Search Results

Search found 11825 results on 473 pages for 'all tech stuff'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 346/473 | < Previous Page | 342 343 344 345 346 347 348 349 350 351 352 353  | Next Page >

  • Heavy Apache memory usage

    - by Ree
    Recently I've noticed that httpd processes started to consume massive amounts of memory - after some time pretty much using almost all of the 2GB of RAM the server has and I don't have any memory left for other stuff. Here's what top tells me: 26409 apache 15 0 276m 152m 28m S 0 7.4 0:59.12 httpd 26408 apache 15 0 278m 151m 28m S 0 7.4 1:03.80 httpd 26410 apache 15 0 277m 149m 26m S 0 7.3 0:57.22 httpd 26405 apache 15 0 276m 148m 25m S 0 7.3 0:59.20 httpd 26411 apache 16 0 276m 146m 23m S 0 7.2 1:09.18 httpd 17549 apache 15 0 276m 144m 23m S 0 7.0 0:36.34 httpd 22095 apache 15 0 276m 136m 14m S 0 6.6 0:30.56 httpd It seems to me that each httpd process does not free the memory after handling a request. So they all sit at ~270MB which is BAD. Is there a way for me to know where all the memory goes and why it stays that way? I haven't done any server tweaking lately, so I'm sure it's not me who messed something up (haven't had the problem before). The server is used to serve PHP apps. EDIT: Apache is configured with prefork module and MaxRequestsPerChild is set to 4000.

    Read the article

  • Browsing Playstation 3 from Ubuntu Box

    - by zfranciscus
    Hi, My Goal here is to be able to transfer files from my Ubuntu 10.04 box to my PS3 over a wireless network. My PS3 and my Ubuntu Box is on the same home network. These are some stuff that I tried: I can't see my PS 3 from 'Places ? Network' nor other computer that is running on windows. I am still puzzled by this fact. I have not tried ping-ing my PS3. I'll try that later today and post the result in the forum I install PS3MediaServer (http://code.google.com/p/ps3mediaserver/). Someone in the PS3 chat forum (http://www.ps3chat.com/playstation-3...lp-please.html) claims that it will enable your ubuntu box to browse PS3. So I downloaded PS3MediaServer, and ran the software. The status tab keep showing "Waiting ...". It seems that PS3MediaServer can't find my PS3. Some how I feel that 1 and 2 are related somehow.Perhaps that there is something wrong with my Ubuntu network settings that is preventing my ubuntu box from looking up other device on the network. I can go to the Internet fine, but I can't see other device on my network. Does anyone have any experience in this area. I would like to hear your experience and perhaps some solution. Any kind of hints or help will be greatly appreciated. Cheers

    Read the article

  • Correctly setting up UFW on Ubuntu Server 10 LTS which has Nginx, FastCGI and MySQL?

    - by littlejim84
    I'm wanting to get my firewall on my new webserver to be as secure as it needs to be. After I did research for iptables, I came across UFW (Uncomplicated FireWall). This looks like a better way for me to setup a firewall on Ubuntu Server 10 LTS and seeing that it's part of the install, it seems to make sense. My server will have Nginx, FastCGI and MySQL on it. I also want to be allow SSH access (obviously). So I'm curious to know exactly how I should set up UFW and is there anything else I need to take into consideration? After doing research, I found an article that explains it this way: # turn on ufw ufw enable # log all activity (you'll be glad you have this later) ufw logging on # allow port 80 for tcp (web stuff) ufw allow 80/tcp # allow our ssh port ufw allow 5555 # deny everything else ufw default deny # open the ssh config file and edit the port number from 22 to 5555, ctrl-x to exit nano /etc/ssh/sshd_config # restart ssh (don't forget to ssh with port 5555, not 22 from now on) /etc/init.d/ssh reload This all seems to make sense to me. But is it all correct? I want to back this up with any other opinions or advice to ensure I do this right on my server. Many thanks!

