Search Results

Search found 22139 results on 886 pages for 'security testing'.

Page 565/886 | < Previous Page | 561 562 563 564 565 566 567 568 569 570 571 572 | Next Page >

OS Isolation: Virtualization or Dual-Boot Duplication, a General How To?

- by Mr_CryptoPrime

I want to isolate my windows 7 operating system and I have looked into virtualization. This should work with Linux, however, I do want to still have a way to run windows 7 securely, but without significant performance loss, thus eliminating virtualization for that. I know that you can dual boot because I currently do so with my XP/Linux system. Is there a way that I can duplicate my windows 7 system so I can select one at bootup? This way I can ensure that each OS is isolated and not worry about performance loss. However, I am having a lot of trouble finding a solid method for OS duplication?! Is this even possible or must I buy two versions of win7 and somehow install them separately? Any information regarding this would be helpful, thanks! Essentially I want, Two instances of win7 (not necessarily simultaneously running) Each are isolated from one another so that a security breach in one doesn't affect the other. There is no performance loss in either from doing so

Read the article
how to design LAN connectivity between private and corporate ?

- by maruti

there is a bunch of servers connected to shared storage in a private LAN (10.x.x.x). this privateLAN is managed by a windows server (DHCP, DNS and directory services). how can these hosts be accessed from outside of this privateLAN? Eg. Remote desktop. can the NIC2 on each of the hosts be connected to the other public LAN (compromising speed or security? what are improtant considerations: additional hardware? like switches? routing&DNS software?

Read the article
Question about server usage, big community platform [closed]

- by Json

Possible Duplicate: How do you do Load Testing and Capacity Planning for Web Sites I’m working on a community platform writen in PHP, MySQL. I have some questions about the server usage maybe someone can help me out. The community is based on JQuery with many ajax requests to update content. It makes 5 - 10 AJAX(Json, GET, POST) requests every 5 seconds, the requests fetch user data like user notifications and messages by doing mySQL queries. I wonder how a server will handle this when there are for more than 5000 users online. Then it will be 50.000 requests every 5 seconds, what kind of server you need to handle this? Or maybe even more, when there are 15.000 users online, 150.000 requests every 5 seconds. My webserver have the following specs. Xeon Quad 2048MB 5000GB traffic Will it be good enough, and for how many users? Anyone can help me out or know where to find such information, like make a calculation?

Read the article
Remotely enter encryption key?

- by Jason Swett

This might be a really dumb question but here goes, anyway. I just bought a couple servers. I already installed Ubuntu with encrypted LVM on one and I'm planning on doing the same with the other. This means that every time I boot up each of these machines, I have to enter the passphrase. And I'll have to do this every morning because I'll power each machine off each night for security reasons. Here's the problem: I don't have monitors or keyboards for these servers. It seems to me I have two options: Somehow enter the passphrase remotely Buy a KVM switch I doubt #1 is an option but I want to make sure it's not before I buy a KVM. Is it possible to enter the passphrase remotely? AND is it a good idea?

Read the article
Putting two physical hard drives in a single 2.5" bay?

- by dgw

My crazy brain came up with this ridiculous idea. "Why can't I have a single 2.5" drive device that actually contains two independent hard drives? I want RAID 1 data mirroring and the security of having redundant drives. This is a thing that must exist!" To be clear, I am not asking if I can somehow shoehorn two 2.5" drives into a single bay, replace an optical drive with an additional HDD, or anything like that. What I have in mind is a single 2.5"-form-factor device that houses two independent hard drives, with separate housings (likely) and distinct controllers. Probably all they'd need to share is the power & SATA connections. Probably no such thing exists, but because I know there exist hard drives the physical size of a stack of postage stamps (roughly), I have to ask.

Read the article
Everything You Ever Wanted to Know about Mod_Rewrite Rules but Were Afraid to Ask?

- by Kyle Brandt

How can I become an expert at writing mod_rewrite rules? What is the fundamental format and structure of mod_rewrite rules? What form/flavor of regular expressions do I need to have a solid grasp of? What are the most common mistakes/pitfalls when writing rewrite rules? What is a good method for testing and verifying mod_rewrite rules? Are there SEO or performance implications of mod_rewrite rules I should be aware of? Are there common situations where mod_rewrite might seem like the right tool for the job but isn't? What are some common examples?

Read the article
Prevent applications from being run as administrator

- by Unsigned

Background Most installation toolkits have the ability to launch, automatically or otherwise, external programs after installation. This is often appears in the installer via such options as "Show readme", or "Start program". Issue The problem is, many of these installers are poorly coded, and do not drop permissions appropriately, for example, opening the application's homepage in the browser... launching the browser with the installer's Administrative privileges, or a "High" UAC integrity level. This has the potential to open up security breaches, by opening up a webpage (and possibly browser addons), that are now running with elevated permissions. Question The question is: Is there a way to prevent certain applications (such as a web browser) from ever being launched with Administrative privileges, i.e., an automatic drop-privilege?

Read the article
Prevent specific applications from being run as administrator

- by Unsigned

Background Most installation toolkits have the ability to launch, automatically or otherwise, external programs after installation. This is often appears in the installer via such options as "Show readme", or "Start program". Issue The problem is, many of these installers are poorly coded, and do not drop permissions appropriately. For example, starting the application automatically, or opening the application's homepage in the browser, often results in launching the application or browser with the installer's Administrative privileges, or a "High" UAC integrity level! This has the potential to open up security breaches, by opening up the installed application, or a web page (and possibly browser add-ons), that are now running with elevated permissions. (This is the reason I strongly recommend never choosing auto-launch options when installing software.) Question The question is: Is there a way to prevent certain applications (such as a web browser) from ever being launched with Administrative privileges, i.e., an automatic drop-privilege?

Read the article
Cursor and selection invisible if focus is lost

- by Alois Mahdal

"Latest" versions of Excel (I think it's since 2007) have a new added "feature" that if Excel windows loses focus, the cursor becomes invisible. Also coloring of headers is default, so it's impossible to locate cursor and/or selection as soon as I switch to other window. This annoys the hell out of me as it makes Excel almost unusable for most of tasks I need it for: keeping track of test cases while performing testing in another window. obtaining data somewhere else and porting it to Excel (I have never seen such behavior in other applications and can't even think of a justification for it.) Is is possible to turn this behavior off?

Read the article
How can I exclude a file in a folder from basic auth (regex help)?

- by simon180

Hi I have a folder on my site which contains admin files and I've added basic auth following a little unwanted attention. This works fine however a couple of the admin functions won't work through basic auth as they handle file uploads and so I want to exclude these files from the auth. It shouldn't have any security implications as any rogue user wouldn't be able to access the pages that could create a session to use these functions. I am using the following basic code to exclude a file: <FilesMatch "(index.php\/myadminfolder\/myurl\/myaction/someotherstuff?)$"> Satisfy Any Order allow,deny Allow from all Deny from none </FilesMatch> The URL exclusion is not working. The URL to exclude is in the form: index.php/directory/subdirectory/action/uniqueid/blah What is the correct URL string to add to FilesMatch to exclude any files that start with the pattern of index.php/directory/subdirectory/action - regardless of what comes after action? Thanks Simon

Read the article
Isolated Network Set-Up

- by Isaac Kleinman

I am looking to set up a small network for a client which would be isolated from his primary network. (I'm hoping to set-up the additional network as VMs on the primary network.) I've instructed the client to request a bunch of static ip addresses from his ISP, but I'm not sure how to proceed with setting this up. What hardware will I need and how do I go about the configuration? Heavy security is not my concern. All that's really required is that web requests from the two networks be presented to the outside world with different ip addresses.

Read the article
Origin of display connector numbers in XServer (e.g. HDMI1, HDMI2, DP1)

- by Andreas N

a custom mainboard has a DVI and a DisplayPort connector on the board. Currently, everything that is connected at DVI will be named "HDMI2" in XServer. I can see that by calling the "xrandr" tool (in Ubuntu Trusty Tahr). A display connected to the DP connector will be named "DP1" or "HDMI1", if I use a DP-to-DVI adapter. We are now testing a slightly upgraded board version, which has a newer CPU (Intel J1800, Baytrail) among other things and the position of the DVI and DP connectors are switched. Also, everything at the DVI port is called "HDMI1" and something connected to the DP port gets "DP2" or "HDMI2". Q: What causes these numbers to be produced in this manner and where (probably in the kernel) is it happening? I suspect the cause to be hardware related. Specifically, at which CPU pins the connector pins are routed and attached to. Q: Would it be possible to influence this numbering scheme in order to retain the previous numbering behaviour?

Read the article
How to setup a fake SMTP server to catch all mails?

- by Richo

I'm looking for an smtp service that essentially obeys the RFC, except rather than sending mail it simply logs to a file [date] sent mail to <address> Or whatever. I can bash this together with the bare minimum of functionality I need in python in about half an hour I reckon but if there's an existing project that works better I'd rather use that. The reason for needing it is debugging an app that keeps sending 7* the amount of mail it's supposed to. Slightly offtopic, but if there isn't already such a project, and I write it, is this something other people would use? If I publish the source will it get used? EDIT: And already asked: http://stackoverflow.com/questions/1006650/dummy-smtp-server-for-testing-apps-that-send-email

Read the article
Is there any IP which refers to the internet?

- by victorferreira

Hello, guys, good morning. 127.0.0.1 is the local IP, isnt it? Is there a IP that I can use in order to refer to the any user in the internet? The thing is: i want to block a specific file to be accessed by the internet using IIS6. but i doesnt show me a clear way to do this. But i can define some security rules, for example: give IP restrictions for some file. So, i can deny for everybody (using that IP i am asking about) and allow for the internal IP. any suggestions?

Read the article
Backup restore issue

- by rrahman_bd

I have a windows server 2008 with exchange database full backup. Now for testing purpose i want to restore that full server to a VM. I have copied the whole backup to VM01 and took it to Private Network. And now i want to take backup from VM01 and restore it to VM02. Both are at private network. I was able to find VM02 test backup by searching in VM1. But the copyed restore file is not showing in the window !!! Is there any policy so that i can not restore except from the original location?

Read the article
Tomcat Failed to start

- by user71538

I have installed Tomcat on windows XP through the Tomcat installer. I have installed JDK 1.6. But when I start Tomacat from services.msi on XP, I get the following error: java.lang.ClassNotFoundException: org.apache.catalina.core.AprLifecycleListener at java.net.URLClassLoader$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(Unknown Source) at sun.misc.Launcher$ExtClassLoader.findClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at org.apache.commons.digester.ObjectCreateRule.begin(ObjectCreateRule.java:204) at org.apache.commons.digester.Rule.begin(Rule.java:152) at org.apache.commons.digester.Digester.startElement(Digester.java:1286) at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.startElement(Unknown Source) at com.sun.org.apache.xerces.internal.parsers.AbstractXMLDocumentParser.emptyElement(Unknown Source) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanStartElement(Unknown Source) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(Unknown Source) at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(Unknown Source)

Read the article
"Access is denied" when copying text file to printer UNC path

- by Patrick

We have a new server running Server 2008 R2. We also have a "DOS-based" program that prints directly to the UNC path of a print share. With the new server, we are unable to print from this program. According to support, the program's printing works in the same way as if we were to do a "copy mytextfile.txt \\myserver\myprinter". When we try to run this command in DOS, we get "Access is denied". Support is saying that this is why the DOS program is not able to print. I have tried granting all permissions on the printer to the appropriate users (under Security of the printer properties) but that did not work. Is there a policy setting that would cause this to be denied?

Read the article
Using Dropbox API instead of a FTP server for backing up DB/Source in your application.

- by Somebody still uses you MS-DOS

This is a small aplication scenario. Usually, when you have to do some backups of source code/database on your server, you use a second ftp server, a cronjob to tar.gz your db dumps and source files, and send this file to your ftp server from your application server. Dropbox created an API to use it's infrastrucutre. Since they provide 2gb for free accounts, I thought about being able to upload to it instead of a ftp server. So, if you do some freelance work, you can create a free account for each client and use this approach, maybe encrypting the files you send. You even gain a revision for each sent file, like a revison control system, for free, from the last 30 days. What do you think of this approach? Is it possible? And, more importantly: what are the security risks involved? (That's why I'm asking this on serverfault, since this POV from sysadmins will be more accurate). Thanks!

Read the article
How to removeTrojan PB [duplicate]

- by user266901

This question already has an answer here: How do I get rid of malicious spyware, malware, viruses or rootkits from my PC? 15 answers How to remove trojan PB from windows 7 system? previously i had installed Norton 360 antivirus. the subscription was expired two months back. Recently i have purchased quick heal total security. while installing quick heal antivirus i get the message 'system infected by Trojan PB' Their is an option to remove Trojan PB by restarting computer. However the infection does not get removed. Please advice for removal of Trojan PB

Read the article
Log off as local "administrator" user, get blank login screen

- by Force Flow

I have an imaged lab environment running Windows 7 and attached to a domain. The local Administrator account is enabled for certain maintenance and prep tasks. Every time I logoff from the local Administrator account, it brings me back to the standard Ctrl+Alt+Del login screen. When I press that combination, all the user controls vanish except for the accessibility button down in the left hand corner. The only way I can seem to escape from this is to tap the power button to initiate a shutdown. Windows is up-to-date, and logging off as any other user operates normally. The "hide last user" local security policy option is enabled. Has anyone seen this phenomenon before and how can I stop this from happening?

Read the article
Cannot login SQL Server after changing machine name

- by Ucodia

After installing and setting up new machines in a domain, we decided to rename one of them which had a SQL Server instance installed. So I changed the hostname, everything went fine regarding the domain but now, the server is logging a approximatively 2 SQL Server errors every 5 minutes and I cannot connect to the instance localy or from anywhere within the domain. Here is the error from the event log: SSPI handshake failed with error code 0x8009030c, state 14 while establishing a connection with integrated security; the connection has been closed. Reason: AcceptSecurityContext failed. The Windows error code indicates the cause of failure. The logon attempt failed [CLIENT: x.x.x.x] Concerning the instance, everything is started and restarted without any extra error.

Read the article
IIS asks for login/pass when accessed using hostname but not when ‘localhost’ is used. Why?

- by sb

Hi All, I have setup IIS on my xp machine and have setup a default homepage (that comes with the IIS installed). It is a help page I think. when I access the page with http : // localhost it works fine (IE/Chrome or FF) but when I access it using http://hostname it prompts for a loging/password and works when I enter my domain id and password on the intranet. I have ensured that "anonymous access" is enabled in the properties window of the default site and "websites" node. I searched stack overflow for similar queries but some indicate I need to change the IE/FF settings to allow "integrated security" etc and some suggest to look at the "log file". I don't want to change the IE setting and there is nothing unusual in the log file of the IIS Server. Can anybody help me figure out why this is happening? thank you sb

Read the article
Launching multiple applications with a single command/script/shortcut

- by Bill

I realized a few days ago that every time I sit down at work, I do a few things after unlocking my computer. First, I open up Firefox, then I open up Chrome, then I log in to Digsby. I realized I could probably save repeating this daily by writing a small batch script to open up Firefox and Chrome , but I couldn't figure out how to make it work.. and since the whole effort is to save time I don't want to bash my head around in the windows command prompt to do it. I also tired this in powershell but ran in to a bunch of security nonsense. Is there a way to do this that I am missing? Bonus points if somebody has figured out how to manipulate Digsby via COM , scripting, or python =)

Read the article
Provide credentials to process in a safe manner

- by Erik Aigner

On system startup I need to launch a process which requires credentials for other services (database etc.) to interact. I obviously don't want to store those on disk for security reasons. I'm trying to think of a way to provide those credentials to the process on launch - and on launch only. After that they should be only available to the process. Is this possible somehow? The bottom line is to make it as hard as possible for an intruder to get to those credentials.

Read the article
Ubuntu server 9.10 freezes up after ~10 minutes - unconventional

- by L33tCh

There is a topic by essentially the same name, but my answer leads to another question which I would like answered so... My case is as follows: I connect through SSH to my server... no problems for many months on Ubuntu Server 9.04. Eventually I decided to updgrade and straight away I get the 10 minutes freeze problem. I went through all the possible fixes (many can be found here but my quick fix, the only that worked, leaves me with no real answer as to why and how to properly correct it... As ridiculous as it sounds... while I leave a keyboard plugged in... it runs without flaw. Can anyone make sense of this? For the sake of completeness, (although none of the following made any difference upon subsequent completion), some of the permanent changes I have made while trying to correct the issue are: replacing samba config file with 9.04 backup, booting with noapic and modifying sysctl.conf, just uncommenting additional settings for enhanced security.

Read the article

< Previous Page | 561 562 563 564 565 566 567 568 569 570 571 572 | Next Page >