Search Results

Search found 2788 results on 112 pages for 'symantec endpoint protect'.

Page 64/112 | < Previous Page | 60 61 62 63 64 65 66 67 68 69 70 71 | Next Page >

Multiple subnets behind SonicWall TZ 180

- by Derek

We have a SonicWall TZ180 that acts as a VPN endpoint. Right now it has one WAN IP address and a /24 assigned to the LAN interface. Our mail cluster administrator asked if it was possible to add a second private class C behind the VPN. This second subnet would be available to the other network and then we would use address objects and acls to limit access. Is this possible? I read up on PortShield but I don't know if that's what we would need to use because we're pushing all data out of one physical port into a Cisco switch that has VLANs already set up. Addendum: It appears that PortShields will do what I want with only one limitation; it requires a direct 1-1 relationship of portshield to physical port. This would then limit us to 4 PortShields on 1 TZ180. Is there a better solution than this?

Read the article
Could a DNSSEC at level n manipulate a zone at level n+2?

- by jroith

With some people wondering how DNSSEC could affect global censorship, I'd like to know if DNSSEC could protect a zone from being partially modified by a grandparent zone. (The point of this question is not to suggest that ICANN or it's members are not be trusted, but to figure out how DNSSEC affects the power they could exercise in theory.) For example: ICANN owns the root zone The .de zone is delegated to DENIC, Germany. Assume example.de is delegated to some 3rd party. Now, assuming DENIC does not remove example.de from their zone, would it be possible for them to redirect the subdomain abc.example.de elsewhere by returning signed records from the .de servers for abc.example.de ? Similarly, would it be possible for the DNS root to easily return signed fake records of a third-level domain xy.z while the second-level zone z is not participating in this and is not affected otherwise?

Read the article
nginx deny directory and files to be downloaded

- by YeppThat'sMe

gurus. I have a problem and i dont know how to solve it. I am working with Git and Compass/SASS on some projects. Now i want to protect those directories. When i go only to the folder its all fine – i get what i expected a 403 forbidden. location ~ /\.git { deny all; } But when i try use the full path to the config file from git the browser start to download it. Same scenario with compass. There is a config.rb file within the folder which also starts to download it. How can i prevent this behaviour? How can i deny downloading specific files?

Read the article
Is Exchange protected from/allow back dated emails?

- by David

Does Exchange Server adequately protect against backdating items in a mailbox folder? I want to determine from an auditing perspective what level of risk exists/what trust can be put into Exchange database records. Is there a (mis)feature that allows end point users to modify the sent/recieved date fields on their own messages? Is there a reasonable way short of hand editing the files for an Exchange Server admin to make such a change? And most importantly: Is there any kind of "sequence number" that we could use to audit Exchange records for evidence of date manipulation (ex. msg100 = Dec 15, msg101 = Dec 10, msg102 = Dec 16)

Read the article
Recommend a web file sharing software please.

- by Baczek

I'm looking for a web platform to put company files at. My requirements are: should be accessible via a browser should be open source must be installable (dropbox is a no-go) must have an option to put a access time limit on a file must perform garbage collection automatically after a file expires must be able to mark files as public or private an option to protect a file via a pin-code for users without accounts in the system would be nice to have The problem is I don't even know what to search for - all my googling results in either complete groupware solutions or p2p file sharing software. If such a thing doesn't exist, please don't hestitate to say so, so I can crawl to a corner and cry myself to sleep. TIA

Read the article
WebsitePanel 2 totally NOT working on Windows Server 2012 on Azure

- by Carmine Giangregorio

I’m having many troubles installing WebSitePanel on an Azure Virtual Machine, with Windows Server 2012. I followed the steps in http://www.websitepanel.net/documentation/deployment-guide/server-configuration/preparing-windows-server-2008-r2-for-websitepanel-installation/ and installed everything I needed. Then, I installed the WebSitePanel Standalone Server package with the installer. I opened the endpoint for the port 9002 on Windows Azure; so I pointed my browser to myhostname.cloudapp.net (note: in Azure you don’t have a static IP address, instead you have an hostname like [hostname].cloudapp.net). So, loading myhostname.cloudapp.net:9002 fails, and any browser shows something like “Unable to load page”. Notice: if I try to load the WebSitePanel Portal directly on the server, I get an error HTTP 400 Bad Request. How come? IIS works perfectly on the server, in fact the default website runs without problems on port 80.

