Search Results

Search found 41147 results on 1646 pages for 'database security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 27/1646 | < Previous Page | 23 24 25 26 27 28 29 30 31 32 33 34  | Next Page >

  • Designing persistence schema for BigTable on AppEngine

    - by Vitalij Zadneprovskij
    I have tried to design the datastore schema for a very small application. That schema would have been very simple, if not trivial, using a relational database with foreign keys, many-to-many relations, joins, etc. But the problem was that my application was targeted for Google App Engine and I had to design for a database that was not relational. At the end I gave up. Is there a book or an article that describes design principles for applications that are meant for such databases? The books that I have found are about programming for App Engine and they don't spend many words about database design principles.

    Read the article

  • How can we protect the namespace of an object in Javascript?

    - by Eduard Florinescu
    Continuing from my previous question: Javascript simple code to understand prototype-based OOP basics Let's say we run into console this two separate objects(even if they are called child and parent there is no inheritance between them): var parent = { name: "parent", print: function(){ console.log("Hello, "+this.name); } }; var child = { name: "child", print: function(){ console.log("Hi, "+this.name); } }; parent.print() // This will print: Hello, parent child.print() // This will print: Hi, child temp =parent; parent = child; child = temp; parent.print() // This will now print: Hi, child child.print() // This will now print: Hello, parent Now suppose that parent is a library, as a HTML5 application in a browser this cannot do much harm because is practically running sandboxed, but now with the advent of the ChromeOS, FirefoxOS and other [Browser] OS they will also be linked to a native API, that would be a head out of the „sandbox”. Now if someone changes the namespace it would be harder for a code reviewer (either automated or not ) to spot an incorrect use if the namespaces changes. My question would be: Are there many ways in which the above situation can be done and what can be done to protect this namespaces? (Either in the javascript itself or by some static code analysis tool)

    Read the article

  • How to protect Google Ads from yontoo layers runtime?

    - by Dharmavir
    Since sometime I have observed that Google Ads on any website including my blog (http://blogs.digitss.com) gets replaced with something similar to uploaded image below. I am sure it's happening with many people and that could reduce google adsense income. After some research I found that it is because "yontoo layers runtime" from http://www.yontoo.com/ (tagline says: Platform that allows you to control the websites you visit everyday.) but actually they are taking over. I am not sure with which software they are making a way into users computer but that seems very bad in terms of freedom of Internet and advt/marketing industry. I don't remember I have ever said "yes" to install yontoo on my computer. This piece of software is successful to install itself on my laptop/desktop and workstation at office. I am going to disable it now but the question is how do I make my websites aware of Yontoo Runtime and stop them from replacing Google Ads? Basically they are not able to replace all adsense ads but so far they are successfully replaced 1st instance of adsense advt and I am sure in future they will hit more. There could be 2 approaches 1) Fool yontoo runtime by putting some misleading divs in html document to save actual ads, 2) Completely disable yontoo by working out some client side script (javascript) which can fail/crash yontoo runtime and so will fail it's purpose of replacing ads. You can visit my blog (http://blogs.digitss.com) and see on top-right corner, if you find that google ad replaced with something similar to image attached with question - it means your computer/browser is infected too. Looking forward to reply from webmasters, if someone has already wrote some code/plugin to make website (and google ads) safe from yontoo or similar runtime. FYI: it was able to push this runtime in all browsers installed on machine. So a dangerous threat. And yes, I am just using Google ads - not sure if yontoo runtime is doing trick against other ad networks or not? I am sure they must be doing it with some handful of ad networks.

    Read the article

  • Oracle Database Machine: customer case at OOW2010

    - by rene.kundersma
    I proudly announce that on Openworld 2010, together with TUI I will be co-presenting the customer case on their Database Machine implementation. Our session number is S314935. The sesison will be about the business case, the choices made for the setup, how we did the migration to v1, the migration to v2. Also how we implemented backup/restore and disaster recovery solutions. It will be a very interesting case for everyone interested in customer implementations of the DBM ! Hope to see you there Rene Kundersma Technical Architect Oracle Technology Services

    Read the article

  • Where should I redirect (removed) phishing pages

    - by tinjaw
    I was unfortunately the victim of a PHP exploit. Looking through my webserver logs, people are still attempting to reach the URL used in the phish. I want to redirect them to a site that will educate these people on what phishing is. My question: Is there a (generic / vendor-neutral) phishing education website that you suggest I send them to with a 301 redirect? (I assume a 301 is the best option.)

