Search Results

Search found 320 results on 13 pages for 'unauthorized'.

Page 5/13 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Is it possible to set Windows Authentication on a subfolder of a site having only anonymous authenti

    - by Lieven Cardoen
    If I try to do that, I get following error: HTTP Error 401.2 - Unauthorized You are not authorized to view this page due to invalid authentication headers. Module IIS Web Core Notification AuthenticateRequest Handler PageHandlerFactory-Integrated Error Code 0x80070005 If I convert the subfolder to an application, it does work, but is it possible without converting it to an appliation? If you deploy such a site, will this subfolder automatically be an appliation or is this information kept in IIS7?

    Read the article

  • ibm t61 battery isn't charged

    - by treber
    I've just bought IBM T61 laptop and it has non-orginal battery. Everything was ok (laptop worked without being plugged), but something has changed, and now battery isn't charged. Power Manager says: "This system may not support batteries that are not genuine Lenovo-made or authorized. This sytem will contunue to boot, but may not charge unauthorized batteries" (screen: http://i52.tinypic.com/2ywhdns.png) I have no idea, what to do, how to solve this problem. Thank's for help.

    Read the article

  • Best tool for Analyzing IIS 7 SMTP Logs

    - by EfficionDave
    We're using IIS 7's SMTP service for sending out emails from our sites. I'm looking for a SMTP Log analyzer to make it easier for me to view the results and identify and problems (Blocks, Unauthorized relay attempts, blacklisting, ...). What is the best tool to use for this?

    Read the article

  • HP LaserJet 4250 Printer Networking Problems

    - by MHrappstead
    We've been trying to assign a static IP address to an HP LaserJet 4250 Printer. When we click on the networking tab it asks for a username and password, however it says the admin user is Unauthorized. We've tried IE 8, Firefox, and Chrome and have even updated the firmware to the latest version.

    Read the article

  • MS Powerpoint 2007

    - by Nathan
    I am using MS Powerpoint 2007 for a Training Presentation with links to other files and objects on slides that can be moved around for demonstration purposes. How can I deploy the Training Presentation and prevent saving unauthorized changes??

    Read the article

  • What should I do about this user?

    - by Tim Brigham
    What should I do about this user? The user is: Downloading pornography Attempting unauthorized access Running hacking software Sending unsolicited email Installing software / tampering with the system etc This is intended as a generic answer for employee behavioral problems, a la Can you help me with my software licensing question? I could see where acceptable use issues are a touch out of scope for SF, however it is one of those things most sysadmins will run into. I don't want to keep rewriting similar answers.

    Read the article

  • Sharing www folder breaks IIS sites

    - by SixfootJames
    I would like to share my www folder on my local machine with others in my office but when I do this and try navigate back to my localhost sites, I get the error HTTP Error 401.3 - Unauthorized. Now I have done a search already and found this http://forums.iis.net/t/1048841.aspx but it's a bit too technical for my skill level and was hoping someone here might be able to give me an easier way to understand this?

    Read the article

  • Leaks on Wikis: "Corporations...You're Next!" Oracle Desktop Virtualization Can Help.

    - by adam.hawley
    Between all the press coverage on the unauthorized release of 251,287 diplomatic documents and on previous extensive releases of classified documents on the events in Iraq and Afghanistan, one could be forgiven for thinking massive leaks are really an issue for governments, but it is not: It is an issue for corporations as well. In fact, corporations are apparently set to be the next big target for things like Wikileaks. Just the threat of such a release against one corporation recently caused the price of their stock to drop 3% after the leak organization claimed to have 5GB of information from inside the company, with the implication that it might be damaging or embarrassing information. At the moment of this blog anyway, we don't know yet if that is true or how they got the information but how did the diplomatic cable leak happen? For the diplomatic cables, according to press reports, a private in the military, with some appropriate level of security clearance (that is, he apparently had the correct level of security clearance to be accessing the information...he reportedly didn't "hack" his way through anything to get to the documents which might have raised some red flags...), is accused of accessing the material and copying it onto a writeable CD labeled "Lady Gaga" and walking out the door with it. Upload and... Done. In the same article, the accused is quoted as saying "Information should be free. It belongs in the public domain." Now think about all the confidential information in your company or non-profit... from credit card information, to phone records, to customer or donor lists, to corporate strategy documents, product cost information, etc, etc.... And then think about that last quote above from what was a very junior level person in the organization...still feeling comfortable with your ability to control all your information? So what can you do to guard against these types of breaches where there is no outsider (or even insider) intrusion to detect per se, but rather someone with malicious intent is physically walking out the door with data that they are otherwise allowed to access in their daily work? A major first step it to make it physically, logistically much harder to walk away with the information. If the user with malicious intent has no way to copy to removable or moble media (USB sticks, thumb drives, CDs, DVDs, memory cards, or even laptop disk drives) then, as a practical matter it is much more difficult to physically move the information outside the firewall. But how can you control access tightly and reliably and still keep your hundreds or even thousands of users productive in their daily job? Oracle Desktop Virtualization products can help.Oracle's comprehensive suite of desktop virtualization and access products allow your applications and, most importantly, the related data, to stay in the (highly secured) data center while still allowing secure access from just about anywhere your users need to be to be productive.  Users can securely access all the data they need to do their job, whether from work, from home, or on the road and in the field, but fully configurable policies set up centrally by privileged administrators allow you to control whether, for instance, they are allowed to print documents or use USB devices or other removable media.  Centrally set policies can also control not only whether they can download to removable devices, but also whether they can upload information (see StuxNet for why that is important...)In fact, by using Sun Ray Client desktop hardware, which does not contain any disk drives, or removable media drives, even theft of the desktop device itself would not make you vulnerable to data loss, unlike a laptop that can be stolen with hundreds of gigabytes of information on its disk drive.  And for extreme security situations, Sun Ray Clients even come standard with the ability to use fibre optic ethernet networking to each client to prevent the possibility of unauthorized monitoring of network traffic.But even without Sun Ray Client hardware, users can leverage Oracle's Secure Global Desktop software or the Oracle Virtual Desktop Client to securely access server-resident applications, desktop sessions, or full desktop virtual machines without persisting any application data on the desktop or laptop being used to access the information.  And, again, even in this context, the Oracle products allow you to control what gets uploaded, downloaded, or printed for example.Another benefit of Oracle's Desktop Virtualization and access products is the ability to rapidly and easily shut off user access centrally through administrative polices if, for example, an employee changes roles or leaves the company and should no longer have access to the information.Oracle's Desktop Virtualization suite of products can help reduce operating expense and increase user productivity, and those are good reasons alone to consider their use.  But the dynamics of today's world dictate that security is one of the top reasons for implementing a virtual desktop architecture in enterprises.For more information on these products, view the webpages on www.oracle.com and the Oracle Technology Network website.

    Read the article

  • Decompilers - Myth or Fact ?

    - by Simon
    Lately I have been thinking of application security and binaries and decompilers. (FYI- Decompilers is just an anti-complier, the purpose is to get the source back from the binary) Is there such thing as "Perfect Decompiler"? or are binaries safe from reverse engineering? (For clarity sake, by "Perfect" I mean the original source files with all the variable names/macros/functions/classes/if possible comments in the respective headers and source files used to get the binary) What are some of the best practices used to prevent reverse engineering of software? Is it a major concern? Also is obfuscation/file permissions the only way to prevent unauthorized hacks on scripts? (call me a script-junky if you should)

    Read the article

  • Different behaviour with windows authentication on IIS7 websites

    - by amaters
    I need to run a website with just windows authentication. Given the following situation: The location of the default website is: c:\inetpub\wwwroot The location of my code is: c:\Sites\WebApp my hostfile is edited so any .local i use points to 127.0.0.1 I have created a new application called 'AppX' underneath the default website and point it to c:\Sites\WebApp. It will use the DefaultappPool. When I switch off anonymous and switch on windows authentication all works well when I go to localhost/AppX/. What i really want is a new website (No need to question why I want this). So I created Website2 and did exact the same creation of the application. Everything is the same; destination, app pool and authentication. Now when I browse to this website web2.local/AppX/ I get the 401.2 - Unauthorized error. What am I missing here?

    Read the article

  • Welcome to www.badapi.net, a REST API with badly-behaved endpoints

    - by Elton Stoneman
    Originally posted on: http://geekswithblogs.net/EltonStoneman/archive/2014/08/14/welcome-to-www.badapi.net-a-rest-api-with-badly-behaved-endpoints.aspxI've had a need in a few projects for a REST API that doesn't behave well - takes a long time to respond, or never responds, returns unexpected status codes etc.That can be very useful for testing that clients cope gracefully with unexpected responses.Till now I've always coded a stub API in the project and run it locally, but I've put a few 'misbehaved' endpoints together and published them at www.badapi.net, and the source is on GitHub here: sixeyed/badapi.net.You can browse to the home page and see the available endpoints. I'll be adding more as I think of them, and I may give the styling of the help pages a bit more thought...As of today's release, the misbehaving endpoints available to you are:GET longrunning?between={between}&and={and} - Waits for a (short) random period before returningGET verylongrunning?between={between}&and={and} -Waits for a (long) random period before returningGET internalservererror    - Returns 500: Internal Server ErrorGET badrequest - Returns 400: BadRequestGET notfound - Returns 404: Not FoundGET unauthorized - Returns 401: UnauthorizedGET forbidden - Returns 403: ForbiddenGET conflict -Returns 409: ConflictGET status/{code}?reason={reason} - Returns the provided status code Go bad.

    Read the article

  • Fetching templates via API. Who provides this service?

    - by Guandalino
    I'm mainly a server side developer. I'm not a designer, even if I understand web layouts, grids, CSS, typography, valid markup, etc. and I'm able to do some graphic work too (almost). It just takes a lot of time and the result is not always beautiful. I know there are tons of website templates sites out there, and I'd like to use their designs as a starting point for my customers' works, giving them the possibility to choose the design they like more. I'd just prefer to show the templates catalog to customers from within my site, fetching templates info (screenshots, description, etc) from a remote server using an API. TemplateMonster.com provides, or provided, such API. But the service responds with "Unauthorized usage". Are there other sites offering this kind of retrieval service?

    Read the article

  • HTG Explains: How Windows 8's Secure Boot Feature Works & What It Means for Linux

    - by Chris Hoffman
    Whether you plan on using Windows 8 or not, everyone buying a PC in the future will end up with the Microsoft-driven Secure Boot feature enabled. Secure Boot prevents “unauthorized” operating systems and software from loading during the startup process. Secure Boot is a feature enabled by UEFI – which replaces the traditional PC BIOS – but Microsoft mandates specific implementations for x86 (Intel) and ARM PCs. Any computer with a Windows 8 logo sticker has Secure Boot enabled. Image Credit: Kiwi Flickr HTG Explains: How Windows 8′s Secure Boot Feature Works & What It Means for Linux Hack Your Kindle for Easy Font Customization HTG Explains: What Is RSS and How Can I Benefit From Using It?

    Read the article

  • IIS Not Accepting Login Credentials

    - by Dale Jay
    I have an ASP.NET web form using Microsoft's boilerplate Active Directory login page, set up exactly as suggested. (See http://msdn.microsoft.com/en-us/library/ms180890%28v=vs.80%29.aspx) Windows Authentication is activated on the "Default Website" and "MyWebsite" levels, and Domain\This.User is given "Allow" access to the site. After entering the valid credentials for This.User on the web form, a popup window appears asking me to enter my credentials yet again. Despite entering valid credentials for This.User (after attempting Domain\This.User and This.User formats), it rejects the credentials and returns an unauthorized user page. Active Directory user This.User is valid, the IP address of the AD server has been verified and SPN's have been set up for the server. Any thoughts as to what may be causing this? I can post code if needed.

    Read the article

  • Computer Networks UNISA - Chap 14 &ndash; Insuring Integrity &amp; Availability

    - by MarkPearl
    After reading this section you should be able to Identify the characteristics of a network that keep data safe from loss or damage Protect an enterprise-wide network from viruses Explain network and system level fault tolerance techniques Discuss issues related to network backup and recovery strategies Describe the components of a useful disaster recovery plan and the options for disaster contingencies What are integrity and availability? Integrity – the soundness of a networks programs, data, services, devices, and connections Availability – How consistently and reliably a file or system can be accessed by authorized personnel A number of phenomena can compromise both integrity and availability including… security breaches natural disasters malicious intruders power flaws human error users etc Although you cannot predict every type of vulnerability, you can take measures to guard against the most damaging events. The following are some guidelines… Allow only network administrators to create or modify NOS and application system users. Monitor the network for unauthorized access or changes Record authorized system changes in a change management system’ Install redundant components Perform regular health checks on the network Check system performance, error logs, and the system log book regularly Keep backups Implement and enforce security and disaster recovery policies These are just some of the basics… Malware Malware refers to any program or piece of code designed to intrude upon or harm a system or its resources. Types of Malware… Boot sector viruses Macro viruses File infector viruses Worms Trojan Horse Network Viruses Bots Malware characteristics Some common characteristics of Malware include… Encryption Stealth Polymorphism Time dependence Malware Protection There are various tools available to protect you from malware called anti-malware software. These monitor your system for indications that a program is performing potential malware operations. A number of techniques are used to detect malware including… Signature Scanning Integrity Checking Monitoring unexpected file changes or virus like behaviours It is important to decide where anti-malware tools will be installed and find a balance between performance and protection. There are several general purpose malware policies that can be implemented to protect your network including… Every compute in an organization should be equipped with malware detection and cleaning software that regularly runs Users should not be allowed to alter or disable the anti-malware software Users should know what to do in case the anti-malware program detects a malware virus Users should be prohibited from installing any unauthorized software on their systems System wide alerts should be issued to network users notifying them if a serious malware virus has been detected. Fault Tolerance Besides guarding against malware, another key factor in maintaining the availability and integrity of data is fault tolerance. Fault tolerance is the ability for a system to continue performing despite an unexpected hardware or software malfunction. Fault tolerance can be realized in varying degrees, the optimal level of fault tolerance for a system depends on how critical its services and files are to productivity. Generally the more fault tolerant the system, the more expensive it is. The following describe some of the areas that need to be considered for fault tolerance. Environment (Temperature and humidity) Power Topology and Connectivity Servers Storage Power Typical power flaws include Surges – a brief increase in voltage due to lightening strikes, solar flares or some idiot at City Power Noise – Fluctuation in voltage levels caused by other devices on the network or electromagnetic interference Brownout – A sag in voltage for just a moment Blackout – A complete power loss The are various alternate power sources to consider including UPS’s and Generators. UPS’s are found in two categories… Standby UPS – provides continuous power when mains goes down (brief period of switching over) Online UPS – is online all the time and the device receives power from the UPS all the time (the UPS is charged continuously) Servers There are various techniques for fault tolerance with servers. Server mirroring is an option where one device or component duplicates the activities of another. It is generally an expensive process. Clustering is a fault tolerance technique that links multiple servers together to appear as a single server. They share processing and storage responsibilities and if one unit in the cluster goes down, another unit can be brought in to replace it. Storage There are various techniques available including the following… RAID Arrays NAS (Storage (Network Attached Storage) SANs (Storage Area Networks) Data Backup A backup is a copy of data or program files created for archiving or safekeeping. Many different options for backups exist with various media including… These vary in cost and speed. Optical Media Tape Backup External Disk Drives Network Backups Backup Strategy After selecting the appropriate tool for performing your servers backup, devise a backup strategy to guide you through performing reliable backups that provide maximum data protection. Questions that should be answered include… What data must be backed up At what time of day or night will the backups occur How will you verify the accuracy of the backups Where and for how long will backup media be stored Who will take responsibility for ensuring that backups occurred How long will you save backups Where will backup and recovery documentation be stored Different backup methods provide varying levels of certainty and corresponding labour cost. There are also different ways to determine which files should be backed up including… Full backup – all data on all servers is copied to storage media Incremental backup – Only data that has changed since the last full or incremental backup is copied to a storage medium Differential backup – Only data that has changed since the last backup is coped to a storage medium Disaster Recovery Disaster recovery is the process of restoring your critical functionality and data after an enterprise wide outage has occurred. A disaster recovery plan is for extreme scenarios (i.e. fire, line fault, etc). A cold site is a place were the computers, devices, and connectivity necessary to rebuild a network exist but they are not appropriately configured. A warm site is a place where the computers, devices, and connectivity necessary to rebuild a network exists with some appropriately configured devices. A hot site is a place where the computers, devices, and connectivity necessary to rebuild a network exists and all are appropriately configured.

    Read the article

  • How can I monitor a website for malicious changes to the files

    - by rossmcm
    I had an occasion recently where our website was compromised - a link farm was added to a couple of the pages on one occasion, and on another occasion, a large and nasty aspx file was put on the server. I won't mention the host's name (Hostway), but I was pretty annoyed that someone was able to do this. No, it wasn't a leaky password - around 10 sites hosted by HW with consecutive IP addresses got trashed. Anyway. What I need is a utility or service (preferably free) that takes a snapshot of my websites contents, and then regularly monitors the files (size and datestamp) for unauthorized changes or additions, and alerts me. I've used web services that monitor one file for changes, but I'm looking for something a bit more aggressive.

    Read the article

  • Kiosk Mode Coding in Chromium

    - by Aaron
    I don't know how easy this would be, since I don't know anything about it, but I need an Ubuntu setup where the machine boots up, displays the login for a few seconds allowing a chance to log in as an admin, and then precedes to automatically log in to a user account which directly opens Chromium (any other browser is acceptable) in a kiosk mode where only the web content is visible, all Chromium keyboard shortcuts are disabled, and all but a select few websites are blocked, redirecting back to the home page after an "Unauthorized web page" warning comes up if the URL constraint is violated. Is it possible to code a kiosk setup like this, or am I asking for too much? If I'm simply uninformed, and there is already much documentation on anything like this, please redirect me to an appropriate page. If you can code or set up something like my description, please reply with step-by-step instructions, and instructions on how to modify the elements of the kiosk mode. Thank you in advance for any help. (Note: I'm currently using Ubuntu 10.04, but any distribution would work.)

    Read the article

  • What sort of security method is this called (if it has a name)?

    - by loosebruce
    I have thought of a way of securing access to an application interacting with another application. Using this method Application 1 - "What is the sum of 1+1?" Application 2 - "3" Application 1 - "Access granted" Is this method used a lot, does it have a classification in the programming world? The advantages for me of using this is that I do not have to spend more effort implementing security keys/certificates. Any unauthorized machine trying to interpret it would give the correct result and identify itself as untrusted. What sort of weaknesses are there to doing this?

    Read the article

  • Transparent Data Encryption

    Transparent Data Encryption is designed to protect data by encrypting the physical files of the database, rather than the data itself. Its main purpose is to prevent unauthorized access to the data by restoring the files to another server. With Transparent Data Encryption in place, this requires the original encryption certificate and master key. It was introduced in the Enterprise edition of SQL Server 2008. John Magnabosco explains fully, and guides you through the process of setting it up....Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

    Read the article

  • Common reasons for the &lsquo;Sys is undefined&rsquo; error in ASP.NET Ajax applications

      In this blog I will try to summarize the most common reasons for getting the famous 'Sys is undefined' error when running an Ajax enabled web site or application (there are almost one milion results on Google for that phrase). Where does it come from? In every Ajax web pages source you will see a code like this: <script type="text/javascript"> //<![CDATA[ Sys.WebForms.PageRequestManager._initialize('ScriptManager1', document.getElementById('form1')); Sys.WebForms.PageRequestManager.getInstance()._updateControls([], [], [], 90); //]]> </script>   This is the initialization script of the ScriptManager. So, if for some reason the Sys namespace is not available when the code executes you get the Sys is undefined error. Here are the most common reasons and solutions for that problem:   1. The error occurs when you have added a control from RadControls for ASP.NET AJAX, but your application is not configured to use ASP.NET AJAX. For example, in VS 2005 you created a new Blank Site instead of a new Ajax-Enabled Web Site and the Sys is undefined message pops up. To fix it you need to follow the steps described at Configuring ASP.NET Ajax article (check the topic called Adding ASP.NET AJAX Configuration Elements to an Existing Web Site) or simply create the Ajax-Enabled Web Site. You can also check my other blog post on the matter: Visual Studio 2008: Where is the new ASP.NET Ajax-Enabled Web Site template?   2. Authentication - as the website denies access to all pages to unauthorized users, access to the Telerik.Web.UI.WebResource.axd handler is unauthorized (this is the default handler of RadScriptManager). This causes the handler to serve the content of the login page instead of the combined scripts, hence the error. To solve it - add a <location> section to the application configuration file to allow access to Telerik.Web.UI.WebResource.axd to all users, like: <configuration> ... <location path="Telerik.Web.UI.WebResource.axd"> <system.web> <authorization> <allow users="*"/> </authorization> </system.web> </location> ... </configuration>   Note that the access to the standard ScriptResource.axd and WebResource.axd is automatically allowed for all users (authenticated and unauthenticated), so if you use the ScriptManager instead of RadScriptManager - you will not face this problem. The authentication problem does not manifest when you disable script combining or use the CDN. Adding the above configuration section will make it work with RadScriptManagers combined script.   3. The IE6 browser fails to load the compressed script. The problem does not appear in any other browser. There is a well known bug in the older versions of IE6 which lose the first 2,048 bytes of data that are sent back from a Web server that uses HTTP compression. Latest versions of RadScriptManager does not compress the output at all if the client is IE6, but in the previous versions you need to manually disable the output compression to prevent the error. So, if you get the Sys is undefined error in IE6 - update to the latest version of RadControls or simply disable the output compression.   4. Requests to the *.axd files returns Error Code 404 - Not Found. This could  be fixed easily: Check in the IIS management console that the .axd extension (the default HTTP handler extension) is allowed:     Also check if the Verify if file exists checkbox is unchecked (click on the Edit button appearing in the previous screenshot to check). More information can be found in our troubleshooting article and from the ASP.NET QA team blog post   5. The virtual directory in IIS is not marked as Web Application. Converting it to Web Application should fix the problem.   6. Check for the <xhtmlConformance mode="Legacy"/> option in your web.config and remove it. It would be rather rare to become a victim of this exact case, but still have it in mind. Scott Guthrie describes it in more details   In the above points I mentioned several times the terms web resources, javascript output, compressed script. If you want to find out more about these please see the Web Resources Demystified series of my friend and colleague Atanas Korchev   I hope that one of the above solutions will help you get rid of the Sys is undefined error.   Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

    Read the article

  • How should a site respond to automated login attempts with phony usernames?

    - by qntmfred
    For the last couple weeks I've been seeing a consistent stream of 15-30 invalid login attempts per hours on my site. Many of them are non-sensical usernames that nobody would ever register for real, and often contain typical spam-related keywords. They all come from different IP addresses so I can't just IP block/throttle the requests. I'm not worried about unauthorized access to real accounts since they aren't using real usernames. And if it were a member of my site trying to brute force logins, they could easily scrape the valid usernames from the site, so I'm not worried about that kind of malicious behavior either. But what's the point of this type of activity? What would whichever bot operator is doing this have to gain by attempting all these logins?

    Read the article

  • How can I monitor a website for malicious changes to the files

    - by user41421
    I had an occasion recently where our website was compromised - a link farm was added to a couple of the pages on one occasion, and on another occasion, a large and nasty aspx file was put on the server. I won't mention the host's name (Hostway), but I was pretty annoyed that someone was able to do this. No, it wasn't a leaky password - around 10 sites hosted by HW with consecutive IP addresses got trashed. Anyway. What I need is a utility or service (preferably free) that takes a snapshot of my websites contents, and then regularly monitors the files (size and datestamp) for unauthorized changes or additions, and alerts me. I've used web services that monitor one file for changes, but I'm looking for something a bit more aggressive.

    Read the article

  • Why is my display name in Ubuntu Software Center some weird set of letters?

    - by Ike
    In USC, after I submit a review, my display name is "Bnxdcty"... a swell name, but where did it come from? I have checked the ubuntu single sign on page, verified my nickname on there, changed it to something else and back again for good measure, but still my reviewer name is somehow still "Bnxdcty". I even unauthorized ubuntu software center and then re-opened it/authorized it to my account. Does this just appear as this to me and others see my correct user nickname? It doesn't bother as much as it confuses me. I just know it will be something stupid that everyone knows but me.

    Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >