Search Results

Search found 4187 results on 168 pages for 'secure erase'.

Page 104/168 | < Previous Page | 100 101 102 103 104 105 106 107 108 109 110 111  | Next Page >

• How to create one additional hidden partition in a USB drive

  - by backslash17

  For security purposes I need to locate a additional hidden partition on USB flash drive. The USB drive contains a security application that will check (in code) if the hidden partition exists. If not I will assume that the application is a non valid copy. Any idea about it? Thanks in advance. EDIT: There is already a programmed secure method to check if the USB drive is correct using the WMI Win32_drive class. The idea is to locate the drive info into the hidden partition and to check if it correct for anti-tampering procedures.

  Read the article

• architecture and tools for a remote control application?

  - by slothbear

  I'm working on the design of a remote control application. From my iPhone or a web browser, I'll send a few commands. Soon my home computer will perform the commands and send back results. I know there are remote desktop apps, but I want something programmable, something simpler, and something that I wrote. My current direction is to use Amazon Simple Queue Service (SQS) as the message bus. The iPhone places some messages in a queue. My local Java/JRuby program notices the messages on the queue, performs the work and sends back status via a different queue. This will be a very low-volume application. At $1.00 for a million requests (plus a handful of data transfer charges), Amazon SQS looks a lot more affordable than having my own server of any type. And super reliable, that's important for me too. Are there better/standard toolkits or architectures for this kind of remote control? Cost is not a big issue, but I prefer the tons I learn by doing it myself. I'm moderately concerned about security, but doubt it will be a problem. The list of commands recognized will be very short, and only recognized in specific contexts. No "erase hard drive" stuff. update: I'll probably distribute these programs to some other people who want the same function, but who don't have Amazon SQS accounts. For now, they'll use anonymous access to my queues, with random 80-character queue names.

  Read the article

• Which is better for multi-use auth, MySQL, PostgreSQL, or LDAP?

  - by Fearless

  I want to set up an Oracle Linux 6 server that gives users secure IMAP email (with dovecot), Jabber IM, FTP (with vsftpd), and calDav. However, I want each user logon to be able to authenticate all services (e.g. Joe Smith signs up once for a username and password that he can use for email, ftp, and his calendar). My question is, which database service will be best suited for that application? Also, is there a way to link the database with the preexisting server shell logins (e.g. so I can read the root account's LogCheck emails on a different device)?

  Read the article

• Intermediate SSL Certificates on Azure Websites

  - by amhed

  I have successfully configured an Extended-Validation Certificate on an Azure Website following this article: http://www.windowsazure.com/en-us/documentation/articles/web-sites-configure-ssl-certificate/ The main (non-technical) stakeholder of the web application went through great lengths to validate that our site is secure. He went to this site to check the validity of our SSL: http://www.whynopadlock.com/ The site throw the following error: `SSL verification issue (Possibly mis-matched URL or bad intermediate cert.). Details: ERROR: no certificate subject alternative name matches`` The certificate is installed using IP Based SSL instead of SNI. This is done this way because some site visitors still use Internet Explorer 8 on Windows XP, which has no support for SNI and throws a security warning. Is my certificate correclty installed? I received three .CRT files from my SSL provider: PrimaryIntermediate.crt SecondaryIntermediate.crt EndCertificate.crt This is how I exported our certificate as a .PFX file to Azure: openssl pkcs12 -export -out myserver.pfx -inkey myserver.key -in myserver.crt

  Read the article

• How do you configure ISC Bind to support GSS-TSIG Updates?

  - by netlinxman

  First, has anyone EVER configured ISC bind 9.5.0 OR greater with support for GSS-TSIG Dynamic DNS Updates AND gotten it to work? If so, what is the configuration that was used to make that happen? I feel close to having this working. I see that GSS cred passes w/o apparent error during the TKEY negotiation with an Active Directory DC and the BIND DNS server: client 192.168.0.30#52314: query gss cred: "DNS/[email protected]", GSS_C_ACCEPT, 4294967256 gss-api source name (accept) is [email protected] process_gsstkey(): dns_tsigerror_noerror client 192.168.0.30#52314: send But, when the Update is sent, it is refused: client 192.168.0.30#58330: update client 192.168.0.30#58330: updating zone 'example.com/IN': update failed: rejected by secure update (REFUSED) client 192.168.0.30#58330: send Does anyone have this working in the real world?

