Search Results

Search found 120608 results on 4825 pages for 'code access security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 221/4825 | < Previous Page | 217 218 219 220 221 222 223 224 225 226 227 228  | Next Page >

  • Significant number of non-HTTP requests hitting my site

    - by Mark Westling
    I'm seeing a significant number of non-HTTP requests hitting a site I just launched. They show up in the server (nginx) logs as non-ASCII and get rejected (correctly) with a 400 status. Here are some lines from the log: 95.132.198.189 - - [09/Jan/2011:13:53:30 -0500] "œ$A\x10õœ²É9J" 400 173 "-" "-" 79.100.145.126 - - [09/Jan/2011:13:57:42 -0500] "#§i²¸oYi á¹„\x13VJ—x·—œ\x04N \x1DÔvbÛè½\x10§¬\x1E0œ_^¼+\x09ÜÅ\x08DÌÃiJeT€¿æ]œr\x1EëîyIÐ/ßýúê5Ǹ" 400 173 "-" "-" 79.100.145.126 - - [09/Jan/2011:13:58:33 -0500] "¯Ú%ø=Œ›D@\x12¼\x1C†ÄÀe\x015mˆàd˜Û%pÛÿ" 400 173 "-" "-" What should I make of this? Is this some sort of scripted attack? Or could these be correct requests that have somehow been garbled? They're not affecting the performance of the site and I'm not seeing any other signs of attacks (e.g., no strange POSTs) so at this point I'm more curious than afraid.

    Read the article

  • Steps after SQL Injection detected

    - by Zukas
    I've come across SQL injection vulnerabilities on my companies ecommerce page. It was fairly poorly put together. I believe I have prevented future attempts however we are getting calls about fraudulent credit card charges on our site and others. This leads me to believe that someone was able to get a list of our credit card numbers. What doesn't make sense is that we don't store that information and we use Authorize.net for the transaction. If someone was able to get the CC#s, what should I do next? Inform ALL of our customers that someone broken into our system and stole their information? I have a feeling that will be bad for business.

    Read the article

  • mount remotely mybook live network drive

    - by bob
    I have a mybook live western digital 1TB hard disk connected to fritzbox 7270 router in office. When I am in the office, I can mount this drive to ubuntu since I have added to the etc/fstab file: //192.168.178.30/user /home/user/DISK cifs auto,iocharset=utf8,user=user%password 0 0 Is there a similar, easy & safe way, to do the same when I am out of the office using the static IP of the fritzbox router? I have already added tcp port forwarding in the router for ports 8080 (to 80 of the disk) and 8443 (to 443 of the disk). Thank you in advance

    Read the article

  • How can I protect my save data from casual hacking?

    - by Danran
    What options are there for saving game data in a secure manner? I'm interested in solutions specifically tailored for C++. I'm looking for something that is fast and easy to use. I'm only concerned about storing simple information such as Which levels are and are not unlocked The user's score for each level I'm curious again to know what's out there to use, any good libraries to use that give me nice, secure game data files that the average player can't mess with. I just found this here which looks very nice, but it would be great to get some opinions on potential other libraries/options out there.

    Read the article

  • Automatically locking screen without shutting it off

    - by milkandtang
    Hey everyone— I have a home theater PC running Ubuntu 11.10, outputting over HDMI (for audio and video). I'm having an issue: I'd like the screen to lock automatically (when video is not playing, of course) but do not want the screen to turn off automatically, because that kills audio. I can manually lock the screen, of course, but it appears that if you set the "Turn off screen" setting to "never", the screen will never lock, no matter what the "lock screen" timeout is set to. Is there a way to do what I'm asking, or will I have to install xscreensaver?

    Read the article

  • Why does Facebook convert PHP code to C++?

    - by user72245
    I read that Facebook started out in PHP, and then to gain speed, they now compile PHP as C++ code. If that's the case why don't they: Just program in c++? Surely there must be SOME errors/bugs when hitting a magic compiler button that ports PHP to c++ code , right? If this impressive converter works so nicely, why stick to PHP at all? Why not use something like Ruby or Python? Note -- I picked these two at random, but mostly because nearly everyone says coding in those languages is a "joy". So why not develop in a super great language and then hit the magic c++ compile button?

