Search Results

Search found 18808 results on 753 pages for 'security updates'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 269/753 | < Previous Page | 265 266 267 268 269 270 271 272 273 274 275 276  | Next Page >

  • How to tell if a freebsd jail is up to date?

    - by Martin Torhage
    I've set up a "Service Jail" in FreeBSD 8.0 according to the FreeBSD Handbook (http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/jails-application.html). After upgrading the host to the latest patch level and then performed a jail-upgrade, freebsd-fetch still reports that there are files in need of an update in the jail. Is this expected? Then how do I know if a jail is up to date? This is what I've done in more detail: After the initial setup of the jail freebsd-update fetch reported that there were no updates available neither in the host system nor in the jail. This was expected. A while later freebsd-update fetch reported that the following files where in need of an update both in the host and in the jail. /usr/lib/libssl.a /usr/lib/libssl_p.a /usr/lib/libzpool.a /usr/lib32/libssl.a /usr/lib32/libssl_p.a /usr/lib32/libzpool.a I updated the host and followed the upgrade guide for the jail (http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/jails-application.html#JAILS-SERVICE-JAILS-UPGRADING). freebsd-update fetch now reports that there are no updates available in the host but the following is the output from freebsd-update fetch in the jail: [root@bb /]# freebsd-update fetch Looking up update.FreeBSD.org mirrors... 3 mirrors found. Fetching metadata signature for 8.0-RELEASE from update5.FreeBSD.org... done. Fetching metadata index... done. Inspecting system... done. Preparing to download files... done. The following files are affected by updates, but no changes have been downloaded because the files have been modified locally: /var/db/mergemaster.mtree The following files will be updated as part of updating to 8.0-RELEASE-p2: /usr/lib/libssl.a /usr/lib/libssl_p.a /usr/lib/libzpool.a /usr/lib32/libssl.a /usr/lib32/libssl_p.a /usr/lib32/libzpool.a Shouldn't freebsd-update know that the jail is up to date or have I failed upgrading it? How am I supposed to know if a jail is up to date if freebsd-update can't tell? I'm sure I ran make cleandir twice before make buildworld. TIA

    Read the article

  • Metro apps crash on startup, driver or permissions issue?

