Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [security]

For questions relating to application security and attacks against software. Please don't use this tag alone, that results in ambiguity. Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. If your question is not about a specific programming problem, please consider instead asking it at Information Security SE

Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.

Resources

6881 questions
3
votes
1 answer

How does URL reservation actually work in Windows, particularly the ACLs?

I'm a .NET developer working on a project that contains multiple WCF services. Some automated tests try to host these services, but depending on whether I don't run the test with administrative privileges, those tests fail with the following…
MarioDS
  • 223
  • 2
  • 4
  • 15
3
votes
1 answer

Which umask is more secure in Linux ( 022 or 027)?

Is there any security concerns if the umask is set to 027 for root (Basically I want to know if 027 is better in security than 022 ) ? As per my understanding 027 is a better one from security perspective . But I want to confirm this point .
Mathews Jose
  • 161
  • 1
  • 2
  • 9
3
votes
1 answer

Will you allow NetBIOS into your DMZ?

Is it secure for a firewall to allow NetBIOS connections from the internal network to the DMZ? If not secure, what are the risks? If secure, what is the FUD about and what are the counterarguments?
Sir Rippov the Maple
  • 225
  • 1
  • 5
  • 8
3
votes
2 answers

Automatic Updates on Production Server

Seeing as there have been more and more exploits recently with shellshock etc. Have the opinions of people changed in regards to having automatic updates on production servers? And what would the best way to run these be? Just chucking in a crontab…
Shiv
  • 199
  • 1
  • 6
3
votes
1 answer

How do I identify which bitlocker protector is active?

BitLockerVolume -MountPoint C).KeyProtector I see multiple RecoveryPassword key protectors, how do I know which one is active? If I pull the HDD and plug it into another machine its going to ask me for one of those keys, but how do I know which key…
red888
  • 4,183
  • 18
  • 64
  • 111
3
votes
2 answers

Reason for TPM lockout

We have several Surface Pro 3 devices deployed with BitLocker enabled in TPM + PIN mode. The devices have a TPM 2.0 chip and are running Windows 8.1 Pro. We have an issue where users are occasionally presented with the "Too many incorrect PIN…
dbr
  • 1,852
  • 3
  • 23
  • 38
3
votes
0 answers

User friendly way to secure a legacy application over the Internet?

I'm dealing with a proprietary, legacy VMS (Video Management System) that is connected to IP cameras for remote surveillance. The system is exposed on the public Internet on port 8016 and users are accessing it over a non-encrypted connection…
ItalyPaleAle
  • 455
  • 5
  • 18
3
votes
0 answers

Open LDAP authenticates LDAP users as local admin account - Linux - Ubuntu 14

So, I thought my LDAP was working perfect, but today I went to log in, and its authenticating me, but its showing i'm the local Admin account, even whoami says so, and I have full root access like local user account does. Any ideas on what to look…
FreeSoftwareServers
  • 515
  • 1
  • 8
  • 26
3
votes
2 answers

script to enable Instant File Initialization with secedit

I'd like to be able to turn on IFI http://bit.ly/1dK32Dc on a new or existing Windows Server box with SQL Server, via T-SQL or Powershell. Don't want to go through the "Local Security > Local Policies > User Rights Assignment > Perform volume…
Razvan Zoitanu
  • 655
  • 1
  • 11
  • 26
3
votes
2 answers

Give developers read-only access to schema

We have a staging server where we do final acceptance testing before we go live. It's a copy of Live where devs have no more privileges than regular users. I'm trying to give the devs read-only permissions on data and objects on this server so they…
David Wimbush
  • 87
  • 1
  • 2
  • 7
3
votes
2 answers

See past bandwidth by process on a Linux server

I have a Ubuntu 16.04 server (Xenial Xerus). My server statistics say that last night there was a bandwidth peak at 3+ TB, and I don't know why. I tried SLURM, and it showed that I actually used that traffic: Is there any way I can find out what…
Sibidharan
  • 135
  • 5
3
votes
1 answer

"Failed at step EXEC spawning" even with proper group permissions

I'm setting up permissions for a basic web server, but having some difficulty with starting the server with systemd. In my job description, I set the user and group to "foo", as…
Nathan
  • 161
  • 1
  • 1
  • 6
3
votes
2 answers

Is it safe to expose dev/team tools publicly without VPN?

We would like to have self-hosted slack alternative (mattermost, rocket.chat), but hiding it behind VPN is uncomfortable for some our users. I would feel more safe if it wasn't public, but how risky it really is? I believe this question can be…
smokeing
  • 33
  • 2
3
votes
2 answers

iptables multiport and negation

I want to log, with iptables, everything wich can seems to be a flood, except on the web and IRC ports. So I did: iptables -A INPUT -p tcp -m multiport ! --dports 80,443,6667,6697 -m hashlimit --hashlimit-above 10/sec --hashlimit-burst 20…
CrazyCat
  • 61
  • 2
3
votes
10 answers

Steps to take to protect against the "unthinkable"

We have two sysadmins who know the passwords to all our systems. If the "unthinkable" happened (AKA "they both went under a bus") there is currently no way for the remaining team members to obtain administrator access to the systems. What steps or…
jwaddell
  • 133
  • 4
1 2 3
99 100