Search Results

Search found 59864 results on 2395 pages for 'application security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 177/2395 | < Previous Page | 173 174 175 176 177 178 179 180 181 182 183 184  | Next Page >

  • Why would you use EAP-TTLS instead of PEAP?

    - by Ivan Macek
    As I understood EAP-TTLS and PEAP share same level of security when implemented in wireless networks. Both only provide server side authentication via certificate. The drawback of EAP-TTLS can be non native support in Microsoft Windows so every user has to install additional software. The benefit of EAP-TTLS can be support for less secure authentication mechanisms (PAP, CHAP, MS-CHAP) but why would you need them in modern and properly secure wireless system? What are you opinions? Why should I implement EAP-TTLS instead of PEAP? Let's say that I have most Windows users, medium Linux users and least iOS, OSX users.

    Read the article

  • Inspecting the model in a Rails application

    - by Matt Sherman
    I am learning some Ruby on Rails, and am a newbie. Most of my background is in ASP.net MVC on the back end. As I play with a basic scaffold project, I wonder about this case: you jump into an established Rails project and want to get to know the model. Based on what I have seen so far (again, simple scaffold), the properties for a given class are not immediately revealed. I don't see property accessors on the model classes. I do understand that this is because of the dynamic nature of Ruby and such things are not necessary or even perhaps desirable. Convention over code, I get that. (Am familiar with dynamic concepts, mostly via JS.) But if I am somewhere off in a view, and want to quickly know whether the (eg) Person object has a MiddleName property, how would I find that out? I don't have to go into the migrations, do I?

    Read the article

  • HTML5 article tag application for the iPad/iPhone

    - by dspencer
    I've used article tags on websites. My understanding and practice is to use the article tag for publication content. I always use HTML/HTML5 tags as their intended purposes and not at will. Recently, I've seen an HTML template that uses the article tag for the non-publication page content such as the content of an About Us page or any other generic page. I asked the why it was used this way and the (vague) explanation was that it had to do with the way the iPad read the tag. Is this true?

    Read the article

  • Do you run anti-virus software?

    - by Paolo Bergantino
    Do you find the crippling effect that most anti virus software has on a computer's performance worth the "security" they provide? I've never been able to really tell myself its worth it, and have used my computer without "protection" for years without any problems. Jeff Atwood wrote about this a while back, taking a similar stance. So I'm looking for some discussion on the merits and downfalls of antivirus software, and whether you personally think its worth the hassle. One point I do think is valid is that I am probably okay with not running it because I know if something goes wrong I have the ability to make it right (most of the time) but I can't really recommend the same for family as they may not be able to...

    Read the article

  • How to manage security of these self hosted web apis, to ensure that the request coming for accessing data is authenticated?

    - by Husrat Mehmood
    Let's pretend I am going to work on an enterprise application. Say I have 11 modules in the application and I would have to develop Dashboards for every role in the organization for whom I are going to develop application. We Decided to use Asp.Net Web Api and return json data from our apis. We are going to include 11 Self hosted web apis projects in our application (one self hosted web api) for every module. All 11 modules are connected to one Sql server 2012 Database. Then once api is ready we would have to create Business Dashboards (Based upon roles in Organization). So Now my web api client is Asp.Net Mvc application.Asp.Net mvc will consume those web apis. Here is the part for whom all explanation is done. How should I manage Security of all 11 self hosted web apis? How should I only authenticated request is coming? If I authenticate user by login and password and then redirect user to appropriate Dashboard designed for the role that user have and load data by consuming web apis. How should I ensure that the request coming for accessing data is authenticated?

    Read the article

  • Deploying ASP.Net MVC 4 application to IIS 6 - Bundles are not working

    - by ShaneC
    We have a ASP.Net MVC 4 application we are trying to deploy to a Windows 2003 machine running IIS 6. We have it running on a separate app pool and it is setup to use asp.net 4.0. We have a Wildcard application mapping to aspnet_isapi.dll which was required to get the page to appear. The problem we've ran into now is that the bundling which is part of asp.net mvc 4 isn't working. When you try to follow the /js?v=ASDfljkFSDlkjDSF link you get a 404 returned to you. We know it uses extensionless urls but these should be handled by the Wildcard application mapping if I'm not mistaken? Has anyone got this working or have any ideas?

    Read the article

  • Which one is better offline method for large scale application

    - by Manish Pansiniya
    We've a big data management website used by several property. Some of our customers have downtime (they can't access net for an hour or two). We want our site to support offline data viewing and inventory management (typical data search and add/remove) and when the user goes online we can sync the changes back to our central database. Customers use several platforms like Windows, iOS, etc. We've been looking into several different options, here are the major choices - Develop offline web app supported in HTML5. Develop a 'fallback' mechanism and interact with data from the app cache as explained in here (http://www.htmlgoodies.com/html5/tutorials/introduction-to-offline-web- applications-using-) Develop a desktop based cross platform solution. I remember the old MONO which has been popular. Here's a post (What do you suggest for cross platform apps, including web cross-platform-apps-including-web) and another one (Technology choice for cross platform development (desktop and phone)? platform-development-desktop-and-phone?rq=1) I realize the the desktop solution might be hard to maintain and result in some compatibility issues and demand test environments. Can HTML5 handle moderate to high level complexity and data flow? Or would it be better to rely on a desktop based app for better scalability & performance?

    Read the article

  • Knowing so much but application is a problem?

    - by Moaz ELdeen
    In my work, my friends always tell me, you know so much about computer science, electronics engineering,..etc. But I have difficulty in applying them and my code is crap. How to solve that problem? Will I be better or programming isn't my career? For example, yes I know OCTree that is used for space partitioning in games and it is used for optimization, did I implement it? No, but I know about it in principle.. Do I know algorithms like Sorting, Searching,..etc? Yes, and I know them pretty well, but didn't implement them.. When I get a task, I struggle in applying the things that I know...

    Read the article

  • Application qos involving priority and bandwidth

    - by Steve Peng
    Our manager wants us to do applicaiton qos which is quite different from the well-known system qos. We have many services of three types, they have priorites, the manager wants to suspend low priority services requests when there are not enough bandwidth for high priority services. But if the high priority services requests decrease, the bandwidth for low priority services should increase and low priority service requests are allowed again. There should be an algorithm involving priority and bandwidth. I don't know how to design the algorithm, is there any example on the internet? Somebody can give suggestion? Thanks. UPDATE All these services are within a same process. We are setting the maximum bandwidth for the three types of services via ports of services via TC (TC is the linux qos tool whose name means traffic control).

    Read the article

  • How to make sure Windows PC is reasonably secure?

    - by Coder
    I'm not much of a network and network security expert, but I need to add an existing Windows PC to a network with always on connection. The problem is, I have no idea if the PC is really clean, and, actually, no knowledge to check it. I scanned the PC with Process Explorer to verify if all running processes are signed, ran an AVG scan, but this is where my knowledge ends. IIRC, there can be bad code attached to svchost or something, bad drivers, and so on, but I have no idea how to check all those things. Reformatting the PC is unfeasible as of now. Are there any suggestions on what I could do?

    Read the article

  • .htaccess redirect - Is it secure?

    - by thecrandallster
    This works; I'm not having trouble, but I want to be certain that this is bulletproof. I came up with a neat little .htaccess redirect, but I am not sure if it is secure; do you know? <IfModule mod_rewrite.c     RewriteEngine On     RewriteRule ^goto/([a-z]+)/?$ /$1/ [R] </IfModule I think as long as the server is configured correctly and the files handle authentication autonomously, then it shouldn't be a security issue. Also, being that the rewrite rule only works with characters a-z and one slash I doubt they could jump around directories by injecting stuff into the URL I think...

    Read the article

  • Securing RDP access to Windows Server 2008 R2: is Network Level Authentication enough?

    - by jamesfm
    I am a dev with little admin expertise, administering a single dedicated web server remotely. A recent independent security audit of our site recommended that "RDP is not exposed to the Internet and that a robust management solution such as a VPN is considered for remote access. When used, RDP should be configured for Server Authentication to ensure that clients cannot be subjected to man-in-the-middle attacks." Having read around a bit, it seems like Network Level Authentication is a Good Thing so I have enabled the "Allow connections only from Remote Desktop with NLA" option on the server today. Is this acion enough to mitigate the risk of a Man-in-the-Middle attack? Or are there other essential steps I should be taking? If VPN is essential, how do I go about it?

    Read the article

  • What is AddType application/x-httpd-php-source

    - by egor
    I have the apache2.0, PHP5.2.4 and the directive in the httpd.conf: AddType application/x-httpd-php-source .php .php3 .php4 .php5 .php6 AddType directive is used to maps the given filename extensions onto the specified content type. This is the only meaning of this directive. But why does this method switch off PHP handler, that assigned .php extensions, and I can view source code of scripts in my browser? And another: AddType application/x-httpd-php5 .php Why does this method switch on PHP handler? This simply must send header "Content-Type: application/x-httpd-php5" to my browser and this must be only meaning of directive AddType from mod_mime. I'm confused. Thanks for your replies.

    Read the article

  • Why does mod_security require an ACCEPT HTTP header field?

    - by ripper234
    After some debugging, I found that the core ruleset of mod_security blocks requests that don't have the (optional!) ACCEPT header field. This is what I find in the logs: ModSecurity: Warning. Match of "rx ^OPTIONS$" against "REQUEST_METHOD" required. [file "/etc/apache2/conf.d/modsecurity/modsecurity_crs_21_protocol_anomalies.conf"] [line "41"] [id "960015"] [msg "Request Missing an Accept Header"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/MISSING_HEADER"] [hostname "example.com"] [uri "/"] [unique_id "T4F5@H8AAQEAAFU6aPEAAAAL"] ModSecurity: Access denied with code 400 (phase 2). Match of "rx ^OPTIONS$" against "REQUEST_METHOD" required. [file "/etc/apache2/conf.d/modsecurity/optional_rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "41"] [id "960015"] [msg "Request Missing an Accept Header"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/MISSING_HEADER"] [hostname "example.com"] [uri "/"] [unique_id "T4F5@H8AAQEAAFU6aPEAAAAL"] Why is this header required? I understand that "most" clients send these, but why is their absence considered a security threat?

    Read the article

  • Is your company successfully applying Application Lifecycle Management?

    - by Eric Nelson
    Two separate emails arrived in my Inbox. Email #1: The results of  detailed survey of UK ISVs which we had commissioned – what makes them tick etc. In that survey it stated “76% of ISVs do not use any ALM tools”. It also stated that of those that did, most only did the basics. I#m not surprised … but I am disappointed. Email #2: The wonderful Black Marble have gone all Xmasy and are offering Visual Studio ALM health checks with chances to win an Xbox 360 + Kinect each week of Dec. It therefore seemed obvious to me that I should do my little bit to address an obvious issue from Email #1 with an obvious solution from email #2. Check out 5 Great Reasons to get an ALM health check  and then to find out more, call 01274 300175 or visit http://www.blackmarble.com/XBoxElfCheck

    Read the article

  • McAfee VirusScan Enterprise or avast! Free?

    - by Pieter
    I currently have McAfee VirusScan Enterprise on my computer. This was preinstalled on my PC. (My university did a bulk laptop purchase so I got a sweet deal on my laptop. McAfee was one of the extras that were included.) Apparently, it's getting bad ratings from sites such as Virus Bulletin and AV-Test. Am I better off with avast's free antivirus? Is it worth considering avast! Internet Security? I currently have a three-year license for VirusScan Enterprise. I keep my software up to date using Secunia PSI and I don't click on any suspicious links.

    Read the article

  • Hacking prevention, forensics, auditing and counter measures.

    - by tmow
    Recently (but it is also a recurrent question) we saw 3 interesting threads about hacking and security: My server's been hacked EMERGENCY. Finding how a hacked server was hacked File permissions question The last one isn't directly related, but it highlights how easy it is to mess up with a web server administration. As there are several things, that can be done, before something bad happens, I'd like to have your suggestions in terms of good practices to limit backside effects of an attack and how to react in the sad case will happen. It's not just a matter of securing the server and the code but also of auditing, logging and counter measures. Do you have any good practices list or do you prefer to rely on software or on experts that continuously analyze your web server(s) (or nothing at all)? If yes, can you share your list and your ideas/opinions?

    Read the article

  • Enable file download via redirect in IE7

    - by Christian W
    Our application enables our customers to download files to their computer. The way I have implemented it is using asp.net with a dropdown. When the user clicks the dropdown they get the choice of "PDF","Powerpoint", and a couple of other choices depending on circumstances. Then, in postback depending on the choice the user made, it will return a file (changing the content-header and such and then bitbanging a file to the user). This works perfectly in all browsers, but IE7 complains that this is a security risk and blocks the download. Is there any way for the users to authorize downloads from our webapplication?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 173 174 175 176 177 178 179 180 181 182 183 184  | Next Page >