Search Results

Search found 8253 results on 331 pages for 'secure coding'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 21/331 | < Previous Page | 17 18 19 20 21 22 23 24 25 26 27 28  | Next Page >

  • testing ssl cert for smtps => "secure connection could not be established with this website"

    - by cc young
    testing ssl cert on server using a web service. https, imaps and pop3s all check, but smtps yields the message "we advise you not to submit any confidential or personal data to this website because a secure connection could not be established with this website." running postfix tls logging: connect from s097.networking4all.com[213.249.64.242] lost connection after UNKNOWN from s097.networking4all.com[213.249.64.242] disconnect from s097.networking4all.com[213.249.64.242] these work correctly: telnet mydomain.net 587 openssl s_client -starttls smtp -crlf -connect mydomain.net:587 but cannot get email using ssl to log into either 587 or 564 - get same "UNKNOWN" problem. email smtp w/o ssh works fine. the test site is http://www.networking4all.com/en/support/tools/site+check/

    Read the article

  • Afraid computer is not secure

    - by Michael James
    I have recently implemented LastPass as a secure password manager. When I changed the password for my email address an associated account ([email protected]) that i had never seen before came up in association with my account. It asked me if i wanted to change password for my account and the "smithfaketester" account I used Google to try and find out what is going on, but came up empty. I am afraid my computer is bot net-ed. Any input is greatly appreciated. I have used google to search for reasons why this fake account was coming up but I did not find any meaningful info.

    Read the article

  • Secure copy in Linux

    - by Michael
    Hi all, I wanna simpy exchange 3 directories to a collegue's home directory (I dont have write access to that one) from my home directory, probably using secure copy if possible. I am not good with Linux command line, so I am not sure how to do that and I would very much appreciate it if somebody could help me a bit out with this. I guess it should look something like that scp -r /home/user1/directoy1 /home/user2/directoy1 scp -r /home/user1/directoy2 /home/user2/directoy2 scp -r /home/user1/directoy3 /home/user2/directoy3 Do I need to specify the login name of my collegue so that the files can be copied when he enters his password? Thanks for your help, Michael

    Read the article

  • Microsoft secure downloader not finishing download

    - by Goran_Mandic
    I am downloading Windows 8 RTM using Microsoft's secure downloader provided by my school's DreamSpark account. The OS I'm currently on is Windows 8 preview. Once the download reaches 100%, it restarts to 0%. I open the download path folder, and find the en_windows_8_x64_dvd_915440.sdc file and the en_windows_8_x64_dvd_915440.scd.log file. The log file contains only one line : "Unpacking File: C:\Users\en_windows_8_x64_dvd_915440.sdc" I was unable to unpack the file using 3rd party software, and there seems to be no official software made for unpacking this type of file. What can I do to avoid downloading the OS illegally, even though I have my own product key?

    Read the article

  • Secure against c99 and similar shells

    - by Amit Sonnenschein
    I'm trying to secure my server as much as i can without limiting my options, so as a first step i've prevented dangerous functions with php disable_functions = "apache_child_terminate, apache_setenv, define_syslog_variables, escapeshellarg, escapeshellcmd, eval, exec, fp, fput, ftp_connect, ftp_exec, ftp_get, ftp_login, ftp_nb_fput, ftp_put, ftp_raw, ftp_rawlist, highlight_file, ini_alter, ini_get_all, ini_restore, inject_code, mysql_pconnect, openlog, passthru, php_uname, phpAds_remoteInfo, phpAds_XmlRpc, phpAds_xmlrpcDecode, phpAds_xmlrpcEncode, popen, posix_getpwuid, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, posix_setuid, posix_uname, proc_close, proc_get_status, proc_nice, proc_open, proc_terminate, shell_exec, syslog, system, xmlrpc_entity_decode" but i'm still fighting directory travel, i can't seems to be able to limit it, by using a shell script like c99 i can travel from my /home/dir to anywhere on the disc. how can i limit it once and for all ?

    Read the article

  • Most secure way to have IPtables auto-loaded using Debian / Linux

    - by networkIT
    I'd like to know the safest way to load iptables using Debian. Of course, I can use a script that uses iptables-restore : #!/bin/sh iptables-restore < /etc/firewall.conf but : 1) where is the safest place to have it loaded ? /etc/network/if-up.d ? I'm concerned about the script being loaded early enough at boot time, and reliably enough when plugging/unplugging interfaces ... 2) is this script method using iptables-restore the most secure way ? 3) additionnally, how much does the answer validity stretch to other Linux distros ( Ubuntu, Fedora, CentOS ) ? Thanks ^^

    Read the article

  • How secure is cloud computing?

    - by Rhubarb
    By secure, I don't mean the machines itself and access to it from the network. I mean, and I suppose this could be applied to any kind of hosting service, when you put all your intellectual property onto a hosted provider, what happens to the hard disks as they cycle through them? Say I've invested million into my software, and the information and data that I have is valuable, how can I be sure it isn't read off old disks as they're recycled? Is there some kind of standard to look for that ensures a provider is going to use the strictest form of intellectual property protection? Is SAS70 applicable here?

    Read the article

  • How to make a secure MongoDB server?

    - by Earlz
    Hello, I'm wanting my website to use MongoDB as it's datastore. I've used MongoDB in my development environment with no worries, but I'm worried about security with a public server. My server is a VPS running Arch Linux. The web application will also be running on it, so it only needs to accept connections from localhost. And no other users(by ssh or otherwise) will have direct access to my server. What should I do to secure my instance of MongoDB?

    Read the article

  • Mail Secure & Stable Open Source Mail Server

    - by Fanar ALHAYALI
    I have asked question on http://stackoverflow.com/questions/9868426/i-need-to-know-which-email-server-i-have-to-use and someone tell me my question would be better on serverfault. I know that this is a common question and asked many times. but there are so many available mail servers that i am not able to decide the one. Kindly tell that which is the Secure, Stable and fast open source mail server for Centos or Redhat Server. Is there any guide which can be used to deploy the mail server with all its components e.g. smtp, pop3, imap, spam, calender server, antivirus, DNS Setting. Currently I'm using sun messaging V6 which installed on Solaris 10 and my boss ask me to make a report for the best mail server today in the marketing? I tried to have a look on Google but I couldn't find interesting information for my report. Any advice would be appreciated.

    Read the article

  • How to secure a new server OS installation

    - by Pat R Ellery
    I bought (and just received) a new 1u dell poweredge 860 (got it on ebay for $35). I finished installing Ubuntu Server (Ubuntu Server 12.04.3 LTS), install apache/mariadb/memcache/php5 works great but I am scared about security. so far I am the only one using the server but eventually more people (friends, friends of friends) will use this server, use ssh etc... I want to know what can I do to secure all the information and not get hacked, both from the web or ssh or ddos and any other attack possible. Does Ubuntu Server does it for you right away? or I have to fix it my self? Thank you EDIT: I installed (so far): All dev tools ssh server LAMP I didn't install: Graphical interface

    Read the article

  • Zentyal Server : Setting up secure VPN Client

    - by JustShrey
    I have officially exhausted pretty much all my google-fu trying to set this up so I'm asking my question here. For the record, I am a mid level rookie who has played around with servers in his spare time but have never worked with Zentyal Server. Now, I have been able to set up the server as a gateway, with one Network card being external and the other facing the internal Network. The Internal network computers are able to access the internet without any issues. What I need to do is to setup a open-vpn client on the central server so that all Internet data goes though the secure VPN session. As far as I can see, I can't set up the vpn session through the web admin page. Could somebody point me in the right direction? How would I go about doing this? Regards Shreyas

    Read the article

  • Python coding test problem for interviews

    - by Kal
    I'm trying to come up with a good coding problem to ask interview candidates to solve with Python. They'll have an hour to work on the problem, with an IDE and access to documentation (we don't care what people have memorized). I'm not looking for a tough algorithmic problem - there are other sections of the interview where we do that kind of thing. The point of this section is to sit and watch them actually write code. So it should be something that makes them use just the data structures which are the everyday tools of the application developer - lists, hashtables (dictionaries in Python), etc, to solve a quasi-realistic task. They shouldn't be blocked completely if they can't think of something really clever. We have a problem which we use for Java coding tests, which involves reading a file and doing a little processing on the contents. It works well with candidates who are familiar with Java (or even C++). But we're running into a number of candidates who just don't know Java or C++ or C# or anything like that, but do know Python or Ruby. Which shouldn't exclude them, but leaves us with a dilemma: On the one hand, we don't learn much from watching someone struggle with the basics of a totally unfamiliar language. On the other hand, the problem we use for Java turns out to be pretty trivial in Python (or Ruby, etc) - anyone halfway competent can do it in 15 minutes. So, I'm trying to come up with something better. Surprisingly, Google doesn't show me anyone doing something like this, unless I'm just too dumb to enter the obvious search term. The best idea I've come up with involves scheduling workers to time slots, but it's maybe a little too open-ended. Have you run into a good example? Or a bad one? Or do you just have an idea?

    Read the article

  • php mailer char-coding problem

    - by Holian
    Hello! I try to use Phpmailer to send registration, activation..etc mail to users... require("class.phpmailer.php"); $mail -> charSet = "UTF-8"; $mail = new PHPMailer(); $mail->IsSMTP(); $mail->Host = "smtp.mydomain.org"; $mail->From = "[email protected]"; $mail->SMTPAuth = true; $mail->Username ="username"; $mail->Password="passw"; //$mail->FromName = $header; $mail->FromName = mb_convert_encoding($header, "UTF-8", "auto"); $mail->AddAddress($emladd); $mail->AddAddress("[email protected]"); $mail->AddBCC('[email protected]', 'firstadd'); $mail->Subject = $sub; $mail->Body = $message; $mail->WordWrap = 50; if(!$mail->Send()) { echo 'Message was not sent.'; echo 'Mailer error: ' . $mail->ErrorInfo; } The $message is contain latin characters. Unfortunatelly all webmail (gmail, webmail.mydomain.org, emailaddress.domain.xx) use different coding. How can i force to use UTF-8 coding to show my mail exactly same on all mailbox? I try to convert the mail header width mb_convert_encoding(), but with no luck. Thank you.

    Read the article

  • Evaluating creation of GUI via file vs coding

    - by nevets1219
    I'm working on a utility that will be used to test the project I'm currently working on. What the utility will do is allow user to provide various inputs and it will sends out requests and provide the response as output. However, at this point the exact format (which input is required and what is optional) has yet to be fleshed out. In addition, coding in Swing is somewhat repetitive since the overall work is simple though this should be the safest route to go as I have more or less full control and every component can be tweaked as I want. I'm considering using a configuration file that's in XML to describe the GUI (at least one part of it) and then coding the event handling part (in addition to validation, etc). The GUI itself shouldn't be too complicated. For each type of request to make there's a tab for the request and within each tab are various inputs. There seems to be quite a few questions about this already but I'm not asking for a 3rd party library to do this. I'm looking to do this myself, since I don't think it'll be too overly complicated (hopefully). My main consideration for using this is re-usability (later on, for other projects) and for simplifying the GUI work. My question is: are there other pros/cons that I'm overlooking? Is it worth the (unknown) time to do this? I've built GUI in VB.NET and with Flex3 before.

    Read the article

  • Creating a secure SQL Server 2008 database environment

    - by user279521
    I am in the process of setting up a corporate SQL Server 2008 database. The data on this machine will be related to financial services. There will be low level traffic (not like your average investment broker's website). However, a secure data environment is very crucial. What would I need to know / do in order to ensure that I have a secure database?

    Read the article

  • Django and Secure iCalendar Feed

    - by agoessling
    I would like to create a secure iCalendar Feed with Django. I currently have a feed working using vobject, but it is accesable to the public. Is there a way to secure a iCalendar feed used by iCal, Google Calendar, and Outlook?

    Read the article

  • How secure is WCF wsHttpBinding's Windows authentication?

    - by Akash Kava
    I have created WCF and I have used wsHttpBinding and MTOM as message transport with authentcation as "Windows". Now my service is not current SECURE, its plain HTTP, running on custom port. Is Windows Authentication of WCF's wsHttpBinding secure? can anyone see the password or guess through network trace? Thank you, - Akash

    Read the article

  • Is a https query string secure?

    - by Mark
    I am creating a secure web based API that uses HTTPS however if I allow the users to configure it (include sending password) using a query string will this also be secure or should I force it to be done via a POST?

    Read the article

  • Recommendations for secure business collaboration tools

    - by Michael Prescott
    I'm searching for a secure and easy way for business partners to collaboratively edit and exchange documents, share calendars, create schedules, and assign tasks. I speculate that the ideal collaboration environment or work-flow would actually involve several technologies and services. My co-workers and I have tried a variety of things from Google Apps to Wiki's, but nothing feels very fluid or complete. I suppose defining what we need and our constraints is probably in order: collaboratively edit basic text documents and spreadsheets exchange documents like flow-charts, graphs, and files generated by our other desktop applications, but not source code assign tasks to each other and ourselves and track the history of those tasks easily see when relevant documents have been modified since last viewing and ability to easily push notifications to relevant workers (a clean front page that shows updates would probably suffice) provide limited access to contract workers and guests users if a remote user system is compromised (keystroke logger or other spyware) we don't want the criminal to be able to gain access to all business documents (processes, trade-secrets, customer lists, etc.) simply because they gained access to a single Google account (or whatever web service) Cannot be a difficult to administer VPN infrastructure Cannot cost more than $100 per month (yeah, money is tight) Needs to support up to 25 users We can host our own web applications, but it must be low maintenance solution

    Read the article

  • DMG mounting warning message says "it may make computer less secure or cause other problems"

    - by Cawas
    When I try to open a DMG file I get this: I'll just transcript the image: There may be a problem with this disk image. Are you sure you want to open it? Opening this disk image may make your computer less secure or cause other problems. What does that mean in fact? What's really wrong with it, and what kind of problem can it cause just by mounting? Someone said: When you download a file in Leopard (and Snow Leopard), it's marked as a quarantined file. This occurs by the OS adding an attribute to the file, tagging where it came from (such as "downloaded by Safari"). This is what causes the user to see prompts when running files that were downloaded from the Internet, you may remember being asked to confirm you'd like to launch program XXX downloaded by Safari on XXX date. As a new part of Snow Leopard, files which are tagged with the quarantine attribute also have integrity checked by fsck, and if that verify fails you will see the message you described, triggered by an unused node in the disc image. But really, I didn't get that. What's quarantine? I've just downloaded a file here on SL, tried to open, and got that warning. Apple have a say about quarantine files, and they seem to work the same on Leopards. Plus I have got that file using Google Chrome while that feature seems to work just with Safari.

    Read the article

  • Debian DNSSEC - howto secure a domain?

    - by Daniel Marschall
    I have a beginner question about DNSSEC. I have much experience with TLS and cryptography-stuff and would like to try out this new technology. I have googled very much about this but I haven't found useful information for me. I think one confusion in information gathering is that "Debian howto DNSSEC setup" can mean "How to USE DNSSEC for resolving" OR "How to secure your domain with DNSSEC". I am searching the second. I am running a Debian Squeeze server with root privileges which has a domain name ending with ".de" (which is already signed by the root zone). The network interface at this server uses the gateway IP (DNS resolver?) of the datacentre the server is running on. My domain is hosted at freedns.afraid.org , where I can add DNS RRs for my domain. They are currently NOT capable of adding DNSSEC RRs, but I am bugging them to support this soon. ;-) My simple question is: How do I setup DNSSEC on Debian? Resp. who have I ask to? As far as I understand, all I have to do is to run dnssec-keygen on my Debian server and then add the key to my DNS-provider as DNSSEC RR. (And change it every 30 days?) I have looked at this http://www.isc.org/files/DNSSEC_in_6_minutes.pdf but it looks like you have to be the owner of a ZONE, so I don't think this applies to me. Who needs to sign my domain? My DNS-provider or my zone (DeNIC) or can I do it myself? Any help is very appreciated!

    Read the article

  • Is browser based wireless authentication secure?

    - by johnnyb10
    Our wireless network previously used a preshared WPA/WPA2 key for guest access, which allows them access to the Internet. (Our employee access uses 802.1x authentication). We just had a wireless consultant come in to fix various wireless issues we had; one of the things he wound up doing was changing our guest access to HTML-based instead of the preshared key. So now that guest SSID is open (instead of using WPA) and users are presented with a browser-based login screen before they can get on the Internet. My question is: Is this an acceptable method from a security standpoint? I would assume that having an open network is necessarily a bad idea, but the consultant said that the traffic is still using PEAP, so it's secure. I didn't get a chance to question him further on this because we ran late and a bunch of other things came up. Please let me know what you think about the advantages/disadvantages of using HTML-based wireless authentication as opposed to using a preshared WPA key. Thanks...

    Read the article

  • Are my iptables secure?

    - by Patricia
    I have this in my rc.local on my new Ubuntu server: iptables -F iptables -A INPUT -i eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --dport 9418 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -i eth0 -p tcp --sport 9418 -m state --state ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --dport 5000 -m state --state NEW,ESTABLISHED -j ACCEPT # Heroku iptables -A INPUT -i eth0 -p tcp --sport 5000 -m state --state ESTABLISHED -j ACCEPT # Heroku iptables -A INPUT -p udp -s 74.207.242.5/32 --source-port 53 -d 0/0 --destination-port 1024:65535 -j ACCEPT iptables -A INPUT -p udp -s 74.207.241.5/32 --source-port 53 -d 0/0 --destination-port 1024:65535 -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -i eth0 -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT iptables -P INPUT DROP iptables -P FORWARD DROP 9418 is Git's port. 5000 is a port used to manage Heroku apps. And 74.207.242.5 and 74.207.241.5 are our DNS servers. Do you think that this is secure? Can you see any holes here? Update: Why is it important to block OUTPUT? This machine will be used only by me.

    Read the article

  • Secure data from a server to a workstation using jumper hosts

    - by apalsson
    Hello. I have a WWW-server, my problem is that the content is sensitive and should not be accessible for people without proper credentials. How can I improve the ease of use but still maintain security following scenario; The Server is accessed through a "jumper host", i.e. the client connects to the jumper using VPN-connection and uses RemoteDesktop to access the jumper. From the jumper he uses RemoteDesktop again to access the Server. Finally on the Server the user can access content using a WWW-browser. All the way from the VPN-client to the WWW-browser requires authentication using a SmartCard-token. This seems quite secure to me. Content only gets mirrored on the RemoteDesktop between Server and jumper, no cached files to worry about. Connection between jumper and client is protected using VPN(ssl), so no eavesdropping. But it is quite cumbersome for the clients with many steps and connections to open. :( So, how can I improve the user experience accessing my server without compromising security? Thanks.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 17 18 19 20 21 22 23 24 25 26 27 28  | Next Page >