    Read the article

  • Weird permission issue with POSIX ACLs, NFS v3 on Linux

    - by jon
    I have two Linux systems, both running Debian Squeeze. Versions of (I think) the stuff involved are: kernel: 2.6.32-5-xen-amd64 ii nfs-kernel-server 1:1.2.2-4squeeze2 support for NFS kernel server ii libnfsidmap2 0.23-2 An nfs idmapping library ii nfs-common 1:1.2.2-4squeeze2 NFS support files common to client and server ii portmap 6.0.0-2 RPC port mapper (The client doesn't have nfs-kernel-server involved.) I have a directory with ACLs: # file: dirname # owner: jon # group: foogroup # flags: -s- user::rwx user:www-data:rwx group::r-x group:foogroup:rwx mask::rwx other::r-x default:... There are two users, neither one of which owns the directory: uid=3001(jake) gid=3001(jake) groups=3001(jake),104(wheel),3999(foogroup) uid=3005(nic) gid=3005(nic) groups=3005(nic),3999(foogroup) The jake user can create files in the directory without issues. The nic user can't. All UIDs/GIDs are the same on the client and server. I've verified (packet sniffing) that the right uids/gids get sent via AUTH_UNIX are correct-- uid=gid=3005, auxiliary gids=3005,3999-- and that the server replies with NFS3ERR_ACCESS, which the kernel on the client maps to EACCES (Permission denied). Can anyone help me here?

    Read the article

  • I must clear my cmos to be able to boot

    - by Fredou
    I have this Asus p7p55d-e pro for about 8 months(got it last July) and for this last 3-4 days I cannot boot without clearing my CMOS what I have is: Seasonic M12D 750W ASUS P7P55D-E Pro Intel Core i5 760 Quad Core Processor Lynnfield LGA1156 XFX GeForce® 8800 GT Alpha Dog 512MB DDR3 Standard (PV-T88P-YDF4) 2x Corsair XMS3 CMX4GX3M2A1600C7 4GB DDR3 2X2GB DDR3-1600 CL 7-8-7-20 I tried to remove all the unnecessary stuff: HD/dvd/pci card/usb cable/etc I tried with only 1 dimm filled, instead of my 4, each one individually it didn't work I tried changing the battery, here goes a few dollars to nowhere, didn't work if I don't reset the CMOS it sometime stock on RAM led, sometime on BOOT DEVICE led, when this happen, it stuck on CPU speed detection when I boot right after the reset, i MUST click on the F2 option (boot with default bios setting) if i go into the bios and save/restart, i have to reset it again when booted, everything is rock solid stable, tried memtest, cpu stress, etc, etc. without issue what should be my next step? trying a new psu? (i need to find one..) doing rma? (i need this mb since it's my only computer...) something else?

    Read the article

  • Stop Windows Domain Environment Caching Old Passwords?

    - by Daryl Gill
    I have noticed on my domain environment; the old Administrator password (before password expire).. The client machines have cached the old password and have the ability to bypass the new password by entering the old one..? I have noticed on my domain environment; the old Administrator password (before password expire).. The client machines have cached the old password and have the ability to bypass the new password by entering the old one..? Basically; I'm running a UAC enabled domain, which needs the administrator password to continue basic stuff; installations and such. The password for the administrator account has been changed due to expiration of said accounts password. By accident a fellow administrator typed the old password and still bypassed the UAC with what should have been the incorrect password. Is this a bug with the environment? or something that needs to be tweaked in the server sided settings? Is this a bug with the environment? or something that needs to be tweaked in the server sided settings?

    Read the article

  • Unable To Successfully Use Java Anywhere (Windows 7 64bit)

    - by Nathan Smith
    This is a bit of an odd issue: (This is with JRE 7u7 32bit.) New Lenovo W530 laptop, everything is shiny. I tried to use a java applet for the first time recently (in Chrome). I got the Java logo and it started spinning like it was going to load, but didn't get anywhere and the browser locked up. I tried IE. Same deal. Tried Firefox. Same deal. So, I did the usual things: Rebooted, nothing. Un-installed Java, rebooted, re-installed, nothing. Tried it installing a 64bit Java as well. Same thing. I tried JRE6. Same thing. I uninstalled and manually deleted all the registry entries I could find related to it, then re-installed. Same thing. I un-installed and used the JavaRa utility. Same exact thing. I've not been able to use web applets or desktop stuff (minecraft), until yesterday. I did a graphics driver update and I was able to play minecraft for small amounts of time. It crashed regularly and wouldn't start reliably. No change in web applets. I'm at my wits end here. I'm to the point where reformatting is my only option. If anyone has any ideas at all, that would be awesome.

