Search Results

Search found 15914 results on 637 pages for 'physical security'.

Page 355/637 | < Previous Page | 351 352 353 354 355 356 357 358 359 360 361 362 | Next Page >

Is there a way to use a SSH connection to access SMB or UPnP files without setting up a VPN?

- by Michael Chapman

What I'm trying to do is set up a SSH key that only gives access to certain directories, for security reasons I don't want it to have full access to my SSH server. I already have the ability to access the directories I need over my local network (right now using SMB, although I also used UPnP for awhile). I need, however, to be able to access those files securely over the internet from both Ubuntu and Windows machines. I'm somewhat new to SSH and not sure what the best approach to solving my problem is. If anyone knows how I can do this or where I can find a detailed tutorial I'd be grateful. And as always if anything is confusing or if there are any comments or corrections please let me know.

Read the article
mismatch of version of libkdcraw20 and libkdcraw-data

- by naveen jankar

I'm using Ubuntu 12.04 LTS. When I'm installlin digiKam, I'm getting a mismatch in the versions of libkdcraw20 and libkdcraw-data wanted by it and that available in the repositories. It wants version 4.8.5-0ubuntu0.2 (or in other words that is the latest version according to synaptic) but the available one is 4.8.5-0ubuntu0.3 in both cases. Is there a work-around? Or how do I request the Ubuntu managers to rectify this? addenda On Synaptic i selected digikam to be installed. it downloaded all the dependencies but the 2 in question were not found - the message it gave "W: Failed to fetch security.ubuntu.com/ubuntu/pool/main/libk/libkdcraw/… 404 Not Found [IP: 91.189.91.13 80]". I google-searched the 2 files in the repositories to find that the version available there is ubuntu0.3 instead of ubuntu0.2.

Read the article
Recordings Available - Features & Functions Forms Module

- by MHundal

ETPM provides robust Forms functionality that allows implementations to configure Registration & Tax Forms, configure Form Rules and process the Forms. The Forms Definition allows for defining the Form Sections and Form Lines. The Forms Generator uses the Forms Definition details to create the necessary Business Objects, Application Security and User Interfaces to allow interaction with the Forms. Form Rules are used for validation of the Form Line details and creating entities in the system (creating taxpayers, accounts, financial transactions, etc...). The following recordings provide an overview of the Forms Definition Process, Form Rules and other important concepts part of the Forms Module. Forms Module Overview: https://oracletalk.webex.com/oracletalk/ldr.php?AT=pb&SP=MC&rID=66851417&rKey=7de22df4978e7974 Forms Configuration Overview: https://oracletalk.webex.com/oracletalk/ldr.php?AT=pb&SP=MC&rID=66964342&rKey=ea564cfd701bb32d Form Rules Overview: https://oracletalk.webex.com/oracletalk/ldr.php?AT=pb&SP=MC&rID=66966652&rKey=2e02c1e28e058d70

Read the article
Prevent APT from overwriting JCE jars

- by Doc

My server runs a Java application that requires I replace a few java library files with ones I downloaded on my own. This has to do with JCE security extensions and isn't really relevant to my question. I've found that these library files tend to get overwritten by apt when it later updates my java package. Is there a apt-friendly way of masking these specific files so apt won't touch them? Potential Solutions I'm considering just removing the write flag from the files, though I'm expecting this will cause apt to spew its guts everywhere when it later tries to overwrite them? Perhaps there's a java custom library directory I don't know of, where I can park my files and they'll be loaded instead of the package's defaults? The last-resort option I'm considering is writing a cron job to periodically replace the files with my versions. I hate this option.

