Tcode SQVI post any security threat in production system ?

Similar Messages

• Firefox will not let me get on any websites (safe AND not safe), claiming that it "may pose a security threat to your system"; when I try to choose the "proceed unprotected" option, it won't let me.

  My computer's anti-virus software recently expired. A few days later, I went to download a new anti-virus software . . . when I opened up Firefox, I received a warning that claimed Firefox was infected with "Trojan-BNK.Win32.Keylogger.gen", and gave me two options: "Activate XP Security 2011 (recommended)" (this was a $60 charge and required credit card info) or "Continue unprotected (Dangerous)"
  Since I needed to install new anti-virus, I figured I would continue unprotected, download my new software quickly, and remove the virus. But when Firefox opened, it gave me a message saying: "Firefox alert. Visiting this site may pose a security threat to your system!". Gave me three options:
  1. "Get a copy of 'XP Security 2011' to safeguard your PC while surfing the web (RECOMMENDED)"
  2. "Run a spyware, virus and malware scan" (I already did this)
  3. "Continue surfing without any security measures (DANGEROUS)"
  I tried clicking on different links, but the same warning kept showing up, even on verified and safe sites. I tried to choose the third option so that I could download my anti-virus software quickly, but nothing happened when I clicked on it - the page reloads and the warning shows up again.
  My computer is still without anti-virus software because Firefox will not let me surf the internet. Please help!

  It sounds as though your PC is infected with fake antivirus software. The detailed cleanup instructions vary depending on which fake AV you have. However, as a first step, try this:
  Download the following on a different PC, copy them to a USB flash drive or CD, and then run them on the infected PC:
  Malwarebytes Anti-malware : http://www.malwarebytes.org/mbam.php
  SUPERAntiSpyware : http://www.superantispyware.com/
  Hopefully these will get you back online safely. If not, search for clean-up instructions for the specific malware.

• Is there any security threat?

  Hi Group,
  I have my IIS webserver outside the fire wall and my coldfusion application server and SQL Server is behind the firewall . Can IIS Still access the cold fusion application server and SQL Server for coldfusion pages, is it for this situation do i need to open the port no 1433 in the firewall for SQL Server, if so is there any security threat?
  Thank You for your Time

  You can run CF in a distributed mode if it is running on JRUN.  So the IIS server would only need access over JRUN ports (which are uncommon) to the CF server.
  This is a little harder to setup, but is covered in the livedocs.
  Alternately, if the person who does your firewall knows how to, you can place everything behind the firewall and segment the firewall into zones, so only your application has access to the database.
  Then your only concern would be what code is being placed on the server and by whom, internally.
  Of course, if your internal network is not secure and accessible, this is a "way in".
  Best practice is to allow no access, and grant only what is necessary.  This applies to all networks and routes that would have access to the entity being protected.
  There is also something to be said for security by obscurity.  Meaning if you have to make 6 jumps to upload code to your server, and only a handful or people know this process, that makes it all the harder to be compromised.
  Byron Mann
  [email protected]
  [email protected]
  Software Architect
  hosting.com | hostmysite.com
  http://www.hostmysite.com/?utm_source=bb

• I have an imac G5 with a power PC chip running os 10.5.8.  and using safari 5.0.6. are there any security threats i should be aware of?          s there a

  are there any security concerns using my PPC imac g5 running OS 10.5.8 and using Safari 5.0.6?

  You could use a browser that does not use Flash or Java, as a safety measure when visiting sites; the Safari browser has no support or recent updates. TenFourFox v 24 is fairly good, and uses later Mozilla code, is compatible with powerPC computer limitations. SeaMonkeyPPC has a similar code, but acts a little different; and there still is iCab, a good browser that will run free, but asks you get a $20. license.
  The Safari browser can be used to set a different browser up as system default, so it won't launch and open attachments or web pages; it has a setting in its preferences where you choose another browser as default. As I have four or five browsers and one dedicated to gmail (launched as signed-in, through notifier) that is how I've used the default, otherwise mine are all in the Dock.
  There is no new upgrade for Adobe Flash plugin player, etc; but the one in their site for vintage is still available at getflash player at Adobe. Most prompts online are to get you something else, even adware loads up from some not-so-clever efforts to get people to install junk. So go to the source. Someone wrote a patch that is supposed to allow a later version of Flash player to work in older 10.5.8 PPC Mac, but I have not tried it.
  The thread of security is mostly based on the user and their caution to avoid odd free software and also avoid some sites that try to get people to load cleanmymac or genieo, or other adware malware voluntarily. Those are troublesome and hard to remove, and can waste processor cycles, slow the computer & mess it up. Mostly from a browser the adware issues arise. For those you see The Safe Mac and read up on the adware removal guide, among others linked on the page: http://www.thesafemac.com/arg/
  So anyway, there is really nothing new on the face of it for obsolete OS X systems users.
  Good luck & happy computing!

