Search Results

Search found 851 results on 35 pages for 'rubin attack'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 16/35 | < Previous Page | 12 13 14 15 16 17 18 19 20 21 22 23  | Next Page >

  • How to sort a boxplot by the median values in pandas

    - by Chris
    I've got a dataframe outcome2 that I generate a grouped boxplot with in the following manner: In [11]: outcome2.boxplot(column='Hospital 30-Day Death (Mortality) Rates from Heart Attack',by='State') plt.ylabel('30 Day Death Rate') plt.title('30 Day Death Rate by State') Out [11]: What I'd like to do is sort the plot by the median for each state, instead of alphabetically. Not sure how to go about doing so.

    Read the article

  • ASP .NET Code analysis tool to check cross site scripting

    - by Prashant
    I am aware of a tool which MS has provided which tells you about coss site scripting attack etc. The tool is http://www.microsoft.com/downloads/details.aspx?FamilyId=0178e2ef-9da8-445e-9348-c93f24cc9f9d&displaylang=en But are there tools which you have used for ASP .NET applications which do similar to this and which one is widely used in ASP .Net applications ?

    Read the article

  • How to write a recursive function that returns a linked list of nodes, when given a binary tree of n

    - by Jian Lin
    I was once asked of this in an interview: How to write a recursive function that returns a linked list of nodes, when given a binary tree of nodes? (flattening the data) For some reason, I tend to need more than 3 to 5 minutes to solve any recursive problem. Usually, 15 to 20 minutes will be more like it. How could we attack this problem, such as a very systematic way of reaching a solution, so that they can be solved in 3 to 5 minute time frame?

    Read the article

  • To HTMLENCODE or not to HTMLENCODE user input on web form (asp.net vb)

    - by Phil
    I have many params making up an insert form for example: x.Parameters.AddWithValue("@city", City.Text) I had a failed xss attack on the site this morning, so I am trying to beef up security measures anyway.... Should I be adding my input params like this? x.Parameters.AddWithValue("@city", HttpUtility.HtmlEncode(City.Text)) Is there anything else I should consider to avoid attacks? Thanks

    Read the article

  • How do you display a binary search tree?

    - by fakeit
    I'm being asked to display a binary search tree in sorted order. The nodes of the tree contain strings. I'm not exactly sure what the best way is to attack this problem. Should I be traversing the tree and displaying as I go? Should I flatten the tree into an array and then use a sorting algorithm before I display? I'm not looking for the actual code, just a guide where to go next.

    Read the article

  • Ideas for student parallel programming project

    - by chi42
    I'm looking to do a parallel programming project in C (probably using pthreads or maybe OpenMP) for a class. It will done by a group of about four students, and should take about 4 weeks. I was thinking it would be interesting to attack some NP-complete problem with a more complex algorithm like a genetic algo with simulated annealing, but I'm not sure if it would be a big enough project. Anyone knew of any cool problems that could benefit from a parallel approach?

    Read the article

  • Intermittent error thrown, "A required anti-forgery token was not supplied or was invalid."

    - by Dave K
    I'm occasionally getting this error during normal use, and I've not found a way to stop it without removing the attribute that requires the token, which I'd rather not do. I've gotten this bug during my own testing (but seemingly randomly) and I know from my logging that actual logged-in users are getting it as well. Does anyone know what would cause the antiforgerytoken system to break (other than a real attack), and how I could fix this without opening up a security hole in my forms? Thanks!

    Read the article

  • How to inject dependencies in Collection form ??

    - by Perpetualcoder
    How do I wire up dependencies where the dependency is in the form of a collection ?? For Example: public class Ninja { public List<IShuriken> Shurikens {get;set;} public IKatana Katana {get;set;} public void Attack() { // some code goes here to use weapons and kill people } } How do i use a container like Ninject in a case like this ??

    Read the article

  • Prevent Cross-site request forgery - Never Rely on The SessionID Sent to Your Server in The Cookie H

    - by Yan Cheng CHEOK
    I am reading the tutorial at http://code.google.com/p/google-web-toolkit-incubator/wiki/LoginSecurityFAQ It states Remember - you must never rely on the sessionID sent to your server in the cookie header ; look only at the sessionID that your GWT app sends explicitly in the payload of messages to your server. Is it use to prevent http://en.wikipedia.org/wiki/Cross-site_request_forgery#Example_and_characteristics With this mythology, is it sufficient enough to prevent to above attack?

    Read the article

  • Limit URL Parameter Length in Web.Config

    - by Alex
    Is it possible to add some kind of restriction to the web.config to limit URL parameter length? I want to prevent people at the earliest possible point from submitting too large URL parameters so the server doesn't get taxed more than necessary in the event that somebody tries to "attack" it with large invalid URL parameters.

    Read the article

  • Python sorting problem

    - by matt
    I'm sure this is simple but I can't figure it out. I have a list of strings like this(after using sorted on it): Season 2, Episode 1: A Flight to Remember Season 2, Episode 20: Anthology of Interest I Season 2, Episode 2: Mars University Season 2, Episode 3: When Aliens Attack .... Season 3, Episode 10: The Luck of the Fryrish Season 3, Episode 11: The Cyber House Rules Season 3, Episode 12: Insane in the Mainframe Season 3, Episode 1: The Honking Season 3, Episode 2: War Is the H-Word How can I make them sort out properly? (by episode #, ascending)

    Read the article

  • SQL Injection When Using MySQLi Prepared Statements

    - by Sev
    If all that is used to do any and all database queries is MySQLi prepared statements with bound parameters in a web-app, is sql injection still possible? Notes I know that there are other forms of attack other than sql-injection, but my question is specific to sql-injection attacks on that particular web application only.

    Read the article

  • Empty "for" loop in Facebook ajax

    - by celticpride
    While surfing facebook and using the Firebug network debugger I noticed that facebook's AJAX responses all start with an empty for loop. Example: for(;;);{...} Does anyone know why this is done? I assume it's to prevent some sort of XSS attack but I don't totally understand. Thanks!

    Read the article

  • preg_replace on xss code

    - by proyb2
    Can this code help to sanitize malicious code in user submit form? function rex($string) { $patterns = array(); $patterns[0] = '/=/i'; $patterns[1] = '/javascript:/i'; $replacements = array(); $replacements[0] = ''; $replacements[1] = ''; return preg_replace($patterns, $replacements, $string); I have included htmlentities() to prevent XSS on client side, is all the code shown is safe enough to prevent attack?

    Read the article

  • which of these modes : cbc,cfb,ctr,ecb,ncfb,nofb,ofb,stream are secure and which are absolute no-no

    - by user393087
    By security I mean that encoded string is indistinguishable from random noise and is different on every encryption of the same text so it is impossible to make a guess on encryption algorithm used or do any dictionary attack on the encoded text. Second: output string length does not correspond to the input string length in easy way, so it is not possible of make guessing on that account. Third: it is possible to verify that the provided password is incorrect so the decoding function could return false instead of supposedly decoded random string.

    Read the article

  • Sanitising user input using Python

    - by Steve
    What's the best way to sanitise user input for a Python-based web application? Is there a single function to remove HTML characters and any other necessary characters combinations to ensure that an XSS or SQL injection attack isn't possible?

    Read the article

  • Security review of an authenticated Diffie Hellman variant

    - by mtraut
    EDIT I'm still hoping for some advice on this, i tried to clarify my intentions... When i came upon device pairing in my mobile communication framework i studied a lot of papers on this topic and and also got some input from previous questions here. But, i didn't find a ready to implement protocol solution - so i invented a derivate and as i'm no crypto geek i'm not sure about the security caveats of the final solution: The main questions are Is SHA256 sufficient as a commit function? Is the addition of the shared secret as an authentication info in the commit string safe? What is the overall security of the 1024 bit group DH I assume at most 2^-24 bit probability of succesful MITM attack (because of 24 bit challenge). Is this plausible? What may be the most promising attack (besides ripping the device out off my numb, cold hands) This is the algorithm sketch For first time pairing, a solution proposed in "Key agreement in peer-to-peer wireless networks" (DH-SC) is implemented. I based it on a commitment derived from: A fix "UUID" for the communicating entity/role (128 bit, sent at protocol start, before commitment) The public DH key (192 bit private key, based on the 1024 bit Oakley group) A 24 bit random challenge Commit is computed using SHA256 c = sha256( UUID || DH pub || Chall) Both parties exchange this commitment, open and transfer the plain content of the above values. The 24 bit random is displayed to the user for manual authentication DH session key (128 bytes, see above) is computed When the user opts for persistent pairing, the session key is stored with the remote UUID as a shared secret Next time devices connect, commit is computed by additionally hashing the previous DH session key before the random challenge. For sure it is not transfered when opening. c = sha256( UUID || DH pub || DH sess || Chall) Now the user is not bothered authenticating when the local party can derive the same commitment using his own, stored previous DH session key. After succesful connection the new DH session key becomes the new shared secret. As this does not exactly fit the protocols i found so far (and as such their security proofs), i'd be very interested to get an opinion from some more crypto enabled guys here. BTW. i did read about the "EKE" protocol, but i'm not sure what the extra security level is.

    Read the article

  • Cheapest SSL certificates

    - by Aaron Maenpaa
    I'm looking for cheap SSL certs for running a personal website over https without triggering Firefox's "you may be facing a man-in-the-middle-attack" response that self signed certs provoke. Nothing particularly fancy, no EV, etc. Any recommendations/where do you get your certificates from?

    Read the article

  • How can I securely check if a username is already taken?

    - by Geo
    I have a form where someone can create a new user. I'd like to add some AJAX to check if a username is taken, as soon as the input field loses focus. I'm not really sure how to go about this, as this could pave the way to bruteforce attack, since you could check for any username and see whether or not it exists. Any suggestions?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 12 13 14 15 16 17 18 19 20 21 22 23  | Next Page >