Search Results

Search found 30819 results on 1233 pages for 'software security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 265/1233 | < Previous Page | 261 262 263 264 265 266 267 268 269 270 271 272  | Next Page >

  • Reviewing firewall rules

    - by chmeee
    I need to review firewall rules of a CheckPoint firewall for a customer (with 200+ rules). I have used FWDoc in the past to extract the rules and convert them to other formats but there was some errors with exclusions. I then analyze them manually to produce an improved version of the rules (usually in OOo Calc) with comments. I know there are several visualization techniques but they all go down to analyzing the traffic and I want static analysis. So I was wondering, what process do you follow to analyze firewall rules? What tools do you use (not only for Checkpoint)?

    Read the article

  • Where does PGP keep its license file within OSX?

    - by romant
    I was using a trial from PGP. Now have a license supplied by the company I work for. Upon trying to overwrite/upgrade - PGP is reporting that its using the 'old', namely trial license. Which has long expired. How can I completely rid my machine of PGP - and thus be able to install a fresh copy? Where does this pesky license file reside? OS: 10.6.2 PGP: 10

    Read the article

  • shibboleth: tomcat failing to start IdP listener

    - by HorusKol
    I have installed a Shibboleth Identity Provider as per http://www.edugate.ie/workshop-guides/shibboleth-2-identity-provider-installation-linux-debian-or-ubuntu However, testing only gave me a 404 from Tomcat, and when I checked the Tomcat logs, I saw that the IdP listener was not starting: 10/01/2011 11:25:31 AM org.apache.catalina.startup.HostConfig deployDescriptor INFO: Deploying configuration descriptor idp.xml 10/01/2011 11:25:32 AM org.apache.catalina.core.StandardContext start SEVERE: Error listenerStart 10/01/2011 11:25:32 AM org.apache.catalina.core.StandardContext start SEVERE: Context [/idp] startup failed due to previous errors The IdP descriptor file has the following context: <Context docBase="/opt/shibboleth-idp/war/idp.war" privileged="true" antiResourceLocking="false" antiJARLocking="false" unpackWAR="true" /> I have confirmed that the WAR file is located as the Context above specifies - as I have found similar issues from other people where the WAR file was not found. However, the logs posted by those people indicate that the descriptor file was correctly read by Tomcat and their problem was with the WAR file itself. I'm assuming this is some kind of syntax error with the idp.xml, but cannot determine what it might be. Also - setting the Tomcat logging level to FINEST does not provide any additional information in the logs for this error.

    Read the article

  • What is wrong with my Watcher (incron-like) daemon?

    - by eric01
    I have installed Watcher this way: both watcher.py and watcher.ini are located in /etc I also installed pyinotify and it does work when I use python -m pyinotify -v /var/www However, I want to use the daemon and when I start watcher.py, I get weird lines on my watcher.log (see below). I also included my watcher.ini file. Note: I have the latest version of Python. The watcher.py can be found here What is wrong with what I did? Also, do I really need pyinotify? Thanks a lot for your help watcher.ini: [DEFAULT] logfile=/var/log/watcher.log pidfile=/var/run/watcher.pid [job1] watch=/var/www events=create,delete,modify recursive=true command=mkdir /home/mockfolder ## just using this as test watcher.log: 2012-09-22 04:28:23.822029 Daemon started 2012-09-22 04:28:23.822596 job1: /var/www Traceback (most recent call last): File "/etc/watcher.py", line 359, in <module> daemon.start() File "/etc/watcher.py", line 124, in start self.run() File "/etc/watcher.py", line 256, in run autoadd = self.config.getboolean(section,'autoadd') File "/usr/lib/python2.7/ConfigParser.py", line 368, in getboolean v = self.get(section, option) File "/usr/lib/python2.7/ConfigParser.py", line 618, in get raise NoOptionError(option, section) ConfigParser.NoOptionError: No option 'autoadd' in section: 'job1'