• ChaRM scenario for only one productive system

  Hi CHaRM-experts!
  I would like to know whether or not is it possible to use the Change Request Management scenarion for only one productive system?
  It means we have systems and cases where we should apply the emergency correction only in productive system, without any transport from DEV or QAS system.
  Does ChaRM support such case?
  Thank you very much!
  regards
  Thom

  Hi Don,
  thank you very much for your answer.
  No, I do not plan any transport in the productive system.
  I would just make any adminstrative changes without transport.
  Does ChaRM support such scenarios?
  Thank you!
  regards
  Thom

• Incoming payment from a vendor-is there any tcode to post

  How do we post an incoming payment from a vendor.Is there any tcode to post or f-02 should be used.

  Hi
  Also try F-52
  Thank You,

• Any open current internet security threats?

  CNN and others are periodically announcing a internet security threat that has been active for 2 years and is a threat to steal passwords -- suggesting that all passwords be changed.
  This has upset my wife -- i am an apple only household since the 1980s with all s/w completely updated to this moment.
  what is the status of this threat?   do i need to take further percautions?
  i think not  -- but looking for confirmation.
  thnx - j

  OpenSSL Heartbleed bug

• Norton Security Threat in QT?

  Hello. Recently downloaded and installed free version of QT. When I go to a certain web site( a music board that's well known ) Norton informs me of an attack termed " HTTP Quicktime RTSP URI BO ". Norton considers this high-risk and blocks it. Google search reveals that this is a problem with an older version and recommends a patch. Why am I getting attacked with the newest version? Is this a serious threat? Is this a web site problem? How do I stop the attacks? I have temporarily uninstalled QT but would like to have it on my computer again. Thanks in advance for your help.

  >
  Kent SAP wrote:
  > hi,
  >
  > my user is requesting to use tcode sqvi in production, but authorisation team do not allow as the tcode will allow user to do query across.
  >
  > is SQVI a security critical tcode that we should not let user have in Production system ?
  >
  > comment and advice will be highly appreciated.
  >
  > regards,
  > kent
  i'm sorry i saw this post too late ... of course  SQVI is VERY security-critical. It requires S_TABU_DIS on every table used in sqvi. if you have more than one company code, more than one plant, more than one purchasing organisation you will no longer be able to prevent your user reading data from other organisational structures!!  you might as well give access to SE16(N) then.
  follow this thread about queries (sqvi is a small-time query) in the SDN security-forum for more on the topic:
  How to override security for table access when using SAP Query?
  Edited by: Mylene Euridice Dorias on May 29, 2008 1:31 PM

• DHCP Security threats,Mitigation and Assessment

  Hi,
  I am doing networking project on DHCP security threats,Mitigation and assessment. I am including dhcp snooping ,am researching on  Understanding DHCP communication,Security issues in DHCP protocol and communication,DHCPattacks,DHCP Starvation attack,Mitigating Attacks,DHCP Snooping,Port-Security,Recommended product,DHCPvulnerability assessment,Rogue DHCP Server detection,DHCP Starvation assessment.
  Do anyone have better idea what else to include in this networking project.How to make it more better. do anyone have any document or any other resource where can i CAN get information about this project so that I can research little more.
  thanks

  I'll try to cover as much as possible, as this should be posted in a security forum, and the security issues can go to very deep levels.
  1. Users: need to have direct access to the exchange servers only from the internal network.
  2. Anti-Virus on the server it's self and on all the users clients.
  3. Using a front-end to publish the Exchange OWA and RPC over HTTPs to the outside (using ISA server)
  4. Have a firewall (can be configured very specificaly to allow access only to what you need)
  5. Have a Mail-Relay appliance to perform the initial anti-virus and anti-spam
  6. If data leak is an issue, you can also install a DLP solution
  I'm sure there is more, but those are the main things.
  Yanir Ben-Nun / System Team Leader / IT / IS Professional

• Is my OS X Mountain Lion installation vulnerable to security threats?

  Hello dear community members,
  I am a bit concerned about my OS X installation being vulnerable to known security threats which may not have been patched. Also came across an article:
  http://www.zdnet.com/os-x-mountain-lion-users-no-more-security-updates-700002232 2/
  What are your thoughts on this and how are you handling this issue?
  I can not upgrade my mac to Mavericks because I need to use some software which is only compatible with Mountain Lion.

