Search Results

Search found 28693 results on 1148 pages for 'oracle advanced security'.

Page 358/1148 | < Previous Page | 354 355 356 357 358 359 360 361 362 363 364 365  | Next Page >

• Significant number of non-HTTP requests hitting my site

  - by Mark Westling

  I'm seeing a significant number of non-HTTP requests hitting a site I just launched. They show up in the server (nginx) logs as non-ASCII and get rejected (correctly) with a 400 status. Here are some lines from the log: 95.132.198.189 - - [09/Jan/2011:13:53:30 -0500] "œ$A\x10õœ²É9J" 400 173 "-" "-" 79.100.145.126 - - [09/Jan/2011:13:57:42 -0500] "#§i²¸oYi á¹„\x13VJ—x·—œ\x04N \x1DÔvbÛè½\x10§¬\x1E0œ_^¼+\x09ÜÅ\x08DÌÃiJeT€¿æ]œr\x1EëîyIÐ/ßýúê5Ǹ" 400 173 "-" "-" 79.100.145.126 - - [09/Jan/2011:13:58:33 -0500] "¯Ú%ø=Œ›D@\x12¼\x1C†ÄÀe\x015mˆàd˜Û%pÛÿ" 400 173 "-" "-" What should I make of this? Is this some sort of scripted attack? Or could these be correct requests that have somehow been garbled? They're not affecting the performance of the site and I'm not seeing any other signs of attacks (e.g., no strange POSTs) so at this point I'm more curious than afraid.

  Read the article

• Automatically locking screen without shutting it off

  - by milkandtang

  Hey everyone— I have a home theater PC running Ubuntu 11.10, outputting over HDMI (for audio and video). I'm having an issue: I'd like the screen to lock automatically (when video is not playing, of course) but do not want the screen to turn off automatically, because that kills audio. I can manually lock the screen, of course, but it appears that if you set the "Turn off screen" setting to "never", the screen will never lock, no matter what the "lock screen" timeout is set to. Is there a way to do what I'm asking, or will I have to install xscreensaver?

  Read the article

• How can I protect my save data from casual hacking?

  - by Danran

  What options are there for saving game data in a secure manner? I'm interested in solutions specifically tailored for C++. I'm looking for something that is fast and easy to use. I'm only concerned about storing simple information such as Which levels are and are not unlocked The user's score for each level I'm curious again to know what's out there to use, any good libraries to use that give me nice, secure game data files that the average player can't mess with. I just found this here which looks very nice, but it would be great to get some opinions on potential other libraries/options out there.

  Read the article

• What does private cloud Daas or DBaaS really mean ?

  - by llaszews

  Just had meeting with Fortune 1000 company regarding their private DBaaS or DaaS offering. Interesting to see what DBaaS really means to them: 1. Automated Database provisioning - Being able to 'one button' provision databases and database objects. This includings creating the database instance, creating database objects, network configuration and security provisioning. It is estimated that just being able to provision a new DB table in automated fashion will reduce time required to create a new DB table from 60 hours down to 8 hours. 2. Virtualization and blades - DBaaS infrastructure is all based upon VMs and blades. 3. Consolidation of database vendors - Moving from over ten database vendors down to three.

  Read the article

• My self-generated CA is nearing it's end-of-life; what are the best practices for CA-rollover?

  - by Alphager

  Some buddies and me banded together to rent a small server to use for email, web-hosting and jabber. Early on we decided to generate our own Certificate Authority(CA) and sign all our certificates with that CA. It worked great! However, the original CA-cert is nearing it's end-of-life (it expires in five months). Obviously, we will have to generate a new cert and install it on all our computers. Are there any best practices we should follow? We have to re-generate all certs and sign them with the new CA, right?

  Read the article

• Looking for "New" Java Developers for Java Magazine!

