrant machine of, say, sql.vagrant.domain.com. In the vagrant file I then use the puppet_server provisioner, and give a puppet.puppet_node entry of “sql.domain.com” to it gets the same puppet node definition. On the puppet server I use a regex of something like /*.sql.domain.com/ on that node entry so that both the vagrant machine and the real one get that node entry on the puppet server. Finally, I enable auto-signing for *.vagrant.domain.com in puppet's autosign.conf, so the vagrant machine gets signed. So far, so good... However: If one machine on my network gets rooted, say, unimportant.domain.com, what's to stop the attacker changing the hostname on that machine to sql.vagrant.domain.com, deleting the old puppet ssl cert off of it and then re-run puppet with a given node name of sql.domain.com ? The new ssl cert would be autosigned by puppet, match the node name regex, and then this hacked node would get all the juicy information intended for the sql machine ?! One solution I can think of is to avoid autosigning, and put the known puppet ssl cert for the real production machine into the vagrant shared directory, and then have a vagrant ssh job move it into place. The downside of this is I end up with all my ssl certs for each production machine sitting in one git repo (my vagrant repo) and thereby on each developer's machine – which may or may not be an issue, but it dosen't sound like the right way of doing this. tl;dr: How do other people deal with vagrant & puppet ssl certificates for development or testing clones of production machines ?Read the article
-
How to copy files from HDD to HDD with integrity checking
- by RafaelM
I am moving data from an almost dead HDD to an external USB drive using linux , because for some reason Windows cannot see the data. I want to copy a large amount of data over from the HDD to the USB drive with integrity checking. I thought about copying everything over and then checking with md5summer but this would take a reaally long time because its a lot of data and this is not a very powerful PC. What tool can use to do this on Linux?Read the article
-
Howto: SaaS / PHP Application / Tenants / Security
- by Ben Fransen
Hi all, Being completely new in the webhostingcorner I have a few questions on how to implement/setup a webserver for a SaaS application. I'm about to rent my own server for a new product (CMS) I'm launching in two months. Developing the system wasn't that much of wild ride to me, but a correct way to implement it, is. So lets say this is my situation: I want to host 10 websites for 8 clients. There are 6 single sites, and two clients have two websites they can manage with my software. The CMS must be placed on the server too, all clients are connecting to 1 system The database must be placed Depending on the contract a client makes, the client gets some storage. How to measure the used storage over the DB, FileSystem and email Clients may not, in any case be able to somehow get outside their directory, but from the CMS directory the CMS must be able to create files and dirs in a clients directory (for templates, imagegalleries, widgets, etc, etc). I was thinking about something like a dirstructure like this: ./CMS/ [all CMS files] ./Websites/*/ [all websites] My hostingprovider will install updates to the os (CentOS, latest) and the admin panel (Direct Admin). Is there anybody with experience on this topic? Or do you have some thoughts about it? please join the conversation since I'm completely new to this. BenRead the article
-
Understanding Security Certificates (and thier pricing)
- by John Robertson
I work at a very small company so certificate costs need to be absolutely minimal. However for some applications we do Need to have our customers get that warm fuzzy not-using-a-self-signed certificate feeling. Since creating a "certificate authority" with makecert really just means creating a public/private key pair, it seems pretty clear that creating a public/private key pair FROM such a "certificate authority" really just means generating a second public/private key pair and signing both with the private key that belongs to the "certificate authority". Since the keys are signed anyone can verify they came from the certificate authority I created, or if verisign gave me the pair they sign it with one of their own private keys, and anyone can use verisigns corresponding public key to confirm verisign as the source of the keys. Given this I don't understand when I go to verisign or godaddy why they have rates only for yearly plans, when all I really want from them is a single public/private key pair signed with one of their private keys (so that anyone else can use their public keys to confirm that, yes, they gave me that public/private key pair and they confirmed I was who I said I was so you can trust my public/private key pair as belonging to a legitimate third party). Clearly I am misunderstanding something, what is it? Does verisign retire their public/private key pairs periodically so that my verisign signed key pair "expires" and I need new ones? Edit: I learned that the certificate has an internal expiration date and it also maintains an internal value stating whether it can be used to sign other certificates (i.e. sign other private/public key pairs stored as certificates). Can't I get a few (even one) non-signing certificate signed by someone like verisign that I can use for authentication/encryption without a yearly subscription?Read the article
-
Suggestions for sharing and using data between Ubuntu and Windows 7 dual boot
- by wizjany