  Aceattack wrote:
  It is not Apple's responsibility to ensure 3rd party compatability however the concern was that Apple continue to support and provide security fixes for old OS X versions rather than force people to upgrade just because Mavericks is a free upgrade.
  But Mavericks is a free upgrade. And any Mac that runs Mountain Lion will also run Mavericks.
  It is standard procedure to discontinue support for old products. I will quote the AppGate on the topic:
  Important note: End of Life AppGate Version 9*
  After due consideration, Cryptzone is declaring End of Life (EOL) on AppGate Security Server v9.x This became effective on October 30, 2013. Full support will continue to be provided for AppGate Security Server v9.x up until the end of Q2 2014 After this time any customers wishing to continue to receive support and updates must move to version 10.x (or newer). Most customers have already migrated, but if you have any still on this version please work with them to migrate to version 10.x.
  Why is it acceptable for one company to stop supporting an old product but unacceptable for another? And why do I suspect that the AppGate upgrade is not free?
  If you depend on AppGate and eToken and those products do not run on Mavericks, you should be asking why. Like all developers, they have had access to Mavericks since early June. What was so radically different about Mavericks that takes over 7 months get working? Either they aren't very committed to the platform or they really don't know how to write OS X software. Considering that the product seems to be Java-based, I suspect both.
  That is an interesting conundrum that is pretty typical for enterprise customers. You are running an old OS version without security updates because you depend on 3rd party security software that depends on 4th party Java software proven to be one of the last major malware conduits. And people wonder why these enterprise servers are always the ones to get hacked and hand over 45 million customer records.
  I feel your pain. I only recently updated my work machine to Mountain Lion due to similar enterprise security issues. Our market-leading antivirus vendor that protects us against the latest zero-day malware was unaware or just didn't care that Apple had released a new OS. And I'm talking about Lion! I have similar problems with my Java-based Juniper VPN. The Apple-provided VPN works fine, as it always has. And I can't really do without my Mac because I need it to develop on when my Linux servers with 24x7 on-site support from IBM and Oracle are out of commision for 4 months. Apple is not the cause of either of our problems.

• HT201303 I never set up any security questions for my Apple ID and I was asked on the app store to sign in and answer my security questions. I never made security questions in the first case. I can't purchase anything without them. What should I do?

  I never set up any security questions for my apple ID and I was asked on the app store to sign in and answer my security questions, I never made any in the first place and it came up with questions that I didn't know. I've already been in support and tried to reset them, but I have to answer the security questions in order to change them. Is there any way to find out what they are?

  From a Kappy  post
  The Best Alternatives for Security Questions and Rescue Mail
  1.  Send Apple an email request at: Apple - Support - iTunes Store - Contact Us.
  2.  Call Apple Support in your country: Customer Service: Contact Apple support.
  3.  Rescue email address and how to reset Apple ID security questions.
  An alternative to using the security questions is to use 2-step verification:
  Two-step verification FAQ Get answers to frequently asked questions about two-step verification for Apple ID.

• Abap quick viewer (tcode sqvi)

  Hello friends,
                     can any1 provide me with some links on abap quick viewer (tcode sqvi). links where i can learn how to use it.
              thnks

  Hi,
  Here are the links
  http://www.sap-basis-abap.com/sapqu004.htm
  http://www.sap-press.com/product.cfm?account=&product=H999&shoppingcart=003
  Regards
  Sudheer

• How to bring the Tcode FI12 in Production System in EDITABLE mode

  Dear Sir/Madam,
  The  T code - FI12 is not in editable mode in Production System. Is it by default remains in NON Editable mode  ? Our FI consultant is saying that the users needed it in Editable mode for maintaining BSR Code.
  To bring it to Editable Mode, I have to open the Production Client. Is there any alternate exists to bring this Tcode ( FI12 ) in Edtable mode other than Opening the Client ?
  Thanks and Regards,
  Pranab

  Users needed in editable mode
  Is this a one time activity or a permanent?
  You can transport the changes from DEV to PRO without opeing a client.
  OR
  You can create a cusomize tcode with same functionality with secondary index to use the same entities in editable mode.
  Just work with your ABAPer and get it done.
  Regards,
  Nick Loy

• The whtopic.js  file was identified as a security threat

  Hello,
  We generate WebHelp using RoboHelp HTML. The security teams contantly runs security checks on the applications and the whtopic.js file that RoboHelp generates was identified as a security threat becuase of "DOM ocde injection". The comment was that the document.location.href is controllable and, at a minimum, ought to be run through some html encoding.
  Any one else ever run into security analysis of the RoboHelp generated files?
  Anything we can do about it?
  Thanks,
  Rakefet

  These security things sometimes come up in tools. As the code here doesn’t have anything to do with cross frame scripting, so I very much doubt this is an XSS vulnerability. I have asked the people who know about this to look it over.
  Greet,
  Willam

• Is there any Security or Change Log for Shockwave Player 12.1.3.153 available?

  I haven't seen so far any Security or Change Log for Shockwave Player 12.1.3.153. Given the Update ID SW12-13153 this seems to be an ordinary update (not a security hotfix with the prefix APSB...). Has anyone seen a change log?
  Thanks.

  As always: no.  The last Security Bulletin issued for Shockwave Player was http://helpx.adobe.com/security/products/shockwave/apsb14-10.html (March 13, 2014).