Possible Duplicate: Is there anything I can do about someone who has pointed their domain at my ip? I’m running a dedicated server with own static IP for a while now. Some weeks ago I noticed while browsing logs some domain showing up and I was wondering why. After some playing around with that domain I noticed it’s a full DNS-A hostname pointing at my IP. What’s the reason someone would do that? And is [...]Continue Reading »
I know how to enable su without a password for all wheel group users by adding the appropriate configuration line in /etc/pam.d/su. I do not want to enable this for all wheel users but only one particular user. I am using FreeBSD 8.1. How do I do this? UPDATE in response to comments below This is a pfSense box. Underlying OS is FreeBSD 8.1 but as usual for pfSense a lot of functionality is missing, [...]Continue Reading »
When I created a website named Portal on my IIS 7.5 on the website permissions->security I got this user. What is its purpose? From what I have read the ApplicationPool runs under NetworkService permissions, but I noticed if I gave Portal user full permissions I could do the saving I wanted in the virtual folder without needing to impersonate any other user (I used to impersonate admin which was a bad idea). So I guess [...]Continue Reading »
I’d like to block access to Google search using PF after the threshold of 17500 requests (connection established) in 24h, from a host running FreeBSD 9. What I came up with, after reading pf-faq is this rule: pass out on $net proto tcp from any to ‘www.google.com’ port www flags S/SA keep state (max-src-conn 200, max-src-conn-rate 17500/86400) NOTE: 86400 are 24h in seconds. The rule should work, but PF is smart enough to know that [...]Continue Reading »
I am setting up a web server that will host a number of different web sites as Apache VirtualHosts, each of these will have the possibility to run scripts (primarily PHP, possiblu others). My question is how I isolate each of these VirtualHosts from eachother and from the rest of the system? I don’t want e.g. website X to read the configuration of website Y or any of the server’s “private” files. At the moment [...]Continue Reading »
For Linux, what is the best program/daemon out there that would detect, block, and report computers scanning the server’s ports, sequentially or randomly, for SSH, MySQL, popular web-based administering systems, and other security-sensible services that were moved from their default ports? Asked by Desmond Hume ConfigServer Services is a set perl modules/Scripts/daemons, which effectively provide you with port scanning ability, detect it, report and and block it with number of ways to tweak its options. [...]Continue Reading »
I am trying to setup snort to act as an ids, on a debian machine that also functions as a router. Ideally I would like to setup snort in such a way so that I would not have to purchase an additional network adapter just to have it listen to the same traffic that the debian machine is already handling. Having said that, what would be the best way to mirror traffic from an interface, [...]Continue Reading »
We have this topology in our company : A new rule says that each document being sent by outlook should be encrypted. we decided using PGP. We already have a certificate ( self signed). the problem is this : john and paul install the certificate . john encrypt using the public key. and send the pgp file to paul. paul need the private key in order to open it ( +verify it). but wait ! [...]Continue Reading »
By default you got a username and password for your RDS database. Would it be dangerous to use the credentials on your production website, say in php files? Or is it necessary to create a user with less control of the db (e.g. only read)? However I can’t find the place to add user on amazon’s console. Asked by StCee Every production site needs to have credentials for the corresponding database they use. These files [...]Continue Reading »
After reading a while , Im trying to understand what kind of certificates will be found at : Personal Other People Trusted Root Certicfiation Authorities will personal will contains only private keys ? I’m a bit confused. What about certificates which arent trusted and I manually trust them , where will they be ? Also , Why do I only have the CurrentUser Tab in my computer ? where is the local computer tab ? [...]Continue Reading »
- Understanding redundant power supplies
- Is there a way for administrators to disable users from installing Firefox extensions?
- Is there research material on NTP accuracy available?
- How to create a limited “domain admin” that does not have access to domain controllers?
- Can Windows RDC admin users be immune from being kicked?