Search Results

Search found 18808 results on 753 pages for 'security updates'.

Page 449/753 | < Previous Page | 445 446 447 448 449 450 451 452 453 454 455 456 | Next Page >

MySQL open files limit

- by Brian

This question is similar to set open_files_limit, but there was no good answer. I need to increase my table_open_cache, but first I need to increase the open_files_limit. I set the option in /etc/mysql/my.cnf: open-files-limit = 8192 This worked fine in my previous install (Ubuntu 8.04), but now in Ubuntu 10.04, when I start the server up, open_files_limit is reported to be 1710. That seems like a pretty random number for the limit to be clipped to. Anyway, I tried getting around it by adding a line like this in /etc/security/limits.conf: mysql hard nofile 8192 I also tried adding this to the pre-start script in mysql's upstart config (/etc/init/mysql.conf): ulimit -n 8192 Obviously neither of those things worked. So where is the hoop that has been added between Ubuntu 8.04 and 10.04 through which I must jump in order to actually increase the open files limit?

Read the article
Real time mirroring between two sql server databases

- by Matt Thrower

Hi, I'm a c# programmer, not a DBA and I've had the (mis)fortune to be handed a database admin task. So please bear this in mind when answering this question. What I've been asked to do is to create a real time two-way mirror between two databases with a 10 Megabit connection between them. So when either changes it updates the other. This is not a standard data mirroring/failover task where one DB is the master and the other is a backup - both are live and each needs to instantly reflect changes made to the other. In my head this sounds like a tall order, one which may even be impossible - after all in a rapidly changing environment with lots of users this is going to be massively resource intensive and create locks and queues of jobs all over the place. Is it possible? If so, can anyone either give me some basic instructions and/or point me at some places to start my reading and research? Cheers, Matt

Read the article
Port Forwarding for Remote Desktop

- by Vaibhav Bajpai

I have two Mac notebooks at home, I have assigned them static private IPs. I have also set my router to a DynDNS address, which updates everytime my router gets a new public IP. I have enabled Screen Sharing on both notebooks. I can successfully goto my router webpage using the DynDNS address. I understand I need to port-forward to get Screen Sharing to work from outside. Lets assume, notebooks have private IP 192.168.1.2 and 192.168.1.3 I am kind of lost here, would appreciate some help (I need to be able remote desktop to both notebooks)

Read the article
sudoer scheme for a web developer that retains future control of a server?

- by Tchalvak

Background I have a server that I'm looking to set up, and provide access to another web developer. I don't want to put many constraints on him, though I wouldn't mind isolating the site that he'll be developing from others on the server that I will develop. The problem Mainly what I want is to make sure that I retain control over the server in the future. I want to reserve the ability to create/promote/demote and other administrative functions that don't deal with web software. If I make him an admin, he can sudo su - and become root and remove root control from me, for example. What is a good setup for the sudoers file so that he can do things like: *install software (through apt-get) restart apache access mysql configure mysql/apache reboot edit web development configuration type files in /etc * And can't do things like: take away other admin permissions change the root password have control over other security/administrative functions Example sudoer files that accomplish something like that could be useful, I'm sure that people have needed to do this before.

Read the article
EBS+RAID10+XFS slower than EBS+RAID10+EXT3 using MySQL?

- by Johann Tagle

We're currently using EC2 with 16 EBS volumes in RAID10 configuration for our MySQL data. I know some people don't recommend to put EBS volumes to RAID but that's not what I'm concerned about at the moment. Current format is ext3, but we're experimenting with moving to xfs, given many reports that it is faster. However, we're actually experiencing a performance degradation when the partition was converted to xfs - a benchmark run with inserts, updates, selects and deletes was more than 10 seconds slower using xfs. Any idea what could be the problem? Below is the fstab entry (really only changed ext3 to xfs). Database tables are innodb and we are using innodb_file_per_table. /dev/mapper/vg_data-lv_data /data xfs noatime 0 0 Thanks.

