Search Results

Search found 41203 results on 1649 pages for 'two way encryption'.

Page 11/1649 | < Previous Page | 7 8 9 10 11 12 13 14 15 16 17 18  | Next Page >

  • Transparent Data Encryption (TDE) in SQL Server

    There are several ways to implement encryption in SQL Server; Arshad Ali focuses on Transparent Data Encryption (TDE), which was introduced in SQL Server 2008 and is available in later releases. 24% of devs don’t use database source control – make sure you aren’t one of themVersion control is standard for application code, but databases haven’t caught up. So what steps can you take to put your SQL databases under version control? Why should you start doing it? Read more to find out…

    Read the article

  • Achieving AES-256 Channel Encryption with the .NET Compact Framework

    - by Ev
    Hi There, I am working on a business application where the clients are Windows Mobile 6.1 Professional devices. The server is a Java enterprise application. The industry working group recommends AES-256 encryption for client/server communications. This is necessary to gain certification. The encryption doesn't necessarily need to be channel encryption, it could be payload encryption. Channel encryption is preferable. The client and server communicate using SOAP/HTTP, which we are yet to implement. We plan to use WCF on the compact framework. In order to alleviate some of the work required to implement manual encryption/decryption, it would be nice if we could achieve the required encryption either at the TLS level, or somehow using the WS-* standards (I'm not particularly familiar with that group of technologies but I am learning right now). The server supports https with 256-bit AES. Does anybody have an idea on the best way to implement this? Thanks in advance.

    Read the article

  • Can't find second partition on encrypted drive with two partitions

    - by Thomas Uhrig
    I have a drive with two partitions, a system partition (Windows 7) and a partition just for data. Both are encrypted with the same password. I didn't had any problems, but yesterday my laptop gets broken. Now, I'm trying to connect the drive via USB to a new laptop and read it. The problem is, that I only see the system partition, not the one with my data. When I click on "Select Device", I can see my drive as "Harddisk 1" with 300 gb. But I only see a single partition "Partition1" with 117 gb. I'm unable to find the second one. It's not a hidden partition. Any ideas? Thanks.

    Read the article

  • Integer ID obfuscation techniques

    - by Chris
    Hi there, I'm looking for an easy and reversible method of obfuscating integer IDs. Ideally, I'd want the resulting obfuscation to be at most eight characters in length and non-sequential, meaning that the obfuscation of "1" should look nothing like the obfuscation for "2" and so on. This isn't meant to be secure by any means, so this isn't a huge concern. Additionally, the integers I'll be obfuscating aren't large - between one and 10,000 - but I don't want any collisions, either. Does anybody have any ideas for something that would fit this criteria? Thanks! Chris

    Read the article

  • Decrease in disk performance after partitioning and encryption, is this much of a drop normal?

    - by Biohazard
    I have a server that I only have remote access to. Earlier in the week I repartitioned the 2 disk raid as follows: Filesystem Size Used Avail Use% Mounted on /dev/mapper/sda1_crypt 363G 1.8G 343G 1% / tmpfs 2.0G 0 2.0G 0% /lib/init/rw udev 2.0G 140K 2.0G 1% /dev tmpfs 2.0G 0 2.0G 0% /dev/shm /dev/sda5 461M 26M 412M 6% /boot /dev/sda7 179G 8.6G 162G 6% /data The raid consists of 2 x 300gb SAS 15k disks. Prior to the changes I made, it was being used as a single unencrypted root parition and hdparm -t /dev/sda was giving readings around 240mb/s, which I still get if I do it now: /dev/sda: Timing buffered disk reads: 730 MB in 3.00 seconds = 243.06 MB/sec Since the repartition and encryption, I get the following on the separate partitions: Unencrypted /dev/sda7: /dev/sda7: Timing buffered disk reads: 540 MB in 3.00 seconds = 179.78 MB/sec Unencrypted /dev/sda5: /dev/sda5: Timing buffered disk reads: 476 MB in 2.55 seconds = 186.86 MB/sec Encrypted /dev/mapper/sda1_crypt: /dev/mapper/sda1_crypt: Timing buffered disk reads: 150 MB in 3.03 seconds = 49.54 MB/sec I expected a drop in performance on the encrypted partition, but not that much, but I didn't expect I would get a drop in performance on the other partitions at all. The other hardware in the server is: 2 x Quad Core Intel(R) Xeon(R) CPU E5405 @ 2.00GHz and 4gb RAM $ cat /proc/scsi/scsi Attached devices: Host: scsi0 Channel: 00 Id: 32 Lun: 00 Vendor: DP Model: BACKPLANE Rev: 1.05 Type: Enclosure ANSI SCSI revision: 05 Host: scsi0 Channel: 02 Id: 00 Lun: 00 Vendor: DELL Model: PERC 6/i Rev: 1.11 Type: Direct-Access ANSI SCSI revision: 05 Host: scsi1 Channel: 00 Id: 00 Lun: 00 Vendor: HL-DT-ST Model: CD-ROM GCR-8240N Rev: 1.10 Type: CD-ROM ANSI SCSI revision: 05 I'm guessing this means the server has a PERC 6/i RAID controller? The encryption was done with default settings during debian 6 installation. I can't recall the exact specifics and am not sure how I go about finding them? Thanks

    Read the article

  • Two network interfaces and two IP addresses on the same subnet in Linux

    - by Scott Duckworth
    I recently ran into a situation where I needed two IP addresses on the same subnet assigned to one Linux host so that we could run two SSL/TLS sites. My first approach was to use IP aliasing, e.g. using eth0:0, eth0:1, etc, but our network admins have some fairly strict settings in place for security that squashed this idea: They use DHCP snooping and normally don't allow static IP addresses. Static addressing is accomplished by using static DHCP entries, so the same MAC address always gets the same IP assignment. This feature can be disabled per switchport if you ask and you have a reason for it (thankfully I have a good relationship with the network guys and this isn't hard to do). With the DHCP snooping disabled on the switchport, they had to put in a rule on the switch that said MAC address X is allowed to have IP address Y. Unfortunately this had the side effect of also saying that MAC address X is ONLY allowed to have IP address Y. IP aliasing required that MAC address X was assigned two IP addresses, so this didn't work. There may have been a way around these issues on the switch configuration, but in an attempt to preserve good relations with the network admins I tried to find another way. Having two network interfaces seemed like the next logical step. Thankfully this Linux system is a virtual machine, so I was able to easily add a second network interface (without rebooting, I might add - pretty cool). A few keystrokes later I had two network interfaces up and running and both pulled IP addresses from DHCP. But then the problem came in: the network admins could see (on the switch) the ARP entry for both interfaces, but only the first network interface that I brought up would respond to pings or any sort of TCP or UDP traffic. After lots of digging and poking, here's what I came up with. It seems to work, but it also seems to be a lot of work for something that seems like it should be simple. Any alternate ideas out there? Step 1: Enable ARP filtering on all interfaces: # sysctl -w net.ipv4.conf.all.arp_filter=1 # echo "net.ipv4.conf.all.arp_filter = 1" >> /etc/sysctl.conf From the file networking/ip-sysctl.txt in the Linux kernel docs: arp_filter - BOOLEAN 1 - Allows you to have multiple network interfaces on the same subnet, and have the ARPs for each interface be answered based on whether or not the kernel would route a packet from the ARP'd IP out that interface (therefore you must use source based routing for this to work). In other words it allows control of which cards (usually 1) will respond to an arp request. 0 - (default) The kernel can respond to arp requests with addresses from other interfaces. This may seem wrong but it usually makes sense, because it increases the chance of successful communication. IP addresses are owned by the complete host on Linux, not by particular interfaces. Only for more complex setups like load- balancing, does this behaviour cause problems. arp_filter for the interface will be enabled if at least one of conf/{all,interface}/arp_filter is set to TRUE, it will be disabled otherwise Step 2: Implement source-based routing I basically just followed directions from http://lartc.org/howto/lartc.rpdb.multiple-links.html, although that page was written with a different goal in mind (dealing with two ISPs). Assume that the subnet is 10.0.0.0/24, the gateway is 10.0.0.1, the IP address for eth0 is 10.0.0.100, and the IP address for eth1 is 10.0.0.101. Define two new routing tables named eth0 and eth1 in /etc/iproute2/rt_tables: ... top of file omitted ... 1 eth0 2 eth1 Define the routes for these two tables: # ip route add default via 10.0.0.1 table eth0 # ip route add default via 10.0.0.1 table eth1 # ip route add 10.0.0.0/24 dev eth0 src 10.0.0.100 table eth0 # ip route add 10.0.0.0/24 dev eth1 src 10.0.0.101 table eth1 Define the rules for when to use the new routing tables: # ip rule add from 10.0.0.100 table eth0 # ip rule add from 10.0.0.101 table eth1 The main routing table was already taken care of by DHCP (and it's not even clear that its strictly necessary in this case), but it basically equates to this: # ip route add default via 10.0.0.1 dev eth0 # ip route add 130.127.48.0/23 dev eth0 src 10.0.0.100 # ip route add 130.127.48.0/23 dev eth1 src 10.0.0.101 And voila! Everything seems to work just fine. Sending pings to both IP addresses works fine. Sending pings from this system to other systems and forcing the ping to use a specific interface works fine (ping -I eth0 10.0.0.1, ping -I eth1 10.0.0.1). And most importantly, all TCP and UDP traffic to/from either IP address works as expected. So again, my question is: is there a better way to do this? This seems like a lot of work for a seemingly simple problem.

    Read the article

  • What alternatives are available for shared folders encryption in Windows 2003 Server?

    - by snakepitar
    People in our company asked to encrypting some of the shared folders published in a local Windows 2003 File Server. The requirements are: Encrypt the files, so only a user or group or users can open them Avoid password protected files. The encryption process should be transparent to the users Though files are encrypted, the backup software (BackupExec) must be able to copy and access binary for verification Cannot install tools/software in user's PCs, they want this to work automatically As we have very little experience managing servers, we'll be grateful for any help or suggestion offered.

    Read the article

  • How to synchronize two folders on two remote Linux virtual machines

    - by Manoj Agarwal
    I have two virtual machines, Host OS is ESXi 3.5 and guest OS is Centos 4.6. There are two ESXi servers remotely located, each containing a Centos 4.6 virtual machine. I wish, whatever change I make in any file/folder in one virtual machine should be automatically synchronized on other remote virtual machine. The synchronization process should be automatic. It should only sync differentials, not simulate entire copy with overwrite operation. Sync should be intelligent enough to look for what has changed and what not, and should only update the changed files/folders. Further, there should be some sort of overview and selection for syncing, for example, if it shows 4 files have changed, It should be possible to sync only two files and leave other two for the time being. So, some intelligent syncing mechanism for Linux is needed.

    Read the article

  • What is the best way to secure MySQL data on a laptop *without* whole-disk-encryption?

    - by GJ
    I need to have the mysql data on my laptop stored in an encrypted state so that in case of the laptop being lost/stolen it will extremely difficult to recover the data without the password. I don't wish to use whole disk encryption, due to the performance impact it will have on other disk-intensive programs' usage. What could be the ideal solution for me balancing security and performance? Thanks!

    Read the article

  • Lubuntu Full Install on USB Drive with Full Disk Encryption and Grub2

    - by vivi
    I apologise for the wall of text, but I want you to scrutinize my thought-process to make sure there's no mistakes and no other way around it: I wish to have a full install of lubuntu with full disk encryption on one of my usb drives. The laptop I would be booting it from also has windows 7. I want to maintain that OS. From what I've read I must place grub2 on the usb drive so that: If I have the usb plugged in, the laptop would start lubuntu (having USB HD in the BIOS Boot options) If I don't have the usb plugged in, it would normally start windows 7. That's exactly what I want it to do. But: If I install from the normal .iso: Clicking "install lubuntu alongside them" would install it onto my normal HD. Clicking "Erase disk and install lunbuntu" would delete all the stuff I have in my HD and install lubuntu on it. Clicking "Something else" would allow me to choose to install lunbuntu and grub2 onto the usb drive, but would not provide it with encryption. So the normal .iso won't work for what I want. Then I found the alternate .iso and this tutorial: It allows me to install lubuntu with all the options I want and gives me the option to choose where to place the grub2! Hopefully there are no flaws in my train of thought. If there aren't, I have a few questions regarding that tutorial: The author says in his case choosing "Yes to install GRUB to your MBR" installed the grub to the usb drive's mbr. I can't have "in his case". I need to be sure that's what it will do, so that it doesn't mess up the windows boot loader. Choosing "no" would open this window and allow to choose where I want to install the grub. Unfortunately I don't understand which option I should type in the box to install it into the usb drive. Would removing my laptop's Hard Drive ensure that the grub is installed onto the usb drive if i picked first option, "yes"? I apologise once again for the wall of text and appreciate any help you guys can offer me.

    Read the article

  • join two oracle queries

    - by coder247
    I've to query from two tables and want one result.. how can i join these two queries? First query is querying from two tables and the second one is only from one. select pt.id,pt.promorow,pt.promocolumn,pt.type,pt.image,pt.style,pt.quota_allowed,ptc.text,pq.quota_left from promotables pt,promogroups pg ,promotablecontents ptc ,promoquotas pq where pt.id_promogroup = 1 and ptc.country ='049' and ptc.id_promotable = pt.id and pt.id_promogroup = pg.id and pq.id_promotable = pt.id order by pt.promorow,pt.promocolumn select pt.id,pt.promorow,pt.promocolumn,pt.type,pt.image,pt.style,pt.quota_allowed from promotables pt where pt.type='heading'

    Read the article

  • Standard way to hash an RSA key?

    - by Adam J.R. Erickson
    What's the algorithm for creating hash (sha-1 or MD5) of an RSA public key? Is there a standard way to do this? Hash just the modulus, string addition of both and then take a hash? Is SHA-1 or MD5 usually used? I want to use it to ensure that I got the right key (have the sender send a hash, and I calculate it myself), and log said hash so I always know which exact key I used when I encrypt the payload.

    Read the article

  • what is file verification system for php project or licence checking the configuration files

    - by Jayapal Chandran
    Hi, My colleague asked me a question like "license check to config file". when i searched i got this http://www.google.com/search?q=file+verification+system&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a and in the result i got this http://integrit.sourceforge.net/texinfo/integrit.html but could not grasp much of its idea. Here is my thoughts... Our project is written in codeigniter. The project owner is providing it to their customer. The owner is a business partner with that concept. Besides, the owner needs control of the project code so that the customer will not break rules with him like changing the code or moving it go another server or validity. So the owner needs a system to enable disable the site. Let me give an example... owner.com will have an admin panel where he can either disable or enable the client.com. when he disables the client.com should display a custom message instead of loading the files. client.com is written i a way that i will process requests from owner.com and also the other way round. so, here i want a list of the concepts with which we can implement the ownership and control over client.com any suggestions, links, references, answers will be helpful. If i am missing something in my question i will update my question according to your comments if any so that the users can give in their idea without confusing of what i had asked. THX

    Read the article

  • Is encryption really needed for having network security? [closed]

    - by Cawas
    I welcome better key-wording here, both on tags and title. I'm trying to conceive a free, open and secure network environment that would work anywhere, from big enterprises to small home networks of just 1 machine. I think since wireless Access Points are the most, if not only, true weak point of a Local Area Network (let's not consider every other security aspect of having internet) there would be basically two points to consider here: Having an open AP for anyone to use the internet through Leaving the whole LAN also open for guests to be able to easily read (only) files on it, and even a place to drop files on Considering these two aspects, once everything is done properly... What's the most secure option between having that, or having just an encrypted password-protected wifi? Of course "both" would seem "more secure". But it shouldn't actually be anything substantial. I've always had the feeling using any kind of the so called "wireless security" methods is actually a bad design. I'm talking mostly about encrypting and pass-phrasing (which are actually two different concepts), since I won't even consider hiding SSID and mac filtering. I understand it's a natural way of thinking. With cable networking nobody can access the network unless they have access to the physical cable, so you're "secure" in the physical way. In a way, encrypting is for wireless what building walls is for the cables. And giving pass-phrases would be adding a door with a key. So, what do you think?

    Read the article

  • How to match ColdFusion encryption with Java 1.4.2?

    - by JohnTheBarber
    * sweet - thanks to Edward Smith for the CF Technote that indicated the key from ColdFusion was Base64 encoded. See generateKey() for the 'fix' My task is to use Java 1.4.2 to match the results a given ColdFusion code sample for encryption. Known/given values: A 24-byte key A 16-byte salt (IVorSalt) Encoding is Hex Encryption algorithm is AES/CBC/PKCS5Padding A sample clear-text value The encrypted value of the sample clear-text after going through the ColdFusion code Assumptions: Number of iterations not specified in the ColdFusion code so I assume only one iteration 24-byte key so I assume 192-bit encryption Given/working ColdFusion encryption code sample: <cfset ThisSalt = "16byte-salt-here"> <cfset ThisAlgorithm = "AES/CBC/PKCS5Padding"> <cfset ThisKey = "a-24byte-key-string-here"> <cfset thisAdjustedNow = now()> <cfset ThisDateTimeVar = DateFormat( thisAdjustedNow , "yyyymmdd" )> <cfset ThisDateTimeVar = ThisDateTimeVar & TimeFormat( thisAdjustedNow , "HHmmss" )> <cfset ThisTAID = ThisDateTimeVar & "|" & someOtherData> <cfset ThisTAIDEnc = Encrypt( ThisTAID , ThisKey , ThisAlgorithm , "Hex" , ThisSalt)> My Java 1.4.2 encryption/decryption code swag: package so.example; import java.security.*; import javax.crypto.Cipher; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import org.apache.commons.codec.binary.*; public class SO_AES192 { private static final String _AES = "AES"; private static final String _AES_CBC_PKCS5Padding = "AES/CBC/PKCS5Padding"; private static final String KEY_VALUE = "a-24byte-key-string-here"; private static final String SALT_VALUE = "16byte-salt-here"; private static final int ITERATIONS = 1; private static IvParameterSpec ivParameterSpec; public static String encryptHex(String value) throws Exception { Key key = generateKey(); Cipher c = Cipher.getInstance(_AES_CBC_PKCS5Padding); ivParameterSpec = new IvParameterSpec(SALT_VALUE.getBytes()); c.init(Cipher.ENCRYPT_MODE, key, ivParameterSpec); String valueToEncrypt = null; String eValue = value; for (int i = 0; i < ITERATIONS; i++) { // valueToEncrypt = SALT_VALUE + eValue; // pre-pend salt - Length > sample length valueToEncrypt = eValue; // don't pre-pend salt Length = sample length byte[] encValue = c.doFinal(valueToEncrypt.getBytes()); eValue = Hex.encodeHexString(encValue); } return eValue; } public static String decryptHex(String value) throws Exception { Key key = generateKey(); Cipher c = Cipher.getInstance(_AES_CBC_PKCS5Padding); ivParameterSpec = new IvParameterSpec(SALT_VALUE.getBytes()); c.init(Cipher.DECRYPT_MODE, key, ivParameterSpec); String dValue = null; char[] valueToDecrypt = value.toCharArray(); for (int i = 0; i < ITERATIONS; i++) { byte[] decordedValue = Hex.decodeHex(valueToDecrypt); byte[] decValue = c.doFinal(decordedValue); // dValue = new String(decValue).substring(SALT_VALUE.length()); // when salt is pre-pended dValue = new String(decValue); // when salt is not pre-pended valueToDecrypt = dValue.toCharArray(); } return dValue; } private static Key generateKey() throws Exception { // Key key = new SecretKeySpec(KEY_VALUE.getBytes(), _AES); // this was wrong Key key = new SecretKeySpec(new BASE64Decoder().decodeBuffer(keyValueString), _AES); // had to un-Base64 the 'known' 24-byte key. return key; } } I cannot create a matching encrypted value nor decrypt a given encrypted value. My guess is it's something to do with how I'm handling the initial vector/salt. I'm not very crypto-savvy but I'm thinking I should be able to take the sample clear-text and produce the same encrypted value in Java as ColdFusion produced. I am able to encrypt/decrypt my own data with my Java code (so I'm consistent) but I cannot match nor decrypt the ColdFusion sample encrypted value. I have access to a local webservice that can test the encrypted output. The given ColdFusion output sample passes/decrypts fine (of course). If I try to decrypt the same sample with my Java code (using the actual key and salt) I get a "Given final block not properly padded" error. I get the same net result when I pass my attempt at encryption (using the actual key and salt) to the test webservice. Any Ideas?

    Read the article

  • Is there really a need for encryption to have true wireless security? [closed]

    - by Cawas
    I welcome better key-wording here, both on tags and title. I'm trying to conceive a free, open and secure network environment that would work anywhere, from big enterprises to small home networks of just 1 machine. I think since wireless Access Points are the most, if not only, true weak point of a Local Area Network (let's not consider every other security aspect of having internet) there would be basically two points to consider here: Having an open AP for anyone to use the internet through Leaving the whole LAN also open for guests to be able to easily read (only) files on it, and even a place to drop files on Considering these two aspects, once everything is done properly... What's the most secure option between having that, or having just an encrypted password-protected wifi? Of course "both" would seem "more secure". But it shouldn't actually be anything substantial. That's the question, but I think it may need more elaborating on. If you don't think so, please feel free to skip the next (long) part. Elaborating more on the two aspects ... I've always had the feeling using any kind of the so called "wireless security" methods is actually a bad design. I'm talking mostly about encrypting and pass-phrasing (which are actually two different concepts), since I won't even consider hiding SSID and mac filtering. I understand it's a natural way of thinking. With cable networking nobody can access the network unless they have access to the physical cable, so you're "secure" in the physical way. In a way, encrypting is for wireless what building walls is for the cables. And giving pass-phrases would be adding a door with a key. But the cabling without encryption is also insecure. If someone plugin all the data is right there. So, while I can see the use for encrypting data, I don't think it's a security measure in wireless networks. It's wasting resources for too little gain. I believe we should encrypt only sensitive data regardless of wires. That's already done with HTTPS, so I don't really need to encrypt my torrents, for instance. They're torrents, they are meant to be freely shared! As for using passwords, they should be added to the users, always. Not to wifi. For securing files, truly, best solution is backup. Sure all that doesn't happen that often, but I won't consider the most situations where people just don't care. I think there are enough situations where we actually use passwords on our OS users, so let's go with that in mind. I keep promoting the Fonera concept as an instance. It opens up a free wifi port, if you choose so, and anyone can connect to the internet through that, without having any access to your LAN. It also uses a QoS which will never let your bandwidth drop from that public usage. That's security, and it's open. But it's lacking the second aspect. I'll probably be bashed for promoting the non-usage of WPA 2 with AES or whatever, but I wanted to know from more experienced (super) users out there: what do you think?

    Read the article

  • Symmetric Encryption

    Cryptography is an increasing requirement for applications, so it is great that it is part of the .NET framework. Matteo builds on his first article that explained Asymmetric Cryptography and Digital Signatures, and tackles Symmetric Encryption and how to implement it in the .NET Framework.

    Read the article

  • Week in Geek: Google Strengthens Encryption on Gmail and Other Services

    - by Asian Angel
    This week’s edition of WIG is filled with news link goodness such as Google’s work on strengthening encryption for its services, Mozilla’s progress on silent updates, AT&T’s thwarting of a hacking attack on mobile accounts, a giveaway contest for LastPass Pro subscriptions, and more. How to See What Web Sites Your Computer is Secretly Connecting To HTG Explains: When Do You Need to Update Your Drivers? How to Make the Kindle Fire Silk Browser *Actually* Fast!

    Read the article

< Previous Page | 7 8 9 10 11 12 13 14 15 16 17 18  | Next Page >