Search Results

Search found 68155 results on 2727 pages for 'data security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 436/2727 | < Previous Page | 432 433 434 435 436 437 438 439 440 441 442 443  | Next Page >

  • password limitations in SQL Server and MySql

    - by asteroid
    Does MySql 5.1 and SQL Server 2008 (Web edition, Standard) have any functional password limitations other than length limits? Are metacharacters in any form a bad idea to use, like bang, pipe, hash, any slash, carrot, and so on? I know that MySql 5.1 has a password length limitation of 16 characters that is hardcoded, but I was wondering, are any metacharacters (i.e. non alphanumerics) a bad idea to use? And is this true in SQL Server 2008 Web edition, Standard? So specifically: can symbols like: /`~:}{[]^ be used successfully? I would hope it doesn't matter to the database, but I don't understand enough about password storage in enterprise database systems yet to know for sure, and I was looking for confirmation or an explanation.

    Read the article

  • Prevent Apache from answering invalid requests

    - by nickdnk
    I have an Apache web-server that acts as a web front-end for iPhone and iPad applications that communicate by POST and JSON only. Is there any way to prevent Apache from answering requests that are invalid? I can see my error log is filled with attempts to open files such as /admin.php /index.php etc - files that don't exist on my server. I believe this is possible with IIS, but can you do the same thing with Apache? Basically I want the request to appear timed out unless you post exactly the right content to the right file - or at least if you do not request an existing file. This would make the server appear non-existing to everyone but my iPhone users as all communication is SSL and directories are not really guess-able. I did disable the ServerTokens and all that, but I still get File not found etc. when I access the server requesting a random file, which is what these bots do constantly.

    Read the article

  • Validate authenticity of website owner

    - by Cyber Junkie
    Hello all! I'm planning to develop a web app where users will list their site/blog. When people submit their sites, how can I confirm that they are the owners of it? So for instance there is a user Mark who wants to submit someone else's website without their approval. I want to restrict Mark from doing so unless he is the actual owner. My idea was to do a comparison between the user's email domain and the website domain she/he wants to submit. If they match allow the user to submit the website. However most people don't register with their website domain address.. or perhaps I'll implement a Facebook connect in the future. What other methods would you suggest?

    Read the article

  • What is the best nuclear missile crypto system?

    - by The Rook
    You are on a submarine and there is an encrypted message that you want to read. Two people must use their keys at the same time in order to obtain the plain text. What is best cryptographic primitive to use? Are the following two implementations suitable? plain_text=decrypt(Key1 XOR key2,ciper_text,IV) plain_text=decrypt(Key1,rc4_encrypt(key2,ciper_text,IV2),IV1)

    Read the article

  • What scenarios/settings will result in a query on SQL Server (2008) return stale data

    - by s1mm0t
    Most applications rarely need to display 100% accurate data. For example if this stack overflow question displays that there have been 0 views, when there have really been 10, it doesn't really matter. This is one way that the (perceived) performance of applications can be improved, by caching results and therefore sometimes not showing 100% accurate results. There are some cases where the data does need to be 100% accurate though. So if I run the query select * from Foo I want to be sure that the results are not stale. Now depending on how my database is set up, other activity on the database, use of transactions and isolation levels etc this query may or may not be a true reflection of the world. What scenario's and settings can people think of that will result in this query returning stale results or given that another connection is part way through a transaction that has updated this table, how can I guarantee that when the above query returns, the results will be accurate.

    Read the article

  • Sharing Code, Images and Core Data models across iPhone and Mac project

    - by Robert
    Hi, I am maintaining a fairly large mac project and an iphone client for this project. Some code as well as some images and core data models are shared between these two projects. I want to create a shared framework containing this shared components but to my surprise, frameworks like we cocoa developers known them are not supported on the iphone os. Currently I see the following options: a) Include the files in both projects (much tedious work) b) Create a static library for both projects and manually copying the images/core data models c) Create a static lib for iphone and a framework for mac Any suggestions?