Note: TL;DR, scroll to bottom for summary. I recently set up my computer for a dual boot between Ubuntu 9.10 and Windows 7. My current drive setup is as follows. | A1 | A2 | | B1 | B2 | B3 | A1: 100 mb, windows 7 "System Reserved" boot partition A2: 230 gb, data section, this one needs to be shared between the operating systems B1: 125 gb, windows 7 OS B2: 123 gb, ubuntu OS B3: 2gb, linux swap space Pretty much i want to have my documents, music, pictures, videos, etc accessible from both operating systems. My first attempt involved making the data (a2) partition NTFS, and moving my home folder from ubuntu to the data partition. However, as I read NTFS does not work nice with permission, and it messed up my home folder. My next idea is one of the following: 1) format the data partition to ext2/3/4 and move my home folder from linux there, and get a driver to read ext partitions in windows 7. The problem with that is that most of the ext drivers/software are not compatible with windows 7 or do not integrate with windows explorer (I really don't want to open a separate software window just to access my data, plus it's probably not compatible with other software.) http://www.fs-driver.org/ looks promising, but I'm not sure how it works with ext4 and windows 7 (not officially supported, when trying in vista compatibility mode, it tells me I need to format the ext drive to use it). My next idea, 2) keep the home folder in ubuntu where it is, but create symlinks for the Documents, Music, etc folders to an NTFS formatted Data (A2) partition, and add those locations to the windows 7 libraries. I'm not totally sure how the permissions would work out, but it should be fine since it's only the documents, music, etc and not the important config files in the rest of /home/user/. Correct me if I'm wrong. Currently, symlinks is my best idea, although i'm not sure how it will work. Any suggestions, additions to my ideas, links, pointers, whatever would be greatly appreciated. Even if it means i should reformat both my drives and repartition (2 250gb drives if you want to suggest a setup for that), I won't be too opposed if that's the best suggestion (I've gone through the format/install/format/reinstall process 5 times over the past 3 days, once more won't hurt me). TL;DR, summary: I have two hard drives. One is partitioned for Ubuntu and Windows 7, the second one I want accessible to both operating systems to store documents, music, pictures, videos, etc. Suggestions on how to set up the data drive please =) P.S. bonus if I can get an apache server document root folder working between the two OS's as well (permissions could become very complicated, so don't worry too much about that) P.P.S. Related question, but data viewing is one way: http://superuser.com/questions/84586/partition-scheme-and-size-for-dual-boot-windows-7-and-ubuntu-9-10-with-separate-pRead the article
-
SOHO Netflix and network security
- by TW
I want to use WIFI for HiDef video, but I don't trust it for my office PC's. I've heard of VLANs but I have no idea how to set it up or what (SOHO) hardware to buy. Other than getting 2 different DSL lines, how can I be absolutely sure that the PC side doesn't get hacked? What if I want to use MS Home server as a backup device for both sides? Can I make it "read only" for the PC side, and physically change the cable if I need to restore? TWRead the article
-
Jungledisk file transfer security
- by JC
Does JungleDisk use https for file transfers? If so, does this mean a 3rd party cannot intercept content or even file names of files being backed up? (assume JungleDisks encrypt option is not being used)Read the article
-
Networked filesystem with user level security for linux
- by Konrads
Hi, I want to enable file sharing between servers and clients, both linux. I don't want to rely on machine trust like in NFSv4 because client users will have root privileges. What are my options besides SMB (SAMBA)? Does OpenAFS support user level authentication & access? Using mounted WebDAV/ftp/sshfs seems silly for LAN.Read the article
-
Security: Managing network shares remotely on Ubuntu?
- by Industrial
Hi everyone, I am about to setup a home network server running Ubuntu Server and I'm currently a bit worried about how to handle network shares and permissions in a good way. After working a bit lately with Netgears ReadyNAS's units, I have become really spoiled with how easy it was to set up network shares and giving a specific user different levels of network access to a specific share (forbidden access, read, read/write). How would I accomplish the same with my Ubuntu server through SSH? Thanks a lotRead the article
-
VS 2010 Security Warning When Opening My Own Projects
- by Zian Choy
Whenever I try to open my own projects in VS 2010 Express, I get the following message: You should only open projects from a trustworthy source I can click OK on the message and open the solution, but I would prefer to not get warned every time I open my solution. The files were not downloaded from the Internet; they are sitting right on my department's network drive. There's nothing to unblock if I look at the Properties window for the project file. Any tips for squashing this bug will be appreciated.Read the article
-
Maximum speed of data transmission
- by JavaRocky
All major data carriers these days use fiber optic links these days. And data transmission occurs at the speed of light, is that correct? If data transmission does indeed occur at the speed of light, is it also correct to assume that data transmission will never ever be faster?Read the article
-
Can I grant permissions on files in windows 7 using a security identifier from another machine
- by Thomas
I have an external hard drive, and I wish to grant permissions on some files to users from 2 different computers without having to hook it up to the 2 different computers. I know the SID of the user on the other computer, I'd like to know if and how I can grant permissions to files using the SID. I'm running Windows 7 Professional 64 bits, and "The Other" computer Win 7 Home Premium 64 bits, they are not in a domain, but separate computers on a home network (not even same homegroup). Note: Duplicated question with: Is there a way to give NTFS file permissions to users from other Windows installations?Read the article
-
Backing up data stored on Amazon S3
- by Fiver
