Search Results

Search found 8253 results on 331 pages for 'secure coding'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 85/331 | < Previous Page | 81 82 83 84 85 86 87 88 89 90 91 92  | Next Page >

  • May I'm infected?

    - by aiacet
    Hello again to everyone and many thanks to all the expert that will read this post and proupose a solution to my problem. In the last tw week, when i saw with MPC-HC (media player classic home cinema) some "justyfied" episodes, my F-Secure Client Security antivirus software alert-me that there is a threat in A0027132.exe file (the number still chanhe and increase each time, 3, that the antivir found a new threat). All this three threat are now quaratined and the file are: 1) C:/System Volume Information/_restore/{72AACB12-6526-40F2-81D7-69DF5809DD8A}\A0027132.exe 2) D:/System Volume Information/_restore/{72AACB12-6526-40F2-81D7-69DF5809DD8A}\A0027133.exe 3) D:/System Volume Information/_restore/{72AACB12-6526-40F2-81D7-69DF5809DD8A}\A0027134.exe the three threat are recognized like: 1) Backdoor.Generic.360086 2) Trojan.Packed.8707 2) Trojan.Packed.8807 The F-secure and the OS are both udpated at the last release/virus definition. Waiting for an answer, thanks in advance

    Read the article

  • Suggestion for auditd set-up

    - by JVerstry
    Hi, I am trying to learn about securing a Linux box (I am using Ubuntu). Auditd is recommended for monitoring activities on the node. I have managed to install it, but I can't find much information about proper set-up to secure my node. How should I set-up auditd to make my node more secure? What should I monitor? Why? I am looking for set-up examples and recommendation from experienced administrators. Thanks!

    Read the article

  • How to configure SSL on an instance of SQL Server to allow dedicated users to remotely access it?

    - by The Good Boy
    I have configured the instance of SQL Server to allow dedicated users to access it remotely. Connection string Data Source = 192.168.1.2,1433\sqlexpress;etc... has been tested and works. However, I have not configured the SSL to secure the communication. How to configure SSL on an instance of SQL Server to allow dedicated users to remotely access it? edit 1 The dedicated user will administer its database using Sql Server Management Studio. What I want to do is to secure the communication when he/she administers the database using Sql Server Management Studio.

    Read the article

  • How to force WinXP to ask for password before software installation/uninstall?

    - by crosenblum
    I really like some of the linux security measures it uses. So what i'd like to do is have WinXP Pro SP3 ask for my user password everytime i try to install/remove software. I know I can't make windows be as secure as linux, but i'd love to adopt some of the great ideas and measures used, as possible, to make windows more secure. Any suggestions? P.S. Are there other people out there, who try to make their windows feel more linux like? Just curious.

    Read the article

  • How can i enter in Network Security Field

    - by Master
    I am thinking of Entering in Network Security Field. It can be securing windows network , linux network But exactly don't ave the full picture how does that area is divided I only have the vague idea. i want some position where company call me to check their system to see if its secure. Or govt can hire to secure network from external access. Any thing like that Can anyone give me some idea how can i start. Is there any scope in that area. How its growing in future. Are there any certification which ican do to start with thanks

    Read the article

  • Media Information for Constant and Variable bit rate of Video files

    - by cpx
    What is this Maximum bit rate for a .mp4 format file whose bit rate mode is Constant? Media information displayed for MP4 (Using MediaInfo Tool) ID : 1 Format : AVC Format/Info : Advanced Video Codec Format profile : [email protected] Format settings, CABAC : No Format settings, ReFrames : 1 frame Codec ID : avc1 Codec ID/Info : Advanced Video Coding Bit rate mode : Constant Bit rate : 1 500 Kbps Maximum bit rate : 3 961 Kbps Display aspect ratio : 4:3 Frame rate mode : Constant Frame rate : 29.970 fps Color space : YUV Chroma subsampling : 4:2:0 Bit depth : 8 bits Scan type : Progressive Bits/(Pixel*Frame) : 0.163 In this case where the bit rate mode is set to Variable, is the Bit rate field where the value is displayed as 309 is its average bit rate? Media information displayed for M4V (Using MediaInfo Tool) ID : 1 Format : AVC Format/Info : Advanced Video Codec Format profile : [email protected] Format settings, CABAC : No Format settings, ReFrames : 1 frame Codec ID : avc1 Codec ID/Info : Advanced Video Coding Bit rate mode : Variable Bit rate : 309 Kbps Display aspect ratio : 16:9 Frame rate mode : Variable Frame rate : 23.976 fps Minimum frame rate : 23.810 fps Maximum frame rate : 24.390 fps Color space : YUV Chroma subsampling : 4:2:0 Bit depth : 8 bits Scan type : Progressive Bits/(Pixel*Frame) : 0.229 Writing library : x264 core 120

