Search Results

Search found 13853 results on 555 pages for 'soa security'.

Page 376/555 | < Previous Page | 372 373 374 375 376 377 378 379 380 381 382 383 | Next Page >

Error- D:\ is not accessible. Access is denied

- by Aaron

All of the sudden the D drive gives me an error when I try to open it: D:\ is not accessible. Access is denied. I have files on the drive that I would like to recover, so I do not want to reformat the drive. It acts almost like the computer doesn't recognize the drive. I have a feeling it's something with security settings, I may have accidentally changed something on the drive. I'm running on a Acer Aspire laptop on Windows Vista, SP2. I beleive both the C and the D drive run off of the same disk drive. At least that's all the Device Manager shows. So correct me if I'm wrong, but that would make it a partitioned drive.

Read the article
Why can't I copy files from a mac to a samba share?

- by chris

I have a share set up on my ubuntu 10.04 box, and the mac can see it, connect to it, and sort of write to it. When I try to copy a whole tree to the share, I get an error saying "The operation cannot be completed because you don't have access to some of the items". If I zip the directory, and copy that over, it succeeds. Any explanation? My smb.conf: [global] workgroup = wg netbios name = ubuntu security = user [Wife Debris] path = /home/wife/wifedebris read only = no guest ok = no force user = wife force group = wife

Read the article
MySQL open files limit

- by Brian

This question is similar to set open_files_limit, but there was no good answer. I need to increase my table_open_cache, but first I need to increase the open_files_limit. I set the option in /etc/mysql/my.cnf: open-files-limit = 8192 This worked fine in my previous install (Ubuntu 8.04), but now in Ubuntu 10.04, when I start the server up, open_files_limit is reported to be 1710. That seems like a pretty random number for the limit to be clipped to. Anyway, I tried getting around it by adding a line like this in /etc/security/limits.conf: mysql hard nofile 8192 I also tried adding this to the pre-start script in mysql's upstart config (/etc/init/mysql.conf): ulimit -n 8192 Obviously neither of those things worked. So where is the hoop that has been added between Ubuntu 8.04 and 10.04 through which I must jump in order to actually increase the open files limit?

Read the article
Java works under Firefox but crashes Internet Explorer

- by Dominic Grenier

Java works under Firefox and Chrome but not under IE. Here's what I tried (the advice normally given on forums): Java applet activated in tools - internet options - security tab - personnalise - Java applets Activated in tools - manage add-ons - tool bars and extensions - Java (tm) SSV2 helper - Activate Activated in tools - internet options - advanced tab - Use JRE for applet I've also deleted my temporary internet files (with Ccleaner), Reinstalled IE8 It is also set as the default Java for IE through the control panel - Java - Advanced tab - default Java for browsers - Microsoft Internet Explorer IE version: 8.0.6001.18702 Java version: 1.7.0_03. (also tried with 1.6.0_31) Windows XP SP3. Any advice? Thanks :) edit: I have activated the ActiveX controls through manage add-ons - all add-ons but now, although the coffe cup loading screen appears (which did not before) it makes IE crash (which is new). I might have fiddled too much with the registry by trying to completely remove Java to reinstall it, so I ran "rereg" (a tool to repair dlls and their registry entries) without success.

Read the article
Best and Proper Permissions Settings for Directory

- by Dr. DOT

I am interested in knowing the proper, yet security-conscious settings for a directory. Here's my scenario: I have a username for FTP access to my server called "user". For the purpose of the scenario, PHP runs as "nobody" on my server. I have a directory off the document root called "sample". The "sample" directory is chmod'd at 0755 (drwxr-xr-x) "Sample" is owned by "user" and the group is set to "user" The above is all very straight forward and standard. So I want to have a script be able to create (mkdir) and delete (rmdir) directories under "sample". Yet, I don't want to obviously overly expose my server by opening up the permissions (I could easily chmod sample to 0777 and make it world write-able). What is the best combination of permissions, owner settings and/or group settings to allow my script to create and delete directories under "sample" while retaining the ability for "user" to continue to FTP into the directory? Thanks.

Read the article
Not enough storage is available to process this command

- by Mohit

I am getting this error on almost all of the operations on a Windows 7 pro 32 bit machine. By operations I mean anything I do. Update a repo from subversion. Access a local IIS Site. Copy a big folder. Run an installer.and sometime if I try again. It get solved. I think there is something wrong wit windows7 . I searched around and found posts suggesting to increase IRPStackSize value in registry I did that no Luck. I am using Microsoft Security Essentials Version: 1.0.1961.0 as my antivirus package Once this errors starts popping up. I have to restart and then in after some random time. It starts showing up again. Any help is appreciated. I am losing lot of my time in restarting my system or retrying again and again.

Read the article
sudoer scheme for a web developer that retains future control of a server?

- by Tchalvak

Background I have a server that I'm looking to set up, and provide access to another web developer. I don't want to put many constraints on him, though I wouldn't mind isolating the site that he'll be developing from others on the server that I will develop. The problem Mainly what I want is to make sure that I retain control over the server in the future. I want to reserve the ability to create/promote/demote and other administrative functions that don't deal with web software. If I make him an admin, he can sudo su - and become root and remove root control from me, for example. What is a good setup for the sudoers file so that he can do things like: *install software (through apt-get) restart apache access mysql configure mysql/apache reboot edit web development configuration type files in /etc * And can't do things like: take away other admin permissions change the root password have control over other security/administrative functions Example sudoer files that accomplish something like that could be useful, I'm sure that people have needed to do this before.

Read the article
windows service log on as user a/c on different PC on same workgroup

- by maruti

trying to run a service (logon as admin@PC2) from PC1, when both are in work-group fails. why could this happen? OS is win-2003 and please let me know if any windows remote services have to be turned on or firewall configuration? does having PC's on same workgroup help? let me clarify the question: I am unable to see other computers from "Services Logon Tab select User" Object types available are only "users, built in security principals" Location is only local computer. But this is available from mmc console..add snap in how can this be available on services control panel?

Read the article
Visible Keylogger (ie not evil)

- by Ben Haley

I want keylogging software on my laptop for lifelogging purposes. But the software I can find is targeted towards stealth activity. Can anyone recommend a keylogging software targeted towards personal backup. Ideal Functionality Runs publicly (like in the task bar). Easy to turn off (via keyboard shortcut is best... at least via button click) Encrypted log Fast Free Cross platform ( windows at least ) The best I have found is pykeylogger which does not attempt to be stealthy, but does not attempt to be visible either. I want a keylogger focused on transparency, speed, and security so I can safely record myself. *note: Christian has a similar question with a different emphasis

Read the article
Using mod_wsgi with mpm_itk: socket permission issue

- by djechelon

I'm using mod_itk as MPM for increased security in shared environment. I also have a Firefox Sync Server within one of the VHosts I host. That vhost is restricted to a certain user via AssignUserId user group. The problem is that the socket /var/run/wsgi...whatever.sock is chmodded srwx------ and owned by Apache's wwwrun. While I configured the vhost with WSGIProcessGroup sync WSGIDaemonProcess sync user=djechelon group=djechelon processes=1 threads=5 I still get the error that Apache wants to access a socket that is not accessible and because of this gets an error. Is it possible to configure mod_wsgi in order to create different sockets with different owners for different applications or to chmod its socket in a different way (less secure)? Currently, I'm running Firefox Sync as the only WSGI application. Moving it to a vhost that doesn't AssignUserId could solve this problem but will force me to change URL (and buy an additional SSL certificate), so I wouldn't consider this

Read the article
How Do I Disable URL Pre-Pending in the FireFox 3 Title Bar When Opeing A New Window With JavaScript

- by N Rahl

For (understandable) security reasons, Firefox does not allow JavaScript to open a new window without the address/location bar AND without pre-pending the page's URL to the title in the title bar. For example, when you set: <title>My Site</title> in the header, and open the page using location=no FireFox changes the header to read: http://www.mysite.com - My Site - Mozilla Firefox. I would like it to simply say: My Site Everything I've read suggests this behaviour can't be altered with scripting, and as such, this is not a scripting question. What I would like to know is, which setting(s) can I change in the browser itself to disable URL pre-pending to the title of new windows? This is for a company Intranet, and I control all of the computers/browsers that connect to the application.

