Search Results

Search found 5864 results on 235 pages for 'secure gateway'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 27/235 | < Previous Page | 23 24 25 26 27 28 29 30 31 32 33 34  | Next Page >

  • How secure is TeXShop+Truecrypt on OS X?

    - by trolle3000
    Hello All of the question I would like to ask is pretty much contained in the title... I have a couple Truecrypt-encrypted folders on OS X, where I keep some .tex documents I edit in TeXShop, and the question is: does TexShop 'bleed' information? Does it store temporary files anywhere else on the system? Filenames, filecontents etc. Cheers!

    Read the article

  • Efficient way to secure tomcat database connections

    - by Greymeister
    Our customer has a problem with database information in plaintext within a server.xml or context.xml file on the Tomcat server. I've looked at several sites like OWASP and it seems like there's no obvious solution. I've also seen things like this wordpress blog which describe implementing a custom Tomcat extension to do this. There must exist some standard implementation(s) already without having to roll your own. Does anyone have experience with such a solution?

    Read the article

  • How to implement a secure authentication over HTTP?

    - by Zagorax
    I know that we have HTTPS, but I would like to know if there's an algorithm/approach/strategy that grants a reasonable security level without using SSL. I have read many solution on the internet. Most of them are based on adding some time metadata to the hashes, but it needs that both server and client has the time set equal. Moreover, it seems to me that none of this solution could prevent a man in the middle attack.

    Read the article

  • Whats a good secure Windows FTP server?

    - by Keith Nicholas
    Whats a good FTP server? I have been running FileZilla, which seems okish. But I've noticed that a lot of people try to hack ftp servers and FileZilla only has very basic controls to prevent people from hacking. (so far no ones actually managed to get in... so thats good!) I was wondering if there were better options out there? Especially interested in recommendations from people who know they get targeted by hackers.

    Read the article

  • Secure Browsing, how [closed]

    - by Jhonny Bigodes
    Possible Duplicate: How to browse safely? What's the best way to browse "suspicious" sites safely. I know Firefox used to be "the thing", but now I don't think it is (IMHO). What I'm using now is a virtual machine (with virtual box), rhat I periodically format. I heard some time ago of a project that glued the 2 together (kinda... everytime you startup the program it used a fresh machine with a fresh browser), but I lost track of them So my question is: How can I Browse the web securely ? Ps.: In in ubuntu

    Read the article

  • Secure copy uucp style

    - by Alexander Janssen
    I often have the case that I have to make a lot of hops to the remote host, just because there is no direct routing between my client and the remote host. When I need to copy files from a remote host two or more hops away, I always have to: client$ ssh host1 host1$ ssh host2 host2$ scp host3:/myfile . host2$ exit host1$ scp host2:myfile . host1$ exit client$ scp host1:myfile . Back when uucp still was being used this would be as simple as a uucp host1!host2!host3 /myfile . I know that there's uucp over ssh, but unfortunately I don't have the proper privileges on those machines to set it up. Also, I'm not sure if I really want to fiddle around with customer's machines. Does anyone know of a method doing this tasks without the need to setup a lot of tunnels or deploying new software to remote hosts? Maybe some kind of recursive script which clones itself to all the remote hosts, doing the hard work for me? Assume that authentication takes place with public keys and that all hosts do SSH Agent Forwarding. Edit: I'm not looking for a way to automatically forwarding my interactive sesssion to the nexthop host. I want a solution to copy files bangpath-style using scp via multiple hops without the need to install uucp on any of those machines. I don't have the (legal) rights or the privileges to make permanent changes to the ssh-config. Also, I'm sharing this username and hosts with a lot of other people. I'm willing to hack up my own script, but I wanted to know if anyone knows something which already does it. Minimum-invasive changes to hosts on the bangpath, simple invocation from the client. Edit 2: To give you an impression of how it's properly been done in interactive sessions, have a look at the GXPC clustershell. This is basically a Python-script, which spwans itself over to all remote hosts which have connectivity and where your ssh-key is installed. The great thing about it is, that you can tell "I can reach HostC via HostB via HostA." It just works. I want to have this for scp.

    Read the article

  • Different Servers for incoming mails

    - by André
    Hi everybody, not sure if what I want is possible so I´d appreciate any pointers. I have full control over the infrastructure (DNS and servers) Currently I receive mails for domain.tld. MX record for domain.tld is gw.domain.tld. gw then does some spam and virus checking and forwards the mails to the internal exchange server. GW is a Proxmox Mail Gateway Box (Free license) Now what I want is to distribute mails for different recipients to other mail servers. Basicly I only want [email protected] and [email protected] to go to the exchange as before, but all others go to a different mail server (based on linux). Any idea how I could achieve this?

    Read the article

  • How to secure svn+ssh checkout users?

    - by vvanscherpenseel
    All our SVN repositories are hosted on a dedicated machine on which all the developers have access. Every now and then we need to checkout a repository on a machine we don't own or operate ourselves. Currently we all use our own system (SSH) account for this, but instead I would like to use some generic 'checkoutsvn' user that can be used for this. This user is only used for checking out from a repository, but should not be allowed to log in to the system (no shell access). I tried to do this by setting the default shell of that account to /sbin/nologin but then SVN fails, as apparently svn+ssh requires shell access. How do you do this? Is there a good solution for this?

    Read the article

  • New Secure Website with Apache Reverse Proxy

    - by jtnire
    I wish to set up a new website that will be accessed by users using HTTPS. I think it is good practise to put the "real" web server in a seperate subnet, and then install an Apache Reverse Proxy in a DMZ. My question is, where should I put the SSL cert(s)? Should I a) Use a self-signed cert on the "real" web server, and a proper cert on the reverse proxy? b) Use 2 real certs on both the "real" web server and the reverse proxy? c) Don't use any cert on the "real" web server, and use a proper cert on the reverse proxy? I'd like to use a) or c), if possible. I also don't want anyone's browser complaining of a self-signed cert. Thanks

    Read the article

  • Avoid access to www subdomain on secure server

    - by user44654
    I have an SSL certificate that is valid for mysite.co.uk but not www.mysite.co.uk it seems. If I use mod_rewrite or .htaccess to redirect from one to the other will this prevent browsers from displaying an invalid certificate security warning if someone tries to access www.mysite.co.uk? (I've tried redirection but still get the warning if I type https://www.mysite.co.uk directly into the address bar of my browser. I want to know if this is because the redirection isn't working or if the browser will display the warning anyway.) I hope that makes sense.

    Read the article

  • Secure IIS/MS-SQL.

    - by user30850
    I have Windows Server 2008, with IIS 7.5 and SQL Server 2008. I want to install DotNetNuke which is an ASP.NET application. What are the necessary precautions to not to get pwn3d.

    Read the article

  • Store system passwords with easy and secure access

    - by CodeShining
    I'm having to handle several VPS/services and I always set passwords to be different and random. What kind of storage do you suggest to keep these passwords safe and let me access them easily? These passwords are used for services like databases, webserver user and so on that run customers' services, so it's really important to keep them in a safe place and strong. I'm actually storing them in a google drive spreadsheet file, describing user, password, role, service. Do you know of better solutions? I'd like to keep them on a remote service to make sure I don't have to make backup copies (in case my hdd would fail somehow). I do work on *nix platforms (so windows specific solutions are not a choice here).

    Read the article

  • How to secure a VM while allowing customer RDS (or equivalent) access to its desktop

    - by ChrisA
    We have a Windows Client/(SQL-)Server application which is normally installed at the customer's premises. We now need to provide a hosted solution, and browser-based isn't feasible in the short term. We're considering hosting the database ourselves, and also hosting the client in a VM. We can set all this up easily enough, so we need to: ensure that the customer can connect easily, and also ensure that we suitably restrict access to the VM (and its host, of course) We already access the host and guest machines across the internet via RDS, but we restrict access to it to only our own internal, very small, set of static IPs, and of course theres the 2 (or 3?)-user limit on RDS connections to a remote server. So I'd greatly appreciate ideas on how to manage: the security the multi-user aspect. We're hoping to be able to do this initially without a large investment in virtualisation infrastructure - it would be one customer only to start with, with perhaps two remote users. Thanks!

    Read the article

  • Configure clients to navigate through specific wan. Pfsense

    - by leandronn
    I have a machine with a pfsense running. It is configured with three ethernet cards. LAN 192.168.2.1/21 WAN1 200.41.X.2/24 WAN2 200.41.X.3/24 ISP Gateway 200.41.X.1 This is a connection with 5 different IP addresses. WAN1 and WAN2 are directly connected to my ISP router. I need a way to configure some clients navigating through WAN1 and some through WAN2. I am new to pfsense so, please, if you can send me some examples to do this. I can add two squids if it is necessary. Thanks a lot.

    Read the article

  • Secure filesharing protocol for fileserver

    - by Hugo
    I'm setting up a fileserver, and I want lots of clients to easily access it. Up to now I've always used SSHFS to share between different PCs, but since I'm setting up a single fileserver, I'm looking for other common alternatives. Up to now I've seen: AFS: It seems it has no security, traffic is unencrypted, so it would require an SSH tunnel. If I'm to use SSH, I'd just use SSHFS. NFS: Same as above. Also, setting up the server is not so straighforward, it doesn't seem to be KISS enough - at least not for my liking. SMB: Same as AFS. It also seems not to be too well documented, and technically, seems a bit poor. It also seems the protocol isn't formally standardized. SSHFS has security, but as a downside, requieres every user to have an account on the server - there's no way to make a certain directory PUBLIC either. I don't think it has locking, and isn't very fault-tolerant. Are there any alternatives I've missing?

    Read the article

  • Secure Standalone Server Plus Firewall Unit [closed]

    - by orbitron
    We need to send a 2U server, 1U UPS and 1U firewall to a third-party. The thing is, it needs to be a secured case (locked unit) that has proper airflow and we can have power and networking cables coming out of the back. We've googled far and wide and have only been able to find 'hard case' units that offer some level of security but they are extremely bulky and require freight delivery. Thank you for any insight or solutions.

    Read the article

  • Incoming connections from 2 different Internet connections

    - by RJClinton
    I am hosting a Gameserver on my Windows 2003 Server 32 Bit Server. Due to some limitations of my ISP, I have to take 2 Internet connections in order to satisfy my bandwidth requirement. I am facing serious problems here. The Internet is supplied using Wimax. I am given a POE and the RJ45 from both the POE (2 connections) are plugged into a Netgear 100mbps Switch and another RJ45 connects the server to the switch. I have tried to configure the IP addresses and gateway of both connections to the single NIC in the server. The IP series and the gateway of each Internet connection are very much different. I know that this is not the proper approach, because alternate gateways are meant to be only for backup in case of main gateway failure and the usage of the gateways depends upon the metric (correct me if I am wrong). I am planning to get a second PCI NIC so that I can connect each of the Internet connections into its respective NIC. If I use this approach, will I be able to accept connections on both NICs? Also, please suggest any other alternatives that I might use.

    Read the article

  • cakephp secure link using html helper link method..

    - by Aaron
    What's the best way in cakephp to extend the html-link function so that I can tell it to output a secure(https) link? Right now, I've added my own secure_link function to app_helpers that's basically a copy of the link function but adding a https to the beginning. But it seems like there should be a better way of overriding the html-link method so that I can specify a secure option. http://groups.google.com/group/cake-php/browse%5Fthread/thread/e801b31cd3db809a I also started a thread on the google groups and someone suggested doing something like $html->link('my account', array('base' => 'https://', 'controller' => 'users')); but I couldn't get that working. Just to add, this is what is outputted when I have the above code. <a href="/users/index/base:https:/">my account</a> I think there's a bug in the cake/libs/router.php on line 850. There's a keyword 'bare' and I think it should be 'base' Though changing it to base doesn't seem to fix it. From what I gather, it's telling it to exclude those keys that are passed in so that they don't get included as parameters. But I'm puzzled as to why it's a 'bare' keyword and the only reason I can come up with is that it's a type.

