Search Results

Search found 120608 results on 4825 pages for 'code access security'.

Page 293/4825 | < Previous Page | 289 290 291 292 293 294 295 296 297 298 299 300 | Next Page >

How can I set up VLANs in a way that won't put me at risk for VLAN hopping?

- by hobodave

We're planning to migrate our production network from a VLAN-less configuration to a tagged VLAN (802.1q) configuration. This diagram summarizes the planned configuration: One significant detail is that a large portion of these hosts will actually be VMs on a single bare-metal machine. In fact, the only physical machines will be DB01, DB02, the firewalls and the switches. All other machines will be virtualized on a single host. One concern that has been is that this approach is complicated (overcomplicated implied), and that the VLANs are only providing an illusion of security, because "VLAN hopping is easy". Is this a valid concern, given that multiple VLANs will be used for a single physical switch port due to virtualization? How would I setup my VLANs appropriately to prevent this risk? Also, I've heard that VMWare ESX has something called "virtual switches". Is this unique to the VMWare hypervisor? If not, is it available with KVM (my planned hypervisor of choice)?. How does that come into play?

Read the article
Concerns about a Dedicated (Windows Server 2008) + DDoS

- by TheKillerDev

I am have today a dedicated server with these specs: Intel Core i5 750, 2x120GB (ssd + raid), Windows Server 2008 Web, 200Mbps Network, 24 Gb DD3 And I would like to know what are the best thing I can do to prevent a DDoS Attack, since I know this will be a real threat by the importance of the files that will be archived in it. Today I have apache listening port 80 and RDC listening port 3389. But the security is beeing made only by Windows Firewall. So, any thoughts on what would be good to prevent from DDoS attacks?

Read the article
More Sessions At Central Coast Code Camp, Ruby/Cloud Computing

Should Your Application Run In The Cloud Im back and sitting in Steve Evans Session, Should Your Application Run In The Cloud. Hes now explaining how computers, since the stone age,... This site is a resource for asp.net web programming. It has examples by Peter Kellner of techniques for high performance programming...Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

Read the article
Store image as logic file (in db by using binary format) or physical file (in the server)

- by Michel Ayres

In those study cases of image storage, An image that change only once in a while, if it changes at all (like an image for an article) The image case from above is not only one image but over 10, that link to the same article An image that have changes very often (like a banner image for a website) The image above is huge What is the best approach for each case? What is the "right/faster" way to do this task in each scenario ?

Read the article
Should comments say WHY the program is doing what it is doing? (opinion on a dictum by the inventor of Forth)

- by AKE

The often provocative Chuck Moore (inventor of the Forth language) gave the following advice (paraphrasing): "Use comments sparingly. Programs are self-documenting, with a modicum of help from mnemonics. Comments should say WHAT the program is doing, not HOW." My question: Should comments say WHY the program is doing what it is doing? Update: In addition to the answers below, these two provide additional insight. Beginner's guide to writing comments? http://programmers.stackexchange.com/a/98609/62203

Read the article
Routing and Remote Access Port Mapping not applied to localhost

- by Computer Guru

Hi, I've set up Routing and Remote Access (Windows Server 2003) to forward publicip:80 to a server on the private internal network, and that's working great. Incoming requests from the internet to port 80 are correctly forwarded to our internal web server and everything is fine. However, requests on the server itself are not being forwarded. That is, if I open a console window and type "telnet publicip 80" from the server on publicip, the request is not forwarded to the private server. I understand that in RRAS I've mapped port 80 on the public interface to the private server and that's why it's not working; but I don't know how to configure it so that requests from the local PC are also forwarded to the private server. I'd appreciate any help or feedback on the matter. Thanks!

Read the article
How to analyse logs after the site was hacked

- by Vasiliy Toporov

One of our web-projects was hacked. Malefactor changed some template files in project and 1 core file of the web-framework (it's one of the famous php-frameworks). We found all corrupted files by git and reverted them. So now I need to find the weak point. With high probability we can say, that it's not the ftp or ssh password abduction. The support specialist of hosting provider (after logs analysis) said that it was the security hole in our code. My questions: 1) What tools should I use, to review access and error logs of Apache? (Our server distro is Debian). 2) Can you write tips of suspicious lines detection in logs? Maybe tutorials or primers of some useful regexps or techniques? 3) How to separate "normal user behavior" from suspicious in logs. 4) Is there any way to preventing attacks in Apache? Thanks for your help.

Read the article
PhillyNJ Presentation and Code Files on Windows Service Design

- by RonGarlit

Thanks to everyone who braved the bad weather for the PhillyNJ meeting tonight. I’ve posted the files on my SKYDRIVE at the folder on this link. https://skydrive.live.com/redir.aspx?cid=79d1d19d50ff06b6&resid=79D1D19D50FF06B6!1069&parid=79D1D19D50FF06B6!106 I hope everyone found something useful from tonight presentation given that a good portion of it is one of the more boring (yet interesting) subjects. Have Fun! The Ron

Read the article
Enable file download via redirect in IE7

- by Christian W

Our application enables our customers to download files to their computer. The way I have implemented it is using asp.net with a dropdown. When the user clicks the dropdown they get the choice of "PDF","Powerpoint", and a couple of other choices depending on circumstances. Then, in postback depending on the choice the user made, it will return a file (changing the content-header and such and then bitbanging a file to the user). This works perfectly in all browsers, but IE7 complains that this is a security risk and blocks the download. Is there any way for the users to authorize downloads from our webapplication?

Read the article
How to forbid programs from accessing a folder

- by prashanth

I use firefox as my default browser. IE and chrome are used as secondary browsers. Apart from these, i need to have a alternate browser. I tried opera, but when installing it, opera automatically imported all my bookmarks and other profile data from firefox folder. I really had a hard time safely deleting these files that opera made a copy, without harming the original files which firefox uses. I don't want this to happen. Here's the situation: Now, i want to install other browser or re install opera. How do i make the firefox profile folder to be accessed only by firefox.exe and me(the administrator)? Can this be done via security tab under folder properties?

Read the article
What folder is this code signifying?

- by clifgray

I am trying to install OpenNi on ubuntu and have found some decent looking instructions but I am not sure what I need to do for this one specific case. Here are the instructions and here is the line that is tripping me up: cd OpenNI/Platform/Linux/CreateRedist/ chmod +x RedistMaker ./RedistMaker cd ../Redist/OpenNI-Bin-Dev-Linux-x64-v1.5.2.23/ sudo ./install.sh I don't know what folder the cd ../Redist/OpenNI-Bin-Dev-Linux-x64-v1.5.2.23/ line is talking about and can't find it anywhere. Does anyone know what this is?

Read the article
Using Extended ACLs to control write access?

- by tocapa

I am trying to set up file uploading on a website, but I get a permissions error when trying to write to upload directory. When I asked my supervisor about this, he suggested using extended ACLs to give the server write access to the directory. I've looked ACLs and nothing has suggested to me that this is the right way to go. Am I just not looking in the right place? How would I use ACLs to do this, or if not, what would be the right way to go about this? Forgive me for I've never used ACLs before so I don't know what I'm talking about.

Read the article
How useful is mounting /tmp noexec?

- by Novelocrat

Many people (including the Securing Debian Manual) recommend mounting /tmp with the noexec,nodev,nosuid set of options. This is generally presented as one element of a 'defense-in-depth' strategy, by preventing the escalation of an attack that lets someone write a file, or an attack by a user with a legitimate account but no other writable space. Over time, however, I've encountered arguments (most prominently by Debian/Ubuntu Developer Colin Watson) that noexec is a useless measure, for a couple potential reasons: The user can run /lib/ld-linux.so <binary> in an attempt to get the same effect. The user can still run system-provided interpreters on scripts that can't be run directly Given these arguments, the potential need for more configuration (e.g. debconf likes an executable temporary directory), and the potential loss of convenience, is this a worthwhile security measure? What other holes do you know of that enable circumvention?

Read the article
Elastic beanstalk access private git repo

- by user221676

I am trying to currently add an ssh key to my elastic beanstalk instances using .ebextensions commands. The keys I have stored are in my application code and I try to copy them to the root .ssh folder so I can access them when doing a git+ssh clone later here is an example of the config file in my .ebextensions folder packages: yum: git: [] container_commands: 01-move-ssh-keys: command: "cp .ssh/* ~root/.ssh/; chmod 400 ~root/.ssh/tca_read_rsa; chmod 400 ~root/.ssh/tca_read_rsa.pub; chmod 644 ~root/.ssh/known_hosts;" 02-add-ssh-keys: command: "ssh-add ~root/.ssh/tca_read_rsa" the problem is that I get is an error when attempting to clone the repo Host key verification failed. I have tried many ways of try to add the host to the known_hosts file but none have worked! The command that is doing the clone is npm install as the repo points to a node module

Read the article
Using a 3g usb dongle as Cisco router access point

- by beakersoft

We have an office opening, and we aren't going to have comms into the building when management want the building to open. Our only option (I think) Is to try and hook up a 3/4g dongle to something to act as the access point, and send all the traffic via that. The model of router we use wont support the usb dongle, so we need some sort of 'bridge' My idea was to build a Linux box, plug the dongle into that and then via the Ethernet ports plug the router in. We need the Cisco router in the equation as we create VPN connections over that back to head office. My question is will this work?

Read the article
XAMPP: Access Forbidden!

- by Yar

I just installed a fresh XAMPP on OSX. Apache runs and I can see the splash page. I open the httpd.conf and I set both places that point to htdocs to someplace else, which results in Apache showing an "Access Forbidden!" message. I plugged my directory here: <Directory "/Applications/XAMPP/xamppfiles/htdocs"> and here: DocumentRoot "/Applications/XAMPP/xamppfiles/htdocs" Most files have permissions like -rw-r--r--, but even if I set the index.php using chmod 777 nothing changes. Strangely, I just did this whole thing with MAMP and had no problems serving that directory, but it was slow.

Read the article
Toutes les semaines un peu de code pour aller plus loin avec Windows 7, Windows API Code Pack

En cette fin d'année, la communauté de Developpez.com s'est alliée avec Microsoft France pour relayer une série de questions / réponses sur le développement Windows 7. A partir d'aujourd'hui, nous poserons une question chaque lundi sur une fonctionnalité propre au développement d'applications Windows 7. La bonne réponse de la question de la semaine sera ensuite dévoilée la semaine suivante avec un exemple de mise en pratique. Êtes-vous prêt à relever le défi ? Pensez-vous bien connaître les possibilités que proposent les API Windows 7 ? C'est ce que nous allons voir dès aujourd'hui, nous attendons vos propositions ! La réponse de la semaine : Quel est le nom de l'API .NET qui...

Read the article
How can I use fetchmail (or another email grabber) with OSX keychain for authentication?

- by bias

Every fetchmail tutorial I've read says putting your email account password clear-text in a config file is safe. However, I prefer security through layers (since, if my terminal is up and someone suspecting such email foolery slides over and simply types "grep -i pass ~/.*" then, oops, all my base are belong to them!). Now, with msmtp (as opposed to sendmail) I can authenticate using the OSX keychain. Is there an email 'grabber' that lets me use Keychains (specifically the OSX keychain) or at least, that lets me MD5 the password? This is a duplicate of my unanswered question on serverfault. I've put it on superuser because I'm doing this on a personal computer (viz. with OSX) so it's more of a superuser question.

Read the article
Code Optimization in ASP.NET

This article gives a simple checklist that can simply be run against any ASP .NET Web Page to optimize it.

Read the article
Ubuntu cannot access internet, LAN is fine

- by Kevin Southworth

I have an Ubuntu 8.04 LTS server that is directly connected to our Comcast Business Gateway modem and I have configured it with 1 of our 5 allotted Static IPs. My other machines on our LAN can connect to this server (via ssh, web, ping, etc.) but I cannot access this server from outside our network, and this machine cannot get out to the internet either (ping google.com fails with unknown host). Here is my /etc/networking/interfaces file: auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 173.162.54.19 netmask 255.255.255.248 broadcast 173.162.54.23 gateway 173.162.54.22 and my /etc/resolv.conf: nameserver 68.87.77.130 nameserver 68.87.72.130 output from sudo route -n: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 173.162.54.16 0.0.0.0 255.255.255.248 U 0 0 0 eth0 0.0.0.0 173.162.54.22 0.0.0.0 UG 100 0 0 eth0 I have a Windows 2008 machine with an almost identical Static IP, static DNS setup and it works correctly, can access it within the LAN and also from public internet, the Windows machine and the Ubuntu machine are both directly connected to the Comcast Business Gateway. I have tried rebooting Ubuntu, rebooting my Comcast modem, but nothing seems to make it work. I'm an Ubuntu noob, is there some other config I need to apply to make this work? UPDATE: Yes I am able to ping my default gateway 173.162.54.22 output of iptables --list -n: Chain INPUT (policy DROP) target prot opt source destination ufw-before-input all -- 0.0.0.0/0 0.0.0.0/0 ufw-after-input all -- 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy DROP) target prot opt source destination ufw-before-forward all -- 0.0.0.0/0 0.0.0.0/0 ufw-after-forward all -- 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination ufw-before-output all -- 0.0.0.0/0 0.0.0.0/0 ufw-after-output all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-after-forward (1 references) target prot opt source destination LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix `[UFW BLOCK FORWARD]: ' RETURN all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-after-input (1 references) target prot opt source destination RETURN udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:137 RETURN udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:138 RETURN tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:139 RETURN tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:445 RETURN udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67 RETURN udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:68 LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix `[UFW BLOCK INPUT]: ' RETURN all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-after-output (1 references) target prot opt source destination RETURN all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-before-forward (1 references) target prot opt source destination ufw-user-forward all -- 0.0.0.0/0 0.0.0.0/0 RETURN all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-before-input (1 references) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED DROP all -- 0.0.0.0/0 0.0.0.0/0 ctstate INVALID ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 11 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 12 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68 ufw-not-local all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 224.0.0.0/4 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 224.0.0.0/4 ufw-user-input all -- 0.0.0.0/0 0.0.0.0/0 RETURN all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-before-output (1 references) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED ufw-user-output all -- 0.0.0.0/0 0.0.0.0/0 RETURN all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-not-local (1 references) target prot opt source destination RETURN all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL RETURN all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type MULTICAST RETURN all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix `[UFW BLOCK NOT-TO-ME]: ' DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-user-forward (1 references) target prot opt source destination RETURN all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-user-input (1 references) target prot opt source destination ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:80 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:22 RETURN all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-user-output (1 references) target prot opt source destination RETURN all -- 0.0.0.0/0 0.0.0.0/0

Read the article
iPad Programming: Maintaining Two Code Bases

The third method of developing your application for multiple devices is to maintain separate targets for your app.

Read the article
iPad Programming: Maintaining Two Code Bases

The third method of developing your application for multiple devices is to maintain separate targets for your app.

Read the article
Backup and restore MySQL database without system access

- by Sencerd

Hi guys, I am trying to move a database from 1 provider to another, the problem is that I don't have system access at either end (ie, no ssh), so I cannot use a mysqldump. I have already tried using MySQL Administrator, the backup took about 45 minutes, but when it came to restoring it was moving at a snails pace, and estimating 12+ hours. This is a live app so I need to keep the downtime to an absolute minimum. The database consists of 35 tables, a mixture of MyISAM and InnoDB, the whole thing comes to about 4.4GB. The source and destination databases are both running on very powerful servers. Any suggestions on a quick way of doing this will be gratefully received. Thanks

Read the article
Jenkins projects not visible even though user has all privleges

- by Frank Rosario

We want to lock down Jenkins and specific jobs to certain personnel. I have my account with all global privileges granted with project based matrix security. A coworker has a similar account and has been granted all the same privileges. When I log in with my account, I can see all of the projects we have setup. When my coworker whom has the exact same privileges logs in, none of the projects are visible. I've double and triple checked the permissions matrix to make sure we have the same global privileges; we do. Some of the projects have project specific privileges setup as well, but again; I've confirmed that both of us have the same access to these projects as well. So why can I see all the projects and my coworker is unable to see any of the projects?

Read the article
How to access remotly to a mysql server?

- by ÉricP

Hi, I'm trying to access my remote mysql server from my own computer. I uncommented: bind-address = 80.10.65.45 I added 80.10.65.45 as a server in privilege root 80.10.65.45 yes ALL PRIVILEGES yes I'm using Sequel Pro on MacosX to connect via SSH here is the debug log: debug1: Authentication succeeded (password). debug1: Local connections to LOCALHOST:58517 forwarded to remote address 127.0.0.1:3306 debug1: Local forwarding listening on ::1 port 58517. debug1: channel 0: new [port listener] debug1: Local forwarding listening on 127.0.0.1 port 58517. debug1: channel 1: new [port listener] debug1: Entering interactive session. debug1: Connection to port 58517 forwarding to 127.0.0.1 port 3306 requested. debug1: channel 2: new [direct-tcpip] channel 2: open failed: connect failed: Connection refused debug1: channel 2: free: direct-tcpip: listening port 58517 for 127.0.0.1 port 3306, connect from 127.0.0.1 port 58519, nchannels 3

Read the article

< Previous Page | 289 290 291 292 293 294 295 296 297 298 299 300 | Next Page >