    - by Vee
    After installing Win8 x64 RC, Metro apps worked correctly, but desktop OpenGL apps were slow and unresponsive. I installed the latest Win8 nVidia drivers, and the OpenGL apps started working correctly. At the same time, because of annoying permission messages, I changed the C:\ drive and all its files ownerships to my user, and gave it full permission. I restarted my pc after installing the drivers, and now Metro apps only show the splash screen, then crash. I tried installing other versions of the nVidia drivers, with the same result. My GPU is a GeForce GTX275. Is this a known problem with nVidia drivers? Or maybe changing the ownership of C:\ is the real problem? Thank you. More information (after looking in the event viewer) I've managed to find the problem and the error in the Event Viewer. I still cannot solve it. Here's the information I found by opening the Mail app and letting it crash: Log Name: Microsoft-Windows-TWinUI/Operational Source: Microsoft-Windows-Immersive-Shell Date: 07/06/2012 15.54.17 Event ID: 5961 Task Category: (5961) Level: Error Keywords: User: VEE-PC\Vittorio Computer: vee-pc Description: Activation of the app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail for the Windows.Launch contract failed with error: The app didn't start.. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Immersive-Shell" Guid="{315A8872-923E-4EA2-9889-33CD4754BF64}" /> <EventID>5961</EventID> <Version>0</Version> <Level>2</Level> <Task>5961</Task> <Opcode>0</Opcode> <Keywords>0x4000000000000000</Keywords> <TimeCreated SystemTime="2012-06-07T13:54:17.472416600Z" /> <EventRecordID>6524</EventRecordID> <Correlation /> <Execution ProcessID="3008" ThreadID="6756" /> <Channel>Microsoft-Windows-TWinUI/Operational</Channel> <Computer>vee-pc</Computer> <Security UserID="S-1-5-21-2753614643-3522538917-4071044258-1001" /> </System> <EventData> <Data Name="AppId">microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail</Data> <Data Name="ContractId">Windows.Launch</Data> <Data Name="ErrorCode">-2144927141</Data> </EventData> </Event> Found other stuff, this is another error that appears when opening a Metro app: Log Name: Application Source: ESENT Date: 07/06/2012 16.01.00 Event ID: 490 Task Category: General Level: Error Keywords: Classic User: N/A Computer: vee-pc Description: svchost (1376) SRUJet: An attempt to open the file "C:\Windows\system32\SRU\SRU.log" for read / write access failed with system error 5 (0x00000005): "Access is denied. ". The open file operation will fail with error -1032 (0xfffffbf8). Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="ESENT" /> <EventID Qualifiers="0">490</EventID> <Level>2</Level> <Task>1</Task> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2012-06-07T14:01:00.000000000Z" /> <EventRecordID>11854</EventRecordID> <Channel>Application</Channel> <Computer>vee-pc</Computer> <Security /> </System> <EventData> <Data>svchost</Data> <Data>1376</Data> <Data>SRUJet: </Data> <Data>C:\Windows\system32\SRU\SRU.log</Data> <Data>-1032 (0xfffffbf8)</Data> <Data>5 (0x00000005)</Data> <Data>Access is denied. </Data> </EventData> </Event> After changing permissions again (adding Everyone and Creator Owner to System32), the "access denied to sru.log" error disappears, but this one appears in its place: Log Name: Application Source: Microsoft-Windows-Immersive-Shell Date: 07/06/2012 16.16.34 Event ID: 2486 Task Category: (2414) Level: Error Keywords: (64),Process Lifetime Manager User: VEE-PC\Vittorio Computer: vee-pc Description: App microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail did not launch within its allotted time. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Immersive-Shell" Guid="{315A8872-923E-4EA2-9889-33CD4754BF64}" /> <EventID>2486</EventID> <Version>0</Version> <Level>2</Level> <Task>2414</Task> <Opcode>0</Opcode> <Keywords>0x2000000000000042</Keywords> <TimeCreated SystemTime="2012-06-07T14:16:34.616499600Z" /> <EventRecordID>11916</EventRecordID> <Correlation /> <Execution ProcessID="3008" ThreadID="6996" /> <Channel>Application</Channel> <Computer>vee-pc</Computer> <Security UserID="S-1-5-21-2753614643-3522538917-4071044258-1001" /> </System> <EventData> <Data Name="ApplicationId">microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail</Data> </EventData> </Event> Now I'm stuck. It tells me "Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: The app didn't start. See the Microsoft-Windows-TWinUI/Operational log for additional information." but I can't find the Microsoft-Windows-TWinUI/Operational log. I'm starting a bounty. I found the TWinUI/Operational log. It only tells me: Log Name: Microsoft-Windows-TWinUI/Operational Source: Microsoft-Windows-Immersive-Shell Date: 07/06/2012 16.28.57 Event ID: 5961 Task Category: (5961) Level: Error Keywords: User: VEE-PC\Vittorio Computer: vee-pc Description: Activation of the app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail for the Windows.BackgroundTasks contract failed with error: The app didn't start.. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Immersive-Shell" Guid="{315A8872-923E-4EA2-9889-33CD4754BF64}" /> <EventID>5961</EventID> <Version>0</Version> <Level>2</Level> <Task>5961</Task> <Opcode>0</Opcode> <Keywords>0x4000000000000000</Keywords> <TimeCreated SystemTime="2012-06-07T14:28:57.238140800Z" /> <EventRecordID>6536</EventRecordID> <Correlation /> <Execution ProcessID="3008" ThreadID="2624" /> <Channel>Microsoft-Windows-TWinUI/Operational</Channel> <Computer>vee-pc</Computer> <Security UserID="S-1-5-21-2753614643-3522538917-4071044258-1001" /> </System> <EventData> <Data Name="AppId">microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail</Data> <Data Name="ContractId">Windows.BackgroundTasks</Data> <Data Name="ErrorCode">-2144927141</Data> </EventData> </Event> I need to go deeper. I found a forum thread that told me to look for "DCOM" errors. I found this one related to the app crash "The server Microsoft.WindowsLive.Mail.wwa did not register with DCOM within the required timeout." Log Name: System Source: Microsoft-Windows-DistributedCOM Date: 07/06/2012 16.46.45 Event ID: 10010 Task Category: None Level: Error Keywords: Classic User: VEE-PC\Vittorio Computer: vee-pc Description: The server Microsoft.WindowsLive.Mail.wwa did not register with DCOM within the required timeout. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" /> <EventID Qualifiers="0">10010</EventID> <Version>0</Version> <Level>2</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x8080000000000000</Keywords> <TimeCreated SystemTime="2012-06-07T14:46:45.586943800Z" /> <EventRecordID>2763</EventRecordID> <Correlation /> <Execution ProcessID="804" ThreadID="2364" /> <Channel>System</Channel> <Computer>vee-pc</Computer> <Security UserID="S-1-5-21-2753614643-3522538917-4071044258-1001" /> </System> <EventData> <Data Name="param1">Microsoft.WindowsLive.Mail.wwa</Data> </EventData> </Event>

    Read the article

  • DNSCurve vs DNSSEC

    - by Bill Gray
    Can someone informed, please give a lengthy reply about the differences and advantages/disadvantages of both approaches? I am not a DNS expert, not a programmer. I have a decent basic understanding of DNS, and enough knowledge to understand how things like the kaminsky bug work. From what I understand, DNSCurve has stronger encryption, is far simpler to setup, and an altogether better solution. DNSSEC is needlessly complicated and uses breakable encryption, however it provides end to end security, something DNSCurve does not. However, many of the articles I have read have seemed to indicate that end to end security is of little use or makes no difference. So which is true? Which is the better solution, or what are the disadvantages/advantages of each? edit: I would appreciate if someone could explain what is gained by encrypting the message contents, when the goal is authentication rather than confidentiality. The proof that keys are 1024bit RSA keys is here.

    Read the article

  • Recommended SpamAssassin update channels?

    - by Timo Geusch
    I'm currently using SpamAssassin on a couple of mail servers that I look after. SpamAssassin runs in the context of amavisd-new on those servers and with the usual bunch of plugins (FuzzyOCR, DCC, pyzor, razor). Currently the servers are getting their rule updates from the default SpamAssassin update channel (updates.spamassassin.org). Overall the setup seems to be reasonably effective but some types of spam seem to wander right through it even though I've made repeated attempts at training spamassassin. My guesstimate is that about 85%-90% of the spam that gets through policyd-weight makes it through the filters and it's been getting a lot worse recently as spammers are getting better at working their way through filters. Can someone recommend additional sources of filters to make SpamAssassin more effective? So far I've found OpenProtect's update channel but are there others worth looking at?

    Read the article

  • Benchmarking MySQL on win7

    - by Patrick
    I've setup a nginx server running php 5.3.6 and mysql 5.5.1.3. My computer is an AMD quadcore 9650, 4gb ram, 500gb 7200rpm HD. I ran the PHP MySQL Benchmark Tool v. 0.1, and got the following results: Testing a(n) MYISAM table using 100000 rows. Successfully created database speedtestdb Sucessfully created table speedtesttable Table Type Verified: MYISAM .. Done. 100000 inserts in 19.73628 seconds or 5067 inserts per second. Done. 100000 row reads in 0.2801 seconds or 357015 row reads per second. Done. 100000 updates in 4.03876 seconds or 24760 updates per second. I'm wondering where this stands as far as performance goes, and what are some steps I can take if any to improve on this. I'm not trying to make anything fantastic, just getting a feel for how to best optimize a web server in this configuration.

    Read the article

  • Active Directory, Linux, and User Private Groups

    - by larsks
    We're in the process of moving from NIS on our Linux systems to binding everything to Active Directory. The NIS environment follows the common standard used by many Linux distributions that a user's primary group is a group of the same name as the user (and of which the user is typically the only member). I have been informed that in the Active Directory environment, you may not have a group name with the same name as a user (specifically, that no two AD security objects may have the same name). This would seem to complicate the process of moving our group definitions into AD. It looks like we could maintain the NIS group information in AD using only POSIX attributes (e.g., not an actual AD security object), but that seems like a suboptimal fix (because we do really want to have the same view of group membership in both the Unix and AD worlds). Have you moved a large legacy NIS environment into Active Directory? How did you handle this situation?

    Read the article

  • Is it reasonable to have multiple SSH keys?

    - by Leonid Shevtsov
    So far I've created a separate SSH key for each server I need to login to (for each purpose, to be more accurate). I did it out of a sense of security, just like different passwords to different sites. Does having multiple SSH keys actually improve security? All of them are used from the same machine, are located in the same ~/.ssh, most even have the same passphrase. So... should I give up the whole system and just use one SSH key for everything?

    Read the article

  • freebsd-update reports an upgraded jail as not upgraded

    - by Martin Torhage
    I've set up a "Service Jail" in FreeBSD 8.0 according to the FreeBSD Handbook (http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/jails-application.html). After upgrading the host to the latest patch level and then performed a jail-upgrade, freebsd-fetch still reports that there are files in need of an update in the jail. Is this expected? Then how do I know if a jail is up to date? This is what I've done in more detail: After the initial setup of the jail freebsd-update fetch reported that there were no updates available neither in the host system nor in the jail. This was expected. A while later freebsd-update fetch reported that the following files where in need of an update both in the host and in the jail. /usr/lib/libssl.a /usr/lib/libssl_p.a /usr/lib/libzpool.a /usr/lib32/libssl.a /usr/lib32/libssl_p.a /usr/lib32/libzpool.a I updated the host and followed the upgrade guide for the jail (http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/jails-application.html#JAILS-SERVICE-JAILS-UPGRADING). freebsd-update fetch now reports that there are no updates available in the host but the following is the output from freebsd-update fetch in the jail: [root@bb /]# freebsd-update fetch Looking up update.FreeBSD.org mirrors... 3 mirrors found. Fetching metadata signature for 8.0-RELEASE from update5.FreeBSD.org... done. Fetching metadata index... done. Inspecting system... done. Preparing to download files... done. The following files are affected by updates, but no changes have been downloaded because the files have been modified locally: /var/db/mergemaster.mtree The following files will be updated as part of updating to 8.0-RELEASE-p2: /usr/lib/libssl.a /usr/lib/libssl_p.a /usr/lib/libzpool.a /usr/lib32/libssl.a /usr/lib32/libssl_p.a /usr/lib32/libzpool.a Shouldn't freebsd-update know that the jail is up to date or have I failed upgrading it? How am I supposed to know if a jail is up to date if freebsd-update can't tell? I'm sure I ran make cleandir twice before make buildworld. TIA

    Read the article

  • W2k8, Sybase Driver, Permissions

    - by Clustermagnet
    Trying to get a .net (32bit) app running on a Windows 2008 server. My experience in the Windows world is quite limited. Is this related to the Full/Medium trust settings? Have been Googling for quite some time. Appreciate your feedback! Seeing the following error: Required permissions cannot be acquired. Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: System.Security.Policy.PolicyException: Required permissions cannot be acquired. Source Error: An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below. Stack Trace: [PolicyException: Required permissions cannot be acquired.] System.Security.SecurityManager.ResolvePolicy(Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, PermissionSet& denied, Boolean checkExecutionPermission) +7606467 System.Security.SecurityManager.ResolvePolicy(Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, PermissionSet& denied, Int32& securitySpecialFlags, Boolean checkExecutionPermission) +57 [FileLoadException: Could not load file or assembly 'Sybase.Data.AseClient, Version=1.155.1000.0, Culture=neutral, PublicKeyToken=26e0f1529304f4a7' or one of its dependencies. Failed to grant minimum permission requests. (Exception from HRESULT: 0x80131417)] System.Reflection.Assembly._nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity, Assembly locationHint, StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean forIntrospection) +0 System.Reflection.Assembly.nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity, Assembly locationHint, StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean forIntrospection) +43 System.Reflection.Assembly.InternalLoad(AssemblyName assemblyRef, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection) +127 System.Reflection.Assembly.InternalLoad(String assemblyString, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection) +142 System.Reflection.Assembly.Load(String assemblyString) +28 System.Web.Configuration.CompilationSection.LoadAssemblyHelper(String assemblyName, Boolean starDirective) +46 [ConfigurationErrorsException: Could not load file or assembly 'Sybase.Data.AseClient, Version=1.155.1000.0, Culture=neutral, PublicKeyToken=26e0f1529304f4a7' or one of its dependencies. Failed to grant minimum permission requests. (Exception from HRESULT: 0x80131417)] System.Web.Configuration.CompilationSection.LoadAssemblyHelper(String assemblyName, Boolean starDirective) +613 System.Web.Configuration.CompilationSection.LoadAllAssembliesFromAppDomainBinDirectory() +203 System.Web.Configuration.CompilationSection.LoadAssembly(AssemblyInfo ai) +105 System.Web.Compilation.BuildManager.GetReferencedAssemblies(CompilationSection compConfig) +178 System.Web.Compilation.WebDirectoryBatchCompiler..ctor(VirtualDirectory vdir) +163 System.Web.Compilation.BuildManager.BatchCompileWebDirectoryInternal(VirtualDirectory vdir, Boolean ignoreErrors) +53 System.Web.Compilation.BuildManager.BatchCompileWebDirectory(VirtualDirectory vdir, VirtualPath virtualDir, Boolean ignoreErrors) +175 System.Web.Compilation.BuildManager.CompileWebFile(VirtualPath virtualPath) +86 System.Web.Compilation.BuildManager.GetVPathBuildResultInternal(VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile) +261 System.Web.Compilation.BuildManager.GetVPathBuildResultWithNoAssert(HttpContext context, VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile) +101 System.Web.Compilation.BuildManager.GetVirtualPathObjectFactory(VirtualPath virtualPath, HttpContext context, Boolean allowCrossApp, Boolean noAssert) +126 System.Web.Compilation.BuildManager.CreateInstanceFromVirtualPath(VirtualPath virtualPath, Type requiredBaseType, HttpContext context, Boolean allowCrossApp, Boolean noAssert) +62 System.Web.UI.PageHandlerFactory.GetHandlerHelper(HttpContext context, String requestType, VirtualPath virtualPath, String physicalPath) +33 System.Web.UI.PageHandlerFactory.GetHandler(HttpContext context, String requestType, String virtualPath, String path) +37 System.Web.MaterializeHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +307 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +155 Version Information: Microsoft .NET Framework Version:2.0.50727.4959; ASP.NET Version:2.0.50727.4955

    Read the article

  • Yum error when updating / install

    - by acctman
    Yum error are the RHN servers down or is there a problem on my server. yum update Loaded plugins: rhnplugin, security There was an error communicating with RHN. RHN support will be disabled. Error communicating with server. The message was: Error Message: RHN Proxy could not successfully connect its RHN parent. Please contact your system administrator. Error Class Code: 1000 Error Class Info: RHN Proxy error. Explanation: An error has occurred while processing your request. If this problem persists please enter a bug report at bugzilla.redhat.com. If you choose to submit the bug report, please be sure to include details of what you were trying to do when this error occurred and details on how to reproduce this problem. Excluding Packages in global exclude list Finished Skipping security plugin, no data Setting up Update Process No Packages marked for Update

    Read the article

  • Print server not being recognized after switching router and upgrading to 64 bit

    - by picardo
    I recently upgraded Windows 7 from 32 bit to 64 bit. I also switched my router from a very old model of Netgear to TP-Link. Before these updates, I had been using a USB print server by IOGear. After the updates, I took care to reinstall the drivers for both the print server and the printer, and picked the option to install a printer via TCP/IP, but no matter what I did, the driver software couldn't locate the print server on my network. I hit refresh, restarted my machine, turned off the firewalls and tried again. Still nothing. I'm at my wit's end. What else is left to try? Edit: More info. The print server is connected to the router via LAN line. The computer is connected to the router with a wireless connection.

    Read the article

  • Multiple syslog-ng destination loghosts

    - by pablo808
    I am currently forwarding logs to one remote destination loghost. filter f_windows { program("Security-Audit*"); }; log { source(r_sys); filter(f_windows); destination(d_windows); }; log { source(r_sys); filter (f_windows); destination(d_loghost); }; I would like to forward these logs to two additional remote destination loghost's. The manual defines destination syntax as: destination <identifier> { destination-driver(params); destination-driver(params); ... }; Tried these different configs: Define additional destinations hosts in d_loghost: destination d_loghost { udp("server1" port(514)); udp("server2" port(514)); udp("server3" port(514));}; filter f_windows { program("Security-Audit*"); }; log { source(r_sys); filter (f_windows); destination(d_loghost); }; Define addtional destination hosts in their own d_loghost definitions: destination d_loghost1 { udp("server1" port(514)); destination d_loghost2 { udp("server2" port(514)); destination d_loghost3 { udp("server3" port(514)); filter f_windows { program("Security-Audit*"); }; log { source(r_sys); filter (f_windows); destination(d_loghost1); }; log { source(r_sys); filter (f_windows); destination(d_loghost2); }; log { source(r_sys); filter (f_windows); destination(d_loghost3); }; Both fail unfortuantly, what am I missing? Thanks.

    Read the article

  • Can not connect to telnet server

    - by BloodPhilia
    So, I can't use telnet to connect to any server but it works fine from a different computer. It just says it can't connect. I tried the following things: Disable firewall and AV protection. (Basically, there was no security feature left online) Telnet is set to "Trusted" in my AV protection. (Kaspersky Internet Security 2011) Using Putty to telnet, but apparently Putty's connection is also inhibited. (Says it can't connect to host) Disabling the telnet client in Control Panel and then re-enabling it. (Windows 7 Ultimate) hosts file is clean. Checked for nasties using MBAM and KIS 2011 as well as going though my HijackThis logs, nothing found. I can connect to the same machines/servers through the web browser, ping, tracert, etc. Only telnet seems to be blocked. Any other thoughts?

    Read the article

  • Applying memory limits to screen sessions

    - by CollinJSimpson
    You can set memory usage limits for standard Linux applications in: /etc/security/limits.conf Unfortunately, I previously thought these limits only apply to user applications and not system services. This means that users can by bypass their limits by launching applications through a system service such as screen. I'd like to know if it's possible to let users use screen but still enforce application limits. Jeff had the great idea of using nohup which obeys user limits (wonderful!), but I would still like to know if it's possible to mimic the useful windowing features of screen. EDIT: It seems my screen sessions are now obeying my hard address space limits defined in /etc/security/limits.conf. I must have been making some mistake. I recently installed cpulimit, but I doubt that's the solution.Thanks for the nohup tip, Jeff! It's very useful. Link to CPU Limit package

    Read the article

  • Best practice for authenticating DMZ against AD in LAN

    - by Sergei
    We have few customer facing servers in DMZ that also have user accounts , all accounts are in shadow password file. I am trying to consolidate user logons and thinking about letting LAN users to authenticate against Active Directory.Services needing authentication are Apache, Proftpd and ssh. After consulting security team I have setup authentication DMZ that has LDAPS proxy that in turn contacts another LDAPS proxy (proxy2) in LAN and this one passes authentication info via LDAP (as LDAP bind) to AD controller.Second LDAP proxy only needed because AD server refuses speak TLS with our secure LDAP implemetation. This works for Apache using appropriate module.At a later stage I may try to move customer accounts from servers to LDAP proxy so they are not scattered around servers. For SSH I joined proxy2 to Windows domain so users can logon using their windows credentials.Then I created ssh keys and copied them to DMZ servers using ssh-copy, to enable passwordless logon once users are authenticated. Is this a good way to implement this kind of SSO?Did I miss any security issues here or maybe there is a better way ofachieving my goal?

    Read the article

  • How do I totally get rid of Norton Utilities

    - by Patriot
    Alright, so I treated myself to a new computer for Christmas. Windows7 64-bit, yada yada yada. Uninstalled Norton Security using Windows7 uninstall program, installed Microsoft Security Essentials in it's place. From a cold boot, I still get the screen from Norton asking me if I wanna sign up for the free six months, which I don't. Guess Windows7 uninstall left behind some pieces. Anyone know how I can get rid of this Norton screen? EDIT: @ Revolter: Great. Used Norton Removal Tool Successfully. Now I get a different pop-up window ALWAYS reminding me if I want to activate Norton Online Backup. What does one have to do to FINALLY get rid of these people?

    Read the article

  • chkdsk, SeaTools, and "does not have enough space to replace bad clusters"

    - by Zian Choy
    When I tried to do a Windows Vista Complete PC Backup, I received an error message that blathered about bad sectors. Then, when I ran chkdsk /r on the destination drive, this is what I got: C:\Windows\system32>chkdsk /R E: The type of the file system is NTFS. Volume label is Desktop Backup. CHKDSK is verifying files (stage 1 of 5)... 822016 file records processed. File verification completed. 1 large file records processed. 0 bad file records processed. 0 EA records processed. 0 reparse records processed. CHKDSK is verifying indexes (stage 2 of 5)... 848938 index entries processed. Index verification completed. 0 unindexed files processed. CHKDSK is verifying security descriptors (stage 3 of 5)... 822016 security descriptors processed. Security descriptor verification completed. 13461 data files processed. CHKDSK is verifying file data (stage 4 of 5)... The disk does not have enough space to replace bad clusters detected in file 239649 of name . The disk does not have enough space to replace bad clusters detected in file 239650 of name . The disk does not have enough space to replace bad clusters detected in file 239651 of name . An unspecified error occurred.f 822000 files processed) Yet, when I ran the SeaTools short & long generic tests on the Seagate disk, I didn't receive any errors. I know that I could reformat the disk and try running chkdsk /r again but I'd prefer to avoid waiting 4 hours in the hope that the problem was magically fixed. On the other hand, if I RmA the drive to Seagate, I have no SeaTools error number to use and they may claim that the drive is just fine. What should I try to do next? Side frustration: There is plenty of free hard drive space. The E: partition has 182 GB free.

    Read the article

  • Group policy software installation feature on server 2008

    - by Force Flow
    What is the proper procedure for distributing software updates using group policy's software installation feature? For example, if I want to install Java, and Java 1.7u6 is already added as a package, should I: A) Remove the Java 1.7u6 package (selecting the "allow users to continue to use" option), and add Java 1.7u7? B) Add Java 1.7u7 and specify that it is an update to the existing 1.7u6 package? (Will this install the oldest version first, then install each update one after the other, or will it just install the latest package?) Note that this question is geared toward the operation of the software installation feature of group policy, not specifically the behavior of the Java installers. This could easily apply to the installation of Adobe Flash, Adobe Reader, or any other common software applications with frequent updates.

    Read the article

  • IPSEC site-to-site Openswan to Cisco ASA

    - by Jim
    I recieved a list of commands that were run on the right side of the VPN tunnel which is where the Cisco ASA resides. On my side, I have a linux based firewall running debian with openswan installed. I am having an issue with getting to Phase 2 of the VPN negotiation. Here is the Cisco Information I was sent: {my_public_ip} = left side of connection tunnel-group {my_public_ip} type ipsec-l2l tunnel-group {my_public_ip} ipsec-attributes pre-shared-key fakefake crypto map vpn1 1 match add customer-ipsec crypto map vpn1 1 set peer {my_public_ip} crypto map vpn1 1 set transform-set aes-256-sha crypto map vpn1 interface outside static (outside,inside) 10.2.1.200 {my_public_ip} netmask 255.255.255.255 crypto ipsec transform-set aes-256-sha esp-aes-256 esp-sha-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto map vpn1 1 match address customer-ipsec crypto map vpn1 1 set peer {my_public_ip} crypto map vpn1 1 set transform-set aes-256-sha crypto map vpn1 interface outside crypto isakmp enable outside crypto isakmp policy 1 authentication pre-share encryption aes-256 hash sha group 2 lifetime 86400 Myside ipsec.conf config setup klipsdebug=none plutodebug=none protostack=netkey #nat_traversal=yes conn cisco #name of VPN connection type=tunnel authby=secret #left side (myside) left={myPublicIP} leftsubnet=172.16.250.0/24 #net subnet on left sdie to assign to right side leftnexthop=%defaultroute #right security gateway (ASA side) right={CiscoASA_publicIP} #cisco ASA rightsubnet=10.2.1.0/24 rightnexthop=%defaultroute #crypo stuff keyexchange=ike ikelifetime=86400s auth=esp pfs=no compress=no auto=start ipsec.secrets file {CiscoASA_publicIP} {myPublicIP}: PSK "fakefake" When I start ipsec from the left side/my side I don't recieve any errors, however when I run the ipsec auto --status command: 000 "cisco": 172.16.250.0/24==={left_public_ip}<{left_public_ip}>[+S=C]---{left_public_ip_gateway}...{left_public_ip_gateway}--{right_public_ip}<{right_public_ip}>[+S=C]===10.2.1.0/24; prospective erouted; eroute owner: #0 000 "cisco": myip=unset; hisip=unset; 000 "cisco": ike_life: 86400s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0 000 "cisco": policy: PSK+ENCRYPT+TUNNEL+UP+IKEv2ALLOW+SAREFTRACK+lKOD+rKOD; prio: 24,24; interface: eth0; 000 "cisco": newest ISAKMP SA: #0; newest IPsec SA: #0; 000 000 #2: "cisco":500 STATE_MAIN_I1 (sent MI1, expecting MR1); EVENT_RETRANSMIT in 10s; nodpd; idle; import:admin initiate 000 #2: pending Phase 2 for "cisco" replacing #0 Now I'm new to setting up an site-to-site IPSEC tunnel so the status informatino I am unsure what it means. All I know is it sits at this "pending Phase 2" and I can't ping the other side, Another question I have is, if I do a route -n, should I see anything relating to this connection? Also, I read a few artilcle where configs contained the interface="ipsec0=eth0", is this an interface that I have to create on the linux debian firewall on my side? Appreciate your time to look at this.

    Read the article

  • Is there an unintrusive antivirus program that I can ask to scan object on demand only? [closed]

    - by Faken
    Possible Duplicate: Recommended offline on-demand virus scanners I'm looking for an unintrusive antivirus program that I can get to run scans on suspicious objects on demand and only on demand. Most other antivirus programs install many layers of protection and things running in the background and preform regular updates and system scans at inconvenient times. I want an antivirus program that I can simply right click and object and select "scan for viruses" and nothing more. Is there a reliable antivirus program out there that offers this and only this without the automatic updates, background processes, and intrusive automatic system scans? Note: this is for Windows.

    Read the article

  • Windows Update can't install Windows Vista SP1

    - by Harry Johnston
    If you install Windows Vista RTM and run Windows Update, many updates are offered and will successfully install. Once all other updates are installed, Windows Vista service pack 1 is offered. When you attempt to install Windows Vista service pack 1, the service pack installation wizard appears, presenting the license agreement and so on. However, shortly after the installation starts the wizard disappears. Windows Update says that the update was installed successfully. However, service pack 1 is not in fact installed, and will be detected as needed again on the next update check. Repeat ad nauseum. On checking the Windows Update log, error 0x80190194 appears near the beginning of an update check, associated with the URL http://update.microsoft.com/vista/windowsupdate/redir/vistawuredir.cab. Why won't service pack 1 install properly and how do I fix it?

    Read the article

  • How to manage groups and users in Jenkins

    - by Michael
    I'm trying to use role based security plugin in Jenkins, but i'm not sue i am using it right. I've decided to go with jenkin's own user database as a security realm instead of LDAP. i'm adding the users one by one. Now in the Assign Roles screen, i have global roles like administrator, read only etc... and i have project specific roles like prod_a_developer, prod_b_developer... For each user, do i have to both assign one of the global roles for him and also assign a specific project role ? Also, how do i assign a user to a group ? instead of assigning each user a global role i want to assign a group a global role. not so trivial, Can someone please help me ? Thanks.

    Read the article

  • built in "Offer Remote Assistance" not working because of permissions

    - by Caleb_S
    I'm trying to enable permissions for a user on a Windows7 machine to use the built in feature called "Offer Remote Assistance" or "Windows Remote Assistance". This feature works fine if the user is added to the "domain admins" security group, but for security reasons, I cannot leave him in that group. This is within a SBS2003 Domain. I have added the user and also a group that he is apart of to the Small Business Server Remote Assistance Policy, after following some documentation I was able to find, but this has not worked. Can you tell me how to enable this feature for this user and or a user group? http://content.screencast.com/users/CASEIT/folders/Forum%20Pictures/media/2a518bc9-4184-4520-8b76-cdf46555f568/2011-08-18_1330.png

    Read the article

  • IIS requesting certificates even though set to ignore

    - by lupefiasco
    I have a web site in IIS 6 with directory security set to Require secure channel (SSL) and Require 128-bit encryption. Also, the Client certificates setting is set to "Ignore client certificates". When I hit https://servername/resource in Internet Explorer and Chrome , I am prompted for a certificate. I can cancel the prompt, and the resource will load, but I don't want to see this prompt at all. I looked at the virtual directories and resources within the web site, and they all have the ignore client certificates setting on. Could there be another setting, perhaps in the metbase, that is overriding the web site's directory security settings?

    Read the article

  • Sophos Enterprise Console 4.5, Mac Client 7 Not Auto-Populating SEC Info

    - by user65712
    I have Sophos Endpoint Security and Control, which includes Sophos Enterprise Console (SEC). I'm currently running version 4.5 of SEC, which is an older version. I subscribe to Mac updates, and SEC generates a binary Mac installer for me to use on Mac endpoints (Version 7 for Mac, also an older version). However, when I run the installer on Mac endpoints, it installs fine but then never auto-fills out the location of the update server, which is on a network share, and the account credentials used to access it, which I do not know and were generated by Sophos automatically. Previously, I had been able to use the SEC-generated installer to install and run Sophos on a Mac seamlessly; the update location information and account credentials were automatically filled during login, I ran the installer and it was perfectly set up. Now, however, Sophos installs on a Mac but never updates because it doesn't have the update location OR credentials. Has anyone else run across this problem or know why it is happening? Sophos Enterprise Console 4.5.1.0

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 265 266 267 268 269 270 271 272 273 274 275 276  | Next Page >