Search Results

Search found 2788 results on 112 pages for 'symantec endpoint protect'.

Page 60/112 | < Previous Page | 56 57 58 59 60 61 62 63 64 65 66 67  | Next Page >

• How to mount /tmp in /mnt on EC2?

  - by Claudio Poli

  I was wondering what is the best way to mount the /tmp endpoint in the ephemeral storage /mnt on an EC2 instance and give the ubuntu user default write permissions. Some suggest editing /etc/rc.local this way: mkdir -p /mnt/tmp && mount --bind -o nobootwait /mnt/tmp /tmp However that doesn't work for me (files differs). I tried editing the default fstab entry: /dev/xvdb /mnt auto defaults,nobootwait,comment=cloudconfig 0 2 replacing /mnt with /tmp and and giving it a umask=0777, however it doesn't work because of cloudconfig. I'm using Ubuntu 12.04. Thanks.

  Read the article

• Sophos Enterprise Console 4.5, Mac Client 7 Not Auto-Populating SEC Info

  - by user65712

  I have Sophos Endpoint Security and Control, which includes Sophos Enterprise Console (SEC). I'm currently running version 4.5 of SEC, which is an older version. I subscribe to Mac updates, and SEC generates a binary Mac installer for me to use on Mac endpoints (Version 7 for Mac, also an older version). However, when I run the installer on Mac endpoints, it installs fine but then never auto-fills out the location of the update server, which is on a network share, and the account credentials used to access it, which I do not know and were generated by Sophos automatically. Previously, I had been able to use the SEC-generated installer to install and run Sophos on a Mac seamlessly; the update location information and account credentials were automatically filled during login, I ran the installer and it was perfectly set up. Now, however, Sophos installs on a Mac but never updates because it doesn't have the update location OR credentials. Has anyone else run across this problem or know why it is happening? Sophos Enterprise Console 4.5.1.0

  Read the article

• Necesity of ModSecurity if Apache is behind Nginx

  - by Saif Bechan

  I have my Apache installed behind Nginx. So every request that comes in is first handeled by Nginx. If there is dynamic content needed the request is send to Apache which listens on port 8080. Pretty basic reverse proxy setup. Now with this setup the first entry point is Nginx. Is it still needed to install ModSecurity to protect Apache against unwanted request. Or should I just focus on protecting Nginx as this is the first entry point. All suggestions are welcome.

  Read the article

• DRS: Unknown JNLP Location

  - by Joe

  We are using Deployment Rule Sets to limit access to the older JRE to well-known applications like - but are running into a problem. One business critical applications has the following properties (*s to protect info): title: Enterprise Services Repository location: null jar location: http://app.*.com:52400/rep/repository/*.jar jar version: null isArtifact: true The application downloads a .jnlp file, and uses java web start to execute. Since the location is null, this application cannot be targeted by a location rule. And the certificate hash method only works when the application is cached (being ran more than once). If cache storing is off, which is the case in some situations, how can this application be targeted? Or at least told to run with an older JRE on start? This problem is specifically noted in this bug Thanks!

  Read the article

• Online backup solution

  - by Petah

  I am looking for a backup solution to backup all my data (about 3-4TB). I have look at many services out there, such as: http://www.backblaze.com/ http://www.crashplan.com/ Those services look very good, and a reasonable price. But I am worried about them because of incidents like this: http://jeffreydonenfeld.com/blog/2011/12/crashplan-online-backup-lost-my-entire-backup-archive/ I am wondering if there is any online back solution that offers a service level agreement (SLA) with compensation for data loss at a reasonable price (under $30 per month). Or is there a good solution that offers a high enough level of redundancy to mitigate the risk? Required: Offsite backup to prevent data loss in terms of fire/theft. Redundancy to protect the backup from corruption. A reasonable cost (< $30 per month). A SLA in case the service provider faults on its agreements.

  Read the article

• UDP packets to IP addresses other than specific ones not arriving and not shown in Wireshark

  - by Max

  I'm writing a service using UDP, but I can't manage to reply to the client. When sending to the client via the DHCP-assigned IP (192.168.1.143) Wireshark shows no sent packets. The server receives and Wireshark shows any packet sent by the client (broadcasted). If I send to a random, unassigned IP Wireshark doesn't show it. I thought the NIC would happily send it, since there is a router in the way - shouldn't Wireshark show it, even though it cannot possibly be received by a remote endpoint? If I send to either the router IP or another (specific, there is only one other) computer, the packet is shown in Wireshark. I am running Windows 7, the firewall is turned off using the control panel. Does the fact that wireshark doesn't show these packets mean that they aren't sent? What reason could there be for showing packets to one IP, but not another, on the same subnet?

  Read the article

• How can I connect a Windows 8 PC to a Samba domain

  - by Paul

  I am using Samba 3, and want to join my Windows 8 PC to the Samba domain. Windows 8 cannot join out of the box, so I added the following registry entries: HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters DWORD DomainCompatibilityMode 1 DWORD DNSNameResolutionRequired 0 And now it talks to the Samba server ok, however I get the following error: And I notice that the machine name created on the samba server does not match its name: win-8jq3fg1n74e$:x:30003:30003:Machine:/var/lib/nobody:/bin/false It is like it is using an internal name. The following is the error in the smb.log [2012/10/21 14:26:16.099520, 0] passdb/pdb_interface.c:348(pdb_default_create_user) _samr_create_user: Running the command `/usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false win-8jq3fg1n74e$' gave 9 [2012/10/21 14:26:28.143224, 0] lib/util_sock.c:474(read_fd_with_timeout) [2012/10/21 14:26:28.143420, 0] lib/util_sock.c:1441(get_peer_addr_internal) getpeername failed. Error was Transport endpoint is not connected read_fd_with_timeout: client 0.0.0.0 read error = Connection reset by peer.

  Read the article

• Strongswan and OpenVPN together

  - by cmorgia

  I have an host in Amazon EC2 which is configured with an OpenVPN Access Server. The only client to this server is acting as a gateway from a private network. I installed StrongSWAN 5 on the same host to allow windows 7 and iOS clients to connect using IPSEC. Both services works but what I cannot figure out is how to configure StrongSWAN to consider the OpenVPN tunnel endpoint as the only gateway available to clients. Basically I want all the traffic that comes from IPSEC clients to be entirely forwarded to the OpenVPN tunnel. The remote OpenVPN client that is exposing the private network has forwarding enabled and appropriate masquerading configured. The only missing point is to have the OpenVPN tunnel as the gateway for IPsEC clients

  Read the article

• Recommended apps for securing/protecting a new desktop machine install?

  - by Eddie Parker

  I'm hoping to harness the collective tips of superuser to gather recommended apps/configurations to keep a new desktop clean, virus free, and hopefully lower software rot. I ask because I've recently come across tools like dropbox, deepfreeze, returnil, etc, and I'm curious what other ones are out there to protect a new box. I personally am interested in Windows, but feel free to comment on whatever OS you'd like, freeware or otherwise. Ideally specify the OS in your answer(s). One answer per program please. Then, rather than duplicate posts, vote for the program if it is already listed. UPDATE: It's been noted that there are other questions similar to this one [1], so I'd ask that these answers focus on security and protection. [1] Related questions: http://superuser.com/questions/1241/what-are-some-must-have-windows-programs http://superuser.com/questions/1191/what-are-some-must-have-mac-os-x-programs http://superuser.com/questions/1430/must-have-linux-software http://superuser.com/questions/3855/must-have-networking-security-tools

  Read the article

• Cisco WebVPN RDP Plugin and NLA

  - by bab

  I'm having trouble finding anything in Cisco's docs or with Google searches, so I'm hoping someone out in ServerFault land might know. We've recently enabled NLA domain-wide to protect against some of the recent RDP vulnerabilities. However, we can no longer use the Cisco WebVPN on our ASA to connect to these boxes (Connection Failure). I assume this is because the RDP2 plugin (as of Apr 27 2012) doesn't support NLA? Is there another version of the plugin that does? Thanks!

  Read the article

• Connecting Small business network to Azure Site to Site VPN

  - by MarkKGreenway

  Would like to have connectivity between azure virtual machines and on LAN users. My current network has a Cisco ISA550 connected to the WAN (one Ethernet cable into the office the fiber transceiver is on a different floor)and any public servers can be one-to one NAT-ed to have a public and private IP. What is the best way to get a reliable connection. Between end users and the cloud? I want to know the preferred on site endpoint. Do the azure vm's have to have a local ip in the LAN subnet? (Right now 10.10.0.0/20 or 255.255.240.0 to give room if this is the case). If in purchased an asa550 would I put it behind or in front of the isa550. Would it be ahead or peer with the users switches? What is the best way to get a reliable connection. Between end users and the cloud servers?

  Read the article

• MikroTik ipv6 Tunnel

  - by MikeSmitty

  I've got a MikroTik router set up with the latest stable OS on it, and I just set up an ipv6 tunnel with Hurricane Electric, but I'm having an odd issue with it. I can't ping anything until I first ping the tunnel endpoint on HE's side. After that I can ping any ipv6 address fine, but give it a little time (say, maybe 30 sec) and I can't ping any ipv6 addresses again. Whenever it stops allowing ping to go through I notice the counter on my firewall rule that drops invalid connections goes up. this is my ipv6 firewall config: add action=accept chain=input comment="" connection-state=established \ disabled=no in-interface=sit1 add action=accept chain=input comment="" connection-state=related disabled=no \ in-interface=sit1 add action=accept chain=input comment="" disabled=no in-interface=bridge \ src-address=ipv6_address_here/64 add action=drop chain=input comment="" connection-state=invalid disabled=no \ in-interface=sit1 add action=drop chain=input comment="" disabled=no in-interface=sit1 Any ideas on what it could be?

  Read the article

• Truecrypt or default Disk Utility on Mac?

  - by Kaushik Gopal

  Windows by default doesn't come with a password protect folder option (other that Win7 ultimate), so I used to swear by Truecrypt which was great. But I've read in a couple of places that Mac OS X by default has a way of protecting folders using the Default Disk Utility. So my question is which is better, using TrueCrypt on the Mac or just sticking with the default Disk Utils app? Can somebody let me know the advantages of one over the other? A summary from the very helpful answers below: if you're looking for cross-platform usage Truecrypt is the obvious tool of choice if you're looking for convenience, and intend to stick only to the Mac platform, use the default Disk Utils app.

  Read the article

• dead man's switch for remote networking interventions

  - by ascobol

  Hi, As I'm going to change the network configuration of a remote server, I was thinking of some security mechanisms to protect me from accidentally loosing control on the server. The level-0 protection I'm using is a scheduled system reboot: # at now+x minutes > reboot > ctrl+D where x is the delay before reboot. While this works relatevly well for very simple tasks like playing with iptables this method has at least two drawbacks: It's not very reactive, ie a connectivity problem should be detected automatically if for example an automatic remote ssh command fails does not work anymore for x seconds. It can obviously not work if one need to modify some configuration files and then reboot to test the changes. Are you guys using some tool for the second point ? I would love to have something able to revert the system configuration in a previously known stable state if I can't join the server X minutes after reboot. Thanks!

  Read the article

• In Puppet, how would I secure a password variable (in this case a MySQL password)?

  - by Beaming Mel-Bin

  I am using Puppet to provision MySQL with a parameterised class: class mysql::server( $password ) { package { 'mysql-server': ensure => installed } package { 'mysql': ensure => installed } service { 'mysqld': enable => true, ensure => running, require => Package['mysql-server'], } exec { 'set-mysql-password': unless => "mysqladmin -uroot -p$password status", path => ['/bin', '/usr/bin'], command => "mysqladmin -uroot password $password", require => Service['mysqld'], } } How can I protect $password? Currently, I removed the default world readable permission from the node definition file and explicitly gave puppet read permission via ACL. I'm assuming others have come across a similar situation so perhaps there's a better practice.

  Read the article

• How good is PDF password protection?

  - by Tim

  It appears that Word's password protection is not really good, at least until Office 2003, if I read this SU entry correctly. I'm under the impression that Acrobat's PDF password protection should be better (it says 128-bit AES for Acrobat 7 and higher). Is that true? Of course, it depends on the strength of the password used, but assuming I protect my PDF with a password like sd8Jf+*e8fh§$fd8sHä, am I on the safe side? Like, say, for sending confidential patient information - not really valuable, but potentially highly sensitive.

  Read the article

• Restricted blogspot account. Unable to subscribe using Google Reader?

  - by keisimone

  I used blogspot.com and restricted its viewership to just its authors. However I cannot use Google Reader to subscribe to the RSS feed. Is there a workaround? I need to be notified somehow whenever somebody posts to that private blog. I am one of its authors. My blogspot.com allows me to set the readership to just its authors. So that is what I have done. I did not do any password protect settings at all.

  Read the article

• Case for Micro SD card?

  - by Josh

  I have a MicroSD card which I'd like to keep with me at all times, I.E. in my wallet. I'm looking for a case for it. But all the cases I can find seem to be for standard SD cards... the closest I could find was this: Which is completly pointless, it stores the Micro SD card along with it's adaptor. Why not just put the Micro SD card IN the adaptor and store both on a normal SD card case... Anyway, does what I'm looking for (a case to protect a microSD card, and only large enough for a mircoSD card, i.e. not what's pictured above) exist?

  Read the article

• Easy Deployment Split Tunnel VPN Connection

  - by Joey Harris

  I was wondering if anybody could offer some insight as to how I can mass deploy VPN connection settings that support split tunneling. It has to work on both Mac and Windows systems though if a script is used, it obviously can be 2 separate scripts for both platforms. I will be setting up a Windows server with a file server and Exchange server and to access the file server I will have the clients go through VPN because we will have sensitive data. I don't want the servers network to be bogged down with the clients normal internet traffic so I will be needing some way to setup split tunneling on the clients without them having to put in a few commands every time to setup the static routes. Ive looked at Cisco VPN client but I want to try and stick with windows RRAS and avoid buying a Cisco VPN endpoint. Im basically looking for a good VPN client that can support split tunneling and mass deployment.

  Read the article

• Booting from a USB drive that was originally a boot drive

  - by daveh551

  When Win 7 went RTM, I upgraded my laptop from XP. But to protect myself against the possibility of having data inaccessible, I got a new disk and put it in the laptop, and took the old (XP) disk and put it in a USB enclosure. I have no trouble accessing the data on the USB drive under Windows 7. But I would like to be able to plug it in, tell the BIOS to boot from the USB drive, and be back on my old machine. The laptop is a Dell Precision M90, and it has a boot from USB option in its boot menu. But when I try to do that, it does read the drive, gets as far as putting up the Windows XP splash screen and starting the boot progress bar, and then reboots. What do I need to do to the old disk now running on USB to allow the machine to boot from it?

  Read the article

• Security question pertaining web application deployment

  - by orokusaki

  I am about to deploy a web application (in a couple months) with the following set-up (perhaps anyways): Ubuntu Lucid Lynx with: IP Tables firewall (white-list style with only 3 ports open) Custom SSH port (like 31847 or something) No "root" SSH access Long, random username (not just "admin" or something) with a long password (65 chars) PostgreSQL which only listens to localhost 256 bit SSL Cert Reverse proxy from NGINX to my application server (UWSGI) Assume that my colo is secure (Physical access isn't my concern for the time being) Application-level security (SQL injection, XSS, Directory Traversal, CSRF, etc) Perhaps IP masquerading (but I don't really understand this yet) Does this sound like a secure setup? I hear about people's web apps getting hacked all the time, and part of me thinks, "maybe they're just neglecting something", but the other part of me thinks, "maybe there's nothing you can do to protect your server, and those things are just measures to make it a little harder for script kiddies to get in". If I told you all of this, gave you my IP address, and told you what ports were available, would it be possible for you to get in (assuming you have a penetration testing tool), or is this really protected well.

  Read the article

• How to setup anonymous access in WinSSHD

  - by Shrike

  I have a Windows server (Win2008R2) with WinSSHD installed. I need to allow anonymous access to a particular folder on the server. Actually it's a git repositiory for bower registy but it doesn't matter. I want WinSSHD allow me to connect to an endpoint like "ssh://[email protected]/" I've created a virtual user "bower" with password only auth. No keys. But if I leave empty password then WinSSHD doesn't allow connection with error "Incorrect virtual account password". How to setup a SSH access without any authentication?

  Read the article

• Send individual e-mails to each contact in Gmail?

  - by Robert C. Cartaino

  I'm trying to send an e-mail to a group of contacts in Gmail (200 recipients, no spam). Is there a way to force Gmail to send the e-mail as 200 individual e-mails, each addressed to that specific person in the list? But I'm trying to protect their privacy: Sending to a contact group puts all their e-mail addresses in the To: field. Adding their addresses to the cc: field means everyone can see all the addresses. Adding their addresses to the bcc: field means that no one sees their address (not even their own) in the to: field. That looks odd and seems like that would trigger a lot of spam filters. So how can I force Gmail to send the e-mail addressed specifically to each contact in the list?

  Read the article

• s3fs: how to force remount on errors?

  - by Alexander Gladysh

  I use s3fs 1.33 on Ubuntu 9.10. Regularily it gives me errors like this: rsync: writefd_unbuffered failed to write 4 bytes to socket [sender]: Broken pipe (32) rsync: close failed on "/mnt/s3/mybucket/filename": Software caused connection abort (103) rsync error: error in file IO (code 11) at receiver.c(731) [receiver=3.0.6] rsync: connection unexpectedly closed (86 bytes received so far) [sender] rsync error: error in rsync protocol data stream (code 12) at io.c(600) [sender=3.0.6] Any attempt to work with mounted directory after that gives this error: Transport endpoint is not connected To get rid of this, I have to remount. Is there a way to force a remount automatically?

  Read the article

• how can make transparent proxy on more than one port?

  - by ermya

  i want to make transparent proxy with linux ( centos) , i want all incoming connection on port 1000 - 2000 on eth0 forward to eth1 on port 1000 - 2000 in transparent mode i have 2 server 1- linux ( proxy server) 2- windows i want protect my windows server with my linux server firewall also i must make transparent proxy with my linux server linux server have 2 interface one for public network an another for private network connected to windows server so all incoming connection must connect to the linux server (at eth0 public network) first and after checking , must forward to the windows server on private network (with linux interface eth1 ) i can use squid for making transparent proxy but i dont know how i must config the squid for multi port because i want listen in more than 1000 ports for example from port 1000 to 2000 anyone know how can i do ?

  Read the article

< Previous Page | 56 57 58 59 60 61 62 63 64 65 66 67  | Next Page >