Search Results

Search found 154 results on 7 pages for 'denial'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 5/7 | < Previous Page | 1 2 3 4 5 6 7  | Next Page >

  • SQL Azure Security: DoS

    - by Herve Roggero
    Since I decided to understand in more depth how SQL Azure works I started to dig into its performance characteristics. So I decided to write an application that allows me to put SQL Azure to the test and compare results with a local SQL Server database. One of the options I added is the ability to issue the same command on multiple threads to get certain performance metrics. That's when I stumbled on an interesting security feature of SQL Azure: its Denial of Service (DoS) detection engine. What this security feature does is that it performs a check on the number of connections being established, and if the rate of connection is too high, SQL Azure blocks all communication from that machine. I am still trying to learn more about this specific feature, but it appears that going to the SQL Azure portal and testing the connection from the portal "resets" the feature and you are allowed to connect again... until you reach the login threashold. In the specific test I was performing, all the logins were successful. I haven't tried to login with an invalid account or password... that will be for next time. On my Linked In group (SQL Server and SQL Azure Security: http://www.linkedin.com/groups?gid=2569994&trk=hb_side_g) Chip Andrews (www.sqlsecurity.com) pointed out that this feature in itself could present an internal threat. In theory, a rogue application could be issuing many login requests from a NATed network, which could potentially prevent any production system from connecting to SQL Azure within the same network. My initial response was that this could indeed be the case. However, while the TCP protocol contains the latest NATed IP address of a machine (which masks the origin of the machine making the SQL request), the TDS protocol itself contains the IP Address of the machine making the initial request; so technically there would be a way for SQL Azure to block only the internal IP address making the rogue requests.  So this warrants further investigation... stay tuned...

    Read the article

  • recent unreliable wireless connection on 10.04 and 10.10

    - by gabkdlly
    Recently, my internet connection over wireless has become unreliable, on both a Dell laptop running Ubuntu 10.04 as well as my Desktop running Ubuntu 10.10 . The problem does not seem to occur on a laptop running Windows Vista. The problem does not seem to occur on my Openmoko Freerunner ( running Android 1.5 ), though I hardly ever use this device to connect over WLAN, so the problem may have just slipped by. This problem does not seem to appear when I boot into Ubuntu 9.10 from a live CD ( more precisely, I was able to ping fu-berlin.de for an hour without any packet loss ). Under Ubuntu 10.10, I am experiencing about 33% packet loss. On my main Ubuntu Desktop, I have tried the following wireless devices: a Longshine PCI card ( an old device with an RTL8180L chip ) a D-Link DWL-510 PCI card ( this device threw warnings in dmesg ) a USB device from MSI ( US54EX ). Usually my wireless network shows up in the network manager with a normal signal strength, even when the connection speed is slow ( which happens often ) or the connection gets reset ( asking me to click connect to re-authenticate my wireless connection ). I have observed this problem with a Netgear KWGR614 Router ( with the manufacturers firmware ), as well as with a TP-LINK TL-WR741ND router running OpenWrt. Taking a look at my routers logs, I find many instances of the following line: Tuesday,04 Jan 2011 03:53:01 [TCP SYN Flood][Deny access policy matched, dropping packet] I know that the Netgear router is susceptible to denial of service attacks, as I have previously been able to disrupt its operation by putting an nmap scan into a while loop. I use WEP on the Netgear router and WPA on the TP-LINK to encrypt the wireless connections. Is it possible that someone is jamming my signal ?

    Read the article

  • recent unreliable wireless connection with Netgear KWGR614 router

    - by gabkdlly
    Recently, my internet connection over wireless ( via a Netgear KWGR614 router ) has become unreliable, on both a Dell laptop running Ubuntu 10.04 as well as my Desktop running Ubuntu 10.10 . The problem does not seem to occur on a laptop running Windows Vista, nor on a Desktop running Windows 7 ( this machine is connected with an ethernet cable ). The problem does not seem to occur on my Openmoko Freerunner ( running Android 1.5 ), though I hardly ever use this device to connect over WLAN, so the problem may have just slipped by. On my main Ubuntu Desktop, I have tried the following wireless devices: a Longshine PCI card ( an old device with an RTL8180L chip ) a D-Link DWL-510 PCI card ( this device threw warnings in dmesg ) a USB device from MSI ( US54EX ). Usually my wireless network shows up in the network manager with a normal signal strength, even when the connection speed is slow or the connection gets reset ( asking me to click connect to re-authenticate my wireless connection ). I know that this router is susceptible to denial of service attacks, as I have previously been able to disrupt its operation by putting an nmap scan into a while loop. Is it possible that someone is jamming my signal ?

    Read the article

  • recent unreliable wireless connection

    - by gabkdlly
    Recently, my internet connection over wireless ( via a Netgear KWGR614 router ) has become unreliable, on both a Dell laptop running Ubuntu 10.04 as well as my Desktop running Ubuntu 10.10 . The problem does not seem to occur on a laptop running Windows Vista, nor on a Desktop running Windows 7 ( this machine is connected with an ethernet cable ). The problem does not seem to occur on my Openmoko Freerunner ( running Android 1.5 ), though I hardly ever use this device to connect over WLAN, so the problem may have just slipped by. On my main Ubuntu Desktop, I have tried the following wireless devices: a Longshine PCI card ( an old device with an RTL8180L chip ) a D-Link DWL-510 PCI card ( this device threw warnings in dmesg ) a USB device from MSI ( US54EX ). Usually my wireless network shows up in the network manager with a normal signal strength, even when the connection speed is slow or the connection gets reset ( asking me to click connect to re-authenticate my wireless connection ). I have observed this problem with a Netgear KWGR614 Router ( with the manufacturers firmware ), as well as with a TP-LINK TL-WR741ND router running OpenWrt. Taking a look at my routers logs, I find many instances of the following line: Tuesday,04 Jan 2011 03:53:01 [TCP SYN Flood][Deny access policy matched, dropping packet] I know that the Netgear router is susceptible to denial of service attacks, as I have previously been able to disrupt its operation by putting an nmap scan into a while loop. I use WEP or WPA to encrypt the wireless network. Is it possible that someone is jamming my signal ?

    Read the article

  • 64kb limit on the size of MSMQ Multicast Messages

    - by John Breakwell
    When Windows 2003 came out, Microsoft introduced the ability to broadcast messages to any machines that were listening back. All you had to do was send out a message on a particular port and IP address and any client that had set up a Multicast queue with matching port and IP address would get a copy. Since its introduction, there have been a couple of security vulnerabilities that needed to be removed: Microsoft Security Bulletin MS06-052 Vulnerability in Pragmatic General Multicast (PGM) Could Allow Remote Code Execution (919007) Microsoft Security Bulletin MS08-036 Vulnerabilities in Pragmatic General Multicast (PGM) could allow denial of service (950762) The second of these, MS08-036, was resolved through an undocumented change in functionality. Basically, a limit of 64kb was put on the maximum size of a message that could be broadcast using the Multicast method. Obviously this has caused a few problems for any existing MSMQ Multicast applications that expected to be able to send larger messages. A hotfix has been developed to resolve this problem. 961605 FIX: Multicast messages larger than 64 kilobytes (KB) are not delivered as expected by using Message Queuing 3.0 after security update MS08-036 is installed A registry change is required: Open the registry with Regedit Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RMCAST\Parameters\ Create a DWord called MaxpacketSize Set the value to the desired number of bytes. You can set it to a value between zero and 4MB. If you specify anything above 4MB, it will default to 64K. A reboot is needed after adding this value.

    Read the article

  • How do I rescue files from the encrypted home folder via live USB stick?

    - by Alexia
    I know, this has been asked and answered all over the internet already. However, I start feeling stupid, since the informations there are not helping me. Just this morning, I wanted to install the newest update to 13.10. After the download, when it came to the actual installing, the install program froze and didn't do anything for hours. At that time, I was still logged in. The computer was working and everything was accessable to me. However, I made the mistake and didn't immediately make safety copies of everything. Instead, I just rebooted. Long story short: My computer even fails to reset to a previous version via Grub. But I am able to boot from a USB stick and, after starting Nautilus, I see my home folder on the HD. I would now like to copy its contents onto an external harddisk. Problem 1: I have no rights to access the folder like that. Problem 2: It is encrypted. Problem 3: I don't know how to give myself the rights to access the folder nor do I know how to encrypt it. I assume that it might help that I still know these things: - my old login name - my old login phrase - a 32 characters long string of hexadecimal numbers that I copied to my list of passwords as "Ubuntu Encryption Code". I copied it digitally right after installing Ubuntu the first time and encrypting the home folder, so there won't be any typos. I am sure of that. The solutions that I saw so far, tell me that I need the "encryption phrase". But when I follow the instructions and use this phrase that I have in my list, I only get messages of denial. Can anyone help me through this special problem, please?

    Read the article

  • Securing a Cloud-Based Data Center

    - by Orgad Kimchi
    No doubt, with all the media reports about stolen databases and private information, a major concern when committing to a public or private cloud must be preventing unauthorized access of data and applications. In this article, we discuss the security features of Oracle Solaris 11 that provide a bullet-proof cloud environment. As an example, we show how the Oracle Solaris Remote Lab implementation utilizes these features to provide a high level of security for its users. Note: This is the second article in a series on cloud building with Oracle Solaris 11. See Part 1 here.  When we build a cloud, the following aspects related to the security of the data and applications in the cloud become a concern: • Sensitive data must be protected from unauthorized access while residing on storage devices, during transmission between servers and clients, and when it is used by applications. • When a project is completed, all copies of sensitive data must be securely deleted and the original data must be kept permanently secure. • Communications between users and the cloud must be protected to prevent exposure of sensitive information from “man in a middle attacks.” • Limiting the operating system’s exposure protects against malicious attacks and penetration by unauthorized users or automated “bots” and “rootkits” designed to gain privileged access. • Strong authentication and authorization procedures further protect the operating system from tampering. • Denial of Service attacks, whether they are started intentionally by hackers or accidentally by other cloud users, must be quickly detected and deflected, and the service must be restored. In addition to the security features in the operating system, deep auditing provides a trail of actions that can identify violations,issues, and attempts to penetrate the security of the operating system. Combined, these threats and risks reinforce the need for enterprise-grade security solutions that are specifically designed to protect cloud environments. With Oracle Solaris 11, the security of any cloud is ensured. This article explains how.

    Read the article

  • How to kill android application using android code?

    - by Natarajan M
    I am develoing small android application in eclipse. In that project i kill the running process in android, i got the Permission Denial error. how can i solve this problem in android. Anybody help for this problem.... THIS IS MY CODE package com.example.nuts; import java.util.Iterator; import java.util.List; import android.app.Activity; import android.app.ActivityManager; import android.app.ActivityManager.RunningAppProcessInfo; import android.content.Context; import android.content.pm.PackageManager; import android.os.Bundle; import android.telephony.SmsManager; import android.widget.Toast; import android.*; public class killprocess extends Activity { SmsManager smsManager = SmsManager.getDefault(); Recivesms rms=new Recivesms(); String Number=""; int pid=0; String appname=""; protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); try { Number=Recivesms.senderNum; pid=Integer.parseInt(Recivesms.struid); appname=getAppName(pid); Toast.makeText(getBaseContext(),"App Name is "+appname, Toast.LENGTH_LONG).show(); ActivityManager am = (ActivityManager) getSystemService(Activity.ACTIVITY_SERVICE); List<RunningAppProcessInfo> processes = am.getRunningAppProcesses(); if (processes != null){ for (int i=0; i<processes.size(); i++){ RunningAppProcessInfo temp = processes.get(i); String pName = temp.processName; if (pName.equals(appname)) { Toast.makeText(getBaseContext(),"App Name is matched "+appname+" "+pName, Toast.LENGTH_LONG).show(); int pid1 = android.os.Process.getUidForName(pName); //android.os.Process.killProcess(pid1); am.killBackgroundProcesses(pName); Toast.makeText(getBaseContext(), "Killed successfully....", Toast.LENGTH_LONG).show(); } } } smsManager.sendTextMessage(Number, null,"Your process Successfully killed..." , null,null); }catch(Exception e) { Toast.makeText(getBaseContext(),e.getMessage(), Toast.LENGTH_LONG).show(); } } private String getAppName(int Pid) { String processName = ""; ActivityManager am = (ActivityManager)this.getSystemService(ACTIVITY_SERVICE); List l = am.getRunningAppProcesses(); Iterator i = l.iterator(); PackageManager pm = this.getPackageManager(); while(i.hasNext()) { ActivityManager.RunningAppProcessInfo info = (ActivityManager.RunningAppProcessInfo)(i.next()); try { if(info.pid == Pid) { CharSequence c = pm.getApplicationLabel(pm.getApplicationInfo(info.processName, PackageManager.GET_META_DATA)); //Log.d("Process", "Id: "+ info.pid +" ProcessName: "+ info.processName +" Label: "+c.toString()); //processName = c.toString(); processName = info.processName; } } catch(Exception e) { //Log.d("Process", "Error>> :"+ e.toString()); } } return processName; } } After executing the code. i got the following error... Permission Denial: killBackgroundProcess() from pid=894, uid=10052 requires android.permission.KILL_BACKGROUND_PROCESSES Also i put the following line on manifest file <uses-permission android:name="android.permission.KILL_BACKGROUND_PROCESS" /> Anybody help for how to solve this problem... Thanking you....

    Read the article

  • Android Permission Issue android.permission.READ_CONTACTS

    - by jkmcgee
    Hello, All I am trying to do is read a contact off of my emulator and display it to the screen. I can't seem to resolve this error. Both of my packages (com.msi.ibm.tutorial and .MobileServiceCallContacts) have the permission READ_CONTACTS set in their manifest xml files. So any ideas as to what I've got wrong ? Here is the error message from eclipse console if it helps, it's not helping me, but I'm a little rusty at this and completely new to Android development. MobileServiceCallContacts]Starting activity com.msi.ibm.tutorial.MobileServiceCallContacts on device MobileServiceCallContacts]ActivityManager: Starting: Intent { cmp=com.msi.ibm.tutorial/.MobileServiceCallContacts } MobileServiceCallContacts]ActivityManager: java.lang.SecurityException: Permission Denial: starting Intent { flg=0x10000000 cmp=com.msi.ibm.tutorial/.MobileServiceCallContacts } from null (pid=-1, uid=-1) requires android.permission.READ_CONTACTS

    Read the article

  • Detect aborted connection during ASIO request

    - by Tim Sylvester
    Is there an established way to determine whether the other end of a TCP connection is closed in the asio framework without sending any data? Using Boost.asio for a server process, if the client times out or otherwise disconnects before the server has responded to a request, the server doesn't find this out until it has finished the request and generated a response to send, when the send immediately generates a connection-aborted error. For some long-running requests, this can lead to clients canceling and retrying over and over, piling up many instances of the same request running in parallel, making them take even longer and "snowballing" into an avalanche that makes the server unusable. Essentially hitting F5 over and over is a denial-of-service attack. Unfortunately I can't start sending a response until the request is complete, so "streaming" the result out is not an option, I need to be able to check at key points during the request processing and stop that processing if the client has given up.

    Read the article

  • So - vuvuzelas. any programming equivalents ?? [closed]

    - by jim
    Hi All, I'm sure we've all been exposed over the past few days to the delights of the vuvuzela (see http://news.bbc.co.uk/1/hi/magazine/8738604.stm). In an attempt to mask the waspish 'parp' from our living rooms, tv sound engineers are devising all sorts of filters to try and 'calm' the abhoration :). some tho say that it simply 'adds to the ambience' and that masking it out would be a denial of its 'additive' character. Now, on a programming related front, have you had to mask any extraneous 'noise' in a piece of work that you've picked up from someone else (or perhaps even your own!!)?? If so how 'inspired' was your remedy and how did you creatively 'reverse' it out once the noise had subsided and/or the pitch changed. :) tongue firmly in cheek... jim

    Read the article

  • Permission errors when cropping after taking a photo

    - by CGM
    Hello everybody, I want to take a photo with an Intent on android.provider.MediaStore.ACTION_IMAGE_CAPTURE, next crop the result with: Intent intent = new Intent("com.android.camera.action.CROP"); intent.setClassName("com.android.camera", "com.android.camera.CropImage"); I follow the sugestions made at: Android: Crop an Image after Taking it With Camera with a Fixed Aspect Ratio However when calling the crop activity I get (already checked the LogCat output) a permission error, saying something like: Permission denial on a Intent to access the temporary image created by the camera activity on my SDcard. Can you please suggest a solution for Android 2.2 ? Thank you

    Read the article

  • Preventing dictionary attacks on a web application

    - by Kevin Pang
    What's the best way to prevent a dictionary attack? I've thought up several implementations but they all seem to have some flaw in them: Lock out a user after X failed login attempts. Problem: easy to turn into a denial of service attack, locking out many users in a short amount of time. Incrementally increase response time per failed login attempt on a username. Problem: dictionary attacks might use the same password but different usernames. Incrementally increase response time per failed login attempt from an IP address. Problem: easy to get around by spoofing IP address. Incrementally increase response time per failed login attempt within a session. Problem: easy to get around by creating a dictionary attack that fires up a new session on each attempt.

    Read the article

  • Security Exception while implementing global search for Messaging

    - by Sunil
    I am trying to enable global search for messaging application (i.e., messages can be searched from home screen search box). I have followed all the steps given in http://developer.android.com/reference/android/app/SearchManager.html I am getting the following exception 04-16 12:49:26.917: ERROR/DatabaseUtils(102): java.lang.SecurityException: Permission Denial: reading com.android.providers.telephony.MmsSmsProvider uri content://mms-sms/search_suggest_query/m?limit=58 from pid=106, uid=10000 requires android.permission.READ_SMS I have set permission in MmsSmsProvider.java file for read, write sms and global search, but still I get this error. Can anyone help. Regards, Sunil.

    Read the article

  • Weblogic server: Why response sent prior to post completion

    - by markn
    When analyzing traffic with a packet sniffer, we are seeing an http response from a weblogic server prior to the completion of the http post to that server. In this case, the jsp page on the server is basically a static page, no logic to do anything with the contents of the post at this time. But why would the server send the response prior to completion of the post? I found Weblogic documentation about how to configure the server to ignore a denial-of-service attack using Http post. Maybe that is what is happening? No one I know has seen this behaviour before. Maybe some weblogic-savvy person will know what is going on. Thanks

    Read the article

  • SQL Azure Security: DoS Part II

    - by Herve Roggero
    Ah!  When you shoot yourself in the foot... a few times... it hurts! That's what I did on Sunday, to learn more about the behavior of the SQL Azure Denial Of Service prevention feature. This article is a short follow up to my last post on this feature. In this post, I will outline some of the lessons learned that were the result of testing the behavior of SQL Azure from two machines. From the standpoint of SQL Azure, they look like one machine since they are behind a NAT. All logins affected The first thing to note is that all the logins are affected. If you lock yourself out to a specific database, none of the logins will work on that database. In fact the database size becomes "--" in the SQL Azure Portal.   Less than 100 sessions I was able to see 50+ sessions being made in SQL Azure (by looking at sys.dm_exec_sessions) before being locked out. The the DoS feature appears to be triggered in part by the number of open sessions. I could not determine if the lockout is triggered by the speed at which connection requests are made however.   Other Databases Unaffected This was interesting... the DoS feature works at the database level. Other databases were available for me to use.   Just Wait Initially I thought that going through SQL Azure and connecting from there would reset the database and allow me to connect again. Unfortunately this doesn't seem to be the case. You will have to wait. And the more you lock yourself out, the more you will have to wait... The first time the database became available again within 30 seconds or so; the second time within 2-3 minutes and the third time... within 2-3 hours...   Successful Logins The DoS feature appears to engage only for valid logins. If you have a login failure, it doesn't seem to count. I ran a test with over 100 login failures without being locked.

    Read the article

  • TransportWithMessageCredential & Service Bus – Introduction

    - by Michael Stephenson
    Recently we have been working on a project using the Windows Azure Service Bus to expose line of business applications. One of the topics we discussed a lot was around the security aspects of the solution. Most of the samples you see for Windows Azure Service Bus often use the shared secret with the Access Control Service to protect the service bus endpoint but one of the problems we found was that with this scenario any claims resulting from credentials supplied by the client are not passed through to the service listening to the service bus endpoint. As an example of this we originally were hoping that we could give two different clients their own shared secret key and the issuer for each would indicate which client it was. If the claims had flown to the listening service then we could check that the message sent by client one was a type they are allowed to send. Unfortunately this claim isn't flown to the listening service so we were unable to implement this scenario. We had also seen samples that talk about changing the relayClientAuthenticationType attribute would allow you to authenticate the client within the service itself rather than with ACS. While this was interesting it wasn't exactly what we wanted. By removing the step where access to the Relay endpoint is protected by authentication against ACS it means that anyone could send messages via the service bus to the on-premise listening service which would then authenticate clients. In our scenario we certainly didn't want to allow clients to skip the ACS authentication step because this could open up two attack opportunities for an attacker. The first of these would allow an attacker to send messages through to our on-premise servers and potentially cause a denial of service situation. The second case would be with the same kind of attack by running lots of messages through service bus which were then rejected the attacker would be causing us to incur charges per message on our Windows Azure account. The correct way to implement our desired scenario is to combine one of the common options for authenticating against ACS so the service bus endpoint cannot be accessed by an unauthenticated caller with the normal WCF security features using the TransportWithMessageCredential security option. Looking around I could not find any guidance on how to implement this correctly so on the back of setting this up I decided to write a couple of articles to walk through a couple of the common scenarios you may be interested in. These are available on the following links: Walkthrough - Combining shared secret and username token Walkthrough – Combining shared secret and certificates

    Read the article

  • Router slowing my connection?

    - by Roberto
    I have a Linksys WRT54G and I pay for a 12Mbps connection. I've been testing my connection using speedtest.net for many days and always get 8Mbps. I called the support and they told me to bypass the router and test. I did it and got 16Mbps (much more than I pay for), so I thought "this guy just changed my speed so can he blame my router", and he blamed it. But to my surprise, everytime I bypass the router I get 16Mbps and when I use the router I get 8Mbps. Is this guy trolling me somehow (configuring the VOIP-modem-stuff to different profiles depending o the MAC address connecting to it) or is my router a POS? How can I find out? I don't know what's the thing the router connects to, it's a kind of VOIP adapter; the link is this one, but unfortunately I don't think you'll understand because it's in Portuguese. I know they can remotely connect to it, that's the origin of my conspiracy theory :) I just tested wired to the router and got 10Mbps (and still 8Mbps on wifi and 16Mbps without router) O_o I'm 5cm away from my router, so no obstacles to interfere, right? ------ UPDATE ------- It's a WRT54G V8, I'm using firmware v8.00.7 (will install 8.00.8 tomorrow, but I saw that it's only a minor fix to UPnP denial of service security vulnerability). Results: IPerf LAN-LAN: 80Mbps IPerf LAN-WLAN: 19Mbps (therefore we can ignore wireless issues/settings) I wasn't able to make the (W)LAN-WAN NAT-enabled test with IPerf, I get a connection refused error. I'm not sure if did it right: ran in server mode, configured router to forward that port to my IP and tried to connect to my internet IP that got from this site. I don't think there is a way to disable NAT using this firmware. Question: Let's suppose it's an underpowered hardware issue. Is it right to assume that custom firmwares could resolve the issue because they are possibly better implemented and would make better use of the router resources? I couldn't find any references pointing to wired performance improvements with the use of custom firmware.

    Read the article

  • (13) Permission denied on Apache CGI attempt

    - by ncv
    I have recently upgraded my Apache2 server, and am now unable to run a CGI app. My logs are showing (13) Permission denied unable to connect to cgi deamon after multiple tries I understand that the error message means Apache is being denied some permission to some file, and I'm stumped as to how to track down and solve the problem. Is the file mentioned in the error message truly the blocked file? Or might the problem be caused by some other needed file? The .cgi file is right where it has always been, under /usr/share. The file ownership (root) and permissions (world readable/executable) are the same as they have always been for the file and its ancestors. The SELinux file labels are unchanged. The SELinux audit log shows no denial associated with Apache nor the CGI program. In case of a donotaudit condition, I enabled audit, but still saw nothing. I switched SELinux into permissive mode briefly, to no avail. I even tried restarting Apache while in permissive mode. This did not solve the problem. Any suggestions on how to solve this problem? I'm tempted to just revert to the older Apache.

    Read the article

  • IIS WebServer CreatesNew file: OwnerShip?

    - by Beaud.
    IIS is configured for Integrated Windows Authentication. web.config is configured as follows: <authentication mode="Windows" /> <identity impersonate="true" /> We are Load balancing between \webserver1 and \webserver2. Windows Server 2003 \\webserverX creates a XML file to \\share1 and access is denied. We got pass through access denial by allowing Everyon to access the share... We would like to have the impersonated user to be the owner of the created file. Instead, \\webserver1's computer account is the owner. How can we make sure that the impersonated user has ownership of the file at creation time? PROGRESSION: I decided to create the file locally on \\webserver1's root directory. File's ownership is NETWORK SERVICES even if impersonate="true". I'm unable to change ownership of the file in C# code. Why when creating a file, IIS won't use the impersonated user's write permissions? If it actually does, what I am doing wrong?

    Read the article

  • Exchange 2007 with Android activesync

    - by lbanz
    A few of our users noticed that it will stop working intermittently for them. I didn't believe it at first until I changed my android phone and it started occuring for me. It will just stop syncing completely, it looks like the server is blocking the device completely. This mainly occurs when they are using the wifi. I've done some testing. If I switch off the wifi and use the phone data plan it will work fine. When it's on the wifi network, I try and browse to the webmail/owa page and it says page not found! I did a dns lookup and they resolve correctly. If I use another device on the same wifi network, it can access the exchange servers fine. Sometimes the wifi network will just work without any issues. But when it fails, it looks like the phone constantly checks the server every second to see if it is online even though I've got it on manual sync. I was wondering whether it tries to sync too many times and exchange thinks its a denial service attack. My old android phone that works is Froyo and the new one is Icecream. People who have reported issues seems to be newer phones. They also tested their own wifi network at home and experience the same problem. We haven't patch our exchange recently before seeing this problem. Anyone has seen this issue?

    Read the article

  • Intermittent 403 errors when using allow to limit access to url with both explicit IP and SetEnvIf

    - by rbieber
    We are running Apache 2.2.22 on a Solaris 10 environment. We have a specific URL that we want to limit access to by IP. We recently implemented a CDN and now have the added complexity that the IP's that a request are shown to be coming from are actually the CDN servers and not the ultimate end user. In the case that we need to back the CDN out, we want to handle the case where either the CDN is forwarding the request, or the ultimate client is sending the request directly. The CDN sends the end user IP address in an HTTP header (for this scenario that header is called "User-IP"). Here is the configuration that we have put in place: SetEnvIf User-IP (\d+\.\d+\.\d+\.\d+) REAL_USER_IP=$1 SetEnvIf REAL_USER_IP "(10\.1\.2\.3|192\.168\..+)" access_allowed=1 <Location /uri/> Order deny,allow Allow from 10.1.2.3 192.168. allow from env=access_allowed Deny from all </Location> This seems to work fine for a time, however at some point the web server starts serving 403 errors to the end user - so for some reason it is restricting access. The odd thing is that a bounce of the web server seems to resolve the issue, but only for a time - then the behavior comes back. It might be worthwhile to note as well that this URL is delegated to a JBoss server via mod_jk. The denial of access is, however; confirmed to be at the Apache layer and the issue only seems to happen after the server has been running for some time.

    Read the article

  • SQL Sentry Truth-Telling and Disk Configuration

    - by AjarnMark
    Recently, SQL Sentry told me something about my SQL Server disk configurations that I just didn’t want to believe, but alas, it was true. Several days ago I posted my First Impressions of the SQL Sentry Power Suite.  Today’s post could fall into the category of, “Hey, as long as you have that fancy tool…”  Unfortunately, it also falls into the category of an overloaded worker taking someone else’s word for the truth, not verifying it with independent fact-checking, and then making decisions based on that.  Here’s my story… I’m not exactly an Accidental DBA (or Involuntary DBA as Paul Randal calls it).  I came to this company five years ago as a lead application developer with extensive experience in database design and development.  I worked my way into management, and along the way, took over the DBA responsibilities.  Fortunately, our systems run pretty smoothly most of the time, but I’m always looking for ways to make them better and to fit into my understanding of best practices.  When I took over as DBA, I inherited a SQL 2000 server with about 30 databases on it supporting our main systems, and a SQL 2005 server with multiple instances.  Both of these servers were configured with the Operating System and Application files on the C drive, data files on a different drive letter, and log files on a third drive letter.  Even before I took over as DBA, I verified that this was true with a previous server administrator, and that these represented actual separate disks.  He stated that they did, and I thought that all was well. Then one day, I’m poking around inside the SQL Sentry Performance Advisor, checking out features as I am evaluating whether to purchase the product, and I come across a Disk Configuration section.  The first thing I notice is that the drives do not have the proper partition offset, which was not at all surprising to me given the age of the installation and the relative newness of that topic.  But what threw me for a loop was that the graphic display appeared to be telling me that I did not in fact have three separate drives (or arrays) but rather had two, and that the log files were merely on a separate volume on the same physical array as the OS.  I figured that I must be reading it wrong so I scanned the Help file, but that just seemed to confirm my interpretation.  Then I thought, “there must be something wrong with the demo version of the software!  This can’t be right!”  But just to double-check, I went to our current server admin to talk it over with him, and sure enough, SQL Sentry was telling the truth! I was stunned!  I quickly went through the grieving process…denial…anger…reconciliation.  Here was something that I thought was such a basic truth that was turned upside down.  OK, granted, this wasn’t disastrous.  Our databases didn’t suddenly grind to a halt.  I didn’t get calls late at night inquiring about the sudden downturn in performance.  But it was a bit of a shock to the system, in a good way, to jolt me out of taking what I had believed as the truth for granted, and instead to Trust, but Verify! Yes, before someone else points it out, I know that there are”free” disk management tools built-in to Windows that would have told me the same thing if I had only looked at them; I did not have to buy a fancy tool to tell me that, but the fact is, until I was evaluating the tool, I had just gone with what I was told, and never bothered to check what was actually there. So, what things do you believe to be true but you actually never verified?

    Read the article

  • Have you ever wondered...?

    - by diana.gray
    I've often wondered why folks do the same thing over and over. For some of us, it's because we "don't get it" and there's an abundance of TV talk shows that will help us analyze the why of it. Dr. Phil is all too eager to ask "...and how's that working for you?". But I'm not referring to being stuck in a destructive pattern or denial. I'm really talking about doing something over and over because you have found a joy, a comfort, a boost of energy from an activity or event. For example, how many times have I planted bulbs in November or December only to be amazed by their reach, colors, and fragrance in early spring? Or baked fresh cookies and allowed the aroma to fill the house? Or kissed a sleeping baby held gently in my arms and being reminded of how tiny and fragile we all are. I've often wondered why it is that I get so much out of something I've done so many times. I think it's because I've changed. The activity may be the same but in the preceding days, months and years I've had new experiences, challenges, joys and sorrows that have shaped me. I'm different. The same is true about attending the Professional Businesswomen of California (PBWC) conference. Although the conference is an annual event held at San Francisco's Moscone Center, I still enjoy being with 3,000 other women like me. Yes, we work at different companies and in different industries, have different lifestyles and are at different stages in our professional careers and personal lives; but we are all alike in that we bring the NEW me each year that we attend. This year I can cheer when Safra Catz, President of Oracle, encourages us to trust our intuition; that "if something doesn't make sense, it doesn't make sense". And I can warmly introduce myself to Lisa Askins, Cheryl Melching's business partner at Center Stage Group, when I would have been too intimated to do so last year. This year I can commit to new challenges such as "no whining, no excuses and no gossip" as suggested by Roxanne Emmerich, a goal that I would have wavered on last year. I can also embrace the suggestion given by Dr. Ian Smith to "spend one hour each day" on me - giving myself time to rejuvenate. A friend, when asked if she was attending PBWC this year, said "I've attended the conference several times and there's nothing new!" My perspective is that WE are what makes PBWC's annual conference new. We are far different in 2010 than we were in 2009. We are learning, growing, developing and shedding and that's what makes the conference fresh, vibrant, rewarding, and lasting. It is the diversity of women coming together that makes it new. By sharing our experiences, we discover. By meeting with one another professionally and personally, we connect. And by applying the wisdom learned, we shine. We are reNEW-ed. It shows in our fresh ideas, confident interactions, strategic decisions and successful businesses. This refreshed approach is what our companies want and need, our families depend on, our communities and nation look to for creative solutions to pressing concerns. Thanks Oracle for your continued support and thanks PBWC for providing an annual day to be reNEW-ed.

    Read the article

  • Is Appcelerator Titanium now banned on the iPhone?

    - by altuzar
    This question has been answered quite clearly for MonoTouch here: http://stackoverflow.com/questions/2604033/is-monotouch-now-banned-on-the-iphone But what about Appcelerator Titanium? The new TOS from Apple and their iPhone 4 OS: 3.3.1 — Applications may only use Documented APIs in the manner prescribed by Apple and must not use or call any private APIs. Applications must be originally written in Objective-C, C, C++, or JavaScript as executed by the iPhone OS WebKit engine, and only code written in C, C++, and Objective-C may compile and directly link against the Documented APIs (e.g., Applications that link to Documented APIs through an intermediary translation or compatibility layer or tool are prohibited). Titanium uses JavaScript but is not executed be the iPhone OS WebKit engine directly. In their Developer blog, Jeff Haynie says Titanium is on the clear, but I don't know if they are in denial. It’s our belief that we are fully in compliance with iPhone OS 4.0 ToS as we interpret them. I haven't found any official word by Apple, only opinions. And I'm quite confussed. I'm not writing another line of code for my App until... you know.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1 2 3 4 5 6 7  | Next Page >