Search Results

Search found 13853 results on 555 pages for 'soa security'.

Page 368/555 | < Previous Page | 364 365 366 367 368 369 370 371 372 373 374 375  | Next Page >

• "Fast link detected" warning in GP management console

  - by ???????? ??????

  There is a message that is shown in every report i make in Group Policy Results section of Group Policy Management Console, saying that "A fast link is detected". I followed the link in the waring, but after I read the page several times, I concluded, that I can ignore the warning. However, I noticed that the group policies are not applied when security filtering is used untl "gpupdate /sync" is executed... Is this related to the fast sync? In general, can somebody explain me the consequences of fast links briefly?

  Read the article

• Is MS Forefront Add-in for Exchange server detecting HTML/Redirector.C incorrectly?

  - by rhart

  Users of a website hosted by our organization occasionally send complaints that our registration confirmation emails are infected with HTML/Redirector.C. They are always using an MS Exchange Server with the MS Forefront for Exchange AV add-in. The thing is, I don't think the detection is legitimate. I think the issue is that the link in the email we send causes a redirect. I should point out that this is done for a legitimate purpose. :) Has anybody run into this before? Naturally, Microsoft provides absolutely no good information on this one: http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan%3aHTML%2fRedirector.C&ThreatID=-2147358338 I can't find any other explanation of HTML/Redirector.C on the Internet either. If anyone knows of a real description for this virus that would be greatly appreciated as well.

  Read the article

• Write-but-not-delete permissions on SAMBA

  - by m6a-uds

  Hi! I installed samba on my linux server for public file sharing on the LAN. I works great currently, but I would like to add some security: People from LAN should be able to Read files present and Add new ones, but not delete files. I want to keep this privilege for me ;-) How should-I do this? I have set up a "admin" account having full access even to deletion. There is just left to configure the "guest" acount. Google isn't helping that much right now...

  Read the article

• How to block subreddits with BIND9?

  - by user1391189

  Please help me block NSFW subreddits like this one (http://www.reddit.com/r/NSFW/) I would like to keep access to SFW subreddits, but block certain subreddits that are distracting or NSFW. I know how to filter domains. (see files below) But how do I apply the filter only to certain subreddits? So far I have set up the following files: blocklist.conf zone "adimages.go.com" { type master; file "dummy-block"; }; zone "admonitor.net" { type master; file "dummy-block"; }; zone "ads.specificpop.com" { type master; file "dummy-block"; }; ... named.conf options { allow-query { 127.0.0.1; }; allow-recursion { 127.0.0.1; }; directory "c:\bind\etc"; notify no; }; zone "." IN { type hint; file "c:\bind\etc\named.root"; }; zone "localhost" IN { allow-update { none; }; file "c:\bind\etc\localhost.zone"; type master; }; zone "0.0.127.in-addr.arpa" IN { allow-update { none; }; file "c:\bind\etc\named.local"; type master; }; key "rndc-key" { algorithm hmac-md5; secret "O5VdbBKKEMzuLYjM60CxwuLLURFA6peDYHCBvZCqjoa6KtL1ggD7OTLeLtnu2jR5I5cwA/MQ8UdHc+9tMJRSiw=="; }; controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "rndc-key"; }; }; //Blocklist include "c:\bind\etc\blocklist.conf"; dummy-block $TTL 604800 @ IN SOA localhost. root.localhost. ( 2 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS localhost. @ IN A 127.0.0.1 * IN A 127.0.0.1

  Read the article

• In SASL authentication, are the messages between a particular client and server the same every time

  - by karenc

  I wrote a test client and server using the Cyrus SASL library, and I'm manually forcing it to select GSSAPI as the mechanism. While debugging, I printed the md5sum of each message as it was passed between the two. I noticed that the sequence seems to be the same every time I connect. That is, if the message sequence on the first negotiation was clientMessage1, serverResponse1, clientMessage2, etc... to successful authentication, if I then restart my client, the same clientMessage1, serverResponse2, clientMessage2,etc... sequence is repeated. It seems to me like it would be a security concern. Is this the correct behavior and if so, should I be wrapping these communications in TLS or something?

  Read the article

• Looking for zsh completion file for osX native commands

  - by Chiggsy

  I've been digging deep into what actually comes with osX in /usr/bin and especially /usr/libexec. Quite good stuff really, although the command syntax is a bit.. odd. Let me direct the curious to the command that made me think of this: networksetup -printcommands I can not think of a command that better illustrates the need for good completion. security -h perhaps, but those commands have a familiar easy-to-read format. I beseech the community, please point me to a place where I can find such a thing. I never type them right, and I ache for tab completion for this Anyone have any idea where I could grab something? I'd prefer to stand on the shoulders of giants instead of trying to make a zsh/bash completion script leap into the world, ready for battle, like Athena, from my forehead. I am no Zeus when it comes to compctl. Not at all.

