Search Results

Search found 6020 results on 241 pages for 'valid'.

Page 97/241 | < Previous Page | 93 94 95 96 97 98 99 100 101 102 103 104  | Next Page >

• Should I Upgrade My Old Wireless Router?

  - by lyngbym

  I have an old wireless router, and I mean stone age old (5 years). There is nothing wrong technically with the router, it serves my wireless needs at home but it is really darn old. A search on Belkin's site for F5D7230-4 actually turns up a different old model so I scrounged up this old review for you to get a sense of what I'm running: http://www.pcmag.com/article2/0,2817,1572451,00.asp. Is there a valid security reason to replace this router in 2009? Google searches have turned up a few security threats to it and Belkin hasn't released new firmeware in years for it. I am starting to think I should replace it mainly because its NAT is about the only thing protecting me from the outside world. Buying a new wireless router is a boring way to spend money since it just sits on a shelf doing its job. Thoughts?

  Read the article

• SQL Server 2008 Registration with Product Key

  - by Kanini

  A colleague of mine gave me the SQL Server 2008 Standard ISO image and I used that while building a Virtual Machine. Now, when I installed SQL Server with that above mentioned ISO, I did not give it a key and I chose Enterprise Evaluation. So, the instance has now been activated with 180-day expiration. I do have a valid MSDN Subscriber login but when I login and search for SQL Server 2008 it comes up with the download but says No Product Key is required. How do I now enter the product key?

  Read the article

• Exchange Server 2010 ActiveSync SSL Certificate Problem

  - by Cell-o

  Hi All, We have a problem related Exchange Server 2010 Activesync.My problem is;When I connecting to activesync from outside, I am receiving the following error. ExRCA is testing Exchange ActiveSync. The Exchange ActiveSync test failed. Test Steps Attempting to resolve the host name mail.xxxxx.com in DNS. The host name resolved successfully. Additional Details IP addresses returned: xx.0.x3.4 Testing TCP port 443 on host mail.x.com to ensure it's listening and open. The port was opened successfully. Testing the SSL certificate to make sure it's valid. The SSL certificate failed one or more certificate validation checks. Test Steps Validating the certificate name. Certificate name validation failed. Tell me more about this issue and how to resolve it Additional Details Host name mail.x.com doesn't match any name found on the server certificate CN=xxxxxx. Thanks in advance all your help.

  Read the article

• Setting up Shibboleth to secure part of a website

  - by HorusKol

  I've installed the Shibboleth module for apache on Ubuntu 10.04 using aptitude to install libapache2-mod-shib2 as per https://groups.google.com/group/shibboleth-users/browse_thread/thread/9fca3b2af04d5ca8?pli=1 and enabled the module (I have checked in /etc/apache2/mods-enabled) I then proceeded to secure a directory on the server by placing a .htaccess file with the following directives: AuthType shibboleth ShibRequestSetting requireSession 1 Require valid-user Now - I haven't set up an SSL host yet - and I also haven't set up the IdP - but I would expect that the server would block access to this directory - but I'm getting the content without any problems. I have restarted the apache service and I have no errors in the log files.

  Read the article

• (PHP) User is being forced to RE-LOGIN after trying to do something on an admin page

  - by hatorade

  I have created an admin panel for a client in PHP, which requires a login. Here is the code at the top of the admin page requiring the user to be logged in: admin.php <?php session_start(); require("_lib/session_functions.php"); require("_lib/db.php"); db_connect(); //if the user has not logged in if(!isLoggedIn()) { header('Location: login_form.php'); die(); } ?> Obviously, the if statement is what catches them and forces them to log in. Here is the code on the resulting login page: login_form.php <form name="login" action="login.php" method="post"> Username: <input type="text" name="username" /> Password: <input type="password" name="password" /> <input type="submit" value="Login" /> </form> Which posts info to this controller page: login.php <?php session_start(); //must call session_start before using any $_SESSION variables include '_lib/session_functions.php'; $username = $_POST['username']; $password = $_POST['password']; include '_lib/db.php'; db_connect(); // Connect to the DB $username = mysql_real_escape_string($username); $query = "SELECT password, salt FROM users WHERE username = '$username';"; $result = mysql_query($query); if(mysql_num_rows($result) < 1) //no such user exists { header('Location: login_form.php?login=fail'); die(); } $userData = mysql_fetch_array($result, MYSQL_ASSOC); db_disconnect(); $hash = hash('sha256', $password . $userData['salt']); if($hash != $userData['password']) //incorrect password { header('Location: login_form.php?login=fail'); die(); } else { validateUser(); //sets the session data for this user } header('Location: admin.php'); ?> and the session functions page that provides login functions contains this: session_functions.php <?php function validateUser() { session_regenerate_id (); //this is a security measure $_SESSION['valid'] = 1; $_SESSION['userid'] = $username; } function isLoggedIn() { if($_SESSION['valid']) return true; return false; } function logout() { $_SESSION = array(); //destroy all of the session variables if (ini_get("session.use_cookies")) { $params = session_get_cookie_params(); setcookie(session_name(), '', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"] ); } session_destroy(); } ?> I grabbed the sessions_functions.php code of an online tutorial, so it could be suspicious. Any ideas why the user logs in to the admin panel, tries to do something, is forced to re-login, and THEN is allowed to do stuff like normal in the admin panel?