    Read the article

  • Apache+PHP on Windows Server 2008

    - by Álvaro G. Vicario
    I've installed Apache/2.2 and PHP/5.3 lots of times under Windows XP, Windows Vista and Windows Server 2003. The official *.msi installers work fine and configure everything. Now I need to install them into a Windows Server 2008 R2 Standard 64-bit box and I'm facing nothing but problems: There are no official 64 bit binaries for Apache and no binaries at all for PHP (official or third-party). It's alright, I'll do with good 32 bits, but it's kind of surprising. Official documentation is vague, generic and completely unaware of UAC or any recent Windows security feature. The PHP installer is unable to configure mod_php and the Apache installer is unable to configure... well, Apache. After three hours I've finally reached the point where I'm installing everything in the root folder and assigning full control access to all users in all files and directories and all I've got is a PHP-less Apache server that's able to serve static pages. So I guess it's time to stop and think. My question is: Has anyone installed an Apache+PHP production server under Windows Server 2008 in a serious, secure and reliable way and documented the whole process? Or should I just find a bundle like XAMPP and the like that requires no installation? === EDIT === I've installed Xampp Lite 1.7.3 and everything was working in 5 minutes. I'd still like to find some documentation about installing the original packages: XAMPP installs tons of stuff I don't need and offers no tool to enable and disable PHP extensions.

    Read the article

  • Is it possible to be a professional studying on your own?

    - by Marc Jr
    I read economics at university(nothing to see with linux, isn't it? :P). I have some basic knowledge about booting process, Linux Kernel compiling from source and stuff like that. But of course I have still much to learn sometimes some errors appears and "voila" I am lost. I had: Ubuntu, Fedora, OpenSuse, Arch.. using Gentoo now. I'd like to know what you linux users, professionals, administrators... would think it is the best way to learn linux in a professional way. Is it worth studying it and passing the LPIC test enough to work in the linux world? or do I need going to IT uni? I've heard LFS is a good way of learning about linux, is that real? I've been thinking about getting to LFS learn about more deeply about the linux process and learning scripts. It is possible to do this way? if anyone has a tip or a good way of doing, maybe someone did it. Any tip is very welcome. Words from a person in love with linux. :D The best, Marc

    Read the article

  • Changing MX records in named zone file

    - by Paul England
    I forgot how all this works. I have a GoDaddy account, using my own DNS and whatnot. I'm having trouble getting my email to work. They said I need to update my MX records. basically, I have the following. 184.168.30.42 is the domain's IP address, obviously. gamengai.com. 14400 IN NS n1 gamengai.com. 14400 IN NS n2 ns1 14400 IN A 184.168.30.42 ns2 14400 IN A 184.168.30.42 gamengai.com. 14400 IN A 184.168.30.42 localhost 14400 IN A 127.0.0.1 ftp 14400 IN A 184.168.30.42 www 14400 IN A 184.168.30.42 mail 14400 IN A 184.168.30.42 subdomain 14400 IN A 184.168.30.42 gamengai.com 14400 IN MX 10 mail Mail doesn't work though... they say to make the following change: 0 smtp.secureserver.net 10 mailstore1.secureserver.net So should the last line point to mailstore1.secureserver.net instead of mail in the last field? What about the other line? I had this working at one time, but it's totally gotten away from me. It's a virtual dedicated server and their support for this stuff is pretty bad... almost as bad as my admin skills since I went the programmer route.

