Search Results

Search found 55010 results on 2201 pages for 'system security'.

Page 117/2201 | < Previous Page | 113 114 115 116 117 118 119 120 121 122 123 124  | Next Page >

• SecurityNegotiationException in WCF Service Hosted on IIS

  - by Ram

  Hi, I have hosted a WCF service on IIS. The configuration file is as follows <?xml version="1.0"?> <!-- Note: As an alternative to hand editing this file you can use the web admin tool to configure settings for your application. Use the Website->Asp.Net Configuration option in Visual Studio. A full list of settings and comments can be found in machine.config.comments usually located in \Windows\Microsoft.Net\Framework\v2.x\Config --> <configuration> <configSections> <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere" /> <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> </sectionGroup> </sectionGroup> </sectionGroup> </configSections> <appSettings/> <connectionStrings/> <system.web> <!-- Set compilation debug="true" to insert debugging symbols into the compiled page. Because this affects performance, set this value to true only during development. --> <compilation debug="false"> <assemblies> <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> </assemblies> </compilation> <!-- The <authentication> section enables configuration of the security authentication mode used by ASP.NET to identify an incoming user. --> <authentication mode="Windows" /> <!-- The <customErrors> section enables configuration of what to do if/when an unhandled error occurs during the execution of a request. Specifically, it enables developers to configure html error pages to be displayed in place of a error stack trace. <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm"> <error statusCode="403" redirect="NoAccess.htm" /> <error statusCode="404" redirect="FileNotFound.htm" /> </customErrors> --> <pages> <controls> <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> </controls> </pages> <httpHandlers> <remove verb="*" path="*.asmx"/> <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> </httpHandlers> <httpModules> <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> </httpModules> </system.web> <system.codedom> <compilers> <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> <providerOption name="CompilerVersion" value="v3.5"/> <providerOption name="WarnAsError" value="false"/> </compiler> </compilers> </system.codedom> <system.web.extensions> <scripting> <webServices> <!-- Uncomment this section to enable the authentication service. Include requireSSL="true" if appropriate. <authenticationService enabled="true" requireSSL = "true|false"/> --> <!-- Uncomment these lines to enable the profile service, and to choose the profile properties that can be retrieved and modified in ASP.NET AJAX applications. <profileService enabled="true" readAccessProperties="propertyname1,propertyname2" writeAccessProperties="propertyname1,propertyname2" /> --> <!-- Uncomment this section to enable the role service. <roleService enabled="true"/> --> </webServices> <!-- <scriptResourceHandler enableCompression="true" enableCaching="true" /> --> </scripting> </system.web.extensions> <!-- The system.webServer section is required for running ASP.NET AJAX under Internet Information Services 7.0. It is not necessary for previous version of IIS. --> <system.webServer> <validation validateIntegratedModeConfiguration="false"/> <modules> <add name="ScriptModule" preCondition="integratedMode" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> </modules> <handlers> <remove name="WebServiceHandlerFactory-Integrated"/> <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> </handlers> </system.webServer> <system.serviceModel> <services> <service name="IISTest2.Service1" behaviorConfiguration="IISTest2.Service1Behavior"> <!-- Service Endpoints --> <endpoint address="" binding="wsHttpBinding" contract="IISTest2.IService1"> <!-- Upon deployment, the following identity element should be removed or replaced to reflect the identity under which the deployed service runs. If removed, WCF will infer an appropriate identity automatically. --> <identity> <dns value="localhost"/> </identity> </endpoint> <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/> </service> </services> <behaviors> <serviceBehaviors> <behavior name="IISTest2.Service1Behavior"> <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment --> <serviceMetadata httpGetEnabled="true"/> <!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information --> <serviceDebug includeExceptionDetailInFaults="false"/> </behavior> </serviceBehaviors> </behaviors> </system.serviceModel> </configuration> The client configuration file is as follows <?xml version="1.0" encoding="utf-8" ?> <configuration> <system.serviceModel> <bindings> <wsHttpBinding> <binding name="WSHttpBinding_IService1" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false"> <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" /> <security mode="Message"> <transport clientCredentialType="Windows" proxyCredentialType="None" realm="" /> <message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default" establishSecurityContext="true" /> </security> </binding> </wsHttpBinding> </bindings> <client> <endpoint address="http://yyy.zzz.xxx.net/IISTest2/Service1.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IService1" contract="ServTest.IService1" name="WSHttpBinding_IService1"> <identity> <dns value="localhost" /> </identity> </endpoint> </client> </system.serviceModel> </configuration> When I tried to access the service from client application, I got SecurityNegotiationException and details are Secure channel cannot be opened because security negotiation with the remote endpoint has failed. This may be due to absent or incorrectly specified EndpointIdentity in the EndpointAddress used to create the channel. Please verify the EndpointIdentity specified or implied by the EndpointAddress correctly identifies the remote endpoint. If I host the service on ASP .NET Dev server, it work well but if I host on IIS above mentioned error occurs. Thanks, Ram

