Search Results

Search found 292 results on 12 pages for 'insecure'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 5/12 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Port 21 will not open. status is closed. forward port 21 to new domains.

    - by Bob Swaggerty
    I am having a problem opening port 21 on my Linux Ubuntu server. No matter what i do, i can not get my status to change from closed to open. Here is a recent iptables command i used and the result iptables -A INPUT -p tcp -m tcp --dport 21 -j ACCEPT nmap -p21-22,25,80,443 CCR1 Starting Nmap 4.53 ( http://insecure.org ) at 2012-06-19 03:13 CDT Interesting ports on CCR1.chennaichristianradio.com (5.10.69.98): PORT STATE SERVICE 21/tcp closed ftp 22/tcp open ssh 25/tcp closed smtp 80/tcp open http 443/tcp closed https I also used commands from the advise from this forum http://www.cyberciti.biz/faq/iptables-open-ftp-port-21/ I need to open this for FTP access to the server, and ultimately I need to forward port 21 to 2 domains i am setting up. Thank you for any assistance you can provide -Bob Swaggerty

    Read the article

  • How to secure Ubuntu for a non-technical user? (your mom)

    - by Gil
    My mother will be traveling for a while and I need to provide her with a secure laptop so she can work. A windows laptop is out of the question because: she'll be logging into dodgy hotel wireless networks and conference networks price of the windows license to install on a netbook I've installed libreoffice, media players and skype on it. Also enabled SSH so I can intervene but I am worried that I might not be in a position to do so. Possible threats: web browsing USB sticks insecure networks prone to intrusions malware SSH/VNC vulnerabilites Skype vulnerabilities All the "securing Ubuntu" guides out there assume the user has a certain level of technical knowledge but this is not the case with moms in general. If a malware can gain even user level access it might compromise her files.

    Read the article

  • Friday Fun: Z-Type

    - by Asian Angel
    This week’s game is a bit like Space Invaders except you use typing to defend your position. Defending your position will be easy enough at first, but things will quickly become complicated! Do you have the speed and accuracy required to survive or will the enemy have the last word? HTG Explains: Why Do Hard Drives Show the Wrong Capacity in Windows? Java is Insecure and Awful, It’s Time to Disable It, and Here’s How What Are the Windows A: and B: Drives Used For?

    Read the article

  • Why don't smart phones have an auto-forget password feature? [closed]

    - by Kelvin
    Storing passwords to external services (e.g. corporate email servers) on smart phones is very insecure, since phones are more easily stolen. Has any vendor implemented a feature to only cache a password in memory for a limited amount of time? After the time period has elapsed, the app would ask for the password again. EDIT: I should've clarified - I'm aware that many (most?) users are lazy and want to just "set it and forget it". The always-remember feature will probably always be present. I was curious about an option to enable auto-forget for the security-conscious.

    Read the article

  • I.T. degree for game programming?

    - by user6175
    Hi, I am a 19 year old who has always been interested in video & computer games. I developed the interested for game programming about three months ago and started researching on the profession. The only degrees always suggested on the internet and in books are those of computer science, physics, mathematics, & game development. BSc Information Technology has been my major for the past two years; and even though my university teaches we the I.T. students computer programming (in c++, c#, java) and offers us the opportunity to undertake some computer science courses of our choice in addition to the regular I.T. courses, I am feeling insecure about my prospects in getting into the profession. My question is: Will a game development company hire me if I exhibit good math, physics and game programming skills with an I.T. degree? If NO, will I have to obtain an MSc in a much more related course.

    Read the article

  • Secure Web Apps from SQL Injection in ASP.Net

    In the first part of this two-part series you learned how SQL injection works in ASP.NET 3.5 using a MS SQL database. You were also shown with a real web application which was not secure against SQL injection attacks how these attacks can be used by the hacker to delete sensitive information from your website such as database tables. In this part you will learn how to start securing your web applications so they will not be vulnerable to these kinds of exploits. A complete corrected example of the insecure web application will be provided at the end of this tutorial.... ALM Software Solution ? Try it live! Requirements Management, Project Planning, Implementation Tracking & QA Testing.

    Read the article

  • Lumia 920 or iPhone5, which is it gonna be?

    - by Sahil Malik
    SharePoint 2010 Training: more information Deciding on a new phone is so difficult. I currently use an iPhone4, and I am itching to upgrade to either iPhone5 or Lumia 920. The decision is difficult because a lot of my work depends on my communication device, and whatever I pick, I will be stuck with for 2 years. Here is how I see the two stacking up. iPhone 5 of course based on rumors so far. I didn’t even consider Android here because I don’t like Android as an OS. It’s too insecure, privacy intrusive, and frankly unreliable. I cannot bet my work on Android, sorry not gonna happen. Read full article ....

