Search Results

Search found 12541 results on 502 pages for 'secure the world'.

Page 30/502 | < Previous Page | 26 27 28 29 30 31 32 33 34 35 36 37  | Next Page >

  • How secure are third party Ubuntu (APT) repository mirrors

    - by bakytn
    Hello! We have locally an Ubuntu mirrors to save a lot of traffic (our external traffic is not free) So whenever I apt-get install "program" it gets from that repository. the question is...basically they can substitute any package with their own? So it's 100% on my own risk and I can be hacked easily on any apt-get upgrade or a-g install or a-g dist-upgrade? for example the very basic ones like "telnet" or any other.

    Read the article

  • How to secure a directory in Apache using a PHP session

    - by Cogsy
    I have a site that uses PHP session for authentication. There is one directory that I would like to restrict access to that does not use any PHP, it's just full of static content. I just don't know how to restrict access without every request going through a PHP script. Is there some way to have Apache check the session credentials and restrict access like Basic Auth?

    Read the article

  • InstantWild: Identify Animals From Around the World; Help Scientists

    - by Jason Fitzpatrick
    Web-based/iPhone: InstantWild is an iOS and web application that displays research cameras from around the world; help scientists by turning your eco-voyeurism into positive identification of endangered species. It’s a neat mashup of a fun application and legitimate research. There are hundreds of remote cameras set up around the world, designed to capture photographs of animals (especially endangered ones) in their native habitats. When you visit InstantWild (or load the app on your iPhone) you’re treated to pictures from all around the world. In the course of browsing those photos from around the world you can help out by tagging the animals in the photos to assist zoologists and other scientists in their research. Hit up the link below to check out the web-based version and even grab a copy for your phone. InstantWild [via Wired] Amazon’s New Kindle Fire Tablet: the How-To Geek Review HTG Explains: How Hackers Take Over Web Sites with SQL Injection / DDoS Use Your Android Phone to Comparison Shop: 4 Scanner Apps Reviewed

    Read the article

  • Secure data hosting...

    - by kylex
    I've looked online and can't seem to find a proper answer. We have a client that requires very sensitive data be stored in a database. Is there a hosting company that provides high-level database security (this is for a bank).

    Read the article

  • How secure is Windows IPSec VPN?

    - by sergeb
    I know the answer is, depends on how you configure it... But bare with me - our IPSec Site-to-Site VPN is configured by one of the most trusted hosting companies. One of our clients expressed concerns that "Windows Server 2008 Server IPSEC is not ICSA certified and lacks some of the common features for maintaining VPN stability" (they refer to the lack of "auto keep live" feature). They also are saying that "Windows platforms are not recommended as VPN endpoints due to security concerns and this is one reason that the ICSA testing labs will not certify it as a valid IPSEC solution" (I couldn't find a proof to this one) Are there any whitepapers or references that can prove the security of Windows IPSec implementation? Thanks!

    Read the article

  • How do I secure Sql Server 2008 R2

    - by Mark Tait
    I have both a dedicated and a VPS (from Fasthosts) virtual server - the web sites/applications I run on these, access Sql Server stored on the same web server. Until now, I have logged onto Sql Server on both the deidicated and VPS server, from Sql Server Management Studio - until I noticed in my server application logs, multiple attempts to logon to Sql Server using the 'sa' username, but failed password. So someone/bot is trying hard (repeatedly every couple of hours, for approx 20 attempts during each instance) to log on... so obviously I have to lock down access to Sql Sever remotely. What I have done is gone into Configuration Manager, and in Sql Server Network Configuration - Protocols for Sql2008 and also in Sql Native Client 10.0 Configuration - Client Protocols - I have diabled Named Pipes, TCP/IP (and VIA by default). I have left Shared Memory enabled. I also disabled in Sql Server Services, the Sql Server Browser. Now the only way I can manage the databases on these servers, is by logging on to them via Remote Desktop. Can anyone confirm if this is the correct way of stopping anyone maliciously logging on to Sql Server? (I'm not a DBA or security expert - and there are hundreds of articles advising all different ways - but I was hoping for the experts here to confirm, or otherwise, if what I've done is correct) Thank you, Mark

    Read the article

  • iptables secure squid proxy

    - by Lytithwyn
    I have a setup where my incoming internet connection feeds into a squid proxy/caching server, and from there into my local wireless router. On the wan side of the proxy server, I have eth0 with address 208.78.∗∗∗.∗∗∗ On the lan side of the proxy server, I have eth1 with address 192.168.2.1 Traffic from my lan gets forwarded through the proxy transparently to the internet via the following rules. Note that traffic from the squid server itself is also routed through the proxy/cache, and this is on purpose: # iptables forwarding iptables -A FORWARD -i eth1 -o eth0 -s 192.168.2.0/24 -m state --state NEW -j ACCEPT iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A POSTROUTING -t nat -j MASQUERADE # iptables for squid transparent proxy iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to 192.168.2.1:3128 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128 How can I set up iptables to block any connections made to my server from the outside, while not blocking anything initiated from the inside? I have tried doing: iptables -A INPUT -i eth0 -s 192.168.2.0/24 -j ACCEPT iptables -A INPUT -i eth0 -j REJECT But this blocks everything. I have also tried reversing the order of those commands in case I got that part wrong, but that didn't help. I guess I don't fully understand everything about iptables. Any ideas?

    Read the article

  • HOw to secure whm/cpanel centos server from javascript malacious code virus

    - by Master
    Recently my sites index.php code was replaced some malacious javascript virus code. I really don't know how did that entered into that page. Today when i tried to download that file via ftp then antivirus gave me the warning. So it means it was not entered from my computer. Is there any way to install some antivirus on VPS server with centos 5 , cpanel/whm so that those code should not be allowed to add. also what is mod_security . will it be helpful.

    Read the article

  • Solution for secure online remote presentation?

    - by Greg Joshner
    Hello, what is your (subscription free) solution to share a presentation with a number of users (below 50) that works without plug-ins in a browser and allows the presentation to be centrally controlled (and thus prevents participating users from "flipping forward")? I won't need print, save as or offline features, just showing and controlling a presentation centrally. Thanks a lot for your help!

    Read the article

  • Own server, multiple website: most secure PHP setup

    - by plua
    Hi there, We have a company server with a variety of websites. They are maintained by different people from within our company. All websites are public. The server access is limited to our company only. This is NOT a shared hosting environment. We are looking into securing the server, currently analyzing the risk related to permissions of files. We feel the highest risk is when files are uploaded and then opened/executed by the public. This should not happen, but an error in a script might allow people to do so (there are image uploaders, file uploaders, etc). Uploader scripts use PHP. So the question is: what is the best way of setting / organizing permissions of files and processes? There seem to be several options to run PHP (and Apache), and setting the permissions. What should we take into consideration? Any tips? We are considering mod_php and FastCGI, but perhaps given our situation other solutions are preferred?

    Read the article

  • World's simplest, LIGHTEST email client?

    - by rekindleMyLoveOf
    I do not want the bloat that is outlook, nor do I need exchange server-like nifty features. Most certainly do not want the bloat that is thunderbird. I just want to be able to send and receive email as/with the particular email account I set up on my domain. Pocomail sounded like a nice idea but apparently it does not deal with html and since this is for a tiny fledgling biz, i think I might need to accomodate html... so I didn't investigate further. Too bad gmail won't let me send from my own mail server, really. :o) What do you guys use that simple and nifty? ===edit=== forgot to mention this is going to be on Windows Vista. (Hey, I'm not a "superuser", okay? I got bounced from stackoverflow :-) )

    Read the article

  • Secure copying (file transfer) between two Linux servers in the same datacenter (Linode)

    - by MountainX
    I have two Linodes in the same data center. I want to copy files from one to the other each night or on demand (for about the next month, until this project is finished). So I'm thinking about using rsync. My question is how do I set up the two Linode servers to communicate via private IP addresses securely? Both servers are SSH hardened, they use denyhosts and have a fairly restrictive iptables setup. I know I need to first assign private IP addresses to each server, then configure static networking according to this guide. What is next? What SSH or iptables settings are needed to allow these two servers to communicate? What further info do I need to supply in this question? I'm looking for a basic step-by-step guide for how to do this.

    Read the article

  • Which wireless keyboard is most secure?

    - by Axxmasterr
    I want to allow someone to use a keyboard wirelessly but I am concerned that the user passwords will be sent across the wire too. Is there a wireless keyboard that encrypts the keystream? I bought an IR keyboard setup however it lacks the range to be useful more than a few feet away from the detector. I need a range of 10 feet.

    Read the article

  • How secure is TeXShop+Truecrypt on OS X?

    - by trolle3000
    Hello All of the question I would like to ask is pretty much contained in the title... I have a couple Truecrypt-encrypted folders on OS X, where I keep some .tex documents I edit in TeXShop, and the question is: does TexShop 'bleed' information? Does it store temporary files anywhere else on the system? Filenames, filecontents etc. Cheers!

    Read the article

  • How secure is a subnet?

    - by HorusKol
    I have an unfortunate complication in my network - some users/computers are attached to a completely private and firewalled office network that we administer (10.n.n.x/24 intranet), but others are attached to a subnet provided by a third party (129.n.n.x/25) as they need to access the internet via the third party's proxy. I have previously set up a gateway/router to allow the 10.n.n.x/24 network internet access: # Allow established connections, and those !not! coming from the public interface # eth0 = public interface # eth1 = private interface iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -m state --state NEW ! -i eth0 -j ACCEPT iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow outgoing connections from the private interface iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT # Masquerade (NAT) iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE # Don't forward any other traffic from the public to the private iptables -A FORWARD -i eth0 -o eth1 -j REJECT However, I now need to enable access to users on our 129.n.n.x/25 subnet to some private servers on the 10.n.n.x/24 network. I figured that I could do something like: # Allow established connections, and those !not! coming from the public interface # eth0 = public interface # eth1 = private interface #1 (10.n.n.x/24) # eth2 = private interface #2 (129.n.n.x/25) iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -m state --state NEW ! -i eth0 -j ACCEPT iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -i eth0 -o eth2 -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow outgoing connections from the private interfaces iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT iptables -A FORWARD -i eth2 -o eth0 -j ACCEPT # Allow the two public connections to talk to each other iptables -A FORWARD -i eth1 -o eth2 -j ACCEPT iptables -A FORWARD -i eth2 -o eth1 -j ACCEPT # Masquerade (NAT) iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE # Don't forward any other traffic from the public to the private iptables -A FORWARD -i eth0 -o eth1 -j REJECT iptables -A FORWARD -i eth0 -o eth2 -j REJECT My concern is that I know that the computers on our 129.n.n.x/25 subnet can be accessed via a VPN through the larger network operated by the provider - therefore, would it be possible for someone on the provider's supernet (correct term? inverse of subnet?) to be able to access our private 10.n.n.x/24 intranet?

    Read the article

  • Booting CDs/USB devices after installing Windows 8

    - by shoyip
    I recently installed Windows 8 on one of my four primary partitions. I had two partitions for Windows 7 (boot and os), one for the Windows System Recovery Environment and the last for Ubuntu. I was often using Ubuntu, but after the installation of Windows 8 Pro I couldn't boot in it because it needed the reinstallation of GRUB2. So I thought to do it by Terminal in a live cd; but when I tried to boot the Live CD, it booted me Windows 8 Pro. This is a problem of UEFI, Secure Boot or my BIOS? It didn't happen never before now. And if it's a problem of Secure Boot, how to disable it? Thanks in advance, Sho.

