Search Results

Search found 120608 results on 4825 pages for 'code access security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 32/4825 | < Previous Page | 28 29 30 31 32 33 34 35 36 37 38 39  | Next Page >

  • Remote file access.

    - by Rob Rob
    Hi, We're needing to provide remote (read/write) access to a number of files on our network to several users (some technical, some non-technical) who will be running Windows. The non technical users will need to be able to access their files in an easy to use manner. From previous experience, we could do this with: (some sort of) VPN SSH and something like Dokan (i've only previously done this on linux with sshfs) WebDav FTP VPN and SSH access are more open that we need at present, so I'm leaning towards webdav, however I only have limited experience of it (setting up an SVN server several years ago), but my understanding is that users can access it through windows explorer. FTP I haven't had much experience of, as I've always used SFTP via ssh - but i'd imagine we could make this work in a similar way to ssh. So my question is - have I missed any obvious candidates for this task, or if webdav is (or isn't) suitable what are the security implications of using it for this (obviously https will be used for the transfers, etc). Thanks, Rob.

    Read the article

  • OpenSUSE security updates

    - by Dougal
    I have noticed that OpenSUSE informs me of patches for security holes and race conditions and things much more frequently than, say, Ubuntu. Now then, does this mean that: [A] OpenSUSE has more holes that need to be fixed in the first place or... [B] The OpenSUSE gang are more active at finding / squashing bugs. What do you think?

    Read the article

  • Group readable cron jobs a security risk?

    - by Ibrahim
    Hi, I was just wondering, is using a cron job that is group readable a security risk? In this case, the script is chmod 755, and the group is basically a group of the sysadmins on the machine. The permissions seem to be fine, but I'm just wondering whether it's a bad idea to keep this script in a group or world readable place because it's a backup script that needs to be run as root. Thanks!

    Read the article

  • Can this be considered Clean Code / Best Practice?

    - by MRFerocius
    Guys, How are you doing today? I have the following question because I will follow this strategy for all my helpers (to deal with the DB entities) Is this considered a good practice or is it going to be unmaintainable later? public class HelperArea : AbstractHelper { event OperationPerformed<Area> OnAreaInserting; event OperationPerformed<Area> OnAreaInserted; event OperationPerformed<Area> OnExceptionOccured; public void Insert(Area element) { try { if (OnAreaInserting != null) OnAreaInserting(element); DBase.Context.Areas.InsertOnSubmit(new AtlasWFM_Mapping.Mapping.Area { areaDescripcion = element.Description, areaNegocioID = element.BusinessID, areaGUID = Guid.NewGuid(), areaEstado = element.Status, }); DBase.Context.SubmitChanges(); if (OnAreaInserted != null) OnAreaInserted(element); } catch (Exception ex) { LogManager.ChangeStrategy(LogginStrategies.EVENT_VIEWER); LogManager.LogError(new LogInformation { logErrorType = ErrorType.CRITICAL, logException = ex, logMensaje = "Error inserting Area" }); if (OnExceptionOccured != null) OnExceptionOccured(elemento); } } I want to know if it is a good way to handle the event on the Exception to let subscribers know that there has been an exception inserting that Area. And the way to log the Exception, is is OK to do it this way? Any suggestion to make it better?

    Read the article

  • Excluding specific file types from a security audit in windows server 2008

    - by Mozez
    Hi, I am looking for a way to exclude specific file types from being logged in the security audits. I have a folder being audited for deletion events and the majority of logged events are .tmp files (such as a temp Word file that is automatically deleted when the app is closed) which I do not care about. Would anyone know of a way to exclude these types of files from being logged? Thanks in advance for any comments.

    Read the article

  • SARA Security Auditor Alternative

    - by bradlis7
    I have attempted to install and run Sara, but it seems that the software is broken. I could get it to run on 127.0.0.1, but it seems that no network packets ever leave the current computer that it is installed on. It tests for known security holes in a network. It was based on an older software SATAN. Is there another free alternative to this program? I did not see anything listed in this thread.

    Read the article

  • Windows 7 - How to access my documents from Windows 8 (dual boot)

    - by msbg
    I am dual booting Windows 7 and Windows 8 on two different partitions of the same drive: Win7: (C:) Win8: (D:) I am trying to get access to my Win7 user folder (C:\Users\Mason) in order to access my Win7 documents folder (C:\Users\Mason\Documents) from Windows 8. When I try to on Windows 8, I get an error message saying "You don't have permission to access this folder. Click here to permanently get access to this folder". When I click, the progress bar in Windows Explorer slowly moves to the maximum and disappears. When I try opening the folder, I get the same error message. When editing security permissions for the folder in Windows 8, Explorer freezes. I do not know how to remove the restrictions from Windows 7. I checked the Windows 8 user folder (D:\Users\Mason) and it had the group or user name: "S-1-5-21-936898901-3363470404-1273668825-1001". I tried copying and pasting it into the Win7 User Folder Permissions, but got the error "An object with the following name cannot be found". How would I access my folders?

    Read the article

  • Basic security practices for desktop Ubuntu

    - by Daisetsu
    Most of us know the basic security practices on Windows: use a limited account set a password disable unused services uninstall bloatware Antivirus / Antimalware etc. I haven't ran linux as my main desktop computer before, so I don't know how to properly secure it. I have heard linux is supposed to be more secure than Windows, but I know that the default settings of anything are rarely secure. What are some things I should do as a new Linux user to secure my desktop system from attack?

    Read the article

  • Security question pertaining web application deployment

    - by orokusaki
    I am about to deploy a web application (in a couple months) with the following set-up (perhaps anyways): Ubuntu Lucid Lynx with: IP Tables firewall (white-list style with only 3 ports open) Custom SSH port (like 31847 or something) No "root" SSH access Long, random username (not just "admin" or something) with a long password (65 chars) PostgreSQL which only listens to localhost 256 bit SSL Cert Reverse proxy from NGINX to my application server (UWSGI) Assume that my colo is secure (Physical access isn't my concern for the time being) Application-level security (SQL injection, XSS, Directory Traversal, CSRF, etc) Perhaps IP masquerading (but I don't really understand this yet) Does this sound like a secure setup? I hear about people's web apps getting hacked all the time, and part of me thinks, "maybe they're just neglecting something", but the other part of me thinks, "maybe there's nothing you can do to protect your server, and those things are just measures to make it a little harder for script kiddies to get in". If I told you all of this, gave you my IP address, and told you what ports were available, would it be possible for you to get in (assuming you have a penetration testing tool), or is this really protected well.

    Read the article

  • How to add security zone information to files?

    - by user33938
    I recently enabled "Do not preserve zone information in file attachments", to get rid that annoying "Do you want to run this program" security warning. Now, how can I add this information to a file that doesn't have it? I would like to get that warning back on certain files.

    Read the article

  • How to protect compiled Java classes?

    - by Registered User
    I know, many similar questions has been asked here. I am not asking if I can protect my compiled Java class - because obviously you will say 'no you can't'. I am asking what is the best known method of protecting Java classes against de-compiling? If you aware of any research or academic paper in this field please do let me know. Also if you have used some methods or software please share you experience? Any kind of information will be very useful. Thank you.

    Read the article

  • How can I hide tracing code in Visual Studio IDE C# ?

    - by Mark
    As I'm starting to put more tracing in my code, i'm realizing it adds a lot of clutter. I know Visual Studio allows you to hide and reveal code, however, i'd like to be able group code into "tracing" code and then hide it and reveal at will as i'm reading the code. I suppose it could do this either per file or per class or per function. Is there any way to do this? What do you guys do? Adding some clarification The hide current feature kind of allows you to do this except that when the code is hidden, you can't tell if its tracing or not. You also can't say "hide all tracing code" and "reveal all tracing code" which is useful when reading a function depending on what you are trying to do.

    Read the article

  • Access denied error 3221225578 with file sharing to Windows server

    - by Ian Boyd
    i'm trying to access the shares on a server. The credential box appears, and i enter in a correct username and password, and i get access denied. The silly thing is that i can Remote Desktop to the server (using the same credentials), and i can check the Security event log for the access denied errors: Event Type: Failure Audit Event Source: Security Event Category: Account Logon Event ID: 681 Date: 3/19/2011 Time: 11:54:39 PM User: NT AUTHORITY\SYSTEM Computer: STALWART Description: The logon to account: Administrator by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 from workstation: HARPAX failed. The error code was: 3221225578 and Event Type: Failure Audit Event Source: Security Event Category: Logon/Logoff Event ID: 529 Date: 3/19/2011 Time: 11:54:39 PM User: NT AUTHORITY\SYSTEM Computer: STALWART Description: Logon Failure: Reason: Unknown user name or bad password User Name: Administrator Domain: stalwart Logon Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM Workstation Name: HARPAX Looking up the error code (3221225578), i get an article on Technet: Audit Account Logon Events By Randy Franklin Smith ... Table 1 - Error Codes for Event ID 681 Error Code Reason for Logon Failure 3221225578 The username is correct, but the password is wrong. Which would seem to indicate that the username is correct, but the password is wrong. i've tried the password many times, uppercase, lowercase, on different user accounts, with and without prefixing the username with servername\username. What gives that i cannot access the server over file sharing, but i can access it over RDP?

    Read the article

  • I need Internet Security software with following properties

    - by Eias.N
    Hello ,, I want to own an Internet Security software , but I prefer that it has following properties : Not a heavy one that killing the machine (Like Norton) . Delete the viruses , and don't keep it after clean it . The most important off all : Has an Offline databases that Can I download and add to program database without connecting to Internet (Not Like KIS 2010) Containing (anti spam -anti Virus - Fire wall - ....... ) So what is in your mind?(Don't tell me AVG I tested it)

    Read the article

  • "Hostile" network in the company - please comment on a security setup

    - by TomTom
    I have a little specific problem here that I want (need) to solve in a satisfactory way. My company has multiple (IPv4) networks that are controlled by our router sitting in the middle. Typical smaller shop setup. There is now one additional network that has an IP Range OUTSIDE of our control, connected to the internet with another router OUTSIDE of our control. Call it a project network that is part of another companies network and combined via VPN they set up. This means: They control the router that is used for this network and They can reconfigure things so that they can access the machines in this network. The network is physically split on our end through some VLAN capable switches as it covers three locations. At one end there is the router the other company controls. I Need / want to give the machines used in this network access to my company network. In fact, it may be good to make them part of my active directory domain. The people working on those machines are part of my company. BUT - I need to do so without compromising the security of my company network from outside influence. Any sort of router integration using the externally controlled router is out by this idea So, my idea is this: We accept the IPv4 address space and network topology in this network is not under our control. We seek alternatives to integrate those machines into our company network. The 2 concepts I came up with are: Use some sort of VPN - have the machines log into VPN. Thanks to them using modern windows, this could be transparent DirectAccess. This essentially treats the other IP space not different than any restaurant network a laptop of the company goes in. Alternatively - establish IPv6 routing to this ethernet segment. But - and this is a trick - block all IPv6 packets in the switch before they hit the third party controlled router, so that even IF they turn on IPv6 on that thing (not used now, but they could do it) they would get not a single packet. The switch can nicely do that by pulling all IPv6 traffic coming to that port into a separate VLAN (based on ethernet protocol type). Anyone sees a problem with using he switch to isolate the outer from IPv6? Any security hole? It is sad we have to treat this network as hostile - would be a lot easier - but the support personnel there is of "known dubious quality" and the legal side is clear - we can not fulfill our obligations when we integrate them into our company while they are under a jurisdiction we don't have a say in.

    Read the article

  • Mobile security solutions

    - by techzen
    What are the mobile security solutions used by you / your organization. What are the pro's and cons of usage of these solution - and how far have you been successful in implementing these - were there any loopholes / issues faced in using them?. In general, can you suggest a set of guidelines to watch for when going for going for selecting a specific solution in this context.

    Read the article

  • Remove the Microsoft Security Essentials icon

    - by unam3d
    I've been using Microsoft Security Essentials on Windows 7 for sometime now and so far I don't have a bad word to say about it. I would like to permanently remove the MSE icon from the task bar and pop-up box, though I would still like to be informed when it detects a threat, etc.

    Read the article

  • How to use WPA2 client mode in the Linux-based Cisco WAP4410N access point

    - by joechip
    I have a Cisco WAP4410N access point that I want to use as a client to connect to a WPA2 wireless network (for WLAN service monitoring purposes). Supposedly this access point supports a "Wireless Client/Repeater" mode that allows to do this. The Repeater function is optional (I have that box unchecked so that nobody can connect to this access point wirelessly). I have verified through SSH that the access point gets configured as a client and not as a Master. But it never associates to the SSID I ask it to. This is what iwconfig shows: ath04 IEEE 802.11ng ESSID:"myownssid" Mode:Managed Channel:0 Access Point: Not-Associated Bit Rate:0 kb/s Tx-Power:14 dBm Sensitivity=1/3 Retry:off RTS thr:off Fragment thr:off Encryption key:off Power Management:off Link Quality=0/94 Signal level=161/162 Noise level=161/161 Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:0 Missed beacon:0 Although I've never done this from the command line, I suppose I could use wpa_supplicant or wpa_client to associate it, but I don't know how to do that without editing configuration files and the filesystem is readonly. Besides, I would have to run those commands manually after every reboot. I'd like to know how to do this the Cisco way, if possible. If not, any trick to make this work would be useful. Edit: This is with the latest firmware, 2.0.4.2. And I found that not all of the filesystem is readonly, since /var and /tmp are mounted with type ramfs.

    Read the article

  • Grant HTTP access based on unix user group

    - by Sander Marechal
    Is it possible to grant network access or HTTP access based on a user's group? At my company we want to set up an internal composer server using Satis to manage packages for the projects we write (e.g. on repository.mycompany.com), with the packages themselves in our SVN server (svn.mycompany.com). We have several webservers with many different users on them. Some users should be able to reach the composer and SVN server. Some should not. Users that should be able to reach these servers all belong to the same group. How can I set up Apache on the Composer and SVN server to only grant access to those users in that group? Alternatively, can I set up the webservers in such a way that only users from that group are able to make a connection to our Composer and SVN servers? The best thing we have come up with so far is using SSL client certificates. We simply place a client certificate on all servers which can be used to access Composer and SVN. Only the right usergroup will have read access to the certificate. A bit clunky but it may work. But I'm looking for something better.

    Read the article

  • Apache security for multi-user development web server.

    - by mrmartinblue
    I've been searching and reading through documents all morning and understand that I need to use some combination of chown and probably 'jailing' to securely give programmers access to directories on my centos webserver. Here's the situation: I have an apache web server that has any number of virtual sites located in /var/www/site1 /var/www/site2 etc.. I have different developers that need full access both ssh and vsFTP to only the site they are working on. What is the best way to create and maintain security in this scenario. My thought would be to create a new user for each coder, jail that user to the website directory they are allowed to work in, add their user to a group and set the webroot's owner to that group. Any thoughts? Good, bad, ugly? Thanks!

    Read the article

  • Using Entity Framework (code first) migrations in production

    - by devdigital
    I'm just looking into using EF migrations for our project, and in particular for performing schema changes in production between releases. I can see that generating SQL (delta) script files is an option, but is there no way of running the migrations programmatically on app start up? Will I instead need to add each delta script to the solution and write my own framework to apply them in order (from the current version to the latest) on bootstrap?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 28 29 30 31 32 33 34 35 36 37 38 39  | Next Page >