    Read the article

  • Backup media manager, library or similar reference application

    - by Tarnschaf
    I'm looking for a backup media manager that will keep me up-to-date on where my backups are, how they're stored and what's stored on them. I want it to be able to do and keep track of the following: my used backup media (e.g. DVD1, DVD2) my backed-up assets in high-level (such as "family-photos from 2003", "laptop drivers") details of the assets ("Ninas Birthday 2003") where the backup media is currently stored when the media has been burned (to re-burn in case of media degeneration). It should be possible to navigate back and forth between media and assets. I also thought about marking assets as "deprecated". If all assets on a media are deprecated, the program should tell me so I don't have to keep it any more. Does anyone know of a program with this feature-set? Or will I have to start my own reference in something like Access?

    Read the article

  • Remove identifying information from SSH.

    - by The Rook
    When I do an nmap -sV 127.0.0.1 -p 22 of my system I get the following information: SF-Port22-TCP:V=4.62%I=7%D=11/9%Time=4916402C%P=i686-pc-linux-gnu%r(NULL,2 SF:7,"SSH-2.0-OpenSSH_5.1p1\x20Debian-3ubuntu1\r\n"); How do I go about chaining these two pieces of information? i686-pc-linux-gnu and SSH-2\.0-OpenSSH_5\.1p1\x20Debian-3ubuntu1.

    Read the article

  • TeamViewer - only allow domain logins

    - by BloodyIron
    I recently started a Systems Admin job where teamviewer is used pretty frequently here. Another admin recently left, and the concern is they still have access to all our systems due to how teamviewer works. I want to migrate the entire environment to domain authentication. The documentation shows that setting up windows auth (domain) is easy, but I want to be sure that it is the only way to be authenticated with a teamviewer session here. I cannot yet find anything which explicitly says this. We have licensing for teamviewer 5 and 6, I think. Right now we have 7 in the environment, but I think most are in a trial version, so I am likely to revert to 5 or 6.

    Read the article

  • Using the right folder for the right job. Article link, please?

    - by Droogans
    There are specific folders designed for specific tasks. /var/www holds your web sites, /usr/bin contains files to run your applications...yet I still find myself putting nearly all of my work in ~. Is it possible to overuse my home directory? Will it come back to haunt me? Anyone have a good link to an article of best practices for organizing your files so that they are placed in their "correct" place? Is there even such a thing in Linux? I am referring specifically to user-generated content. I do not compile applications from source, I use apt-get for those tasks. This article has a great introduction to what I'm looking for. Table 3-2, "Subdirectories of the root directory" is the sort of thing I'm looking for, but with more details/examples.

    Read the article

  • How do I securely execute commands as root via a web control panel?

    - by Chris J
    I would like to build a very simple PHP based web based control panel to add and remove users to/from and add and remove sections to/from nginx config files on my linode vps (Ubuntu 8.04 LTS). What is the most secure way of executing commands as root based on input from a web based control panel? I am loathe to run PHP as root (even if behind an IP tables firewall) for the obvious reasons. Suggestions welcome. It must be possible as several commercial (and bloated, for my needs) control panels offer similar functionality. Thanks

    Read the article

  • Network tools not working with a 3G connection

    - by gAMBOOKa
    Some of my network tools stopped working after I switched to a 3G connection from a DSL one. Cain and Abel's sniffer, Metasploit, even the NMAP scanner. I'm using Windows 7. The 3G device in question is the Huawei E180. Here's the error I get when running NMAP WARNING: Using raw sockets because ppp2 is not an ethernet device. This probably won't work on Windows. pcap_open_live(ppp2, 100, 0, 2) FAILED. Reported error: Error opening adapter: The system cannot find the device specified. (20). Will wait 5 seconds then retry. pcap_open_live(ppp2, 100, 0, 2) FAILED. Reported error: Error opening adapter: The system cannot find the device specified. (20). Will wait 25 seconds then retry. Call to pcap_open_live(ppp2, 100, 0, 2) failed three times. Reported error: Error opening adapter: The system cannot find the device specified. (20) Metasploit's refused connection to my websites too.

    Read the article

  • How secure are third party Ubuntu (APT) repository mirrors

    - by bakytn
    Hello! We have locally an Ubuntu mirrors to save a lot of traffic (our external traffic is not free) So whenever I apt-get install "program" it gets from that repository. the question is...basically they can substitute any package with their own? So it's 100% on my own risk and I can be hacked easily on any apt-get upgrade or a-g install or a-g dist-upgrade? for example the very basic ones like "telnet" or any other.

    Read the article

  • Creating limited user account on Windows 7

    - by serena
    I'm sharing my PC (Win 7 x64 Home Premium) with a friend, and I wanna create a guest user for her. I don't want her to reach my files, Windows settings, program adjustments etc. She should just surf the net, create/edit her own Word, Excel documents, and simple things like these. How can I create this user account and make the necessary arrangements for limitations?

    Read the article

  • How to disable mod_security2 rule (false positive) for one domain on centos 5

    - by nicholas.alipaz
    Hi I have mod_security enabled on a centos5 server and one of the rules is keeping a user from posting some text on a form. The text is legitimate but it has the words 'create' and an html <table> tag later in it so it is causing a false positive. The error I am receiving is below: [Sun Apr 25 20:36:53 2010] [error] [client 76.171.171.xxx] ModSecurity: Access denied with code 500 (phase 2). Pattern match "((alter|create|drop)[[:space:]]+(column|database|procedure|table)|delete[[:space:]]+from|update.+set.+=)" at ARGS:body. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "352"] [id "300015"] [rev "1"] [msg "Generic SQL injection protection"] [severity "CRITICAL"] [hostname "www.mysite.com"] [uri "/node/181/edit"] [unique_id "@TaVDEWnlusAABQv9@oAAAAD"] and here is /usr/local/apache/conf/modsec2.user.conf (line 352) #Generic SQL sigs SecRule ARGS "((alter|create|drop)[[:space:]]+(column|database|procedure|table)|delete[[:space:]]+from|update.+set.+=)" "id:1,rev:1,severity:2,msg:'Generic SQL injection protection'" The questions I have are: What should I do to "whitelist" or allow this rule to get through? What file do I create and where? How should I alter this rule? Can I set it to only be allowed for the one domain, since it is the only one having the issue on this dedicated server or is there a better way to exclude table tags perhaps? Thanks guys

    Read the article

  • allowing index access only with .htaccess

    - by YsoL8
    Hello I have this in my .htaccess file, in the site root: Options -Indexes <directory ../.*> Deny from all </directory> <Files .htaccess> order allow,deny deny from all </Files> <Files index.php> Order allow,deny allow from all </Files> What I'm trying to achieve is to block folder and file access to anything that isn't called index.php, regardless of which directory is accessed. I have the folder part working perfectly and the deny from all rule is working as well - but my attempt to allow access to index.php is failing. Basically could someone tell me how to get it working?

    Read the article

  • allowing index access only with .htaccess

    - by YsoL8
    Hello I have this in my .htaccess file, in the site root: Options -Indexes <directory ../.*> Deny from all </directory> <Files .htaccess> order allow,deny deny from all </Files> <Files index.php> Order allow,deny allow from all </Files> What I'm trying to achieve is to block folder and file access to anything that isn't called index.php, regardless of which directory is accessed. I have the folder part working perfectly and the deny from all rule is working as well - but my attempt to allow access to index.php is failing. Basically could someone tell me how to get it working?

