Search Results

Search found 2668 results on 107 pages for 'trusted certificate'.

Page 89/107 | < Previous Page | 85 86 87 88 89 90 91 92 93 94 95 96  | Next Page >

• Cannot Connect To VMWare Guest OS Using NEither RDP Nor

  - by Humanier

  Hi, I have a PC (Windows XP SP3) with VMWare Workstation 7 installed. The VMWare hosts Windows Server 2003 Enterprise Edition R2. RealVNC (4.1.3) is installed on both OS'es. Both of them use Hamachi2. Host OS (WinXP) also runs ZoneAlarm Firewall. Hamachi network is set as trusted. My goal is to allow RDP and VNC connections to be made to the guest OS (Windows Server 2003). Both options work absolutely fine if I connect from the host OS. However I have problems when other computers from our Hamachi network try to connect the guest OS (Win2K3). 1) RDP connections. RDP window opens, shows black content and after 15-20 seconds displays following error: http://lh6.ggpht.com/_yQhsRRimgKU/TArRrtiteQI/AAAAAAAABZA/e96za-y9wzo/rdp_error.JPG 2) RealVCN connections. Users are able to connect but all they see is a black screen inside VNC window. At the same their input (keystrokes or mouse moves/clicks) are visible when looking at the console window of the Win2K3. I really appreciate any ideas on how to resolve mentioned problems. Thank you in advance.

  Read the article

• Linux security: The dangers of executing malignant code as a standard user

  - by AndreasT

  Slipping some (non-root) user a piece of malignant code that he or she executes might be considered as one of the highest security breaches possible. (The only higher I can see is actually accessing the root user) What can an attacker effectively do when he/she gets a standard, (let's say a normal Ubuntu user) to execute code? Where would an attacker go from there? What would that piece of code do? Let's say that the user is not stupid enough to be lured into entering the root/sudo password into a form/program she doesn't know. Only software from trusted sources is installed. The way I see it there is not really much one could do, is there? Addition: I partially ask this because I am thinking of granting some people shell (non-root) access to my server. They should be able to have normal access to programs. I want them to be able to compile programs with gcc. So there will definitely be arbitrary code run in user-space...

  Read the article

• Visual Studio Publish using Web Deploy gives SSL Exception?

  - by user1267778

  Im trying to use Web Deploy with arvixe hosting. I enabled Publishing with the host but I get SSL exception when I hit publish. Is anybody familiar with the following exception: Error 59 Web deployment task failed.(Could not complete the request to remote agent URL 'https://yew.arvixe.com:8172/msdeploy.axd?site=mywebsite.com'.) Could not complete the request to remote agent URL 'https://yew.arvixe.com:8172/msdeploy.axd?site=mywebsite.com'. The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. The remote certificate is invalid according to the validation procedure. 0 0 myapplication_MVC4 Thanks

  Read the article

• SSL: can the secret key be sniffed before the actual encryption begins?

  - by Jorre

  I was looking into SSL and some of the steps that are involved to set up an encrypted connection between a server and a client computer. I understand that a server key and certificate is sent to the browser, and that a secret code is being calculated, like they say in the following video: http://www.youtube.com/watch?v=iQsKdtjwtYI around 5:22, they talk about a master secret code that is being calculated to start talking in an encrypted way. My question now is: before the connection is actually encrypted (the handshake phase), all communication between the server and the client can be sniffed by a packet sniffer. Isn't it then possible to sniff the encryption key or other data that is used to set up a secure connection?

  Read the article

• Verify p2p node

  - by mazzzzz

  Hey guys, I have been working on a p2p namespace for some of my programs. I created a system to encrypt/decrypt the packets send/received with the class. I was using the basic public private key system: 1) encrypt the data with Symmetric encryption 2) encrypt the symmetric key with RSA. Then do the opposite when you decrypted.. I was wondering though, how would you verify if the packet was coming from where it said it was. I was going to use a basic certificate system (where you encrypt with your private RSA key, then they decrypt it with your public key), but I don't know how to do this with C#. I am using the RSACryptoServiceProvider class. Does anyone know how do this? Thanks, Max

  Read the article

• Writing iPhone apps on linux - What tools do you need

  - by Sia.G

  Hello. I wanted to know if it's possible to WRITE and COMPILE/TEST iPhone apps on a linux platform. I've been on google for a couple of days now, and people either talk about "Mac OS X only!", or "Develop jailbroke apps on Linux". My dev partner has a mac and has a certificate to sign the apps. I don't have a mac, but I will be doing most of the development. So what I want to do is simply develop/test the app in linux, and when it's finished, simply hand over the code to him, who will then compile the finalized app and sign it ready for submission to the app store. Could anyone tell me what linux tools I would need to accomplish this?

  Read the article

• IEnumerable not null but calling Count() results in Exception

  - by Draak

  I have code that's working beautifully on my development machine, but when deployed to the server is throwing null reference exception. So, I can't step through the code, but I've pinned down the culprit. But now I am puzzled. Here's the code. The question is below. Dim certs = From p In persons _ Select New Certificate( _ p.Value, _ New CertificateData.Seminar(thisEvent.Seminar.Name, _ thisEvent.StartDate.Value, _ thisEvent.EndDate.Value, _ thisEvent.Venue.City, _ thisEvent.Venue.State, _ New CertificateData.Instructor( _ staffMember.Name, _ staffMember.Titles, _ instrSignatPath))) _ With {.CertificateId = p.Key} lblMessage.Text = CStr(certs Is Nothing) lblMessage.Text = lblMessage.Text + "<br />" + CStr(certs.Count()) In the code above persons is a dictionary of custom class, and certs is of IEnumerable type. Now here's the quandary.. The first line that sets the label returns False, so certs is not null. But the second line throws an null reference exception. How is this possible?

  Read the article

• what factors should a fresher(for programmer job) consider and learn before saying yes to employer f

  - by Senthil

  what factors should a fresher(for programmer job) consider and learn before saying yes to employer for job offer? and to contract? and most importantly how should one get the details?how can I approach them? I know some employers dont want to give such details..right? I have shortlisted by a Software COmpany..that is parter with microsoft. and works on technology like VB ADO.DOTNET,and some other reporting stuffs.,sql servers etc.,Tell me about scope of that..because They are asking me to sign for 2 year certificate bond agreement..I want to be a great programmer and Project Leader after 5 years..advise me guys..Language/OS not problem for me,As I curious to learn more things. Most of the SO members are programmers..so yours advice is greatly appreciated

  Read the article

• yum update fails

  - by user1670818

  i have RHEL 6.3 [root@RHEL6 yum.repos.d]# uname -a Linux RHEL6.3-64-BuildMac 2.6.32-279.el6.x86_64 #1 SMP Wed Jun 13 18:24:36 EDT 2012 x86_64 x86_64 x86_64 GNU/Linux My /etc/yum.conf looks like [main] cachedir=/var/cache/yum/$basearch/$releasever keepcache=0 debuglevel=2 logfile=/var/log/yum.log exactarch=1 obsoletes=1 gpgcheck=1 plugins=1 installonly_limit=3 reposdir=/etc/yum.repos.d/rhel.repo The contents of my /etc.yum.repo.d/rhel.repo looks like [rhelrepo] name=my rhel repo baseurl=http://mirror.centos.org/centos/6.3/os/x86_64/ #gpgkey=http://mirror.centos.org/centos/6.3/os/x86_64/RPM-GPG-KEY-CentOS-6 enabled=1 gpgcheck=0 But my yum update fails with the following error [root@RHEL6 yum.repos.d]# yum update Loaded plugins: product-id, security, subscription-manager Updating certificate-based repositories. Unable to read consumer identity Setting up Update Process No Packages marked for Update please could somebody help

  Read the article

• Trying to Set up SMTP Server on WIndows Server 2012

  - by datc

  I'm working on a website, and I need to test the functionality of sending email messages from ASP.NET, something like this: Dim msg As New MailMessage("email1", "email2") msg.Subject = "Subject"<br> msg.IsBodyHtml = True<br> msg.Body = "Click <a href='site'>here</a>." Dim client As SmtpClient = New SmtpClient() client.Host = "My-Server"<br> client.Port = 25<br> client.DeliveryMethod = SmtpDeliveryMethod.Network<br> client.Send(msg) This is running from a Windows 8 workstation. I've installed SMTP server on my Windows Server 2012 machine. The mail shows up in the mailroot/Queue folder and sits there, eventually getting deposited into Badmail. Now I have AT&T U-verse at home, and a few devices connected to the gateway, including let's call it "My-Server." When I run SmtpDiag from say, datc@... to [email protected] I get SOA serial number match passed, Local DNS (99-135-60-233.lightspeed.bcvloh.sbcglobal.net) & Remote DNS (hotmail.com) tests *not* passed, and ultimately, Connecting to the server failed. Error: 10060. Failed to submit mail to mx2.hotmail.com error. When I set My-Server's IP to static and equal to the external IP, 99.135.60.233, and again run SmtpDiag, I get SOA, Local DNS, and Remote DNS tests passed, but the same 10060 error. Same for yahoo.com, gmail.com, and so forth. Is it my ISP's job to fix this? Some PTR record missing somewhere? Is it at all possible to have a home-based SMTP server? All I want is to test my email code. Perhaps, my IP address is just not "trusted" somehow. Thanks.

  Read the article

• Set form action dynamically in https-area

  - by Beerweasle

  Hi, heres the problem explanation: Im on the domain https://www.example.com - theres an Order-Form with the Action https://www.example-otherdomain.com with an other SSL Certificate. On some conditions i set the form action to https://www.example.com so that it will be posted on our domain, but if the user uses a CreditCart it should get posted to https://www.example-otherdomain.com. So far so good. But in some rare conditions, users with CreditCards still posts their form to https://www.example.com. So my idea is: Is there some Same-Domain-Policy for Javascript/HTTPS to protect the user from phishing? It seems that to set the FormAction to the same domain works, but not to reset it to the external one (with JS). I cant reproduce this error, so im asking here if someone knows if theres such a problem. It doesnt matter which UserAgent the user has (there are post datas from FF, Chrome, Webkit, IE7/8) Thx!

  Read the article

• Configuring SQL Server Express 2005

  - by MrTognio

  What's the proper way to configure SQL Server Express 2005 so that it can allow for a number of clients to get connected to the server? I have my application running both in the server machine and the client machines. Given the nature of my application, clients are the branches geographically distant from each other, and the server itself. Every operation the client records must be reported to the server, because the server needs total control over the usage and production. But, what should I consider when configuring the connection in both sides, the server and the client? I'm not as used to SQL Server, I'm a beginner, however through SQL Server Configuration Manager I have set the main options without success. The problem seems to be related to trusted connections even though I have set it to support both windows and SQL Server authentication. When the client tries to connect to the server using windows authentication it displays no table; when it tries to communicate using a password (SQL Server authentication), tables are successfully displayed but no access is allowed... Thanx in advance!

  Read the article

• WebService Security

  - by LauzPT

  Hello, I'm developing an project, which consists in a webservice and a client application. It's a fair simple scenario. The webservice is connected to a database server, and the client consumes from the webserver in order to get information retrieved from the database. The thing is: 1. The client application can only display data after a previous authentication; 2. All the data transferred between Web Service and clients must be confidential; 3. Data integrity shouldn’t be compromised; I'm wondering what is the best way to achieve these requirements. The first thing I thought about, was sending the server a digital signature containing a client certificate, to be stored in the server, and used as comparison for authentication. But I investigated a little about webservice security, and I'm no longer certain that this is the best option. Can anyone give me an opinion about this? TIA

  Read the article

• Windows XP Rejecting Digital Signature

  - by ajs410

  I don't want to see unsigned driver warnings while installing a driver, so I'm trying to digitally sign a driver using signtool, inf2cat, and a Software Publishing Certificate. Vista x64 requires the drivers to be digitally signed or it flat out rejects them, but I have managed to get Vista x64 to accept the driver, so I know I'm doing the process correctly. However, I repeat the process for the Windows XP x86 driver. inf2cat and signtool both return successful results, signtool verifies the digital signatures, right-click - properties on the file verifies the digital signature too. However, when I go to load the driver in Windows XP, it still prompts me with an unsigned driver warning. Why does XP consider the file unsigned, but Vista does not?

  Read the article

• SSL_accept hangs... sometimes ( C, linux, openssl )

  - by zbigh

  I'm currently working on an embedded linux system. There are two crucial client applications on the system that connect to an external server ( on another embedded system, all written in C ). The two apps use different certificates. The ssl connection works... At least usually, but from time to time an error occures: the server hangs on SSL_accept() when accepting connection from one of the applications - the one using older certificates. Restarting the server application does not help, nor does restarting the client - the only way is to reboot the server system, unless I create a symbilic link to the new certificates used by the other app - only then will restarting the server app work. Never does the error occur when both applications use the same, new certificate. Could this happen due to some strange openssl cache or something like that?

  Read the article

• Problem running VBScript from my UIAccess VB app using MSScriptControl

  - by Ray

  I'm trying to run some VBSCRIPT from within my application. This works fine when I run my program from within VB. But once I add "UIAccess=true" to my manifest and digitally sign my exe with my certificate, I am unable to run the code any more. It gives errors when I try to interface with any program saying "429: ActiveX component can't create object: 'myApp.Application'". Anyone have any idea why it would run fine in the IDE but not with an application with uses UIAccess? Here is the code: Dim scriptRunner As New MSScriptControl.ScriptControlClass scriptRunner.Language = "VBScript" scriptRunner.AllowUI = True scriptRunner.Timeout = 3000 scriptRunner.AddCode(scriptStr) scriptRunner = Nothing

  Read the article

• Android sending SOAP object over Https via ksoap2 2.5.8

  - by Jack-V

  My first time posting a question here so please do not mind my mistakes here. I'm currently making an android application fetching and sending information from a .asmx web service. Everything goes well with the ksoap2 library and am using HttpTransportSE to call the web service. So now what I'm trying to do is to use the HttpsTransportSE to call the web service over Https. I got java.security.cert.certpathvalidatorexception trustanchor for certpath not found exception. I have the server certificate in .pfx , .jks and .bks format. My questions is what do i do with it to make my HttpsTransportSE call to be success? I've read around with articles using custom SSLSocketFactory but am still not sure how to implement it in my application. Thanks in advance for any suggestion/advices

  Read the article

• RAIDs with a lot of spindles - how to safely put to use the "wasted" space

  - by kubanczyk

  I have a fairly large number of RAID arrays (server controllers as well as midrange SAN storage) that all suffer from the same problem: barely enough spindles to keep the peak I/O performance, and tons of unused disk space. I guess it's a universal issue since vendors offer the smallest drives of 300 GB capacity but the random I/O performance hasn't really grown much since the time when the smallest drives were 36 GB. One example is a database that has 300 GB and needs random performance of 3200 IOPS, so it gets 16 disks (4800 GB minus 300 GB and we have 4.5 TB wasted space). Another common example are redo logs for a OLTP database that is sensitive in terms of response time. The redo logs get their own 300 GB mirror, but take 30 GB: 270 GB wasted. What I would like to see is a systematic approach for both Linux and Windows environment. How to set up the space so sysadmin team would be reminded about the risk of hindering the performance of the main db/app? Or, even better, to be protected from that risk? The typical situation that comes to my mind is "oh, I have this very large zip file, where do I uncompress it? Umm let's see the df -h and we figure something out in no time..." I don't put emphasis on strictness of the security (sysadmins are trusted to act in good faith), but on overall simplicity of the approach. For Linux, it would be great to have a filesystem customized to cap I/O rate to a very low level - is this possible?

  Read the article

• What's the safest way to kick off a root-level process via cgi on an Apache server?

  - by MartyMacGyver

  The problem: I have a script that runs periodically via a cron job as root, but I want to give people a way to kick it off asynchronously too, via a webpage. (The script will be written to ensure it doesn't run overlapping instances or such.) I don't need the users to log in or have an account, they simply click a button and if the script is ready to be run it'll run. The users may select arguments for the script (heavily filtered as inputs) but for simplicity we'll say they just have the button to choose to press. As a simple test, I've created a Python script in cgi-bin. chown-ing it to root:root and then applying "chmod ug+" to it didn't have the desired results: it still thinks it has the effective group of the web server account... from what I can tell this isn't allowed. I read that wrapping it with a compiled cgi program would do the job, so I created a C wrapper that calls my script (its permissions restored to normal) and gave the executable the root permissions and setuid bit. That worked... the script ran as if root ran it. My main question is, is this normal (the need for the binary wrapper to get the job done) and is this the secure way to do this? It's not world-facing but still, I'd like to learn best practices. More broadly, I often wonder why a compiled binary is more "trusted" than a script in practice? I'd think you'd trust a file that was human-readable over a cryptic binaryy. If an attacker can edit a file then you're already in trouble, more so if it's one you can't easily examine. In short, I'd expect it to be the other way 'round on that basis. Your thoughts?

  Read the article

• Best way to restrict access to a folder in Dropbox

  - by Joe S

  I currently run a business with around 10 staff members and we currently use Dropbox Pro 100GB to share all of our files. It works very well and is inexpensive, however, I am taking on a number of new staff and would like to move the more sensitive documents into their own, protected folder. Currently, we all share one Dropbox account, I am aware that Dropbox for teams supports this, but it is far too expensive for us as a small company. I have researched a number of solutions: 1) Set up a new standard Dropbox account just for use by management, which will contain all of the sensitive documents, and join the shared folder of the rest of my team to access the rest of the documents. As i understand it, this is not possible with a free account, as any dropbox shared folder added to your account will use up your quota 2) Set up some sort of TrueCrypt container, and install TrueCrypt on each trusted staff member's machine, and store the documents inside that. Would this be difficult to use? I'd imagine the sync-ing would not work so well as the disk would technically be mounted at the time of use and any changes would be a change to the actual container rather than individual files. I was just wondering if anyone knows a way to do this without the drawbacks outlined above? Thanks!

  Read the article

• Established javascript solution for secure registration & authentication without SSL

  - by Tomas

  Is there any solution for secure user registration and authentication without SSL? With "secure" I mean safe from passive eavesdropping, not from man-in-the-middle (I'm aware that only SSL with signed certificate will reach this degree of security). The registration (password setup, i.e. exchanging of pre-shared keys) must be also secured without SSL (this will be the hardest part I guess). I prefer established and well tested solution. If possible, I don't want to reinvent the wheel and make up my own cryptographic protocols. Thanks in advance.

  Read the article

• exchange server 2010 with multiple domains

  - by air

  i have one exchange server 2010, which is working fine with one domain. my exchange is working as follows pop3 collector collect emails from one master catchall account and then deliver to exchange server, this working perfect. now what i want to add another domain to same exchange, i have added new domain as trusted domain & email policy and this new domain email account works fine with internal emails. now what i have done, i again forward new email account to same catchall account. but if i send email from any other external email address email is bounce, i can see email receive by pop3 collector but bounce by exchange server. to make you more clear let me explain logic on which i am working. i have 2 domains 1. domain1.com ([email protected]) 2. domain2.com ([email protected] -->[email protected]) now on my machine with exchange server i have pop3 collector which collect all emails from [email protected] and forward to exchange 2010 server. all emails to domain1.com is working perfect but when i send email to [email protected] this email redirect to [email protected] perfectly but when exchanger server receive this email, it bounce. i have also study the url link text and follow the whole process but no success. i also check that my DNS/MX is working fine as the bounce message is going from my exchange server. EDIT the only problem is with accepted domain, as email come to exchange server then bounce back. i just try this today i create one user called test, then i goto his properties -- email there was only one email account [email protected] i try to send email to [email protected] from internet (email bounce) then again i go to test user properties -- email and Add one email [email protected] again u try to send email to t*[email protected]* from internet (email received) i think the only problem is with accepted domain but in hub transport , it shows accepted is there any way to check does domain is properly accepted or not in exchange 2010 server. Thanks

  Read the article

• How to securely control access to a backend key server?

  - by andy

  I need to securely encrypt data in my database so that if the database is dumped, hackers are unable to decrypt the data. I'm planning on creating a simple key server on a different machine, and allowing the DB server access to it (restricted by IP address on the key server to permit the DB server). The key server would contain the key required to encrypt/decrypt data. However, if a hacker were able to get a shell on the DB server, they could request the key from the key server and therefore decrypt the data in the database. How could I prevent this (assuming all firewalls are in place, DB is not connected directly to the internet, etc)? i.e. is there some method I could use that could secure a request from the DB server to the key server so that even if a hacker had a shell on the DB server they'd be unable to make those same requests? Signed requests from the DB server could make issuing these requests less trivial - I suppose that'd help increase the amount of time it'd take to compromise the key server, something a hacker probably wouldn't have much of. As far as I can see, if someone can get a shell on the DB server everything's lost anyway. This could be mitigated by using one key per data item in the DB so at least there's not a single "master" key, but multiple keys that the hacker would need to access. What would be a secure method of ensuring requests from the DB server to the key server were authentic and could be trusted?

  Read the article

• Problems when trying to submit iphone app

  - by ryug

  I'm a fairly new developer. When I try to submit my iphone app with xcode, I've got error as follows; Code Sign error: The identity 'iPhone Distribution' doesn't match any valid, non-expired certificate/private key pair in the default keychain After searching, I found out that I have to create a Distribution Provisioning Profile. However, my distribution provisioning profile doesn't work, even though my Development Provisioning Profile works perfectly. Could someone please help me with this problem? I'm stuck all day... and please forgive me that my English is not great. Thank you in advance.

  Read the article

• Check Your LIC Policy Status Through SMS

  - by Suganya

  Most of us in India hold at least one Life Insurance Policy today. While we all know everything gets computerized these days, LIC also supports payment via internet. You can view details about how payment is made through internet here. Few years back LIC started supporting SMS’es as well. Now you really don’t need to have internet rather check your LIC policy status while on road by sending just one SMS to 56677. Now that we know LIC answers to our SMS, lets see the format in which we have to send our SMS and their meaning. The format in which the SMS has to be sent is ASKLIC <Policy No> [PREMIUM/REVIVAL/BONUS/LOAN/NOM] Send any one of the following [PREMIUM/REVIVAL/BONUS/LOAN/NOM] to get the details. For instance, If you send ASKLIC <Policy No> Premium , it would return your Installment premium under policy ASKLIC <Policy No> Revival , it would check If policy is lapsed and return revival amount payable ASKLIC <Policy No> Bonus , it would check and return the amount of Bonus invested ASKLIC <Policy No> Loan , it would check and return the amount available as Loan ASKLIC <Policy No> NOM , it would check and return the details of Nomination Also, as everyone knows there are lots of pension schemes as well available in LIC and if one is interested in getting the pension details, then the format for sending the SMS is LICPension <Policy No> [STAT /ECDUE/ANNPD/PDTHRU/AMOUNT/CHQRET] For instance, If you send LICPension <Policy No> STAT gives you the IPP Policy status details LICPension <Policy No> ECDUE gives you the existence certificate due details LICPension <Policy No> ANNPD gives you the last annuity released date LICPension <Policy No> CHQ/ECS/NEFT (PDTHRU) gives the details about annuity payment through LICPension <Policy No> AMOUNT gives details about annuity amount LICPension <Policy No> CHQRET gives details about cheque return information Just with one SMS get all your policy details and make life easier. Each SMS that you send would be charged depending on your service provider. This article titled,Check Your LIC Policy Status Through SMS, was originally published at Tech Dreams. Grab our rss feed or fan us on Facebook to get updates from us.

  Read the article

< Previous Page | 85 86 87 88 89 90 91 92 93 94 95 96  | Next Page >