Search Results

Search found 8253 results on 331 pages for 'secure coding'.

Page 22/331 | < Previous Page | 18 19 20 21 22 23 24 25 26 27 28 29  | Next Page >

  • How to secure a group of Amazon EC2 instances

    - by ks78
    I have several Amazon EC2 instances running Ubuntu 10.04 and I've recently started using Amazon's Route 53 as my DNS. The purpose of doing that was to allow the instances to refer to each other by name rather than private IP (which can change). I've pointed my domain name (via GoDaddy) to Amazon's name servers, allowing me to access my EC2 webservers. However, I noticed I can now access the EC2 instances which I don't want to be public, such as the dedicated MySQL Server. I was thinking Amazon's Security Groups would still be in effect when using Route 53, but that doesn't seem to be the case. Before I started using Route 53, I was thinking of having one instance run a reverse proxy, which would help protect the web servers behind it. Then IP-restrict all the other instances. I know IP restricting can be done using the firewall within each instance, but should I ever need to access them from another IP address, I'd need a way in. Amazon's control panel made it a breeze to open a port when necessary. Does anyone have any suggestions for keeping EC2 instances secure, but also accessible to their administrator? Also, what's the best topology for a group of EC2 instances, consisting of web servers and a dedicated database server, from a security perspective? Does having a reverse proxy server even make sense?

    Read the article

  • Using Truecrypt to secure mySQL database, any pitfalls?

    - by Saul
    The objective is to secure my database data from server theft, i.e. the server is at a business office location with normal premises lock and burglar alarm, but because the data is personal healthcare data I want to ensure that if the server was stolen the data would be unavailable as encrypted. I'm exploring installing mySQL on a mounted Truecrypt encrypted volume. It all works fine, and when I power off, or just cruelly pull the plug the encrypted drive disappears. This seems a load easier than encrypting data to the database, and I understand that if there is a security hole in the web app , or a user gets physical access to a plugged in server the data is compromised, but as a sanity check , is there any good reason not to do this? @James I'm thinking in a theft scenario, its not going to be powered down nicely and so is likely to crash any DB transactions running. But then if someone steals the server I'm going to need to rely on my off site backup anyway. @tomjedrz, its kind of all sensitive, individual personal and address details linked to medical referrals/records. Would be as bad in our field as losing credit card data, but means that almost everything in the database would need encryption... so figured better to run the whole DB in an encrypted partition. If encrypt data in the tables there's got to be a key somewhere on the server I'm presuming, which seems more of a risk if the box walks. At the moment the app is configured to drop a dump of data (weekly full and then deltas only hourly using rdiff) into a directory also on the Truecrypt disk. I have an off site box running WS_FTP Pro scheduled to connect by FTPs and synch down the backup, again into a Truecrypt mounted partition.

    Read the article

  • Subversion: Secure connection truncated

    - by Nick
    Hi, I'm trying to set-up a subversion server with apache2/webdav access. I've created the repository and configure Apache according to the official book, and I can see the repository in a webbrowser. The browser shows: conf/ db/ hooks/ locks/ Although clicking any of those links gives an empty xml document like: <D:error> <C:error/> <m:human-readable errcode="2"> Could not open the requested SVN filesystem </m:human-readable> </D:error> I've never used subversion before so I assume this is correct? Anyway, when I try to connect via a command line client, it asks for my password, I give it, then I get the (useless) error message: svn: OPTIONS of 'https://svn.mysite.com': Could not read status line: Secure connection truncated (https://svn.mysite.com) The command I'm using is: svn checkout https://svn.mysite.com/ svn.mysite.com Subversion was installed using Ubuntu's package manager. It's version 1.6.6 on Ubuntu 10.04. My Virtualhost Cofiguration: <VirtualHost 123.123.12.12:443> ServerAdmin [email protected] ServerName svn.mysite.com <Location /> DAV svn SVNParentPath /var/svn/repos SVNListParentPath On AuthType Basic AuthName "Subversion Repository" AuthUserFile /etc/subversion/passwd Require valid-user </Location> # Setup The SSL Certificate Paths SSLEngine On SSLCertificateFile /etc/ssl/certs/mysite.com.crt SSLCertificateKeyFile /etc/ssl/private/dmysite.com.key </VirtualHost>

    Read the article

  • objective c coding guidelines

    - by Chandan Shetty SP
    Is there any pdf which tells about coding guidelines in objective C. For Example... 1. Breaking the function names - checkIfHitTheTrack. 2. member variables must be like - mVariableName. 3. Giving better names to subclass - ? Please share the related links...

    Read the article

  • the coding problem in server

    - by zahir hussain
    $fp = fopen("http://feeds.reuters.com/Reuters/PoliticsNews?format=xml","r") or die("Error reading RSS data."); The above coding working correctly in localhost;;; but in server display "Error reading RSS data."... i dont know why.... anybody please explain me... i am waiting... thanks

    Read the article

  • What benefits does IOC provide over soft-coding?

    - by dotnetdev
    Take the following article for example: http://weblogs.asp.net/psteele/archive/2009/11/23/use-dependency-injection-to-simplify-application-settings.aspx?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+dotnetmvp+%28Patrick+Steele%27s+.NET+Blog%29 I don't see what benefit there is from the IOC approach as opposed to the traditional soft-coding approach. Can someone tell me what I am missing? Thanks

    Read the article

  • essential reading for php coding (including databases)?

    - by tombull89
    Hello. I'm more of a SU and SF but now I'm after some help from the SO community. I'm dabbling in a bit of php coding with databases and am getting a bit stuck with relationships and the like. Can anybody reccomend some books, online or real, that would be a good start for someone new(ish) to php and mysql databases? Cheers!

    Read the article

  • pfc_Validation event coding example

    - by Brani
    Could you give me an example of the way I should code into the pfc_Validation event? This is an event that I have never used. For example here is something I have coded in the ue_itemchanged event. if dwo.name = 'theme' then This.Setitem(row,"theme",wf_clean_up_text(data)) end if if dwo.name = 'Comments' then This.Setitem(row,"Comments",wf_clean_up_text(data)) end if Which is the proper way of coding those validations in the pfc_Validation event , so that they are performed only on save-time?

    Read the article

  • PHP coding question?

    - by tag
    Does the following code below do the same thing and if so which one is better when coding? And is there a name for when PHP code is missing curly brackets? The PHP code. <?php if (isset($_POST['email'])) { echo $_POST['email']; }?> <?php if (isset($_POST['email'])) echo $_POST['email'];?>

    Read the article

  • coding on back button of navigation based application??

    - by hemant
    In one view during a function call i am assigning 1 to a flag...when i navigate back to previous view i want the the flag value to be retained to that view...how cAn i do coding on the button that appears on the screen to navigate back to the previous screen might be able to do it or is there any better solution???

    Read the article

  • How to use Secure Erase and is it on the install CD?

    - by Mikey
    Supposedly there is some built in hard drive magic called "Secure Erase" which is wildly faster and more secure than "dd if=/dev/zero..." I am most excited about the speed increase. There seems to be a GUI for it as part of Parted Magic: http://www.ocztechnologyforum.com/forum/showthread.php?81321-Secure-Erase-With-bootable-CD-USB-Linux..-Point-and-Click-Method Is there something like this for Ubuntu? Better yet, is there a way to actually issue this command "manually" like with smartctl or something?

    Read the article

  • What is UEFI and Secure Boot? How do they affect Ubuntu?

    - by Oxwivi
    Discussions and reports about UEFI and Secure Boot has cropped up in many Linux circles, but can anyone summarize it's impacts on Ubuntu and how it affects the general users? I know that UEFI and Secure Boot are separate (not interchangeable), with Secure Boot being a part of the Unified Extensible Firmware Interface BIOS specification. PS I do know how it affects Ubuntu, this question is for the benefit of public knowledge.

    Read the article

  • Secure hash and salt for PHP passwords

    - by luiscubal
    It is currently said that MD5 is partially unsafe. Taking this into consideration, I'd like to know which mechanism to use for password protection. Is “double hashing” a password less secure than just hashing it once? Suggests that hashing multiple times may be a good idea. How to implement password protection for individual files? Suggests using salt. I'm using PHP. I want a safe and fast password encryption system. Hashing a password a million times may be safer, but also slower. How to achieve a good balance between speed and safety? Also, I'd prefer the result to have a constant number of characters. The hashing mechanism must be available in PHP It must be safe It can use salt (in this case, are all salts equally good? Is there any way to generate good salts?) Also, should I store two fields in the database(one using MD5 and another one using SHA, for example)? Would it make it safer or unsafer? In case I wasn't clear enough, I want to know which hashing function(s) to use and how to pick a good salt in order to have a safe and fast password protection mechanism. EDIT: The website shouldn't contain anything too sensitive, but still I want it to be secure. EDIT2: Thank you all for your replies, I'm using hash("sha256",$salt.":".$password.":".$id) Questions that didn't help: What's the difference between SHA and MD5 in PHP Simple Password Encryption Secure methods of storing keys, passwords for asp.net How would you implement salted passwords in Tomcat 5.5

    Read the article

  • best way to switch between secure and unsecure connection without bugging the user

    - by Brian Lang
    The problem I am trying to tackle is simple. I have two pages - the first is a registration page, I take in a few fields from the user, once they submit it takes them to another page that processes the data, stores it to a database, and if successful, gives a confirmation message. Here is my issue - the data from the user is sensitive - as in, I'm using an https connection to ensure no eavesdropping. After that is sent to the database, I'd like on the confirmation page to do some nifty things like Google Maps navigation (this is for a time reservation application). The problem is by using the Google Maps api, I'd be linking to items through a unsecure source, which in turn prompts the user with a nasty warning message. I've browsed around, Google has an alternative to enterprise clients, but it costs $10,000 a year. What I am hoping is to find a workaround - use a secure connection to take in the data, and after it is processed, bring them to a page that isn't secure and allows me to utilize the Google Maps API. If any of you have a Netflix account you can see exactly what I would like to do when you sign-in, it is a secure page, which then takes you to your account / queue, on an unsecure page. Any suggestions? Thanks!

    Read the article

  • Secure openVPN using IPTABLES

    - by bob franklin smith harriet
    Hey, I setup an openVPN server and it works ok. The next step is to secure it, I opted to use IPTABLES to only allow certain connections through but so far it is not working. I want to enable access to the network behind my openVPN server, and allow other services (web access), when iptables is disabaled or set to allow all this works fine, when using my following rules it does not. also note, I already configured openVPN itself to do what i want and it works fine, its only failing when iptables is started. Any help to tell me why this isnt working will appreciated here. These are the lines that I added in accordance with openVPN's recommendations, unfortunately testing these commands shows that they are requiered, they seem incredibly insecure though, any way to get around using them? # Allow TUN interface connections to OpenVPN server -A INPUT -i tun+ -j ACCEPT #allow TUN interface connections to be forwarded through other interfaces -A FORWARD -i tun+ -j ACCEPT # Allow TAP interface connections to OpenVPN server -A INPUT -i tap+ -j ACCEPT # Allow TAP interface connections to be forwarded through other interfaces -A FORWARD -i tap+ -j ACCEPT These are the new chains and commands i added to restrict access as much as possible unfortunately with these enabled, all that happens is the openVPN connection establishes fine, and then there is no access to the rest of the network behind the openVPN server note I am configuring the main iptables file and I am paranoid so all ports and ip addresses are altered, and -N etc appears before this so ignore that they dont appear. and i added some explanations of what i 'intended' these rules to do, so you dont waste time figuring out where i went wrong : 4 #accepts the vpn over port 1192 -A INPUT -p udp -m udp --dport 1192 -j ACCEPT -A INPUT -j INPUT-FIREWALL -A OUTPUT -j ACCEPT #packets that are to be forwarded from 10.10.1.0 network (all open vpn clients) to the internal network (192.168.5.0) jump to [sic]foward-firewall chain -A FORWARD -s 10.10.1.0/24 -d 192.168.5.0/24 -j FOWARD-FIREWALL #same as above, except for a different internal network -A FORWARD -s 10.10.1.0/24 -d 10.100.5.0/24 -j FOWARD-FIREWALL # reject any not from either of those two ranges -A FORWARD -j REJECT -A INPUT-FIREWALL -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT-FIREWALL -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT-FIREWALL -j REJECT -A FOWARD-FIREWALL -m state --state RELATED,ESTABLISHED -j ACCEPT #80 443 and 53 are accepted -A FOWARD-FIREWALL -m tcp -p tcp --dport 80 -j ACCEPT -A FOWARD-FIREWALL -m tcp -p tcp --dport 443 -j ACCEPT #192.168.5.150 = openVPN sever -A FOWARD-FIREWALL -m tcp -p tcp -d 192.168.5.150 --dport 53 -j ACCEPT -A FOWARD-FIREWALL -m udp -p udp -d 192.168.5.150 --dport 53 -j ACCEPT -A FOWARD-FIREWALL -j REJECT COMMIT now I wait :D

    Read the article

  • Is there an alternative to /dev/urandom?

    - by altCognito
    Is there some faster way than /dev/[u]random? Sometimes, I need to do things like cat /dev/urandom /dev/sdb The random devices are "too" secure und unfortunately too slow for that. I know that there are wipe and similar tools for secure deletion, but I suppose there are also some on-board means to that in Linux.

    Read the article

  • key value coding-compliant for NSObject class?

    - by 4thSpace
    I've created a singleton class that loads a plist. I keep getting this error when I try to set a value: '[ setValue:forUndefinedKey:]: this class is not key value coding-compliant for the key test.' I have one key in the plist file. The key is named "test" and has no value associated with it. I set the value like this: [[PlistManager sharedManager].plist setValue:@"the title value" forKey:@"test"]; I look at the set plist dictionary and see this from within PlistManager: po self.plistDictionary { test = ""; } I get the error just as I'm leaving PlistManager in the debugger. PlistManager is of type NSObject. So no xibs. Any ideas on what I need to do?

    Read the article

  • .aspx character coding

    - by kwek-kwek
    I am having an problem. First time working with a windows server, do you know if there is any problem in character coding? My document is set to content="text/html; charset=UTF-8" but it's giving me funny words... you can check it here. This site is a pure HTML with few includes but anything else is just HTML. I can convert them to HTML entities but that is basically wasting my time. I never had this problem with any website I did except for this. Some others said "The problems seems to be that you have converted the text into utf-8 twice.". But how would Coverted it twice since dreamweaver should convert it for me but in this case it doesn't.

    Read the article

  • Interface builder problem: When hooking up an IBOutlet, getting "this class is not key value coding-

    - by Robert
    Here is what I do: 1) Create New UIViewController subclass , tick with NIB for interface builder 2) In the header: @interface QuizMainViewController : UIViewController { UILabel* aLabel; } @property (nonatomic, retain) IBOutlet UILabel* aLabel; @end 3) In the .m #import "QuizMainViewController.h" @implementation QuizMainViewController @synthesize aLabel; - (void)dealloc { [aLabel release]; [super dealloc]; } @end 4) Open the NIB In interface builder, drag a new UILabel into the view. I test the program here and it runs fine. 5) right click on file's owner, connect 'aLabel' from the Outlets to the UILabel. I run here and it crashes. Message from log: * Terminating app due to uncaught exception 'NSUnknownKeyException', reason: '[ setValue:forUndefinedKey:]: this class is not key value coding-compliant for the key aLabel.'

    Read the article

  • How to stop Lean programming becoming Cowboy Coding?

    - by Matt Howells
    My team has been progressively adopting more and more lightweight methodologies, moving from Scrum to Lean/Kanban where there is less and less formal process. At some point we will be back to Cowboy Coding; indeed I fear we may already be on the border line. Where can the line be drawn between a very lightweight Lean and Agile process and anarchy? How will we know when we have crossed the line? And how can we prevent ourselves from crossing the line? The question might also be phrased as, 'what processes cannot be safely eliminated in Lean's drive to eliminate waste'?

    Read the article

  • PHP: Coding long-running scripts when servers impose an execution time limit

    - by thomasrutter
    FastCGI servers, for example, impose an execution time limit on PHP scripts which cannot be altered using set_time_limit() in PHP. IIS does this too I believe. I wrote an import script for a PHP application that works well under mod_php but fails under FastCGI (mod_fcgid) because the script is killed after a certain number of seconds. I don't yet know of a way of detecting what your time limit is in this case, and haven't decided how I'm going to get around it. Doing it in small chunks with redirects seems like one kludge, but how? What techniques would you use when coding a long-running task such as an import or export task, where an individual PHP script may be terminated by the server after a certain number of seconds? Please assume you're creating a portable script, so you don't necessarily know whether PHP will eventually be run under mod_php, FastCGI or IIS or whether a maximum execution time is enforced at the server level.

    Read the article

  • How does the workflow between testers doing testing and coders doing the coding for pending testing

    - by dotnetdev
    In a large company that does software development, they often have dedicated teams for build management, testing, development, and so forth. Agile or not, how does this workflow amongst teams work? I mean would the test team write unit tests and then the dev team write code to adhere to these tests (basically TDD)? And then the test team may write tests for a completely different project or have a slight quiet period until the dev team have done their coding. What possible workflows are there? This is something that interests me greatly. I know that in my current company we are doing it incorrectly (we have 1 tester about 5 devs, which is small scale) but I am not sure how exactly to draw out the ideal workflow. Many (ok, an ex-Project Manager) have tried, but all failed.

    Read the article

< Previous Page | 18 19 20 21 22 23 24 25 26 27 28 29  | Next Page >