    Read the article

  • Using directory traversal attack to execute commands

    - by gAMBOOKa
    Is there a way to execute commands using directory traversal attacks? For instance, I access a server's etc/passwd file like this http://server.com/..%01/..%01/..%01//etc/passwd Is there a way to run a command instead? Like... http://server.com/..%01/..%01/..%01//ls ..... and get an output? EDIT: To be clear here, I've found the vuln in our company's server. I'm looking to raise the risk level (or bonus points for me) by proving that it may give an attacker complete access to the system

    Read the article

  • Secure way to run other people code (sandbox) on my server?

    - by amikazmi
    I want to make a web service that run other people code locally... Naturally, I want to limit their code access to certain "sandbox" directory, and that they wont be able to connect to other parts of my server (DB, main webserver, etc) Whats the best way to do it? Run VMware/Virtualbox: (+) I guess it's as secure as it gets.. even if someone manage to "hack".. they only hack the guest machine (+) can limit the cpu & memory the process uses (+) easy to setup.. just create the VM (-) harder to "connect" the sandbox directory from the host to the guest (-) wasting extra memory and cpu for managing the VM Run underprivileged user: (+) doesnt waste extra resources (+) sandbox directory is just a plain directory (?) cant limit cpu and memory? (?) dont know if it's secure enough... Any other way? Server running Fedora Core 8, the "other" codes written in Java & C++

    Read the article

  • Restricting IFRAME access in PHP

    - by m0j0
    I am creating a small web page using PHP that will be accessed as an IFRAME from a couple of sites. I'm wanting to restrict access to this site to work ONLY within the "approved" sites, and not other sites or accessed directly. Does anyone have any suggestions? Is this even possible? The PHP site will be Apache, and the sites iframing the content will probably be .NET. Just to clarify, any site can view the page, as long as it's iframe'd within an approved site. I want to block people from accessing it directly. I'm thinking cookies might be a solution, but I'm not sure.

    Read the article

  • Displaying Data from a Join in Codeigniter

    - by Brad
    I am using a simple join to pull data from two databases. This is the join in the model function com_control(){ $this->db->select('*'); $this->db->from('comments'); $this->db->join('posts', 'comments.entry_id = posts.id'); $query = $this->db->get(); return $query->result; } My desired method of display is going to be in a table so I am starting out to use like this foreach($comm_control as $row){ $this->table->add_row( $row->entry_id, $row->comments.id, $row->comment, $row->title ); }//end of foreach My problem is the display of data from comments.id. What is the proper format to add the comment.id into the table rows? I need the ID from both tables for display, edit and delete further on in the table. The only display I get at this time for "comment.id" is the word id. The Any help would be appreciated.

    Read the article

  • How should I mock out my data connectivity

    - by BobTheBuilder
    I'm trying to unit test my Data Access Layer and I'm in the process of trying to mock my data connectivity to unit test my DAL and I'm coming unstuck trying to mock out the creation of the commands. I thought about using a queue of IDbParameters for the creation of the parameters, but the unit tests then require that the parameters are configured in the right order. I'm using MOQ and having looked around for some documentation to walk me through this, I'm finding lots of recommendation not to do this, but to write a wrapper for the connection, but it's my contention that my DAL is supposed to be the wrapper for my database and I don't feel I should be writing wrappers... if I do, how do I unit test the connectivity to the database for my wrapper? By writing another wrapper? It seems like it's turtles all the way down. So does anyone have any recommendations or tutorials regarding this particular area of unit testing/mocking?

    Read the article

  • Rails - How to secure foreign keys and still allow association selection

    - by Bryce
    For simplicity, assume that I have a simple has-many-through relationship class User < ActiveRecord::Base has_many :courses, :through => :registrations end class Registration < ActiveRecord::Base belongs_to :user belongs_to :course end class Course < ActiveRecord::Base has_many :users, :through => :registrations end I want to keep my app secure, so I use attr_accessible to whitelist my attributes. My question is twofold: How would I set up my whitelist attributes such that I could create a new Registration object through a form (passing in :user and :course, but not risk allowing those foreign keys to be maliciously updated later? How would I set up my validations such that both belongs_to associations are required BUT also allow for Registration objects to be created in nested forms?

