## Centrally apply a GPO rule to Local Admins

Pardon if someone asked before – tried searching maybe I missed it out.

Anyways, I have to

1a) Set a domain wide policy to Deny Access to this Computer from the Network 1b) Put each computer’s local “Administrator” in that policy

Where I’m stumped is that on the Domain Controller >> Group Policy Management, while changing the policies during the please Select Users and Computers phase, it only displays domain users. Can’t do a scope change either – it only allows searching the local DC, the whole domain, or the forest

I did some research on Restricted Users, sure I can use that tool to overwrite users group memberships but that’s about it, I can’t automate adding / centrally manage each PC’s local admin to the Deny Logon policy.

I’d value any ideas or alternative suggestions to this issue. Might have to explain to management or even go thorough the sticky way of simply doing this as out of the box default for new computers

## Why do some Applications use local language?

I’ve set all entries in /etc/default/locale to “en_US.UTF-8” BUT some applications, eg. VLC Media Player, Synaptic Manager, still using local language! How to set default application language?

## Local central limit theorem far from the center

Let $$X_i$$ be a sequence of iid random variables, $$E [X] = 0$$, $$E [X^2] = 1$$ and $$E [|X|^k] < \infty$$ for some $$k \ge 3$$. Classical local CLT says that the density function $$f_n$$ of $$\frac1{\sqrt n}\sum_1^n X_i$$ satisfies that $$f_n(x) – \phi(x)\left(1 + \sum_{j=1}^{k-2} n^{-\frac j2}P_j(x)\right) = o\left(n^{-\frac{k-2}2}\right), \quad \phi(x) = \frac1{\sqrt{2\pi}}e^{-\frac{x^2}2}$$ where $$P_j$$ is some $$(j + 2)$$-order polynomial, and the RHS is uniformly small for $$x \in R$$.

This gives us very good estimate for constant $$x$$. My question is that can we get a similar expansion equation for $$f_n(\sqrt nx)$$? Since $$\phi(\sqrt nx)$$ decays faster than any polynomial order in $$n$$, we can not apply the local CLT directly.

Remark: I consider this in order to estimating the following expression for $$x \not= 0$$ and $$y$$: $$\frac1{f_n(\sqrt nx)}f_{n-1}\left(\frac{nx + y}{\sqrt{n-1}}\right), \quad n \text{ sufficiently large}.$$ When $$x = 0$$ by local CLT this is bounded by $$1 + C(1+y^2)/n + o(1/n)$$. If $$x \not= 0$$, I expect the upper bound $$\exp\left\{-\frac{x^2}2 – xy\right\}\left[1 + \frac{C(x^2 + y^2)}n + o\left(\frac1n\right)\right].$$

## I need to create a group with users local administrator policy

In our company, we did network PCs by a domain on windows server. And each PC for install any application/software needs to administrator login. We need to create a group with some specific policy, that when we add a user to the group, users can access administrator permission.

## Unable to connect hive to local window machine. Getting Connection error: java.sql.SQLException: Could not open client transport with JDBC Uri

I am trying to make connection between hive-server2 and my local window machine with python.I have Connection string and a keystore file. I am using Jaydebeapi python module to solve this issue. The various .jar file I am using: 1) HiveJDBC4.jar
2) hive_metastore.jar
3) hive-service-0.13.1.jar
4) libfb303-0.9.0.jar
5) libthrift-0.9.0.jar
6) log4j-1.2.14.jar
7) ql.jar
8) slf4j-api-1.5.8.jar
9) slf4j-log4j12-1.5.8.jar
10) TCLIServiceClient.jar
11) httpclient-4.3.3.jar
12) httpcore-4.3.jar
13) guava-16.0.1.jar
15) hive-common-0.10.0.jar

My connection string is:

jdbc:hive2://example@domain.com:port/;   ssl=true;   sslTrustStore=FileKey.jks;   trustStorePassword=password;   transportMode=http;   httpPath=gateway/default/hive    