    Read the article

  • Limit iPhone in-app purchase by user's country

    - by Ryan
    Hello everyone. I'm a product manager who works for a small internet company that is developing an iPhone application for a social network. We monetize by offering limited and premium memberships to users (premium members get additional features not available to limited members). For billing on the web, we use a 3rd-party payment gateway that is nearing retirement, and will be replaced by an in-house solution. The business wants a global launch for our iPhone app using iTunes + in-app purchasing as a payment gateway. The problem with going global using this payment method is that for our web service membership level, available features, and subscription costs are defined by country. For example, in the US premium/limited memberships are available at 5 pricing tiers; in France premium/limited memberships are available at 5 different pricing tiers from the US; and in Chile the service is available for free and all features are available to users. Is it possible then to have the server-side, based on the user's country of registration, control the level of access, features, and payment options for users on the iPhone? I'd also note that since iTunes Connect does not allow variable pricing by currency and country, each "region" would need 5 in app purchase options. I argued for a US-only launch for iPhone using iTunes in app purchase until an in-house payment gateway is available. But you know...

    Read the article

  • Payment gateways and XSS

    - by Rowan Parker
    Hi all, I'm working on a website which takes payment from a customer. I'm using Kohana 2.3.4 and have created a library to handle the payment gateway I use (www.eway.com.au). Basically I'm just using their sample code, copied into it's own class. Anyway, the code works fine and I can make payments, etc. The issue I have is when the payment gateway is returning the user to my site. The payment gateway uses HTTPS so that is secure, and it is sending the user back to a HTTPS page on my site. However I have the NoScript plugin installed in Firefox, and when I get sent back to the page on my website (which also handles storing the transaction data) I get an error message saying that NoScript has blocked a potential XSS attack. Now I understand why it's unsecure (POST data being sent across two different domains) but what should I be doing instead? Obviously during my testing here I temporarily disable NoScript and it all works fine, but I can't rely on that for the end users. What's the best practice here?

    Read the article

  • need to add secure ftp file upload area to a client's website

    - by user346602
    This is a variation on a previous question as I am having tons of trouble finding answers in all my relentless online searches. Am designing a website for an architecture firm. They want their clients to be able to upload files to them, through a link on their site, via ftp. They also want to have a sign in for their clients, and ensure the uploads are secure. I can figure out how to make a form that has a file upload area - but just don't understand the ftp and the secure part... I understand html, css and a bit of JQuery; the rest is still very challenging to me. Have found something called net2ftp that claims to do what I'm looking for - but the even the installation instructions (for administrators, here: http://www.net2ftp.com/help.html) confuse me. Do I need a MySQL database? Where do I put in Admin password they refer to? It goes on... Is there anything "easier" out there that anyone knows of? I have read that I should be Googling "file managers" - but don't know if these can be embedded in a client's website. I even need to understand of what happens to said file, and where it ends up, when client clicks the upload link. Oh - I am so in over head on this one.

    Read the article

  • Is my approach for persistent login secure ?

    - by Jay
    I'm very much stuck with the reasonable secure approach to implement 'Remember me' feature in a login system. Here's my approach so far, Please advice me if it makes sense and is reasonably secure: Logging: User provides email and password to login (both are valid).. Get the user_id from DB Table Users by comparing provided email Generate 2 random numbers hashed strings: key1, key2 and store in cookies. In DB Table COOKIES, store key1, key2 along with user_id. To Check login: If key1 and key2 both cookies exist, validate both keys in DB Table COOKIES (if a row with key1, and key2 exists, user is logged). if cookie is valid, regenrate key2 and update it in cookie and also database. Why re-genrating key: Because if someone steals cookie and login with that cookie, it will be working only until the real user login. When the real user will login, the stolen cookie will become invalid. Right? Why do I need 2 keys: Because if i store user_id and single key in cookie and database, and the user want to remember the password on another browser, or computer, then the new key will be updated in database, so the user's cookie in earlier browser/PC will become invalid. User wont be able to remember password on more than one place. Thanks for your opinions.

    Read the article

  • IIS URL Rewrite - Redirect any HTTPS traffic to sub-domain

    - by uniquelau
    We have an interesting hosting environment that dictates all secure traffic must travel over a specific sub domain. E.g. http://secure.domain.com/my-page I'd like to handle this switch using URL Rewrite, i.e. at server level, rather than application level. My cases are: https://secure.domain.com/page = NO CHANGE, remains the same https://domain.com/page = sub-domain inserted, https://secure.domain.com/page https://www.domain.com/page = remove 'www', insert sub-domain In my mind the logic is: INPUT = Full Url = http://www.domain.com/page If INPUT contains HTTPS Then check Full URL, does it contain 'secure'? If YES do nothing, if no add 'secure' If INPUT contains 'www' remove 'www' The certificate is not a wild card (e.g. top level domain) and is issues to: https://secure.domain.com/ The website could also be hosted in a staging environment. E.g. https://secure.environment.domain.com/ I do not have control over 'environment' or 'domain' or the 'tld'. Laurence - Update 1, 19th August So as mentioned below, the trick here is to avoid a redirect loop that could drive anyone well loopy. This is what I propose: One rule to force certain traffic to the secure domain: <rule name="Force 'Umbraco' to secure" stopProcessing="true"> <conditions logicalGrouping="MatchAll"> <add input="{REQUEST_URI}" pattern="^/umbraco/(.+)$" ignoreCase="true" /> <add input="{HTTP_HOST}" negate="true" pattern="^secure\.(.+)$" /> </conditions> <action type="Redirect" url="https://secure.{HTTP_HOST}/{R:0}" redirectType="Permanent" /> </rule> Another rule, that then removes the secure domain, expect for traffic on the secure domain. <rule name="Remove secure, expect for Umbraco" stopProcessing="true"> <match url="(.*)" ignoreCase="true" /> <conditions logicalGrouping="MatchAll"> <add input="{HTTP_HOST}" pattern="^secure\.(.+)$" /> <add input="{REQUEST_URI}" negate="true" pattern="^/umbraco/(.+)$" ignoreCase="true" /> </conditions> <!-- Set Domain to match environment --> <action type="Redirect" url="http://staging.domain.com/{R:0}" appendQueryString="true" redirectType="Permanent" /> </rule> This works for a single directory or group of files, however I've been unable to add additional logic into those two rules. For example you might have 3 folders that need to be secure, I tried adding these as Negate records, but then no redirection happens at all. Hmmm! L

    Read the article

  • playsms sent sms to queue

    - by user512213
    i install playsms in my system as below mentioned way https://github.com/antonraharja/playSMS/wiki/Web-User-Interface-Installation i use kannel as a gateway and kannel running fine i get the following status while i check kannel status in browser. Kannel bearerbox version `1.4.3'. Build `Nov 24 2011 08:02:18', compiler `4.6.2'. System Linux, release 3.2.0-23-generic-pae, version #36-Ubuntu SMP Tue Apr 10 22:19:09 UTC 2012, machine i686. Hostname MSSRF-INCOIS, IP 127.0.1.1. Libxml version 2.7.8. Using OpenSSL 1.0.0e 6 Sep 2011. Compiled with MySQL 5.5.17, using MySQL 5.5.24. Using SQLite 3.7.9. Using native malloc. Status: running, uptime 0d 1h 8m 27s WDP: received 0 (0 queued), sent 0 (0 queued) SMS: received 0 (0 queued), sent 0 (0 queued), store size -1 SMS: inbound (0.00,0.00,0.00) msg/sec, outbound (0.00,0.00,0.00) msg/sec DLR: 0 queued, using internal storage Box connections: wapbox, IP 127.0.0.1 (on-line 0d 1h 8m 2s) wapbox, IP 127.0.0.1 (on-line 0d 0h 18m 11s) SMSC connections: unknown AT2[/dev/ttyS0] (online 4106s, rcvd 0, sent 0, failed 0, queued 0 msgs) But when i try to send sms in playsms means it shows "Your SMS has been delivered to queue " but sms not received .Any thing we missed out while configuration.any one advice me to proceed.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 23 24 25 26 27 28 29 30 31 32 33 34  | Next Page >