Search Results

Search found 28693 results on 1148 pages for 'oracle advanced security'.

Page 298/1148 | < Previous Page | 294 295 296 297 298 299 300 301 302 303 304 305  | Next Page >

• ?????? ??????????! ?Silver???? vol.11

  - by M.Morozumi

  ???????????????????????????????????????????????????????????????????  ???ORACLE MASTER Silver Oracle Database 11g???????????????????????  ------------------------------- ????: SYSDBA ??? SYSOPER ???????????????????????? (    )??????????????SYSDBA ??? SYSOPER ??????????????????????? (    )???????????????????1????????? ??? audit_sys_operations audit_dba_operations ????????????? ???????????????

  Read the article

• ?know How?Oracle WebLogic Server 11g? JRuby?JMX???????|WebLogic Channel|??????

  - by ???02

  ??Java SE???????????????JMX?????????????????????????????????????????????????????????????????????????????????????????????????????JRuby??????????JMX??????Oracle WebLogic Server 11g Release 1????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????¦????????????????????????????????????????    * Oracle Database 11g Release 2??     * JDK 1.6    * JRuby 1.5.6    * Oracle WebLogic Server 11g Release 1??    * ????·????????...

  Read the article

• ????????·??????????ERP???????

  - by mamoru.kobayashi

  ??????????????????????·?????·??·??·??? ???????????????????????????Oracle E-Business Suite?? ??????ERP??????????????????? ????????????????????????????????????????? ????????????????????????????? ?Oracle E-Business Suite?????????·???????? ???ERP???????????? ??????????????/??????????????????? 2005??????2008???????·??·???5??????????????? ??·??·??·??????????????????????????? ???????:????????·??????????ERP???????????????

  Read the article

• ?????? ??????????!?Bronze???? vol.11

  - by M.Morozumi

  ???????????????????????????????????????????????????????????????????  ???ORACLE MASTER Bronze Oracle Database 11g???????????????????????  ------------------------------- ????: REPLACE ?????????JACK and JUE?????????J???BL??????????????BLACK and BLUE??????????????????? REPLACE ?????????????????1????????? ???: REPLACE('JACK and JUE', 'BL', 'J') REPLACE('JACK and JUE', 'J', 'BL') ????????????? ???????????????

  Read the article

• ?????????·???????????????????????

  - by user762749

  ????????????·??????????????Oracle Business Intelligence R11.1.1.5??????????????????????? ??????????????????????????????????????????????·???????????????????????????????????iPad?iPhone??????????????????????????????????????????????????????????????????????? ???????????????????????????????????????????? ?????BI????????????????????????????BI??????????????????500??BI??????????????Oracle Business Intelligence ???????????????

  Read the article

• ?????? ??????????! ?Gold???? vol.3 <??>

  - by M.Morozumi

  ???ORACLE MASTER Gold Oracle Database 11g?????????????? ?????????????????????? ------------------------------- ???? Point-in-Time ?????????????????????????????????( )??????????????? ( )???????????????1????????? a.TS_PITR_OBJECTS_TO_BE_OBSOLETED b.TS_PITR_OBJECTS_TO_BE_DISAPPEARED c.TS_PITR_OBJECTS_TO_BE_DROPPED ??????????????? ------------------------------- ??:c.TS_PITR_OBJECTS_TO_BE_DROPPED ??: ???? Point-in-Time ?????????????????????????????????TS_PITR_OBJECTS_TO_BE_DROPPED ????????????????????????????????

  Read the article

• Logging Application Block

  - by Gordon Carpenter-Thompson

  I'm using the Logging Application Block in my ASP.NET application and want to convert the application to a Sharepoint WebPart. It all works fine as long as I change: <trust level="WSS_Minimal" originUrl="" /> to <trust level="Full" originUrl="" /> If not I get an exception in the logs: Failed to add webpart *************255Fcatalogs%252Fwp%252FSearchWebPart%252Ewebpart;SearchWebPart. Exception Microsoft.SharePoint.WebPartPages.WebPartPageUserException: The type initializer for 'Microsoft.Practices.EnterpriseLibrary.Logging.Logger' threw an exception. ---> System.TypeInitializationException: The type initializer for 'Microsoft.Practices.EnterpriseLibrary.Logging.Logger' threw an exception. ---> System.TypeInitializationException: The type initializer for 'Microsoft.Practices.EnterpriseLibrary.Common.Configuration.SystemConfigurationSource' threw an exception. ---> System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neut... ...ral, PublicKeyToken=b77a5c561934e089' failed. at System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet) at System.Security.CodeAccessPermission.Demand() at System.AppDomainSetup.VerifyDir(String dir, Boolean normalize) at System.AppDomainSetup.get_ConfigurationFile() at Microsoft.Practices.EnterpriseLibrary.Common.Configuration.SystemConfigurationSourceImplementation..ctor(Boolean refresh) at Microsoft.Practices.EnterpriseLibrary.Common.Configuration.SystemConfigurationSource..cctor() The action that failed was: Demand The type of the first permission that failed was: System.Security.Permissions.FileIOPermission The first permission that failed was: <IPermission class="System.Security.Permissions.FileIOPermi... ...ssion, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" PathDiscovery="D:\Inetpub\wwwroot\wss\VirtualDirectories\8686\web.config"/> The demand was for: <IPermission class="System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" PathDiscovery="D:\Inetpub\wwwroot\wss\VirtualDirectories\8686\web.config"/> The granted set of the failing assembly was: <PermissionSet class="System.Security.PermissionSet" version="1"> <IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Flags="Execution"/> <IPermission class="System.Security.Permissions.StrongNameIdentityPermis... ...sion, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" PublicKeyBlob="0024000004800000940000000602000000240000525341310004000001000100257FAE170ABB2AB4A8EF914DFEA757F7DB8C221F01850FC8753A4C6585C0B07749DA33DF4D64A721A070E7CDCDEFC8C786E3626418389BCF461E4300E6F4C477BE5CE64AD12C29D517208D6BA627D9F73A9066B7638BE1FEE3EABE6C3E537B546CB3B5DE5E436F95278BB1E9DBDE85C2A6B624010A8073841D467CC7A0A0C6C8" Name="Microsoft.Practices.EnterpriseLibrary.Common" AssemblyVersion="3.1.0.0"/> <IPermission class="System.Security.Permissions.UrlIdentityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Url="file:///D:/Inetpub/wwwroot/wss/VirtualDirectories/8686/bin/Microsoft.Practices.EnterpriseLibrary.Common.DLL"/> <IPe... ...rmission class="System.Security.Permissions.ZoneIdentityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Zone="MyComputer"/> <IPermission class="System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Level="Minimal"/> <IPermission class="Microsoft.SharePoint.Security.WebPartPermission, Microsoft.SharePoint.Security, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" version="1" Connections="True"/> </PermissionSet> The assembly or AppDomain that failed was: Microsoft.Practices.EnterpriseLibrary.Common, Version=3.1.0.0, Culture=neutral, PublicKeyToken=a646907c4a695009 The Zone of the assembly that failed was: MyComputer The Url of the assem... ...bly that failed was: file:///D:/Inetpub/wwwroot/wss/VirtualDirectories/8686/bin/Microsoft.Practices.EnterpriseLibrary.Common.DLL --- End of inner exception stack trace --- at Microsoft.Practices.EnterpriseLibrary.Common.Configuration.SystemConfigurationSource..ctor() at Microsoft.Practices.EnterpriseLibrary.Common.Configuration.ConfigurationSourceFactory.Create() at Microsoft.Practices.EnterpriseLibrary.Logging.Logger..cctor() --- End of inner exception stack trace --- at Microsoft.Practices.EnterpriseLibrary.Logging.Logger.Write(LogEntry log) at com.okana.sharepoint.SearchWebPart.OnLoad(EventArgs e) at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.AddedControl(Control control, Int32 index) at System.Web.UI.ControlCollection.Add(Con... ...trol child) at System.Web.UI.WebControls.WebParts.WebPartManager.WebPartManagerControlCollection.AddWebPartHelper(WebPart webPart) at System.Web.UI.WebControls.WebParts.WebPartManager.WebPartManagerControlCollection.AddWebPart(WebPart webPart) at System.Web.UI.WebControls.WebParts.WebPartManager.AddWebPart(WebPart webPart) at System.Web.UI.WebControls.WebParts.WebPartManagerInternals.AddWebPart(WebPart webPart) at Microsoft.SharePoint.WebPartPages.SPWebPartManager.AddWebPartWithRetry(WebPart webPart) at Microsoft.SharePoint.WebPartPages.SPWebPartManager.AddDynamicWebPart(WebPart webPart) at Microsoft.SharePoint.WebPartPages.SPWebPartManager.LoadWebPart(WebPart aspWebPart, String zoneId, Int32 zoneIndex, Boolean isClosed) at Microsoft.SharePoint.WebPartPages.... ...SPWebPartManager.AddWebPartInternalShared(WebPart webPart) at Microsoft.SharePoint.WebPartPages.SPWebPartManager.AddWebPartInternal(SPSupersetWebPart superset, Boolean throwIfLocked) --- End of inner exception stack trace --- at Microsoft.SharePoint.WebPartPages.SPWebPartManager.AddWebPartInternal(SPSupersetWebPart superset, Boolean throwIfLocked) at Microsoft.SharePoint.WebPartPages.SPWebPartManager.AddWebPartInternal(SPSupersetWebPart superset) at Microsoft.SharePoint.WebPartPages.WebPartQuickAdd.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) My log configuration is this: <loggingConfiguration name="Logging Application Block" tracingEnabled="true" defaultCategory="General" logWarningsWhenNoCategoriesMatch="true"> <listeners> <add fileName="XAE.log" rollSizeKB="0" timeStampPattern="yyyy-MM-dd" rollFileExistsBehavior="Overwrite" rollInterval="Day" formatter="Text Formatter" header="" footer="" listenerDataType="Microsoft.Practices.EnterpriseLibrary.Logging.Configuration.RollingFlatFileTraceListenerData, Microsoft.Practices.EnterpriseLibrary.Logging, Version=3.1.0.0, Culture=neutral" traceOutputOptions="None" type="Microsoft.Practices.EnterpriseLibrary.Logging.TraceListeners.RollingFlatFileTraceListener, Microsoft.Practices.EnterpriseLibrary.Logging, Version=3.1.0.0, Culture=neutral" name="Rolling Flat File Trace Listener" /> <add fileName="IDOL.log" rollSizeKB="0" timeStampPattern="yyyy-MM-dd" rollFileExistsBehavior="Overwrite" rollInterval="Day" formatter="Text Formatter" header="" footer="" listenerDataType="Microsoft.Practices.EnterpriseLibrary.Logging.Configuration.RollingFlatFileTraceListenerData, Microsoft.Practices.EnterpriseLibrary.Logging, Version=3.1.0.0, Culture=neutral" traceOutputOptions="None" type="Microsoft.Practices.EnterpriseLibrary.Logging.TraceListeners.RollingFlatFileTraceListener, Microsoft.Practices.EnterpriseLibrary.Logging, Version=3.1.0.0, Culture=neutral" name="IDOL Rolling Flat File Trace Listener" /> </listeners> <formatters> <add template="{timestamp(local)} : {category} : {message}" type="Microsoft.Practices.EnterpriseLibrary.Logging.Formatters.TextFormatter, Microsoft.Practices.EnterpriseLibrary.Logging, Version=3.1.0.0, Culture=neutral" name="Text Formatter" /> </formatters> <categorySources> <!-- For any log entries that you wish to suppress set "All" to "Off" --> <add switchValue="All" name="Communication"> <listeners> <add name="Rolling Flat File Trace Listener" /> </listeners> </add> <add switchValue="All" name="Debug"> <listeners> <add name="Rolling Flat File Trace Listener" /> </listeners> </add> <add switchValue="All" name="Exception"> <listeners> <add name="Rolling Flat File Trace Listener" /> </listeners> </add> <add switchValue="All" name="General"> <listeners> <add name="Rolling Flat File Trace Listener" /> </listeners> </add> <add switchValue="All" name="Warning"> <listeners> <add name="Rolling Flat File Trace Listener" /> </listeners> </add> <add switchValue="All" name="IDOL"> <listeners> <add name="IDOL Rolling Flat File Trace Listener" /> </listeners> </add> </categorySources> <specialSources> <allEvents switchValue="All" name="All Events" /> <notProcessed switchValue="All" name="Unprocessed Category" /> <errors switchValue="All" name="Logging Errors &amp; Warnings"> <listeners> <add name="Rolling Flat File Trace Listener" /> </listeners> </errors> </specialSources> </loggingConfiguration> Clearly this is because it's trying to create the log files and WSS_Minimal doesn't allow this. Is there a simple way to disable all logging for now? Removing the logging is problematic as it's used in the underlying libraries. I have tried setting all switchValue="All" to "Off" but it still throws the exception even though nothing should be logged

  Read the article

• Can someone look over the curriculum for this major & give me your thoughts? Computing & Security Te

  - by scottsharpejr

  My goal is to become a good web developer. I'm interested in learning how to build complex websites as well as how to write web applications. I want skills that will enable me to write apps for <--insert hottest web trend here-- (Facebook & iphone apps for example) This is one of my goals as far as Tech. is concerned. I'd also like to have a brod knowledge of different areas of IT. I'm looking into majoring in "Computing & Security Technology". The program is offered by Drexel in conjunction with my CC. It's a 4 year degree. Can someone take a look @ the pdf below. It outlines every course I must take. http://www.drexelatbcc.org/academics/PDF/CST_CT.pdf For degree requirments w/ links to course descriptiongs see drexel.edu/catalog/degree/ct.htm With electives I can go up to Web Development 4. Based on my goals of Web development & wanting a well rounding education in information technology, what do you think of the curriculum? How will I fare entering the job market with this degree? My goals here are a little different. I'd like to work for 2 to 3 companies over the course of 6-7 years. Working with and learning different areas of IT. I'd like to stay with a company an average of 2-3 years before moving on. My end goal is to go into business for myself (IT related). I appreciate any and all advice the community here can give me! :) Could someone also explain to me their interpretation of this major? thanks! P.S. I already know XHTML & CSS. I am just now starting to experiment with PHP.

  Read the article

• What are the security implications of making a clientaccesspolicy proxy workaround?

  - by Edward Tanguay

  I wanted to use a published GoogleDocs document as the datasource of a Silverlight application but ran into clientaccesspolicy issues. I read many articles like this and this about how difficult it is to get around the clientaccesspolicy issue. So I wrote this 15-line CURL script and put it on my PHP site and now I can get the text of any GoogleDocs document and any text from any URL into my Silverlight application: <?php $url = filter_input(INPUT_GET, 'url',FILTER_SANITIZE_STRING); $user_agent = 'Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)'; $ch = curl_init(); curl_setopt($ch, CURLOPT_COOKIEJAR, "/tmp/cookie"); curl_setopt($ch, CURLOPT_COOKIEFILE, "/tmp/cookie"); curl_setopt($ch, CURLOPT_URL, $url ); // set url to post to curl_setopt($ch, CURLOPT_FAILONERROR, 1); // Fail on errors curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0); // allow redirects curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); // return into a variable curl_setopt($ch, CURLOPT_TIMEOUT, 15); curl_setopt($ch, CURLOPT_USERAGENT, $user_agent); curl_setopt($ch, CURLOPT_VERBOSE, 0); echo curl_exec($ch); ?> So it makes me wonder: Why is there so much discussion about whether or not URLs support clientaccesspolicy or not, since you just have to write a simple proxy script and get the information through it? Why aren't there services, e.g. like the URL shortening services, which supply this functionality? What are the security implications of having a script like this?

  Read the article

• How do I specify Open ID Realm in spring security ?

  - by Salvin Francis

  We are using Spring security in our application with support for username / password based authentication as well as Open id based authentication. The issue is that google gives a different open id for the return url specified and we have at least 2 different entry points in our application from where open id is configured into our system. Hence we decided to use open id realm. http://blog.stackoverflow.com/2009/0...ue-per-domain/ http://groups.google.com/group/googl...unts-api?pli=1 how is it possible to integrate realm into our spring configuration/code ? This is how we are doing it in traditional openid library code: AuthRequest authReq = consumerManager.authenticate(discovered, someReturnToUrl,"http://www.example.com"); This works and gives same open id for different urls from our site. our configuration: Code: ... <http auto-config="false"> <!-- <intercept-url> tags are here --> <remember-me user-service-ref="someRememberedService" key="some key" /> <form-login login-page="/Login.html" authentication-failure-url="/Login.html?error=true" always-use-default-target="false" default-target-url="/MainPage.html"/> <openid-login authentication-failure-url="/Login.html?error=true" always-use-default-target="true" default-target-url="/MainPage.html" user-service-ref="someOpenIdUserService"/> </http> ... <beans:bean id="someOpenIdUserService" class="com.something.MyOpenIDUserDetailsService"> </beans:bean> <beans:bean id="openIdAuthenticationProvider" class="com.something.MyOpenIDAuthenticationProvider"> <custom-authentication-provider /> <beans:property name="userDetailsService" ref="someOpenIdUserService"/> </beans:bean> ...

  Read the article

• How to ensure DB security for a Windows Forms application?

  - by Vilx-

  The basic setup is classic - you're creating a Windows Forms application that connects to a DB and does all kinds of enterprise-y stuff. Naturally, such an application will have many users with different access rights in the DB, and each with their own login name and password. So how do you implement this? One way is to create a DB login for every application user, but that's a pretty serious thing to do, which even requires admin rights on the DB server, etc. If the DB server hosts several applications, the admins are quite likely not to be happy with this. In the web world typically one creates his own "Users" table which contains all the necessary info, and uses one fixed DB login for all interaction. That is all nice for a web app, but a windows forms can't hide this master login information, negating security altogether. (It can try to hide, but all such attempts are easily broken with a bit of effort). So... is there some middle way? Perhaps logging in with a fixed login, and then elevating priviledges from a special stored procedure which checks the username and password?

  Read the article

• Password security; Is this safe?

  - by Camran

  I asked a question yesterday about password safety... I am new at security... I am using a mysql db, and need to store users passwords there. I have been told in answers that hashing and THEN saving the HASHED value of the password is the correct way of doing this. So basically I want to verify with you guys this is correct now. It is a classifieds website, and for each classified the user puts, he has to enter a password so that he/she can remove the classified using that password later on (when product is sold for example). In a file called "put_ad.php" I use the $_POST method to fetch the pass from a form. Then I hash it and put it into a mysql table. Then whenever the users wants to delete the ad, I check the entered password by hashing it and comparing the hashed value of the entered passw against the hashed value in the mysql db, right? BUT, what if I as an admin want to delete a classified, is there a method to "Unhash" the password easily? sha1 is used currently btw. some code is very much appreciated. Thanks

  Read the article

• EPM System Standard Deployment Video Series

  - by Paul Anderson -Oracle

  (in via Jan) A four-part video series on deploying Enterprise Performance Management (EPM) System Products has been made available within the Oracle EPMWebcasts YouTube channel. This video series is designed for system administrators. It provides an overview of how to deploy EPM System products using the standard deployment methodology. Deploying EPM System Using Standard Deployment video series: Part 1 - Overview [3:12] Describes the EPM standard deployment and details each of the videos in the series. Part 2 - Preparing for Deployment [3:41] Discusses how to prepare for an EPM standard deployment. Part 3 - Installing and Configuring an Initial Instance of EPM System [4:11] Outlines the steps to install and configure an initial instance of EPM System components.. Part 4 - Scaling Out and Installing EPM System Clients [4:00] Provides an overview of the steps to scale out EPM System components and install EPM System client software. More information is available within the PDF document: EPM System Standard Deployment Guide 11.1.2.3 To view and and access other Oracle EPM Webcast videos visit: Oracle EPM Webcasts YouTube Channel To view and download all of the EPM product documentation visit the Oracle Technology Network (OTN) EPM Documentation Library. In addition to the Oracle EPM Webcasts YouTube channel these videos along with other EPM related product videos and information are available in the Oracle Learning Library (OLL) - visit: Oracle Learning Library - EPM Consolidation and Planning Videos

  Read the article

• UK Partner Briefing – Business Analytics - 24 Sept 2012

  - by Mike.Hallett(at)Oracle-BI&EPM

  Monday 24th September 2012 - Oracle City Office, London Register Here for this important, free briefing Oracle Partners are invited to attend this Business Analytics Partner Briefing on 24th September 2012 in Oracle’s London Moorgate Offices with Particular focus on Exalytics, Endeca and, BI Mobile. Who should attend? Oracle Business Analytics is one of our fastest growing product lines, hence this briefing will be of value to any executives looking for new business opportunities or extending their existing Analytics line of business Background This half day event will inform you of Oracle's Business Analytics strategy, how your organisation can gain commercial advantage from reselling and deploying Oracle's BI portfolio, and the tools and resources to support your sales engagements. Agenda 13:45 – Registration, Coffee, and iPad set up 14:30 – Briefing Commences: Welcome & Introduction to the Business Analytics FY13 Strategy from Mike Pell, VP UK Business Analytics Sales 15:15 – Exalytics: Speed of Thought Analytics 16:00 – Mobile BI & Endeca 16:45 – Event Wrap-up and Q&A 17:00 – Meet the UK BI Sales Team: Networking Please note – If you have an iPad please bring it with you to the session, as we will be helping to set these up with BI Mobile from 13:45 onwards. Click here to register now for this briefing for Oracle Partners. Best regards, Mike Pell                                  Duncan Fitter                           Mike Thompson VP UK Analytics Sales             BA Business Development       Alliances & Channels

  Read the article

• Hardening network with sysctl settings made Wi-fi downloading speed extremely slow

  - by Rohit Bansal

  I just followed up following steps to harden network security The /etc/sysctl.conf file contain all the sysctl settings. Prevent source routing of incoming packets and log malformed IP's enter the following in a terminal window: sudo vi /etc/sysctl.conf Edit the `/etc/sysctl.conf` file and un-comment or add the following lines : # IP Spoofing protection net.ipv4.conf.all.rp_filter = 1 net.ipv4.conf.default.rp_filter = 1 # Ignore ICMP broadcast requests net.ipv4.icmp_echo_ignore_broadcasts = 1 # Disable source packet routing net.ipv4.conf.all.accept_source_route = 0 net.ipv6.conf.all.accept_source_route = 0 net.ipv4.conf.default.accept_source_route = 0 net.ipv6.conf.default.accept_source_route = 0 # Ignore send redirects net.ipv4.conf.all.send_redirects = 0 net.ipv4.conf.default.send_redirects = 0 # Block SYN attacks net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_max_syn_backlog = 2048 net.ipv4.tcp_synack_retries = 2 net.ipv4.tcp_syn_retries = 5 # Log Martians net.ipv4.conf.all.log_martians = 1 net.ipv4.icmp_ignore_bogus_error_responses = 1 # Ignore ICMP redirects net.ipv4.conf.all.accept_redirects = 0 net.ipv6.conf.all.accept_redirects = 0 net.ipv4.conf.default.accept_redirects = 0 net.ipv6.conf.default.accept_redirects = 0 # Ignore Directed pings net.ipv4.icmp_echo_ignore_all = 1 To reload sysctl with the latest changes, enter: sudo sysctl -p But, after applying the changes I found "Wi-fi" downloading speed and terminal downloading speed extremely slow (less than 1KB/s) however surfing speed through browser was good. But, using direct ethernet cable was giving a good speed. Then, I reverted back the above changes and things fall back in line once again.... Could you please let me know what possibly in above script is affecting such behaviour [and why] ? How could I still maintain hardening of network security without disturbing Wi-fi downloading speed ?

  Read the article

• www.foobar.com works but foobar.com results in a 'Server not found' error

  - by Homunculus Reticulli

  I have just setup a minimal (hopefully secure? - comments welcome) apache website using the following configuration file: <VirtualHost *:80> ServerName foobar.com ServerAlias www.foobar.com ServerAdmin [email protected] DocumentRoot /path/to/websites/foobar/web DirectoryIndex index.php # CustomLog with format nickname LogFormat "%h %l %u %t \"%r\" %>s %b" common CustomLog "|/usr/bin/cronolog /var/log/apache2/%Y%m.foobar.access.log" common LogLevel notice ErrorLog "|/usr/bin/cronolog /var/log/apache2/%Y%m.foobar.errors.log" <Directory /> AllowOverride None Order Deny,Allow Deny from all </Directory> <Directory /path/to/websites/> Options -Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> </VirtualHost> I am able to access the website by using www.foobar.com, however when I type foobar.com, I get the error 'Server not found' - why is this? My second question concerns the security implications of the directive: <Directory /path/to/websites/> Options -Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> in the configuration above. What exactly is it doing, and is it necessary?. From my (admitedly limited) understanding of Apache configuration files, this means that anyone will be able to access (write to?) the /path/to/websites/ folder. Is my understanding correct? - and if yes, how is this not a security risk?

  Read the article

• SO-overflow induced passivity - how to cope?

  - by Ruben

  After not really working on my pet project for a while, I discovered Stackoverflow and upon perusing it more intensely I was quite amazed. I'm a bit of a perfectionist, so when I found eye-openers here highlighting many of the mistakes I made, I first wanted to fix everything. However, it's a pet project for a reason: I'm self-taught and I'm studying psychology, so programming skills can never become priority one (though it often helps, even in this field). Issues that stuck out were numerous security issues (e.g. CSRF-prevention and bcrypt eluded me) not object-oriented (at least the PHP part, the JS-part mostly is) no PHP framework used, so many of my DIY takes on commonly-tackled components (auth, ...) are either bad or inefficient really poor MySQL usage (no prepared statements, mysql extension, heard about setting proper indices two days ago) using mootools even though JQuery seems to be fashionable, so there's more probably always going to be better integration with services I'd like to use (like google visualization) So, my SO-induced frenzy turned into passivity. I can't do it all (soon) in the rather small amount of spare time I can spend on working on my project. I can leave some of the issues be in good conscience (speed stuff: an unfinished & unpublished project will never become popular, right?). No clear conscience without good security though and if I don't use a framework for auth and other complex stuff I'll regret having to do it myself. One obvious answer would probably be going open-source, but I think the project would need to become more impressive before others would commit to it. I can't afford to employ someone either. I do think the project deserves being worked on, though. How should I tackle it anyway? What's the best practice for little-practice people?

  Read the article

• Identity in .NET 4.5&ndash;Part 1: Status Quo (Beta 1)

  - by Your DisplayName here!

  .NET 4.5 is a big release for claims-based identity. WIF becomes part of the base class library and structural classes like Claim, ClaimsPrincipal and ClaimsIdentity even go straight into mscorlib. You will be able to access all WIF functionality now from prominent namespaces like ‘System.Security.Claims’ and ‘System.IdentityModel’ (yay!). But it is more than simply merging assemblies; in fact claims are now a first class citizen in the whole .NET Framework. All built-in identity classes, like FormsIdentity for ASP.NET and WindowsIdentity now derive from ClaimsIdentity. Likewise all built-in principal classes like GenericPrincipal and WindowsPrincipal derive from ClaimsPrincipal. In other words, the moment you compile your .NET application against 4.5,  you are claims-based. That’s a big (and excellent) change.   While the classes are designed in a way that you won’t “feel” a difference by default, having the power of claims under the hood (and by default) will change the way how to design security features with the new .NET framework. I am currently doing a number of proof of concepts and will write about that in the future. There are a number of nice “little” features, like FindAll(), FindFirst(), HasClaim() methods on both ClaimsIdentity and ClaimsPrincipal. This makes querying claims much more streamlined. I also had to smile when I saw ClaimsPrincipal.Current (have a look at the code yourself) ;) With all the goodness also comes a number of breaking changes. I will write about that, too. In addition Vittorio announced just today the beta availability of a new wizard/configuration tool that makes it easier to do common things like federating with an IdP or creating a test STS. Go get the Beta and the tools and start writing claims-enabled applications! Interesting times ahead!

  Read the article

• extra configuration needed after installing SSL certificate?

  - by ptriek

  We recently developed two rather simple PHP applications for AXA (European bank). URL's are axa.tfo.be/incentives/cipres and axa.tfo.be/incentives/zrkk (access to both sites is restricted to visitors with cookies with encrypted passwords) On a previous security audit by an external company several security issues have been found. All these issues have been solved by a collleague PHP developer. However, one last requirement has been added - all data should be transfered over https. My php collegue is on holiday, however - and unavailable at the moment. So I contacted my host, and asked for installing SSL certificate. I myself have no knowledge/experience with SSL, so I'm a bit at loss for the following problems. Comodo SSL certificate + unique IP address has been installed today by my webhost for subdomain axa.tfo.be (by www.combell.be). However, it doesn't seem to be working. I posted a question about this earlier today, and was told not to worry, see link: http://serverfault.com/questions/339320/what-happens-if-you-install-an-ssl-certificate Current problems: the web applications aren't accessible over https, http works though (if a valid cookie is available) there's a static html page at http://axa.tfo.be/incentives/cipres/static.html, even that page is only accessible over http My webhost is telling me that 'my application probably doesn't support SSL', and has asked me to set an SSL variable to true in my php code. So my questions: I have basic knowledge of php, but don't know where to start regarding the 'php ssl variable'. The sites have been online for some time, and have been developed for regular php access. (Google didn't bring me any help, either.) Can anyone point me in the right direction, or give me some clues about whether/what I should ask my webhost for further assistance? (I'm a bit on a tight schedule, the sites will be audited again on monday, and it's a customer i wouldn't want to loose...) Thanks for looking into this, and sorry if my questions sound a bit nooby - I'm a webdesigner, not a server specialist...

  Read the article

• Internship in License Contract Management

  - by cristian.condurache(at)oracle.com

  Hi Everyone, My name is Luca. I am an intern in the License Contract Management team in Italy. I have studied Economics and Business in Pescara and finished my Master’s Degree in July 2009. After a short work experience near my home town I decided to look for a job in an International Company. I got in touch with Oracle in January 2010. I had a telephone interview and then a face-to-face interview. On a cold and grey morning, I arrived in Milan....my first impression was fantastic....a big modern building with wide TVs everywhere. I was a little nervous but very excited. I understood this could be a great opportunity... The interview went well and I started to work in March. After a training period I was quickly involved in the closing of the last quarter of the fiscal year - of which May is the last month at Oracle. Working as a License Contract Manager is a real challenge for a fresh graduate. It involves thoroughly understanding the Oracle Policies and Practices with regards to License Contracts. In my experience, especially in May, I learnt to work under high pressure, within time constrains, and to keep up with constant changes. In this period I also had the opportunity to be involved in different negotiations, being directly in contact with the customers. This helped me to develop my relational skills during complex transactions. Looking back at the nine months at Oracle I can say I have a better understanding of the IT world. It is a complex environment that changes continously, offering new challenges to learn from everytime. If you have any questions related to this article feel free to contact [email protected]. You can find our job opportunities via http://campus.oracle.com. Technorati Tags: License Contract Management,oppotunity,Oracle Policies,internship

  Read the article

• We've Been Busy: World Tour 2010

  - by [email protected]

  By Brian Dayton on March 11, 2010 11:17 PM Right after Oracle OpenWorld 2009 we went right into planning for our 2010 World Tour. An ambitious 90+ city tour visiting cities on every continent. The Oracle Applications Strategy Update Tour started January 19th and is in full swing right now. We've put some heavy hitters on the road. If you didn't get a chance to see Steve Miranda, Senior Vice President of Oracle Application Development in Tokyo, Anthony Lye, Senior Vice President of Oracle CRM Development in New Delhi or Sonny Singh, Senior Vice President of Oracle Industries Business Unit in Stockholm don't worry...we're not done yet. The theme, Smart Strategies: Your Roadmap to the Future is a nod to the fact that everyone needs to be smart about what's going on in their business and industry right now. But just as important---how to make sure that you're on the course to where you need to be down the road. Get the big picture and key trends in "The New Normal" of today's business climate and drill down and find out about the latest and greatest innovations in Oracle Applications. Check out http://www.oracle.com/events/applicationstour/index.html for an upcoming tour date near you. Pictures, feedback, summaries and learnings from the tour to come soon.

  Read the article

• Leveraging ERP Investments with EPM and BI Solutions

  - by john.orourke(at)oracle.com

  Now that many organizations have implemented ERP systems to automate and integrate their operational processes, IT investments are beginning to shift to the management systems i.e. EPM and BI tools and applications that integrate data from multiple transactional systems.  These solutions automate and integrate the management processes and enable organizations to achieve "management excellence" becoming smarter, more agile and more aligned than their competitors.  In fact the results of a recent IDC survey indicate that "Organizations that have implemented performance management more broadly are nearly four times more likely to be among the most competitive organizations in their industry."  One example of an organization that is leveraging their ERP investments with Oracle EPM and BI solutions is General Dynamics.  The Business Intelligence Collaborative (BIC) group within General Dynamics' IT organization assists various business units with the implementation, application support, and application hosting for their Business Intelligence and Enterprise Performance Management Applications.  Attend the Oracle Virtual Trade Show "Spotlight on Customer Success" on February 3rd to hear the details of how General Dynamics is using Oracle Essbase, Hyperion Planning, and Oracle BI to improve their planning, reporting and analysis processes and leverage their investments in Oracle E-Business Suite and other operational systems.   During the event, you can also hear about the latest developments and plans for Oracle Applications products, as well as what's coming with Oracle Fusion Applications. Here's a link to the Virtual Trade Show event overview and registration page.  The event runs from 8AM - 1PM PST/11AM - 4PM EST, and the EPM session is 10:30 - 11AM PST/1:30 - 2PM EST.    http://event.on24.com/event/26/79/15/rt/opFb.html?partnerref=internal I hope you'll join us on February 3rd!  

  Read the article

• Would I be able to use code hosting services to host malware code?

  - by NlightNFotis

  Let me start by saying that I am a computer security researcher. Part of my job is to create malware to deploy on a controlled environment in order to study or evaluate several aspects of computer security. Now, I am starting to think that using an online code hosting service (such as BitBucket, Github, etc...) to have all my code in 1 place, would allow me to work on my projects more efficiently. My question is: Are there any issues with this? I have studied those companies' privacy policies, and they state that they allow usage of their services for lawful usage. Since I am not distributing malware, but I am only using it on my machines and machines that I am authorized to use, aren't I allowed to use the service? For the usage that I am doing, malware is the same as any other software. I recognise that I should be extremely careful with code hosting, as any mistake from my part could hold me liable for damages and leave me open against legal action. As such I am recognizing that I should use private repositories, so the code is not available to the public. But how private is a private repository? How can I trust that companies like them will not leak or sell a potential (electronic) viral weaponry that I may have created in the future?

  Read the article

• What kind of website or coding is suitable and safe for an artist's website

  - by Dan S

  I have a web design project that is related to a singer, and I used Joomla for my previous project and designed good music websites. But for this project I cannot find a suitable template to edit and use. As the website is so simple and does not have any special functionality, I'm thinking about creating a website with just simple CSS, html and jQuery. I'm Good at them and can make a perfect look but I am not sure about the security. In Joomla I use different security plugins but do not know about a client-side scripting. So generally I need your ideas, about the following questions: - Is Joomla and generally CMS a good option for a music website? - How famous artists' website is base on? CMS or Client-side scripting? - Do you recommend to create it manually without using and CMS or template? - An do you suggest WordPress for this type of websites? (The website will have these pages: Biography, News, Music (with a music player), Photos, videos and contacts). That's it! Thank you for all your responds, I had a look at Joomla and the only template I chose is This One which seems very simple, and I am worry about module position, because it seems does not have any module position at all. I tried to contact the provider but did not get any respond. Does anyone know about its module position, I mean is there any way to find them? An is it possible to create a 2-3 module positions? Also I had a look at ThemeForest's WordPress templates and it has such a great template. I think WordPress is more active in creating artistic templates. But is it secure and professional to use this CMS for a singer who is kinda famous it his country? I am talking about a template like this. Share your opinions guys.

  Read the article

• Should a stack trace be in the error message presented to the user?

  - by Vilx-

  I've got a bit of an argument at my workplace and I'm trying to figure out who is right, and what is the right thing to do. Context: an intranet web application that our customers use for accounting and other ERP stuff. I'm of the opinion that an error message presented to the user (when things crash) should include as much information as possible, including the stack trace. Of course, it has to start with a nice "An Error has occurred, please submit the below information to the developers" in large, friendly letters. My reasoning is that a screenshot of the crashed application will often be the only easily available source of information. Sure, you can try to get a hold of the client's systems administrator(s), attempt to explain where your log files are, etc, but that will probably be slow and painful (talking to the client representatives mostly is). Also, having an immediate and full information is extremely useful in development, where you don't have to go hunting through the log files to find what you need on every exception. (But that could be solved with a configuration switch.) Unfortunately there has been some kind of "Security audit" (no idea how they did that without the sources... but whatever), and they complained about the full exception messages citing them as a security threat. Naturally, the clients (at least one that I know of) has taken this at face value and now demands that the messages be cleaned. I fail to see how a potential attacker could use a stack trace to figure anything out he couldn't have figured out before. Are there any examples, any documented proof of anyone ever doing that? I think that we should fight this foolish idea, but perhaps I'm the fool here, so... Who's right?

  Read the article

< Previous Page | 294 295 296 297 298 299 300 301 302 303 304 305  | Next Page >