Search Results

Search found 4391 results on 176 pages for 'tree hacker'.

Page 69/176 | < Previous Page | 65 66 67 68 69 70 71 72 73 74 75 76  | Next Page >

• Reinstall after a Root Compromise?

  - by Zoredache

  After reading this question on a server compromise, I started to wonder why people continue to seem to believe that they can recover a compromised system using detection/cleanup tools, or by just fixing the hole that was used to compromise the system. Given all the various root kit technologies and other things a hacker can do most experts suggest you should reinstall the operating system. I am hoping to get a better idea why more people don't just take off and nuke the system from orbit. Here are a couple points, that I would like to see addressed. Are there conditions where a format/reinstall would not clean the system? Under what types conditions do you think a system can be cleaned, and when must you do a full reinstall? What reasoning do you have against doing a full reinstall? If you choose not to reinstall, then what method do you use to be reasonably confident you have cleaned and prevented any further damage from happening again.

  Read the article

• Virtualmin & git integration

  - by weby3456

  I've installed virtualmin on my VPS to manage my websites. It's working perfect and as expected nearly a year now. Recently I wanted to add some features to one of my sites, and I need git integration. I've correctly installed git & gitweb on my server, and I can create repositories and watch them under http://sub.domain.com/git/gitweb.cgi Here is the current relevant directory tree: /home/user/domains/sub.domain.com/public_html/git/ drwxr-sr-x user user . drwxr-x--- user user .. -rw-r--r-- user user git-favicon.png -rw-r--r-- user user git-logo.png -rwxr-xr-x user user gitweb.cgi -rw-r--r-- user user gitweb.css drwxrwx--- apache user reponame.git /home/user/domains/sub.domain.com/public_html/git/reponame.git/ drwxrwx--- apache user . drwxr-sr-x user user .. drwxrwx--- apache user branches -rwxrwx--- apache user config -rwxrwx--- user user description -rwxrwx--- apache user HEAD drwxrwx--- apache user hooks drwxrwx--- apache user info drwxrwx--- apache user objects drwxrwx--- apache user refs But I have some questions: When I'm visiting http://sub.domain.com/git/gitweb.cgi, the owner is listed as 'Apache'. why? how can I change that? Usually, to create a new git repository, I'll do something like: $ mkdir proj $ cd proj $ git init Initialized empty Git repository in /home/user/proj/.git/ // here I'm creating the files or copy them from somewhere else $ git add *.php $ git add README $ git commit -m 'initial version' But after creating the repository in virtualmin, I can find a new dir named 'reponame.git' but not the '.git' dir. When I'm trying to run any git command (e.g. git status) I'm receiving "fatal: This operation must be run in a work tree". How can I work with that repository? Currently I need to explicitly grant access for users to be able to view the repositories via gitweb. How can I make certain repositories public?

  Read the article

• Re-configure Office 2007 installation unattended: Advertised components --> Local

  - by abstrask

  On our Citrix farm, I just found out that some sub-components are "Installed on 1st Use" (Advertised), which does play well on terminal servers. Not only that, but you also get a rather non-descriptive error message, when a document tried to use a component, which is "Installed on 1st Use" (described on Plan to deploy Office 2010 in a Remote Desktop Services environment): Microsoft Office cannot run this add-in. An error occurred and this feature is no longer functioning correctly. Please contact your system administrator. I have ~50 Citrix servers where I need to change the installation state of all Advertised components to Local, so I created an XML file like this: <?xml version="1.0" encoding="utf-8"?> <Configuration Product="ProPlus"> <Display Level="none" CompletionNotice="no" SuppressModal="yes" AcceptEula="yes" /> <Logging Type="standard" Path="C:\InstallLogs" Template="MS Office 2007 Install on 1st Use(*).log" /> <Option Id="AccessWizards" State="Local" /> <Option Id="DeveloperWizards" State="Local" /> <Setting Id="Reboot" Value="NEVER" /> </Configuration> I run it with a command like this (using the appropriate paths): "[..]\setup.exe" /config ProPlus /config "[..]\Install1stUse-to-Forced.xml" According to the log file, the syntax appears to be accepted and the config file parsed: Parsing command line. Config XML file specified: [..]\Install1stUse-to-Forced.xml Modify requested for product: PROPLUS Parsing config.xml at: [..]\Install1stUse-to-Forced.xml Preferred product specified in config.xml to be: PROPLUS But the "Final Option Tree" still reads: Final Option Tree: AlwaysInstalled:local Gimme_OnDemandData:local ProductFiles:local VSCommonPIAHidden:local dummy_MSCOMCTL_PIA:local dummy_Office_PIA:local ACCESSFiles:local ... AccessWizards:advertised DeveloperWizards:advertised ... And the components remain "Advertised". Just to see if the installation state is overridden in another XML file, I ran: findstr /l /s /i "AccessWizards" *.xml Against both my installation source and "%ProgramFiles%\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller", but just found DefaultState to be "Local". What am I doing wrong? Thanks!

  Read the article

• How to setup Secure SemiPublic Revision Control System

  - by user24912

  I have a windows server with a project configured with a revision control system. Suppose it's GIT or SVN or .... Suppose there are 10 people around the globe working on this project. The first thing that comes in to mind is to secure the connection between these programmer and the server with SSH. but my problem is that the a hacker can destroy the server if he gets the SSH username and password user account (tell me if i'm wrong). So I need a secure way to let thoes programmers push their revision to the server. Any ideas would be lovely

  Read the article

• public key infrastructure - distribute bad root certificates

  - by iamrohitbanga

  Suppose a hacker launches a new Linux distro with firefox provided with it. Now a browser contains the certificates of the root certification authorities of PKI. Because firefox is a free browser anyone can package it with fake root certificates. Can this be used to authenticate some websites. How? Many existing linux distros are mirrored by people. They can easily package software containing certificates that can lead to such attacks. Is the above possible? Has such an attack taken place before?

  Read the article

• Tomcat uninstall problems

  - by Deepak

  Hi, I am using "apt-get remove tomcat6" to remove tomcat.It gives this outout and tomcat still running on my system: Reading package lists... Done Building dependency tree Reading state information... Done The following packages were automatically installed and are no longer required: seamonkey-gnome-support ocaml-base-nox libghc6-hsql-prof libgmp3-dev libffi-dev libtool libghc6-hsql-dev libgmpxx4ldbl ghc6-prof camlp4 ghc6 ledit ocaml-interp rhino libltdl-dev ocaml-nox Use 'apt-get autoremove' to remove them. The following packages will be REMOVED: tomcat6 tomcat6-admin tomcat6-examples 0 upgraded, 0 newly installed, 3 to remove and 1 not upgraded. After this operation, 2,400kB disk space will be freed. Do you want to continue [Y/n]? y Segmentation fault deepak@kalpna-desktop:~$ apt-get remove tomcat6 Reading package lists... Done Building dependency tree Reading state information... Done The following packages were automatically installed and are no longer required: seamonkey-gnome-support ocaml-base-nox libghc6-hsql-prof libgmp3-dev libffi-dev libtool libghc6-hsql-dev libgmpxx4ldbl ghc6-prof camlp4 ghc6 ledit ocaml-interp rhino libltdl-dev ocaml-nox Use 'apt-get autoremove' to remove them. The following packages will be REMOVED: tomcat6 tomcat6-admin tomcat6-examples 0 upgraded, 0 newly installed, 3 to remove and 1 not upgraded. After this operation, 2,400kB disk space will be freed. Do you want to continue [Y/n]? y Segmentation fault What is the way to re-install tomcat on ubuntu. Regards D

