Search Results

Search found 15415 results on 617 pages for 'security groups'.

Page 358/617 | < Previous Page | 354 355 356 357 358 359 360 361 362 363 364 365 | Next Page >

Creating a secure SQL server login - CHECK_EXPIRATION & CHECK_POLICY

- by cabhilash

In SQL Server you can create users using T-SQL or using the options provided by SQL Server Management Studio. CREATE LOGIN sql_user WITH PASSWORD ='sql_user_password' MUST_CHANGE, DEFAULT_DATABASE = defDB, CHECK_EXPIRATION = ON, CHECK_POLICY = ONAs mentioned in the previous article (http://weblogs.asp.net/cabhilash/archive/2010/04/07/login-failed-for-user-sa-because-the-account-is-currently-locked-out-the-system-administrator-can-unlock-it.aspx) when CHECK_POLICY = ON user account follows the password rules provided in the system on which the SQL server is installed. When MUST_CHANGE keyword is used user is forced to change the password when he/she tries to login for the first time. CHECK_EXPIRATION and CHECK_POLICY are only enforced on Windows Server 2003 and later. If you want to turn off the password expiration enforcement or security policy enforcement, you can do by using the following statements. (But these wont work if you have created your login with MUST_CHANGE and user didn't change the default password) ALTER LOGIN sql_login WITH CHECK_EXPIRATION = OFF go ALTER LOGIN sql_login WITH CHECK_POLICY = OFF

Read the article
How do I resolve "No JSON object could be decoded" on mythbuntu live CD?

- by Neil

I have been running a MythTV frontend on my laptop for some time against a MythTV backend installed in Linux Mint 12 on another computer, and everything works fine. Now, I'm trying out the Mythbuntu Live CD (12.04.1 32-bit) on the laptop, to turn it into a dedicated front end. It's connecting to the network just fine, and I can see my server. When I click on the frontend icon on the desktop, it asks me for the security code, which I've verified against mythtv-setup on the server. However, when I test that code, it shows the error message "No JSON object could be decoded". I've looked in the control center to see if there's something else I should be setting up. The message above implies to me that it can't find the server, but I can find no place in the control center to tell it where to find my myth backend, which I find a little odd. Does the live CD not work against a backend server on another machine?

Read the article
Are you ready for the needed changes to your Supply Chain for 2013?

- by Stephen Slade

With the initiation of the Dodd-Frank Act, companies need to determine if their products contain 'conflict materials' from certain global markets as the Rep of Congo. The materials include metals such as gold, tin, tungsten and tantalum. Compaines with global sourcing face new disclosure requirements in Feb'13 related to business being done in Iran. Public companies are required to disclose to U.S. security regulators if they or their affiliates are engaged in business in Iran either directly or indirectly. Is your supply chain compliant? Do you have sourcing reports to validate? Where are the materials in your chips & circuit boards coming from? In the next few weeks, responsible companies will be scrutinizing their supply chains, subs, JVs, and affiliates to search for exposure. Source: Brian Lane, Atty at Gibson Dunn Crutcher, as printed in the WSJ Tues, Dec 11, 2012 p.B8

Read the article
running jar in a terminal using axis2

- by Emilio

I'm trying to run in the command line a java application distributed in a jar file. It call an axis2 web service, so the jar contains a /axis2client directory with rampart.mar security module. It works fine while I run it in netbeans, but it throws an exception if I try to run it in a terminal using this command: java -jar myfile.jar The Exception: org.apache.axis2.AxisFault: invalid url: //file:/home/xxx/Desktop/myfile.jar!/axis2client/ (java.net.MalformedURLException: no protocol: //file:/home/xxx/Desktop/myfile.jar) As you can see, it's trying to use the /axis2client directory inside the jar, as when I run it in Netbeans, but It fails with a MalformedURLException. I think it's something about the protocol 'file:', probably '//file:/' must be 'file:///'. The problem is that I cannot change this call to the directory because the method that loads the /axis2client directory it's not mine, it's from another library that use my project and include all the axis2 support. So, any idea?? Thanks in advance lads!

Read the article
OOW Session: Trends in Identity Management

- by B Shashikumar

In his Identity Management address today, Amit Jasuja - VP of Oracle Identity Management and Security Products, will discuss several key identity management trends and showcase how innovation is the key driver behind Oracle’s latest Identity Management 11gR2 release. This session will focus on how the latest 11gR2 release of Oracle Identity Management addresses emerging identity management requirements for mobile, social, and cloud computing. It also explores how existing Oracle Identity Management customers are simplifying implementations and reducing total cost of ownership. When: Monday, October 1, at 10:45 a.m., Where: Moscone West L3, room 3003, (session ID# CON9405) For a complete listing of all identity management sessions, hands-on labs, and more, check out the Focus on Identity Management now.

Read the article
Creating a remote management interface

- by Johnny Mopp

I'm looking for info on creating a remote management interface for our software. This is not anything illicit. Our software is for live TV production and once they go on-air we can't access the PC (usually through LogMeIn). I would like to be able to upload/download files and issue commands to our software. The commands would be software specific like "load this file" or "run this script" or "return this value" etc. A socket connection is preferred but the problem is most of our PCs are behind firewalls and NAT servers. I'm not sure where to start. I think HTTP tunneling is the way to go but am wondering if there are other options or recommendations. Also, assume our clients are not willing to open up ports for security reasons. Thanks.

Read the article
AWS EC2 Oracle RDB connection to Oracle Database Instance

- by llaszews

Provisioning my Oracle database instance to AWS EC2 RDB was easy. Just a few clicks! However, getting my connection to my Oracle cloud database was not as easy. A couple things that are not obvious (using Oracle SQL Developer): 1. Need to set up a database security group. 2. Need to use end point for the host name. This video is the best one on the internet to explain both points: http://www.youtube.com/watch?v=ocFURuX0eEw

Read the article
CVE-2014-0591 Buffer Errors vulnerability in Bind

- by Ritwik Ghoshal

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2014-0591 Buffer Errors vulnerability 2.6 Bind Solaris 10 Patches planned but not yet available Solaris 11.1 11.1.19.6.0 Solaris 8 Patches planned but not yet available Solaris 9 Patches planned but not yet available Please Note: The patches mentioned above will upgrade Bind to 9.6-ESV-R11. The fix for CVE-2014-0591 was initially distributed via 9.6-ESV-R10-P2 as described at our previous blog post. This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
Synaptic returns error

- by donvoldy666

I get the following error message when I run synaptic and I can't install any programs SystemError: W:Ignoring file 'getdeb.list.bck' in directory '/etc/apt/sources.list.d/' as it has an invalid filename extension, W:Duplicate sources.list entry 'http://extras.ubuntu.com/ubuntu/ precise/main i386 Packages (/var/lib/apt/lists/extras.ubuntu.com_ubuntu_dists_precise_main_binary-i386_Packages), W:Duplicate sources.list entry 'http://extras.ubuntu.com/ubuntu/ ' precise/main i386 Packages (/var/lib/apt/lists/extras.ubuntu.com_ubuntu_dists_precise_main_binary-i386_Packages), W:Duplicate sources.list entry 'http://extras.ubuntu.com/ubuntu/ precise/main i386 Packages (/var/lib/apt/lists/extras.ubuntu.com_ubuntu_dists_precise_main_binary-i386_Packages), W:Duplicate sources.list entry ' 'http://extras.ubuntu.com/ubuntu'/ precise/main i386 Packages (/var/lib/apt/lists/extras.ubuntu.com_ubuntu_dists_precise_main_binary-i386_Packages), W:Duplicate sources.list entry' 'http://extras.ubuntu.com/ubuntu/ precise/main i386 Packages (/var/lib/apt/lists/extras.ubuntu.com_ubuntu_dists_precise_main_binary-i386_Packages), W:Duplicate sources.list entry 'http://extras.ubuntu.com/ubuntu/ precise/main i386 Packages (/var/lib/apt/lists/extras.ubuntu.com_ubuntu_dists_precise_main_binary-i386_Packages), W:Duplicate sources.list entry 'http://ppa.launchpad.net/ubuntu-mozilla-security/ppa/ubuntu/ precise/main i386 Packages (/var/lib/apt/lists/ppa.launchpad.net_ubuntu-mozilla-security_ppa_ubuntu_dists_precise_main_binary-i386_Packages), E:Encountered a section with no Package: header, E:Problem with MergeList /var/lib/apt/lists/packages.rssowl.org_ubuntu_dists_precise_main_i18n_Translation-en, E:The package lists or status file could not be parsed or opened. I'm new to Linux so please help me out .

Read the article
Failed update of Ubuntu 10.10 results in unbootable system

- by chessweb

Hi, yesterday I performed an automatic security update suggested by the update manager on my virtualized (with VirtualBox on a Windows 7 host) Ubuntu 10.10 installation. The update somehow failed and left me with an unbootable system. When I try to boot, I am told that various folders, files, and what not are missing. Then the system drops into a busybox and leaves me with an (initramfs) prompt. This happens with all kernels I get offered by GRUB, although the error messages are quite different from kernel to kernel. Well, the short of it is this: I don't have the slightest idea on how to get back to a working system and this site is the final straw I'm willing to grab. A complete disaster like this following an update initiated and executed by the system is unheard of in Windows-land; at least I haven't heard of it, yet, and therefore I am going to abandon Ubuntu and Linux altogeteher, if there is no remedy. Regards, RSel

Read the article
IPSec Offload support in 82576GB controller for Linux

- by Rodrigo Leal

Due to migration of servers to cloud computing, we bought several NICs that support mechanisms like SRIOV and VMDQ. Furthermore, as security risk was also a concern and we did not want to create more overhead on the processor, IPSec Offload support was essential. The model chosen was: Intel Gigabit ET2 Quad Port Svr Adptr. (With 82576GB controller): http://ark.intel.com/products/49187/intel-gigabit-et2-quad-port-server-adapter However, we were unable to configure IPSec Offload on Linux. We tried to test on another server we have, a Windows Server 2012 R2, but again without success. It seems that the driver for this controller is not available for windows server 2012 R2, and Linux. The test on windows would be only for verification purposes, we will not use this platform. Could someone confirm this lack of support for Linux?

Read the article
apt-get update bzip2 errors

- by Tejas Kale

I installed Ubuntu 11.10 today on my Lenovo w500. After that when i tried running sudo apt-get update This is the error i am getting. Get:117 http://ftp.jaist.ac.jp oneiric-security/universe TranslationIndex [73 B] 99% [48 Sources bzip2 0 B] [22 Sources bzip2 5,294 kB] 1,983 kB/s 0s bzip2: Compressed file ends unexpectedly; perhaps it is corrupted? *Possible* reason follows. bzip2: Inappropriate ioctl for device Input file = (stdin), output file = (stdout) It is possible that the compressed file(s) have become corrupted. You can use the -tvv option to test integrity of such files. You can use the `bzip2recover' program to attempt to recover data from undamaged sections of corrupted files. I found the following similar question : Errors while updating Ubuntu 11.10 , But the solutions mentioned ( changing the download server, running apt-get clean, apt-get autoclean) and have also tried removing the /var/cache/apt/archives/lists direcotry. As a result of this, I am unable to install any new packages.

Read the article
"AND Operator" in PAM

- by d_inevitable

I need to prevent users from authenticating through Kerberos when the encrypted /home/users has not yet been mounted. (This is to avoid corrupting the ecryptfs mountpoint) Currently I have these lines in /etc/pam.d/common-auth: auth required pam_group.so use_first_pass auth [success=2 default=ignore] pam_krb5.so minimum_uid=1000 try_first_pass auth [success=1 default=ignore] pam_unix.so nullok_secure try_first_pass I am planning to use pam_exec.so to execute a script that will exit 1 if the ecyptfs mounts are not ready yet. Doing this: auth required pam_exec.so /etc/security/check_ecryptfs will lock me out for good if ecryptfs for some reason fails. In such case I would like to at least be able to login with a local (non-kerberos) user to fix the issue. Is there some sort of AND-Operator in which I can say that login through kerberos+ldap is only sufficient if both kerberos authentication and the ecryptfs mount has succeeded?

Read the article
Cant access ephemeral storage on Amazon ubuntu instance

- by matt burns

I want to utilise my ephemeral storage as mentioned in this question but I seem to be falling at the first hurdle. I can't even see /mnt: ~$ df -ah Filesystem Size Used Avail Use% Mounted on /dev/xvda1 8.0G 855M 6.8G 12% / proc 0 0 0 - /proc sysfs 0 0 0 - /sys none 0 0 0 - /sys/fs/fuse/connections none 0 0 0 - /sys/kernel/debug none 0 0 0 - /sys/kernel/security udev 288M 8.0K 288M 1% /dev devpts 0 0 0 - /dev/pts tmpfs 119M 152K 118M 1% /run none 5.0M 0 5.0M 0% /run/lock none 296M 0 296M 0% /run/shm This is from a vanilla instance of an ubuntu AMI (12.04-amd64-server-20120424 ami-a29943cb) I'm not bothered about resizing the partition, I just want to be able to use the space for writing temp files.

Read the article
Software center not opening

- by kishore kumar

$ software-center 2012-09-07 18:45:04,349 - softwarecenter.fixme - WARNING - logs to the root logger: '('/usr/lib/python2.7/dist-packages/dbus/proxies.py', 410, '_introspect_error_handler')' 2012-09-07 18:45:04,349 - dbus.proxies - ERROR - Introspect error on :1.128:/com/ubuntu/Softwarecenter: dbus.exceptions.DBusException: org.freedesktop.DBus.Error.NoReply: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken. 2012-09-07 18:45:29,406 - softwarecenter.ui.gtk3.app - INFO - setting up proxy 'None' 2012-09-07 18:45:29,409 - softwarecenter.db.database - INFO - open() database: path=None use_axi=True use_agent=True 2012-09-07 18:45:29,822 - softwarecenter.backend.reviews - WARNING - Could not get usefulness from server, no username in config file 2012-09-07 18:45:29,973 - softwarecenter.ui.gtk3.app - INFO - show_available_packages: search_text is '', app is None. 2012-09-07 18:45:29,991 - softwarecenter.db.pkginfo_impl.aptcache - INFO - aptcache.open() Killed

Read the article
Wireless not working, no driver showing in the Additional Drivers window

- by edit lopez

I am a new user of Ubuntu. I have a Asus Q501L laptop that came preinstalled with Windows 8, but I wanted to move from Windows and try something new, so I just decided to install Ubuntu without thinking to much about it. The problem I have is that I can't install the additional drivers. When I go to to Additional Drivers nothing appears, it just says: no proprietary drivers are in use and in small letters continues: a proprietary driver has private code that Ubuntu developers can't review and improve. security and others updates are dependent on drivers vendor.. I can't even use the wireless connection. I really don't know what to do. I tried to download the drivers from Asus, but when I tried to install them it said: an error occurred while loading the archive. Also I don't know the model of the PC wireless card. If there is something I can do to find out that please tell me. Thanks!

Read the article
Controllers in CodeIgniter

- by Dileep Dil

I little bit new to the CodeIgniter framework and this is my first project with this framework. During a chat on StackOverflow somebody said that we need to make controllers tiny as possible. Currently I have a default controller named home with 1332 lines of codes (and increasing) and a model named Profunction with 1356 lines of codes (and increasing). The controller class have about 46 functions on it and also with model class. I thought that Codeigniter can handle large Controllers or Models well, is there any problem/performance issue/security issues regarding this?

Read the article
MySQL vs. SQL Server Go daddy, What is the difference bewteen hosted DB and App_Data Db

- by Nate Gates

I'm using Goddady for site hosting, and I'm currently using MySQL, because there are less limits on size,etc. My question is what is the difference between using a hosted Godaddy Db such as MySQL vs. creating a SQL Serverdatabase in the the App_Data folder? My guess is security? Would it be a bad idea to use a SQL ServerDB thats located in the App_Data folder? Additional Well I am able to create a .mdf (SQL Server DB file) in the App_Data folder, but I'm really unsure if should use that or not, If I did use it it would simplify using some of the Microsoft tools. Like I said my guess is that it would be less secure, but I don't really know. I know I have a 10gb, file system limit, so I'm assuming my db would have to share that space.

Read the article
Setting up Oracle Linux 6 with public-yum for all updates

- by wcoekaer

I just wanted to give you a quick example on how to get started with Oracle Linux 6 and start using the updates we published on http://public-yum.oracle.com. Download Oracle Linux (without the requirement of a support subscription) from http://edelivery.oracle.com/linux. Install Oracle Linux from the ISO or DVD image Log in as user root Download the yum repo file from http://public-yum.oracle.com # cd /etc/yum.repos.d # wget http://public-yum.oracle.com/public-yum-ol6.repo If you want, you can edit the repo file and enable other repositories, I enabled [ol6_UEK_latest] by just setting enabled=1 in the file with a text editor. Run yum repolist to show the registered channels and you see we are including everything including the latest published RPMs. Now you can just run yum update and any time we release new security errata or bugfix errata for OL6, they will be posted and you will automatically get them. It's very easy, very convenient and actually very cool. We do a lot more than just build OL RPMs and distribute them, we have a very comprehensive test farm where we test the packages extensively.

Read the article
How to create an Access database by using ADOX and Visual C# .NET

- by SAMIR BHOGAYTA

Build an Access Database 1. Open a new Visual C# .NET console application. 2. In Solution Explorer, right-click the References node and select Add Reference. 3. On the COM tab, select Microsoft ADO Ext. 2.7 for DDL and Security, click Select to add it to the Selected Components, and then click OK. 4. Delete all of the code from the code window for Class1.cs. 5. Paste the following code into the code window: using System; using ADOX; private void btnCreate_Click(object sender, EventArgs e) { ADOX.CatalogClass cat = new ADOX.CatalogClass(); cat.Create("Provider=Microsoft.Jet.OLEDB.4.0;" +"Data Source=D:\\NewMDB.mdb;" +"Jet OLEDB:Engine Type=5"); MessageBox.Show("Database Created Successfully"); cat = null; }

Read the article
How To Switch Webmail Providers Without Losing All Your Email

- by Chris Hoffman

Do you use a webmail service you’re unhappy with because it’s where all your email is? There’s good news – you can easily switch, without losing your old email and contacts and without missing email sent to your old address. This guide will help you switch to a shiny new webmail service. The exact ways to switch between email services will differ depending on which webmail provider you’re using. We’ll be focusing on three of the most popular services here: Gmail, Outlook.com (Hotmail), and Yahoo! Mail. How To Switch Webmail Providers Without Losing All Your Email How To Force Windows Applications to Use a Specific CPU HTG Explains: Is UPnP a Security Risk?

Read the article
Larry Ellison Unveils Oracle Database In-Memory

- by jgelhaus

A Breakthrough Technology, Which Turns the Promise of Real-Time into a Reality Oracle Database In-Memory delivers leading-edge in-memory performance without the need to restrict functionality or accept compromises, complexity and risk. Deploying Oracle Database In-Memory with virtually any existing Oracle Database compatible application is as easy as flipping a switch--no application changes are required. It is fully integrated with Oracle Database's scale-up, scale-out, storage tiering, availability and security technologies making it the most industrial-strength offering in the industry. Learn More Read the Press Release Get Product Details View the Webcast On-Demand Replay Follow the conversation #DB12c #OracleDBIM

Read the article
Handling packet impersonating in client-server model online game

- by TheDespite

I am designing a server-client model game library/engine. How do I, and should I even bother to handle frequent update packet possible impersonating? In my current design anyone could copy a packet from someone else and modify it to execute any non-critical action for another client. I am currently compressing all datagrams so that adds just a tad of security. Edit: One way I thought about was to send a unique "key" to the verified client every x_time and then the client has to add that to all of it's update packets until a new key is sent. Edit2: I should have mentioned that I am not concerned about whether the actions described in the packet are available to the client at the time, this is all checked by the server which I thought was obvious. I am only concerned about someone sending packets for another client.

Read the article
What should be included in risk management section of software's architecture documentation?

- by Limbo Exile

I am going to develop a Java application (a Spring Web application that will be used to extract data from various data sources) and I want to include risk management of the software in the architecture documentation. By risk management (I am not sure if this is the right name) I mean documenting possibilities of what can go wrong with the software and what to do in those cases. At first I tried to draft some lists, including things like database performance decrease, change of external components that the software interacts with, security breaches etc. But as I am not an experienced developer I cannot rely on those drafts, I don't think they are exhaustive. I searched web hoping to find something similar to the Joel Test or to find any other resource that will cite the most popular causes of problems that should be included and analyzed in risk management documentation, but I haven't found much. Finally, my question is: What should be included in risk management section of software's architecture documentation?

Read the article
Running a webbrowser on the screen saver or login screen.

- by Erik Johansson

I would really like people to beable to use my locked computer to surf, so I would like some way to run a browser on login screen. So can I make GDM run firefox in some way? It would be cooler if I could have a browser as a screensaver, but that seems a bit harder. Please ignore all the security problems with this, if you let someone use your computer you have lost that race anyways. Though of course it would be nice to have a browser running as another user.

Read the article

< Previous Page | 354 355 356 357 358 359 360 361 362 363 364 365 | Next Page >