Search Results

Search found 14878 results on 596 pages for 'mod security'.

Page 428/596 | < Previous Page | 424 425 426 427 428 429 430 431 432 433 434 435 | Next Page >

PuTTY automatically supply password

- by Kyle Cronin

I have a situation where I need to have PuTTY (or another SSH client for Windows) automatically log into another machine via SSH. I realize that this isn't a good idea security-wise, but unfortunately I'm constrained by the limitations both on the client and the server. The best solution would be to have a shortcut or script on the desktop that, when double clicked, will connect to the server and automatically log in. Can I do this with PuTTY? I am willing to explore public key authentication, but I'm not sure where the PuTTY key resides or how to copy it to the server, as the app starts automatically upon login.

Read the article
Does admin=true and root has the same privileges on AIX?

- by Boaz Tirosh

Does a user in /etc/security/user with the parameter admin set to true (admin = true) has the same privileges as the root user? According to IBM (full information here): admin Defines the administrative status of the user. Possible values are: true The user is an administrator. Only the root user can change the attributes of users defined as administrators. false The user is not an administrator. This is the default value. Is there another type of user, or are admin and root the same?

Read the article
After setting ulimit to unlimited, I am not able to login to machine

- by user419534

In one of requirment, I had to set ulimit on one of my machine to unlimited. For this I changed following in /etc/security/limits.conf as below # End of file oracle soft nofile unlimited oracle hard nofile unlimited oracle soft nproc 131072 oracle hard nproc 131072 oracle soft core unlimited oracle hard core unlimited oracle soft memlock 50000000 oracle hard memlock 50000000 * soft nofile unlimited * hard nofile unlimited and changed /etc/profile if [ $USER = "oracle" ]; then if [ $SHELL = "/bin/ksh" ]; then ulimit -p unlimited ulimit -n unlimited else ulimit -u unlimited -n unlimited fi fi I logged out. I am not able to connect ot machine at all. could you please someone help on this.

Read the article
Is it necessary to have firewalls rules between trusted nodes communicating on their backend interfaces?

- by Tom

I have 6 nodes that have internet access on eth1 and private access to one another on eth0. Currently I have firewall rules for eth0, for things like memcached and NFS. Is this necessary? It's a real headache as NFS for example communicates on loads of different ports, and I recently introduced glusterfs which needs more still. Is the headache of figuring out what backend ports to unblock worth the security enhancement? I should mention that I will of course still have a firewall rule on eth0 to block servers owned by others in the same datacenter. Thanks

Read the article
Hooking domain to home server with port

- by user1071461

Alright, I'm asking two things here. First of all, if i purchase a domain let's say myhomeserver.com, am I able to make the default port go through a different port instead of the default port 80? (that is without having to do myhomeserver.com:5000 for example). Also this should be without blocking other ports (so no stealth forwarding to myhomeserver.com:5000 i think) Secondly, How could I go about hooking a domain to a windows 2008 server? I've seen it on linux but no clue how to do it on windows if it's even possible. I know I'm asking a lot here, just some tips are appereciated. Also, yes I know, using a home server is horrible for security and preformance and whatnot, I understand this already, thanks ^^

Read the article
Servlet file not running in IE9

- by Dean

We are having an issue with a third party application running in IE9 which I don't believe is application specific but browser/security related. Essentially when someone is trying to add a note to a task in the application the application wants to run an "addtasks.do" file which IE9 promptly pops up a "What program do you want use to run this?" dialog. (I believe a .do file is a Java servlet) In Chrome carrying out the same action results in the note being added successfully. Does anyone have any idea why IE9 won't run it and how we can address the issue?

Read the article
create symlink to another machine

- by microchasm

Hi, I have 2 machines. Both running CentOS. Box1 is webserver with apache, php. Box2 is mysql, and file storage. The files will only be accessible from Box1 within the webapp. I'd like to somehow create a symlink or somesuch on box1 to a folder on box2 where uploaded files can be stored and retrieved. Security in mind, what would be the best way to go about linking these 2 boxes up in a transparent (to apache) way? NB: the boxes are connected directly to each other via a crossover cable; no lan access to box2. Much thanks!

Read the article
Amazon EC2 Socket connection not being accepted

- by Joseph

I am trying to run a java application on my EC2 instance. The application accepts socket connections on port 54321. If I try and connect to it, it times out. My Security Group is set as: TCP Port (Service) Source Action 21 0.0.0.0/0 Delete 22 (SSH) 0.0.0.0/0 Delete 80 (HTTP) 0.0.0.0/0 Delete 20393 0.0.0.0/0 Delete 54321 0.0.0.0/0 Delete Is there anything else I need to do? # iptables -nvL Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination # iptables -nvL -t nat Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination #

Read the article
Routing between two networks on linux?

- by gGololicic

I got stuck with one problem I cant find solution. I have linux pc with two NIC. first nic (eth1) is connected to public ip (probably switch or whatever, doesnt really mater) so eth1 is connected to wan and another eth0 that I connected to switch and make it a lan nic. configuration: eth1 ip address 88.200.1xx.xxx //xxx's are cuz of security reasons eth0 ip address 192.168.1.1 wan ------ [eth1 (linux PC) eth0]<----[switch]<---- [eth1 (PC1)] Now I want to connect this two networks, so PC1 can access linux PC and wan. I think I know how to do it but I cant confiugre it right. This is what I tried: I turend on ip forwarding (for sure) I set eth1 default gw to the right ip on the wan I tried to set eth0 default gw to the same ip (but i couldnt) What or how can I do this, I was trying with linux route command, but I got stuck. Please help.

Read the article
Would there be any problems with DEP turned off?

- by IneedHelp

I recently moved to a fresh Windows 8 x64 system and I learned that my favourite firewall (JPF - Jetico Personal Firewall) doesn't get along with Win8x64 (CRITICAL_STRUCTURE_CORRUPTION errors), but I can not do without JPF, so I kind of tried everything I could think of (test mode, debugging, various system changes), but I was still getting blue screens because of the firewall driver/software. I know for sure that it is the firewall that is causing the problems because I get blue screens as soon as I install it and they stop when I uninstall it. I Also tested it thoroughly on virtual computers. Anyway, I have discovered that by completely turning DEP off by using this command: bcdedit.exe /set {current} nx AlwaysOff the firewall would not cause blue screens anymore. So my question is, what could go wrong with DEP completely turned off? Note: I do not care much about hardware/windows security, I keep myself secured by using sandboxes and virtual computers (and I also have backups), so I'm not concerned with viruses and root kits or whatever people are freaking out about.

Read the article
Duplicating keepass files instead of creating a new file

- by BlakBat

I'm currently using KeePass 2 and syncing them via dropbox. I have a few KeePass files (one for websites, one to store software licenses, etc...) Every time I need a new KeePass file, I just create a copy of the kbdx file, open it, remove all existing entries, change the key transformation rounds to another pseudo-random value. I do not change the master password. I want to know if this was unsafe practice, or was a security risk, compared to just creating a new KeePass file via the "File-New" menu. The reason I don't use the menu: i'm lazy enough to not want to reconfigure "database settings" every time.

Read the article
Which TCP ports to use?

- by rowatt

Is there a TCP port range which I can be sure will not be used by anything else for traffic between two machines? If I am reading RFC6335 correctly, I can be sure that no other applications will use specific ports in the Dynamic/Private/Ephemeral range of 49152-65535. However, if I understand correctly, it also states (section 8.1.2) that an application shouldn't assume that any given port in that range is available at any given time, which would mean I can't be 100% sure that it will be unused all the time. Specifically, I want to assign specific SSH traffic to a different port for the security benefit and so I can classify it differently for QoS purposes, and not have to worry about changing the port in the future.

Read the article
Software/internet

- by Yiannis

Hi guys, i am using XP SP2, and everything where working fine. Somehow i can go to some web pages, but i cant login to them, for example www.buzzerbeater.com, i cant access my hotmail/msn, outlook doesnt work either, also www.realgm.com, i cant access the forums too. I have tried with IE7/Firefox/Chrome, but same result. I was using avast free edition that i removed, and i dont have any other security software installed. My laptop from the same network works perfectly. Any ideas?

Read the article
Share folder with active directory group permissions

- by Hihui

I have a Debian as a member of our AD (which is a 2k3). I want to share 2 folders from our Debian. 1 with full access for everyone, the second only readable by group "ADM", and "PROD". Part of smb.conf: [global] workgroup = MYDOMAIN realm = MYDOMAIN.LOCAL netbios name = SERV-FTP wins server = "IP serv 2k3" security = domain [JUKEBOX] // full access path = /media/JUKEBOX/JUKEBOX comment = sharing writable = yes browsable = yes public = yes read only = no valid users = @ASYLUM\prod_std admin users = @ASYLUM\ADM [SOFTWARE] comment = Software path = /media/JUKEBOX/SOFTWARE valid users = @ASYLUM\prod_adv, @ASYLUM\ADM writable = yes read only = no My log : [2013/10/25 09:24:37.316643, 0] smbd/service.c:1055(make_connection_snum) canonicalize_connect_path failed for service SOFTWARE, path /media/JUKEBOX/SOFTWARE And, from my Windows's client, if i want to access on that folder : Windows can't access to \serv-ftp\software Where is the problem ... ? Thx !

Read the article
Forced to use Outlook Web Access, what are my options?

- by joon

My company just enforced an OWA update and disabled IMAP and POP3 access. I don't want to use the webmail, do I have any options? Forwarding is also disabled. I also don't look forward to installing thunderbird or anything else, which is what colleagues are doing. I'd be interested in running some sort of automation script that either forwards the emails, or notifies me somehow that there has been some activity. Disclaimer: This does not concern any illegal activity, as I work at a school. They are not explicitly preventing me from circumventing their bogus security imposition and have given me permission to do so, 'if I can find a way'. Which of course makes me want to do it even more.

Read the article
WAN and LAN setup for IPv6

- by neu242

We just got a IPv6 /48 range (a gateway and an IP address) for our company, but I'm unsure about how to set it up. We use FreeBSD 8.4 (pfSense 2.1) as a router/firewall. Currently we have IPv4 setup with a WAN towards the internet, and a NAT-ed LAN behind it for office PCs. We want to keep the LAN network for security, and we want IPv6 addresses from the /48 for all office PCs (without NAT). The WAN is configured with the IPv6 gateway 1111:2222:3333::1/48 and interface address 1111:2222:3333::2/48. But when it's configured this way, I guess it's impossible to fit the LAN on a /64 within the /48? I believe I should configure the WAN subnet on 1111:2222:3333:1::/64 and the LAN on a subnet like 1111:2222:3333:2::/64. Is this something I can configure myself, or do I have to ask the ISP to configure that routing for me?

Read the article
Help with Corrupt version of IE8 on WinXPsp3

- by Anon

I've upgrade from IE6 to 7 to 8 and back down and back up, but still have critical issues in IE such as * cannot see any version info in "about internet explorer" * cannot run windows update * cannot load SharePoint pages (and other pages using ActiveX or IE-specific dhtml) I've also re-installed sp3, but still no luck. Also, also - I've changed security settings to be most permissive. Next step is blowing it all away and starting with windows7. Short of that, any suggestions are welcome. Thanks in advance.

Read the article
What would prevent a .BAT file from being run on a mapped drive?

- by JBurace

In WinXP SP3, I have a .BAT file on a mapped drive. When I try to run this .BAT file (or even right click-edit) it gives me: --------------------------- Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item. --------------------------- OK --------------------------- This happens with any .BAT file, no matter what is within the file. If the file is on my local computer (like C:) it will run just fine. If someone else runs it from another computer (on the same mapped drive), it runs just fine. I have full permissions on the drive; I can edit/delete/save/write/create in that folder and/or .BAT file and I've ruled out permissions being the issue. It seems like a security prevention, but I can't tell what it would be. It would have to be something on my PC, but I don't use any 3rd party software. What would cause this error?

Read the article
IIS7.5 Domain Account Application Pool Identity for SQL Server Authentication

- by user38652

In Windows Server 2003/IIS6 land we typically create an app pool that runs as the identity of an AD account created with minimal privileges simply for that purpose. This same domain user would also be granted access to SQL Server so that any ASP.NET application in that app pool would be able to connect to SQL Server with Integrated Security=SSPI. We are making a brave move to the world of Windows Server 2008 R2/IIS7.5 and are looking to replicate this model, but I am struggling with how to make the application pool in IIS7.5 run as the identity of an AD account? I know this sounds simple and hopefully it is, but my attempts so far have been fruitless. Should the application pool identity be a 'Custom account' for a domain account? Does the domain account need to be added to any groups?

Read the article
VPN pre-shared key problems

- by Owl

I have two vpns set up on a Symantec Gateway Security 320. VPN 1 goes to a Symantec Firewall/VPN 100 to another clinic of ours and every hour they lose connectivity and the error log on the Firewall/VPN100 shows an invalid pre-shared key error, although, both devices show the same pre-shared key entered. VPN 2 goes to our software vendor to use an additional part of our program. I am unable to ping the remote address and so is the other company, but my VPN status shows it is connected. They have told me the pre-shared key seemed to be automatically trying to resubmit itself as if it were incorrect, about every hour even though it is correct. They also told me port80 traffic was closed but I show the HTTP service using 80 redirected to 80 in my firewall settings. Please help.

Read the article
Apache Key: Which is it using?

- by quindraco

I'm running an Apache server on Ubuntu. When I restart it, it asks me for a pass phrase; here's what the dialog looks like: Apache/2.2.16 mod_ssl/2.2.16 (Pass Phrase Dialog) Some of your private key files are encrypted for security reasons. In order to read them you have to provide the pass phrases. Server 127.0.0.1:443 (RSA) Enter pass phrase: I've already worked out how to remove the pass phrase from the key file in question, but I can't find any information anywhere on how to determine which key file Apache is complaining about in the above dialog. I have dozens of key files on the server in question, although I don't know which ones are in active use (all I did is 'locate .pem' and ignore the false positives). Does anyone know how to track down which pem file I need to remove the passphrase from?

Read the article
Sharepoint 2007 reset permission inheritance

- by e-mre

I have this SharePoint 2007 document library which has several levels of folders and files. Some folders in the middle of the hierarchy do not inherit permissions from their parents and have their unique permissions defined. It is a huge library and there are many folders like this. I am currently changing the permission model of my library and I want to reset all those unique permissions and have all of them inherit permissions from the library root. (Something like "Replace child object permissions" checkbox available in windows files system security window) If this is not possible, seeing a list of folders that have their unique permissions defined would also do.

Read the article
Why do mapped drives only reappear after logging out and back in, and not after a reboot?

- by razumny

I work in a corporate environment, where we use mostly Windows 7 Professional computers, though some legacy applications are still being run on Windows XP. We have security in place on the network not to allow access to network resources to computers that are not members of Active Directory. When logging in, our users get their home folder and a common network drive mapped to H: and F:, respectively. Sometimes, this does not happen, and the drives are not mapped. The solution is to have the user log off, and back in to Windows. If they reboot, the drives remain unmapped. Does anyone know why this may be?

Read the article
Is looking for Wi-Fi access points purely passive?

- by Aric TenEyck

Say I carry a Wi-Fi enabled phone or laptop through an area where there are WAPs. Assuming that I don't actively try to connect to them or otherwise interact with them, is it possible for the owner of that WAP to know that I was there? I'm asking this in the context of my earlier question: Looking for MACs on the network I was talking with a friend about my newfound ability to detect phones (and other devices with MAC addresses) on the network, and he pointed out that it might be useful to detect unknown phones on the network; I could use that data to track down anyone who was in my house and brought a Wi-Fi phone with them. So, if I set up a logging fake WAP with no security or encryption, can I glean any useful information about the devices that come into the house? Assuming that the thief doesn't actively try to connect...

Read the article
Gmail/Facebook/Hotmail not opening in Firefox/IE on Windows 7 Home

- by singlepoint

Hi, I am unable to open Gmail/Facebook/Hotmail on Firefox/IE on Widows 7 Home. I just unboxed a brand new hp laptop with Norton Security Suite running inside. I get following error message on Firefox. Please help. The connection has timed out The server at www.google.com is taking too long to respond. * The site could be temporarily unavailable or too busy. Try again in a few moments. * If you are unable to load any pages, check your computer's network connection. * If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web

Read the article

< Previous Page | 424 425 426 427 428 429 430 431 432 433 434 435 | Next Page >