Search Results

Search found 1426 results on 58 pages for 'risk'.

Page 25/58 | < Previous Page | 21 22 23 24 25 26 27 28 29 30 31 32 | Next Page >

Securing RDP access to Windows Server 2008 R2: is Network Level Authentication enough?

- by jamesfm

I am a dev with little admin expertise, administering a single dedicated web server remotely. A recent independent security audit of our site recommended that "RDP is not exposed to the Internet and that a robust management solution such as a VPN is considered for remote access. When used, RDP should be configured for Server Authentication to ensure that clients cannot be subjected to man-in-the-middle attacks." Having read around a bit, it seems like Network Level Authentication is a Good Thing so I have enabled the "Allow connections only from Remote Desktop with NLA" option on the server today. Is this acion enough to mitigate the risk of a Man-in-the-Middle attack? Or are there other essential steps I should be taking? If VPN is essential, how do I go about it?

Read the article
UPS for hard drive protection

- by dimi

I am in a place where electricity is not ideal (old house, no ground), sometimes it occasionally shuts down and supposedly there are some spikes. I consider using UPS with the goal to increase safety of my personal data. My first priority is the health of my internal and external USB hard drives which can be damaged due to possible power instability. I do not care that much about possible losses of not-saved work, instead I just want to let my system have a minimum time to turn off without any risk of physical damaging my hard drives. Would a cheap offline UPS suit my neads? Or do i need a better one with automatic voltage regulator (AVR)? How critical is AVR for the hard drives? The external ones require their own power supplies and will be plugged directly into UPS.

Read the article
Enable file download via redirect in IE7

- by Christian W

Our application enables our customers to download files to their computer. The way I have implemented it is using asp.net with a dropdown. When the user clicks the dropdown they get the choice of "PDF","Powerpoint", and a couple of other choices depending on circumstances. Then, in postback depending on the choice the user made, it will return a file (changing the content-header and such and then bitbanging a file to the user). This works perfectly in all browsers, but IE7 complains that this is a security risk and blocks the download. Is there any way for the users to authorize downloads from our webapplication?

Read the article
Preferred OS for hosting Tomcat servlet container

- by dacracot

I know that I'm taking a risk, pitting the differing OS religions against each other, but I would like professional opinions about hosting a servlet container. In my case the container is set, we will be using Tomcat. But what is in question is the hosting operating system. We have administrators experienced in Windows Server 2003. We have developers experienced in Solaris, OSX, and Linux. There is no warring between these groups, just a question of who will ramp up through the learning curve necessary to use the OS that they are unfamiliar with. So given all the cooperative spirit, we are struggling with how to find the most efficient path. I had already cross-posted this question here.

Read the article
Saving a compressed text attachment results in empty file

- by Brandon

I have a text document with compressed text in it, the text is auto generated by a program. The text document is fine on my machine (Vista 32-bit), and can be used normally. The other person can also create and use these files just fine. (XP 32-bit) However when I email it to someone else (Outlook 2003 on both machines) the attachment is sent fine (5kb) but when the other person tries to save it somewhere, the saved file is empty. (64b) At first I thought Outlook didn't like compressed text files (security risk maybe?), but I can receive the text files just fine. Is there a setting somewhere on the other persons machine that tells Outlook not to trust compressed text? Can anyone think of a reason why these files are being saved as empty text documents?

Read the article
Can I disable Pam Loginuid? Can I find out options used to configure kernel?

- by dunxd

I am getting a lot of the following types of error in my secure log on a CentOS 5.4 server: crond[10445]: pam_loginuid(crond:session): set_loginuid failed opening loginuid sshd[10473]: pam_loginuid(sshd:session): set_loginuid failed opening loginuid I've seen discussion of this being caused when using a non-standard kernel without the correct CONFIG_AUDIT and CONFIG_AUDITSYSCALL options set. Where this is the case, it is advised to comment out some lines in the pam.d config files. I am running a Virtual Private Server where I need to use the kernel provided by the supplier. Is there a way to find out what options they used to configure the kernel? I want to verify if the above is the cause. If this turns out not to be the cause, what are the risk of disabling pam_loginuid for crond and sshd?

Read the article
CentOS 5.5 x86_64 VPS - A lot of inbound traffic when idle?

- by Matt Clarke

I have a CentOS VPS from UKWSD and I'm getting inbound traffic that I cannot understand. The VPS was setup yesterday and I installed vnstat this morning around 10am, since then the server was basically idle and doing nothing from 12pm but it's showing activity inbound which is way over what it should be and i'd say the outbound is pretty much over to top too. Here is vnstat (snapshot taken at 10:30pm GMT) http://i.imgur.com/XnORb.jpg Here is the iptables http://pastebin.com/uGxX2Ucw The reason I'm concerned is.. 1) I have no idea why this is happening, and I like to know what's going on :D 2) I've calculated (briefly) that this pointless traffic would use around 15-20GB of bandwidth per month, and when your on a 150GB limit - it's quite an issue. I'm struggling to understand this and I thought I'd get some advice before asking my ISP (and risk looking completely stupid) Regards Matt

Read the article
What is the best way to create RAID 1?

- by user3125731

I'm looking for a way to create the RAID 1 array without losing my data on CentOS. Here's my situation: I've got a web server running on CentOS. There is one VG partition with few LV volumes. I bought a second HDD (the same model and size as the first one) and I want to create the RAID 1 configuration. I can't just shut down this server for more than an hour because my clients will be disappointed. I need to do this as quickly as possible with minimal risk of data loss.

Read the article
Windows server 2008 UPS support

- by Rory McCune

I'm looking to set-up a UPS on a Windows Small Business Berver 2k8 and I've noticed that there are some large price differences for similar capacity in-line UPSs. The most important point for me in UPS selection is that the server should have the ability to shut itself down before the UPS power runs out, so that if the server is unattended during the outage, it should minimize the risk of data loss. From some reading it appears that Windows Server 2008 should has the ability to natively recognise a UPS, which can then be managed through the battery settings on the server or via WMI. What I'm wondering if anyone know is, Is Windows 2008 servers UPS support specific to certain brands of UPS (eg, APC) or is it likely to work with any UPS which has a USB port, which I can connect to the server?

Read the article
Re-downloading Microsoft SQL Server 2008 Standard because of license issues?

- by James Watt

I have many clients who have purchased Microsoft SQL Server 2008 Standard. Unlike other Microsoft software, there is not a serial number provided for each customer to install the software. Futhermore, Microsoft's TechNet website lists this information about SQL Server instead of providing a key: "This product is pre-pidded." This means that the configuration file for SQL server contains your serial number instead of manually entering it. My question is then: does this serial change for each customer? The reason I ask: I'd rather not download a 3.2GB disc image over and over again for each of my customers individually. But, I don't want to risk using the same image over and over again resulting in Microsoft banning the serial for over use (as opposed to each customer using their copy with THEIR serial number.) Thanks in advance.

Read the article
Sending large files - do any vendors sell their solution?

- by Rob Nicholson

We currently have an account with www.mailbigfile.com to allow us to send & receive files which exceed our client's email limits. In our industry, a 10MB limit is not unknown. Mailbigfile works fine for what it is but increasingly, our clients are starting to block it as a security risk. A solution would be for us to license the software and run it from our own web server which is far less likely to be blocked. Does anyone know of vendors in this market? We are looking at web collaboration systems but that's a much bigger project. The technology behind www.mailbigfile.com isn't that complex (http upload, email notification and then http download) so I'm hoping it won't be very expensive. Cheers, Rob.

Read the article
Can I disable certificate error/warning in Firefox/Chrome/Internet Explorer?

- by Poni

Exactly as the title says; I don't mind which browser, I just want to type "https://........" and see the page normally without any certificate error, knowing that I might risk myself by allowing an invalid certificate! It seems like every browser producer thinks he knows better than me, the Super User !! =) Now, does anyone know how to remove warning/error related to this? In any of these browsers (Firefox/Chrome/Internet Explorer/[you-may-suggest])? Oh, and don't advise me a workaround like adding to exceptions. Please don't mention that. I'd highly appriciate a concise & precise answer! Edit: The answer I seek concerns ONLY the browser. No third-party objects to be used.

Read the article
Need to detect the same application open on another computer on the network. Any software around tha

- by Joe Schmoe

I have a time management application that I use at home quite a lot and have running most of the time. At home, I have a desktop PC and a couple of laptops scattered around the house...all networked together. Unfortunately, the application I use is not multi-user and I risk losing/corrupting data if it has been left running on one computer inadvertently while I start using it on another one in another part of the house. I use Live Mesh to automatically keep the application's database synced across the different computers and I just need some way of making sure that I don't start using the application on another computer before closing it down on the previous one. Anyone know of any Windows software that can detect if an application is running simultaneously on different computers on my network, and warn me if I am about to have two open at the same time?

Read the article
Exporting a VM running as a Domain Controller

- by AndyM

There is a Microsoft KB article that talks about best practices for running a DC on a VM. One of the notes is "Do not use the Export feature on a virtual machine that is running a domain controller". In order to export a VM, the VM needs to be turned off. If you turn off a DC VM, export it, import it on another server and then power the VM back on, there should be no risk as long as the original (exported) VM is never powered back on. Can someone explain to me why this isn't supported? After doing some searching on Google, the sites I found just regurgitated this line from the KB article, but didn't offer any explanation as to why this isn't supported.

Read the article
Unable to FTP, any ideas?

- by Nick

I'm using Windows Server 2003. I have the FTP services installed, router set to DMZ, and currently Anonymous logins allowed. (I know, security risk, but there's nothing important on there and not worried at the moment) So here's the thing... I can ftp to my computer, list directory, get files etc, BUT only if I'm using the command prompt. If I try to log in using IE or any FTP client it's just timing out. I've tried: username@ipaddress ipaddress username:password@ipaddress and not able to get any of them to work. Anyone have any ideas? Thanks!!!

Read the article
How to set my Ubuntu account to super user at all times?

- by iaddesign

I have the latest Ubuntu installed and I'll be the only one using it off the network. My question is: how can I make myself super user at all times? Because when I try to delete a file it says I don't have privileges to do so. I know you are going to say it's a security risk but I'm off the network and want to learn all that I can. I don't want to delete the files through the terminal but want to do it through the user interface/explorer. I've installed LAMP and can't copy my site to the www directory. I've tried to remove the preinstalled index file and it won't let me.

Read the article
Is there any danger in disabling windows firewall on a azure worker role?

- by NullReference

I'm trying to troubleshoot a bug on our Azure worker role where we occasionally get the error "Unable to read data from the transport connection: An established connection was aborted by the software in your host machine". This error occurs when we are connecting to outside resources like google auth servers. A few people have recommended disabling the firewall\antivirus on the server. I'm just wondering what kind of security risk we would take by doing this. The server doesn't have iis installed but would it be vulnerable to hacking without the firewall? Thanks

Read the article
Git and Amazon EC2 public key denied

- by MrNart

I had git working before on /var/html/projectfolder and realized it was a security risk so I made a new folder /projects from the root folder and tried to replicate what I did and now it doesnt work. Here is the backlog of what I did for my local machine and EC2 - server Server-EC2 1.I added my public key to the authorized_user file in ~/.ssh folder 2.Create a bare repository git init --bare 3.Change folder permissions to sudo chgrp -R ec2-user * sudo chmod -R g+ws * Local Machine create a local repository with git init touch, add, commit readme file pointed origin master to ec2 via git remote add origin ssh://ec2-user@remote-ip/path/to/folder This is my output: Permission Denied (publickey) fatal: The remote end hung up unexpectedly

Read the article
Windows 7 Long Delay on Login or Unlock

- by Adam Driscoll

I have a clean install of Windows 7 x32 running on my HP DV6449us and am experiencing a really long delay (10+ seconds) when unlocking or logging into my computer. The same issue was happening with UAC but I was able to turn that off. I realize this is a security risk but couldn't take it any more. I've read about this being video driver related but have updated the drivers to the newest I could find for the GeForce Go 6150. Anyone else experiencing this? My desktop is very happy but he's sporting a Nvidia 260 GT. Is it just the lack of firepower?

Read the article
In Windows XP, is it possible to disable user credential caching for particular users

- by kdt

I understand that when windows caches user credentials, these can sometimes be used by malicious parties to access other machines once a machine containing cached credentials is compromised, a method known as "pass the hash"[1]. For this reason I would like to get control over what's cached to reduce the risk of cached credentials being used maliciously. It is possible to prevent all caching by zeroing HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\CachedLogonsCount, but this is too indiscriminate: laptops users need to be able to login when away from the network. What I would like to do is prevent the caching of credentials of certain users, such as administrators -- is there any way to do that in Windows XP? http://www.lbl.gov/cyber/systems/pass-the-hash.html

Read the article
How to install a "virtual" network card on a virtual server?

- by vikp

Hi, We have purchased an unmanaged VPS windows hosting solution from one of the UK based companies. We have Windows Server 2008 Standard Edition. We need to install certain third party applications on that server. Unfortunatelly, one of the applications requires a MAC address to be present at all times - this is their way of making sure that software is not pirated (which it isn't). We have tried installing a virtual loopback network card, but this has brought the server down - i.e. we couldn't connect using remote desktop any longer. At the moment we are limited with what we can try. This is an unmanaged solution, therefore any support including restarts is rather costly. Are you aware of any low-risk solutions? Thank you

Read the article
How do I securely share / allow access to a drive?

- by sleske

To simplify backing up a laptop (Windows Vista), I'm planning on sharing its C: drive (with password protection) and using that to back it up from another computer. What are the security implications of this? If I share C: with a reasonable password, how big is the risk of compromise if the system is e.g. inadvertently used on a public WLAN or similar? Background: I'm planning to use [Areca Backup][1] to back up two systems (Windows XP and Vista). My current plan is to install Areca on the XP box, and share the Vista system's C: as a shared folder, so the XP system can read it. Then I can set up the drive as a network drive and have Areca read it like a local drive. Of course, if you can think of a more elegant way of doing this, I'm open to suggestions.

Read the article
PostgreSQL disaster recovery options

- by Alex

My customer has quite a large (the total "data" folder size is 200G) PostgreSQL database and we are working on a disaster recovery plan. We have identified three different types of disasters so far: hardware outage, too much load and unintentional data loss due to erroneously executed bad migration (like DELETE or ALTER TABLE DROP COLUMN). First two types seem to be easy to mitigate but we can't elaborate a good mitigation plan for the third type. I proposed to use ZFS and frequent (hourly) snapshots but "ZFS" means "OpenIndiana" these days and our Ops engineers do not have much expertise in it, so using OpenIndiana imposes another risk. Colleagues try to convince me that restoring from PostgreSQL PITR backup can be as fast as restoring from a ZFS snapshot but I highly doubt that replaying, say, 50G of archived WALs can be considered "fast". What other options are we missing? Is ZFS an only viable alternative? Can we get a fast Pg DB restore time in the Linux environment?

Read the article
Hardware RAID 0 without OS re-installation

- by sterz

I have Ubuntu & Windows 7 installed on my hdd. Can I mirror the image of the hdd to the second identical drive? Is this not recommended (i.e have to re-install every OS)? If it is okay to mirror, is there anything else to do to make hw RAID 0 work? Does RAID 0 have the same risk as a single drive? What sector size would you recommend for read/write/extract video files (mostly each around 2 GB)?

Read the article
Mini-jack problem with Sony Vaio (running XP)

- by qftme

I have a five year old Sony Vaio laptop (vgn-fw31m) that has had impact damage to the audio-output mini-jack for about the last year or so. In a recent discussion with my brother, we wondered whether it would be possible to write a program that would enable windows to use the microphone mini-jack input as the audio-output? As I currently use this laptop for work I am not keen to risk pulling it apart in order to replace the components comprising the audio-out. I therefore 'hope' that a programming solution exists. I would really appreciate any advice on this and eagerly await your response. Kind regards, qftme :)

Read the article

< Previous Page | 21 22 23 24 25 26 27 28 29 30 31 32 | Next Page >