    Read the article

  • Code maintenance: To add comments in code or to just leave it to the version control?

    - by Chillax
    We have been asked to add comments with start tags, end tags, description, solution etc for each change that we make to the code as part of fixing a bug / implementing a CR. My concern is, does this provide any added value? As it is, we have all the details in the Version control history, which will help us to track each and every change? But my leads are insisting on having the comments as a "good" programming practice. One of their argument is when a CR has to be de-scoped/changed, it would be cumbersome if comments are not there. Considering that the changes would be largely in between code, would it really help to add comments for each and every change we make? Shouldn't we leave it to the version control?

    Read the article

  • Display current layout (language code/country flag) in keyboard indicator

    - by Jono
    Just upgraded from 10.04 to 10.10, and the keyboard indicator applet no longer displays the two-letter country code for the active layout. This is terrible. Is this the default behaviour? Anyone using two layouts can't tell which language they're in. I can't seem to find the setting for this, it used to be in the preferences for keyboard layout. Update 1: In case this wasn't obvious - I have two keyboard layouts - English and Hebrew. I just upgraded form 10.04, where the country code (USA/IL) was displayed, overlaid on the flag. Now all I get is a vague keyboard icon, and can't find the settings for this. Update 2: this seems to be a bug that people have been reporting since Lucid, and is now back in Maverick

    Read the article

  • How to protect Ubuntu from fork bomb

    - by dblang
    I heard someone talking about a fork bomb, I did some research and found some dreadful information about some strange looking characters people can have you type at the command line and as a result do bad things on the computer. I certainly would not issue commands I do not understand but one never knows what can happen. I heard that some OS allows the administrator to place some limit on user processes to mitigate the effects of fork bombs, is this protection in Ubuntu by default or would a person with sudo privilege have to set this? If so, how?

    Read the article

  • What are the pros and cons of non-unique display names?

    - by Davy8
    I know of at least big title game (Starcraft II) that doesn't require unique display names, so it would seem like it can work in at least some circumstance. Under what situations does allowing non-unique display names work well? When does it not work well? Does it come down to whether or not impersonation of someone else is a problem? The reasons I believe it works for Starcraft II is that there isn't any kind of in-game trading of virtual goods and other than "for kicks" there isn't much incentive to impersonate someone else in the game. There's also ladder rankings so even trying to impersonate a pro is easily detectable unless you're on a similar skill level. What are some other cases where it makes sense to specifically allow or disallow duplicate display names?

    Read the article

  • How to write efficient code despite heavy deadlines

    - by gladysbixly
    Hi all, I am working in an environment wherein we have many projects with strict deadlines on deliverables. We even talk directly to the clients so getting the jobs done and fast is a must. My issue is that i'd always write code for the first solution that comes to my mind, which of course I thought as best at that moment. It always ends up ugly though and i'd later realize that there are better ways to do it but can't afford to change due to time restrictions. Are there any tips by which I could make my code efficient yet deliver on time?

    Read the article

  • Avoiding "double" subscriptions

    - by john smith
    I am working on a website that requires a bit of marketing; let me explain. This website is offering a single, say, iTunes 50$ voucher to a lucky winner. To be entered in the draw, you need to invite (and has to join) at least one friend to the website. Pretty straightforward. Now, of course it would be easy for anyone to just create a fake account and invite that account so, I was thinking of some other way to somehow find out of possible cheating. I was thinking of an IP check on the newly subscribed (invited) user, and if there is the same IP logged in the last 24 hours, and if that's the case, investigate more about it. But I was thinking that maybe there is a more clever way around this issue. Has anyone ever though about this? What other solutions did you try? Thanks in advance.

    Read the article

  • Are code screening services worthwhile?

    - by Robert Klubenspies
    I've seen websites that screen programmers by their ability to write code. It's a service that you enter a programming question into and then send out a link. Job candidates program their solution to the question as they are timed and recorded. The person who posted the question can then playback a video of their candidate programming the script. This video allows them to see how quickly and neatly their job candidate can code. Are these types of services worth it? What caveats and hangups are there to using such things to screen potential hires?