    Read the article

  • Execute a batch script from Firefox

    - by danilo
    I have written an intranet application from which you can directly connect to a virtual machine by clicking on a RDP-button. The click calls a .bat file, which opens the connection. With IE, this is no problem, as you can choose to directly execute the batch file. But with Firefox, I can only download the script, and have to start it manually afterwards. Is there a way to trust the intranet domain (about:config?) so Firefox allows it to execute scripts directly? Or is there an even better (easier) way to start an RDP connection from Firefox?

    Read the article

  • Data manipulation without server side

    - by monczek
    Hi, I have to create a very simple webpage to show, filter and add data from not-yet-defined source (probably txt/xml/cvs). Records should be visible as a table, filtered using 3 criteria fields. There should be also possibility to add new records. My first thought was: XHTML + jQuery + csv2table + PicNet Table Filter. It does exactly what I want except adding rows - that is saving changes in source file (probably due to security risk). My question is - is there any possibility to do it without involving server side like asp.net, jee, php, sql? Source file is located on the server. Thanks for your ideas :-)

    Read the article

  • Migrating just article contect of Joomla 1.0 to 2.5.x / 3.x?

    - by user2919408
    I have a simple website using Joomla 1.0.15, just having articles in some categories. As i want to install or remove components from admin area, i got : "You are not authorised to view this resource" or something like that. This is uncommon, this site is about 5 years old, and never got error message like that. I think my website is hacked ?? I have set safe_mode = off in php.ini, turn of sh404sef, removing .htaccess file etc ... and it still does not work. Then i try to upgrade to Joomla 2.5.x / 3.x . I found that i must migrate to Joomla 1.5.x first, then from there to 2.5.x. I got problem installing "migration.zip" component in my Joomla 1.0.x (always alert/err message pop up is shown). Is there another way to migrate the website ? May be just get the article section, category, article id and the content of Joomla 1.0.x , then import it to Joomla 2.5.x / 3.x ? I don't need components, modules, mambots (if any) of the old site. How to do it ? Thanks

    Read the article

  • Hide form if javascript disabled

    - by Kero
    I need to check on disabling JavaScript if the user disabled JavaScript from browser or firewall or any other place he will never show the form. I have lots of search and solutions, but unfortunately didn't got the right one. - Using style with no-script tag: This one could be broke with removing style... <noscript> <style type="text/css"> .HideClass { display:none; } </style> </noscript> The past code will work just fine but there is lots of problems in no-script tag as here Beside that i don't want to redirect user with no-script tag too...Beside that i can quickly stop loading the page to broke this meta or disable Meta tag from IE: <meta http-equiv="refresh" content="0; URL=Frm_JavaScriptDisable.aspx" /> Another way to redirect user with JavaScript but this will work let's say for 99% of users and this one isn't lovely way and will slow down the website... window.location="http://www.location.com/page.aspx"; Is there is any other ideas or suggestions to secure working with JavaScript...and prevent user from entering the website or see my form except when JavaScript enabled...

    Read the article

  • How to check for a file's authenticity ?

    - by Ale_x
    Let's say I write a game application. I want the level of the player to be stored in an external file. How can I prevent a hacker from writing and modifying the file to put another level ? I want the file to be modified by my application only. I can sign the file's content with a key, but then this key will be stored in the application, therefore it would be possible for a hacker to decompile the binary and find the key. Is there any way to do this ?

    Read the article

  • data loading - app launching on tableview

    - by wallou
    hi, i encounter an issue with my application. On one hand when my app launches, the first view displayed is a tableview within a tableviewcontroller. On the other hand my app calls a web service to collect data. These methods are in MyAppDelegate\applicationDidFinishLaunching. The thing is that my tableview is made of custom cells that need data from the web service. I noticed that the view (with the tableview) is launched first and then MyAppDelegate\applicationDidFinishLaunchin is executed. As a result the labels of my custom cells are all equal to null as my arrays aren't filled yet by the web service. I would like to know the proper way to make it. If anyone has an idea please tell me. Wallou

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 432 433 434 435 436 437 438 439 440 441 442 443  | Next Page >