Search Results

Search found 97980 results on 3920 pages for 'code security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 178/3920 | < Previous Page | 174 175 176 177 178 179 180 181 182 183 184 185  | Next Page >

  • How to force WinXP to ask for password before software installation/uninstall?

    - by crosenblum
    I really like some of the linux security measures it uses. So what i'd like to do is have WinXP Pro SP3 ask for my user password everytime i try to install/remove software. I know I can't make windows be as secure as linux, but i'd love to adopt some of the great ideas and measures used, as possible, to make windows more secure. Any suggestions? P.S. Are there other people out there, who try to make their windows feel more linux like? Just curious.

    Read the article

  • How can I secure Postgres for remote access when not in a private network?

    - by orokusaki
    I have a database server on a VMWare VM (Ubuntu 12.04.1 LTS server), and it just occurred to me that the server is accessible via the web, since the same physical server contains a VM that hosts public websites. My iptables in the database are such that only SSH traffic, loopback traffic, and TCP on port 5432 are allowed. I will only allow host access to the Postgres server from the IP of the other VM on the same physical machine. Does this seem sufficient for security, assuming there aren't gaping holes in my general OS configuration, or is Postgres one of those services that should never be web facing, (assuming there are some of "those"). Will I need to use hostssl instead of host in my pg_hba.conf, even though the data will travel only on my own network, presumably?

    Read the article

  • How do you think about an Application Generator? [closed]

    - by Mehdi Sheyda
    I'm designing an application-generating application. It is an application that takes the requirements of customer as inputs , analyzes the requirements, creates classes and produces program files in C#. I am at the beginning of this project and have a long way to go with this application. Do you have an experience with designing similar kinds of projects? What risks might I encounter with this project?

    Read the article

  • On an unencrypted public wi-fi hotspot, what exactly is a packet sniffer doing to get another computer's packet?

    - by hal10001
    I get mixed results when reading information security articles, some of them stating that in order to do something similar you need to also setup some sort of honeypot with a running access point and local Web server to intercept traffic. Then other articles seem to indicate you don't need that, and you can just run Wireshark, and it will detect all packets being sent on the network. How could that be, and what exactly is a packet sniffer doing to get those packets? Does this involve intercepting wireless signals transmitted over the wireless protocol and frequency via the NIC on the computer running a program like Wireshark?

    Read the article

  • Running .net application over a network

    - by Marlon
    Hello, I need some advice please. I need to enable a .Net application to run over a network share, the problem is that this will be on clients network shares and so the path will not be identical. I've had a quick look at ClickOnce and the publish options in VS2008 but it wants a specific network share location - and I'm assuming this location gets stored somewhere when it does its thing. At the moment the job is being done with a old VB6 application and so gets around all these security issues, but that application is poorly written and almost impossible to maintain so it really needs to go. Is it possible for the domain controller to be set up to allow this specific .Net application to execute? Any other options would be welcomed as I want to get this little application is very business critical. I aught to say that the client networks are schools, and thus are often quite locked down as are the client machines, so manually adding exceptions to each client machine is a big no no. Marlon

    Read the article

  • Apache proxy is modifying the HTTP status code

    - by jarnbjo
    I am using Apache as a proxy frontend for a Java web application, which is deployed on WebSphere. The web application is using custom status codes (55x) to signal specific errors to the clients. When accessing the web application directly through the WebSphere HTTP listener, everything works as expected, but when these requests are proxied through an Apache load balancer, the status codes are modified by Apache and replaced with a generic 500 error code (internal server error). In Apache's access.log, the correct status code is logged: <IP> - - [11/Nov/2011:17:24:53 +0100] "POST <URL> HTTP/1.1" 551 36 But the actual response received by the client starts like this (logged with tcpdump): HTTP/1.1 500 Internal Server Error ... Followed by the real status code in the response content: ... Error 551: Berichteter Fehler: 551 ... Is there an obvious reason for this behaviour or does someone have a suggestion on how to modify the Apache configuration to forward the "real" status code instead of 500?

    Read the article

  • Unit testing time-bound code

    - by maasg
    I'm currently working on an application that does a lot of time-bound operations. That is, based on long now = System.currentTimeMillis();, and combined with an scheduler, it will calculate periods of time that parametrize the execution of some operations. e.g.: public void execute(...) { // executed by an scheduler each x minutes final int now = (int) TimeUnit.MILLISECONDS.toSeconds(System.currentTimeMillis()); final int alignedTime = now - now % getFrequency() ; final int startTime = alignedTime - 2 * getFrequency(); final int endTimeSecs = alignedTime - getFrequency(); uploadData(target, startTime, endTimeSecs); } Most parts of the application are unit-tested independently of time (in this case, uploadData has a natural unit test), but I was wondering about best practices for testing time-bound parts that rely on System.currentTimeMillis() ?

