Search Results

Search found 13940 results on 558 pages for 'pci security'.

Page 348/558 | < Previous Page | 344 345 346 347 348 349 350 351 352 353 354 355 | Next Page >

Protect .NET code from reverse engineering?

- by Priyank Bolia

Obfuscation is one way, but it can't protect from breaking the piracy protection security of the application. How to make sure that the application is not tampered with, and how to make sure that the registration mechanism can't be reverse engineered. Also it is possible to make to convert C# app in native code, Xenocode is too costly. C# provides lot of features, and is the ideal language for my code, so writing in C++ again the whole codebase is out of question. Secure certificates can be easily removed from the signed assemblies in .NET

Read the article
How to call a .NET web service with Kerberos (or NTLM) authentication from Oracle PL/SQL

- by Niklas

We are calling a .NET web service from our oracle database using the sys.utl_http package. We have also tested with the sys.utl_dbws package. This works fine when there is no security on the .NET web service. However, we would like to use sys.utl_http or sys.utl_dbws to call a .NET web service with Kerberos or NTLM authentication. We're currently struggling with this. Any hints on how to solve it?

Read the article
Google gadget to read https rss feeds?

- by Carl

Anyone run across a Google Gadget RSS reader that can read https feeds? I haven't been able to find any, and I'm not sure if this is because a) I'm the only one that needs one and/or b) there is something nasty about the browser security model here that I'll find out if I try to roll my own. Thanks much in advance.

Read the article
What parts should I get for an ASRock x58 Extreme motherboard

- by Brad Gilbert

I just received an ASRock x58 Extreme motherboard, for my post on this question. It was a 2009 Tom's Hardware recommended buy. It is a Core i7 motherboard, with an X58 Express Chipset. It uses DDR3 RAM. What I want to know is, what parts should I get to finish it off. I'm looking for some good bargains, because of a lack of funds. The most taxing game I will probably play on it is OpenTTD. The only parts I currently have that are compatible: A Dynex 400W power supply. It appears to be an ATX 2.1 power supply, with the addition of a -5 rail. Apparently designed to be compatible with most ATX-style motherboards. Several PCI add-in cards. Mostly 10/100 Network cards Some sound cards Some video cards with a VGA connector Plenty of PATA drives. 8 GB - 80 GB Hard-drives A dozen or-so CD-ROM drives, only a handful of them are CD-RW drives. One DVD-ROM drive I have one LCD, with a 15 pin VGA connector, which I salvaged from the dump. The only thing wrong with it was some dead capacitors. It also has a stuck pixel.

Read the article
Ubuntu xrandr rotate issue

- by user83544

I've just bought a second monitor for my PC which happens to be a pivot monitor. I've already read lots of forums related to my problem but haven't come across a solution - I have the same symptoms as dozens of posts but no matter whatever I try it just doesn't work. I've already changed the xorg.conf file and added in the device section just under Driver "nvidia" the following for my second monitor: Option "RandRRotation" "on" When I save and reboot I try to rotate my screen with the nvidia X server settings by choosing the second monitor and clicking either "left" or "right" for the rotation. It immediately exits the nvidia settings window and does nothing. I tried within the terminal by typing: xrandr -o right I get the following error: X Error of failed request: BadMatch (invalid parameter attributes) Major opcode of failed request: 154 (RANDR) Minor opcode of failed request: 2 (RRSetScreenConfig) Serial number of failed request: 14 Current serial number in output stream: 14 I actually manage to rotate it with Option "Rotate" "CCW" instead of "RandRRotation". The problem with this solution is that you get the second monitor in the right position, but any window you open on that screen is practically unchangeable. You can't change the size nor move it, making it useless for reading PDFs, which is the main reason why I bought this second screen to help me write my thesis. Any help is really appreciated. sudo lshw -c video hiram@hiram-linux:~$ sudo lshw -c video *-display description: VGA compatible controller product: nVidia Corporation vendor: nVidia Corporation physical id: 0 bus info: pci@0000:01:00.0 version: a1 width: 64 bits clock: 33MHz capabilities: pm msi pciexpress vga_controller bus_master cap_list rom configuration: driver=nvidia latency=0 resources: irq:16 memory:f8000000-f9ffffff memory:d8000000-dfffffff memory:d4000000-d7ffffff ioport:dc00(size=12 memory:fbd80000-fbdfffff

Read the article
JavaScript on the server-side like PHP

- by Nathan Campos

I'm now thinking to establish my server-side code in JavaScript, and begin to do all on it, but I want to know about its security and flexibility compared to PHP. I want to know too, if it can be successfully used to develop things like forum boards, full web-sites and things like this, as PHP does.

Read the article
cross domain iFrames communication problem

- by Cyno

I have a page A containing 2 children iFrames called B and C. A and B are on different domains. On pressing a button in B I would like to change C's URL. Based on the law III of Michael Mahemoff it should work, but in fact it doesn't (js security error). Here is the JS code in B: window.parent.frames['C'].location.href = "http://random.url";

Read the article
ASP.NET MVC3 Custom Membership Provider - The membership provider name specified is invalid.

- by David Lively

I'm implementing a custom membership provider, and everything seems to go swimmingly until I create a MembershipUser object. At that point, I receive the error: The membership provider name specified is invalid. Parameter name: providerName In web.config the membership key is <membership defaultProvider="MembersProvider"> <providers> <clear/> <add name="MembersProvider" type="Members.Providers.MembersProvider" connectionStringName="ApplicationServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="DeviceDatabase" /> </providers> </membership> When creating the MembershipUser object from my custom User class: public static MembershipUser ToMembershipUser(User user) { MembershipUser member = new MembershipUser ("MembersProvider" , user.Name , user.Id , user.EmailAddress , user.PasswordQuestion , user.Comment , user.IsApproved , user.IsLockedOut , user.DateCreated , user.LastLoginDate ?? DateTime.MinValue , user.LastActivityDate ?? DateTime.MinValue , user.LastPasswordChangedDate ?? DateTime.MinValue , user.LastLockoutDate ?? DateTime.MinValue ); return member; } (I realize I could probably just inherit my User class from MembershipUser, but it's already part of an existing class hierarchy. I honestly think this is the first time I've encountered a legitimate need for for multiple inheritance!) My feeling is that the new MembershipUser(...) providerName parameter is supposed to match what's set in web.config, but, since they match already, I'm at a loss as to how to proceed. Is there a convenient way to get the name of the active membership provider in code? I'm starting to think that using the built-in membership system is overkill and more trouble than it's worth. Edit Not sure if it's relevant, but the custom membership provider class is in a class library, not the main WAP project. Update Here's the contents of the System.Web.Security.Membership.Provider object as show in the VS2010 command window: >eval System.Web.Security.Membership.Provider {Members.Providers.MembersProvider} [Members.Providers.MembersProvider]: {Members.Providers.MembersProvider} base {System.Configuration.Provider.ProviderBase}: {Members.Providers.MembersProvider} ApplicationName: null EnablePasswordReset: true EnablePasswordRetrieval: false MaxInvalidPasswordAttempts: 5 MinRequiredNonAlphanumericCharacters: 0 MinRequiredPasswordLength: 6 PasswordAttemptWindow: 10 PasswordFormat: Function evaluation was aborted. PasswordStrengthRegularExpression: Cannot evaluate expression because debugging information has been optimized away . RequiresQuestionAndAnswer: Cannot evaluate expression because debugging information has been optimized away . RequiresUniqueEmail: Cannot evaluate expression because debugging information has been optimized away .

Read the article
Using OpenID as the only authentication method

- by iconiK

I have read the other questions and they mostly talk about the security of doing so. That's not entirely my concern, mostly because the website is question is a browser-based game. However, the larger issue is the user - not every user is literate enough to understand OpenID. Sure RPX makes this pretty easy, which is what I'll use, but what if the user does not have an account at Google or Facebook or whatever, or does not trust the system to log in with an existing account? They'd have to get an account at another provide - I'm sure most will know how to do it, let alone be bothered to do it. There is also the problem of how to manage it in the application. A user might want to use multiple identities with a single account, so it's not as simple as username + password to deal with. How do I store the OpenID identities of a user in the database? Using OpenID gives me a benefit too: RPX can provide extensive profile information, so I can just prefill the profile form and ask the user to edit as required. I currently have this: UserID Email ------ --------------- 86000 [email protected] 86001 [email protected] UserOpenID OpenID ---------- ------ 86000 16733 86001 16839 86002 19361 OpenID Provider Identifier ------ -------- ---------------- 16733 Yahoo https:\\me.yahoo.com\bob#d36bd 16839 Yahoo https:\\me.yahoo.com\bigbobby#x75af 19361 Yahoo https:\\me.yahoo.com\alice#c19fd Is that the right way to store OpenID identifiers in the database? How would I match the identifier RPX gave me with one in the database to log in the user (if the identifier is known). So here are concrete questions: How would I make it accessible to users not having an OpenID or not wanting to use one? (security concerns over say, logging in with their Google account for example) How do I store the identifier in the database? (I'm not sure if the tables above are right) What measures do I need to take in order to prevent someone from logging in as another user and happily doing anything with their account? (as I understand RPX sends the identifier via HTTP, so what anyone would have to do is to just somehow grab it then enter it in the "OpenID" field) What else do I need to be aware of when using OpenID?

Read the article
Issues Migrating Ejb 2.0 from jboss 4 to jboss 5.1

- by Ravi

Deploying an EAR application in jboss 5.1 throws an error. Below is the error The content of element type "message-driven" must match "(description?,display-name?,small- icon?,large-icon?,ejb-name,ejb-class,transaction-type,message-selector?,acknowledge- mode?,message-driven-destination?,env-entry*,ejb-ref*,ejb-local-ref*,security-identity?,resource- ref*,resource-env-ref*)". This EAR application worked in JBoss 4.0.2, but not working on Jboss 5.1 Thanks Ravi S

Read the article
NFS high CPU usage

- by user269836

Hello, I have a very strange issue. I have next server: Intel(R) Xeon(TM) MP CPU 3.16GHz cat /proc/cpuinfo | grep proce | wc -l 8 free -m total used free shared buffers cached Mem: 28203 27606 596 0 10789 9714 -/+ buffers/cache: 7103 21100 Swap: 24695 0 24695 RAID card *-storage description: RAID bus controller product: MegaRAID vendor: LSI Logic / Symbios Logic physical id: 7 bus info: pci@0000:13:07.0 logical name: scsi2 version: 01 width: 32 bits clock: 66MHz capabilities: storage pm bus_master cap_list rom configuration: driver=megaraid latency=32 resources: irq:134 memory:d8ff0000-d8ffffff(prefetchable) memory:df600000-df60ffff(prefetchable) HDD: 10x148Gb SCSI U320 15k - RAID5 /dev/sdb1 807G 674G 93G 88% /storage /dev/sdb1 /storage ext4 defaults,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0,noatime,nodiratime,noacl,errors=remount-ro 0 1 network cards ethtool -i eth0 driver: tg3 version: 3.116 firmware-version: 5704-v3.36, ASFIPMIc v2.36 bus-info: 0000:10:02.0 ethtool -i eth1 driver: tg3 version: 3.116 firmware-version: 5704-v3.36, ASFIPMIc v2.36 bus-info: 0000:10:02.0 ifconfig bond0 Link encap:Ethernet HWaddr 00:0f:1f:ff:d6:4d inet addr:192.168.15.71 Bcast:192.168.15.255 Mask:255.255.255.0 inet6 addr: fe80::20f:1fff:feff:d64d/64 Scope:Link UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1 RX packets:1062818202 errors:0 dropped:3918 overruns:0 frame:0 TX packets:1041317321 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:10000 RX bytes:258867684559 (241.0 GiB) TX bytes:396569192650 (369.3 GiB) this server running only nfs-kernel-server uname -a Linux nas2-backup 2.6.32-5-amd64 #1 SMP Sun Sep 23 10:07:46 UTC 2012 x86_64 GNU/Linux Debian 6. What do I have, once per day or two, LA goes up, it can be reached around LA: 40 but if I do: nfs-kernel-server restart. Every thing is OK. But on the next day or a little bit later, LA goes up again. Servers are connected to d-link dgs 1016d with 24 GBits ports. I have tried everything to find out what the problem is. Why it's happening, but still I can not resolve this issue. Any ideas on what is happening here?

Read the article
Black hat knowledge for white hat programmers

- by Dinah

There's always skepticism from non-programmers when honest developers learn the techniques of black hat hackers. Obviously though, we need to learn many of their tricks so we can keep our own security up to par. To what extent do you think an honest programmer needs to know the methods of malicious programmers?

Read the article
How to avoid the base class member functions getting overridden by sub class in objective - c

- by Manjunath

Like in java: A final class cannot be subclassed. This is done for reasons of security and efficiency. Accordingly, many of the Java standard library classes are final, for example java.lang.System and java.lang.String. All methods in a final class are implicitly final. How can I achieve this behavior in objective-c?

Read the article
OLEDB connection to Access database using DSN

- by somu

Hai i want oledb connection using Dsn. I used the following code 'Dsn Create dbRegBase.RegisterDatabase("GEMINI", "Microsoft Access Driver (*.mdb)", True,DBQ=D:\Gemini\GEMINI\database\paints_01_2008-2009.mdb Description=Greenchip Technologies ODBC Database File Path OemToAnsi=No UID=admin PWD=XXXXXX conection code Provider=Microsoft.Jet.OLEDB.4.0;DBQ ='GEMINI';Persist Security Info=False;Jet OleDB:Database Password = XXXXXX But Error come error name is "Could not find installable ISAM" what i do . please tell me.

Read the article
Open Source Alternative to ASP.NET membership

- by Tony Lenzi

I'm currently supporting a Python web app with increasingly complicated user/role/permission management requirements. Currently, we are rolling our own user, groups, permissions, etc. code and supporting database. I'd like to find something like ASP.NET membership that can help manage user authentication and authorization, rather than risk security issues in continuing to create an increasingly complicated custom solution. Are there any similar projects out there worth taking a look at?

Read the article
Best practices to store CreditCard information into DataBase

- by Garis Suero

In my country the online payments are not an old thing, the first time i saw a web application taking payments directly to a local bank account was last year. So, Im a newbie coding web payment system. My question is, what are the best practices to store creditcard information into the database... I have many ideas: encrypting the creditcard, database security restriction, etc. What have you done?

Read the article
Static noise in headphones

- by John Murdoch

I have a Asus P6T based system. I was using the on-board sound (plugging in Logitech X-230 2.1 analog speakers in the green "front speakers" 3.5mm analog output, then plugging in my headphones in that). I was quite happy with the sound quality (didn't hear any static noise if volume was turned down to my normal listening level). Then about a week ago I started having terrible static noise from the left channel, and no normal audio on that left channel. Right channel had more static noise than usual but did have a bit of sound. I tried using the AC'97 in front of my case but that seemed to have no signal. I decided my on-board sound card has gone bad and bought an internal sound card to replace it (Startech 7.1Ch PCI). This fixed the "no sound from left channel problem", but I had much more audible static noise. I decided the card was low quality and/or it had interference from all the other things happening inside the computer case, and bought a Sweex SC016 external USB sound card. But even with that I have static noise in headphones. Positioning the USB sound card differently doesn't seem to help. Trying the other analog outputs (e.g., surround) doesn't help. The static noise in all cases is proportional to the volume. I have tried different headphones, but the situation is situation though perhaps the flavour of the static noise changes slightly. So what are my options? a) Get another, more expensive, external USB sound card hoping the quality will improve? b) Get another, more expensive, internal sound card (PCIe 1x perhaps) hoping the quality will improve? c) Get a dedicated DAC box? d) Get some Hi-Fi earphones? Suggestions? tl;dr - Two different sound cards both still have static noise in headphones.

Read the article
How do I know what hardware to buy to meet my needs?

- by Darth Android

While Stack Exchange does not permit shopping recommendations, it doesn't provide any general advice to consider when buying hardware. So, instead of just telling those that ask what to buy that it's not allowed, let's tell them how to figure out what they need. When looking forward to build a computer, how do I know what to buy? How do I find out if a given CPU will be enough for a certain game or application that I want to run? How do I find out if a given graphics card will be enough for a certain game or application? What is important when looking at motherboards? How much memory do I need? How do I know how much wattage I need for a power supply? What size case do I need? What relevant standards do I need to read up on and be aware of? PCI, PCIe, SATA, USB 2.0, USB 3.0, etc... What "gotchas" do I need to be on the lookout for? Please keep responses generation-agnostic to ensure they will be helpful to our future users. :)

Read the article
How to run an application as root without asking for an admin password?

- by kvaruni

I am writing a program in Objective-C (XCode 3.2, on Snow Leopard) that is capable of either selectively blocking certain sites for a duration or only allow certain sites (and thus block all others) for a duration. The reasoning behind this program is rather simple. I tend to get distracted when I have full internet access, but I do need internet access during my working hours to get to a number of work-related websites. Clearly, this is not a permanent block, but only helps me to focus whenever I find myself wandering a bit too much. At the moment, I am using a Unix script that is called via AppleScript to obtain Administrator permissions. It then activates a number of ipfw rules and clears those after a specific duration to restore full internet access. Simple and effective, but since I am running as a standard user, it gets cumbersome to enter my administrator password each and every time I want to go "offline". Furthermore, this is a great opportunity to learn to work with XCode and Objective-C. At the moment, everything works as expected, minus the actual blocking. I can add a number of sites in a list, specify whether or not I want to block or allow these websites and I can "start" the blocking by specifying a time until which I want to stay "offline". However, I find it hard to obtain clear information on how I can run a privileged Unix command from Objective-C. Ideally, I would like to be able to store information with respect to the Administrator account into the Keychain to use these later on, so that I can simply move into "offline" mode with the convenience of clicking a button. Even more ideally, there might be some class in Objective-C with which I can block access to some/all websites for this particular user without needing to rely on privileged Unix commands. A third possibility is in starting this program with root permissions and the reducing the permissions until I need them, but since this is a GUI application that is nested in the menu bar of OS X, the results are rather awkward and getting it to run each and every time with root permission is no easy task. Anyone who can offer me some pointers or advice? Please, no security-warnings, I am fully aware that what I want to do is a potential security threat.

Read the article
Silverlight Control Disable/Remove Events

- by Dave

I have a scenario where a control has an event wired up in XAML, say a Button.Click. Somewhere else in my code, a security check is applied which mean I need to disable said event, but I do not have access to the normal -= syntax to remove it. How else can I remove or disable this event? Thanks, Dave

Read the article
Cisco pix command - whats this command mean?

- by jason clark

Hi, Anyone know what the following means? I have these two lines in our cisco PIX configuration file but have no references to these IP's anywhere else in the config and cant find a device on the network with them. global (inet) 10 213.228.xxx.xx global (inet) 20 213.228.xxx.xx thanks, Jason (BTW: I've xxx'ed out the remainder of the ip for security :-0 )

Read the article
How to use Python to read the physical address(MAC ID) [closed]

- by getjoefree

I want to read the physical address of the NIC model, i can get the results that i want to with SED.EXE before, but SED.EXE does not support my environment but Python ok, who have the means to do it. The general situation (not plug the network cable, it is impossible to obtain IP address): Ethernet adapter: Connection-specific DNS Suffix.: Chianet Description ...........: Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller Physical Address .........: A4-BA-DB-9D-1E-8E Dhcp Enabled ...........: Yes Autoconfiguration Enabled ....: Yes Ethernet adapter 3: Media State . . . . . . . . . . . : Media disconnected Description . . . . . . . . . . . : Dell Wireless 1510 Wireless-N WLAN Mini-Card Physical Address. . . . . . . . . : 00-23-4D-D9-C0-28 The description of the NIC different, we can use this to fetch the corresponding physical address, base on Physical Address does not work, because the computer with the WLAN Card, I want to use Python to read my computer the card information and after Python handles an output file, output file format: SET MAC = A4BADB9D1E8E and sed format: ipconfig -all|sed -nrf getmac.sed | sed -e "s/-//g" > WINMAC.BAT getmac.sed: /Marvell Yukon 88E8040/ { n; s/.*: ([-0-9A-F]+)/set winmac=\1/p; }

Read the article
MVC 2 AntiForgeryToken - Why symmetric encryption + IPrinciple?

- by Brad R

We recently updated our solution to MVC 2, and this has updated the way that the AntiForgeryToken works. Unfortunately this does not fit with our AJAX framework any more. The problem is that MVC 2 now uses symmetric encryption to encode some properties about the user, including the user's Name property (from IPrincipal). We are able to securely register a new user using AJAX, after which subsequent AJAX calls will be invalid as the anti forgery token will change when the user has been granted a new principal. There are also other cases when this may happen, such as a user updating their name etc. My main question is why does MVC 2 even bother using symmetric encryption? Any then why does it care about the user name property on the principal? If my understanding is correct then any random shared secret will do. The basic principle is that the user will be sent a cookie with some specific data (HttpOnly!). This cookie is then required to match a form variable sent back with each request that may have side effects (POST's usually). Since this is only meant to protect from cross site attacks it is easy to craft up a response that would easily pass the test, but only if you had full access to the cookie. Since a cross site attacker is not going to have access to your user cookies you are protected. By using symmetric encryption, what is the advantage in checking the contents of the cookie? That is, if I already have sent an HttpOnly cookie the attacker cannot override it (unless a browser has a major security issue), so why do I then need to check it again? After having a think about it it appears to be one of those 'added layer of security' cases - but if your first line of defence has fallen (HttpOnly) then the attacker is going to get past the second layer anyway as they have full access to the users cookie collection, and could just impersonate them directly, instead of using an indirect XSS/CSRF attack. Of course I could be missing a major issue, but I haven't found it yet. If there are some obvious or subtle issues at play here then I would like to be aware of them.

Read the article
None of usb-controllers are working after a crash

- by Cray

So I have a GA-p35-DS4 mboard with a Q6600, running windows7-x64. After a random crash with a bluescreen (not caused by anything particular as I recall), none of the usb-controllers are working. (And none of the devices connected to those usb ports). All the controllers are showed up in the device manager, but every one has a warning-icon (as they are not functioning properly). The windows identifies them correctly, it shows exactly the model of each controller, and it says that the driver is installed. Now, when I try to reinstall the driver (Update driver menu item in the device manager), it tries to find it, finds the driver, but quits saying that the driver was found but could not be installed. Additionally, it displays "This operation requires an interactive window station", whatever that means... Now get this, the same thing happens with a new pci-usb controller card! It is found (actually each time the machine starts, it is found as new hardware), but trying to install drivers leads nowhere, I am getting the same message about an interactive window station. (tried to install drivers from the acoompanying CD) I have tried deleting those devices from device manager and let windows find them again, but that leads to same results. None of the ports on this extension card work either. This should not be a hardware problem, a usb keyboard connected to the builtin usb controller works in bios, and even in another OS running the same computer (old xp installation) What to do? Will I have to reinstall? Can deleting infcache.1 help? Is there some way to let windows remove all old drivers and try to find all hardware again, this time only looking for drivers on a windows install disk or something?

Read the article
OLEDB connection to Access database using DSN

- by somu

i want oledb connection using Dsn. I used the following code 'Dsn Create dbRegBase.RegisterDatabase("GEMINI", "Microsoft Access Driver (*.mdb)", True,DBQ=D:\Gemini\GEMINI\database\paints_01_2008-2009.mdb Description=Greenchip Technologies ODBC Database File Path OemToAnsi=No UID=admin PWD=XXXXXX conection code Provider=Microsoft.Jet.OLEDB.4.0;DBQ ='GEMINI';Persist Security Info=False;Jet OleDB:Database Password = XXXXXX But Error come error name is "Could not find installable ISAM" what i do . please tell me.

Read the article

< Previous Page | 344 345 346 347 348 349 350 351 352 353 354 355 | Next Page >