Search Results

Search found 1458 results on 59 pages for 'protect from forgery'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 15/59 | < Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22  | Next Page >

  • securing source code with bitlocker

    - by Daniel Powell
    We need to deploy a web based application at a client site where it will be within their local intranet. Part of our requirement is to provide some basic security to protect our IP. I realise that nothings a 100% guaranteed fix but we are just looking to make it a bit harder for most people. The server will be running server 2008 and I was considering using bitlocker as a cheap and nasty way to protect it. From what I understand assuming the mobo supports it we can use the Transparent bitlocker mode and this means that moving the hdd to another pc will mean the hdd will be unreadable in that machine baring some sort of cold boot attack to steal the encryption keys. Is this assumption correct and in the case that the motherboard or any other component fails in the pc and we need to replace it do we lose access to our data or is there a way to unencrypt it (obviously accessible to only our company) EDIT: we do have legal documents that cover this and we will be locking the pc physically and the client will not have access to the pc (windows login) other than via the website we host on it

    Read the article

  • Apache virtual host for drupal test site

    - by bsreekanth
    Hello, I am a programmer, trying to launch my first website.. through different helpful posts in sf and others, I setup an account with Linode and set up a slice (Debian, Apache, ..etc). I have a Drupal site under development, and like to have a test site in the Linode server as well. Now, I like to have a site setup with the following requirement. What is the best way to setup and protect the test site along with the actual (production) site?. Is virtual host is the answer? To protect the test site, is .htaccess authentication sufficient to prevent access from public and robots? I also modifying the theme, database contents etc, so having two sites under one drupal installation may not be good idea . what do u suggest? thanks in advance. bsreekanth.

    Read the article

  • Domain Outlook user is asked for password every time despite checking the 'remember password' button

    - by MrVimes
    We have a windows 2003 domain. All users have roaming profiles. We have a couple of users who, when they log into outlook, are asked for their password every time, despite selecting the 'remember my password' option. Our email is externally hosted exchange email. I've tried several fixes found on google such as deleting 'protect' folder in the user's profile, and deleting protect key in the registry but none work. I tried storing the password in windows' password/credentials manager, didn't work. It happens on any PC the users log into so it's not a machine specific problem. Any ideas? OS is Windows XP pro. Outlook is 2007.

    Read the article

  • wsgi - narrow user permissions.

    - by Tomasz Wysocki
    I have following Apache configuration and my application is working fine: <VirtualHost *:80> ServerName ig-test.example.com WSGIScriptAlias / /home/ig-test/src/repository/django.wsgi WSGIDaemonProcess ig-test user=ig-test </VirtualHost> But I want to protect my files from other users, so I do: chown ig-test /home/ig-test/ -R chmod og-rwx /home/ig-test/ -R And application stops working: (13)Permission denied: /home/ig-test/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable Is it possible to achieve what i'm doing with wsgi? If I have to give read permissions to some files it will be fine. But there are files I have to protect (like file with DB configuration or business logic of application).

    Read the article

  • Shibboleth + IIS and Pound Reverse Proxy

    - by boburob
    Having a bit of a problem getting Shibboleth (SSO) working with ADFS and Pound. The main problem seems to be that: The website address will be https://website.domain.com Pound will then terminate the SSL and forward the traffic to the webserver on a different port (http://server.domain.com:8888) I have set up Shibboleth to protect the address http://server.domain.com:8888, which allows me to retrieve metadata and it all seems to be working fine. However the problem seems to be that ADFS is configured to protect the https website, so when Shibboleth attempts to recieve information from ADFS I get nothing except the following error: A token request was received for a relying party identified by the key 'https://msstagrevproxy.cwpintranet.com/shibboleth', but the request could not be fulfilled because the key does not identify any known relying party trust. Key: https://msstagrevproxy.cwpintranet.com/shibboleth I am not really sure how I can work around this as to retrieve the metadata from Shibboleth I have to use the https address but this does not actually exist in Shibboleth or IIS. Has anyone had any experience with this before or using any other SSO with a reverse proxy that works?

    Read the article

  • virtual machines and cryptography

    - by Unknown
    I suspect I'm a bit offtopic with the site mission, but it seems me more fitting for the question than stackoverflow i'm in preparing to create a vm with sensible data (personal use, it will be a web+mail+... appliance of sorts), i'd like to protect the data even with cryptography; the final choice have to be cross-platform for the host basically, I have to choose between guest system-level cryptography (say, dm-crypt or similar) or host level cryptography with truecrypt. do you think that the "truecrypt-volume contained virtualized disks" approach will hit the i/o performance of the vm badly (and therefore dm-crypt like approaches into the vm would be better), or is it doable? I'd like to protect all the guest data, not only my personal data, to be able to suspend the vm freely without worrying for the swap partition, etc

    Read the article

  • gcc sandboxing tool - AppArmor / CHROOT jail on Ubuntu 12.04

    - by StuR
    We have a Node application as the front end to a C++ sandboxing tool, which compiles code using gcc and outputs the result to the browser. e.g. exec("gcc -o /tmp/test /tmp/test.cpp", function (error, stdout, stderr) { if(!stderr) { execFile('/tmp/test', function(error, stdout, stderr) {}); } }); This works fine. However, as you can imagine this is a security nightmare if it were to be made public - so I was thinking of two options to protect my stack: 1) A CHROOT jail - but this in itself wouldn't be enough to prevent directory traversal / file access. 2) AppArmor ? So my question is really, how could I protect my stack from any nasties that could come from: A) Compiling unknown code using gcc B) Executing the compiled code

    Read the article

  • Safe to use high port numbers? (re: obscuring web services)

    - by sofakng
    I have a small home network and I'm trying to balance the need for security versus convenience. The safest way to secure internal web servers is to only connect using VPNs but this seems overkill to protect a DVRs remote web interface (for example). As a compromise, would it be better to use very large ports numbers? (eg. five digits up to 65531) I've read that port scanners typically only scan the first 10,000 ports so using very high port numbers is a bit more secure. Is this true? Are there better ways to protect web servers? (ie. web guis for applications)

    Read the article

  • Safe to use high port numbers? (re: obscuring web services)

    - by sofakng
    I have a small home network and I'm trying to balance the need for security versus convenience. The safest way to secure internal web servers is to only connect using VPNs but this seems overkill to protect a DVRs remote web interface (for example). As a compromise, would it be better to use very large ports numbers? (eg. five digits up to 65531) I've read that port scanners typically only scan the first 10,000 ports so using very high port numbers is a bit more secure. Is this true? Are there better ways to protect web servers? (ie. web guis for applications)

    Read the article

  • Any reasonable UPS for a Desktop PC, just to shut it down?

    - by Michael Stum
    While I do have a surge protector to protect against overvoltage (hopefully), I have nothing against undervoltage. When a lightning storm hits, I had the lights flickering at some point. The PC continued to run, but it got me thinking of getting a UPS as a way to a) have a clean 120V/60Hz power source and b) have a way to shut down the PC in case something bad happens. I heard not all UPS' protect against power spikes, so I wonder if someone has a recommendation? It does not need to keep the PC on for a long time if the power goes out, it's good enough if it shuts down the PC after 5 minutes or so. There are 2 PCs connected. One is a Core i7-860 with a Radeon 5870 running Windows 7 Ultimate (so quite power hungry. It uses a 600W PSU but I have no measurements of the actual usage), the other one is a Windoes Home Server, running WHS/Windows Server 2003. Any recommendations in the low-price segment?

    Read the article

  • How do I prevent my swf files being hotlinked, downloaded etc.

    - by undefined
    I have swf files that are embedded in a PHP page using SWFObject. These swf files are in the same directory as my PHP files. for example www.myurl.com/index.php embeds www.myurl.com/flashfile.swf, index.php and flashfile.swf are in the same directory. However I want to prevent people from being able to type in www.myurl.com/flashfile.swf and viewing the swf. I want the browser to deny access to this file unless it has been embedded by the PHP file. Should I move my swfs to another folder and protect this folder somehow - is this with the .htaccess file? I am running Apache on a linux machine. While my main concern is for swf files I would like to protect graphics used on the site too. all help appreciated thanks

    Read the article

  • 4 Top Tips from the Exceptional DBA Award judges

    - by Rebecca Amos
    There's still time to celebrate your achievements as a DBA – or those of a DBA you know – by submitting a nomination for the Exceptional DBA Awards 2011. To help you get started, here are some top tips from the judges on what they're looking for from this year's winner [hint: it's very likely you're already exceptional!]: "An Exceptional DBA must be able to communicate effectively and clearly with both technical people and the client." Steve Jones. "Exceptional DBAs are like police officers: we're here to serve and protect. Both serving and protecting are vital parts of the job, and we can't just focus on one." Brent Ozar "DBA work can be routine. Exceptional DBAs are enthusiastic about their work and are rarely bored, as there is always something new to learn and master." Brad McGehee. "Remember that cost is an important factor for your company. The ability to save your company money with a different technical solution will make you an Exceptional DBA, and can make you exceptionally well liked." Rodney Landrum. So whether you've brought a team together for a project, taken steps to protect the security of your servers, or learnt a new topic to understand an element of your job better, it's likely you’re already taking the steps that make you the Exceptional DBA the judges are looking for. To get more insider info from the judges, download your free poster of their top tips, and then get started on your entry: www.exceptionaldba.com.

    Read the article

  • How to Switch Mac OS X to Use OpenDNS or Google DNS

    - by The Geek
    Are you still using your service provider’s DNS servers? If you’re on Comcast, you probably noticed their DNS servers completely died recently, taking down the internet—but anybody using the more reliable OpenDNS or Google DNS had no problems. Here’s how to set it up on your Mac OS X computer. There’s lots of other reasons to use OpenDNS or Google DNS other than just their rock-solid reliability—they are often much faster than your ISP’s DNS server, and in the case of OpenDNS, there’s loads of extra features like content filtering, typo correction, anti-phishing, and child protection controls. If you’re using Windows, be sure and check out some of our other articles on the subject: Speed Up Your Web Browsing with Google Public DNS Easily Add OpenDNS To Your Router Protect Your Kids Online Using Open DNS Otherwise, keep reading for how to set it up on your Mac. Latest Features How-To Geek ETC The Complete List of iPad Tips, Tricks, and Tutorials The 50 Best Registry Hacks that Make Windows Better The How-To Geek Holiday Gift Guide (Geeky Stuff We Like) LCD? LED? Plasma? The How-To Geek Guide to HDTV Technology The How-To Geek Guide to Learning Photoshop, Part 8: Filters Improve Digital Photography by Calibrating Your Monitor Exploring the Jungle Ruins Wallpaper Protect Your Privacy When Browsing with Chrome and Iron Browser Free Shipping Day is Friday, December 17, 2010 – National Free Shipping Day Find an Applicable Quote for Any Programming Situation Winter Theme for Windows 7 from Microsoft Score Free In-Flight Wi-Fi Courtesy of Google Chrome

    Read the article

  • IASA South East Florida Chapter February Meeting Report

    - by Rainer Habermann
    IASA South East Florida Chapter – February Meeting The topic for our February chapter meeting was Legal Issues in IT. Ms. Kennedy, Intellectual Property Attorney with an active litigation, trademark and copyright practice, presented: How Google, Wal-Mart & Apple Make their Millions – The Secret Ingredient: Intellectual Property This topic initiated great interest and the meeting room at Microsoft Ft. Lauderdale filled up to the last seat. Most Architects, Engineers, and MBA’s are not aware about Intellectual Property, Basic Patent, Trademark, or legal issues related to the web. After clarifying the basic definitions, Ms. Kennedy explained in detail how intellectual property issues could make or break a company. Members had the opportunity at the end of the presentation to ask questions, discuss legal problems, and several members shared their experiences related to Intellectual Property and other IT related issues. If you want to protect your ideas and intellectual property, you have to be aware of the implications and need to take the right steps in order to protect them. All Chapter Members agreed that it was an outstanding and lively presentation. Ms. Kennedy presented high quality content and made participants aware of legal IT issues. In the name of all chapter members, thank you Ms. Kennedy for taking the time for this amazing presentation and to Quent Herschelman for hosting the meeting. Rainer Habermann President IASA South East Florida Chapter

    Read the article

  • Where to Perform Authentication in REST API Server?

    - by David V
    I am working on a set of REST APIs that needs to be secured so that only authenticated calls will be performed. There will be multiple web apps to service these APIs. Is there a best-practice approach as to where the authentication should occur? I have thought of two possible places. Have each web app perform the authentication by using a shared authentication service. This seems to be in line with tools like Spring Security, which is configured at the web app level. Protect each web app with a "gateway" for security. In this approach, the web app never receives unauthenticated calls. This seems to be the approach of Apache HTTP Server Authentication. With this approach, would you use Apache or nginx to protect it, or something else in between Apache/nginx and your web app? For additional reference, the authentication is similar to services like AWS that have a non-secret identifier combined with a shared secret key. I am also considering using HMAC. Also, we are writing the web services in Java using Spring. Update: To clarify, each request needs to be authenticated with the identifier and secret key. This is similar to how AWS REST requests work.

    Read the article

  • Lösungen zum Anfassen – die Oracle Demo-Plattform

    - by A&C Redaktion
    Mit der neuen Demo-Plattform möchte Oracle den schnellen Zugang zu vorbereiteten Demo-Umgebungen anbieten. Denn manchmal sagt eine kurze Demonstration mehr, als tausend Erklärungsversuche. Oracle hat daher eine Demo-Plattform eingerichtet, auf der laufend neue Lösungen und Produkte anschaulich vorgeführt werden. Dabei geht es nicht um die theoretischen Möglichkeiten, sondern um ganz praktische Problemfälle – und wie diese bewältigt werden. Das aktuelle Thema ist Database Security am Beispiel der E-Business Suite – ein Thema, das so mancher Partner im Kundengespräch gut gebrauchen kann. In der folgenden Demo-Umgebung können Sie die Datenbank-Sicherheitsfunktionen wie die transparente Verschlüsselung von Applikationsdaten (hier am Beispiel E-Business Suite – es funktioniert aber auch mit SAP oder anderen Anwendungen) und das Rechtekonzept für Anwender und DBAs Ihren Kunden direkt vorstellen. In der Demo können Sie die Funktionalität von Oracle Database Vault, Oracle Advanced Security, Security Option und Oracle Label Security erläutern. Oracle Advanced Security Address Industry and Privacy Regulations with Encryption Protect Application Data with Transparent Data Encryption Encrypt Data on the Network Oracle Database Vault Increase Security For Data Consolidation and Out-Sourced Administration Protect Application Data with Privileged User Controls  Enforce Multi-factor Authorization and Separation of Duty Oracle Label Security Use Security Groups to control data access Assign OLS attributes to application, not necessarily database, users Jede Demo stellt Ihnen einen beispielhaften Demo-Guide zur Verfügung, an dem Sie sich orientieren können. Dies ist der direkte Weg zur Demo-Plattform, auf der Sie für Ihre eigenen Lernzwecke die Demo anschauen können sowie auch einen Zeitraum für Kundenpräsentationen reservieren können. 