I have an EC2 instance running a web server that stores users' uploaded files to S3. The files are written once and never change, but are retrieved occasionally by the users. We will likely accumulate somewhere around 200-500GB of data per year. We would like to ensure this data is safe, particularly from accidental deletions and would like to be able to restore files that were deleted regardless of the reason. I have read about the versioning feature for S3 buckets, but I cannot seem to find if recovery is possible for files with no modification history. See the AWS docs here on versioning: http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectVersioning.html In those examples, they don't show the scenario where data is uploaded, but never modified, and then deleted. Are files deleted in this scenario recoverable? Then, we thought we may just backup the S3 files to Glacier using object lifecycle management: http://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html But, it seems this will not work for us, as the file object is not copied to Glacier but moved to Glacier (more accurately it seems it is an object attribute that is changed, but anyway...). So it seems there is no direct way to backup S3 data, and transferring the data from S3 to local servers may be time-consuming and may incur significant transfer costs over time. Finally, we thought we would create a new bucket every month to serve as a monthly full backup, and copy the original bucket's data to the new one on Day 1. Then using something like duplicity (http://duplicity.nongnu.org/) we would synchronize the backup bucket every night. At the end of the month we would put the backup bucket's contents in Glacier storage, and create a new backup bucket using a new, current copy of the original bucket...and repeat this process. This seems like it would work and minimize the storage / transfer costs, but I'm not sure if duplicity allows bucket-to-bucket transfers directly without bringing data down to the controlling client first. So, I guess there are a couple questions here. First, does S3 versioning allow recovery of files that were never modified? Is there some way to "copy" files from S3 to Glacier that I have missed? Can duplicity or any other tool transfer files between S3 buckets directly to avoid transfer costs? Finally, am I way off the mark in my approach to backing up S3 data? Thanks in advance for any insight you could provide!Read the article
-
Norton security Suite
- by Debbie
Receive Blue ScreenRead the article
-
Jenkins: Accessed denied after turning on global security. How to revert?
- by serverFaulter
Need help figuring this one out. How can I fix this issue? I think I enabled global security and saw this error immediately. (while accessing localhost:8080 I get the following...) A problem occurred while processing the request. Please check our bug tracker to see if a similar problem has already been reported. If it is already reported, please vote and put a comment on it to let us gauge the impact of the problem. If you think this is a new issue, please file a new issue. When you file an issue, make sure to add the entire stack trace, along with the version of Jenkins and relevant plugins. The users list might be also useful in understanding what has happened. Stack trace hudson.security.AccessDeniedException2: anonymous is missing the Overall/Read permission at hudson.security.ACL.checkPermission(ACL.java:54) at hudson.model.Node.checkPermission(Node.java:418) at jenkins.model.Jenkins.getTarget(Jenkins.java:3658) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:656) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:858) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:631) at org.kohsuke.stapler.Stapler.service(Stapler.java:225) at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:686) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1494) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:96) at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:88) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:48) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:46) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1474) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) at org.eclipse.jetty.server.Server.handle(Server.java:370) at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489) at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:949) at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1011) at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644) at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235) at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668) at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918) at java.lang.Thread.run(Thread.java:695)Read the article
-
Cannot clear away BitDefender Internet Security system tray message
- by unknown (google)
I have BitDefender IS 2008 installed on my PC. In the last few days I have noticed the taskbar icon grumbling 1 issue requires your attention The Real-Time File Scanning is disabled and no amount of clicking "Fix" solved this issue. I have tried umpteen reboots and what have you. I really don't want to uninstall and re-install BitDefender (unless there's no other way out). How do I clear away the notification message?Read the article
-
face book security problem
- by SHAN
*- Please review recent activity on your Facebook account "Your account was recently accessed from a location we're not familiar with. For your protection, please review your recent activity to make sure no one is using your Facebook account without permission. Reviewing your activity takes just a few moments. We'll start by asking you a couple of questions to confirm that this is your account. (If we recognize your computer, you'll be able to skip this step.)" WHEN I TRY TO LOG MY FACE BOOK PROFILE;ABOVE MESSAGE DISPLAYING....WHAT IS A REASON FOUR THIS MATTER? AND AFTER I CLICKED CONTINUE BUTTON SHOW SOME 4TO MY FB FRIENDS BUT I EXACTLY CANT RECOGNIZE THESE 4TOES.. BECAUSE OF THAT I CANT LOG MY FB PROFILE.NOW HOW I LOG TO MY FB PROFILE...?? PLZ HELP ME SOLVE THIS PROBLEM...!!Read the article
-
Symantec Gateway Security 320 VPN/Port Forwarding trouble
- by Owl
How do I check to see if port forward is enabled with one of my dynamic tunnels on this device? I'm having trouble using a feature in our software that requires a vpn to be used. My firewalls shows it as connected but I'm unable to ping the subnet ip. Our software vendor told me that port forwarding might be causing this problem, but I didn't set up this network I'm on and I don't fully know symantec hardware.Read the article
-
Outlook Security Alert following Exchange 2007 upgrade to SP2
- by desiny
Following an update to Exchange 2007 sp2 (yes I know very belated) I have an issues when logging onto Outlook. I see the below message... I also had a simlar issues with web access and as I am at home with IIS, this was easily solved. However I did notice that the server contains a number of keys for autodiscover.mycompamy.com, exchange.mycompamy.com etc and it seems that the SP2 upgraded didnt know how to deal with this. As I have a wildcard ssl, I think it would be prudent to remove all other certificates, however in order to stop the nag when opening outlook - what can I do?Read the article