Read the article
How To Check If Your Account Passwords Have Been Leaked Online and Protect Yourself From Future Leaks

- by Chris Hoffman

Security breaches and password leaks happen constantly on today’s Internet. LinkedIn, Yahoo, Last.fm, eHarmony – the list of compromised websites is long. If you want to know whether your account information was leaked, there are some tools you can use. These leaks often lead to many compromised accounts on other websites. However, you can protect yourself by using unique passwords everywhere – if you do, password leaks won’t be a threat to you. Image Credit: Johan Larsson on Flickr 8 Deadly Commands You Should Never Run on Linux 14 Special Google Searches That Show Instant Answers How To Create a Customized Windows 7 Installation Disc With Integrated Updates

Read the article
Critical Patch Update for October 2012 Now Available

- by Steven Chan (Oracle Development)

The Critical Patch Update (CPU) for October 2012 was released on July 16, 2012. Oracle strongly recommends applying the patches as soon as possible. The Critical Patch Update Advisory is the starting point for relevant information. It includes a list of products affected, pointers to obtain the patches, a summary of the security vulnerabilities, and links to other important documents. Supported products that are not listed in the "Supported Products and Components Affected" Section of the advisory do not require new patches to be applied. Also, it is essential to review the Critical Patch Update supporting documentation referenced in the Advisory before applying patches, as this is where you can find important pertinent information. The Critical Patch Update Advisory is available at the following location: Oracle Technology Network The next four Critical Patch Update release dates are: January 15, 2013 April 16, 2013 July 16, 2013 October 15, 2013 E-Business Suite Releases 11i and 12 Reference Oracle E-Business Suite Releases 11i and 12 Critical Patch Update Knowledge Document (October 2012) (Note 1486535.1)

Read the article
Why Enabling “Do Not Track” Doesn’t Stop You From Being Tracked

- by Chris Hoffman

The “Do Not Track” option is enabled by default in Windows 8’s Internet Explorer 10 and available in Firefox, Safari, and Opera. Google is even adding it to Chrome. There’s just one problem: it doesn’t actually prevent tracking. The Do Not Track check box can provide a false sense of security. While a few websites will pay attention to it, the vast majority of websites will ignore your preference. Why Enabling “Do Not Track” Doesn’t Stop You From Being Tracked HTG Explains: What is the Windows Page File and Should You Disable It? How To Get a Better Wireless Signal and Reduce Wireless Network Interference

Read the article
Set secondary receiver in PayPal Chained Payment after the initial transaction

- by CJxD

I'm running a service whereby customers seek the services of 'freelancers' through our web platform. The customer will make a 'bid' which is immediately taken from their accounts as security. Once the job is completed, the customer marks it as accepted and the bid gets distributed to the freelancer(s) as a reward. After initially storing these rewards in the accounts of the freelancers and relying on MassPay to sort out paying them later, I realised that your business needs to be turning over at least £5000/month before MassPay is switched on. Instead, I was referred to Delayed Chained Payments in PayPal's Adaptive Payments API. This allows the customer to pay the primary receiver (my business) before the payment is later triggered to be sent to the secondary receivers (the freelancers). However, at the time that the customer initiates this transaction, you must understand that nobody yet knows who will receive the reward. So, before I program this whole Adaptive Payments system, is it even possible to change or add the secondary receivers after the customer has paid? If not, what can I do?

Read the article
OTN APAC Tour 2012: Bangkok, Thailand - Oct 22, 2012

- by Mike Dietrich

Roy had done some of the South America OTN Tour 2012 dates earlier this year in Peru and Chile. And I'm looking forward to present next Monday, October 22nd, 2012, on the OTN Tour 2012 in Bangkok, Thailand. The event will be held at the Eastin Grand Hotel in Bangkok. Register today for the OTN APAC Tour 2012 in Bangkok, Thailand! Presentations will include: 9:30am - 10:15am:Best Practices for Upgrading to Oracle Database 11.2 1:00pm - 1:45pm:How to improve Upgrade Performance - Real Speed, Real Customers, Real Secrets 2:45pm - 3:30pm:Oracle Data Pump: Overview and Best Practices Plus presentations about Security, RMAN and other topics by Francisco Alvarez and others. Please find the complete agenda here. Looking forward to meet you on Monday - CU there

Read the article
Is hierarchical product backlog a good idea in TFS 2012-2013?

