Search Results

Search found 6535 results on 262 pages for '3d secure'.

Page 173/262 | < Previous Page | 169 170 171 172 173 174 175 176 177 178 179 180 | Next Page >

the right way to do deployment with capistrano

- by com

I look for good practices for deploying with capistrano. I would like to start out with a short description how I used to do deployment. capistrano is installed locally on a developer's computer. I deploy thought gateway with capistrano option :gateway. Firstly, I thought that with :gateway option I need to have ssh connection only to gateway host, but it turns out that I need ssh connection (public key) to all hosts where I want to deploy to. I would like to find a convenient and secure way to deploy application. For example, in case when new developer starts working, is much more convinient to put his *public_key* only on gateway server and not on all applications servers. On the other hand I don't want him to have any connection to servers in particular ssh to gateway, just because he is developer, he needs to do only deployments. If you are aware of good practices for deploying with capistrano, please, let us know.

Read the article
How to manipulate and print a chart in MS Excel from AppleScript?

- by Stu Thompson

With an existing chart in a MS Excel for Mac 2008, in AppleScript, I am trying to do two things: Rotate a 3D chart 1° Save the chart as a image (png) From what I've found on the Intertubes, it seems possible. But AppleScript's awkward verbosity and the lack of non-trivial MS Excel AppleScript examples on the web are too much for me to overcome. Just for the saving part, this is what I have so far: tell application "Microsoft Excel" activate object worksheet "iozone-16" set cht to chart object 1 of active sheet tell cht #save as chart object [picture type enumeration] [file name Unicode text] #Argh!!! end tell end tell The 'rotate 1°' task seems to involve "internal objects", but that is as far as I've gotten.

Read the article
Linux laptop encryption

- by kaerast

What are my options for encrypting the /home directories of my Ubuntu laptops? They are currently setup without any encryption and some have /home as a separate partition whilst others don't. Most of these laptops are single-user standalone laptops which are out on the road a lot. Is ecryptfs and the encrypted Private directory good enough or are there better, more secure, options? If somebody got hold of the laptop, how easy would it be for them to gain access to the encrypted files? Similar questions for encrypted lvm, truecrypt and any other solution I may not be aware of.

Read the article
NullPointerException in webview.java (android.webkit.WebView$PrivateHandler.handleMessage)

- by PacificSky

Every few days I get a crash report for my application with the following stack trace, or small variants thereof (with different line numbers based on different android versions) java.lang.NullPointerException at WebView.java:8241:in `android.webkit.WebView$PrivateHandler.handleMessage' Handler.java:99:in `android.os.Handler.dispatchMessage' Looper.java:150:in `android.os.Looper.loop' ActivityThread.java:4293:in `android.app.ActivityThread.main' Method.java:-2:in `java.lang.reflect.Method.invokeNative' Method.java:507:in `java.lang.reflect.Method.invoke' ZygoteInit.java:849:in `com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run' ZygoteInit.java:607:in `com.android.internal.os.ZygoteInit.main' NativeStart.java:-2:in `dalvik.system.NativeStart.main' This specific stack was on Android 2.3.4 on a HTC EVO 3D PG86100 device. My app does host several webviews for some oAuth-related login scenarios. How should I go about trying to figure out how to fix this? I've tried looking on grepcode to find the source, but I'm unable to find a matching line number that makes sense. Is my Grepcode-fu weak?

Read the article
Are there any FIPS-140-2 certified solutions for Linux?

- by Mark Renouf

I'm not even 100% certain what this involves, but my current understanding is this: use of only approved cryptographic algorithms for network traffic (easy, we use SSL and lock down the algorithms to only the really strong ones). Some form of physical data protection, involving disk encryption and physical tamper evident packaging. Obviously we're on our own if we need a tamper-proof product. But what about software for encrpytion. My guess is just using LUKS (although secure) will not be certified because it's open source (gov't seems a bit biased towards proprietary solutions here). Guardian Edge was mentioned by someone, but that appears to be complete Windows-based. So we need something like it, certified FIPS-140 compliant we can use on Linux.

Read the article
Disabling weak ciphers on Windows 2003

- by Kev

For PCI-DSS compliance you have to disable weak ciphers. PCI-DSS permits a minimum cipher size of 128 bits. However for the highest score (0 I believe) you should only accept 168 bit ciphers but you can still be compliant if you permit 128 bit ciphers. The trouble is that when we disable all but 168 bit encryption it seems to disable both inbound and out bound secure channels. For example we'd like to lock down inbound IIS HTTPS to 168 bit ciphers but permit outbound 128 bit SSL connections to payment gateways/services from service applications running on the server (not all payment gateways support 168 bit only we just found out today). Is it possible to have cipher asymmetry on Windows 2003? I am told it is all or nothing.

Read the article
Error pushing to remote with git

- by pcm2a

I have a fresh Centos 6 server stood up and I have installed git version 1.7.1 through yum. I am using the smart http method through apache for access. When I try to push to the remote server this is what I get: $ git push origin master Password: Counting objects: 6, done. Compressing objects: 100% (3/3), done. Writing objects: 100% (6/6), 436 bytes, done. Total 6 (delta 0), reused 0 (delta 0) error: unpack failed: index-pack abnormal exit I have tried these things which made no difference: chown -R apache:apache /path/to/git/repository (httpd runs as apache) chown -R apache:users /path/to/git/repository chmod -R 777 /path/to/git/repository (obviously not secure but wanted to eliminate this being a file permission problem) What can I try to get pushing to work?

Read the article
Server removes all custom HTTP header fields

- by MartinMoizard

Hello, I've been trying to receive HTTP requests with custom fields in the headers but it seems like my server removes them... I printed the headers of the request when I arrive on my page.php. I see that : body uri http://url.com/oauth.php/request_token parameters headers Array ....*/* ....gzip, deflate ....en-us ....keep-alive ....s320650601.onlinehome.fr ....DearStranger/1.0 CFNetwork/485.12.7 Darwin/10.6.0 method POST when I should be seeing that (it is working on a local version) body uri http://localhost:8888/oauth.php/request_token parameters headers Array ....*/* ....gzip, deflate ....en-us ....OAuth realm="", oauth_consumer_key="582d95bd45d455fa2e5819f88fc0c5a104d2c7ff3", oauth_signature_method="HMAC-SHA1", oauth_signature="7mKKzEw0Clv237nBHFzcTcA3SCE%3D", oauth_timestamp="1295267612", oauth_nonce="C546644E-8918-4FA3-A2A0-DAADCF7D1E5A", oauth_version="1.0" ....keep-alive ....0 ....localhost:8888 ....DearStranger/1.0 CFNetwork/485.12.7 Darwin/10.6.0 method POST I am using php 5.2.17 on the server. Do you have any idea to help my fix that issue? Thanks!

Read the article
Paypal Express Checkout api credentials - How to store them properly?

- by Sequence

I've been searching the internet and I've come up with a lot of answers of how to store paypal API credentials(Used in Paypal Express Checkout.) They say to hash the credentials using salt. But what I don't understand is how and where to store the salt. If they get access to the salt, can't they just un-hash the credentials? That doesn't seem very secure to me. They say not to hard-code the API credentials, but any other way still seems really vulnerable. Thanks for taking the time to look at my questions. I'd really appreciate help.

Read the article
Top ten security tips for non-technical users

- by Justin

I'm giving a presentation later this week to the staff at the company where I work. The goal of the presentation is to serve as a refresher/remidner of good practices that can help keep our network secure. The audience is made up of both programmers and non-technical staff, so the presentation is geared for non-technical users. I want part of this presentation to be a top list of "tips". The list needs to be short (to encourage memory) and be specific and relevant to the user. I have the following five items so far: Never open an attachment you didn't expect Only download software from a trusted source, like download.com Do not distribute passwords when requested via phone or email Be wary of social engineering Do not store sensitive data on an FTP server Some clarifications: This is for our work network These need to be "best practices" tips for the end-user, not IT policy We have backups, OS patches, firewall, AV, etc, all centrally managed This is for a small business (less than 25 people) I have two questions: Do you suggest any additional items? Do you suggest any changes to existing items?

Read the article
How do I configure OpenVPN for accessing the internet with one NIC?

- by Lekensteyn

I've been trying to get OpenVPN to work for three days. After reading many questions, the HOWTO, the FAQ and even parts of a guide to Linux networking, I cannot get my an Internet connection to the Internet. I'm trying to set up a OpenVPN server on a VPS, which will be used for: secure access to the Internet bypassing port restrictions (directadmin/2222 for example) an IPv6 connection (my client does only have IPv4 connectivity, while the VPS has both IPv4 and native IPv6 connectivity) (if possible) I can connect to my server and access the machine (HTTP), but Internet connectivity fails completely. I'm using ping 8.8.8.8 for testing whether my connection works or not. Using tcpdump and iptables -t nat -A POSTROUTING -j LOG, I can confirm that the packets reach my server. If I ping to 8.8.8.8 on the VPS, I get an echo-reply from 8.8.8.8 as expected. When pinging from the client, I do not get an echo-reply. The VPS has only one NIC: etho. It runs on Xen. Summary: I want to have a secure connection between my laptop and the Internet using OpenVPN. If that works, I want to have IPv6 connectivity as well. Network setup and software: Home laptop (eth0: 192.168.2.10) (tap0: 10.8.0.2) | | (running Kubuntu 10.10; OpenVPN 2.1.0-3ubuntu1) | wifi | router/gateway (gateway 192.168.2.1) | INTERNET | VPS (eth0:1.2.3.4) (gateway, tap0: 10.8.0.1) (running Debian 6; OpenVPN 2.1.3-2) wifi and my home router should not cause problems since all traffic goes encrypted over UDP port 1194. I've turned IP forwarding on: # echo 1 > /proc/sys/net/ipv4/ip_forward iptables has been configured to allow forwarding traffic as well: iptables -F FORWARD iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT iptables -A FORWARD -j DROP I've tried each of these rules separately without luck (flushing the chains before executing): iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j SNAT --to 1.2.3.4 iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE route -n before (server): 1.2.3.4 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 1.2.3.4 0.0.0.0 UG 0 0 0 eth0 route -n after (server): 1.2.3.4 0.0.0.0 255.255.255.0 U 0 0 0 eth0 10.8.0.0 0.0.0.0 255.255.255.0 U 0 0 0 tap0 0.0.0.0 1.2.3.4 0.0.0.0 UG 0 0 0 eth0 route -n before (client): 192.168.2.0 0.0.0.0 255.255.255.0 U 2 0 0 wlan0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlan0 0.0.0.0 192.168.2.1 0.0.0.0 UG 0 0 0 wlan0 route -n after (client): 1.2.3.4 192.168.2.1 255.255.255.255 UGH 0 0 0 wlan0 10.8.0.0 0.0.0.0 255.255.255.0 U 0 0 0 tap0 192.168.2.0 0.0.0.0 255.255.255.0 U 2 0 0 wlan0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlan0 0.0.0.0 10.8.0.1 128.0.0.0 UG 0 0 0 tap0 128.0.0.0 10.8.0.1 128.0.0.0 UG 0 0 0 tap0 0.0.0.0 192.168.2.1 0.0.0.0 UG 0 0 0 wlan0 SERVER config proto udp dev tap ca ca.crt cert server.crt key server.key dh dh1024.pem server 10.8.0.0 255.255.255.0 push "redirect-gateway def1" ifconfig-pool-persist ipp.txt keepalive 10 120 tls-auth ta.key 0 comp-lzo user nobody group nobody persist-key persist-tun log-append openvpn-log verb 3 mute 10 CLIENT config dev tap proto udp remote 1.2.3.4 1194 resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert client.crt key client.key ns-cert-type server tls-auth ta.key 1 comp-lzo verb 3 mute 20 traceroute 8.8.8.8 works as expected (similar output without OpenVPN activated): 1 10.8.0.1 (10.8.0.1) 24.276 ms 26.891 ms 29.454 ms 2 gw03.sbp.directvps.nl (178.21.112.1) 31.161 ms 31.890 ms 34.458 ms 3 ge0-v0652.cr0.nik-ams.nl.as8312.net (195.210.57.105) 35.353 ms 36.874 ms 38.403 ms 4 ge0-v3900.cr0.nik-ams.nl.as8312.net (195.210.57.53) 41.311 ms 41.561 ms 43.006 ms 5 * * * 6 209.85.248.88 (209.85.248.88) 147.061 ms 36.931 ms 28.063 ms 7 216.239.49.36 (216.239.49.36) 31.109 ms 33.292 ms 216.239.49.28 (216.239.49.28) 64.723 ms 8 209.85.255.130 (209.85.255.130) 49.350 ms 209.85.255.126 (209.85.255.126) 49.619 ms 209.85.255.122 (209.85.255.122) 52.416 ms 9 google-public-dns-a.google.com (8.8.8.8) 41.266 ms 44.054 ms 44.730 ms If you have any suggestions, please comment or answer. Thanks in advance.

Read the article
Wired network on computer to wifi

- by user329592

I just got myself a wifi capable cell phone, but I dont have a wireless internet at home. I do have a wired unlimited internet connection on my computer, and I wonder whether there is any gadget that I can plug into my computer (maybe at the usb port?) with which I can turn my computer into a wifi access point? I mean, a dongle or something which will enable me to connect my phone to my computer's internet through wi-fi? Also, I dont know anything about networking, so would it be hard for me to set up a secure wifi point? Thank you for reading this question through. Hope I can buy some sort of adapter which is comparitively cheap.

Read the article
Map API with Building Elevation Data

- by Laserallan

Hi! I'm looking for a map API where I can get detailed elevation for points. I'm not looking elevation differences for certain paths along roads on the map but actual building heights. Getting the the 3d meshes for buildings would also be fine since I can compute the height myself using that information. Does any of the map API's out there support giving out this kind of information? EDIT: Free API's are preferred but if that's not an option I'd like to hear about non free alternatives as well.

Read the article
NSD Daemon (DNS SERVER)

- by Catalin

While searching for a secure dns server I came across this http://www.nlnetlabs.nl/projects/nsd/ I was really impressed by what seemed to me the best option out there that's open source. One problem thought their 'tutorial' is really NOT noob friendly I have basic DNS knoledge but what's in there is out of my league. Any help in setting up this DNS server please ? I need to have multiple sites on this CentOs server I've recently got my hands on :). They also need to receive email. Details: I have a master host and would love to set this in the way described in the rows that follow: masterhost.com -> ns1.masterhost.com mail.masterhost.com www.masterhost.com addonhost.com -> ns1.masterhost.com mail.masterhost.com www.addonhost.com And so on, all answers and suggestions are welcomed, Thank you in advance.

Read the article
=~ (equal-sign tilde) and m" ... " in .htaccess directive [closed]

- by Lèse majesté

I saw this bit of code on an old forum post: SSLRequire %{HTTP_HOST} =~ m"\.secure\.powweb\.com" And I was just wondering what the =~ and m" ... " meant. I've been searching online and in the Apache documentation for any mention of the equal-sign tilde operator, but I've found no mention of it. I know that some directives can take a tilde to use a regular expression, but I've never seen the m" ... " form used before. What exactly is that m" ... " for? Where else would you see this form?

Read the article
How to keep Flash secured with EMET?

- by Indrek

I use EMET to secure a number of applications on my computer - web browsers, Office suite applications, PDF readers, as well as Adobe Flash. Overall it's working great, except that the Flash executables contain the version number in the file name, so every time there's an update, the file names change and I have to remember to re-add them manually to EMET. Is there a way to streamline this process? EMET does support wildcards, but only in the path itself, not the file name, so something like %windir%\system32\Macromed\Flash\*.exe wouldn't work. Is there any other way to add a whole folder to EMET so that any new executables in that folder are automatically secured?

Read the article
Why are Linux-based operating systems considered safer than Windows?

- by echoblaze

I hear that Linux-based systems are better for security. Apparently they don't have viruses and do not need antivirus software. Even my university claims this - they refuse to have Windows on their servers, which is a real shame because we wanted to use the .NET framework to create some websites. The only reason I can see Linux being safer is because it's open-source, so bugs theoretically would get caught and fixed sooner. I know a bit about how operating systems work, but haven't really delved into how Linux and Windows implement their OS. Can someone explain the difference that makes Linux-based systems more secure?

Read the article
Detecting man-in-the-middle attacks?

- by Ilari Kajaste

There seem to be many possible ways to create man-in-the-middle attacks on public access points, by stealing the access point's local IP address with ARP spoofing. The possible attacks range from forging password request fields, to changing HTTPS connections to HTTP, and even the recently discovered possibilit of injecting malicious headers in the beginning of secure TLS connections. However, it seems to be claimed that these attacks are not very common. It would be interesting to see for myself. What ways are there to detect if such an attack is being attempted by someone on the network? I guess getting served a plain HTTP login page would be an obvious clue, and of course you could run Wireshark and keep reading all the interesting ARP traffic... But an automated solution would be a tiny bit more handy. Something that analyzes stuff on the background and alerts if an attack is detected on the network. It would be interesting to see for myself if these attack are actually going on somewhere.

Read the article
Win7 to Win7 Remote Desktop Not working, Xp to 7 working fine

- by vlad b.

Hello, I have a small home network and recently i tried to enable remote desktop for one of the pc's. I have a mix of Windows 7, Windows Vista and Xp runing alongside ubuntu, centos and others (some virtual, some real). I have a few Windows 7 pc`s that can be connected to using remote desktop from inside and outside the network (port redirects on routers, etc, etc) and some Xp ones. The trouble is when i tried to do the same thing to a Win7 laptop i discovered i can't connect to it from another win7 pc inside the home network. To sum it up Working: xp -- win7 not working: win7 -- win7 What i tried - disable and enable remote desktop (my computer - remote settings) - removing and adding users to the remote settings window - adding a new user to the machine, administrator or 'normal' user - checking the firewall settings on the machine and set 'allow' to remote desktop for both 'home/work' and 'public'networks Any tips on what should i do next? It displays ' .. secure connection' and after that the window with 'Your security credentials did not work' and it lets me try again with another user/password..

Read the article
What is the difference between "su --command" and "su --session-command"?

- by oliver

Running # su - oliver --command bash gives a shell but also prints the warning bash: no job control in this shell, and indeed Ctrl+Z and fg/bg don't work in that shell. Running # su - oliver --session-command bash gives a shell without printing the warning, and job control indeed works. The suggestion to use --session-command comes from Starting a shell from scripts using su results in "no job control in this shell" which states "[a security fix for su] changed the behavior of the -c option and disables job control inside the called shell". But I still don't quite understand this. When should one use --command and when should one use --session-command? Is --command (aka -c) more secure? Or should one always use --session-command, and --command is just left in for backwards compatibility? FWIW, I'm using RHEL 6.4.

Read the article
PhysX for massive performance via GPU ?

- by devdude

I recently compared some of the physics engine out there for simulation and game development. Some are free, some are opensource, some are commercial (1 is even very commercial $$$$). Havok, Ode, Newton (aka oxNewton), Bullet, PhysX and "raw" build-in physics in some 3D engines. At some stage I came to conclusion or question: Why should I use anything but NVidia PhysX if I can make use of its amazing performance (if I need it) due to GPU processing ? With future NVidia cards I can expect further improvement independent of the regular CPU generation steps. The SDK is free and it is available for Linux as well. Of course it is a bit of vendor lock-in and it is not opensource. Whats your view or experience ? If you would start right now with development, would you agree with the above ? cheers

Read the article
Retrieve object from jquery in php script

- by majc

I'm trying to rebuild an object encoded with Json but i'm not getting any value. JQuery: $.post("views/insert_tasks.php",{ clickedRows : clickrows , <?php echo "tasks:'" . json_encode($tasks) . "'"; ?> }, function(data) { }); this is the PHPcode to retrieve the object: $tasks = json_decode(stripslashes($_POST['tasks']), true); $tasks is empty after execute the code above. This is what I'm getting with the $_POST['tasks']: [{"task_id":"1","description":"<p>Fazer heroi</p>","createdat":"Saturday 22nd of May 2010 11:37:37 PM","createdby":"Miguel Cardoso","max_requests":"2","max_duration":"5","job_id":"Concept Artist"},{"task_id":"2","description":"<p>teste2</p>","createdat":"Sunday 23rd of May 2010 11:23:55 AM","createdby":"Miguel Cardoso","max_requests":"2","max_duration":"5","job_id":"3D Modeller"},{"task_id":"3","description":"<p>teste3</p>","createdat":"Sunday 23rd of May 2010 11:45:39 AM","createdby":"Miguel Cardoso","max_requests":"1","max_duration":"10","job_id":"Writer"}] What I'm doing wrong?

Read the article
Finding out what user Apache is running as?

- by Anna

I want to secure a file upload directory on my server as described beautifully here, but I have one problem before I can follow these instructions. I don't know what user Apache is running as. I've found a suggestion that you can look in httpd.conf and there will be a "User" line, but there is no such line in my httpd.conf file, so I guess Apache is running as the default user. I can't find out what that is, though. So, my question is (are): how do I find out what the default user is do I need to change the default user if the answer is yes and I change the default user by editing httpd.conf, is it likely to screw anything up? Thanks! ----- UPDATE ------ Seems to have been answered here. Sorry, I got told off on StackOverflow and told to post it here, then posted it here, then it got answered on StackOverflow anyway!

Read the article
best ftp program (paid - not free)

- by Victor Kimura

Just would like some feedback on the best ftp program (not free). The requirements I'm looking for is: - secure ftp - for use on mac, linux, windows - backup utility with scheduler - for use on more than one computer (multi-license) I'm using wsftp from 2007 right now but it's only good for windows. It's license is only good for one computer. And after some vista updates it's making some strange noises. I tried to turn off the noise (via control panel) and it's still making that noise and I turned off the sound within wsftp too. I like the program but I think it's time to look for a new one. Thank you, Victor

Read the article
My website is infected with JS:ScriptIP-inf [Trj]

- by Rizwan Aaqil

I am using Network Solutions hosting. I was recently attacked with JS:Illredir-S [Trj], I asked my hosting providers to clean it and they cleaned it and updated all passwords, but now after a week my site got infected again with JS:ScriptIP-inf [Trj]. Can anyone please suggest me how to secure my website properly ? Should I change my hosting provider ? I am fed up of these viruses again and again on my websites. I can't even find this virus in my files. Please post informative answers. Thanks

Read the article

< Previous Page | 169 170 171 172 173 174 175 176 177 178 179 180 | Next Page >