Read the article
Laptop connected to external monitor results in desktop overflow

- by Andrew Fox

I have a laptop (MSi FX600) connected to an external monitor (Toshiba 19AV500U) with the screen resolution set to the monitors recommended setting of 1440x900. The problem is the desktop is overflowing the display, meaning all edges of the desktop are cut off, so I cannot see the close, minimize buttons on the top and I only see half of the taskbar at the bottom. I have tried many different resolutions but none of them solve the problem. I have had this same problem when connecting to other external monitors in the past, but not all of them, it seems to be fairly random. I have tried to find a way to manually adjust the resolution but I cannot see a way to do this in my settings. All windows updates are up to date, I am connecting through an HDMI cable and I have it set to display only on the external monitor and not extended desktop.

Read the article
windows service log on as user a/c on different PC on same workgroup

- by maruti

trying to run a service (logon as admin@PC2) from PC1, when both are in work-group fails. why could this happen? OS is win-2003 and please let me know if any windows remote services have to be turned on or firewall configuration? does having PC's on same workgroup help? let me clarify the question: I am unable to see other computers from "Services Logon Tab select User" Object types available are only "users, built in security principals" Location is only local computer. But this is available from mmc console..add snap in how can this be available on services control panel?

Read the article
Visible Keylogger (ie not evil)

- by Ben Haley

I want keylogging software on my laptop for lifelogging purposes. But the software I can find is targeted towards stealth activity. Can anyone recommend a keylogging software targeted towards personal backup. Ideal Functionality Runs publicly (like in the task bar). Easy to turn off (via keyboard shortcut is best... at least via button click) Encrypted log Fast Free Cross platform ( windows at least ) The best I have found is pykeylogger which does not attempt to be stealthy, but does not attempt to be visible either. I want a keylogger focused on transparency, speed, and security so I can safely record myself. *note: Christian has a similar question with a different emphasis

Read the article
Using mod_wsgi with mpm_itk: socket permission issue

- by djechelon

I'm using mod_itk as MPM for increased security in shared environment. I also have a Firefox Sync Server within one of the VHosts I host. That vhost is restricted to a certain user via AssignUserId user group. The problem is that the socket /var/run/wsgi...whatever.sock is chmodded srwx------ and owned by Apache's wwwrun. While I configured the vhost with WSGIProcessGroup sync WSGIDaemonProcess sync user=djechelon group=djechelon processes=1 threads=5 I still get the error that Apache wants to access a socket that is not accessible and because of this gets an error. Is it possible to configure mod_wsgi in order to create different sockets with different owners for different applications or to chmod its socket in a different way (less secure)? Currently, I'm running Firefox Sync as the only WSGI application. Moving it to a vhost that doesn't AssignUserId could solve this problem but will force me to change URL (and buy an additional SSL certificate), so I wouldn't consider this

Read the article
How to make iTunes download all podcast episodes irrespective of listened/not

- by user15660

I am a big iPod user (especially podcasts). I have used iPod touch, iPod classic and iPod nano. I noticed that iTunes stops downloading podcasts that you no longer listen to and stops downloading them. Is there a way to force iTunes to download all episodes of podcasts irrespective of whether you listen to them or not? I am not interested in just clicking a episode to make iTunes think that I'm listening. I need some kind of programmatic work around or batch script that runs and updates all podcasts/episodes automatically.

Read the article
Win8 Change A Password

- by Thomas

I have a non-domain machine that I use with our company's domain resources regularly. I upgraded to Windows 8, and the "Change a password" option went away from the Ctrl-Alt-Del window. Can't seem to google anything about this subject, or find a way to access that password change dialog. I tried running the .reg file from http://www.sevenforums.com/tutorials/63014-ctrl-alt-del-screen-add-remove-change-password.html with no luck. I also tried to Disable "Remove Change Password" via gpedit.msc. I could do it from my domain laptop, but I like to do it on this machine because it updates all my saved copies of those credentials. My local account is tied to my hotmail account if that matters.

