Search Results

Search found 4061 results on 163 pages for 'secure government'.

Page 84/163 | < Previous Page | 80 81 82 83 84 85 86 87 88 89 90 91  | Next Page >

  • How to set up Mercurial with ssl/security

    - by Sam Lee
    I've been following the hginit.com tutorial on how to use mercurial. Everything is going fine except it uses push_ssl=False. This does not work for my situation because I want pushes (and pulls if possible) to be secure. All the tutorials I've been able to find also use push_ssl=False. Can anyone give me pointers on how to set up ssl/security for Mercurial? Thanks.

    Read the article

  • Web Security: Worst-Case Situation

    - by Yongho
    I currently have built a system that checks user IP, browser, and a random-string cookie to determine if he is an admin. In the worst case, someone steals my cookie, uses the same browser I do, and masks his IP to appear as mine. Is there another layer of security I should add onto my script to make it more secure?

    Read the article

  • Irc server for ubuntu

    - by Ralphz
    The Ubuntu WIKI https://help.ubuntu.com/community/IrcServer it lists few IRC servers you can use in Ubuntu. My question is which one is you favorite one and more secure. I will also need one that will allow me to monitor rooms for regular expressions and run some scripts if regexp matches. Thanks

    Read the article

  • Simple "Long Polling" example code?

    - by dbr
    I can find lots of information on how Long Polling works (For example, this, and this), but no simple examples of how to implement this in code. All I can find is cometd, which relies on the Dojo JS framework, and a fairly complex server system.. Basically, how would I use Apache to serve the requests, and how would I write a simple script (say, in PHP) which would "long-poll" the server for new messages? The example doesn't have to be scaleable, secure or complete, it just needs to work!

    Read the article

  • google-app-engine deploy error..

    - by zjm1126
    2010-04-20 15:33:39,421 WARNING appengine_rpc.py:399 ssl module not found. Without the ssl module, the identity of the remote host cannot be verified, and connections may NOT be secure. To fix this, please install the ssl module from http://pypi.python.org/pypi/ssl . To learn more, see http://code.google.com/appengine/kb/general.html#rpcssl . how can i do ? thanks

    Read the article

  • Authorizing a computer to access a web application

    - by HackedByChinese
    I have a web application, and am tasked with adding secure sign-on to bolster security, akin to what Google has added to Google accounts. Use Case Essentially, when a user logs in, we want to detect if the user has previously authorized this computer. If the computer has not been authorized, the user is sent a one-time password (via email, SMS, or phone call) that they must enter, where the user may choose to remember this computer. In the web application, we will track authorized devices, allowing users to see when/where they logged in from that device last, and deauthorize any devices if they so choose. We require a solution that is very light touch (meaning, requiring no client-side software installation), and works with Safari, Chrome, Firefox, and IE 7+ (unfortunately). We will offer x509 security, which provides adequate security, but we still need a solution for customers that can't or won't use x509. My intention is to store authorization information using cookies (or, potentially, using local storage, degrading to flash cookies, and then normal cookies). At First Blush Track two separate values (local data or cookies): a hash representing a secure sign-on token, as well as a device token. Both values are driven (and recorded) by the web application, and dictated to the client. The SSO token is dependent on the device as well as a sequence number. This effectively allows devices to be deauthorized (all SSO tokens become invalid) and mitigates replay (not effectively, though, which is why I'm asking this question) through the use of a sequence number, and uses a nonce. Problem With this solution, it's possible for someone to just copy the SSO and device tokens and use in another request. While the sequence number will help me detect such an abuse and thus deauthorize the device, the detection and response can only happen after the valid device and malicious request both attempt access, which is ample time for damage to be done. I feel like using HMAC would be better. Track the device, the sequence, create a nonce, timestamp, and hash with a private key, then send the hash plus those values as plain text. Server does the same (in addition to validating the device and sequence) and compares. That seems much easier, and much more reliable.... assuming we can securely negotiate, exchange, and store private keys. Question So then, how can I securely negotiate a private key for authorized device, and then securely store that key? Is it more possible, at least, if I settle for storing the private key using local storage or flash cookies and just say it's "good enough"? Or, is there something I can do to my original draft to mitigate the vulnerability I describe?

    Read the article

  • gitosis-admin git push failed, exec hooks/post-update

    - by v14nt0
    I'm following this tutorial http://scie.nti.st/2007/11/14/hosting-git-repositories-the-easy-and-secure-way after this step git commit -a -m "Allow jdoe write access to free_monkey" git push i always failed, with this error fatal: exec hooks/post-update failed. this is from my /home/git/repositories/gitosis-admin/hooks/post-update -rwxr-xr-x 1 git git 83 Mar 10 11:49 post-update so i change gitosis.conf manually from server for adding new repositories, and repos can work fine. i've google what might cause it, i want to admin gitosis in proper way Please Help Regards, REV

    Read the article

  • Do encryption algorithms require an internal hashing algorithm?

    - by Rudi
    When I use C# to implement the AES symmetric encryption cipher, I noticed: PasswordDeriveBytes derivedPassword = new PasswordDeriveBytes(password, saltBytesArray, hashAlgorithmName, numPasswordIterations); Why do I need to use a hashing algorithm for AES encryption? Aren't they separate? Or is the hashing algorithm only used to create a secure key? The AES algorithm doesn't use a hashing algorithm internally does it?

    Read the article

  • How to do HTTP authentication with Goliath/Heroku?

    - by David
    I'm using Goliath as my app server, and I am trying to convert "Ruby – Secure staging environment of your public app from users and bots" so it applies to my Goliath application. I am trying to use Rack::Static but I'm not sure how to write the code. I was trying something like: class Application < Goliath::API use(Rack::Lock) But I am not really sure how to translate the link I posted. I'm open to other alternatives, I just need my whole site password protected.

    Read the article

  • Accessing xml from jsp on tomcat server is throwing FileNotFoundException trying to access .keystore

    - by mobibob
    I am trying to access an XML file from JSP on my Tomcat server. The error is from Catalina's protocol handler and the exception is java.io.FileNotFoundException trying to access my .keystore in the 'documents and settings' folder for my signed-on user (with admin, but not the user that installed the server). I can provide the stacktrace if that would help ... but my question is more fundamental about secure access to files and where is the keystore configured / used on a Window's install?

    Read the article

  • Protect .NET code from reverse engineering?

    - by Priyank Bolia
    Obfuscation is one way, but it can't protect from breaking the piracy protection security of the application. How to make sure that the application is not tampered with, and how to make sure that the registration mechanism can't be reverse engineered. Also it is possible to make to convert C# app in native code, Xenocode is too costly. C# provides lot of features, and is the ideal language for my code, so writing in C++ again the whole codebase is out of question. Secure certificates can be easily removed from the signed assemblies in .NET

    Read the article

  • autehntication on gui application written on perl

    - by oren
    Its not specific perl question I am building a perl gui/wxperl application that connect to DB . I want my application to be a password protected i.e first the user should enter the user and password and then use the appication . what is the best secure method to store the password could someone provide an idea what is the best method to how should i store the user and the password and how should i retrieve them for authentication ? if possible could someone provide some perl code how to do this ?

    Read the article

  • Email Code Error

    - by Sneha Joshi
    In Email code, I get following error. The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.5.1 Authentication Required. Is this indicating that we require SSL certificate ?

    Read the article

  • How do I store a Java KeyStore password?

    - by Anthony D
    In my web application I access a private key that is stored in a Java KeyStore. I would like to know what is the best/recommended way to store the password for the KeyStore and private key. I've considered using a properties file but that does not seem very secure for use in a production environment (storing password in a plain text file). Also, hard-coding the password in my code is not an option I'm willing to entertain. Thanks.

    Read the article

  • Django: Password protect photo url's?

    - by MikeN
    From my Django application I want to serve up secure photos. The photos are not for public consumption, I only want logged in users to have the ability to view them. I don't want to rely on obfuscated file id's (giving a photo a UUID of a long number) and count on that being hidden in my media folder. How would I store a photo securely on disk in my database and only stream it out to an authenticated session?

    Read the article

  • How to use erubis with mamp

    - by devlim
    i found out erubis, the "fast, secure, and very extensible implementation of eRuby", now after install through gem install erubis, my question is how to run in on mac? especially on mamp? i been no luck finding answer on google so anyone know how?

    Read the article

  • SVN server host os

    - by volody
    Recently I was searching on how to secure svn repository, or otherwords how to enable ssl connection to svn repository for a windows server 2003. Does it make more sense to use Linux server instead?

    Read the article

  • Access Encryption

    - by Karthick
    Hi, I tried to use this logic http://www.databasejournal.com/features/msaccess/article.php/3752701/Secure-Microsoft-Access-Passwords-and-Encryption-in-Access-2007.htm I have an existing access database 2007, i want to encrypt it, when i tried to implement the 128-bit from the above link, unfortunately when i open the DB in notepad i don't see Microsoft cryptographic 1.0 encryption although i followed the exact steps. Any inputs? Please help me with other approaches too. Thanks in advance, Karthick

    Read the article

  • Online PHP/HTML/JS/CSS editor

    - by pistacchio
    Hi to all, is there any free php code that, once installed, allows you to browse and edit files (with html, javascript, php and css highlight) on the server where it's installed? The aim is to code online, browser based. I've tried http://phpanywhere.net/ that can make this possible, but it is buggy and moreover it requires an external (ftp) access to your server that is quite different (and less secure) that working directly on the server. Thanks in advance

    Read the article

< Previous Page | 80 81 82 83 84 85 86 87 88 89 90 91  | Next Page >