Actiontec Security Break?
I have recently had someone hack into my machine sitting behind a verizon actiontec firewall.
At this time, I found that the person gave himself a lot of outgoing and incoming permissions on the router firewall. I then changed passwords on the router, removed the permissions and switched on the machine, without actually cleaning the machine. Promptly, I found the router broken into again. Telnet and remote adminstration are disabled. How could this happen that a strong router password can be broken into in less than 5 minutes of exposure to an infected machine inside the firewall? Do these routers have backdoors? How do I enable maximum security on these routers, and allow outgoing connections to be only http? Thanks.
Solved!
Go to Solution.
It is likely you have an infected computer which is submitting UPnP requests. Turn UPnP off on the router which will prevent it from "trusting" computers on the local network to tell it what port mappings to define and then get a good scanner to check out your computer (like Malwarebytes).
Similar Messages
-
Security Inheritance breaking in nested folder does not work
I have a scenario where I have to break the inheritance twice within the document library folders. I appreciate if you provide me any suggestions on how to achieve this?
Document library contains “employee folder1”, “employee folder2”, “employee folder3” etc. All these folders have unique security applied (no security inheritance from document library). Access is granted only for managers, Senior Managers, HRs and not to
employee.
Each employee folder (Ex: employee folder1) has two sub-folders called “Active” and “Archive”.
Now, how can I grant access to employees only to “Archive” folder of their own? I need to achieve this programmatic ways.
So far, I am able to break the security inheritance for all employee folders. Granted access to only managers, HRs and not employees. Both subfolders “Active” and “Archive” inherits from respective employee folder(Employee Folder1).
Later, I broke the security inheritance again for the folder “Archive” and then granted access to employee.
Now, logged in as employee to check if he/she has access to “Archive” folder, but it does not display folder at all. I want to display archive folder when employee access url like this(but it displays access denied):
http://SPSServer/Documents/EmployeeFolder1
However when I type full url in the address bar for archive
folder, I can see the content of Archive folder.
Will you please assist how to handle the securities programmatically? Is this multiple level security breaking is not best practice? The above behavior is expected or is there a fix I have do?
Thanks in advance.If you say meets all cirteria
face is me
face is gf
rating is >3
then it should show only photos meeting all - me and GF and rating over 3 - it does not - without the rating it shows only photos of me and GF - with rating it shows all photos of me with a rating of over 3 and all photos of GF with a rating over over 3
I consider that a bug
Using Keywords is a good workaround - and it is very easy t keyword a face by pulling that face up on the cork board and selecting all photos in that face and assigning the keyword to them
LN
Message was edited by: LarryHN -
How to create a secure & non editable PDF? So that it cannot be modified by any of the secondary too
How to create a secure & non editable PDF? So that it cannot be modified by any of the secondary tools available online for security breaks and editing of PDF document
I put all the security options but still there are tools to break the security (even password) leading to editing of document
Need to avoid any such situationIf the document is important, and there is something to be gained by modifying it - then someone will just make a new copy of it (e.g. print and scan, screen capture), and make a new document, then change it.
If protecting the integrity of the document - proving it is unchanged - is the thing, look at digital signatures. Forget security, the signed file can be freely edited, but the signature will always show it is changed. -
Securing your remote connection information.
Hello folks,
Recently I had a security break in which a trojan virus uploaded malicious software to all of the sites I have hosted along with viruses to some sites I do not host, but had ftp connection information stored within both Cute FTP Pro and Dreamweaver CS4. This was one hell of a mess to clean up, bascially giving all of my hosting accounts new passwords, deleting all files currently online and re-uploading them to ensure the virus was eliminated completely. Upon researching this further, and discussing it with my hosting reseller technical support, they informed me that usually this type of trojan infects a local machineand transmits the virus by stealing the ftp login information from an ftp enabled program, downloading the file to be infected from the site, modifying it and re-uploading it to the site.
I have decided that storing my ftp login information within these programs is probably not safe and have resorted to just inputting the information (or just the password at the least) each time that I need to make changes to the site.
I guess what I am asking is what should I be doing to ensure that this sort of thing does not happen again?
wiLHi,
Thank you for posting in Windows Server Forum.
From your description it seems you have check every possible solution for this case. For here suggest you to recheck whether there is proper network connectivity without any packet loss.
Apart, when you are using RDP file before that edit the RDP file with notepad and add following line under it.
enablecredsspsupport:i:0
http://technet.microsoft.com/en-us/library/ff393699(WS.10).aspx
Hope it helps!
Thanks.
Dharmesh Solanki
TechNet Community Support -
Adobe Reader 11.0.2 Very very slow
Hi all,
Since I have updated to Adobre reader 11 (11.0.2 or 11.0.3), I have some issues on some computers.
i have 40 computers with the same configuration (Win 7 x64)
For 20 of them, It is very slow to open a document (about 6-7 secondes to open Adobe reader)
the the other 20, no issue (1 second max, to open Adobe)
I have noticed that disabling "protected mode" permits to avoid the issue, but I dont want to disable this important security feature.
Why some of the machines works well and the others do not work well ?
Does that performance issue is a known issue by Adoebe ?
Do you have any link to any Adobe release note dealing with that ?
Do you have a way to fix that issue without redusing security ?
Thank you every body for your helpHi Pat,
reader_sl.exe is not in the startup list.
Disabling protected mode is a very high security break that i dont want.
Any other idea ? Thank you -
IOS 5 camera button unlocks without PIN
Having installed IOS 5 with my iPhone 4, I wonder about the possible security break with the camera icon.
Activating the camera icon brings me directly to camera function as it is supposed to. Then, one click on the home button brings me to a full functioning iPhone.
So it seems as the camera button on the lock screen actually is a simple way to bypass the unlock code. One should think that closing camera function would bring the phone back in the locked situation. Or am I missing something? If not; then why even bother with a lock screen on IOS5? (But I like my lock screen).
If anyone has a solution to this, please share!I have checked, and mine works this way:
Activating the camera icon you can take a picture which is saved. Later you can see that picture, but not the rest of the previosly taken picture. If you leave the camera the Phone is again locked and you have to enter the code.
After entering the code you see all the pictures take, included the one taken during the lock.
Have you checked your setting for screen locking ? You can set a time for lock and a time to ask the password.
May be if the time for password asking is long the phone is locked but the password will not be asked ? -
HT5130 Has this update been corrected for the problems it can cause with Rosetta?
I have heard from other users and seen posting online that this security breaks Rosetta? There have been some "repairs" posted online that supposedly fix some users' prblems but not all. See...
http://www.macworld.com/article/165207/2012/02/snow_leopard_update_breaks_rosett a_third_party_offers_fix.html
http://reviews.cnet.com/8301-13727_7-57370890-263/rosetta-broken-in-os-x-10.6.8- after-security-update/I have just done a clean install of Snow Leopard onto a used Mac Pro recently puchased. I want to upgrade to the latest version of Snow Leopard, but I am worried about breaking Rosetta because of the security update 2012-001 problem - if it is included in whatever combo update I used to get to the latest version of SL. How should I proceed ? Just install the latest SL update, and then 2012-001 v1.1 if Rosetta is broken ? Or is the bad security update not a part of any of the SL combo updates ? Thanks.
-
Acrobat 9.2.0 Update Breaks Text Box Tool, Possibly Introduces a New Security Flaw.
Anyone have any ideas for this one?
Once we upgraded to version 9.2.0 (This is a major security release that fixes a Javascript security flaw) our text box tool no longer works the way we want it and crashes the program.
Try this:
1. Open any PDF document on a Windows XP SP3 computer with Adobe Acrobat 9.2.0.
2. Add the 'Text Box Tool' to the toolbar by right-clicking the toolbar and selecting 'MoreTools' then placing a checkbox next to the 'Text Box Tool'.