    Read the article

  • Cannot establish a network connect to VMWare Fusion VM

    - by twolfe18
    I am running Snow Leopard 10.6.2 (not the server edition) with VMWare Fusion 3.0.0 and I trying to get my Ubuntu 9.10 x86_64 VM working. I am using a bridged connection, and I have an internet connection FROM the Ubuntu VM (I can download updates, ping websites, etc), but I cannot connect TO the Ubuntu box from any other device on my network. I am trying to get Mongrel up on the Ubuntu VM for some Rails stuff, but it's not working. I know Mongrel/Rails is not the problem because if I start the server on the Ubuntu VM, background the process, and then wget the index page, it works. I just cannot connect to the site from another IP. I have tried using a static IP and a DHCP IP configuration on the Ubuntu VM, neither work (for incoming connections, both work for outwards). I have port scanned the Ubuntu VM, and it appears that all ports are closed. However, the Ubuntu VM does respond to pings. I noticed a similar question here: http://serverfault.com/questions/99757/setting-up-a-bridged-network-with-vmware-fusion, but no answer. Any ideas?

    Read the article

  • Updating a staging server (from a CI server) in a Vagrant box with Chef

    - by Tomas Brambora
    I'm using Vagrant + Chef (chef_client provisioner) to create & provision a staging environment for my server. And I have a Jenkins job set up that is run every time I push to my 'develop' branch. In the Jenkins job, I would like to update & rebuild the source code of the server in the staging box and restart it. I have already written the cookbooks that install the dependencies, configure the db etc. But I'm not sure how to run only the update & rebuild & restart stuff from the cookbooks. I understand I could always tear down the whole box and rebuild it, but provisioning the box is a lengthy process so I would like to do that as little as possible. I split my server cookbook into 3 recipes: dependencies, db_setup and server. What I want to run in the my Jenkins job is the "server" recipe only. But I dont' understand how can I do that... If I specify the run_list on my Chef server, then I lose the ability to provision the whole box from scratch. Basically, I would like to be able to tell Vagrant from the command line what recipes Chef should run. Is that possible somehow? Cheers!

    Read the article

  • Booting VM Directly from iSCSI (or FC) in Hyper-V R2

    - by tony roth
    I have a server that san boots that I want to p2v. I have many options disk2vhd, scvmm etc but I was thinking about cloning the lun (flexclone, netapp) presenting it to my hyper-v r2 server. Within the hv manager do a create new disk then have it copy the cloned lun to a vhd file. Then do the bcdedit\bootsect stuff to it. Should work right? I'm also curious if anybodys booting vhd's that are on bootable luns? I've booted native vhd's just fine was just curious about the running them off a bootable lun. I think that this has quite a few advantages like instant p2v etc.. any thoughts on this? hmm dang as I was typing this I realized that I should not use the hv manager new disk copy routine, I should just disk2vhd the mounted lun. This has advantages in that it should be a lot faster!! discovered that disk2vhd may be flaky, crashed the first time I ran it! thanks

    Read the article

  • Does water damage a fiber optic / cat5 cable

    - by chris
    One of the buildings I support recently had an adventure with a broken fire sprinkler. Lots of water everywhere. One of the "drains" the water used was the vertical risers between network closets. The cable plant in this building has bundles of cat5e as well as conduit with bundles of multimode fiber optic cables. The fiber is standard multi strand plenum rated stuff that terminates in boxes that have the patches to the switches. As far as I can tell, no water got near the ends of the cables (fiber or copper) but the conduit was saturated, and is likely still saturated because there isn't any air flow to dry the cables out. My gut reaction is that while it didn't do the cables any favors, it likely also isn't going to cause any problems. A little more reading / googling around leads me to believe that the water may cause problems down the road. Some pretty pictures so everyone knows what I'm talking about: Fiber conduit: Vertical riser, going down: Vertical riser, going up: Does anyone have any experience with this sort of damage and how to deal with it? Should we just ask the insurance adjuster to add "pull new structured cable" to the list of things to be replaced? And, if the opinion is "replace it because it'll start failing randomly over time" please include links that describe the specific failure modes, so I've got some ammo to use with the adjuster.

    Read the article

  • What would keep a Microsoft Word AutoNew() macro from running?

