Search Results

Search found 59864 results on 2395 pages for 'application security'.

Page 129/2395 | < Previous Page | 125 126 127 128 129 130 131 132 133 134 135 136 | Next Page >

OpenOffice Calc doesn't show up in the alt-tab window switcher

- by Abe

I just upgraded to ubuntu 12.04, and it's mostly working. My biggest problem so far: OpenOffice/LibreOffice Calc doesn't show up under the task switcher. When I pres alt-tab to change windows, I can see all my windows except for any OpenOffice documents I have open. If I minimize other windows, then I can get to my Calc documents, but Alt-Tab just doesn't work. It only seems to be a problem with Calc. Writer and Impress both work fine. I do a lot of work in spreadsheets, so this is really messing up my flow. Any thoughts on how to fix it?

Read the article
Multiplayer Game Listen Servers: Ensuring Integrity

- by Ankit Soni

I'm making a simple multiplayer game of Tic Tac Toe in Python using Bridge (its an RPC service built over a message queue - RabbitMQ) and I'd like to structure it so that the client and the server are just one file. When a user runs the game, he is offered a choice to either create a game or join an existing game. So when a user creates a game, the program will create the game and also join him as a player to the game. This is basically a listen server (as opposed to a dedicated server) - a familiar concept in multiplayer games. I came across a really interesting question while trying to make this - how can I ensure that the player hosting the game doesn't tamper with it (or atleast make it difficult)? The player hosting the game has access to the array used to store the board etc., and these must be stored in the process' virtual memory, so it seems like this is impossible. On the other hand, many multiplayer games use this model for LAN games.

Read the article
Phishing alert but file never existed

- by IMB

I got an alert from Google Webmasters. They say the following file was present in my host: example.com/~jhostgop/identity.php I checked my files and it never existed at all. I've experience this problem in two different host and domains but the file never existed in my file system. It appears somebody out there is linking a random domain and it prefixes the link with /~jhostgop/identity.php. Now Google may have indexed them so now I get those false phishing alerts. Anyone experienced this? Is it possible to prevent this?

Read the article
Is /home encryption useful on a server?

- by Dennis

I've got a question about the use of encryption: I set up a Ubuntu 12.04 server to use it as a router, file server for backups and webserver. Of course, it is probably not the best idea to put backups on the same system as a web server, but it is only for private usage and I don't want to spend too much money. So I thought it is not a bad idea to set up /home-encryption for the backup-user-account with which I do my backups. But in the same moment, another quesiton arises: Does it still makes sense? Via SSH, root login is disabled. And access to the /home-folder of that user is reduced to the user itself. So the only scenario to access the /home-folder is to connect keyboard/display to the server, login as root and change to /home. Or have I overseen a scenario? In case I am right, you can only access the /home-folder from "outside" as the backup-user. But than, encryption also doesn't make sense anymore. Am I right about that thoughts? Or do you still see a way to access the /home-folder of the backup user so that encryption still makes sense? Thanks for your help in advance!

Read the article
How to protect Ubuntu from fork bomb

- by dblang

I heard someone talking about a fork bomb, I did some research and found some dreadful information about some strange looking characters people can have you type at the command line and as a result do bad things on the computer. I certainly would not issue commands I do not understand but one never knows what can happen. I heard that some OS allows the administrator to place some limit on user processes to mitigate the effects of fork bombs, is this protection in Ubuntu by default or would a person with sudo privilege have to set this? If so, how?

Read the article
Securing credentials passed to web service

- by Greg Smith

I'm attempting to design a single sign on system for use in a distributed architecture. Specifically, I must provide a way for a client website (that is, a website on a different domain/server/network) to allow users to register accounts on my central system. So, when the user takes an action on a client website, and that action is deemed to require an account, the client will produce a page (on their site/domain) where the user can register for a new account by providing an email and password. The client must then send this information to a web service, which will register the account and return some session token type value. The client will need to hash the password before sending it across the wire, and the webservice will require https, but this doesn't feel like it's safe enough and I need some advice on how I can implement this in the most secure way possible. A few other bits of relevant information: Ideally we'd prefer not to share any code with the client We've considered just redirecting the user to a secure page on the same server as the webservice, but this is likely to be rejected for non-technical reasons. We almost certainaly need to salt the password before hashing and passing it over, but that requires the client to either a) generate the salt and communicate it to us, or b) come and ask us for the salt - both feel dirty. Any help or advice is most appreciated.

Read the article
any basic app packaging gui for a newbie?

- by Hairo

i've made an app using wxpython, i have some .py files and some icons, how can i package it for uploading it to launchpad?? i've already set a ppa and it seems like i need to organize my files before packaging, i mean the debian file structure needed to make a tar.gz source package and how to upload it... i've read some guides (that have an already made tar.gz source package) but as this is my first app i do not understand most of the things... any help?

Read the article
Designing Content-Based ETL Process with .NET and SFDC

- by Patrick

As my firm makes the transition to using SFDC as our main operational system, we've spun together a couple of SFDC portals where we can post customer-specific documents to be viewed at will. As such, we've had the need for pseudo-ETL applications to be implemented that are able to extract metadata from the documents our analysts generate internally (most are industry-standard PDFs, XML, or MS Office formats) and place in networked "queue" folders. From there, our applications scoop of the queued documents and upload them to the appropriate SFDC CRM Content Library along with some select pieces of metadata. I've mostly used DbAmp to broker communication with SFDC (DbAmp is a Linked Server provider that allows you to use SQL conventions to interact with your SFDC Org data). I've been able to create [console] applications in C# that work pretty well, and they're usually structured something like this: static void Main() { // Load parameters from app.config. // Get documents from queue. var files = someInterface.GetFiles(someFilterOrRegexPattern); foreach (var file in files) { // Extract metadata from the file. // Validate some attributes of the file; add any validation errors to an in-memory // structure (e.g. List<ValidationErrors>). if (isValid) { // Upload using some wrapper for an ORM an someInterface.Upload(meta.Param1, meta.Param2, ...); } else { // Bounce the file } } // Report any validation errors (via message bus or SMTP or some such). } And that's pretty much it. Most of the time I wrap all these operations in a "Worker" class that takes the needed interfaces as constructor parameters. This approach has worked reasonably well, but I just get this feeling in my gut that there's something awful about it and would love some feedback. Is writing an ETL process as a C# Console app a bad idea? I'm also wondering if there are some design patterns that would be useful in this scenario that I'm clearly overlooking. Thanks in advance!

Read the article
Who spotted the omission?

- by olaf.heimburger

In my entry OFM 11g: Install OAM 10.1.4.3 (32-bit) on 64-bit RedHat AS 5 I explained how to install OAM 10.1.4.3 (32-bit) on 64-bit RedHat. This is great and works. If you seriously want to use OAM 10.1.4.3 you should consider OHS 11g 32-bit. But this installation is a bit tricky. Nearly all tricks to get this done are described in the above mentioned entry. Today I realized that I missed a small bit to get the installation successfully done.The missing part is within the script to create a vital piece of the OHS 11g package. This part is called genclientsh and resides in $OHS_HOME/bin. This script uses gcc to link binaries. By default this script works great, but on a 64-bit Linux it fails. To get around this, find the variable LD and change the value of gcc to gcc -m32.Done. Caveat On support.oracle.com you will find a Note that suggests to build a small shell script named gcc and includes the -m32 switch. Actually, I consider this as dangerous, because we are humans and tend to forget things quickly. Building a globally available script that changes things for a single setup has side effects that will result in unpredictable results.

Read the article
Why UFW has to be (re)started at boot time if it's only iptables rule manager?

- by Tomasz Zielinski

README from source package says: When installing ufw from source, you will also need to integrate it into your boot process for the firewall to start when you restart your system. Depending on your needs, this can be as simple as adding the following to a startup script (eg rc.local for systems that use it): # /lib/ufw/ufw-init start For systems that use SysV initscripts, an example script is provided in doc/initscript.example. See doc/upstart.example for an Upstart example. Consult your distribution's documentation for the proper way to modify your boot process. On my system I have this: # /etc/ufw/ufw.conf # # Set to yes to start on boot. If setting this remotely, be sure to add a rule # to allow your remote connection before starting ufw. Eg: 'ufw allow 22/tcp' ENABLED=yes So, why does simple iptables rule manager need to be started at boot time? Is there any secret to that, or it merely checks if all rules are in place ?

Read the article
How to prevent the google users found my index of admin page?

- by krish

I am running a website but for some days i stopped it and put the under-construction page because the Index of admin page is visible to the outside world through the Google search. One of my friend told me that your websites index is visible and its one step away to access the password file and he shows me that very simply using the Google search. How can i prevent this and i am hosting my site with a hosting company and i report about this to them but they simply replied to me still its secure so you no need to worry... am i really don need to worry and continue my site with the visible index of admin page?

Read the article
Is there a way to check if redistributed code has been altered?

- by onlineapplab.com

I would like to redistribute my app (PHP) in a way that the user gets the front end (presentation) layer which is using the API on my server through a web service. I want the user to be able to alter his part of the app but at the same time exclude such altered app from the normal support and offer support on pay by the hour basis. Is there a way to check if the source code was altered? Only solution I can think of would be to get check sums of all the files then send it through my API and compare them with the original app. Is there any more secure way to do it so it would be harder for the user to break such protection?

Read the article
WordPress injection?

- by saul

I don't really know how to express my problem, so bear with me. This is a bit hard to explain. I have a Wordpress installation, the latest, and often (once a day) my site redirects users to the /wp-admin/install.php file. Asking for my login credentials of course. I have tried reinstalling WordPress and still have not been able to figure what they are doing. That happens regularly. Also, a few hours later, I am able to see my site normally. Hope this makes sense. I suspect there myst be some database DoS that allows them to inject a redirect of some sort into my admin area, thus redirecting the user to said directory (install.php). But that's just me. I really have no clue what else could they be doing. I looked at the source code from several php files and noted some of them don't include a ? tag. Could that be an issue? My hosting company is iPage, I've contacted them and they say there's nothing wrong with my files. Anyone have a clue? I can paste the code to any source file.

Read the article
Is there a Visual Studio style tool/IDE?

- by Tim

I have been developing in the windows space with Visual Studio for a while now with work, but I have also been using Ubuntu for a while and am keen to get into some software development for linux. I should also note. I am not looking for .NET and I am aware of mono. I am also familiar with c++ development and some python, so the language isn't so much relevant as the "all in one" aspect. I was interested to know if there is a useful all in one code/debug/design(gui) IDE similar to something like Visual Studio but for linux?

Read the article
How to create a restricted SSH user for port forwarding?

- by Lekensteyn

ændrük suggested a reverse connection for getting an easy SSH connection with someone else (for remote help). For that to work, an additional user is needed to accept the connection. This user needs to be able to forward his port through the server (the server acts as proxy). How do I create a restricted user that can do nothing more than the above described? The new user must not be able to: execute shell commands access files or upload files to the server use the server as proxy (e.g. webproxy) access local services which were otherwise not publicly accessible due to a firewall kill the server Summarized, how do I create a restricted SSH user which is only able to connect to the SSH server without privileges, so I can connect through that connection with his computer?

Read the article
Does the Adblock Plus extension prevent malicious code from downloading/executing? [closed]

- by nctrnl

Firefox and Chrome are my favourite browsers. The main reason is an extension called Adblock Plus. Basically, it blocks all the ad networks if you subscribe to one of the lists, like EasyList. Does it also protect against malicious ads on completely legitimate websites? For instance, several news websites use ad services that may allow a malicious user to insert "evil code". This makes the web very unsafe, especially for those who lack a serious antivirus product.

Read the article
Ubuntu App Showdown: Commercial applications

- by Adrian

Me and a few of my friends decided to create a game for the App showdown. However, we wanted to make a commercial game out of it (for <5$). So the question is: If I want to submit a commercial app, what exactly do I have to do? We would be willing to provide it as open source software but want to sell it in USC anyway. How should I submit the app if we can do that? (Note: we would only open source if it's required, but would prefer to only share the source with the judges. Is that also possible?). Also: If I have to upload the source code to the PPA and let it build by ubuntu's build service: How do I do that with Mono-apps? It worked perfectly for other projects where I had CMakeFiles and stuff like that. But for Mono, I only have a MonoDevelop project file - how to do that right? Thanks

Read the article
An error has occurred when creating debian packaging

- by Clepto

i execute quickly share and i get Launchpad connection is ok ........ Command returned some WARNINGS: ---------------------------------- WARNING: the following files are not recognized by DistUtilsExtra.auto: mangar/.bzr/README mangar/.bzr/branch-format mangar/.bzr/branch/branch.conf mangar/.bzr/branch/format mangar/.bzr/branch/last-revision mangar/.bzr/branch/tags mangar/.bzr/checkout/conflicts mangar/.bzr/checkout/dirstate mangar/.bzr/checkout/format mangar/.bzr/checkout/views mangar/.bzr/repository/format mangar/.bzr/repository/pack-names ---------------------------------- An error has occurred when creating debian packaging ERROR: can't create or update ubuntu package ERROR: share command failed Aborting the previous time i run the command everything worked! the previous time i was using ubuntu but now i am using linux mint 13... i get the same error with quickly package! i need to package my app for the contest.. edit: now i get this too ---------------------------------- ERROR: Python module helpers not found ERROR: Python module Window not found ERROR: Python module mangarconfig not found ERROR: Python module Builder not found those files exist in the package_lib folder, why it cannot find them?

Read the article
Is there a modern tutorial for setting up SSL on apache2?

- by John Baber

I've been running apache2 for ages on my ubuntu server without SSL. Now that I want to have some directories delivered by SSL, I can't find any straightforward tutorials that were written recently. The best I've found is http://vanemery.com/Linux/Apache/apache-SSL.html but it tells me to put stuff in /etc/httpd/conf I don't want to guess that that should translate to /etc/apache2/conf because guessing based on old tutorials has ruined my web serving before.

Read the article
Precautions during SSH

- by Shagun

I recently had to give away my Ubuntu 12.10 root password to one of my friends so that he could SSH into my system and send some files to me. Now he is my friend and I trust him so I was not reluctant in sharing my password. And I did change it afterwards. But it just struck me how can I view all the commands that were executed by some other user remote logging into my system (obviously not my friend. I mean in general).To what extent can they access my data (especially my passwords eg I use Last Pass so can they access my account passwords as well??) And if they open any browser after logging into my system do they have access to all my passwords provided I have saved them using the "remember password" option given by chrome Also what precautions I should take when I am allowing some one to remote login in my system and how can I track the various commands used by them or the changes they made in my system. Also is there some simple way to get notified whenever some one logs into my system apart from checking the /var/log/auth.log file??

Read the article
ODI 11g – Faster Files

- by David Allan

Deep in the trenches of ODI development I raised my head above the parapet to read a few odds and ends and then think why don’t they know this? Such as this article here – in the past customers (see forum) were told to use a staging route which has a big overhead for large files. This KM is an example of the great extensibility capabilities of ODI, its quite simple, just a new KM that; improves the out of the box experience – just build the mapping and the appropriate KM is used improves out of the box performance for file to file data movement. This improvement for out of the box handling for File to File data integration cases (from the 11.1.1.5.2 companion CD and on) dramatically speeds up the file integration handling. In the past I had seem some consultants write perl versions of the file to file integration case, now Oracle ships this KM to fill the gap. You can find the documentation for the IKM here. The KM uses pure java to perform the integration, using java.io classes to read and write the file in a pipe – it uses java threading in order to super-charge the file processing, and can process several source files at once when the datastore's resource name contains a wildcard. This is a big step for regular file processing on the way to super-charging big data files using Hadoop – the KM works with the lightweight agent and regular filesystems. So in my design below transforming a bunch of files, by default the IKM File to File (Java) knowledge module was assigned. I pointed the KM at my JDK (since the KM generates and compiles java), and I also increased the thread count to 2, to take advantage of my 2 processors. For my illustration I transformed (can also filter if desired) and moved about 1.3Gb with 2 threads in 140 seconds (with a single thread it took 220 seconds) - by no means was this on any super computer by the way. The great thing here is that it worked well out of the box from the design to the execution without any funky configuration, plus, and a big plus it was much faster than before, So if you are doing any file to file transformations, check it out!

Read the article
Books or guides regarding secure key storage and database encryption

- by Matty

I have an idea for a SaaS product I want to create, however, this product will store extremely sensitive data that needs to be encrypted at rest. The trouble is not so much the encryption, but the problem of securely storing the keys so that in the event the server was somehow compromised, the keys couldn't just be recovered and used to decrypt the database. Are there any decent books to guides regarding database encryption, and in particular secure key storage? This seems to be a less than straightforward topic and something that is difficult to get right. I'm seeing multiple ways to attack such a system, but unable to come up with one that is secure enough to store highly confidential information.

Read the article
Which version of Ubuntu is recommended for app developers?

- by Wes

I've searched around Ask Ubuntu and the App Developer site, but I can't seem to find the answers to my questions. I'm wanting to get back into programming, and I'd eventually like get into app development for Ubuntu, but I'm not sure where to get started. Which version of Ubuntu is currently recommended for app development, especially for those wanting to publish their apps to the Software Centre? Should app developers use the current LTS release, or, can any of the new releases be used? Should developers use the 32-bit or 64-bit edition of Ubuntu, or does this not matter? What effect would the above choices have on the eventual publication of an app? I'm truly sorry if this has been covered elsewhere. Cheers Wes

Read the article
BPM Process Accelerator Packs - Update

- by Pat Shepherd

There are 3 BPM Process Accelerator Packs available now (Accelerator Packs Available ) as discssed in my earlier post: https://blogs.oracle.com/enterprisearchitecture/entry/bpm_process_accelerator_packs There is a new and very useful white paper on BPM/Accelerator best practices at: http://www.oracle.com/technetwork/middleware/bpm/learnmore/processaccelbestpracticeswhitepaper-1708910.pdf Thought I'd post that as the topic is getting more and more attention in various discussions I have been having.

Read the article
Spreadsheet or writing an application?

- by Lenny222

When would you keep simple to medium-complex personal calculations in a spread sheet (Excel etc) and when would you write a small program or script for it? For example when you want to calculate what size of mortgage you can afford to buy a house. I could create a spreadsheet and have a nice tabular representation. On the other hand, if i would write a small script in a nice language (in my case Haskell), i'd have the security of a nice type system, preventing typos etc. What are the pro/cons in your opinion?

Read the article

< Previous Page | 125 126 127 128 129 130 131 132 133 134 135 136 | Next Page >