Search Results

Search found 1458 results on 59 pages for 'protect from forgery'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 10/59 | < Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >

  • What makes it hard to protect from hacks/bots in BF3 and Quake Live?

    - by Jakub P.
    After playing these games, asking other players/admins, and reading online I am led to believe that Quake Live and Battlefield 3 are frequented by bots and there are plenty of hacks of various kinds. I'm confused how this is possible, or even easy seeing how many players have access to these kinds of "tools" (sic). Isn't it possible for the game authors to digitally sign the game executables so that when they run, the server can ensure only the allowed client is sending commands, thus preventing any kind of abuse? I.e. every player command would be signed by a private key, or symmetrically encrypted (not sure which would make more sense). I understand that players can look at the running executable's behavior (memory etc.), but if games are apparently so easy to hack, shouldn't most apps be hacked as well (e.g. Skype, all DRM running on Windows etc.)?

    Read the article

  • How can I protect my save data from casual hacking?

    - by Danran
    What options are there for saving game data in a secure manner? I'm interested in solutions specifically tailored for C++. I'm looking for something that is fast and easy to use. I'm only concerned about storing simple information such as Which levels are and are not unlocked The user's score for each level I'm curious again to know what's out there to use, any good libraries to use that give me nice, secure game data files that the average player can't mess with. I just found this here which looks very nice, but it would be great to get some opinions on potential other libraries/options out there.

    Read the article

  • Get and set accessors do they protect different instances of a variable?

    - by Chris Halcrow
    The standard method of implementing get and set accessors in C# and VB.NET is to use a public property to set and retrieve the value of a corresponding private variable. Am I right in saying that this has no effect of different instances of a variable? By this I mean, if there are different instantiations of an object, then those instances and their properties are completely independent right? So I think my understanding is correct that setting a private variable is just a construct to be able to implement the get and set pattern? Never been 100% sure about this.

    Read the article

  • When creating a library for a simple program, what must I do to protect others from its lack of thread safety?

    - by DeveloperDon
    When creating a library for a simple program, is it more cost effective to make it thread safe or is there a way to detect the program's use in a multithreaded program and ASSERT() or otherwise determine (preferably at compile or link time) that it may create problems. Related help for this question would be automated tool support for finding potential problems with thread safety, programming language features that enforce it,

    Read the article

  • What is the best way to password protect folder/page using php without a db or username

    - by Salt Packets
    What is the best way to password protect folder using php without a database or user name but using. Basically I have a page that will list contacts for organization and need to password protect that folder without having account for every user . Just one password that gets changes every so often and distributed to the group. I understand that it is not very secure but never the less I would like to know how to do this. In the best way. It would be nice if the password is remembered for a while once user entered it correctly.

    Read the article

  • Torrents: Can I protect my software by sending wrong bytes?

    - by Martijn Courteaux
    Hi, It's a topic that everyone interests. How can I protect my software against stealing, hacking, reverse engineering? I was thinking: Do my best to protect the program for reverse engineering. Then people will crack it and seed it with torrents. Then I download my own cracked software with a torrent with my own torrent-software. My own torrent-software has then to seed incorrect data (bytes). Of course it has to seed critical bytes. So people who want to steal my software download my wrong bytes. Just that bytes that are important to startup, saving and loading data, etc... So if the stealer download from me (and seed it later) can't do anything with it, because it is broken. Is this idea relevant? Maybe, good torrent-clients check hashes from more peers to check if the packages (containing my broken bytes) I want to seed are correct or not? Thanks

    Read the article

  • Is it possible to password protect an SQL server database even from administrators of the server ?

    - by imanabidi
    I want to install an application (ASP.Net + SQL server 2005 express) in local network of some small company for demo but I also want nobody even sysadmin see anything direct from the database and any permission wants a secure pass . I need to spend more time on this article Database Encryption in SQL Server 2008 Enterprise Edition that i found from this answer is-it-possible-to-password-protect-an-sql-server-database but 1.I like to be sure and more clear on this because the other answer in this page says : Yes. you can protect it from everyone except the administrators of the server. 2.if this is possible, the db have to be enterprise edition ? 3.is there any other possible solutions and workaround for this? thanks in advance

    Read the article

  • how to protect telnet access to smtp port 25?

    - by Michael Mao
    Hi all: Please consider the following: 192-168-1-106:~ michael$ telnet <remote_server_ip> 25 Trying <remote_server_ip>... Connected to li*****.linode.com. Escape character is '^]'. 220 mindinscription.net ESMTP Postfix (Ubuntu) quit 221 2.0.0 Bye Connection closed by foreign host. Is this very bad? how to protect port 25 from malicious attackers? I've already set up a firewall, but not very sure what to do in this case. Basically I'd like to use this server to only send emails as alert messages, not receiving any external emails. Many thanks to the help in advance.

    Read the article

  • How do I protect business critical data against fire?

    - by Bill Knowles
    We have 72 hard drives that contain our webcast inventory. The number is increasing. We're located in a frame building and we are afraid of not only fire, but catastrophic fire. I've priced fireproof safes that hold to the required 125F for hard drives. Their price is through the roof. Seems to me if we made backups of each of the hard drives and stored them off-site somewhere, or contracted with an online backup storage company, we might run up a bill buying backup drives that would approach the $7,000 cost of the safe! What's the best way to protect our data from the risk of fire?

    Read the article

  • How to protect Ruby on Rails code on external server?

    - by Phil Byobu
    I have to deploy a Ruby on Rails Applications on a client's server and I do not want them to be able to view or modify the source code. How would you protect the code technically? I thought about building a linux-based virtual machine with an encrypted filesystem where the application code resides. The client has no root access, or direct access to the system at all. All services start automatically and the application is ready to use. What would you suggest?

    Read the article

  • Ubuntu: crypt user's home directory and protect from admin ?

    - by Luc
    I have the following problem: I need to run some scripts on a Ubuntu machine but I do not want those scripts to be visible by anybody. What could be the best way to do that ? I was thinking of the following: create a particular user Add the scripts in this user's home directory Protect + crypt the user's home directory = Can I run the script from outside if the directory is crypted ? Can superuser see the content of the home dir ? Is there a right way to do this ? UPDATE I thing the best way would be that root own those scripts. In this case I would need to allow an another user to modify the network configuration. Is it possible to ONLY provide network rights to a user ? (via sudo or else)

    Read the article

  • What is a "good" tool to password-protect .pdf files?

    - by Marius Hofert
    What is a "good" tool to encrypt (password protect) .pdf files? (without being required to buy additional software; the protection can be created under linux but the password query should work on Windows, too) I know that zip can do it: zip zipfile_name_without_ending -e files_to_encrypt.foo What I don't like about this is that for a single file, you have to use Winzip to open the zip and then click the file again. I rather would like to be prompted for a password when opening the .pdf (single file case). I know that pdftk can do this: pdftk foo.pdf output foo_protected.pdf user_pw mypassword. The problem here is that the password is displayed in the terminal -- even if you use ... user_pw PROMPT. But in the end you get a password-protected .pdf and you are prompted for the password when opening the file.

    Read the article

  • Intermittent error thrown, "A required anti-forgery token was not supplied or was invalid."

    - by Dave K
    I'm occasionally getting this error during normal use, and I've not found a way to stop it without removing the attribute that requires the token, which I'd rather not do. I've gotten this bug during my own testing (but seemingly randomly) and I know from my logging that actual logged-in users are getting it as well. Does anyone know what would cause the antiforgerytoken system to break (other than a real attack), and how I could fix this without opening up a security hole in my forms? Thanks!

