Search Results

Search found 5560 results on 223 pages for 'brute force attacks'.

Page 4/223 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Time zone for Force.com API fiscal date literals?

    - by Nick
    I have a question about fiscal date literals in the Force.com API (http://www.salesforce.com/us/developer/docs/api/Content/sforce_api_calls_soql_select_dateformats.htm): For which time zone are date ranges calculated? For example, suppose we execute the query: SELECT Id FROM Opportunity WHERE CloseDate = THIS_FISCAL_QUARTER where, according to our company's fiscal settings, THIS_FISCAL_QUARTER runs from Jan 1 to Mar 31. Does the range for THIS_FISCAL_QUARTER use... the user's time zone? For example, if the user's time zone is GMT-8, THIS_FISCAL_QUARTER = Jan 1 00:00 GMT-8 to Mar 31 23:59 GMT-8 (or Jan 1 08:00 UTC to Mar 31 07:59 UTC) the company's default time zone (according to the company profile)? For example, if the company's default time zone is GMT-8, THIS_FISCAL_QUARTER = Jan 1 00:00 GMT-8 to Mar 31 23:59 GMT-8 (or Jan 1 08:00 UTC to Mar 31 07:59 UTC) UTC? THIS_FISCAL_QUARTER = Jan 1 00:00 UTC to Mar 31 23:59 UTC something else?

    Read the article

  • How to force a line break in a loooooong word in a DIV?

    - by George Edison
    Okay, this is really confusing me. I have some content inside of a div like so: <div style="background-color: green; width: 200px; height: 300px;"> Thisisatest.Thisisatest.Thisisatest.Thisisatest.Thisisatest.Thisisatest. </div> However, the content overflows the DIV (as expected) because the 'word' is too long. How can I force the browser to 'break' the word where necessary to fit all of the content inside?

    Read the article

  • Does anyone know of a good script to force file downloads and yet protect download links on a PHP se

    - by racl101
    I tried using a free script that I found on the Internet but it is giving me problems with Windows users (even though they are using IE 8, so it's not an option for me to ask them to upgrade their browsers.) Here's the requirements: I have a bunch of Microsoft Word and pdf files that need to be protected so that only authorized users can download them. I have already created the login system and the current script I have works fine for non-IE browsers. However, I keep getting recurring problems with Windows users who keep complaining that their files download corrupt and yet everyone else either using Mac or Linux or any other browser gets on just fine. The script must allow me to store files in a directory but force download of the file upon the function call. Must work well with most major browsers, especially I.E. If you have any practice suggestions or know of any great scripts (even if they are paid, I'm sick of this problem and would probably pay for a paid script) it would be greatly appreciated in advance.

    Read the article

  • What's the big deal with brute force on hashes like MD5

    - by Jan Kuboschek
    I just spent some time reading http://stackoverflow.com/questions/2768248/is-md5-really-that-bad (I highly recommend!). In it, it talks about hash collisions. Maybe I'm missing something here, but can't you just encrypt your password using, say, MD5 and then, say, SHA-1 (or any other, doesn't matter.) Wouldn't this increase the processing power required to brute-force the hash and reduce the possibility of collision?

    Read the article

  • Why is my Android app force closing when I try to check if an EditText has a double

    - by user336861
    Scanner scanner = new Scanner(lapsPerMile_st); if (!scanner.hasNextDouble()) { Context context = getApplicationContext(); String msg = "Please Enter Digits and Decmials Only"; int duration = Toast.LENGTH_LONG; Toast.makeText(context, msg, duration).show(); lapsPerMileEditText.setText(""); return; } else { //Edit box has only digits, Set data and display stats data.setLapsPerMile(Integer.parseInt(lapsPerMile_st)); lapsRunLabel.setVisibility(0); lapsRunTextView.setText(Integer.toString(data.getLapsRun())); milesRunLabel.setVisibility(0); milesRunTextView.setText(Double.toString(data.getLapsRun()/data.getLapsPerMile())); } <EditText android:id="@+id/mileCount" android:layout_width="100dp" android:layout_height="wrap_content" android:layout_marginTop="110dp" android:inputType="numberDecimal" android:maxLength="4" /> For some reason if I enter a non decimal number such as 3, or 5, it works fine but when I enter a floating point such as 3.4 or 5.8 it force closes. I cant seem to figure out whats going on. Any ideas? Thanks

    Read the article

  • Making nginx withstand flood attacks

    - by Tiffany Walker
    How can I make it stand stand against attacks better? Are their plugins. Looking for a way to RATE LIMIT and remain up and not slow down. My Setup: user nobody; # no need for more workers in the proxy mode worker_processes 4; worker_cpu_affinity 0001 0010 0100 1000; worker_priority -2; error_log /var/log/nginx/error.log info; worker_rlimit_nofile 40480; events { worker_connections 5120; # increase for busier servers use epoll; # you should use epoll here for Linux kernels 2.6.x } http { server_name_in_redirect off; server_names_hash_max_size 10240; server_names_hash_bucket_size 1024; include mime.types; default_type application/octet-stream; server_tokens off; disable_symlinks if_not_owner; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 5; gzip on; gzip_vary on; gzip_disable "MSIE [1-6]\."; gzip_proxied any; gzip_http_version 1.1; gzip_min_length 1000; gzip_comp_level 9; gzip_buffers 16 8k; # You can remove image/png image/x-icon image/gif image/jpeg if you have slow CPU gzip_types text/plain text/xml text/css application/x-javascript application/xml image/png image/x-icon image/gif image/jpeg application/xml+rss text/javascript application/atom+xml; ignore_invalid_headers on; client_header_timeout 3m; client_body_timeout 3m; send_timeout 3m; reset_timedout_connection on; connection_pool_size 256; client_header_buffer_size 256k; large_client_header_buffers 4 256k; client_max_body_size 200M; client_body_buffer_size 128k; request_pool_size 32k; output_buffers 4 32k; postpone_output 1460; proxy_temp_path /tmp/nginx_proxy/; client_body_in_file_only on; log_format bytes_log "$msec $bytes_sent ."; include "/etc/nginx/vhosts/*"; } vhost file: server { error_log /var/log/nginx/vhost-error_log warn; listen 194.145.208.19:80; server_name ipxnow.in www.ipxnow.in; access_log /usr/local/apache/domlogs/ipxnow.in-bytes_log bytes_log; access_log /usr/local/apache/domlogs/ipxnow.in combined; root /home/ipxnowin/public_html; location / { location ~.*\.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|html|htm|txt|js|css|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso)$ { expires 7d; try_files $uri @backend; } error_page 405 = @backend; add_header X-Cache "HIT from Backend"; proxy_pass http://194.145.208.19:8081; include proxy.inc; } location @backend { internal; proxy_pass http://194.145.208.19:8081; include proxy.inc; } location ~ .*\.(php|jsp|cgi|pl|py)?$ { proxy_pass http://194.145.208.19:8081; include proxy.inc; } location ~ /\.ht { deny all; } } and proxy.inc: proxy_connect_timeout 59s; proxy_send_timeout 600; proxy_read_timeout 600; proxy_buffer_size 64k; proxy_buffers 16 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; proxy_pass_header Set-Cookie; proxy_redirect off; proxy_hide_header Vary; proxy_set_header Accept-Encoding ''; proxy_ignore_headers Cache-Control Expires; proxy_set_header Referer $http_referer; proxy_set_header Host $host; proxy_set_header Cookie $http_cookie; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

    Read the article

  • How do you prevent brute force attacks on RESTful data services

    - by Adrian Grigore
    Hi, I'm about to implement an RESTful API to our website (based on WCF data services, but that probably does not matter). All data offered via this API belongs to certain users of my server, so I need to make sure only those users have access to my resources. For this reason, all requests have to be performed with a login/password combination as part of the request. What's the recommended approach for preventing brute force attacks in this scenario? I was thinking of logging failed requests denied due to wrong credentials and ignoring requests originating from the same IP after a certain threshold of failed requests has been exceeded. Is this the standard approach, or am I a missing something important? Thanks, Adrian

    Read the article

  • SSH public key authentication -- always require users to generate their own keypair?

    - by schinazi
    I was working with a partner today that I needed to upload files to my server using scp. I have passwords turned off in the server's SSH configuration, so I wanted them to use public key authentication. I generated the keypair for them on the server and gave them the private key and put the public key in the appropriate authorized_keys file. After a bunch of problems with them setting up their job, they finally got a more experienced sysadmin involved on their end, and he scolded me for handling the key generation this way. He said that by giving them a private key generated on my system, I had enabled them to do a brute-force attack against other keys generated on the same server. I even asked him "so if I have an account on a server, and I can log in with a password but I want to automate something and I generate a keypair on that system, does that then give me an attack vector for brute forcing other users' keys?" and he said yes. I've never heard of this, is it true? Can anyone point me to a discussion of this attack? Thanks in advance.

    Read the article

  • Calculating the rotational force of a 2D sprite

    - by Jon
    I am wondering if someone has an elegant way of calculating the following scenario. I have an object of (n) number of squares, random shapes, but we will pretend they are all rectangles. We are dealing with no gravity, so consider the object in space, from a top down perspective. I am applying a force to the object at a specific square (as illustrated below). How do I calculate the rotational angle, based on the force being applied, at the location being applied. If applied in the center square, it would go straight. How should it behave the further I move from the center? How do I calculate the rotational velocity?

    Read the article

  • Specifying force and angle in ApplyImpulse in box2d

    - by Deepak Mahalingam
    I need to apply an impulse on a object with a particular force and at a particular angle in Box2d. If I am right the syntax would be the following: body.GetBody().ApplyImpulse(new b2Vec2(direction, power),body.GetBody().GetWorldCenter()); The problem is my direction is in angles. I found a discussion where it was said that the way we can convert an angle into a vector would be as: new b2Vec2(Math.cos(angle*Math.PI/180),Math.sin(angle*Math.PI/180)); Now I am not sure how to combine these two. In other words, if I wish to apply a force of 30 units at an angle of 30 degrees at the center of the object, how should I do it?

    Read the article

  • How to force high-dpi scaling?

    - by Ian Boyd
    How can i force an application to be high-dpi scaled? Or alternatively, how can an application that is not manifested as high-dpi aware, and doesn't have dpi-scaling disabled from the Properties-Compatibility tab, not be scaled? Pretend i have an application, who's developers decided to manifest it as high-dpi aware, when it really isn't. How can i force dpi-scaling? Pretend i have an applicaiton that Microsoft has applied the "HighDpiAware" compatiblity shim to, when the application really isn't. How can i force dpi-scaling? Pretend i have an application (i.e. Shareaza) that does not have a dpi-aware manifest, does not disable dpi-scaling from the application's Properties tab, but high-dpi scaling is not being applied? How can i force it? How can i force Windows to apply dpi-scaling to an application? See also

    Read the article

  • Cracking Websites with Cross Site Scripting

    - by Akemi Iwaya
    You may have heard the term ‘cross site scripting’ before, but what exactly is ‘it’ and why is it dangerous for a website? YouTube channel Computerphile presents a nice primer on the ‘how and why’ of cross site scripting and the dangers it presents in their latest video. Cracking Websites with Cross Site Scripting – Computerphile [YouTube]     

    Read the article

  • When I get the Force Close dialog, I have a Report button. Where did it come from?

    - by BenTobin
    I feel a little bit silly asking this, but I haven't been able to find any answers on my own. My Force Close dialog has a "Report" button. I think it's a great idea, and I wish everyone had it. At first, I thought it must be something I turned on without realizing it, but not only can't I find any setting that I might have touched, I also can't find any reference to this button existing on the Internet. I have a Droid, and I know 4 other people with Droids, and they say they don't have the option to report Force Closes. Am I special? Am I just missing something? The "report" button has been there for at least a few weeks now. When I use the Report button, I get a screen with a "feedback" field and a checkbox for "Include system data". Below that , it says "Information from feedback reports will be shown to the developer of the application." Under that are Preview and Send buttons. As a developer, I've never received one of these reports. I'd try to send a report to myself, but it seemingly only shows the button for apps installed from the market, and I don't know of a way to crash my production app. I suppose I could publish a simple crashing app just to try it out, but I thought I'd ask you folks first. Edit: You can view screenshots here: http://bentobin.com/crashReportImages/

    Read the article

  • How long do DDoS attacks last?