    Read the article

  • Lösungen zum Anfassen – die Oracle Demo-Plattform

    - by A&C Redaktion
    Mit der neuen Demo-Plattform möchte Oracle den schnellen Zugang zu vorbereiteten Demo-Umgebungen anbieten. Denn manchmal sagt eine kurze Demonstration mehr, als tausend Erklärungsversuche. Oracle hat daher eine Demo-Plattform eingerichtet, auf der laufend neue Lösungen und Produkte anschaulich vorgeführt werden. Dabei geht es nicht um die theoretischen Möglichkeiten, sondern um ganz praktische Problemfälle – und wie diese bewältigt werden. Das aktuelle Thema ist Database Security am Beispiel der E-Business Suite – ein Thema, das so mancher Partner im Kundengespräch gut gebrauchen kann. In der folgenden Demo-Umgebung können Sie die Datenbank-Sicherheitsfunktionen wie die transparente Verschlüsselung von Applikationsdaten (hier am Beispiel E-Business Suite – es funktioniert aber auch mit SAP oder anderen Anwendungen) und das Rechtekonzept für Anwender und DBAs Ihren Kunden direkt vorstellen. In der Demo können Sie die Funktionalität von Oracle Database Vault, Oracle Advanced Security, Security Option und Oracle Label Security erläutern. Oracle Advanced Security Address Industry and Privacy Regulations with Encryption Protect Application Data with Transparent Data Encryption Encrypt Data on the Network Oracle Database Vault Increase Security For Data Consolidation and Out-Sourced Administration Protect Application Data with Privileged User Controls  Enforce Multi-factor Authorization and Separation of Duty Oracle Label Security Use Security Groups to control data access Assign OLS attributes to application, not necessarily database, users Jede Demo stellt Ihnen einen beispielhaften Demo-Guide zur Verfügung, an dem Sie sich orientieren können. Dies ist der direkte Weg zur Demo-Plattform, auf der Sie für Ihre eigenen Lernzwecke die Demo anschauen können sowie auch einen Zeitraum für Kundenpräsentationen reservieren können. 

    Read the article

  • How to Setup Your Verizon FIOS Router with OpenDNS or Google DNS

    - by The Geek
    Are you still using your service provider’s DNS servers? You might have heard about Comcast’s DNS servers dying and taking down the internet for anybody not using the more reliable OpenDNS or Google DNS. Here’s how to set it up on your Verizon FIOS router for every device on your network. There’s lots of other reasons to use OpenDNS or Google DNS other than just their rock-solid reliability—they are often much faster than your ISP’s DNS server, and in the case of OpenDNS, there’s loads of extra features like content filtering, typo correction, anti-phishing, and child protection controls. If you’re using Windows, be sure and check out some of our other articles on the subject: Speed Up Your Web Browsing with Google Public DNS Easily Add OpenDNS To Your Router Protect Your Kids Online Using Open DNS Otherwise, keep reading for how to set it up on your router. Latest Features How-To Geek ETC The Complete List of iPad Tips, Tricks, and Tutorials The 50 Best Registry Hacks that Make Windows Better The How-To Geek Holiday Gift Guide (Geeky Stuff We Like) LCD? LED? Plasma? The How-To Geek Guide to HDTV Technology The How-To Geek Guide to Learning Photoshop, Part 8: Filters Improve Digital Photography by Calibrating Your Monitor Deathwing the Destroyer – WoW Cataclysm Dragon Wallpaper Drag2Up Lets You Drag and Drop Files to the Web With Ease The Spam Police Parts 1 and 2 – Goodbye Spammers [Videos] Snow Angels Theme for Windows 7 Exploring the Jungle Ruins Wallpaper Protect Your Privacy When Browsing with Chrome and Iron Browser

    Read the article

  • Project Codenames - Yea or Nay?

    - by rmx
    Where I work, most of our projects have (or at least attempt) descriptive, useful names. However we have a few with names that make no sense: I found that an assembly named WiFi which actually has nothing whatsoever to do with wi-fi, but is a codename. When I asked why, I was told that it's to protect company secrets incase some intern has few too many at the pub on Friday and starts chatting about the brand new 'WiFi' project he's been working on. Its clear that some people find enjoyment in finding silly / amusing codenames for their projects (like in this question). My question is: is it really a good idea to use codenames for your projects or are you better off spending the time to decide upon a descriptive name? My opinion is that in the long-run its better to give your projects relevant names. My reasoning is that if you can't think of a decent name, perhaps you don't really know the requirements well enough. I think there are better ways to 'protect company secrets' and I find it quite confusing when the name does not correlate at all with the content. It's just common sense, surely?! So do you use codenames and what the your reasons for or against this seemingly common, yet annoying (to me at least) practice?

    Read the article

  • Intellectual-Property Question

    - by Roger J. J.
    Like almost everyone here, I have a handfull of scripts and software that I have developed and am enthused about. I will be looking for my first job as a software designer / coder. It seems natural that I will be eager to please my employer and use scripts or similar methods that I have developed and worked for me in the past to please my employer. It seems certain that many things that I code will look very similar to things I have coded in the past. I don't understand how to document and articulate to an employer that this code base was mine before I got here and this will continue to be mine when I leave. Surely, this is a common issue, but none of the various searches I've done on the net have produced an answer to this question. How is this situation commonly dealt with in the industry? I feel like there should be a digital version of sending myself a 'certified letter' with my code/software/scripts contained. I'm not trying to protect my code from others using it; I am trying to protect my right to continue using my code base that I have developed prior to to gaining employment with an employer.

    Read the article

  • Why Wouldn't Root Be Able to Change a Zone's IP Address in Oracle Solaris 11?

    - by rickramsey
    You might assume that if you have root access to an Oracle Solaris zone, you'd be able to change the root's IP address. If so, you'd proceed along these lines ... First, you'd log in: root@global_zone:~# zlogin user-zone Then you'd remove the IP interface: root@user-zone:~# ipadm delete-ip vnic0 Next, you'd create a new IP interface: root@user-zone:~# ipadm create-ip vnic0 Then you'd assign the IP interface a new IP address (10.0.0.10): root@user-zone:~# ipadm create-addr -a local=10.0.0.10/24 vnic0/v4 ipadm: cannot create address: Permission denied Why would that happen? Here are some potential reasons: You're in the wrong zone Nobody bothered to tell you that you were fired last week. The sysadmin for the global zone (probably your ex-girlfriend) enabled link protection mode on the zone with this sweet little command: root@global_zone:~# dladm set-linkprop -p \ protection=mac-nospoof,restricted,ip-nospoof vnic0 How'd your ex-girlfriend learn to do that? By reading this article: Securing a Cloud-Based Data Center with Oracle Solaris 11 by Orgad Kimchi, Ron Larson, and Richard Friedman When you build a private cloud, you need to protect sensitive data not only while it's in storage, but also during transmission between servers and clients, and when it's being used by an application. When a project is completed, the cloud must securely delete sensitive data and make sure the original data is kept secure. These are just some of the many security precautions a sysadmin needs to take to secure data in a cloud infrastructure. Orgad, Ron, and Richard and explain the rest and show you how to employ the security features in Oracle Solaris 11 to protect your cloud infrastructure. Part 2 of a three-part article on cloud deployments that use the Oracle Solaris Remote Lab as a case study. About the Photograph That's the fence separating a small group of tourist cabins from a pasture in the small town of Tropic, Utah. Follow Rick on: Personal Blog | Personal Twitter | Oracle Forums   Follow OTN Garage on: Web | Facebook | Twitter | YouTube

    Read the article

  • Data Management Business Continuity Planning

    Business Continuity Governance In order to ensure data continuity for an organization, they need to ensure they know how to handle a data or network emergency because all systems have the potential to fail. Data Continuity Checklist: Disaster Recovery Plan/Policy Backups Redundancy Trained Staff Business Continuity Policies In order to protect data in case of any emergency a company needs to put in place a Disaster recovery plan and policies that can be executed by IT staff to ensure the continuity of the existing data and/or limit the amount of data that is not contiguous.  A disaster recovery plan is a comprehensive statement of consistent actions to be taken before, during and after a disaster, according to Geoffrey H. Wold. He also states that the primary objective of disaster recovery planning is to protect the organization in the event that all or parts of its operations and/or computer services are rendered unusable. Furthermore, companies can mandate through policies that IT must maintain redundant hardware in case of any hardware failures and redundant network connectivity incase the primary internet service provider goes down.  Additionally, they can require that all staff be trained in regards to the Disaster recovery policy to ensure that all parties evolved are knowledgeable to execute the recovery plan. Business Continuity Procedures Business continuity procedure vary from organization to origination, however there are standard procedures that most originations should follow. Standard Business Continuity Procedures Backup and Test Backups to ensure that they work Hire knowledgeable and trainable staff  Offer training on new and existing systems Regularly monitor, test, maintain, and upgrade existing system hardware and applications Maintain redundancy regarding all data, and critical business functionality

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22  | Next Page >