- by Matías Fidemraizer

I'd like to validate I'm not in the wrong way. My team project is using Visual Studio Scrum 2.x. Since each area/product has a lot of kind of requirements (security, user interface, HTTP/REST services...), I tried to manage this creating "parent backlogs" which are "open forever" and they contain generic requirements. Those parent backlogs have other "open forever" backlogs, and/or sprint backlogs. For example: HTTP/REST Services (forever) ___ Profiles API (forever) ________ POST profile (forever) _______________ We need a basic HTTP/REST profiles' API to register new user profiles (sprint backlog) Is it the right way of organizing the product backlog? Note: I know there're different points of view and that would be right for some and wrong for others. I'm looking for validation about if this is a possible good practice on TFS with Visual Studio Scrum.

Read the article
How should I practice web server administration?

- by Astyanax

Security students can practice their skills with software like OWASP's webgoat or something similar to "hackthissite". Students interested in Operating Systems can study MINIX and PintOS, write shell scripts or study POSIX system calls. What would be the best course of action in order to practice Server Administration? Is there any such software/resource available, teaching you such skills with small lessons, or it is totally up to you? I've practiced live FreeBSD server administration and management of VMs (CentOS, Gentoo, Debian) under VirtualBox, but I always feel that this isn't enough and I must push myself harder. So, what would you recommend? What has worked for you?

Read the article
Lubuntu 12.04 is a non-LTS release - does this mean that LXDE isn't, either?

- by MHC

Lubuntu 12.04 is not a long-term-support release. That's mostly due to a lack of manpower. But I don't use Lubuntu on my machine, I use LXDE over stock Ubuntu 12.04 LTS. So my question is: In the next five years, will there be security updates and bug fixes for LXDE-packages such as Openbox, PCmanFM and LXsession? Or does the "LTS" in 12.04 LTS only include stock Unity packages? I guess this question is just as relevant for any other DE out there.

Read the article
Is it possible for a web-server to send more files than requested for, and have the browser accept them?

- by Osiris

I've created a basic web server for a school project, and it serves static content without a problem. I thought of having the server parse all htm/html files for links to .js/.css/image files, and send these files to the client without these files being requested by the client later. eg. The browser requests: index.htm The server responds with intex.htm and image.jpg I modified the server to send two distinct http responses for a "GET /index.html HTTP1.1" (one for the html page and one for the image), but the browser ended up requesting the image when it was good and ready. Is there any way to bypass this? (use a multipart response, perhaps) Will these files be accepted by most browsers, or will they be rejected for security reasons?

Read the article
PHP accessible shared content between two websites on the same VPS on different domains/IPs

- by Lee Fentress

I have two ecommerce websites, selling music digital downloads, on the same VPS, currently using cPanel/WHM (but thinking of switching to Virtualmin). They have separate domains and IPs of course. They both share from the same set of music files, so I have duplicate copies in each website directory, which takes up a lot of disk space. How might I go about sharing the same set of music files across both sites, allowing PHP access, so that it does not break my shopping cart's functionality of serving customers the downloads after they have paid for them? I thought of maybe using symlinks or something, but I don't know if it's possible, or if it would have to somehow circumvent built-in security features of the server. I'm new to VPS management.

Read the article
Why "Fork me on github"?

- by NoBugs

I understand how Github works, but one thing I've been confused about is, why almost every OSS project lately has a "Fork me on Github" link on their homepage. For example, http://jqtjs.com/, http://www.daviddurman.com/flexi-color-picker/, and others. Why is this so common? Is it that they want/need code validation, checking for security/performance improvements that they may not know how to do? Is it meant to show that this is a collaborative project - you're welcome to add improvements? Do they work for Github, or want to promote their service? Oddly enough, I don't think I've seen a "Fork project on Bitbucket" logo recently. My first reaction to that logo was that the project probably needs to be modified (forked) in order to integrate it with anything useful - or that they are encouraging fragmented codebase, encouraging everyone to make their own fork of the project. But I don't think that is the intent.

Read the article
Webcast: Moving Client/Server and .NET Applications to Windows Azure Cloud

- by Webgui

The Cloud and SaaS models are changing the face of enterprise IT in terms of economics, scalability and accessibility . Visual WebGui Instant CloudMove transforms your Client / Server application code to run natively as .NET on Windows Azure and enables your Azure Client / Server application to have a secured-by-design plain Web or Mobile browser based accessibility. Itzik Spitzen VP of R&D, Gizmox will present a webcast on Microsoft Academy on Tuesday 8 March at 8am (USA Pacific Time) explaining how VWG bridges the gap between Client/Server applications’ richness, performance, security and ease of development and the Cloud’s economics & scalability. He will then introduce the unique migration and modernization tools which empower customers like Advanced Telemetry, Communitech, and others, to transform their existing Client/Server business application to a native Web Applications (Rich ASP.NET) and then deploy it on Windows Azure which allows accessibility from any browser (or mobile if desired by the customer). Registration page on Microsoft Academy: https://www.eventbuilder.com/microsoft/event_desc.asp?p_event=1u19p08y

Read the article
How does session middleware generally verify browser sessions?

- by BBnyc

I've been using session middleware to build web apps for years: from PHP's built-in session handling layer to node's connect session middleware. However, I've never tried (or needed) to roll my own session handling layer. How would one go about it? What sort of checks are necessary to provide at least some modicum of security against HTTP session highjacking? I figure setting a cookie with a token to keep track of the session, and then perhaps some check to see that the originating IP address of the session doesn't change and that the client browser software remains consistent. Hoping to hear about current best-practices...

Read the article
Unified Communications Suite Ships New Version

- by joesciallo

We shipped the latest version (7.0.5.0.0) of Unified Communications Suite. The following information should get you started: Get the Software New Features Release Notes Some Changes for 7.0.5.0.0 Convergence: Version 3.0.0.0.0 enables you to use the add-on framework to add third-party services to the Convergence UI. These services include: Advertising Click-to-call service Multinetwork IM SMS (both one-way and two-way) Social media applications (Facebook, Twitter, and Flickr) Video and voice calling capability For more information, see Overview of Add-on Services in Convergence. Calendar Server: Version 7.0.4.14.0 provides a number of security enhancements, including supporting the SSL protocol for all front-end and back-end communications, and the ability to list hosts that are allowed to send iSchedule POST requests. For more information, see Securing Communications to Calendar Server Back Ends. New Platform Support: Oracle GlassFish Server 3, Oracle Solaris 11, and Oracle Enterprise Linux 6.x are supported in this release of Communications Suite.

Read the article
Multiple vulnerabilities in Thunderbird

- by chandan

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-2372 Permissions, Privileges, and Access Controls vulnerability 3.5 Thunderbird Solaris 11 11/11 SRU 2 Solaris 10 Contact Support CVE-2011-2995 Denial Of Service (DoS) vulnerability 10.0 CVE-2011-2997 Denial Of Service (DoS) vulnerability 10.0 CVE-2011-2998 Denial Of Service (DoS) vulnerability 10.0 CVE-2011-2999 Permissions, Privileges, and Access Controls vulnerability 4.3 CVE-2011-3000 Improper Control of Generation of Code ('Code Injection') vulnerability 4.3 CVE-2011-3001 Permissions, Privileges, and Access Controls vulnerability 4.3 CVE-2011-3005 Denial Of Service (DoS) vulnerability 9.3 CVE-2011-3232 Improper Control of Generation of Code ('Code Injection') vulnerability 9.3 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
Keyboard settings for a Mac+PC world

- by Sahil Malik

SharePoint, WCF and Azure Trainings: more information I’m one of those weridos who lives in a Mac+PC world. I write code for both iOS and Windows platforms. I also travel quite a bit, and airlines and airport security are starting to weigh your carry ons, and beginning to frown on the powerplant of batteries you need to carry to power SharePoint on an airplane. This means, my main work machine has to be a Macbook Pro, since it is the only machine that can do both XCode and Visual Studio Virtualized and SharePoint virtualized nicely. The problem this causes of course, is you will literally pull your hair out when dealing with keyboard/shortcut differences. So here is my work setup, Running Mac for all my normal work Virtualizing using VMWare Fusion – and sometimes I move these VMs to my windows server so I can run them on VMware workstation. Frequently RDP’ing into VMs in the cloud or running on my home server. So, Read full article ....

Read the article
6 Ways To Secure Your Dropbox Account

- by Chris Hoffman

Dropbox is a hugely popular cloud storage service beloved by many. Unfortunately, it’s had a history of security problems, ranging from compromised accounts to once allowing access to every Dropbox account without requiring a password for several hours. If you’re using Dropbox, there are a variety of ways you can secure your account against unauthorized access and protect your files even if someone does gain access to your account. Why Does 64-Bit Windows Need a Separate “Program Files (x86)” Folder? Why Your Android Phone Isn’t Getting Operating System Updates and What You Can Do About It How To Delete, Move, or Rename Locked Files in Windows

Read the article
Award-Winning Architects at Oracle OpenWorld

- by Bob Rhubart

"The Winner," a sculpture by John J. Seward Jr. The role of the IT architect may be the most hotly debated and unjustly maligned role in IT. But at this year's Oracle OpenWorld in San Francisco several architects will enjoy some much-deserved recognition through the Oracle Magazine Technologist of the Year Awards. Part of the Oracle Excellence Awards, the Technologist of the Year Awards "honor Oracle technologists for their cutting-edge solutions using Oracle products and services." Seven of the ten Technologist of the Year categories honor architects: Technologist of the Year: Big Data Architect Technologist of the Year: Cloud Architect Technologist of the Year: Enterprise Architect Technologist of the Year: Mobile Architect Technologist of the Year: Security Architect Technologist of the Year: Social Architect Technologist of the Year: Virtualization Architect If you or one of your colleagues is an architect deserving of this recognition, click the appropriate link above to find the nomination form. Deadline for nominations is Tuesday, July 17, 2012. For more information see: Technologist of the Year Awards. See last year's winners here.

Read the article
5 Tips and Tricks to Get the Most Out of Steam

- by Chris Hoffman

If you’re a PC gamer, there’s a good chance you’re familiar with Valve’s Steam and use it regularly. Steam includes a variety of cool features that you might not notice if you’re just using it to install and launch games. These tips will help you take advantage of an SSD for faster game loading times, browse the web from within a game, download games remotely, create backup copies of your games, and use strong security features. HTG Explains: What Is Windows RT and What Does It Mean To Me? HTG Explains: How Windows 8′s Secure Boot Feature Works & What It Means for Linux Hack Your Kindle for Easy Font Customization

Read the article
Referencing external javascript vs. hosting my own copy

- by Mr. Jefferson

Say I have a web app that uses jQuery. Is it better practice to host the necessary javascript files on my own servers along with my website files, or to reference them on jQuery's CDN (example: http://code.jquery.com/jquery-1.7.1.min.js)? I can see pros for both sides: If it's on my servers, that's one less external dependency; if jQuery went down or changed their hosting structure or something like that, then my app breaks. But I feel like that won't happen often; there must be lots of small-time sites doing this, and the jQuery team will want to avoid breaking them. If it's on my servers, that's one less external reference that someone could call a security issue If it's referenced externally, then I don't have to worry about the bandwidth to serve the files (though I know it's not that much). If it's referenced externally and I'm deploying this web site to lots of servers that need to have their own copies of all the files, then it's one less file I have to remember to copy/update.

Read the article
SSL Certificate

- by outdoorcat

I've received the email below from google about my wordpress site and have no idea how to follow the instructions. Any help out there? Dear Webmaster, The host name of your site, https://www.example.com/, does not match any of the "Subject Names" in your SSL certificate, which were: *.wordpress.com wordpress.com This will cause many web browsers to block users from accessing your site, or to display a security warning message when your site is accessed. To correct this problem, please get a new SSL certificate from a Certificate Authority (CA) with a "Subject Name" or "Subject Alternative DNS Names" that matches your host name. Thanks, The Google Web-Crawling Team

Read the article

< Previous Page | 351 352 353 354 355 356 357 358 359 360 361 362 | Next Page >