    - by Chris Nelson
    I'm using Microsoft Office 2003 and creating a bunch of template documents to standardize some tasks. I know it's standard practice to put the templates in an certain place Office expects to find them but that won't work for me. What I want is to have "My Template Foo.dot" and "My Template Bar.dot", etc. in the "My Foo Bar Stuff" on a shared drive and users will double click on the template to create a new Foo or Bar. What's I'd really like is for the user to double click on the Foo template and be prompted for a couple of items related to their task (e.g., a project number) and have a script in the template change the name that Save will default to something like "Foo for Project 1234.doc". I asked on Google Groups and got an answer that worked....for a while. Then my AutoNew macro stopped kicking in when I created a new document by double clicking on the template. I have no idea why or how to debug it. I'm a software engineering with 25+ years of experience but a complete Office automation noob. Specific solutions and pointers to "this is how to automate Word" FAQs are welcome. Thanks.

    Read the article

  • Where is my free space?

    - by Andrey
    A week ago I got a low disk space warning on my Vista x64 Ultimate box - 60 Mb free on the disk C; I cleaned up some downloaded msdn images and got 20 Gb freed up. Three days ago I got another notification, it looked suspicious but I didnt have time to deal with it and just moved some heavy stuff to another drive to free up about 17 Gb.... Today morning - 53Mb left on drive C, again! Now it looks really suspecious, so I downloaded TreeSize to see what's taking up the space, just to see it reporting only 121 GB out of 200 GB used, in other words I suppose to have about 79 Gb free. Then I went to Folder Options, enabled viewing of system and hidden files, rerun teh tool to see another 5 Gb added (which is expected). Then I open disk C in windows explorer, select all and right click Properties, to see it reporting teh same amount of files - 126 Gb. But when I look at Drive C properties, it reports that 200GB of 200 Gb are taken. I just scanned the drive with two different antiviruses - Symantec and AVG and found no viruses... I'm a little confused at this point, any ideas where is my free space, woudl be highly appreciated! Thank you! Andrey

    Read the article

  • Why do I get this message from chrome when navigating to https://www.amazon.com?

    - by Denis
    This is probably not the site you are looking for! You attempted to reach www.amazon.com, but instead you actually reached a server identifying itself as *.voxcdn.com. This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of www.amazon.com. Intermittently, I get a blank page when going to http://www.amazon.com. So I stuck an 's' in the URL, making it https://www.amazon.com and got that message above (with the nice red screen) from Chrome indicating there might be some monkey business going on. After hammering on the URL a bunch of times and pulling it up in Chrome's developer tool to look at the network traffic on it, the url (without the s) started behaving. The url with the s just hangs, but the red screen no longer comes up. Some specs... I've got a macBook Pro, Snow Leopard, Time Warner cable. I've had enough strange stuff happening over the past couple months (google.com, youtube.com, amazon.com not coming up or loading strange error messages with random reference numbers) that I finally decided to switch to OpenDNS. Still having problems, though.

    Read the article

  • SQL 2000 Backup/Export Process - Can't find SQL 2000 Enterprise Manager, Can't use Mgmt Studio Expre

    - by 1nsane
    I need to make a backup of a client's SQL 2000 database, however there are a few issues preventing me from doing so using the traditional methods. I've tried using SQL Management Studio Express, but the host doesn't give sufficient privileges to create a backup and I'm getting some strange error messages. I've also tried doing the "Generate Scripts" to recreate the schema, then using the DTS Wizard to migrate the data, but the IDs set up with the identity specification property are not consistent with the live database once copied over. This results in some foreign key breakage... If I remember correctly, I was able to use Microsoft SQL 2000 Enterprise Manager to perform the task before, but I can't find this anywhere... it seems Microsoft has pulled most SQL Server 2000 stuff from their site. Does anyone know where I can find a copy of Enterprise Manager (or a trial of SQL Server 2000, which I believe comes with the component)? Or conversely, does anyone know of any other tools (preferably non-commercial) that are capable of mirroring remote SQL Server 2000 DBs? Thanks!

    Read the article

  • How do I create and conveniently search through Libraries in Windows 8?