    - by Susan
    I realize the answer to this question will vary, which is why I'm asking it. If you've suffered a DDoS attack before - how long did it last? Just trying to get an idea of how long we'll have to continue to wage this battle (going on a couple weeks now).

    Read the article

  • mod_security2 and w00tw00t attacks

    - by Saif Bechan
    I have a server with apache and i recently installed mod_config2 because I get attacked a lot by this: My apache version is apache v 2.2.3 and i user mod_security2.c [Wed Mar 24 02:35:41 2010] [error] [client 88.191.109.38] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:) [Wed Mar 24 02:47:31 2010] [error] [client 202.75.211.90] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:) [Wed Mar 24 02:47:49 2010] [error] [client 95.228.153.177] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:) [Wed Mar 24 02:48:03 2010] [error] [client 88.191.109.38] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:) I tried configuring mod_security2 like this: SecFilterSelective REQUEST_URI "w00tw00t.at.ISC.SANS.DFind" SecFilterSelective REQUEST_URI "\w00tw00t.at.ISC.SANS" SecFilterSelective REQUEST_URI "w00tw00t.at.ISC.SANS" SecFilterSelective REQUEST_URI "w00tw00t.at.ISC.SANS.DFind:" SecFilterSelective REQUEST_URI "w00tw00t.at.ISC.SANS.DFind:)" The thing in mod_security2 is that SecFilterSelective can not be used, it gives me erros. Instead i use a rule like this: SecRule REQUEST_URI "w00tw00t.at.ISC.SANS.DFind" SecRule REQUEST_URI "\w00tw00t.at.ISC.SANS" SecRule REQUEST_URI "w00tw00t.at.ISC.SANS" SecRule REQUEST_URI "w00tw00t.at.ISC.SANS.DFind:" SecRule REQUEST_URI "w00tw00t.at.ISC.SANS.DFind:)" Even this does not work. I don't know what to do anymore. Anyone have any advice?

    Read the article

  • china and gmail attacks

    - by doug
    "We have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists. Based on our investigation to date we believe their attack did not achieve that objective. Only two Gmail accounts appear to have been accessed, and that activity was limited to account information (such as the date the account was created) and subject line, rather than the content of emails themselves.” [source] I don't know much about how internet works, but as long the chines gov has access to the chines internet providers servers, why do they need to hack gmail accounts? I assume that i don't understand how submitting/writing a message(from user to gmail servers) works, in order to be sent later to the other email address. Who can tell me how submitting a message to a web form works?

    Read the article

  • What kind of server attacks should i be aware of nowadays

    - by Saif Bechan
    I am recently running a web server, and there is a lot of information online, but it can all be a little confusing. I recently opened my logwatch logs and saw that i get attacked a lot by all sorts of bots. Now I am interested in a list with things I definitely should be aware of nowadays, and possible ways to prevent them. I have read stories about server crashed by floods, crashed by email, and all sorts of crazy stuff. Thing I already did: I have recently blocked all my ports, except for the http and email ports. I disabled IPv6, this was giving me a lot of named errors I have turned on spam DNS blackhole lists to fight spam - sbl.spamhaus.org; - zen.spamhaus.org; - b.barracudacentral.org; I installed and configured mod_security2 on apache There is no remote access possible to my databases That is all i did so far, further I am not aware of any other threats. I want to know if the following things have to be protects. Can I be flooded by emails. How can i prevent this Can there be a break in or flood of my databses Are there things like http floods or whatever Are there any other things i should know before i go public with my server I also want to know if there is some kind of checklist with must-have security protections. I know the OWASP list for writing good web applications, is there something for configuring a server.

    Read the article

  • Block IPs if they access a resource

    - by Victor Oliva
    I own a server that it's costantly being attacked by scripts (that try to access to phpMyAdmin's setup file's and stuff like this). I've heard that many people get this kinds of attacks, but I'm starting to worry since they are getting more common (last month I got 2 attacks, and on november 7th there are 3 attempts already (1st, 4th and 6th of nov). I'm not really concerned about it, since I don't have any database. All the info i have on that server is absolutely public, but I'm worried about that attacking-rate increase. So I thought I could -temporarily- block the IPs that come from those attackers, or something that could make my server ignore requests that ask for phpMyAdmin, pma, xamp, etc. Is there something like that? my server is Linux+Apache+Php

    Read the article

  • How are suspected DoS attacks handled by webservers?

    - by Jan Kuboschek
    I rent a server somewhere out in Canada or so that I'm using to host a website of mine. That website has close to 400,000 pages that I wanted to index today. For that, I wrote a crawler a while back (see JCrawler on Stackoverflow.com). Now, I'm greedy and didn't want it to take too long so I ran multiple threads resulting in some 60+ requests per second from my IP. A couple minutes later, my server locked me out. I can still FTP into it, but I can't HTTP it. As server administrator or user, do you have any idea how servers usually handle these situations? Is it common to place a permanent or temporary ban on the IP or what is typically done? Naturally, I'll re-run my software with fewer requests once I'm back on.

    Read the article

  • Number of malicious attacks defended/done on the average user daily [closed]

    - by DalexL
    As a web hoster, it is very easy to notice the large amounts of exploit/abuse attempts done on my servers. Out of curiosity, how often are these attempts done on the average user? I'm assuming almost all of them are prevented just by simple security protocols in place by their browsers, local network, etc. How many attempts, on average, are committed against a single user daily through any method? (email, internet, downloads, etc.)? If known, what percentage of these things are blocked by the average users security? I tried googling but I was having a hard time getting the right search terms together.

    Read the article

  • how to fight back attacks on my web service

    - by user12145
    My apache webservice is getting a large quantity of requests over the days, each one with somewhat random login to gain access. I identified about 60 such ips(a few sample below), all belong to google. is there a way to find more information about the origin of the attacker? or should I just block these ips. secondly, should I attempt to block the identified ips subnets(74.125.46.*) as a preventive measure? 72.14.194.65 64.233.172.20 74.125.75.19 72.14.194.33 74.125.46.87 74.125.44.91 74.125.46.91

    Read the article

  • unity4.3 rigidbody2d unexpected force behaviour

    - by Lilz Votca Love
    So guys ive edited the question and here is what my problem is i have a player which has a rigidbody2d attached to it.my player is able to doublejump in the air nicely and stick to walls when colliding with them and slowly slides to the ground.All movement is handle through physics and no transform manipulations.here i did something similar to this in the FixedUpdate of my player. void FixedUpdate() { if(wall && Input.GetButtonDown("Jump")) { if(facingright)//player is facing the left side of the wall { rigidbody2D.Addforce(new vector2(-1f,2f)*jumpforce); /*Now the player should jump backwards following this directional vector and should follow a smooth curve which in this part works well*/ } else { rigidbody2D.Addforce(new vector2(1f,2f)*jumpforce); /*Now this is where everything gets complicated as you should have noticed this is the same directional vector only the opposite x axis value and the same amount of force is used but it behaves like the red curve in the picture below*/ } } } bad behaviour and vector in red .I tested the same thing(both addforce methods) for a simple jump and they exactly behave like mentionned above in the picture.so here is my problem.Jumping diagonally forward with rigidbody2d.addforce() do not have the same impact,do not follow the same curve as jumping the opposite direction with the same exact amount of force.if i could fix this or get past this i could implement a walljump system like a ninja jumping in zigzag between two opposite wall to climb them.Any ideas or alternatives?

    Read the article

  • Does using the converting input from HTML forms into htmlentities protect attacks invoving JavaScrip

    - by racl101
    Hi everyone, I was wondering if converting POST input from an HTML form into html entities, (via the PHP function htmlentities() or using the FILTER_SANITIZE_SPECIAL_CHARS constant in tandem with the filter_input() PHP function ), will help defend against any attacks where a user attempts to insert any JavaScript code inside the form field or if there's any other PHP based function or tactic I should employ to create a safe HTML form experience? Sorry for the loaded run-on sentence question but that's the best I could word it in a hurry. Any responses would be greatly appreciated and thanks to all in advance. racl101

    Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >