Get to know Linux: AppArmor
<b>Ghacks:</b> "Linux is such a strong operating system for two primary reasons – by design and with the help of security systems like AppArmor and SELinux."
Search Results
Search found 13222 results on 529 pages for 'security gate'.
Page 257/529 | < Previous Page | 253 254 255 256 257 258 259 260 261 262 263 264 | Next Page >
-
-
Oracle Magazine, March/April 2009
Oracle Magazine March/April features articles on next-generation data centers, Oracle and midsize businesses, efficient business processes, improving performance and management of Oracle Database 11g, managing Oracle Application Express, Technologist Tom Kyte, Oracle ADF, PL/SQL best practices, the HP Oracle Database Machine, security with Oracle Configuration Manager and much more.Read the article
-
Oracle OpenWorld Latin America 2012 - Middleware Session
- by Roberto Monteiro
Oracle Fusion Middleware PaaS and Oracle Java Cloud Service Roberto Monteiro, Senior Sales Consultant, OracleIn this session, learn how Oracle Fusion Middleware platform as a service (PaaS) can supercharge productivity with instant access to a platform for developing and deploying business applications in the cloud, complete with integrated security and database access. See how these capabilities are used by Oracle Java Cloud Service. Dec 4 - 17:15 - Mezzanine: Room 7Read the article
-
Tweaking Hidden Settings With Ubuntu Tweak On Ubuntu 9.10
<b>Howtoforge:</b> "Ubuntu Tweak is a tool that lets you change hidden Ubuntu settings, for example: hide or change the splash screen, show or hide the Computer, Home, Trash, and Network icons, change Metacity, Nautilus, power management, and security settings, etc."Read the article
-
CVE-2008-6536 Unspecified vulnerability in 7-zip
- by chandan
CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2008-6536 Unspecified vulnerability 10.0 7-zip Solaris 10 SPARC: 137321-02 x86: 137322-02 Solaris 9 SPARC: 137477-02 x86: 137478-02 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.Read the article
-
java webservice requires usernametoken over basichttpbinding (3 replies)
I need to call a Java webservice. I can add a service reference without problems, and I get Intellisense in Visual Studio. However, when I try to call a service method I get an error message saying "Missing (user) Security Information". I n my code I try to set usercredentials: testWS.WarrantyClaimServiceClient svc new TestClient.testWS.WarrantyClaimServiceClient(); svc.ClientCredentials.UserName....Read the article
-
Tax Time Brings Out New Phishing Scams
Network security software vendor SonicWall is warning Internet users that it's seeing a dramatic increase in new phishing scams related to the upcoming IRS tax filing deadline.Read the article
-
MOSS 2007 WSP Retraction 'Error"
- by juanlarios
This one is a quick post , but I thought I would post this information as I could not find anything that helped me on this specific scenario. Please read the entire article before taking action as there are some irreversable or very troublesome routes I caution about! Problem: I had a client trying to retract a WSP from Central Admin and would eventually go to an, 'Error' State. I could not retract it and after looking at event logs I figured it was a problem with security. I tried several accounts, checked the databases to see if there was some issue with readonly databases and nothing was working. Solution: Delete the solution from central admin! Yes, I said it. With StsAdm , just delete the solution from Central Admin using this command: "C:\Program Files\Common Files\Microsoft Shared\web server extensions\12\BIN\STSADM.exe" -o deletesolution -name "yoursolution.wsp" What has just happened is that Central Admin does not know about the WSP anymore but the feature and any deployed files are still on the server. For whatever reason SharePoint was not able to retract the files as it normally does. Now you can do one of two things, you can add the solution again to central admin and deploy overtop of the deployed files so it overrides them, or simply clean up the files manually. I re-added the solution through stsadm, but then deployed through stsadm using the -force option in the command. This overrides the existing files on the server. If you deploy through Central admin it will tell you you need the -force option that is not offered as part of the UI in central admin. Use the following command: "C:\Program Files\Common Files\Microsoft Shared\web server extensions\12\BIN\STSADM.exe" -o deploysolution -name "YourSolution.wsp" -immediate -allowgacdeployment -force Just to make sure everything was good, I retracted to solution again, and it worked! then I deleted the solution from central admin alltogether. Then I checked the server and noticed all the files that were deployed with the WSP were cleaned up properly. I then re-added the new WSP the client was looking to install (an Updated WSP). Conclusion: I have no idea why it was not able to retract, but I have seen this several times. I don't know if has to do with security of certain accounts. Althought it's anoying at times, it is fairly easy to fix if you have good instructions. Hope it helps you out! ***WORD OF CAUTION - if you clean up the files manually you might want to uninstall the features through STSADM commands as SharePOint might still recognize the features that were deployed as the WSP. You might not want to get into the mess of deleting files that are still part of activated or installed Features. THis is why I suggest doing what I did.Read the article
-
Oracle E-Business Suite: Great for Small and Medium Size Organizations
RedDOT is a 100% employee owned business with sales revenues in the 100 million dollar range. They use Oracle E-Business Suite to manage their Financials, Purchasing, Manufacturing, Sales and Suppliers. One of the interesting things about this company is that they run their entire I.T. operation with a staff of four, which not only includes Oracle, but the corporate desktop (Microsoft Enterprise User), Parametric Technology Pro Engineer Suite, web services and security, e-business web site and telephones. They not only support Seattle, but operations in Memphis, TN, Ipswich, UK, and Shanghai.Read the article
-
ASP.NET High CPU Bringing Servers to their Knees
- by user880954
Ok, our new build is having 100% cpu spikes on each server at random intervals. For long durations it make the site totally unresponsive - this will be at peak times as people in different countries log on to the site etc. We've looked at perfmom, memory profilers, CLR profiler, sql profilers, Red gate ants profiler, tried load testing in UAT - but cannot even reproduce the problem. This could mean only thousands of users hitting the live site causes it to happen. One pattern we did notice was that the new code - the broken build - actually uses noticably less threads. We are also using spring for IOC - does this have a bed reputation? To make things worse, we cannot deploy to live due to the business impact - so cannot narrow the problem down to subset of the new features we've added. We truly are destroyed - has anyone got any battle scars that may save us a few lives?Read the article
-
Új adatbázis-biztonsági termék: Audit Vault and Database Firewall, lényegesen olcsóbban
- by user645740
Az Oracle összevonta az Audit Vault és a Database Firewall termékeket, még szélesebb felhasználói körnek elérhetové téve az adatbázisok biztonságának magasabb szintjét. Az új termék, az Oracle Audit Vault and Database Firewall (AVDF) mostantól kedvezobb áron érheto el. A jelentések megtekintéséhez restricted use-ban tartalmazza a Business Intelligence Publisher licencet. Az adatgyujto, management szerver komponensek kiemelten védettek, az Audit Vault Server és a Database Firewall szerverekre restricted use-ban használhatók:Oracle Database Enterprise Edition, Database Vault, Partitioning, Advanced Compression és Advanced Security.Read the article
-
CVE-2008-3529 Buffer overflow vulnerability in libxml2
- by chandan
CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2008-3529 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 10.0 libxml2 Solaris 10 SPARC: 125731-07 X86: 125732-07 Solaris 9 Contact Support This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.Read the article
-
Investing in Servers by Intel
- by Koushal Deshpande
Originally posted on: http://geekswithblogs.net/BizTalkAndOtherTechs/archive/2013/10/31/investing-in-servers-by-intel.aspxA nice article reference from Intel, refer here. Referees to cloud as well. Choose correctly what you need. 1 Do determine right server for your company. There is no use getting a server that has redundant services but still add to the costs. 2 Do get servers that can be upgraded. A server with limited memory and storage may not be able to keep up with your business growth. The basic memory and storage options might not be sufficient. Consider at least 8GB of RAM and 1 terabyte of hard disk space. 3 Do check the server has at least one Gigabit Ethernet port. This allows high speed transferring of files and increases productivity for your employees. USB and Firewire ports may not be enough as their transfer speed is too low and will affect the productivity of your company. Infinite Technologies is ready to help perform this upgrade. Contact Infinite Technologies now View our other resellers » 4 Do verify that the server comes with documentation. Documentation allows you to make a claim when your server breaks down and is supported by a warranty. 6 Do check the support options for the server from the manufacturer. Different manufacturer has different support options such as maintenance plans and software upgrades. 5 Do always look into the warranty. Get an enhanced warranty that guarantees response and repair time to avoid disruption. 7 Do get server management tools that can be used on any computer. Server management tools should be cross compatible across different operating systems to take into account future PC replacements. 8 Do check the power usage of the servers. Get the right power supply to avoid damaging server hardware and consider the Intel® Xeon® E3 processor to help save on your electricity bills. 9 Do check what built-in security packages are available. Ensure that your server is protected. Built-in security1 helps you save on getting add on security packages.Read the article
-
CVE-2011-4128 Buffer Overflow vulnerability in gnutls
- by Umang_D
CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-4128 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 4.3 gnutls Solaris 11 11/11 SRU 12.4 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.Read the article
-
CVE-2011-3256 Denial of Service (DoS) vulnerability in FreeType 2
- by chandan
CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-3256 Denial of Service (DoS) vulnerability 4.3 FreeType 2 Library Solaris 11 Contact Support Solaris 10 SPARC: 119812-13 X86: 119813-15 Solaris 9 Contact Support Solaris 8 Contact Support This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.Read the article
-
Use Entitlements To Secure LDAP-enabled Applications With Oracle Virtual Directory and Oracle Entitl
- by mark.wilcox
I stumbled on an interesting article that shows how the author used OVD to exposed OES security to protect a portal that only understood LDAP group-based authorization.This is great because it shows how you can use OES today to build central policies that can be used without needing to rewrite all of your applications - in particular if you just want to leverage rule-based groups. Posted via email from Virtual Identity DialogueRead the article
-
U of T sleuths track Internet espionage ring to China
<b>The Star:</b> "A massive cyber espionage network has infiltrated the Indian government and also hacked into a year's worth of the Dalai Lama's emails, according to a team of computer security experts co-led by University of Toronto researchers."Read the article
-
A Short Guide To Html Form Builder
HTML form builder is used for additional security and to increase interaction with visitors. There are several benefits of form builder and it is the perfect way to unleash the potential. Form builde... [Author: Caimile Essien - Web Design and Development - April 21, 2010]Read the article
-
Resources relating to Java EE and Scala
- by Ant Kutschera
Are there any good sites / blogs / books / articles on using Java EE together with Scala? Or indeed articles saying that it should not be done. Many Scala resources talk about using Akka and Lift. Akka solves a different domain problem than Java EE. I don't know Lift, but I assume its geared towards the web end of Java EE and doesn't replace app server containers which provide transactions, security, scalability, resource management, reliability, etc. (all those things which Java EE markets itself as being good at).Read the article
-
PowerShell & SQL Compare
- by Grant Fritchey
Just a quick blog post to share a couple of scripts for using PowerShell to call SQL Compare. This is an example from my session at SQL in the City on setting up a sandbox development process. This just runs a compare between a set of scripts and a database and deploys it. set-Location “c:\Program Files (x86)\Red Gate\SQL Compare 10\”; ./sqlcompare /s2:DOJO /db2:MovieManagement_Sandbox /sourcecontrol1 /vu1:grant /vp1:12345 /r1:HEAD /sfx:scripts.xml /sync /mfx:migrations.xml /verbose; I would not recommend using the /verbose output for real automation, but I’m showing off how the tool works. This particular script does a compare straight from source control to a database on my server. You can use variables where I’ve hard coded. That’s it. Works great. Just wanted to share it out there. I have others that I’ll track down and put up here.Read the article
-
WIF, ADFS 2 and WCF–Part 2: The Service
- by Your DisplayName here!
OK – so let’s first start with a simple WCF service and connect that to ADFS 2 for authentication. The service itself simply echoes back the user’s claims – just so we can make sure it actually works and to see how the ADFS 2 issuance rules emit claims for the service: [ServiceContract(Namespace = "urn:leastprivilege:samples")] public interface IService { [OperationContract] List<ViewClaim> GetClaims(); } public class Service : IService { public List<ViewClaim> GetClaims() { var id = Thread.CurrentPrincipal.Identity as IClaimsIdentity; return (from c in id.Claims select new ViewClaim { ClaimType = c.ClaimType, Value = c.Value, Issuer = c.Issuer, OriginalIssuer = c.OriginalIssuer }).ToList(); } } The ViewClaim data contract is simply a DTO that holds the claim information. Next is the WCF configuration – let’s have a look step by step. First I mapped all my http based services to the federation binding. This is achieved by using .NET 4.0’s protocol mapping feature (this can be also done the 3.x way – but in that scenario all services will be federated): <protocolMapping> <add scheme="http" binding="ws2007FederationHttpBinding" /> </protocolMapping> Next, I provide a standard configuration for the federation binding: <bindings> <ws2007FederationHttpBinding> <binding> <security mode="TransportWithMessageCredential"> <message establishSecurityContext="false"> <issuerMetadata address="https://server/adfs/services/trust/mex" /> </message> </security> </binding> </ws2007FederationHttpBinding> </bindings> This binding points to our ADFS 2 installation metadata endpoint. This is all that is needed for svcutil (aka “Add Service Reference”) to generate the required client configuration. I also chose mixed mode security (SSL + basic message credential) for best performance. This binding also disables session – you can control that via the establishSecurityContext setting on the binding. This has its pros and cons. Something for a separate blog post, I guess. Next, the behavior section adds support for metadata and WIF: <behaviors> <serviceBehaviors> <behavior> <serviceMetadata httpsGetEnabled="true" /> <federatedServiceHostConfiguration /> </behavior> </serviceBehaviors> </behaviors> The next step is to add the WIF specific configuration (in <microsoft.identityModel />). First we need to specify the key material that we will use to decrypt the incoming tokens. This is optional for web applications but for web services you need to protect the proof key – so this is mandatory (at least for symmetric proof keys, which is the default): <serviceCertificate> <certificateReference storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectDistinguishedName" findValue="CN=Service" /> </serviceCertificate> You also have to specify which incoming tokens you trust. This is accomplished by registering the thumbprint of the signing keys you want to accept. You get this information from the signing certificate configured in ADFS 2: <issuerNameRegistry type="...ConfigurationBasedIssuerNameRegistry"> <trustedIssuers> <add thumbprint="d1 … db" name="ADFS" /> </trustedIssuers> </issuerNameRegistry> The last step (promised) is to add the allowed audience URIs to the configuration – WCF clients use (by default – and we’ll come back to this) the endpoint address of the service: <audienceUris> <add value="https://machine/soapadfs/service.svc" /> </audienceUris> OK – that’s it – now we have a basic WCF service that uses ADFS 2 for authentication. The next step will be to set-up ADFS to issue tokens for this service. Afterwards we can explore various options on how to use this service from a client. Stay tuned… (if you want to have a look at the full source code or peek at the upcoming parts – you can download the complete solution here)Read the article
-
Got that Friday feeling?
- by Rebecca Amos
Saturday is just around the corner, and we’re all starting to wrap up for the weekend. If you’re the DBA that ‘Friday feeling’ might be as much about checking and preparing your SQL Servers for the next two days, as about looking forward to spending time with friends and family. Whether you’re double-checking your disaster recovery strategy, or know that it’s your turn to be on-call this weekend, it’s likely you’re preparing for the worst, just in case. The fact that you’re making these checks, and caring about both your servers and your users, means that you might be an exceptional DBA. You’re already putting in that extra effort to make other people’s lives easier. So why not take some time for your professional development and enter the Exceptional DBA Awards? If you’re looking for some inspiration for your entry, download our Judges’ Top Tips poster for advice on what the judges are looking for from this year’s entrants. Not only will you be boosting your professional development, but you could win full conference registration for the 2011 PASS Summit in Seattle (where the awards ceremony will take place), four nights' hotel accommodation, and a copy of Red Gate’s SQL DBA Bundle. So take some time out for yourself this weekend and get started on your entry: www.exceptionaldba.comRead the article
-
Antenna Aligner Part 3: Kaspersky
- by Chris George
Quick one today. Since starting this project, I've been encountering times where Nomad fails to build my app. It would then take repeated attempts at building to then see a build go through successfully. Rob, who works on Nomad at Red Gate, investigated this and it showed that certain parts of the message required to trigger the 'cloud build' were not getting through to the Nomad app, causing the HTTP connection to stall until timeout. After much scratching heads, it turns out that the Kaspersky Internet Security system I have installed on my laptop at home, was being very aggressive and was causing the problem. Perhaps it's trying to protect me from myself? Anyway, we came up with an interim solution why the Nomad guys investigate with Kaspersky by setting Visual Studio to be a trusted application with the Kaspersky settings and setting it to not scan network traffic. Hey presto! This worked and I have not had a single build problem since (other than losing internet connection, or that embarrassing moment when you blame everyone else then realise you've accidentally switched off your wireless on the laptop).Read the article
-
Multiple vulnerabilities in Network Time Protocol (NTP)
- by chandan
CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2009-0021 Improper Authentication vulnerability 5.0 Firmware SPARC T3-4 SPARC: 147317-01 SPARC T3-2 SPARC: 147316-01 SPARC T3-1B SPARC: 147318-01 SPARC T3-1 SPARC: 147315-01 Netra SPARC T3-1B SPARC: 147320-01 Netra SPARC T3-1 SPARC: 147319-01 Netra SPARC T3-1BA SPARC: 144609-07 CVE-2009-0159 Buffer Overflow vulnerability 6.8 CVE-2009-3563 Denial of Service (DoS) vulnerability 6.4 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.Read the article
-
HTG Explains: Do You Need to Worry About Updating Your Desktop Programs?
- by Chris Hoffman
There was a time when we had to worry about manually updating desktop applications. Adobe Flash and Reader were full of security holes and didn’t update themselves, for example — but those days are largely behind us. The Windows desktop is the only big software platform that doesn’t automatically update applications, forcing every developer to code their own updater. This isn’t ideal, but developers have now largely stepped up to the plate.Read the article
