Bittorrent blocked by bittorrent signatures set to audit???

Similar Messages

• Slaris 10 u6 auditing - pam_unix_cred: cannot set user audit Bad address

  When I switch on auditing (execute /etc/security/bsmconv command), after rebooting system I cannot login to the system. When I try to login I can see the followin message:
  pam_unix_cred: cannot set user audit Bad address
  I have not idea, what to do

  Thanks for this. Parent chmod o+x fixed it.

• How do I change the FirstClass app signature setting?

  I am using the FistClass app on my iPad and I want to change the signature setting.  Changing the general settings do not impact this app.  Any suggestions?
  Thanks

  I just downloaded it. In the login screen tap the info button and change the signature on that.

• Setting the Audit Level to off

  Hi,
  I had configured the Audit level for a bpel composite to Off with the help of below property in composite.xml and deployed the same.
  <property name="bpel.config.auditLevel">Off</property>
  The Property also reflects in the SystemMBeanBrowser for the composite but the problem is though the Composite payload is not persisted anymore but the composite tracking instances are still persisted.
  As per the Oracle documentation : "Off": No logging is performed. Composite instance tracking and payload details are not collected.
  Can someone help or provide pointers why the logging is not off for composite tracking instances ?
  Do i need to add something else also in the composite.xml apart from this property ?

  Hi,
  <property name="bpel.config.inMemoryOptimization">true</property>
  <property name="bpel.config.completionPersistPolicy">faulted</property>
  are already set but it was not working though.
  However, i have found the problem finally :)
  The issue was that to prevent the persistence of composite tracking, the audite level has to be set at the composite level and not at the component level
  because setting it on component level will only prevent the dehydration of the component and not the references and the services.
  Regards,
  Anugoonj

• Setting up audit in 9.2.0.8

  Hi Everyone,
  Just setting up 'Audit_trail=true' will capture all the activities in sys.aud$.Or else we need to run any statement to capture the activities on the sensitive tables.
  Thanks,
  Vinu

  Vinu,
  auditing is an important SECURITY FEATURE to employ with judicious thought & intentions. Here is the Oracle Guidelines, please read:
  http://download.oracle.com/docs/cd/B10500_01/server.920/a96521/audit.htm
  Also, here is an example from Oracle Security Expert Pete Finnigan:
  Audit Attempts to access the database at unusual hours
  Checks should be made for any attempts to access the database outside of working hours. These accesses could be genuine overtime work or maintenance but they could just as easily be unauthorized access attempts and should be checked as follows:
  SQL> select username,
  2 terminal,
  3 action_name,
  4 returncode,
  5 to_char(timestamp,'DD-MON-YYYY HH24:MI:SS'),
  6 to_char(logoff_time,'DD-MON-YYYY HH24:MI:SS')
  7 from dba_audit_session
  8 where to_date(to_char(timestamp,'HH24:MI:SS'),'HH24:MI:SS') <
  to_date('08:00:00','HH24:MI:SS')
  9 or to_date(to_char(timestamp,'HH24:MI:SS'),'HH24:MI:SS') >
  to_date('19:30:00','HH24:MI:SS')
  SQL> /
  USERNAME TERMIN ACTION_N RETURNCODE TO_CHAR(TIMESTAMP,'D TO_CHAR(LOGOFF_TIME,
  SYS pts/1 LOGOFF 0 09-APR-2003 20:10:46 09-APR-2003 20:16:41
  SYSTEM pts/5 LOGOFF 0 09-APR-2003 21:49:20 09-APR-2003 21:49:50
  ZULIA pts/5 LOGON 0 09-APR-2003 21:49:50
  EMIL APOLLO LOGON 0 09-APR-2003 22:49:12
  SQL>
  The above SQL shows any connections before 8:00 AM and after 7:30 PM. Any connections, particularly those made by privileged users such as SYS and SYSTEM, should be investigated. Particular attention can be made to the location from which the access was made. For instance, if privileged access is made from machines that are not in the administrator department, the administrator needs to find out why.
  * Check for users sharing database accounts
  The following SQL looks for users who are potentially sharing database accounts:
  SQL> select count(distinct(terminal)),username
  2 from dba_audit_session
  3 having count(distinct(terminal))>1
  4 group by username
  SQL> /
  COUNT(DISTINCT(TERMINAL)) USERNAME
  4 EMIL
  3 SYS
  3 ZULIA
  SQL>
  This shows that three users have accessed their accounts from more than one location. A further check could be to add a time component to see if they are accessed simultaneously and also to restrict the check per day. The above SQL gives some idea of the potential without complicating it too much. Again, these accounts and users should be investigated.
  * Multiple access attempts for different users from the same terminal
  The final example checks to find where multiple database accounts have been used from the same terminal. The SQL is again simple and could be extended to group by day and also to print out the users per terminal. This is a simple test to illustrate the abuse idea:
  SQL> select count(distinct(username)),terminal
  2 from dba_audit_session
  3 having count(distinct(username))>1
  4 group by terminal
  SQL> /
  COUNT(DISTINCT(USERNAME)) TERMIN
  3 pts/1
  2 pts/2
  3 pts/3
  3 pts/5
  SQL>
  This could indicate someone trying to gain access by trying many accounts and passwords, or it could indicate legitimate users sharing accounts for certain aspects of their work. In either case, the admin should investigate further.
  There are, of course, many other scenarios that could indicate possible abuses. Checking for those is as simple as the cases depicted above. It will be left to the reader to experiment. Let me know what you find useful.
  The second example case that audit actions were set for is to detect changes made to the database schema. This could include new objects being added or attempts to change existing objects within the database.
  A simple piece of SQL will show any audit trail items that relate to objects being created or changed as follows:
  col username for a8
  col priv_used for a16
  col obj_name for a22
  col timestamp for a17
  col returncode for 9999
  select username,
  priv_used,
  obj_name,
  to_char(timestamp,'DD-MON-YYYY HH24:MI') timestamp,
  returncode
  from dba_audit_trail
  where priv_used is not null
  and priv_used<>'CREATE SESSION'
  SQL> @check_obj.sql
  ZULIA CREATE TABLE STEAL_SALARY 09-APR-2003 20:07 0
  PETE CREATE PROCEDURE HACK 09-APR-2003 20:42 0
  This simple example shows that the user ZULIA has created a table and the user PETE has been writing PL/SQL procedures. Any changes such as this that are found should be investigated in a production database. Many more specific abuses can be checked for in relation to object and schema changes but, in general, no user should be able to alter the database schema in a production database. As a result, the check can remain pretty simple.
  Protecting the Database Against These Abuses
  The two examples given are just two of many possible scenarios that could be detected using Oracle's auditing facilities. Turning on and managing audit is one of the first steps to securing the database. Using audit should be part of an overall organization security plan and policy that includes Oracle. The database should be audited regularly for misconfiguration or known vulnerabilities that could allow security breaches to take place.
  Because of its complex nature and vast number of different ways it can be used and configured, the best approach to securing Oracle will always be to follow the principle of least privilege. Once the database is part of the overall security plan and is configured correctly and checked regularly, then auditing it should be considered an important part of the strategy.
  In general, do not grant any privileges to general users in a production database, remove most of the PUBLIC privileges and delete or lock and change the passwords of any default accounts. Ensure that users obey password policies and that the password management features of Oracle are employed.
  It is important that the audit actions are planned from a performance and usability point of view and that the audit trail is managed. It is also important that the audit trail data is understood in terms of detecting abuse.
  The author's recent book by the SANS Institute "Oracle security step- by-step - A survival guide for Oracle security" gives excellent guidelines on how to configure Oracle securely.
  Conclusions
  Oracle's auditing features are very powerful and sometimes seem very complex. As we saw in the introduction, there is more than one option available for auditing an Oracle database. It is possible to audit almost everything in the Oracle RDBMS with the standard features but not at the row level. If a high-level audit is needed, use the standard features to get a view of overall activity and then home in on the area of concern in more detail.

• Setting up auditing for tables

  Hi Gurus,
  Could some one help me in setting up an auditing process for few tables on one of the schema say scott.
  auditing on insert,update,select and delete .
  I have 4 tables say for example
  emp, dept,org,ssn

  790072 wrote:
  Hi Gurus,
  Could some one help me in setting up an auditing process for few tables on one of the schema say scott.
  auditing on insert,update,select and delete .
  I have 4 tables say for example
  emp, dept,org,ssnwhen all else fails Read The Fine Manual
  http://download.oracle.com/docs/cd/E11882_01/server.112/e17118/statements_4007.htm#i2059073
  why do you prefer to read answer here rather than from original source as URL above?

• "Billing block" status has been set.

  One contract was incepted (Created) on 13.03.2008. BRI's also generated, BRI is nothing but which calculates the EMI amount with respective billing dates. But due to some reason all BRI got u201Cblock for billingu201D status. Because of that BILLING DUE list was not generated.
  Now we are getting collection from customer and it is lying in suspense account.
  Now, I need to know how this billing block status has set in all the BRI.How to rectify this.
  Give me some clarity on billing block.
  Immediate response appreciated.
  Thanks and regards
  Rajesh

  HI,
  Billing block may be set at Status Profile. Check your status profile. Double click on Status and see behind whether there any Radio Button Set or not (Based upon your requirement).
  You can also manually remove the Billing block status.
  Hope it answers your query.
  Regards,
  Ankush

• Gr Blocked Stok or blocked stock Stop type setting in OMJJ

  Hi,
  Movt. Type 103, used to post material in GR blocked stock, just want to know what setting in OMJJ for movement 103 used to POST Material stock into GR Blocked Stock only.
  Edited by: V raj on Aug 27, 2009 3:08 PM

  Hi Raj,
  After u enter the movement type 103 in OMJJ , in the first screen u will find Internal Control -- GR Blocked Status (S).
  Regards
  Ramesh Ch

• Tunning signature- set number of destination ip addresses

  Any way to set IDS signature to fire only if same source address scanning more then say 50 different destinations in given time like 10 minute?

  I guess you can do this using the 'custom signature' wizad using the IDM. I do not remember the available options, but you might see there once you get there.

• Small Business Digital Signature Set-up

  We have about 125 employees that have digital signatures created using Acrobat 9 and X. Is there a way to import all employee certificates (public keys) at one time into Acrobat so we can validate signatures when the signed PDF is opened?

  You can import all certificates on one Acrobat installation, set the trust, and then use Security Settings Export feature in Acrobat to export all these trusted identities. Then you send the acrobatsecuritysettings file to each employee and have them to Import Security Settings from this file.

• Entourage - signature set up

  Hi
  I've set up a signature no problems in entourage and it works fine when I'm sending an email as the logo is at the top and centred and the contact details in the signature is at the bottom.
  However, when I reply to an email the signature goes to the bottom of the whole 'trail' which doesn't leave our logo prominent or our web address and contact details.
  When i used the PC outlook program the signature could be setup as I want it (described above). COuld someone please let me know if entourage can be setup like this and how I might be able to do it.
  Many thanks in advance.
  Cheers
  margie

  Dear Margie,
  if you go to Entourage - Preferences - Mail & News Preferences - Reply & Forward - then in the Mail Attribution section choose "Place reply at top of message and include From, Date, To and Subject lines from original message" it will do exactly what you want (and by the way the same as in Microsoft Outlook for Windows) so what we are all used to
  Hope that helps, regards,
  Ralf
  P.S.:
  reference: http://www.entourage.mvps.org/faq_topic/reply.html
  Message was edited by: RalfP

• Influence on Windows Live Mail 2011 signature set up

  Forgive my ignorance / stupidity in asking this.
  Is there any way by having Mozilla Firefox 12.0 on my desktop can it influence my Windows 7 / Windows Live Mail 2011 in such a way that, no matter which method I use I find it impossible to add a Signature to my E Mails other than in pure Text format??. One should be able to add a small icon/logo/image/picture (usually in jpg format) sourced from either Google Images or Public Source OR from ones own images (preferably small) and include with a personalized signature. Whichever of the common methods I have used to achieve this ALWAYS results in the image (no matter which I choose or from where) appearing as a Red outlined box with a Red X. Is there anything about my Firefox 1'''bold text'''2.0 that could have some bearing on this fault.??
  RichardH

  Use these settings: (only Mail will work, Live does not support contacts and calendars from iCloud)

• I downloaded site block, how do i set it to block a site while it's open

  I have ad block already installed. I also loaded site block. Once the site is open and I want to block it, how do I adjust my settings?
  Thank you.

  From the address bar, copy the site name ONLY !
  Example;
  https://support.mozilla.org/en-US/questions/1021339
  Copy only;
  https://mozilla.org
  Then open the add-on, and paste it in.

• Exclude an IP being blocked on a signature

  Dear All,
  In our AIP-SSM 20  signature 11020/0 1 /2/3 & 4 are configured to be denied.
  Is there any way we can exclude 01 IP from being denied by this signature? 
  Any reponse would be appreciated.
  Thanks

  You will need to create an event action filter "service event-action-rules rules0" section of the CLI or through the GUI you can click on Configuration\Policies\Event Action Rules\rules0, click on the Event Action Filters tab on the right.  Create a filter for the source or destination IP address, specify the signature(s) you want to filter on, and then select the actions to remove, such as create alert or drop packet.
  Jon.

• Best Block Size Raid 0 Set-up

  Premiere Pro CS5. Windows 7 64 bit
  . Setting up two hard drives ( 2tb each in size) in Raid 0. What would be the optimal blobk size for two? What would it be for 4 drives? Thanks Roman

  I was hoping you would link to that article. The controller I have is an Intel Controller on a Gigabyte Motherboard. Six core Intrl Processor and 24 gig ram. Right now I have the size set to 128K. I was also wondering whether 512 would be a little better. Thanks for the link and answer. Roman