Search Results

Search found 24666 results on 987 pages for 'cooperative linux'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 450/987 | < Previous Page | 446 447 448 449 450 451 452 453 454 455 456 457  | Next Page >

  • How to securely control access to a backend key server?

    - by andy
    I need to securely encrypt data in my database so that if the database is dumped, hackers are unable to decrypt the data. I'm planning on creating a simple key server on a different machine, and allowing the DB server access to it (restricted by IP address on the key server to permit the DB server). The key server would contain the key required to encrypt/decrypt data. However, if a hacker were able to get a shell on the DB server, they could request the key from the key server and therefore decrypt the data in the database. How could I prevent this (assuming all firewalls are in place, DB is not connected directly to the internet, etc)? i.e. is there some method I could use that could secure a request from the DB server to the key server so that even if a hacker had a shell on the DB server they'd be unable to make those same requests? Signed requests from the DB server could make issuing these requests less trivial - I suppose that'd help increase the amount of time it'd take to compromise the key server, something a hacker probably wouldn't have much of. As far as I can see, if someone can get a shell on the DB server everything's lost anyway. This could be mitigated by using one key per data item in the DB so at least there's not a single "master" key, but multiple keys that the hacker would need to access. What would be a secure method of ensuring requests from the DB server to the key server were authentic and could be trusted?

    Read the article

  • KDE Device Notifier and mounted volumes ownership and permissions

    - by nunomaltez
    Hi, When I plug an USB pen to my PC and mount the device using KDE's Device Notifier, the mounted device is owned by my user, who has write permissions. However, when I connect a USB harddisk and mount a partition in the same way, the mounted device is owned by root, and since the owner is the only one with write permissions I can't write to the disk. How do I configure the device notifier's actions to mount the HD with my user as owner, just like it mounts the USB pen? I'm using Fedora 9.

    Read the article

  • Backing Up User Data when data is not in use. Should I be concerned?

    - by jberryman
    This may be a dumb question. I would like to use duplicity to make backups to Amazon S3 of directories, each of which contains a different user's data. Each directory could be written to at any time. So I have two questions: Should I be concerned that a scheduled backup of a directory might occur in the middle of data being written to files in the directory, resulting in a corrupted backup? And if that is a valid concern, how would I go about temporarily delaying an operation while IO was happening, to try to minimize that effect. Thanks for the advice

    Read the article

  • Is there a decent diagram of packet flow for a modern era (2.6+) iptables setup?

    - by stsquad
    I'm currently trying to debug a particularly hairy set of DNAT based iptables rules (the UDP reply never makes it back to the original requester) and I'm struggling to visualise the packet flow through all the numerous tables involved. So far Google'ing has shown me old 2.4 based ipchains ones. The netfilter site has some good text docs but is short on diagrams and a number of the external links are now dead. So is there a canonical diagram for iptables packet flow, preferably showing how NAT/Masqueraded packets are also dealt with?

    Read the article

  • What prevents an attack on Postfix through its named pipes?

    - by Met?Ed
    What prevents an attack on Postfix through its named pipes by writing bogus data to them? I see on my system that they permit write access to other. I wonder if that opens Postfix to DoS or some other form of attack. prw--w--w- 1 postfix postdrop 0 Nov 28 21:13 /var/spool/postfix/public/pickup prw--w--w- 1 postfix postdrop 0 Nov 28 21:13 /var/spool/postfix/public/qmgr I reviewed the pickup(8) man page, and searched here and elsewhere, but failed to turn up any answers.

    Read the article

  • different folders in a partition as mount points?

    - by ajsie
    i want to have 2 partitions. one is called system. the other is private. in the private partition i've got some folders i want to mount into system as system folders. folders in private: - www - home mount points in system: - /var/www - /home is this possible? cause it seems that you can only specify a whole partition to use for a mount point and not a folder in a partition or am i wrong? i run ubuntu server. cheers

    Read the article

  • How to change the X-Windows default border width for all window frames in Ubuntu using Gnome 2.28

    - by Heston T. Holtmann
    Way back from Windows 3.x days to the latest 64bit Windows 7 (classic/standard theme).. there is a way to make the window edge border wider then 1 pixel... I often use 3 to 5 pixel to make it easy to grab on hi-resolutions displays and hi DPI monitors. There doesn't seem to be an easy or obvious way to do this with the Gnome X-Windowing system? Does any one know how?

    Read the article

  • How do I get openssh to save my ssh identity permanently in Xfce?

    - by Alliswell
    How do I change it to save my identity permanently using Xfce? During my login session after I have entered: $ ssh-add Then identity is saved and I can connect via ssh without getting the dreaded: Enter passphrase for key However, once I logout and login back-in I get the following when running: $ ssh-add -L The agent has no identities. $ ssh <hostname> Enter passphrase for key '/home/user/.ssh/id_rsa': Stackoverflow has the following solution, yet I do not understand the reference to in the config file: IdentityFile ~/.ssh/id_rsa_buhlServer Specifically I do not understand what I would put on the identity file. Would I put the above word for word? Or just add my file: IdentityFile ~/.ssh/id_rsa StackOverflow solution

    Read the article

  • sticky bit on NFS file system

    - by Kris_R
    I have a system where to the main server (homes, nfs, ntp, queue...) can log-in only root – all the other users use front-end host with NFS-mounted home directories (RW) and all other software directories (read-only). My problem is, that time to time, if root or normal user with sudo makes some administrative works on front-end some homes of normal users getting sticky bits (drwsr-sr-x). If it happens usually the user can't log-in (as long as permission for his home are not changed to drwxr-xr-x). The last time I saw it after compiling some new software (normal user configure;make) and installation from the same directory as root (su and make install or direct as normal user sudo make install). Can somebody explain me why it happens and what should I do to get rid of this problem? p.s. I'm using CentOS 5.7

    Read the article

  • Is there a way to diagnose a tar file when, on extract, files are missing but no errors are given?

    - by ljvillanueva
    I have tar files where I archive about 250 files, each about 80 Mb, without compression. In a few cases tar is only returning some of the files. For example, when doing an extract of the file using: tar -xvf 356.tar I got only 103 files, when it should return 255 files, but tar does not give me an error. Furthermore, the tar archive is 15.8 Gb while the extracted folder is just 6.4 Gb. The tar files were created using tar -cvf 356.tar 356 where 356 is the name of the folder. All the steps where done in the same machines, under Ubuntu 6 and newer. Any ideas if there is a way to recover the files that are not being extracted?

    Read the article

  • Use puppet to make changes to ip route and sysctl

    - by Quintin Par
    I have two changes to ip route & sysctl that disable tcp slow start. Here’s how I do it ip route show Make a note of the line starting with default. Pick up the IP from the default line and run sudo ip route change default via $ip_address dev eth0 initcwnd 12 sudo sysctl -w net.ipv4.tcp_slow_start_after_idle=0 How can I create a puppet script out of this? One that can be deployed to many machines of the same type – CentOS 6 Edit: Added bounty to get a working example for sudo ip route change default via $ip_address dev eth0 initcwnd 12

    Read the article

  • Howto detect fake RAM

    - by Michael
    I just bought a virtual server which should have 2GB of RAM. Now i got a server with 4gb which looks very strange to me. I think it is just a virtual RAM. dmidecode only ouputs /dev/mem: Operation not permitted How can i check if it's a real RAM or just a virtual one? free -m outputs: total used free shared buffers cached Mem: 4093 364 3728 0 0 346 -/+ buffers/cache: 18 4074 Swap: 0 0 0 Output from cat /proc/user_beancounters Version: 2.5 uid resource held maxheld barrier limit failcnt 137: kmemsize 8922287 10194944 2145910784 2145910784 0 lockedpages 0 0 523904 523904 0 privvmpages 13387 59112 9223372036854775807 9223372036854775807 0 shmpages 769 785 9223372036854775807 9223372036854775807 0 dummy 0 0 9223372036854775807 9223372036854775807 0 numproc 22 54 9223372036854775807 9223372036854775807 0 physpages 93377 106010 0 1047808 0 vmguarpages 0 0 9223372036854775807 9223372036854775807 0 oomguarpages 2471 2473 9223372036854775807 9223372036854775807 0 numtcpsock 5 21 9223372036854775807 9223372036854775807 0 numflock 4 13 9223372036854775807 9223372036854775807 0 numpty 1 1 9223372036854775807 9223372036854775807 0 numsiginfo 0 39 9223372036854775807 9223372036854775807 0 tcpsndbuf 102592 381632 9223372036854775807 9223372036854775807 0 tcprcvbuf 81920 4820184 9223372036854775807 9223372036854775807 0 othersockbuf 4624 61632 9223372036854775807 9223372036854775807 0 dgramrcvbuf 0 9248 9223372036854775807 9223372036854775807 0 numothersock 39 56 9223372036854775807 9223372036854775807 0 dcachesize 4178917 4232732 1072955392 1072955392 0 numfile 378 535 9223372036854775807 9223372036854775807 0 dummy 0 0 9223372036854775807 9223372036854775807 0 dummy 0 0 9223372036854775807 9223372036854775807 0 dummy 0 0 9223372036854775807 9223372036854775807 0 numiptent 24 24 9223372036854775807 9223372036854775807 0

    Read the article

  • Permissions issue on Fedora with separate home partition

    - by Tres
    I am running Fedora 12 and I've setup a partition separate from my root partition to keep shared files and home directories. Now, I've been having permission issues where it says the user cannot chdir into their home directory (/files/home/*). Now, I fixed this originally by chmodding / to 0755 and the home directories also to 0755. And yes, the user is the owner:group of their home directory. Now get this, I didn't change a thing, rebooted, everything still works. Great, right? I boot the server up a day later, and now same ol issue. This is a home server that wasn't on at all at any point in between the working state and non-working state. Also, nothing else was modified. Any ideas? Thanks!

    Read the article

  • What's the best way to forward traffic on a specific port to another machine?

    - by Ankit
    The setup I have is this: [client01] <-A-> [server01] <-B-> [server02] client01 can access port 9300 on server01 (connection A). server01 can access port 9300 on server02 (connection B). What's the best way to make all traffic on port 9300 to server01 go to port 9300 on server02? I can successfully do this with an ssh tunnel from client01 to server01 to server02, but I don't want to have to run ssh on client01. When I ssh from server01 to server02 forwarding port 9300 (ssh -g -L9300:localhost:9300 server02 on server01), it doesn't work -- am I using the wrong command?

    Read the article

  • Availability of big files on multiple servers

    - by Imises
    I have to handle many (1'000 - 30'000) big files ranging from 200MB up to 2GB. The demand for these files is variable (0 - 300 downloads / file). This is why a single file must saved on 2 or more servers. My servers are placed in different datacenters (France), with different size HDDs (750GB to 4TB). Currently I share the files using PHP and ncftpget / ncftpput, but it's very slow. I need a solution to handle balancing these files across 7+ servers.

    Read the article

  • Using u32 together with extension headers (how to jump over them?)

    - by bortzmeyer
    I'm trying to filter on some parts of the payload, for an IPv6 packet with extension headers (for instance Destination Options). ip6tables works fine with conditions like --proto udp or --dport 109, even when the packet has extension headers. Netfilter clearly knows how to jump over Destination Options to find the UDP header. Now, I would like to use the u32 module to match a byte in the payload (say "I want the third byte of the payload to be 42). If the packet has no extension headers something like --u32 "48&0x0000ff00=0x2800"` (48 = 40 bytes for the IPv6 header + 8 for the UDP header) works fine, If the packet has a Destination Options, it no longer matches. I would like to write a rule that will work whether the packet has Destination Options or not. I do not find a way to tell Netfilter to parse until the UDP header (something that it is able to do, otherwise --dport 109 would not work) then to leave u32 parse the rest. I'm looking for a simple way, otherwise, as BatchyX mentions, I could write a kernel module doing what I want.

    Read the article

  • Apache logs other user read permissions

    - by user2344668
    We have several developers who maintain the system and I want them to easily read the log files in /var/log/httpd without needing root access. I set the read permission for 'other' users but when I run tail on the log files I get permission denied: [root@ourserver httpd]# chmod -R go+r /var/log/httpd [root@ourserver httpd]# ls -la drwxr--r-- 13 root root 4096 Oct 25 03:31 . drwxr-xr-x. 6 root root 4096 Oct 20 03:24 .. drwxr-xr-x 2 root root 4096 Oct 20 03:24 oursite.com drwxr-xr-x 2 root root 4096 Oct 20 03:24 oursite2.com -rw-r--r-- 1 root root 0 May 7 03:46 access_log -rw-r--r-- 1 root root 3446 Oct 24 22:05 error_log [me@ourserver ~]$ tail -f /var/log/httpd/oursite.com/error.log tail: cannot open `/var/log/httpd/oursite/error.log' for reading: Permission denied Maybe I'm missing something on how permissions work but I'm not finding any easy answers on it.

    Read the article

  • How to load kernel module at startup on FC9?

    - by dicroce
    I need to know how to automatically load a kernel module at startup on FC9. All the sites talk about adding an entry to /etc/modules.conf.... But that does not exist on FC9... Instead I have /etc/modprobe.d/ directory... Now, I suppose I need to put a file in this dir for my driver but I have no idea how to write this file... I just need "modprobe name" to be run...

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 446 447 448 449 450 451 452 453 454 455 456 457  | Next Page >