Browsing articles tagged with "security - 2/171 - Admins Goodies"
Jan 15, 2013
tom

sendmail config, making open relay

I’m trying to find a sendmail.mc that allows open relaying without username/password to any system (im testing some code that uses SMTP). Google’d, could not find and it has been a long while since I modified sendmail config! (it’s a private system for temporary use) Thanks in advance Asked by Aiden Bell Try FEATURE(promiscuous_relay) According to the doco, By default, the sendmail configuration files do not permit mail relaying (that is, accepting mail from outside […]

Continue Reading »
Jan 5, 2013
tom

Someone parked a domain on my server/IP – should I worry? [closed]

Possible Duplicate: Is there anything I can do about someone who has pointed their domain at my ip? I’m running a dedicated server with own static IP for a while now. Some weeks ago I noticed while browsing logs some domain showing up and I was wondering why. After some playing around with that domain I noticed it’s a full DNS-A hostname pointing at my IP. What’s the reason someone would do that? And is […]

Continue Reading »
Dec 20, 2012
tom

How to grant su access without password to one user only in wheel group (FreeBSD)?

I know how to enable su without a password for all wheel group users by adding the appropriate configuration line in /etc/pam.d/su. I do not want to enable this for all wheel users but only one particular user. I am using FreeBSD 8.1. How do I do this? UPDATE in response to comments below This is a pfSense box. Underlying OS is FreeBSD 8.1 but as usual for pfSense a lot of functionality is missing, […]

Continue Reading »
Dec 19, 2012
tom

What is this user name for and how did it get created?

When I created a website named Portal on my IIS 7.5 on the website permissions->security I got this user. What is its purpose? From what I have read the ApplicationPool runs under NetworkService permissions, but I noticed if I gave Portal user full permissions I could do the saving I wanted in the virtual folder without needing to impersonate any other user (I used to impersonate admin which was a bad idea). So I guess […]

Continue Reading »
Nov 24, 2012
tom

Block Google requests to 16k using pf firewall

I’d like to block access to Google search using PF after the threshold of 17500 requests (connection established) in 24h, from a host running FreeBSD 9. What I came up with, after reading pf-faq is this rule: pass out on $net proto tcp from any to ‘www.google.com’ port www flags S/SA keep state (max-src-conn 200, max-src-conn-rate 17500/86400) NOTE: 86400 are 24h in seconds. The rule should work, but PF is smart enough to know that […]

Continue Reading »
Nov 22, 2012
tom

Isolating Apache virtualhosts from the rest of the system

I am setting up a web server that will host a number of different web sites as Apache VirtualHosts, each of these will have the possibility to run scripts (primarily PHP, possiblu others). My question is how I isolate each of these VirtualHosts from eachother and from the rest of the system? I don’t want e.g. website X to read the configuration of website Y or any of the server’s “private” files. At the moment […]

Continue Reading »
Nov 14, 2012
tom

Server port scan detector

For Linux, what is the best program/daemon out there that would detect, block, and report computers scanning the server’s ports, sequentially or randomly, for SSH, MySQL, popular web-based administering systems, and other security-sensible services that were moved from their default ports? Asked by Desmond Hume ConfigServer Services is a set perl modules/Scripts/daemons, which effectively provide you with port scanning ability, detect it, report and and block it with number of ways to tweak its options. […]

Continue Reading »
Nov 5, 2012
tom

how can a mirror all of the traffic on a network interface, to virtual interface

I am trying to setup snort to act as an ids, on a debian machine that also functions as a router. Ideally I would like to setup snort in such a way so that I would not have to purchase an additional network adapter just to have it listen to the same traffic that the debian machine is already handling. Having said that, what would be the best way to mirror traffic from an interface, […]

Continue Reading »
Oct 30, 2012
tom

Certificate Security in intranet Environment?

We have this topology in our company : A new rule says that each document being sent by outlook should be encrypted. we decided using PGP. We already have a certificate ( self signed). the problem is this : john and paul install the certificate . john encrypt using the public key. and send the pgp file to paul. paul need the private key in order to open it ( +verify it). but wait ! […]

Continue Reading »
Oct 29, 2012
tom

Amazon RDS and users, security

By default you got a username and password for your RDS database. Would it be dangerous to use the credentials on your production website, say in php files? Or is it necessary to create a user with less control of the db (e.g. only read)? However I can’t find the place to add user on amazon’s console. Asked by StCee Every production site needs to have credentials for the corresponding database they use. These files […]

Continue Reading »
Pages:«1234567...171»