Search Results

Search found 25503 results on 1021 pages for 'browser security'.

Page 21/1021 | < Previous Page | 17 18 19 20 21 22 23 24 25 26 27 28  | Next Page >

  • SARA Security Auditor Alternative

    - by bradlis7
    I have attempted to install and run Sara, but it seems that the software is broken. I could get it to run on 127.0.0.1, but it seems that no network packets ever leave the current computer that it is installed on. It tests for known security holes in a network. It was based on an older software SATAN. Is there another free alternative to this program? I did not see anything listed in this thread.

    Read the article

  • Basic security practices for desktop Ubuntu

    - by Daisetsu
    Most of us know the basic security practices on Windows: use a limited account set a password disable unused services uninstall bloatware Antivirus / Antimalware etc. I haven't ran linux as my main desktop computer before, so I don't know how to properly secure it. I have heard linux is supposed to be more secure than Windows, but I know that the default settings of anything are rarely secure. What are some things I should do as a new Linux user to secure my desktop system from attack?

    Read the article

  • Why do browsers have so many possible exploits?

    - by Beau Martínez
    When browsing I am ocassionally given warnings about pages that host malware "that could damage my computer". I am seriously perplexed as to why, in 2010, browsers still have possible exploits and can be cracked. My question is "Why?". I'm assuming it's because of the quick development that occured in the browser wars which were unsufficiently tested, but I'm unsure. Surely WebKit would have patched all the issues in KHTML, or Gecko sorted out the flaws in Netscape's engine, and the IE coders sorted through their codebase to eliminate possible flaws? (Somewhat related: http://superuser.com/questions/117770/which-browser-is-the-most-secure-research-and-practically-based.)

    Read the article

  • How to add security zone information to files?

    - by user33938
    I recently enabled "Do not preserve zone information in file attachments", to get rid that annoying "Do you want to run this program" security warning. Now, how can I add this information to a file that doesn't have it? I would like to get that warning back on certain files.

    Read the article

  • "Hostile" network in the company - please comment on a security setup

    - by TomTom
    I have a little specific problem here that I want (need) to solve in a satisfactory way. My company has multiple (IPv4) networks that are controlled by our router sitting in the middle. Typical smaller shop setup. There is now one additional network that has an IP Range OUTSIDE of our control, connected to the internet with another router OUTSIDE of our control. Call it a project network that is part of another companies network and combined via VPN they set up. This means: They control the router that is used for this network and They can reconfigure things so that they can access the machines in this network. The network is physically split on our end through some VLAN capable switches as it covers three locations. At one end there is the router the other company controls. I Need / want to give the machines used in this network access to my company network. In fact, it may be good to make them part of my active directory domain. The people working on those machines are part of my company. BUT - I need to do so without compromising the security of my company network from outside influence. Any sort of router integration using the externally controlled router is out by this idea So, my idea is this: We accept the IPv4 address space and network topology in this network is not under our control. We seek alternatives to integrate those machines into our company network. The 2 concepts I came up with are: Use some sort of VPN - have the machines log into VPN. Thanks to them using modern windows, this could be transparent DirectAccess. This essentially treats the other IP space not different than any restaurant network a laptop of the company goes in. Alternatively - establish IPv6 routing to this ethernet segment. But - and this is a trick - block all IPv6 packets in the switch before they hit the third party controlled router, so that even IF they turn on IPv6 on that thing (not used now, but they could do it) they would get not a single packet. The switch can nicely do that by pulling all IPv6 traffic coming to that port into a separate VLAN (based on ethernet protocol type). Anyone sees a problem with using he switch to isolate the outer from IPv6? Any security hole? It is sad we have to treat this network as hostile - would be a lot easier - but the support personnel there is of "known dubious quality" and the legal side is clear - we can not fulfill our obligations when we integrate them into our company while they are under a jurisdiction we don't have a say in.

    Read the article

  • I need Internet Security software with following properties

    - by Eias.N
    Hello ,, I want to own an Internet Security software , but I prefer that it has following properties : Not a heavy one that killing the machine (Like Norton) . Delete the viruses , and don't keep it after clean it . The most important off all : Has an Offline databases that Can I download and add to program database without connecting to Internet (Not Like KIS 2010) Containing (anti spam -anti Virus - Fire wall - ....... ) So what is in your mind?(Don't tell me AVG I tested it)

    Read the article

  • Mobile security solutions

    - by techzen
    What are the mobile security solutions used by you / your organization. What are the pro's and cons of usage of these solution - and how far have you been successful in implementing these - were there any loopholes / issues faced in using them?. In general, can you suggest a set of guidelines to watch for when going for going for selecting a specific solution in this context.

