Search Results

Search found 8253 results on 331 pages for 'secure coding'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 176/331 | < Previous Page | 172 173 174 175 176 177 178 179 180 181 182 183  | Next Page >

  • Industry Standard DNS & Authentication?

    - by James Murphy
    I'm just curious as to what is considered industry standard when it comes to doing DNS and authentication on an environment with mainly linux machines? Do people use Windows DNS & Windows AD to do it all if they have at least one windows server (well - alot might, but should they)? Does ANYONE use hosts files or local only user accounts on each server? What would people like Facebook/Google use for their DNS and authentication on their servers? We have an environment where we have about 10-15 linux servers and 1-2 windows servers. We are currently using Windows AD and Windows DNS but it doesn't seem like it's the most secure/stable/scalable way to do it for a mainly linux environment? We use RHEL as our linux environment.

    Read the article

  • Using mod_wsgi with mpm_itk: socket permission issue

    - by djechelon
    I'm using mod_itk as MPM for increased security in shared environment. I also have a Firefox Sync Server within one of the VHosts I host. That vhost is restricted to a certain user via AssignUserId user group. The problem is that the socket /var/run/wsgi...whatever.sock is chmodded srwx------ and owned by Apache's wwwrun. While I configured the vhost with WSGIProcessGroup sync WSGIDaemonProcess sync user=djechelon group=djechelon processes=1 threads=5 I still get the error that Apache wants to access a socket that is not accessible and because of this gets an error. Is it possible to configure mod_wsgi in order to create different sockets with different owners for different applications or to chmod its socket in a different way (less secure)? Currently, I'm running Firefox Sync as the only WSGI application. Moving it to a vhost that doesn't AssignUserId could solve this problem but will force me to change URL (and buy an additional SSL certificate), so I wouldn't consider this

    Read the article

  • Stop a particular key getting captured by rdesktop

    - by user18151
    Hello, I want F12 to be not capture by my rdesktop while in fullscreen, so that I can do whatever stuff I'm doing on my remote Windows computer, but pressing F12 would bring down yakuake, and I can type down my commands, or use vim etc for whatever I'm doing. Is there any possible way to do this? I tried playing with keymaps, but that didn't help. I set F12 to inhibit, but that seems to have stopped sending F12 altogether, rather than let gnome catch it and let yakuake pop up. Would be really grateful for answers. I am ready to do my homework, if someone could please just give me pointers etc. Thanks :). Sidenote: My current arranement stems from my large monitor in lab, and small personal laptop monitor, and the laptop has Windows 7. My lab computer has Linux, on which I do my coding work.

    Read the article

  • Protecting Windows SMTP service against the spam

    - by MainMa
    Hi, I'm trying to use a Windows SMTP service on Windows Server 2008, but I can't understand how to secure it. Basically, if I open firewall for local network IPs only for %windir%\system32\inetsrv\inetinfo.exe and keep Connection and Relay settings of SMTP Virtual Server to "All except the list below" (with an empty list), a few minutes later I see spam appearing in Queue directory. (Why? Isn't firewall intended to block this?) Now, if I set Connection or Relay to "Only the list below", specifying the range of local IPs, I can't use the SMTP server nevermore (a "Unable to read data from the transport connection: net_io_connectionclosed." exception is thrown). So what is the way to get rid of spam from internet but let send mails from local network?

    Read the article

  • Customize autoindent settings in VIMRC file

    - by Shane Reustle
    I have autoindent enabled in my .vimrc file but have run into an annoying bug/feature. For example, when I'm tabbed in 3 times, and I hit return, the new line is also tabbed in 3 times. Then when I hit enter again, that new line is also indented 3 times, as it should. The problem occurs when I go back up to the previous line (the first of the 2 new lines). VIM automatically removes the whitespace because it saw it as an empty line. Is there a way to disable this from happening? I'd like to be able to back to coding like this: function test(){ <return> <return> } <up> <right> Thanks!

    Read the article

  • SSH and Active Directory authentication

    - by disserman
    Is it possible to set up Linux (and Solaris) SSH server to authenticate users in this way: i.e. user john is a member of the group Project1_Developers in the Active Directory. we have something on the server A (running Linux, the server has an access to the AD via i.e. LDAP) in the SSH server LDAP (or other module) authentication config like root=Project1_Developers,Company_NIX_Admins. when john connects to the server A using his username "john" and domain password, the server checks the john's group in the domain and if the group is "Project1_Developers" or "Company_NIX_Admins", makes him locally as a root with a root privileges. The idea is also to have only a "root" and a system users on the server, without adding user "john" to all servers where John can log in. Any help or the idea how to make the above or something similar to the above? Preferred using AD but any other similar solution is also possible. p.s. please don't open a discussions is it secure to login via ssh as root or not, thanks :)

    Read the article

  • Allow users to view Word documents only and not be able to edit, copy or save them.

    - by Alexander
    Hello In a traditional Windows Server 2003 environment with AD, we have shared a folder for our policy documents (MS Word). These documents get edited/updated now and then by the administrator(principal of college). Users only have read-only access to the folder, but they can still save-as and then change the content. Sharepoint is a possible solution but not easy to implement. We also thought of using a CMS on Linux and installing Joomla to let users only view the docs with a document management system... but is it possible to automatically retrieve the policy folder on the network and convert or put it in a format that users can only view and not copy? We also thought of saving the docs to secure pdf format but the principal wants an automated system. Basically she just wants to work in Word and the policies must be available to staff members on the network. Any ideas? Much appreciated.

    Read the article

  • Send encrypted mail using GPG by command-line?

    - by Mohammad AL-Rawabdeh
    A few days ago I asked about how I can secure email and many people advised me to use PGP tool, and I read about it and I use it. Now I want to write a batch file to send encrypted email with attachments. I know how I can generate key, exchange key with other side and encrypt email with PGP mail but until now I don't know how I can integrate PGP tool with my mail and how I can send the encrypted email. In other words, how can I send encrypted email that encrypts with PGP tool to other side by command line (batch file)?

    Read the article

  • how to connect public web server to internal LAN

    - by DefSol
    I have a VPS which is my public web server for all my clients. It's running server 2008 and I would like to have it connect via secure connection to my internal LAN. I would like this to be a route so access is bi-derectional. Have read about Server & Domain isolation, but am concerned this may prevent public views to the webs sites on the server. I currently have a PPTP tunnel, but I'm wanting better security (IPSec or SSL etc) and it's not given my bi derectional access. (In fact my backups aren't copying accross but this could be an acl issue) The goal is to provide easy/automated backups of data & sql db's to my internal LAN, as well as a means to provision new sites & db's from a workflow occuring internally. Internal lan is windows based with ISA 2006 at the perimeter. Thanks

    Read the article

  • What is the impact of Windows 8 with UEFI on normal users?

    - by Sam
    I am a normal man-in-the-street computer user and so do not really understand what this is about, but I want to. Can someone please explain to me if: The Windows 8/UEFI secure boot thing will make it impossible to run normal/legacy applications in Windows 8 (as they will be unsigned)? It will turn Windows into an Apple-like system where only Microsoft approved applications can be run? As I say, I'm a normal user, and that is the overall impression I have from reading all the blogs, etc about it. If, on the other hand, all it does is make sure the system is booting a signed OS, how does this prevent malware (which is what at least two Microsoft blogs that I read seemed to be saying), given that most malware is not part of the boot process? The only way I can see this making sense is if it is ensuring that all OS components are signed. Is that it? Like I say, I'm a mortal, so please don't get technical on me, but rather explain how it will affect me, the user.

    Read the article

  • Multiple client connecting to master MySQL over SSL

    - by Bastien974
    I successfully configured a MySQL replication over SSL between 2 servers accross the internet. Now I want a second server in the same location as the replication slave, to open a connection to the master db over ssl. I used the same command found here http://dev.mysql.com/doc/refman/5.1/en/secure-create-certs.html to generate a new set of client-cert.pem and client-key.pem with the same master db ca-cert/key.pem and I also used a different Common Name. When I try to initiate a connection between this new server and the master db, it fails : mysql -hmasterdb -utestssl -p --ssl-ca=/var/lib/mysql/newcerts/ca-cert.pem --ssl-cert=/var/lib/mysql/newcerts/client-cert.pem --ssl-key=/var/lib/mysql/newcerts/client-key.pem ERROR 2026 (HY000): SSL connection error It's working without SSL.

    Read the article

  • SQL Server Management Studio Connect to Server List Editing

    - by Paul Farry
    I'm using SQLServer Management Studio (2005) and I have a fairly lengthy list of servers in there, and I'd like to get rid of some of them that are no longer in use, without having to set them all up again. I know that the C:\Users\*\AppData\Roaming\Microsoft\Microsoft SQL Server\90\Tools\Shell\mru.dat can be deleted and this will remove ALL the entries, but is there anyway to just delete some of them? (Coding info) I looked at the file and it is a serialised blob from the Microsoft.SqlServer.Express.ConnectionDlg.dll (Class Personalization) in the Appplication directory, but all the methods are private. So I can't just create an instance of this and then call Remove on the entries. Update I have written an Article on CodeProject explaining How this can be achieved. http://www.codeproject.com/KB/vb/AlterSQL2005MRU.aspx

    Read the article

  • Citrix Access Gateway not redirecting to login URL

    - by Dave
    We have an older setup for XenApp - users log in through Citrix Secure Gateway running on a windows box. (We hope to start using a NetScaler soon.) Earlier today, connections to https://citrix.company.com/ starting throwing up a 503 error page, instead of redirecting to https://citrix.company.com/Citrix/XenApp/ If you go directly to the /Citrix/Xenapp/ URL, the user is properly directed to the login page, and can launch apps. We've restarted the service, and rebooted the server. We haven't yet tried uninstalling and reinstalling the software. Before we do this, I'm looking for ideas as to how we can get the redirect working again without a fairly major outage window. To make things more interesting, many of our users have Citrix Receiver installed, also pointed at https://citrix.company.com/. Receiver makes itself the default launcher for ICA files, and gives a connection error when it tries to load apps - probably because of the same non-functional rediect?

    Read the article

  • What requirements does an IT department work space need?

    - by Rob
    Hello all, i need to provide a list of workspace requirements to the IT director for my network operations team. So far I got Secure workspace - so nothing gets stolen and people cant come up to us asking for support (they need a ticket from the helpdesk) Quite area - so that we can work and not be disturbed by the loud project managers who play soccer in the office sometimes. A large table or desk where we can setup and or config systems and servers if needed. What else do we need? Thanks in advance.

    Read the article

  • Windows service running under network credentials doesn't autostart

    - by David Alpert
    I have a Subversion Server running as a resident service on a Windows XP Pro machine. That service needs to access a secure network fileshare, so I used the Services-Properties-Log On tab to tell the service to run as a user who has access to the target fileshare. That works out fine until the machine restarts, when the service fails to autostart. I am able to start it manually by logging in, going back to that Services-Properties-Log On tab and reconfiming the explicit credentials. Do I have to manually start this service under alternate credentials every time the machine reboots? Is there something else I can do to make sure that my Subversion server service autostarts with proper access to authenticate against this network share?

    Read the article

  • Why isn't this javascript with else if working?

    - by Uni
    I'm sorry I can't be any more specific - I have no idea where the problem is. I'm a total beginner, and I've added everything I know to add to the coding, but nothing happens when I push the button. I don't know at this point if it's an error in the coding, or a syntax error that makes it not work. Basically I am trying to get this function "Rip It" to go through the list of Dewey decimal numbers, change some of them, and return the new number and a message saying it's been changed. There is also one labeled "no number" that has to return an error (not necessarily an alert box, a message in the same space is okay.) I am a total beginner and not particularly good at this stuff, so please be gentle! Many thanks! <!DOCTYPE html> <html> <head> <script type="text/javascript"> function RipIt() { for (var i = l; i <=10 i=i+l) { var dewey=document.getElementById(i); dewey=parseFloat(dewey); if (dewey >= 100 && 200 >= dewey) { document.getElementById('dewey'+ 100) } else if (dewey >= 400 && 500 >= dewey) { document.getElementById('dewey'+ 200) } else if (dewey >= 850 && 900 >= dewey) { document.getElementById('dewey'-100) } else if (dewey >= 600 && 650 >= dewey) { document.getElementById('dewey'+17) } } } </script> </head> <body> <h4>Records to Change</h4> <ul id="myList"> <li id ="1">101.33</li> <li id = "2">600.01</li> <li id = "3">001.11</li> <li id = "4">050.02</li> <li id = "5">199.52</li> <li id = "6">400.27</li> <li id = "7">401.73</li> <li id = "8">404.98</li> <li id = "9">no number</li> <li id = "10">850.68</li> <li id = "11">853.88</li> <li id = "12">407.8</li> <li id = "13">878.22</li> <li id = "14">175.93</li> <li id = "15">175.9</li> <li id = "16">176.11</li> <li id = "17">190.97</li> <li id = "18">90.01</li> <li id = "19">191.001</li> <li id = "20">600.95</li> <li id = "21">602.81</li> <li id = "22">604.14</li> <li id = "23">701.31</li> <li id = "24">606.44</li> <li id = "25">141.77</li> </ul> <b> </b> <input type="button" value="Click To Run" onclick="RipIt()"> <!-- <input type="button" value="Click Here" onClick="showAlert();"> --> </body> </html>

    Read the article

  • sSMTP Configuration Question

    - by SevenCentral
    I've installed sSMTP on Ubuntu 10.04 via: sudo apt-get install ssmtp My configuration file is: # # Config file for sSMTP sendmail # # The person who gets all mail for userids < 1000 # Make this empty to disable rewriting. [email protected] # The place where the mail goes. The actual machine name is required no # MX records are consulted. Commonly mailhosts are named mail.domain.com mailhub=smtp.gmail.com:587 # Where will the mail seem to come from? #rewriteDomain= # The full hostname hostname=somedomain.com # Are users allowed to set their own From: address? # YES - Allow the user to specify their own From: address # NO - Use the system generated From: address #FromLineOverride=YES [email protected] authpass=**** usestarttls=yes Am I transmitting my credentials in clear text? Is calling ssmtp a secure operation? Thanks.

    Read the article

  • AFP / Apple Filling Protocol aka Netatalk access over Internet

    - by PJJ
    I got a simple cloud server and thought it would be nice to have mac native afp Volumes accesss. Installed Netatalk and this seems to work pretty nice. No sensitive data or something but I don't like to wake up someday and have my www docs rm-rfed by some kid h4x0r. Q1: Is afp encrypted? Q2: How can I make it (semi)secure? Q3: Does VPN makes sense for this? Q4: What would you do to get afp working over net? Opening any service meant for Lan only is a basic flaw, i know - but me be ignorant about it. According to Apple Dev only the authentication is encrypted or am I mssing something?

    Read the article

  • How to setup a reliable SMTP server on Windows Server 2008 R2

    - by everwicked
    I know there are SMTP services out there which you can pay to send e-mails with but surely it's not that difficult to set up one of your own. How can I set up an SMTP server on Windows Server 2008 R2 that is: - Secure; only authorized users/hostnames/etc can send mail - Reliable; e-mails don't get lost - Not treated as spam; when e-mails are received from say gmail/outlook/hotmail they don't go straight to junk ** ** I understand this depends both on the server+e-mail headers AND e-mail content - I'm looking to safeguard the server part. Thanks!

