Search Results

Search found 1426 results on 58 pages for 'risk'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 26/58 | < Previous Page | 22 23 24 25 26 27 28 29 30 31 32 33  | Next Page >

  • Why do servers go down after a lot of traffic?

    - by mohabitar
    I'm working on an iOS app that makes extensive use of databases, where users will be able to sync their data to a server. However, I'm terrified of the event that if too many users start using the app, the servers will no longer be able to handle it. I'm not a server guy at all and am not too familiar with how that works, but my question is, why do servers get overloaded and how can that be prevented? Does it have to do with who my server host is? Or is it about the efficiency of my code? If my host is a reliable server, such as Amazon AWS, am I still at risk for server problems? Bottom line is, does it have to do with the way I implement my code, or does it have to do with who my host is?

    Read the article

  • Why not install Msvcr71.dll into system32?

    - by hillu
    While looking for an authoritative source for the missing Msvcr71.dll that is needed by a few old applications, I stumbled across the MSDN article Redistribution of the shared C runtime component in Visual C++. The advice given to developers is to drop the DLL into the application's directory instead of system32 since DLLs in this directory are considered before the system paths. What can/will go wrong if I (as an administrator, not a developer) decide to take the lazy path and install Msvcr71.dll (and Msvcp71.dll while I'm at it) into the system32 directory (of 32 bit Windows XP or Windows 7 systems) instead of putting a copy in each application's directory? Is there another good solution to provide the applications with the needed DLLs that doesn't involve copying stuff to the application directories? added after first answers: I understand that incompatible API changes may have been made to the mentioned DLLs, but pretty much every mention of incompatibilities I have found using Google had to do with games or video codecs. Right now, I expect that the risk of breakage is pretty small. Am I missing something?

    Read the article

  • Anyone have any experience with bargain laptop batteries?

    - by chris
    I've got an oldish D820 that's got a 100% dead battery. I know that I could, in theory, take it apart and replace bad cells in the battery. I'm not really comfortable with doing that. I also know that there are various places that sell replacement batteries for 20% to 80% of the cost that Dell would charge. Does anyone have any experiences with buying more than a couple of these off-brand batteries? If a battery goes boom, it could be really ugly, so I'd rather not risk it, but at the same time, the dell batteries are really expensive... Any opinions on these ebay / off-brand battery vendors? Thanks!

    Read the article

  • What are the risks in putting website files in the "root" folder of a shared web hosting server?

    - by Obay Ouano
    A site I've been asked to manage is hosted (shared) on GoDaddy, with this folder structure: / public_html public_ftp mail stats logs etc... However, the website files are stored in the / folder, and NOT in public_html. I'm not sure if this is how GoDaddy sets up their customers' accounts, or if the old web developer accidentally changed it from public_html to root. But when we call up GoDaddy to tell them to correct this (move files to public_html), they won't change it and insist that there is no security risk unless someone gets a hold of the FTP password. Is this true? (I have always read that website files should be inside public_html.) If not, where could this setting be changed? The .htaccess is empty.

    Read the article

  • sudoers security

    - by jetboy
    I've setup a script to do Subversion updates across two servers - the localhost and a remote server - called by a post-commit hook run by the www-data user. /srv/svn/mysite/hooks/post-commit contains: sudo -u cli /usr/local/bin/svn_deploy /usr/local/bin/svn_deploy is owned by the cli user, and contains: #!/bin/sh svn update /srv/www/mysite ssh cli@remotehost 'svn update /srv/www/mysite' To get this to work I've had to add the following to the sudoers file: www-data ALL = (cli) NOPASSWD: /usr/local/bin/svn_deploy cli ALL = NOEXEC:NOPASSWD: /usr/local/bin/svn_deploy Entries for both www-data and cli were necessary to avoid the error: post commit hook failed: no tty present and no askpass program specified I'm wary of giving any kind of elevated rights to www-data. Is there anything else I should be doing to reduce or eliminate any security risk?

    Read the article

  • I have my best computer ideas while sitting in church. You? [closed]

    - by Rolnik
    At the risk of posing a subjective question... Where/when are you when you come up with your best ideas? How do you enter that 'zen' state? Yes... necessarily these have to be computer ideas and not new ideas how to make waffles (unless it involves a CPU). Some kinds of ideas include: New software project; better way to organize data; What would look slick on the internet; How to break into the Coka-Cola mainframe and steal the Coke formula (just kidding) How about it. How/when do you get a load of inspiration/insight?

    Read the article

  • Would hybrid drive work after SSD failure

    - by lulalala
    Hybrid hard drive combines SSD with traditional hard drives. I know that SSD can fail much often than traditional hard drives. So I want to ask that, when the SSD part of the hybrid drive fails, would I still be able to use the traditional hard drive? If it won't work like that, then I will consider add-in SATA cards instead, as it delegates risk much better. EDIT: I guess it differs from model to model, so if yes what models would work. (I am evaluating Seagate DX for now)

    Read the article

  • How do I update the memberOf attributes of existing objects after adding the OpenLDAP Reverse Group Membership Maintenance overlay?

    - by mss
    This is a follow-up to this question: I added the memberof overlay to an existing OpenLDAP 2.4 server. Now I want to update the existing user objects. For new group memberships, the memberOf attribute is updated correctly. But I have a bunch of existing groups which aren't updated automatically. I could remove all users from their groups and re-add them to make sure these entries are in sync. Since this is a Univention Corporate Server which does a lot of magic when you modify the LDAP, I don't want to risk breaking my directory. Is there a way to trick the overlay to update these operational attributes?

    Read the article

  • Host a Debian repository on a Windows Web/Ftp server

    - by Dave
    At the risk of causing a matter vs. antimatter paradox that would end the world as we know it ... Is it possible to host a Debian repository on a Windows server? We have some applications which are available for Windows, Mac OS X, and Linux. Our web site, from where the application can be downloaded, is a Windows Server 2008 box running IIS 7. That is not going to change, and I would like to avoid having to purchase another server and/or domain. I would like to take advantage of the Debian packaging system so that I can just instruct users to add our repository to their software sources, and then they can install, get updates, resolve dependencies (some of which are not yet in the stable/main distributions of my target platforms), etc. The instructions I can find on the internet require linux-specific tools to create a local repository, but are unclear as to whether or not that can be copied to an FTP site as is, or if it requires some local daemons to be running or something.

    Read the article

  • Auto backup a user folder to a usb when usb is plugged in

    - by Azztech Computers
    I'm a computer technician and help customers everyday with their computers and smartphones and have a really basic (i think) request but dont know how to go about it. Customer always come in with broken phones, water damage, needing updates, or just want me to backup their information. I currently have a program that i use when i backup their computers it backups their iOS folder C:\Users\USER\AppData\Roaming\Apple Computer\MobileSync\Backup but what i want is a quick easy way to do this in customers houses. What i require is a way when i plug in a USB drive it AUTOMATICALLY searches for the folder and starts transferring the folder to a predefined folder on the USB drive. This was I can just plug it in and begin work on their computer or phone without the risk of losing their information. I'm sure there is a .bat/.ini file i could use but wondering if someone has already done this or something similar as I would need it to search all the USER folders not just the one I'm logged into. Thanks in advance

    Read the article

  • strategy /insights for avoiding document content loss due to encryption

    - by pbernatchez
    I'm about to encourage a group of people to begin using S-Mime and GPG for digital signatures and encryption. I foresee a nightmare of encrypted documents which can no longer be recovered because of lost keys. The thorniest issue is archiving. The natural way to preserve privacy in an archive is to archive the encrypted document. But that opens us up to the risk of a lost key when time comes to unarchive a document, or a forgotten password. After all it will be a long way in the future. This would be equivalent to having destroyed the document. First thought is archiving keys with documents, but that still leaves the forgotten pass phrase. Archiving the passphrase too would be tantamount to archiving in the clear. No privacy. What approaches do you use? What insights can you offer on the issue?

    Read the article

  • Problem installing a w2k DC on Hyper-V?

    - by Tony
    Hi, We have a cluster with four node windows 2008 r2 and hyper-v installed. We would like to install 2 VM with role domain controller w2k (the domain is different from the domain of the hyper-v cluster). Do you know if there are any restriction on doing it? Some collegues say that we risk data corruption if we do live migrations. Others speak about the fact that Microsoft don't support w2k any more. And others have doubts because the global catalog server installed on these DC could have loss of performance. Any idea? Thanks Tony

    Read the article

  • Is Exchange protected from/allow back dated emails?

    - by David
    Does Exchange Server adequately protect against backdating items in a mailbox folder? I want to determine from an auditing perspective what level of risk exists/what trust can be put into Exchange database records. Is there a (mis)feature that allows end point users to modify the sent/recieved date fields on their own messages? Is there a reasonable way short of hand editing the files for an Exchange Server admin to make such a change? And most importantly: Is there any kind of "sequence number" that we could use to audit Exchange records for evidence of date manipulation (ex. msg100 = Dec 15, msg101 = Dec 10, msg102 = Dec 16)

    Read the article

  • Is there a "restore point" in Linux (Debian/Ubuntu) like Windows?