    - by mtone
    In Windows 7, I took the habit of putting most of my frequently accessed disk areas as Libraries - there were about a dozen. Typing a word in the Start menu would then give me a summary of matches by Library. For example, searching for "WPF" would tell me that I've got some results in the Books library, in the Coding library and a few other PDFs in the Downloads library, one of which I could then expand to see all results within. In Windows 8, that functionality appears to be gone. The Search function in the Charms Bar lists tons of results by type (Documents, Pictures, et cetera) but not by Library. This is practically useless since Documents contains hundreds of .txt and .cs files, a few of which might be Books or Downloads. The only option I found is to go into Explorer and use the search bar in the Library section. However, there again, all search results are mixed together, and I can't seem to find a way to know which Library each result came from (in the Details view, I didn't find a Library column I could add). So, if I want to know which Library contains stuff about a given topic, I have to search the Libraries one by one. Very inconvenient. Is Microsoft slowly deprecating libraries? Any tips? How else can I search through libraries?

    Read the article

  • Configure Domino to use SMTP routing and hMailServer

    - by Sébastien Lachance
    I have been trying for a couple of days to set up a Domino 8.5 server. Basically, I want everything to be run inside a local network. Right now I can send email to other user in the Domino directory without any mail address. I am pretty new to all this stuff, so maybe the answer will be really obvious. What I need to do is be able to send a mail from somewhere else to a domino user that will be redirected to his account. On the Domino server, I also have hMailServer installed on port 25. I configured Domino to use port 26. I followed those step to get where I am now. -I have set the Fully qualified Internet host name to "preview.notes". -Smtp Listener task changed to Enabled to turn on the Listener so that the server can receive messages routed via SMTP routing -Setting up SMTP routing within the local Internet domain (http://www.h2l.com/help/help85%5Fadmin.nsf/f4b82fbb75e942a6852566ac0037f284/7f9738a49efc4f58852574d500097b01?OpenDocument) -I modified the person to use the [email protected] address. -I'm using the hMailServer (which have the local "preview.local" domain name) to send mail to [email protected]. When sending mail I got an error telling that the DNS is not set up correctly. Is using the Domino Smtp server instead of hMailServer will solve the problem? I can Telnet the Domino Smtp Server.

    Read the article

  • Using bind (named) as a public proxy server

    - by TrentDavis
    We have a Python DNS server that does a bunch of stuff to figure out values it should return for various DNS records. This works nicely, however as it is Python, the performance under high load won't be great. What I would like to do is have a "proxy" bind server sit in front of it to return results to the public internet. This will cache the results (typically 15 minutes, some records are a few seconds), so the load on the Python server will be greatly reduced as it will only see one look up per domain (only about 100 domains) every 15 minutes. The data in these domains changes a lot, so using a master won't work as it will constantly be changing. I have something setup that looked like it would work great (using a forwarder for the zone), and tested it with dig etc, all going great. However when we went to go live with it, things weren't working, and we figured out that named is not setting the "Authoritative" bit (fair enough, it is a forwarder). So my question is, can we tell bind to set the Authoritative bit for forwarded domains? I have looked at all the doco I can find, and can't find anything about doing things this way. Most of the doco about using it as a proxy if for a LAN to the internet. Ideally I would like to use bind as it is there and installed (CentOS 5 servers). But at a pinch we could look at a different name server to do the work if it just can't be done with bind. Thanks.

    Read the article

  • Symantec Endpoint Protection Virus Definitions

    - by Gus Denton
    I have done some Googling but I cannot get a definitive answer certainly not from the Symantec KB. I have a Virtualised Win 2003R2 server 32bit. It has been provisioned to me with Symantec Endpoint Protection 11.0.62xxx CLIENT (not a definitions server) the directory C:\Program Files\Common Files\Symantec Shared\VirusDefs is 750MB IT doesn't contain .tmp directories so it is NOT a corrupt definitions server. IT does contain directories named with a date pattern YYYYMMDD.xxx Some of these folders are 12 months old and I would like to recover the space. The sysmantect forums are full of this stuff but a lot of the postings contain links back to documents that are not specific to End Point Protection Client. It appears that I should be able to delete the older folders and all will be OK. with a service restart however there is a warning about having Live Update Administrator Installed Firstly I have no idea if I have this installed how to I check and secondly can I just ditch these old files and restart ? Regards Gus Denton Learning and Teaching Uni of New South Wales Sydney Australia For those trying to assist me I thankyou. I have followed some instructions found on the Symantec site and assumed that the response from Nixphoe would resolve my issue. It appears that as I am on a provisioned VM from a central IT unit I cannot run the Symantec commands from the Run prompt as my admin creds to get me in. (smc -stop) Basically I need to claw back some Diskspace from the c: drive which is being filed up with WSUS patches and Symantec files. I have managed to delete one symantec cache through the live update control panel and recovered 470Mb I suppose my last question for those more experienced than myself is, can I simply remove say the two oldest virus definition folders without completely foobaring the End Point protection and the server ? Regards Gus