  - by oracletechnet

  Want to be "almost famous"? For the March/April 2012 issue of Java Magazine, we need interview candidates for a cover story tentatively entitled "The New Java Developers". For each candidate selected, we will publish a short bio/profile and photo. What's the catch? You must be between 18 and 25 years of age and, naturally, passionate about Java technology! Here are some other prerequisites: - Willingness to be interviewed and photographed for worldwide publication- English-language proficiency- Students or professionals are OK Extra points for: - Women. We want to bring more women into IT!- Residents of countries with fast-growing developer populations If you are a candidate or know of a candidate, please drop an email with your CV to javamag_us AT oracle.com. This could be your big break in the biz!

  Read the article

• What are the pros and cons of non-unique display names?

  - by Davy8

  I know of at least big title game (Starcraft II) that doesn't require unique display names, so it would seem like it can work in at least some circumstance. Under what situations does allowing non-unique display names work well? When does it not work well? Does it come down to whether or not impersonation of someone else is a problem? The reasons I believe it works for Starcraft II is that there isn't any kind of in-game trading of virtual goods and other than "for kicks" there isn't much incentive to impersonate someone else in the game. There's also ladder rankings so even trying to impersonate a pro is easily detectable unless you're on a similar skill level. What are some other cases where it makes sense to specifically allow or disallow duplicate display names?

  Read the article

• Steps after SQL Injection detected

  - by Zukas

  I've come across SQL injection vulnerabilities on my companies ecommerce page. It was fairly poorly put together. I believe I have prevented future attempts however we are getting calls about fraudulent credit card charges on our site and others. This leads me to believe that someone was able to get a list of our credit card numbers. What doesn't make sense is that we don't store that information and we use Authorize.net for the transaction. If someone was able to get the CC#s, what should I do next? Inform ALL of our customers that someone broken into our system and stole their information? I have a feeling that will be bad for business.

  Read the article

• The Challenges of Corporate Financial Reporting

  - by Di Seghposs

  Many finance professionals face serious challenges in managing and reporting their company’s financial data, despite recent investments in financial reporting systems. Oracle and Accenture launched this research report to help finance professionals better understand the state of corporate financial reporting today, and why recent investments may have fallen short. The study reveals a key central issue: Organizations have been taking a piecemeal—rather than holistic—approach to investing. Without a vision and strategy that addresses process improvement, data integrity, and user adoption software, investments alone will not meet the needs or expectations of most organizations. The research found that the majority of finance teams in 12 countries—including the U.K., USA, France, Germany, Russia, and Spain—have made substantial investments in corporate financial management processes and systems over the last three years. However, many of these solutions, which were expected to improve close, reporting, and filing processes, are ineffective, resulting in a lack of visibility, quality, and confidence in financial data. Download the full report. 

  Read the article

• PeopleSoft @ RECONNECT 14

  - by Marc Weintraub

  Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 Quest’s RECONNECT 14 is just around the corner and will be here before you know it. RECONNECT 14 is Tuesday, July 22 – Thursday, July 24 at the Hyatt Regency O’Hare in Rosemont, IL. Quest’s RECONNECT event is a PeopleSoft-specific deep dive conference for the Quest community. Join Quest and hundreds of other PeopleSoft users for deep-dive education into all things PeopleSoft; from HCM and Financials to Applications Tools and Technology (i.e. PeopleTools) and Procurement (i.e. Supplier Relationship Management). RECONNECT also includes industry specific interest areas like those for Financial Services and Manufacturing and Distribution. /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;} This year's event will feature many key players from Oracle’s PeopleSoft team including PeopleSoft Product Strategy leads and PeopleSoft Development leads. Nearly 50 of the more than 175 conference sessions will be led by members of Oracle including pillar-specific roadmap presentations. Create a custom agenda that fits your specific needs and interests. Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;} The RECONNECT Advance Program is now available and includes: Who Should Attend? Keynotes and Super Sessions Full Listing of Conference Sessions Ways to Influence Future PeopleSoft Investments Trainings and Continuing Professional Education (CPE) Offerings Onsite User Group Meetings Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 Don’t wait another moment, register now. /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Calibri","sans-serif"; mso-bidi-font-family:"Times New Roman";} /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-family:"Calibri","sans-serif"; mso-ascii- mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi- mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;}

  Read the article

• Mobile Application development - get hands on at UKOUG

  - by Grant Ronald

  Development of mobile solutions is one of the hottest topics in the IT market at the moment.  Forbes predicts that mobile application development with outstrip native PC development by 4-1 by 2015.  I'm therefor delighted to announce that the UKOUG and Oracle have synch'd up to provide a rolling 3 day hands-on Mobile development lab at the UKOUG conference this year. We're setting up a lab of 10 Mac machines in which you will be able to develop iOS on-device applications.  And the great thing is, if you want to develop for Android, its the same lab as well!  Just think, write once and deploy to iOS or Android.  We know places will be limited so we are going to be putting in place a first-come-first-served booking system.  Walk-ups will be allowed only if places are free. This is your chance to start skilling up on the hottest development initiative in years.

  Read the article

• Why can't non-admin users install software?

  - by fiftyeight

  This is probably something I don't understand since I am used to Windows and am only starting out with Ubuntu. I know that software in linux comes in packages what I don't understand is why can't non-admin users install software. I mean, every application is run by a specific user, and that user will only be able to run that applciation with his privilages, so if he has no admin privileges, the application also won't be able to access unauthorized directories etc. I want most of the time to work on my PC with a non-admin user since it seems more safe to me, most of the time I have no need for admin privileges. and even though I know viruses in linux are uncommon I still think the best practice is to work on the computer in a state that you yourself can't make any changes to important files, that way viruses also can't harm any important files, but I need to install software for programming and web-design etc. and first of all I don't want to switch users all the time. But also it sounds safer to me that everything being done on the PC will be done through the non-admin user. I'll be glad to know what misunderstanding I have here, cause something here doesn't sound right.

  Read the article

• Best Method/Library For Remote Authentication

  - by Mike

  I have a web app that has a REST API interface: http://api.example.com/core that uses API Keys and domain specific keys (key has to be used on the specified domain). I then will have several client sites with ajax forms where we will require users to sign in before being able to submit the form. This form will add data to a table, and submit an email to several recipients along with checking credentials. This form will use an ajax submit to our REST API. All Communication to/from the API is over SSL Ideal Flow: Visitor Fills Form Out -> Enters User/pass -> Submits Form -> ajax request to REST API -> API Verifies credentials -> does CRUD -> sends emails -> returns 200/403 -> perform DOM manipulation based on return code in ajax call Are there any libraries in PHP that currently do something to this similarly? Would OAuth be a good use for this scenario? Languages used are: js/html/css/php/MySQL

  Read the article

• Release 51 of Sun Rack II capacity calculator available

  - by uwes

  A new release of the Sun Rack II capacity calculator is available on eSTEP portal. Just uploaded release 51 of the calculator. The following changes have been integrated: Added LOD date of 30 NOV 2014 for ST25xx M2 (NEP LOD – other customers LOD is 31 MAY 2014) Moved 7420 to EOL HW due to met LOD Bug correction : X4-2 and X4-2L weren’t working. Bug correction : ES1-24 RU are now correctly shown (2 ES1-24 only takes 1 RU) The tool calculates all the data necessary (power requirements, BTU, number of rack units, needed power outlets etc.) while inserting the many different kind of HW equipment in aSun Rack II cabinet (version 1000 and 1200). It takes into consideration most of the available servers, storage devices, tapes, and Netra products. There are also a couple of third party products which are taken into account. The spreadsheet can be downloaded from eSTEP portal. URL: http://launch.oracle.com/ PIN: eSTEP_2011

  Read the article

• Making Agile and DevOps methodology compatible with PCI requirements

  - by kenchew

  Would like to hear from those working in a PCI compliance environment and is practicing agile development and devops methodology, how you maintain compliance with PCI requirements. Specifically, what do you do to address: separation of duties between development/test and production alignment of continuous integration / deployment and change control alignment of agile stories to requirement documentation

  Read the article

• Avoiding "double" subscriptions

  - by john smith

  I am working on a website that requires a bit of marketing; let me explain. This website is offering a single, say, iTunes 50$ voucher to a lucky winner. To be entered in the draw, you need to invite (and has to join) at least one friend to the website. Pretty straightforward. Now, of course it would be easy for anyone to just create a fake account and invite that account so, I was thinking of some other way to somehow find out of possible cheating. I was thinking of an IP check on the newly subscribed (invited) user, and if there is the same IP logged in the last 24 hours, and if that's the case, investigate more about it. But I was thinking that maybe there is a more clever way around this issue. Has anyone ever though about this? What other solutions did you try? Thanks in advance.

  Read the article

• How to protect Ubuntu from fork bomb

  - by dblang

  I heard someone talking about a fork bomb, I did some research and found some dreadful information about some strange looking characters people can have you type at the command line and as a result do bad things on the computer. I certainly would not issue commands I do not understand but one never knows what can happen. I heard that some OS allows the administrator to place some limit on user processes to mitigate the effects of fork bombs, is this protection in Ubuntu by default or would a person with sudo privilege have to set this? If so, how?

  Read the article

• Will the Global Demand for Water Outstrip the Supply by 2030?

  - by Evelyn Neumayr

  A recent study conducted by the Economist Intelligence Unit and sponsored by Oracle Utilities, titled “Water for All?”,considers the preparedness of utilities to supply water to the current global population of over 7 billion people, with a further 1 billion expected by 2030. It compares strategies used by utilities in 10 major countries to address this challenge. This study’s findings show that wide-ranging water management efforts and large-scale investments must be made if utilities are to meet near-certain water stress—demand outstripping supply—by 2030. The report is based on an online survey of 244 executives of water utilities in these countries, supplemented by in-depth interviews with 20 water utility executives and independent experts. The research concludes that utilities worldwide expect to meet future demand, despite increased supply pressure on supplies, due to improvements in water productivity that the wide range of measures utilities and governments will take to ensure that water is used more efficiently. Read more about this here.

  Read the article

• Community Forum at Openworld - Presentations available

  - by Javier Puerta

  Thanks to all of you who participated at the Exadata & Manageability Partner Community session that we ran during Oracle Openworld in San Francisco. Very special thanks to the partner speakers who shared their experiences with the rest of the community! Presentation On October 1st we held a new session of the Exadata & Manageability Partner Community in San Francisco. Thanks to all of you who participated in the event and very especially to the partner speakers who shares their experiences with the rest of the community: Francisco Bermúdez (Capgemini Spain), Dmitry Krasilov (Nvision, Russia) and Miguel Alves (WeDo Technologies, Portugal)The slide decks used in the presentations are now available for download at the Exadata Partner Community Collaborative Workspace (for community members only - if you get an error message, please register for the Community first).In a few weeks we will be announcing the location for the next Community event in the spring timeframe.

  Read the article

• Disadvantages of a fake phpMyAdmin honeypot that causes ip blacklisting and robots.txt disallow/exclusion of the honeypot?

  - by Tchalvak

  I'm trying to figure out whether I should set up a honeypot system with a fake phpMyAdmin (site gets hits all the time with people spidering for insecurities with that app). My thought was to create a honeypot php script that would mimic a phpMyAdmin login, and then blacklist ips that hit that url (and aren't already whitelisted). I would then add the appropriate urls to the robots.txt so that spiders that actually respect my robots.txt wouldn't be caught by the blacklist. Are there disadvantages to this approach, do legit robots sometimes not respect robots.txt in certain circumstances, are there any problems with this that I should consider in advance?

  Read the article

• How would I know if my OS is compromised?

  - by itsols

  I had opened a php folder from a friend's web host. I run it on mine to fix some bugs. Then I tried attaching the code to be emailed and GMAIL stated that the attachment was infected by a virus. Now I'm afraid if my Apache or OS (12.04) is infected. I checked the php files and found a base64 encoded set of code being 'eval'd at the top of each and every php file. Just reversing it (echo with htmlspecialchars) showed some clue that there were sockets in use and something to do with permissions. And also there were two websites referred having .ru extensions. Now I'm afraid if my Ubuntu system is affected or compromised. Any advice please! Here's my second run of rkhunter with the options: sudo rkhunter --check --rwo Warning: The command '/usr/bin/unhide.rb' has been replaced by a script: /usr/bin/unhide.rb: Ruby script, ASCII text Warning: Hidden directory found: /dev/.udev Warning: Hidden file found: /dev/.initramfs: symbolic link to `/run/initramfs'

  Read the article

• Password protected website

  - by danie7L T

  I need to add a user authentication page before the actual homepage of the website. In Joomla! I just set the website offline and the offline page loads in place of the homepage but then it's automatically throwing a "503 Service Temporarily Unavailable" error which I would like to avoid. That's why I would like to know the other ways to load an authentication page before the homepage. NB: I'm using Apache servers if that's relevant Thank you

  Read the article

• MCrypt Module, Rijndael-256

  - by WernerCD

  An outside company is redoing our company Intranet. During some basic usage I disovered that the "User Edit" screens, with the "Password: *" boxes have the password in plain text, with the text box "type=password" to "hide" the password. The passwords are not store in the database as plain text, they are stored encrypted using "rijndael-256" cypher using the mcrypt module. I know that if I encrypt a password with SHA*, the password is "Unrecoverable" via one-way encryption. Is the same of MCrypt Rijndael-256 encryption? Shouldn't an encrypted password be un-recoverable? Are they blowing smoke up my rear or just using the wrong technology?

  Read the article

• Service Territories White Paper - Setup and Configuration

  - by LuciaC

  If you use Oracle Teleservice then you are probably using Service Territories to route service requests to the right resources such as Call Center Agents, Field Service Technicians, Technical Support Groups etc.  Getting those routings to happen correctly and efficiently is key to delivering high-quality service, so having the correct territory setup is essential.  The Service development team have published a new White Paper to help you do just that!  The White Paper includes information to help with understanding the required setups: Service Territories - Locating and Sorting matching Territories, and Picking winning Territories How to use Rank and Number of Winners The different Access Types that can be setup Operating Unit and how to use it effectively How to setup and use Service Qualifiers The limitation of some Geographic Qualifiers and how to overcome the limitations How to use Web ADI to maintain Territories. Read Doc ID 1234593.1 to access the white paper.  There was also a recent webcast on Territory Setup and Matching Attributes, you can access the recording via Doc ID 1455786.1.

  Read the article

• Facebook - Isn't this a big vulnerability risk for users? (After Password Change)

  - by Trufa

  I would like to know you opinions as programmers / developers. When I changed my Facebook password yesterday, by mistake I entered the old one and got this: Am I missing something here or this is a big potencial risk for users. In my opinion this is a problem BECAUSE it is FaceBook and is used by, well, everyone and the latest statistics show that 76.3% of the users are idiots [source:me], that is more that 3/4!! All kidding aside: Isn't this useful information for an attacker? It reveals private information about the user! It could help the attacker gain access to another site in which the user used the same password Granted, you should't use use the same password twice (but remember: 76.3%!!!) Doesn't this simply increase the surface area for attackers? It increases the chances of getting useful information at least. In a site like Facebook 1st choice for hackers and (bad) people interested in valued personal information shouldn't anything increasing the chance of a vulnerability be removed? Am I missing something? Am I being paranoid? Will 76.3% of the accounts will be hacked after this post? Thanks in advance!! BTW if you want to try it out, a dummy account: user: [email protected] (old) password: hunter2

  Read the article

< Previous Page | 354 355 356 357 358 359 360 361 362 363 364 365  | Next Page >