Search Results

Search found 18805 results on 753 pages for 'security center'.

Page 29/753 | < Previous Page | 25 26 27 28 29 30 31 32 33 34 35 36  | Next Page >

  • What tangible security are gained by blocking all but a few outgoing ports in a firewall

    - by Frankie Dintino
    Our current hardware firewall allows for blocking incoming and outgoing ports. We have two possibilities: Block certain troublesome ports (unsecured smtp, bittorrent, etc.) Block all but a few approved ports (http, https, ssh, imap-ssl, etc.) I see several downsides with option 2. Occasionally web servers are hosted on non-standard ports and we would have to deal with the resulting issues. Also, there is nothing preventing a malicious or unwanted service from being hosted on port 80, for instance. What are are the upsides?

    Read the article

  • Does disabling root login enhance security?

    - by PJ
    I have recently found an argument against disabling a root user login in Linux at http://archives.neohapsis.com/archives/openbsd/2005-03/2878.html I assume that, if everybody uses a public key authentication, there's no risk at losing the root password. Is it always better to disable the root login via ssh?

    Read the article

  • Webserver security, intrusion detection, and file intregrity

    - by enfield
    I would like to add some type of tracking / alerting on some linux webservers running PHP and Apache. In doing searches I have come across a lot of info from 2006-2009. Would like to revisit things and see what others are doing now. The main purpose here is to track when any files are changed and if so alert me somehow. The same goes for IDS and hopefully something that can reside on same server? Since some of these are small scale projects I would prefer opensource/free solutions that are really effective. Although I would still like to hear of other alternatives if someone has the experience and the cost can be justified.

    Read the article

  • Exploratory Question for Security Admins (/etc/passwd + PHP)

    - by JPerkSter
    Hi everyone, I've been seeing a few issues lately on a few of my servers where an account gets hacked via outdated scripts, and the hacker uploads a cPanel / FTP Brute forcing PHP script inside the account. The PHP File reads /etc/passwd to get the usernames, and than uses a passwd.txt file to try and brute force it's way in to 127.0.0.1:2082. I'm trying to think of a way to block this. It doesn't POST anything except "GET /path/phpfile.php", so I can't use mod_security to block this. I've been thinking of maybe changing permissions on /etc/passwd to 600, however I'm unsure how this will result in regards to my users. I was also thinking of rate-limiting localhost connections to :2082, however I'm worried about mod_proxy being affected. Any suggestions?

    Read the article

  • Security issue on Linux with Netbeans

    - by WebDevHobo
    In order to edit some files in Netbeans, I had to do a chmod 777 on the parent-folder. Reason being that anything else would result in Netbeans not wanting to accept the folder, as it could not be written. Is there an other way to do this besides doing a chmod 777? I'm on Ubuntu 9.10, using Netbeans 6.7.1 And after that, I manually have to give each file the needed rights. There should be an easier way, I just don't know it. EDIT: I am running XAMPP and the files I'm trying to edit are in the htdocs folder. I'm running Netbeans as my local user account, which is how it starts if I have it run from the applications-menu.