  Read the article

• Setting up Mako with Cherrypy on nginx through FastCGI

  - by xuniluser

  I'm trying to use TemplateLookup from Mako, but can't seem to get it to work. Layout of the test site is: /var/www main.py templates/ index.html Nginx's config is setup as: location / { fastcgi_pass 127.0.0.1:8080; fastcgi_param SERVER_NAME $server_name; fastcgi_param SERVER_PORT $server_port; fastcgi_param SERVER_PROTOCOL $server_protocol; fastcgi_param PATH_INFO $fastcgi_script_name; fastcgi_param REQUEST_METHOD $request_method; fastcgi_param QUERY_STRING $query_string; fastcgi_param CONTENT_TYPE $content_type; fastcgi_param CONTENT_LENGTH $content_length; fastcgi_pass_header Authorization; fastcgi_intercept_errors off; } Cherrypy's config has: [global] server.socket_port = 8080 server.thread_pool = 10 engine.autoreload_on = False tools.sessions.on = True A simple cherrypy setup in main.py seems to work fine. import cherrypy class Main: @cherrypy.expose def index(self): return 'Hello' cherrypy.tree.mount(Main(), '/', config='config') Now, if I modify this to use Mako's template lookup, I get a 500 error. I know it has something to do with serving static files, but I've tried over a dozen different configurations accoring to the cherrypy wiki, but none of them work. Here's a bare setup I have for the templates: import cherrypy from mako.template import Template from mako.lookup import TemplateLookup templates = TemplateLookup(directories=['templates'], output_encoding='utf-8') class Main: @cherrypy.expose def index(self): return templates.get_template('index.html').render(msg='hello') cherrypy.tree.mount(Main(), '/', config='config') Does anyone know how I can get this to work ?

  Read the article

• Orphan IBM JVM process

  - by Nicholas Key

  Hi people, I have this issue about orphan IBM JVM process being created in the process tree: For example: C:\Program Files\IBM\WebSphere\AppServer\bin>wsadmin -lang jython -f "C:\Hello.py" Hello.py has the simple implementation: import time i = 0 while (1): i = i + 1 print "Hello World " + str(i) time.sleep(3.0) My machine has such JVM information: C:\Program Files\WebSphere\java\bin>java -verbose:sizes -version -Xmca32K RAM class segment increment -Xmco128K ROM class segment increment -Xmns0K initial new space size -Xmnx0K maximum new space size -Xms4M initial memory size -Xmos4M initial old space size -Xmox1624995K maximum old space size -Xmx1624995K memory maximum -Xmr16K remembered set size -Xlp4K large page size available large page sizes: 4K 4M -Xmso256K operating system thread stack size -Xiss2K java thread stack initial size -Xssi16K java thread stack increment -Xss256K java thread stack maximum size java version "1.6.0" Java(TM) SE Runtime Environment (build pwi3260sr6ifix-20091015_01(SR6+152211+155930+156106)) IBM J9 VM (build 2.4, JRE 1.6.0 IBM J9 2.4 Windows Server 2003 x86-32 jvmwi3260sr6-20091001_43491 (JIT enabled, AOT enabled) J9VM - 20091001_043491 JIT - r9_20090902_1330ifx1 GC - 20090817_AA) JCL - 20091006_01 While the program is running, I tried to kill it and subsequently I found an orphan IBM JVM process in the process tree. Is there a way to fix this issue? Why is there an orphan process in the first place? Is there something wrong with my code? I really don't believe that my simplistic code is wrongly implemented. Any suggestions?

  Read the article

• How does one open multiple tabs in TextWrangler?

  - by Closure Cowboy

  No, I'm not bluffing. I really can't figure this out. The setup: I went to File -> Open, and then selected a directory rather than a file. As expected, a directory tree opened on the left side of my document. Hooray! I can easily view the files' structure in my Rails project. So, I make a few changes in a file, and then I click on a different file in the directory tree. My problem: TextWrangler then asks me whether I want to save my changes. Huh? I say "No", and the new document doesn't open at all. Great. I try hitting Command+N (new document). A new window opens. Ughhhh. How the heck do I open documents in a new tab? Note: I have set the "New & opened documents" behavior to "Open in the front window". This does not change the behavior described (i.e. when a directory is opened rather than a single file).

  Read the article

• Unix domain socket firewall

  - by lagab

  Hello, everyone. I've got a problem with my debian server. Probably there is some vulnerable script at my web-serser, which is running from www-data user. I also have samba with winbind installed, and samba is joined to windows domain. So, probably this vulnerable script allows hacker to bruteforce out domain controller through winbind unix domain socket. Actually I have lots of such lines at netstat -a output: unix 3 [ ] STREAM CONNECTED 509027 /var/run/samba/winbindd_privileged/pipe And our DC logs contain lots of recorded authentication attems from root or guest accounts. How can I restrict my apaches access to winbind? I had an idea to use some kind of firewall for IPC sockets. Is it possible?

  Read the article

• Exploratory Question for Security Admins (/etc/passwd + PHP)

  - by JPerkSter

  Hi everyone, I've been seeing a few issues lately on a few of my servers where an account gets hacked via outdated scripts, and the hacker uploads a cPanel / FTP Brute forcing PHP script inside the account. The PHP File reads /etc/passwd to get the usernames, and than uses a passwd.txt file to try and brute force it's way in to 127.0.0.1:2082. I'm trying to think of a way to block this. It doesn't POST anything except "GET /path/phpfile.php", so I can't use mod_security to block this. I've been thinking of maybe changing permissions on /etc/passwd to 600, however I'm unsure how this will result in regards to my users. I was also thinking of rate-limiting localhost connections to :2082, however I'm worried about mod_proxy being affected. Any suggestions?

  Read the article

• My wifi internet router connection resets when more devices connected

  - by joeeoj

  The wifi internet router is connected directly to Internet cable. The main Pc is attached to it via LAN cable, while 1 laptop and 3 mobile phones connect to it via wifi. Whenever 2 or more devices connect via wifi, the internet connection breaks after one minute and internet connection resets. I tracked this behaviour for weeks, and came to conclusion: It seems like some 'device 1' got IP then it went to suspend mode. Then 'device 2' connected to router and got the same IP. Then the 'device 1' woke up from suspend mode and tried to use his old IP. The router sees that 2 same IP addresses exists and automatically reset internet connection. Is this possible? Have I tracked the problem correctly and how to solve it? The router is set to lease 100 IP addresses to devices who try to connect. The password is strong and no hacker's device is being connected to my wifi network. Tried changing password and AP's name.

  Read the article

• Patch msp into msi package

  - by Kvad

  The latest update of Windows Live Messenger is an msp added to the package. I want to patch a msp into an msi. Reference download http://wl.dlservice.microsoft.com/download/8/3/D/83D75746-DF04-45E9-8374-BD31B9419128/en/wlsetup-all.exe I extract all msi and msps from this. (To get the msp and msi's I did the following Use resource hacker to open up wlsetup-all.exe In the left hand tree browse to PACKAGE Right click PACKAGE, save PACKAGE resources Save to a new temp folder Eg. D:\temp\package.rc This will output a whole lot of .bin files These are just cab files so we need to do a mass rename “ren *.bin *.cab” Once done select all cab files and extract to a new sub folder \extracted In \extracted you will see all the msi, msp and 7z files you need) I try to apply the msp directly with no result msiexec /p messenger.msp /a messenger.msi I also try doing a admin install with nothing being extracted.

  Read the article

• Detect damage done by virus

  - by user38471

  Hey, this morning after I went to college a virus infected my pc without any user interaction at my end. When I came home my computer was completely frozen and infected with lots of trojans. I have not typed anything important since returning so keys cannot be logged. However I want to know exactly when my computer crashed from the time of infection to see what could potentially be done remotely by a hacker. The virus my pc was diagonosed with was "fakespypro" http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Win32%2fFakeSpypro on a fully updated windows 7 installation with firewall enabled. My computer was connected to an internal dorm room network, so probably that has had to do something with it. Any further information about how I could backtrace this virus infection or ways to discover what data might be stolen would be greatly appriciated.

  Read the article

• Favicon on gmail has changed from the envelope to a black gun. How do i change it back and why did i

  - by Victoria

  I think my gmail account might have been hacked because I've recently noticed a change in the favicon displayed in the url and the tab, when I logged onto my gmail account. It used to be the common red and white envelope and now it's a black gun. Can anyone tell if this is enough to conclude that my account has been hacked or tampered with? I know someone that would be capable and most probably willing to cause problems to my account among other things. This would be my opsessive ex who's best friend is a hacker. Can anyone help? I need to know if someone has reigns to my computer. And how do I change the favicon back to its orginial image? The black gun really bothers me. Thanks everyone!!!

  Read the article

• Why does this rsnapshot exclude not work?

  - by bstpierre

  Rsnapshot passes excludes directly to rsync, but rsync's behavior appears inconsistent. I've simplified my rsnapshot backup test to the following directory tree (this tree will be backed up): gorilla:~# find /tmp/snaptest -exec file {} \; /tmp/snaptest: directory /tmp/snaptest/SKIPTHIS: directory /tmp/snaptest/SKIPTHIS/xyz: directory /tmp/snaptest/SKIPTHIS/xyz/testing: ASCII text /tmp/snaptest/SKIPTHIS/bar: ASCII text /tmp/snaptest/SKIPTHIS/foo: ASCII text /tmp/snaptest/SKIPTHIS.txt: ASCII text My config file: config_version 1.2 snapshot_root /tmp/backup-media no_create_root 1 cmd_cp /bin/cp cmd_rm /bin/rm cmd_rsync /usr/bin/rsync cmd_ssh /usr/bin/ssh cmd_logger /usr/bin/logger cmd_du /usr/bin/du interval hourly 6 interval daily 7 interval weekly 4 interval monthly 3 verbose 3 loglevel 3 logfile /media/maxtor-one-touch/rsnapshot.log lockfile /media/maxtor-one-touch/backups/.rsnapshot.pid rsync_short_args -a rsync_long_args --delete --numeric-ids --relative --delete-excluded exclude "SKIPTHIS/**" link_dest 1 backup /tmp/snaptest snaptest The result: gorilla:~# rsnapshot -c /tmp/snaptest.conf hourly echo 12638 > /media/maxtor-one-touch/backups/.rsnapshot.pid mkdir -m 0755 -p /tmp/backup-media/hourly.0/ /usr/bin/rsync -a --delete --numeric-ids --relative --delete-excluded \ --exclude="SKIPTHIS/**" /tmp/snaptest \ /tmp/backup-media/hourly.0/snaptest touch /tmp/backup-media/hourly.0/ rm -f /media/maxtor-one-touch/backups/.rsnapshot.pid gorilla:~# find /tmp/backup-media/ -exec file {} \; /tmp/backup-media/: directory /tmp/backup-media/hourly.0: directory /tmp/backup-media/hourly.0/snaptest: directory /tmp/backup-media/hourly.0/snaptest/tmp: sticky directory /tmp/backup-media/hourly.0/snaptest/tmp/snaptest: directory /tmp/backup-media/hourly.0/snaptest/tmp/snaptest/SKIPTHIS: directory /tmp/backup-media/hourly.0/snaptest/tmp/snaptest/SKIPTHIS/xyz: directory /tmp/backup-media/hourly.0/snaptest/tmp/snaptest/SKIPTHIS/xyz/testing: ASCII text /tmp/backup-media/hourly.0/snaptest/tmp/snaptest/SKIPTHIS/bar: ASCII text /tmp/backup-media/hourly.0/snaptest/tmp/snaptest/SKIPTHIS/foo: ASCII text /tmp/backup-media/hourly.0/snaptest/tmp/snaptest/SKIPTHIS.txt: ASCII text My confusion stems from the fact that if I copy-paste the rsync command echoed by rsnapshot, the SKIPTHIS directory is excluded! (I've tested with various other SKIPTHIS patterns with the same results.) Any idea what's going on?

  Read the article

• Detecting damage done by virus

  - by user38471

  This morning after I went to college, a virus infected my PC without any user interaction at my end. When I came home my computer was completely frozen and infected with lots of trojans. I have not typed anything important since returning so keys cannot be logged. However I want to know exactly when my computer crashed from the time of infection to see what could potentially be done remotely by a hacker. The virus my pc was diagnosed with was "fakespypro" on a fully updated Windows 7 installation with firewall enabled. My computer was connected to an internal dorm room network, so probably that has had to do something with it. Any further information about how I could backtrace this virus infection or ways to discover what data might be stolen would be greatly appreciated.

  Read the article

• How to close the logon process named NtLmSsp ?

  - by Aristos

  I have a windows 2003 server and time to time I am getting many login failures like this one. Logon Failure: Reason: Unknown user name or bad password User Name: administrator Domain: xx.xx.xx.xx Logon Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM Workstation Name: XLHOST Caller User Name: - Caller Domain: - Caller Logon ID: - Caller Process ID: - Transited Services: - Source Network Address: 173.45.70.100 <- hacker Source Port: 4722 AND Logon attempt by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 Logon account: user Source Workstation: XLHOST Error Code: 0xC0000064 The question is, how can I close this process of login ?, what I have left open and some one can try to login ? Some notes: I login to the server using tunneling, nothing is open except dns, email, and web ports, not even ftp, and all default ports are change and hidden. I also monitor port scan and capture any one that try to find the hidden ports. Probably it is something open... Thank you in advanced.

  Read the article

• Why does redis report limit of 1024 files even after update to limits.conf?

  - by esilver

  I see this error at the top of my redis.log file: Current maximum open files is 1024. maxclients has been reduced to 4064 to compensate for low ulimit. I have followed these steps to the letter (and rebooted): Moreover, I see this when I run ulimit: ubuntu@ip-XX-XXX-XXX-XXX:~$ ulimit -n 65535 Is this error specious? If not, what other steps do I need to perform? I am running redis 2.8.13 (tip of the tree) on Ubuntu LTS 14.04.1 (again, tip of the tree). Here is the user info: ubuntu@ip-XX-XXX-XXX-XXX:~$ ps aux | grep redis root 1027 0.0 0.0 66328 2112 ? Ss 20:30 0:00 sudo -u ubuntu /usr/local/bin/redis-server /etc/redis/redis.conf ubuntu 1107 19.2 48.8 7629152 7531552 ? Sl 20:30 2:21 /usr/local/bin/redis-server *:6379 The server is therefore running as ubuntu. Here are my limits.conf file without comments: ubuntu@ip-XX-XXX-XXX-XXX:~$ cat /etc/security/limits.conf | sed '/^#/d;/^$/d' ubuntu soft nofile 65535 ubuntu hard nofile 65535 root soft nofile 65535 root hard nofile 65535 And here is the output of sysctl fs.file-max: ubuntu@ip-XX-XXX-XXX-XXX:~$ sysctl -a| grep fs.file-max sysctl: permission denied on key 'fs.protected_hardlinks' sysctl: permission denied on key 'fs.protected_symlinks' fs.file-max = 1528687 sysctl: permission denied on key 'kernel.cad_pid' sysctl: permission denied on key 'kernel.usermodehelper.bset' sysctl: permission denied on key 'kernel.usermodehelper.inheritable' sysctl: permission denied on key 'net.ipv4.tcp_fastopen_key' as sudo ubuntu@ip-10-102-154-226:~$ sudo sysctl -a| grep fs.file-max fs.file-max = 1528687 Also, I see this error at the top of the redis.log file, not sure if it's related. It makes sense that the ubuntu user isn't allowed to change max open files, but given the high ulimits I have tried to set he shouldn't need to: [1050] 23 Aug 21:00:43.572 # You requested maxclients of 10000 requiring at least 10032 max file descriptors. [1050] 23 Aug 21:00:43.572 # Redis can't set maximum open files to 10032 because of OS error: Operation not permitted.

  Read the article

• How do you map a solo press of a modifier key to its own function or mapping on Windows?

  - by Conrad.Dean

  Today on hacker news there was a clever article on custom shortcut keys. The author talks about a technique for remapping a modifier key such as CTRL to ESC if CTRL were pressed without a modifier. This is useful in vim because of how often you need to press ESC. Another technique he describes is mapping the open parenthesis, ( to the left shift key, and ) to the right shift key. If another key is pressed when shift is held down, the shift key behaves normally. The author describes the software he uses on OSX, but is there a way to do this on Windows? I've heard of AutoHotKey but it seems to only fire macros when simple keys are pressed, rather than the conditional state switch that this would require.

  Read the article

• My server appears to have been hacked+ scanssh run by zabbix is it normal?

  - by Niro

  I'm running a few EC2/Scalr instances with zabbix monitoring. I received complaints about one of my servers port scanning other servers. the logs show it is accessing port 22 on consecutive IP addresses. I looked at the processes list and saw scanssh is running under the user Zabbix. My question is- Is scanssh part of zabbix? Is it suppesd to run? I have active autodiscovery on zabbix but it is looking at another IP addresses and definately not port 20. Is it possible that something in the config of zabbix agent is controlling it and not the settings on zabbix server? What can I do to find out if zabbix is somehow misbehaving or it is a hacker? Any advice is highly appreciated.

  Read the article

• Secure Apache Virtual Hosts?

  - by Dr Hydralisk

  I am going to host a few small sites on VPS, and each of them are going to run my own custom PHP scripts. I am fairly certain that they are secure (did everything in the book, plus some of which is not in the book) to make sure they can't be exploited. But just to be safe I want to know how I could secure each of the virtual hosts so that they can't escape from there virtual host (if a hacker uploaded a shell they could not go above the www folder a legitimate user can't do in ftp no matter how many times they click ..) folder on Debian and Apache.

  Read the article

• Knowledge and user generated content management system to track files, research, proposals, etc.?

  - by Eshwar

  I'll try keep it short. Here's the scenario: We have employees all over the world performing similar work i.e. research, generating powerpoint slides, word documents, graphics, etc. Many times a lot of this previous work can be reused for another future project. The current arrangement is email and phone calls which as you would agree is quick if you know where to look but otherwise archaic and very very inefficient. So I am looking for software that will allow me to do the following: Tag files e.g. an investor presentation on cellphone usage in kenya would be tagged investor, cellphone, kenya Manage references e.g. if we read something on the internet, should be able to paste that link in some fashion and tag it as above. Preferably cloud based so that it can be accessed by anybody and additionally would be nice (though NOT must) to have access levels (director, manager, everyone) A nice interface that non technically savvy folks can warm up to ;) A desktop app would be handy so that people don't always have to click upload or something A tree based system is inefficient in this case because content is usually linked across branches and also people might not quite agree on one format of a tree. Tagging works around this very nicely. What I have considered so far: Evernote (for its more professional look) Springpad (for its versatility with content) Mendeley (this is a research manager and in some ways ideal, but i fear its limited to PDFs) The goal is that when somebody wants to look for a document, they don't have to ask a colleague, they can just search with keywords and all relevant information shows up. Thanks!

  Read the article

• Security of BitLocker with no PIN from WinPE?

  - by Scott Bussinger

  Say you have a computer with the system drive encrypted by BitLocker and you're not using a PIN so the computer will boot up unattended. What happens if an attacker boots the system up into the Windows Preinstallation Environment? Will they have access to the encrypted drive? Does it change if you have a TPM vs. using only a USB startup key? What I'm trying to determine is whether the TPM / USB startup key is usable without booting from the original operating system. In other words, if you're using a USB startup key and the machine is rebooted normally then the data would still be protected unless an attacker was able to log in. But what if the hacker just boots the server into a Windows Preinstallation Environment with the USB startup key plugged in? Would they then have access to the data? Or would that require the recovery key? Ideally the recovery key would be required when booted like this, but I haven't seen this documented anywhere.

  Read the article

• IIS 6 ASP.NET default handler-mappings and virtual directories

  - by Mark Lauter

  I'm having a problem with setting a default mapping in IIS 6. I want to secure *.HTML files with ASP.NET forms authentication. The problem seems to have something to do with using virtual directories to hold the html files. Here's how it's setup: sample directory tree c:/inetpub/ (nothing in here) d:/web_files/my_web_apps d:/web_files/my_web_apps/app1/ d:/web_files/my_web_apps/app2/ d:/web_files/my_web_apps/html_files/ app1 and app2 both access the same html_files directory, so html_files is set as a virtual directory in the web apps in IIS... sample web directory tree //app1/html_files/ (points to physical directory: d:/web_files/my_web_apps/html_files/) //app2/html_files/ (points to physical directory: d:/web_files/my_web_apps/html_files/) If I put a file called test.html in the root of //app1/ and then add the default mapping to the asp.net dll and setup my security on the root folder with deny="?", then accessing test.html works exactly as expected. If I'm not authenticated, it takes me to the login.aspx page, and if I am authenticated then it displays test.html. If I put the test.html file in the html_files directory I get a totally different behavior. Now the login.aspx page loads and I stuck some code in to check if I was still authenticated: <p>autheticated: <%=User.Identity.IsAuthenticated%></p> I figured it would say false because why else would it bother to load the login page? Nope, it says true - so it knows i'm authenticated, but it won't give me access to the test.html file. I've spent several hours on this and haven't been able to solve it. I'm going to spend some more time on google to see if I've missed something. Fingers crossed.

  Read the article

< Previous Page | 65 66 67 68 69 70 71 72 73 74 75 76  | Next Page >