  Read the article

• Microsoft Basic Office 2007 Activation Keys won't work after re-installing on my Laptop

  - by Rolnik

  So, I've upgraded my hard-drive on my laptop, and proceeded to grab my trusty copper-faced Official MS Office disk to do an install. I have three licenses with the fancy green-blue paper that identifies the license keys. Problem is, that for each of these license keys, when the Office 2007 software asks that I enter the "Product Key" it states: The key is incorrect. Verify that you have the correct key, and then retype it Why would Microsoft want to inhibit/prohibit re-installs on the same machine that the software was initially installed to? Incidentally, the same goofy error happens with each of the three valid product key (activation keys) that I enter.

  Read the article

• Subversion LDAP Configuration

  - by dbyrne

  I am configuring a subversion repository to use basic LDAP authentication. I have an entry in my http.conf file that looks like this: <Location /company/some/location> DAV svn SVNPath /repository/some/location AuthType Basic AuthName LDAP AuthBasicProvider ldap Require valid-user AuthLDAPBindDN "cn=SubversionAdmin,ou=admins,o=company.com" AuthLDAPBindPassword "XXXXXXX" AuthLDAPURL "ldap://company.com/ou=people,o=company.com?personid" </Location> This works fine for living, breathing people who need to log in. However, I also need to provide application accounts access to the repository. These accounts are in a different OU. Do I need to add a whole new <location> element, or can I add a second AuthLDAPURLto the existing entry?

  Read the article

• prevent OS X from prompting disk initialization/formatting

  - by Just-A-User.A-Superuser

  i have TrueCrypt partition, when i insert it in OS X, it always prompt me to initialize the hard disk. is there a way to prevent os x from detecting uninitialize hard disk? [UPDATE] by the way, as Truecrypt suggested while i'm in Windows, i must make partitions so the os won't detect the hard drive as uninitialized. Windows respected that the drive already have contents by the mere fact that it has partitions, while OS X thinks that it is still uninitialized. i think OS X is trying to be smart by detecting if each partition has a valid filesystem id/marker

  Read the article

• subversion: enforce TLS

  - by Daniel Marschall

  Hello, I am running subversion on a Debian Squeeze system with Apache2 and mod_dav for viewing the contents with a webbrowser. I want to enforce the usage of TLS, so that the login data and the SVN contents cannot be read from the connection. I have tried following: <Location /svn> DAV svn SVNParentPath /daten/subversion/ # our access control policy AuthzSVNAccessFile /daten/subversion/access_control # try anonymous access first, resort to real # authentication if necessary. Satisfy Any Require valid-user # how to authenticate a user AuthType Basic AuthName "Subversion repository" AuthUserFile /daten/subversion/.htpasswd # Test SSLRequireSSL RewriteEngine On RewriteCond %{SERVER_PORT} !443 RewriteRule ^svn/(.)$ https://www.viathinksoft.de/svn/$1 [R,L] </Location> at file /etc/apache2/conf.d/subversion.conf Alas, this does not work. There is no redirect and there is still a HTTP request working at /svn/(projectname)/(somefolder) . This SSL-enforce-policy should work for - viewing the contents with webbrowser - retrieve contents with TurtoiseSVN client - committing contents with TurtoiseSVN client Can you please help me? Regards Daniel Marschall

  Read the article

• The canonical "blocking BitTorrent" question

  - by Aphex5

  How can one block, or severely slow down, BitTorrent and similar peer-to-peer (P2P) services on one's small home/office network? In searching Server Fault I wasn't able to find a question that served as a rallying point for the best technical ideas on this. The existing questions are all about specific situations, and the dominant answers are social/legal in nature. Those are valid approaches, but a purely technical discussion would be useful to a lot of people, I suspect. Let's assume that you don't have access to the machines on the network. With encryption use increasing in P2P traffic, it seems like stateful packet inspection is becoming a less workable solution. One idea that seems to make sense to me is simply throttling down heavy users by IP, regardless of what they're sending or receiving -- but it doesn't seem many routers support that functionality at the moment. What's your preferred method to throttle P2P/BitTorrent traffic? My apologies if this is a dupe.

  Read the article

• SSL Certificate Stops Working after Server Reboot on IIS7, W2K8

  - by Zac

  We recently upgraded from W2K3/IIS6 to W2K8/IIS7 and have been having problems with our SSL Certificate (Thawte 123 SSL certificate) ceasing to work after rebooting. Initially, the intermediate certificates would stop working and we could repair the problem by reinstalling all of them after the reboot (annoying, but not the end of the world). Unfortunately, this is no longer working. The certificate chain has been doublechecked by several tools and people with decent knowledge but no one has been able to identify the cause of the problem. The bindings in IIS have been checked as well The cert itself is also still valid. NOTE 1: I have seen THIS question which seems to be very similar, but there is no satisfactory answer in that post and it's a year old so not likely to get one any time soon. NOTE 2: I'm asking this on behalf of a co-worker so won't be able to provide instant feedback to any questions/suggestions but I will pass it on. The url is: http://www.flirtalike.com / https://www.flirtalike.com Screenshots:

  Read the article

• Why isn't 'ether proto \ip host host' a legal tcpdump expression?

  - by Ezequiel Garzon

  In its description of valid tcpdump expressions, the pcap-filter man pages state: The filter expression consists of one or more primitives. Primitives usually consist of an id (name or number) preceded by one or more qualifiers. In turn, these qualifiers are type, dir and proto. So far so good, but further down we find this: ip host host which is equivalent to: ether proto \ip and host host In the first case, ip and host are, respectively, proto and type. What pattern does ether proto \ip follow? Isn't that, as a whole, a proto qualifier? If so, why isn't (a properly escaped) 'ether proto \ip host host' legal (no and)?

  Read the article

• iCal4j ics file not importing to Outlook 2010

  - by user1770475

  I'm having trouble importing an ics file via the 'internet calendars' option in Outlook. The file is produced, I believe, by a Java applet. When I open the ics file directly within Outlook 2010 it works fine, i.e. click on the link and open the downloaded file with Outlook. I've also validated it online with the validator mentioned in some Stack Overflow posts. However when I subscribe to the link via internet calendars I get the following error: The file "calendar" is not a valid Internet Calendar file I haven't been able to work out what's going wrong here and the error message isn't particularly helpful. Does anyone have any ideas why this isn't working?

  Read the article

• error 0x80070522. not able to create a file in c:\ directory

  - by Abbas

  Hello Everybody... "error 0x80070522. not able to create a file in c:\ directory" One of our customers has just found a problem when trying to create a file on the root of the C:\ Drive, on a Windows 7 Professional PC. I know they shouln't be keeping files here, but there is a valid reason in this case, so I've relaxed the security on the root of C:\ by giving the group 'users' modify permission. Before I relaxed the security, the user was receiving 'access denied', but now they are receiving the message: An unexpected error is keeping you from creating the file. If you continue to recieve this error, you can use the error code to search for help with this problem. Error 0x80070522: A required priviledge is not held by the client. Googling for this suggests that it is caused by UAC, but how can I get round this when the user doesn't have admin rights on their PC? So did you find a solution for this issue ?? Please its urgent to my accountant software..

  Read the article

• Allow from referer for HTTP-basic protected SSL apache site

  - by user64204

  I have an apache site protected by HTTP basic authentication. The authentication is working fine. Now I would like to bypass authentication for users that are coming from a particular website by relying on the HTTP Referer header. Here is the configuration: SetEnvIf Referer "^http://.*.example\.org" coming_from_example_org <Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride None Deny from all Allow from env=coming_from_example_org AuthName "login required" AuthUserFile /opt/http_basic_usernames_and_passwords AuthType Basic Require valid-user Satisfy Any </Directory> This is working fine for HTTP, but failing for HTTPS. My understanding is that in order to inspect the HTTP headers, the SSL handshake must be completed, but apache wants to inspect the <Directory> directives before doing the SSL handshake, even if I place them at the bottom of the configuration file. Q: How could I workaround this issue? PS: I'm not obsessed with the HTTP referer header, I could use other options that would allow users from a known website to bypass authantication.

  Read the article

• My site was recently attacked. What do I do?

  - by ChrisH

  This is a first for me. One of the sites I run was recently attacked. Not at all an intelligent attack - pure brute force - hit every page and every non-page with every extension possible. Posted with garbage data to every form and tried to post to some random urls too. All tod, 16000 requests in one hour. What should I do to prevent/alert this kind of behavior? Is there a way to limit the request/hr for a given ip/client? Is there a place I should be reporting the user to? They appear to be from China and did leave what seems like a valid e-mail.

  Read the article

• How the computer could be used by two users at the same time

  - by user59595

  Running windows 7 64, Is there any application that allows me to connect an additional keeyboard and mice and monitor, so that this can be used by other user at the samee time while I use the main computer, There is an application called cpnmouse but it doesnt work on win7, betwin crashes before win7 start up, teamplayer is too expensive Has anyone figured out this functionality maybe with virtual machinees or something, i've tried team player in a virtual machine but it crashes I have 3 monitors one of theem is a Tv, i would like that my girlfried uses it as a terminal without me loosing the focus cause she uses the mice There is a linux software called userful, but it's linux and doesnt work for me, and windows multipoint server needs a clean installation and also that's not a valid choice

  Read the article

• Home Server restore fails cannot find boot device

  - by Tim Heuer

  I am using Windows Home Server to backup my PCs. I recently had a hard drive failure on one of my WHS connected PCs and obtained an identical sized/speed drive for my laptop. I used the latest home server restore CD and did the restore. It said it completed successfully. Upon reboot, it says 'cannot find boot device' and lists all my drives (hard drive, cd, network book) indicating no valid operating system was found. I boot using the Win7 repair disk and while it doesn't see the operating system, it sees the drive and if I go into a command prompt, I can see all my data on the drive. My laptop is Windows 7 64-bit Ultimate. I've tried most everything I can think of. I'm a technical user (software developer) so I'm pretty aware of how things work (or should). I don't feel like I'm missing a simple step here.

  Read the article

• Broken characters in filenames only in some directories

  - by Kaivosukeltaja

  We have a web server running CentOS 5.8 that uses SVN for version control. When trying to switch to the latest revision, we got an error about the filenames of files in an upload directory: svn: Error converting entry in directory 'adm/emails/upload' to UTF-8 svn: Valid UTF-8 data (hex: 54 79) followed by invalid UTF-8 sequence (hex: f6 6b 69 72) Upon investigating, we noticed there were some files that had broken filenames: $ ls ~/public_html/adm/emails/upload/ Ty?el?m?trendit.csv Ty?kirja1.csv To get the update completed quickly, we simply mved the files into our home directory. Surprisingly, their filenames looked fine in their new location: $ ls ~/ Työelämätrendit.csv Työkirja1.csv After the update we moved them back to where they were and their filenames were broken again. What could cause this and how can we fix it? The system's locale is set to LANG=en_US.UTF-8.

  Read the article

• I am trying to write an htaccess file performs authentication and redirects authenticated users to a

  - by racl101

  This is what I have so far but I can't get the RewriteCond and RewriteRule properly. RewriteEngine On RewriteCond %{LA-U:REMOTE_USER} (\d{3})$ RewriteRule !^%1 http://subdomain.mydomain.com/%1 [R,L]. AuthName "My Domain Protected Area" AuthType Basic AuthUserFile /path/to/my/.htpasswd Require valid-user This is what I mean the ReWriteCond and RewriteRule to say: "If the REMOTE_USER has a username ending in 3 digits then capture the three digits that match and for whatever url they are trying to access if it does not start with the 3 digits captured then redirect them to the sub directory with the name equal to those captured three digits." In other words, if a user named 'johnny202' is authenticated then if he's requesting any directory other than http://subdomain.mydomain.com/202/ then he should be redirected to http://subdomain.mydomain.com/202/ The only thing I can think of that is wrong is the first instance of '%1'.

  Read the article

• data protector red tapes

  - by Caesar

  I am using HP Data Protector A.06.11 in my organization, with HP EML E-SeriesEML library, with 4 drives using LTO-4 tapes, and i am having some problems. Yesterday I put 5 new tapes in the robot and formatted them. At that time, the robot got just those empty 5 tapes with empty space. (all the rest of the tapes are red, or with protection) Today in the morning after the night (1 backup run at night), and 2 of the new tapes are red (the properties are): Writes : 2 Overwrites : 1 Errors : 9 I format one of them, and check for each drive if the tape become red, no one of the drives do it. In the main pool properties, in media condition got: Valid for : 36 (months) Maximum overwrites : 250

  Read the article

• SSH tunnel & Rsync thru two proxy/firewalls

  - by cajwine

  Screnario: [internal_server_1]AA------AB[firewall_1]AC----+ 10.2.0.3-^ ^-10.2.0.2 | internet 10.3.0.3-v v-10.3.0.2 | [internal_server_2]BA------BB[firewall_2]BC----+ Ports AC,BC has valid internet addresses. All systems run linux and have root acces to all. Need securely rsync internal_server_1:/some/path into internal_server_2:/another/path My idea is make ssh secure tunnel between two firewalls, e.g. from firewall_1 firewall1# ssh -N -p 22 -c 3des user2@firewall_2.example.com -L xxx/10.3.0.3/xxxx and after will run rsync from internal_server_1 somewhat like: intenal1# rsync -az /some/path [email protected]:/another/path I don't know how to make a correct ssh tunnel for rsync (what ports need tunnel) and to where i will make the rsync? (remote comp address in case of ssh tunnel) Any idea or pointer to helpfull internet resource for this case? thanx.

  Read the article

• Installing SSL certs with nginx on Amazon EC2

  - by Ethan

  I finally got a cert from an authority and am struggling to get things working. I've created the appropriate combined certificate (personal + intermediate + root) and nginx is pointing to it. I got an elastic IP and connected it to my EC2 instance. My DNS records point to that IP. But when I point the browser to the hostname, I get the standard "Connection Untrusted" bit, with ssl_error_bad_cert_domain. Port 443 is open - I can get to the site over https if I ignore the warning. Weird thing is, under technical details, it lists the domain I tried to access as valid! When I try and diagnose with ssl testing sites, they don't even detect a certificate! What am I missing here? domain is yanlj.coinculture.info. Note I've got coinculture.info running on a home server without a dedicated IP and have the same problem, but I'll be moving that to the same EC2 instance as soon as I figure this thing out. I thought the elastic IP would solve things but it hasn't

  Read the article

• How can I set up VLANs in a way that won't put me at risk for VLAN hopping?

  - by hobodave

  We're planning to migrate our production network from a VLAN-less configuration to a tagged VLAN (802.1q) configuration. This diagram summarizes the planned configuration: One significant detail is that a large portion of these hosts will actually be VMs on a single bare-metal machine. In fact, the only physical machines will be DB01, DB02, the firewalls and the switches. All other machines will be virtualized on a single host. One concern that has been is that this approach is complicated (overcomplicated implied), and that the VLANs are only providing an illusion of security, because "VLAN hopping is easy". Is this a valid concern, given that multiple VLANs will be used for a single physical switch port due to virtualization? How would I setup my VLANs appropriately to prevent this risk? Also, I've heard that VMWare ESX has something called "virtual switches". Is this unique to the VMWare hypervisor? If not, is it available with KVM (my planned hypervisor of choice)?. How does that come into play?

  Read the article

• Configure Postfix to use external MX servers for delivery of local mail if user is unknown

  - by mr.b

  I have a following setup: linux box with postfix configured to be responsible for example.com domain domain's MX servers are configured so that mail sent to example.com is sent to google mail servers several user accounts on linux machine exist (same machine also hosts example.com site) When someone from the outside attempts to send mail to address ending with @example.com, it gets routed to google mail (and there handled appropriately). When linux machine tries to send mail to outside world, mail is delivered correctly, as reverse dns and spf records are configured correctly, so linux machine is valid mail sender for example.com domain (along with google mail servers). However, here's the problem. When php application (hosted at linux box) tries to send mail to [email protected] (and someuser doesn't exist on linux box), it fails, since it doesn't even consult google mail servers, but postfix smtp locally concludes that "someuser" is unknown. So, the question is: how do I tell postfix to relay mails sent to @example.com domain to google mail servers (so, to servers specified in MX records), IF and only if a mailbox is not found locally.

  Read the article

< Previous Page | 93 94 95 96 97 98 99 100 101 102 103 104  | Next Page >