    Read the article

  • How to get same cookie to control two different folders on same site.

    - by Incandescent
    I am using the below cookie javascript to run a background color changer on my site. I want to also use it for the background color of my forum which is in a separate folder (http://lightbulbchoice.com/forum). I currently have it working on both the site and forum but you have to set each separately, i.e., each is setting it's own cookie. How do I get the forum to locate the main site cookie and not set it's own? // Cookie Functions - Second Helping (21-Jan-96) // Written by: Bill Dortch, hIdaho Design // The following functions were released to the public domain by him. function getCookieVal (offset) { var endstr = document.cookie.indexOf (";", offset); if (endstr == -1) endstr = document.cookie.length; return unescape(document.cookie.substring(offset, endstr)); } function GetCookie (name) { var arg = name + "="; var alen = arg.length; var clen = document.cookie.length; var i = 0; while (i < clen) { var j = i + alen; if (document.cookie.substring(i, j) == arg) return getCookieVal (j); i = document.cookie.indexOf(" ", i) + 1; if (i == 0) break; } return null; } function SetCookie (name, value) { var argv = SetCookie.arguments; var argc = SetCookie.arguments.length; var expires = (argc > 2) ? argv[2] : null; var path = (argc > 3) ? argv[3] : null; var domain = (argc > 4) ? argv[4] : null; var secure = (argc > 5) ? argv[5] : false; document.cookie = name + "=" + escape (value) + ((expires == null) ? "" : ("; expires=" + expires.toGMTString())) + ((path == null) ? "" : ("; path=" + path)) + ((domain == null) ? "" : ("; domain=" + domain)) + ((secure == true) ? "; secure" : ""); } // --> </script>

    Read the article

  • choosing the right SSL certifcate

    - by seengee
    Hi All, We're looking to purchase some SSL certificates to secure the login pages of ecommerce sites. It is not required to secure the actual payment process as this is protected by a third party with its own verisign certificate. rapidSSL looks like a good (and cheap) option but a salesperson has told me that they are only suitable for "test sites" and recommended that we use one that is 4 times the cost. Can anyone make any recommendations about what we should be looking for and what we should consider? Thanks.

    Read the article

  • Cannot Enter Credentials Over UAC Prompts During Remote Assistance

    - by user100731
    We are using sonicwall firewall device through out our network and we use the sonicwall virtual assistance tool for remote desktop assistance. Since our systems are not in workgroup and are on domain we face problem when the UAC prompts appear. As a work around we edited the UAC policies, such as switching to secure desktop-disable, Allowing UI Acess applications to prompt for elevation without using secure desktop-Enable etc. The ultimate result was we are able to see the UAC prompt on the remote user system but not able to interact with it like we are not able to enter credentials to it even I can see the password being entered if it is done by the local user. However, we cannot interact with UAC prompt window remotely. Is there any solution for this?

    Read the article

  • Why would you use EAP-TTLS instead of PEAP?

    - by Ivan Macek
    As I understood EAP-TTLS and PEAP share same level of security when implemented in wireless networks. Both only provide server side authentication via certificate. The drawback of EAP-TTLS can be non native support in Microsoft Windows so every user has to install additional software. The benefit of EAP-TTLS can be support for less secure authentication mechanisms (PAP, CHAP, MS-CHAP) but why would you need them in modern and properly secure wireless system? What are you opinions? Why should I implement EAP-TTLS instead of PEAP? Let's say that I have most Windows users, medium Linux users and least iOS, OSX users.

    Read the article

  • If I use openvpn, can vpn servers monitor my usernames/passwords?

    - by Duff
    Openvpn uses a type of encryption similar to ssl. This seems to suggest that even if I choose an incredibly shady VPN server, then my content will be secure. That is, the VPN server will be able to monitor what websites I patronize, but not the actual data I transfer. That said, I am not an expert at this type of thing. I wanted, therefore, to make sure that I understand correctly. Is it true that if I use openvpn that my username/passwords are secure, even if the VPN is untrustworthy? If not, why? (And how, if at all, can it be fixed?) Examples of things that I don't know much about that may (or may not! I honestly don't know much about this.) be related to my question are: DNS leakage, IPv6, tracking cookies, browser plugins and websites that don't support https.

    Read the article

  • Recommend an SFTP solution for Windows (Server & Client) that integrates well with Dreamweaver

    - by aaandre
    Could you please recommend a secure FTP solution for updating files on a remote windows server from windows workstations? We would like to replace the FTP-based workflow with a secure FTP one. Windows Server 2003 on the remotely hosted webserver, WinXP on the workstations. We manage the files via Dreamweaver's built-in FTP. My understanding is Dreamweaver supports sFTP out of the box so I guess I am looking for a good sFTP server for Windows Server 2003. Ideally, that would not require cygwin. Ideally, the solution would use authentication based on the existing windows accounts and permissions. Thank you!

    Read the article

  • WCF WebService: Client can't connect, as soon as request client cerficate is activated.

    - by Hinek
    I have an .NET 3.5 WCF WebService hostet in IIS 6 and using a SSL certificate. The communication between client and server works. Then I activate "request client certificate" and the client can't connect anymore Exception: System.ServiceModel.Security.SecurityNegotiationException: Could not establish secure channel for SSL/TLS with authority 'polizei-bv.stadt.hamburg.de'. Inner Exception: System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel. The certificate, the client uses is in the certificate store (local computer), the root ca is int the trusted root certification authorities store. Where can I check for an explanation on the server side? How can I check if the client really supplies it's certificate (client is not on my side)?

    Read the article

  • Script to Change Pronunciations on Mac

    - by user106990
    So I've been looking around on how to change how my mac says things, I have found my answer but what I need is some help with the coding. Here is what I want to do: Create a list of word pairs. Create a script that substitutes words in its parameter list according to your word-pairs list, and passes the modified parameter list to "/usr/bin/say". I This is a quick copy of http://superuser.com/q/170041/106990 and I have very little coding know how and would like some help. I don't care in what language. Any help would be really appreciated. Thanks in advanced.

    Read the article

  • Switching to LDAP over SSL for Active Directory

    - by bkildow
    On our active directory server, I would like to enable LDAP over SSL as per this: http://support.microsoft.com/kb/321051. I am wondering, once this is set up, will LDAP still be listening on the standard port, 389 once this is implemented as well as the secure port? Or will the secure port completely replace the standard port as an option to connect to? Also, will there need to be any other configurations besides the steps in the article for doing this? In other words, will domain users still be able to authenticate like normal, or is there additional setup that would need to occur?

    Read the article

  • Operative systems on SD cards

    - by HisDudeness
    I was getting some wild ideas the last days, like putting some operative systems into SD cards rather than on my hard drive. I'll go further into details now and explain what lead me to consider this probably abominable decision. I am on a laptop (that means I have a native SD-card reader) which is currently running a cross-distro setup, with a bunch of Linux systems (placed in dedicated ext4 logical partitions into a huge extended one) regulated by an unique GRUB. Since today, my laptop haven't even seen any Windows system with binoculars. I was thinking about placing all the os part of my setup into a Secure Digital to save all my 500 Gb Hard Drive for documents, music, videos and so on, and being able to just remove the SD and boot my system into another computer too, as well as having the possibility of booting other systems into mine by just plugging in another SD, without having to keep it constantly placed in my PC. Also, in the remote case in the near future I just wanted to boot Windows 8 in it, I read it causes major boot incompatibility issues with other systems by needing a digital signature in order for them to start. By having it in a removable drive, I could just get rid of it when I'm needing him and switch its card with Linux one, and so not having any obstacles to their boot. Now, my questions are: I know unlikely traditional rotating disk drives, integrated circuits ones have a limited lifespan in terms of cluster rewriting. Is it an obstacle to that kind of usage? I mean, some Ultrabooks are using SSD now, is it the same issue, or there are some differences between Solid State Drives and Secure Digitals in that sense? Maybe having them to store system files which are in fixed positions (making the even-usage of cluster technology useless) constantly being re-read and updated and similar things just gets them soon unserviceable, do it? Second question: are all motherboards and BIOSes able to boot from SDs just like they are from USB pen drives (I mean, provided card reader is USB-connected, isn't it)? Or can't bootloaders like GRUB be installed on SDs working? If they can't, is it a solution installing GRUB to MBR and making boot option pointing to SD? Will it work? Are there any other problems to installing OSs on a Secure Digital?

    Read the article

  • Opinions on Dual-Salt authentication for low sensitivity user accounts?

    - by Heleon
    EDIT - Might be useful for someone in the future... Looking around the bcrypt class in php a little more, I think I understand what's going on, and why bcrypt is secure. In essence, I create a random blowfish salt, which contains the number of crypt rounds to perform during the encryption step, which is then hashed using the crypt() function in php. There is no need for me to store the salt I used in the database, because it's not directly needed to decrypt, and the only way to gain a password match to an email address (without knowing the salt values or number of rounds) would be to brute force plain text passwords against the hash stored in the database using the crypt() function to verify, which, if you've got a strong password, would just be more effort than it's worth for the user information i'm storing... I am currently working on a web project requiring user accounts. The application is CodeIgniter on the server side, so I am using Ion Auth as the authentication library. I have written an authentication system before, where I used 2 salts to secure the passwords. One was a server-wide salt which sat as an environment variable in the .htaccess file, and the other was a randomly generated salt which was created at user signup. This was the method I used in that authentication system for hashing the password: $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; //create a random string to be used as the random salt for the password hash $size = strlen($chars); for($i = 0; $i < 22; $i++) { $str .= $chars[rand(0, $size - 1)]; } //create the random salt to be used for the crypt $r_blowfish_salt = "$2a$12$" . $str . "$"; //grab the website salt $salt = getenv('WEBSITE_SALT'); //combine the website salt, and the password $password_to_hash = $pwd . $salt; //crypt the password string using blowfish $password = crypt($password_to_hash, $r_blowfish_salt); I have no idea whether this has holes in it or not, but regardless, I moved over to Ion Auth for a more complete set of functions to use with CI. I noticed that Ion only uses a single salt as part of its hashing mechanism (although does recommend that encryption_key is set in order to secure the database session.) The information that will be stored in my database is things like name, email address, location by country, some notes (which will be recommended that they do not contain sensitive information), and a link to a Facebook, Twitter or Flickr account. Based on this, i'm not convinced it's necessary for me to have an SSL connection on the secure pages of my site. My question is, is there a particular reason why only 1 salt is being used as part as the Ion Auth library? Is it implied that I write my own additional salting in front of the functionality it provides, or am I missing something? Furthermore, is it even worth using 2 salts, or once an attacker has the random salt and the hashed password, are all bets off anyway? (I assume not, but worth checking if i'm worrying about nothing...)

    Read the article

  • Test tomcat for ssl renegotiation vulnerability

    - by Jim
    How can I test if my server is vulnerable for SSL renegotiation? I tried the following (using OpenSSL 0.9.8j-fips 07 Jan 2009: openssl s_client -connect 10.2.10.54:443 I see it connects, it brings the certificate chain, it shows the server certificate, and last: SSL handshake has read 2275 bytes and written 465 bytes --- New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA Server public key is 1024 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : DHE-RSA-AES256-SHA Session-ID: 50B4839724D2A1E7C515EB056FF4C0E57211B1D35253412053534C4A20202020 Session-ID-ctx: Master-Key: 7BC673D771D05599272E120D66477D44A2AF4CC83490CB3FDDCF62CB3FE67ECD051D6A3E9F143AE7C1BA39D0BF3510D4 Key-Arg : None Start Time: 1354008417 Timeout : 300 (sec) Verify return code: 21 (unable to verify the first certificate) What does Secure Renegotiation IS supported mean? That SSL renegotiation is allowed? Then I did but did not get an exception or get the certificate again: verify error:num=20:unable to get local issuer certificate verify return:1 verify error:num=27:certificate not trusted verify return:1 verify error:num=21:unable to verify the first certificate verify return:1 HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Content-Type: text/html;charset=ISO-8859-1 Content-Length: 174 Date: Tue, 27 Nov 2012 09:13:14 GMT Connection: close So is the server vulnerable to SSL renegotiation or not?

    Read the article

  • to measure throughput of testing device connect to server via AP

    - by samantha
    Description of project- I have a test tool to which DUT connects. The test tool has an access point in it and once DUT get connected to it via mac address we check RSSI and some other features of WiFi of DUT. Now I am wondering is there is any way I can measure throughput of Device under test via mac address of DUT from server side. Test-tool has LINUX fedora 11 in it and major coding is done in c/C++ and json command. Previously, I have tried to install ftp server on test-tool and DUT can connect to it and we can measure the throughput or data transfer rate, but this is not feasible solution as it requires lot of intervention from DUT. What I am interested in is 1) To run some script on server side /test tool and it gives me throughput of bandwidth of connected device may be via mac address of DUT OR 2) Server script transfer some files/packets to DUT and we can measure the throughput. Coding is not a major challenge at this stage , I just need some tool which requires minimum intervention from DUT.

    Read the article

  • What ports to open for mail server?

    - by radman
    Hi, I have just finished setting up a Postfix mail server on a linux (ubuntu) platform. I have it sending and receiving email and it is not an open relay. It also supports secure smtp and imap. Now this is a pretty beginner question but should I be leaving port 25 open? (since secure smtp is preferred). if so then why? Also what about port 587? Also should I require any authentication on either of these ports? Please excuse my ignorance in this area :P

    Read the article

  • Securing a persistent reverse SSH connection for management

    - by bVector
    I am deploying demo Ubuntu 10.04 LTS servers in environments I do not control and would like to have an easy and secure way to administer these machines without having to have the destination firewall forward port 22 for SSH access. I've found a few guides to do this with reverse port (e.g. howtoforge reverse ssh tunneling guide) but I'm concerned with security of the stored ssh credentials required for the tunnel to be opened automatically. If the machine is compromised (primary concern is physical access to the machine is out of my control) how can I stop someone from using the stored credentials to poke around in the reverse ssh tunnel target machine? Is it possible to secure this setup, or would you suggest an alternate method?

    Read the article

  • Any problems with using a 301 redirect to force https traffic in IIS?

    - by Jess
    Is there any problem with using a 301 redirect to force all traffic to go to a secure-only site? We originally had redirect rules, but enforcing SSL-only seemed more secure. Here is how we set it up: Site 1: https://example.com/ Require SSL set Bound to 443 only Site 2: http://example.com Bound to 80 only Empty folder - no actual html or other data 301 Redirects to https://example.com This seems to work beautifully, but are there any issues with doing this? Would any browsers not recognize the 301 redirect, or could there be security warnings during the redirect?

    Read the article

  • Security considerations for my first eStore.

    - by Rohit
    I have a website through which I am going to sell few products. It is hosted on a simple shared-hosting and does not have SSL. On the products page, each product has a Buy Now button created from my PayPal Merchant account. PayPal recommends to use it's Button Factory to create secure buttons and save it inside PayPal itself. I have followed the same advice and the code of any button is secure and does not disclose any information on either a product or it's price. When the user clicks on a Buy Now button, he/she is taken to PayPal site where a page is opened in SSL for the user to fill in the credit card and shipping details. After a successful transaction, the control is passed back to my site. I want to know whether there is still any chance when security could be compromised.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 81 82 83 84 85 86 87 88 89 90 91 92  | Next Page >