I have tried other modules but for the given problem and inputs, Jaydebeapi approach I found to be more valid here. I have written python code:

import jaydebeapi Jars = ['C:/Cloudera_HiveJDBC/HiveJDBC4.jar',    'C:/Cloudera_HiveJDBC/hive_metastore.jar',    'C:/Cloudera_HiveJDBC/hive-service-0.13.1.jar',    'C:/Cloudera_HiveJDBC/libfb303-0.9.0.jar',    'C:/Cloudera_HiveJDBC/libthrift-0.9.0.jar',    'C:/Cloudera_HiveJDBC/log4j-1.2.14.jar',    'C:/Cloudera_HiveJDBC/ql.jar',    'C:/Cloudera_HiveJDBC/slf4j-api-1.5.8.jar',    'C:/Cloudera_HiveJDBC/slf4j-log4j12-1.5.8.jar',    'C:/Cloudera_HiveJDBC/TCLIServiceClient.jar',    'C:/Cloudera_HiveJDBC/httpclient-4.3.3.jar',    'C:/Cloudera_HiveJDBC/httpcore-4.3.jar',    'C:/Cloudera_HiveJDBC/guava-16.0.1.jar',    'C:/Cloudera_HiveJDBC/hadoop-common-2.2.0.jar',    'C:/Cloudera_HiveJDBC/hive-common-0.10.0.jar'] conn_hive = jaydebeapi.connect('org.apache.hive.jdbc.HiveDriver','jdbc:hive2://example@domain.com:port/',                            {'ssl':"true",                            'sslTrustStore':"Filekey.jks",                            'trustStorePassword':"password",                             'transportMode':"http",                             'httpPath':"gateway/default/hive"                            },                            jars= Jars) cursor = conn_hive.cursor() 

But I am getting an error:

java.sql.SQLExceptionPyRaisable: java.sql.SQLException: Could not open client transport with JDBC Uri: jdbc:hive2://example@domain.com:port/: null 

Is there any problem with the code, in approach or lack of Jar Files I have added. Is there any other alternatives that I can use for giving best results.

## Can an unprivileged program modify an HTTP request response on the local machine?

Imagine you have a simple GET request going to server 123.456.111.222. Your client executable creates a winsock on the server IP (TCP) and sends the HTTP request (unencrypted) to the server. If a local program found the outgoing request and specifically the source port of the request, could that program send its own data to that port? (Hopefully winning the race condition, but it should given it’s localhost)

I would get the source port by using GetExtendedTcpTable however I am not quite sure if it would be as simple as opening the port using winsock and sending the data.

## Can an unprivileged program modify an HTTP request response on the local machine?

Imagine you have a simple GET request going to server 123.456.111.222. Your client executable creates a winsock on the server IP (TCP) and sends the HTTP request (unencrypted) to the server. If a local program found the outgoing request and specifically the source port of the request, could that program send its own data to that port? (Hopefully winning the race condition, but it should given it’s localhost)

I would get the source port by using GetExtendedTcpTable however I am not quite sure if it would be as simple as opening the port using winsock and sending the data.

## Difference between local and central anti-spam

I’m attending a web security course whose slides, concerning techniques for protecting ourselves from spam, sometimes report the expressions “local anti-spam” (or “personal anti-spam”) and “central anti-spam”.

I suppose the “central anti-spam” is the e-mail provider’s one, but I cannot figure out what can be a local (or personal) anti-spam and which can be the differences about them.

I tried to google such expressions but I didn’t find anything.

## Screeshot local determinado da tela

Gostaria de saber como faço para tirar uma print de um local especifico da tela. Exemplo abro uma aplicação que gera um relatório. Imaginamos que essa aplicação é do tamanho de um iphone 5 (proporção de altura e largura) e fica centralizada no meu monitor. Quero um script que quando eu o execute ele faça uma captura de tela dessa aplicação. Estou usando o código abaixo mas ele faz a print da tela cheia, poderiam me ajudar?

import pyscreenshot as ImageGrab   def main():     imagem = ImageGrab.grab()     imagem.save('screenShot55.jpg', 'jpeg')   if __name__ == "__main__":     main() 

## my real ip is on first Ubuntu but web project container on another (Loca) .Now i need SSH connection to my local server from external ip address

my real ip is on first Ubuntu but web project container on another (Loca) .Now i need SSH connection to my local server from external ip address. Please help. How can i have access to files in local server, i i can ssh connect to real ip server only.