  Read the article

• Ubuntu Sudo apt-get -f install

  - by Justin

  I was trying to install a program. And It said that my Dependencies were unmet. And that I should run, sudo apt-get -f install. I have moved everything I didn't need in /etc/apt/sources.list.d/ into the trash. My source.list is all Natty while I am running Oneiric. So maybe I need a new source.list? But here are the things I have: justin@justin-000:~$ sudo apt-get -f install [sudo] password for justin: Reading package lists... Done Building dependency tree Reading state information... Done Correcting dependencies... Done The following extra packages will be installed: linux-image-3.0.0-13-generic Suggested packages: fdutils linux-doc-3.0.0 linux-source-3.0.0 linux-tools The following NEW packages will be installed: linux-image-3.0.0-13-generic 0 upgraded, 1 newly installed, 0 to remove and 3 not upgraded. 2 not fully installed or removed. Need to get 0 B/36.5 MB of archives. After this operation, 117 MB of additional disk space will be used. Do you want to continue [Y/n]? y (Reading database ... 270736 files and directories currently installed.) Unpacking linux-image-3.0.0-13-generic (from .../linux-image-3.0.0-13- generic_3.0.0-13.22_i386.deb) ... Done. dpkg: error processing /var/cache/apt/archives/linux-image-3.0.0-13 generic_3.0.0-13.22_i386.deb (--unpack): corrupted filesystem tarfile - corrupted package archive No apport report written because MaxReports is reached already dpkg-deb: error: subprocess paste was killed by signal (Broken pipe) Examining /etc/kernel/postrm.d . run-parts: executing /etc/kernel/postrm.d/initramfs-tools 3.0.0-13-generic /boot/vmlinuz-3.0.0-13-generic run-parts: executing /etc/kernel/postrm.d/zz-extlinux 3.0.0-13-generic /boot/vmlinuz-3.0.0-13-generic P: Checking for EXTLINUX directory... found. P: Writing config for /boot/vmlinuz-3.0.0-12-generic... P: Writing config for /boot/vmlinuz-2.6.38-11-generic... P: Installing debian theme... done. run-parts: executing /etc/kernel/postrm.d/zz-update-grub 3.0.0-13-generic /boot/vmlinuz-3.0.0-13-generic Errors were encountered while processing: /var/cache/apt/archives/linux-image-3.0.0-13-generic_3.0.0-13.22_i386.deb E: Sub-process /usr/bin/dpkg returned an error code (1) justin@justin-000:~$ sudo apt-get update justin@justin-000:~$ sudo apt-get update Ign dl.google.com stable InRelease Ign dl.google.com stable InRelease Get:1dl.google.com stable Release.gpg [198 B] Ign us.archive.ubuntu.com oneiric InRelease Ign us.archive.ubuntu.com oneiric-security InRelease Ign http://us.archive.ubuntu.com oneiric-updates InRelease Get:2 dl.google.com stable Release.gpg [198 B] Get:3 dl.google.com stable Release [1,347 B] Get:4 dl.google.com stable Release [1,338 B] Hit us.archive.ubuntu.com oneiric Release.gpg Hit us.archive.ubuntu.com oneiric-security Release.gpg Get:5/dl.google.com stable/main i386 Packages [1,220 B] Hit tp://us.archive.ubuntu.com oneiric-updates Release.gpg Ign tp://dl.google.com stable/main TranslationIndex Get:6 tp://dl.google.com stable/main i386 Packages [464 B] Ign ttp://ppa.launchpad.net oneiric InRelease Hit ttp://us.archive.ubuntu.com oneiric Release Ign ttp://ppa.launchpad.net oneiric InRelease Ign ttp://dl.google.com stable/main TranslationIndex Hit ttp://ppa.launchpad.net oneiric Release.gpg Hit ttp://us.archive.ubuntu.com oneiric-security Release Hit ttp://ppa.launchpad.net oneiric Release.gpg Hit ttp://us.archive.ubuntu.com oneiric-updates Release Hit ttp://us.archive.ubuntu.com oneiric/main Sources Hit ttp://us.archive.ubuntu.com oneiric/restricted Sources Hit ttp://us.archive.ubuntu.com oneiric/universe Sources Hit ttp://us.archive.ubuntu.com oneiric/multiverse Sources Hit ttp://us.archive.ubuntu.com oneiric/main i386 Packages Hit ttp://ppa.launchpad.net oneiric Release Hit ttp://us.archive.ubuntu.com oneiric/restricted i386 Packages Hit ttp://us.archive.ubuntu.com oneiric/universe i386 Packages Hit ttp://us.archive.ubuntu.com oneiric/multiverse i386 Packages Hit ttp://us.archive.ubuntu.com oneiric/main TranslationIndex Hit ttp://us.archive.ubuntu.com oneiric/multiverse TranslationIndex Hit ://us.archive.ubuntu.com oneiric/restricted TranslationIndex Hit htp://us.archive.ubuntu.com oneiric/universe TranslationIndex Hit htp://us.archive.ubuntu.com oneiric-security/main Sources Hit ttp://us.archive.ubuntu.com oneiric-security/restricted Sources Hit ttp://ppa.launchpad.net oneiric Release Hit ttp://us.archive.ubuntu.com oneiric-security/universe Sources Hit tp://us.archive.ubuntu.com oneiric-security/multiverse Sources Hit htp://us.archive.ubuntu.com oneiric-security/main i386 Packages Hit tp://us.archive.ubuntu.com oneiric-security/restricted i386 Packages Hit ttp://us.archive.ubuntu.com oneiric-security/universe i386 Packages Hit ttp://us.archive.ubuntu.com oneiric-security/multiverse i386 Packages Hit htp://ppa.launchpad.net oneiric/main Sources Hit ttp://ppa.launchpad.net oneiric/main i386 Packages Ign htp://ppa.launchpad.net oneiric/main TranslationIndex Hit ttp://us.archive.ubuntu.com oneiric-security/main TranslationIndex Hit ttp://us.archive.ubuntu.com oneiric-security/multiverse TranslationIndex Hit htp://us.archive.ubuntu.com oneiric-security/restricted TranslationIndex Hit htp://us.archive.ubuntu.com oneiric-security/universe TranslationIndex Ign htp://dl.google.com stable/main Translation-en_US Hit htp://us.archive.ubuntu.com oneiric-updates/main Sources Hit htp://us.archive.ubuntu.com oneiric-updates/restricted Sources Hit tp://us.archive.ubuntu.com oneiric-updates/universe Sources Hit htp://us.archive.ubuntu.com oneiric-updates/multiverse Sources Hit htp://us.archive.ubuntu.com oneiric-updates/main i386 Packages Ign htp://dl.google.com stable/main Translation-en Hit ttp://ppa.launchpad.net oneiric/main Sources Hit htp://ppa.launchpad.net oneiric/main i386 Packages Hit ttp://us.archive.ubuntu.com oneiric-updates/restricted i386 Packages Ign htp://dl.google.com stable/main Translation-en_US Ign htp://ppa.launchpad.net oneiric/main TranslationIndex Hit hp://us.archive.ubuntu.com oneiric-updates/universe i386 Packages Hit ttp://us.archive.ubuntu.com oneiric-updates/multiverse i386 Packages Hit htp://us.archive.ubuntu.com oneiric-updates/main TranslationIndex Hit htp://us.archive.ubuntu.com oneiric-updates/multiverse TranslationIndex Hit htp://us.archive.ubuntu.com oneiric-updates/restricted TranslationIndex Ign htp://dl.google.com stable/main Translation-en Hit htp://us.archive.ubuntu.com oneiric-updates/universe TranslationIndex Hit ttp://us.archive.ubuntu.com oneiric/main Translation-en Hit ttp://us.archive.ubuntu.com oneiric/multiverse Translation-en Hit htp://us.archive.ubuntu.com oneiric/restricted Translation-en Hit htp://us.archive.ubuntu.com oneiric/universe Translation-en Hit htp://us.archive.ubuntu.com oneiric-security/main Translation-en Hit hp://us.archive.ubuntu.com oneiric-security/multiverse Translation-en Hit htp://us.archive.ubuntu.com oneiric-security/restricted Translation-en Hit htp://us.archive.ubuntu.com oneiric-security/universe Translation-en Hit htp://us.archive.ubuntu.com oneiric-updates/main Translation-en Hit htp://us.archive.ubuntu.com oneiric-updates/multiverse Translation-en Hit htp://us.archive.ubuntu.com oneiric-updates/restricted Translation-en Hit htp://us.archive.ubuntu.com oneiric-updates/universe Translation-en Ign htp://ppa.launchpad.net oneiric/main Translation-en_US Ign htt://ppa.launchpad.net oneiric/main Translation-en Ign htp://ppa.launchpad.net oneiric/main Translation-en_US Ign htp://ppa.launchpad.net oneiric/main Translation-en Fetched 4,765 B in 2s (2,158 B/s) Reading package lists... Done justin@justin-000:~$

  Read the article

• "corrupted filesystem tarfile - corrupted package archive" error

  - by Justin

  I was trying to install a program and it said that my dependencies were unmet, and that I should run, sudo apt-get -f install. I have moved everything I didn't need in /etc/apt/sources.list.d/ into the trash. My source.list is all Natty while I am running Oneiric. So maybe I need a new source.list? But here are the things I have: justin@justin-000:~$ sudo apt-get -f install [sudo] password for justin: Reading package lists... Done Building dependency tree Reading state information... Done Correcting dependencies... Done The following extra packages will be installed: linux-image-3.0.0-13-generic Suggested packages: fdutils linux-doc-3.0.0 linux-source-3.0.0 linux-tools The following NEW packages will be installed: linux-image-3.0.0-13-generic 0 upgraded, 1 newly installed, 0 to remove and 3 not upgraded. 2 not fully installed or removed. Need to get 0 B/36.5 MB of archives. After this operation, 117 MB of additional disk space will be used. Do you want to continue [Y/n]? y (Reading database ... 270736 files and directories currently installed.) Unpacking linux-image-3.0.0-13-generic (from .../linux-image-3.0.0-13- generic_3.0.0-13.22_i386.deb) ... Done. dpkg: error processing /var/cache/apt/archives/linux-image-3.0.0-13 generic_3.0.0-13.22_i386.deb (--unpack): corrupted filesystem tarfile - corrupted package archive No apport report written because MaxReports is reached already dpkg-deb: error: subprocess paste was killed by signal (Broken pipe) Examining /etc/kernel/postrm.d . run-parts: executing /etc/kernel/postrm.d/initramfs-tools 3.0.0-13-generic /boot/vmlinuz-3.0.0-13-generic run-parts: executing /etc/kernel/postrm.d/zz-extlinux 3.0.0-13-generic /boot/vmlinuz-3.0.0-13-generic P: Checking for EXTLINUX directory... found. P: Writing config for /boot/vmlinuz-3.0.0-12-generic... P: Writing config for /boot/vmlinuz-2.6.38-11-generic... P: Installing debian theme... done. run-parts: executing /etc/kernel/postrm.d/zz-update-grub 3.0.0-13-generic /boot/vmlinuz-3.0.0-13-generic Errors were encountered while processing: /var/cache/apt/archives/linux-image-3.0.0-13-generic_3.0.0-13.22_i386.deb E: Sub-process /usr/bin/dpkg returned an error code (1) justin@justin-000:~$ sudo apt-get update justin@justin-000:~$ sudo apt-get update Ign dl.google.com stable InRelease Ign dl.google.com stable InRelease Get:1dl.google.com stable Release.gpg [198 B] Ign us.archive.ubuntu.com oneiric InRelease Ign us.archive.ubuntu.com oneiric-security InRelease Ign http://us.archive.ubuntu.com oneiric-updates InRelease Get:2 dl.google.com stable Release.gpg [198 B] Get:3 dl.google.com stable Release [1,347 B] Get:4 dl.google.com stable Release [1,338 B] Hit us.archive.ubuntu.com oneiric Release.gpg Hit us.archive.ubuntu.com oneiric-security Release.gpg Get:5/dl.google.com stable/main i386 Packages [1,220 B] Hit tp://us.archive.ubuntu.com oneiric-updates Release.gpg Ign tp://dl.google.com stable/main TranslationIndex Get:6 tp://dl.google.com stable/main i386 Packages [464 B] Ign ttp://ppa.launchpad.net oneiric InRelease Hit ttp://us.archive.ubuntu.com oneiric Release Ign ttp://ppa.launchpad.net oneiric InRelease Ign ttp://dl.google.com stable/main TranslationIndex Hit ttp://ppa.launchpad.net oneiric Release.gpg Hit ttp://us.archive.ubuntu.com oneiric-security Release Hit ttp://ppa.launchpad.net oneiric Release.gpg Hit ttp://us.archive.ubuntu.com oneiric-updates Release Hit ttp://us.archive.ubuntu.com oneiric/main Sources Hit ttp://us.archive.ubuntu.com oneiric/restricted Sources Hit ttp://us.archive.ubuntu.com oneiric/universe Sources Hit ttp://us.archive.ubuntu.com oneiric/multiverse Sources Hit ttp://us.archive.ubuntu.com oneiric/main i386 Packages Hit ttp://ppa.launchpad.net oneiric Release Hit ttp://us.archive.ubuntu.com oneiric/restricted i386 Packages Hit ttp://us.archive.ubuntu.com oneiric/universe i386 Packages Hit ttp://us.archive.ubuntu.com oneiric/multiverse i386 Packages Hit ttp://us.archive.ubuntu.com oneiric/main TranslationIndex Hit ttp://us.archive.ubuntu.com oneiric/multiverse TranslationIndex Hit ://us.archive.ubuntu.com oneiric/restricted TranslationIndex Hit htp://us.archive.ubuntu.com oneiric/universe TranslationIndex Hit htp://us.archive.ubuntu.com oneiric-security/main Sources Hit ttp://us.archive.ubuntu.com oneiric-security/restricted Sources Hit ttp://ppa.launchpad.net oneiric Release Hit ttp://us.archive.ubuntu.com oneiric-security/universe Sources Hit tp://us.archive.ubuntu.com oneiric-security/multiverse Sources Hit htp://us.archive.ubuntu.com oneiric-security/main i386 Packages Hit tp://us.archive.ubuntu.com oneiric-security/restricted i386 Packages Hit ttp://us.archive.ubuntu.com oneiric-security/universe i386 Packages Hit ttp://us.archive.ubuntu.com oneiric-security/multiverse i386 Packages Hit htp://ppa.launchpad.net oneiric/main Sources Hit ttp://ppa.launchpad.net oneiric/main i386 Packages Ign htp://ppa.launchpad.net oneiric/main TranslationIndex Hit ttp://us.archive.ubuntu.com oneiric-security/main TranslationIndex Hit ttp://us.archive.ubuntu.com oneiric-security/multiverse TranslationIndex Hit htp://us.archive.ubuntu.com oneiric-security/restricted TranslationIndex Hit htp://us.archive.ubuntu.com oneiric-security/universe TranslationIndex Ign htp://dl.google.com stable/main Translation-en_US Hit htp://us.archive.ubuntu.com oneiric-updates/main Sources Hit htp://us.archive.ubuntu.com oneiric-updates/restricted Sources Hit tp://us.archive.ubuntu.com oneiric-updates/universe Sources Hit htp://us.archive.ubuntu.com oneiric-updates/multiverse Sources Hit htp://us.archive.ubuntu.com oneiric-updates/main i386 Packages Ign htp://dl.google.com stable/main Translation-en Hit ttp://ppa.launchpad.net oneiric/main Sources Hit htp://ppa.launchpad.net oneiric/main i386 Packages Hit ttp://us.archive.ubuntu.com oneiric-updates/restricted i386 Packages Ign htp://dl.google.com stable/main Translation-en_US Ign htp://ppa.launchpad.net oneiric/main TranslationIndex Hit hp://us.archive.ubuntu.com oneiric-updates/universe i386 Packages Hit ttp://us.archive.ubuntu.com oneiric-updates/multiverse i386 Packages Hit htp://us.archive.ubuntu.com oneiric-updates/main TranslationIndex Hit htp://us.archive.ubuntu.com oneiric-updates/multiverse TranslationIndex Hit htp://us.archive.ubuntu.com oneiric-updates/restricted TranslationIndex Ign htp://dl.google.com stable/main Translation-en Hit htp://us.archive.ubuntu.com oneiric-updates/universe TranslationIndex Hit ttp://us.archive.ubuntu.com oneiric/main Translation-en Hit ttp://us.archive.ubuntu.com oneiric/multiverse Translation-en Hit htp://us.archive.ubuntu.com oneiric/restricted Translation-en Hit htp://us.archive.ubuntu.com oneiric/universe Translation-en Hit htp://us.archive.ubuntu.com oneiric-security/main Translation-en Hit hp://us.archive.ubuntu.com oneiric-security/multiverse Translation-en Hit htp://us.archive.ubuntu.com oneiric-security/restricted Translation-en Hit htp://us.archive.ubuntu.com oneiric-security/universe Translation-en Hit htp://us.archive.ubuntu.com oneiric-updates/main Translation-en Hit htp://us.archive.ubuntu.com oneiric-updates/multiverse Translation-en Hit htp://us.archive.ubuntu.com oneiric-updates/restricted Translation-en Hit htp://us.archive.ubuntu.com oneiric-updates/universe Translation-en Ign htp://ppa.launchpad.net oneiric/main Translation-en_US Ign htt://ppa.launchpad.net oneiric/main Translation-en Ign htp://ppa.launchpad.net oneiric/main Translation-en_US Ign htp://ppa.launchpad.net oneiric/main Translation-en Fetched 4,765 B in 2s (2,158 B/s) Reading package lists... Done justin@justin-000:~$

  Read the article

• Problem with apt-get update: failed to fetch error

  - by user171447

  I run an Ubuntu Server 12.04.3 LTS. Today, I wanted to update it, but I did not managed it (yes...), however upgrading worked well. I don't want you to solve my problem but it would be greatful if you could give me some hints. I googled hours, I fould a lot of this kind of errors, but not exactly this. Here is the output of apt-get update: Hit http://filepile.fastit.net precise Release.gpg Hit http://filepile.fastit.net precise Release Hit http://filepile.fastit.net precise/main amd64 Packages Hit http://filepile.fastit.net precise/restricted amd64 Packages Hit http://filepile.fastit.net precise/universe amd64 Packages Hit http://filepile.fastit.net precise/multiverse amd64 Packages Hit http://filepile.fastit.net precise/main i386 Packages Hit http://filepile.fastit.net precise/restricted i386 Packages Hit http://filepile.fastit.net precise/universe i386 Packages Hit http://filepile.fastit.net precise/multiverse i386 Packages Ign http://filepile.fastit.net precise/main TranslationIndex Ign http://filepile.fastit.net precise/multiverse TranslationIndex Ign http://filepile.fastit.net precise/restricted TranslationIndex Ign http://filepile.fastit.net precise/universe TranslationIndex Ign http://filepile.fastit.net precise/main Translation-en_GB Ign http://filepile.fastit.net precise/main Translation-en Ign http://filepile.fastit.net precise/main Translation-en_GB.UTF-8 Hit http://archive.canonical.com precise Release.gpg Ign http://filepile.fastit.net precise/multiverse Translation-en_GB Ign http://filepile.fastit.net precise/multiverse Translation-en Ign http://filepile.fastit.net precise/multiverse Translation-en_GB.UTF-8 Ign http://filepile.fastit.net precise/restricted Translation-en_GB Ign http://filepile.fastit.net precise/restricted Translation-en Ign http://filepile.fastit.net precise/restricted Translation-en_GB.UTF-8 Ign http://filepile.fastit.net precise/universe Translation-en_GB Ign http://filepile.fastit.net precise/universe Translation-en Ign http://filepile.fastit.net precise/universe Translation-en_GB.UTF-8 Hit http://archive.ubuntu.com precise Release.gpg Hit http://archive.canonical.com precise Release Hit http://archive.ubuntu.com precise Release Hit http://archive.ubuntu.com precise/main Sources Hit http://archive.ubuntu.com precise/restricted Sources Hit http://archive.ubuntu.com precise/main i386 Packages Hit http://archive.ubuntu.com precise/restricted i386 Packages Hit http://archive.ubuntu.com precise/multiverse i386 Packages Hit http://archive.ubuntu.com precise/main TranslationIndex Hit http://archive.ubuntu.com precise/multiverse TranslationIndex Hit http://archive.ubuntu.com precise/restricted TranslationIndex Hit http://archive.ubuntu.com precise/main Translation-en_GB Hit http://archive.ubuntu.com precise/main Translation-en Hit http://archive.ubuntu.com precise/multiverse Translation-en_GB Hit http://archive.ubuntu.com precise/multiverse Translation-en Hit http://archive.ubuntu.com precise/restricted Translation-en_GB Hit http://archive.ubuntu.com precise/restricted Translation-en Hit http://fr.archive.ubuntu.com precise-security Release.gpg Hit http://fr.archive.ubuntu.com precise-updates Release.gpg Hit http://fr.archive.ubuntu.com precise-security Release Hit http://fr.archive.ubuntu.com precise-updates Release Hit http://fr.archive.ubuntu.com precise-security/main amd64 Packages Hit http://fr.archive.ubuntu.com precise-security/restricted amd64 Packages Hit http://fr.archive.ubuntu.com precise-security/universe amd64 Packages Hit http://fr.archive.ubuntu.com precise-security/multiverse amd64 Packages :W: Failed to fetch http://archive.canonical.com/dists/precise/Release Unable to find expected entry 'main/binary-amd64/Packages' in Release file (Wrong sources.list entry or malformed file) E: Some index files failed to download. They have been ignored, or old ones used instead. Hit http://fr.archive.ubuntu.com precise-security/main i386 Packages Hit http://fr.archive.ubuntu.com precise-security/restricted i386 Packages Hit http://fr.archive.ubuntu.com precise-security/universe i386 Packages Hit http://fr.archive.ubuntu.com precise-security/multiverse i386 Packages Hit http://fr.archive.ubuntu.com precise-security/main TranslationIndex Hit http://fr.archive.ubuntu.com precise-security/multiverse TranslationIndex Hit http://fr.archive.ubuntu.com precise-security/restricted TranslationIndex Hit http://fr.archive.ubuntu.com precise-security/universe TranslationIndex Hit http://fr.archive.ubuntu.com precise-updates/main amd64 Packages Hit http://fr.archive.ubuntu.com precise-updates/restricted amd64 Packages Hit http://fr.archive.ubuntu.com precise-updates/universe amd64 Packages Hit http://fr.archive.ubuntu.com precise-updates/multiverse amd64 Packages Hit http://fr.archive.ubuntu.com precise-updates/main i386 Packages Hit http://fr.archive.ubuntu.com precise-updates/restricted i386 Packages Hit http://fr.archive.ubuntu.com precise-updates/universe i386 Packages Hit http://fr.archive.ubuntu.com precise-updates/multiverse i386 Packages Hit http://fr.archive.ubuntu.com precise-updates/main TranslationIndex Hit http://fr.archive.ubuntu.com precise-updates/multiverse TranslationIndex Hit http://fr.archive.ubuntu.com precise-updates/restricted TranslationIndex Hit http://fr.archive.ubuntu.com precise-updates/universe TranslationIndex Hit http://fr.archive.ubuntu.com precise-security/main Translation-en Hit http://fr.archive.ubuntu.com precise-security/multiverse Translation-en Hit http://fr.archive.ubuntu.com precise-security/restricted Translation-en Hit http://fr.archive.ubuntu.com precise-security/universe Translation-en Hit http://fr.archive.ubuntu.com precise-updates/main Translation-en_GB Hit http://fr.archive.ubuntu.com precise-updates/main Translation-en Hit http://fr.archive.ubuntu.com precise-updates/multiverse Translation-en_GB Hit http://fr.archive.ubuntu.com precise-updates/multiverse Translation-en Hit http://fr.archive.ubuntu.com precise-updates/restricted Translation-en_GB Hit http://fr.archive.ubuntu.com precise-updates/restricted Translation-en Hit http://fr.archive.ubuntu.com precise-updates/universe Translation-en_GB Hit http://fr.archive.ubuntu.com precise-updates/universe Translation-en And here is my /etc/apt/sources.list: ###### Ubuntu Main Repos deb http://filepile.fastit.net/ubuntu/ precise main restricted universe multiverse # deb http://de.archive.ubuntu.com/ubuntu/ precise main restricted universe multiverse deb http://archive.canonical.com/ precise main restricted universe multiverse ###### Ubuntu Update Repos deb http://fr.archive.ubuntu.com/ubuntu/ precise-security main restricted universe multiverse deb http://fr.archive.ubuntu.com/ubuntu/ precise-updates main restricted universe multiverse deb http://archive.ubuntu.com/ubuntu/ precise main restricted multiverse deb-src http://archive.ubuntu.com/ubuntu precise main restricted multiverse Thanks for your help!

  Read the article

• Can I save & store a user's submission in a way that proves that the data has not been altered, and that the timestamp is accurate?

  - by jt0dd

  There are many situations where the validity of the timestamp attached to a certain post (submission of information) might be invaluable for the post owner's legal usage. I'm not looking for a service to achieve this, as requested in this great question, but rather a method for the achievement of such a service. For the legal (in most any law system) authentication of text content and its submission time, the owner of the content would need to prove: that the timestamp itself has not been altered and was accurate to begin with. that the text content linked to the timestamp had not been altered I'd like to know how to achieve this via programming (not a language-specific solution, but rather the methodology behind the solution). Can a timestamp be validated to being accurate to the time that the content was really submitted? Can data be stored in a form that it can be read, but not written to, in a proven way? In other words, can I save & store a user's submission in a way that proves that the data has not been altered, and that the timestamp is accurate? I can't think of any programming method that would make this possible, but I am not the most experienced programmer out there. Based on MidnightLightning's answer to the question I cited, this sort of thing is being done. Clarification: I'm looking for a method (hashing, encryption, etc) that would allow an average guy like me to achieve the desired effect through programming. I'm interested in this subject for the purpose of Defensive Publication. I'd like to learn a method that allows an every-day programmer to pick up his computer, write a program, pass information through it, and say: I created this text at this moment in time, and I can prove it. This means the information should be protected from the programmer who writes the code as well. Perhaps a 3rd party API would be required. I'm ok with that.

  Read the article

• How to Audit and Monitor BI Publisher Reports Access?

  - by kanichiro.nishida

  Do you know who is accessing to which report at what time at your reporting environment ? As you delivered the BI Publisher reports to the production environment and your users start using them as part of their daily business operations you might wonder such questions. With compliance becoming an integral part of any business requirement, auditing your reporting environment is also becoming one of the most critical and hot agenda in today’s enterprise reporting deployments. Also, I believe that auditing the reporting environment is not just for the compliance, but also the way to understand how your users are using the reports and be able to improve the user reporting experience. BI Publisher have introduced Enterprise Level Auditing feature with its 11G release, with an integration of Oracle Fusion Middleware Audit Framework, which comes out of the box with the installation. Yes, this is another great example of the benefit of its tight integration with Fusion Middleware introduced with BI Publisher 11g release. What Information Can I Know about our Reporting Environment? With this new Auditing feature you can now gain the following insights. When a particular user login or logout What report is accessed by who and when and how How long does it take to process a particular report Yes, it’s all there. This is a great news for 10G users, right ? I used to be one of them working with many different IT organizations and were craving for this, but it’s here now with 11G! How Can I Access to the Auditing Information? With the Fusion Middleware Auditing Framework, BI Publisher feed such information either to a log file or to a database. If you decided to get the data into the database then, of course you know, you can use BI Publisher to report and publish, or visualize the data to gain more insights. One thing though, in order to feed the data it requires a few extra steps, which I’ll cover it later.  Regardless of whether it’s the log file or the database to store the Auditing data, first, you need to enable the Auditing feature, which is not enabled as default. So, let’s take a look at how to enable it. How to Enable Auditing Feature? Here is a quick list of the steps: Enable Auditing related properties in BI Publisher configuration file Copy component_events.xml file to Fusion Middleware Audit Framework’s location Enable Auditing Policy with Fusion Middleware Control (Enterprise Manager) Restart WebLogic Server Enable Auditing related properties in BI Publisher configuration file Open xmlp-server-config.xml file, which is located under $BI_HOME/ user_projects/domains/bifoundation_domain/config/bipublisher/repository/Admin/Configuration directory. Set the following three properties values to ‘true’. AUDIT_ENABLED MONITORING_ENABLED AUDIT_JPS_INTEGRATION The ‘AUDIT_JPS_INTEGRATION’ is not in the file as default, so you need to add this. Here is an example of how it looks for the xmlp-server-config.xml file after the modification. <?xml version="1.0" encoding="UTF-8" standalone="no"?><xmlpConfigxmlns="http://xmlns.oracle.com/oxp/xmlp"> <property name="SAW_SERVER" value="adc6160510"/> <property name="SAW_SESSION_TIMEOUT" value="90"/> <property name="DEBUG_LEVEL" value="exception"/> <property name="SAW_PORT" value="7001"/> <property name="SAW_PASSWORD" value=""/> <property name="SAW_PROTOCOL" value="http"/> <property name="SAW_VERSION" value="v6"/> <property name="SAW_USERNAME" value=""/> <property name="SAW_URL_SUFFIX" value="analytics/saw.dll"/> <property name="MONITORING_ENABLED" value="true"/> <property name="MONITORING_DEFAULT_HISTORY_SIZE" value="30"/> <property name="AUDIT_ENABLED" value="true"/> <property name="JSESSION_RESET_DISABLED" value="true"/> <property name="SECURITY_MODEL" value="ORACLE_AS_JPS"/> <property name="AUDIT_JPS_INTEGRATION" value="true"/> </xmlpConfig>   Copy component_events.xml file to Audit Framework’s location There is a Audit related configuration file provided by BI Publisher that needs to be copied to the Audit Framework location. 1. Go to the following directory. $BI_HOME /oracle_common/modules/oracle.iau_11.1.1/components 2. Create a directory called ‘xmlpserver’ 3. Copy component_events.xml file from /user_projects/domains/bifoundation_domain/config/bipublisher/repository/Admin/Audit To the newly created ‘xmlpserver’ directory. Enable Auditing Policy with Fusion Middleware Control (EM) Now you can set a level of the auditing for each BI Publisher’s auditing type by using Fusion Middleware Control (a.k.a. Enterprise Manager). 1. Login to Fusion Middleware Control UI http://hostname:port/em (e.g. reporting.oracle.com:7001/em) 2. Access to Audit Policy configuration UI from the menu Under WebLogic Domain, right-click bifoundation_domain, select Security and then click Audit Policy.   3. Set Audit Level for BI Publisher. While you can select ‘Custom’ to set a customized level of Auditing for each component, I’m selecting ‘Medium’ for this exercise.   Restart WebLogic Server After all the above settings, now you need to restart the WebLogic Server instance in order to take those changes in effect. If you’re on Windows you can simply do this by selecting ‘Stop BI Servers’ and ‘Start BI Servers’ from the Start menu. If you’re on Linux then you can run ‘stopWebLogic.sh’ and ‘startWebLogic.sh’, which can be found under $BI_HOME/user_projects/domains/bifoundation_domain/bin Start Auditing! Now assuming that you have completed the above steps successfully, then from this point on any reporting activity should be audited and stored in the auditing log file, which can be found at $BI_HOME/user_projects/domains/bifoundation_domain/servers/AdminServer/logs/auditlogs/xmlpserver/audit.log And here is a sample of the log file: 2011-02-18 02:25:49.928 "" "ReportRendering" true - "82d4bdc47b99b33c:-7e3f334f:12e365c4d9c:-8000-0000000000000022,0" - - - - "bipublisher(11.1.1)" "ReportExecution" "200" "" "/Sample Lite/Published Reporting/Reports/Balance Letter.xdo" "pdf" "RTF Corp Styles" "en_US" - - - - - - - - - - - - - - 86608512 486989824 24517 169 - - - 2011-02-18 02:25:49.929 "steve.jobs" "ReportRequest" true - "82d4bdc47b99b33c:-7e3f334f:12e365c4d9c:-8000-0000000000000022,0" - - - - "bipublisher(11.1.1)" "ReportAccess" "200" "" "" "pdf" "RTF Corp Styles" - - - true - - - - - - - - - - - - - - - - - - 2011-02-18 03:25:49.554 "" "ReportDataProcess" true - "82d4bdc47b99b33c:-7e3f334f:12e365c4d9c:-8000-0000000000000022,0" - - - - "bipublisher(11.1.1)" "ReportExecution" "260" "" "/Sample Lite/Published Reporting/Reports/Balance Letter.xdo" - - - - - - - - - - - - - - - - - 34980200 554033152 - 134 - - - 2011-02-18 03:25:50.282 "" "ReportRendering" true - "82d4bdc47b99b33c:-7e3f334f:12e365c4d9c:-8000-0000000000000022,0" - - - - "bipublisher(11.1.1)" "ReportExecution" "263" "" "/Sample Lite/Published Reporting/Reports/Balance Letter.xdo" "pdf" "RTF Corp Styles" "en_US" - - - - - - - - - - - - - - 16158944 554033152 24517 503 - - - 2011-02-18 03:25:50.282 "steve.jobs" "ReportRequest" true - "82d4bdc47b99b33c:-7e3f334f:12e365c4d9c:-8000-0000000000000022,0" - - - - "bipublisher(11.1.1)" "ReportAccess" "263" "" "" "pdf" "RTF Corp Styles" - - - true - - - - - - - - - - - - - - - - - - 2011-02-18 03:30:00.448 "barack.obama" "UserLogin" true - "82d4bdc47b99b33c:-7e3f334f:12e365c4d9c:-8000-0000000000000406,0" - - - - "bipublisher(11.1.1)" "UserSession" "26" "" - - - - - - - - - - - - - - - - - - - - - - - - - From the above log file you can tell a user ‘steve.jobs’ was running some reports like ‘Balance Letter’ around afternoon on 2/18 and another user ‘barack.obama’ logged into the system at 3:30 on the same day. Yes, every login and log out will be recorded, and every report access will be recorded in this log file. Now, looking at this text file to understand what’s going on is pretty overwhelming. And accessing to this log file, which is located at the server’s file system where the BI Publisher/WebLogic Server are running, is another challenge in typical deployment scenarios. And that’s where the database storage option for the Auditing data  comes into a picture. I’ll talk about this tomorrow, so stay tuned!  

  Read the article

• How Can I Safely Destroy Sensitive Data CDs/DVDs?

  - by Jason Fitzpatrick

  You have a pile of DVDs with sensitive information on them and you need to safely and effectively dispose of them so no data recovery is possible. What’s the most safe and efficient way to get the job done? Today’s Question & Answer session comes to us courtesy of SuperUser—a subdivision of Stack Exchange, a community-driven grouping of Q&A web sites. The Question SuperUser reader HaLaBi wants to know how he can safely destroy CDs and DVDs with personal data on them: I have old CDs/DVDs which have some backups, these backups have some work and personal files. I always had problems when I needed to physically destroy them to make sure no one will reuse them. Breaking them is dangerous, pieces could fly fast and may cause harm. Scratching them badly is what I always do but it takes long time and I managed to read some of the data in the scratched CDs/DVDs. What’s the way to physically destroy a CD/DVD safely? How should he approach the problem? The Answer SuperUser contributor Journeyman Geek offers a practical solution coupled with a slightly mad-scientist solution: The proper way is to get yourself a shredder that also handles cds – look online for cd shredders. This is the right option if you end up doing this routinely. I don’t do this very often – For small scale destruction I favour a pair of tin snips – they have enough force to cut through a cd, yet are blunt enough to cause small cracks along the sheer line. Kitchen shears with one serrated side work well too. You want to damage the data layer along with shearing along the plastic, and these work magnificently. Do it in a bag, cause this generates sparkly bits. There’s also the fun, and probably dangerous way – find yourself an old microwave, and microwave them. I would suggest doing this in a well ventilated area of course, and not using your mother’s good microwave. There’s a lot of videos of this on YouTube – such as this (who’s done this in a kitchen… and using his mom’s microwave). This results in a very much destroyed cd in every respect. If I was an evil hacker mastermind, this is what I’d do. The other options are better for the rest of us. Another contributor, Keltari, notes that the only safe (and DoD approved) way to dispose of data is total destruction: The answer by Journeyman Geek is good enough for almost everything. But oddly, that common phrase “Good enough for government work” does not apply – depending on which part of the government. It is technically possible to recover data from shredded/broken/etc CDs and DVDs. If you have a microscope handy, put the disc in it and you can see the pits. The disc can be reassembled and the data can be reconstructed — minus the data that was physically destroyed. So why not just pulverize the disc into dust? Or burn it to a crisp? While technically, that would completely eliminate the data, it leaves no record of the disc having existed. And in some places, like DoD and other secure facilities, the data needs to be destroyed, but the disc needs to exist. If there is a security audit, the disc can be pulled to show it has been destroyed. So how can a disc exist, yet be destroyed? Well, the most common method is grinding the disc down to destroy the data, yet keep the label surface of the disc intact. Basically, it’s no different than using sandpaper on the writable side, till the data is gone. Have something to add to the explanation? Sound off in the the comments. Want to read more answers from other tech-savvy Stack Exchange users? Check out the full discussion thread here.     

  Read the article

• Is /home encryption useful on a server?

  - by Dennis

  I've got a question about the use of encryption: I set up a Ubuntu 12.04 server to use it as a router, file server for backups and webserver. Of course, it is probably not the best idea to put backups on the same system as a web server, but it is only for private usage and I don't want to spend too much money. So I thought it is not a bad idea to set up /home-encryption for the backup-user-account with which I do my backups. But in the same moment, another quesiton arises: Does it still makes sense? Via SSH, root login is disabled. And access to the /home-folder of that user is reduced to the user itself. So the only scenario to access the /home-folder is to connect keyboard/display to the server, login as root and change to /home. Or have I overseen a scenario? In case I am right, you can only access the /home-folder from "outside" as the backup-user. But than, encryption also doesn't make sense anymore. Am I right about that thoughts? Or do you still see a way to access the /home-folder of the backup user so that encryption still makes sense? Thanks for your help in advance!

  Read the article

• Is there a secure way to add a database troubleshooting page to an application?

  - by Josh Yeager

  My team makes a product (business management software) that our customers install on their own servers. The product uses a SQL database for data storage and app configuration. There have been quite a few cases where something strange happened in the customer's database (caused by bugs in our app and also sometimes admins who mess with the database). To figure out what is wrong with the data, we have to send SQL scripts to the customer and tell them how to run them on the database server. Then, once we know how to fix it, we have to send another script to repair the data. Is there a secure way to add a page in our application that allows an application admin to enter SQL scripts that read and write directly to the database? Our support team could use that to help customers run these scripts, without needing direct access to the SQL server. My big concerns are that someone might abuse this power to get data they shouldn't have and maybe to erase or modify data that they shouldn't be able to modify. I'm not worried about system admins, because they could find another way to do the same thing. But what if someone else got access to the form? Is there any way to do this kind of thing securely?

  Read the article

• My computer may have been compromised, what should I do?

  - by InkBlend

  A few weeks ago, my machine (lets call it "main") was logged into wirelessly from an unauthorized host, probably using ssh. I did not detect the intrusion until a few days ago, and my machine is completely shut down. I found the login using this line from last: myusername pts/1 ipad Tue Oct 15 22:23 - 22:25 (00:02) Needless to say, not only does no one in my family own an iPad, but almost none of my friends do, either. This makes me suspect that whoever was behind this changed the hostname of their machine. Additionally, I discovered this line in the last output on another machine of mine ("secondary"): myusername pts/2 :0 Tue Oct 15 22:23 - 22:23 (00:00) This line coincides with the timestamp from main, which has password-less ssh access (through keys) to secondary. Is it possible that whoever broke in to main has also rooted secondary? How can I prevent this from happening again? Are there logs that I can look through to determine exactly how main was accessed (I am the only user on the system and have a very strong password)? Is it at all possible that this is just a weird bug that occurred? Should I, and where should I start looking for rootkits and/or keyloggers? In short, what should I do?

  Read the article

• Some hint to program a webservice "by subscription"

  - by Eagle

  I have some web sites programmed, I know to do it with python and PHP basically. Normally they are simple web sites, but now I want to provide REST web services but only for allowed users (allowed by me). I saw that a lot of services uses the "KEY" and "SECRET_KEY" concepts, which seems to be what I need (if I understand it right). My suppositions are: If I only do a GET service to retrieve, e.g., all my clients, without anymore, anyone can retrieve my clients without limitations. I will need some KEY generator to provide keys for my allowed users, so they can use my webservices. Only with a KEY is not enough: someone can steal a KEY and supplant my user (and this is the reason because exists a SECRET_KEY, right?). If all this is right, how can I make/use a system like that in my web services? Some open source example? Or maybe there are another easy solutions I'm not considering? My objective is to allow some users to use my web services.

  Read the article

• Is it reasonable to require passwords when users sign into my application through social media accounts?

  - by BrMcMullin

  I've built an application that requires users to authenticate with one or more social media accounts from either Facebook, Twitter, or LinkedIn. Edit Once the user has signed in, an 'identity' for them is maintained in the system, to which all content they create is associated. A user can associate one account from each of the supported providers with this identity. I'm concerned about how to protect potential users from connecting the wrong account to their identity in our application. /Edit There are two main scenarios that could happen: User has multiple accounts on one of the three providers, and is not logged into the one s/he desires. User comes to a public or shared computer, in which the previous user left themselves logged into one of the three providers. While I haven't encountered many examples of this myself, I'm considering requiring users to password authenticate with Facebook, Twitter, and LinkedIn whenever they are signing into our application. Is that a reasonable approach, or are there reasons why many other sites and applications don't challenge users to provide a user name and password when authorizing applications to access their social media accounts? Thanks in advance! Edit A clarification, I'm not intending to store anyone's user name and password. Rather, when a user clicks the button to sign in, with Facebook as an example, I'm considering showing an "Is this you?" type window. The idea is that a user would respond to the challenge by either signing into Facebook on the account fetched from the oauth hash, or would sign into the correct account and the oauth callback would run with the new oauth hash data.

  Read the article

• Good quality Secure Software Development Training [closed]

  - by Patrick

  Just had my annual appraisal and found out my company is willing to pay for training and exams etc! Woohoo (they kept that one quiet). I'm interested in doing a course on secure development techniques. Has anyone got any suggestions for good quality distance learning courses in secure development (I could probably get a couple of days off to attend a conference/ course if required)? We're mostly an MS .Net house but I have no particular allegiance to MS or any other programming language (though, obviously, C++ is the best language in the world). I have 12 years development experience working in (what are now) PCI:DSS environments, including designing and developing a key management system and I have some knowledge of basic attacks (XSS, injection etc). I would prefer a hard course I struggle with to a basic course I learn 3 things from (but hopefully get something right at my level). A quick google found these two course which look good: http://www.sans.org/course/secure-coding-net-developing-defensible-applications https://www.isc2.org/csslpedu/default.aspx I don't really know how to choose between them, and finding other courses isn't going to make that job any easier, so I thought I'd ask those who know. EDIT : Hmm, care to share the reason for your down vote, will help me learn how to use the site better...

  Read the article

• ?????????????????!Oracle Database ?????????

  - by Aya Sensui

  ?????????????????????????????????? ?????????????????????????????????????????????? ?????????????????????????????????????????????????? ??????????????????????????????????????????? ?????????????????????????????????? ??????????????????????????????????????????????? ?????????/?????????????????????????????????????????? ?????????????? ????????????????????????????????????????? ???????????????????????????????????? ??????????????????????????????????????????????? ????????????????????????????????????????????????????????? Oracle Database ????????????????? ??????????????????????????? ????????????????????????? ???????????????????????? ????????????????????????????????? ???????????????? ??????????????????????????????????!??????? ??????????????????? TIPS ???????????????? ?????!???????? ???????????????????????????????????????????????? Oracle Database ??????????????????????????????????????????? ??????????????????????????????????????? Oracle Database ????????????????????????????????????? ????????? FAILED_LOGIN_ATTEMPTS    ??????????? PASSWORD_LIFE_TIME       ????????? PASSWORD_REUSE_TIME      ???????????????????? PASSWORD_REUSE_MAX       ????????????????????????????? PASSWORD_LOCK_TIME       ????????????????????????????????????? PASSWORD_GRACE_TIME      ????????????????? PASSWORD_VERIFY_FUNCTION ??????????????????? (*1) (*1)????????????????????????? $ORACLE_HOME/rdbms/admin/utlpwdmg.sql ?????????????????? utlpwdmg.sql ????????? ???????????????????????????  - ?????????????????  - ???????????  - ??????????????  - ?????????????????????  - ???????????????????? ???????????????????????????????????? ???????????????????????????????????? ??????????????????????!?????? ????????????????????????????????????? ??????????????????????????????????? ????????????????????? ???????? SQL*Plus ??????????????????????? ????????????????????????? ???????????????????????????????????? ??????????????????·???????????????? ???Enterprise Edition ?????????????????? Virtual Private Database(VPD) ??????????? ???????????????????????????????????????????????? ?????????????????????????? ???????????????????????????????????????????????? ????????????????????????????? ?????????????????????????????????? ????????????????????????????? ??????????????????????????????????? ???????????????????? ?????????????????????????????? ???????????????????????????????? ????????????????????????????????????????? ??????????????????????????????????????????? ????????????????????????????? Oracle Database ????????????????????Oracle Advanced Security ????????????? ?????????????????????????????? ????DBMS_OBFUSCATION_TOOLKIT ? DBMS_CRYPTO ???????/????? PL/SQL ?????? ?????????????????? ?????????????????????????????????????????????? ?????????????????????????? ????????????!???? Oracle Database ?????????????????????????????????? ????????????????????????DBA ??????????????????? 4 ???? ??????????? Enterprise Edition??????????? ?????DBA ??????????????????????? ?????????????????????? [????] ???????????????????????????????????? ????????????????????  - ????????????  - ?????(SYSOPER, SYSDBA)???????????  - ??????????(??????????) ?????????????????????????????????·?????? ????????????????????????????????? ?????????????????????????????? [DBA ??] ???????????(DBA ??)???????????????????? ??????????????????????????AUDIT_SYS_OPERATIONS ?????? TRUE ????????????? ????? OS ??????????????/????????????????????? ???????????????????????????????????????????????? [????] ???????????????????????????????????? ??AUDIT_TRAIL ??????????????????????????? ???????????  - ???????    ????·????????  - ????????    ??????????????????????????????  - ????    ????????????????  - SQL ???    ????????????? DDL ?????? [??????????] ??????(?????????)??????????????????? Enterprise Edition ?????????? ??????????????????????? ??? Oracle Database ???????????????????????????????????? ??????????????????????????????????????????????? ????????????????????

  Read the article

• WCF client endpoint identity - configuration question

  - by Roel

  Hi all, I'm having a strange situation here. I got it working, but I don't understand why. Situation is as follows: There is a WCF service which my application (a website) has to call. The WCF service exposes a netTcpBinding and requires Transport Security (Windows). Client and server are in the same domain, but on different servers. So generating a client results in the following config (mostly defaults) <system.serviceModel> <bindings> <netTcpBinding> <binding name="MyTcpEndpoint" ...> <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" /> <security mode="Transport"> <transport clientCredentialType="Windows" protectionLevel="EncryptAndSign"/> <message clientCredentialType="Windows" /> </security> </binding> </netTcpBinding> </bindings> <client> <endpoint address="net.tcp://localhost:xxxxx/xxxx/xxx/1.0" binding="netTcpBinding" bindingConfiguration="MyTcpEndpoint" contract="Service.IMyService" name="TcpEndpoint"/> </client> </system.serviceModel> When I run the website and make the call to the service, I get the following error: System.ServiceModel.Security.SecurityNegotiationException: Either the target name is incorrect or the server has rejected the client credentials. ---> System.Security.Authentication.InvalidCredentialException: Either the target name is incorrect or the server has rejected the client credentials. ---> System.ComponentModel.Win32Exception: The logon attempt failed --- End of inner exception stack trace --- at System.Net.Security.NegoState.EndProcessAuthentication(IAsyncResult result) at System.Net.Security.NegotiateStream.EndAuthenticateAsClient(IAsyncResult asyncResult) at System.ServiceModel.Channels.WindowsStreamSecurityUpgradeProvider.WindowsStreamSecurityUpgradeInitiator.InitiateUpgradeAsyncResult.OnCompleteAuthenticateAsClient(IAsyncResult result) at System.ServiceModel.Channels.StreamSecurityUpgradeInitiatorAsyncResult.CompleteAuthenticateAsClient(IAsyncResult result) --- End of inner exception stack trace --- Server stack trace: at System.ServiceModel.AsyncResult.End[TAsyncResult](IAsyncResult result) at System.ServiceModel.Channels.ServiceChannel.SendAsyncResult.End(SendAsyncResult result) at System.ServiceModel.Channels.ServiceChannel.EndCall(String action, Object[] outs, IAsyncResult result) .... Now, if I just alter the configuration of the client like so: <endpoint address="net.tcp://localhost:xxxxx/xxxx/xxx/1.0" binding="netTcpBinding" bindingConfiguration="MyTcpEndpoint" contract="Service.IMyService" name="TcpEndpoint"> <identity> <dns /> </identity> </endpoint> everything works and my server happily reports that it got called by the service account which hosts the AppPool for my website. All good. My question now is: why does this work? What does this do? I got to this solution by mere trial-and-error. To me it seems that all the <dns /> tag does is tell the client to use the default DNS for authentication, but doesn't it do that anyway? Thanks for providing me with some insight.

  Read the article

• Winforms - what's a cool taskbar/system tray notifier approach?

  - by Greg

  Hi What's a cool taskbar/system tray notifier approach? To get that latest cool looking sliding windows type notifications can I stay WinForms, or do I need to go WFP? Which control/class/framework should I look at? Basically after a more fresher:modern looking UI than the old winforms popular bubbles etc

  Read the article

• How to configure custom binding to consume this WS secure Webservice using WCF?

  - by Soeteman

  Hello all, I'm trying to configure a WCF client to be able to consume a webservice that returns the following response message: Response message <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ns0="http://myservice.wsdl"> <env:Header> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" env:mustUnderstand="1" /> </env:Header> <env:Body> <ns0:StatusResponse> <result> ... </result> </ns0:StatusResponse> </env:Body> </env:Envelope> To do this, I've constructed a custom binding (which doesn't work). I keep getting a "Security header is empty" message. My binding: <customBinding> <binding name="myCustomBindingForVestaServices"> <security authenticationMode="UserNameOverTransport" messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11" securityHeaderLayout="Strict" includeTimestamp="false" requireDerivedKeys="true"> </security> <textMessageEncoding messageVersion="Soap11" /> <httpsTransport authenticationScheme="Negotiate" requireClientCertificate ="false" realm =""/> </binding> </customBinding> My request seems to be using the same SOAP and WS Security versions as the response, but use different namespace prefixes ("o" instead of "wsse"). Could this be the reason why I keep getting the "Security header is empty" message? Request message <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <s:Header> <o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <o:UsernameToken u:Id="uuid-d3b70d1f-0ebb-4a79-85e6-34f0d6aa3d0f-1"> <o:Username>user</o:Username> <o:Password>pass</o:Password> </o:UsernameToken> </o:Security> </s:Header> <s:Body> <getPrdStatus xmlns="http://myservice.wsdl"> <request xmlns="" xmlns:a="http://myservice.wsdl" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"> ... </request> </getPrdStatus> </s:Body> </s:Envelope> How do I need to configure my WCF client binding to be able to consume this webservice? Any help greatly appreciated! Sander

  Read the article

• How can I extract the original image stream from a System.Drawing.Bitmap object?

  - by skolima

  I am embedding images into my assembly using .resx files. Upon runtime, I need to save the images into standalone files, restoring the original content. How can I extract the original file stream from an System.Drawing.Bitmap instance? I know I can create a stream using Bitmap.Save(), but this transcodes (and in effect - inflates) the images, even when saving a PNG back as PNG. Or perhaps my mistake is reading them from Resource as Bitmap in the first place?

  Read the article

• Load an ASP.NET 2.0 aspx page using System.Reflection?

  - by Michael Kniskern

  Can I load an stand alone aspx page in another stand alone aspx page using System.Reflection? I am using the ASP.NET 2.0 Web site project model.

  Read the article

• Windows API: Is it possible to know if an icon in system tray is hidden by the user?

  - by Pavel

  I need to know if the user has hidden an icon added by my program to the system tray area. Is it technically feasible?

  Read the article

• Can I retrieve hard drive diagnostics on a Linux System?

  - by Huckphin

  I am running Linux-2.4 system, and I am attempting to retrieve hard drive diagnostics information, any that might be available. Is there a way that I can retrieve these hard drive statistics?

  Read the article

• Any libraries out there that extend System.Diagnostics.Trace?

  - by Simon

  Any there any good libraries out there that extend System.Diagnostics.Trace? Some of the features I am looking for. Rolling logs smtp And "Use log4net" is not an answer. The reason being is that i don't want a reference to any third party assemblies.

  Read the article

• How to create a System.Drawing.Color from its hexadecimal RGB string?

  - by Jader Dias

  I want to create a System.Drawing.Color from a value like #FF00FF or FF00FF without needing to write code for that. There is any .NET built-in parser for that?

  Read the article

• How to check the system is Windows 7 or Windows Server 2008 RC in Wix Installer?

  - by Ray

  Hi there, I am working on a windows installer project. And now I only want the software only can be installed on Windows 7 or Windows Server 2008 RC system, I tried to use this: <Condition Message='Windows Server 2008 R2 or Windows 7 is required'>(VersionNT = 600 AND ServicePackLevel = 1) OR VersionNT = 601 </Condition> but it can still be installed on Windows Vista. Please help! Thank you!

  Read the article

• How to check the system is Windows 7 or Windows Server 2008 R2 in Wix Installer?

  - by Ray

  Hi there, I am working on a windows installer project. And now I only want the software only can be installed on Windows 7 or Windows Server 2008 R2 system, I tried to use this: <Condition Message='Windows Server 2008 R2 or Windows 7 is required'>(VersionNT = 600 AND ServicePackLevel = 1) OR VersionNT = 601 </Condition> but it can still be installed on Windows Vista. Please help! Thank you!

  Read the article

< Previous Page | 113 114 115 116 117 118 119 120 121 122 123 124  | Next Page >