    Read the article

  • Remote server security: handling compiler tools

    - by Gonzolas
    Hello! I was wondering wether to remove compiler tools (gcc, make, ...) from a remote production server, mainly for security purposes. Background: The server runs a web application on Linux. Consider Apache jailed. Otherwise, only OpenSSHd faces the public network. Of course there is no compiler stuff within the jail, so this is about the actual OS outside of any jails. Here's my personal PRO/CON list (regarding removal) so far: PRO: I had been reading some suggestions to remove compiler tools in order inhibit custom building of trojans etc. from within the host if an attacker attains unpriviliged user permissions. CON: I can't live without Perl/Python and a trojan/whatever could be written in a scripting language like that, anyway, so why bother about removing gcc et al. at all. There is a need to build new Linux kernels as well as some security tools from source directly on the server, because the server runs in 64-bits mode and (to my understanding) I can't (cross-)compile locally/elsewhere due to lack of another 64-bits hardware system. OK, so here are my questions for you: (a) Is my PRO/CON assessment correct? (b) Do you know of other PROs / CONs to removing all compiler tools? Do they weigh in more? (c) Which binaries should I consider dangerous if the given PRO statement holds? Only gcc, or also make, or what else? Should I remove the enitre software packages them come with? (d) Is it OK to just move those binaries to a root-only accessible directory when they are not needed? Or is there a gain in security if I "scp them in" every time? Thank you!

    Read the article

  • Can't add service account to domain group during SQL cluster install

    - by Sam
    I'm installing a 2008 instance on a Server 2003 machine which is already running SQL 2005. I need to set up domain groups for the security setup step: http://msdn.microsoft.com/en-us/library/ms179530.aspx On Windows Server 2003, specify domain groups for SQL Server services. All resource permissions are controlled by domain-level groups that include SQL Server service accounts as group members. Much more info on this here: http://support.microsoft.com/kb/910708 I've had problems with being able to add the windows service accounts to the groups at install time. The security admins had to make my account a domain admin - which they were hesitant to do. The account under which SQL Server Setup is running must have permissions to add accounts to the domain groups. Is there a specific security setting which would allow my account to add accounts to a group? UPDATE: I'm looking for specific instructions. I have a global group called domain\servicegroup - what do I tell the security folks to do. I'd love to figure it out myself, but I don't have access to this stuff.

    Read the article

  • Is Windows Server 2008R2 NAP solution for NAC (endpoint security) valuable enough to be worth the hassles?

    - by Warren P
    I'm learning about Windows Server 2008 R2's NAP features. I understand what network access control (NAC) is and what role NAP plays in that, but I would like to know what limitations and problems it has, that people wish they knew before they rolled it out. Secondly, I'd like to know if anyone has had success rolling it out in a mid-size (multi-city corporate network with around 15 servers, 200 desktops) environment with most (99%) Windows XP SP3 and newer Windows clients (Vista, and Win7). Did it work with your anti-virus? (I'm guessing NAP works well with the big name anti-virus products, but we're using Trend micro.). Let's assume that the servers are all Windows Server 2008 R2. Our VPNs are cisco stuff, and have their own NAC features. Has NAP actually benefitted your organization, and was it wise to roll it out, or is it yet another in the long list of things that Windows Server 2008 R2 does, but that if you do move your servers up to it, you're probably not going to want to use. In what particular ways might the built-in NAP solution be the best one, and in what particular ways might no solution at all (the status quo pre-NAP) or a third-party endpoint security or NAC solution be considered a better fit? I found an article where a panel of security experts in 2007 say NAC is maybe "not worth it". Are things better now in 2010 with Win Server 2008 R2?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 342 343 344 345 346 347 348 349 350 351 352 353  | Next Page >