    Read the article

  • How to install a new CA certificate on Linux?

    - by Dail
    I have bought a cheap SSL certificate to run my website using NGINX. They sent me 4 .crt files: www_mywebsite_it.crt AddTrustExternalCARoot.crt PositiveSSLCA.crt UTNAddTrustServerCA.crt I have configurate www_mywebsite_it.crt and my .key on NGinx, but I also have to install the others .crt files. How can I do it? I'm using Ubuntu. (The problem is that I see correctly the SSL certificate using Firefox, Chrome and Opera but if I use Firefox 4.0.1 (the last) I get the default Firefox alert for insecure website.) Thank you!

    Read the article

  • Who Provides Internet Service for My Internet Service Provider?

    - by Jason Fitzpatrick
    You pay your Internet Service Provider (ISP) for internet access, and they turn on the sweet, sweet, fire hose of data for you. But who provides the flow for your ISP? Read on to learn the ins and outs of global data delivery. Today’s Question & Answer session comes to us courtesy of SuperUser—a subdivision of Stack Exchange, a community-drive grouping of Q&A web sites. HTG Explains: How Windows Uses The Task Scheduler for System Tasks HTG Explains: Why Do Hard Drives Show the Wrong Capacity in Windows? Java is Insecure and Awful, It’s Time to Disable It, and Here’s How

    Read the article

  • Safest way (i.e. HTTPS, POST, PGP) to send decryption keys through the web?

    - by theGreenCabbage
    I am in the final stages of development for my Revit plugin. This plugin is programmed in C#, and distributed via a DLL. One of the DLLs is an encrypted SQLite database (with proprietary data) that is in the form of a DLL. Currently, in development stages, the decryption key for the SQLite database is hardcoded in my main DLL (the program's DLL). For distribution, since DLLs are easily decompilable, I am in need of a new method to decrypt the DLL. My solution is to send our decryption keys from our servers securely to the host's computer. I was looking in POST, thinking it was more secure than GET, but upon research, it appears it's similarly insecure, only more "obscure" than GET. I also looked into HTTPS, but Hostgator requires extra money for HTTPS use. I am in need of some advice - are there any custom solutions I can do to implement this?

    Read the article

  • JDK 7u10 Released !

    - by user9148683
    Java Development Kit 7 Update 10 (JDK 7u10) release is now live! You can download it from Java SE Downloads page. The Java™ SE Development Kit 7, Update 10 Release Notes contains information about this release. The highlights of this release include: New Certified System Configurations - Mac OS X 10.8 and Windows 8 Security Feature Enhancements: The ability to disable any Java application from running in the browser. This mode can be set in the Java Control Panel or (on Microsoft Windows platform only) using a command-line install argument. New dialogs to warn you when the JRE is insecure (either expired or below the security baseline) and needs to be updated. The documentation at Setting the Level of Security for the Java Client and Java Control Panel explains these features in detail.

    Read the article

  • Lazy Evaluation in Bash

    - by User1
    Is there more elegant way of doing lazy evaluation than the following: pattern='$x and $y' x=1 y=2 eval "echo $pattern" results: 1 and 2 It works but eval "echo ..." just feels sloppy and may be insecure in some way. Is there a better way to do this in Bash?

    Read the article

  • How to securely pass credit card information between pages in PHP

    - by Alex
    How do you securely pass credit card information between pages in PHP? I am building an ecommerce application and I would like to have the users to go through the checkout like this: Enter Information - Review - Finalize Order Problem is that I am not sure on how to safely pass credit information from when the user inputs them to when I process it (at the Finalize Order step). I heard using sessions is insecure, even with encryption. Any help would be appreciated!

    Read the article

  • SSL with external static content server

    - by SirMoreno
    I have a .Net web application that for performance issues gets all the static data (CSS, Images, JS) from an external server that is on different location and different hosting company. I want to enable SSL on my site without the users getting a message: "Page contains both secure and insecure elements" Does this means I’ll have to get two SSL Certificates one for each server? If I want the users to continue getting the static content from the external server what other options do I have? Thanks.

    Read the article

  • unfounded Secure Unsecure Messages

    - by Marty Trenouth
    I'm having significant difficulty locating the root cause for a secure/insecure message comming from IE. I've looked through the entire output and there are NO references to http: I've searched for unsource Iframes, which cause this message, and there are none and other than jquery 1.4 there isn't even the text "iframe" in the source. I'm almost at an end trying the cause for this. Does anyone have any ideas

    Read the article

  • I get the warning "Format not a string literal and no format arguments" at NSLog -- how can I correc

    - by dsobol
    Hello, I get the warning "Format not a string literal and no format arguments" on the NSLog call in the following block: (void) alertView:(UIAlertView *)alertView clickedButtonAtIndex:(NSInteger)buttonIndex { NSLog([NSString stringWithFormat:@"%d", buttonIndex]); } I have read in another post here that this error message indicates an insecure use of NSLog. Could someone point me in the direction of a properly formatted string for this? Thanks for any and all assistance! Regards, Steve O'Sullivan

    Read the article

  • Strongest cipher available to use with C/C++ ?

    - by George0x77
    I am just wondering if you are supposed to write a sort of really secure application with data being transmitted over insecure networks, what kind of encryption algorithm will you use it in order to make it safe ? I know several c++ libraries for encryption providing nice functions with different algorithms, but i'm not quite sure which cipher to use - AES, DES, RSA, Blowfish or maybe something more different ? Please provide your ideas and suggestions. Thank you.

    Read the article

  • Puppet gives SSL error because master is not running?

    - by Daniel Huger
    I started with two clean machines this time. My master is running 12.04 Version: 2.7.11-1ubuntu2 Depends: ruby1.8, puppetmaster-common (= 2.7.11-1ubuntu2) My client is 10.04 Version: 2.6.3-0ubuntu1~lucid1 Depends: puppet-common (= 2.6.3-0ubuntu1~lucid1), ruby1.8 To setup Puppet tutorial: http://shapeshed.com/setting-up-puppet-on-ubuntu-10-04/ To connect master and client: http://shapeshed.com/connecting-clients-to-a-puppet-master/ The first time I tried to connect master to client failed with SSL_connect error. So I did rm -rf /etc/puppet/ssl/ to remove all the keys inside ssl folders. It looked like it work.... BUT client# puppet agent --server puppet --waitforce 60 --test /usr/lib/ruby/1.8/facter/util/resolution.rb:46: warning: Insecure world writable dir /etc/condor in PATH, mode 040777 /usr/lib/ruby/1.8/puppet/defaults.rb:67: warning: Insecure world writable dir /etc/condor in PATH, mode 040777 info: Creating a new SSL key for giab10 warning: peer certificate won't be verified in this SSL session info: Caching certificate for ca warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Creating a new SSL certificate request for mybox123 info: Certificate Request fingerprint (md5): XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Caching certificate for mybox123 err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed warning: Not using cache on failed catalog It cached but then it couldn't retrieve it. Let me stop here.... worrying I would mess something up. But let's check master's status. * master is not running WoW.... ??? master# service puppetmaster start * Starting puppet master [OK] master# service puppetmaster status * master is not running I think time is sync. Well, we are behind a firewall so the port to sync time is disbaled. I checked with date and they seem okay. What about master not running? Is that the cause? Any help is appreciated. Thanks! /var/lib/puppet/log/masterhttp.log [2012-06-30 00:13:25] INFO WEBrick 1.3.1 [2012-06-30 00:13:25] INFO ruby 1.8.7 (2011-06-30) [x86_64-linux] [2012-06-30 00:13:25] WARN TCPServer Error: Address already in use - bind(2) [2012-06-30 00:19:40] INFO WEBrick 1.3.1 [2012-06-30 00:19:40] INFO ruby 1.8.7 (2011-06-30) [x86_64-linux] [2012-06-30 00:19:40] WARN TCPServer Error: Address already in use - bind(2) [2012-06-30 00:28:58] INFO WEBrick 1.3.1 [2012-06-30 00:28:58] INFO ruby 1.8.7 (2011-06-30) [x86_64-linux] [2012-06-30 00:28:58] WARN TCPServer Error: Address already in use - bind(2) [2012-06-30 15:31:25] INFO WEBrick 1.3.1 [2012-06-30 15:31:25] INFO ruby 1.8.7 (2011-06-30) [x86_64-linux] [2012-06-30 15:31:25] WARN TCPServer Error: Address already in use - bind(2) 1 S puppet 5186 1 0 80 0 - 29410 poll_s 15:44 ? 00:00:00 /usr/bin/ruby1.8 /usr/bin/puppet master --masterport=8140 4 S root 5235 5005 0 80 0 - 2344 pipe_w 15:45 pts/0 00:00:00 grep --color=auto puppet kill -9 5186 puppet master service puppetmaster status * master is not running I always have this error, but I always ignored it. http://pastebin.com/exbpArjv What could it mean? Time sync? Package not installed? Then how could we do puppetca in the first place?

    Read the article

  • Mac OS X: How do I disable SSID Broadcasting with Internet Sharing over Airport?

    - by Jack Chu
    I'm currently using Internet Sharing from my Ethernet over Airport on my Macbook Pro, however I don't want my SSID broadcasted†. There doesn't seem to be an option in Sharing/System Preferences to hide my ssid or prevent broadcasting. Any ideas? † My parent's restaurant has a wifi router, but it's on the roof level where the cable was installed. The signal it gets is weak, but works for the macbook. Their iPhones and 802.11G based computers can't get the wifi connection, maybe 802.11N on the macbook gets better penetration. I figure they could use the airport sharing from the laptop. For a restaurant type setting I don't think having WPA or WPA2 is super important. There's nothing sensitive or insecure on the network, so I figure hiding the SSID would be good enough for their purposes. It's not even active 100% of the time.

    Read the article

  • OpenSUSE Yast permissions for user

    - by pajton
    I have an OpenSUSE 11.4 box with Kde 4.6. I am currently working to create a sandbox environment for the user, let's call hime bob. Bob isn't allowed to do much in the system, but I'd like to let him configure certain things in yast. I have dektop shortcuts for particular yast modules, e.g. the shortcut executes xdg-su -c "/sbin/yast2 lan" to launch yast lan configuration. Now, I do not want Bob to have to enter password to launch this configuration (just please don't tell me it's insecure - I know this, in this particular setting it is going to be OK). I wanted to do this with setuid, but obiously setting it on *.desktop shortcut doesn't work. There is sudo approach, but I would have to allow Bob to use all yast modules. So, is there anything more fine-grained to set the permissions for exact yast modules? Thanks in advance!

    Read the article

  • Apache error_log repeated attempts to access forum.php

    - by bMon
    About every two seconds I am getting: [Sat Feb 19 19:00:01 2011] [error] [client 69.239.204.217] script '/var/www /html/forum.php' not found or unable to stat [Sat Feb 19 19:00:04 2011] [error] [client 69.239.204.217] File does not exist: /var/www/html/404.shtml ..in my /var/log/httpd/error_log file. Sometimes the request will be for forum_asp.php. I'm assuming its a bot trying to access insecure forum files, but I'm not so sure since it appears each is a unique IP and not just a few rouge IPs hitting it consecutively. And whois results of the ip's aren't all the classic ISP in Russia or China, they are more end user address (comcast, etc). Any insight into whats going on here would be appreciated. Also, any techniques people use to do a "live monitor" of web traffic would be appreciated. Right now I'm doing a: tail -f error_log Thanks.

    Read the article

  • Mysql stopped working

    - by tonymarschall
    Mysql is up and running on my system but i can not login with any user. I also cannot start/stop/status the server. All i got is: ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES) /usr/bin/mysqladmin: connect to server at 'localhost' failed error: 'Access denied for user 'debian-sys-maint'@'localhost' (using password: YES) From the logs: Mar 24 08:30:13 debian /etc/mysql/debian-start[1074]: Upgrading MySQL tables if necessary. Mar 24 08:30:13 debian /etc/mysql/debian-start[1078]: /usr/bin/mysql_upgrade: the '--basedir' option is always ignored Mar 24 08:30:13 debian /etc/mysql/debian-start[1078]: Looking for 'mysql' as: /usr/bin/mysql Mar 24 08:30:13 debian /etc/mysql/debian-start[1078]: Looking for 'mysqlcheck' as: /usr/bin/mysqlcheck Mar 24 08:30:13 debian /etc/mysql/debian-start[1078]: Running 'mysqlcheck' with connection arguments: '--port=3306' '--socket=/var/run/mysqld/mysqld.sock' '--host=localhost' '--socket=/var/run/mysqld/mysqld.sock' '--host=localhost' '--socket=/var/run/mysqld/mysqld.sock' Mar 24 08:30:13 debian /etc/mysql/debian-start[1078]: /usr/bin/mysqlcheck: Got error: 1045: Access denied for user 'debian-sys-maint'@'localhost' (using password: YES) when trying to connect Mar 24 08:30:13 debian /etc/mysql/debian-start[1078]: FATAL ERROR: Upgrade failed Mar 24 08:30:13 debian /etc/mysql/debian-start[1111]: Checking for insecure root accounts.

    Read the article

  • Proxy via Telnet

    - by Vreality2007
    I know telnet is insecure and all, but I'm stuck using it because ssh is blocked. I know how to setup ssh to bind the connection to a local port, is there a way to do this with telnet? For example, if I am using an ssh connection, I would bind it to port 999 like this: ssh -D 999 [email protected] -N -C I've tried using the -b command in linux, but to no avail. Is this even possible? This is what I've tried: telnet host.com -b 999 I'm sorry if the answer is obvious, but I've done a lot of research and testing and I can't seem to figure this out. NOTE: I plan on telling the admin if I can find a way to get this to work, this is based off of simple curiosity and not malicious intent. If I can't bind a telnet port, is there a way to tunnel an ssh connection through telnet?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >