How to prevent XSRF attacks
I've been hearing more about XSRF (cross-site request forgery) attacks. (Netflix most recently had to fix a flaw related to this.) I'm wondering how you can prevent this type of attack. Do Web application firewalls work?
I've been hearing more about XSRF (cross-site request forgery) attacks. (Netflix most recently had to fix a flaw related to this.) I'm wondering how you can prevent this type of attack. Do Web application firewalls work?
0 pts.
security problem
Hello, I have small workgroup having 10 computers in my office. I do some personal work in office like using yahoo messenger, checking personal e-mails and some online banking site. But how does one of my senior knows it? I do everything lonely and securely so that nobody in the office knows it....
Hello, I have small workgroup having 10 computers in my office. I do some personal work in office like using yahoo messenger, checking personal e-mails and some online banking site. But how does one of my senior knows it? I do everything lonely and securely so that nobody in the office knows it....
accessing password protected hd
Hello everyone. Computer A crashed unexpectly. It turned out to be the motherboard but what im concerned with is the hard drive. I put the hard drive from computer A into a spare IDE slot on computer B. I booted computer B with computer B's own hard drive and attempted to grab the files i...
Hello everyone. Computer A crashed unexpectly. It turned out to be the motherboard but what im concerned with is the hard drive. I put the hard drive from computer A into a spare IDE slot on computer B. I booted computer B with computer B's own hard drive and attempted to grab the files i...
accessing a password-protected hd
Hello everyone. My brother sent me his hard drive becuase his motherboard crapped out and he needs the data from his hard drive. I plugged it into my computer through an IDE connection and i can see most of the files on the computer. However, the data he needs resides within his "documents and...
Hello everyone. My brother sent me his hard drive becuase his motherboard crapped out and he needs the data from his hard drive. I plugged it into my computer through an IDE connection and i can see most of the files on the computer. However, the data he needs resides within his "documents and...
Dos attack
I have been receiving security alert messages from our firewall nearly everyday. e.g TCP Packet - Source:144.120.8.89,39341 Destination:192.168.1.1,25 - [DOS] TCP Packet - Source:210.7.0.36,3473 Destination:210.7.12.23,135 - [DOS] Thu, 2006-10-19 16:30:03 - UDP Packet -...
I have been receiving security alert messages from our firewall nearly everyday. e.g TCP Packet - Source:144.120.8.89,39341 Destination:192.168.1.1,25 - [DOS] TCP Packet - Source:210.7.0.36,3473 Destination:210.7.12.23,135 - [DOS] Thu, 2006-10-19 16:30:03 - UDP Packet -...
Running Syantec Antivirus on a Windows Domain Controller
I am currently in the process of deploying Symantec AntiVirus Corporate edition in my Windows-based network. In the manual it states, Do not install the primary management server on the following: Miscrosoft Exchange Server, Web server, or programs that prevent you from restarting the computer at...
I am currently in the process of deploying Symantec AntiVirus Corporate edition in my Windows-based network. In the manual it states, Do not install the primary management server on the following: Miscrosoft Exchange Server, Web server, or programs that prevent you from restarting the computer at...
Best practices involving admin rights for user on user system
We are currently in the middle of figuring out the approach we are going to take in regard to a user having admin rights on their system. Typcially we set up a new user as an administrator on their system when they are logged into the domain. They don't have a local admin account on the system,...
We are currently in the middle of figuring out the approach we are going to take in regard to a user having admin rights on their system. Typcially we set up a new user as an administrator on their system when they are logged into the domain. They don't have a local admin account on the system,...
SECURE FTP SITE ON Windows 2003
We have a Windows 2003 IIS server setup behind our firewarll which is a PIX firewall. What is the best method to establish a secure FTP site on this IIS server? I have reviewed this topic on the internet and actually talked with somebody from IPSWITCH and the best method available is to purchase...
We have a Windows 2003 IIS server setup behind our firewarll which is a PIX firewall. What is the best method to establish a secure FTP site on this IIS server? I have reviewed this topic on the internet and actually talked with somebody from IPSWITCH and the best method available is to purchase...
Caching of previous Internet Passwords on Domino Server
I know that there is quite a bit in the discussion groups about cached Domino internet passwords but nothing seems to really point to a definitive solution, so I am turning to this group to see if an answer has been found. 2 Questions: - do you know how to force the clearing or know where this...
I know that there is quite a bit in the discussion groups about cached Domino internet passwords but nothing seems to really point to a definitive solution, so I am turning to this group to see if an answer has been found. 2 Questions: - do you know how to force the clearing or know where this...
terminal server and gpo
i have a server 2003 that configure as a terminal server, and i want implement a strict acess to this server from client (xp pro) to that server, i create ou that called "for terminal users" and create for that ou a gpo, now,, i want to know how should i change the gpo to achive the next goals: 1....
i have a server 2003 that configure as a terminal server, and i want implement a strict acess to this server from client (xp pro) to that server, i create ou that called "for terminal users" and create for that ou a gpo, now,, i want to know how should i change the gpo to achive the next goals: 1....
Best authentication method
I'm researching authentication methods, trying to determine what method is best for allowing customers to make payments online. Which, in your opinion, is best?
I'm researching authentication methods, trying to determine what method is best for allowing customers to make payments online. Which, in your opinion, is best?
Installation and updates
Howdy folks, Tryin to keep things going around here....need some advice. I have Win2003 servers and Active Directory.....single domain....approx. 100 client computers.....one location. Am upgrading all computers from Office XP to Office 2003. My project: Install Office 2003 and all updates...
Howdy folks, Tryin to keep things going around here....need some advice. I have Win2003 servers and Active Directory.....single domain....approx. 100 client computers.....one location. Am upgrading all computers from Office XP to Office 2003. My project: Install Office 2003 and all updates...
Network Connection Freezes
For some reason, at random, among 20 PCs on my network, in the morning or during the day, the network connection stops responding for both intranet and internet communications. The only solution thus far is to remove the NIC from the Device Manager, reboot the PC, and let Windows XP Pro find the...
For some reason, at random, among 20 PCs on my network, in the morning or during the day, the network connection stops responding for both intranet and internet communications. The only solution thus far is to remove the NIC from the Device Manager, reboot the PC, and let Windows XP Pro find the...
USB Flash Drives Not Installing On XP
Hello All! I've been noticing recently that certain USB drives have not been installing automatically to windows XP pro. I'm working on one right now and have not found a solution to it yet. A user needs to install a Sandisk Cruzer Mini USB Drive to her machine which uses XP Pro. Instead of...
Hello All! I've been noticing recently that certain USB drives have not been installing automatically to windows XP pro. I'm working on one right now and have not found a solution to it yet. A user needs to install a Sandisk Cruzer Mini USB Drive to her machine which uses XP Pro. Instead of...
Tracking the computer or source of an email
system: Ex 2003 back-end cluster, Ex 2003 Network Load Balanced Front end. Hi there, A user's account has become comprimised. They have since changed their password, but there are a few mails sent from their account that they did not send. Is it possible to find out the source ie PC hostname or...
system: Ex 2003 back-end cluster, Ex 2003 Network Load Balanced Front end. Hi there, A user's account has become comprimised. They have since changed their password, but there are a few mails sent from their account that they did not send. Is it possible to find out the source ie PC hostname or...
Resticting QPGMR from selected objects (SOX related)
Our security level is 30, but I have not found a way to restrict QPGMR from deleting a member in an audit file. Any help on this.
Our security level is 30, but I have not found a way to restrict QPGMR from deleting a member in an audit file. Any help on this.
Passwords
Hi all, What do you recommend for initial password issue, that is, provided a new user with a password for the first time without compromising it. I find the entire help desk giving password initially or sysadmins doing that is not save enough even though the user will be prompted to change it at...
Hi all, What do you recommend for initial password issue, that is, provided a new user with a password for the first time without compromising it. I find the entire help desk giving password initially or sysadmins doing that is not save enough even though the user will be prompted to change it at...
Port 1894
Hi, Our port scanner has detected '1894' as an open port. We know 1894 is an 'O2Server' port. Could you please throw some light on the port '1894'? Thanks kbs
Hi, Our port scanner has detected '1894' as an open port. We know 1894 is an 'O2Server' port. Could you please throw some light on the port '1894'? Thanks kbs
Laptop Security...
Hi, I am the head of my department and by the nature of the job I hold some confidential information on my laptop. How do I ensure that 1. Nobody can access any files on my laptop from the LAN or the internet (not even sys admins) 2. If somebody tries to access, can I find out /trace who it is or...
Hi, I am the head of my department and by the nature of the job I hold some confidential information on my laptop. How do I ensure that 1. Nobody can access any files on my laptop from the LAN or the internet (not even sys admins) 2. If somebody tries to access, can I find out /trace who it is or...