    Read the article

  • Remove the Microsoft Security Essentials icon

    - by unam3d
    I've been using Microsoft Security Essentials on Windows 7 for sometime now and so far I don't have a bad word to say about it. I would like to permanently remove the MSE icon from the task bar and pop-up box, though I would still like to be informed when it detects a threat, etc.

    Read the article

  • Exposing server uptime a potential security vulnerability?

    - by Edward Mazur
    I run a browser-based game and as part of a page with a bunch of game statistics, I have the server uptime listed. It's currently at 177 days and so someone mentioned to me that I shouldn't do this because a long uptime indicates the kernel is old and therefore missing security updates. This certainly sounds logical, but I searched around and couldn't find any evidence to support it. So I'm just wondering, is this indeed something I should not have exposed?

    Read the article

  • Server Config on Github Security Considerations?

    - by Alan Griffith
    What are the security considerations of having my server configs in a repo on Github with world read-only access. I know to not include /etc/shadow and other password files. I'd like to share any of my good ideas and allow others to contribute, but I don't want to roll out a welcome mat for crackers.

    Read the article

  • Belarc Advisor (Store Passwords using Reversible Encryption)

    - by Steve
    Hi, I'm using Belarc Advisor to examine my PC. Part of BA is a security benchmark summary, which examines components of windows security and provides a benchmark rating. Two items are marked as Fail: - Store Passwords using Reversible Encryption - Password History Size I have opened the Local Security Settings tool from the Control Panel Administrative Tools, and ensured that the "Store passwords using reversible encryption" setting is enabled. Also, I've set the password history to a number. So I'm a bit miffed about the Fail marks. Any idea why the Fail marks appear? Any clues how I can Pass them? Thanks, Steve.

    Read the article

  • Security camera for HQ and remote sites?

    - by Atlas
    We want to install security cams at HQ site and 3 remotes sites. Basically: (1) Each site would have N cams (2) Each site should have DVR locally to record everything. What we want is that HQ to be able to see the live/recorded videos of each remote site and including itself. Preferably HQ would have 1 large screen, and display all cams of itself and remotes sites, say showing it in 32x32 cells. Does such system exists?

    Read the article

  • Limiting database security

    - by Torbal
    A number of texts signify that the most important aspects offered by a DBMS are availability, integrity and secrecy. As part of a homework assignment I have been tasked with mentioning attacks which would affect each aspect. This is what I have come up with - are they any good? Availability - DDOS attack Integrity Secrecy - SQL Injection attack Integrity - Use of trojans to gain access to objects with higher security roles

    Read the article

  • new ActiveXObject('Word.Application') creates new winword.exe process when IE security does not allo

    - by Mark Ott
    We are using MS Word as a spell checker for a few fields on a private company web site, and when IE security settings are correct it works well. (Zone for the site set to Trusted, and trusted zone modified to allow control to run without prompting.) The script we are using creates a word object and closes it afterward. While the object exists, a winword.exe process runs, but it is destroyed when the word object is closed. If our site is not set in the trusted zone (Internet zone with default security level) the call that creates the word object fails as expected, but the winword.exe process is still created. I do not have any way to interact with this process in the script, so the process stays around until the user logs off (users have no way to manually destroy the process, and it wouldn't be a good solution even if they did.) The call that attempts to create the object is... try { oWordApplication = new ActiveXObject('Word.Application'); } catch(error) { // irrelevant code removed, described in comments.. // notify user spell check cannot be used // disable spell check option } So every time the page is loaded this code may be run again, creating yet another orphan winword.exe process. oWordApplication is, of course, undefined in the catch block. I would like to be able to detect the browser security settings beforehand, but I have done some searching on this and do not think that it is possible. Management here is happy with it as it is. As long as IE security is set correctly it works, and it works well for our purposes. (We may eventually look at other options for spell check functionality, but this was quick, inexpensive, and does everything we need it to do.) This last problem bugs me and I'd like to do something about it, but I'm out of ideas and I have other things that are more in need of my attention. Before I put it aside, I thought I'd ask for suggestions here...

    Read the article

  • Multiple Out-of-Browser Applications in One Application

    - by Otaku
    I'm looking at a scenario where I need to create a single "master" Silverlight application and then add "child" applications for an out-of-browser Silverlight application. The scenario is something like this. A user will visit a gameboard web site and choose a game to play. Let's call it Checkers. He likes it, so then he installs the out-of-browser app to his desktop. He then finds Chess, and installs that too. For both games, while played on the site, he has stats (games played, win/loss records, etc.). For each game on the site, he navigates to a different page. But now he wants to play offline and view his stats and other cross-games information. He wants to have a single app to launch to play either game. From his single out-of-browser app, he sees that Go is also available, and he places a checkmark against it to download on his next connection. Does anyone have any experience at developing multiple out-of-browser Silverlight apps that reside within a single master app? What considerations need to be had for this type of design? How would this work in terms of install experience from different web pages?

    Read the article

  • Browser security when calling HTTP assets via a SWF on a HTTPS site

    - by Mark Ursino
    We have a site that runs on HTTPS and needs to pull in various JS assets to run a video player on the page. We get a browser security warning on this page because the JS files we are externally calling are being accessed via HTTP, not HTTPS. E.g. // HTTP reference on a HTTPS site <script src="http://the-cdn.tld/player.js"></script> Simply accessing this one JS assets via HTTP and not HTTPS will cause the browser security warning which we need to get rid of. The provider of the JS file does not support an HTTPS equivalent (like Google Analytics does). We would ideally love to just do the following, but the provider does not have this: // HTTPS reference on a HTTPS site <script src="https://the-cdn.tld/player.js"></script> One option we had was to just download a copy of the JS file and serve it on the HTTPS site, however we have concerns with this as it is not recommended by the provider and will not include updates from them. Assuming we cannot do that, we were thinking a possible other option would be to use a SWF file as a proxy. We were thinking that we could have one of our flash guys create a SWF that loads in the HTTP-served JS file to the page. We were wondering that if this SWF makes the request, would that prevent the browser from showing the security warning or not? I assumed that we would still see the warning since the SWF is still making the request through the browser, but I wanted to see what the hive mind thinks.

    Read the article

  • Browser relative positioning with jQuery and CutyCapt

    - by Acoustic
    I've been using CutyCapt to take screen shots of several web pages with great success. My challenge now is to paint a few dots on those screen shots that represent where a user clicked. CutyCapt goes through a process of resizing the web page to the scroll width before taking a screen shot. That's extremely useful because you only get content and not much (if any) of the page's background. My challenge is trying to map a user's mouse X coordinates to the screen shot. Obviously users have different screen resolutions and have their browser window open to different sizes. The image below shows 3 examples with the same logo. Assume, for example, that the logo is 10 pixels to the left edge of the content area (in red). In each of these cases, and for any resolution, I need a JavaScript routine that will calculate that the logo's X coordinate is 10. Again, the challenge (I think) is differing resolutions. In the center-aligned examples, the logo's position, as measured from the left edge of the browser (in black), differs with changing browser size. The left-aligned example should be simple as the logo never moves as the screen resizes. Can anyone think of a way to calculate the scrollable width of a page? In other words, I'm looking for a JavaScript solution to calculate the minimum width of the browser window before a horizontal scroll bar shows up. Thanks for your help!

    Read the article

  • Fun with "The remote server returned an error: NotFound" - Silverlight4 Out of Browser

    - by Scott Silvi
    Hey all - I'm running SL4 on VS2010. I've got an app that authenticates via a web service to SPROC in my db. Unfortunately this is not WCF/WCF RIA, as I'm inheriting the DB/services from my client. This works perfectly inside of a browser. I'm attempting to move this OOB, and it's at this point that my authentication fails. Here's the steps I took... 1) SL App Properties Enable running app Out of Browser 2) SL App Properties Out of Browser Settings Require elevated trust when running OOB If i set a breakpoint on my logon button click, I see the service call is being made. However, if I step through it (or set a breakpoint on the actual logon web service), the code never gets that far. Here's the block it fails on: public LogonSVC.LogonResponse EndLogon(System.IAsyncResult result) { object[] _args = new object[0]; LogonSVC.LogonResponse _result = ((LogonSVC.LogonResponse)(base.EndInvoke("Logon", _args, result))); return _result; } I know using Elevated Trust means the crossdomain.xml isn't necessary. I dropped one in that allows everything, just to test, and that still fails. here's the code that calls the service: private void loginButton_Click(object sender, RoutedEventArgs e) { string Username = txtUserName.Text; string Password = txtPassword.Password; Uri iSilverlightServiceUriRelative = new Uri(App.Current.Host.Source, "../Services/Logon.asmx"); EndpointAddress iSilverlightServiceEndpoint = new EndpointAddress(iSilverlightServiceUriRelative); BasicHttpBinding iSilverlightServiceBinding = new BasicHttpBinding(BasicHttpSecurityMode.Transport);// Transport if it's HTTPS:// LogonService = new LogonSVC.LogonSoapClient(iSilverlightServiceBinding, iSilverlightServiceEndpoint); LogonService.LogonCompleted += new EventHandler<LogonSVC.LogonCompletedEventArgs>(LogonService_LogonCompleted); LogonService.LogonAsync(Username, Password); } My LogonService_LogonCompleted doesn't fire either (which makes sense, just a heads up). I don't know how to fiddler this, as this is running OOB with the site served via localhost/IIS. I know this works though in browser, so I'm curious what would break it OOB. Thank you, Scott

    Read the article

< Previous Page | 17 18 19 20 21 22 23 24 25 26 27 28  | Next Page >