    Read the article

  • php, mySQL & AJAX: Unable to use sessions across the scripts in the same domain

    - by Devner
    Hi all, I have the following pages: page1.php, page2.php and page3.php. Code in each of them is as below CODE: page1.php <script type="text/javascript"> $(function(){ $('#imgID').upload({ submit_to_url: "page2.php", file_name: 'myfile1', description : "Image", limit : 1, file_types : "*.jpg", }) }); </script> <body> <form action="page3.php" method="post" enctype="multipart/form-data" name="frm1" id="frm1"> //Some other text fields <input type="submit" name="submit" id="submit" value="Submit" /> </form> </body> page2.php <?php session_start(); $a = $_SESSION['a']; $b = $_SESSION['b']; $c = $_SESSION['c']; $res = mysql_query("SELECT col FROM table WHERE col1 = $a AND col2 = $b AND col3 = $c LIMIT 1"); $num_rows = mysql_num_rows($res); echo $num_rows; //echos 0 when in fact it should have been 1 because the data in the Session exists. //Ok let's proceed further //... Do some stuff... //Store some more values and create new session variables (and assume that page1.php is going to be able to use it) $_SESSION['d'] = 'd'; $_SESSION['e'] = 'e'; $_SESSION['f'] = 'f'; if (move_uploaded_file($_FILES['file']['tmp_name'], $file)) { echo "success"; } else { echo "error ".$_FILES['file']['error']; } ?> page3.php <?php session_start(); if( isset($_POST['submit']) ) { //These sessions are non-existent although the AJAX request //to page2.php may have created them when called via AJAX from within page1.php echo $_SESSION['d'].$_SESSION['e'].$_SESSION['f']; ?> } ?> As the code says it I am posting some info via AJAX call from page1.php to page2.php. page2.php is supposed to be able to use the session values from page1.php i.e. $_SESSION['a'], $_SESSION['b'] and $_SESSION['c'] but it does not. Why? How can I fix this? page2.php is creating some more sessions after some processing is done and a response is sent back to page1.php. The submit button of the form on page1.php is hit and the page gets POST'ed to page3.php. But when the SESSION info that gets created in page2.php is echoed, it's blank signifying that SESSIONS from page2.php are not used. How can I fix this? I looked over a lot of information and have spent about 50 hours trying to do different things with my scripts before arriving at the above conclusions. My app. is custom made using function (not OOPS) and does not use any PHP frameworks & I am not even about to use any as my knowledge of OOP concepts is limited any many frameworks are object oriented. I came across race conditions, but the solutions provided don't help too much. One more solution of using DB to hold sessions and seek and retrieve from DB is the last thing on my mind and I really want to avoid creating table, coding and maintaining code for a task as simple as just keeping sessions across pages in the same domain. So my request is: Is there a way that I can solve the above problem(s) via simple coding in present conditions? Any help is appreciated. Thank you.

    Read the article

  • Book recommendation for learning server management and Apache

    - by japancheese
    Hello, I'm currently managing a site that I feel could be optimized and utilized to be much faster, however, I'm having difficulty finding reliable information to do it. I find the Apache documentation to be a hard read, and too technical about things I don't have a strong grasp on. I'm just looking for a good beginner/intermediate book about server administration to learn as much as possible about Apache, as well as how to create a nice secure, robust server that doesn't crash at the first hint of unusual traffic surges. Thanks to anyone who can point me in the right direction.

    Read the article

  • Create and use intermediate certificate authority on Windows Server 2012?

    - by Sid
    Background: Server OS is Windows Server 2012. GUI is installed as we come upto speed with powershell. Setup is staging, not production (yet). We have our (internal, domain limited) Root CA installed. I would like to take the Root CA offline to secure storage but before that I'd like to setup an intermediate CA which can take over actual live, online (int-RA-net) functionality Can someone guide me covering: creating the intermediate CA certificate request installing the intermediate CA certificate on domain controller (certification authority role already installed with Root CA online right now) use the intermediate CA to generate a certificate (any use certificate, just for demonstration purposes) Obviously this certification chain would be invalid on computers outside our domain (self trusted root - our root certificate is NOT from common 3rd parties). This last point is NOT a problem.

    Read the article

  • Installing httpssl module on a running NGINX server

    - by Rob
    Hi, New to NGINX, we inherited a project that runs Django/FCGI/NGINX on a hosted RHEL box. A requirement has come in that the site now needs to have ssl enabled. Client was pretty sure the person who had built the site had made it so they could use ssl. I backed up the conf file, added the server block for the ssl instance and tried to reload. Reload failed because it didn't recognize the ssl in this line: ssl on; Not an NGINX expert, but the David Caruso in me tells me that the server (sunglasses on) is not secure. I know that you need to configure NGINX at install with this module. If this didn't happen, how hard/risky is it to reconfigure a running nginx box with this module given that we didn't configure it in the first place.

    Read the article

  • What are some good methods to improve personal password management?

    - by danilo
    I want to improve my personal password management. I usually use secure passwords, but overuse them for too many different places. My questions: What methods do you use to create passwords, e.g. for different online sites/logins? What methods do you use to remember those passwords? Memory? Pen&Paper? Software storage? Is there some good way to store my passwords somewhere, so I can always have access to them when I need them (e.g. a webbased solution on my own server) but at the same way keep them away from unwanted access? Edit: Someone on another site mentioned http://passwordmaker.org/. Have you had any good or bad experiences with that software?

    Read the article

  • Why am I getting a new session ID on every page fetch in my Perl WWW::Mechanize script?

    - by Phill Pafford
    So I'm scraping a site that I have access to via HTTPS, I can login and start the process but each time I hit a new page (URL) the cookie Session Id changes. How do I keep the logged in Cookie Session Id? #!/usr/bin/perl -w use strict; use warnings; use WWW::Mechanize; use HTTP::Cookies; use LWP::Debug qw(+); use HTTP::Request; use LWP::UserAgent; use HTTP::Request::Common; my $un = 'username'; my $pw = 'password'; my $url = 'https://subdomain.url.com/index.do'; my $agent = WWW::Mechanize->new(cookie_jar => {}, autocheck => 0); $agent->{onerror}=\&WWW::Mechanize::_warn; $agent->agent('Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.3) Gecko/20100407 Ubuntu/9.10 (karmic) Firefox/3.6.3'); $agent->get($url); $agent->form_name('form'); $agent->field(username => $un); $agent->field(password => $pw); $agent->click("Log In"); print "After Login Cookie: "; print $agent->cookie_jar->as_string(); print "\n\n"; my $searchURL='https://subdomain.url.com/search.do'; $agent->get($searchURL); print "After Search Cookie: "; print $agent->cookie_jar->as_string(); print "\n"; The output: After Login Cookie: Set-Cookie3: JSESSIONID=367C6D; path="/thepath"; domain=subdomina.url.com; path_spec; secure; discard; version=0 After Search Cookie: Set-Cookie3: JSESSIONID=855402; path="/thepath"; domain=subdomain.com.com; path_spec; secure; discard; version=0 Also I think the site requires a CERT (Well in the browser it does), would this be the correct way to add it? $ENV{HTTPS_CERT_FILE} = 'SUBDOMAIN.URL.COM'; ## Insert this after the use HTTP::Request... Also for the CERT In using the first option in this list, is this correct? X.509 Certificate (PEM) X.509 Certificate with chain (PEM) X.509 Certificate (DER) X.509 Certificate (PKCS#7) X.509 Certificate with chain (PKCS#7)

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 172 173 174 175 176 177 178 179 180 181 182 183  | Next Page >