Search Results

Search found 55010 results on 2201 pages for 'system security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 113/2201 | < Previous Page | 109 110 111 112 113 114 115 116 117 118 119 120  | Next Page >

  • dpkg unsatisfied dependencies, now apt-get wants to remove whole system

    - by Bruno Finger
    firstly, I'm sorry for my terminal output in portuguese, but I guess it is still understandable. I am using Ubuntu GNOME 14.04 and I tried to update the GNOME Online Accounts packages by downloading the following .deb files from packages.ubuntu.com for the Ubuntu 14.10 version: libgoa-backend-1.0-dev_3.12.4-1_amd64.deb libgoa-backend-1.0-1_3.12.4-1_amd64.deb libgoa-1.0-dev_3.12.4-1_amd64.deb libgoa-1.0-0b_3.12.4-1_amd64.deb gnome-online-accounts_3.12.4-1_amd64.deb gir1.2-goa-1.0_3.12.4-1_amd64.deb After downloading them in the same folder, I run the command sudo dpkg -i *.deb, but it didn't install the packages, instead it showed errors due to packages which them depend doesn't meet the required version (and Ubuntu have no way to install them since they are not in this version's repositories). So now every time I want to install anything through apt-get, Ubuntu tells me to run apt-get -f install to fix the errors. This is the list of packages it needs to install/uninstall/update: $ sudo apt-get -f install Lendo listas de pacotes... Pronto Construindo árvore de dependências Lendo informação de estado... Pronto Corrigindo dependências... Pronto Os seguintes pacotes foram instalados automaticamente e já não são necessários: # THESE PACKAGES HAVE BEEN PREVIOUSLY INSTALLED AND ARE NO LONGER NECESSARY account-plugin-windows-live gir1.2-gweather-3.0 libatk-bridge2.0-dev libatk1.0-dev libcairo-script-interpreter2 libcairo2-dev libexpat1-dev libfontconfig1-dev libfreetype6-dev libgdk-pixbuf2.0-dev libglib2.0-dev libgtk-3-dev libharfbuzz-dev libharfbuzz-gobject0 libice-dev libpango1.0-dev libpcre3-dev libpcrecpp0 libpixman-1-dev libpng12-dev libpthread-stubs0-dev librest-dev libsm-dev libsoup2.4-dev libwayland-dev libx11-dev libx11-doc libxau-dev libxcb-render0-dev libxcb-shm0-dev libxcb1-dev libxcomposite-dev libxcursor-dev libxdamage-dev libxdmcp-dev libxext-dev libxfixes-dev libxft-dev libxi-dev libxinerama-dev libxkbcommon-dev libxml2-dev libxrandr-dev libxrender-dev pkg-config signon-plugin-password x11proto-composite-dev x11proto-core-dev x11proto-damage-dev x11proto-fixes-dev x11proto-input-dev x11proto-kb-dev x11proto-randr-dev x11proto-render-dev x11proto-xext-dev x11proto-xinerama-dev xorg-sgml-doctools xtrans-dev zlib1g-dev Utilize 'apt-get autoremove' para os remover. Os pacotes extra a seguir serão instalados: # THE FOLLOWING PACKAGES WILL BE INSTALLED debhelper dh-apparmor libatk-bridge2.0-dev libatk1.0-dev libcairo-script-interpreter2 libcairo2-dev libept1.4.12 libexpat1-dev libfontconfig1-dev libfreetype6-dev libgdk-pixbuf2.0-dev libglib2.0-dev libgtk-3-dev libharfbuzz-dev libharfbuzz-gobject0 libice-dev libmail-sendmail-perl libpango1.0-dev libpcre3-dev libpcrecpp0 libpixman-1-dev libpng12-dev libpthread-stubs0-dev librest-dev libsm-dev libsoup2.4-dev libwayland-dev libx11-dev libx11-doc libxau-dev libxcb-render0-dev libxcb-shm0-dev libxcb1-dev libxcomposite-dev libxcursor-dev libxdamage-dev libxdmcp-dev libxext-dev libxfixes-dev libxft-dev libxi-dev libxinerama-dev libxkbcommon-dev libxml2-dev libxrandr-dev libxrender-dev pkg-config po-debconf x11proto-composite-dev x11proto-core-dev x11proto-damage-dev x11proto-fixes-dev x11proto-input-dev x11proto-kb-dev x11proto-randr-dev x11proto-render-dev x11proto-xext-dev x11proto-xinerama-dev xorg-sgml-doctools xtrans-dev zlib1g-dev Pacotes sugeridos: dh-make apparmor-easyprof libcairo2-doc libglib2.0-doc libgtk-3-doc libice-doc libpango1.0-doc imagemagick libsm-doc libsoup2.4-doc libxcb-doc libxext-doc libmail-box-perl Os pacotes a seguir serão REMOVIDOS: # THE FOLLOWING PACKAGES WILL BE REMOVED account-plugin-aim account-plugin-jabber account-plugin-salut account-plugin-yahoo empathy evolution evolution-data-server evolution-data-server-online-accounts evolution-indicator evolution-plugins gdm gir1.2-gdata-0.0 gir1.2-goa-1.0 gir1.2-zpj-0.0 gnome-contacts gnome-control-center gnome-documents gnome-online-accounts gnome-online-miners gnome-shell gnome-shell-extension-weather gnome-shell-extensions grilo-plugins-0.2 gvfs-backends-goa libevolution libfolks-eds25 libgdata13 libgoa-1.0-0b libgoa-1.0-dev libgoa-backend-1.0-1 libgoa-backend-1.0-dev libzapojit-0.0-0 mcp-account-manager-uoa nautilus-sendto-empathy ubuntu-gnome-desktop Os NOVOS pacotes a seguir serão instalados: # THE NEW FOLLOWING PACKAGES WILL BE INSTALLED debhelper dh-apparmor libatk-bridge2.0-dev libatk1.0-dev libcairo-script-interpreter2 libcairo2-dev libept1.4.12 libexpat1-dev libfontconfig1-dev libfreetype6-dev libgdk-pixbuf2.0-dev libglib2.0-dev libgtk-3-dev libharfbuzz-dev libharfbuzz-gobject0 libice-dev libmail-sendmail-perl libpango1.0-dev libpcre3-dev libpcrecpp0 libpixman-1-dev libpng12-dev libpthread-stubs0-dev librest-dev libsm-dev libsoup2.4-dev libwayland-dev libx11-dev libx11-doc libxau-dev libxcb-render0-dev libxcb-shm0-dev libxcb1-dev libxcomposite-dev libxcursor-dev libxdamage-dev libxdmcp-dev libxext-dev libxfixes-dev libxft-dev libxi-dev libxinerama-dev libxkbcommon-dev libxml2-dev libxrandr-dev libxrender-dev pkg-config po-debconf x11proto-composite-dev x11proto-core-dev x11proto-damage-dev x11proto-fixes-dev x11proto-input-dev x11proto-kb-dev x11proto-randr-dev x11proto-render-dev x11proto-xext-dev x11proto-xinerama-dev xorg-sgml-doctools xtrans-dev zlib1g-dev 0 pacotes atualizados, 61 pacotes novos instalados, 35 a serem removidos e 22 não atualizados. 7 pacotes não totalmente instalados ou removidos. É preciso baixar 12,0 MB de arquivos. Depois desta operação, 25,0 MB adicionais de espaço em disco serão usados. Você quer continuar? [S/n] Along packages needed to be removed are even gdm. This is 100% sure to make the system useless. What can I do to fix this issue? I don't care if I can't install the new version of goa anymore.

    Read the article

  • What Would a CyberWar Do To Your Business?

    - by [email protected]
    In mid-February the Bipartisan Policy Center in the United States hosted Cyber ShockWave, a simulation of how the country might respond to a catastrophic cyber event. An attack takes place, they can't isolate where it came from or who did it, simulated press reports and market impacts...and the participants in the exercise have to brief the President and advise him/her on what to do. Last week, Former Department of Homeland Security Secretary Michael Chertoff who participated in the exercise summarized his findings in Federal Computer Weekly. The article, given FCW's readership and the topic is obviously focused on the public sector and US Federal policies. However, it touches on some broader issues that impact the private sector as well--which are applicable to any government and country/region-- such as: · How would the US (or any) government collaborate to identify and defeat such an attack? Chertoff calls this out as a current gap. How do the public and private sector collaborate today? How would the massive and disparate collection of agencies and companies act together in a crunch? · What would the impact on industries and global economies be? Chertoff, and a companion article in Government Computer News, only touch briefly on the subject--focusing on the impact on capital markets. "There's no question this has a disastrous impact on the economy," said Stephen Friedman, former director of the National Economic Council under President George W. Bush who played the role of treasury secretary. "You have financial markets shut down at this point, ordinary transactions are dramatically depleted, there's no question that this has a major impact on consumer confidence." That Got Me Thinking · How would it impact Oracle's customers? I know they have business continuity plans--is this one of their scenarios? What if it's not? How would it impact manufacturing lines, ATM networks, customer call centers... · How would it impact me and the companies I rely on? The supermarket down the street, my Internet Service Provider, the service station where I bought gas last night. I sure don't have any answers, and neither do Chertoff or the participants in the exercise. "I have to tell you that ... we are operating in a bit of unchartered territory." said Jamie Gorelick, a former deputy attorney general who played the role of attorney general in the exercise. But it is a good thing that governments and businesses are considering this scenario and doing what they can to prevent it from happening.

    Read the article

  • TFS API Change WorkItem CreatedDate And ChangedDate To Historic Dates

    - by Tarun Arora
    There may be times when you need to modify the value of the fields “System.CreatedDate” and “System.ChangedDate” on a work item. Richard Hundhausen has a great blog with ample of reason why or why not you should need to set the values of these fields to historic dates. In this blog post I’ll show you, Create a PBI WorkItem linked to a Task work item by pre-setting the value of the field ‘System.ChangedDate’ to a historic date Change the value of the field ‘System.Created’ to a historic date Simulate the historic burn down of a task type work item in a sprint Explain the impact of updating values of the fields CreatedDate and ChangedDate on the Sprint burn down chart Rules of Play      1. You need to be a member of the Project Collection Service Accounts              2. You need to use ‘WorkItemStoreFlags.BypassRules’ when you instantiate the WorkItemStore service // Instanciate Work Item Store with the ByPassRules flag _wis = new WorkItemStore(_tfs, WorkItemStoreFlags.BypassRules);      3. You cannot set the ChangedDate         - Less than the changed date of previous revision         - Greater than current date Walkthrough The walkthrough contains 5 parts 00 – Required References 01 – Connect to TFS Programmatically 02 – Create a Work Item Programmatically 03 – Set the values of fields ‘System.ChangedDate’ and ‘System.CreatedDate’ to historic dates 04 – Results of our experiment Lets get started………………………………………………… 00 – Required References Microsoft.TeamFoundation.dll Microsoft.TeamFoundation.Client.dll Microsoft.TeamFoundation.Common.dll Microsoft.TeamFoundation.WorkItemTracking.Client.dll 01 – Connect to TFS Programmatically I have a in depth blog post on how to connect to TFS programmatically in case you are interested. However, the code snippet below will enable you to connect to TFS using the Team Project Picker. // Services I need access to globally private static TfsTeamProjectCollection _tfs; private static ProjectInfo _selectedTeamProject; private static WorkItemStore _wis; // Connect to TFS Using Team Project Picker public static bool ConnectToTfs() { var isSelected = false; // The user is allowed to select only one project var tfsPp = new TeamProjectPicker(TeamProjectPickerMode.SingleProject, false); tfsPp.ShowDialog(); // The TFS project collection _tfs = tfsPp.SelectedTeamProjectCollection; if (tfsPp.SelectedProjects.Any()) { // The selected Team Project _selectedTeamProject = tfsPp.SelectedProjects[0]; isSelected = true; } return isSelected; } 02 – Create a Work Item Programmatically In the below code snippet I have create a Product Backlog Item and a Task type work item and then link them together as parent and child. Note – You will have to set the ChangedDate to a historic date when you created the work item. Remember, If you try and set the ChangedDate to a value earlier than last assigned you will receive the following exception… TF26212: Team Foundation Server could not save your changes. There may be problems with the work item type definition. Try again or contact your Team Foundation Server administrator. If you notice below I have added a few seconds each time I have modified the ‘ChangedDate’ just to avoid running into the exception listed above. // Create Linked Work Items and return Ids private static List<int> CreateWorkItemsProgrammatically() { // Instantiate Work Item Store with the ByPassRules flag _wis = new WorkItemStore(_tfs, WorkItemStoreFlags.BypassRules); // List of work items to return var listOfWorkItems = new List<int>(); // Create a new Product Backlog Item var p = new WorkItem(_wis.Projects[_selectedTeamProject.Name].WorkItemTypes["Product Backlog Item"]); p.Title = "This is a new PBI"; p.Description = "Description"; p.IterationPath = string.Format("{0}\\Release 1\\Sprint 1", _selectedTeamProject.Name); p.AreaPath = _selectedTeamProject.Name; p["Effort"] = 10; // Just double checking that ByPassRules is set to true if (_wis.BypassRules) { p.Fields["System.ChangedDate"].Value = Convert.ToDateTime("2012-01-01"); } if (p.Validate().Count == 0) { p.Save(); listOfWorkItems.Add(p.Id); } else { Console.WriteLine(">> Following exception(s) encountered during work item save: "); foreach (var e in p.Validate()) { Console.WriteLine(" - '{0}' ", e); } } var t = new WorkItem(_wis.Projects[_selectedTeamProject.Name].WorkItemTypes["Task"]); t.Title = "This is a task"; t.Description = "Task Description"; t.IterationPath = string.Format("{0}\\Release 1\\Sprint 1", _selectedTeamProject.Name); t.AreaPath = _selectedTeamProject.Name; t["Remaining Work"] = 10; if (_wis.BypassRules) { t.Fields["System.ChangedDate"].Value = Convert.ToDateTime("2012-01-01"); } if (t.Validate().Count == 0) { t.Save(); listOfWorkItems.Add(t.Id); } else { Console.WriteLine(">> Following exception(s) encountered during work item save: "); foreach (var e in t.Validate()) { Console.WriteLine(" - '{0}' ", e); } } var linkTypEnd = _wis.WorkItemLinkTypes.LinkTypeEnds["Child"]; p.Links.Add(new WorkItemLink(linkTypEnd, t.Id) {ChangedDate = Convert.ToDateTime("2012-01-01").AddSeconds(20)}); if (_wis.BypassRules) { p.Fields["System.ChangedDate"].Value = Convert.ToDateTime("2012-01-01").AddSeconds(20); } if (p.Validate().Count == 0) { p.Save(); } else { Console.WriteLine(">> Following exception(s) encountered during work item save: "); foreach (var e in p.Validate()) { Console.WriteLine(" - '{0}' ", e); } } return listOfWorkItems; } 03 – Set the value of “Created Date” and Change the value of “Changed Date” to Historic Dates The CreatedDate can only be changed after a work item has been created. If you try and set the CreatedDate to a historic date at the time of creation of a work item, it will not work. // Lets do a work item effort burn down simulation by updating the ChangedDate & CreatedDate to historic Values private static void WorkItemChangeSimulation(IEnumerable<int> listOfWorkItems) { foreach (var id in listOfWorkItems) { var wi = _wis.GetWorkItem(id); switch (wi.Type.Name) { case "ProductBacklogItem": if (wi.State.ToLower() == "new") wi.State = "Approved"; // Advance the changed date by few seconds wi.Fields["System.ChangedDate"].Value = Convert.ToDateTime(wi.Fields["System.ChangedDate"].Value).AddSeconds(10); // Set the CreatedDate to Changed Date wi.Fields["System.CreatedDate"].Value = Convert.ToDateTime(wi.Fields["System.ChangedDate"].Value).AddSeconds(10); wi.Save(); break; case "Task": // Advance the changed date by few seconds wi.Fields["System.ChangedDate"].Value = Convert.ToDateTime(wi.Fields["System.ChangedDate"].Value).AddSeconds(10); // Set the CreatedDate to Changed date wi.Fields["System.CreatedDate"].Value = Convert.ToDateTime(wi.Fields["System.ChangedDate"].Value).AddSeconds(10); wi.Save(); break; } } // A mock sprint start date var sprintStart = DateTime.Today.AddDays(-5); // A mock sprint end date var sprintEnd = DateTime.Today.AddDays(5); // What is the total Sprint duration var totalSprintDuration = (sprintEnd - sprintStart).Days; // How much of the sprint have we already covered var noOfDaysIntoSprint = (DateTime.Today - sprintStart).Days; // Get the effort assigned to our tasks var totalEffortRemaining = QueryTaskTotalEfforRemaining(listOfWorkItems); // Defining how much effort to burn every day decimal dailyBurnRate = totalEffortRemaining / totalSprintDuration < 1 ? 1 : totalEffortRemaining / totalSprintDuration; // we have just created one task var totalNoOfTasks = 1; var simulation = sprintStart; var currentDate = DateTime.Today.Date; // Carry on till effort has been burned down from sprint start to today while (simulation.Date != currentDate.Date) { var dailyBurnRate1 = dailyBurnRate; // A fixed amount needs to be burned down each day while (dailyBurnRate1 > 0) { // burn down bit by bit from all unfinished task type work items foreach (var id in listOfWorkItems) { var wi = _wis.GetWorkItem(id); var isDirty = false; // Set the status to in progress if (wi.State.ToLower() == "to do") { wi.State = "In Progress"; isDirty = true; } // Ensure that there is enough effort remaining in tasks to burn down the daily burn rate if (QueryTaskTotalEfforRemaining(listOfWorkItems) > dailyBurnRate1) { // If there is less than 1 unit of effort left in the task, burn it all if (Convert.ToDecimal(wi["Remaining Work"]) <= 1) { wi["Remaining Work"] = 0; dailyBurnRate1 = dailyBurnRate1 - Convert.ToDecimal(wi["Remaining Work"]); isDirty = true; } else { // How much to burn from each task? var toBurn = (dailyBurnRate / totalNoOfTasks) < 1 ? 1 : (dailyBurnRate / totalNoOfTasks); // Check that the task has enough effort to allow burnForTask effort if (Convert.ToDecimal(wi["Remaining Work"]) >= toBurn) { wi["Remaining Work"] = Convert.ToDecimal(wi["Remaining Work"]) - toBurn; dailyBurnRate1 = dailyBurnRate1 - toBurn; isDirty = true; } else { wi["Remaining Work"] = 0; dailyBurnRate1 = dailyBurnRate1 - Convert.ToDecimal(wi["Remaining Work"]); isDirty = true; } } } else { dailyBurnRate1 = 0; } if (isDirty) { if (Convert.ToDateTime(wi.Fields["System.ChangedDate"].Value).Date == simulation.Date) { wi.Fields["System.ChangedDate"].Value = Convert.ToDateTime(wi.Fields["System.ChangedDate"].Value).AddSeconds(20); } else { wi.Fields["System.ChangedDate"].Value = simulation.AddSeconds(20); } wi.Save(); } } } // Increase date by 1 to perform daily burn down by day simulation = Convert.ToDateTime(simulation).AddDays(1); } } // Get the Total effort remaining in the current sprint private static decimal QueryTaskTotalEfforRemaining(List<int> listOfWorkItems) { var unfinishedWorkInCurrentSprint = _wis.GetQueryDefinition( new Guid(QueryAndGuid.FirstOrDefault(c => c.Key == "Unfinished Work").Value)); var parameters = new Dictionary<string, object> { { "project", _selectedTeamProject.Name } }; var q = new Query(_wis, unfinishedWorkInCurrentSprint.QueryText, parameters); var results = q.RunLinkQuery(); var wis = new List<WorkItem>(); foreach (var result in results) { var _wi = _wis.GetWorkItem(result.TargetId); if (_wi.Type.Name == "Task" && listOfWorkItems.Contains(_wi.Id)) wis.Add(_wi); } return wis.Sum(r => Convert.ToDecimal(r["Remaining Work"])); }   04 – The Results If you are still reading, the results are beautiful! Image 1 – Create work item with Changed Date pre-set to historic date Image 2 – Set the CreatedDate to historic date (Same as the ChangedDate) Image 3 – Simulate of effort burn down on a task via the TFS API   Image 4 – The history of changes on the Task. So, essentially this task has burned 1 hour per day Sprint Burn Down Chart – What’s not possible? The Sprint burn down chart is calculated from the System.AuthorizedDate and not the System.ChangedDate/System.CreatedDate. So, though you can change the System.ChangedDate and System.CreatedDate to historic dates you will not be able to synthesize the sprint burn down chart. Image 1 – By changing the Created Date and Changed Date to ‘18/Oct/2012’ you would have expected the burn down to have been impacted, but it won’t be, because the sprint burn down chart uses the value of field ‘System.AuthorizedDate’ to calculate the unfinished work points. The AsOf queries that are used to calculate the unfinished work points use the value of the field ‘System.AuthorizedDate’. Image 2 – Using the above code I burned down 1 hour effort per day over 5 days from the task work item, I would have expected the sprint burn down to show a constant burn down, instead the burn down shows the effort exhausted on the 24th itself. Simply because the burn down is calculated using the ‘System.AuthorizedDate’. Now you would ask… “Can I change the value of the field System.AuthorizedDate to a historic date” Unfortunately that’s not possible! You will run into the exception ValidationException –  “TF26194: The value for field ‘Authorized Date’ cannot be changed.” Conclusion - You need to be a member of the Project Collection Service account group in order to set the fields ‘System.ChangedDate’ and ‘System.CreatedDate’ to historic dates - You need to instantiate the WorkItemStore using the flag ByPassValidation - The System.ChangedDate needs to be set to a historic date at the time of work item creation. You cannot reset the ChangedDate to a date earlier than the existing ChangedDate and you cannot reset the ChangedDate to a date greater than the current date time. - The System.CreatedDate can only be reset after a work item has been created. You cannot set the CreatedDate at the time of work item creation. The CreatedDate cannot be greater than the current date. You can however reset the CreatedDate to a date earlier than the existing value. - You will not be able to synthesize the Sprint burn down chart by changing the value of System.ChangedDate and System.CreatedDate to historic dates, since the burn down chart uses AsOf queries to calculate the unfinished work points which internally uses the System.AuthorizedDate and NOT the System.ChangedDate & System.CreatedDate - System.AuthorizedDate cannot be set to a historic date using the TFS API Read other posts on using the TFS API here… Enjoy!

    Read the article

  • Is reliance on parametrized queries the only way to protect against SQL injection?

    - by Chris Walton
    All I have seen on SQL injection attacks seems to suggest that parametrized queries, particularly ones in stored procedures, are the only way to protect against such attacks. While I was working (back in the Dark Ages) stored procedures were viewed as poor practice, mainly because they were seen as less maintainable; less testable; highly coupled; and locked a system into one vendor; (this question covers some other reasons). Although when I was working, projects were virtually unaware of the possibility of such attacks; various rules were adopted to secure the database against corruption of various sorts. These rules can be summarised as: No client/application had direct access to the database tables. All accesses to all tables were through views (and all the updates to the base tables were done through triggers). All data items had a domain specified. No data item was permitted to be nullable - this had implications that had the DBAs grinding their teeth on occasion; but was enforced. Roles and permissions were set up appropriately - for instance, a restricted role to give only views the right to change the data. So is a set of (enforced) rules such as this (though not necessarily this particular set) an appropriate alternative to parametrized queries in preventing SQL injection attacks? If not, why not? Can a database be secured against such attacks by database (only) specific measures? EDIT Emphasis of the question changed slightly, in the light of the initial responses received. Base question unchanged. EDIT2 The approach of relying on paramaterized queries seems to be only a peripheral step in defense against attacks on systems. It seems to me that more fundamental defenses are both desirable, and may render reliance on such queries not necessary, or less critical, even to defend specifically against injection attacks. The approach implicit in my question was based on "armouring" the database and I had no idea whether it was a viable option. Further research has suggested that there are such approaches. I have found the following sources that provide some pointers to this type of approach: http://database-programmer.blogspot.com http://thehelsinkideclaration.blogspot.com The principle features I have taken from these sources is: An extensive data dictionary, combined with an extensive security data dictionary Generation of triggers, queries and constraints from the data dictionary Minimize Code and maximize data While the answers I have had so far are very useful and point out difficulties arising from disregarding paramaterized queries, ultimately they do not answer my original question(s) (now emphasised in bold).

    Read the article

  • Phishing alert but file never existed

    - by IMB
    I got an alert from Google Webmasters. They say the following file was present in my host: example.com/~jhostgop/identity.php I checked my files and it never existed at all. I've experience this problem in two different host and domains but the file never existed in my file system. It appears somebody out there is linking a random domain and it prefixes the link with /~jhostgop/identity.php. Now Google may have indexed them so now I get those false phishing alerts. Anyone experienced this? Is it possible to prevent this?

    Read the article

  • Books or guides regarding secure key storage and database encryption

    - by Matty
    I have an idea for a SaaS product I want to create, however, this product will store extremely sensitive data that needs to be encrypted at rest. The trouble is not so much the encryption, but the problem of securely storing the keys so that in the event the server was somehow compromised, the keys couldn't just be recovered and used to decrypt the database. Are there any decent books to guides regarding database encryption, and in particular secure key storage? This seems to be a less than straightforward topic and something that is difficult to get right. I'm seeing multiple ways to attack such a system, but unable to come up with one that is secure enough to store highly confidential information.

    Read the article

  • Windows RT Secured Only By Microsoft

    That disconcerting news is what Mark Hachman is reporting for Read Write Web. One can more or less safely assume that Microsoft will come up with its own antivirus software for Windows RT. Still, this is a rather unusual state of affairs; why is the company doing this? Hachman explains that apps for the Windows RT operating system can run just fine on Windows 8, but the reverse is not true, unless the Windows 8 app has been specially compiled to run on both Windows 8 and Windows RT. The difference apparently stems from the processors for which the two systems have been optimized. Windows 8 ru...

    Read the article

  • Basic Ubuntu FTP Server

    - by JPrescottSanders
    I would like to setup a basic FTP server on my Ubuntu Server install. I have been playing with VSFTPD, but am having issues getting the server to allow me to create directories and copy files. I have set the system to allow local users, but it appears that doesn't mean I get access to create directories. This may be an instance where I need to be better grounded in Unbuntu server setup in order to configure this FTP server adequately. The end goal is to be able to move files from my local dev folder into my www folder for deployment. Directories need to be able to move as well. Any help would be greatly appreciated.

    Read the article

  • Can see samba shares but not access them

    - by nitefrog
    For the life of me I cannot figure this one out. I have samba installed and set up on the ubuntu box and on the Win7 box I CAN SEE all the shares I created. I created two users on ubuntu that map to the users in windows. On ubuntu they are both admins, user A & B on Windows User A is admin and user B is poweruser. User A can see both shares and access them, but user B can see everythin, but only access the homes directory, the other directory throws an error. I have two drives in Ubuntu and this is the smb.config file (I am new to samba): [global] workgroup = WORKGROUP server string = %h server (Samba, Ubuntu) wins support = no dns proxy = yes name resolve order = lmhosts host wins bcast log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d security = user encrypt passwords = true passdb backend = tdbsam obey pam restrictions = yes unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = yes map to guest = bad user ; usershare max shares = 100 usershare allow guests = yes And here is the share section: Both user A & B can access this from windows. No problems. [homes] comment = Home Directories browseable = no writable = yes Both User A & B can see this share, but only user A can access it. User B get an error thrown. [stuff] comment = Unixmen File Server path = /media/data/appinstall/ browseable = yes ;writable = no read only = yes hosts allow = The permission for the media/data/appinstall/ is as follows: appInstall properties: share name: stuff Allow others to create and delete files in this folder is cheeked Guest access (for people without a user account) is checked permissions: Owner: user A Folder Access: Create and delete files File Access: --- Group: user A Folder Access: Create and delete files File Access: --- Others Folder Access: Create and delete files File Access: --- I am at a loss and need to get this work. Any ideas? The goal is to have a setup like this. 3 users on window machines. Each user on the data drive will have their own personal folder where they are the ones that can only access, then another folder where 2 of the users will have read only and one user full access. I had this setup before on windows, but after what happened I am NEVER going back to windows, so Unix here I am to stay! I am really stuck. I am running Ubuntu 11. I could reformat again and put on version 10 if that would make life easier. I have been dealing with this since Wed. 3pm. Thanks.

    Read the article

  • Situations that require protecting files against tampering when stored on a users computer

    - by Joel
    I'm making a 'Pokémon Storage System' with a Client/Server model and as part of that I was thinking of storing an inventory file on the users computer which I do not wish to be edited except by my program. An alternative to this would be to instead to store the inventory file on the server and control it's editing by sending commands to the server but I was wondering if there are any situations which require files to be stored on a users computer where editing would be undesirable and if so how do you protect the files? I was thinking AES with some sort of checksum?

    Read the article

  • Disadvantages of a fake phpMyAdmin honeypot that causes ip blacklisting and robots.txt disallow/exclusion of the honeypot?

    - by Tchalvak
    I'm trying to figure out whether I should set up a honeypot system with a fake phpMyAdmin (site gets hits all the time with people spidering for insecurities with that app). My thought was to create a honeypot php script that would mimic a phpMyAdmin login, and then blacklist ips that hit that url (and aren't already whitelisted). I would then add the appropriate urls to the robots.txt so that spiders that actually respect my robots.txt wouldn't be caught by the blacklist. Are there disadvantages to this approach, do legit robots sometimes not respect robots.txt in certain circumstances, are there any problems with this that I should consider in advance?

    Read the article

  • How would I know if my OS is compromised?

    - by itsols
    I had opened a php folder from a friend's web host. I run it on mine to fix some bugs. Then I tried attaching the code to be emailed and GMAIL stated that the attachment was infected by a virus. Now I'm afraid if my Apache or OS (12.04) is infected. I checked the php files and found a base64 encoded set of code being 'eval'd at the top of each and every php file. Just reversing it (echo with htmlspecialchars) showed some clue that there were sockets in use and something to do with permissions. And also there were two websites referred having .ru extensions. Now I'm afraid if my Ubuntu system is affected or compromised. Any advice please! Here's my second run of rkhunter with the options: sudo rkhunter --check --rwo Warning: The command '/usr/bin/unhide.rb' has been replaced by a script: /usr/bin/unhide.rb: Ruby script, ASCII text Warning: Hidden directory found: /dev/.udev Warning: Hidden file found: /dev/.initramfs: symbolic link to `/run/initramfs'

    Read the article

  • Steps after SQL Injection detected

    - by Zukas
    I've come across SQL injection vulnerabilities on my companies ecommerce page. It was fairly poorly put together. I believe I have prevented future attempts however we are getting calls about fraudulent credit card charges on our site and others. This leads me to believe that someone was able to get a list of our credit card numbers. What doesn't make sense is that we don't store that information and we use Authorize.net for the transaction. If someone was able to get the CC#s, what should I do next? Inform ALL of our customers that someone broken into our system and stole their information? I have a feeling that will be bad for business.

    Read the article

  • How to enable home directory encryption for a particular user?

    - by Ivan
    I prefer to have a dedicated "administrator" user for technical purposes and that was one I've set up during installation. I've also refused to encrypt the home folder of the user. Now, as I've added a user account for my actual work usage I want my (but not the "administrator") home folder to be encrypted. How to turn this on? If it is not possible then how to enable encryption for all users home directories on a system already installed? I've found questions and answers about how to disable it but am not sure how to enable it.

    Read the article

  • Is it possible to configure Ubuntu as a software firewall?

    - by user3215
    I have some systems running on Ubuntu in the private IP range 192.168.2.0-255 . These systems are connected to a switch and the switch is connected to the ISP's modem. Neither the switch nor the modem support firewall options. I don't have any firewall device and I'm not willing to individually configure firewalls on all the systems (via gui/iptables). Is it possible to make an Ubuntu system into something like a software firewall, so that all the traffic/packets sent to or from the WAN(internet) would be allowed/denied based on its firewall rules?

    Read the article

  • How to set up an rsync backup to Ubuntu securely?

    - by ws_e_c421
    I have been following various other tutorials and blog posts on setting up a Ubuntu machine as a backup "server" (I'll call it a server, but it's just running Ubuntu desktop) that I push new files to with rsync. Right now, I am able to connect to the server from my laptop using rsync and ssh with an RSA key that I created and no password prompt when my laptop is connected to my home router that the server is also connected to. I would like to be able to send files from my laptop when I am away from home. Some of the tutorials I have looked at had some brief suggestions about security, but they didn't focus on them. What do I need to do to let my laptop with send files to the server without making it too easy for someone else to hack into the server? Here is what I have done so far: Ran ssh-keygen and ssh-copy-id to create a key pair for my laptop and server. Created a script on the server to write its public ip address to a file, encrypt the file, and upload to an ftp server I have access to (I know I could sign up for a free dynamic DNS account for this part, but since I have the ftp account and don't really need to make the ip publicly accessible I thought this might be better). Here are the things I have seen suggested: Port forwarding: I know I need to assign the server a fixed ip address on the router and then tell the router to forward a port or ports to it. Should I just use port 22 or choose a random port and use that? Turn on the firewall (ufw). Will this do anything, or will my router already block everything except the port I want? Run fail2ban. Are all of those things worth doing? Should I do anything else? Could I set up the server to allow connections with the RSA key only (and not with a password), or will fail2ban provide enough protection against malicious connection attempts? Is it possible to limit the kinds of connections the server allows (e.g. only ssh)? I hope this isn't too many questions. I am pretty new to Ubuntu (but use the shell and bash scripts on OSX). I don't need to have the absolute most secure set up. I'd like something that is reasonably secure without being so complicated that it could easily break in a way that would be hard for me to fix.

    Read the article

  • SSL + Jquery + Ajax

    - by chobo2
    Hi I starting too look at a bit of security into my site. My site I would consider a very low security risk as it has really no personal information from the user other than email. However the security risk will go up a bit as I am partnering with a company and the initial password for this companies users will be the same password they use essentially to get onto the network and every piece of software. So I have up my security( what is fine by me...I wanted to get around to this anyways). So one of my security concerns is this. A user logs in. form submit(non ajax is done). Password is hashed & Salted and compared to one in the database. Reject or let them proceed. So this uses no jquery or ajax but is just asp.net mvc and C#. Still if my understanding is right the password is sent in clear text. So if a use SSL and I would not need to worry about that is this correct? If that is true is that all I need? Second the user can change their password at anytime. This is done through ajax. So when the password is sent it is sent in clear text( and I can verify this by looking at firebug). So if I have SSL enabled on this page is that all I need or do I need to do more? So I am just kinda confused of what I need to make the password being sent to the server(both ajax and full post ways secure). I am not sure if I need to do more then SSL or if that is enough and if it is not enough what is the next layer of security?

    Read the article

  • "The system time has changed" events after waking from sleep

    - by Damir Arh
    Sometimes when my computer running Windows 7 wakes up from sleep, it has to adjust the time. When this happens the following system event is logged: <Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'> <System> <Provider Name='Microsoft-Windows-Kernel-General' Guid='{A68CA8B7-004F-D7B6-A698-07E2DE0F1F5D}'/> <EventID>1</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x8000000000000010</Keywords> <TimeCreated SystemTime='2010-03-06T19:09:57.500000000Z'/> <EventRecordID>10672</EventRecordID> <Correlation/> <Execution ProcessID='4' ThreadID='56'/> <Channel>System</Channel> <Computer>GAME</Computer> <Security/> </System> <EventData> <Data Name='NewTime'>2010-03-06T19:09:57.500000000Z</Data> <Data Name='OldTime'>2010-03-06T17:34:32.870117200Z</Data> </EventData> <RenderingInfo Culture='sl-SI'> <Message>The system time has changed to ?2010?-?03?-?06T19:09:57.500000000Z from ?2010?-?03?-?06T17:34:32.870117200Z.</Message> <Level>Information</Level> <Task></Task> <Opcode>Info</Opcode> <Channel>System</Channel> <Provider>Microsoft-Windows-Kernel-General</Provider> <Keywords> <Keyword>Time</Keyword> </Keywords> </RenderingInfo> </Event> When this happens (I noticed it twice until now) the old time always corresponds to the time when computer entered sleep. The problem is that if Windows Media Center is scheduled for recording during this time, it just skips it as if the computer was turned off. I never had this problem running Windows Vista on the same machine. Any ideas what could be causing this problem and how to solve it are welcome.

    Read the article

  • apt-get update error after removing apt-key

    - by Caterpillar
    After Running apt-get update on ubuntu 10.04 server, I found this issue, Can any help me to solve this issue. Before this I had remove apt-key. Where can I get this apt-key to add it again. apt-get update Get:1 http://security.ubuntu.com lucid-security Release.gpg [198B] Ign http://security.ubuntu.com/ubuntu/ lucid-security/main Translation-en_IN Ign http://security.ubuntu.com/ubuntu/ lucid-security/restricted Translation-en_IN Get:2 http://in.archive.ubuntu.com lucid Release.gpg [189B] Ign http://in.archive.ubuntu.com/ubuntu/ lucid/main Translation-en_IN Ign http://in.archive.ubuntu.com/ubuntu/ lucid/restricted Translation-en_IN Ign http://security.ubuntu.com/ubuntu/ lucid-security/universe Translation-en_IN Ign http://security.ubuntu.com/ubuntu/ lucid-security/multiverse Translation-en_IN Get:3 http://security.ubuntu.com lucid-security Release [44.7kB] Err http://security.ubuntu.com lucid-security Release Ign http://in.archive.ubuntu.com/ubuntu/ lucid/universe Translation-en_IN Ign http://in.archive.ubuntu.com/ubuntu/ lucid/multiverse Translation-en_IN Get:4 http://in.archive.ubuntu.com lucid-updates Release.gpg [198B] Ign http://in.archive.ubuntu.com/ubuntu/ lucid-updates/main Translation-en_IN Ign http://in.archive.ubuntu.com/ubuntu/ lucid-updates/restricted Translation-en_IN Ign http://in.archive.ubuntu.com/ubuntu/ lucid-updates/universe Translation-en_IN Ign http://in.archive.ubuntu.com/ubuntu/ lucid-updates/multiverse Translation-en_IN Hit http://in.archive.ubuntu.com lucid Release Ign http://in.archive.ubuntu.com lucid Release Get:5 http://in.archive.ubuntu.com lucid-updates Release [44.7kB] Err http://in.archive.ubuntu.com lucid-updates Release Hit http://in.archive.ubuntu.com lucid/main Packages Hit http://in.archive.ubuntu.com lucid/restricted Packages Hit http://in.archive.ubuntu.com lucid/main Sources Hit http://in.archive.ubuntu.com lucid/restricted Sources Hit http://in.archive.ubuntu.com lucid/universe Packages Hit http://in.archive.ubuntu.com lucid/universe Sources Hit http://in.archive.ubuntu.com lucid/multiverse Packages Hit http://in.archive.ubuntu.com lucid/multiverse Sources Fetched 587B in 1s (465B/s) Reading package lists... Done W: A error occurred during the signature verification. The repository is not updated and the previous index files will be used.GPG error: http://security.ubuntu.com lucid-security Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 W: GPG error: http://in.archive.ubuntu.com lucid Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 W: A error occurred during the signature verification. The repository is not updated and the previous index files will be used.GPG error: http://in.archive.ubuntu.com lucid-updates Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/lucid-security/Release W: Failed to fetch http://in.archive.ubuntu.com/ubuntu/dists/lucid-updates/Release W: Some index files failed to download, they have been ignored, or old ones used instead.

    Read the article

  • "No more threads can be created in the system" in Network and Sharing Center

    - by Zell Faze
    A while back I noticed on one of our laboratory computers (Windows 7, very little extra software installed) that the network connection icon in the system tray would claim that it had no network connection, even though it did. This issue would go away after the computer was rebooted, but would surface again the next time I looked at the computer (a few days later). Upon opening the Network and Sharing Center I am shown an actual error message, but not one that seems to give me a lot of information about what the problem is. In the place of the usual information about network adapters and whether you are connected to the Internet it simply says: "No more threads can be created in the system." The Event Viewer shows hundreds of events from different services also with the same message. "Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x800700a4, No more threads can be created in the system."; "The WinHTTP Web Proxy Auto-Discovery Service service failed to start due to the following error: A thread could not be created for the service."; "The IP Helper service terminated with the following error: No more threads can be created in the system." As far as I can tell, this message seems to mean that there is some sort of resource leak in Windows where something is creating a large number of threads and those threads are not being killed off? I've tried restarting WMI and several services related to networking, without avail. Can anyone provide more information on what "No more threads can be created in the system" might mean and what I might be able to do to fix the issue? Currently the only solution appears to be restarting.

    Read the article

  • Unable to Create System DSN

    - by Baxter
    Environment: Windows 7 Professional 64-bit Operating System Problem: (ODBC Data Source Administrator) Opening Administrative Tools - Data Sources (ODBC) - Click "System DSN" tab. Error: ODBC System DSN Warning You are logged on with non-Administrative privileges. System DSNs could not be created or modified. Failed Troubleshooting so far: Enabled local Administrator account logged in under this account. Navigated to C:\Windows\System32\ right clicked odbcad32.exe Run as Administrator Notes: I am an Administrator on this machine. The 32-bit version runs fine if I open C:\Windows\SysWoW64\odbcad32.exe However, I need the data source to be 64-bit. I am not experiencing this problem on any of my other 64-bit machines. Any help would be greatly appreciated.

    Read the article

  • Open file - Security warning

    - by joker
    Does anyone know how to disable the unknown publisher security warning when running an application in Windows Xp Home? It's pretty annoying to have to click run everytime... I have tried: Run gpedit.msc, and go to Local Computer Policy-User Configuration-Administrative Templates-Windows Components-Attachment Manager and enable "Default risk level for file attachments", and then enable "Inclusion list for low risk file types" and add to this list the file extensions that you want to open without triggering this crap. But this file 'gpedit.msc' doest not exist on my computer, i checked system32 folder also =/ maybe its for xp pro

    Read the article

  • Accidently overwrote system.dbf - What now?

    - by Filip Ekberg
    I accidentally overwrote system.dbf in /usr/lib/oracle/xe/oradata/XE/system.dbf Well I did not actually do it accidentally, however I overwrote it because of other failures in the database. And when I try running the following: SQL> shutdown ORA-01109: database not open Database dismounted. ORACLE instance shut down. SQL> startup ORACLE instance started. Total System Global Area 289406976 bytes Fixed Size 1258488 bytes Variable Size 92277768 bytes Database Buffers 192937984 bytes Redo Buffers 2932736 bytes Database mounted. ORA-01589: must use RESETLOGS or NORESETLOGS option for database open Now I want to try to Recover the database because starting it in mounted or standard surely doesn't work. SQL> recover database using backup controlfile; ORA-00283: recovery session canceled due to errors ORA-01110: data file 1: '/usr/lib/oracle/xe/oradata/XE/system.dbf' ORA-01122: database file 1 failed verification check ORA-01110: data file 1: '/usr/lib/oracle/xe/oradata/XE/system.dbf' ORA-01206: file is not part of this database - wrong database id How do I solve this? Is it even possible? My "real" problem was that I ran the /etc/init.d/oracle-xe configure and it overwrote my old configuration and probably removed passwords and such so my tables were gone, however I found the mytablespace.dbf so I hope that it is possible to recover? Please shed some light on this.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 109 110 111 112 113 114 115 116 117 118 119 120  | Next Page >