3. Click the 'Text Box Tool' on the toolbar and draw a new textbox anywhere on the PDF document.
4. Click out of the textbox to cancel typing mode, then single click back on the textbox that you just created.
5. Right-click the textbox that you created and select 'Properties..."
6. Under the 'Appearance' tab,
a. Select Style: No Border
b. Select Fill Color: No Color
c. Check the box 'Make Properties Default'
d. Click OK.
7. Click the Text Box Tool again, and draw another textbox (Since there is no border you will not see it but you will still be drawing a textbox).
8. Let go of the mouse when you are done drawing your textbox rectangle and the program will crash at this point.
Results:
1. "An internal error occurred." dialog box is displayed.
2. After clicking ok the following "Microsoft Visual C++ Runtime Library" dialog box is displayed:
"Runtime Error!
Program: C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe
R6025
- pure virtual function call
3. After clicking ok another dialog box is displayed:
Error signature
AppName: acrobat.exe AppVer: 9.2.0.124 ModName: acrobat.dll Offset: 000509dd
4. The same error has occurred on all five computers that we tested the new version on.
Expected results: A new textbox is created and you may start typing in text (This was the behavior in version 9.1.3).
Additional Information
At times, we need to add information to PDF files (i.e missing dates, etc). We have always used the Text Box Tool to do this with no border, and with no fill color as this is the EASIEST and FASTEST way to add information to PDF files in a precise manner. We want the fill color to be transparent so that we can fit text in between and exactly on lines easier, and so that there is not a solid background box behind the text. We want no border because a border around text that needs to go on a line looks stupid. Up until version 9.2 this procedure worked fine. Now, the program will crash. Perhaps this even adds another security vulnerability if the crash could be exploited. We want to maintain security by patching Adobe to address the JavaScript vulnerability that was addressed in version 9.2.0, however, we are not able to update our users as the new version breaks the fundamental purpose that we use Adobe Acrobat for. We are stuck with the vulnerable version 9.1.3 until this problem is addressed. Disabling JavaScript is not an option either, as we use a Java plug-in on a daily basis.
Any thoughts would be great, I have attached screenshots of the errors.The question still is not answered.
The problem continues in Acrobat 8.1.7 for Windows, even after updating toAcrobat 8.2.0. ( I can't comment on whether recent updates to Acrobat 9 fix the problem in Acrobat 9.)
The internal error after text insertion problem occurs even with PDF documents created in Acrobat 8, i.e., not only old versions of PDF files. We have the text box insertion icon in the toolbar, and the properties set to "no color" for the box and "0" width for the text box lines, as other commentators have noted.
The problem did not exist when Acrobat 8 Pro was installed, it was introduced by one of the updaters.
The main reason we use Acrobat, rather than much cheaper PDF-creation software, is to annotate PDF files (including inputting data into spaces in standard forms).
So justify the high price of Acrobat and fix the problem please, Adobe ! -
Flash Vulnerability used to break security on Windows Vista
Found an article on The Register about a previously unknown
flash vulnerability being used to break security on Windows Vista
during a hacking contest. The original link to the article was on
Wired's
Blog
quote:
"Shane Macaulay, who played a hand bringing down a Mac during
last year's Pwn2Own contest, defeated the Vista machine using a
previously unknown vulnerability in Adobe Flash. On final day of
the CanSecWest conference in Vancouver, Macaulay spent the better
part of four hours trying to get the exploit to work."
http://www.theregister.co.uk/2008/03/29/ubuntu_left_standing/
Can anyone verify the exploit that is being referred to in
this article or whether Adobe is aware of it?Hi candy, glad that you found that Shockwave Flash Object, it works with the Flash files and is very important
The NPSWF files that you said are not there, those are for the Firefox browser or Chrome or some other browser. If you use Firefox and want the Flash Player for that, then close all of your browsers so you are only looking at your Desktop.
Click on this Flash Player Installer for Firefox and SAVE it to your Desktop. Then RUN it from your Desktop, and after it is finished Installing, Restart your computer.
Then Using Firefox go to the plug-ins and find a SWF vs 10.0.45.2 and make sure it is Enabled. This is just like the Shockwave Flash Object for Internet Explorer, but it is the one that works with Firefox.
Let me know if that is what you wanted to do. If you don't use Firefox, but Chrome or another browser, then this will work for that one also.
If you don't use another browser, then don't do any of this. I just thot maybe you did and that is why you were concerned that the NPSWF files were not there.
Thanks,
eidnolb -
HT1222 Does the most recent security update for Snow Leopard break Rosetta or has that been fixed?
I want to make sure Security Update 2012-001 does not break Rosetta on Snow Leopard. I heard something about that, and I can't afford to lose my PowerPC applications. Thanks.
The original one did have such issues.
The revised v. 1.1 version got rid of those issues.
Only the v. 1.1 version is now available for download. It can be installed as the only update, or on top of the original update to correct the problems. -
Security Update 2007-009 breaks Rosetta?
I installed Security Update 2007-009 (10.5.1) two days ago.
Since then not a single PPC application works.
I get:
Exception Type: EXCBADACCESS (SIGBUS)
Exception Codes: KERNPROTECTIONFAILURE at 0x0000000000000024.
This means that I can no longer use Office 2004 for Mac.
I am assuming that the security update breaks Rosetta since I noticed that only PPC applications are fubar.
Anyone with similar experience?sorry but you obviously have another problem - just read your post and tried several Rosetta Apps including :
MsOffice Vx
and Corel photopaint 11 (which I deliberately chose because it has always been a touch wobbly)
Both run fine - and my machine is fully patched. So perhaps the post title could be slightly misleading - maybe it should have a question mark because in my experience it isn't a fact. It's a theory which actually turns out to have been incorrect.
One thing I do know is that rosetta is VERY memory intensive. Mine was always a bit wobbly until I put extra memory in the machine but since Leopard it has actually been a lot lot better than it was with Tiger - which is great.
Message was edited by: jennyd60 -
R7770 PMDIGD5 breaks Secure Boot
My new AMD Radeon HD R7770 RMDIGD5 breaks my secure boot on the DELL XPS 8500. It boots up, but without secure boot enabled. Any recommendations on how to fix this?
Quote from: Svet on 15-January-15, 09:00:44
use this one: https://forum-en.msi.com/index.php?topic=178083.msg1286446#msg1286446
I would like to thank you very much Svet for your help. It worked!!!!! -
Is Outlook app for iOS breaks company security
Hello Team,
I have on-premises Exchange 2010 SP3 setup. Just want to know about the views on below articles... IS this true??
https://blog.winkelmeyer.com/2015/01/warning-microsofts-outlook-app-for-ios-breaks-your-company-security/
http://www.networkworld.com/article/2878816/microsoft-subnet/outlook-for-ios-android-flagged-for-inherent-security-flaws.html
Should I not allowed to use this App to all mobile device users.
Thanks in Advance
Thanks in advance NKumariCloud only syncs iCloud calendars.
If there is an app for viewing outlook calendars then maybe it needs installing everywhere. -
Security Update 2015-002 breaks Messages activation
Applied Security Update 2015-002 yesterday evening. Rebooted and everything seemed to work okay. Shut down for the night. Next day and now Messages won't activate.
I've tried everything, even turning on two-step verification and generating an app-specific password for "Messages and FaceTime" -- FaceTime take the password and works perfectly, while Messages gives some variation of these errors constantly:
It's only hosed on one of my Macs, the others will allow login to Messages.
Messages worked perfectly before the Security Update, now activation appears to be permanently broken.
Is this actually an iCloud problem or is something wrong with my Yosemite configuration?
Help! Any suggestions?This could be a complicated problem to solve, as there are many possible causes for it. Test after taking each of the following steps that you haven't already tried. Back up all data before making any changes.
Before proceeding, test on another network, if possible. That could be a public Wi-Fi hotspot, if your computer is portable, or a cellular network if you have a mobile device that can share its Internet connection. If you find that iMessage works on the other network, the problem is in your network or at your ISP, not in your computer.
Step 1
Check the status of the service. If the service is down, wait for it to come back up. There may be a localized outage, even if the status indicator is green.
Step 2
Sign out of iMessage and FaceTime on all your Apple devices. Log out and log back in. Try again to sign in.
Step 3
Restart your router and your broadband device, if they're separate. You may have to skip this step if you don't control those devices.
Step 4
From the menu bar, select
▹ About This Mac
Below the "OS X" legend in the window that opens, the OS version appears. Click the version line twice to display the serial number. If the number is missing or invalid according to this web form, take the machine to an Apple Store or other authorized service center to have the problem corrected.
Step 5
Take the steps suggested in this support article. If you don't understand some of the steps or can't carry them out, ask for guidance.
Step 6
From the menu bar, select
▹ System Preferences... ▹ Network
If the preference pane is locked, click the lock icon in the lower left corner and enter your password to unlock it. Then click the Advanced button and select the Proxies tab. If the box marked SOCKS Proxy is checked, uncheck it. You don’t need to change any other settings in the window. Click OK and then Apply. Test.
The result may be that you can't connect to the Internet at all. Revert the change if that happens, or if iMessage still doesn't work. Remember that you must Apply any changes you make in the preference pane before they take effect.
Step 7
Select from the menu bar
▹ System Preferences… ▹ Flash Player ▹ Storage
and click
Block all sites from storing information on this computer
Close the preference pane.
Step 8
Make sure you know the ID and password you use with iMessage. Launch the Keychain Access application in any of the following ways:
☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
☞ Open LaunchPad and start typing the name.
Use the search box in the toolbar of the Keychain Access window to find and delete all items with "iMessage" or "com.apple.idms" in the name. Log out and log back in.
Step 9
Enable guest logins* and log in as Guest. Don't use the Safari-only “Guest User” login created by “Find My Mac.”
While logged in as Guest, you won’t have access to any of your personal files or settings. Applications will behave as if you were running them for the first time. Don’t be alarmed by this; it’s normal. If you need any passwords or other personal data in order to complete the test, memorize, print, or write them down before you begin.
Test while logged in as Guest. After testing, log out of the guest account and, in your own account, disable it if you wish. Any files you created in the guest account will be deleted automatically when you log out of it.
*Note: If you’ve activated “Find My Mac” or FileVault, then you can’t enable the Guest account. The “Guest User” login created by “Find My Mac” is not the same. Create a new account in which to test, and delete it, including its home folder, after testing.
If iMessage worked in the guest account, stop here and post your results.
Step 10
Start up in safe mode and log in to the account with the problem. You must hold down the shift key twice: once when you start up, and again when you log in.
Note: If FileVault is enabled in OS X 10.9 or earlier, or if a firmware password is set, or if the startup volume is a Fusion Drive or a software RAID, you can’t do this. Ask for further instructions.
Safe mode is much slower to start and run than normal, with limited graphics performance, and some things won’t work at all, including sound outputand Wi-Fi on certain models. The next normal startup may also be somewhat slow.
The login screen appears even if you usually log in automatically. You must know your login password in order to log in. If you’ve forgotten the password, you will need to reset it before you begin.
Test while in safe mode. After testing, restart as usual (i.e., not in safe mode) and test again.
If iMessage worked in safe mode, but still doesn't work when you restart in "normal" mode, stop here and post your results.
Step 11
Triple-click anywhere in the line below on this page to select it:
/Library/Preferences/com.apple.apsd.plist
Right-click or control-click the highlighted line and select
Services ▹ Reveal in Finder (or just Reveal)
from the contextual menu.* A folder should open with an item selected. Move the selected item to the Trash. You may be prompted for your administrator login password. Restart the computer and empty the Trash.
*If you don't see the contextual menu item, copy the selected text to the Clipboard by pressing the key combination command-C. In the Finder, select
Go ▹ Go to Folder...
from the menu bar and paste into the box that opens by pressing command-V. You won't see what you pasted because a line break is included. Press return.
Step 12
Reset the NVRAM.
Step 13
Reset the System Management Controller (SMC).
Step 14
Reinstall OS X.
Step 15
If none of the above steps resolves the issue, make a "Genius" appointment at an Apple Store, or contact Apple Support. When you set up a support call, select "Apple ID" as the product you need help with, not the hardware model. That way, if you're not under AppleCare, you may be able to talk your way out of being charged for the call. -
Breaking News. Stunning Security flaws in WebOS.
Palm, I am rooting for you, I really am. Please be prepared to address these breaking stories substantively. Please Please Please get out in front of this. Be honest. If your OS is a POS then tell us so we can move on.
http://www.cnbc.com/id/36601913Fair enough Wyrenut... Let me clarify. As someone who ditched his iphone to go back to his treo, I can say that I truly am rooting for palm's succes.
I eagerly awaited the release of WebOS devices but found the Pre form factor to be chintzy, awkward, and gimicky --but I was tempted to jump to Sprint when palm released the Pixi. Then I found out it didn't have wifi. WHY?? I'll never understand that move, as well as the overall chintzing of the pixi hardware. Palm treated this form factor as an afterthought, an intro device aimed at kids... Big mistake...
So I held tight with ATT and waited for you to produce a device with the Pixi form factor that had wifi. I would have stayed at ATT but jumped to VZ once they started basically giving away the phones with free mobile hotspot --that in itself made it a great deal.
I guess my point is that WebOS users are really being run thru the ringer here. We are paying for our loyalty to palm many times over. Multiple hardware and software issues, a company that may not exist a year from now, and now potentially crippling security issues..., yet you still have a loyal userbase that is truly rooting for palm to pull out of this death spiral.
I understand that these dicks at Intrepidus appear to have been using an old version of WebOS, and that any flaws should have been reported to palm first, but what of their charge that the architecture is fatally flawed and subject to hacking, even after the latest updates?(which of course VZ users are still waiting for).
The point of my original post is this: Palm, please get out in front of this ASAP. If there is any merit to the charges being leveled agaist WebOS, please admit this and tell us what is being done to fix it. And don't BS us... if it is not fixable you must admit this because if you are not perceived as pro-active and forthcoming, people are going to pull up stakes and go find another OS that suits their needs.
Here's hoping that your company gets its act together and pulls out of its death spiral in time.
Dan-o
Maybe you are looking for
-
hi I keep getting the dialog box " The iTunes Library file cannot be saved. You do not have enough access privileges for this operation" How do i amend this as i only have one account and one library. I cannot save new work or delete duplicate file
-
I'm trying to print a PDF statement from my bank but the PDF doesn't display. Clicking on the link opens another Safari window which shows it downloading... and then nothing. The PDF toolbar displays but clicking on the 'Open in Preview' and Save To
-
Programmatically refreshing an LOV automatically generated in an af:query
Hello, I am using 11.1.1.6. I have created a VO with LoVs created on two of the attributes, linked to view accessors. I also created a ViewCriteria which was used to create the af:query panel. The LoVs were created using the choice list option type a
-
[Solved]Web Service Data Control operation not visible in Data Controls
Hi! I've created Web Service Data Control (named MyDataControl ) in my DataModel project for my web application (ADF BC 10.1.3.3). I've finished the wizard successfully (added initiate operation to the right side in step 2: Data Control Operations) b
-
Is there anyway for Flash (within AS3) to open a vbscript or javascript file and then wait for a boolean value to be returned to Flash from that file? Is this even possible? Thanks for any help you can give me!