Search Results

Search found 4187 results on 168 pages for 'secure erase'.

Page 104/168 | < Previous Page | 100 101 102 103 104 105 106 107 108 109 110 111  | Next Page >

• How to setup a tunneled connection to a NAS?

  - by Jan

  Hi there, While looking into alternatives for Dropbox I explored the idea of a NAS. It would be easy to hook up the NAS to a broadband connection and have the users access the files. However, - The data needs to be encrypted on the NAS itself (in case it gets stolen). - The connection to the NAS needs to be secure (VPN?). - The drive needs to appear as a drive under windows (so no https). Any ideas? Thanks in advance, I can't seem to find the final solution! Jan

  Read the article

• what are security implications of running Ubuntu inside Windows 7?

  - by EndangeringSpecies

  I am thinking of switching to Ubuntu as a way of making web browsing more secure. So, suppose I will go the easy route and run Ubuntu as an app inside Windows and then run Firefox inside of that. What will this do to the security given the current threat environment? E.g. do most online threats nowadays target the browser and flash (which presumably would be safely sandboxed inside easy to wipe Ubuntu environment) or do they target the Windows TCP-IP stack where Ubuntu would give no protection? Well, most likely the above question does not come near to covering all the security implications of this setup :-), so please do discuss whatever other issues that may be relevant here.

  Read the article

• How do you configure ISC Bind to support GSS-TSIG Updates?

  - by netlinxman

  First, has anyone EVER configured ISC bind 9.5.0 OR greater with support for GSS-TSIG Dynamic DNS Updates AND gotten it to work? If so, what is the configuration that was used to make that happen? I feel close to having this working. I see that GSS cred passes w/o apparent error during the TKEY negotiation with an Active Directory DC and the BIND DNS server: client 192.168.0.30#52314: query gss cred: "DNS/[email protected]", GSS_C_ACCEPT, 4294967256 gss-api source name (accept) is [email protected] process_gsstkey(): dns_tsigerror_noerror client 192.168.0.30#52314: send But, when the Update is sent, it is refused: client 192.168.0.30#58330: update client 192.168.0.30#58330: updating zone 'example.com/IN': update failed: rejected by secure update (REFUSED) client 192.168.0.30#58330: send Does anyone have this working in the real world?

  Read the article

• How ssl is usually set up on shared hosting (newbie question)?

  - by spirytus

  I am quite unclear on how ssl is usually set up on shared hosting. I have account with justhost.com and they provided me with public_html folder and (its sibling) ssl folder. When I create ssl certificates via cPanel it appears in SSL folder. Now, where I should put my html files to be accessible via https:// rather than http? normal files go into public_html (I figured this out ;) what about secure bunch? Also how can I specify that secured folder shouldn't be the ssl folder (if its the one in fact) but rather some other folder I specify? Is it possible at all with shared hosting? Thank you all for your help, I googled for hours and still am heavily confused as you see :)

  Read the article

• architecture and tools for a remote control application?

  - by slothbear

  I'm working on the design of a remote control application. From my iPhone or a web browser, I'll send a few commands. Soon my home computer will perform the commands and send back results. I know there are remote desktop apps, but I want something programmable, something simpler, and something that I wrote. My current direction is to use Amazon Simple Queue Service (SQS) as the message bus. The iPhone places some messages in a queue. My local Java/JRuby program notices the messages on the queue, performs the work and sends back status via a different queue. This will be a very low-volume application. At $1.00 for a million requests (plus a handful of data transfer charges), Amazon SQS looks a lot more affordable than having my own server of any type. And super reliable, that's important for me too. Are there better/standard toolkits or architectures for this kind of remote control? Cost is not a big issue, but I prefer the tons I learn by doing it myself. I'm moderately concerned about security, but doubt it will be a problem. The list of commands recognized will be very short, and only recognized in specific contexts. No "erase hard drive" stuff. update: I'll probably distribute these programs to some other people who want the same function, but who don't have Amazon SQS accounts. For now, they'll use anonymous access to my queues, with random 80-character queue names.

  Read the article

• Is WEP used in conjunction with a wireless access list adequate security?

  - by LeopardSkinPillBoxHat

  I use a Netgear wireless router, with various wireless devices connecting to it. One of my wireless devices doesn't support WPA2 security, so I had to downgrade the security on the router to WEP. We all know WEP is broken, so as an added measure I enabled a wireless access list on the router so that only devices with specified MAC addresses which are in my access list are permitted to connect to the router. I know it is possible to spoof a MAC address from a device for the purposes of accessing a secure network like this. But is it easy? Is using WEP and a wireless access list good enough to prevent most hacking attacks? Or should I do whatever I can to ensure all devices support WPA2 in the future?

  Read the article

• Restrict access to SSH for one specific user

  - by j0nes

  I am looking for a way to secure my servers with the following setup: I have a server where I can log in via SSH. The main account there (named "foo") is secured by a keybased login with password. I have another user account (named "bar") that I use to log in via cronjobs running on other servers - this one also has keybased login, but without password. Now I want to limit access to this machine for the "bar" account. The account should only be accessible via known IPs. However, the "foo" account should not be affected by this, this one should basically be accessible from any IP. How can I manage this? Or is there a simpler solution to everything?

  Read the article

• Why doesn't this for-loop execute?

  - by Maulrus

  I'm writing a program for an exercise that will read data from a file and format it to be readable. So far, I have a bit of code that will separate a header from the data that goes under it. Here it is: int main() { ifstream in("records.txt"); ofstream out("formatted_records.txt"); vector<string> temp; vector<string> headers; for (int i = 0; getline(in,temp[i]); ++i) { static int k = -1; if (str_isalpha(temp[i])) { headers[++k] = temp[i]; temp.erase(temp.begin() + i); } else { temp[i] += "," + headers[k]; } } } (str_isalpha() is just a function that applies isalpha() to every character in a string.) Now, the for-loop in this program doesn't execute, and I can't figure out why. Does anybody know?

  Read the article

• veriSign SSL Cert for subdomain

  - by Asghar

  I have purchase SSL for secure Site from Verisign. I have configured it and its working properly on https://www.example.com . I have subdomain app.example.com . i need to work SSL on this domain also. I have 2 Questions. 1- Will same SSL will work for the subdomain too? [My SSL is not wildcard SSL] 2- If it will not work. then how can i change the same SSL that it should only work on app.example.com. i mean is there any way to change purchased SSL for subdomain. and How can i do this. https://www.example.com and http://app.example.com point to the same IP address xxx.xxx.xxx.xxx

  Read the article

• Host a SSTP VPN Server on Windows 8

  - by Maarten

  I have a small server computer running Windows 8 at home. Currently it is hosting a PPTP VPN server using the build-in Windows 8 functionality for that. What I would want is something more secure, like an SSTP VPN server. However, I can't find any functionality of windows 8 or 3rd party software that can HOST a SSTP vpn server on Windows 8. I've only seen Client stuff and vpn pass trough services via google, all which i don't want/need. The only HOST stuff i find via google is the PPTP i set up currently. Is there any way of hosting a SSTP VPN server on my home machine? Thanks in advance, Maarten

  Read the article

• Tomcat "connection interrupted" with ssl

  - by Mike Thomsen

  I can access Tomcat on port 8080, but not on 8443. When I try o get there, this is the error I get in Firefox: The connection was interrupted The connection to the.fqdn.com:8443 was interrupted while the page was loading. This is my connector: <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="want" sslProtocol="TLS" keystoreFile="C:\temp\keystore.jks" keystorePass="changeit"/> I have the CA key in the jre's cacerts file. The server cert was generated using EJBCA and should be signed properly. Any suggestions on what is going on?

  Read the article

• How to let users change linux password from web browser?

  - by wag2639

  I'm not sure if this is a stackoverflow question or serverfault but here goes: I have an Ubuntu 10.04 file server (Samba/FTP/HTTP) and I would like to have the ability to give users the ability to change their password to the server using their web browser. I've written a similar script before using PHP and a mess of exec but I believe that isn't secure because it can be listened to by someone looking at the list of processes on the server. Is there some kind of plugin (PHP or Python or other) that can do this easily? I rather not use something like webmin as it's overkill for this.

  Read the article

• How to create one additional hidden partition in a USB drive

  - by backslash17

  For security purposes I need to locate a additional hidden partition on USB flash drive. The USB drive contains a security application that will check (in code) if the hidden partition exists. If not I will assume that the application is a non valid copy. Any idea about it? Thanks in advance. EDIT: There is already a programmed secure method to check if the USB drive is correct using the WMI Win32_drive class. The idea is to locate the drive info into the hidden partition and to check if it correct for anti-tampering procedures.

  Read the article

• How can I transfer a logged in user's login data from one server to another?

  - by Martin

  I have one server "A" where users can login. Login is verified by an LDAP server "L". I have a different server "B" were users can log in, too. Login is verified by the same LDAP server as before. Both servers are standard web servers with PHP. My goal is: If a user is logged in to server "A", and if he clicks a link to log in to server "B", the user should automatically be logged in without re-entering username and password. What is a good and secure way to achieve this? I can't submit username and crypted password to server "B". I can't use the PHP session of server "A", because it does not exit on "B". Cookies won't work either. I think that there is a way, but I just can't see it. Any help is very much appreciated.

  Read the article

• Web Server Users - Best Practice

  - by Toby

  I was wondering what is considered best practice when several developers/administrators require access to the same web server. Should there be one non-root user with a secure username and password unqiue to the web server which everyone logs in as or should there be a username for each person. I am leaning towards a username for each person to aid in logging etc however then does the same user keep the same credentials over several servers, or should at least their password change depending on the server they are on? Should any non-root user of the system be added to the sudoers file or is it best practice to leave everyone off it and only let root perform certain tasks? Any help would be greatly appreciated.

  Read the article

• Web Server Users - Best Practice

  - by Toby

  I was wondering what is considered best practice when several developers/administrators require access to the same web server. Should there be one non-root user with a secure username and password unqiue to the web server which everyone logs in as or should there be a username for each person. I am leaning towards a username for each person to aid in logging etc however then does the same user keep the same credentials over several servers, or should at least their password change depending on the server they are on? Should any non-root user of the system be added to the sudoers file or is it best practice to leave everyone off it and only let root perform certain tasks? Any help would be greatly appreciated.

  Read the article

• Good way to store domain CSR and KEY files

  - by Bert Goethals

  For my company I'm starting to manage more and more domains; and with that more and more certificates for those domains. What is a good way to store the basic KEY and CSR files generated? I was considering a git repo on our private code server. This does not seem secure enough though. Would you suggest and other system, or how this can be done securely with a source control system like git? Also: Does it make sense to store the CRT files and CA files in use?

  Read the article

• Intermediate SSL Certificates on Azure Websites

  - by amhed

  I have successfully configured an Extended-Validation Certificate on an Azure Website following this article: http://www.windowsazure.com/en-us/documentation/articles/web-sites-configure-ssl-certificate/ The main (non-technical) stakeholder of the web application went through great lengths to validate that our site is secure. He went to this site to check the validity of our SSL: http://www.whynopadlock.com/ The site throw the following error: `SSL verification issue (Possibly mis-matched URL or bad intermediate cert.). Details: ERROR: no certificate subject alternative name matches`` The certificate is installed using IP Based SSL instead of SNI. This is done this way because some site visitors still use Internet Explorer 8 on Windows XP, which has no support for SNI and throws a security warning. Is my certificate correclty installed? I received three .CRT files from my SSL provider: PrimaryIntermediate.crt SecondaryIntermediate.crt EndCertificate.crt This is how I exported our certificate as a .PFX file to Azure: openssl pkcs12 -export -out myserver.pfx -inkey myserver.key -in myserver.crt

  Read the article

• Black screen during startup

  - by Juanillo

  Hello, I've got a friend with a weird problem. When he starts his computer the screen is completely black untile the computer is completely started. So the screen is black until it suddenly shows the windows desktop. He said that this is happening since a technical service repaired his computer, but that repairment is not now in warranty. Recently the computer stopped working, but as the screen is black he cannot access to Bios or to secure start-up (by pressing F8). When he inserts the Windows Vista DVD the system doesn't boot from DVD (it musn't be configured in this way in the Bios.) Maybe there´s a problem with the hardware (maybe the graphic card). Can anyone explain a reason why the screen is black during start-up? Any idea of what to do with the computer to restore it? Thanks.

  Read the article

• UNC vs. SFTP vs. SSH for uploading to a Windows server

  - by apollodude217

  I understand that UNC, SFTP, and SSH are, of course, different interfaces (protocols?). But feature-wise, how do they differ? Are there things you can do with one that you cannot do with another? Is one more secure than another? The situation I want to fix is one where we have several Windows servers and VPC's, some of which have SFTP servers and some of which don't. For those that don't we use UNC over a VPN shared by the entire enterprise. What I want to do is either use all UNC, all SFTP, or all SSH (unless a real need to vary on a case-by-case basis presents itself). Links would be excellent. My biggest problem here is that my googling brings up irrelevant results. :(

  Read the article

• File sometimes doesn't download from my website

  - by kylex

  When I attempt to download this file, sometimes it only downloads about 700KB (the file is 40MB) then I get the message that the download is complete. If I try to download the file again, it works properly. The problem seems prevalent in IE, although I've had it happen in Chrome sometimes too. I have the following code: <input type="button" value="Agree to Terms and Download" onClick="location.href='/downloads/setup.exe';" /> If it matters, this is over a secure connection. I also tried zipping the file, and had the same issues.

  Read the article

• Apache https configurations

  - by sissonb

  I am trying to setup my domain name with a self signed cert. I created the cert and placed the server.key and server.crt files into C:/apache/config/ Then I updated my httpd.confg host to include the following, <VirtualHost 192.168.5.250:443> DocumentRoot C:/www ServerName mydomain.com:443 ServerAlias www.mydomain.com:443 SSLEngine on SSLCertificateFile C:/apache/conf/server.crt SSLCertificateKeyFile C:/apache/conf/server.key SSLVerifyClient none SSLProxyEngine off SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog logs/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost> Now when I go to https://mydomain.com I get the following error. SSL connection error Unable to make a secure connection to the server. This may be a problem with the server, or it may be requiring a client authentication certificate that you don't have. Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error. Can anyone see what I'm doing wrong? Thanks!

  Read the article

• Why are email transfers between mail servers often not encrypted? Why aren't users warned about it?

  - by AmV

  Users can often choose if they want to access their email provider (such as Gmail) using a secure channel (e.g. using HTTPS). However, to the best of my knowledge, when it comes to mail-server-to-mail-server communications, most emails are still transferred in plain text and not encrypted, making it possible to anybody on the network to read their content. Are there any technologies that give the user some guarantees that his emails are sent securely from end to end ? Why not let the user know when encryption is not supported and let him choose if he wants his email to be still delivered ?

  Read the article

• What kind of SSL certificate do I need?

  - by Christoffer

  Hi, I want to install HTTPS on my server and I wonder what kind of certificate I will need and where I can buy it. The site is a web application that demands high security by it's users since they store sensitive business data. I am also integrating a third party payment gateway into the register process of the site and need a secure way to send credit card data one way. I do not intend to store this data in our own database. So, what do I need? And also, how do I install it on Ubuntu Server 9.10 / Apache2 ? Cheers! Christoffer

  Read the article

• Implementing list position locator in C++?

  - by jfrazier

  I am writing a basic Graph API in C++ (I know libraries already exist, but I am doing it for the practice/experience). The structure is basically that of an adjacency list representation. So there are Vertex objects and Edge objects, and the Graph class contains: list<Vertex *> vertexList list<Edge *> edgeList Each Edge object has two Vertex* members representing its endpoints, and each Vertex object has a list of Edge* members representing the edges incident to the Vertex. All this is quite standard, but here is my problem. I want to be able to implement deletion of Edges and Vertices in constant time, so for example each Vertex object should have a Locator member that points to the position of its Vertex* in the vertexList. The way I first implemented this was by saving a list::iterator, as follows: vertexList.push_back(v); v->locator = --vertexList.end(); Then if I need to delete this vertex later, then rather than searching the whole vertexList for its pointer, I can call: vertexList.erase(v->locator); This works fine at first, but it seems that if enough changes (deletions) are made to the list, the iterators will become out-of-date and I get all sorts of iterator errors at runtime. This seems strange for a linked list, because it doesn't seem like you should ever need to re-allocate the remaining members of the list after deletions, but maybe the STL does this to optimize by keeping memory somewhat contiguous? In any case, I would appreciate it if anyone has any insight as to why this happens. Is there a standard way in C++ to implement a locator that will keep track of an element's position in a list without becoming obsolete? Much thanks, Jeff

  Read the article

< Previous Page | 100 101 102 103 104 105 106 107 108 109 110 111  | Next Page >