Search Results

Search found 3707 results on 149 pages for 'secure'.

Page 90/149 | < Previous Page | 86 87 88 89 90 91 92 93 94 95 96 97 | Next Page >

Client-side certificates

- by walshms

My company purchased a wildcard certificate from a vendor. This certificate was successfully configured with Apache 2.2 to secure a subdomain. Everything on the SSL side works. Now I'm required to generate x509 client-side certificates to issue for this subdomain. I'm following along this page: (http://www.vanemery.com/Linux/Apache/apache-SSL.html), starting with "Creating Client Certificates for Authentication". I've generated the p12 files and successfully imported them into Firefox. When I browse to the site now, I get an error in FireFox that says "The connection to the server was reset while the page was loading." I think my problem is coming from not signing the client-side correctly. When I sign the client-side certificate, I'm using the PEM file (RapidSSL_CA_bundle.pem) from RapidSSL (who we bought the certificate from) for the -CA argument. For the -CAkey argument, I'm using the private key of the server. Is this correct?

Read the article
USB-keyboard & mouse powered off in windows-7

- by sinned

I have a problem with a pc where usb devices are not getting any power as soon as windows starts up (it works in preboot). This pc has no ps/2, so there is no chance for input, also not in secure boot mode. I "tidied up" using sysinternals autostart, so there is a chance I messed something up here, although I'm quite sure I only deleted some old printer drivers from autostart. I do not know how to reset this, I cant even log in because there is no input possible. I could use a linux live cd, but I don't know what to do there because there is no sysinternals from linux into a not running windows... To make things even worse, I have the windows installation completely encrypted with truecrypt, so I haven't even tried windows recovery cd yet. There is no loss of data since I can access the disc with a live-linux, I only want to use it again without resetting up everything. Any suggestions?

Read the article
Spam mail through SMTP and user spoofing

- by Josten Moore

I have noticed that it's possible to telnet into a mailserver that I own and send spoofed messages to other clients. This only works for the domain that the mail server is regarding; I cannot do it for other domains. For example; lets say that I own example.com. If I telnet example.com 25 I can successfully send a message to another user without authentication: HELO local MAIL FROM: [email protected] RCPT TO: [email protected] DATA SUBJECT: Whatever this is spam Spam spam spam . I consider this a big problem; how do I secure this?

Read the article
Access requires a username and password

- by articles

Access requires a username and password Warning: This server is requesting that your username and password be sent in an insecure manner (basic authentication without a secure connection) I am getting this above message. I have hosted a website in godaddy hosting space. But when i run it.. it is prompt for User name and Password (above message). I am not using windows authentications in my website.... Moreover, i have test my website code on testing server....it never prompts for this message unless Integrated Windows Authentication is checked. Any help is appreciated.. Thanks

Read the article
Ownership/permissions of uploaded files

- by Cudos

Hello. I want to find out if I am on the right track. My script uploads files to the directory "images". The directory has this setup: owner/group = www-data Permissions = 700 Questions: Is this a good way to secure the directory from a hacker uploading files? Will the hacker be able to upload the files directly to the directory? Note: I have a bunch of other security measures in my upload script + an .htaccess script in the directory that disables script Execution. I just what to know if the permissions on the directory is sensible. I run apache 2.2

Read the article
how to make SFTP work on Windows

- by cyberkiwi

What is the correct way to set up sshwindows for SSH key authentication? Does the user need to be created in Windows first or can a login be inserted into passwd without a Windows equivalent? I've searched on Google and have tried the tutorials and quick start guides. So far, exactly 0 have worked. None pointed out that to work in Windows 2008 R2, you need to change the properties of cygrunsrv.exe to "Windows XP SP3" compability mode to even get past the service startup "error 1067". Although it is running, no amount of configuration allowed me to log on to the SFTP server, even though I tried (from another machine): same user account added using "mkpasswd" + windows password same user account added using "mkpasswd" + public ssh key (added to /home/theuser/.ssh) On Windows 2003 R2 (a different attempt), the service would crash every time it started up. Some links I went through http://pigtail.net/LRP/printsrv/cygwin-sshd.html http://forevergeeks.com/how-to-setup-a-secure-ftp-sftp-site-with-openssh-on-windows/ http://support.moonpoint.com/os/windows/server2003/openssh-service-not-starting.html

Read the article
Mysql refusing connection: a very special connection issue

- by k to the z

I have my programers remoting into a web server with windows rdp. This web server is the only machine that can access another mysql server in a secure zone. When I remote into the web server from my machine I am able to connect to the mysql server through the mysql workbench on the web server. However, when I try this same procedure from another person's computer I can get into the server via rdp. I just can't connect to mysql using the workbench. I have checked and re checked the credentials and connection information. They match. I've had other people check and re check the credentials. As far as mysql permissions are concerned this user is allowed to connect from any machine. Plus I'm remoting into the same web server. The only difference seems to be which computer is remoting into the webserver. wtf?

Read the article
ssl_error_rx_record_too_long error on IIS - site was working, suddenly stopped

- by JK01

I am suddenly getting this error connecting to localhost IIS on my development machine. It has been working fine for ages, and now suddenly has this error in Firefox: Secure Connection Failed An error occurred during a connection to localhost. SSL received a record that exceeded the maximum permissible length. (Error code: ssl_error_rx_record_too_long) I have googled and found no clear explanation. In IE it says: Internet Explorer cannot display the webpage\ In Chrome it says: Oops! This link appears to be broken.

Read the article
Allowing users in from an IP address without certificate client authentication

- by John

I need to allow access to my site without SSL certificates from my office network and with SSL certificates outside. Here is my configuration: <Directory /srv/www> AllowOverride All Order deny,allow Deny from all # office network static IP Allow from xxx.xxx.xxx.xxx SSLVerifyClient require SSLOptions +FakeBasicAuth AuthName "My secure area" AuthType Basic AuthUserFile /etc/httpd/ssl/index Require valid-user Satisfy Any </Directory> When I'm inside network and have certificate - I can access. When I'm inside network and haven't certificate - I can't access, it requires certificate. When I'm outside network and have certificate - I can't access, it shows me basic login screen When I'm outside network and haven't certificate - I can't access, it shows me basic login screen and following configuration works perfectly <Directory /srv/www> AllowOverride All Order deny,allow Deny from all Allow from xxx.xxx.xxx.xxx AuthUserFile /srv/www/htpasswd AuthName "Restricted Access" AuthType Basic Require valid-user Satisfy Any </Directory>

Read the article
Using Windows Azure storage for backup

- by Bruno

I am currently looking at Windows Azure blobs as an option for backing up archive data. I want to be able to upload files from an external windows machine via the internet but I don't know enough about Windows Azure storage to make a decision. Some of the questions I have are How do I upload the files. Is there a client application, can I use robocopy? Would it be fast enough? i.e. Could I download or upload 1TB of data in a week? Is it secure? Hopefully someone smarter than me can help me :-)

Read the article
Is it possible to hide the SSID of the Windows 7 soft AP

- by Goro

I know it is possible to create a sofware AP in windows 7 using command prompt: netsh wlan set hostednetwork ... But is it possible to set such a network not to broadcast its SSID? I realize that this does not gain any security - or may even make the system more secure, but I am not asking about security here. I want to know if it is possible, through the netsh command interface, to hide the SSID. If my client wants to hide the SSID, then I will make them aware of security implications, but in the end it is their decision.

Read the article
How to use ssh-agent (and graphic passphrase dialog) in Kubuntu 10.10?

- by halo

I have recently switched from Ubuntu to kubuntu, both version 10.10. Unfortunately in KDE the ssh passphrase dialog doesn't work out of the box. Everytime my ssh private key is used I need to enter my password. This is neither secure nor comfortable. I have done comprehensive research on the net but only found out dated documentation. Several things I tried didn't work out. Current status: SSH setup working with direct passphrase input ssh-agent running in X session $SSH_AUTH_SOCK set to ssh-agent's socket in X session How to enable ssh-agent for keeping the passphrase in memory for ~15mins and as a bonus always use a graphical dialog for its input? I use asymmetric SSH key pairs for pushing/pulling in Git VCS logging remotely into different server systems

Read the article
How to use ssh-agent (and graphic passphrase dialog) in Kubuntu 10.10?

- by halo

I have recently switched from Ubuntu to kubuntu, both version 10.10. Unfortunately in KDE the ssh passphrase dialog doesn't work out of the box. Everytime my ssh private key is used I need to enter my password. This is neither secure nor comfortable. I have done comprehensive research on the net but only found out dated documentation. Several things I tried didn't work out. Current status: SSH setup working with direct passphrase input ssh-agent running in X session $SSH_AUTH_SOCK set to ssh-agent's socket in X session How to enable ssh-agent for keeping the passphrase in memory for ~15mins and as a bonus always use a graphical dialog for its input? I use asymmetric SSH key pairs for pushing/pulling in Git VCS logging remotely into different server systems

Read the article
Configure session length with htaccess

- by brianpartridge

My home web server is running the stock OSX Apache 2 install. I have some directories with content that I want to secure, so I setup htaccess files for those areas. However, I find it annoying to have to login to those areas as frequently as I do. Once I'm logged in I'd like to not have to login again for a long time, similar to setting a long time in a cookie. But, I'd like to increase the life time of the authenticated session with htaccess. I've googled but haven't found what I'm looking for, maybe because I'm looking for the wrong term. I want to configure the 'session length', 'session timeout', 'time limit', or 'expiration' for users authenticated via htaccess. Any thoughts?

Read the article
Putting a whole linux server under source control (git)

- by Tobias Hertkorn

I am thinking about putting my whole linux server under version control using git. The reason behind it being that that might be the easiest way to detect malicious modifications/rootkits. All I would naively think is necessary to check the integrity of the system: Mount the linux partition every week or so using a rescue system, check if the git repository is still untempered and then issue a git status to detect any changes made to the system. Apart from the obvious waste in disk space, are there any other negative side-effects? Is it a totally crazy idea? Is it even a secure way to check against rootkits since I most likely would have to at least exclude /dev and /proc ?

Read the article
Exchange 2010 550 5.7.1 unable to relay

- by isorfir

I have a website application that needs to send email via our Exchange servers. It sends email internally fine, but when sending to an external address I get the 550 5.7.1 unable to relay error. I followed this guide to create a connector to allow relay. Unfortunately, all office email was trying to use that connector and was not being routed correctly. It also appeared as though it opened it up for spammers to use. This is obviously unacceptable and a secure method is needed.

Read the article
Possible to redirect from HTTPS to HTTP behind load-balancer?

- by Derek Hunziker

I have a basic ASP.NET application that sits behind an F5 load-balancer. Incoming SSL requests (over HTTPS) terminate at the load-balancer and all internal communication between the load-balancer and my application servers is unsecure (over HTTP). When a unsecure request comes in, my app is able to use Response.Redirect("https://...") to redirect a secure URL with no problems. However, the other direction appears to be impossible - I cannot redirect from HTTPS to HTTP using Response.Redirect() from my application. The URL remains HTTPS for the client and does not change. Could the F5 be preventing the redirect for ever reaching the client? Is there any special configuration necessary to let this happen?

Read the article
View Security Server and Direct Connection

- by Poort443

I have a Security Server for my connections from the Internet. This works fine, accept when I enable "Direct Connection to the desktop". I found the following statement on this: If you bypass the secure connection, the client must establish a direct RDP communication to the desktop virtual machine over RDP (port 3389). Does this mean I have to open 3389 (RDP) to the Internet if I want to use Direct Connections? If I disable Direct Connections to get my Security Server working, I have to disable it on my Connection Server. It's my understanding that this means that if I reboot my Connection Server, all the View clients get disconnected. Is there a way I can disable "Direct Connections" for the Security Server, while enabling it for access from the LAN? Tia.

Read the article
Linux live cd with Broadcom Wi-fi support

- by paul simmons

I am looking for a live distro that has out of the box Broadcom wireless support. I am pretty happy with my Ubuntu installation and as long as I have an ethernet connection first time installed, I can install Broadcom drivers over internet. But being a little paranoid, I make my secure operations (banking etc.) with a live cd and zero hard disk access, so nothing is recorded. So far I plug ethernet to do such things with the live cd, but it would be nice if I can do same thing with wireless.

Read the article
Accessing our Intranet from outside our Network - WITHOUT VPN

- by westexasman

We just upgraded our company intranet from an IIS based, ASP (poorly written) server/code base to a Windows Server 2008 r2 (Apache/MySQL/PHP) server. The old server allowed users to login to intranet.xxx.org using there AD user/pass which then lead them to the company Intranet from basically anywhere they had Internet access. We want to mimic that functionality (or change it to something more secure) with the new setup. This was seemingly setup for off-site employees running on a state network. The state network does not allow VPN, therefor, we needed a way to allow those employees access to the Intranet. So, how do we go about allowing users to login from the outside world and gain access to our Intranet?

Read the article
AWS VPC - why have a private subnet at all?

- by jkim

In Amazon VPC, the VPC creation wizard allows one to create a single "public subnet" or have the wizard create a "public subnet" and a "private subnet". Initially, the public and private subnet option seemed good for security reasons, allowing webservers to be put in the public subnet and database servers to go in the private subnet. But I've since learned that EC2 instances in the public subnet are not reachable from the Internet unless you associate an Amazon ElasticIP with the EC2 instance. So it seems with just a single public subnet configuration, one could just opt to not associate an ElasticIP with the database servers and end up with the same sort of security. Can anyone explain the advantages of a public + private subnet configuration? Are the advantages of this config more to do with auto-scaling, or is it actually less secure to have a single public subnet?

Read the article
Public Wi-Fi and software updates

- by coding4fun

According to Microsoft, "Never update your software on a public Internet connection." So I have some questions. 1. What if a public Wi-Fi hotspot is the only Internet available, ever? Never update anything? 2. What happens if Windows or some other program is set to update automatically and attempts to do so while you are using a public Wi-Fi? Disable all automatic updates on all software? 3. Will VPN help to secure software updates? If so, how to go about it? Thanks.

Read the article
Fully secured gateway web sites

- by SeaShore

Hello, Are there any web sites that serve as gateways for fully encrypted communication? I mean sites with which I can open a secured session, and then to exchange through them with other sites in a secure way both URLs and content? Thanks in advance. UPDATE Sorry for not being clear. I was wondering if there was a way to access any site over the Internet (http or https) without letting any Intranet-proxy read the requested URL or the received content. My question is whether such a site exists, e.g.: I am connected to that site via https, I send it a URL in a secured way, the site gets the content from the target site (possibly in a non-secured way) and returns to me the requested content in a secured way.

Read the article
Why do people tell me not to use VLANs for security?

- by jtnire

Hi Everyone, As per title, why do people tell me not to use VLANs for security purposes? I have a network, where a have a couple of VLANS. There is a firewall between the 2 VLANs. I am using HP Procurve switches and have made sure that switch-to-switch links accept tagged frames only and that host ports don't accept tagged frames (They are not "VLAN Aware"). I've also made sure that the native VLAN (PVID) of the trunk links are not the same as either of the 2 host VLANs. I've also enabled "Ingress Filtering". Furthermore, I've made sure that host ports are only members of a single VLAN, which is the same as the PVID of the respective port. The only ports which are members of multiple VLANs are the trunk ports. Can someone please explain to me why the above isn't secure? I believe I've addressed the double tagging issue.. Thanks

Read the article
Problem with domain getting turned to IP address for https

- by user229133

I have a website that is using Windows Server 2003. The site is called https://mysite.com/ and at ip address 111.1.1.1. Now when I log into the site all my relative links that are generated using NavURL (<%# NavURL("Images/Menu/img.gif")%) are saying "http://111.1.1.1/Images/Menu/img.gif" instead of "https://mysite.com/Images/Menu/img.gif". This is causing an error because it needs to be secure. I'm sure there is a setting on the server somewhere to point to the name and not the ip, but I don't know where. Thanks for your help.

Read the article

< Previous Page | 86 87 88 89 90 91 92 93 94 95 96 97 | Next Page >