Search Results

Search found 2089 results on 84 pages for 'symmertric encryption'.

Page 27/84 | < Previous Page | 23 24 25 26 27 28 29 30 31 32 33 34  | Next Page >

  • IPSec for LAN traffic: Basic considerations?

    - by chris_l
    This is a follow-up to my Encrypting absolutely everything... question. Important: This is not about the more usual IPSec setup, where you want to encrypt traffic between two LANs. My basic goal is to encrypt all traffic within a small company's LAN. One solution could be IPSec. I have just started to learn about IPSec, and before I decide on using it and dive in more deeply, I'd like to get an overview of how this could look like. Is there good cross-platform support? It must work on Linux, MacOS X and Windows clients, Linux servers, and it shouldn't require expensive network hardware. Can I enable IPSec for an entire machine (so there can be no other traffic incoming/outgoing), or for a network interface, or is it determined by firewall settings for individual ports/...? Can I easily ban non-IPSec IP packets? And also "Mallory's evil" IPSec traffic that is signed by some key, but not ours? My ideal conception is to make it impossible to have any such IP traffic on the LAN. For LAN-internal traffic: I would choose "ESP with authentication (no AH)", AES-256, in "Transport mode". Is this a reasonable decision? For LAN-Internet traffic: How would it work with the internet gateway? Would I use "Tunnel mode" to create an IPSec tunnel from each machine to the gateway? Or could I also use "Transport mode" to the gateway? The reason I ask is, that the gateway would have to be able to decrypt packages coming from the LAN, so it will need the keys to do that. Is that possible, if the destination address isn't the gateway's address? Or would I have to use a proxy in this case? Is there anything else I should consider? I really just need a quick overview of these things, not very detailed instructions.

    Read the article

  • convert .p7b key to a .pfx

    - by DrStalker
    I have an SSL certificate in .p7b format that I need to convert to .pfx. If I try this through the windows certificate managment the option to expert as a .pfx is disabled. Trying with openssl I have found the following two commands to do the conversion: openssl pkcs7 -print_certs -in certificate.p7b -out certificate.cer openssl pkcs12 -export -in certificate.cer -inkey privateKey.key -out certificate.pfx -certfile CACert.cer but I'm not sure what key to use for teh esecond command, or what certificate CACert.cer refers to. How can I convert this key to .pfx format?

    Read the article

  • TrueCrypt Failing to Decrypt External Hard Drive after changing Enclosures

    - by Anx Ara
    I have a 4TB external hard drive that was previously encrypted using TrueCrypt. The power source on the hard drive enclosure failed, so I had to switch the hard drive itself into a new enclosure. I can no longer decrypt the hard drive using TrueCrypt, as it says my password is wrong. I am certain that I entering the correct password. Additionally, in TrueCrypt, when I try to mount the volume under "Select Device", it shows the following: Harddisk 5: 3.6TB Device\Harddisk5\Partition 1 H: 465GB Whereas before I changed the enclosure it would show: Harddisk 5: 3.6TB Device\Harddisk5\Partition 1 H: 3.6TB I am on a Windows 8 PC and using TrueCrypt 7.1a. How can I get it to decrypt properly?

    Read the article

  • why is rdiff-backup not compatible with encfs ---reverse

    - by user330273
    I'm trying to use encfs with rdiff-backup to ensure that my backups to a remote server are encrypted. The easiest way to do this would be to use encfs --reverse - which means encfs will create a virtual encrypted file system, which I can then backup using rdiff-backup. Except that it doesn't work. Rdiff-backup fails every time with an "input/output error" on the encfs virtual filesystem. It seems I'm not the only one with this problem, but no one has said what the problem is: this person reported the same issue, but was just told to use sshfs instead (see below on that); in this question on serverfault, one of the answers just states that "rdiff-backup seems to have trouble accessing the EncFS-reverse filesystem." There's an open bug report on the Debian bug tracker(bug 731413, I can't post the link) on this bug, but it's been open since December 2013 with no response. Does anyone know what the problem actually is? Is there a workaround? I can't use the two most commonly suggested alternatives - sshfs and then running encfs on that, or using Duplicity - as both require a much higher bandwidth connection than I have access to (Duplicity requires regular full backups).

    Read the article

  • Mac OSX Server: svn via ssh command line and encrypted passwords.

    - by Ben Clayton
    Hi all. When I log into our mac mini server running OSX 10.6 via ssh and use svn I get the message: ATTENTION! Your password for authentication realm: can only be stored to disk unencrypted! You are advised to configure your system so that Subversion can store passwords encrypted, if possible. See the documentation for details. You can avoid future appearances of this warning by setting the value of the 'store-plaintext-passwords' option to either 'yes' or 'no' in '/Users/xxxxxxxx/.subversion/servers'. I dont' want to store the password unencrypted though. I've found some details on how to use GNOME keychain in linux to sort this, but nothing on how to use macosx's keychain. Anyone got any ideas? Thanks a lot!

    Read the article

  • Decrypt column in SQL 2008

    - by Paul
    I need to decrypt a column in a table that has previously been encrypted at application level. The algorithm is DES at 192 bits and block size = 64. I have the password but DecryptByPassPhrase doesn't seem to work.

    Read the article

  • Is it possible to re-lock a bitlocker drive?

    - by Sean Edwards
    I'm running a partition with bitlocker on a Windows 7 Ultimate machine, which contains secure data that I have to recover infrequently. Unlocking it to access the data is obviously no problem, but is there a way to re-lock the partition when I'm done? The best I've found so far is this: http://social.technet.microsoft.com/Forums/en-US/w7itprosecurity/thread/41607938-7452-440d-8253-67fe8657bc0f Currently I have a .bat script on that drive that I can run as administrator, and that re-locks the drive, but it feels like kind of a hackish solution. Does anyone have anything better? Any idea when Microsoft might release a fix for this?

    Read the article

  • Setting up 802.1X wireless connection on OSX

    - by hizki
    I am an OSX user, I have Snow Leopard 10.6.5 and an updated AirPort. I am trying to connect to my university's wireless network, but it has a complex security that I am having trouble defining... Here there are instructions for connecting with Windows XP, Windows 7 and Linux. Can someone please instruct me what should I do to set up this network on my MAC? Thank you. P.S. I have had previous success in setting up this network, but I have no idea what I did that made it work. Since I updated my AirPort it worked only seldomly and very slowly... Before the update, even when it worked it never remembered my password.

    Read the article

  • Encrypt uploaded pdf files with mcrypt and php

    - by microchasm
    I'm currently set up with a CentOS box that utilizes mcrypt to encrypt/decrypt data to/from the database. In my haste, I forgot that I also need a solution to encrypt files (primarily pdf, with a xls and txt file here and there). Is there a way to utilize mcrypt to encrypt uploaded pdf files? I understand the possibility of file_get_contents() with txt; is a similar solution available for other formats? Thanks!

    Read the article

  • How to encrypt disk transparently without destroying data

    - by aseq
    On a Linux system, be it Debian, Redhat or any distro, I would like to encrypt the disk on the fly. That is, encrypt the disk transparently to the OS whilst it is running, reboots, shuts down etc. In addition it should not destroy data. I know there is (commercial) software for windows that does it. But I need a Linux solution. The solutions I know of do not support this as far as I can see (luks, truecrypt...). Maybe there is some hack or work around available?

    Read the article

  • Decrypting Windows XP encrypted files from an old disk

    - by Uri Cohen
    I had an old Windows XP machine with an encrypted directory. When moving to a new Win7 machine I connected the old disk as a slave in the new machine, and hence cannot access the encrypted files. Chances don't seem good as documentation warns you: "Do not Delete or Rename a User's account from which will want to Recover the Encrypted Files. You will not be able to de-crypt the files using the steps outlined above." On the other hand, I have full access to the machine, so maybe there's a utility which can extract the keys and use the to decrypt the files... BTW, I didn't have a password in the old machine, if it's relevant. Ideas, anyone? Thanks!

    Read the article

  • What are the strategies available to minimise badblocks on an encrypted partition?

    - by David Andreoletti
    Let me explain my backup strategy and the problem I am facing. My current backup strategy: Open encrypted container and execute Carbon Copy Cleaner on it at least once a week. Rotate backup disks. Problem: I have an Truecrypt partition on my 1st external hard disk. I recently found out that some files on this encrypted partition cannot be read due to bad blocks (reported by Antonio Diaz's GNU 'ddrescue'). My backup strategy is ineffective in this scenario because bad blocks are discovered during backup. Possible strategy Strategy #0: Have the encrypted partition over a RAID 1 with 2 disks. Is this a suitable strategy ? Strategy #1: Do you think of any other one ? Environment: Mac OS X 10.8 External 2.5" hard disk (SATA) No RAID

    Read the article

  • Bitlocker Repair Tool for windows 7 Ultimate

    - by user44212
    I have just enabled bitlocker using a flash drive without TPM on windows 7 Ultimate 64 bit. Just to be prepared - is there any way I can recover data from an encrypted volume in Windows 7 ultimate. I found links for BitLocker Repair Tool to help recover data from an encrypted volume for windows vista and windows 2008 here http://support.microsoft.com/kb/928201 but did not find anything on microsoft for windows 7. But did not find any for windows 7 Ultimate.

    Read the article

  • KeePass: use a key file or a regular password?

    - by RCIX
    I'm setting up a KeePass database and it offers the ability to use a key file, which it says is more secure because it can use a longer and more complex password but is easier to break because you only need the key file to open the database. I'll only be using the key file on 2 computers (one desktop and one laptop), wo which is the best option? Note that it's definitely more appealing to use the key file for me because i have a hard time remembering anything close to a random password.

    Read the article

  • Can I rely on S3 to keep my data secure?

    - by Jamie Hale
    I want to back up sensitive personal data to S3 via an rsync-style interface. I'm currently using s3cmd - a great tool - but it doesn't yet support encrypted syncs. This means that while my data is encrypted (via SSL) during transfer, it's stored on their end unencrypted. I want to know if this is a big deal. The S3 FAQ says "Amazon S3 uses proven cryptographic methods to authenticate users... If you would like extra security, there is no restriction on encrypting your data before storing it in Amazon S3." Why would I like extra security? Is there some way my buckets could be opened to prying eyes without my knowing? Or are they just trying to save you when you accidentally change your ACLs and make your buckets world-readable?

    Read the article

  • Trying to delete directory with "rm -rf", but get message that it's not empty

    - by Ben Hocking
    I've tried deleting a directory using "rm -rf" and I'm getting the message "Directory not empty": Bens-MacBook-Pro:please benjaminhocking$ ls -lart empty_directory/ total 16 drwxr-xr-x 5 benjaminhocking staff 170 Aug 27 14:46 . drwxr-xr-x 3 benjaminhocking staff 102 Aug 27 15:28 .. Bens-MacBook-Pro:please benjaminhocking$ rm -rf empty_directory/ rm: empty_directory/: Directory not empty Bens-MacBook-Pro:please benjaminhocking$ rmdir empty_directory/ rmdir: empty_directory/: Directory not empty If I try the same thing using Finder (dragging the folder to the Trash), I get the message The operation can’t be completed because the item “empty_directory” is in use. I've tried doing xattr -d com.apple.quarantine, purely out of superstition, but it did no good. A probably important piece of context is that this directory was initially in a directory that should've been deleted by a "make clean" command I issued prior to Terminal locking up on me, after which a little over half of the other programs I had running also locked up, including Skype, and eventually the OS itself. I ended up having to reboot the computer by pressing and holding the power key. Edit to add: Another important piece of information I left off was that this was happening in an encrypted folder à la encfs. I was able to track down the corresponding folder in the encrypted side of things and delete it there. I still don't know why I couldn't do it from the decrypted side of things like I normally do. I'll leave this unanswered for now in case anyone has a good answer for that.

    Read the article

  • Encrypting traffic on remote end of SSH tunnel

    - by Aaron
    Using an example of someone connecting to a VPS, an SSH tunnel will encrypt any traffic coming from the user to the VPS. Once it reaches the VPS network, the traffic is not encrypted and is easily sniffable by network administrators on that particular network. (am I understanding all that correctly?) Is there a way to have the traffic encrypted on both ends so that neither side is susceptible to packet sniffing to reveal what kind of data/traffic/protocol is being transmitted?

    Read the article

  • Using a non-validated SED on a Dell R720

    - by a coder
    We were given a Dell R720 a couple years ago, and the machine currently has standard 300GB 3.5" SAS 15k drives. Our RAID controller is a Perc H710. We need to update our disks to FIPS 140-2 certified SED. According to Dell, they have only one tested/validated FIPS SED for this machine/controller, but it is a 7200rpm 3.5" unit. I'm showing that Dell offers a 600GB 15k FIPS SED in 3.5" configuration (Dell part number 342-0605), but they say they haven't validated or tested to know if it works. They informed us that we would not void our warranty in using this non-validated drive. How likely is it that our R720 with H710 controller will work with the non-validated drive? Are there significant differences in how drive manufacturers build SED that would prevent them from working consistently across different controllers?

    Read the article

  • unable to decrypt certain files with secret key pgp 6.5.8, any advice?

    - by pythonian29033
    Ok so I do some stuff for a client of ours that requires me to decrypt some of their suppliers messages, the thing is, something weird happened the other day and I can only decrypt some files with an old decryption script, but for certain files I get the error: "Message is encrypted. Cannot decrypt message. It can only be decrypted by: 2048 bits, Key ID 98627E12, Created 2000-03-02 "Other Guy "" as you can see, the key is ancient and I was still 9years old when it was created, so I have know idea who this "Other Guy" is. . .and I can't understand why I'm able to decrypt some of the supplier's files with the decryption script, but for others it fails. PS: the supplier only uses one public key, so this should work for all the files, any advice?

    Read the article

  • Generate or update a PDF to include an encrypted, hidden watermark?

    - by Dave Jarvis
    Background Using LaTeX to write a book. When a user purchases the book, the PDF will be generated automatically. Problem The PDF should have a watermark that includes the person's name and contact information. Question What software meets the following criteria: Applies encrypted, invisible watermarks to a PDF Open Source Platform independent (Linux, Windows) Fast (marks a 200 page PDF in under 1 second) Batch processing (exclusively command-line driven) Collusion-attack resistant Non-fragile (e.g., PDF - EPS - PDF still contains the watermark) Well documented (shows example usages) Ideas & Resources Some thoughts and findings: Natural language processing (NLP) watermarks. Apply steganography on a randomly selected image. http://openstego.sourceforge.net/cmdline.html The problem with NLP is that grammatical errors can be introduced. The problem with steganography is that the images are sourced from an image cache, and so recreating that cache with watermarked images will impart a delay when generating the PDF (I could just delete one image from the cache, but that's not an elegant solution). Thank you!

    Read the article

  • Buyers question: Have intel AES-NI already been integrated in IPSEC stacks?

    - by deploymonkey
    Dear serverfault, I need to decide between deploying Opteron 6100 and Xeon Westmere EP, so I regard this a platform question. If not, it may be moved to stackoverflow and I hereby declare that I am very sorry. Do any (F)OSS or proprietory IPSEC stacks already use the AES-NI functions of the Westmere-EP? Thanks a bundle! ps. If anyone would like to create the tag AES-NI, You're welcome. I couldn't due to lack of rep.

    Read the article

  • Configured MySQL for SSL , but SLL is still not in use..!

    - by Sunrays
    I configured SSL for MySQL using the following script. #!/bin/bash # mkdir -p /root/abc/ssl_certs cd /root/abc/ssl_certs # echo "--> 1. Create CA cert, private key" openssl genrsa 2048 > ca-key.pem echo "--> 2. Create CA cert, certificate" openssl req -new -x509 -nodes -days 1000 -key ca-key.pem > ca-cert.pem echo "--> 3. Create Server certificate, key" openssl req -newkey rsa:2048 -days 1000 -nodes -keyout server-key.pem > server-req.pem echo "--> 4. Create Server certificate, cert" openssl x509 -req -in server-req.pem -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem echo "" echo echo "" echo "--> 5. Create client certificate, key. Use DIFFERENT common name then server!!!!" echo "" openssl req -newkey rsa:2048 -days 1000 -nodes -keyout client-key.pem > client-req.pem echo "6. Create client certificate, cert" openssl x509 -req -in client-req.pem -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > client-cert.pem exit 0 The following files were created: ca-key.pem ca-cert.pem server-req.pem server-key.pem server-cert.pem client-req.pem client-key.pem client-cert.pem Then I combined server-cert.pem and client-cert.pem into ca.pem (I read in a post to do so..) I created a ssl user in MySQL: GRANT ALL ON *.* to sslsuer@hostname IDENTIFIED BY 'pwd' REQUIRE SSL; Next I added the following in my.cnf [mysqld] ssl-ca = /root/abc/ssl_certs/ca.pem ssl-cert = /root/abc/ssl_certs/server-cert.pem ssl-key = /root/abc/ssl_certs/server-key.pem After restarting the server,I connected to mysql but SSL was still not in use :( mysql -u ssluser -p SSL: Not in use Even the have_ssl parameter was still showing disabled.. :( mysql> show variables like '%ssl%'; +---------------+---------------------------------------------+ | Variable_name | Value | +---------------+---------------------------------------------+ | have_openssl | DISABLED | | have_ssl | DISABLED | | ssl_ca | /root/abc/ssl_certs/ca.pem | | ssl_capath | | | ssl_cert | /root/abc/ssl_certs/server-cert.pem | | ssl_cipher | | | ssl_key | /root/abc/ssl_certs/server-key.pem | +---------------+---------------------------------------------+ Have I missed any step, or whats wrong.. Answers with missed steps in detail will be highly appreciated..

    Read the article

< Previous Page | 23 24 25 26 27 28 29 30 31 32 33 34  | Next Page >