    Read the article

  • Using SMO to drop a SQL Database

    - by ybbest
    SQL Server Management Objects(SMO) is the API you can use to manipulate the sql server,like create databse and delete database. To get more details you can check the msdn documentation. There are 2 ways you can drop a database 1. You could create a Database object and call Drop method: Dim database As Database = New Database(Your database name) database.Drop() 2.However if you have existing connections to the database ,attempting to drop it using the above method will fail.Recall that when you try to drop the database from management studio ,you can tick the check box to close all the connections before drop the database.It is not so obvious , but you can do the exact same thing using SMO: Dim server As Server= New Server(ServerConn) server.KillAllProcesses(Your database name) server.KillDatabase(Your database name)

    Read the article

  • Filtering content from response body HTML (mod_security or other WAFs)

    - by Bingo Star
    We have Apache on Linux with mod_security as the Web App Firewall (WAF) layer. To prevent content injections, we have some rules that basically disable a page containing some text patterns from showing up at all. For example, if an HTML page on webserver has slur words (because some webmaster may have copied/pasted text without proofreading) the Apache server throws a 406 error. Our requirement now is a little different: we would like to show the page as regular 200, but if such a pattern is matched, we want to strip out the offending content. Not block the entire page. If we had a server side technology we could easily code for this, but sadly this is for a website with 1000s of static html pages. Another solution might have been to do a cronjob of find/replace strings and run them on folders en-masse, maybe, but we don't have access to the file system in this case (different department). We do have control over WAF or Apache rules if any. Any pointers or creative ideas?

    Read the article

  • Database IDs

    - by fatherjack
    Just a quick post, mainly to test out the new blog format but related to a question on the #sqlhelp hashtag. The question came from Justin Dearing (@zippy1981) as: So I take it database_id isn’t an ever incrementing value. #sqlhelp When a new database is created it is given the lowest available ID. This either is in a gap in IDs where a database has been dropped or the database ID is incremented by one from the highest current ID if there are no gaps to fill. To see this in action, connect to your sandbox server and try this: USE MASTER GO CREATE DATABASE cherry GO USE cherry GO SELECT DB_ID() GO CREATE DATABASE grape GO USE grape GO SELECT DB_ID() GO CREATE DATABASE melon GO USE melon GO SELECT DB_ID() GO USE MASTER GO DROP DATABASE grape GO CREATE DATABASE kiwi GO USE kiwi GO SELECT DB_ID() GO USE MASTER GO DROP DATABASE cherry DROP DATABASE melon DROP DATABASE kiwi You should get an incrementing series of database IDs as the databases are created until the last one where the new database gets allocated the ID that is missing because one was dropped.

    Read the article

  • Do database tables need to have IDs?

    - by Arturas M
    Is an ID field is always needed in database tables? In my case I have a user with firstName, lastName and email fields. email is unique and not null, so it could be used as an ID, right? So in that case, could/should I try to remove the ID? Also I want to have another table which extends this one. Let's say its called patient and it has it's own field additionalData and I would like to link the relationship through the email of user I mentioned. So the relationship should be 1 to 1, right? and I wouldn't need the IDs? Somehow MySQL Workbench wants me to use the IDs. What do you guys think. Any suggestions on this topic?

    Read the article

  • Login - check database if user exists... (c#)

    - by SAMIR BHOGAYTA
    I have managed to do the following... string connectionString = "datasource=localhost;username=xxx;password=xxx;database=xxx"; MySqlConnection mySqlConnection = new MySqlConnection(connectionString); string selectString = "SELECT username, password " + "FROM forum_members " + "WHERE username = '" + frmUsername.Text + "' AND password = '" + frmPassword.Text + "'"; MySqlCommand mySqlCommand = new MySqlCommand(selectString, mySqlConnection); mySqlConnection.Open(); String strResult = String.Empty; strResult = (String)mySqlCommand.ExecuteScalar(); mySqlConnection.Close(); if (strResult.Length == 0) { Label1.Text = "INCORRECT USER/PASS!" //could redirect to register page } else { Label1.Text = "YOU ARE LOGGED IN!"; //set loggin in sessions variables }

    Read the article

  • .mdf Database Filetype

    - by James Izzard
    Would somebody be kind enough to correct my understanding of the following (if incorrect)? Microsoft's .mdf file-type can be used by both the LocalDB and the full Server database engines (apologies if engine is not the correct word?). The .mdf file does not care which of these two options are accessing it - so you could use either to access any given .mdf file, provided you had permissions and password etc. The LocalDB and the SQL Server are two options that can be interchangeably chosen to access .mdf files depending on the application requirements. Appreciate any clarification. Thanks

    Read the article

  • Webhosting with custom database choice [closed]

    - by churchill614
    Possible Duplicate: How to find web hosting that meets my requirements? I am trying to find somewhere to host a website which uses OrientDB as its database. My budget doesn't stretch to a dedicated server where I can configure everything as I need it. Rather, I am hoping to find somewhere, ideally UK based, that will allow me to install/install for me OrientDB on their server, that is of the normal shared server variety. Is anybody able to point me in a good direction for this please (whilst UK is preferable it is not essential)?

    Read the article

  • How to define a natural id in database?

    - by gcc
    There are a lot of manuals. I am trying to create an database to hold information of these documents. But, there is a small problem. How can I give meaningful id to the manuals? Are there any standard or logic behind the giving meaningful id to the documents? If there is no standard, can you tell me how I should do that? example: table : manual id | manual name EDIT: Not Meaningful ID 1 or M1 or foo 2 C2 bar 3 P123 name ... ... ... (i) (ii) (iii) (i) Not meaningful for me because if some item deleted, there can be gap. ex 1 33 100. (ii) random character can be confusing when one try to give a name to new manual (iii) Why giving name is not preferred is because finding a name to the manual as ID is hard after 500 manuals. Meaningful : New ID * Can be easily produced even if after 1000 manuals * Should not be so complicated

    Read the article

  • how to give meaningful id to the things in database

    - by gcc
    There are a lot of manuals. I am trying to create an database to hold information of these documents. But, there is a small problem. How can I give meaningful id to the manuals? Are there any standard or logic behind the giving meaningful id to the documents? If there is no standard, can you tell me how I should do that? example: table : manual id | manual name EDIT: Not Meaningful ID 1 or M1 or foo 2 C2 bar 3 P123 name ... ... ... (i) (ii) (iii) (i) Not meaningful for me because if some item deleted, there can be gap. ex 1 33 100. (ii) random character can be confusing when one try to give a name to new manual (iii) Why giving name is not preferred is because finding a name to the manual as ID is hard after 500 manuals. Meaningful : New ID * Can be easily produced even if after 1000 manuals * Should not be so complicated

    Read the article

  • Best Way to Handle Meta Information in a SQL Database

    - by danielhanly.com
    I've got a database where I want to store user information and user_meta information. The reason behind setting it up in this way was because the user_meta side may change over time and I would like to do this without disrupting the master user table. If possible, I would like some advice on how to best set up this meta data table. I can either set it as below: +----+---------+----------+--------------------+ | id | user_id | key | value | +----+---------+----------+--------------------+ | 1 | 1 | email | [email protected] | | 2 | 1 | name | user name | | 3 | 1 | address | test address | ... Or, I can set it as below: +----+---------+--------------------+--------------------+--------------+ | id | user_id | email | name | address | +----+---------+--------------------+--------------------+--------------+ | 1 | 1 | [email protected] | user name | test address | Obviously, the top verison is more flexible, but the bottom version is space saving and perhaps more efficient, returning all the data as a single record. Which is the best way to go about this? Or, am I going about this completely wrong and there's another way I've not thought of?

    Read the article

  • ?Oracle Database ?7??????????????

    - by OTN-J Master
    Oracle Database??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????!!(???????????????????????????????)????????????????????????????????????????OTN?????????????????????????????????????? ?????????????????????????????????????????????????????????????????????????????????????????????!???????????????(?????????????????) ???7????????????????? ?????????????? ???????? ?28??????LOB????????? ?????????????????????????????????????????????????????????????????????????????????????????13?????????????LOB(Large OBject)???????????????????????????????????????????????????????????????????????????????????????????????????? >> ????? ?????????????!DBA??? ???????? ?19? ????????·????????????????????????????MAA????????????????????????????Oracle???????????????????????Oracle Maximum Availability Architecture??????????????????????MAA??Oracle??????????????????????????????????????????MAA??????????????????????????????????????>> ????? OTN?????????????????????? ?????????????????????????????????

    Read the article

  • practical security ramifications of increasing WCF clock skew to more than an hour

    - by Andrew Patterson
    I have written a WCF service that returns 'semi-private' data concerning peoples name, addresses and phone numbers. By semi-private, I mean that there is a username and password to access the data, and the data is meant to be secured in transit. However, IMHO noone is going to expend any energy trying to obtain the data, as it is mostly available in the public phone book anyway etc. At some level, the security is a bit of security 'theatre' to tick some boxes imposed on us by government entities. The client end of the service is an application which is given out to registered 'users' to run within their own IT setups. We have no control over the IT of the users - and in fact they often tell us to 'go jump' if we put too many requirements on their systems. One problem we have been encountering is numerous users that have system clocks that are not accurate. This can either be caused by a genuine slow/fast clocks, or more than likely a timezone or daylight savings zone error (putting their machine an hour off the 'real' time). A feature of the WCF bindings we are using is that they rely on the notion of time to detect replay attacks etc. <wsHttpBinding> <binding name="normalWsBinding" maxBufferPoolSize="524288" maxReceivedMessageSize="655360"> <reliableSession enabled="false" /> <security mode="Message"> <message clientCredentialType="UserName" negotiateServiceCredential="false" algorithmSuite="Default" establishSecurityContext="false" /> </security> </binding> </wsHttpBinding> The inaccurate client clocks cause security exceptions to be thrown and unhappy users. Other than suggesting users correct their clocks, we know that we can increase the clock skew of the security bindings. http://www.danrigsby.com/blog/index.php/2008/08/26/changing-the-default-clock-skew-in-wcf/ My question is, what are the real practical security ramifications of increasing the skew to say 2 hours? If an attacker can perform some sort of replay attack, why would a clock skew window of 5 minutes be necessarily safer than 2 hours? I presume performing any attack with security mode of 'message' requires more than just capturing some data at a proxy and sending the data back in again to 'replay' the call? In a situation like mine where data is only 'read' by the users, are there indeed any security ramifications at all to allowing 'replay' attacks?

    Read the article

  • How to propagate spring security login to EJBs?

    - by tangens
    Context I have a J2EE application running on a JBoss 4.2.3 application server. The application is reachabe through a web interface. The authentication is done with basic authentication. Inside of the EJBs I ask the security context of the bean for the principal (the name of the logged in user) and do some authorization checks if this user is allowed to access this method of the EJB. The EJBs life inside a different ear than the servlets handling the web frontend, so I can't access the spring application context directly. Required change I want to switch to Spring Security for handling the user login. Question How can I propagate the spring login information to the JBoss security context so I can still use my EJBs without having to rewrite them? Ideas and links I already found a page talking about "Propagating Identity from Spring Security to the EJB Layer", but unfortunatelly it refers to an older version of Spring Security (Acegi) and I'm not familiar enough with Spring Security to make this work with the actual version (3.0.2).

    Read the article

  • What should every programmer know about security ?

    - by M.H
    I am an IT student and I am now in the 3rd year in university,until now we are studing a lot of subjects related to computer in general (Programming,Algorithms,Computer architecture,maths....etc). But there is a whole world called security we are very far from it ,I mean here security in general(Computers Security,Interner Security,Networks Security,hacking,cracking...etc). I am very sure that nobody can learn every thing about security but sure there is a "minimum" knowledge every programmer or IT student should know about it and my question is what is this minimum knowledge ? can you suggest some E-books or courses or any thing can help to start with this road ?

    Read the article

  • Which user account to assign as owner when attaching an SQL Server database?

    - by FreshCode
    This is a simple database security & performance question, but I've always used either a special user (eg. mydbuser), or Windows' built-in NETWORK SECURITY account as the owner when attaching databases to my SQL Server instances. When deploying my database to a production server, is there a specific user I should stick to or avoid? I would think that using an account with a set password could open the database up to a potential security issue.

    Read the article

  • How to do a database backup in DB2 in Vista?

    - by Daziplqa
    How to do a database backup in DB2 in Vista? Whenever I issued this command (login in Vista as Administrator): restore database myDB from D: taken at 20081013134446 the command line processor return the following error message: SQL1092N "ADMINISTRATOR" does not have the authority to perform the requested command. SQLSTATE=00000 So, How can I solve this problem?

    Read the article

  • What is the difference between safety and security?

    - by Lernkurve
    Question What is the difference between safety and security in the context of information management or computer science? Elaboration This could be the canonical answer for people searching for it. Let me know if superuser.com is the wrong site for this question. I have, of course, googled it and haven't found an answer that seemed short and to the point. Wikipedia wasn't very helpful either: safety, information security.

    Read the article

  • Automatically Applying Security Updates for AWS Elastic Beanstalk

    - by Eric Anderson
    I've been a fan of Heroku since it's earliest days. But I like the fact that AWS Elastic Beanstalk gives you more control over the characteristics of the instances. One thing I love about Heroku is the fact that I can deploy an app and not worry about managing it. I am assuming Heroku is ensuring all OS security updates are timely applied. I just need to make sure my app is secure. My initial research on Beanstalk shows that although it builds and configures the instances for you, after that it moves to a more manual management process. Security updates won't automatically be applied to the instances. It seems there are two areas of concerns: New AMI releases - As new AMI releases hit it seems we would want to run the latest (presumably most secure). But my research seems to indicate you need to manually launch a new setup to see the latest AMI version and then create a new environment to use that new version. Is there a better automated way of rotating your instances into new AMI releases? In between releases there will be security updates released for packages. Seems we want to upgrade those as well. My research seems to indicate people install commands to occasionally run a yum update. But since new instances are created/destroyed based on usage it seems that the new instances would not always have the updates (i.e. the time between the instance creation and the first yum update). So occasionally you will have instances that aren't patched. And you are also going to have instances constantly patching themselves until the new AMI release is applied. My other concern is that perhaps these security updates haven't gone through Amazon's own review (like the AMI releases do) and it might break my app to automatically update them. I know Dreamhost once had a 12 hour outage because they were applying debian updates completely automatically without any review. I want to make sure the same thing doesn't happen to me. So my question is does Amazon provide a way to offer fully managed PaaS like Heroku? Or is AWS Elastic Beanstalk really more of just a install script and after that you are on your own (other than the monitoring and deployment tools they provide)?

    Read the article

  • Use SECEDIT to export "Security Options" from one computer and import on another

    - by Andy Arismendi
    Can I use secedit.exe to export out the "Security Options" from the local security policy and then import them on another machine? I'm trying to do this on Windows Server 2008. Update I just tried with: secedit /export /db C:\andy.db /cfg C:\andy.inf /areas SECURITYPOLICY /log C:\andy.log But it didn't work with error: Warning 2: The system cannot find the file specified. Error opening C:\andy.db. Where do I get the DB file from?

    Read the article

  • Security update in command line on Ubuntu

    - by Luc
    Hello, I can find anything on google that could help me to use aptitude to only install security update using command line on Ubuntu. I tried this: https://help.ubuntu.com/community/AutomaticSecurityUpdates but it installed everything and not only the security updates !!!! Thanks a lot for your help, Luc

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 23 24 25 26 27 28 29 30 31 32 33 34  | Next Page >