Search Results

Search found 97980 results on 3920 pages for 'code security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 139/3920 | < Previous Page | 135 136 137 138 139 140 141 142 143 144 145 146  | Next Page >

  • How to create a restricted SSH user for port forwarding?

    - by Lekensteyn
    ændrük suggested a reverse connection for getting an easy SSH connection with someone else (for remote help). For that to work, an additional user is needed to accept the connection. This user needs to be able to forward his port through the server (the server acts as proxy). How do I create a restricted user that can do nothing more than the above described? The new user must not be able to: execute shell commands access files or upload files to the server use the server as proxy (e.g. webproxy) access local services which were otherwise not publicly accessible due to a firewall kill the server Summarized, how do I create a restricted SSH user which is only able to connect to the SSH server without privileges, so I can connect through that connection with his computer?

    Read the article

  • Multiplayer Game Listen Servers: Ensuring Integrity

    - by Ankit Soni
    I'm making a simple multiplayer game of Tic Tac Toe in Python using Bridge (its an RPC service built over a message queue - RabbitMQ) and I'd like to structure it so that the client and the server are just one file. When a user runs the game, he is offered a choice to either create a game or join an existing game. So when a user creates a game, the program will create the game and also join him as a player to the game. This is basically a listen server (as opposed to a dedicated server) - a familiar concept in multiplayer games. I came across a really interesting question while trying to make this - how can I ensure that the player hosting the game doesn't tamper with it (or atleast make it difficult)? The player hosting the game has access to the array used to store the board etc., and these must be stored in the process' virtual memory, so it seems like this is impossible. On the other hand, many multiplayer games use this model for LAN games.

    Read the article

  • How to improve testing your own code

    - by Peter
    Hi guys, Today I checked in a change on some code which turned out to be not working at all due to something rather stupid yet very crucial. I feel really bad about it and I hope I finally learn something from it. The stupid thing is, I've done these things before and I always tell myself, next time I won't be so stupid... Then it happens again and I feel even worse about it. I know you should keep your chin up and learn from your mistakes but here's the thing: I try to improve myself, I just don't see how I can prevent these things from happening. So, now I'm asking you guys: Do you have certain groundrules when testing your code?

    Read the article

  • How to prevent the google users found my index of admin page?

    - by krish
    I am running a website but for some days i stopped it and put the under-construction page because the Index of admin page is visible to the outside world through the Google search. One of my friend told me that your websites index is visible and its one step away to access the password file and he shows me that very simply using the Google search. How can i prevent this and i am hosting my site with a hosting company and i report about this to them but they simply replied to me still its secure so you no need to worry... am i really don need to worry and continue my site with the visible index of admin page?

    Read the article

  • Who spotted the omission?

    - by olaf.heimburger
    In my entry OFM 11g: Install OAM 10.1.4.3 (32-bit) on 64-bit RedHat AS 5 I explained how to install OAM 10.1.4.3 (32-bit) on 64-bit RedHat. This is great and works. If you seriously want to use OAM 10.1.4.3 you should consider OHS 11g 32-bit. But this installation is a bit tricky. Nearly all tricks to get this done are described in the above mentioned entry. Today I realized that I missed a small bit to get the installation successfully done.The missing part is within the script to create a vital piece of the OHS 11g package. This part is called genclientsh and resides in $OHS_HOME/bin. This script uses gcc to link binaries. By default this script works great, but on a 64-bit Linux it fails. To get around this, find the variable LD and change the value of gcc to gcc -m32.Done. Caveat On support.oracle.com you will find a Note that suggests to build a small shell script named gcc and includes the -m32 switch. Actually, I consider this as dangerous, because we are humans and tend to forget things quickly. Building a globally available script that changes things for a single setup has side effects that will result in unpredictable results.

    Read the article

  • How to detect if an app was already installed before

    - by Dante
    How do software applications keep track of whether the user already installed the application before in it's Windows system? Say you install app X, trial version, remove it, then re install it, and when you run it again it detects you had already installed it before. If you uninstall and clean all registry information it shouldn't know you had already installed it before... Disclaimer: I'm not trying to "hack" any application, just thinking about how this is implemented.

    Read the article

  • Commenting Code AS3 - Not being an API

    - by Marcelo Noronha
    How should I comment a method? What are the best practices on commenting code? Example: /* Checks if a color is allowed in a given point * of the bitmapdata of the current floor * @param value - color to be checked * @return boolean - if color is allowed returns true, else, return false */ private function isAllowed(value:uint):Boolean { //code... } Is that the best way to comment a method? I´ve heard there´s the use of the tag @see. What should be on this tag? I wonder if it could be something that has a relation to the method, is that right? Thanks.

    Read the article

  • Coding style advice? [closed]

    - by user1064918
    I'm a newly grad. I've got a lot of complaints from my supervisor at work during code-review sessions with regard to my coding style (Surprise!). I don't know if it's just him being cranky or my style is really that annoying to read. I come from the low-level language world (assembly, mostly), so I've been taught to use bitwise ops and all the cool tricks to do math whenever possible. I also have the habits of doing some other things that've been regarded as "too excessively dense to read". So I'm hoping to get some feedback from any experienced programmers! :) Also how should I justify between code performance and readability? Thanks!!

    Read the article

  • Direct Code Support?

    - by Josh Kahane
    A few times in the past I've hit a major wall and simply couldn't progress with a certain aspect of an app as Im a beginner and still learning the ropes (Objective-C specifically). I was curious if anyone knows of any services which support programmers in real time, paid or free and will over video, audio or text chat sit and work a problem out till its fixed and look through your code? I understand Stackoverflow does a super job at this! However Im in need of something a little more tailored where someone can spend a little time to sit and look and what Im dealing with and delve into my a code if need be. Thanks.

    Read the article

  • How to write efficient code in spite of heavy deadlines

    - by gladysbixly
    Hi all, I am working in an environment wherein we have many projects with strict deadlines on deliverables. We even talk directly to the clients so getting the jobs done and fast is a must. My issue is that i'd always write code for the first solution that comes to my mind, which of course I thought as best at that moment. It always ends up ugly though and i'd later realize that there are better ways to do it but can't afford to change due to time restrictions. Are there any tips by which I could make my code efficient yet deliver on time?

    Read the article

  • Methodology for Documenting Existing Code Base

    - by George Stocker
    I work as part of a team on an existing application that has no inline documentation, nor does it have technical documentation. As I've been working on various bug reports on the application, I've written a sort of breadcrumb trail for myself - bug numbers in various places so that the next developer can refer to that bug number to see what was going on. My question is thus: What is the most effecient method for documenting this code? Should I document as I touch the area (the virus method, if you will), or should I document from each section on its own, and not follow paths that branch out into other areas of the application? Should I insert inline comments where none previously existed (with the fear that I may end up incorrectly identifying what the code does)? What method would you use to accurately and quickly document a rather large application that has no existing inline documentation, nor inline references to external documentation?

    Read the article

  • Windows RT Secured Only By Microsoft

    That disconcerting news is what Mark Hachman is reporting for Read Write Web. One can more or less safely assume that Microsoft will come up with its own antivirus software for Windows RT. Still, this is a rather unusual state of affairs; why is the company doing this? Hachman explains that apps for the Windows RT operating system can run just fine on Windows 8, but the reverse is not true, unless the Windows 8 app has been specially compiled to run on both Windows 8 and Windows RT. The difference apparently stems from the processors for which the two systems have been optimized. Windows 8 ru...

    Read the article

  • Is there a way of listing files for a directory if it contains index.html?

    - by fredley
    On my server (over which I have little control), directories are listed by default, so for mysite.com/images I get: Index of /images Parent Directory BirdsAreHere.png CanYouSpot-AdBlank.jpg etc. Is putting an index.html in that directory enough to prevent people listing the files, or is there still a way of getting at that list? Is it the same for my web root directory (mysite.com)?

    Read the article

  • How to improve testing your own code

    - by Peter
    Today I checked in a change on some code which turned out to be not working at all due to something rather stupid yet very crucial. I feel really bad about it and I hope I finally learn something from it. The stupid thing is, I've done these things before and I always tell myself, next time I won't be so stupid... Then it happens again and I feel even worse about it. I know you should keep your chin up and learn from your mistakes but here's the thing: I try to improve myself, I just don't see how I can prevent these things from happening. So, now I'm asking you guys: Do you have certain groundrules when testing your code?

    Read the article

  • Books or guides regarding secure key storage and database encryption

    - by Matty
    I have an idea for a SaaS product I want to create, however, this product will store extremely sensitive data that needs to be encrypted at rest. The trouble is not so much the encryption, but the problem of securely storing the keys so that in the event the server was somehow compromised, the keys couldn't just be recovered and used to decrypt the database. Are there any decent books to guides regarding database encryption, and in particular secure key storage? This seems to be a less than straightforward topic and something that is difficult to get right. I'm seeing multiple ways to attack such a system, but unable to come up with one that is secure enough to store highly confidential information.

    Read the article

  • How do I trust an off site application

    - by Pieter
    I need to implement something similar to a license server. This will have to be installed off site at the customers' location and needs to communicate with other applications at the customers' site (the applications that use the licenses) and an application running in our hosting center (for reporting and getting license information). My question is how to set this up in a way I can trust that: The license server is really our application and not something that just simulates it; and There is no "man in the middle" (i.e. a proxy or something that alters the traffic). The first thing I thought of was to use with client certificates and that would solve at least 2. However, what I'm worried about is that someone just decompiles (this is build in .NET) the license server, alters some logic and recompiles it. This would be hard to detect from both connecting applications. This doesn't have to be absolutely secure since we have a limited number of customers whom we have a trust relationship with. However, I do want to make it more difficult than a simple decompile/recompile of the license server. I primarily want to protect against an employee or nephew of the boss trying to be smart.

    Read the article

  • Is there a modern tutorial for setting up SSL on apache2?

    - by John Baber
    I've been running apache2 for ages on my ubuntu server without SSL. Now that I want to have some directories delivered by SSL, I can't find any straightforward tutorials that were written recently. The best I've found is http://vanemery.com/Linux/Apache/apache-SSL.html but it tells me to put stuff in /etc/httpd/conf I don't want to guess that that should translate to /etc/apache2/conf because guessing based on old tutorials has ruined my web serving before.

    Read the article

  • Getting started with Team Foundation Server

    - by joe
    At work, we recently started using Team Foundation Server to manage our source code, i have no idea how to use this system. I do not know even know how to check source code in and out. Does anyone know of a step-by-step tutorial on how to work with TFS? Just for basic operations e.g. get latest version, upload your changes, etc. I am accessing it from Visual Studio 2010. I also have access to the TFS web interface.

    Read the article

  • How should a site respond to automated login attempts with phony usernames?

    - by qntmfred
    For the last couple weeks I've been seeing a consistent stream of 15-30 invalid login attempts per hours on my site. Many of them are non-sensical usernames that nobody would ever register for real, and often contain typical spam-related keywords. They all come from different IP addresses so I can't just IP block/throttle the requests. I'm not worried about unauthorized access to real accounts since they aren't using real usernames. And if it were a member of my site trying to brute force logins, they could easily scrape the valid usernames from the site, so I'm not worried about that kind of malicious behavior either. But what's the point of this type of activity? What would whichever bot operator is doing this have to gain by attempting all these logins?

    Read the article

  • Investigating a big C++ project from its source code [closed]

    - by user827992
    Possible Duplicate: What is the best method to start understanding BIG project source code? I have a project that I would like to dissect to learn something new from it. This project is about 200 megabytes. For me, it is just impossible to open every cpp and hpp file and read each and every one. I also don't know what is the best approach in this case. Many people on the internet are looking for an UML tool to generate some kind of graph. I think that UML works well when you are starting a project and you want to express the business logic of your classes and methods. In my opinion UML is totally useless when studying a project only from its source code. Also UML is an OO language, in a large sized C++ project I find a lot of stuff that is not an object and can express some other kind of paradigm. Can you name a tool or a class of software that can help with this?

    Read the article

  • What should a developer know before building a public web site?

    - by Joel Coehoorn
    What things should a programmer implementing the technical details of a web site address before making the site public? If Jeff Atwood can forget about HttpOnly cookies, sitemaps, and cross-site request forgeries all in the same site, what important thing could I be forgetting as well? I'm thinking about this from a web developer's perspective, such that someone else is creating the actual design and content for the site. So while usability and content may be more important than the platform, you the programmer have little say in that. What you do need to worry about is that your implementation of the platform is stable, performs well, is secure, and meets any other business goals (like not cost too much, take too long to build, and rank as well with Google as the content supports). Think of this from the perspective of a developer who's done some work for intranet-type applications in a fairly trusted environment, and is about to have his first shot and putting out a potentially popular site for the entire big bad world wide web. Also: I'm looking for something more specific than just a vague "web standards" response. I mean, HTML, JavaScript, and CSS over HTTP are pretty much a given, especially when I've already specified that you're a professional web developer. So going beyond that, Which standards? In what circumstances, and why? Provide a link to the standard's specification. This question is community wiki, so please feel free to edit that answer to add links to good articles that will help explain or teach each particular point. To search in only the answers from this question, use the inquestion:this option.

    Read the article

  • 25 Passwords to Avoid to Thwart Hackers

    SplashData, a vendor of smartphone productivity applications for consumers and businesses, recently released a list of the top 25 most commonly used passwords for 2011. The company compiled the list after analyzing files of stolen passwords that hackers posted online to share with their cybercriminal colleagues. Without further adieu, here is the list of passwords that made SplashData's top 25: password, 123456, 12345678, qwerty, abc123, monkey, 1234567, letmein, trustno1, dragon, baseball, 111111, iloveyou, master, sunshine, ashley, bailey, passw0rd, shadow, 123123, 654321, superman, qazwsx...

    Read the article

  • Avoid SQL Injection with Parameters

    - by simonsabin
    The best way to avoid SQL Injection is with parameters. With parameters you can’t get SQL Injection. You only get SQL Injection where you are building a SQL statement by concatenating your parameter values in with your SQL statement. Annoyingly many TSQL statements don’t take parameters, CREATE DATABASE for instance, or really annoyingly ALTER USER. In these situations you have to rely on using QUOTENAME or REPLACE to avoid SQL Injection. (Kimberly Tripp takes about this in her recent blog post Little...(read more)

    Read the article

  • Dot Net Code Coverage Test Tools - there is now a choice

    - by TATWORTH
    I have been pleasantly surprised this week to discover that there is a choice of tools for measuring Code Coverage. If you have Visual Studio Team edition, then if you are using MSTEST, then you have built-in code coverage, however even then you may need a standalone tool. The tools I have found are (costs are per seat): 1) NCover  http://www.ncover.com/ (from $199 to $658 per seat) I have used it but it is very expensive. 2) PartCover http://sourceforge.net/projects/partcover/ - Free!  Steep initial learning curve to get it to work. 3) Dot Cover from http://www.jetbrains.com/dotcover/ - Personal licence - normally $99 but at a introductory price of $75 and free for OpenSource Developers (details at http://www.jetbrains.com/dotcover/buy/buy.jsp#opensource_) 4) Test Matrix from http://submain.com/products/testmatrix.aspx - $149 for a licence

    Read the article

  • Using source code with no license

    - by nathansizemore
    I've recently come across a publicly viewable project on Github that has no license associated with it. In this repo, there is a file with the logic and most of the code needed to work as a piece of a project I am working on. Not verbatim, but about 60% of it I'd like to use with various modifications. Once my code base is a little bit more stable, I plan to release what I've done under the WTFPL License. I've emailed the repo owner, and so far have not gotten a reply. I know I have the rights to fork the repo, but if I release a stripped down and modified version of the other project's file with mine, under the WTFPL, am I infringing on copyrights? Per Github's Terms of Service, by submitted a project on Github and making it viewable to the public, you are allowing other users to see and fork your project. Doesn't say anything about modifying, distributing, or using the fork. And at what point of modification to the original does it become owned by me?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 135 136 137 138 139 140 141 142 143 144 145 146  | Next Page >