Search Results

Search found 30556 results on 1223 pages for 'internet security'.

Page 23/1223 | < Previous Page | 19 20 21 22 23 24 25 26 27 28 29 30  | Next Page >

  • Where should I redirect (removed) phishing pages

    - by tinjaw
    I was unfortunately the victim of a PHP exploit. Looking through my webserver logs, people are still attempting to reach the URL used in the phish. I want to redirect them to a site that will educate these people on what phishing is. My question: Is there a (generic / vendor-neutral) phishing education website that you suggest I send them to with a 301 redirect? (I assume a 301 is the best option.)

    Read the article

  • Filtering content from response body HTML (mod_security or other WAFs)

    - by Bingo Star
    We have Apache on Linux with mod_security as the Web App Firewall (WAF) layer. To prevent content injections, we have some rules that basically disable a page containing some text patterns from showing up at all. For example, if an HTML page on webserver has slur words (because some webmaster may have copied/pasted text without proofreading) the Apache server throws a 406 error. Our requirement now is a little different: we would like to show the page as regular 200, but if such a pattern is matched, we want to strip out the offending content. Not block the entire page. If we had a server side technology we could easily code for this, but sadly this is for a website with 1000s of static html pages. Another solution might have been to do a cronjob of find/replace strings and run them on folders en-masse, maybe, but we don't have access to the file system in this case (different department). We do have control over WAF or Apache rules if any. Any pointers or creative ideas?

    Read the article

  • How can I check Internet connectivity in a console?

    - by Ashfame
    Is there an easy way to check Internet connectivity from console? I am trying to play around in a shell script. One idea I seem is to wget --spider http://www.google.co.in/ and check the HTTP response code to interpret if the Internet connection is working fine. But I think there must be easy way without the need of checking a site that never crash ;) Edit: Seems like there can be a lot of factors which can be individually examined, good thing. My intention at the moment is to check if my blog is down. I have setup cron to check it every minute. For this, I am checking the HTTP response code of wget --spider to my blog. If its not 200, it notifies me (I believe this will be better than just pinging it, as the site may under be heavy load and may be timing out or respond very late). Now yesterday, there was some problem with my Internet. LAN was connected fine but just I couldn't access any site. So I keep on getting notifications as the script couldn't find 200 in the wget response. Now I want to make sure that it displays me notification when I do have internet connectivity. So, checking for DNS and LAN connectivity is a bit overkill for me as I don't have that much specific need to figure out what problem it is. So what do you suggest how I do it?

    Read the article

  • After virus, IE and Chrome don't work but Firefox does.

    - by Erich
    I recently got rid of a virus on my laptop. Afterwards everything seems to be working fine except for some internet connectivity problems. Internet Explorer and Chrome won't display an webpages, Firefox does but I can't update it to the most recent version. I've also noticed that some of the gadgets on Google Gadgets don't work properly. My internet connection is working fine, especially since I can get to websites via Firefox. I have tried to re-install IE and Chrome, but there was no change. What has caused this and how can I fix it?

    Read the article

  • practical security ramifications of increasing WCF clock skew to more than an hour

    - by Andrew Patterson
    I have written a WCF service that returns 'semi-private' data concerning peoples name, addresses and phone numbers. By semi-private, I mean that there is a username and password to access the data, and the data is meant to be secured in transit. However, IMHO noone is going to expend any energy trying to obtain the data, as it is mostly available in the public phone book anyway etc. At some level, the security is a bit of security 'theatre' to tick some boxes imposed on us by government entities. The client end of the service is an application which is given out to registered 'users' to run within their own IT setups. We have no control over the IT of the users - and in fact they often tell us to 'go jump' if we put too many requirements on their systems. One problem we have been encountering is numerous users that have system clocks that are not accurate. This can either be caused by a genuine slow/fast clocks, or more than likely a timezone or daylight savings zone error (putting their machine an hour off the 'real' time). A feature of the WCF bindings we are using is that they rely on the notion of time to detect replay attacks etc. <wsHttpBinding> <binding name="normalWsBinding" maxBufferPoolSize="524288" maxReceivedMessageSize="655360"> <reliableSession enabled="false" /> <security mode="Message"> <message clientCredentialType="UserName" negotiateServiceCredential="false" algorithmSuite="Default" establishSecurityContext="false" /> </security> </binding> </wsHttpBinding> The inaccurate client clocks cause security exceptions to be thrown and unhappy users. Other than suggesting users correct their clocks, we know that we can increase the clock skew of the security bindings. http://www.danrigsby.com/blog/index.php/2008/08/26/changing-the-default-clock-skew-in-wcf/ My question is, what are the real practical security ramifications of increasing the skew to say 2 hours? If an attacker can perform some sort of replay attack, why would a clock skew window of 5 minutes be necessarily safer than 2 hours? I presume performing any attack with security mode of 'message' requires more than just capturing some data at a proxy and sending the data back in again to 'replay' the call? In a situation like mine where data is only 'read' by the users, are there indeed any security ramifications at all to allowing 'replay' attacks?

