Search Results

Search found 30932 results on 1238 pages for 'rogue security software'.

Page 42/1238 | < Previous Page | 38 39 40 41 42 43 44 45 46 47 48 49  | Next Page >

  • Linux Debian Security Breach - what now? [closed]

    - by user897075
    Possible Duplicate: My server's been hacked EMERGENCY I installed Debian (Squeeze) a while back in my home network to host some personal sites (thank god). During the installation it prompted me to enter a user other than root - so in a rush I used my name as user and pass (alex/alex for what its worth). I know it's horrible practice but during the setup of this server I'm always logged in as root to perform configurations, etc. Few days or a week passes and I forget to change the password. Then I finally get my web site finished and I open the port forwarding on my router and DynDNS to point to my server in my home. I've done this many times in the past never had issues but I use a cryptic root password and I guess disabled regular accounts. Today I reformat my Windows 7 and after spending all day tweaking and updating SP1 I look for cloning apps and find clonezilla and see it supports SSH cloning, so I go through the process only to discover I need a user, so I log into my web-server and see I have the user 'alex' already in and realize I don't know the password. So I change the password to something cryptic and visit the directory 'home' only to realize their are contents such as passfile, bengos, etc. My heart sinks, I've been hacked!!! Sure as hell there are all sort of scripts and password files. I run a 'last' command and it seems they last logged in april 3rd. Question: What can I do to see if they did anything destructive? Should I reformat and reinstall? How restrictive is Debian/Squeeze in terms of user permissions out of the box - all my personal website stuff was created using 'root' so changing files does not seem to have occured. How did they determine there was a user 'alex' on the machine? Can you query any machine and figure this out? What the users are? Looks like they tried to run a IP scan...other nodes on the network are running Windows 7. One of which seems a little wonky as of late - is it possible they buggered up that system? What corrective action can I take to avoid this from happening again? And figure out what might have changed or been hacked? I'm hoping debian out of box is fairly secure and at best he managed to read some of my source code. :p Regards, Alex

    Read the article

  • About the security of adding a signature to a PDF file

    - by ????
    We can add a "bitmap" or image signature to a PDF file, either by using Adobe Acrobat or by Mac's Preview app, but I wonder, besides always encrypting it with a password before sending it by email to the other party, how valid and secure is it? The reason is, if the signature is a bitmap, then there is nothing that prevents anybody copying and pasting that image to other documents, or even, if a cheque is written to anybody at all (such as to the landlord), then there is nothing that prevents the signature from being scanned and copied and pasted to any other PDF documents as well.

    Read the article

  • Project management, timesheet and planning software

    - by hfidgen
    Hiya, I'm trying to find an integrated PM solution which will give my business all of the following: Timesheeting so we can track time spent on tasks Holiday planner (integrated with timesheet and project management Project management tool, integrating the above, with milestones, gantt chart, dependancies etc. Forecasting ability (nice to have, but not a requirement) Reporting capability - especially time spent on projects, costs etc. Now yeah, that's quite a lot of functionality, I appreciate that! But currently we've got 3 systems, none of which really talk to each other and it's a right headache. So far we've looked at: OpenWorkbench - not enough features Basecamp - not enough features and too reliant on online MS Project - too expensive? Can anyone throw some other hats into the ring which maybe I've not heard about? Really interested to hear how other people have approached this, it's not an unusual business requirement! Thanks!

    Read the article

  • Best defragmentation software?

    - by dentrasi
    I'm currently running Defraggler on my system, as it's fast, seems to be effective, and has a nice clean interface; it's also the program the other techs recommend to me. I've also heard good things about JKDefrag. Which program do you find you get the best results with?

    Read the article

  • 2 drives, slow software RAID1 (md)

    - by bart613
    Hello, I've got a server from hetzner.de (EQ4) with 2* SAMSUNG HD753LJ drives (750G 32MB cache). OS is CentOS 5 (x86_64). Drives are combined together into two RAID1 partitions: /dev/md0 which is 512MB big and has only /boot partitions /dev/md1 which is over 700GB big and is one big LVM which hosts other partitions Now, I've been running some benchmarks and it seems like even though exactly the same drives, speed differs a bit on each of them. # hdparm -tT /dev/sda /dev/sda: Timing cached reads: 25612 MB in 1.99 seconds = 12860.70 MB/sec Timing buffered disk reads: 352 MB in 3.01 seconds = 116.80 MB/sec # hdparm -tT /dev/sdb /dev/sdb: Timing cached reads: 25524 MB in 1.99 seconds = 12815.99 MB/sec Timing buffered disk reads: 342 MB in 3.01 seconds = 113.64 MB/sec Also, when I run eg. pgbench which is stressing IO quite heavily, I can see following from iostat output: Device: rrqm/s wrqm/s r/s w/s rsec/s wsec/s avgrq-sz avgqu-sz await svctm %util sda 0.00 231.40 0.00 298.00 0.00 9683.20 32.49 0.17 0.58 0.34 10.24 sda1 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 sda2 0.00 231.40 0.00 298.00 0.00 9683.20 32.49 0.17 0.58 0.34 10.24 sdb 0.00 231.40 0.00 301.80 0.00 9740.80 32.28 14.19 51.17 3.10 93.68 sdb1 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 sdb2 0.00 231.40 0.00 301.80 0.00 9740.80 32.28 14.19 51.17 3.10 93.68 md1 0.00 0.00 0.00 529.60 0.00 9692.80 18.30 0.00 0.00 0.00 0.00 md0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 dm-0 0.00 0.00 0.00 0.60 0.00 4.80 8.00 0.00 0.00 0.00 0.00 dm-1 0.00 0.00 0.00 529.00 0.00 9688.00 18.31 24.51 49.91 1.81 95.92 Device: rrqm/s wrqm/s r/s w/s rsec/s wsec/s avgrq-sz avgqu-sz await svctm %util sda 0.00 152.40 0.00 330.60 0.00 5176.00 15.66 0.19 0.57 0.19 6.24 sda1 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 sda2 0.00 152.40 0.00 330.60 0.00 5176.00 15.66 0.19 0.57 0.19 6.24 sdb 0.00 152.40 0.00 326.20 0.00 5118.40 15.69 19.96 55.36 3.01 98.16 sdb1 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 sdb2 0.00 152.40 0.00 326.20 0.00 5118.40 15.69 19.96 55.36 3.01 98.16 md1 0.00 0.00 0.00 482.80 0.00 5166.40 10.70 0.00 0.00 0.00 0.00 md0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 dm-0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 dm-1 0.00 0.00 0.00 482.80 0.00 5166.40 10.70 30.19 56.92 2.05 99.04 Device: rrqm/s wrqm/s r/s w/s rsec/s wsec/s avgrq-sz avgqu-sz await svctm %util sda 0.00 181.64 0.00 324.55 0.00 5445.11 16.78 0.15 0.45 0.21 6.87 sda1 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 sda2 0.00 181.64 0.00 324.55 0.00 5445.11 16.78 0.15 0.45 0.21 6.87 sdb 0.00 181.84 0.00 328.54 0.00 5493.01 16.72 18.34 61.57 3.01 99.00 sdb1 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 sdb2 0.00 181.84 0.00 328.54 0.00 5493.01 16.72 18.34 61.57 3.01 99.00 md1 0.00 0.00 0.00 506.39 0.00 5477.05 10.82 0.00 0.00 0.00 0.00 md0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 dm-0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 dm-1 0.00 0.00 0.00 506.39 0.00 5477.05 10.82 28.77 62.15 1.96 99.00 And this is completely getting me confused. How come two exactly the same specced drives have such a difference in write speed (see util%)? I haven't really paid attention to those speeds before, so perhaps that something normal -- if someone could confirm I would be really grateful. Otherwise, if someone have seen such behavior again or knows what is causing such behavior I would really appreciate answer. I'll also add that both "smartctl -a" and "hdparm -I" output are exactly the same and are not indicating any hardware problems. The slower drive was changed already two times (to new ones). Also I asked to change the drives with places, and then sda were slower and sdb quicker (so the slow one was the same drive). SATA cables were changed two times already.

    Read the article

  • ssh port forwarding / security risk

    - by jcooper
    Hi there, I want to access a web application running on a web server behind my office firewall from an external machine. We have a bastion host running sshd that is accessible from the Internet. I want to know if this solution is a bad idea: Create an account on the bastion host with shell=/bin/false and no password ('testuser') Create a ssh RSA key on the external machine Add the public RSA key to the testuser's authorized_keys file ssh to the bastion host from the external host using: ssh -N 8888:targethost:80 run my tests from the external host shut down the ssh tunnel I understand that if my RSA private key were compromised then someone could ssh to the bastion host. But are there other reasons this solution is a bad idea? thank you!

    Read the article

  • Router/Security question: Am I hacked?

    - by IVR Avenger
    Hi, all. I've noticed that my home broadband speed seems to be a bit slow in recent days. I noticed, last night, that my Wireless Router had given a DHCP lease to a public IP address with an odd formation; something like 111.10.11.110. Should I consider these warning sings of my ZyXEL router being compromised in some way? Thanks, IVR Avenger

    Read the article

  • General Website Security

    - by Tom
    I pay monthly for a website hosting service that provides me with PHP and FTP support. I can upload my files and create directories and such. Now, I am wondering... If I upload a folder full of images.. or music.. basically personal stuff to my website and name it 'junk1234' can other people find it? Or even search engines? If so, How would I restrict any but those who know the folder name from seeing files in it? Possibly httaccess files? I also have cpanel installed.

    Read the article

  • Software to capture 3d geometry?

    - by user712092
    Programs I found I found these programs to capture OpenGL 3D scene : 3D Ripper, OpenGL and D3D geometry capture, there are some solved problems with 3D Ripper GLIntercept captures OpenGL function calls OpenGL Extractor captures 3d geometry; should work as plugin for GLIntercept another tool to capture OpenGL 3D data EDIT: There is also HijackGL which changes how a scene is rendered so it probably can be used to capture geometry; it is backed up by a academic paper; it is just just a nice program, not related to what I want i think (or it would might be hard to change it to be for what I want, because it would require programming). 3D Ripper captures geometry, textures and shaders. OpenGL Extractor captures just geometry ... General questions about such programs What is Your experience with these programs? Which of these programs would You recommmend? Do You know other such programs? Were there any problems with them, or are there problems with them in general? Are there programs which work best overall, or is it specific to certain 3d applications? What I need to do? I am looking to program which can capture 3d geometry for study purposes. And also for a program to capture 3D animation (frames of 3d animation). I tried only 3D Ripper because application I try to capture data from is on Direct 3D. 3D Ripper works with at least Direct 3D 9, this application has Direct 3D 6. Are there applications which work with older version of Direct 3D? Thank You very much. :) (I was verbose in link names because I want them to be indexed better by search engines.)

    Read the article

  • Best/Preferred software for photography.

    - by chills42
    I am just getting into photography as a hobby, and am looking for some good tools for image uploading/browsing/editing. I am currently using the Canon EOS utility that came with the camera for uploading, Picasa for browsing, and GIMP for editing. Pros: The files are stored using the standard file system (no proprietary library like iPhoto) Great photo editing possibilities Free (except the Canon Utility, but that was bundled) Cons: Multiple programs Hard to view the Exif Data (I like the way that iPhoto displays the data) Over-simplified editing tools in Picasa What other tools should I look into? Also, I occasionally shoot in RAW, and would prefer Mac support (better monitor), but I also have windows and linux machines.

    Read the article

  • File auditing software for Windows Server 2003

    - by David Collantes
    I am looking for a program or program suite that will allow the auditing of network shared resources (specifically storage space), and render reports (who created, deleted, moved, modified files, etc). Yes, I know I can turn on auditing on Windows, but the Event Log isn't quite the "charmer" for the job.

    Read the article

  • Database/Web Server and SQL Server Setup - Security?

    - by Jess
    This seems really basic, but I couldn't find an answer already ... we are looking to deploy a website to an IIS server, and a database to a separate server. We aren't sure how to best secure this for access by internal users and internet. The IIS Server is not connected to the domain, and neither is the database at the moment. Should it be? Also, if we use SQL Server authentication instead of Windows Authentication, should we just hard-code the user/password into our internal apps?

    Read the article

  • Best way to grow Linux software RAID 1 to RAID 10

    - by Hans Malherbe
    mdadm does not seem to support growing an array from level 1 to level 10. I have two disks in RAID 1. I want to add two new disks and convert the array to a four disk RAID 10 array. My current strategy: Make good backup. Create a degraded 4 disk RAID 10 array with two missing disks. rsync the RAID 1 array with the RAID 10 array. fail and remove one disk from the RAID 1 array. Add the available disk to the RAID 10 array and wait for resynch to complete. Destroy the RAID 1 array and add the last disk to the RAID 10 array. The problem is the lack of redundancy at step 5. Is there a better way?

    Read the article

  • What tangible security are gained by blocking all but a few outgoing ports in a firewall

    - by Frankie Dintino
    Our current hardware firewall allows for blocking incoming and outgoing ports. We have two possibilities: Block certain troublesome ports (unsecured smtp, bittorrent, etc.) Block all but a few approved ports (http, https, ssh, imap-ssl, etc.) I see several downsides with option 2. Occasionally web servers are hosted on non-standard ports and we would have to deal with the resulting issues. Also, there is nothing preventing a malicious or unwanted service from being hosted on port 80, for instance. What are are the upsides?

    Read the article

  • Does disabling root login enhance security?

    - by PJ
    I have recently found an argument against disabling a root user login in Linux at http://archives.neohapsis.com/archives/openbsd/2005-03/2878.html I assume that, if everybody uses a public key authentication, there's no risk at losing the root password. Is it always better to disable the root login via ssh?

    Read the article

  • Best way to grow Linux software RAID 1 to RAID 10

    - by Hans Malherbe
    mdadm does not seem to support growing an array from level 1 to level 10. I have two disks in RAID 1. I want to add two new disks and convert the array to a four disk RAID 10 array. My current strategy: Make good backup. Create a degraded 4 disk RAID 10 array with two missing disks. rsync the RAID 1 array with the RAID 10 array. fail and remove one disk from the RAID 1 array. Add the available disk to the RAID 10 array and wait for resynch to complete. Destroy the RAID 1 array and add the last disk to the RAID 10 array. The problem is the lack of redundancy at step 5. Is there a better way?

    Read the article

  • Webserver security, intrusion detection, and file intregrity

    - by enfield
    I would like to add some type of tracking / alerting on some linux webservers running PHP and Apache. In doing searches I have come across a lot of info from 2006-2009. Would like to revisit things and see what others are doing now. The main purpose here is to track when any files are changed and if so alert me somehow. The same goes for IDS and hopefully something that can reside on same server? Since some of these are small scale projects I would prefer opensource/free solutions that are really effective. Although I would still like to hear of other alternatives if someone has the experience and the cost can be justified.

    Read the article

  • Exploratory Question for Security Admins (/etc/passwd + PHP)

    - by JPerkSter
    Hi everyone, I've been seeing a few issues lately on a few of my servers where an account gets hacked via outdated scripts, and the hacker uploads a cPanel / FTP Brute forcing PHP script inside the account. The PHP File reads /etc/passwd to get the usernames, and than uses a passwd.txt file to try and brute force it's way in to 127.0.0.1:2082. I'm trying to think of a way to block this. It doesn't POST anything except "GET /path/phpfile.php", so I can't use mod_security to block this. I've been thinking of maybe changing permissions on /etc/passwd to 600, however I'm unsure how this will result in regards to my users. I was also thinking of rate-limiting localhost connections to :2082, however I'm worried about mod_proxy being affected. Any suggestions?

    Read the article

  • mdadm software RAID doesn't load at boot

    - by martinald
    Hi there, I'm using mdadm to create a raid1 mirror across two disks. I can create my /dev/md5 array perfectly using the tools, but it does not automatically reload my /dev/md5 when I restart, I need to manually recreate the array. Am I missing something obvious here?

    Read the article

  • Security issue on Linux with Netbeans

    - by WebDevHobo
    In order to edit some files in Netbeans, I had to do a chmod 777 on the parent-folder. Reason being that anything else would result in Netbeans not wanting to accept the folder, as it could not be written. Is there an other way to do this besides doing a chmod 777? I'm on Ubuntu 9.10, using Netbeans 6.7.1 And after that, I manually have to give each file the needed rights. There should be an easier way, I just don't know it. EDIT: I am running XAMPP and the files I'm trying to edit are in the htdocs folder. I'm running Netbeans as my local user account, which is how it starts if I have it run from the applications-menu.

    Read the article

  • Paint Shop Pro-like open-source software?

    - by overtherainbow
    I need to add shapes that have been available in Paint Shop Pro since version 7 like curved arrows, etc. I gave Paint.Net and IrfanView a try, but they don't seem to support more sophisticated shapes than straight lines, circles, or rectangles. If this is correct, does someone know of a PSP-equivalent open-source solution for Windows? Thank you.

    Read the article

< Previous Page | 38 39 40 41 42 43 44 45 46 47 48 49  | Next Page >