  Read the article

• Host a SSTP VPN Server on Windows 8

  - by Maarten

  I have a small server computer running Windows 8 at home. Currently it is hosting a PPTP VPN server using the build-in Windows 8 functionality for that. What I would want is something more secure, like an SSTP VPN server. However, I can't find any functionality of windows 8 or 3rd party software that can HOST a SSTP vpn server on Windows 8. I've only seen Client stuff and vpn pass trough services via google, all which i don't want/need. The only HOST stuff i find via google is the PPTP i set up currently. Is there any way of hosting a SSTP VPN server on my home machine? Thanks in advance, Maarten

  Read the article

• veriSign SSL Cert for subdomain

  - by Asghar

  I have purchase SSL for secure Site from Verisign. I have configured it and its working properly on https://www.example.com . I have subdomain app.example.com . i need to work SSL on this domain also. I have 2 Questions. 1- Will same SSL will work for the subdomain too? [My SSL is not wildcard SSL] 2- If it will not work. then how can i change the same SSL that it should only work on app.example.com. i mean is there any way to change purchased SSL for subdomain. and How can i do this. https://www.example.com and http://app.example.com point to the same IP address xxx.xxx.xxx.xxx

  Read the article

• Forwarding 80 to 443 on Nagios woes

  - by Ethabelle

  I perhaps just need some extra insight because I don't see where I'm going wrong. I used an SSL Cert to secure our nagios server. We want to specifically require all traffic over nagios (like 2 users, lol) to use SSL. So I thought, oh, mod_rewrite + Rewrite Rule in .htaccess, right? So I went into the DocumentRoot and did a vi .htaccess (one didn't already exist) and then I put in the following rule; RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://our.server.org/$1 [R,L] This does absolutely nothing. Does nada. Whhhyy.. Note: AllowOverride all in httpd.conf is on. Also, I verified that the module is not uncommented out ... but note, I couldn't find the mod_rewrite module installed so I copied it over from another server and placed it in modules/mod_rewrite.so . It was weird because it was enabled in the httpd.conf file, but then didn't exist in modules ... I'm a baddie :(

  Read the article

• Top ten security tips for non-technical users

  - by Justin

  I'm giving a presentation later this week to the staff at the company where I work. The goal of the presentation is to serve as a refresher/remidner of good practices that can help keep our network secure. The audience is made up of both programmers and non-technical staff, so the presentation is geared for non-technical users. I want part of this presentation to be a top list of "tips". The list needs to be short (to encourage memory) and be specific and relevant to the user. I have the following five items so far: Never open an attachment you didn't expect Only download software from a trusted source, like download.com Do not distribute passwords when requested via phone or email Be wary of social engineering Do not store sensitive data on an FTP server I have two questions: Do you suggest any additional items? Do you suggest any changes to existing items?

  Read the article

• How to let users change linux password from web browser?

  - by wag2639

  I'm not sure if this is a stackoverflow question or serverfault but here goes: I have an Ubuntu 10.04 file server (Samba/FTP/HTTP) and I would like to have the ability to give users the ability to change their password to the server using their web browser. I've written a similar script before using PHP and a mess of exec but I believe that isn't secure because it can be listened to by someone looking at the list of processes on the server. Is there some kind of plugin (PHP or Python or other) that can do this easily? I rather not use something like webmin as it's overkill for this.

  Read the article

• Restrict access to SSH for one specific user

  - by j0nes

  I am looking for a way to secure my servers with the following setup: I have a server where I can log in via SSH. The main account there (named "foo") is secured by a keybased login with password. I have another user account (named "bar") that I use to log in via cronjobs running on other servers - this one also has keybased login, but without password. Now I want to limit access to this machine for the "bar" account. The account should only be accessible via known IPs. However, the "foo" account should not be affected by this, this one should basically be accessible from any IP. How can I manage this? Or is there a simpler solution to everything?

  Read the article

• How can I transfer a logged in user's login data from one server to another?

  - by Martin

  I have one server "A" where users can login. Login is verified by an LDAP server "L". I have a different server "B" were users can log in, too. Login is verified by the same LDAP server as before. Both servers are standard web servers with PHP. My goal is: If a user is logged in to server "A", and if he clicks a link to log in to server "B", the user should automatically be logged in without re-entering username and password. What is a good and secure way to achieve this? I can't submit username and crypted password to server "B". I can't use the PHP session of server "A", because it does not exit on "B". Cookies won't work either. I think that there is a way, but I just can't see it. Any help is very much appreciated.

  Read the article

• How ssl is usually set up on shared hosting (newbie question)?

  - by spirytus

  I am quite unclear on how ssl is usually set up on shared hosting. I have account with justhost.com and they provided me with public_html folder and (its sibling) ssl folder. When I create ssl certificates via cPanel it appears in SSL folder. Now, where I should put my html files to be accessible via https:// rather than http? normal files go into public_html (I figured this out ;) what about secure bunch? Also how can I specify that secured folder shouldn't be the ssl folder (if its the one in fact) but rather some other folder I specify? Is it possible at all with shared hosting? Thank you all for your help, I googled for hours and still am heavily confused as you see :)

  Read the article

• Is WEP used in conjunction with a wireless access list adequate security?

  - by LeopardSkinPillBoxHat

  I use a Netgear wireless router, with various wireless devices connecting to it. One of my wireless devices doesn't support WPA2 security, so I had to downgrade the security on the router to WEP. We all know WEP is broken, so as an added measure I enabled a wireless access list on the router so that only devices with specified MAC addresses which are in my access list are permitted to connect to the router. I know it is possible to spoof a MAC address from a device for the purposes of accessing a secure network like this. But is it easy? Is using WEP and a wireless access list good enough to prevent most hacking attacks? Or should I do whatever I can to ensure all devices support WPA2 in the future?

  Read the article

• Apache https configurations

  - by sissonb

  I am trying to setup my domain name with a self signed cert. I created the cert and placed the server.key and server.crt files into C:/apache/config/ Then I updated my httpd.confg host to include the following, <VirtualHost 192.168.5.250:443> DocumentRoot C:/www ServerName mydomain.com:443 ServerAlias www.mydomain.com:443 SSLEngine on SSLCertificateFile C:/apache/conf/server.crt SSLCertificateKeyFile C:/apache/conf/server.key SSLVerifyClient none SSLProxyEngine off SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog logs/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost> Now when I go to https://mydomain.com I get the following error. SSL connection error Unable to make a secure connection to the server. This may be a problem with the server, or it may be requiring a client authentication certificate that you don't have. Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error. Can anyone see what I'm doing wrong? Thanks!

  Read the article

• Good way to store domain CSR and KEY files

  - by Bert Goethals

  For my company I'm starting to manage more and more domains; and with that more and more certificates for those domains. What is a good way to store the basic KEY and CSR files generated? I was considering a git repo on our private code server. This does not seem secure enough though. Would you suggest and other system, or how this can be done securely with a source control system like git? Also: Does it make sense to store the CRT files and CA files in use?

  Read the article

• Why are email transfers between mail servers often not encrypted? Why aren't users warned about it?

  - by AmV

  Users can often choose if they want to access their email provider (such as Gmail) using a secure channel (e.g. using HTTPS). However, to the best of my knowledge, when it comes to mail-server-to-mail-server communications, most emails are still transferred in plain text and not encrypted, making it possible to anybody on the network to read their content. Are there any technologies that give the user some guarantees that his emails are sent securely from end to end ? Why not let the user know when encryption is not supported and let him choose if he wants his email to be still delivered ?

  Read the article

• UNC vs. SFTP vs. SSH for uploading to a Windows server

  - by apollodude217

  I understand that UNC, SFTP, and SSH are, of course, different interfaces (protocols?). But feature-wise, how do they differ? Are there things you can do with one that you cannot do with another? Is one more secure than another? The situation I want to fix is one where we have several Windows servers and VPC's, some of which have SFTP servers and some of which don't. For those that don't we use UNC over a VPN shared by the entire enterprise. What I want to do is either use all UNC, all SFTP, or all SSH (unless a real need to vary on a case-by-case basis presents itself). Links would be excellent. My biggest problem here is that my googling brings up irrelevant results. :(

  Read the article

• jQuery to find previous elements

  - by mike

  Hi everybody, I have the following table <table> <tr class="ligneI"> <td class="col2b"><input type="text" id="desc" class="calcule"></td> <td class="col2b"><input type="text" id="price" class="calcule"></td> <td class="calculated_price">220.00</td> <td class="calculated_price">1800.00</td> <td><a title="" class="picto06 deleteLink" id="deleteLink1" href="#" onclick="resetfields(this);">delete</a></td> </tr> <tr class="ligneI"> <td class="col2b"><input type="text" id="desc" class="calcule"></td> <td class="col2b"><input type="text" id="price" class="calcule"></td> <td class="calculated_price">87.00</td> <td class="calculated_price">40.00</td> <td><a title="" class="picto06 deleteLink" id="deleteLink2" href="#" onclick="resetfields(this);">delete</a></td> ... and I would like to reset the entire when i click on a delete link. I tried to do something like this: function resetfields(obj) { $(this).parent().prevAll('td.calcule').html('&nbsp;'); $(this).parent().prevAll('td input.calcule').val(''); } but only the first line erase the two first befor my link. Someone can help me please. Ps : excuse my english

  Read the article

• Tomcat "connection interrupted" with ssl

  - by Mike Thomsen

  I can access Tomcat on port 8080, but not on 8443. When I try o get there, this is the error I get in Firefox: The connection was interrupted The connection to the.fqdn.com:8443 was interrupted while the page was loading. This is my connector: <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="want" sslProtocol="TLS" keystoreFile="C:\temp\keystore.jks" keystorePass="changeit"/> I have the CA key in the jre's cacerts file. The server cert was generated using EJBCA and should be signed properly. Any suggestions on what is going on?

  Read the article

• Why doesn't this for-loop execute?

  - by Maulrus

  I'm writing a program for an exercise that will read data from a file and format it to be readable. So far, I have a bit of code that will separate a header from the data that goes under it. Here it is: int main() { ifstream in("records.txt"); ofstream out("formatted_records.txt"); vector<string> temp; vector<string> headers; for (int i = 0; getline(in,temp[i]); ++i) { static int k = -1; if (str_isalpha(temp[i])) { headers[++k] = temp[i]; temp.erase(temp.begin() + i); } else { temp[i] += "," + headers[k]; } } } (str_isalpha() is just a function that applies isalpha() to every character in a string.) Now, the for-loop in this program doesn't execute, and I can't figure out why. Does anybody know?

  Read the article

• OMG. Is Webmin safe? I can see file codes in Chrome browser without login

  - by Arwana

  When Im in File Manager of Webmin, I can double click and see the codes of the files in new tab in Firefox with its specific URL. But when I remove ?rand=xxxx... after the file.php and paste the URL in Chrome browser, I still can see the codes. This is the URL I just pasted in the Chrome browser http://xxx.xxx.xxx.xxx:10000/file/show.cgi/var/www/html/mysite.com/files/file.php And then, I logout of webmin, and I change the file.php with other file, I can see the codes. OMG. Is Webmin safe? and how to secure this?

  Read the article

• File sometimes doesn't download from my website

  - by kylex

  When I attempt to download this file, sometimes it only downloads about 700KB (the file is 40MB) then I get the message that the download is complete. If I try to download the file again, it works properly. The problem seems prevalent in IE, although I've had it happen in Chrome sometimes too. I have the following code: <input type="button" value="Agree to Terms and Download" onClick="location.href='/downloads/setup.exe';" /> If it matters, this is over a secure connection. I also tried zipping the file, and had the same issues.

  Read the article

• What kind of SSL certificate do I need?

  - by Christoffer

  Hi, I want to install HTTPS on my server and I wonder what kind of certificate I will need and where I can buy it. The site is a web application that demands high security by it's users since they store sensitive business data. I am also integrating a third party payment gateway into the register process of the site and need a secure way to send credit card data one way. I do not intend to store this data in our own database. So, what do I need? And also, how do I install it on Ubuntu Server 9.10 / Apache2 ? Cheers! Christoffer

  Read the article

• Enabling SFTP Access within PLESK

  - by spelley

  I have a client who wants to ensure his upload is secure, so we are trying to enable SFTP for him on our Linux PLESK server. I have enabled SSH access to bin/bash for FTP accounts, and created a new user. When I attempt to SFTP using either the IP address or the domain name, this is the error FileZilla is giving me: Error: Authentication failed. Error: Critical error Error: Could not connect to server Here is some basic information regarding the server: Operating system Linux 2.6.24.5-20080421a Plesk Control Panel version psa v8.6.0_build86080930.03 os_CentOS 5 I had read in some places that I should reboot the SSH Service in Server - Services, however, there is no SSH Service within the list. I'm not really a server guy so it's quite possible I'm missing something obvious. Thanks for any help that you guys can provide!

  Read the article

< Previous Page | 100 101 102 103 104 105 106 107 108 109 110 111  | Next Page >