Search Results

Search found 13222 results on 529 pages for 'security gate'.

Page 356/529 | < Previous Page | 352 353 354 355 356 357 358 359 360 361 362 363 | Next Page >

How do I launch a process as a specific user at startup on OS X?

- by Scott Bonds

I would like to run a script as a particular user on startup (not on login). I thought a launchd LaunchDaemon would do it, but 'man launchd' says: "If you wish your service to run as a certain user, in that user's environment, making it a launchd agent is the ONLY supported means of accomplishing this on Mac OS X. In other words, it is not sufficient to perform a setuid(2) to become a user in the truest sense on Mac OS X." They aren't kidding--when I try to run my script as a LaunchDaemon it doesn't work. In particular I'm trying to automate some keychain operations using the 'security' command, and it won't let me change the default keychain when I run the script through LaunchDaemon, though the script works fine when run using sudo from a shell. A LaunchAgent won't work, because the goal is for the proces to run without a user logging in and LaunchAgents only run when someone logs in. I looked at cron and the @reboot directive and that looks promising, but I read that cron is deprecated on OSX.

Read the article
Dual HDD dual boot Win7/Win7 hibernate corrupts partitions?

- by Ivan Zlatev

I have two SSDs in my laptop. Both have 2 partitions each one with Windows 7 64bit and another one with OEM stuff on it (SYSTEM_DRV). I use the BIOS boot menu to boot between the drives. I have removed the drive letters so that no partitions of drive 1 are mapped in windows 2 on drive 2 and wise-versa. What I have observered however is that when I hibernate windows 1, boot windows 2 do some work and shutdown then resume windows 1 - the windows 2 partition will get corrupt quite often. Just happened actually - it is shown as "RAW" in the Disk manager instead of NTFS and windows will blue screen at boot. Alternatively I've seen cases where chkdsk will run and will wipe out all security descriptors making the partition completly unbootable. Why am I seeing these corruptions and what can I do to prevent them?

Read the article
Amazon EC2 - Unable to connect to MySQL

- by alexus

I'm having issue connecting from one VM to another # nmap -p3306 ip-XX-XX-XX-XX.ec2.internal Starting Nmap 6.40 ( http://nmap.org ) at 2014-06-10 17:50 EDT Nmap scan report for ip-XX-XX-XX-XX.ec2.internal (XX.XX.XX.XX) Host is up (0.000033s latency). PORT STATE SERVICE 3306/tcp closed mysql Nmap done: 1 IP address (1 host up) scanned in 1.05 seconds # in my Security Group I allowed Inbound connectivity via port TCP, portrange 3306 and Source 0.0.0.0/0, so theoratically it should work, but in reality it doesn't( I'm running red hat enterprise linux 7 on both VMs. mariadb.service running fine on another VM and I am able to connect to it locally. DB's: # netstat -anp | grep 3306 tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 2324/mysqld # iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination # Any ideas what else I missed?

Read the article
Prevalence of WMI enabled in real Windows Server networks

- by TripleAntigen

Hi I would like to get opinions from systems administrators, on how common it is that WMI functionality is actually enabled in corporate networks. I am writing an enterprise network application that could benefit from the features of WMI, but I noted after creating a virtual network based on Server 2008 R2, that WMI seems to be disabled by default. Do systems admins in practical corporate networks enable WMI? Or is it usually disabled for security purposes? What is it used for if it is enabled? Thanks for any advice! MORE INFO: I should have said, I really need to be able to query the workstations but I understand that by default the WMI ports on Win7 and XP firewalls (at least) are disallowed, so do you use some sort of group policy or other method to leave a hole open for WMI on the workstations? Or is just the servers that are of interest? Thanks for the responses!!

Read the article
When the Windows Firewall Service is disabled I cannot remote desktop (RDP) to the machine

- by Matt

When the Windows Firewall Service is disabled I cannot remote desktop (RDP) to the machine. Has anyone seen this? This is on Win7 64 Enterprise on a domain. Is it some sort of domain policy perhaps? EDIT: Yes, when the firewall service is enabled, RDP works like a charm. I can also ping the system when the firewall service is on, but not when it is off. I am starting to suspect some sort of corporate imposed security policy, but GPedit hasn't really showed anything of significance.

Read the article
SSL Certificate for local web server

- by Firefly

Is it at all possible to create a self-signed certificate for use on multiple machines on a local network which would stop the browser complaining it is not a trusted site? We have a product which is basically a computer running lighttpd to serve a web interface for configuring the computer (sort of how a router has a web interface). There can also be many of these machines running on the same network with dynamic IP's. What I basically want to do is enable SSL for extra security but I don't want people who are on the local network to be given a browser warning about the certificate not being trusted. Is this at all possible?

Read the article
Configuring sendmail to use one outbound MTA exclusively

- by Charlie Martin

I have a sendmail problem, and I'm anything but a sendmail guru -- I could use some help. My problem is that I have a system intended to be more or less an "appliance" -- it's not intended to have an admin. Because of this, it needs to be able to "call home" by sending email. As we have configured it, this works fine -- using sendmail, it finds the appropriate relay by looking up an MX record and everything works fine. Now, however, because of security concerns, we want to limit it to using exactly one relay, so for example relay.corp.example.com. Should the user configure it to use, say, fubar.example.com, the mail sending should fail or be deferred. I thought that by configuring sendmail with a /etc/mail/server.switch file containing hosts files without dns, I'd get that effect. This doesn't work -- instead, if it gets mail addressed to [email protected], it tries to talk directly to example.com, and ignores the configured server. Any ideas?

Read the article
RAID 1 not performing as expected

- by Faken

I recently bought a new 320Gb hard drive for my computer to set up RAID 1 on it for some added security. Installation went as smooth as could possibly be (plug in power, plug in data cable, start up computer, Intel software recognized new drive, right click create RAID 1, done!). However, for some inexplicable reason, I seem to have strange test results when using BENCH32. On my old configuration, a single 7200 rpm drive, I achieved about 60 MB/s write and 70 MB/s read. With a new RAID 1 configuration, I would expect the write to be slightly diminished but read to be significantly improved (though not exactly double speed). However, with the new configuration, I am getting 90 MB/s write and only about 80 MB/s read. I should NOT be getting improved write performance, especially NOT better than read! What's going on? My system setup is: q6600 2.4ghz CPU 4Gb DDR2 667mhz RAM on board Intel ICH9R "RAID chip" 2x Seagate 7200 RPM 320GB drives in RAID 1 Widows 7 home premium 64-bit

Read the article
icacls, Network Service, and setting ACLs on Windows Server 2008

- by Ted

Setting ACLs on Windows Server 2008 via the command line is giving me some problems. As per http://web2.minasi.com/forum/topic.asp?TOPIC%5FID=26907 I've tried all sorts of variations: C:\Windows\system32icacls "D:\Websites\site.com\Web\bin*" /grant 'NT A uthority\NETWORK SERVICE: (OI) (CI)M' C:\Windows\system32icacls "D:\Websites\site.com\Web\bin*" /grant "NETWORK SERVICE": (OI) (CI)M And all variations in between. However, each try leads to i.e. "Invalid parameter "'NETWORK'"" depending on the variation above. As per http://technet.microsoft.com/en-us/library/cc753525%28WS.10%29.aspx (see in comments), it appears that others have experienced the same issue where the same command works on Windows 7/Vista/etc., but not on Windows Server 2008. What's the best way to apply permissions to Network Service account on a directory and/or files via the command line in Windows Server 2008? Especially as there's no way to do multiple file permissions at once via the GUI (see http://serverfault.com/questions/30991/windows-server-2008-change-security-settings-for-multiple-files-at-once).

