Search Results

Search found 3370 results on 135 pages for 'attack vector'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 83/135 | < Previous Page | 79 80 81 82 83 84 85 86 87 88 89 90  | Next Page >

  • Prefer algorithms to hand-written loops?

    - by FredOverflow
    Which of the following to you find more readable? The hand-written loop: for (std::vector<Foo>::const_iterator it = vec.begin(); it != vec.end(); ++it) { bar.process(*it); } Or the algorithm invocation: #include <algorithm> #include <functional> std::for_each(vec.begin(), vec.end(), std::bind1st(std::mem_fun_ref(&Bar::process), bar)); I wonder if std::for_each is really worth it, given such a simple example already requires so much code. What are your thoughts on this matter?

    Read the article

  • how insecure is my short password really?

    - by rika-uehara
    Using systems like TrueCrypt, when I have to define a new password I am often informed that using a short password is insecure and "very easy" to break by brute-force. I always use passwords of 8 characters in length, which are not based on dictionary words, which consists of characters from the set A-Z, a-z, 0-9 I.e. I use password like sDvE98f1 How easy is it to crack such a password by brute-force? I.e. how fast. I know it heavily depends on the hardware but maybe someone could give me an estimate how long it would take to do this on a dual core with 2GHZ or whatever to have a frame of reference for the hardware. To briute-force attack such a password one needs not only to cycle through all combinations but also try to de-crypt with each guessed password which also needs some time. Also, is there some software to brute-force hack truecrypt because I want to try to brute-force crack my own passsword to see how long it takes if it is really that "very easy".

    Read the article

  • Is there an apache module to slow down site scans?

    - by florin
    I am administering a few web servers. Each night, random hosts from the Internet are probing them for various vulnerabilities in php, phpadmin, horde, mysqladmin, etc. Is there a way (apache plugin?) to slow down the rate of attack? For SSH, I have a rate limiting rule on the firewall, which does not allow more than three connections per minute. But I don't want to rate limit all HTTP access, only the access that returns 404s. Is there such an apache module?

    Read the article

  • How to calculate turn heading to a missile?

    - by Tony
    I have a missile that is shot from a ship at an angle, the missile then turns towards the target in an arc with a given turn radius. How do I determine the point on the arc when I need to start turning so the missile is heading straight for the target? EDIT What I need to do before I launch the missiles is calculate and draw the flight paths. So in the attached example the launch vehicle has a heading of 90 deg and the targets are behind it. Both missiles are launched at a relative heading of -45deg or + 45 deg to the launch vehicle's heading. The missiles initially turn towards the target with a known turn radius. I have to calculate the point at which the turn takes the missile to heading at which it will turn to directly attack the target. Obviously if the target is at or near 45 degrees then there is no initial turn the missile just goes straight for the target. After the missile is launched the map will also show the missile tracking on this line as indication of its flight path. What I am doing is working on a simulator which mimics operational software. So I need to draw the calculated flight path before I allow the missile to be launched. In this example the targets are behind the launch vehicle but the precalculated paths are drawn.

    Read the article

  • How can I selectively update XNA GameComponents?

    - by Bill
    I have a small 2D game I'm working on in XNA. So far, I have a player-controlled ship that operates on vector thrust and is terribly fun to spin around in circles. I've implemented this as a DrawableGameComponent and registered it with the game using game.Components.Add(this) in the Ship object constructor. How can I implement features like pausing and a menu system with my current implementation? Is it possible to set certain GameComponents to not update? Is this something for which I should even be using a DrawableGameComponent? If not, what are more appropriate uses for this?

    Read the article

  • Generate or update a PDF to include an encrypted, hidden watermark?

    - by Dave Jarvis
    Background Using LaTeX to write a book. When a user purchases the book, the PDF will be generated automatically. Problem The PDF should have a watermark that includes the person's name and contact information. Question What software meets the following criteria: Applies encrypted, invisible watermarks to a PDF Open Source Platform independent (Linux, Windows) Fast (marks a 200 page PDF in under 1 second) Batch processing (exclusively command-line driven) Collusion-attack resistant Non-fragile (e.g., PDF - EPS - PDF still contains the watermark) Well documented (shows example usages) Ideas & Resources Some thoughts and findings: Natural language processing (NLP) watermarks. Apply steganography on a randomly selected image. http://openstego.sourceforge.net/cmdline.html The problem with NLP is that grammatical errors can be introduced. The problem with steganography is that the images are sourced from an image cache, and so recreating that cache with watermarked images will impart a delay when generating the PDF (I could just delete one image from the cache, but that's not an elegant solution). Thank you!