Read the article
Invalid operation dist-ugprade

- by drdarwin

i'm running Apache 2 on Debian at my VPS. Naturally i have problem with restricted GD-library of my php package and i need to fix it (i need imagerotate() function). Before installing php-gd pugin it's necessary to update php 5.2 to php 5.3 my /etc/apt/sources.list is: #deb http://ftp.ru.debian.org/debian/ lenny main contrib non-free #deb http://security.debian.org lenny/updates main contrib non-free #deb http://ftp.ru.debian.org/debian lenny main #deb-src http://volatile.debian.org/debian-volatile lenny/volatile main contrib deb http://packages.dotdeb.org stable all deb-src http://packages.dotdeb.org stable all The problem comes after apt-get dist-ugprade executing: /$ apt-get update Hit http://packages.dotdeb.org stable Release.gpg Hit http://packages.dotdeb.org stable Release Ign http://packages.dotdeb.org stable/all Packages/DiffIndex Ign http://packages.dotdeb.org stable/all Sources/DiffIndex Hit http://packages.dotdeb.org stable/all Packages Hit http://packages.dotdeb.org stable/all Sources Reading package lists... /$ apt-get dist-ugprade E: Invalid operation dist-ugprade What can cause this problem? How much should i wait while Reading package lists...? Is there any simple guideline for further php-gd installation?

Read the article
data replication from a production web server back to the staging web server

- by Dennis Smith

Have two web servers, development/staging and production. Code and some documentation is moved from the staging area to production either through on-demand jobs or nightly via a global replication job. The production server of course sits isolated in a DMZ. There is some content that gets uploaded to the live server that needs to be replicated back to staging. Our security team is locking the network down (and they should) and restricting access to the live server. Best suggestions for replication of "live" data back to "stage" and backing up the live server also.

Read the article
windows firewall and network location switch after establishing a vpn connection

- by Konrads

I am looking for a reasonable solution for network location switching after VPN connection is established for Windows 7. The scenario is as follows: For location public (employee plugging in his laptop in hotel, public wi-fi,etc) all inbound connections are restricted, only outbound VPN + www is enabled. Employee then initiates a VPN connection, VPN pushes routes to 10.0.0.0/8 subnet Now I would like to have lax security rules for traffic from/to 10.0.0.0/8 that comes through the VPN interface, while still protecting the laptop from traffic that comes via uplink interface as if it was private. How to achieve this switching and duality? One option I see is switching to IPSec...

Read the article
Group policy applied to AD OU attributes

- by Eric Smith

I'm not well-versed in AD, so would like to resolve a question I have with regards to AD information. I understand that it is possible to apply group policy to OU's, thereby restricting access. What I'd like to know is, is it possible to do the same with OU attributes. Some context would help. There's a requirement to store address information in AD (IMO, a natural fit), but for various reasons, although obviously things like name should be globally accessible, access restrictions are desired on the address. In this case, is it possible to apply security to the address portion of the OU attributes, or does each address have to be broken into a separate OU (a solution that feels smelly given that address doesn't have identity)?

Read the article
Is there a command line two-factor authentication verification code generator?

- by dan

I manage a server with two-factor authentication. I have to use the Google Authenticator iPhone app to get the 6-digit verification code to enter after entering the normal server password. The setup is described here: http://www.mnxsolutions.com/security/two-factor-ssh-with-google-authenticator.html I would like a way to get the verification code using just my laptop and not from my iphone. There must be a way to seed a command line app that generates these verification codes and gives you the code for the current 30-second window. Is there a program that can do this?

Read the article
RAID 10: SPAN 2 vs SPAN 4

- by LaDante Riley

I am currently configuring RAID 10 (first time doing RAID ever) for a server at work. In the Configuration Utility. I am given the option of either span 2 or span 4. Having never done this before, I was curious if someone could tell me the pros and cons of for each span? Thanks The server is a Poweredge r620 with a PERC H710 mini (Security Capable) RAID controller. I have 8 600GB hard drives. I am creating this server as a network storage drive. I have SQL server historian database whose 1TB storage filled up and after 5 years of logging data.

Read the article
Exchange can't send emails with attachments

- by Jack

No one in our organization can send emails with attachments. Emails without attachments go through fine, but if an attachment is included, an error appears in the Server Failures folder under Sync Issues. The error is "The following message had an error and synchronization of it was skipped (0xc0090081)". We are using Symantec Mail Security, which we shut down to try to troubleshoot the problem, and now that fails to load. Any ideas as to what to check? I'm sorry I don't have more complete information, but I'm helping someone try to figure this out. I'm not the admin myself. Thanks.

Read the article
help setting up an IPSEC vpn from my linux box

- by robthewolf

I have an office with a router and a remote server (Linux - Ubuntu 10.10). Both locations need to connect to a data supplier through a VPN. The VPN is an IPSEC gateway. I was able to configure my Linksys rv42 router to create a VPN connection successfully and now I need to do the same for Linux server. I have been messing around with this for too long. First I tried OpenVPN, but that is SSL and not IPSEC. Then I tried Shrew. I think I have the settings correct but I haven't been able to create the connection. It maybe that I have to use something else like a direct IPSEC config or something like that. If someone knows of a way to turn the following settings that I have been given below into a working IPSEC VPN connection I would be very grateful. Here are the settings I was given that must be used to connect to my supplier: Local destination network: 192.168.4.0/24 Local destination hosts: 192.168.4.100 Remote destination network: 192.167.40.0/24 Remote destination hosts: 192.168.40.27 VPN peering point: xxx.xxx.xxx.xxx Then they have given me the following details: IPSEC/ISAKMP Phase 1 Parameters: Authentication method: pre shared secret Diffie Hellman group: group 2 Encryption Algorithm: 3DES Lifetime in seconds:28800 Phase 2 parameters: IPSEC security: ESP Encryption algortims: 3DES Authentication algorithms: MD5 lifetime in seconds: 28800 pfs: disabled Here are the settings from my attempt to use shrew: n:version:2 n:network-ike-port:500 n:network-mtu-size:1380 n:client-addr-auto:0 n:network-frag-size:540 n:network-dpd-enable:1 n:network-notify-enable:1 n:client-banner-enable:1 n:client-dns-used:1 b:auth-mutual-psk:YjJzN2QzdDhyN2EyZDNpNG42ZzQ= n:phase1-dhgroup:2 n:phase1-keylen:0 n:phase1-life-secs:28800 n:phase1-life-kbytes:0 n:vendor-chkpt-enable:0 n:phase2-keylen:0 n:phase2-pfsgroup:-1 n:phase2-life-secs:28800 n:phase2-life-kbytes:0 n:policy-nailed:0 n:policy-list-auto:1 n:client-dns-auto:1 n:network-natt-port:4500 n:network-natt-rate:15 s:client-dns-addr:0.0.0.0 s:client-dns-suffix: s:network-host:xxx.xxx.xxx.xxx s:client-auto-mode:pull s:client-iface:virtual s:client-ip-addr:192.168.4.0 s:client-ip-mask:255.255.255.0 s:network-natt-mode:enable s:network-frag-mode:disable s:auth-method:mutual-psk s:ident-client-type:address s:ident-client-data:192.168.4.0 s:ident-server-type:address s:ident-server-data:192.168.40.0 s:phase1-exchange:aggressive s:phase1-cipher:3des s:phase1-hash:md5 s:phase2-transform:3des s:phase2-hmac:md5 s:ipcomp-transform:disabled Finally here is the debug output from the shrew log: 10/12/22 17:22:18 ii : ipc client process thread begin ... 10/12/22 17:22:18 < A : peer config add message 10/12/22 17:22:18 DB : peer added ( obj count = 1 ) 10/12/22 17:22:18 ii : local address 217.xxx.xxx.xxx selected for peer 10/12/22 17:22:18 DB : tunnel added ( obj count = 1 ) 10/12/22 17:22:18 < A : proposal config message 10/12/22 17:22:18 < A : proposal config message 10/12/22 17:22:18 < A : client config message 10/12/22 17:22:18 < A : local id '192.168.4.0' message 10/12/22 17:22:18 < A : remote id '192.168.40.0' message 10/12/22 17:22:18 < A : preshared key message 10/12/22 17:22:18 < A : peer tunnel enable message 10/12/22 17:22:18 DB : new phase1 ( ISAKMP initiator ) 10/12/22 17:22:18 DB : exchange type is aggressive 10/12/22 17:22:18 DB : 217.xxx.xxx.xxx:500 <- 206.xxx.xxx.xxx:500 10/12/22 17:22:18 DB : c1a8b31ac860995d:0000000000000000 10/12/22 17:22:18 DB : phase1 added ( obj count = 1 ) 10/12/22 17:22:18 : security association payload 10/12/22 17:22:18 : - proposal #1 payload 10/12/22 17:22:18 : -- transform #1 payload 10/12/22 17:22:18 : key exchange payload 10/12/22 17:22:18 : nonce payload 10/12/22 17:22:18 : identification payload 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local supports nat-t ( draft v00 ) 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local supports nat-t ( draft v01 ) 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local supports nat-t ( draft v02 ) 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local supports nat-t ( draft v03 ) 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local supports nat-t ( rfc ) 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local supports DPDv1 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local is SHREW SOFT compatible 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local is NETSCREEN compatible 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local is SIDEWINDER compatible 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local is CISCO UNITY compatible 10/12/22 17:22:18 = : cookies c1a8b31ac860995d:0000000000000000 10/12/22 17:22:18 = : message 00000000 10/12/22 17:22:18 - : send IKE packet 217.xxx.xxx.xxx:500 - 206.xxx.xxx.xxx:500 ( 484 bytes ) 10/12/22 17:22:18 DB : phase1 resend event scheduled ( ref count = 2 ) 10/12/22 17:22:18 ii : opened tap device tap0 10/12/22 17:22:28 - : resend 1 phase1 packet(s) 217.xxx.xxx.xxx:500 - 206.xxx.xxx.xxx:500 10/12/22 17:22:38 - : resend 1 phase1 packet(s) 217.xxx.xxx.xxx:500 - 206.xxx.xxx.xxx:500 10/12/22 17:22:48 - : resend 1 phase1 packet(s) 217.xxx.xxx.xxx:500 - 206.xxx.xxx.xxx:500 10/12/22 17:22:58 ii : resend limit exceeded for phase1 exchange 10/12/22 17:22:58 ii : phase1 removal before expire time 10/12/22 17:22:58 DB : phase1 deleted ( obj count = 0 ) 10/12/22 17:22:58 ii : closed tap device tap0 10/12/22 17:22:58 DB : tunnel stats event canceled ( ref count = 1 ) 10/12/22 17:22:58 DB : removing tunnel config references 10/12/22 17:22:58 DB : removing tunnel phase2 references 10/12/22 17:22:58 DB : removing tunnel phase1 references 10/12/22 17:22:58 DB : tunnel deleted ( obj count = 0 ) 10/12/22 17:22:58 DB : removing all peer tunnel refrences 10/12/22 17:22:58 DB : peer deleted ( obj count = 0 ) 10/12/22 17:22:58 ii : ipc client process thread exit ...

Read the article
How hard for a Software Developer to Maintain a Server

- by Samy

I'm a software developer and don't have much experience as a sysadmin. I developed a web app and was considering buying a server and hosting the web app on it. Is this a huge undertaking for a web developer? What's the level of difficulty of maintaining a server and keeping up with the latest security patches and all that kind of fun stuff. I'm a single user, and not planning to sell the service to others. Can someone also recommend an OS for my case, and maybe some good learning resources that's concise and not too overwhelming.

Read the article
suphp how disable ls /

- by Pol Hallen

Using suphp, I set a php.ini to every virtual host. In php.ini I also setted: open_basedir = /home/site1 php script runs, but if I ve a script with ls / I can see whole root directory. How can disable this hole security? <VirtualHost *:80> ServerName site1 ServerAlias www.site1.com DirectoryIndex index.html index.htm DocumentRoot /home/site1/ suPHP_Engine on AddHandler x-httpd-php .php .php3 .php4 .php5 suPHP_AddHandler x-httpd-php # THIS READ php.ini suPHP_ConfigPath /home/site1/ <Directory /home/site1/> Options -Includes -Indexes -FollowSymLinks -ExecCGI -MultiViews AllowOverride none Order allow,deny Allow from all </Directory> </VirtualHost>

Read the article
cannot connect to MS FTP 7.5 on Windows 2008 on Amazon EC2 instance

- by minerj

I have just installed the MS FTP 7.5 upgrade on my Windows 2008 Server (Service Pack 2) running on an Amazon EC2 instance. In the FTP Firewall Support settings for the server in IIS Manager I have set up the passive port range 45001 - 45005 and also set the External Firewall IP address to match the assigned Amazon Elastic IP address. Using the AWS Console I changed the Security Group for the server to allow access to the server through ports 21 and 45001 through 45005. Using an FTP client (either the command line FTP client or Windows Explorer) on the Amazon server I can connect to the FTP server but I cannot connect with an external FTP client. When I checked to see which ports were open on the server using Shields Up it shows that port 21 is open but ports 45001 to 45005 are closed. I assume I'm missing something. Any help greatly appreciated.

Read the article
cant send using postfix from external ip address

- by daniel

i have postfix set up as a satellite to listen on port 587 i can send email outside fine trough the postfix(ubuntu) box from the local network with no problems when i try to connect to the postfix(ubuntu) box from a external ip and send mail it spits back a 554 5.7.1 Relay access denied error i can telnet to it fine, just cant send mail this is my main.cf : smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no append_dot_mydomain = no readme_directory = no smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = smtp_use_tls = no myhostname = cotiso-desktop alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = mydomainname.com, cotiso-desktop, localhost.localdomain, localhost relayhost = smtp.mydomainname.com mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all inet_protocols = all there is no security set up yet, i'm just trying to get it working first any ideas? thanks in advance

Read the article
Connect to RDS inside a VPC using Opsworks located in another VPC

- by Consuelo Merino

I have a RDS instance (mysql) inside a VPC called vpc-a (10.0.0.0/16). This instance is private, it can only be accessed from vpc-a. We created a stack on opsworks inside another VPC called vpc-b (10.1.0.0). We want to connect opsworks to the RDS but it doesn't work. It refuses to connect. I tried adding said subnet to the RDS security group. Also read a lot of documentation but I haven't stumbled across the answer. Any help would be greatly appreciated.

Read the article
Firefox: howto open hxxp or other obscured links automatically

- by fyodor78

howto open hxxp or other obscured links automatically with Firefox (without copy and paste manually)?. For non obscured links I use Linky Firefox add-on From Wikipedia hxxp://, sometimes h**p:// or _ttp://, is used in URLs (web links) to obscure the fact that one is linking to a http:// website. It is generally used to avoid automatic recognition by computer programs. For a user to follow this link, it is usually necessary to manually copy-paste the link onto the web browser's address bar and replace the 'x'es with 't's. screenshot I use RefControl, so security is not an issue.

Read the article

< Previous Page | 372 373 374 375 376 377 378 379 380 381 382 383 | Next Page >