Read the article
A black screen with only the mouse cursor while booting

- by akb.zak

Once i tried to re-install Windows 7. I formatted C drive, during installation system was hanged during the step "installing updates". then i cancelled the process. When i tried again, after booting from CD a black screen with a mouse pointer appears. No further progress. The mouse pointer can be moved. I tried with some other disks also. I tried with installing ubuntu also. Even though similar condition.plz help........... I cannot install an OS

Read the article
Invalid operation dist-ugprade

- by drdarwin

i'm running Apache 2 on Debian at my VPS. Naturally i have problem with restricted GD-library of my php package and i need to fix it (i need imagerotate() function). Before installing php-gd pugin it's necessary to update php 5.2 to php 5.3 my /etc/apt/sources.list is: #deb http://ftp.ru.debian.org/debian/ lenny main contrib non-free #deb http://security.debian.org lenny/updates main contrib non-free #deb http://ftp.ru.debian.org/debian lenny main #deb-src http://volatile.debian.org/debian-volatile lenny/volatile main contrib deb http://packages.dotdeb.org stable all deb-src http://packages.dotdeb.org stable all The problem comes after apt-get dist-ugprade executing: /$ apt-get update Hit http://packages.dotdeb.org stable Release.gpg Hit http://packages.dotdeb.org stable Release Ign http://packages.dotdeb.org stable/all Packages/DiffIndex Ign http://packages.dotdeb.org stable/all Sources/DiffIndex Hit http://packages.dotdeb.org stable/all Packages Hit http://packages.dotdeb.org stable/all Sources Reading package lists... /$ apt-get dist-ugprade E: Invalid operation dist-ugprade What can cause this problem? How much should i wait while Reading package lists...? Is there any simple guideline for further php-gd installation?

Read the article
windows firewall and network location switch after establishing a vpn connection

- by Konrads

I am looking for a reasonable solution for network location switching after VPN connection is established for Windows 7. The scenario is as follows: For location public (employee plugging in his laptop in hotel, public wi-fi,etc) all inbound connections are restricted, only outbound VPN + www is enabled. Employee then initiates a VPN connection, VPN pushes routes to 10.0.0.0/8 subnet Now I would like to have lax security rules for traffic from/to 10.0.0.0/8 that comes through the VPN interface, while still protecting the laptop from traffic that comes via uplink interface as if it was private. How to achieve this switching and duality? One option I see is switching to IPSec...

Read the article
data replication from a production web server back to the staging web server

- by Dennis Smith

Have two web servers, development/staging and production. Code and some documentation is moved from the staging area to production either through on-demand jobs or nightly via a global replication job. The production server of course sits isolated in a DMZ. There is some content that gets uploaded to the live server that needs to be replicated back to staging. Our security team is locking the network down (and they should) and restricting access to the live server. Best suggestions for replication of "live" data back to "stage" and backing up the live server also.

Read the article
How Do I Disable URL Pre-Pending in the FireFox 3 Title Bar When Opeing A New Window With JavaScript

- by N Rahl

For (understandable) security reasons, Firefox does not allow JavaScript to open a new window without the address/location bar AND without pre-pending the page's URL to the title in the title bar. For example, when you set: <title>My Site</title> in the header, and open the page using location=no FireFox changes the header to read: http://www.mysite.com - My Site - Mozilla Firefox. I would like it to simply say: My Site Everything I've read suggests this behaviour can't be altered with scripting, and as such, this is not a scripting question. What I would like to know is, which setting(s) can I change in the browser itself to disable URL pre-pending to the title of new windows? This is for a company Intranet, and I control all of the computers/browsers that connect to the application.