    Read the article

  • Strange spam posts not making sense

    - by Paaland
    I'm running a web site with a forum where one small part is open for posting from unregistered users. The site uses captcha, but still some spam posts get through every day. Here is the thing. All of the messages follow the same pattern, but all also come from different IP's. That makes me thing this is some sort of automated scripted "attack" from a botnet of some sorts. The strange thing is that all the messages start with six random characters and contains a couple of links. The words have no meaning and the domains in the links does not even exist. Why would anyone use time and resources spreading these things? Below you can see two of these messages: A5Zfs6 exrzvrbspntz, [url=http://nktqoqllnuab.com/]nktqoqllnuab[/url], [link=http://wtrenldadvsy.com/]wtrenldadvsy[/link], [http://rnlrqfgdvdot.com/] O2oLpL nqeffxhryfdk, [url=http://jutyurbpfxow.com/]jutyurbpfxow[/url], [link=http://jpcdtmdalpow.com/]jpcdtmdalpow[/link], [http://qopqwqxwjdjx.com/] Since all the messages come from different IP's I can't see blocking those will help much. For now I'm considering just dropping all messages following this pattern since it's quite easy to match with a regexp. Have anyone else seen these kinds of messages or know the point of posting them?

    Read the article

  • Detecting Units on a Grid

    - by hammythepig
    I am making a little turn based strategy game in pygame, that uses a grid system as the main map to hold all the characters and the map layout. (Similar to Fire Emblem, or Advance Wars) I am trying to determine a way to quickly and efficiently (i.e. without too much of a slow down) check if there are any characters within a given range of the currently selected character. So to illustrate: O = currently selected character X = squares within range Range of 1: X X O X X Range of 2: X X X X X X O X X X X X X Range of 3: X X X X X X X X X X X X O X X X X X X X X X X X X Now I have to tell the user who is in range, and I have to let the user choose who to attack if there are multiple enemies in range. If I have a 5x5 grid, filled with " " for empty and numbers for the characters: [ ][ ][ ][ ][4] [ ][1][ ][ ][ ] [ ][ ][ ][ ][ ] [ ][ ][2][3][ ] [ ][ ][ ][ ][ ] Depending on which character the user selects, I would like to show the user which other characters are in range. So if they all had a range of 3: 1 can hit 2 2 can hit 1 or 3 3 can hit 2 4 cannot hit anyone. So, How do I quickly and/or efficiently run though my grid and tell the user where the enemies are? PS- As a bonus, if someone could give an answer that could also work for a minimum distance type range, I would give them a pat on the back and a high five, should they ever travel to Canada and we ever meet in life. For example: Range of 3 to 5: (- is out of range) X X X X X X X X X X X X - X X X X X X - - - X X X X X X - - O - - X X X X X X - - - X X X X X X - X X X X X X X X X X X X

    Read the article

  • Public Facing Recursive DNS Servers - iptables rules

    - by David Schwartz
    We run public-facing recursive DNS servers on Linux machines. We've been used for DNS amplification attacks. Are there any recommended iptables rules that would help mitigate these attacks? The obvious solution is just to limit outbound DNS packets to a certain traffic level. But I was hoping to find something a little bit more clever so that an attack just blocks off traffic to the victim IP address. I've searched for advice and suggestions, but they all seem to be "don't run public-facing recursive name servers". Unfortunately, we are backed into a situation where things that are not easy to change will break if we don't do so, and this is due to decisions made more than a decade ago before these attacks were an issue.

    Read the article

  • Tried teaching myself to program before college, accidently overwhelmed myself, tips?

    - by Gunnar Keith
    I'm sixteen, I'm overly interested in programming, and I'm currently taking IT classes during my mornings in high school. Last year, I tried teaching myself to code. It was quite exciting, but all I did was watch TheNewBoston's videos on YouTube for Python. After his tutorials, I just did research, made some CMD programs, and that's it. After that, I got cocky and got my feet wet in many other languages. Java, C++, C#, Perl, Ruby... and it overwhelmed me. Which made it less fun to code. I want to go to college for a 2 year programming course. And I want to make writing code my profession. But how do you recommend I attack re-learning it all again? Start with Python? Don't even try? Also, I'm not 100% in math, but I'm good friends with a lot of programmers, who say they suck at math, but manage to code just fine. I'm not looking for negative feedback. I just want the proper head-start on things before college.

    Read the article

  • How to drastically improve code coverage?

    - by Peter Kofler
    I'm tasked with getting a legacy application under unit test. First some background about the application: It's a 600k LOC Java RCP code base with these major problems massive code duplication no encapsulation, most private data is accessible from outside, some of the business data also made singletons so it's not just changeable from outside but also from everywhere. no business model, business data is stored in Object[] and double[][], so no OO. There is a good regression test suite and an efficient QA team is testing and finding bugs. I know the techniques how to get it under test from classic books, e.g. Michael Feathers, but that's too slow. As there is a working regression test system I'm not afraid to aggressively refactor the system to allow unit tests to be written. How should I start to attack the problem to get some coverage quickly, so I'm able to show progress to management (and in fact to start earning from safety net of JUnit tests)? I do not want to employ tools to generate regression test suites, e.g. AgitarOne, because these tests do not test if something is correct.

    Read the article

  • How to generate user-specific PDF with encrypted hidden watermark?

    - by Dave Jarvis
    Background Using LaTeX to write a book. When a user purchases the book, the PDF will be generated automatically. Problem The PDF should have a watermark that includes the person's name and contact information. Question What software meets the following criteria: Applies encrypted, undetectable watermarks to a PDF Open Source Platform independent (Linux, Windows) Fast (marks a 200 page PDF in under 1 second) Batch processing (exclusively command-line driven) Collusion-attack resistant Non-fragile (e.g., PDF - EPS - PDF still contains the watermark) Well documented (shows example usages) Ideas & Resources Some thoughts and findings: Natural language processing (NLP) watermarks. Apply steganography on a randomly selected image. http://openstego.sourceforge.net/cmdline.html The problem with NLP is that grammatical errors can be introduced. The problem with steganography is that the images are sourced from an image cache, and so recreating that cache with watermarked images will impart a delay when generating the PDF (I could just delete one image from the cache, but that's not an elegant solution). Thank you!

    Read the article

  • How to ban fans from a specific country - Facebook

    - by Lukas
    my question is kind of weird, because i want thousands of fans to dislike my page! Since this is not a common problem I hardly can find anything about it! my facebook page just got spammed with thousands of "fans" from a specific country. When I set a coountry restriction for that country, will the fans be banned and the number of fans be the same as before the spam-attack? I really need to get rid of those fans. I already restricted that country and facebook actually updated the chart where I can see where my fans are coming from. So fb knows that I have those "fans", but the number of likes remains the same... Any idea? It is not possible to ban every fan 1 by 1 because I can only see the last 100 fans.

    Read the article

  • An adequate message authentication code for REST

    - by Andras Zoltan
    My REST service currently uses SCRAM authentication to issue tokens for callers and users. We have the ability to revoke caller privileges and ban IPs, as well as impose quotas to any type of request. One thing that I haven't implemented, however, is MAC for requests. As I've thought about it more, for some requests I think this is needed, because otherwise tokens can be stolen and before we identify this and deactivate the associated caller account, some damage could be done to our user accounts. In many systems the MAC is generated from the body or query string of the request, however this is difficult to implement as I'm using the ASP.Net Web API and don't want to read the body twice. Equally importantly I want to keep it simple for callers to access the service. So what I'm thinking is to have a MAC calculated on: the url, possibly minus query string the verb the request ip (potentially is a barrier on some mobile devices though) utc date and time when the client issues the request. For the last one I would have the client send that string in a request header, of course - and I can use it to decide whether the request is 'fresh' enough. My thinking is that whilst this doesn't prevent message body tampering it does prevent using a model request to use as a template for different requests later on by a malicious third party. I believe only the most aggressive man in the middle attack would be able to subvert this, and I don't think our services offer any information or ability that is valuable enough to warrant that. The services will use SSL as well, for sensitive stuff. And if I do this, then I'll be using HMAC-SHA-256 and issuing private keys for HMAC appropriately. Does this sound enough? Have I missed anything? I don't think I'm a beginner when it comes to security, but when working on it I always. am shrouded in doubt, so I appreciate having this community to call upon!

    Read the article

  • Securing RDP access to Windows Server 2008 R2: is Network Level Authentication enough?

    - by jamesfm
    I am a dev with little admin expertise, administering a single dedicated web server remotely. A recent independent security audit of our site recommended that "RDP is not exposed to the Internet and that a robust management solution such as a VPN is considered for remote access. When used, RDP should be configured for Server Authentication to ensure that clients cannot be subjected to man-in-the-middle attacks." Having read around a bit, it seems like Network Level Authentication is a Good Thing so I have enabled the "Allow connections only from Remote Desktop with NLA" option on the server today. Is this acion enough to mitigate the risk of a Man-in-the-Middle attack? Or are there other essential steps I should be taking? If VPN is essential, how do I go about it?

    Read the article

  • hosts.deny not working

    - by Captain Planet
    Currently I am watching the live auth.log and someone is continuously trying the brute force attack for 10 hours. Its my local server so no need to worry but I want to test. I have installed denyhosts. There is already an entry for that IP address in hosts.deny. But still he is trying the attacks from same IP. System is not blocking that. Firstly I don't know how did that IP address get entered in that file. I didn't enter it, is there any other system script which can do that. hosts.deny is sshd: 120.195.108.22 sshd: 95.130.12.64 hosts.allow ALL:ALL sshd: ALL Is there any iptable setting that can override the host.deny file

    Read the article

  • Ways for managing the installation and configuration of various software applications and settings i

    - by EmpireJones
    What are some ways for managing the installation and configuration of various software applications and settings in group of linux development and server computers? Is a set of basic scripts a good means of attack? I was thinking about just having a ton of scripts, such as: setup_dev_env [install|uninstall|reinstall] setup_nfs [...] setup_nfs_share [...] setup_http [...] setup_memcache_node [...] Is there any better method? It would be nice to be able to "upgrade" an installation script too, for example, to change common development settings.

    Read the article

  • Hacking prevention, forensics, auditing and counter measures.

    - by tmow
    Recently (but it is also a recurrent question) we saw 3 interesting threads about hacking and security: My server's been hacked EMERGENCY. Finding how a hacked server was hacked File permissions question The last one isn't directly related, but it highlights how easy it is to mess up with a web server administration. As there are several things, that can be done, before something bad happens, I'd like to have your suggestions in terms of good practices to limit backside effects of an attack and how to react in the sad case will happen. It's not just a matter of securing the server and the code but also of auditing, logging and counter measures. Do you have any good practices list or do you prefer to rely on software or on experts that continuously analyze your web server(s) (or nothing at all)? If yes, can you share your list and your ideas/opinions?

    Read the article

  • How do companies know they've been hacked?

    - by Chad
    With the news of Google and others getting hacked, I was wondering how companies find out, detect, and/or know they've been hacked in the first place? Sure, if they find a virus/trojan on user's computers or see a very high access rate to parts of their system that don't usually see much, if any, traffic. But, from what I've see in articles, the attack was pretty 'sophisticated', so I wouldn't imagine the hackers would make it so obvious of their hacking in the first place. Maybe someone can enlighten me on current detection schemes/heuristics. Thanks.

    Read the article

  • Doing a passable 4X game AI

    - by Extrakun
    I am coding a rather "simple" 4X game (if a 4X game can be simple). It's indie in scope, and I am wondering if there's anyway to come up with a passable AI without having me spending months coding on it. The game has three major decision making portions; spending of production points, spending of movement points and spending of tech points (basically there are 3 different 'currency', currency unspent at end of turn is not saved) Spend Production Points Upgrade a planet (increase its tech and production) Build ships (3 types) Move ships from planets to planets (costing Movement Points) Move to attack Move to fortify Research Tech (can partially research a tech i.e, as in Master of Orion) The plan for me right now is a brute force approach. There are basically 4 broad options for the player - Upgrade planet(s) to its his production and tech output Conquer as many planets as possible Secure as many planets as possible Get to a certain tech as soon as possible For each decision, I will iterate through the possible options and come up with a score; and then the AI will choose the decision with the highest score. Right now I have no idea how to 'mix decisions'. That is, for example, the AI wishes to upgrade and conquer planets at the same time. I suppose I can have another logic which do a brute force optimization on a combination of those 4 decisions.... At least, that's my plan if I can't think of anything better. Is there any faster way to make a passable AI? I don't need a very good one, to rival Deep Blue or such, just something that has the illusion of intelligence. This is my first time doing an AI on this scale, so I dare not try something too grand too. So far I have experiences with FSM, DFS, BFS and A*

    Read the article

  • Large resolution differences

    - by Robin Betka
    I want to develop a game on multiple devices such as PC, Android or IOS. Want it to be in 1080p, but that means a massive scale down for the smartphones. I know how to do that, just render everything on a 1080p rendertarget and then render it on the screen smaller. But what should I do so that the scalling down doesn't look bad and blury? I can't do it vector based or anything because the sprites simply need a specific size. Should I make the sprites power of two size to get some nice mipmapping? And which other settings can I do? Or should I rather go with a lower resolution but then having a little bit worse look PC version? The performance seems not to be a problem for me, so would be sad not using 1080p because of other problems.

    Read the article

  • How to Take Control and Customize Google Calendar Reminders

    - by Justin Garrison
    Google calendar has great flexibility with reminders, but the defaults are often useless without tweaking the settings. Here are some common notification settings you may want to change to suit your needs better Latest Features How-To Geek ETC How To Create Your Own Custom ASCII Art from Any Image How To Process Camera Raw Without Paying for Adobe Photoshop How Do You Block Annoying Text Message (SMS) Spam? How to Use and Master the Notoriously Difficult Pen Tool in Photoshop HTG Explains: What Are the Differences Between All Those Audio Formats? How To Use Layer Masks and Vector Masks to Remove Complex Backgrounds in Photoshop Hack a Wireless Doorbell into a Snail Mail Indicator Enjoy Clutter-Free YouTube Video Viewing in Opera with CleanTube Bring Summer Back to Your Desktop with the LandscapeTheme for Chrome and Iron The Prospector – Home Dash Extension Creates a Whole New Browsing Experience in Firefox KinEmote Links Kinect to Windows Why Nobody Reads Web Site Privacy Policies [Infographic]

    Read the article

  • RDP failing due to Audit Failure on the IPSec driver

    - by paulwhit
    I am trying to RDP into a Windows 7 Hyper-V image connected to a corporate network that publishes IPSec policies via Active Directory. I am seeing this error in the log: IPsec dropped an inbound clear text packet that should have been secured. If the remote computer is configured with a Request Outbound IPsec policy, this might be benign and expected. This can also be caused by the remote computer changing its IPsec policy without informing this computer. This could also be a spoofing attack attempt. Remote Network Address: XXX.XXX.XXX.XXX Inbound SA SPI: 0 How do I change my settings on the computer using RDP to something suitable for the domain-joined Hyper-V image?

    Read the article

  • lots of dns requests from China, should I worry?

    - by nn4l
    I have turned on dns query logs, and when running "tail -f /var/log/syslog" I see that I get hundreds of identical requests from a single ip address: Apr 7 12:36:13 server17 named[26294]: client 121.12.173.191#10856: query: mydomain.de IN ANY + Apr 7 12:36:13 server17 named[26294]: client 121.12.173.191#44334: query: mydomain.de IN ANY + Apr 7 12:36:13 server17 named[26294]: client 121.12.173.191#15268: query: mydomain.de IN ANY + Apr 7 12:36:13 server17 named[26294]: client 121.12.173.191#59597: query: mydomain.de IN ANY + The frequency is about 5 - 10 requests per second, going on for about a minute. After that the same effect repeats from a different IP address. I have now logged about 10000 requests from about 25 ip addresses within just a couple of hours, all of them come from China according to "whois [ipaddr]". What is going on here? Is my name server under attack? Can I do something about this?

    Read the article

  • Fake links cause crawl error in Google Webmaster Tools

    - by Itai
    Google reported Crawl Errors last week on my largest site though Webmaster Tools. Here is the message: Google detected a significant increase in the number of URLs that return a 404 (Page Not Found) error. Investigating these errors and fixing them where appropriate ensures that Google can successfully crawl your site's pages. The Crawl Errors list is now full of hundreds of fake links like these causing 16,519 errors so far: Note that my site does not even have a search.html and is not related to any of the terms shown in the above image. Inspecting sources for one of those links, I can see this is not simply an isolated source but a concerted effort: Each of the links has a few to a dozen sources all from different, seemingly unrelated sites. It is completely baffling as to why would someone to spending effort doing this. What are they hoping to achieve? Is this an attack? Most importantly: Does this have a negative effect on my side? Could it negatively impact my ranking? If so, what to do about it? The few linking pages I looked at are full of thousands of links to tons of sites and have no contact information and do not seem like the kind of people who would simply stop if asked nicely! According to Google Webmaster Tools, these errors have appeared in a span of 11 days. No crawl errors were being reported previously.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 79 80 81 82 83 84 85 86 87 88 89 90  | Next Page >