Search Results

Search found 19074 results on 763 pages for 'secure government government cloud security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 81/763 | < Previous Page | 77 78 79 80 81 82 83 84 85 86 87 88  | Next Page >

  • Add Secure notes to Keychain via Applescript

    - by TomA
    I have switched from Windows to Mac and one of the things I need to set up properly is password management. Previously on Windows I was using a small TrueCrypt file containing text files with usernames and passwords. I need to write an Applescript that takes those text files and imports them as Secure notes into Mac's Keychain Access app. I know that there are some Applescript commands related to Keychain, but I haven't found a way to add Secure notes.

    Read the article

  • Best Secure Encryption for Zip Files via Linux

    - by Daniel
    I want to use highly secure encryption for zipped files via Linux/Ubuntu using a command line terminal, what is the best command line tool to get this job done? zip -e -P PASSWORD file1 file2 file3 file4 Or 7za a file.7z *.txt -pSECRET What encryption is used and how secure is it?

    Read the article

  • How to secure adhoc networks

    - by moshroum1
    What is the right way to secure adhoc networks? WPA_NONE is a cruel hack (doesn’t work most of the time, discards important packets, ..), WEP is not secure and Open… open is open. IPSec is a level to high. Does there exists something which works under linux and wifi?

    Read the article

  • Adventures in the Land of CloudDB/NoSQL/NoAcid

    - by KKline
    Cloud, Bunny, or CloudBunny? Last year, some of my friends from Quest Software attended Hadoop World in New York. In 2009, I never would've guessed that Quest would be there with products, community initiatives, as a major sponsor and with presenters? There were just under 1,000 attendees who weren’t the typical devheads and geekasaurs you'd normally see at very techie events like Code Camps, SQL Saturdays, Cloud Camps and or even other NoSQL events such as the Cassandra Summit. We're talkin' enterprise...(read more)

    Read the article

  • Is there a canonical resource on multi-tenancy web applications using ruby + rails

    - by AlexC
    Is there a canonical resource on multi-tenancy web applications using ruby + rails. There are a number of ways to develop rails apps using cloud capabilities with real elastic properties but there seems to be a lack of clarity with how to achieve multitenancy, specifically at the model / data level. Is there a canonical resource on options to developing multitenancy rails applications with the required characteristics of data seperation, security, concurrency and contention required by an enterprise level cloud application.

    Read the article

  • What is the canonical resource on multi-tenancy web applications using ruby + rails

    - by AlexC
    What is the canonical resource on multi-tenancy web applications using ruby + rails. There are a number of ways to develop rails apps using cloud capabilities with real elastic properties but there seems to be a lack of clarity with how to achieve multitenancy, specifically at the model / data level. Is there a canonical resource on options to developing multitenancy rails applications with the required characteristics of data seperation, security, concurrency and contention required by an enterprise level cloud application.

    Read the article

  • Trying to link http://www.example.com to my shopping cart on https://secure.example.com

    - by Pickledegg
    Heres my saga - I'm trying to link http://www.example.com to my shopping cart on https://secure.example.com, but it doesnt seem to be linking correctly. Heres my code: <!--Google Analytics --> <script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E")); </script> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-125xxxxx-1"); //start cart link pageTracker._setDomainName(".example.com"); pageTracker._setAllowHash(false); //end cart link pageTracker._trackPageview(); } catch(err) {}</script> <!--Google Analytics --> Notice the two lines: pageTracker._setDomainName(".example.com"); pageTracker._setAllowHash(false); I added the first line so I could share the cookies between site and cart, and added the setAllowHash to make sure it used the utm values from the cookie, and didnt 'recreate' them when I entered https://secure.example.com. Using firecookie, it does indeed share the same cookie between site and cart, and the cookies domain is 'example.com'. I'm pretty sure though that if it was working right, all my utmz, utma values etc should be copied over and remain the same, but they're changing. I've copied all the params that are being sent to google analytics and pasted then below. It shows what is happening from my homepage, to my product page, then into my cart all the way to the page before ordering. ( I can't practically test the final page myself without buying something, so I'll post the code from our confirmation page later if needed.) Here goes: =============================================================== HOMEPAGE - http://www.example.com ---------------------------------------------------------------------------------------- utmac UA-125xxxxx-1 utmcc __utma=1.1920057171.1269446996.1269446996.1269446996.1;+__utmz=1.1269446996.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); utmcs UTF-8 utmdt GSM Cell Phone Rental from example utmfl 10.0 r45 utmhid 69978133 utmhn www.example.com utmje 1 utmn 1806413990 utmp / utmr - utmsc 24-bit utmsr 1280x800 utmul en-gb utmwv 4.6.5 PRODUCT PAGE - http://www.example.com/products/international-cell-phone-purchase/ ---------------------------------------------------------------- utmac UA-125xxxxx-1 utmcc __utma=1.1920057171.1269446996.1269446996.1269446996.1;+__utmz=1.1269446996.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); utmcs UTF-8 utmdt example | International Cell Phones utmfl 10.0 r45 utmhid 276151647 utmhn www.example.com utmje 1 utmn 155808433 utmp /products/international-cell-phone-purchase/ utmr 0 utmsc 24-bit utmsr 1280x800 utmul en-gb utmwv 4.6.5 CART STAGE 1 - https://secure.example.com/checkout/viewbasket.php ------------------------------------------------ utmac UA-125xxxxx-1 utmcc __utma=60286578.994269564.1269447144.1269447144.1269447144.1;+__utmz=60286578.1269447144.1.1.utmcsr=example.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/international-cell-phone-purchase/; utmcn 1 utmcs UTF-8 utmdt Your Cart utmfl 10.0 r45 utmhid 1802074903 utmhn secure.example.com utmje 1 utmn 1621444199 utmp 1-reviewcart utmr http://www.example.com/products/international-cell-phone-purchase/ utmsc 24-bit utmsr 1280x800 utmul en-gb utmwv 4.6.5 CART STAGE 2 - https://secure.example.com/checkout/docheckout.php ------------------------------------------------ utmac UA-125xxxxx-1 utmcc __utma=60286578.994269564.1269447144.1269447144.1269447144.1;+__utmz=60286578.1269447144.1.1.utmcsr=example.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/international-cell-phone-purchase/; utmcs UTF-8 utmdt Checkout utmfl 10.0 r45 utmhid 871670520 utmhn secure.example.com utmje 1 utmn 1153927228 utmp 2-checkout utmr 0 utmsc 24-bit utmsr 1280x800 utmul en-gb utmwv 4.6.5 CART STAGE 3 - https://secure.example.com/checkout/doreview.php ---------------------------------------------- utmac UA-125xxxxx-1 utmcc __utma=60286578.994269564.1269447144.1269447144.1269447144.1;+__utmz=60286578.1269447144.1.1.utmcsr=example.com|utmccn=(referral)|utmcmd=referral|utmcct=/products/international-cell-phone-purchase/; utmcs UTF-8 utmdt Checkout utmfl 10.0 r45 utmhid 1731598159 utmhn secure.example.com utmje 1 utmn 1442257710 utmp 3-checkoutreview utmr 0 utmsc 24-bit utmsr 1280x800 utmul en-gb utmwv 4.6.5 =============================================================== As you can see, the utma values are not being preserved, so it looks like a config issue. I've studied the help does but none of the cases seem to fit mine. I hope someone can offer help on this, its been an ongoing problem of mine for a while, and would be good to finally get rock-solid reliable analytics set up.

    Read the article

  • How can I edit local security policy from a batch file?

    - by Stephen Jennings
    I am trying to write a utility as a batch file that, among other things, adds a user to the "Deny logon locally" local security policy. This batch file will be used on hundreds of independent computers (not on a domain and aren't even on the same network). I assumed one of the following were my options, but perhaps there's one I haven't thought of. A command line utility similar to net.exe which can modify local security policy. A VBScript sample to do the same. Write my own using some WMI or Win32 calls. I'd rather not do this one if I don't have to.

    Read the article

  • How to make security group in one forest show up in another forest?

    - by Jake
    I have two Win2k8 forests which I do maintenance on. The two forests have full 2 way external, non transitive trust with each other. I have a folder in forest X, domain countryX.mycompany.com accessible ONLY by the global security group named $group. In forest Y, domain countryY.mycompany.com, countryY\user1, countryY\user2 etc needs to have access to the folder. The natural instinct is to put user1, user2 etc into the $group. However, none of the methods for adding user to group works as it appears that the AD cannot find the groups in the other forest. Question: 1.How to make forests see each other's security groups and be able to add? 2.In practice, what is the recommended way to achieve the user access to the folders/files in another forest?

    Read the article

  • What resources are best for staying current about information security?

    - by dr.pooter
    What types of sites do you visit, on a regular basis, to stay current on information security issues? Some examples from my list include: http://isc.sans.org/ http://www.kaspersky.com/viruswatch3 http://www.schneier.com/blog/ http://blog.fireeye.com/research/ As well as following the security heavyweights on twitter. I'm curious to hear what resources you recommend for daily monitoring. Anything specific to particular operating systems or other software. Are mailing lists still considered valuable. My goal would be to trim the cruft of all the things I'm currently subscribed to and focus on the essentials.

    Read the article

  • what are security implications of running Ubuntu inside Windows 7?

    - by EndangeringSpecies
    I am thinking of switching to Ubuntu as a way of making web browsing more secure. So, suppose I will go the easy route and run Ubuntu as an app inside Windows and then run Firefox inside of that. What will this do to the security given the current threat environment? E.g. do most online threats nowadays target the browser and flash (which presumably would be safely sandboxed inside easy to wipe Ubuntu environment) or do they target the Windows TCP-IP stack where Ubuntu would give no protection? Well, most likely the above question does not come near to covering all the security implications of this setup :-), so please do discuss whatever other issues that may be relevant here.

    Read the article

  • How to configure grails and shiro to mark cookies secure?

    - by j4y
    I'm using Grails 2.2.4 with the Shiro plugin (v1.1.4) and would like to mark the cookies as secure so the session information won't be sent over http. This is the attribute I want to set: securityManager.sessionManager.sessionIdCookie.secure = true The shiro source says to use the Grails bean property override mechanism, which is grails-app/conf/spring/resources.groovy How can I override just the one setting? // If the legacy 'security.shiro.filter.config' option is set, // use our custom INI-based filter... if (application.config.security.shiro.filter.config) { log.warn "security.shiro.filter.config option is deprecated. Use Grails' bean property override mechanism instead." 'filter-class'('org.apache.shiro.grails.LegacyShiroFilter') 'init-param' { 'param-name'('securityManagerBeanName') 'param-value'('shiroSecurityManager') }

    Read the article

  • Is WEP used in conjunction with a wireless access list adequate security?

    - by LeopardSkinPillBoxHat
    I use a Netgear wireless router, with various wireless devices connecting to it. One of my wireless devices doesn't support WPA2 security, so I had to downgrade the security on the router to WEP. We all know WEP is broken, so as an added measure I enabled a wireless access list on the router so that only devices with specified MAC addresses which are in my access list are permitted to connect to the router. I know it is possible to spoof a MAC address from a device for the purposes of accessing a secure network like this. But is it easy? Is using WEP and a wireless access list good enough to prevent most hacking attacks? Or should I do whatever I can to ensure all devices support WPA2 in the future?

    Read the article

  • Make a Method of the Business Layer secure. best practice / best pattern [.net/c#]

    - by gsharp
    Hi We are using ASP.NET with a lot of AJAX "Page Method" calls. The WebServices defined in the Page invokes methods from our BusinessLayer. To prevent hackers to call the Page Methods, we want to implement some security in the BusinessLayer. We are struggling with two different issues. First one: public List<Employees> GetAllEmployees() { // do stuff } This Method should be called by Authorized Users with the Role "HR". Second one: public Order GetMyOrder(int orderId) { // do sutff } This Method should only be called by the owner of the Order. I know it's easy to implement the security for each method like: public List<Employees> GetAllEmployees() { // check if the user is in Role HR } or public Order GetMyOrder(int orderId) { // check if the order.Owner = user } What I'm looking for is some pattern/best practice to implement this kind of security in a generic way (without coding the the if then else every time) I hope you get what i mean :-) Thanks for you help.

    Read the article

  • Make a Method of the Business Layer secure. best practice / best pattern

    - by gsharp
    We are using ASP.NET with a lot of AJAX "Page Method" calls. The WebServices defined in the Page invokes methods from our BusinessLayer. To prevent hackers to call the Page Methods, we want to implement some security in the BusinessLayer. We are struggling with two different issues. First one: public List<Employees> GetAllEmployees() { // do stuff } This Method should be called by Authorized Users with the Role "HR". Second one: public Order GetMyOrder(int orderId) { // do sutff } This Method should only be called by the owner of the Order. I know it's easy to implement the security for each method like: public List<Employees> GetAllEmployees() { // check if the user is in Role HR } or public Order GetMyOrder(int orderId) { // check if the order.Owner = user } What I'm looking for is some pattern/best practice to implement this kind of security in a generic way (without coding the the if then else every time) I hope you get what i mean :-)

    Read the article

  • Ubuntu server security; Is this enough?

    - by Camran
    I have a classifieds website, which uses php5 and mysql, and also java (solr). I am new to linux and VPS... I have installed SSH, and I have installed IPtables, and also I have PuTTY which I use as a terminal. Also, Filezilla is installed on my computer, and whenever I connect to my VPS, the "host" field in Filezilla says "Sftp://ip-adress" so I am guessing it is a safe connection. I used this command to find out if I had SSHD installed: whereis sshd and it returned some places where it actually was installed. So I havent actually installed it. Now, my Q is, is this enough? What other security measures should I take? Any good articles about security and how to set it up on a VPS? Remember, I have a windows xp OS on my laptop, but the OS for my VPS is Ubuntu 9.10. Also, I have apache2 installed... Thanks

    Read the article

  • Oracle IRM video demonstration of seperating duties of document security

    - by Simon Thorpe
    One thing an Information Rights Management technology should do well is separate out three main areas of responsibility.The business process of defining and controlling the classifications to which content is secured and the definition of the roles employees, customers, partners and contractors have when accessing secured content. Allow IT to manage the server and perform the role of authorizing the creation of new classifications to meet business needs but yet once the classification has been created and handed off to the business, IT no longer plays a role on the ongoing management. Empower the business to take ownership of classifications to which their own content is secured. For example an employee who is leading an acquisition project should be responsible for defining who has access to confidential project documents. This person should be able to manage the rights users have in the classification and also be the point of contact for those wishing to gain rights. Oracle IRM has since it's creation in the late 1990's had this core model at the heart of its design. Due in part to the important seperation of rights from the documents themselves, Oracle IRM places the right functionality within the right parts of the business. For example some IRM technologies allow the end user to make decisions about what users can print, edit or save a secured document. This in practice results in a wide variety of content secured with a plethora of options that don't conform to any policy. With Oracle IRM users choose from a list of classifications to which they have been given the ability to secure information against. Their role in the classification was given to them by the business owner of the classification, yet the definition of the role resides within the realm of corporate security who own the overall business classification policies. It is this type of design and philosophy in Oracle IRM that makes it an enterprise solution that works beyond a few users and a few secured documents to hundreds of thousands of users and millions of documents. This following video shows how Oracle IRM 11g, the market leading document security solution, lets the security organization manage and create classifications whilst the business owns and manages them. If you want to experience using Oracle IRM secured content and the effects of different roles users have, why not sign up for our free demonstration.

    Read the article

  • Issue 55 - Skin Object Tokens, Optimized Control Panel, OWS Validation and Security, RAD

    April 2010 Welcome to Issue 55 of DNN Creative Magazine In this issue we focus on the new Skin Object token method introduced in DotNetNuke 5 for adding tokens into a DotNetNuke skin. A Skin Object Token is a web user control which covers skin elements such as the logo, menu, search, login links, date, copyright, languages, links, banners, privacy, terms of use, etc. Following this we demonstrate how to install and use two Advanced DotNetNuke Admin Control Panels which are available for free from Oliver Hine. These control panels provide an optimized version of the admin control panel to improve performance and page load times, as well as a ribbon bar control panel which adds additional features. Next, we continue the Open Web Studio tutorials, this month we demonstrate some very advanced techniques for building a car parts application in Open Web Studio. Throughout the tutorial we cover form input, validation, how to use dependant drop down lists, populating checkbox lists and introduce a new concept of data level security. Data level security allows you to control which data a user can access within a module. To finish, we have part five of the "How to Build a News Application with DotNetMushroom Rapid Application Developer (RAD)" article, where we demonstrate how to implement paging. This issue comes complete with 14 videos. Skinning: Skin Object Tokens for DotNetNuke 5 (8 videos - 64mins) Free Module: Advanced Optimized Control Panel by Oliver Hine (1 video - 11mins) Module Development Series: Form Validation, Dependant Drop Downs and Data Level Security in OWS (5 videos - 44mins) How to Implement Paging with DotNetMushroom RAD View issue 55 to download all of the videos in one zip file DNN Creative Magazine for DotNetNuke Web Designers Covering DotNetNuke module video reviews, video tutorials, mp3 interviews, resources and web design tips for working with DotNetNuke. In 55 issues we have created 563 videos!Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

    Read the article

  • SQL Azure Security: DoS

    - by Herve Roggero
    Since I decided to understand in more depth how SQL Azure works I started to dig into its performance characteristics. So I decided to write an application that allows me to put SQL Azure to the test and compare results with a local SQL Server database. One of the options I added is the ability to issue the same command on multiple threads to get certain performance metrics. That's when I stumbled on an interesting security feature of SQL Azure: its Denial of Service (DoS) detection engine. What this security feature does is that it performs a check on the number of connections being established, and if the rate of connection is too high, SQL Azure blocks all communication from that machine. I am still trying to learn more about this specific feature, but it appears that going to the SQL Azure portal and testing the connection from the portal "resets" the feature and you are allowed to connect again... until you reach the login threashold. In the specific test I was performing, all the logins were successful. I haven't tried to login with an invalid account or password... that will be for next time. On my Linked In group (SQL Server and SQL Azure Security: http://www.linkedin.com/groups?gid=2569994&trk=hb_side_g) Chip Andrews (www.sqlsecurity.com) pointed out that this feature in itself could present an internal threat. In theory, a rogue application could be issuing many login requests from a NATed network, which could potentially prevent any production system from connecting to SQL Azure within the same network. My initial response was that this could indeed be the case. However, while the TCP protocol contains the latest NATed IP address of a machine (which masks the origin of the machine making the SQL request), the TDS protocol itself contains the IP Address of the machine making the initial request; so technically there would be a way for SQL Azure to block only the internal IP address making the rogue requests.  So this warrants further investigation... stay tuned...

    Read the article

  • Security Alert for CVE-2010-0886 and CVE-2010-0887 Released

    - by eric.maurice
    Hi, this is Eric Maurice again! Oracle just released a Security Alert to announce the availability of fixes for two vulnerabilities (CVE-2010-0886 and CVE-2010-0887) affecting Oracle Java SE and Oracle Java For Business. Both vulnerabilities only affect Java when running in a 32-bit web browser. These vulnerabilities are not present in Java running on servers or standalone Java desktop applications and do not impact any Oracle server based software. The first vulnerability (CVE-2010-0886) affects the Java Deployment Toolkit (version 6 update 10 through 19) on Windows only. The second vulnerability (CVE-2010-0887) affects the Java Plug-in (version 6 update 18 and 19) on Windows, Solaris and Linux. Both vulnerabilities may allow an attacker to run commands on the user's system with the privileges of the user, whose system may have become compromised by visiting a malicious web site. Oracle rated the severity of both vulnerabilities with a CVSS Base Score of 10.0 because many Windows users grant themselves administrative privileges. However, on other platforms, or for Windows users with limited privileges, the CVSS Base Score is only 7.5, because a successful exploitation of these vulnerabilities cannot result in a full compromise of the affected system. Users can quickly determine if they are running vulnerable versions of Java by pointing their browser to http://www.java.com/en/download/help/testvm.xml. Java SE users can visit http://www.java.com and download the most recent release of Java SE to address these vulnerabilities. Because of the criticality of these vulnerabilities, and the publicity they received as a result of their disclosure before the availability of a fix, Oracle recommends that all customers and Java users update their Java installation to the most recent version (6 update 20). For More Information: The advisory for the Security Alert for CVE-2010-0886 and CVE-2010-0887 is located at http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0886.html

    Read the article

  • Wer kennt Oracle Label Security?

    - by Heinz-Wilhelm Fabry (DBA Community)
    Oracle Label Security (OLS) ist eine Option der Enterprise Edition der Datenbank seit der Datenbankversion 9.0.1. Es handelt sich bei OLS um eine fertige Anwendung, die vollständig auf Oracle Virtual Private Database (VPD) aufgebaut ist. Obwohl es sich also bei OLS um ein 'gestandenes' Oracle Produkt handelt, ist es vielen Kunden unbekannt. Oder vielleicht sollte man präziser sagen: Kaum ein Kunde redet über OLS. Das liegt sicherlich in erster Linie daran, dass Kunden, die sensibel für Security Fragen sind, sowieso nicht gerne Auskunft geben über die Massnahmen, die sie selbst ergriffen haben, sich zu schützen. Wenn man dann noch bedenkt, dass die Kunden, die OLS einsetzen, häufig aus Bereichen stammen, die für ihre Diskretion bekannt sind - Dienste, Polizei, Militär, Banken - hat man einen weiteren Grund dafür gefunden, warum so wenige über OLS reden. Das ist allerdings bedauerlich, denn besonders in dieser Zeit steigenden Security Bewusstseins, verdient OLS auf jeden Fall mehr Aufmerksamkeit. Dieser Tipp möchte deshalb dazu beitragen, OLS bekannter zu machen. Dazu werden zunächst einige einführende Informationen zu OLS gegeben. Danach wird anhand eines kleinen Beispiels gezeigt, wie man mit OLS arbeitet. Ergänzend sei hier noch erwähnt, dass der Einsatz von OLS keinerlei Veränderungen an vorhandenen Anwendungen erfordert. In der Oracle Terminologie heisst das: OLS ist transparent für Anwender und Anwendungen. Zum vollständigen Artikel geht es hier.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 77 78 79 80 81 82 83 84 85 86 87 88  | Next Page >