Read the article
protecting a single .exe-file for downloading with htaccess and htpasswd?

- by ThomasK

I have this, and only this, in a .htaccess file inside my downloads folder: <FilesMatch "\.(exe)$"> AuthType Basic AuthName "Downloads" AuthUserFile path/to/.htpasswd Require valid-user </FilesMatch> Once I click the link to download a href="fileName.exe">FileName</a>, I'm getting a 500 server error. If I leave out the <FilesMatch>-part; The protection part is working, I guess, since I get the login box. But once I get into the protected area, the 500 server error occurs. What am I doing wrong here? My intention was to protect only a single .exe file to prevent downloaded by anyone. Is there any easier or more correct way of doing this?

Read the article
Why can't all zeros in the host portion of IP address be used for a host?

- by Grezzo

I know that if I have a network 83.23.159.0/24 then I have 254 usable host IP addresses because: 83.23.159.0 (in binary: host portion all zeros) is the subnet address 83.23.159.1-254 are host addresses 83.23.159.255 (in binary: host portion all ones) is the broadcast address I understand the use for a broadcast address, but I don't understand what the subnet address is ever used for. I can't see any reason that an IP packet's destination address would be set to the subnet address, so why does the subnet itself need an address if it is never going to be the endpoint for AN IP flow? To me it seems like a waste to not allow this address to be used as a host address. To summarise, my questions are: Is an IP packet's destination ever set to the subnet IP address? If yes, in what cases and why? If no, then why not free up that address for any host to use?

Read the article
How do I capture and playback http web requests against multiple web servers?

- by KevM

My overall goal is to not interrupt a production system while capturing HTTP Posts to a web application so that I can reverse engineer the telemetry coming from a closed application. I have control over the transmitter of the HTTP Posts but not the receiving web application. It seems like I need a request "forking" proxy. Sort of a reverse proxy that pushes the request to 2 endpoints, a master and slave, only relaying the response from the master endpoint back to the requester. I am not a server geek so something like this may exist but I don't know the term of art for what I am looking for. Another possibility could be a simple logging proxy. Capture a log of the web requests. Rewrite the log to target my "slave" web application. Playback the log with curl or something. Thank you for your assistance.

Read the article
What browser feature is this exploiting and how to stop it ?

- by ldigas

http://raffa991.ra.funpic.de/lol/ Warning: It is some kind of an annoying "you are an idiot" sign combined with a lot of popup message boxes. Open with care! In any case, it crashed my firefox 3.5.4. (or to be more precise, made it unusable) ... I don't know about other browsers. Since it's been a while since something that stupid did something like that, I'm wondering ... what weakness is that thing using (Javascript ?), and how to protect oneself from it ?

Read the article
How to restrict deletion of a folder on NTFS share, but still allow modify access within folder

- by thinkdreams

I am setting up a set of scan folders from a scanning copier device, and would like to know the best way to protect the folders (for each department) from moving or deletion, but yet still allow access for the users to modify (i.e. create/add/delete) the scanned files within the folder. Structure is: Share Name Departmental Folder User files The writing of the files initially is taken care of by a service account which has full control. We'd just like to ensure the users cannot accidentally delete the folder (which has already happened) containing all the files, etc. This is for a Windows 2003 server, NTFS permissions. Suggestions would be most appreciated.

Read the article
Windows 7: How to enable firewall disabled by global policy on a computer joined to a domain?

- by kzen

On a Windows 7 Enterprise 64-bit laptop joined to a corporate domain, the Windows Firewall is disabled by a global policy. Is there any way to enable the Windows Firewall in this scenario? The gpedit.msc setting Windows Firewall: Protect all network connections is inaccessible. EDIT: It appears that changing HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\gpsvc\Start value to 4 will disable the GPO and allow you to start the firewall and stop the bots from pushing cr*p to your computer... will check on Monday and if it works I'll confirm here in case someone else in my situation wonders upon this question... EDIT: It's probably better if I write a mock windows service not doing anything and name it according to what is expected to be on my box and than crete mock McCrappy executable and mock McCrappy folder structure and remove all the actual stuff... That would take a little time but would most certainly make my box completely stealthy...

Read the article
How to restrict deletion of a folder on NTFS share, but still allow modify access within folder

- by thinkdreams

I am setting up a set of scan folders from a scanning copier device, and would like to know the best way to protect the folders (for each department) from moving or deletion, but yet still allow access for the users to modify (i.e. create/add/delete) the scanned files within the folder. Structure is: Share Name Departmental Folder User files The writing of the files initially is taken care of by a service account which has full control. We'd just like to ensure the users cannot accidentally delete the folder (which has already happened) containing all the files, etc. This is for a Windows 2003 server, NTFS permissions. Suggestions would be most appreciated.

Read the article
MongoDB on EC2 - Creating a replicaset across DCs

- by ankitb

we are trying to get a MongoDB setup in EC2 going. I had a few questions - Should we turn on auth since the MongoDB endpoint will have a public VIP? Any big hit on perf with auth enabled? Best way to deploy a replicaset in EC2? Do I have to deploy all 3 nodes individually and configure them or can I use a tool to automate the deployment? We would like one of the secondaries to be located in a different DC than the primary. Ubuntu or RHEL? And what version? Thanks!

Read the article
Recommend a web file sharing software please

- by Baczek

I'm looking for a web platform to put company files at. My requirements are: should be accessible via a browser should be open source must be installable (dropbox is a no-go) must have an option to put a access time limit on a file must perform garbage collection automatically after a file expires must be able to mark files as public or private an option to protect a file via a pin-code for users without accounts in the system would be nice to have The problem is I don't even know what to search for - all my googling results in either complete groupware solutions or p2p file sharing software. If such a thing doesn't exist, please don't hestitate to say so, so I can crawl to a corner and cry myself to sleep. TIA

Read the article
Understanding IUSR_<machine> account

- by liho1eye

Namely how is setting read/write permission for this account different from giving read/write access in the IIS (Windows 2003, so it should be IIS6 if I am not mistaken). Here is the issue: It looks like we had a security sweep and as a part of that IUSR account lost write access everywhere. A whole bunch of legacy ASP sites didn't like that at all... My very surfacish understanding is that it is enough to deny write access in the IIS console to protect a website from someone just dropping random files into it, and IUSR access only has effect on the application scripts running server side, and thus can be safely given write access back. edit: The applications in question obviously require write access to their own web folders, otherwise this wouldn't be an issue at all. Question is how to configure IIS/application to both satisfy security and make them work. My first instinct was to change account which is used to run the app pool. However that is already set to NETWORK_SERVICE, and that guy already has full access to folders in question.

Read the article
Is there a Linux mail server with an outgoing pickup directory?

- by Paul D'Ambra

On my Exchange server I can drop appropriately formatted text files in the "pickup" directory and Exchange will process them. I'd like to split this bulk mailing functionality onto another box to protect our business mail IP from the bumpy ride that our monthly newsletter gives us. I should note at this point that the mailing is opt-in with an opt out link included and only goes to people who pay to be a member of our organisation The ideal solution for me would be to add a linux box to use just for this purpose so we're not paying for Exchange licenses. So is there a linux equivalent of the Exchange pickup directory?

Read the article
Is there a Linux mail server with an outgoing pickup directory?

- by Paul D'Ambra

On my Exchange server I can drop appropriately formatted text files in the "pickup" directory and Exchange will process them. I'd like to split this bulk mailing functionality onto another box to protect our business mail IP from the bumpy ride that our monthly newsletter gives us. I should note at this point that the mailing is opt-in with an opt out link included and only goes to people who pay to be a member of our organisation The ideal solution for me would be to add a linux box to use just for this purpose so we're not paying for Exchange licenses. So is there a linux equivalent of the Exchange pickup directory?

Read the article
"Access denied" to C:\Documents and Settings after removing malware?

- by Rising Star

My Windows 7 PC became infected with the so-called "Malware Protection designed to protect" trojan while I was at work the other day. I managed to kill the process so that the malware is no longer running. The removal instructions specify to delete the following file: c:\documents and settings\all users\application data\defender.exe However, when I click to c:\documents and settings, it says "Access denied". Prior to this malware infection, I've never had any trouble accessing "Documents and Settings" or "Application Data." I read that in Windows 7, c:\documents and settings is a psudonym for c:\users, but I still cannot find the file defender.exe. Suggestions?

Read the article
Word 2010, how to update protected document

- by Seth

The document has one "Section Break" with e.g. "Text Form Fields" above. To make this Form Field work properly I use "Restrict Editing", allow "Filling in Forms", "Select Sections" and then protect Section 1. Then "Start Enforcing Protection". Now when the document is protected above the Section Break you can't use CTRL-Aand F9 to make an update of the fields, etc. of the document below the Section Break. Is there any solution for this problem?

Read the article
Overload Protection

- by Tyron

Is there a simple way how I could redirect a visitor (via .htaccess or PHP script) to a static page when the server is overloaded from too many requests? It doesn't have to be a protection against huge amounts of requests at once or protect against DoS Attacks. I think our server would be protected enough if we could prevent the standard website to be shown and instead show a single file "overloaded.html". Also how could I get a measure for a server being overloaded on a typical managed server (= non root access to a Linux server) environment?

Read the article
Security against IP spoofing [on hold]

- by user1369975

I am pursuing a college project, in which I am running three fake services on three ports to protect the main service (say running at port 80). The concept is that if the user is malicious, he'll try to bring the services down and access the fake services. These ports adopt a blocking process of a connection request and record the IP and port of the client. These are logged and aren't granted access on service on port 80. But what to do if the client spoofs his IP? How can I modify my system?

Read the article
Ubuntu USB flash boot drive gets spontaneous "Unhandled sense code" error and causes drive to switch to Write protected

- by Steve

What happens is that the system runs fine for several days or even a week and then suddenly the root file-system / goes read-only. Looking at the syslog it shows that there was an 'Unhandled sense code'. This is under Ubuntu 10.04 but I saw the same thing with Ubuntu 9 with different flash media. /dev/sdg1 on / type ext4 (rw,errors=remount-ro) Jun 26 08:50:04 host1 kernel: [926247.565090] sd 5:0:0:0: [sda] Unhandled sense code Jun 26 08:50:04 host1 kernel: [926247.565094] sd 5:0:0:0: [sda] Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE Jun 26 08:50:04 host1 kernel: [926247.565098] sd 5:0:0:0: [sda] Sense Key : Data Protect [current] Jun 26 08:50:04 host1 kernel: [926247.565103] sd 5:0:0:0: [sda] Add. Sense: Write protected Jun 26 08:50:04 host1 kernel: [926247.565108] sd 5:0:0:0: [sda] CDB: Write(10): 2a 00 00 46 29 18 00 00 08 00 Jun 26 08:50:04 host1 kernel: [926247.565117] end_request: I/O error, dev sda, sector 4598040 Jun 26 08:50:04 host1 kernel: [926247.569788] Buffer I/O error on device sda1, logical block 574499 Jun 26 08:50:04 host1 kernel: [926247.574677] lost page write due to I/O error on sda1

Read the article
How can I limit the amount of messages SendMail will recieve in a single incoming connection?

- by Mike B

Is there a way to limit how many messages can be received by SendMail in a given SMTP session? I have a SendMail server and an upstream application server is trying to send dozens (potentially hundreds) of messages to it in a single SMTP session (ehlo... mail from... rcpt to... data... rset... mail from... etc). This is causing resource strain on the box since the traffic isn't effectively load balanced. I'd like to implement a policy to have sendmail only allow up to X number of messages in a given SMTP session after which it will require the remote host to reconnect again. I noticed that there's a confCONNECTION_RATE_THROTTLE option but that seems to protect more against multiple connections occurring at once - not a single connection sending a bunch of emails.

Read the article
Route SOAP request through external server

- by sanbornm

I need to integrate with a SOAP Web Service that requires that the requests come from a whitelisted IP address. As I often do development from all over the place it is quite annoying to ask for a new whitelisted IP each time. I have a remote server that is whitelisted. How can I route my SOAP request (I can change the endpoint in the WSDL) to my remote machine and have that forwarded to the Web Service? My remote server is used for other things so it needs to only forward a specific port, not all traffic. Oh, and the Web Service expects SSL.

Read the article

< Previous Page | 60 61 62 63 64 65 66 67 68 69 70 71 | Next Page >