    Read the article

  • Webserver logs: "Morfeus Fucking Scanner"

    - by Patrick
    I've just found these accesses in my web server log files: ::ffff:218.38.136.38 109.72.95.175 - [10/Jan/2011:02:54:12 +0100] "GET /user/soapCaller.bs HTTP/1.1" 404 345 "-" "Morfeus Fucking Scanner" ::ffff:218.38.136.38 109.72.95.174 - [10/Jan/2011:02:54:12 +0100] "GET /user/soapCaller.bs HTTP/1.1" 404 345 "-" "Morfeus Fucking Scanner" Should I start to worry ? Or is it just a normal attempt to hack my server ? thanks

    Read the article

  • Blocking IP Range in .htaccess Problem

    - by Pedro
    Hi, I'm trying to block the access of one of my webapps using IP Filter in the .htaccess, the problem is that after updating the file with: order allow,deny deny from 58.14.0.0/15 allow from all I get the folowing error: Internal Server Error The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the server administrator, [email protected] and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log. What is wrong? Regards, Pedro

    Read the article

  • Best "Keep your music with you" setup

    - by solomongaby
    I really enjoy listening to music, and because of this i have a lot of sources for it. This is not always a good thing since i have my music stored on a lot of devices ( home computer, work computer, online storage, ipod ) and sometimes its a bit difficult to have the same music in all places. Sometimes i dont have the same songs in all the places, i make a playlist in one place and want it in the other place etc. How do you keep your music in sync on all your devices. PS: i use both windows and linux.

    Read the article

  • Real benefits of tcp TIME-WAIT and implications in production environment

    - by user64204
    SOME THEORY I've been doing some reading on tcp TIME-WAIT (here and there) and what I read is that it's a value set to 2 x MSL (maximum segment life) which keeps a connection in the "connection table" for a while to guarantee that, "before your allowed to create a connection with the same tuple, all the packets belonging to previous incarnations of that tuple will be dead". Since segments received (apart from SYN under specific circumstances) while a connection is either in TIME-WAIT or no longer existing would be discarded, why not close the connection right away? Q1: Is it because there is less processing involved in dealing with segments from old connections and less processing to create a new connection on the same tuple when in TIME-WAIT (i.e. are there performance benefits)? If the above explanation doesn't stand, the only reason I see the TIME-WAIT being useful would be if a client sends a SYN for a connection before it sends remaining segments for an old connection on the same tuple in which case the receiver would re-open the connection but then get bad segments and and would have to terminate it. Q2: Is this analysis correct? Q3: Are there other benefits to using TIME-WAIT? SOME PRACTICE I've been looking at the munin graphs on a production server that I administrate. Here is one: As you can see there are more connections in TIME-WAIT than ESTABLISHED, around twice as many most of the time, on some occasions four times as many. Q4: Does this have an impact on performance? Q5: If so, is it wise/recommended to reduce the TIME-WAIT value (and what to)? Q6: Is this ratio of TIME-WAIT / ESTABLISHED connections normal? Could this be related to malicious connection attempts?

    Read the article

  • Disable mod_security on Dreamhost, for a single cgi script

    - by Hippyjim
    Hi I've searched around a lot, and tried various tweaks to .htaccess files to try to turn off mod_security for a particular cgi script (uber uploader) but it doesn't seem to have any effect. The most popular one I see rehashed all over the web is: # Turn off mod_security filtering. SecFilterEngine Off # The below probably isn't needed, # but better safe than sorry. SecFilterScanPOST Off Which looks relative simple to me - if "SecFilterEngine" is in some way related to mod_security of course. Shame it has absolutely no effect! Does anyone have a suggested way I can simply disable it for a request to any file in my cgi-bin directory?

    Read the article

  • Disallow root to su on a user which is not listed in /etc/passwd

    - by marc.riera
    Hello, on linux we autenticate users against AD. The AD users are not listed on /etc/passwd. We are about to deploy a NFS solution to mount some extra space for each group of users. If a user(A) with sudo su privileges goes to root, then he can impersonate user(B) just by su user(B) and going to the NFS. Is there any way to disallow root to su user if the user is not listed on /etc/passwd ? Thanks.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 261 262 263 264 265 266 267 268 269 270 271 272  | Next Page >