Security issue, kindly reply urgently

Similar Messages

• Wlan Security Issue urgent help needed

  Dear Community,
  i have a wlc 5500  with two ssids for employees and contractors
  both ssids with layer2 security WPA+WPA2 and auth key mgmt 802.1x are authenticated with ACS 5.0 (active directory) for users access and are working fine after windows adapter setting
  but my question is, can i do some thing like
  authentication with acs 5.0 (active directory) for users access but without windows adapter seting????
  i mean without changing any setting on windows adapter ( leave it as default).
  if i can then how i can???
  or i cann't do that i mean there is not any option to do that?
  plz give me your seggustions i need urgent help on this topic.

  thanks for your reply George
  it seems only for 802.1x authentication key methode needs windows adaptor changing as per you.
  is there any other option to configure wlan scurity with acs (MS active Dir) user authentication like
  let me tell you something
  i want when any client will try to connect any wlan he ll just prompted to use his username and password(of active directory) without doing any changes in window adapter setting???
  i don't care layer 2 security will be whatever like wpa+wpa2 with 802.1x OR something else
  can i do that or no ??
  if yes i can than what type of security?
  please don't tell me about webauthentication i already know about that and i ll use that mothed for GUSET-Wlan.
  kindly reply me soon 
  Thanks

• Interesting scenario (Urgent, kindly reply)

  Hi,
  We want to move one of our Production server to another country.
  Of course it will take time to move and setting up in new country.
  Meanwhile we like to have same copy of database running locally , so that we don’t disturb
  the work
  1) What are different methods for copying the database if we can not shutdown the database
  and also let me know the options if we can shutdown the Database for a hour.
  2) What i need to change from client, application site if we are moving database to different country.
  2) Know lets suppose we have new copy of database up and running locally, and the users
  and application are making changing. How can we make these changes (DML,DDL,DCL)
  to the actual live database when it will be up and running.
  Please kindly reply all possible solution with doc id (for reference)
  Advance Thanks,

  Look at Oracle Data Guard
  http://download-east.oracle.com/docs/cd/B19306_01/server.102/b14239/toc.htm

• My dv5 laptop has an internal "typing" noise/multiple security issues

  I'm not sure if this is a problem, but since I've had all kinds of issues with this particular model (the first Pavilion we were sent by HP had to be returned because the engineers finally deemed it unfixable), I thought I'd ask.  I'm a little nervous about a sound that makes me think of little gremlins inside the unit typing away.  It's not constant, but I'm wondering if that's normal and what the noise is. 
  Another problem is that periodically I'll get a message about the computer having "multiple security issues".  I then do a virus scan, which turns out fine, so I don't know what it means. 

  The Intel chipset issue is not at all related for your Notebook. Its quite unfortunate you are facing this problem as I would say its a coincidence that even your second hard drive went bad so soon.
  Time for you to RMA the new hard drive. 
  //Click on Kudos and Accept as Solution if my reply was helpful and answered your question//
  I am an HP employee!!

• Security issue in DNS ! Update bind.

  Apparently there is a massive security issue in DNS protocol : http://securosis.com/2008/07/08/dan-kam … -released/
  or http://www.kb.cert.org/vuls/id/800113
  I am surprised I haven't seen any post on the forum about it. For now a solution could be to update bind to 9.5.0-P1 (I don't know if the one in testing is this particular one, there is no "P1").
  Every DNS server has to be upgraded since the issue is in the protocol, not in the code !

  A lot of systems got updated yesterday/today. I just checked a Windows Server 2003 x64 RC2 at work; yesterday it was vulnerable, but today it's reported safe after the recent security updates (this site offers some kind of check: http://www.doxpara.com/)
  I believe all the "big" ones in Linux did release an update yesterday, so there's probably plentiful of patches around... which is beyond the limits of my brain cells at the moment.

• Security issues in Mavericks 9.04

  I just had a secure scan done on my Mavericks server. The main issues seem to be:
  OpenSSL Running Version Prior to 0.9.8za Upgrade to OpenSSL version 0.9.8za or newer.
  Apache mod_negotiation Multi-Line Filename Upload Vulnerabilities (Upgrade to Apache version 2.3.2 or newer.)
  Given that upgrading these would mean compiling and installing Apache and OpenSSL(which I'm not really keen to do) I'm wondering what experienced admins think of these threats.

  pkmusic wrote:
  Dumb question - so a self-signed SSL cert doesn't use Open SSL?
  Certificates are used with ssh and SSL/TLS and such, yes.  Most of OS X uses Secure Transport for its certificate- and SSL/TLS-related processing, but Apache does not.  Apache is linked against OpenSSL.
  Self-signed certificates lead to a different security issue.  
  An HTTPS site with a self-signed certificate will be considered untrusted by accessing web clients and the web browser will usually issue diagnostics before allowing access to the site or a diagnostic before marking the certificate as trusted, or that you've set up your own certificate chain and installed your own root certificate.  That you're asking this question implies the former; that you're not really running HTTPS with a trusted certificate chain.   Which generally means you can just shut off SSL/TLS.
  As for the original question, here's how the scanner is likely detecting the down-revision versions — if you look at the server details being returned to the client, you'll see some information on Apache and OpenSSL versions embedded in the response:
  $ telnet foo.example.com 80
  Trying 10.1.3.1...
  Connected to foo.example.com
  Escape character is '^]'.
  HEAD / HTTP/1.0
  HTTP/1.1 301 Moved Permanently
  Date: Sun, 20 Jul 2014 14:40:11 GMT
  Server: Apache/2.2.26 (Unix) PHP/5.4.24 mod_ssl/2.2.26 OpenSSL/0.9.8y DAV/2
  Location: http://foo.example.com/
  Cache-Control: max-age=1209600
  Expires: Sun, 03 Aug 2014 14:40:11 GMT
  Connection: close
  Content-Type: text/html; charset=iso-8859-1
  Connection closed by foreign host.
  $
  That won't get fixed without replacing Apache et al or one of the other options, as described in my earlier reply.
  For completeness, some folks will manually configure the server to not return these details.  That'll derail the the vulnerability scanner, certainly.  It might not have the intended result, too, as the remote attackers can simply decide to throw every attack they have at your server — the attackers are not short on CPU cycles and network bandwidth, after all; unintended consequences.
  As for using a self-signed cert and given you probably aren't providing file-level access to other folks, I'd not (personally) be particularly concerned about that vulnerability scan — one of the limitations with using vulnerability scanners is that you then have to go off and figure out if you're actually vulnerable to whatever the scanner is reporting.  It's an issue certainly, but then you'll have to decide if your backups are complete and current and with copies kept off-site, and if your other security practices and password policies and such are also all up to date and secure, and at what else you might risk if the server is breached — if configuring a DMZ for your server might be appropriate, for instance, to isolate the server from the rest of your network should the server be breached.

• Security Issues with workbook

  Hello All,
  When I log into discoverer with some responsiblity "a" i am able to see the output of the particular workbook.
  But when the same work book ran by other user with differnet responsbility "b" and with with same parameters , he is geting the message as "'The query caused no data to be returned" .
  There seems to be some security issues. Can any one kindly explain the process why the user is not able to view the output. In order to overcome this what are the actions i need to do.
  Thanks for your support.
  Best Regards,
  Kumar.

  Hi,
  I assume that you are using Oracle Applications and that the user is connecting with a different apps responsibility.
  In Discoverer, security can be applied at 4 levels; in the workbook, in the EUL, in views and using VPD. Application 11i security is mostly applied through views.
  Now, the security applied depends on the Apps module. GL, AP/AR, PO and FA all have different mechanisms for applying security. Mostly the security applied will be determined by security profiles set up for the responsibilities. But for example, GL, also uses row based (procedural) security based on the flexfield security rules in some of the GL views. If you are using a custom responsibility you will need to ensure that all the security profiles are set up for this responsibility.
  So your first step is to look at what view(s) are used in the report. Then determine which security profiles are checked by this view. So if it is a GL view you need to check the 'GL Set of Books Name' profile is defined for that responsibility.
  Without knowing which modules you are using, which version of Oracle Applications or whether you have custom or seeded responsibilities it is difficult to know why your report does not return data for the responsibility.
  Rod West

• Security issues faced by users of unsupported OS versions?

  Since Tiger users will relatively soon be in the same situation, I'm wondering what kinds of security issues 10.3.9 users have been faced with now that Panther has for some time not been supported by Apple (including no more security updates). I posted the following in the Tiger Forum, but I'd really appreciate hearing what your experience has been. (BD Aqua in Tiger thought issues simply to do with getting around the Internet would be more the problem than safety).
  I realize I will, sooner or later, have to buy a new Mac and install a more current version, but I would like to postpone this as long as possible. Thanks.
  http://discussions.apple.com/thread.jspa?threadID=2033860&tstart=0
  Now that S Leo has been officially announced for release in September, a question I've been meaning to ask for a while. What do we Tiger stalwarts have to look forward to in terms of security issues once there are no more security updates, and when, presumably, there are no more new browser versions or updates for soon to be archaic PPC and Tiger? (PPC, I realize, is a separate issue). Will we be, to put it simply, screwed and will it become impossible to safely navigate the internet? I realize the browser issues will probably arrive somewhat later than the OS security issues, since there will continue to be secure third party browsers, at least for a while.
  Since we will, relatively soon, be in a similar position, I'm wondering how the folks still running 10.3.9 are >managing with this? (Might post this over there, too.)

  Most security updates fix holes in the system that can be exploited by hackers. However, hackers are mostly interested in gaining access to systems that have something of value. An individual's system has virtually nothing of value worth a hacker's time and effort. It's far easier for them to get what they want via Internet phishing exploits, but such exploits cannot be fixed by security releases. They require effort on the part of the user to be careful about sites they visit and clicking on links they know nothing about thus providing information about themselves such as social security and/or banking numbers. No amount of security patches will help you with this.
  Most security patches recently issued relate to holes in Safari with a couple for the system. These are obscure holes that require hackers to have intimate knowledge of the software to exploit them. None of these exploits have been known to be used in the field. Rather they have been demonstrated as a way of exposing their existence so they can be fixed.

• Security issues with XMLDB.

  Good afternoon, everyone.
  I have a question concerning the security issues of using http service of XMLDB..
  I'm going to set the http port of XMLDB on my production database so I can call
  remote jobs on machines that have the Scheduler Agent installed. (http://docs.oracle.com/cd/B28359_01/server.111/b28310/schedadmin003.htm)
  My question is, what kind of security threats I have to be aware of by opening the xmldb http service port?
  Is there any article or documentation that could help me in this subject?
  Thanks for the patience.
  Regards, Leandro Freitas.

  It depends.
  Generally speaking we think in terms of a DMZ: demilitarized zone. Is the access being made by from a server protected by a firewall or is the Oracle server visible to the world via a piece of copper?
  Fill in the details, and your version number, or we truly can not help you.

• Safari is asking us to call 1-866 782-**** because of a security issue. Safari is not currently working. What is this all about?

  Safari is asking us to call 1-866 782-**** because of a security issue. Safari is not currently working. What is this all about?
  <Post Edited By Host>

  Sorry for the second same words reply but I want people to see this is a scam thank you
  this conversation has help me, today I had the same pop up scam announcement, I was searching in you tube yahoo and google about this no one apparently had this issue before, first I was going to call the original apple phone number because to me this pop seem awkward but the announcement had the apple name I gave it a try but using the call app phone booth just to see if it was the official apple phone number and if it was not who ever was asking me to call wont get my actual phone number, to my surprise it wasn't apple official phone number because I have called the apple official # and is nothing a like, I hung up all worried and sad with only one option in my mind called the apple support number, then I stop and thought for a minute and one clever thought came to my head that is brain lol, the clever thought was this "let me put this phone number in the web to see if it takes me to the official apple website" so I did it and the first pop up search was this article this conversation of you guys read it and follow the instructions they were very successful fix my issue, thank you so much guys, keep up the great work.
  Edit

• Security Issues with iMac OS X

  I thought that with previous OS X versions, the problem was bad enough when you set the 'Stealth Mode' to 'On' & the status was not reflected within the System Profiler utility. 
  Now it seems more security blunders....You're able to amend Login Items, e.g. select &/or deselect items (within System Prefs, User Accounts) without being asked to re-enter the users password or keychain password.  If someone gained access to a users computer/account (even if it was padlocked) then they're able to amend/delete/select/deselect anything in the 'Login Items' list. 
  Yet another major security blunder from Apple & I remember it took them months, if not years to resolve the 'Stealth Mode' issue with previous OS X versions.
  Since UNIX is/was meant to be one of the most powerful & secure computer operating systems, they've made it look pretty WeaK!

  Now it seems more security blunders....You're able to amend Login Items, e.g. select &/or deselect items (within System Prefs, User Accounts) without being asked to re-enter the users password or keychain password.  If someone gained access to a users computer/account (even if it was padlocked) then they're able to amend/delete/select/deselect anything in the 'Login Items' list. 
  Well duh. That's a bit like saying if someone can start your car then they can change the radio station. If a person has hacked your account to the point where the can amend the Login items list then that is not a security issue, in fact that's the very least of your worries. If they have that kind of access to your machine then they have everything, your data, your passwords, the whole shooting match. So, I wouldn't worry too much that the can remove an item from your Login list.
  So, not a security issue, not a blunder. You need to worry about something important.

• "darwin application" run by Guest. Security issue?

  Jolly good day everyone.
  I have just received reports by trusty little "Little Snitch" that "Darwin" wants to connect to several servers across the web. In fact it didn't want to stop, so I opened the activity monitor only to find that Darwin was run by the user "guest". I killed the little app along with "Mdimport" (which I believe is spotlight, but it was also run by "Guest") and nothing happened, so I suppose it wasn't the Darwin that's the lower level of MAc OsX.
  Well?

  Doesn't sound too good, someone might have used your Guest account to access your computer. Let me make a wild guess the password for Guest was "Guest"...
  Delete the guest account, make sure the firewall is turned on, run a check for trojans.
  I'm no expert by any means, but that's your best bet. Don't expect too much help on this board regarding security issues, as you see you hardly get a reply although this seems like a severe security issue.
  People take it for granted that OsX is safe, so they are uneducated, but it's not. In fact that makes it very dangerous. With Windows you know they're going to hack the crap out of you so you take the right steps to prevent it.
  With more and more Macs coming to use we'll see more hackers getting interested so you better be prepared

• Can not view slidshows or creat a book on Snapfish.  SF IT folks say it's a security issue on my end.  Any ideas?

  Can not view slidshows or creat a book on Snapfish.  SF IT folks say it's a security issue on my end.  Any ideas?

  You will need to contact Snapfish to find out their system requirements and which plugin you need
  - http://support.snapfish.com/app/answers/detail/a_id/669/brand/3

• I updated some security issues and suddenlly my gmail does not open. it shows 75% of the procees and does not go on

  I updated automatically some security issues in my computer (I don't remember which) and now my gmail will start opening until it reaches 75% and it will not go on opening.
  I can open it Internet explorer but not in Mozila fireworks

  Clear the cache and the cookies from sites that cause problems.
  "Clear the Cache":
  *Tools > Options > Advanced > Network > Cached Web Content: "Clear Now"
  "Remove Cookies" from sites causing problems:
  *Tools > Options > Privacy > Cookies: "Show Cookies"
  Start Firefox in <u>[[Safe Mode|Safe Mode]]</u> to check if one of the extensions or if hardware acceleration is causing the problem (switch to the DEFAULT theme: Firefox/Tools > Add-ons > Appearance/Themes).
  *Don't make any changes on the Safe mode start window.
  *https://support.mozilla.org/kb/Safe+Mode
  *https://support.mozilla.org/kb/Troubleshooting+extensions+and+themes

• Other web browsers and security issues?

  Since even an Apple KB article recognizes the need for an additional browser and because of Safari's limitations and problems, I'm going to try switching to another browser (most likely OmniWeb and am looking at Firefox, Shira and Opera also though perhaps not as a primary browser) but I'm wondering about their ability to keep on top of any security issues for Mac? (and how do you keep up with security updates?)
  Though perhaps unfounded, at least with Safari, I feel that Apple has a vested interest in keeping on top of security issues (for Safari and Java) and I can readily find out about security updates via software updater.

  Most of the other Mac browsers have their adherents. They are all good browsers (I have 7 browsers installed to test various web sites and for change-of-pace usage). They all have their strengths and they all have their weaknesses. Only iCab and OmniWeb are still shareware, the rest are now or always have been free (Opera just recently stopped charging for its browser).
  I have settled on Firefox as my alternate browser and I use it maybe just a tad more than Safari, but I do switch back and forth between them. The Mozilla foundation is good at getting security updates out when needed. Firefox has a button on the toolbar to check for updates. One nice thing about Firefox is that you can install free extensions which enhance the features available. I have one to supplement tab features, one to control iTunes from Firefox's status bar, one to help me format messages in discussion forums, and one to block ads.
  I prefer OmniWeb for doing intensive research because of the way it handles tabs in its sidebar, showing me which ones I've looked at and which ones I haven't, and giving me great flexibility in rearranging tabs, which are viewable as thumbnails or text names (I have had up to a hundred or so tabs open in OmniWeb.
  Shiira is good and its fast. I have not checked for updates for a while, but the last time I updated there was still a problem with Shiira kicking you out of logged-in sites when you moved from page to page with in web site. This may have been fixed by now - they were aware of the problem back then.
  Camino is a native OS X cousin of Firefox and is also fast, but is not updated as often.
  I would stay away from Mozilla or Netscape unless you need all the additional modules they have and which take up hard disk space. Firefox and Camino represent the browser module of Mozilla/Netscape. Mozilla and Netscape have modules for email, irc chat, newsgroups, and for creating and editing web pages. Netscape is a branded and slightly customized version of Mozilla and is not updated as often.
  Opera is a nice browser and some use it as their main browser, but I have not seen anything that really stands out for me, but that does not mean it is not worth a look.
  I would stay away from abandonware Internet Explorer.
  As for checking for updates, several of them, as with many Mac programs, now have a menu item that allows you to check for updates. Most of them also announce their updates on both VersionTracker and MacUpdate.
  Happy Exploring.