    Read the article

  • Prevent Cross-site request forgery - Never Rely on The SessionID Sent to Your Server in The Cookie H

    - by Yan Cheng CHEOK
    I am reading the tutorial at http://code.google.com/p/google-web-toolkit-incubator/wiki/LoginSecurityFAQ It states Remember - you must never rely on the sessionID sent to your server in the cookie header ; look only at the sessionID that your GWT app sends explicitly in the payload of messages to your server. Is it use to prevent http://en.wikipedia.org/wiki/Cross-site_request_forgery#Example_and_characteristics With this mythology, is it sufficient enough to prevent to above attack?

    Read the article

  • Cross-site request forgery protections: Where do I put all these lines?

    - by brilliant
    Hello, I was looking for a python code that would be able to log in from "Google App Engine" to some of my accounts on some websites (like yahoo or eBay) and was given this code: import urllib, urllib2, cookielib url = "https://login.yahoo.com/config/login?" form_data = {'login' : 'my-login-here', 'passwd' : 'my-password-here'} jar = cookielib.CookieJar() opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(jar)) form_data = urllib.urlencode(form_data) # data returned from this pages contains redirection resp = opener.open(url, form_data) # yahoo redirects to http://my.yahoo.com, so lets go there instead resp = opener.open('http://mail.yahoo.com') print resp.read() Unfortunately, this code didn't work, so I asked another question here and one supporter among other things said this: "You send MD5 hash and not plain password. Also you'd have to play along with all kinds of CSRF protections etc. that they're implementing. Look: <input type="hidden" name=".tries" value="1"> <input type="hidden" name=".src" value="ym"> <input type="hidden" name=".md5" value=""> <input type="hidden" name=".hash" value=""> <input type="hidden" name=".js" value=""> <input type="hidden" name=".last" value=""> <input type="hidden" name="promo" value=""> <input type="hidden" name=".intl" value="us"> <input type="hidden" name=".bypass" value=""> <input type="hidden" name=".partner" value=""> <input type="hidden" name=".u" value="bd5tdpd5rf2pg"> <input type="hidden" name=".v" value="0"> <input type="hidden" name=".challenge" value="5qUiIPGVFzRZ2BHhvtdGXoehfiOj"> <input type="hidden" name=".yplus" value=""> <input type="hidden" name=".emailCode" value=""> <input type="hidden" name="pkg" value=""> <input type="hidden" name="stepid" value=""> <input type="hidden" name=".ev" value=""> <input type="hidden" name="hasMsgr" value="0"> <input type="hidden" name=".chkP" value="Y"> <input type="hidden" name=".done" value="http://mail.yahoo.com"> <input type="hidden" name=".pd" value="ym_ver=0&c=&ivt=&sg="> I am not quite sure where he got all these lines from and where in my code I am supposed to add them. Do You have any idea? I know I was supposed to ask him this question first, and I did, but he never returned, so I decided to ask a separate question here.

    Read the article

  • How do you protect a common resource using mutexes?

    - by Steve
    I have a common resource, which I want 1 and only 1 instance of my application (or it's COM API) to have access to at any time. I have tried to protect this resource using mutexes, but when multiple threads of a host dotnet application try to access the COM object, the mutex doesn't seem to be released. This is the code I have used to protect my resource. repeat Mutex := CreateMutex(nil, True, PChar('Connections')); until (Mutex <> 0) and (GetLastError <> ERROR_ALREADY_EXISTS); try //use resource here! finally CloseHandle(Mutex); end; If I run the threads simultaneously, the first thread get's through (obviously, being the first one to create the mutex), but subsequent threads are caught in the repeat loop. If I run each thread at 5 second intervals, then all is ok. I suspect I'm not using mutexes correctly here, but I have found very little documentation about how to do this. Any ideas?

    Read the article

  • How to **delete-protect** a file or folder on Windows Server 2003 and onwards using C#/Vb.Net?

    - by Steve Johnson
    Hi all, Is it possible to delete-protect a file/folder using Registry or using a custom written Windows Service in C#? Using Folder Permissions it is possible, but i am looking for a solution that even restricts the admin from deleting specific folders. The requirement is that the administrator must not be easily track the nature of protection and/or may not be able to avert it easily. Obviously all administrators will be able to revert the procedure if the technique is clearly understood. Like folder Permissions/OwnerShip Settings can easily be reset by an administrator. SO that is not an option. Folder protection software can easily be uninstalled and show clear indication that a particular folder is protected by some special kind of software. SO that too is not an option. Most antivirus programs protect folders and files in Program Dir. Windows itself doesnt allow certain files such as registry files in c:\windows\system32\config to not even copied. Such a protection is desired for folders which allowse to read and write to files but not allow deletion. Similar functionality is desired. The protection has to seemless and invisible. I do not want to use any protection features like FolderLock and Invisible secrets/PC Security and Desktop password etc. Moreover, the solution has to be something other than folder encryption. The solution has to be OS-native so ** that it may implemented ** pro grammatically using C#/VB.Net. Please help. Thanks

    Read the article

  • GWT RPC - Does it do enough to protect against CSRF ?

    - by sri
    GWT's RPC mechanism does the following things on every HTTP Request - Sets two custom request headers - X-GWT-Permutation and X-GWT-Module-Base Sets the content-type as text/x-gwt-rpc; charset=utf-8 The HTTP request is always a POST, and on server side GET methods throw an exception (method not supported). Also, if these headers are not set or have the wrong value, the server fails processing with an exception "possibly CSRF?" or something to that effect. Question is : Is this sufficient to prevent CSRF? Is there a way to set custom headers and change content type in a pure cross-site request forgery method?

    Read the article

  • When running a shell script, how can you protect it from overwriting or truncating files?

    - by Joseph Garvin
    If while an application is running one of the shared libraries it uses is written to or truncated, then the application will crash. Moving the file or removing it wholesale with 'rm' will not cause a crash, because the OS (Solaris in this case but I assume this is true on Linux and other *nix as well) is smart enough to not delete the inode associated with the file while any process has it open. I have a shell script that performs installation of shared libraries. Sometimes, it may be used to reinstall versions of shared libraries that were already installed, without an uninstall first. Because applications may be using the already installed shared libraries, it's important the the script is smart enough to rm the files or move them out of the way (e.g. to a 'deleted' folder that cron could empty at a time when we know no applications will be running) before installing the new ones so that they're not overwritten or truncated. Unfortunately, recently an application crashed just after an install. Coincidence? It's difficult to tell. The real solution here is to switch over to a more robust installation method than an old gigantic shell script, but it'd be nice to have some extra protection until the switch is made. Is there any way to wrap a shell script to protect it from overwriting or truncating files (and ideally failing loudly), but still allowing them to be moved or rm'd? Standard UNIX file permissions won't do the trick because you can't distinguish moving/removing from overwriting/truncating. Aliases could work but I'm not sure what entirety of commands need to be aliased. I imagine something like truss/strace except before each action it checks against a filter whether to actually do it. I don't need a perfect solution that would work even against an intentionally malicious script. Ideas I have so far: Alias cp to GNU cp (not the default since I'm on Solaris) and use the --remove-destination option. Alias install to GNU install and use the --backup option. It might be smart enough to move the existing file to the backup file name rather than making a copy, thus preserving the inode. "set noclobber" in ~/.bashrc so that I/O redirection won't overwrite files

    Read the article

  • How do you protect your software from illegal distribution?

    - by petr k.
    I am curious about how do you protect your software against cracking, hacking etc. Do you employ some kind of serial number check? Hardware keys? Do you use any third-party solutions? How do you go about solving licensing issues? (e.g. managing floating licenses) EDIT: I'm not talking any open source, but strictly commercial software distribution...

    Read the article

  • How to you password protect a page with Wicket?

    - by Kane
    I want to password protect a webpage in Wicket so the user may only access it if he/she has logged in. I'd also like the page to show the login page, and then after logging in the original page the user was trying to get to. How is this done with wicket? I've already created a login page and extended the session class.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >