Search Results

Search found 41147 results on 1646 pages for 'database security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 256/1646 | < Previous Page | 252 253 254 255 256 257 258 259 260 261 262 263  | Next Page >

  • How to choose NoSQL database engine?

    - by Poma
    We have a database with following specs: 30k records, 7mb in size 20 inserts/second 1000 updates/second 1000 range selects/second, by secondary index, approx 10 rows each needs at least one secondary index needs some mechanism to expire keys if they are not updated for 75 secs (can be done via programmatic garbage collector but will require additional 'last_update' index and will add some load) consistency is not required durability is not required db should be stored in memory For now we use Redis, but it does not have secondary index and it's keys index:foo:* is too slow. Membase also does not have secondary index (as far as I know). MongoDB and MySQL memory engine have table-level locks. What engine will fit our use case?

    Read the article

  • How can I tell if a host is bridged and acting as a router

    - by makerofthings7
    I would like to scan my DMZ for hosts that are bridged between subnets and have routing enabled. Since I have everything from VMWare servers, to load balancers on the DMZ I'm unsure if every host is configured correctly. What IP, ICMP, or SNMP (etc) tricks can I use to poll the hosts and determine if the host is acting as a router? I'm assuming this test would presume I know the target IP, but in a large network with many subnets, I'd have to test many different combinations of networks and see if I get success. Here is one example (ping): For each IP in the DMZ, arp for the host MAC Send a ICMP reply message to that host directed at an online host on each subnet I think that there is a more optimal way to get the information, namely from within ICMP/IP itself, but I'm not sure what low level bits to look for. I would also be interested if it's possible to determine the "router" status without knowing the subnets that the host may be connected to. This would be useful to know when improving our security posture.

    Read the article

  • PHP - Data Access Layer

    - by scarpacci
    I am currently reviewing a code base and noticed that a majority of the calls (along with DB connections) are just buried inside the PHP scripts. I would have assumed that like other languages they would have developed some sort of data access layer (Like I would do in .Net or Java) for all of the communication to the DB (or implemented MVC, etc). Is this still a common pattern in PHP or is there alternative methodologies/patterns for this technology? I am just trying to understand why the subs would have developed it this way. Any insight/info on how experienced developers design an approach data access in PHP would be very much appreciated.

    Read the article

  • Personally identifiable information (PII) on shared web hosting

    - by S. Cobbs
    Hey folks, I am providing web hosting services (shared and dedicated) and have had one of my shared hosting clients mention needing an SSL cert for their site where they are collecting insurance quotes in a form, including names and social security numbers. My privacy sense is tingling, and I'm pretty sure it's not legal (in the US) to do this on a shared system, but can't find anything to support my thoughts outside of PCI-DSS, but the customer isn't processing payments through the site so I'm not sure if that applies. I'm reading lots of policy documents where people advise to minimize and manage the PII footprint internally, but as the host I don't want to put all of my customer's clients at possible risk. I'm not looking here for legal advice necessarily, but perhaps someone in a similar position to mine can provide some rule of thumb or point me in the right direction.

    Read the article

  • Switch to switch encryption over a wireless bridge (TrustSec?)

    - by metatheorem
    I am planning to connect an existing Cisco 3750 switch to a 3560C switch over a wireless PTP bridge. The bridge will be WPA2 protected, but I am looking for an additional measure of security between the switches to prevent other wireless access through either switch. They do not support IPSec, only 802.1Q tunnels, and buying additional hardware is not likely an option. I am looking into using TrustSec manual mode between the switches. After some effort reading into TrustSec and MACsec, I am mostly certain this is a good choice over the wireless bridge, keeping in mind it is a shared medium. Two questions: Can I reliably prevent other wireless traffic from accessing the switches using TrustSec? Does anyone know of any better options with the 3000 series switches?

    Read the article

  • Why creating a new MDX language instead of extending SQL?

    - by DReispt
    I have a long experience with SQL, but recently began working with datawarehouse and OLAP technologies: building fact and dimension tables, that then are queried using MDX (MultiDimensional eXpressions). The problem is that MDX works with a completely different logic compared to SQL, and it's a whole new learning curve even for someone with a strong SQL background. Yes, MDX allows you to do things that would be hard or almost impossible with plain SQL. But sometimes it's frustrating to be hours around an MDX to do something you know you could achieve in minutes using SQL (ok, you can tell me to RTFM ...). But why go on to the trouble of creating a new completely different language when you could build on SQL, extend it to add the features needed by OLAP applications?

    Read the article

  • openVAS - Microsoft RDP Server Private Key Information Disclosure Vulnerability - false Alarm?

    - by huebkov
    I performed a openVAS scan on a Windows Server 2008 R2 and got a report for a high threat level vulnerability called Microsoft RDP Server Private Key Information Disclosure Vulnerability. An remote attacker could perform a man-in-the-middle attack to gain access to a RDP session. Affected Software is Microsoft RDP 5.2 and below. My server uses RDP 7.1, is this alarm a false alarm? Security Advisor Pages say: Solution Status Unpatched, No remedy... References http://secunia.com/advisories/15605/ http://xforce.iss.net/xforce/xfdb/21954/ http://www.oxid.it/downloads/rdp-gbu.pdf CVE: CVE-2005-1794 BID:13818

    Read the article

  • Which modules can be disabled in apache2.4 on windows

    - by j0h
    I have an Apache 2.4 webserver running on Windows. I am looking into system hardening and the config file httpd.conf. There are numerous load modules and I am wondering which modules I can safely disable for performance and / or security improvements. Some examples of things I would think I can disable are: LoadModule cgi_module others like LoadModule rewrite_module LoadModule version_module LoadModule proxy_module LoadModule setenvif_module I am not so sure they can be disabled. I am running php5 as a scripting engine, with no databases, and that is it. My loaded modules are: core mod_win32 mpm_winnt http_core mod_so mod_access_compat mod_actions mod_alias mod_allowmethods mod_asis mod_auth_basic mod_authn_core mod_authn_file mod_authz_core mod_authz_groupfile mod_authz_host mod_authz_user mod_autoindex mod_dav_lock mod_dir mod_env mod_headers mod_include mod_info mod_isapi mod_log_config mod_cache_disk mod_mime mod_negotiation mod_proxy mod_proxy_ajp mod_rewrite mod_setenvif mod_socache_shmcb mod_ssl mod_status mod_version mod_php5

    Read the article

  • How to secure a new server OS installation

    - by Pat R Ellery
    I bought (and just received) a new 1u dell poweredge 860 (got it on ebay for $35). I finished installing Ubuntu Server (Ubuntu Server 12.04.3 LTS), install apache/mariadb/memcache/php5 works great but I am scared about security. so far I am the only one using the server but eventually more people (friends, friends of friends) will use this server, use ssh etc... I want to know what can I do to secure all the information and not get hacked, both from the web or ssh or ddos and any other attack possible. Does Ubuntu Server does it for you right away? or I have to fix it my self? Thank you EDIT: I installed (so far): All dev tools ssh server LAMP I didn't install: Graphical interface

    Read the article

  • What is the best way to work with large databases in Java depending on context?

    - by user19000
    We are trying to figure out the best practice for working with very large DBs in Java. What we do is a kind of BI (business Intelligence), i.e analyzing very large DBs, and using them to create intermediate DBs that represent intelligent knowledge of the DBs. We are currently using JDBC, and just preforming queries using a ResultSet. As more and more data is being created, we are wondering whether more appropriate ways exist for parsing and manipulating these large DBs: We need to support 'chunk' manipulation and not an entire DB at once(e.g. limit in JDBC, very poor performance) We do not need to be constantly connected since we are just pulling results and creating new tables of our own. We want to understand JDBC alternatives, with respect to advantages and disadvantages. Whether you think JDBC is the way to go or not, what are the best practices to go by depending on context (e.g. for large DBs queried in chunks)?

    Read the article

  • Oracle Snapshot Not Working [closed]

    - by nayef harb
    i have created a snapshot that takes data from 2 tables and has a refresh rate of 1 day. The snapshot data is not refreshing it is still the same. is there something that i am missing ? Here is the code: CREATE SNAPSHOT test REFRESH COMPLETE START WITH SYSDATE NEXT sysdate + 1 AS select item_code,item_conc_code,tran_bran_code,sum(tran_qty) bal_qty from tranhist a, itemmast b where a.tran_item_code = b.item_code group by item_code,item_conc_code,tran_bran_code

    Read the article

  • How to secure a VM while allowing customer RDS (or equivalent) access to its desktop

    - by ChrisA
    We have a Windows Client/(SQL-)Server application which is normally installed at the customer's premises. We now need to provide a hosted solution, and browser-based isn't feasible in the short term. We're considering hosting the database ourselves, and also hosting the client in a VM. We can set all this up easily enough, so we need to: ensure that the customer can connect easily, and also ensure that we suitably restrict access to the VM (and its host, of course) We already access the host and guest machines across the internet via RDS, but we restrict access to it to only our own internal, very small, set of static IPs, and of course theres the 2 (or 3?)-user limit on RDS connections to a remote server. So I'd greatly appreciate ideas on how to manage: the security the multi-user aspect. We're hoping to be able to do this initially without a large investment in virtualisation infrastructure - it would be one customer only to start with, with perhaps two remote users. Thanks!

    Read the article

  • T-SQL Tuesday #015:Remaining on Alert

    - by AllenMWhite
    This T-SQL Tuesday is about Automation in SQL Server, and I'll bet you think I'm going to talk about PowerShell. Well, you're partially right. What I'd like to talk about today, though, is setting up alerts to automate some responses to naturally occuring phenomena on your SQL Servers. (Note: I first introduced this technique in an article on Simple Talk here ). Without going back to the original article, I'm talking about a safety valve process for when your transaction logs start to fill at rates...(read more)

    Read the article

  • Is disabling password login for SSH the same as deleting the password for all users?

    - by Arsham Skrenes
    I have a cloud server with only a root user. I SSH to it using RSA keys only. To make it more secure, I wanted to disable the password feature. I know that this can be done by editing the /etc/ssh/sshd_config file and changing PermitRootLogin yes to PermitRootLogin without-password. I was wondering if simply deleting the root password via passwd -d root would be the equivalent (assuming I do not create more users or new users have their passwords deleted too). Are there any security issues with one approach verses the other?

    Read the article

  • Does Windows 8 include the Windows Help program (WinHlp32.exe)?

    - by amiregelz
    In 2011, Symantec reported on the use of the Windows Help File (.hlp) extension as an attack vector in targeted attacks. The functionality of the help file permits a call to the Windows API which, in turn, permits shell code execution and the installation of malicious payload files. This functionality is not an exploit, but there by design. Here's the malicious WinHelp files (Bloodhound.HLP.1 & Bloodhound.HLP.2) detection heat map: I would like to know if the Windows Help program exists on my Windows 8 machine by default, because if it does I might need to remove it for security reasons. Does Windows 8 include the Windows Help program (WinHlp32.exe)?

    Read the article

  • T-SQL Tuesday #015:Remaining on Alert

    - by AllenMWhite
    This T-SQL Tuesday is about Automation in SQL Server, and I'll bet you think I'm going to talk about PowerShell. Well, you're partially right. What I'd like to talk about today, though, is setting up alerts to automate some responses to naturally occuring phenomena on your SQL Servers. (Note: I first introduced this technique in an article on Simple Talk here ). Without going back to the original article, I'm talking about a safety valve process for when your transaction logs start to fill at rates...(read more)

    Read the article

  • Possibility Program for number of pieces

    - by Brad
    I would like to put a program together to calculate the number of 60' pieces would be needed from a list of shorter pieces. For example, I sell rebar cut to length from our standard length of 60'-0". Now the length the customer requires are as follows: 343 pc @ 12.5' 35 pc @ 13' 10 pc @ 15' 63 pc @ 15.5'....... There are 56 total lengths ranging from 12.5' to 30.58' The idea is to limit the amount of waste from the 60' piece. The input from the user would be: number of differnt lengths Length of piece to cut from count of different lengths The result would be the number of prime pieces needed to fulfill the order. What well-known algorithms exist that could help me solve this problem?

    Read the article

  • Need data on disk drive management by OS: getting base I/O unit size, “sync” option, Direct Memory A

    - by Richard T
    Hello All, I want to ensure I have done all I can to configure a system's disks for serious database use. The three areas I know of (any others?) to be concerned about are: I/O size: the database engine and disk's native size should either match, or the database's native I/O size should be a multiple of the disk's native I/O size. Disks that are capable of Direct Memory Access (eg. IDE) should be configured for it. When a disk says it has written data persistently, it must be so! No keeping it in cache and lying about it. I have been looking for information on how to ensure these are so for CENTOS and Ubuntu, but can't seem to find anything at all! I want to be able to check these things and change them if needed. Any and all input appreciated.

    Read the article

  • Resize a new database to predicted maximum size

    - by John Oxley
    Currently I have a SQL Server database which is about 2 Gb. I know over the next year it's going to grow to a maximum of about 10Gb. Hard drive space is not an issue in the slightest. Is there a down side to resizing the datafile to 20Gb now, then defragmenting the hard drive? Should I resize the log file to 1Gb as well? Something ridiculously large so that fragmentation doesn't happen there either. With this question I would like to avoid the datafile becoming fragmented on the disk itself, but I don't want to negatively impact performance.

    Read the article

  • Our work name lately transformed to Revenue from Customer Support... Support? [on hold]

    - by Hollis Nieves
    I have been employeed from the same company (mobile phone business) for quite some time today like a Customer Support Represenative. I also have usually completed nicely until recently and loved the task. Into a Person Support/Revenue middleapproximately we've been converted by May and we've to purchase Television service to clients who call-in about their mobile phone service... They need us to become really manipulative with it. We havent had instruction on it. and our supervisors actually dont understand something about any of it possibly but need us to "Purchase! Purchase! Purchase!" ugggh. At I will become at my work any guidance? Revenue 've never be completed by me and I truly worry losing my work due to my performance. Revenue makes me uneasy... Any feedback could be appreciated

    Read the article

  • What does the red x icon mean next to a user in folder permissions (Windows 7)

    - by Scott Szretter
    In trying to debug various strange issues on a machine, I found something strange - when I go to C:\Users\administrator and get properties, security tab, it lists the users (the local admin account, system, and 'administrator' which is the domain administrator account). It all looks fine in terms of permissions (full control, etc.) compared to other machines. The one difference is there is a small red circle with an X to the left of the user icon/name. Additionally, there are various folders where it says access denied under there - for example, my documents! Even logged in as the local machine administrator account (which is not named administrator), I am unable to change the permissions - it says access denied. Any ideas what this means and how to fix it? I even tried re-joining the machine to the domain.

    Read the article

  • Access logs show someone "GET"ing a random ip, why does this return 200?

    - by Wilduck
    I have a small linux box set up with Apache as a way to teach myself Apache. I've set up port forwarding on my router so it's accessible from the outside world, and I've gotten a few strange requests for pages that don't exist from an ip address in China. Looking at my access_log shows that most of these return 404 errors, which I'm guessing is a good thing. However, there is one request that looks like this: 58.218.204.110 - - [25/Dec/2010:19:05:25 -600] "GET http://173.201.161.57/ HTTP/1.1" 200 3895 I'm curious what this request means... That ip address is unconnected to my server as far as I know, and visiting it simply tells me information about my uid. So, my questions are: How is it that this request is showing up in my access_log, why is it returning 200, and is this a bad thing (do I need to set up more security)?

    Read the article

  • Mission Critical: SQL Server Upgrade

    You're faced with the task of doing a SQL Server Upgrade? Do you know all the steps, and the right order to do them? You do? Even with interruptions and distractions? Maybe, but it is wise to be able to refer to the Mission-Critical Task checklist.

    Read the article

  • Oracle Enterprise Manager 12c - New tools announced at OOW

    - by Cinzia Mascanzoni
    Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin:0cm; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Calibri","sans-serif"; mso-bidi-font-family:"Times New Roman";} Oracle announced enhanced tools and programs for Oracle Enterprise Manager 12c, including a new Enterprise Manager Extensibility Exchange, updated Oracle PartnerNetwork Enterprise Manager Knowledge Zone, and additional Enterprise Manager Extensibility Kit resources, enabling management of all software and hardware assets from a “single pane of glass,” to help partners accelerate their transformation to the public and private cloud.

    Read the article

  • Active Directoy GPO

    - by Phillip R.
    I am looking into some weird issues with active directory and group policy. This domain has been upgraded from windows NT and has a few different administrators over the years. I am looking through the Default Domain group policy and Default Domain Controller group policy. In the security areas and I will use the log on locally area as an example, it shows SIDes that begin with asterisks and are quite long they look sort of like the following *S-1-5-21-787626... Normally, when I see something like this I would think that the User account was no longer there and this was never cleaned up. Am I wrong in my assumption? Thanks in advance

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 252 253 254 255 256 257 258 259 260 261 262 263  | Next Page >