Read the article
Apache 2.4.2 with PHP 5.4.4 crashes as soon as phpinfo() script is opened

- by Gremo

As soon as i open a phpinfo() script called version.php apache stops working. Here is the error.log file. My configuration (my local development machine): Windows 7 Home Premium x64 SP1 with latest updates Apache 2.4.2 win32 from Apache Lounge PHP 5.4.4 VC9 x86 TS from PHP For Windows php5apache2_4.dll (PHP 5.4.4) taken from Apache Lounge php5apache2_4.dll-php-5.4-win32.zip PATH environment variable is PATH=C:\WAMP\Apache\bin;C:\WAMP\PHP and installation folders (unzipping) are: C:/WAMP/Apache C:/WAMP/PHP Microsoft Visual C++ 2010 SP1 x86/x64 installed and updated. So everything looks fine to me. PHP integration in httpd.conf is: # Integrazione PHP LoadModule php5_module "C:/WAMP/PHP/php5apache2_4.dll" PhpIniDir "C:/WAMP/PHP" AddType application/x-httpd-php .php <IfModule dir_module> DirectoryIndex index.html index.php </IfModule>

Read the article
help setting up an IPSEC vpn from my linux box

- by robthewolf

I have an office with a router and a remote server (Linux - Ubuntu 10.10). Both locations need to connect to a data supplier through a VPN. The VPN is an IPSEC gateway. I was able to configure my Linksys rv42 router to create a VPN connection successfully and now I need to do the same for Linux server. I have been messing around with this for too long. First I tried OpenVPN, but that is SSL and not IPSEC. Then I tried Shrew. I think I have the settings correct but I haven't been able to create the connection. It maybe that I have to use something else like a direct IPSEC config or something like that. If someone knows of a way to turn the following settings that I have been given below into a working IPSEC VPN connection I would be very grateful. Here are the settings I was given that must be used to connect to my supplier: Local destination network: 192.168.4.0/24 Local destination hosts: 192.168.4.100 Remote destination network: 192.167.40.0/24 Remote destination hosts: 192.168.40.27 VPN peering point: xxx.xxx.xxx.xxx Then they have given me the following details: IPSEC/ISAKMP Phase 1 Parameters: Authentication method: pre shared secret Diffie Hellman group: group 2 Encryption Algorithm: 3DES Lifetime in seconds:28800 Phase 2 parameters: IPSEC security: ESP Encryption algortims: 3DES Authentication algorithms: MD5 lifetime in seconds: 28800 pfs: disabled Here are the settings from my attempt to use shrew: n:version:2 n:network-ike-port:500 n:network-mtu-size:1380 n:client-addr-auto:0 n:network-frag-size:540 n:network-dpd-enable:1 n:network-notify-enable:1 n:client-banner-enable:1 n:client-dns-used:1 b:auth-mutual-psk:YjJzN2QzdDhyN2EyZDNpNG42ZzQ= n:phase1-dhgroup:2 n:phase1-keylen:0 n:phase1-life-secs:28800 n:phase1-life-kbytes:0 n:vendor-chkpt-enable:0 n:phase2-keylen:0 n:phase2-pfsgroup:-1 n:phase2-life-secs:28800 n:phase2-life-kbytes:0 n:policy-nailed:0 n:policy-list-auto:1 n:client-dns-auto:1 n:network-natt-port:4500 n:network-natt-rate:15 s:client-dns-addr:0.0.0.0 s:client-dns-suffix: s:network-host:xxx.xxx.xxx.xxx s:client-auto-mode:pull s:client-iface:virtual s:client-ip-addr:192.168.4.0 s:client-ip-mask:255.255.255.0 s:network-natt-mode:enable s:network-frag-mode:disable s:auth-method:mutual-psk s:ident-client-type:address s:ident-client-data:192.168.4.0 s:ident-server-type:address s:ident-server-data:192.168.40.0 s:phase1-exchange:aggressive s:phase1-cipher:3des s:phase1-hash:md5 s:phase2-transform:3des s:phase2-hmac:md5 s:ipcomp-transform:disabled Finally here is the debug output from the shrew log: 10/12/22 17:22:18 ii : ipc client process thread begin ... 10/12/22 17:22:18 < A : peer config add message 10/12/22 17:22:18 DB : peer added ( obj count = 1 ) 10/12/22 17:22:18 ii : local address 217.xxx.xxx.xxx selected for peer 10/12/22 17:22:18 DB : tunnel added ( obj count = 1 ) 10/12/22 17:22:18 < A : proposal config message 10/12/22 17:22:18 < A : proposal config message 10/12/22 17:22:18 < A : client config message 10/12/22 17:22:18 < A : local id '192.168.4.0' message 10/12/22 17:22:18 < A : remote id '192.168.40.0' message 10/12/22 17:22:18 < A : preshared key message 10/12/22 17:22:18 < A : peer tunnel enable message 10/12/22 17:22:18 DB : new phase1 ( ISAKMP initiator ) 10/12/22 17:22:18 DB : exchange type is aggressive 10/12/22 17:22:18 DB : 217.xxx.xxx.xxx:500 <- 206.xxx.xxx.xxx:500 10/12/22 17:22:18 DB : c1a8b31ac860995d:0000000000000000 10/12/22 17:22:18 DB : phase1 added ( obj count = 1 ) 10/12/22 17:22:18 : security association payload 10/12/22 17:22:18 : - proposal #1 payload 10/12/22 17:22:18 : -- transform #1 payload 10/12/22 17:22:18 : key exchange payload 10/12/22 17:22:18 : nonce payload 10/12/22 17:22:18 : identification payload 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local supports nat-t ( draft v00 ) 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local supports nat-t ( draft v01 ) 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local supports nat-t ( draft v02 ) 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local supports nat-t ( draft v03 ) 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local supports nat-t ( rfc ) 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local supports DPDv1 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local is SHREW SOFT compatible 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local is NETSCREEN compatible 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local is SIDEWINDER compatible 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local is CISCO UNITY compatible 10/12/22 17:22:18 = : cookies c1a8b31ac860995d:0000000000000000 10/12/22 17:22:18 = : message 00000000 10/12/22 17:22:18 - : send IKE packet 217.xxx.xxx.xxx:500 - 206.xxx.xxx.xxx:500 ( 484 bytes ) 10/12/22 17:22:18 DB : phase1 resend event scheduled ( ref count = 2 ) 10/12/22 17:22:18 ii : opened tap device tap0 10/12/22 17:22:28 - : resend 1 phase1 packet(s) 217.xxx.xxx.xxx:500 - 206.xxx.xxx.xxx:500 10/12/22 17:22:38 - : resend 1 phase1 packet(s) 217.xxx.xxx.xxx:500 - 206.xxx.xxx.xxx:500 10/12/22 17:22:48 - : resend 1 phase1 packet(s) 217.xxx.xxx.xxx:500 - 206.xxx.xxx.xxx:500 10/12/22 17:22:58 ii : resend limit exceeded for phase1 exchange 10/12/22 17:22:58 ii : phase1 removal before expire time 10/12/22 17:22:58 DB : phase1 deleted ( obj count = 0 ) 10/12/22 17:22:58 ii : closed tap device tap0 10/12/22 17:22:58 DB : tunnel stats event canceled ( ref count = 1 ) 10/12/22 17:22:58 DB : removing tunnel config references 10/12/22 17:22:58 DB : removing tunnel phase2 references 10/12/22 17:22:58 DB : removing tunnel phase1 references 10/12/22 17:22:58 DB : tunnel deleted ( obj count = 0 ) 10/12/22 17:22:58 DB : removing all peer tunnel refrences 10/12/22 17:22:58 DB : peer deleted ( obj count = 0 ) 10/12/22 17:22:58 ii : ipc client process thread exit ...

Read the article
Dell Inspiron/Windows Vista sleep/hibernate issue

- by sarge

When I hit the sleep button in Windows the computer looks like it's going into Sleep mode but a few seconds later it's restarted, and stops with this error message: internal hard disk drive not found To resolve this issue, try to reseat the drive. No bootable devices--strike F1 to retry boot, F2 for setup utility Press F5 to run onboard diagnostics. The computer is running Windows Vista (SP2) and I have installed all available Windows Updates and the latest manufacturer drivers. I have already tried to reseated the drive, ran the onboard diagnostics and there were no errors. I have changed the power settings for all devices where it's available so that they are not allowed to wake up the computer. Any ideas?

Read the article
Is there a command line two-factor authentication verification code generator?

- by dan

I manage a server with two-factor authentication. I have to use the Google Authenticator iPhone app to get the 6-digit verification code to enter after entering the normal server password. The setup is described here: http://www.mnxsolutions.com/security/two-factor-ssh-with-google-authenticator.html I would like a way to get the verification code using just my laptop and not from my iphone. There must be a way to seed a command line app that generates these verification codes and gives you the code for the current 30-second window. Is there a program that can do this?

Read the article
Group policy applied to AD OU attributes

- by Eric Smith

I'm not well-versed in AD, so would like to resolve a question I have with regards to AD information. I understand that it is possible to apply group policy to OU's, thereby restricting access. What I'd like to know is, is it possible to do the same with OU attributes. Some context would help. There's a requirement to store address information in AD (IMO, a natural fit), but for various reasons, although obviously things like name should be globally accessible, access restrictions are desired on the address. In this case, is it possible to apply security to the address portion of the OU attributes, or does each address have to be broken into a separate OU (a solution that feels smelly given that address doesn't have identity)?

Read the article
cannot connect to MS FTP 7.5 on Windows 2008 on Amazon EC2 instance

- by minerj

I have just installed the MS FTP 7.5 upgrade on my Windows 2008 Server (Service Pack 2) running on an Amazon EC2 instance. In the FTP Firewall Support settings for the server in IIS Manager I have set up the passive port range 45001 - 45005 and also set the External Firewall IP address to match the assigned Amazon Elastic IP address. Using the AWS Console I changed the Security Group for the server to allow access to the server through ports 21 and 45001 through 45005. Using an FTP client (either the command line FTP client or Windows Explorer) on the Amazon server I can connect to the FTP server but I cannot connect with an external FTP client. When I checked to see which ports were open on the server using Shields Up it shows that port 21 is open but ports 45001 to 45005 are closed. I assume I'm missing something. Any help greatly appreciated.

Read the article
debian - running unattended-upgrades on a particular day of the week

- by dastra

We're running unattended-upgrades on debian squeeze, and would like it to run once a week, only on a Wednesday morning. To attempt this, we have set: APT::Periodic::Unattended-Upgrade "7" in /etc/apt/apt.conf.d/50unattended-upgrades And then touched the /var/lib/apt/periodic/update-stamp to set the timestamp to a Wednesday, for instance: touch -t 201211280000 /var/lib/apt/periodic/update-stamp Running: stamp=$(date --date=$(date -r /var/lib/apt/periodic/update-stamp --iso-8601) +%s 2/dev/null) date -u --date="1970-01-01 $stamp sec GMT" Gives the correct timestamp: Wed Nov 28 00:00:00 UTC 2012 However, unattended-upgrades then seems to ignore this, and run the updates on a Saturday morning. Could anyone enlighten me as to how this parameter works, and how to set up upgrades to run on a Wednesday?

Read the article
Exchange can't send emails with attachments

- by Jack

No one in our organization can send emails with attachments. Emails without attachments go through fine, but if an attachment is included, an error appears in the Server Failures folder under Sync Issues. The error is "The following message had an error and synchronization of it was skipped (0xc0090081)". We are using Symantec Mail Security, which we shut down to try to troubleshoot the problem, and now that fails to load. Any ideas as to what to check? I'm sorry I don't have more complete information, but I'm helping someone try to figure this out. I'm not the admin myself. Thanks.

Read the article
Connect to RDS inside a VPC using Opsworks located in another VPC

- by Consuelo Merino

I have a RDS instance (mysql) inside a VPC called vpc-a (10.0.0.0/16). This instance is private, it can only be accessed from vpc-a. We created a stack on opsworks inside another VPC called vpc-b (10.1.0.0). We want to connect opsworks to the RDS but it doesn't work. It refuses to connect. I tried adding said subnet to the RDS security group. Also read a lot of documentation but I haven't stumbled across the answer. Any help would be greatly appreciated.

Read the article

< Previous Page | 445 446 447 448 449 450 451 452 453 454 455 456 | Next Page >