Read the article
Remote Desktop Services create LAN and WAN user groups

- by PHLiGHT

I'm setting up one server with the gateway, server host and web access roles on it. I know that isn't ideal but I don't expect to have many simulatenous users. I want users to access remote desktop web access and connect to the server host via the gateway as outlined here which avoids opening 3389 to the internet. Users will be connecting from the LAN and the WAN. What I'm looking to do is to allow some users LAN access but not WAN access and added plus would be if security settings (such as no clipboard) would be different when accessing via the WAN. Is this possible? It seems all users can logon to remote desktop web access by default. They can't run the remoteapps once logged in though without the proper permissions. Can I prevent them from even logging into remote web access? Since they renamed it from terminal services to remote desktop services it has made my Googling a bit harder. Thanks!

Read the article
mRemote and RoyalTS both are not able to RDP connect me to a Windows Server 2008 system?

- by djangofan

I am completely stuck on this one. If I start a RDP session independently of these 2 programs everything works fine. My RDP session connects, I click "OK" to accept the "Notice To Users" security message and then it shows me the login screen where I enter my password manually. Now, if I try to use either mRemote or RoyalTS to create this connection, I get the same behavior except that I get a "The user name or password is incorrect." message. Now, I know this cannot be true since I can manually connect with RDP. So, what is the problem with these 2 pieces of software that prevents me from logging in? I have no problems with connecting to Windows XP systems with these programs. Additionally, I wish I knew how to get one of these programs to automatically click the "OK" button on the "Notice To Users" message while automatically attempting to log me in as part of the login process. Can they do that?

Read the article
Permit Communicator to display an web site with an ActiveX control in Vista or Windows 7

- by dmo

I have a UCMA service that sends a URL to load in a communicator extensibility tab as mentioned here: http://blogs.claritycon.com/blogs/michael_greenlee/archive/2009/02/19/context-windows-in-communicator-using-ucma-v2-0.aspx http://social.msdn.microsoft.com/Forums/en-US/ucclientsdk/thread/4406e412-01f1-466f-a593-3b83652dcdb1 This works fine with Office Communicator 2007 R2 for most trusted links, and on Windows XP and 2003 it works fine with a page with an ActiveX control. However, the ActiveX content is not displayed in Vista or Window 7. I've tried relaxing the security settings to no avail. Any suggestions or guidance would be much appreciated.

Read the article
cannot at all find sql instance (while installing an asp.net app on IIS)

- by giddy

So I'm really not a DBA, I'm an app dev. I had to install my asp.net mvc3 app on my client's(a large company) IIS6 + Win2k3 machine, with absolutely no help from their sysadmins. The final problem now is SQL Server 2008 r2, after figuring out how to create a login from windows, my app and sqlcmd.exe always complains it cannot find a sql server instance!! I have all the sql services (in services.msc) running to Log On as the local system. I can login fine with SQL Server Management Studio with Windows Auth. I created my database, my asp.net app needs/uses windows auth. But for the love of God, whatever I do my app always complains it cannot find the instance. (Also tried running SQL CMD and it complains of the same thing too!) My data base connection string looks like this: Data Source=machinename\username;Initial Catalog=myDataStore;Integrated Security=True;MultipleActiveResultSets=True Machinename\user is the same thing that shows up on the sql server management studio login if I choose windows authentication right?

Read the article
wildcard in httpd conf file?

- by Joe

Here is an example httpd config I'm currently using: <VirtualHost 123.123.123.123:80> ServerName mysite.com ServerAlias www.mysite.com DocumentRoot /home/folder </VirtualHost> I'm wondering, is it possible to have a wildcard for the ServerName & ServerAlias variable? Reason for asking is I have some software that is shared among multiple URL's all controlled in a CMS and it's kind of a pain to add new domains via ssh everytimee. And before someone points out a security hole, the software does check the current URL before doing any webpages :)

Read the article
Possible to find what IP address caused a 403.6 error?

- by Abe Miessler

I have a website setup in IIS that is rejecting all IP addresses except for a specific set. I thought I had added my machines IP address to this list, but evertime I try to access I get the error: HTTP Error 403.6 - Forbidden: IP address of the client has been rejected. Internet Information Services (IIS) I would like to figure out what IP address it think I am coming form when it rejects me. I tried looking at the IIS logs and in the Security Event Logs but I'm not seeing anything. Suggestions on where to look?

Read the article
VirtualBox Port Fowarding to Connect to PostgreSQL Database

- by kliao

I'm trying to connect to a PostgreSQL database hosted on a Win7 guest from a Win7 host. I've configured security in pg_hba.conf host all all 127.0.0.1/32 md5 host all all 10.0.2.15/32 md5 host all all 192.168.1.6/32 md5 and set the listen_addresses setting in postgresql.conf to '*'. I think I've set up port forwarding correctly as I see: Key: VBoxInternal/Devices/e1000/0/LUN#0/Config/win7_vm1/GuestPort, Value: 5432 Key: VBoxInternal/Devices/e1000/0/LUN#0/Config/win7_vm1/HostPort, Value: 5432 Key: VBoxInternal/Devices/e1000/0/LUN#0/Config/win7_vm1/Protocol, Value: TCP when I call getextradata. This is similar to http://serverfault.com/questions/106168/cant-connect-to-postgresql-on-virtualbox-guest but I'm not sure what I'm doing wrong. In the vbox.log file I see: 00:00:01.019 NAT: set redirect TCP host port 5432 = guest port 5432 @ 10.0.2.15 00:00:01.033 NAT: failed to redirect TCP 5432 = 5432 but I'm not sure how to fix that. Any ideas? Thanks.

Read the article
Unable to FTP, any ideas?

- by Nick

I'm using Windows Server 2003. I have the FTP services installed, router set to DMZ, and currently Anonymous logins allowed. (I know, security risk, but there's nothing important on there and not worried at the moment) So here's the thing... I can ftp to my computer, list directory, get files etc, BUT only if I'm using the command prompt. If I try to log in using IE or any FTP client it's just timing out. I've tried: username@ipaddress ipaddress username:password@ipaddress and not able to get any of them to work. Anyone have any ideas? Thanks!!!

Read the article
users unable to add registry keys to HKCU

- by Eds

I may not have this 100% correct so need some clarification. Are normal users on a 2003 terminal server allowed to add registry keys the their own HKCU section in the registry, or are they only allowed to edit existing ones? The reason I ask is that we have 3 keys that we need to add for each user on login. I thought it would be as simple as having a straightforward batchscript run that silently adds the keys for the user. Here is what I used: regedit.exe "C:\Documents and Settings\All Users\Desktop\example.reg" When the user runs this batch scipt, they see nothing as you would expect, but the keys are not added. If I simply run the .reg file as the user, it asks if I want to add the key, but then has an error saying there was an error accessing the registry. Do I need something a bit more complex to accomplish this task. Many Thanks Eds EDIT: Contents of .reg file Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Policies\Microsoft\office\14.0\outlook\Security] "PromptSimpleMAPINameResolve"=dword:00000002 "PromptSimpleMAPIOpenMessage"=dword:00000002 "PromptSimpleMAPISend"=dword:00000002

Read the article
Trick to enabling FTP upload from an app in Windows 8?

- by Craig

I have an older Win32 app that uses FTP to upload some data to a server from time to time. This app works great in Windows XP and has been working fine in Windows 7 and Vista. For some reason, when running under Windows 8 it has trouble uploading its data. It appears to connect and upload the data OK but it has times out when disconnecting. The data does not appear on the server. I have limited visibility into the app while it's running so sorry for the vague nature of the description. My question is: Is there some security setting in Windows 8 that would keep this app from using FTP? When I check the settings it looks to me like I have it set up to prompt me about any permissions problems it might have, and I'm not seeing any prompts. I've tried running this app in XP/SP3 compatibility mode with no luck. At this point I'm just looking for some clues as to where to look.

Read the article
Sync files between two users on Windows-7 Enterprise

- by Zachary

I'm running Windows-7 enterprise on a dell Laptop, and I'd like to sync the entire user directory structure between two users. Background: I am an existing user on the computer, and soon I'll be sharing the computer with an employee. I want everything from my account to overwrite the other, while anything he does is mirrored on mine. I'm not worried about security because nothing vital is on the computer. Both accounts are administrators, and I have already tried to use hard links to accomplish this. However the prompt leaves me with "Access Denied". Is what I'm trying to do possible, and if so what steps must be done to accomplish it?

Read the article
Sending large files - do any vendors sell their solution?

- by Rob Nicholson

We currently have an account with www.mailbigfile.com to allow us to send & receive files which exceed our client's email limits. In our industry, a 10MB limit is not unknown. Mailbigfile works fine for what it is but increasingly, our clients are starting to block it as a security risk. A solution would be for us to license the software and run it from our own web server which is far less likely to be blocked. Does anyone know of vendors in this market? We are looking at web collaboration systems but that's a much bigger project. The technology behind www.mailbigfile.com isn't that complex (http upload, email notification and then http download) so I'm hoping it won't be very expensive. Cheers, Rob.

Read the article
How do I create certificates for both ends of an stunnel connection?

- by unixman83

Hi. I am using stunnel to authenticate RDP (Remote Desktop) and I need to verify that a client possesses the proper credentials. So people cannot brute force into the machine. I am also using a bad (outdated) version of RDP that has security vulnerabilities, so stunnel is a must. I will preshare the necessary .pem's between machines. What are the openssl commands I need to create the right .pem files on both the client and on the server? What files need to be shared?

Read the article
Ubuntu Server 10.10 vs. Fedora Server 14 for Mono.NET app hosting in VM

- by Abbas

Ubuntu Server 10.10 vs. Fedora Server 14 I want to create a web-server running Mono, MySQL 5.5 and OpenLDAP running as a VM (on VMWare Workstation). Searching “Ubuntu Server vs. Fedora Server” mostly yields flame wars and noise. There are a few good articles available but they are either out-of-date or don’t offer very convincing arguments. I know the answer is most likely to be “it depends” but I wanted to harness the collective wisdom on ServerFault and get opinions, experiences and factual information to the extent possible. My selection criteria would be (other than what is mentioned above): Ease of use Ease of development Reliability Security

Read the article
Will I have internet connection issues next day, if I unplug router at night?

- by headskracher77

I did this regularly a few years ago and used to feel like I was 'being punished' by the Interent svc provider for disabling access to my computer, because trying to re-connect the next day became a constant pain. I have the same linksys router, a comcast modem, and hi-speed broadband through their LAN. Question: who or what is at fault for lousy internet connections, slow connections, or no connections: (everybody's tech dept. blames everybody else) The router? 10 year olds, maybe obsolete? The modem? came with the service plan - can connect three devices on a sharedconnection. The ISP: I read they not only even control and completely regulate bandwidth usage, but they also ration it!! (true?) So can I safely 'pull the plug' each night for security or not? thnx

Read the article
Windows 2003-R2-Server: Process "System" takes large chunks of CPU time

- by Dabu

I have a domain controller running 2003 R2. The server behaves very well when restarted daily, however, each day it is not restarted, there's a process called "System" that takes enourmous chunks of CPU time (up to 95%). The server supports AD, WINS, DNS, has Kaspersky Endpoint Security running, and manages backups via Arcserve 15. When I tried so far: Process Explorer (ex-Sysinternals) shows that the "System" process has no sub-processes. In the "Threads" tab of the detailled view I can see that 90% of the CPU time is used up by "ntkrnlpa.exe+0x803c0". The "Interrupts" process is running at 3-5% of CPU time, I'm not sure if this accounts for the amount of CPU time that System takes.

Read the article

< Previous Page | 352 353 354 355 356 357 358 359 360 361 362 363 | Next Page >