    Read the article

  • windows 2008 R2 TS printer security - can't take owership

    - by Ian
    I have a Windows 2008 R2 server with Terminal server role installed. I'm seeing a problem with an ordinary user who is member of local printer operators group on the server. If the user opens a cmd window using ‘run as administrator’ they can run printmanager.msc without needing to enter their password again. In printmanager they can change the ownership of redirected (easy print) printers without problems. If, from the same cmd window, they use subinacl to try and change the onwership of the queue to themselves they get access denied: >subinacl.exe /printer "_#MyPrinter (2 redirected)" /setowner="MyDom\MyUsr" Elapsed Time: 00 00:00:00 Done: 1, Modified 0, Failed 1, Syntax errors 0 Last Done : _#MyPrinter (2 redirected) Last Failed: _#MyPrinter (2 redirected) - OpenPrinter Error : 5 Access denied so, same context, same action but one works and one doesn't. Any ideas for this odd behaviour? I'm using subinacl x86 on an x64 server as I can't find anything more up to date. I've tried with icacls and others but couldn't get them to do anything with printers. EDIT: added after Gregs comments regarding setacl below If I log into the TS server as Testusr and open Admin Tools Printer Admin (as administrator) and then type mydomain\testusr and the testusr's password, then I can change the ownership of the printer queue and set testusr as the owner. However if I open cmd as administrator and, again, type mydomain\testusr and the users password when I try to change the ownership of my redirected printer I get the following: C:\>setacl -on "Bullzip PDF Printer (12 redireccionado)" -ot prn -actn setowner -ownr n:mydom\testusr WARNING: Privilege 'Back up files and directories' could not be enabled. SetACL's powers are restricted. WARNING: Privilege 'Restore files and directories' could not be enabled. SetACL's powers are restricted. INFORMATION: Processing ACL of: <Bullzip PDF Printer (12 redireccionado)> ERROR: Enabling the privilege SeTakeOwnershipPrivilege failed with: No todos los privilegios o grupos a los que se hace referencia son asignados al llamador. [meaning not all referenced privs or groups are assigned to the caller] SetACL finished with error(s): SetACL error message: A privilege could not be enabled maybe I'm getting something wrong but if the built in windows tool can do it with just membership of the 'print operators' group then setacl should be able to as well, no? However setacl seems to depend on other privileges, which in reality are not required to do this.

    Read the article

  • Security when, ssh Private keys are lost

    - by Shree Mandadi
    Cant explain my problem enough with words, Let me take an example.. and please multiple the complexity by a 100 for the Solution. User-A has two ssh private keys, and over time has used this public key on a number of servers He lost one of them, and has created a new pair. How does User-A, inform me (Sys Admin), that he has lost his key, and How do I manage all the servers to which he had access to (I do not have a list, of all Servers that User-A has access to). In other words, How do I recall, the public key associated with this Private key. REF: In the LDAP based Authentication, All Servers would communicate with a single Server repository for Authentication, and If I remove acess or modify the password on the Server, all Systems that use this LDAP for Authentication are secured, when User-A loses his password..

    Read the article

  • Is there a way to explore my WHS files via Xbox 360's Media Center app?

    - by bangoker
    I know its a "Console" question but its really more of a Media Center Extender question! I can access the data through the Video/Pictures options, but not through the Media Center App. Also I can only see the videos that are directly on the Videos folder on my WHS, but not any of the subfolders. Same thing in my Laptop, if I connect to my WHS through Media Player it will only show the videos on Videos but not any other sub-folder, but if I open Media Center I can then connect to server and see all the folders.

    Read the article

  • How to get started setting up IP security cameras

    - by dave
    I have just finished renovating my house. As part of the job, I have cat6 cable run through the house, including two external plugs. All cables terminate in the same location. My rough plan is to plug two IP cameras to monitor the front and rear, run POE from a central router to the two external cameras, plug my PC into the same router and run magic software X. Any machine plugged into the router or wirelessly connection should then be able to get a live feed and alerts based on motion detection. That's the plan, but I'm not sure how possible it is. What hardware to get and what monitoring software to get. Has anyone does something similar? What were your experiences?

    Read the article

  • Top ten security tips for non-technical users

    - by Justin
    I'm giving a presentation later this week to the staff at the company where I work. The goal of the presentation is to serve as a refresher/remidner of good practices that can help keep our network secure. The audience is made up of both programmers and non-technical staff, so the presentation is geared for non-technical users. I want part of this presentation to be a top list of "tips". The list needs to be short (to encourage memory) and be specific and relevant to the user. I have the following five items so far: Never open an attachment you didn't expect Only download software from a trusted source, like download.com Do not distribute passwords when requested via phone or email Be wary of social engineering Do not store sensitive data on an FTP server I have two questions: Do you suggest any additional items? Do you suggest any changes to existing items?

    Read the article

  • Security and encryption with OpenVPN

    - by Chris Tenet
    The UK government is trying to implement man-in-the-middle attack systems in order to capture header data in all packets. They are also equipping the "black boxes" they will use with technology to see encrypted data (see the Communications Data Bill). I use a VPN to increase my privacy. It uses OpenVPN, which in turn uses the OpenSSL libraries for encrypting data. Will the government be able to see all the data going through the VPN connection? Note: the VPN server is located in Sweden, if that makes a difference.

    Read the article

  • Security: Unable to display current owner

    - by Jim McKeeth
    I have a user with local administrative rights on their Windows 7 64-bit box. They extracted a file from a zip file they downloaded with the Zip shell extension to their desktop on a non-encrypted or compressed NTFS volume. Unfortunately they cannot open it. I tried to take ownership of it and it just reports "Access is Denied" and for the current owner it reports "Unable to display current owner." At this point the file cannot be deleted, executed or modified. I have actually seen this exact same happen in Vista before, but I can't for the life of me remember how to fix it. Any ideas how it happened or how to fix it? I'd be happy just to delete it without a format at this point.

    Read the article

  • tools to check password security

    - by tombull89
    Hello again. I'm after a tool to test how long a password could stand up to a hacking/cracking technique such as brute force as two passwords that are critical to a work system is one word that is in the dictionary, and another is a word in the dictionary with a capital letter and a number instead of a letter. I'd prefer it to be offline and free that you can run on a computer to see how long the password will hold out. Maybe even at the windows login prompt but I realise such programmes may be shady and erring on the side of illegal. Anybody have any suggestions?

    Read the article

  • Security Restrictions Downloading From the Internet

    - by Cyper
    Hi, For some reason since we rolled out IE7 to the estate users are unable to download from the Internet, they get an error message "the operation could not be completed due to restrictions on the computer" I have checked the GPO and it allows downloads in the Default domain policy. I am I missing something in GPO or is this problem with IE7. Any help would be much appreciated. Cheers

    Read the article

  • Is it possible to use two separate USB tuners with Windows Media Center?

    - by Lunatik
    I'm planning to replace my traditional PC-style media center (with twin tuners) with an Asrock Ion 3D (or similar) but this means forgoing my existing PCI-E dual tuner card for a USB solution. Since Freeview HD (using DVB-T2) is now available I'd like to equip my media center to take advantage. The trouble is there are currently no dual DVB-T2 USB tuners on the market (that I can find anyway). Would I be able to plug two separate USB tuners and have them correctly picked up and working within all apps, including Windows Media Center? Are there any caveats I might need to bear in mind when using two tuners in this way?

    Read the article

  • windows 2008 R2 TS printer security - can't take owership

    - by Ian
    I have a Windows 2008 R2 server with Terminal server role installed. I'm seeing a problem with an ordinary user who is member of local printer operators group on the server. If the user opens a cmd window using ‘run as administrator’ they can run printmanager.msc without needing to enter their password again. In printmanager they can change the ownership of redirected (easy print) printers without problems. If, from the same cmd window, they use subinacl to try and change the onwership of the queue to themselves they get access denied: >subinacl.exe /printer "_#MyPrinter (2 redirected)" /setowner="MyDom\MyUsr" Elapsed Time: 00 00:00:00 Done: 1, Modified 0, Failed 1, Syntax errors 0 Last Done : _#MyPrinter (2 redirected) Last Failed: _#MyPrinter (2 redirected) - OpenPrinter Error : 5 Access denied so, same context, same action but one works and one doesn't. Any ideas for this odd behaviour? I'm using subinacl x86 on an x64 server as I can't find anything more up to date. I've tried with icacls and others but couldn't get them to do anything with printers.

    Read the article

  • Apache Request IP Based Security

    - by connec
    I run an Apache server on my home system that I've made available over the internet as I'm not always at my home system. Naturally I don't want all my home server files public, so until now I've simply had: Order allow, deny Deny from all Allow from 127.0.0.1 in my core configuration and just Allow from all in the htaccess of any directories I wanted publicly viewable. However I've decided a better system would be to centralise all the access control and just require authentication (HTTP basic) for requests not to 127.0.0.1/localhost. Is this achievable with Apache/modules? If so how would I go about it? Cheers.

    Read the article

  • solr Security help

    - by Camran
    I have solr setup with Jetty on my Ubuntu server. On any computer now, I can type my_ip:8983/solr/ and the page will show upp to anybody. How can I disable this so that only I can access that port and the solr admin? Thanks

    Read the article

  • Security Restrictions Downlaodeding From the Internet

    - by Cyper
    Hi, for some reason since we rolled out IE7 to the estate users are unable to download from the Internet, they get an error message "the operation could not be completed due to restrictions on the computer" I have checked the GPO and it allows downloads in the Default domain policy. I am I missing something in GPO or is this problem with IE7. Any help would be much appreciated. Cheers

    Read the article

  • Installing a personal security certificate for Windows Server 2008 Terminal Services user

    - by Rick
    We use StoneEdge Order Manager, which runs under Microsoft Access, on several Windows computers as well as through Terminal Services on Windows Server 2008. Terminal Services users are unable to process credit cards using the First Data Global Gateway on the server. We have followed the necessary setup instructions provided under the user account, which involves adding a certificate in the Internet Options control panel. The Windows XP desktops require this to be done, or a generic 'unable to connect' message is shown when attempting to charge a card. On the server, this message is shown regardless of whether the certificate has been installed. Is there anything else that needs to be done that is specific to Windows Server that is not mentioned in the workstation instructions? Setup Instructions

    Read the article

  • Erfolgreicher Start für Solution Center von Azlan

    - by A&C Redaktion
    Von links nach rechts: Rainer Hunkler, Hunkler GmbH & Co. KG / Birgit Nehring, Director Software & Solutions TDAzlan Am 11. Juni war es so weit: Der Distributor Tech Data Azlan eröffnete feierlich das zertifizierte Oracle Solutions Center (wir berichteten). Zugegen waren auch diverse Oracle Partner. Sie sind es, an die sich das neue Angebot vorrangig richtet: Das beeindruckend ausgestattete Oracle Authorized Solutions Center (OASC) steht Partnern künftig zur Verfügung, um vor allem Engineered Systems, aber auch Klassiker wie den Sparc-Server zu testen und ihren Kunden live vorzuführen. Unterstützt werden Interessierte dabei durch den Azlan-Consultant Ingo Frobenius und sein Team ausgewiesener Oracle Spezialisten. Es ist sogar möglich, die Systeme auszuleihen, wenn der Test in einer besonderen Umgebung erfolgen soll. Gemeinsam mit Birgit Nehring, Director Software und Solutions bei Azlan, feierten hochrangige Oracle Vertreter wie Christian Werner diesen Meilenstein für Oracle und Azlan. Einen ausführlichen Bericht von der Eröffnung mit Hintergründen zur Neuausrichtung im Channel-Business und der Oracle Strategie bezüglich Engineered Systems lesen Sie in der aktuellen Ausgabe der IT-Business unter der Überschrift „Azlan nimmt Demo-Center für Oracle Produkte in Betrieb“.

    Read the article

  • Erfolgreicher Start für Solution Center von Azlan

    - by A&C Redaktion
    Von links nach rechts: Rainer Hunkler, Hunkler GmbH & Co. KG / Birgit Nehring, Director Software & Solutions TDAzlan Am 11. Juni war es so weit: Der Distributor Tech Data Azlan eröffnete feierlich das zertifizierte Oracle Solutions Center (wir berichteten). Zugegen waren auch diverse Oracle Partner. Sie sind es, an die sich das neue Angebot vorrangig richtet: Das beeindruckend ausgestattete Oracle Authorized Solutions Center (OASC) steht Partnern künftig zur Verfügung, um vor allem Engineered Systems, aber auch Klassiker wie den Sparc-Server zu testen und ihren Kunden live vorzuführen. Unterstützt werden Interessierte dabei durch den Azlan-Consultant Ingo Frobenius und sein Team ausgewiesener Oracle Spezialisten. Es ist sogar möglich, die Systeme auszuleihen, wenn der Test in einer besonderen Umgebung erfolgen soll. Gemeinsam mit Birgit Nehring, Director Software und Solutions bei Azlan, feierten hochrangige Oracle Vertreter wie Christian Werner diesen Meilenstein für Oracle und Azlan. Einen ausführlichen Bericht von der Eröffnung mit Hintergründen zur Neuausrichtung im Channel-Business und der Oracle Strategie bezüglich Engineered Systems lesen Sie in der aktuellen Ausgabe der IT-Business unter der Überschrift „Azlan nimmt Demo-Center für Oracle Produkte in Betrieb“.

    Read the article

  • Silverlight Center And Scale Behavior

    - by Jacek Ciereszko
    If you are interested in my last post about "How to center and scale Silverlight applications using ViewBox control", I just published behavior that you can use instead of making changes in code. How it works? 1. Download behavior (http://gallery.expression.microsoft.com/en-us/CenterAndScale ) 2. Add dll to your application <UserControl .....     xmlns:interaction="clr-namespace:System.Windows.Interactivity;assembly=System.Windows.Interactivity"            xmlns:behavior="clr-namespace:CenterAncScaleBehavior;assembly=CenterAncScaleBehavior"  .... >     <interaction:Interaction.Behaviors>         <behavior:CenterAncScaleBehavior />     </interaction:Interaction.Behaviors>     <Grid > ... </Grid> </UserControl> 3. DONE! Your application is ready!   Watch movie to see how it works (66 seconds): See examples Application without "Center And Scale Behavior":  http://bit.ly/cVinEC Application with "Center And Scale Behavior":  http://bit.ly/ba8UsI   Source code and dlls http://gallery.expression.microsoft.com/en-us/CenterAndScale   Cheers! Jacek Ciereszko

    Read the article

  • Center Page Content Horizontally using Div with CSS

    - by Aamir Hasan
    Center your website content to create equal sized Space from  the left and right using css. Horizontally centered by setting its right and left margin widths to "auto". This is the preferred way to accomplish horizontal centering with CSS. Create a warpper div which will hold your content div and then give it a margin:auto attribute which will bring your warpper div into center of page.<html><head><title>Center Page Content Horizontally and Vertically using Div with CSS </title> <style type="text/css">body{background-color:#eaeaea;}  #wrapper {width: 777px;margin:auto}  #content{background-color:#00FF00;min-height:400px;}  </style>  </head>  <body>  <form id="form1" runat="server">  <div id="wrapper"> <div id="wrapper">  <div id="content">  Welcome to Studentacad.com  </div>  </div>  </form>  </body></html>

    Read the article

  • How should I track approval workflow when users at every security level can create a request?

    - by Eric Belair
    I am writing a new application that allows users to enter requests. Once a request is entered, it must follow an approval workflow to be finally approved by a user the highest security level. So, let's say a user at Security Level 1 enters a request. This request must be approved by his superior - a user at Security Level 2. Once the Security Level 2 user approves it, it must be approved by a user at Security Level 3. Once the Security Level 3 user approves it, it is considered fully approved. However, users at any of the three Security Levels can enter requests. So, if a Security Level 3 user enters a request, it is automatically considered "fully approved". And, if a Security Level 2 user enters a request, it must only be approved by a Security Level 3 user. I'm currently storing each approval status in a Database Log Table, like so: STATUS_ID (PK) REQUEST_ID STATUS STATUS_DATE -------------- ------------- ---------------- ----------------------- 1 1 USER_SUBMIT 2012-09-01 00:00:00.000 2 1 APPROVED_LEVEL2 2012-09-01 01:00:00.000 3 1 APPROVED_LEVEL3 2012-09-01 02:00:00.000 4 2 USER_SUBMIT 2012-09-01 02:30:00.000 5 2 APPROVED_LEVEL2 2012-09-01 02:45:00.000 My question is, which is a better design: Record all three statuses for every request ...or... Record only the statuses needed according to the Security Level of the user submitting the request In Case 2, the data might look like this for two requests - one submitted by Security Level 2 User and another submitted by Security Level 3 user: STATUS_ID (PK) REQUEST_ID STATUS STATUS_DATE -------------- ------------- ---------------- ----------------------- 1 3 APPROVED_LEVEL2 2012-09-01 01:00:00.000 2 3 APPROVED_LEVEL3 2012-09-01 02:00:00.000 3 4 APPROVED_LEVEL3 2012-09-01 02:00:00.000

    Read the article

< Previous Page | 25 26 27 28 29 30 31 32 33 34 35 36  | Next Page >