    - by Somebody still uses you MS-DOS
    I'm working directly in an Ubuntu Virtual Machine (VM). Some updates (like kernel) were available at the update manager. If I weren't using a VM, I wouldn't update it since it's a risk to break something. Since it's a VM, you can create a Snapshot or export an appliance and restore if something goes wrong. Suppose I'm not using a VM with a Debian/Ubuntu installation. Is there a install-restore approach that doesn't depend in a VM configuration to restore your system exactly before an upgrade (Like a "Restore Point" in Windows), being easy to restore like a VM appliance? (I'm not looking for "ghost images" or something like that (Norton Ghost, Clonezilla, etc), I'm looking for something builtin in the Linux System)

    Read the article

  • Debian/Ubuntu: Enabling "dist-upgrade" behavior for unattended-upgrades?

    - by Mark Renouf
    We've got a customized distribution of Ubuntu, a repository with some custom packages and we run unattended-upgrades on a number of systems. What we want to be able to do is supply an update of one of our packages which might have a new dependency which is not yet installed. I understand apt normally prevents that from happening automatically, and using dist-upgrade would permit it. How can I get that behavior so our unattended upgrades work the same way? Ideally we'd only want new packages installed if one of our packages causes it to be needed (either as a direct dependency or a child, etc.) Should I be aware of any potential problems or increased risk of breakage. The systems are generally not easily accessed via the console so anything causing a problem requiring manual intervention would be very bad!

    Read the article

  • Binding services to localhost and using SSH tunnels - can requests be forged?

    - by Martin
    Given a typical webserver, with Apache2, common PHP scripts and a DNS server, would it be sufficient from a security perspective to bind administration interfaces like phpmyadmin to localhost and access it via SSH tunnels? Or could somebody, who knew eg. that phpmyadmin (or any other commonly availible script) is listening at a certain port on localhost easily forge requests that would be executed if no other authentication was present? In other words: could somebody from somewhere in the internet easily forge a request, so that the webserver would accept it, thinking it originated from 127.0.0.1 if the server is listening on 127.0.0.1 only? If there were a risk, could it be somehow dealt with on a lower level than the application, eg. by using iptables? The idea being, that if someone found a weakness in a php script or apache, the network would still block this request because it did not arrive via a SSH-tunnel?

    Read the article

  • Security considerations in providing VPN access to non-company issued computers [migrated]

    - by DKNUCKLES
    There have been a few people at my office that have requested the installation of DropBox on their computers to synchronize files so they can work on them at home. I have always been wary about cloud computing, mainly because we are a Canadian company and enjoy the privacy and being outside the reach of the Patriot Act. The policy before I started was that employees with company issued notebooks could be issued a VPN account, and everyone else had to have a remote desktop connection. The theory behind this logic (as I understand it) was that we had the potential to lock down the notebooks whereas the employees home computers were outside of our grasp. We had no ability to ensure they weren't running as administrator all the time / were running AV so they were a higher risk at being infected with malware and could compromise network security. With the increase in people wanting DropBox I'm curious as to whether or not this policy is too restrictive and overly paranoid. Is it generally safe to provide VPN access to an employee without knowing what their computing environment looks like?

    Read the article

  • After turning my monitor off and on, it will display only a white screen

    - by Narf the Mouse
    About a month after installing a new graphics card, I started encountering a rather frustrating problem. Namely, if I turn my monitor off for any significant length of time, then turn it back on, it displays only a white screen. Previously, restarting could fix the problem. However, after leaving the computer off last night, the problem persists. An internet search turned up this site; however, the monitor cable is not loose. As for the insides of the monitor - Well, I could poke around, but I risk making it worse if it's not the monitor. Any such instructions should be clear, detailed and include pictures. Further updates as events warrant.

    Read the article

  • Duplicating keepass files instead of creating a new file

    - by BlakBat
    I'm currently using KeePass 2 and syncing them via dropbox. I have a few KeePass files (one for websites, one to store software licenses, etc...) Every time I need a new KeePass file, I just create a copy of the kbdx file, open it, remove all existing entries, change the key transformation rounds to another pseudo-random value. I do not change the master password. I want to know if this was unsafe practice, or was a security risk, compared to just creating a new KeePass file via the "File-New" menu. The reason I don't use the menu: i'm lazy enough to not want to reconfigure "database settings" every time.

    Read the article

  • Is it safe/wise to run Drupal alongside bespoke business web apps in production?

    - by Vaze
    I'm interested to know the general community feeling about the safety of running Drupal alongside bespoke, business critial ASP.NET MVC apps on a production server. Previously my employer's Drupal based 'visitor website' was hosted as a managed service with a 3rd party. While the LoB sites were hosted in-house. That 3rd party is no longer available so I'm considering my options: Bring Drupal in-house Find another 3rd party My concern is that I have little experience with Drupal administration (and no experience securing it) and that the addition of PHP to my IIS server poses a security risk. Is there a best practice that I can follow in this situation?

    Read the article

  • How to get the Host value inside ~/.ssh/config

    - by iconoclast
    Within a ~/.ssh/config or ssh_config file, %h will give you the HostName value, but how do you get the Host ("alias") value? Why would I want to do that? Well, here's an example Host some_host_alias HostName 1.2.3.4 User my_user_name PasswordAuthentication no IdentityFile ~/.ssh/some_host_alias.rsa.id LocalCommand some_script.sh %h # <---- this is the critical line If I pass %h to the script, then it uses 1.2.3.4, which fails to give it all the options it needs to connect to that machine. I need to pass some_host_alias, but I can't find the % variable for that. (And: yes! I'm aware of the risk of recursion. That's solved inside the script.) UPDATE: Kenster pointed out that I could just hard-code the Host value as an argument to the script. Of course this will work in the example I gave, but it won't work if I'm using pattern matching for the Host.

    Read the article

  • Is there a filesystem that is "friendly" to both windows and Linux?

    - by Somebody still uses you MS-DOS
    I'm planning to install Ubuntu 10.04 with Windows 7. (I'm new to Linux, have to use at work so I'm planning to install it at home to learn more) I plan to use a partition to my Windows system files (C:), a partition for my personal files that already exists (D:) and a new partition for Linux. What I want is to have a partition for my personal files that works across these systems - so, if I start with Windows or Linux, there's the same "Videos", "Pictures", "Projects" folders. Is it possible? Is there a hd filesystem capable of having writes from both systems without too much risk of corrupting or something?

    Read the article

  • Is there a filesystem that is "friendly" to both windows and Linux?

    - by Somebody still uses you MS-DOS
    I'm planning to install Ubuntu 10.04 with Windows 7. (I'm new to Linux, have to use at work so I'm planning to install it at home to learn more) I plan to use a partition to my Windows system files (C:), a partition for my personal files that already exists (D:) and a new partition for Linux. What I want is to have a partition for my personal files that works across these systems - so, if I start with Windows or Linux, there's the same "Videos", "Pictures", "Projects" folders. Is it possible? Is there a hd filesystem capable of having writes from both systems without too much risk of corrupting or something? (Can't be FAT32, I need to store 4gb files). I've read some horror stories of corruption, and would like to know from a sysadmin POV all the risks involved in such scenario.

    Read the article

  • All HTTPS, or is it OK to accept HTTP and redirect (secure vs. user friendly)

    - by tharrison
    Our site currently redirects requests sent to http://example.com to https://example.com -- everything beyond this is served over SSL. For now, the redirect is done with an Apache rewrite rule. Our site is dealing with money, however, so security is pretty important. Does allowing HTTP in this way pose any greater security risk than just not opening or listening on port 80? Ideally, it's a little more user-friendly to redirect. (I am aware that SSL is only one of a large set of security considerations, so please make the generous assumption that we have done at least a "very good" job of covering various security bases.)

    Read the article

  • Let a program (called by other program) run as admin without prompt

    - by DarkGhostHunter
    As you may know, Steam doesn't like no-admin accounts for installing games or whatsoever. In my case, I have a user in my computer that usually install a lot of games and every time I have to put my password to successfully play them. Blame, /bin/SteamService.exe. I came up with a solution: using RunAs to make Steam run as the admin user. But that is a potential security risk. So instead of that, I'm asking if is possible to do the following: Hot to run SteamService.exe with high trust levels (or admin privileges) automatically when Steam calls it? That way he can play and install games in Steam leaving the rest of the system alone. I don't mind if the user has to click "yes or no", but without prompt its better because some games asks every time they're executed.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 22 23 24 25 26 27 28 29 30 31 32 33  | Next Page >