    Read the article

  • How to propagate spring security login to EJBs?

    - by tangens
    Context I have a J2EE application running on a JBoss 4.2.3 application server. The application is reachabe through a web interface. The authentication is done with basic authentication. Inside of the EJBs I ask the security context of the bean for the principal (the name of the logged in user) and do some authorization checks if this user is allowed to access this method of the EJB. The EJBs life inside a different ear than the servlets handling the web frontend, so I can't access the spring application context directly. Required change I want to switch to Spring Security for handling the user login. Question How can I propagate the spring login information to the JBoss security context so I can still use my EJBs without having to rewrite them? Ideas and links I already found a page talking about "Propagating Identity from Spring Security to the EJB Layer", but unfortunatelly it refers to an older version of Spring Security (Acegi) and I'm not familiar enough with Spring Security to make this work with the actual version (3.0.2).

    Read the article

  • What should every programmer know about security ?

    - by M.H
    I am an IT student and I am now in the 3rd year in university,until now we are studing a lot of subjects related to computer in general (Programming,Algorithms,Computer architecture,maths....etc). But there is a whole world called security we are very far from it ,I mean here security in general(Computers Security,Interner Security,Networks Security,hacking,cracking...etc). I am very sure that nobody can learn every thing about security but sure there is a "minimum" knowledge every programmer or IT student should know about it and my question is what is this minimum knowledge ? can you suggest some E-books or courses or any thing can help to start with this road ?

    Read the article

  • Java embedded applet page security, how to properly meet its recquirements?

    - by meds
    If I have an applet embedded in a webpage and I want it to connect to server side software (also written in Java) how can I do this properly on a windows machine running local host? Would I have to run the java application from within the localhost directory and access the applet html from a browser (i.e. localhost/applet.html)? From what I undestand if you don't have everything setup correctly you won't be able to connect because of Java's security requirements. Thanks for any help :)

    Read the article

  • What is the difference between safety and security?

    - by Lernkurve
    Question What is the difference between safety and security in the context of information management or computer science? Elaboration This could be the canonical answer for people searching for it. Let me know if superuser.com is the wrong site for this question. I have, of course, googled it and haven't found an answer that seemed short and to the point. Wikipedia wasn't very helpful either: safety, information security.

    Read the article

  • Internet Explorer 10 (Metro App) on Windows 8 Pro (RTM) crash

    - by ferpaz
    Internet Explorer 10 (Metro App) on Windows 8 Pro (RTM) does not start and crash with this error: Log Name: Application Source: Application Error Date: 27/08/2012 19:21:29 Event ID: 1000 Task Category: (100) Level: Error Keywords: Classic User: N/A Computer: DELL-OPE3.red.aseinfo.com.sv Description: Faulting application name: iexplore.exe, version: 10.0.9200.16384, time stamp: 0x50107ebe Faulting module name: iertutil.dll, version: 10.0.9200.16384, time stamp: 0x50109c90 Exception code: 0xc0000005 Fault offset: 0x0000000000172f0b Faulting process id: 0xadc Faulting application start time: 0x01cd84bb737cfa16 Faulting application path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: C:\WINDOWS\system32\iertutil.dll Report Id: b1597df3-f0ae-11e1-be78-88532e15da73 Faulting package full name: Faulting package-relative application ID: Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Application Error" /> <EventID Qualifiers="0">1000</EventID> <Level>2</Level> <Task>100</Task> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2012-08-28T01:21:29.000000000Z" /> <EventRecordID>7612</EventRecordID> <Channel>Application</Channel> <Computer>DELL-OPE3.red.aseinfo.com.sv</Computer> <Security /> </System> <EventData> <Data>iexplore.exe</Data> <Data>10.0.9200.16384</Data> <Data>50107ebe</Data> <Data>iertutil.dll</Data> <Data>10.0.9200.16384</Data> <Data>50109c90</Data> <Data>c0000005</Data> <Data>0000000000172f0b</Data> <Data>adc</Data> <Data>01cd84bb737cfa16</Data> <Data>C:\Program Files\Internet Explorer\iexplore.exe</Data> <Data>C:\WINDOWS\system32\iertutil.dll</Data> <Data>b1597df3-f0ae-11e1-be78-88532e15da73</Data> <Data> </Data> <Data> </Data> </EventData> </Event> Any suggestions?

    Read the article

  • Automatically Applying Security Updates for AWS Elastic Beanstalk

    - by Eric Anderson
    I've been a fan of Heroku since it's earliest days. But I like the fact that AWS Elastic Beanstalk gives you more control over the characteristics of the instances. One thing I love about Heroku is the fact that I can deploy an app and not worry about managing it. I am assuming Heroku is ensuring all OS security updates are timely applied. I just need to make sure my app is secure. My initial research on Beanstalk shows that although it builds and configures the instances for you, after that it moves to a more manual management process. Security updates won't automatically be applied to the instances. It seems there are two areas of concerns: New AMI releases - As new AMI releases hit it seems we would want to run the latest (presumably most secure). But my research seems to indicate you need to manually launch a new setup to see the latest AMI version and then create a new environment to use that new version. Is there a better automated way of rotating your instances into new AMI releases? In between releases there will be security updates released for packages. Seems we want to upgrade those as well. My research seems to indicate people install commands to occasionally run a yum update. But since new instances are created/destroyed based on usage it seems that the new instances would not always have the updates (i.e. the time between the instance creation and the first yum update). So occasionally you will have instances that aren't patched. And you are also going to have instances constantly patching themselves until the new AMI release is applied. My other concern is that perhaps these security updates haven't gone through Amazon's own review (like the AMI releases do) and it might break my app to automatically update them. I know Dreamhost once had a 12 hour outage because they were applying debian updates completely automatically without any review. I want to make sure the same thing doesn't happen to me. So my question is does Amazon provide a way to offer fully managed PaaS like Heroku? Or is AWS Elastic Beanstalk really more of just a install script and after that you are on your own (other than the monitoring and deployment tools they provide)?

    Read the article

  • Security update in command line on Ubuntu

    - by Luc
    Hello, I can find anything on google that could help me to use aptitude to only install security update using command line on Ubuntu. I tried this: https://help.ubuntu.com/community/AutomaticSecurityUpdates but it installed everything and not only the security updates !!!! Thanks a lot for your help, Luc

    Read the article

  • Use SECEDIT to export "Security Options" from one computer and import on another

    - by Andy Arismendi
    Can I use secedit.exe to export out the "Security Options" from the local security policy and then import them on another machine? I'm trying to do this on Windows Server 2008. Update I just tried with: secedit /export /db C:\andy.db /cfg C:\andy.inf /areas SECURITYPOLICY /log C:\andy.log But it didn't work with error: Warning 2: The system cannot find the file specified. Error opening C:\andy.db. Where do I get the DB file from?

    Read the article

  • Microsoft Security Essentials howto auto download definition updates

    - by chris.nullptr
    I use Microsoft Security Essentials as my antivirus on my Win7 box. New virus definitions to Security Essentials are installed using Windows Update. However, the updates are marked as optional by default, as opposed to important which means that they don't get installed automatically. I have to select the updates from the list of optional updates and install them manually. Is there a way to change this behavior so that new definitions are marked as important and installed automatically?

    Read the article

  • Internet cafe software for linux

    - by pehrs
    I have gotten a request to roll out a total of 8 internet cafe's in a large network. Budget is non-existent as it will all be done for a non-profit. I was planing to use Ubuntu and live-cds to minimize the amount of management required, but I can't seem to find any suitable internet cafe system that is Ubuntu based. The requirements are pretty basic: It needs to keep track of logged in time and log out users when their time it up. No billing will be done, it will just be used to ensure people can share the computers fairly. It should be possible to force logout from a central system. Users will be unskilled, so it has to have a GUI. What (preferably free, considering the shoe-string budget) software would you suggest to manage this?

    Read the article

  • Windows security unknown accounts: security breach?

    - by Keikoku
    I was uploading some images I had just created to imgur earlier today and noticed that chrome couldn't access my Pictures folder. Windows tells me access was denied. Firefox didn't have an issue though I went to it through windows explorer and it worked fine, and looked at the security tab under properties and noticed that there were four unknown accounts, one of which has full control privileges. I looked at my other folders in the same drive and none of them had these unknown accounts. It was only that specific Pictures folder, and all of its subfolders. What are these unknown accounts and what could it mean? Should I be worried that someone may have compromised the system (well, I should probably be worried about that all the time I guess) I read on microsoft support forums that it may be the result of a previously deleted account, but there has only been one account on this computer for months and no user account management has been performed for awhile.

    Read the article

  • Bandwidth Control on our Internet Connection

    - by AlamedaDad
    Hi all, I have Covad dual/bonded T1 service in our office coming through a Cisco 1841 and then through a Sonicwall 3060Pro/Enhanced SW firewall. The problem I'm looking for some input on is how to limit the amount of bandwidth any single user/PC can user for downloading a file from the Internet. It's become an issue that when one person happens to download let's say an ~300MB file, normal internet access for the other employees slows to a crawl. I've seen through MRTG that in fact usage of the circuit jumps to the full 3mb for the duration of the download and then drops. Is it possible to control this? I'm not familiar with QOS or the like so I'm not sure. Any help on this would be appreciated. Thanks...Michael

    Read the article

  • My 5.1 audio system not working properly when I connect to Internet

    - by Gemboz
    I just bought a Genuis 5005 5.1 audio system, and I have an issue with it: It won't work properly when I get on the Internet (the central speaker isn't working). I also bought an Asus Xonar DG 5.1 sound card which works perfectly. I installed it and also installed the driver for it. When I play music/videos from my hard drive, all the speakers work fine, but when I connected to Internet to play videos/music, the center speaker won't work. How can I fix this issue?

    Read the article

  • Ideas for campus Internet Login mechanism?

    - by miCRoSCoPiCeaRthLinG
    Hello, I work at this university and I'm seeking an effective solution for an internet login mechanism. We have a leased-link at our campus, which is shared by both staff & students. All systems (desktops + laptops + handhelds) connect to the internal network via wifi and can then get onto the net. However, a local govt. regulation requires us to keep track of individual internet usage and hence we need a solution (pref. free / opensource) that'll enable us to implement some sort of an authentication mechanism once a user hooks onto the network. One requirement is that the software should be able to authenticate either against LDAP or some other custom user database (MySQL based) or both. Can anyone suggest any such software or mechanism? Most of our servers are Linux based... so something that runs off such a platform will be good. Thanks, m^e

    Read the article

  • Dlink DIR-615 suddenly stops working - Orange internet light

    - by zm15
    I unplugged my Dlink DIR-615 router last night from the wall due to a storm rolling in. I've done this countless times, no problem. However, when I went to plug it in and use the internet today, nothing. Check everything, cycled everything. Hard reset the router, nothing. The little globe on the front is red/orange, and it should be green. Windows gives me an error of a "DNS Issue", and the internet works when connected directly to the modem. How can I fix this issue? Why would it suddenly stop working?

    Read the article

  • How to diagnose "Internet explorer cannot display the webpage"

    - by Colen
    Our web site is working great for 99.99% of our users, but a few people (all of whom use Internet Explorer) are running into an error. Most pages on the site load fine, but for one specific page (the same page for all affected users), all they get is: Internet explorer cannot display the webpage It doesn't matter whether the page is accessed over http or https - it fails to load either way. Every other page on the site, as far as I can tell, works fine for them. Not only that, the same users can load that specific page fine in Firefox. I've checked the web server logs and I can't find any smoking guns there. The site is running IIS on Windows Server 2003. Is there any way to get IE to give the user more information than just "cannot display the web page"? There's a "More information" button, but all it tells you is to make sure that your DNS servers are working, make sure you're not working offline, etc. :(

    Read the article

  • Computer and internet use on a boat?

    - by dlamblin
    Let's assume that I seriously would like to be able to use my computer as easily and as carefreely while on a boat as I do while at home. In short, if I were on a boat for extended periods, such as two weeks at a time and occasionally over a few days out of port (this would be a 2 person sailing vessel), what would my options be for power, durability, and of course, internet access? I want more than just email, as I will likely keep doing a tad of development, and will be looking at google earth from time to time. I am already assuming that we're going with some kind of laptop, maybe even a macbook pro 12". I personally feel that netbooks are underpowered. And the last computer that I got a boat-friendly rating for was a ZX Spectrum, which was before the internet, and was likely due to it's 12vdc-happiness.

    Read the article

< Previous Page | 19 20 21 22 23 24 25 26 27 28 29 30  | Next Page >