    Read the article

  • Making Agile and DevOps methodology compatible with PCI requirements

    - by kenchew
    Would like to hear from those working in a PCI compliance environment and is practicing agile development and devops methodology, how you maintain compliance with PCI requirements. Specifically, what do you do to address: separation of duties between development/test and production alignment of continuous integration / deployment and change control alignment of agile stories to requirement documentation

    Read the article

  • Disadvantages of a fake phpMyAdmin honeypot that causes ip blacklisting and robots.txt disallow/exclusion of the honeypot?

    - by Tchalvak
    I'm trying to figure out whether I should set up a honeypot system with a fake phpMyAdmin (site gets hits all the time with people spidering for insecurities with that app). My thought was to create a honeypot php script that would mimic a phpMyAdmin login, and then blacklist ips that hit that url (and aren't already whitelisted). I would then add the appropriate urls to the robots.txt so that spiders that actually respect my robots.txt wouldn't be caught by the blacklist. Are there disadvantages to this approach, do legit robots sometimes not respect robots.txt in certain circumstances, are there any problems with this that I should consider in advance?

    Read the article

  • MCrypt Module, Rijndael-256

    - by WernerCD
    An outside company is redoing our company Intranet. During some basic usage I disovered that the "User Edit" screens, with the "Password: *" boxes have the password in plain text, with the text box "type=password" to "hide" the password. The passwords are not store in the database as plain text, they are stored encrypted using "rijndael-256" cypher using the mcrypt module. I know that if I encrypt a password with SHA*, the password is "Unrecoverable" via one-way encryption. Is the same of MCrypt Rijndael-256 encryption? Shouldn't an encrypted password be un-recoverable? Are they blowing smoke up my rear or just using the wrong technology?

    Read the article

  • What are the crappy code games - the background?

    - by simonsabin
    This is part of a series on the Crappy Code Games The background Who can enter? What are the challenges? What are the prizes? Why should I attend? Tips on how to win   The Background Fusion IO came to us a while back wanting to run a competition to highlight the how bad code can really impact your system. We’ve all seen it, I saw an example yesterday where someone had implemented a cursor on a whole table just to update a few rows, something like this. declare cUpdateCursor cursor for  ...(read more)

    Read the article

  • Password protected website

    - by danie7L T
    I need to add a user authentication page before the actual homepage of the website. In Joomla! I just set the website offline and the offline page loads in place of the homepage but then it's automatically throwing a "503 Service Temporarily Unavailable" error which I would like to avoid. That's why I would like to know the other ways to load an authentication page before the homepage. NB: I'm using Apache servers if that's relevant Thank you

    Read the article

  • Internet Explorer : nouvelle vulnerabilité 0-day, les recommandations de Microsoft pour éviter l'exécution de code distant

    Nouvelle vulnerabilité 0-day dans Internet Explorer 6,7 et 8 Qui permet l'exécution de code distant Une nouvelle vulnérabilité 0-day dans le navigateur de Microsoft, Internet Explorer vient d'être identifiée. La vulnérabilité pourrait être exploitée par des pirates afin de prendre un contrôle à distance du système vulnérable. La faille se situe au niveau du moteur HTML d'Internet Explorer et peut être exploitée lorsque le navigateur traite des fichiers CSS (Cascading Style Sheets). Avec pour résultat, la possible exécution d'un code arbitraire via une page Web malicieuse. La vulnérabilité touche les versions 7 et 6 d'internet Explorer sur ...

    Read the article

  • Silicon Valley Code Camp 2012 - Submit Your Talks

    - by arungupta
    Silicon Valley Code Camp follows three rules: Given by/for the community Always free Never occur during work hours I've spoken there at 2011, 2010, 2009, 2008, and 2007 and have again submitted a talk this year as well, and will submit more! Its one of the best organically grown code camps with the attendance constantly growing over the past 6 years. Here is a chart that shows how the number of conferences attendees that registered and attended and the sessions delivered over past 6 years. If you wonder why there is such a big gap between "registered" and "attended" that's because this event is FREE! Yes, 100% free. If you are in and around Silicon Valley then you have no reason to not participate/speak at SVCC. You have the opportunity to meet all the local JUG leaders and the community "rockstars" :-) Date: Oct 6/7, 2012 Venue: Foothill College, 12345, El Monte Road, Los Altos Hills, CA Submit today or register!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 217 218 219 220 221 222 223 224 225 226 227 228  | Next Page >