    Read the article

  • Unexpected Access Denied error while accessing EFS encrypted file

    - by pozi
    I am getting Access Denied error when I try to access some files. ACL is OK, all ACE's all intherited, I have full access to these files and I am the owner of these files. ACE's are exactly same as other files in the same directory which are accessible without problems (doublechecked through Security Tab on file properties and cacls command). Files are EFS encrypted, however I should have access to these files, because they were encrypted by the same user account I am trying to access (decrypt) them. EFS settings are exactly same as other files in the same directory which are also encrypted and accessible without problems (doublechecked through cipher command and efsdump command (SysInternals)). In ProcMon utility (SysInternals) I am getting Access Denied entry while accessing these files. Files are not used (locked), checked by Unlocker utility. Up to now, I tought I understand NTFS ACL's and EFS mechanisms fairly well, but now I am completely stuck and I do not know how to access these files. Any thoughts?

    Read the article

  • Simple vs Complex (but performance efficient) solution - which one to choose and when?

    - by ManojGumber
    I have been programming for a couple of years and have often found myself at a dilemma. There are two solutions - one is simple one i.e. simple approach, easier to understand and maintain. It involves some redundancy, some extra work (extra IO, extra processing) and therefore is not the most optimal solution. but other uses a complex approach,difficult to implement, often involving interaction between lot of modules and is a performance efficient solution. Which solution should I strive for when I do not have hard performance SLA to meet and even the simple solution can meet the performance SLA? I have felt disdain among my fellow developers for simple solution. Is it good practice to come up with most optimal complex solution if your performance SLA can be met by a simple solution?

    Read the article

  • Is there a variable width font that does not change width when adding effects like bold, italic?

    - by George Bailey
    NetBeans has a word wrap feature now - but if the font changes width when bold then it gets all jumpy and sometimes hard to work with. Edit: It turns out that even with Courier New that NetBeans word wrap still jumps up and down lines at a time at random. I guess that this question no longer cares for an answer. However,, it seems that there is no answer. (at least nobody has brought one up yet) I am currently using Comic Sans MS which gets wider when bold.

    Read the article

  • Inspection, code review - is it really testing?

    - by user970696
    ISTQB, Wikipedia or other sources classify verification acitivities (reviews etc.) as a static testing, yet other do not. If we can say that peer reviews and inspections are actually a kind of a testing, then a lot of standards do not make sense (consider e.g. ISO which say that validation is done by testing, while verification by checking of work products) - it should at least say dynamic testing for validation, shouldn't it? I am completing master thesis dealing with QA and I must admit that I have never seen worse and more ambiguous and contradicting literature than in this field :/ Do you think (and if so, why) that static testing is a good and justifiable term or should we stick to testing and static checks/analysis?

    Read the article

  • Organizing ASP.Net Single Page Application with Nancy

    - by OnesimusUnbound
    As a personal project, I'm creating a single page, asp.net web application using Nancy to provide RESTful services to the single page. Due to the complexity of the single page, particularly the JavaScripts used, I've think creating a dedicated project for the client side of web development and another for service side will organize and simplify the development. solution | +-- web / client side (single html page, js, css) | - contains asp.net project, and nancy library | to host the modules in application project folder | +-- application / service (nancy modules, bootstrap for other layer) | . . . and other layers (three tier, domain driven, etc) . Is this a good way of organizing a complex single page application? Am I over-engineering the web app, incurring too much complexity?

    Read the article

  • Download ASP.NET MVC Source Code

    - by Editor
    From Scott Guthrie’s blog: Last month I blogged about our ASP.NET MVC Roadmap. Two weeks ago we shipped the ASP.NET Preview 2 Release. Phil Haack from the ASP.NET team published a good blog post about the release here. Scott Hanselman has created a bunch of great ASP.NET MVC tutorial videos [...]

    Read the article

  • Where can I learn various hacking techniques on the web?

    - by Carson Myers
    I would like to try my hand at hacking -- that is, exploiting various website vulnerabilities. Not for any illegal purpose mind you, but so I can have a better understanding and appreciation of these exploits while writing my own web software. I seem to recall that there was a community that hosted a bunch of demo websites, and you had to find and exploit certain vulnerabilities with each one. I can't remember what it is called but this is the sort of thing I am looking for -- I have read a tonne of little XSS and CSRF examples but have yet to find a real-life hands-on example of one. Does anyone know of such a place, where I can be given an example page and look for security holes? I would really rather not try this with actual websites, I don't want to break any laws.

    Read the article

  • Can I run a web site from my home network without jeapordizing other computers on my LAN?

    - by Alchemical
    I have a home LAN with 5 computers and a NAS, all connected to a Linksys router which is connected to my Cox cable modem. I'm interested in having one of my computers run an IIS-based web site and to have it be accessible to the internet with a static IP. However, I do not want o jeapordize the safety of the other computers on my home network! Is there anyway to do this safely, or as safe as possible? I may also like to run an FTP server from this computer. Finally, optionally I would like to allow remote access to this computer from the internet--but it seems to me that that may increase the security risk to the other computers substantially.

    Read the article

  • Which smartphone OS would you choose for your users ?

    - by Florent
    While we currently only use windows mobile smartphone, my boss seems less and less reluctant to try and choose a new kind of OS for our users corporate phones. For some reasons, we can't use a Blackberry Enterprise Server, so i guess our only choice is between Iphone OS and Android (or Blackberry without BES ? I don't really know if this works fine) We need activesync capable smartphones of course, and activesync security policies must be available (pin when using your phone for example). Centralized Phone management would be nice too :D Any ideas on what should be the best smartphone to choose for our users ?

    Read the article

  • How to unblock chm files - unblock button is missing

    - by Yoav
    I downloaded a CHM file. When I double click it it prompts me to open / save / cancel. Whether I open or save a new copy, the 'new' version will prompt the same open / save / cancel popup ad infinitum. Searching google it seems that Microsoft have deemed it right for security reason to block these files by default. The solution is to right click the file, and click the 'unblock' button at the bottom: The problem is that I don't have that button on my system: BTW, the button is also missing for .exe files.I'm using Win7 64bit. Any ideas?

    Read the article

  • Why is it java code indented as BSD KNF Style and C C++ code indented as Allman or BSD style?

    - by Caffeine
    I do understand that coding convention is a matter of preference, and that different coding conventions have different subtle advantages or shortcomings, and depending on what one wants, one should choose his/her style. But why is usually Java written where the opening brace is on the same line as the function definition of control statement, and in C or C++ the curly braces have a line of their own? BSD KNF style if (data != NULL && res > 0) { if (JS_DefineProperty(cx, o, "data", STRING_TO_JSVAL(JS_NewStringCopyN(cx, data, res)), NULL, NULL, JSPROP_ENUMERATE) != 0) { QUEUE_EXCEPTION("Internal error!"); goto err; } PQfreemem(data); } else { if (JS_DefineProperty(cx, o, "data", OBJECT_TO_JSVAL(NULL), NULL, NULL, JSPROP_ENUMERATE) != 0) { QUEUE_EXCEPTION("Internal error!"); goto err; } } Allman or BSD Style if (x == y) { something(); somethingelse(); } Courtesy: http://en.wikipedia.org/wiki/Indent_style

    Read the article

  • How important is patch management?

    - by James Hill
    Problem I'm trying to sell the idea of organizational patch/update management and antivirus management to my superiors. Thus far, my proposition has been met with two responses: We haven't had any issues yet (I would add that we know of) We just don't think it's that big of a risk. Question Are there any resources available that can help me sell this idea? I've been told that 55-85% of all security related issues can be resolved by proper anti-virus and patch/update management but the individual that told me couldn't substantiate the claim. Can it be substantiated? Additional Information 1/5 of our computers (the ones on the building) have Windows update turned on by default and anti-virus installed. 4/5 of our computers are outside corporate and the users currently have full control over anti-virus and Windows updates (I know this is an issue, one step at a time).

    Read the article

  • CodeGolf : Find the Unique Paths

    - by st0le
    Here's a pretty simple idea, in this pastebin I've posted some pair of numbers. These represent Nodes of a unidirected connected graph. The input to stdin will be of the form, (they'll be numbers, i'll be using an example here) c d q r a b d e p q so x y means x is connected to y (not viceversa) There are 2 paths in that example. a->b->c->d->e and p->q->r. You need to print all the unique paths from that graph The output should be of the format a->b->c->d->e p->q->r Notes You can assume the numbers are chosen such that one path doesn't intersect the other (one node belongs to one path) The pairs are in random order. They are more than 1 paths, they can be of different lengths. All numbers are less than 1000. If you need more details, please leave a comment. I'll amend as required. Shameless-Plug For those who enjoy Codegolf, please Commit at Area51 for its very own site:) (for those who don't enjoy it, please support it as well, so we'll stay out of your way...)

    Read the article

  • Matching the superclass's constructor's parameter list, is treating a null default value as a non-null value within a constructor a violation of LSP?

    - by Panzercrisis
    I kind of ran into this when messing around with FlashPunk, and I'm going to use it as an example. Essentially the main sprite class is pretty much class Entity. Entity's constructor has four parameters, each with a default value. One of them is graphic, whose default value is null. Entity is designed to be inherited from, with many such subclasses providing their own graphic within their own internal workings. Normally these subclasses would not have graphic in their constructor's parameter lists, but would simply pick something internally and go with it. However I was looking into possibly still adhering to the Liskov Substitution Principal. Which led me to the following example: package com.blank.graphics { import net.flashpunk.*; import net.flashpunk.graphics.Image; public class SpaceGraphic extends Entity { [Embed(source = "../../../../../../assets/spaces/blank.png")] private const BLANK_SPACE:Class; public function SpaceGraphic(x:Number = 0, y:Number = 0, graphic:Graphic = null, mask:Mask = null) { super(x, y, graphic, mask); if (!graphic) { this.graphic = new Image(BLANK_SPACE); } } } } Alright, so now there's a parameter list in the constructor that perfectly matches the one in the super class's constructor. But if the default value for graphic is used, it'll exhibit two different behaviors, depending on whether you're using the subclass or the superclass. In the superclass, there won't be a graphic, but in the subclass, it'll choose the default graphic. Is this a violation of the Liskov Substitution Principal? Does the fact that subclasses are almost intended to use different parameter lists have any bearing on this? Would minimizing the parameter list violate it in a case like this? Thanks.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 174 175 176 177 178 179 180 181 182 183 184 185  | Next Page >