Search Results

Search found 471 results on 19 pages for 'hole punching'.

Page 12/19 | < Previous Page | 8 9 10 11 12 13 14 15 16 17 18 19  | Next Page >

• Someone used my postfix smtp (port 25) to send spam mails to me

  - by Andreas

  This week, someone started to send spam-mails through my postfix-smtp access (I verified by logging in through telnet from an arbitrary pc and sending mails with any ids myself) on my server, with recipient and target being [email protected]. Since I have a catchall and mail-fowarding to my google account, I received all those (many) mails. After a lot of configuration (I lost track of what change did what, going through dozends of topics here and over the net) that hole seems fixed. Still, what hapened? Does port 25 need to be open and accepting for my catchall to work? What configuration did I do wrong? I remember the first thing I changed (that had an effect) was the inet_interface setting in main.cf, only later to find out that if this does not say "all", my mail to mydomain.com does not get forwarded any more.

  Read the article

• how to trace an outlook mail not arriving to its destination when is sent to another domain?

  - by Alex. S.

  Hi, I have an domain account configured with Ipower.com. If I use an email client such as Evolution, the mails arrive as expected. However if I use Outlook 2007 (as everybody in this company) the mails only arrive if the destination belongs to the same domain. That means when the destination is a gmail address, for example, the test email falls into a sort of black hole... This is just a simple ipower setup, nothing of Exchange or something like that. What else can I do to isolate and fix this issue? This is driving me nuts because in other email client with the same exact configuration in the same machine, everything works well and I need to fix the thing in Outlook.

  Read the article

• Rob Blackwell on interoperability and Azure

  - by Eric Nelson

  At QCon in March we had a sample Azure application implemented in both Java and Ruby to demonstrate that the Windows Azure Platform is not just about .NET. The following is an interesting interview with Rob Blackwell, the R&D director of the partner who implemented the application. UK Interoperability Team Interviews Rob Blackwell, R&D Director at Active Web Solutions. Is Microsoft taking interoperability seriously? Yes. In the past, I think Microsoft has, quite rightly come in for criticism, but architects and developers should look at this again. The Interoperability Bridges site (http://www.interoperabilitybridges.com/ ) shows a wide range of projects that allow interoperability from Java, Ruby and PHP for example. The Windows Azure platform has been architected with interoperable APIs in mind. It's straightforward to access the various storage facilities from just about any language or platform. Azure compute is capable of running more than just C# applications! Why is interoperability important to you? My company provides consultancy and bespoke development services. We're a Microsoft Gold Partner, but we live in the real world where companies have a mix of technologies provided by a variety of vendors. When developing an enterprise software solution, you rarely have a completely blank canvas. We often see integration scenarios where we need to exchange data with legacy systems. It's not unusual to see modern Silverlight applications being built on top of Java or Mainframe based back ends. Could you give us some examples of where interoperability has been important for your projects? We developed an innovative Sea Safety system for the RNLI Lifeboats here in the UK. Commercial Fishing is one of the most dangerous professions and we helped developed the MOB Guardian System which uses satellite technology and man overboard devices to raise the alarm when a fisherman gets into trouble. The solution is implemented in .NET running on Windows, but without interoperable standards, it would have been impossible to communicate with the satellite gateway technology. For more information, please see the case study: http://www.microsoft.com/casestudies/Case_Study_Detail.aspx?CaseStudyID=4000005892 More recently, we were asked to build a web site to accompany the QCon 2010 conference in London to help demonstrate and promote interoperability. We built the site using Java and Restlet and hosted it in Windows Azure Compute. The site accepts feedback from visitors and all the data is stored in Windows Azure Storage. We also ported the application to Ruby on Rails for demonstration purposes. Visitors to the stand were surprised that this was even possible. Why should Java developers be interested in Windows Azure? Windows Azure Storage consists of Blobs, Queues and Tables. The storage is scalable, durable, secure and cost-effective. Using the WindowsAzure4j library, it's easy to use, and takes just a few lines of code. If you are writing an application with large data storage requirements, or you want an offsite backup, it makes a lot of sense. Running Java applications in Azure Compute is straightforward with tools like the Tomcat Solution Accelerator (http://code.msdn.microsoft.com/winazuretomcat )and AzureRunMe (http://azurerunme.codeplex.com/ ). The Windows Azure AppFabric Service Bus can also be used to connect heterogeneous systems running on different networks and in different data centres. How can The Service Bus be considered an interoperability solution? I think that the Windows Azure AppFabric Service Bus is one of Microsoft’s best kept secrets. Think of it as “a globally scalable application plumbing kit in the sky”. If you have used Enterprise Service Buses before, you’ll be familiar with the concept. Applications can connect to the service bus to securely exchange data – these can be point to point or multicast links. With the AppFabric Service Bus, the applications can exist anywhere that has access to the Internet and the connections can traverse firewalls. This makes it easy to extend or scale your application or reach out to other networks and technologies. For example, let’s say you have a SQL Server database running on premises and you want to expose the data to a Java application running in the cloud. You could set up a point to point Service Bus connection and use JDBC. Traditionally this would have been difficult or impossible without punching holes in firewalls and compromising security. Rob Blackwell is R&D Director at Active Web Solutions, www.aws.net , a Microsoft Gold Partner specialising in leading edge software solutions. He is an occasional writer and conference speaker and blogs at www.robblackwell.org.uk Related Links: UK Azure Online Community – join today. UK Windows Azure Site Start working with Windows Azure

  Read the article

• how Postfix anti spam configuration works with DNS-based Blackhole List providers

  - by Ashish

  Hello, I have setup a Postfix mail server for incoming mails that is required to never reply to external enviornment i.e it will accept all incoming mails and never reply anything that can be used as a trace to locate and verify it's existence. I have implemented the Postfix anti-UCE configuration by using the following settings in postfix main.cf for countering spam generating mail servers: 'smtpd_recipient_restrictions = reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net' Now i have certain doubts/questions: How Postfix is able to communicate with Black hole list providers i.e How this whole process works?, e.g here they are zen.spamhaus.org, bl.spamcop.net, so that i can test the performance of whole process. Can a header be added in the received mail regarding the status of the results of the above verification process, since i will not reply any traces from my incoming mail receiving Postfix server, so i need this feature? Please post relevant links for reference. Thanks in advance!!! Ashish

  Read the article

• iPhone - Web Access Authentication

  - by Terry

  I am building a secure app for our exec's... here is my setup. It's a somewhat Macgyver approach, but bear with me :) There are only 10 users, I have a record of each uniqueIdentifier on my backend in a database table. (This is internal only for our users, so I don't believe I am breaking the public user registration rule mentioned in the API docs) Through adhoc distribution I install my app on all 10 devices My app is simply composed of a UIWebView. When the app starts it does a POST to our https site sending the uniqueIdentifier. (Thanks to this answer) The server page that recieves the POST, checks the uniqueIdentifier and if found sets a session cookie that automatically logs them into the site. This way the user doesn't have to enter in their credentials every time. So what do you think, is there a security hole with this? Thanks

  Read the article

• Hibernate AssertionFailure in different Threads

  - by bladepit

  I connect to my database with one session. I have always the same session in my hole program. My Thread "1" catches primary data from the database. The user must be allowed to cancel this thread. So if the user presses the cancel button to often or to fast (this is my interpretation) the following error occures: ERROR org.hibernate.AssertionFailure - HHH000099: an assertion failure occured (this may indicate a bug in Hibernate, but is more likely due to unsafe use of the session) org.hibernate.AssertionFailure: possible non-threadsafe access to the session The same errors occures if i cancel my thread "2" which is running in the background after my thread "1" ist finished and the try to load another primary data set from the database. Is the failure that i am using the same session in my two threads? What is the right way to solve such a problem?

  Read the article

• ASP.NET MVC Response Filter + OutputCache Attribute

  - by Shane Andrade

  I'm not sure if this is an ASP.NET MVC specific thing or ASP.NET in general but here's what's happening. I have an action filter that removes whitespace by the use of a response filter: public class StripWhitespaceAttribute : ActionFilterAttribute { public StripWhitespaceAttribute () { } public override void OnResultExecuted(ResultExecutedContext filterContext) { base.OnResultExecuted(filterContext); filterContext.HttpContext.Response.Filter = new WhitespaceFilter(filterContext.HttpContext.Response.Filter); } } When used in conjunction with the OutputCache attribute, my calls to Response.WriteSubstitution for "donut hole caching" do not work. The first and second time the page loads the callback passed to WriteSubstitution get called, after that they are not called anymore until the output cache expires. I've noticed this with not just this particular filter but any filter used on Response.Filter... am I missing something? I also forgot to mention I've tried this without the use of an MVC action filter attribute by attaching to the PostReleaseRequestState event in the global.asax and setting the Response.Filter value there... but still no luck.

  Read the article

• C# How to communicate between 2 servers

  - by Chau

  I have a website running ASP.NET (C#) on server A. I need my website to access a webservice on server B. server B will only accept incoming requests if the requestee is located within a certain IP range and server A is not within this range. I have a server server C which is located within the IP range and the only thing blocking server A from server C is a firewall (which I have access to). It must be possible to create a hole in the firewall between server A and server C, but my question is: How do I relay the request from server A to server B via server C? I need the response from server B to get back to server A also :) Thanks in advance.

  Read the article

• security issue of Linux sudo command?

  - by George2

  Hello everyone, 1. I am using Red Hat Enterprise 5 Linux box. I find if a user is in /etc/sudoers file, then if the user run command with sudo, the user will run this command with root privilege (without knowing root password, the user runs sudo only need to input the user's own password in order to run a command with sudo). Is that correct understanding? 2. If yes, then is it a security hole? Since users other than root could run with root privilege? thanks in advance, George

  Read the article

• How to execute with /bin/false shell

  - by Amar

  I am trying to setup per-user fastcgi scripts that will run each on a different port and with a different user. Here is example of my script: #!/bin/bash BIND=127.0.0.1:9001 USER=user PHP_FCGI_CHILDREN=2 PHP_FCGI_MAX_REQUESTS=10000 etc... However, if I add user with /bin/false (which I want, since this is about to be something like shared hosting and I don't want users to have shell access), the script is run under 1001, 1002 'user' which, as my Google searches showed, might be a security hole. My question is: Is it possible to allow user(s) to execute shell scripts but disable them so they cannot log in via SSH?

  Read the article

• How te execute with /bin/false shell

  - by Amar

  Hello I am trying to setup per-user fastcgi scripts that will run each on different port and with different user. Here is example of my script: #!/bin/bash BIND=127.0.0.1:9001 USER=user PHP_FCGI_CHILDREN=2 PHP_FCGI_MAX_REQUESTS=10000 etc... However, if I add user with /bin/false (which I want, since this is about to be something like shared hosting and I dont want users to have shell access), the script is run'd under 1001, 1002 'user' which, as I googled, might be security hole. My question is: Is it possible to allow user(s) execute shell scripts but disable them to log in via SSH ? Thank you

  Read the article

• Pool Billiard AI

  - by Sebi

  Im implementing a pool billiard game in Java and it all works fine. It is a multiplayer game, but nevertheless, it should also be possible to play it alone. For this purpose I'm trying to implement a simple KI. At the moment, the KI choose just randomly a direction and a random intensity of the impulse (don't know the correct english word for that). Of course this AI is very poor and unlikely to ever challenge a player. So i thought about improving the KI, but there are several hard to solve problems. First I thought of just choosing the nearest ball and to try to put it directly into the nearest hole. This isn't that bad, but if there other balls in the line between, it isn't really working anymore. Additionally this dosn't solve te problem of calculating the intensity of the impulse. So are there any general advice? Or any ideas? Best practices?

  Read the article

• High density Silverlight charting control

  - by ahosie

  I've been looking into Silverlight charting controls to display a large number of samples, (~10,000 data points in five separate series - ~50k points all up). I have found the existing options produced by Dundas, Visifire, Microsoft etc to be extremely poor performers when displaying more than a few hundred data points. I believe the performance issues with existing chart controls is caused by the heavy use of vector graphics. Ergo one solution would be a client-side chart control that uses the WritableBitmap class to generate a raster chart. Before I fall too far down the wheel re-invention rabbit hole - has anyone found a third party or OSS control that will manage large numbers of data points on a sparkline?

  Read the article

• How to set Android Google Maps API v2 map to show whole world map?

  - by Joao

  I am developing an android application that uses a google map in the background. When I start the application, I want to display a map of the hole word. According to the android google maps API v2: https://developers.google.com/maps/documentation/android/views the way to set a specific zoom value is "CameraUpdateFactory.zoomTo(float)" and the same api https://developers.google.com/maps/documentation/android/reference/com/google/android/gms/maps/CameraUpdateFactory#zoomTo(float) tells that the minimum argument to this function is 2. but when I call the function: mMap.moveCamera(CameraUpdateFactory.zoomTo(2)); The viewport of the world map is just a little bigger than Australia... How can I display the entire world map at once? Thanks in advance, João

  Read the article

• Pros and cons of programmatically enforcing foreign key than in database

  - by Jeffrey

  It is causing so much trouble in terms of development just by letting database enforcing foreign key. Especially during unit test I can’t drop table due to foreign key constrains, I need to create table in such an order that foreign key constrain warning won’t get triggered. In reality I don’t see too much point of letting database enforcing the foreign key constrains. If the application has been properly designed there should not be any manual database manipulation other than select queries. I just want to make sure that I am not digging myself into a hole by not having foreign key constrains in database and leaving it solely to the application’s responsibility. Am I missing anything? P.S. my real unit tests (not those that use mocking) will drop existing tables if the structure of underlying domain object has been modified.

  Read the article

• How do you determine with CLLocationManager when a user denies access to location services?

  - by Brennan

  With CLLocationManager I can use the following code to determine if I can access location services on the device. This is the master setting for all apps and can be turned on and off. if (self.locationManager.locationServicesEnabled) { [self.locationManager startUpdatingLocation]; } But a user can deny access to an individual app and in order to not execute the code to use the location manager I need to know if the user approved access to location services for this specific app. I saw that at one point there was a property called locationServicesApproved which appears it would indicate if the user approved access to location services in this app. But it was removed in 2008. Source: http://trailsinthesand.com/apple-removes-notifications-from-iphone-sdk-beta-4/ It appears that there is no way to determine if the user approved access to location services but that seems to be a big hole in the SDK. Is this feature in the SDK elsewhere? What can I do to determine if the user has approved access to location services for the current app?

  Read the article

• java/swing: Shape questions: serializing and combining

  - by Jason S

  I have two questions about java.awt.Shape. Suppose I have two Shapes, shape1 and shape2. How can I serialize them in some way so I can save the information to a file and later recreate it on another computer? (Shape is not Serializable but it does have the getPathIterator() method which seems like you could get the information out but it would be kind of a drag + I'm not sure how to reconstruct a Shape object afterwards.) How can I combine them into a new Shape so that they form a joint boundary? (e.g. if shape1 is a large square and shape2 is a small circle inside the square, I want the combined shape to be a large square with a small circular hole)

  Read the article

• Career path decisions

  - by MindFold

  Hi all, I'm on a verge of quitting my current job as a .NET programmer. i'm 25 years old and have been a .NET programmer in the past 5-6 years, but now i wonder if maybe i should take this opurtunity and try some other things, like RT\Embedded or Driver development. My pro\cons: i love .NET since you can write enterprise systems with it, learn cool development methodologies and practice many patterns i want to learn RT\Embedded\Driver since its at the heart of so many things and i'm feeling this is a black hole for me. My question are: Is making career leaps a good idea? How can i manage to get myself into a job in RT\Embedded as my whole Resume has c# written all over it. What should i bet my cards on this days? android? java? flash? silverlight? etc?

  Read the article

• Twitter xAuth vs open source

  - by Yorirou

  Hi I am developing an open source desktop twitter client. I would like to take advantage on the new xAuth authentication method, however my app is open source which means that if I put the keys directly into the source file, it may be a vulnerability (am I correct? The twitter support guy told me). On the other hand, putting the key directly into a binary also doesn't make sense. I am writing my application in python, so if I just supply the pyc files, it is one more seconds to get the keys, thanks to the excellent reflection capatibilities of Python. If I create a small .so file with the keys, it is also trivial to obtain the key by looking at the raw binary (keys has fixed length and character set). What is your opinion? Is it really a secutiry hole to expose the API keys?

  Read the article

• How to Use 3 Monitors

  - by The.Anti.9

  Right now my setup has a nice big 24" flatscreen in the center, and a 19" flatscreen to the left. And a big gaping hole on the right. I have a 3rd monitor to put there, but I'm not sure how to get the computer to recognize it. Do I need a graphics card with 3 ports? Or can I span the monitors over non SLI-Linked graphics cards? Is it possible to plug my 3rd monitor into the on-board VGA port and have it work?

  Read the article

• Best Pratice to Implement Secure Remember Me

  - by Yan Cheng CHEOK

  Sometimes, I came across certain web development framework which doesn't provide authentication feature as in Authenication ASP.NET I was wondering what is the security measure needs to be considered, when implementing "Remember Me" login feature, by hand coding? Here are the things I usually did. 1) Store the user name in cookie. The user name are not encrypted. 2) Store a secret key in cookie. The secret key is generated using one way function based on user name. The server will verify secret key against user name, to ensure this user name is not being changed. 3) Use HttpOnly in cookie. http://www.codinghorror.com/blog/2008/08/protecting-your-cookies-httponly.html Any things else I could miss out, which could possible lead a security hole.

  Read the article

• Problems with http://wall.plasm.it/examples/example-the-wall/ - Images

  - by wolfau

  It is probably piece of cake for You, but I'm in the black hole now and I don't know what is the problem with The Wall. I would like to do something as www.wall.plasm.it/examples/example-the-wall/. Please - look at: www.megainstal.pl/ there is not any images. Could You help with fix it? I will be really grateful for any help/information. Short story: 1) I download the files from github: https://github.com/plasm/the-wall 2) I changed only 3 files: 01-wall.css, index.html, 01-wall.js (case: basic) 3) in 01-wall.js I declared images: var a = new Element("img[src=../../img/middle/"+counterFluid+".jpg]"); 4) images that are: 1 to 76.jpg Could you point me to where I making a mistake? If You going to see source files - I zip that's all in the one file: files.zip S. from Poland Thank You in advance!

  Read the article

• Only variables can be passed by reference

  - by zaf

  I had the bright idea of using a custom error handler which led me down a rabbit hole. Following code gives (with and without custom error handler): Fatal error: Only variables can be passed by reference function foo(){ $b=array_pop(array("a","b","c")); return $b; } print_r(foo()); Following code gives (only with a custom error handler): (2048) Only variables should be passed by reference function foo(){ $a=explode( '/' , 'a/b/c'); $c=array_pop(array_slice($a,-2,1)); return $c; } print_r(foo()); The second one worries me since I have a lot of 'compact' code. So, I either ditch the bright idea of using a custom error handler (to improve my logging module) or expand all my code. Anyone with better ideas? Also, WTF?

  Read the article

• Where to learn about HTTP?

  - by razass

  I am fluent in HTML and PHP and slowly learning JavaScript however I have noticed that there is a huge hole in my knowledge when it comes to understanding how web software communications actually work. I understand the flow of information across the net however I would like to learn about HTTP protocols to better understand how the data is actually sent back and forth through the internet to help me understand things like REST, HTTP Headers, AJAX requests, etc. However, I must be searching the wrong terms because I haven't been able to find a good description of HTTP protocols. Any help is appreciated to point me in the right direction. Thanks!

  Read the article

• align WMD editor's preview HTML with server-side HTML validation (e.g. no embedded javascript)

  - by Justin Grant

  There are many SO questions (e.g. here and here) about how to do server-side scrubbing of Markdown produced by the WMD editor to ensure the HTML generated doesn't contain malicious script, like this: <img onload="alert('haha');" src="http://www.google.com/intl/en_ALL/images/srpr/logo1w.png" /> This doesn't affect the WMD client's preview box. I doubt this is a big deal since if you're scrubbing the HTML on the server, an attacker can't save the bad HTML so no one else will be able to see it later and have their cookies stolen or sessions hijacked by the bad script. But it's still kinda odd to allow an attacker to run any script in the context of your site, and it's probably a bad idea to allow the client preview window to allow different HTML than your server will allow. StackOverflow has clearly plugged this hole. How did they do it? [NOTE: I already figured this out but it required some tricky javascript debugging, so I'm answering my own question here to help others who may want to do ths same thing]

  Read the article

< Previous Page | 8 9 10 11 12 13 14 15 16 17 18 19  | Next Page >