Search Results

Search found 20283 results on 812 pages for 'security context'.

Page 490/812 | < Previous Page | 486 487 488 489 490 491 492 493 494 495 496 497 | Next Page >

Install Windows Server 2008 Core on a Dell Optiplex 790

- by Alex Marshall

Does anybody have experience installing Windows Server 2008 Core on a Dell Optiplex 790? When I connect to the machine with the Hyper-V Manager Administrator snap-in, and try to create and run a virtual machine, I get the error "The Virtual Machine could not be started because the hypervisor is not running". I've disabled the Execute Disable functionality in the BIOS as was requried for other Dell models, but no matter what combination of security and virtualization settings I use on the machine, I can't get this working. EDIT: I've installed Windows Server 2008 Core on a Dell Optiplex 790, and I'm trying to install and setup a guest VM on the Hypervisor EDIT 2: The Hyper-V role is installed and configured, without any errors in the event log. Hardware-assisted virtualization is also enabled.

Read the article
Is Windows XP Pro not a good Hyper-V guest citizen?

- by Magnus

On my Windows Server 2008 R2 w. the Hyper-V role, I have these guest VMs: 3 x Windows Server 2008 R2 2 x Windows Server 2003 x86 2 x Windows 7 x64 1 x Windows XP Pro x86 In general, all machines are very fast and responsive. However, the Windows XP Pro guest is very sluggish. It can take up to 2 minutes to connect to the console/or a RD session. Sometimes it can "go into sleep" for several minutes. I have tried to add a 2nd CPU and more memory, but it doesn't help. When the issue happens, it's more or less impossible to get a responsive Task Manager up to analyze which process is hogging the CPU. But I have noticed that it can be various processes; lsass.exe, crss.exe etc. Integration Services is installed. Microsoft Security Essentials is installed, but I have tried without it, no difference. Any ideas?

Read the article
SQL Server Windows Auth Login not working

- by Mr Shoubs

I've had someone set up a domain controller on windows 2008 on one server, and sql server 2008 on another. The domain seems to be working fine, I'm logged on as a domain user on both servers, nothing seems to be a problem there. However, when I try to add a domain user/group to SQL Server Security (e.g. clicking ok from the create login screen) it says it can't find it (even though I've used the search to find the correct account in the first place), when I try to logon (even though I haven't added it yet) it says something about the account being part of an untrusted domain instead of saying I don't have permission to log on. Anyone have any ideas on what is set up incorrectly?

Read the article
Default permissions for courier imap folders

- by JoeCoder

I'm using courier imap. When a mail client creates a new folder, it's created on the filesystem with 640 permission. I need it to be writable by the group, or 660. I currently have /etc/courier/imapd IMAP_UMASK=007, but that's not enough. I'm not sure what else to try. Any ideas? I'm using ubuntu server 12.04. EDIT: I added a 50pt bounty to this. For an acceptable answer, I need a way to make it work from a package in a standard repo. If I download source and compile it myself, it won't be automatically kept up to date with security fixes. If I don't find a better answer, I'll add code to the admin script to call another sudo approved script to chmod -R the whole directory before every change. But this is kind of hack-ish.

Read the article
DNS Server Spoofed Request Amplification DDoS - Prevention

- by Shackrock

I've been conducting security scans, and a new one popped up for me: DNS Server Spoofed Request Amplification DDoS The remote DNS server answers to any request. It is possible to query the name servers (NS) of the root zone ('.') and get an answer which is bigger than the original request. By spoofing the source IP address, a remote attacker can leverage this 'amplification' to launch a denial of service attack against a third-party host using the remote DNS server. General Solution: Restrict access to your DNS server from public network or reconfigure it to reject such queries. I'm hosting my own DNS for my website. I'm not sure what the solution is here... I'm really looking for some concrete detailed steps to patch this, but haven't found any yet. Any ideas? CentOS5 with WHM and CPanel. Also see: http://securitytnt.com/dns-amplification-attack/

Read the article
Restoring WordPress EC2 instance from snapshot results in 403 Forbidden error

- by Eric Matthew Turano

This problem has been perplexing me for weeks now. Here's how the issue goes: Launch Amazon Linux 64-bit instance, successfully install WordPress, and site is active w/ no issues Create snapshot of the instance's root volume Shut down instance Create volume from snapshot, attach to instance, and reboot instance Associate Elastic IP with instance Once that's done and I try logging onto the site, I am redirected to myurl.com/wp-admin/install.php and greeted with this message: Forbidden: You don't have permission to access /wp-admin/install.php on this server. Apache/2.2.25 (Amazon) Server at www.myurl.com Port 80 Port 80 is open on the inbound security group settings, so that's not the issue. Keep in mind all I am doing is merely creating a new volume and attaching it to the same instance, and this issue comes up. What am I doing wrong, and how can I create a complete backup of my instance without this error occuring?

Read the article
Dubious permissions on plist Problems installing Jenkins

- by Code Droid

I am trying to install jenkins on 10.6.8 In order to do this I needed to modify the jenkins plist which was owned by root. I gave myself (the admin) permissions to modify this file and added the admin as the user in the plist for jenkins. Now the problem is that launchctrl sees my permission change as a security issue and will not launch something about dubious permissions on plist. I changed owner to root, and removed admin permission to write but launchctrl still views the permissions as dubious? Time for a reinstall? How should I have set the plist in the first place? and what should I do now?

Read the article
What could prevent one Amazon EC2 instance from pinging another instance's Private IP?

- by ks78

I have multiple Amazon EC2 instances which need to communicate using private IPs. However, so far I've been unable to ping one instance's private IP from another instance. I can ping external addresses, such as their Elastic IPs and other sites (yahoo, google, etc), so it seems there's nothing wrong with the instances' network configuration. Also, they are all in the same zone, so that shouldn't be an issue. Does anyone have any idea what I could be doing wrong? Could this related to the Security Group settings?

Read the article
sshd warning, "POSSIBLE BREAK-IN ATTEMPT!" for failed reverse DNS

- by rking

Whenever I SSH somewhere I get something like this in the logs: sshd[16734]: reverse mapping checking getaddrinfo for 1.2.3.4.crummyisp.net [1.2.3.4] failed - POSSIBLE BREAK-IN ATTEMPT! And it is right: if I do host 1.2.3.4 it returns 1.2.3.4.crummyisp.net, but if I do host 1.2.3.4.crummyisp.net it is not found. I have two questions: What security threat is there? How could anyone fake a one-way DNS in some threatening way? Do I have any recourse for fixing this? I'll send my ISP a bug report, but who knows where that'll go.

Read the article
Loadbalance UDP traffic with session affinity and way to take servers in & out of rotation

- by William

What is the best way to go about load balancing UDP traffic among a whole bunch of servers, while keeping session affinity based on the users' IP? I need to also be able to take servers in and out of rotation for new clients, so when they join for the first time, they get put on a server in a list of available servers, and clients already connected would stay connected to their specific server. I have written the software to maintain a list, but I can't seem to find anything that would perform this functionality. If you need the context, this is to facilitate game tournaments for Minecraft: Pocket Edition, which is done with UDP traffic, I cannot change the protocol. And, because tournaments open and close, I need to be able to place players on their proper servers. Performance is also a priority, I have a program to do this but it is very bloated and slow. Thanks for any help! William

Read the article
What response should be made to a continued web-app crack attempt?

- by Tchalvak

I've issues with a continuous, concerted cracking attempt on a website (coded in php). The main problem is sql-injection attempts, running on a Debian server. A secondary effect of the problem is being spidered or repeatedly spammed with urls that, though a security hole has been closed, are still obviously related attempts to crack the site, and continue to add load to the site, and thus should be blocked. So what measures can I take to: A: Block known intruders/known attack machines (notably making themselves anonymous via botnet or relaying servers) to prevent their repeated, continuous, timed access from affecting the load of the site, and B: report & respond to the attack (I'm aware that the reporting to law enforcement is almost certainly futile, as may be reporting to the ip/machine where the attacks are originating, but other responses to take would be welcome).

Read the article
Configure Mouse Buttons for "Administrator"/Elevated privileges

- by Zhaph - Ben Duguid

I am, for better or worse, an administrator on my Windows 7 machine. However, even then, I still need to run certain programs "as Administrator" - for example, Visual Studio 2008 when working with local IIS sites. I also like to have the extra buttons on my IntelliMouse Optical doing non-standard things, like representing Ctrl and Shift. However, when in VS running as administrator, these settings aren't picked up, just like my mapped drives aren't picked up - I would understand this if I was logging in as a different user, supplying credentials, etc, but I'm not, I'm just pressing "Yes" at the UAC prompt. Normally, I'd just right click the item in the start menu and select "Run as administrator", but that's not an option on the context menu for either the Microsoft IntelliPoint Mouse application that appears under "Programs", nor the "Mouse" control panel item. Running the control panel as administrator also doesn't seem to help. So has any one got any suggestions on how I can configure my mouse buttons for the elevated version of me that Visual Studio is running as?

Read the article
WebDAV "PROPFIND" exception in IIS due to network share?

- by jacko

Hi all, We're finding continuous exceptions in our event viewer on our live box to the following exception: [snippet] Process information: Process ID: 3916 Process name: w3wp.exe Account name: NT AUTHORITY\NETWORK SERVICE Exception information: Exception type: HttpException Exception message: Path 'PROPFIND' is forbidden. Thread information: Thread ID: 14 Thread account name: OURDOMAIN\Account Is impersonating: True Stack trace: at System.Web.HttpMethodNotAllowedHandler.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) Other Specs: Windows Server 2003 R2 & IIS 6.0 We've narrowed it down to occuring when people try to access shares on the box from within the network, and have discovered (we think) that its due to the WebDAV web services extension being previously disabled by past staff. The exceptions are being thrown when trying to access directories that are virtual dirs in IIS, and plain old UNC network shares What the implications for enabling the WebDAV extensions on our live web server? And will this solve our problems with the exceptions in our event log?

Read the article
How to prevent Ubuntu from combining networks on 2 NIC server?

- by SolarPower

I've got a Ubuntu Server 10.10 with 2 network interfaces with a cable plugged into both going to switches on completely different networks with different routers. One network is the 10.1.10.X network with a separate gateway/router - the server has an IP of 10.1.10.50 with the gateway IP of 10.1.10.1. The other interface is 10.2.10.X, IP 10.2.10.50, gateway 10.2.10.1. All my Mac machines are on the 10.2.10.X network, and all servers on the 10.1.10.X. The ONLY connection between the two is this machine. From a Mac in my office, I CANNOT ping any computer on the 10.1.10.X network except the Ubuntu machine I'm talking about. However, under the Shared column in Finder, I can see every server on the other network listed. That makes me believe that somehow this Ubuntu machine is letting certain requests span both networks, which is a security problem. Hope this is enough info.

Read the article
Embedded video is not shown in internet explorer 9 RC or Beta

- by Jagannath

In IE 9 RC or in beta, the embedded video is not shown in the web page. I verified the security settings in "internet options". Did not find any issue. Please find the screen shot below. I am able to view the flash videos in Youtube. But, for some reason, in some sites the embedded video is not shown. I don't have this issue with firefox. UPDATE: I am able to see view the embedded video in Admin account. But not able to view it in Standard account.

Read the article
ajaxplorer: open_basedir restriction in effect

- by mrzasa

I'm trying to install ajaxplorer at a shared hosting in my home folder. When I navigate to the main page, I get an error: is_writable(): open_basedir restriction in effect. File(/var/lib/php5) is not within the allowed path(s): (/var/www//username/:/usr/sbin/sendmail:/usr/share/php :/home/www/appname::/usr/share/pear:/dev/urandom) What might be the cause? How could I fix it? There is php 5.3.3 installed, apache 2.2.16. I use ajaxplorer 4.0.4. EDIT: The problem is caused by this code part: $tmpDir = session_save_path(); $this-testedParams["Session Save Path"] = $tmpDir; if($tmpDir != ""){ $this-testedParams["Session Save Path Writeable"] = is_writable($tmpDir); Error appears in the last line, but I enclosed the context.

Read the article
Log centralization, display, transport and aggregation at scale v2

- by Eric DANNIELOU

This is a duplicate question of Log transport and aggregation at scale and http://stackoverflow.com/questions/1737693/whats-the-best-practice-for-centralised-logging, but the answers might differ now : The softwares described in 2009 may have changed since (for example Octopussy evolved from version 0.9 to 1.0.5). Rsyslog has become the default on most linux distro. Requirements have changed (security, software configuration management, ...). I'd like to ask the following questions : How do you centralize, display and archive system logs? How would you like to do it now if you had to? Most linux distro use rsyslog nowadays, which can provide reliable log transport. But some older unices, network devices and maybe windows box still use old udp rfc-style transport. How did you manage to get reliable transport? Storing logs for a few months can represent a huge amount of disk space. How do you store them? rdbms? Compressed and encrypted text files?

Read the article
Access to NTP via IP which doesn't change often

- by faulty

I'm trying to sync the clock of our production server located in a data center with pool.ntp.org. For security reason, our servers has no internet access unless we requested to open specific ip/port explicitly. I worked out a list of IPs based on 0.asia.ntp.org 1.asia.ntp.org 2.asia.ntp.org 3.asia.ntp.org Not realizing ntp.org is using round robin DNS and the servers being voluntary, they changes from time to time. In fact the IP I've got from 3.asia.ntp.org last month is no longer working now. I'm wondering if there's a publicly known NTP server that doesn't change as often or if there's a way to go around this without having to request an update to the firewall on a monthly basis. I believe many admin is facing the same issue here.

Read the article
What is a plain text password and why can it be decypted?

- by Misha

I was trying to understand the level of security offered by Windows picture passwords and ran across this claim on this website. Some of our password recovery utilities already implement Windows 8 plain-text password decryption. The upcoming release of Windows Password Recovery is expected to have a full-fledged Vault analyzer and offline decoder. I'm trying to understand what a plain text password is and if it is the default kind of password when I add a password to my account. My head is a bit muddled on this one so any clarification can help. It seems there are passwords that can be decrypted and those that can't. What can be decrypted? Is the password I enter in Windows exposed?

Read the article
Better antivirus for Windows Server 2008 R2 x64 VPS

- by raja

I have only one VPS with Windows Server 2008 R2 x64 and want to buy an Antivirus. I tried NOD32 but they do not give less than 5 users in business edition (I have only one server). Kaspersky may be another solution but whether should i go for Internet Security or Anti-virus? I have few website hosted on this server and user have ability to upload .jpg, .gif, .zip files in few of the folders. Apart from above two any other suggestions on Antivirus that works well on above configuration and available for only one user? Thanks

Read the article
Upgrading kernel on Debian server hosting Xen 3.2.1

- by mitnosirrag

I have a physical server running Debian 6 and Xen Hypervisor 3.2.1, and kernal -a says "2.6.26-1-xen-amd64". I have not updated for a long time, because when I run apt-get upgrade, one of the updates is linux-image-2.6-amd64. My understanding was that my kernel needs to have Xen support, will upgrading to this kernel break my dom0? I have myself up against a wall, because I host a VM for a website that isn't mine, so I need the latest security updates, but can't risk taking them offline. Eventually they will move off, and I won't be hosting something I am unqualified to host, but that isn't the point right now.

Read the article
Development Server Blocked Only from Home

- by theonlylos

Recently I've been having an issue with my CentOS 6 test server running Apache and Webmin running on port 10000 where when I try accessing any part of the server - SSH/FTP and even my domains (I have two - both keep getting timeout errors) when I try accessing from any computer on my home network. However when I access via tethering or via my office networks everything loads fine. While the firewall is the first issue at mind, my router never was set to block any special ports, and even after adding port 10000 as a specific exception I'm having no luck. Also, I doubt this is an IP blacklisting issue because I have websites on other servers using CloudFlare for security and I haven't gotten any warnings. Any assistance is greatly apprecaiated. UPDATE: Just some extra details about the issue: My ISP to my knowledge only blocks off ports 25 and 80 for residential users to prevent them from running web servers - however this issue has only come up a day or two ago, before that I was using the server successfully for months. Also the server is not physically located in any of my workspaces - it's a VPS housed in a datacenter

Read the article
Setting up SSL on Glassfish V2 or V3

- by javanix

My employer recently purchased a Trustwave SSL certificate. Trustwave advertises support on their website, but they don't give an installation guide like they do for their other servers at all, and I am having a difficult time getting it configured correctly with GlassFish. I found this http://blogs.sun.com/enterprisetechtips/entry/using_ssl_with_glassfish_v2 blog post that is sort of helpful, but I'm still unable to get it working (I think the issue is that I don't fully understand the GlassFish keystore, so I am modifying it incorrectly and the server throws security exceptions on startup). Does anyone have any experience doing so, and can you point me to a decent resource? Thanks for any help.

Read the article
BCM 2007 not opening contacts...

- by Christopher

Business Contact Manager for Outlook (2007) is refusing to open contacts. This problem appeared this morning on every machine (Windows XP SP3) on our network. The contact list does populate as normal, and contacts can be printed from the context menu, but the form that displays the contact information does not display, and no error message is thrown. I have turned on logging for BCM in the help menu, but nothing is being generated (or, leastways, I cannot find it anywhere). The SQL services appear to have started as normal. Anyone come across this before I take a deep breath and go with my boss' suggestion of "just reboot the server"? Any other information you need? Thanks.

Read the article
Increasing file descriptor limit on Debian does not work! Help!

- by Aco

I am running Debian 6 and I am trying to increase the file descriptor limit but it does not want to work. This is what I have done: I edited /etc/sysctl.conf by adding fs.file-max = 64000 at the end and applied the changes using sysctl -p. I then edited /etc/security/limits.conf and added the following lines: * soft nofile 64000 and * hard nofile 64000. Now when I execute ulimit -Hn and ulimit -Sn I still see 1024. I rebooted the server and I still get the same result. What have I failed to do?

Read the article

< Previous Page | 486 487 488 489 490 491 492 493 494 495 496 497 | Next Page >