  Read the article

• Windows 7 Change internet time settings tells me I have no permissions.

  - by Matthias Vance

  LS, While trying to solve my computer clock always running ahead (even when on, not just on every boot), I apparently broke some security settings. All I did (as far as I can remember) was stop and start the w32time service. Now, whenever I go to the "Internet time" tab, and click "Change settings..." Windows tells me I don't have permissions to do so. Facts I am a member of the Administrators group. In gpedit.msc, I checked that the Administrators group is allowed to change the system time. Kind regards, Matthias Vance

  Read the article

• How to change MySQL data directory?

  - by Jonathan Frank

  I want to place my databases in another directory, so I can store them in an ESB (elastic block storage, just a fancy name for a virtualized harddisk) together with my web-apps and other persistent data. I have tried to walk through a tutorial at http://crashmag.net/change-the-default-mysql-data-directory-with-selinux-enabled. Everything seems fine until I type this command: # semanage fcontext -a -t mysqld_db_t "/srv/mysql(/.*)?" Then the command fails and tells me that mysqld_db_t is an invalid SELinux context even if the default MySQL data directory is labelled with this context. I am running Fedora 15 on Virtualbox (behaves like an ordinary x86-compatible box) and Amazon EC2 (based on Xen) so the tutorial should be compatible. It is also worth to mention that turning off SELinux globally or just for the MySQL process is not an option, because such a solution will decrease the security of the system if a hacker gains access to the system via the MySQL server. I have never seen this problem before I changed to the Redhat/Fedora architecture, so it could be a distribution specific issue. Any help is highly appreciated

  Read the article

• Win Server 2008 force kerberos setting

  - by ftiaronsem

  I am currently facing the problem that a linux machine running Ubuntu 10.04 LTS with samba and winbindd installed is unable to join a Domain, that is managed by a Windows 2008 DC. The linux config, is probably alright, since I have successfully used it at multiple sites, running 2008 as well as 2003 DCs. The error I get ("libads/kerberos.c: Join to domain is not valid. Client credentials have been revoked"), indicates that there is a kerberos problem. Normally the linux box is supposed to authenticate via NTLM and is configured that way. The only reason I can image why it tries kerberos is that the DC is forcing it. Do you know whether there is any setting in the security policies of a window 2008 server, that would completely block NTLM, forcing kerberos? If so, where can I find this setting?

  Read the article

• What are some hosted MySQL solutions?

  - by bigmac

  I would like to host a MySQL database somewhere. The basic solution would be to get a VPS, but then I am stuck doing all the sysadmin stuff. It's not terribly difficult if you are not doing anything fancy, but if something goes wrong (like a security breach), it may be hard to resolve or even diagnose in the first place. On the other end of the spectrum, I found Xeround and Amazon RDS. Xeround is not exactly standard MySQL. Amazon seems a bit complex to get started (which is weird because they specifically say it is "simple to deploy"). Why is there nothing in the middle? Is there no demand for a basic hosted MySQL solution?

  Read the article

• SQL Server Windows Auth Login sees Domain as untrusted...

  - by Mr Shoubs

  I've had someone set up a domain controller on windows 2008 on one server, and sql server 2008 on another. The domain seems to be working fine, I'm logged on as a domain user on both servers, nothing seems to be a problem there. However, when I try to add a domain user/group to SQL Server Security (e.g. clicking ok from the create login screen) it says it can't find it (even though I've used the search to find the correct account in the first place), when I try to logon (even though I haven't added it yet) it says something about the account being part of an untrusted domain instead of saying I don't have permission to log on. Anyone have any ideas on what is set up incorrectly?

  Read the article

• How to manage credentials on multiserver environment

  - by rush

  I have a some software that uses its own encrypted file for password storage ( such as ftp, web and other passwords to login to external systems, there is no way to use certificates ). On each server I've several instances of this software, each instance has its own password file. At the moment number of servers is permanently growing and it's getting harder and harder to manage all passwords on all instances up to date. Unfortunately, some servers are in cegregated network and there is no access from them to some centralized storage, but it works vice versa. My first idea was to create a git repository, encrypt each password with gpg and store it there and deliver it within deployment system, but security team was not satisfied with this idea and as it is insecure to store passwords in repository even in encrypted view ( from their words ). Nothing similar comes to my mind. Is there any way to implement safe and secure password storage with minimal effort to manage all passwords up-to-date? ps. if that matters I've red hat everywhere.

  Read the article

• How can I grant read-only access to my SQL Server 2008 database?

  - by Adrian Grigore

  Hi, I'm trying to grant read-only access (in other words: select queries only) to a user account on my SQL Server 2008 R2 database. Which rights do I have to grant to the user to make this work? I've tried several kinds of combinations of permissions on the server and the database itself, but in all cases the user could still run update queries or he could not run any queries (not even select) at all. The error message I always got was The server principal "foo" is not able to access the database "bar" under the current security context. Thanks for your help, Adrian

  Read the article

• MBSA: failed to create empty document

  - by Scott

  We just purchased a Windows-based VPS that I've been tasked to set up as a web server. It's running Windows 2003 Server Datacenter Edition. I downloaded the latest version of Microsoft Baseline Security Analyzer and installed it, but when I try to run it I'm given an error message "Failed to create empty document." A search on Google gave the suggestion to change the path of the TEMP and TMP environment variables, which I tried but it made no difference. I also saw suggestions that this problem is caused by MMC, but I was just in MMC setting up a user account. What am I missing?

  Read the article

• Linux Mint Wireless doesn't connect [migrated]

  - by guisantogui

  I'm having a great problem, I've installed Linux mint debian edition (LMDE), and following this tutorial http://community.linuxmint.com/tutorial/view/161 I did installed the network driver. The available connections appears to me, but when i try to connect to my connection at first time, I got this message: "(4) Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken." And the following tries, I got this another message: "(32) Insufficient privileges." I'm accepting ideas. Thanks.

  Read the article

• Is it Secure to Grant Apachie User Ownership of Directories & Files for Wordpress

  - by Oudin

  I'm currently setting up WordPress on an Ubuntu server 12 everything runs fine but there is an issue when it comes to automatically updating and uploading media via WP as Apache "www-data" user does not have permissions to write to the directories. "user1" has full permission All my directories have permissions of 0755 and files 644 my directories setup is as follows: /home/user1/public_html All WP files and directories are in "public_html" In order to work around the auto updating and uploading media I've granted Apache user ownership to the following directories sudo chown www-data:www-data wp-content -R sudo chown www-data:www-data wp-includes -R sudo chown www-data:www-data wp-admin -R I would like to know security wise how secure this is and if it is not secure what would be the best solution? That will allow me to keep all files and directories owned by user1 and still allow wp to be able to automatically update and uploading media

  Read the article

• Install Windows Server 2008 Core on a Dell Optiplex 790

  - by Alex Marshall

  Does anybody have experience installing Windows Server 2008 Core on a Dell Optiplex 790? When I connect to the machine with the Hyper-V Manager Administrator snap-in, and try to create and run a virtual machine, I get the error "The Virtual Machine could not be started because the hypervisor is not running". I've disabled the Execute Disable functionality in the BIOS as was requried for other Dell models, but no matter what combination of security and virtualization settings I use on the machine, I can't get this working. EDIT: I've installed Windows Server 2008 Core on a Dell Optiplex 790, and I'm trying to install and setup a guest VM on the Hypervisor EDIT 2: The Hyper-V role is installed and configured, without any errors in the event log. Hardware-assisted virtualization is also enabled.

  Read the article

• Is Windows XP Pro not a good Hyper-V guest citizen?

  - by Magnus

  On my Windows Server 2008 R2 w. the Hyper-V role, I have these guest VMs: 3 x Windows Server 2008 R2 2 x Windows Server 2003 x86 2 x Windows 7 x64 1 x Windows XP Pro x86 In general, all machines are very fast and responsive. However, the Windows XP Pro guest is very sluggish. It can take up to 2 minutes to connect to the console/or a RD session. Sometimes it can "go into sleep" for several minutes. I have tried to add a 2nd CPU and more memory, but it doesn't help. When the issue happens, it's more or less impossible to get a responsive Task Manager up to analyze which process is hogging the CPU. But I have noticed that it can be various processes; lsass.exe, crss.exe etc. Integration Services is installed. Microsoft Security Essentials is installed, but I have tried without it, no difference. Any ideas?