    Read the article

  • Secure Browsing, how [closed]

    - by Jhonny Bigodes
    Possible Duplicate: How to browse safely? What's the best way to browse "suspicious" sites safely. I know Firefox used to be "the thing", but now I don't think it is (IMHO). What I'm using now is a virtual machine (with virtual box), rhat I periodically format. I heard some time ago of a project that glued the 2 together (kinda... everytime you startup the program it used a fresh machine with a fresh browser), but I lost track of them So my question is: How can I Browse the web securely ? Ps.: In in ubuntu

    Read the article

  • Efficient way to secure tomcat database connections

    - by Greymeister
    Our customer has a problem with database information in plaintext within a server.xml or context.xml file on the Tomcat server. I've looked at several sites like OWASP and it seems like there's no obvious solution. I've also seen things like this wordpress blog which describe implementing a custom Tomcat extension to do this. There must exist some standard implementation(s) already without having to roll your own. Does anyone have experience with such a solution?

    Read the article

  • Whats a good secure Windows FTP server?

    - by Keith Nicholas
    Whats a good FTP server? I have been running FileZilla, which seems okish. But I've noticed that a lot of people try to hack ftp servers and FileZilla only has very basic controls to prevent people from hacking. (so far no ones actually managed to get in... so thats good!) I was wondering if there were better options out there? Especially interested in recommendations from people who know they get targeted by hackers.

    Read the article

  • How can I read a portion of one Minecraft world file and write it into another?

    - by RapierMother
    I'm looking to read block data from one Minecraft world and write the data into certain places in another. I have a Minecraft world, let's say "TemplateWorld", and a 2D list of Point objects. I'm developing an application that should use the x and y values of these Points as x and z reference coordinates from which to read constant-sized areas of blocks from the TemplateWorld. It should then write these blocks into another Minecraft world at constant y coordinates, with x & z coordinates determined based on each Point's index in the 2D list. The issue is that, while I've found a decent amount of information online regarding Minecraft world formats, I haven't found what I really need: more of a breakdown by hex address of where/what everything is. For example, I could have the TemplateWorld actually be a .schematic file rather than a world; I just need to be able to read the bytes of the file, know that the actual block data starts always at a certain address (or after a certain instance of FF, etc.), and how it's stored. Once I know that, it's easy as pie to just read the bytes and store them.

    Read the article

  • Secure copy uucp style

    - by Alexander Janssen
    I often have the case that I have to make a lot of hops to the remote host, just because there is no direct routing between my client and the remote host. When I need to copy files from a remote host two or more hops away, I always have to: client$ ssh host1 host1$ ssh host2 host2$ scp host3:/myfile . host2$ exit host1$ scp host2:myfile . host1$ exit client$ scp host1:myfile . Back when uucp still was being used this would be as simple as a uucp host1!host2!host3 /myfile . I know that there's uucp over ssh, but unfortunately I don't have the proper privileges on those machines to set it up. Also, I'm not sure if I really want to fiddle around with customer's machines. Does anyone know of a method doing this tasks without the need to setup a lot of tunnels or deploying new software to remote hosts? Maybe some kind of recursive script which clones itself to all the remote hosts, doing the hard work for me? Assume that authentication takes place with public keys and that all hosts do SSH Agent Forwarding. Edit: I'm not looking for a way to automatically forwarding my interactive sesssion to the nexthop host. I want a solution to copy files bangpath-style using scp via multiple hops without the need to install uucp on any of those machines. I don't have the (legal) rights or the privileges to make permanent changes to the ssh-config. Also, I'm sharing this username and hosts with a lot of other people. I'm willing to hack up my own script, but I wanted to know if anyone knows something which already does it. Minimum-invasive changes to hosts on the bangpath, simple invocation from the client. Edit 2: To give you an impression of how it's properly been done in interactive sessions, have a look at the GXPC clustershell. This is basically a Python-script, which spwans itself over to all remote hosts which have connectivity and where your ssh-key is installed. The great thing about it is, that you can tell "I can reach HostC via HostB via HostA." It just works. I want to have this for scp.

    Read the article

  • How to implement a secure authentication over HTTP?

    - by Zagorax
    I know that we have HTTPS, but I would like to know if there's an algorithm/approach/strategy that grants a reasonable security level without using SSL. I have read many solution on the internet. Most of them are based on adding some time metadata to the hashes, but it needs that both server and client has the time set equal. Moreover, it seems to me that none of this solution could prevent a man in the middle attack.

    Read the article

  • How to secure svn+ssh checkout users?

    - by vvanscherpenseel
    All our SVN repositories are hosted on a dedicated machine on which all the developers have access. Every now and then we need to checkout a repository on a machine we don't own or operate ourselves. Currently we all use our own system (SSH) account for this, but instead I would like to use some generic 'checkoutsvn' user that can be used for this. This user is only used for checking out from a repository, but should not be allowed to log in to the system (no shell access). I tried to do this by setting the default shell of that account to /sbin/nologin but then SVN fails, as apparently svn+ssh requires shell access. How do you do this? Is there a good solution for this?

    Read the article

  • Come up with a real-world problem in which only the best solution will do (a problem from Introduction to algorithms) [closed]

    - by Mike
    EDITED (I realized that the question certainly needs a context) The problem 1.1-5 in the book of Thomas Cormen et al Introduction to algorithms is: "Come up with a real-world problem in which only the best solution will do. Then come up with one in which a solution that is “approximately” the best is good enough." I'm interested in its first statement. And (from my understanding) it is asked to name a real-world problem where only the exact solution will work as opposed to a real-world problem where good-enough solution will be ok. So what is the difference between the exact and good enough solution. Consider some physics problem for example the simulation of the fulid flow in the permeable medium. To make this simulation happen some simplyfing assumptions have to be made when deriving a mathematical model. Otherwise the model becomes at least complex and unsolvable. Virtually any particle in the universe has its influence on the fluid flow. But not all particles are equal. Those that form the permeable medium are much more influental than the ones located light years away. Then when the mathematical model needs to be solved an exact solution can rarely be found unless the mathematical model is simple enough (wich probably means the model isn't close to reality). We take an approximate numerical method and after hours of coding and days of verification come up with the program or algorithm which is a solution. And if the model and an algorithm give results close to a real problem by some degree that is good enough soultion. Its worth noting the difference between exact solution algorithm and exact computation result. When considering real-world problems and real-world computation machines I believe all physical problems solutions where any calculations are taken can not be exact because universal physical constants are represented approximately in the computer. Any numbers are represented with the limited precision, at least limited by amount of memory available to computing machine. I can imagine plenty of problems where good-enough, good to some degree solution will work, like train scheduling, automated trading, satellite orbit calculation, health care expert systems. In that cases exact solutions can't be derived due to constraints on computation time, limitations in computer memory or due to the nature of problems. I googled this question and like what this guy suggests: there're kinds of mathematical problems that need exact solutions (little note here: because the question is taken from the book "Introduction to algorithms" the term "solution" means an algorithm or a program, which in this case gives exact answer on each input). But that's probably more of theoretical interest. So I would like to narrow down the question to: What are the real-world practical problems where only the best (exact) solution algorithm or program will do (but not the good-enough solution)? There are problems like breaking of cryptographic ciphers where only exact solution matters in practice and again in practice the process of deciphering without knowing a secret should take reasonable amount of time. Returning to the original question this is the problem where good-enough (fast-enough) solution will do there's no practical need in instant crack though it's desired. So the quality of "best" can be understood in any sense: exact, fastest, requiring least memory, having minimal possible network traffic etc. And still I want this question to be theoretical if possible. In a sense that there may be example of computer X that has limited resource R of amount Y where the best solution to problem P is the one that takes not more than available Y for inputs of size N*Y. But that's the problem of finding solution for P on computer X which is... well, good enough. My final thought that we live in a world where it is required from programming solutions to practical purposes to be good enough. In rare cases really very very good but still not the best ones. Isn't it? :) If it's not can you provide an example? Or can you name any such unsolved problem of practical interest?

    Read the article

< Previous Page | 26 27 28 29 30 31 32 33 34 35 36 37  | Next Page >