Search Results

Search found 13454 results on 539 pages for 'ws security'.

Page 363/539 | < Previous Page | 359 360 361 362 363 364 365 366 367 368 369 370 | Next Page >

Do I need a VPN to secure communication over a T1 line?

- by Seth

I have a dedicated T1 line that runs between my office and my data center. Both ends have public IP addresses. On both ends, we have a T1 routers which connect to SonicWall firewalls. The SonicWalls do a site-to-site VPN and handle the network translation, so the computers on the office network (10.0.100.x) can access the servers in the rack (10.0.103.x). So the question: can I just add a static route to the SonicWalls so each network can access each other with out the VPN? Are there security problems (such as, someone else adding the appropriate static route and being able to access either the office or the datacenter)? Is there another / better way to do it? The reason I'm looking at this is because the T1 is already a pretty small pipe, and having the VPN overhead makes connectivity really slow.

Read the article
PHP + IIS Application Pool Identity Windows\Temp permissions

- by Matt Boothman

I am currently running PHP (5.3) on IIS 7.5 on a Win2k8 R2 Web Edition Server and would like to know what, if any, problems or security vulnerabilities I may introduct into a system by assigning Read, Write, Modify & Execute permissions to either IUSR account or the IIS_USERS group for %SystemRoot%\Temp? Should I be altering permissions to that folder at all (as Windows reminds me I probably shouldn't when i attempt to change them)? Should I create a temp folder somewhere else and set permissions accordingly? The problem is when i set Anonymous Authentication (I'm guessing is a more secure option???) to use the App Pool identity, when starting sessions PHP gets stuck in a loop because it's unable to create session files in the %SystemRoot%\Temp folder due to lack of permission on the application pool user or IIS_USERS group. Another problem being ImageMagick (PHP Extension) is being denied access to %SystemRoot%\Temp to write temporary files so is throwing exceptions. I have tried searching Google however have not found anything that touches upon this subject specifically. Any help greatly appreciated.

Read the article
Securing php on a shared apache

- by Jack

I'm going to install apache+php in a server where two users, A and B, will deploy their website. I'm trying to achieve isolation of users' space for security reasons: that is no scripts from site A should be able to read files in site B. To achieve this I installed suphp. Website files of user A are owned by A:A with perm=700 and user of B are owned by B:B with perm=700. Suphp works great, but apache complains about permissions to read .htaccess. How can I let apache to read .htaccess in every dir of A and B while keeping isolation between site A and site B? I played with ownership (group = www-data) and permissions (750) but I found no way to keep isolation granted. Any idea? Maybe by running apache as root, but in this case are there any drawbacks?

Read the article
rkhunter warns of inode change by no file modification date changes

- by Nicholas Tolley Cottrell

I have several systems running Centos 6 with rkhunter installed. I have a daily cron running rkhunter and reporting back via email. I very often get reports like: ---------------------- Start Rootkit Hunter Scan ---------------------- Warning: The file properties have changed: File: /sbin/fsck Current inode: 6029384 Stored inode: 6029326 Warning: The file properties have changed: File: /sbin/ip Current inode: 6029506 Stored inode: 6029343 Warning: The file properties have changed: File: /sbin/nologin Current inode: 6029443 Stored inode: 6029531 Warning: The file properties have changed: File: /bin/dmesg Current inode: 13369362 Stored inode: 13369366 From what I understand, rkhunter will usually report a changed hash and/or modification date on the scanned files to, so this leads me to think that there is no real change. My question: is there some other activity on the machine that could make the inode change (running ext4) or is this really yum making regular (~ once a week) changes to these files as part of normal security updates?

Read the article
Setup IIS 7 as FTP Server that is connectable outside of my local network

- by Usta

I was able to setup an FTP site that I was able to access via ftp://127.0.0.1/ or my local(static) ip. To do this I followed these instructions (with the exception that I did not bind to 127.0.0.1 as suggested) http://learn.iis.net/page.aspx/301/creating-a-new-ftp-site-in-iis-7/ I have created a firewall exception for port 20 and 21, and setup port-forwarding on my wireless router. But I can only access the site via local-host, and I need to have a friend have read access to it. So how do I enable remote access to it? (I'd rather not purchase a domain-name) My setup: IIS 7.5 Windows 7 Professional Wireless Network Norton Internet Security 2012 An Internal Static IP Address

Read the article
Prevent users from creating / copying / moving anything except .exe

- by webnoob

We have a program that compiles executables into a folder into c:\bin. Ideally I would like to share this folder so users can access the exe's within but stop them creating any other files in there. The reason for this is to stop users grabbing source code and putting it in a shared drive then taking it. We have a Domain Controller setup and all the users belong to a specific security group. Is there any way to achieve this? EDIT: TO clarify, I need to stop users from creating or moving files INTO the C:\bin folder which are not executables.

Read the article
Powershell SQL query--connection string

- by sean

I am trying to query several different SQL servers and run a command on each of them. I am unable to get the connection string right. Code, below. I receive the following error:Login failed. The login is from an untrusted domain and cannot be used with Windows authentication. I thought if I passed it the credentials it wouldn't care about the domain. How do I get around this? Thanks in advance. $serverList = @(Get-Content "c:\AllServers.txt") $query = "SELECT COUNT(thing) AS [RowCount] FROM My_table" $Database = "My_DB" # Read a file foreach ( $svr in $serverList ) { $conn=new-object System.Data.SqlClient.SQLConnection $ConnectionString = "Server={0};Database={1};User ID=sa;Password=Password;Integrated Security=True" -f $svr, $Database $conn.ConnectionString=$ConnectionString $conn.Open() $cmd=new-object system.Data.SqlClient.SqlCommand($Query,$conn) $conn.Close() }

Read the article
Sending large files - do any vendors sell their solution?

- by Rob Nicholson

We currently have an account with www.mailbigfile.com to allow us to send & receive files which exceed our client's email limits. In our industry, a 10MB limit is not unknown. Mailbigfile works fine for what it is but increasingly, our clients are starting to block it as a security risk. A solution would be for us to license the software and run it from our own web server which is far less likely to be blocked. Does anyone know of vendors in this market? We are looking at web collaboration systems but that's a much bigger project. The technology behind www.mailbigfile.com isn't that complex (http upload, email notification and then http download) so I'm hoping it won't be very expensive. Cheers, Rob.

Read the article
No HTTP Response from Tomcat 7 EC2 instance

- by David Kaczynski

I am new to EC2 (and Tomcat, for that matter), and I am trying to deploy a vanilla Tomcat 7 server to an Ubuntu 12.04.1 EC2 instance and access the default test site over HTTP. My EC2 instance is running, and the Security Group includes port 80: My /etc/tomcat7/server.xml config has been edited to listen for HTTP requests on port 80: 0 I have restarted my Tomcat 7 server via sudo service tomcat7 restart. However, according to sudo netstat -lnp, Tomcat is not listed as listening over port 80: I am unable to get any response from going to the ...amazonaws.com public DNS in a web browser. What am I missing?

Read the article
OS X clients ignoring Windows print server permissions

- by Ilumiari

I'm in the process of testing a Windows Server 2008 R2 print server for a mixed OS X/Windows environment. Any security permissions (AD groups) I set for the printers on the print server are not honoured by the OS X clients. Only if I remove absolutely all permissions for a given printer will an OS X client not print to that printer. The Windows clients honour the permissions as expected. The PrintService log doesn't record any activity when an unprivileged Windows client attempts to print, and records a typical print job when an unprivileged OS X client attempts to print. Has anyone encountered this problem before and have a fix? With 600-700 clients, a number of which are dual-booting, restricting by IP address is not viable. EDIT: The jobs are definitely going through the print server, they show up in the logs with their AD credentials.

Read the article
RAID 1 not performing as expected

- by Faken

I recently bought a new 320Gb hard drive for my computer to set up RAID 1 on it for some added security. Installation went as smooth as could possibly be (plug in power, plug in data cable, start up computer, Intel software recognized new drive, right click create RAID 1, done!). However, for some inexplicable reason, I seem to have strange test results when using BENCH32. On my old configuration, a single 7200 rpm drive, I achieved about 60 MB/s write and 70 MB/s read. With a new RAID 1 configuration, I would expect the write to be slightly diminished but read to be significantly improved (though not exactly double speed). However, with the new configuration, I am getting 90 MB/s write and only about 80 MB/s read. I should NOT be getting improved write performance, especially NOT better than read! What's going on? My system setup is: q6600 2.4ghz CPU 4Gb DDR2 667mhz RAM on board Intel ICH9R "RAID chip" 2x Seagate 7200 RPM 320GB drives in RAID 1 Widows 7 home premium 64-bit

Read the article
Ubuntu Server 10.10 vs. Fedora Server 14 for Mono.NET app hosting in VM

- by Abbas

Ubuntu Server 10.10 vs. Fedora Server 14 I want to create a web-server running Mono, MySQL 5.5 and OpenLDAP running as a VM (on VMWare Workstation). Searching “Ubuntu Server vs. Fedora Server” mostly yields flame wars and noise. There are a few good articles available but they are either out-of-date or don’t offer very convincing arguments. I know the answer is most likely to be “it depends” but I wanted to harness the collective wisdom on ServerFault and get opinions, experiences and factual information to the extent possible. My selection criteria would be (other than what is mentioned above): Ease of use Ease of development Reliability Security

Read the article
Permit Communicator to display an web site with an ActiveX control in Vista or Windows 7

- by dmo

I have a UCMA service that sends a URL to load in a communicator extensibility tab as mentioned here: http://blogs.claritycon.com/blogs/michael_greenlee/archive/2009/02/19/context-windows-in-communicator-using-ucma-v2-0.aspx http://social.msdn.microsoft.com/Forums/en-US/ucclientsdk/thread/4406e412-01f1-466f-a593-3b83652dcdb1 This works fine with Office Communicator 2007 R2 for most trusted links, and on Windows XP and 2003 it works fine with a page with an ActiveX control. However, the ActiveX content is not displayed in Vista or Window 7. I've tried relaxing the security settings to no avail. Any suggestions or guidance would be much appreciated.

Read the article
Waht are the best proxy servers for Mikrotik router?

- by niren

I want to setup proxy server for my Mikrotik router. There is inbuilt web-proxy for Mikrotik router but I can extend this upto transparent proxy(kind of proxy server) only. We need High anonymity proxy so that we can hide our LAN static IPs(we don't have private IP) from outside Intruder/hackers. And also I know I can setup NAT rule to hide our IP(only private IP not public/static IP) as per this link, but I cann't hide static/public IP. Essentially I want to hide our Public/Static IP (there is static/public IP for all systems in our company) from outside Internet. To achieve this I guess I need other software apart from Mikrotik router gateway setup. can anyone suggest me Is there any other software to achieve my requirement? I know about squid proxy but am not sure whether It can hide our static/public IP. Note: we have assigned public/Static IP to all systems of our company since we have rights to access our company's system from anywhere by dedicated laptop(given by our company with more security) through VPN connection.

Read the article
ASP.NET MVC multi-instance session management on amazon ec2

- by gandil

I have a web application written in asp.net mvc2. Currently hosted on amazon cloud ec2. Because of growing traffic we want move multi instance enviorenment. I have a custom session class which currently initiate at session start (global asax) and i am using via getter or setter class in application. Because of multi instance chore i have to handle hole security architecture. I am looking a better way to handle this problem. I am looking for good implementation of session and how to apply on amazon ec2 multi instance environment. What is road blocks for system architecture?

Read the article
Are .NET versions backwards compatible?

- by Boden

Over the years various versions of .NET have been deployed to my client machines via WSUS. Now it seems that on many machines these installations have hosed eachother, and certain .NET security updates are failing. I verified that I can run the .NET cleanup tool to get rid of all the .NET installations on a client, and I can then push out .NET 3.5 via WSUS. This seems to have solved the problems I'm having on the machine I tried it on. So the question is: if I've got .NET 3.5, is there any reason to also have previous versions installed?

Read the article
How can I prevent Ask.com Toolbar from being installed every time Java is updated?

- by abstrask

As many are painfully aware of, Oracle continues to not only bundle the Java installation with the useless Internet browser toolbar from Ask.com, but also enable its installation by default. In addition to the toolbar, Ask also replaces your favourite search engine in your browser with Ask. Furthermore, the Java installation goes as far as to actually recommend installing this useless junk, meaning that any non IT-savvy person is more than likely to leave it checked and install it (after all, it was enabled by default and the friendly Java installer did recommend it, right?). To add insult to injury, even if you remove the Ask Toolbar, you can be sure to see it again soon, when the next Java update hits you (which seem to happen quite often lately, due to loads of security fixes for Java, but that's another story). I'll duly remove the check-mark to install Ask Toolbar, whenever I update Java, but when supporting my family and friends, it's obvious they don't. How can I prevent the pesky Ask.com Toolbar from being installed in the first place?

Read the article
Email error 'Default email client is not properly installed' after installing Bugzilla 3.6.3 on Windows Home Server 2011

- by Brian Frost

I have been using Bugzilla fine on the older 32-bit Windows Home Server and I have now started a migration to the newer Windows Home Server 2011 with a new machine and a fresh Bugzilla install of 3.6.3. All goes well until I try to check out the email action and I get 'Could not perform this operation because the defaulty mail client in not properly installed. Is this a security /firewall issue? I dont know enough about servers to know what to look for, so any help will be gratefully appreciated. Thanks.

Read the article
Connect to MySQL EC2 Instance outside of VPC

- by Brian W

I have a VPC setup with a few EC2 instances inside. I'm attempting to connect to a MySQL database on an EC2 instance outside the VPC, with no luck. I have the security groups on the VPC EC2 instances set to outbound 0.0.0.0/0 which I assumed would let it connect to any outbound connection. I also followed a tutorial on creating a NAT, but wasn't exactly sure how to use it to connect to an external database. In any case, if anyone has experience and knows the proper way to connect to a database outside the VPC, it would be greatly appreciated!

Read the article
How are my DNS entries safe in a shared hosting environment?

- by Jake

I'm trying to understand how DNS works in a shared hosting environment. I went to my registrar and set my name servers to my host's ns1.foo.com and ns2.foo.com. I'm using a cloud hosting provider who has a web portal where I can set my DNS entries. However I am confused by the lack of security. when I entered in the entries for my domain there was never any step to prove that I actually own that domain. What is to stop somebody else on the same hosting service (a nasty neighbor) from writing over my DNS entries and pointing my traffic to their server instead?

Read the article
users unable to add registry keys to HKCU

- by Eds

I may not have this 100% correct so need some clarification. Are normal users on a 2003 terminal server allowed to add registry keys the their own HKCU section in the registry, or are they only allowed to edit existing ones? The reason I ask is that we have 3 keys that we need to add for each user on login. I thought it would be as simple as having a straightforward batchscript run that silently adds the keys for the user. Here is what I used: regedit.exe "C:\Documents and Settings\All Users\Desktop\example.reg" When the user runs this batch scipt, they see nothing as you would expect, but the keys are not added. If I simply run the .reg file as the user, it asks if I want to add the key, but then has an error saying there was an error accessing the registry. Do I need something a bit more complex to accomplish this task. Many Thanks Eds EDIT: Contents of .reg file Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Policies\Microsoft\office\14.0\outlook\Security] "PromptSimpleMAPINameResolve"=dword:00000002 "PromptSimpleMAPIOpenMessage"=dword:00000002 "PromptSimpleMAPISend"=dword:00000002

Read the article
samba - join domain - automatically set workgroup

- by ftiaronsem

Hell alltogether Since I have to do this often, I want to automate the joining to a windows domain as much as possible. While joining a domain one has to specify realm = in the /etc/smb.conf, along with some other settings like security=ads. Among these settingst there is workgroup = My question is: Is it possible to fill this field automatically by samba, while joining a domain? Normally I would just have said never, but as I tried leaving this field blank while joining a domain, i got: Failed to join domain: Invalid configuration ("workgroup" set to '', should be 'BLABLA') and configuration modification was not requested This has made me wondering whether an automatic modification is possible and if so how? A search on the internet and the man page brought no results. It would be really great, if someone could answer that. Thanks in advance ftiaronsem

Read the article
Alternatives for HP ProtectTools on EliteBook 2530p

- by AlexDuggleby

Hi, I'd like to use the HP fingerprint sensor on my Elitebook 2530p. The system is a fresh Win7 Enterprise 64-bit and we are looking for an alternative to the HP ProtectTools Security Suite, which seems a bit bloated. We have tried the UPEK ProtectorSuite (both WBF and stand-alone edition) and they say they can't find the fingerprint device. The device shows up in device manager, in the BioMetric system configuration I have enabled logon to Windows and Domain credentials. Are there any other fingerprint login software (free or commercial) that you can recommend. Thanks in advance, Alex

Read the article
Creepy MySQL error during hard work

- by Kiewic

Hi, I have a MySQL database installed on a OpenSuse 11.1 server (it is a Bitnami image). The database works fine, it can stay many days without any error, but when MySQL receives a huge amount of transactions, it dies immediately. The next screen shows the error: Moreover, I don't know how to restart MySQL. I have tried this: /opt/bitnami/mysql/bin/mysqld start But it doesn't work, that gives me the next output: 110209 17:09:01 [ERROR] Fatal error: Please read "Security" section of the manual to find out how to run mysqld as root! 110209 17:09:01 [ERROR] Aborting 110209 17:09:01 [Note] /opt/bitnami/mysql/bin/mysqld.bin: Shutdown complete It doesn't matter which kind of statements are executing, if they are a huge amount, MySQL dies. The MySQL server version is 5.1.30 What can be causing these sudden failures?

Read the article
how to design network for connectivity between private and corporate LANs?

- by maruti

there is a bunch of servers connected to shared storage in a private LAN (10.x.x.x). this privateLAN is managed by a windows server (DHCP, DNS and directory services) these hosts need to be from outside of the datacenter Eg. Remote desktop. can the NIC2 on each of the hosts be connected to the other public LAN (compromising speed or security? what are improtant considerations: additional hardware? like switches? routing&DNS software? currently available hardware : Dell Powerconnect 6224 switch .... planning this for storage network. software: windows 2003 server for DHCP, DNS, A/D ? would it be more flexible to use Linux distributions like IPCOP, Untangle etc? all that I am looking for is good isolation between private and other networks, avoid DHCP, DNS, AD clashes.

Read the article

< Previous Page | 359 360 361 362 363 364 365 366 367 368 369 370 | Next Page >