  Read the article

• DNS Server Spoofed Request Amplification DDoS - Prevention

  - by Shackrock

  I've been conducting security scans, and a new one popped up for me: DNS Server Spoofed Request Amplification DDoS The remote DNS server answers to any request. It is possible to query the name servers (NS) of the root zone ('.') and get an answer which is bigger than the original request. By spoofing the source IP address, a remote attacker can leverage this 'amplification' to launch a denial of service attack against a third-party host using the remote DNS server. General Solution: Restrict access to your DNS server from public network or reconfigure it to reject such queries. I'm hosting my own DNS for my website. I'm not sure what the solution is here... I'm really looking for some concrete detailed steps to patch this, but haven't found any yet. Any ideas? CentOS5 with WHM and CPanel. Also see: http://securitytnt.com/dns-amplification-attack/

  Read the article

• Default permissions for courier imap folders

  - by JoeCoder

  I'm using courier imap. When a mail client creates a new folder, it's created on the filesystem with 640 permission. I need it to be writable by the group, or 660. I currently have /etc/courier/imapd IMAP_UMASK=007, but that's not enough. I'm not sure what else to try. Any ideas? I'm using ubuntu server 12.04. EDIT: I added a 50pt bounty to this. For an acceptable answer, I need a way to make it work from a package in a standard repo. If I download source and compile it myself, it won't be automatically kept up to date with security fixes. If I don't find a better answer, I'll add code to the admin script to call another sudo approved script to chmod -R the whole directory before every change. But this is kind of hack-ish.

  Read the article

• SQL Server Windows Auth Login not working

  - by Mr Shoubs

  I've had someone set up a domain controller on windows 2008 on one server, and sql server 2008 on another. The domain seems to be working fine, I'm logged on as a domain user on both servers, nothing seems to be a problem there. However, when I try to add a domain user/group to SQL Server Security (e.g. clicking ok from the create login screen) it says it can't find it (even though I've used the search to find the correct account in the first place), when I try to logon (even though I haven't added it yet) it says something about the account being part of an untrusted domain instead of saying I don't have permission to log on. Anyone have any ideas on what is set up incorrectly?

  Read the article

• Restoring WordPress EC2 instance from snapshot results in 403 Forbidden error

  - by Eric Matthew Turano

  This problem has been perplexing me for weeks now. Here's how the issue goes: Launch Amazon Linux 64-bit instance, successfully install WordPress, and site is active w/ no issues Create snapshot of the instance's root volume Shut down instance Create volume from snapshot, attach to instance, and reboot instance Associate Elastic IP with instance Once that's done and I try logging onto the site, I am redirected to myurl.com/wp-admin/install.php and greeted with this message: Forbidden: You don't have permission to access /wp-admin/install.php on this server. Apache/2.2.25 (Amazon) Server at www.myurl.com Port 80 Port 80 is open on the inbound security group settings, so that's not the issue. Keep in mind all I am doing is merely creating a new volume and attaching it to the same instance, and this issue comes up. What am I doing wrong, and how can I create a complete backup of my instance without this error occuring?

  Read the article

• What could prevent one Amazon EC2 instance from pinging another instance's Private IP?

  - by ks78

  I have multiple Amazon EC2 instances which need to communicate using private IPs. However, so far I've been unable to ping one instance's private IP from another instance. I can ping external addresses, such as their Elastic IPs and other sites (yahoo, google, etc), so it seems there's nothing wrong with the instances' network configuration. Also, they are all in the same zone, so that shouldn't be an issue. Does anyone have any idea what I could be doing wrong? Could this related to the Security Group settings?

  Read the article

• What response should be made to a continued web-app crack attempt?

  - by Tchalvak

  I've issues with a continuous, concerted cracking attempt on a website (coded in php). The main problem is sql-injection attempts, running on a Debian server. A secondary effect of the problem is being spidered or repeatedly spammed with urls that, though a security hole has been closed, are still obviously related attempts to crack the site, and continue to add load to the site, and thus should be blocked. So what measures can I take to: A: Block known intruders/known attack machines (notably making themselves anonymous via botnet or relaying servers) to prevent their repeated, continuous, timed access from affecting the load of the site, and B: report & respond to the attack (I'm aware that the reporting to law enforcement is almost certainly futile, as may be reporting to the ip/machine where the attacks are originating, but other responses to take would be welcome).

  Read the article

• sshd warning, "POSSIBLE BREAK-IN ATTEMPT!" for failed reverse DNS

  - by rking

  Whenever I SSH somewhere I get something like this in the logs: sshd[16734]: reverse mapping checking getaddrinfo for 1.2.3.4.crummyisp.net [1.2.3.4] failed - POSSIBLE BREAK-IN ATTEMPT! And it is right: if I do host 1.2.3.4 it returns 1.2.3.4.crummyisp.net, but if I do host 1.2.3.4.crummyisp.net it is not found. I have two questions: What security threat is there? How could anyone fake a one-way DNS in some threatening way? Do I have any recourse for fixing this? I'll send my ISP a bug report, but who knows where that'll go.

  Read the article

< Previous Page | 364 365 366 367 368 369 370 371 372 373 374 375  | Next Page >