Search Results

Search found 6535 results on 262 pages for '3d secure'.

Page 174/262 | < Previous Page | 170 171 172 173 174 175 176 177 178 179 180 181 | Next Page >

activesync not working with forms based authentication

- by Chad

I have an Exchange 2003 SP2 single backend server with an SSL cert. I was having trouble getting OMA to work so I found a MS article about making a reg hack and creating a new Exchange-OMA virtual directory. I am able to connect and access content from my mailbox by using secure mail.domainname.com/oma and using my credentials. ActiveSync was not working on a Windows mobile phone or iPhone. I found another article about using Forms Based Authenication and SSL on a single Exchange server environment and the fix was to elliminate FBA and SSL for the Exchange virtual directory. That allows ActiveSync to now work. I have very few mobile users, but they are management, so I need to make ActiveSync work but I would like to get back to using SSL. http://support.microsoft.com/kb/817379 Any ideas about this setup? Thanks.

Read the article
How to keep Flash secured with EMET?

- by Indrek

I use EMET to secure a number of applications on my computer - web browsers, Office suite applications, PDF readers, as well as Adobe Flash. Overall it's working great, except that the Flash executables contain the version number in the file name, so every time there's an update, the file names change and I have to remember to re-add them manually to EMET. Is there a way to streamline this process? EMET does support wildcards, but only in the path itself, not the file name, so something like %windir%\system32\Macromed\Flash\*.exe wouldn't work. Is there any other way to add a whole folder to EMET so that any new executables in that folder are automatically secured?

Read the article
securing server to server http post

- by ad-inf

Website is developed on JSF, Servlet, using apache web server. In my website, I accept data submission from few restricted websites using HTTP POST method. We exchange some secure key to ensure that correct source is sending data. But is there any way to ensure that the data is submitted from specific domain / IP address only? In application level I can check request.header('Referer') , but some proxy or firewall might hide the referer. Can this configuration done on firewall or webserver level to authenticate server to server communication? Eg. Say my website is a payment gateway website, integrated with www.abc.com. I want only abc.com to submit data. So a user using abc.com should be able to submit data to my website only through abc.com, and not any other website.

Read the article
Increment numbers in page headers in Microsoft Word

- by Imray

In Microsoft Word, I am laying out a process in steps. Each page pretty much is a new step that begins with a header like: 3. Drive the body to a secure location I would like the numbers to automatically increment, particularly if later on I decide to add a new step somewhere in the middle. Does anyone know how I can achieve that in the simplest way? I already have a working Table of Contents and I'd prefer not doing something that would mess with that, if possible to avoid.

Read the article
Visual Python - Visualize graphs relating to a movement

- by Francisco P.

Hello, everyone! I'm working with visual python on a project where I need to simulate a physical movement. I'd like to present, in a different window than the one the actual, 3D sim is running, two graphs, both related to the movement: How the velocity and angular velocity progress over time. How the movement and rotation progress over time. All these vars are refreshed once per cycle (inside a while(true)) How can I accomplish this? Thank you for your time!

Read the article
How difficult is it to setup a mailserver?

- by Jacob R

I want a secure mail solution, as I am looking to move away from Google and other parties looking into my private data. How much of a PITA is it to setup my own mailserver? Should I go for an external provider with a good privacy policy and encrypted data instead? I have a VPS running Debian (with a dedicated IP + reverse DNS), and I'm a fairly capable Linux administrator, having setup a couple of webservers, home networks, and looking over the shoulder of sysadmins at work. The security I currently have on the VPS is limited to iptables and installing/running the bare minimum of what I need (currently basically irssi and lighttpd). When setting up a mail server, is there a lot of stuff to take into consideration? Will my outgoing mail be marked as spam on other servers if I don't implement a number of solutions? Will reliable spam filtering be difficult to setup? Can I easily encrypt the stored mail?

Read the article
How do I force .htaccess authorization to occur over ssl?

- by kenja

I'm trying to force a particular directory to require only allowed IPs and a valid username/password through basic authorization. To ensure that the username/password are sent in encrypted form, I want the directory to also force SSL use. Here is what I have in my .htaccess file: # Force HTTPS-Connection RewriteEngine On RewriteCond %{SERVER_PORT} !^443$ RewriteRule (.*) https://www.mywebsite.com%{REQUEST_URI} [R,L] ## password begin ## AuthName "Restricted Access" AuthUserFile /var/www/admin/.htpasswd AuthType Basic Require valid-user Order deny,allow Deny from all Allow from 79.1.231.151 62.123.134.83 Satisfy All Unfortunately, when I access that directory using http protocol, it is asking for the password before it redirects the page to the secure version. This means the password is sent unencrypted. What am I doing wrong? Is there a way to do this?

Read the article
How do you search for backdoors from the previous IT person?

- by Jason Berg

We all know it happens. A bitter old IT guy leaves a backdoor into the system and network in order to have fun with the new guys and show the company how bad things are without him. I've never personally experienced this. The most I've experienced is somebody who broke and stole stuff right before leaving. I'm sure this happens, though. So, when taking over a network that can't quite be trusted, what steps should be taken to ensure everything is safe and secure?

Read the article
On a Mac, how are connections (possibly by spyware) made to outside internet addresses during initia

- by TT

I am trying to secure a Mac after discovering that network links are being established to some unwanted internet sites. Using 'lsof -i' (list open 'files', internet) I have seen that launchd, ntpd, firefox, dropbox and other processes are either 'LISTENING' or have 'ESTABLISHED' links to a site or sites which I suspect have to do with spyware. I have been trying to find startup files and preference lists that initiate thise links but can't find them. I could easily reinstall the OS and restore data from a backup but I'd prefer to know how to fix this as I have six Macs to look after. Thanks...

Read the article
Python server does not excecute PHP script: permission denied

- by krisvandenbergh

I am trying to execute a PHP file through a Python server. However, I get the following error: File "/System/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/CGIHTTPServer.py", line 255, in run_cgi os.execve(scriptfile, args, os.environ) OSError: [Errno 13] Permission denied The python server is running though. What have I done so far? Chmod'ed recursively all directories to (chmod -R a+x) (I know this is not secure but its just for testing purposes) for both Python installation directories and my scripts. Tried to find out if python server is running as root through ps aux grep py I am out of ideas. What could be going wrong else? Thanks for the feedback.

Read the article
Can an external server be used to encrypt all traffic

- by Pasta

My work takes me to a number of places with WiFi connection. I want to be able to encrypt the traffic between my laptop and the internet. Can I do this with a VPN server? What is the best way to get this done? Is there a secure and reliable service that will help me do this? This is fairly important and might be shared by upto 2 people at a time. Is it better to get a server setup on a cloud hosting solution? Amazon?

Read the article
How do I configure OpenVPN for accessing the internet with one NIC?

- by Lekensteyn

I've been trying to get OpenVPN to work for three days. After reading many questions, the HOWTO, the FAQ and even parts of a guide to Linux networking, I cannot get my an Internet connection to the Internet. I'm trying to set up a OpenVPN server on a VPS, which will be used for: secure access to the Internet bypassing port restrictions (directadmin/2222 for example) an IPv6 connection (my client does only have IPv4 connectivity, while the VPS has both IPv4 and native IPv6 connectivity) (if possible) I can connect to my server and access the machine (HTTP), but Internet connectivity fails completely. I'm using ping 8.8.8.8 for testing whether my connection works or not. Using tcpdump and iptables -t nat -A POSTROUTING -j LOG, I can confirm that the packets reach my server. If I ping to 8.8.8.8 on the VPS, I get an echo-reply from 8.8.8.8 as expected. When pinging from the client, I do not get an echo-reply. The VPS has only one NIC: etho. It runs on Xen. Summary: I want to have a secure connection between my laptop and the Internet using OpenVPN. If that works, I want to have IPv6 connectivity as well. Network setup and software: Home laptop (eth0: 192.168.2.10) (tap0: 10.8.0.2) | | (running Kubuntu 10.10; OpenVPN 2.1.0-3ubuntu1) | wifi | router/gateway (gateway 192.168.2.1) | INTERNET | VPS (eth0:1.2.3.4) (gateway, tap0: 10.8.0.1) (running Debian 6; OpenVPN 2.1.3-2) wifi and my home router should not cause problems since all traffic goes encrypted over UDP port 1194. I've turned IP forwarding on: # echo 1 > /proc/sys/net/ipv4/ip_forward iptables has been configured to allow forwarding traffic as well: iptables -F FORWARD iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT iptables -A FORWARD -j DROP I've tried each of these rules separately without luck (flushing the chains before executing): iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j SNAT --to 1.2.3.4 iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE route -n before (server): 1.2.3.4 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 1.2.3.4 0.0.0.0 UG 0 0 0 eth0 route -n after (server): 1.2.3.4 0.0.0.0 255.255.255.0 U 0 0 0 eth0 10.8.0.0 0.0.0.0 255.255.255.0 U 0 0 0 tap0 0.0.0.0 1.2.3.4 0.0.0.0 UG 0 0 0 eth0 route -n before (client): 192.168.2.0 0.0.0.0 255.255.255.0 U 2 0 0 wlan0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlan0 0.0.0.0 192.168.2.1 0.0.0.0 UG 0 0 0 wlan0 route -n after (client): 1.2.3.4 192.168.2.1 255.255.255.255 UGH 0 0 0 wlan0 10.8.0.0 0.0.0.0 255.255.255.0 U 0 0 0 tap0 192.168.2.0 0.0.0.0 255.255.255.0 U 2 0 0 wlan0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlan0 0.0.0.0 10.8.0.1 128.0.0.0 UG 0 0 0 tap0 128.0.0.0 10.8.0.1 128.0.0.0 UG 0 0 0 tap0 0.0.0.0 192.168.2.1 0.0.0.0 UG 0 0 0 wlan0 SERVER config proto udp dev tap ca ca.crt cert server.crt key server.key dh dh1024.pem server 10.8.0.0 255.255.255.0 push "redirect-gateway def1" ifconfig-pool-persist ipp.txt keepalive 10 120 tls-auth ta.key 0 comp-lzo user nobody group nobody persist-key persist-tun log-append openvpn-log verb 3 mute 10 CLIENT config dev tap proto udp remote 1.2.3.4 1194 resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert client.crt key client.key ns-cert-type server tls-auth ta.key 1 comp-lzo verb 3 mute 20 traceroute 8.8.8.8 works as expected (similar output without OpenVPN activated): 1 10.8.0.1 (10.8.0.1) 24.276 ms 26.891 ms 29.454 ms 2 gw03.sbp.directvps.nl (178.21.112.1) 31.161 ms 31.890 ms 34.458 ms 3 ge0-v0652.cr0.nik-ams.nl.as8312.net (195.210.57.105) 35.353 ms 36.874 ms 38.403 ms 4 ge0-v3900.cr0.nik-ams.nl.as8312.net (195.210.57.53) 41.311 ms 41.561 ms 43.006 ms 5 * * * 6 209.85.248.88 (209.85.248.88) 147.061 ms 36.931 ms 28.063 ms 7 216.239.49.36 (216.239.49.36) 31.109 ms 33.292 ms 216.239.49.28 (216.239.49.28) 64.723 ms 8 209.85.255.130 (209.85.255.130) 49.350 ms 209.85.255.126 (209.85.255.126) 49.619 ms 209.85.255.122 (209.85.255.122) 52.416 ms 9 google-public-dns-a.google.com (8.8.8.8) 41.266 ms 44.054 ms 44.730 ms If you have any suggestions, please comment or answer. Thanks in advance.

Read the article
Are there any home/soho NAS devices that will backup/sync to the cloud?

- by 3rdparty

Looking for a home office (SOHO) market (priced) network hard drive (NAS) that will sync some or all of its content to a cloud-based backup service. The only option I've been able to find so far is NetGear's [ReadyNAS Vault][1] however from what I've read it's not as secure as it could be, and the service is quite expensive ($200/yr for 50GB of cloud storage) - it's 'powered' by ElephantDrive Ideally would love to see something like Wuala integrated into a Lacie Network HDD - conveniently, I suspect this is in the works as Lacie recently acquired Wuala, however nothing has come of it yet. I know there are options to use rsync with a customizable NAS (such as the very versatile and hackable D-Link DNS-323, but the easier this is to setup and maintain, the better. Thanks! ps. I had many links posted within this question, but was limited to posting with only one due to anti-spam restrictions - gotta get my 'reputation' higher!

Read the article
What is the difference between "su --command" and "su --session-command"?

- by oliver

Running # su - oliver --command bash gives a shell but also prints the warning bash: no job control in this shell, and indeed Ctrl+Z and fg/bg don't work in that shell. Running # su - oliver --session-command bash gives a shell without printing the warning, and job control indeed works. The suggestion to use --session-command comes from Starting a shell from scripts using su results in "no job control in this shell" which states "[a security fix for su] changed the behavior of the -c option and disables job control inside the called shell". But I still don't quite understand this. When should one use --command and when should one use --session-command? Is --command (aka -c) more secure? Or should one always use --session-command, and --command is just left in for backwards compatibility? FWIW, I'm using RHEL 6.4.

Read the article
Does stunnel prevent non ssl traffic to "the" specified port?

- by user432024

So say I have an arbitrary tcp port 12345 and it's non ssl and I want to put stunnel to secure traffic to it. When stunnel is in front of it does it mean that this port is now tls/ssl only? Or can you still connect to it unencrypted? Basically I want to make sure that this port can only be accessed through ssl/tls and stunel and no other way. Clarification I want to make sure only stunnel port is open. Which is answered in the comments that the unsecured port should be fire-walled but preferably bound to localhost.

Read the article
Help setting up NSD daemon (DNS server)

- by Catalin

While searching for a secure dns server I came across the NSD project. I was really impressed by what seemed to me the best option out there that's open source. One problem thought their 'tutorial' is really not beginner friendly. I have basic DNS knoledge but what's in there is out of my league. I need to have multiple sites on this CentOS server I've recently got my hands on. They also need to receive email. Details: I have a master host and would love to set this in the way described in the rows that follow: masterhost.com -> ns1.masterhost.com mail.masterhost.com www.masterhost.com addonhost.com -> ns1.masterhost.com mail.masterhost.com www.addonhost.com And so on. Any help in setting up this DNS server please? All answers and suggestions are welcomed. Thank you in advance.

Read the article
Securely wiping a file on a tmpfs

- by Nanzikambe

I have a script that decrypts some data to a tmpfs, the directory is secure (permissions), the machine's swap is encrypted (random key on boot) and when the script is done it does a 35 pass wipe (Peter Gutmann) of the cleartext on the tmpfs . I do this because I'm aware wiping files on a journaling file system is insecure, data may be recovered. For discussion, here're the relevant bits extracted: # make the tmpfs mkdir /mnt/tmpfs chmod 0700 /mnt/tmpfs mount -t tmpfs -o size=1M tmpfs /mnt/tmpfs cd /mnt/tmpfs # decrypt the data gpg -o - <crypted_input_file> | \ tar -xjpf - # do processing stuff # wipe contents find . -type f -exec bcwipe -I {} ';' # nuke the tmpfs cd .. umount -f /mnt/tmpfs rm -fR /mnt/tmpfs So, my question, assuming for the moment that nobody is able to read the cleartext in the tmpfs while it exists (I use umask to set cleartext to 0600), is there any way any trace of the cleartext could remain either in memory or on disk after the snippet above completes?

Read the article
Why does my Mac always crash when I enable `ask for password after screensaver ended`?

- by Koning Baard XIV

I have enabled these two things: Placing the mouse-pointer in the bottom-left corner of any display makes the screensaver appear After the screensaver or stand-by has ended, ask for password However, this combination always leads to this (Black Screen of Death) after entering the screensaver with the bottom-left corner: Here are my system specs: Hardware Overview: Model Name: iMac Model Identifier: iMac9,1 Processor Name: Intel Core 2 Duo Processor Speed: 2,66 GHz Number Of Processors: 1 Total Number Of Cores: 2 L2 Cache: 6 MB Memory: 2 GB Bus Speed: 1,07 GHz Boot ROM Version: IM91.008D.B08 SMC Version (system): 1.44f0 Serial Number (system): W89171JF0TF Hardware UUID: 323A90F0-8A2F-5057-B501-2087489E0DFF System Software Overview: System Version: Mac OS X 10.6.3 (10D573) Kernel Version: Darwin 10.3.0 Boot Volume: Macintosh HD Boot Mode: Normal Computer Name: YOU SHOULD NOT KNOW THIS User Name: YOU SHOULD NOT KNOW THIS Secure Virtual Memory: Not Enabled 64-bit Kernel and Extensions: No Time since boot: 11:46 Can anyone help me? Thanks

Read the article
Server removes all custom HTTP header fields

- by MartinMoizard

Hello, I've been trying to receive HTTP requests with custom fields in the headers but it seems like my server removes them... I printed the headers of the request when I arrive on my page.php. I see that : body uri http://url.com/oauth.php/request_token parameters headers Array ....*/* ....gzip, deflate ....en-us ....keep-alive ....s320650601.onlinehome.fr ....DearStranger/1.0 CFNetwork/485.12.7 Darwin/10.6.0 method POST when I should be seeing that (it is working on a local version) body uri http://localhost:8888/oauth.php/request_token parameters headers Array ....*/* ....gzip, deflate ....en-us ....OAuth realm="", oauth_consumer_key="582d95bd45d455fa2e5819f88fc0c5a104d2c7ff3", oauth_signature_method="HMAC-SHA1", oauth_signature="7mKKzEw0Clv237nBHFzcTcA3SCE%3D", oauth_timestamp="1295267612", oauth_nonce="C546644E-8918-4FA3-A2A0-DAADCF7D1E5A", oauth_version="1.0" ....keep-alive ....0 ....localhost:8888 ....DearStranger/1.0 CFNetwork/485.12.7 Darwin/10.6.0 method POST I am using php 5.2.17 on the server. Do you have any idea to help my fix that issue? Thanks!

Read the article
Routing traffic to another internal network

- by Jason

OK, so here is the scenario. I have 4 Locations connected with an MPLS. I have installed an ASA at the primary location which is 10.20.1.0. Traffic is fine internally and to the world, however... I can't route traffic over the MPLS to another network. It is being blocked by an implicit deny rule even though there is a rule to allow any to any less secure interface (it should be using the same interface in/out, right?). I have a static route for the network in and the ASA can ping it - Just not traffic on the internal network of the ASA. -Jason

Read the article
iphone: how to do Page turning

- by srnm12

hi frnds, I am facing the problem from a month and didn't find anything from google.. I am using UIView for pdf display. there is no problem with pdf but problem is with transition. I have to turn each page of pdf with realistic page turn exp. I search, dig a lot about that but i didn't get anything that how to do that. I don't want to use any API'S like codeflake or any other. all i want to do this by my own programming. First i read that this can be done using cocos2d or CAAnimation but i want to know how? b'coz realistic page i think so is completely 3d concept. Let me know guys how to do thay?? here's the example video: http://www.youtube.com/watch?v=oknMWvRO2XE I want animation just like in video....

Read the article
Allow and restrict remote sql server access

- by Michel

Hi, I want to expose my sql server instance via the internet. I've been programming asp.net to sql server for a long time, but for the first time i'm hosting the sql server myself instead of the clients server. So what i want to do is move my sql server from my dev machine at home to a virtual server (yet to hire). But of course i don't want anyone to just enter my sql server but just a few persons. So what i was thinking was to allow only a few ip addresses to the sql server instance. Can anyone tell me how i can expose my sql server to the internet and limit the access to the instance to only a few ip addresses? And ehm, if you know even better ways to secure it, i'd be happy, because this is the first time for me :) Michel

Read the article
Firefox: This connection is untrusted + Behind corporate firewall

- by espais

I've seen some similar issues strewn throughout Google's results about this, but none seem to be corporate-specific. I continually get the 'This connection is untrusted' screen every time I attempt to log into a secure site...for instance Gmail. This is pretty annoying as sometimes I have to go through the process of adding the exception two or three times before it finally lets me into Gmail. I am behind a corporate firewall, going through an internal proxy server to get to the Internet, so there is no possibility for me to update the firewall...etc. Does anybody know a way around this? Can it simply be disabled (and is that safe)? EDIT I'm going to reopen this question with a bit of new information. I have been using Google Chrome lately until today, and one thing that I noticed was that I never had this issue when using either Chrome or Internet Explorer. Is there something that these other browsers do that I need to manually do in FF?

Read the article
Slow git clone and fetch

- by EtienneT

I setuped gitosis on a linux server following this tutorial: http://scie.nti.st/2007/11/14/hosting-git-repositories-the-easy-and-secure-way We are using git on our windows machines with TortoiseGit and msysgit. Pushing changes to the server is pretty fast, but when we want to clone or fetch changes from the remote server, it begins really fast (800k/s) and then drop pretty fast to around 3 to 30k/s and it can take forever to update. git-pull for small update is fast, but as soon as we have to download something of more than a few MB, it is slow. We are switching from SVN to git and this is holding us back from using git full time. Thanks!

Read the article
Simple, user friendly and strong file encryption in Windows

- by Adam Matan

I want a colleague of mine to send me a sensitive MS-Word document via e-mail. Since Word's encryption is questionable, I would like to encrypt the file using a passphrase. Do you know of any user-friendly encryption tool that a novice user can easily use? I wouldn't like to prompt for keys or anything like this - just provide simple interface for single file encryption. EDIT: I have solved this using Putty Secure Copy, through a Linux box I have somewhere. The user downloaded scp to the same directory where the file was, and I have send him the exact scp command by mail. Nice! Another Edit I have some additions (mainly the usage of winscp and perhaps virtual machines). My detailed answer appears below, as requested in comments.

Read the article

< Previous Page | 170 171 172 173 174 175 176 177 178 179 180 181 | Next Page >