Search Results

Search found 4187 results on 168 pages for 'secure erase'.

Page 45/168 | < Previous Page | 41 42 43 44 45 46 47 48 49 50 51 52  | Next Page >

  • Recommend an SFTP solution for Windows (Server & Client) that integrates well with Dreamweaver

    - by aaandre
    Could you please recommend a secure FTP solution for updating files on a remote windows server from windows workstations? We would like to replace the FTP-based workflow with a secure FTP one. Windows Server 2003 on the remotely hosted webserver, WinXP on the workstations. We manage the files via Dreamweaver's built-in FTP. My understanding is Dreamweaver supports sFTP out of the box so I guess I am looking for a good sFTP server for Windows Server 2003. Ideally, that would not require cygwin. Ideally, the solution would use authentication based on the existing windows accounts and permissions. Thank you!

    Read the article

  • WCF WebService: Client can't connect, as soon as request client cerficate is activated.

    - by Hinek
    I have an .NET 3.5 WCF WebService hostet in IIS 6 and using a SSL certificate. The communication between client and server works. Then I activate "request client certificate" and the client can't connect anymore Exception: System.ServiceModel.Security.SecurityNegotiationException: Could not establish secure channel for SSL/TLS with authority 'polizei-bv.stadt.hamburg.de'. Inner Exception: System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel. The certificate, the client uses is in the certificate store (local computer), the root ca is int the trusted root certification authorities store. Where can I check for an explanation on the server side? How can I check if the client really supplies it's certificate (client is not on my side)?

    Read the article

  • Opinions on Dual-Salt authentication for low sensitivity user accounts?

    - by Heleon
    EDIT - Might be useful for someone in the future... Looking around the bcrypt class in php a little more, I think I understand what's going on, and why bcrypt is secure. In essence, I create a random blowfish salt, which contains the number of crypt rounds to perform during the encryption step, which is then hashed using the crypt() function in php. There is no need for me to store the salt I used in the database, because it's not directly needed to decrypt, and the only way to gain a password match to an email address (without knowing the salt values or number of rounds) would be to brute force plain text passwords against the hash stored in the database using the crypt() function to verify, which, if you've got a strong password, would just be more effort than it's worth for the user information i'm storing... I am currently working on a web project requiring user accounts. The application is CodeIgniter on the server side, so I am using Ion Auth as the authentication library. I have written an authentication system before, where I used 2 salts to secure the passwords. One was a server-wide salt which sat as an environment variable in the .htaccess file, and the other was a randomly generated salt which was created at user signup. This was the method I used in that authentication system for hashing the password: $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; //create a random string to be used as the random salt for the password hash $size = strlen($chars); for($i = 0; $i < 22; $i++) { $str .= $chars[rand(0, $size - 1)]; } //create the random salt to be used for the crypt $r_blowfish_salt = "$2a$12$" . $str . "$"; //grab the website salt $salt = getenv('WEBSITE_SALT'); //combine the website salt, and the password $password_to_hash = $pwd . $salt; //crypt the password string using blowfish $password = crypt($password_to_hash, $r_blowfish_salt); I have no idea whether this has holes in it or not, but regardless, I moved over to Ion Auth for a more complete set of functions to use with CI. I noticed that Ion only uses a single salt as part of its hashing mechanism (although does recommend that encryption_key is set in order to secure the database session.) The information that will be stored in my database is things like name, email address, location by country, some notes (which will be recommended that they do not contain sensitive information), and a link to a Facebook, Twitter or Flickr account. Based on this, i'm not convinced it's necessary for me to have an SSL connection on the secure pages of my site. My question is, is there a particular reason why only 1 salt is being used as part as the Ion Auth library? Is it implied that I write my own additional salting in front of the functionality it provides, or am I missing something? Furthermore, is it even worth using 2 salts, or once an attacker has the random salt and the hashed password, are all bets off anyway? (I assume not, but worth checking if i'm worrying about nothing...)

    Read the article

  • Switching to LDAP over SSL for Active Directory

    - by bkildow
    On our active directory server, I would like to enable LDAP over SSL as per this: http://support.microsoft.com/kb/321051. I am wondering, once this is set up, will LDAP still be listening on the standard port, 389 once this is implemented as well as the secure port? Or will the secure port completely replace the standard port as an option to connect to? Also, will there need to be any other configurations besides the steps in the article for doing this? In other words, will domain users still be able to authenticate like normal, or is there additional setup that would need to occur?

    Read the article

  • Operative systems on SD cards

    - by HisDudeness
    I was getting some wild ideas the last days, like putting some operative systems into SD cards rather than on my hard drive. I'll go further into details now and explain what lead me to consider this probably abominable decision. I am on a laptop (that means I have a native SD-card reader) which is currently running a cross-distro setup, with a bunch of Linux systems (placed in dedicated ext4 logical partitions into a huge extended one) regulated by an unique GRUB. Since today, my laptop haven't even seen any Windows system with binoculars. I was thinking about placing all the os part of my setup into a Secure Digital to save all my 500 Gb Hard Drive for documents, music, videos and so on, and being able to just remove the SD and boot my system into another computer too, as well as having the possibility of booting other systems into mine by just plugging in another SD, without having to keep it constantly placed in my PC. Also, in the remote case in the near future I just wanted to boot Windows 8 in it, I read it causes major boot incompatibility issues with other systems by needing a digital signature in order for them to start. By having it in a removable drive, I could just get rid of it when I'm needing him and switch its card with Linux one, and so not having any obstacles to their boot. Now, my questions are: I know unlikely traditional rotating disk drives, integrated circuits ones have a limited lifespan in terms of cluster rewriting. Is it an obstacle to that kind of usage? I mean, some Ultrabooks are using SSD now, is it the same issue, or there are some differences between Solid State Drives and Secure Digitals in that sense? Maybe having them to store system files which are in fixed positions (making the even-usage of cluster technology useless) constantly being re-read and updated and similar things just gets them soon unserviceable, do it? Second question: are all motherboards and BIOSes able to boot from SDs just like they are from USB pen drives (I mean, provided card reader is USB-connected, isn't it)? Or can't bootloaders like GRUB be installed on SDs working? If they can't, is it a solution installing GRUB to MBR and making boot option pointing to SD? Will it work? Are there any other problems to installing OSs on a Secure Digital?

    Read the article

  • Test tomcat for ssl renegotiation vulnerability

    - by Jim
    How can I test if my server is vulnerable for SSL renegotiation? I tried the following (using OpenSSL 0.9.8j-fips 07 Jan 2009: openssl s_client -connect 10.2.10.54:443 I see it connects, it brings the certificate chain, it shows the server certificate, and last: SSL handshake has read 2275 bytes and written 465 bytes --- New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA Server public key is 1024 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : DHE-RSA-AES256-SHA Session-ID: 50B4839724D2A1E7C515EB056FF4C0E57211B1D35253412053534C4A20202020 Session-ID-ctx: Master-Key: 7BC673D771D05599272E120D66477D44A2AF4CC83490CB3FDDCF62CB3FE67ECD051D6A3E9F143AE7C1BA39D0BF3510D4 Key-Arg : None Start Time: 1354008417 Timeout : 300 (sec) Verify return code: 21 (unable to verify the first certificate) What does Secure Renegotiation IS supported mean? That SSL renegotiation is allowed? Then I did but did not get an exception or get the certificate again: verify error:num=20:unable to get local issuer certificate verify return:1 verify error:num=27:certificate not trusted verify return:1 verify error:num=21:unable to verify the first certificate verify return:1 HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Content-Type: text/html;charset=ISO-8859-1 Content-Length: 174 Date: Tue, 27 Nov 2012 09:13:14 GMT Connection: close So is the server vulnerable to SSL renegotiation or not?

    Read the article

  • What ports to open for mail server?

    - by radman
    Hi, I have just finished setting up a Postfix mail server on a linux (ubuntu) platform. I have it sending and receiving email and it is not an open relay. It also supports secure smtp and imap. Now this is a pretty beginner question but should I be leaving port 25 open? (since secure smtp is preferred). if so then why? Also what about port 587? Also should I require any authentication on either of these ports? Please excuse my ignorance in this area :P

    Read the article

  • Securing a persistent reverse SSH connection for management

    - by bVector
    I am deploying demo Ubuntu 10.04 LTS servers in environments I do not control and would like to have an easy and secure way to administer these machines without having to have the destination firewall forward port 22 for SSH access. I've found a few guides to do this with reverse port (e.g. howtoforge reverse ssh tunneling guide) but I'm concerned with security of the stored ssh credentials required for the tunnel to be opened automatically. If the machine is compromised (primary concern is physical access to the machine is out of my control) how can I stop someone from using the stored credentials to poke around in the reverse ssh tunnel target machine? Is it possible to secure this setup, or would you suggest an alternate method?

    Read the article

  • Any problems with using a 301 redirect to force https traffic in IIS?

    - by Jess
    Is there any problem with using a 301 redirect to force all traffic to go to a secure-only site? We originally had redirect rules, but enforcing SSL-only seemed more secure. Here is how we set it up: Site 1: https://example.com/ Require SSL set Bound to 443 only Site 2: http://example.com Bound to 80 only Empty folder - no actual html or other data 301 Redirects to https://example.com This seems to work beautifully, but are there any issues with doing this? Would any browsers not recognize the 301 redirect, or could there be security warnings during the redirect?

    Read the article

  • Security considerations for my first eStore.

    - by Rohit
    I have a website through which I am going to sell few products. It is hosted on a simple shared-hosting and does not have SSL. On the products page, each product has a Buy Now button created from my PayPal Merchant account. PayPal recommends to use it's Button Factory to create secure buttons and save it inside PayPal itself. I have followed the same advice and the code of any button is secure and does not disclose any information on either a product or it's price. When the user clicks on a Buy Now button, he/she is taken to PayPal site where a page is opened in SSL for the user to fill in the credit card and shipping details. After a successful transaction, the control is passed back to my site. I want to know whether there is still any chance when security could be compromised.

    Read the article

  • How do I securely store and manage 180 passwords?

    - by Sammy
    I have about 180 passwords for different websites and web services. They are all stored in one single password protected Excel document. As the list gets longer I am more and more concerned about its security. Just how secure, or should I say insecure, is a password protected Excel document? What's the best practice for storing this many passwords in a secure and easy manageable way? I find the Excel method to be easy enough, but I am concerned about the security aspect.

    Read the article

  • iPad revocable vpn access

    - by carpat
    I'm a programmer at my organization, but somehow got drafted into looking into some server stuff so forgive me of my ignorance: They want to give our sales people secure access to our internal sites using their iPads. This must be secure (obviously) but also revocable from the company's side (if someone quits they can no longer access our network). I see from http://support.apple.com/kb/HT1288 that the iPad supports "RSA SecurID", "CRYPTOCard", and "Kerberos" authentication methods. Will one of these do what we need? Are there any major differences between them?

    Read the article

  • Remote desktop Client versus Web based access to reports and limited data entry

    - by Voyager
    We have a requirement from management to give limited access of our Application to Distributors \ Dealers to look at their account statements in our books of account, enter their purchase requirements (sales order for us). We have given a few of them the RDC who connect to our terminal server and access the reports. This involves licensing of TS Client per each distributor. Is it more better, secure and less costly if a web based application is made to only enter the orders and retrive reports like pending orders, ledgers, receivables etc. Also which is more secure as far as database access is concerened...browser based access or RDC access. Please answer.

    Read the article

  • Deleting elements from stl set while iterating through it does not invalidate the iterators.

    - by pedromanoel
    I need to go through a set and remove elements that meet a predefined criteria. This is the test code I wrote: #include <set> #include <algorithm> void printElement(int value) { std::cout << value << " "; } int main() { int initNum[] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 }; std::set<int> numbers(initNum, initNum + 10); // print '0 1 2 3 4 5 6 7 8 9' std::for_each(numbers.begin(), numbers.end(), printElement); std::set<int>::iterator it = numbers.begin(); // iterate through the set and erase all even numbers for (; it != numbers.end(); ++it) { int n = *it; if (n % 2 == 0) { // wouldn't invalidate the iterator? numbers.erase(it); } } // print '1 3 5 7 9' std::for_each(numbers.begin(), numbers.end(), printElement); return 0; } At first, I thought that erasing an element from the set while iterating through it would invalidate the iterator, and the increment at the for loop would have undefined behavior. Even though, I executed this test code and all went well, and I can't explain why. My question: Is this the defined behavior for std sets or is this implementation specific? I am using gcc 4.3.3 on ubuntu 10.04 (32-bit version), by the way. Thanks!

    Read the article

  • IIRF - Redirecting all traffic to the http equivalent

    - by GordonB
    I'm using IIRF and having some trouble getting it to redirect all traffic to the secure version of my sites. So... I have a website with about 20 apps in virtual directories in IIS6. The website takes 80 and 443 traffic. I want to use IIRF to redirect all port 80 traffic EG; http://myserver/app1/page1/param1 http://myserver/app2/ http://myserver To the secure equivalent (https). Here's my config so far; # Iirf.ini # # ini file for IIRF # RewriteLogLevel 1 RewriteLog D:\Websites\Apptemetry\IirfLogs RewriteEngine ON StatusInquiry ON IterationLimit 5 RewriteLogLevel 3 RewriteCond %{HTTPS} off RewriteCond %{SERVER_PORT} ^80$ RedirectRule ^http(.*)$ https$1 Can anyone advise the correct configuration to use, to redirect all traffic?

    Read the article

  • PHP unlink OR rewrite own/current file by itself

    - by Email
    Hi Task: Cut or erase a file after first walk-through. i have an install file called "index.php" which creates another php file. <? /* here some code*/ $fh = fopen($myFile, 'w') or die("can't open file"); $stringData = "<?php \n echo 'hallo, *very very long text*'; \n ?>"; fwrite($fh, $stringData); /*herecut"/ /*here some code */ after the creation of the new file this file is called and i intent to erase the filecreation call since it is very long and only needed on first install. i therefor add to the above code echo 'hallo, *very very long text*'; \n ***$new= file_get_contents('index.php'); \n $findme = 'habanot'; $pos = strpos($new, $findme); if ($pos === false) { $marker='herecut';\n $new=strstr($new,$marker);\n $new='<?php \n /*habanot*/\n'.$new;\n $fh = fopen('index.php', 'w') or die 'cant open file'); $stringData = $new; fwrite($fh, $stringData); fclose($fh);*** ?>"; fwrite($fh, $stringData);]} Isnt there an easier way or a function to modify the current file or even "self destroy" a file after first call? Regards

    Read the article

  • Apache: serving SSL only

    - by elect
    I have a website that I want to be access only by https://myurl.com. A normal typing myurl.com should be forwarded to the https. I tried different things such as: RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://myurl.com/$1 [R,L] (rewrite mod ON) or NameVirtualHost *:80 <VirtualHost *:80> ServerName mysite.example.com DocumentRoot /usr/local/apache2/htdocs Redirect permanent /secure https://mysite.example.com/secure </VirtualHost> But they didnt work, which is the right way to do it? Debian & Apache 2

    Read the article

  • Safe to use high port numbers? (re: obscuring web services)

    - by sofakng
    I have a small home network and I'm trying to balance the need for security versus convenience. The safest way to secure internal web servers is to only connect using VPNs but this seems overkill to protect a DVRs remote web interface (for example). As a compromise, would it be better to use very large ports numbers? (eg. five digits up to 65531) I've read that port scanners typically only scan the first 10,000 ports so using very high port numbers is a bit more secure. Is this true? Are there better ways to protect web servers? (ie. web guis for applications)

    Read the article

  • Safe to use high port numbers? (re: obscuring web services)

    - by sofakng
    I have a small home network and I'm trying to balance the need for security versus convenience. The safest way to secure internal web servers is to only connect using VPNs but this seems overkill to protect a DVRs remote web interface (for example). As a compromise, would it be better to use very large ports numbers? (eg. five digits up to 65531) I've read that port scanners typically only scan the first 10,000 ports so using very high port numbers is a bit more secure. Is this true? Are there better ways to protect web servers? (ie. web guis for applications)

    Read the article

  • OEM Windows 8 Downgrade to Windows 7

    - by user1873048
    I recently Purchased an ASUS K55A As you may know, all Windows 8 machines come with a BIOS that contains 'Secure Boot'. This basically makes sure that the BIOS won't load anything other than the Windows 8 OEM bloatware version that comes with new Laptops. However the Asus Bios allows for me to disable the secure boot, and therefore I should be able to revert to Windows 7, Linux, etc. Drivers may or may not be supported. When I put my MINT LINUX boot disc in CD-R Drive and try to boot from ISO, nothing happens. There isn't even a boot priority list in this BIOS... I can provide screen shots later. It just says WINDOWS 8 Bootloader and also on the other tab it says WINDOWS 8 BOOT OVERRIDE Has anybody purchased a windows 8 machine and successfully loaded windows 7 or Linux?

    Read the article

  • Redirect non-www ssl traffic to www ssl (apache)

    - by The NinjaSysadmin
    Hello, I'm attempting to get a redirect which is failing, and for some reason I can't think today. I have a vHost file within HTTPD that listens on standard port 80 and port 443. I'm attempting to redirect https://domain.com/(.*) to https://www.domain.com/$1 so that the URL remains intact. My config is as follows: ServerName www.domain.com ServerAlias tempdomain.testdomain.co.uk ServerAlias domain.com My rerwrite rule I'm using is. RewriteCond %{HTTP_HOST} ^domain.com$ RewriteRule ^(.*)$ https://www.domain.com$1 [R=301,L] I've also tried removing the . and $ but nothing.. When I visit the url https://domain.com/secure.page?action=comp it doesn't redirect to https://www.domain.com/secure.page?action=comp I do also have other SSL pages, the above was just an example.. Can anyone point out my stupidity.

    Read the article

  • Is UEFI more or less vulnerable than Legacy BIOS?

    - by Eric
    Is UEFI more secure than BIOS on a Windows 8.1 machine? Is UEFI vulnerable to malware in ways that Legacy BIOS is not? Is it correct that UEFI can connect to the internet before the OS (or anti-virus program) has loaded? On some boards, UEFI settings can be changed in Windows. Do these things affect PC security? I have read that BIOS on an MBR disc can be vulnerable to 'rootkits' There have been reports that suggest UEFI secure boot may not be infallible. Is UEFI better at defending against malware than BIOS?

    Read the article

  • non-interactive ssh sudo... prompts for the password in plain text

    - by Iain
    I'm running some non-interactive ssh commands. The ssh authentication is taken care of fine through the ssh agent, but if I run a command that requires sudo then the password prompt in my terminal is plain text. For example: ssh remotemachine "sudo -u www mkdir -p /path/to/new/folder" will prompt me for the password in plain text. Does anyone know how I can get it to use the normal secure prompt or that I can pass the password via a switch? (as then I can set up a secure prompt on this side before I send the command) Any help is much appreciated.

    Read the article

< Previous Page | 41 42 43 44 45 46 47 48 49 50 51 52  | Next Page >