Search Results

Search found 15415 results on 617 pages for 'security groups'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 212/617 | < Previous Page | 208 209 210 211 212 213 214 215 216 217 218 219  | Next Page >

  • Secure Your Wireless Router: 8 Things You Can Do Right Now

    - by Chris Hoffman
    A security researcher recently discovered a backdoor in many D-Link routers, allowing anyone to access the router without knowing the username or password. This isn’t the first router security issue and won’t be the last. To protect yourself, you should ensure that your router is configured securely. This is about more than just enabling Wi-Fi encryption and not hosting an open Wi-Fi network. Disable Remote Access Routers offer a web interface, allowing you to configure them through a browser. The router runs a web server and makes this web page available when you’re on the router’s local network. However, most routers offer a “remote access” feature that allows you to access this web interface from anywhere in the world. Even if you set a username and password, if you have a D-Link router affected by this vulnerability, anyone would be able to log in without any credentials. If you have remote access disabled, you’d be safe from people remotely accessing your router and tampering with it. To do this, open your router’s web interface and look for the “Remote Access,” “Remote Administration,” or “Remote Management” feature. Ensure it’s disabled — it should be disabled by default on most routers, but it’s good to check. Update the Firmware Like our operating systems, web browsers, and every other piece of software we use, router software isn’t perfect. The router’s firmware — essentially the software running on the router — may have security flaws. Router manufacturers may release firmware updates that fix such security holes, although they quickly discontinue support for most routers and move on to the next models. Unfortunately, most routers don’t have an auto-update feature like Windows and our web browsers do — you have to check your router manufacturer’s website for a firmware update and install it manually via the router’s web interface. Check to be sure your router has the latest available firmware installed. Change Default Login Credentials Many routers have default login credentials that are fairly obvious, such as the password “admin”. If someone gained access to your router’s web interface through some sort of vulnerability or just by logging onto your Wi-Fi network, it would be easy to log in and tamper with the router’s settings. To avoid this, change the router’s password to a non-default password that an attacker couldn’t easily guess. Some routers even allow you to change the username you use to log into your router. Lock Down Wi-Fi Access If someone gains access to your Wi-Fi network, they could attempt to tamper with your router — or just do other bad things like snoop on your local file shares or use your connection to downloaded copyrighted content and get you in trouble. Running an open Wi-Fi network can be dangerous. To prevent this, ensure your router’s Wi-Fi is secure. This is pretty simple: Set it to use WPA2 encryption and use a reasonably secure passphrase. Don’t use the weaker WEP encryption or set an obvious passphrase like “password”. Disable UPnP A variety of UPnP flaws have been found in consumer routers. Tens of millions of consumer routers respond to UPnP requests from the Internet, allowing attackers on the Internet to remotely configure your router. Flash applets in your browser could use UPnP to open ports, making your computer more vulnerable. UPnP is fairly insecure for a variety of reasons. To avoid UPnP-based problems, disable UPnP on your router via its web interface. If you use software that needs ports forwarded — such as a BitTorrent client, game server, or communications program — you’ll have to forward ports on your router without relying on UPnP. Log Out of the Router’s Web Interface When You’re Done Configuring It Cross site scripting (XSS) flaws have been found in some routers. A router with such an XSS flaw could be controlled by a malicious web page, allowing the web page to configure settings while you’re logged in. If your router is using its default username and password, it would be easy for the malicious web page to gain access. Even if you changed your router’s password, it would be theoretically possible for a website to use your logged-in session to access your router and modify its settings. To prevent this, just log out of your router when you’re done configuring it — if you can’t do that, you may want to clear your browser cookies. This isn’t something to be too paranoid about, but logging out of your router when you’re done using it is a quick and easy thing to do. Change the Router’s Local IP Address If you’re really paranoid, you may be able to change your router’s local IP address. For example, if its default address is 192.168.0.1, you could change it to 192.168.0.150. If the router itself were vulnerable and some sort of malicious script in your web browser attempted to exploit a cross site scripting vulnerability, accessing known-vulnerable routers at their local IP address and tampering with them, the attack would fail. This step isn’t completely necessary, especially since it wouldn’t protect against local attackers — if someone were on your network or software was running on your PC, they’d be able to determine your router’s IP address and connect to it. Install Third-Party Firmwares If you’re really worried about security, you could also install a third-party firmware such as DD-WRT or OpenWRT. You won’t find obscure back doors added by the router’s manufacturer in these alternative firmwares. Consumer routers are shaping up to be a perfect storm of security problems — they’re not automatically updated with new security patches, they’re connected directly to the Internet, manufacturers quickly stop supporting them, and many consumer routers seem to be full of bad code that leads to UPnP exploits and easy-to-exploit backdoors. It’s smart to take some basic precautions. Image Credit: Nuscreen on Flickr     

    Read the article

  • Combining Shared Secret and Certificates

    - by Michael Stephenson
    As discussed in the introduction article this walkthrough will explain how you can implement WCF security with the Windows Azure Service Bus to ensure that you can protect your endpoint in the cloud with a shared secret but also combine this with certificates so that you can identify the sender of the message.   Prerequisites As in the previous article before going into the walk through I want to explain a few assumptions about the scenario we are implementing but to keep the article shorter I am not going to walk through all of the steps in how to setup some of this. In the solution we have a simple console application which will represent the client application. There is also the services WCF application which contains the WCF service we will expose via the Windows Azure Service Bus. The WCF Service application in this example was hosted in IIS 7 on Windows 2008 R2 with AppFabric Server installed and configured to auto-start the WCF listening services. I am not going to go through significant detail around the IIS setup because it should not matter in relation to this article however if you want to understand more about how to configure WCF and IIS for such a scenario please refer to the following paper which goes into a lot of detail about how to configure this. The link is: http://tinyurl.com/8s5nwrz   Setting up the Certificates To keep the post and sample simple I am going to use the local computer store for all certificates but this bit is really just the same as setting up certificates for an example where you are using WCF without using Windows Azure Service Bus. In the sample I have included two batch files which you can use to create the sample certificates or remove them. Basically you will end up with: A certificate called PocServerCert in the personal store for the local computer which will be used by the WCF Service component A certificate called PocClientCert in the personal store for the local computer which will be used by the client application A root certificate in the Root store called PocRootCA with its associated revocation list which is the root from which the client and server certificates were created   For the sample Im just using development certificates like you would normally, and you can see exactly how these are configured and placed in the stores from the batch files in the solution using makecert and certmgr.   The Service Component To begin with let's look at the service component and how it can be configured to listen to the service bus using a shared secret but to also accept a username token from the client. In the sample the service component is called Acme.Azure.ServiceBus.Poc.Cert.Services. It has a single service which is the Visual Studio template for a WCF service when you add a new WCF Service Application so we have a service called Service1 with its Echo method. Nothing special so far!.... The next step is to look at the web.config file to see how we have configured the WCF service. In the services section of the WCF configuration you can see I have created my service and I have created a local endpoint which I simply used to do a little bit of diagnostics and to check it was working, but more importantly there is the Windows Azure endpoint which is using the ws2007HttpRelayBinding (note that this should also work just the same if your using netTcpRelayBinding). The key points to note on the above picture are the service behavior called MyServiceBehaviour and the service bus endpoints behavior called MyEndpointBehaviour. We will go into these in more detail later.   The Relay Binding The relay binding for the service has been configured to use the TransportWithMessageCredential security mode. This is the important bit where the transport security really relates to the interaction between the service and listening to the Azure Service Bus and the message credential is where we will use our certificate like we have specified in the message/clientCrentialType attribute. Note also that we have left the relayClientAuthenticationType set to RelayAccessToken. This means that authentication will be made against ACS for accessing the service bus and messages will not be accepted from any sender who has not been authenticated by ACS.   The Endpoint Behaviour In the below picture you can see the endpoint behavior which is configured to use the shared secret client credential for accessing the service bus and also for diagnostic purposes I have included the service registry element.     Hopefully if you are familiar with using Windows Azure Service Bus relay feature the above is very familiar to you and this is a very common setup for this section. There is nothing specific to the username token implementation here. The Service Behaviour Now we come to the bit with most of the certificate stuff in it. When you configure the service behavior I have included the serviceCredentials element and then setup to use the clientCertificate check and also specifying the serviceCertificate with information on how to find the servers certificate in the store.     I have also added a serviceAuthorization section where I will implement my own authorization component to perform additional security checks after the service has validated that the message was signed with a good certificate. I also have the same serviceSecurityAudit configuration to log access to my service. My Authorization Manager The below picture shows you implementation of my authorization manager. WCF will eventually hand off the message to my authorization component before it calls the service code. This is where I can perform some logic to check if the identity is allowed to access resources. In this case I am simple rejecting messages from anyone except the PocClientCertificate.     The Client Now let's take a look at the client side of this solution and how we can configure the client to authenticate against ACS but also send a certificate over to the service component so it can implement additional security checks on-premise. I have a console application and in the program class I want to use the proxy generated with Add Service Reference to send a message via the Azure Service Bus. You can see in my WCF client configuration below I have setup my details for the azure service bus url and am using the ws2007HttpRelayBinding.   Next is my configuration for the relay binding. You can see below I have configured security to use TransportWithMessageCredential so we will flow the token from a certificate with the message and also the RelayAccessToken relayClientAuthenticationType which means the component will validate against ACS before being allowed to access the relay endpoint to send a message.     After the binding we need to configure the endpoint behavior like in the below picture. This contains the normal transportClientEndpointBehaviour to setup the ACS shared secret configuration but we have also configured the clientCertificate to look for the PocClientCert.     Finally below we have the code of the client in the console application which will call the service bus. You can see that we have created our proxy and then made a normal call to a WCF in exactly the normal way but the configuration will jump in and ensure that a token is passed representing the client certificate.     Conclusion As you can see from the above walkthrough it is not too difficult to configure a service to use both a shared secret and certificate based token at the same time. This gives you the power and protection offered by the access control service in the cloud but also the ability to flow additional tokens to the on-premise component for additional security features to be implemented. Sample The sample used in this post is available at the following location: https://s3.amazonaws.com/CSCBlogSamples/Acme.Azure.ServiceBus.Poc.Cert.zip

    Read the article

  • lvm disappeared after disc replacement on raid10

    - by user142295
    here my problem: I am running ubuntu 12.04 on a raid10 (4 disks), on top of which I installed an lvm with two volume groups (one for /, one for /home). The layout of the disks are as follows: Disk /dev/sda: 1500.3 GB, 1500301910016 bytes 255 heads, 63 sectors/track, 182401 cylinders, total 2930277168 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x0003f3b6 Device Boot Start End Blocks Id System /dev/sda1 * 63 481949 240943+ 83 Linux /dev/sda2 481950 2910640634 1455079342+ fd Linux raid autodetect /dev/sda3 2910640635 2930272064 9815715 82 Linux swap / Solaris Disk /dev/sdb: 1500.3 GB, 1500301910016 bytes 255 heads, 63 sectors/track, 182401 cylinders, total 2930277168 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00069785 Device Boot Start End Blocks Id System /dev/sdb1 63 2910158684 1455079311 fd Linux raid autodetect /dev/sdb2 2910158685 2930272064 10056690 82 Linux swap / Solaris Disk /dev/sdc: 1500.3 GB, 1500301910016 bytes 255 heads, 63 sectors/track, 182401 cylinders, total 2930277168 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00000000 Device Boot Start End Blocks Id System /dev/sdc1 63 2910158684 1455079311 fd Linux raid autodetect /dev/sdc2 2910158685 2930272064 10056690 82 Linux swap / Solaris Disk /dev/sdd: 1500.3 GB, 1500301910016 bytes 255 heads, 63 sectors/track, 182401 cylinders, total 2930277168 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x000f14de Device Boot Start End Blocks Id System /dev/sdd1 63 2910158684 1455079311 fd Linux raid autodetect /dev/sdd2 2910158685 2930272064 10056690 82 Linux swap / Solaris The first disk (/dev/sda) contains the /boot partition on /dev/sda1. I use grub2 to boot the system off this partition. On top of this raid10 I installed two volume groups, one for /, one for /home. This system worked well, I even exchanged two disks during the last two years. It always worked. But not this time. For the first time, /dev/sda broke. I do not know if this is an issue – I know I would have struggled anyways to overcome the problem with /boot installed on that disk and grub2 installed on the mbr of /dev/sda. Anyways, I did what I always did: start knoppix fire up the raid sudo mdadm --examine -scan which returns ARRAY /dev/md127 UUID=0dbf4558:1a943464:132783e8:19cdff95 start it up sudo mdadm --assemble /dev/md127 fail the failing disk (smart event) sudo mdadm /dev/md127 --fail /dev/sda2 remove the failing disk sudo mdadm /dev/md127 --remove /dev/sda2 stop the raid sudo mdadm -S /dev/md127 take out the disk replace it with a new one create the same partitions as on the failling one add it to the raid sudo mdadm --assemble /dev/md127 sudo mdadm /dev/md127 --add /dev/sda2 wait 4 hours All looks fine: cat /proc/mdstat returns: Personalities : [raid10] md127 : active raid10 sda2[0] sdd1[3] sdc1[2] sdb1[1] 2910158464 blocks 64K chunks 2 near-copies [4/4] [UUUU] unused devices: <none> and sudo mdadm --detail /dev/md127 returns /dev/md127: Version : 0.90 Creation Time : Wed Jun 10 13:08:46 2009 Raid Level : raid10 Array Size : 2910158464 (2775.34 GiB 2980.00 GB) Used Dev Size : 1455079232 (1387.67 GiB 1490.00 GB) Raid Devices : 4 Total Devices : 4 Preferred Minor : 127 Persistence : Superblock is persistent Update Time : Thu Mar 21 16:27:40 2013 State : clean Active Devices : 4 Working Devices : 4 Failed Devices : 0 Spare Devices : 0 Layout : near=2 Chunk Size : 64K UUID : 0dbf4558:1a943464:132783e8:19cdff95 (local to host Microknoppix) Events : 0.4824680 Number Major Minor RaidDevice State 0 8 2 0 active sync /dev/sda2 1 8 17 1 active sync /dev/sdb1 2 8 33 2 active sync /dev/sdc1 3 8 49 3 active sync /dev/sdd1 However, there is no trace of the volume groups. Rebooting into knoppix does not help Restarting the old system (I actually replugged and re-added the failing disk for that – the system begins to start, but then fails to see the / partition – no wonder if the volume group is gone) does not help. sudo vgscan, sudo vgdisplay, sudo lvs, sudo lvdisplay, sudo vgscan –mknodes all returned No volume groups found. I am completely at a loss. Can anyone tell me if and how I can recover my data? Thanks in advance!

    Read the article

  • How to fix "BASIC runtime error 1; Type: com.sun.star.uno.Runtime Exception, Message: Toolbar do not exist " error in Libreoffice calc, Ubuntu 12.04

    - by PDeb
    I get the following error while openning a .xls file in Libreoffice Calc, Ubuntu 12.04 [LibreOffice 3.5.5.2; Build ID: 350m 1 (Build:2)] To overcome this I checked the LibreOffice Security Level to Low under Macro Security (from Tools---- Options--- Security tab. Then I went ahead intalling java by running the following commands from the terminal window (with some tips from various forums) sudo add-apt-repository ppa:libreoffice/ppa sudo apt-get update sudo apt-get install libreoffice libreoffice-java-common libreoffice-math libreoffice-gnome libreoffice-java-common Still I got the BASIC runtime error (as in the title), even after clicking Tools---- Options ---- Java and checking the 'Use a Java runtime environment option' and then clicking on 'Sun Microsystems Inc' under listed JRE environments installed. Even I ran the following commands to install latest Java run time environments from terminal window sudo apt-get install openjdk-7-jre icedtea-7-plugin But still I get the same Basicruntime error (details as in the title bar). This particular file opens perfectly in Microsoft Excel 2007, in Win XP Professional.

    Read the article

  • Content Management for WebCenter Installation Guide

    - by Gary Niu
    Overvew As we known, there are two way to install Content Management for WebCenter. One way is install it by WebCenter installer wizard, another way is to install it use their own installer. This guide is for the later one. For SSO purpose, I also mentioned how to config OID identity store for Content Management for WebCenter. Content Management for WebCenter( 10.1.3.5.1) Oracle Enterprise Linux R5U4 Basic Installation -bash-3.2$ ./setup.sh Please select your locale from the list.           1. Chinese-Simplified           2. Chinese-Traditional           3. Deutsch          *4. English-US           5. English-UK           6. Español           7. Français           8. Italiano           9. Japanese          10. Korean          11. Nederlands          12. Português-Brazil Choice? Throughout the install, when entering a text value, you can press Enter to accept the default that appears between square brackets ([]). When selecting from a list, you can select the choice followed by an asterisk by pressing Enter. Select installation type from the list.         *1. Install new server          2. Update a server Choice? Content Server Installation Directory Please enter the full pathname to the installation directory. Content Server Core Folder [/oracle/ucm/server]:/opt/oracle/ucm/server Create Directory         *1. yes          2. no Choice? Java virtual machine         *1. Sun Java 1.5.0_11 JDK          2. Specify a custom Java virtual machine Choice? Installing with Java version 1.5.0_11. Enter the location of the native file repository. This directory contains the native files checked in by contributors. Content Server Native Vault Folder [/opt/oracle/ucm/server/vault/]: Create Directory         *1. yes          2. no Choice? Enter the location of the web-viewable file repository. This directory contains files that can be accessed through the web server. Content Server Weblayout Folder [/opt/oracle/ucm/server/weblayout/]: Create Directory         *1. yes          2. no Choice? This server can be configured to manage its own authentication or to allow another master to act as an authentication proxy. Configure this server as a master or proxied server.         *1. Configure as a master server.          2. Configure as server proxied by a local master server. Choice? During installation, an admin server can be installed and configured to manage this server. If there is already an admin server on this system, you can have the installer configure it to administrate this server instead. Select admin server configuration.         *1. Install an admin server to manage this server.          2. Configure an existing admin server to manage this server.          3. Don't configure an admin server. Choice? Enter the location of an executable to start your web browser. This browser will be used to display the online help. Web Browser Path [/usr/bin/firefox]: Content Server System locale           1. Chinese-Simplified           2. Chinese-Traditional           3. Deutsch          *4. English-US           5. English-UK           6. Español           7. Français           8. Italiano           9. Japanese          10. Korean          11. Nederlands          12. Português-Brazil Choice? Please select the region for your timezone from the list.         *1. Use the timezone setting for your operating system          2. Pacific          3. America          4. Atlantic          5. Europe          6. Africa          7. Asia          8. Indian          9. Australia Choice? Please enter the port number that will be used to connect to the Content Server. This port must be otherwise unused. Content Server Port [4444]: Please enter the port number that will be used to connect to the Admin Server. This port must be otherwise unused. Admin Server Port [4440]: Enter a security filter for the server port. Hosts which are allowed to communicate directly with the server port may access any resources managed by the server. Insure that hosts which need access are included in the filter. See the installation guide for more details. Incoming connection address filter [127.0.0.1]:*.*.*.* *** Content Server URL Prefix The URL prefix specified here is used when generating HTML pages that refer to the contents of the weblayout directory within the installation. This prefix must be mapped in the web server Additional Document Directories section of the Content Management administration menu to the physical location of the weblayout directory. For example, "/idc/" would be used in your installation to refer to the URL http://ucm.company.com/idc which would be mapped in the web server to the physical location /oracle/ucm/server/weblayout. Web Server Relative Root [/idc/]: Enter the name of the local mail server. The server will contact this system to deliver email. Company Mail Server [mail]: Enter the e-mail address for the system administrator. Administrator E-Mail Address [sysadmin@mail]: *** Web Server Address Many generated HTML pages refer to the web server you are using. The address specified here will be used when generating those pages. The address should include the host and domain name in most cases. If your webserver is running on a port other than 80, append a colon and the port number. Examples: www.company.com, ucm.company.com:90 Web Server HTTP Address [yekki]:yekki.cn.oracle.com:7777 Enter the name for this instance. This name should be unique across your entire enterprise. It may not contain characters other than letters, numbers, and underscores. Server Instance Name [idc]: Enter a short label for this instance. This label is used on web pages to identify this instance. It should be less than 12 characters long. Server Instance Label [idc]: Enter a long description for this instance. Server Description [Content Server idc]: Web Server         *1. Apache          2. Sun ONE          3. Configure manually Choice? Please select a database from the list below to use with the Content Server. Content Server Database         *1. Oracle          2. Microsoft SQL Server 2005          3. Microsoft SQL Server 2000          4. Sybase          5. DB2          6. Custom JDBC settings          7. Skip database configuration Choice? Manually configure JDBC settings for this database          1. yes         *2. no Choice? Oracle Server Hostname [localhost]: Oracle Listener Port Number [1521]: *** Database User ID The user name is used to log into the database used by the content server. Oracle User [user]:YEKKI_OCSERVER *** Database Password The password is used to log into the database used by the content server. Oracle Password []:oracle Oracle Instance Name [ORACLE]:orcl Configure the JVM to find the JDBC driver in a specific jar file          1. yes         *2. no Choice? The installer can attempt to create the database tables or you can manually create them. If you choose to manually create the tables, you should create them now. Attempt to create database tables          1. yes         *2. no Choice? Select components to install.          1. ContentFolios: Collect related items in folios          2. Folders_g: Organize content into hierarchical folders          3. LinkManager8: Hypertext link management support          4. OracleTextSearch: External Oracle 11g database as search indexer support          5. ThreadedDiscussions: Threaded discussion management Enter numbers separated by commas to toggle, 0 to unselect all, F to finish: 1,2,3,4,5         *1. ContentFolios: Collect related items in folios         *2. Folders_g: Organize content into hierarchical folders         *3. LinkManager8: Hypertext link management support         *4. OracleTextSearch: External Oracle 11g database as search indexer support         *5. ThreadedDiscussions: Threaded discussion management Enter numbers separated by commas to toggle, 0 to unselect all, F to finish: F Checking configuration. . . Configuration OK. Review install settings. . . Content Server Core Folder: /opt/oracle/ucm/server Java virtual machine: Sun Java 1.5.0_11 JDK Content Server Native Vault Folder: /opt/oracle/ucm/server/vault/ Content Server Weblayout Folder: /opt/oracle/ucm/server/weblayout/ Proxy authentication through another server: no Install admin server: yes Web Browser Path: /usr/bin/firefox Content Server System locale: English-US Content Server Port: 4444 Admin Server Port: 4440 Incoming connection address filter: *.*.*.* Web Server Relative Root: /idc/ Company Mail Server: mail Administrator E-Mail Address: sysadmin@mail Web Server HTTP Address: yekki.cn.oracle.com:7777 Server Instance Name: idc Server Instance Label: idc Server Description: Content Server idc Web Server: Apache Content Server Database: Oracle Manually configure JDBC settings for this database: false Oracle Server Hostname: localhost Oracle Listener Port Number: 1521 Oracle User: YEKKI_OCSERVER Oracle Password: 6GP1gBgzSyKa4JW10U8UqqPznr/lzkNn/Ojf6M8GJ8I= Oracle Instance Name: orcl Configure the JVM to find the JDBC driver in a specific jar file: false Attempt to create database tables: no Components: ContentFolios,Folders_g,LinkManager8,OracleTextSearch,ThreadedDiscussions Proceed with install         *1. Proceed          2. Change configuration          3. Recheck the configuration          4. Abort installation Choice? Finished install type Install with warnings at 4/2/10 12:32 AM. Run Scripts -bash-3.2$ ./wc_contentserverconfig.sh /opt/oracle/ucm/server /mnt/hgfs/SOFTWARE/ofm_ucm_generic_10.1.3.5.1_disk1_1of1/ContentServer/webcenter-conf Installing '/mnt/hgfs/SOFTWARE/ofm_ucm_generic_10.1.3.5.1_disk1_1of1/ContentServer/webcenter-conf/CS10gR35UpdateBundle.zip' Service 'DELETE_DOC' Extended Service 'DELETE_BYREV_REVISION' Extended Installing '/mnt/hgfs/SOFTWARE/ofm_ucm_generic_10.1.3.5.1_disk1_1of1/ContentServer/webcenter-conf/ContentAccess/ContentAccess-linux.zip' (internal)      04.02 00:40:38.019      main    updateDocMetaDefinitionV11: adding decimal column Installing '/opt/oracle/ucm/server/custom/CS10gR35UpdateBundle/extras/Folders_g.zip' Installing '/opt/oracle/ucm/server/custom/CS10gR35UpdateBundle/extras/FusionLibraries.zip' Installing '/opt/oracle/ucm/server/custom/CS10gR35UpdateBundle/extras/JpsUserProvider.zip' Installing '/mnt/hgfs/SOFTWARE/ofm_ucm_generic_10.1.3.5.1_disk1_1of1/ContentServer/webcenter-conf/WcConfigure.zip' Apr 2, 2010 12:41:24 AM oracle.security.jps.internal.core.util.JpsConfigUtil getPasswordCredential WARNING: A password credential is expected; instead found . Apr 2, 2010 12:41:24 AM oracle.security.jps.internal.idstore.util.IdentityStoreUtil getUnamePwdFromCredStore WARNING: The credential with map JPS and key ldap.credential does not exist. Apr 2, 2010 12:41:27 AM oracle.security.jps.internal.core.util.JpsConfigUtil getPasswordCredential WARNING: A password credential is expected; instead found . Apr 2, 2010 12:41:27 AM oracle.security.jps.internal.idstore.util.IdentityStoreUtil getUnamePwdFromCredStore WARNING: The credential with map JPS and key ldap.credential does not exist. Apr 2, 2010 12:41:28 AM oracle.security.jps.internal.core.util.JpsConfigUtil getPasswordCredential WARNING: A password credential is expected; instead found . Apr 2, 2010 12:41:28 AM oracle.security.jps.internal.idstore.util.IdentityStoreUtil getUnamePwdFromCredStore WARNING: The credential with map JPS and key ldap.credential does not exist. Restart Content Server to apply updates. Configuring Apache Web Server append the following lines at httpd.conf: include "/opt/oracle/ucm/server/data/users/apache22/apache.conf" Configuring the Identity Store( Optional ) 1.  Stop Oracle Content Server and the Admin Server 2.  Update the Oracle Content Server's JPS configuration file, jps-config.xml: a. add a service instance <serviceInstance provider="idstore.ldap.provider" name="idstore.oid"> <property name="subscriber.name" value="dc=cn,dc=oracle,dc=com"></property> <property name="idstore.type" value="OID"></property> <property name="security.principal.key" value="ldap.credential"></property> <property name="security.principal.alias" value="JPS"></property> <property name="ldap.url" value="ldap://yekki.cn.oracle.com:3060"></property> <extendedProperty> <name>user.search.bases</name> <values> <value>cn=users,dc=cn,dc=oracle,dc=com</value> </values> </extendedProperty> <extendedProperty> <name>group.search.bases</name> <values> <value>cn=groups,dc=cn,dc=oracle,dc=com</value> </values> </extendedProperty> <property name="username.attr" value="uid"></property> <property name="user.login.attr" value="uid"></property> <property name="groupname.attr" value="cn"></property> </serviceInstance> b. Ensure that the <jpsContext> entry in the jps-config.xml file refers to the new serviceInstance, that is, idstore.oid and not idstore.ldap: <jpsContext name="default"> <serviceInstanceRef ref="idstore.oid"/> 3. Run the new script to setup the credentials for idstore.oid in the credential store: cd CONTENT_SERVER_HOME/custom/FusionLibraries/tools -bash-3.2$ ./run_credtool.sh Buildfile: ./../tools/credtool.xml     [input] skipping input as property action has already been set.     [input] Alias: [JPS]     [input] Key: [ldap.credential]     [input] User Name: cn=orcladmin     [input] Password: welcome1     [input] JPS Config: [/opt/oracle/ucm/server/custom/FusionLibraries/tools/../../../config/jps-config.xml] manage-creds:      [echo] @@@ Help: run 'ant manage-creds' command to see the detailed usage      [java] Using default context in /opt/oracle/ucm/server/custom/FusionLibraries/tools/../../../config/jps-config.xml file for credential store.      [java] Credential store location : /opt/oracle/ucm/server/config      [java] Credential with map JPS key ldap.credential stored successfully!      [java]      [java]      [java]     Credential for map JPS and key ldap.credential is:      [java]             PasswordCredential name : cn=orcladmin      [java]             PasswordCredential password : welcome1 BUILD SUCCESSFUL Total time: 1 minute 27 seconds Testing 1. acces http://yekki.cn.oracle.com:7777/idc 2. login in with OID user, for example: orcladmin/welcome1 3. make sure your JpsUserProvider status is "good"

    Read the article

  • WIF

    - by kaleidoscope
    Windows Identity Foundation (WIF) enables .NET developers to externalize identity logic from their application, improving developer productivity, enhancing application security, and enabling interoperability. It is a framework for implementing claims-based identity in your applications. With WIF one can create more secure applications by reducing custom implementations and using a single simplified identity model based on claims. Windows Identity Foundation is part of Microsoft's identity and access management solution built on Active Directory that also includes: · Active Directory Federation Services 2.0 (formerly known as "Geneva" Server): a security token service for IT that issues and transforms claims and other tokens, manages user access and enables federation and access management for simplified single sign-on · Windows CardSpace 2.0 (formerly known as Windows CardSpace "Geneva"): for helping users navigate access decisions and developers to build customer authentication experiences for users. Reference : http://msdn.microsoft.com/en-us/security/aa570351.aspx Geeta

    Read the article

  • Kuppinger Cole Paper on Entitlements Server

    - by Naresh Persaud
    Kuppinger Cole recently released a paper discussing external authorization describing how organizations can "future proof" their enterprise security by deploying Oracle Entitlements Server.  By taking a declarative security approach, security policy can be flexible and distributed across multiple applications consistently. You can get a copy of the report here. In fact Oracle Entitlements Server is being used in many places to secure data and sensitive business transactions. The paper covers the major  use cases for Entitlements Server as well as Kuppinger Cole's assessment of the market. Here are some additional resources that reinforce the cases discussed in the paper. Today applications for cloud and mobile applications can utilize RESTful interfaces. Click on this link to learn how. OES can also be used to secure data in Oracle Databases.   To learn more check out the new Oracle U  OES 11g course.

    Read the article

  • MS Grad Student Project

    - by Bernie Perez
    I'm a computer science grad student at UCLA specializing in security and/or mobile devices. I'm looking for ideas for my M.S. Project. Something with research and experimenting or testing. I have a few in mind, just wondering if the community has some good thoughts. I'm currently working on a project that deals with offload security related operations to a grid-powered/cloud server to improve battery life on phones or tablets, aka Security-Aware software on mobile devices. I might be able to expand on this for my project... but I'm open to any new types of ideas. I have another idea about secure communications with a peer-2-peer ad-hoc network, but its seems a little dull. Hope this questions is not off topic for this StackExchange. I look forward to hearing your thoughts and ideas.

    Read the article

  • 6 Ways Windows 8 Is More Secure Than Windows 7

    - by Chris Hoffman
    Whatever you think of it, Windows 8 isn’t just a new interface slapped on top of Windows 7. Windows 8 has seen a lot of security improvements, including an integrated antivirus, an application reputation system, and protection from boot-time rootkits. There are also quite a few low-level security improvements under the hood. Microsoft hasn’t spelled out all of them, but Windows 8 manages memory in a more secure way and includes features that make security vulnerabilities harder to exploit. HTG Explains: Why It’s Good That Your Computer’s RAM Is Full 10 Awesome Improvements For Desktop Users in Windows 8 How To Play DVDs on Windows 8

    Read the article

  • Architect Day: Boston - Agenda Update

    - by Bob Rhubart
    Here's the latest information on the session schedule and content for Oracle Technology Network Architect Day in Boston, MA on September 12, 2012. Registration is open, but seating is limited. When: September 12, 2012 8:30am – 5:00pm Where: Boston Marriott Burlington One Burlington Mall Road Burlington, MA 01803 Register now Agenda Time Session Title Room 8:30 am - 9:00 am Registration and Continental Breakfast Salon E Foyer 9:00 am - 9:15 am Welcome and Opening Comments | Bob Rhubart Salon E 9:15 am - 10:00 am Engineered Systems: Oracle's Vision for the Future | Ralf Dossmann Oracle's Exadata and Exalogic are impressive products in their own right. But working in combination they deliver unparalleled transaction processing performance with up to a 30x increase over existing legacy systems, with the lowest cost of ownership over a 3 or 5 year basis than any other hardware. In this session you'll learn how to leverage Oracle's Engineered Systems within your enterprise to deliver record-breaking performance at the lowest TCO. Salon E 10:00 am - 10:30 am Securing Public and Private Clouds | Anton Nielsen Long before the term "Cloud Computing" existed, Oracle technologies supported and promoted the concept. Centralized data with remote users has been at the core of these technologies for decades. The public cloud, and extending private clouds to the internet, though, has added security challenges never imagined decades ago. This presentation will examine a real life security breach and introduce architecture, technologies and policies to secure public and private clouds.  Salon E 10:30 am - 10:45 am Break 10:45 am - 11:30 am Breakout Sessions (pick one) Cloud Computing - Making IT Simple | Scott Mattoon The road to Cloud Computing is not without a few bumps. This session will help to smooth out your journey by tackling some of the potential complications. We'll examine whether standardization is a prerequisite for the Cloud. We'll look at why refactoring isn't just for application code. We'll check out deployable entities and their simplification via higher levels of abstraction. And we'll close out the session with a look at engineered systems and modular clouds. Salon E Innovations in Grid Computing with Oracle Coherence | Rob Misek Learn how Coherence can increase the availability, scalability and performance of your existing applications with its advanced low-latency data-grid technologies. Also hear some interesting industry-specific use cases that customers had implemented and how Oracle is integrating Coherence into its Enterprise Java stack. Salon C 11:30 am - 12:15 pm Breakout Sessions (pick one) Enterprise Strategy for Cloud Security | Dave Chappelle Security is high on the list of concerns for many organizations as they evaluate their cloud computing options. This session will examine security in the context of the various forms of cloud computing. We'll consider technical and non-technical aspects of security, and discuss several strategies for cloud computing, from both the consumer and producer perspectives. Salon E Oracle Enterprise Manager | Avi Huber Much more than a DB management tool, Oracle Enterprise Manager provides management and monitoring coverage for the entire Oracle stack, and beyond. This session will concentrate on the middleware management functionality in OEM, starting with Real User Experience monitoring, through AppServer management, and into deep-dive Java diagnostics. We’ll discuss Business Driven Application Management (BDAM) and the benefits of top-down monitoring. Lastly, we’ll demonstrate how to trace a specific user experience problem, through a multitier SOA application, to its root cause, deep in the JVM. Salon C 12:15 pm - 1:15 pm Lunch Salon E Foyer 1:15 pm - 2:00 pm Panel Discussion - Q&A with session speakers Salon E 2:00 pm - 2:45 pm Breakout Sessions (pick one) Oracle Cloud Reference Architecture | Anbu Krishnaswamy Cloud initiatives are beginning to dominate enterprise IT roadmaps. Successful adoption of Cloud and the subsequent governance challenges warrant a Cloud reference architecture that is applied consistently across the enterprise. This presentation will answer the important questions: What exactly is a Cloud, why you need it, what changes it will bring to the enterprise, and what are the key capabilities of a Cloud infrastructure are - using Oracle's Cloud Reference Architecture, which is part of the IT Strategies from Oracle (ITSO) Cloud Enterprise Technology Strategy (ETS). Salon E 21st Century SOA | Peter Belknap Service Oriented Architecture has evolved from concept to reality in the last decade. The right methodology coupled with mature SOA technologies has helped customers demonstrate success in both innovation and ROI. In this session you will learn how Oracle SOA Suite's orchestration, virtualization, and governance capabilities provide the infrastructure to run mission critical business and system applications. And we'll take a special look at the convergence of SOA & BPM using Oracle's Unified technology stack. Salon C 2:45 pm - 3:00 pm Break 3:00 pm - 4:00 pm Roundtable Discussion Salon E 4:00 pm - 4:15 pm Closing Comments & Readouts from Roundtables Salon E 4:15 pm - 5:00 pm Networking / Reception Salon E Foyer Note: Session schedule and content subject to change.

    Read the article

  • Improved Database Threat Management with Oracle Audit Vault and ArcSight ESM

    - by roxana.bradescu
    Data represents one of the most valuable assets in any organization, making databases the primary target of today's attacks. It is important that organizations adopt a database security defense-in-depth approach that includes data encryption and masking, access control for privileged users and applications, activity monitoring and auditing. With Oracle Audit Vault, organizations can reliably monitor database activity enterprise-wide and alert on any security policy exceptions. The new integration between Oracle Audit Vault and ArcSight Enterprise Security Manager, allows organizations to take advantage of enterprise-wide, real-time event aggregation, correlation and response to attacks against their databases. Join us for this live SANS Tool Talk event to learn more about this new joint solution and real-world attack scenarios that can now be quickly detected and thwarted.

    Read the article

  • Free SANS Mobility Policy Survey Webcast - October 23rd @10:00 am PST

    - by Darin Pendergraft
    Join us for a free webcast tomorrow, October 23 @ 10:00 am PST as SANS presents the findings from their mobility policy survey. -- Register here for Part 1: https://www.sans.org/webcasts/byod-security-lists-policies-mobility-policy-management-survey-95429 This is a great opportunity to see where companies are with respect to mobile access policies and overall mobile application management. This first part is entitled: BYOD Wish Lists and Policies.  Part 2 will be run on October 25th and is entitled: BYOD security practices. -- Register here for Part 2: https://www.sans.org/webcasts/byod-security-practices-2-mobility-policy-management-survey-95434

    Read the article

  • Cannot connect to secure wireless with Netgear wna3100 USB

    - by Vince Radice
    I have installed Ubuntu 11.10. I used a wired connection to download and install all of the updates. When I tried to use a Netgear WNA3100 wireless USB network adapter, it failed. Much searching and trying things I was finally able to get it working by disabling security on my router. I have verified this by disabling security and I was able to connect. When I enabled security (WPA2 PSK), the connection failed. What is necessary to enable security (WPA2 PSK) and still use the Netgear USB interface? Here is the output from the commands most requested lsusb Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 004 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 001 Device 003: ID 0846:9020 NetGear, Inc. WNA3100(v1) Wireless-N 300 [Broadcom BCM43231] lshw -C network *-network description: Ethernet interface product: RTL-8139/8139C/8139C+ vendor: Realtek Semiconductor Co., Ltd. physical id: 3 bus info: pci@0000:02:03.0 logical name: eth0 version: 10 serial: 00:40:ca:44:e6:3e size: 10Mbit/s capacity: 100Mbit/s width: 32 bits clock: 33MHz capabilities: pm bus_master cap_list rom ethernet physical tp mii 10bt 10bt-fd 100bt 100bt-fd autonegotiation configuration: autonegotiation=on broadcast=yes driver=8139too driverversion=0.9.28 duplex=half latency=32 link=no maxlatency=64 mingnt=32 multicast=yes port=MII speed=10Mbit/s resources: irq:19 ioport:c800(size=256) memory:ee011000-ee0110ff memory:40000000-4000ffff *-network description: Wireless interface physical id: 1 logical name: wlan0 serial: e0:91:f5:56:e1:0d capabilities: ethernet physical wireless configuration: broadcast=yes driver=ndiswrapper+bcmn43xx32 driverversion=1.56+,08/26/2009, 5.10.79.30 ip=192.168.1.104 link=yes multicast=yes wireless=IEEE 802.11g iwconfig lo no wireless extensions. eth0 no wireless extensions. wlan0 IEEE 802.11g ESSID:"vincecarolradice" Mode:Managed Frequency:2.422 GHz Access Point: A0:21:B7:9F:E5:EE Bit Rate=121.5 Mb/s Tx-Power:32 dBm RTS thr:2347 B Fragment thr:2346 B Encryption key:off Power Management:off Link Quality:76/100 Signal level:-47 dBm Noise level:-96 dBm Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:0 Missed beacon:0 ndiswrapper -l bcmn43xx32 : driver installed device (0846:9020) present lsmod | grep ndis ndiswrapper 193669 0 dmesg | grep -e ndis -e wlan [ 907.466392] ndiswrapper version 1.56 loaded (smp=yes, preempt=no) [ 907.838507] ndiswrapper (import:233): unknown symbol: ntoskrnl.exe:'IoUnregisterPlugPlayNotification' [ 907.838955] ndiswrapper: driver bcmwlhigh5 (Netgear,11/05/2009, 5.60.180.11) loaded [ 908.137940] wlan0: ethernet device e0:91:f5:56:e1:0d using NDIS driver: bcmwlhigh5, version: 0x53cb40b, NDIS version: 0x501, vendor: 'NDIS Network Adapter', 0846:9020.F.conf [ 908.141879] wlan0: encryption modes supported: WEP; TKIP with WPA, WPA2, WPA2PSK; AES/CCMP with WPA, WPA2, WPA2PSK [ 908.143048] usbcore: registered new interface driver ndiswrapper [ 908.178826] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 994.015088] usbcore: deregistering interface driver ndiswrapper [ 994.028892] ndiswrapper: device wlan0 removed [ 994.080558] ndiswrapper version 1.56 loaded (smp=yes, preempt=no) [ 994.374929] ndiswrapper: driver bcmn43xx32 (,08/26/2009, 5.10.79.30) loaded [ 994.404366] ndiswrapper (mp_init:219): couldn't initialize device: C0000001 [ 994.404384] ndiswrapper (pnp_start_device:435): Windows driver couldn't initialize the device (C0000001) [ 994.404666] ndiswrapper (mp_halt:262): device e05b6480 is not initialized - not halting [ 994.404671] ndiswrapper: device eth%d removed [ 994.404709] ndiswrapper: probe of 1-5:1.0 failed with error -22 [ 994.406318] usbcore: registered new interface driver ndiswrapper [ 2302.058692] wlan0: ethernet device e0:91:f5:56:e1:0d using NDIS driver: bcmn43xx32, version: 0x50a4f1e, NDIS version: 0x501, vendor: 'NDIS Network Adapter', 0846:9020.F.conf [ 2302.060882] wlan0: encryption modes supported: WEP; TKIP with WPA, WPA2, WPA2PSK; AES/CCMP with WPA, WPA2, WPA2PSK [ 2302.113838] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 2354.611318] ndiswrapper (iw_set_auth:1602): invalid cmd 12 [ 2355.268902] ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 2365.400023] wlan0: no IPv6 routers present [ 2779.226096] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 2779.422343] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 2797.574474] ndiswrapper (iw_set_auth:1602): invalid cmd 12 [ 2802.607937] ndiswrapper (iw_set_auth:1602): invalid cmd 12 [ 2803.261315] ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 2813.952028] wlan0: no IPv6 routers present [ 3135.738431] ndiswrapper (iw_set_auth:1602): invalid cmd 12 [ 3139.180963] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 3139.816561] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 3163.229872] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 3163.444542] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 3163.758297] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 3163.860684] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 3205.118732] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 3205.139553] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 3205.300542] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 3353.341402] ndiswrapper (iw_set_auth:1602): invalid cmd 12 [ 3363.266399] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 3363.505475] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 3363.506619] ndiswrapper (set_iw_auth_mode:601): setting auth mode to 5 failed (00010003) [ 3363.717203] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 3363.779206] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 3405.206152] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 3405.248624] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 3405.577664] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 3438.852457] ndiswrapper (iw_set_auth:1602): invalid cmd 12 [ 3438.908573] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 3568.282995] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 3568.325237] ndiswrapper (set_iw_auth_mode:601): setting auth mode to 5 failed (00010003) [ 3568.460716] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 3568.461763] ndiswrapper (set_iw_auth_mode:601): setting auth mode to 5 failed (00010003) [ 3568.809776] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 3568.880641] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 3610.122848] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 3610.148328] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 3610.324502] ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 3636.088798] ndiswrapper (iw_set_auth:1602): invalid cmd 12 [ 3636.712186] ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 3647.600040] wlan0: no IPv6 routers present I am using the system now with the router security turned off. When I submit this, I will turn security back on.

    Read the article

  • Prevent Apache restarting automatically after upgrading packages

    - by HorusKol
    Following on from an earlier question: Is there a way to download security updates and notify admin without installing the update? A large number of packages interact with Apache (especially PHP) such that security updates to those packages can cause the server to attempt to restart the service. While my earlier question was answered, I'm now thinking that I need a different solution. So - is there are way to allow security updates to be applied using apt, have an email sent to an administrator, and, most importantly, prevent services from being restarted at the end of the installation/update process? The administrator will then be able to log in and restart the service manually.

    Read the article

  • Can Separation of Duties Deter Cybercrime? YES!

    - by roxana.bradescu
    According to the CERT 2010 CyberSecurity Watch Survey: The public may not be aware of the number of incidents because almost three-quarters (72%), on average, of the insider incidents are handled internally without legal action or the involvement of law enforcement. However, cybercrimes committed by insiders are often more costly and damaging than attacks from outside. When asked what security policies and procedures supported or played a role in the deterrence of a potential cybercriminal, 36% said technically-enforced segregation of duties. In fact, many data protection regulations call for separation of duties and enforcement of least privilege. Oracle Database Security solutions can help you meet these requirements and prevent insider threats by preventing privileged IT staff from accessing the data they are charged with managing, ensuring developers and testers don't have access to production data, making sure that all database activity is monitored and audited to prevent abuse, and more. All without changes to your existing applications or costly infrastructure investments. To learn more, watch our Oracle Database Management Separation of Duties for Security and Regulatory Compliance webcast.

    Read the article

  • HTG Explains: What AppArmor Is and How It Secures Your Ubuntu System

    - by Chris Hoffman
    AppArmor is an important security feature that’s been included by default with Ubuntu since Ubuntu 7.10. However, it runs silently in the background, so you may not be aware of what it is and what it’s doing. AppArmor locks down vulnerable processes, restricting the damage security vulnerabilities in these processes can cause. AppArmor can also be used to lock down Mozilla Firefox for increased security, but it doesn’t do this by default. How to Use an Xbox 360 Controller On Your Windows PC Download the Official How-To Geek Trivia App for Windows 8 How to Banish Duplicate Photos with VisiPic

    Read the article

  • America The Vulnerable

    - by Naresh Persaud
    At the Executive Edge this week, Joel Brenner shared his perspective on the state of cyber-security. Today our most critical military and corporate secrets are under attack. In his presentation, Joel shared his perspective on how organizations can can better prepare for the changing security climate. The amount of state sponsored espionage has highlighted weaknesses in our national security infrastructure. The Internet was primarily intended to provide a means of collaboration for non-commercial entities. Today it is the backbone of our digital commerce and digital experience and it was not designed to secure the activities and data we share today.  Check out "America The Vulnerable" and learn more. 

    Read the article

  • Black Hat Hackers vs Programmers?

    - by Matt Ridge
    This came up with another question I had here, I have decided on a programming verification system that requires a hardware verification system, a software key, and a name/password system. Now people are saying that hackers will bypass any new security, which may be true, but I have a few questions. There has to be a balance between programmers programming and hackers stealing software, otherwise programs wouldn’t be made, and we wouldn’t be where we are today. What is that balance? 5%, 10%, 20%, 50%? What is too much security for the end user? What is too little security so the hacker can just push through without issue? If your software becomes popular, what should you expect or accept as acceptable loss? Why should we accept black hat hackers as a way of life?

    Read the article

  • Mehr Sicherheit für Netzwerkverbindungen

    - by DBA Community
    Der Zugriff auf Datenbanken über das Netzwerk stellt aus Security Sicht einen ausgesprochen kritischen Vorgang dar, der unbedingt vor Missbrauch geschützt werden muss. Deshalb ist es auch nicht weiter verwunderlich, dass im Security Ecosystem etliche Produkte angeboten werden, die diesen Zugriff sichern helfen: Das beginnt bei Firewalls mit SQL Net Proxy, geht über Produkte wie die Oracle Database Firewall, die einen Schutz vor SQL Injection Angriffen über das Netzwerk leisten, und endet etwa bei den Angeboten zur Netzwerkverschlüsselung, wie sie im Oracle Datenbankumfeld vor allem die Advanced Security Option anbietet. Aber vor jedem Einsatz schwieriger oder kostspieliger Mittel zur Steigerung der Sicherheit einer Datenbank steht der Einsatz solcher Mittel, die ohne zusätzliche Kosten oder relativ einfach zu implementieren sind. Dazu gehören das bereits in einem Community Artikel andiskutierte  Härten der Datenbank oder das in einem weiteren Artikel angesprochene Umsetzen des  Prinzips des least privilege. Im vorliegenden Artikel soll darauf eingegangen werden, wie die Verbindungsaufnahme zur Datenbank über einen Listener Prozess sowie die Netzwerkverbindung zwischen Client und Datenbank über SQL Net eigene Mittel so konfiguriert werden können, dass dies die Sicherheit einer Datenbank ohne Zusatzkosten erhöht. Weiter zum Tipp.

    Read the article

  • Powershell Run-As Script

    - by marc dekeyser
    Disclaimer: This script is not of my own making. I found it on a share somewhere and it is so handy I started using in a bunch of scripts. To the writer: If you're out there, somewhere, when you see this, thank you! Check if script is running as Adminstrator and if not use RunAs    # Use Check Switch to check if admin        param([Switch]$Check)        $IsAdmin = ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()`        ).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")            if ($Check) { return $IsAdmin }        if ($MyInvocation.ScriptName -ne "")    {         if (-not $IsAdmin)         {             try            {                 $arg = "-file `"$($MyInvocation.ScriptName)`""                Start-Process "$psHome\powershell.exe" -Verb Runas -ArgumentList $arg -ErrorAction 'stop'             }            catch            {                Write-Warning "Error - Failed to restart script with runas"                 break                          }            exit # Quit this session of powershell        }     }     else     {         Write-Warning "Error - Script must be saved as a .ps1 file first"         break     } write-host "Script Running As Administrator" -foregroundcolor redWrite-host ""

    Read the article

  • Releasing poorly written software...

    - by eddienotizzard
    I've made a poorly written, yet fully functioning website, in (shock, horror, shock) PHP. Everything works as expected, I've implemented the necessary security measures: http://php.net/manual/en/security.php and phpsec.org/projects/guide/ It's poorly written in the sense that it's a bunch of functions thrown together that do something...oddly enough I was consistent with the naming conventions. Would you release something you were not happy with, but worked? I would also like to point out that I don't collect much user information (username, email and password) is about it -- but it's not really the security part I'm worried about, it's the spaghetti code I've written.

    Read the article

  • why is it a risk to clone a LUKS container?

    - by laramichaels
    I recently installed Ubuntu onto an encrypted partition using the LUKS+LVM combination that the 'alternate' installer offers. Now I want to create backups of my HD. From the LUKS FAQ: 6.15 Can I clone a LUKS container? You can, but it breaks security, because the cloned container has the same header and hence the same master key. You cannot change the master key on a LUKS container, even if you change the passphrase(s), the master key stays the same. That means whoever has access to one of the clones can decrypt them all, completely bypassing the passphrases. How can the existence of a perfect clone of my encrypted HD break security if it contains the exact same information as my live encrypted HD? In which sense does keeping updated clones of my LUKS-encrypted HD around "break security"?

    Read the article

  • SharePoint Apps a word of caution

    - by Sahil Malik
    SharePoint 2010 Training: more information Lucky for SharePoint, it is the first foray into this brave world where the browser is masquerading as an operating system. For the very first time, with SharePoint 2013, we will have apps from different vendors, talking to different domains live in the browser. Sound fun eh? Well, all is hunky dory until you consider that browsers don’t have concepts such as process isolation, encryption, obfuscation etc.. Stuff that we are so used to in operating systems that we don’t even think about it. Browsers have JavaScript, and broken HTML5 – it is not secure! In fact, in the current technology spectrum you cannot achieve anything other than laughable security at message level without involving a plugin or some sort of thick code like Java. The only security worth it’s salt in pure html/javascript scenarios, still, is transport security – and that’s it. Read full article ....

    Read the article

  • JDK 7u10 Released !

    - by user9148683
    Java Development Kit 7 Update 10 (JDK 7u10) release is now live! You can download it from Java SE Downloads page. The Java™ SE Development Kit 7, Update 10 Release Notes contains information about this release. The highlights of this release include: New Certified System Configurations - Mac OS X 10.8 and Windows 8 Security Feature Enhancements: The ability to disable any Java application from running in the browser. This mode can be set in the Java Control Panel or (on Microsoft Windows platform only) using a command-line install argument. New dialogs to warn you when the JRE is insecure (either expired or below the security baseline) and needs to be updated. The documentation at Setting the Level of Security for the Java Client and Java Control Panel explains these features in detail.

    Read the article

  • Using named_scopes on the join model of a has_many :through

    - by uberllama
    Hi folks. I've been beating my head against the wall on something that on the surface should be very simple. Lets say I have the following simplified models: user.rb has_many :memberships has_many :groups, :through => :memberships membership.rb belongs_to :group belongs_to :user STATUS_CODES = {:admin => 1, :member => 2, :invited => 3} named_scope :active, :conditions => {:status => [[STATUS_CODES[:admin], STATUS_CODES[:member]]} group.rb has_many :memberships has_many :users, :through => :memberships Simple, right? So what I want to do is get a collection of all the groups a user is active in, using the existing named scope on the join model. Something along the lines of User.find(1).groups.active. Obviously this doesn't work. But as it stands, I need to do something like User.find(1).membrships.active.all(:include => :group) which returns a collection of memberships plus groups. I don't want that. I know I can add another has_many on the User model with conditions that duplicate the :active named_scope on the Membership model, but that's gross. has_many :active_groups, :through => :memberships, :source => :group, :conditions => ... So my question: is there a way of using intermediary named scopes when traversing directly between models? Many thanks.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 208 209 210 211 212 213 214 215 216 217 218 219  | Next Page >