Search Results

Search found 28693 results on 1148 pages for 'oracle advanced security'.

Page 360/1148 | < Previous Page | 356 357 358 359 360 361 362 363 364 365 366 367 | Next Page >

eSTEP TechCast - June 2014 Material available

- by uwes

Dear Partners,We would like to extend our sincere thanks to those of you who attended our TechCast on "Solaris 11.2 Beta - What's New!".The materials (presentation, replay) from the TechCast are now available for all of you via our eSTEP portal. You will need to provide your email address and the pin below to access the downloads. Link to the portal is shown below.URL: http://launch.oracle.com/PIN: eSTEP_2011The material can be found under tab eSTEP TechCast. Feel free to explore also the other delivered TechCasts and more useful information under the Download and Links tab. Any feedback is appreciated to help us improve the service and information we deliver.Thanks and best regards,Partner Systems Enablement EMEA

Read the article
How to hide process arguments from other users?

- by poolie

A while ago, I used to use the grsecurity kernel patches, which had an option to hide process arguments from other non-root users. Basically this just made /proc/*/cmdline be mode 0600, and ps handles that properly by showing that the process exists but not its arguments. This is kind of nice if someone on a multiuser machine is running say vi christmas-presents.txt, to use the canonical example. Is there any supported way to do this in Ubuntu, other than by installing a new kernel? (I'm familiar with the technique that lets individual programs alter their argv, but most programs don't do that and anyhow it is racy. This stackoverflow user seems to be asking the same question, but actually just seems very confused.)

Read the article
Moving between sites using SAML

- by System Down

I'm tasked with developing an SSO system, and was guided towards using the SAML spec. After some research I think understand the interaction between a Service Provider and an ID Provider and how a user's identity is confirmed. But what happens when I redirect the user to another Service Provider? How do I ascertain the user's identity there? Do I send his SAML assertion tokens along with the redirect request? Or does the second Service Provider need to contact the ID Provider all over again?

Read the article
How to enable home directory encryption for a particular user?

- by Ivan

I prefer to have a dedicated "administrator" user for technical purposes and that was one I've set up during installation. I've also refused to encrypt the home folder of the user. Now, as I've added a user account for my actual work usage I want my (but not the "administrator") home folder to be encrypted. How to turn this on? If it is not possible then how to enable encryption for all users home directories on a system already installed? I've found questions and answers about how to disable it but am not sure how to enable it.

Read the article
Approach to Authenticate Clients to TCP Server

- by dab

I'm writing a Server/Client application where clients will connect to the server. What I want to do, is make sure that the client connecting to the server is actually using my protocol and I can "trust" the data being sent from the client to the server. What I thought about doing is creating a sort of hash on the client's machine that follows a particular algorithm. What I did in a previous version was took their IP address, the client version, and a few other attributes of the client and sent it as a calculated hash to the server, who then took their IP, and the version of the protocol the client claimed to be using, and calculated that number to see if they matched. This works ok until you get clients that connect from within a router environment where their internal IP is different from their external IP. My fix for this was to pass the client's internal IP used to calculate this hash with the authentication protocol. My fear is this approach is not secure enough. Since I'm passing the data used to create the "auth hash". Here's an example of what I'm talking about: Client IP: 192.168.1.10, Version: 2.4.5.2 hash = 2*4*5*1 * (1+9+2) * (1+6+8) * (1) * (1+0) Client Connects to Server client sends: auth hash ip version Server calculates that info, and accepts or denies the hash. Before I go and come up with another algorithm to prove a client can provide data a server (or use this existing algorithm), I was wondering if there are any existing, proven, and secure systems out there for generating a hash that both sides can generate with general knowledge. The server won't know about the client until the very first connection is established. The protocol's intent is to manage a network of clients who will be contributing data to the server periodically. New clients will be added simply by connecting the client to the server and "registering" with the server. So a client connects to the server for the first time, and registers their info (mac address or some other kind of unique computer identifier), then when they connect again, the server will recognize that client as a previous person and associate them with their data in the database.

Read the article
Master Data Management - The Trend Towards Multi-Domain and Other Realities

- by Mala Narasimharajan

In my quest to keep my fingers on the pulse of MDM, I recently found a pretty interesting article. The article was published in Information Week and provides some interesting statistics from a recent survey conducted by the analyst firm, The Information Difference. Let's take a look: Of the 130 organizations surveyed, 53% have live operational MDM implementations 81% of those with live operational MDM implementations report broad success - a huge improvement over 2011's 54% 64% developed a business case prior to their MDM deployment, while a daring 32% went ahead without a business case. The article goes on to talk about the shift in vendors from focusing on customer data and product information management to one that is oriented around multi-domain master data management as well as other realities around MDM. Take a look at the article. For more information on Oracle's master data management suite, click here.

Read the article
Where Was That Session Again??? - PartnerNetwork Exchange Room Maps

- by Get_Specialized!

So as I was preparing my session schedule I was trying to visually picture where the Partner Exchange sessions at at Oracle OpenWorld 2012 were. So I've placed them in my blog as a handy resource once I was onsite. Possibly a few partners will also find them handy. Sunday the PartnerExchange keynote is in Moscone North Hall D. Afterwards you will find PartnerExchange tracks in Moscone South Hall. And then on Monday through Thursday there are PartnerExchange session tracks at the Marriott Marquis.

Read the article
Techniques to prevent non-official clients in network gaming?

- by UpTheCreek

In multi-player network games, what techniques exist to try to ensure that users are connecting with the official client application, and not some hacked client app? I realise there is probably no sure-fire way to do this, but rather I'm interested in techniques that can be employed to mitigate the problem. I'm especially interested in any techniques that can be used for web based games, but I imagine most can be applied generally. Thank you!

Read the article
eSTEP TechCast - October 2012 Material available

- by uwes

Dear Partners,We would like to extend our sincere thanks to those of you who attended our TechCast on "An Update on OVM Server for SPARC". The materials (presentation, replay) from the TechCast are now available for all of you via our eSTEP portal. You will need to provide your email address and the pin below to access the downloads. Link to the portal is shown below.URL: http://launch.oracle.com/PIN: eSTEP_2011The downloads can be found under tab Events --> TechCast.Feel free to explore also the other delivered TechCasts and more useful information under the Download and Links tab. Any feedback is appreciated to help us improve the service and information we deliver.Thanks and best regards,Partner HW Enablement EMEA

Read the article
Why do password strength requirements exist? [migrated]

- by Bozho

Password strength is now everything, and they force you to come up with passwords with digits, special characters, upper-case letters and whatnot. Apart from being a usability nightmare (even I as a developer hate it when a website requires a complex password), what are the actual benefits of having strong passwords (for website authentication)? Here are the prerequisites of a system that handles authentication properly: store passwords using bcrypt (or at least use salt+hash) - hard-to-impossible to find the original password when an attacker gets the database lock subsequent password attempts with a growing cooldown - no brute-force via the site

Read the article
SQL to XML open data and NIEM training video posted

- by drrwebber

Learn how to build a working XML query/response system with SQL database accessing and XML components from example NIEM schema and dictionary. Software development practitioners, business analysts and managers will find the materials accessible and valuable in showing the decision making processes that go into constructing a working XML exchange. The 22 minute video available online shows how to build a fully working ULEXS-SR exchange using a Vehicle license search example. Also included are aspects of NIEM training for assembling an IEPD schema with data models. Materials are focused on practical implementers, after viewing the instruction material you can use the open source tools and apply to your own SQL to XML use cases and information exchange projects. All the SQL and XML code, editor tools, dictionary and instructions that accompany the tutorial video are also available for download so you can try everything yourself. See http://www.youtube.com/user/TheCameditor to run the video. And the open source project web site (sponsored by Oracle) contains all the resources, downloads and supplemental materials. Enjoy.

Read the article
New and Improved Patch for FRM-40654 Errors in Purchase Orders and Requisitions

- by user793044

Development has modified the code in purchase orders and requisition forms to prevent error FRM-40654 when there are trailing spaces in the tables for most of the fields. After applying the patch, the form will still display the error but a requery will allow you to save the transaction. For the scenarios not covered in the fix, the FND log will now display the specific field that causes the error. This an example of the FND log for one document where the note_to_vendor has trailing spaces: Form note_to_vendor oldvalue Database note_to_vendor newvalue Failed first if statement when comparing fields FRM-40654: Record has been updated. Requery block to see change. This new patch includes the fix in Patch 14204845:"In Oracle Purchasing, leading or trailing spaces in po lines data was resulting in errors". For more information on FRM-40654 errors see the patching section of Note 1203796.1. Be proactive and apply Patch 14479586:R12.PO.B for 12.1.3 or Patch 14569747 for 11.5.10 now!

Read the article
Botnet Malware Sleeps Eight Months Activation, Child Concerns

Daily Safety Check experts used a computer forensic analysis of a significant botnet that consisted of Carberp and SpyEye malware to come up with the details for their report. The analysis found that the botnet profiled the behavior of the slave computers it infected, similar to surveillance techniques used by law enforcement agencies, for an average of eight months. During the eight months, the botnet analyzed each computer's users and assigned ratings to certain activities to form a complete profile for each. Doing so allowed those behind the scheme to determine which were the most favora...

Read the article
How safe is ubuntu?

- by VJo

Last week I started desktop sharing using krfb. Since I continue last session, this program keep on starting again. Two days ago I noticed messages poping up saying something like "rejecting uninvited connection from (some ip)", but today I figured it might be because of this and I was right. The krfb was running in the background. Hence the question. How safe is ubuntu? Should I expect someone to connect to my computer and erase everything I got on disk? EDIT To extend my question : how safe it is comparing to other OSs (windows, mac,...)? How safe it is comparing to other distros?

Read the article
How do web servers enforce the same-origin policy?

- by BBnyc

I'm diving deeper into developing RESTful APIs and have so far worked with a few different frameworks to achieve this. Of course I've run into the same-origin policy, and now I'm wondering how web servers (rather than web browsers) enforce it. From what I understand, some enforcing seems to happen on the browser's end (e.g., honoring a Access-Control-Allow-Origin header received from a server). But what about the server? For example, let's say a web server is hosting a Javascript web app that accesses an API, also hosted on that server. I assume that server would enforce the same-origin policy --- so that only the javascript that is hosted on that server would be allowed to access the API. This would prevent someone else from writing a javascript client for that API and hosting it on another site, right? So how would a web server be able to stop a malicious client that would try to make AJAX requests to its api endpoints while claiming to be running javascript that originated from that same web server? What's the way most popular servers (Apache, nginx) protect against this kind of attack? Or is my understanding of this somehow off the mark? Or is the cross-origin policy only enforced on the client end?

Read the article
Avira Software Update Mistakenly Disabled Windows PCs

While Avira currently holds the number two ranking in terms of usage amongst antivirus manufacturers worldwide, its latest slipup will likely put a dent in its reputation. The problem with the latest service pack can be pinpointed to ProActiv, a program that monitors for any suspicious events that could lead to infection or attack. Users who applied the updates noticed that ProActiv was preventing their systems from booting, as critical Windows files could not run. Others also reported that ProActiv was blocking all .exe, or executable files, in Windows, making it impossible to launch appl...

Read the article
Is it possible to configure Ubuntu as a software firewall?

- by user3215

I have some systems running on Ubuntu in the private IP range 192.168.2.0-255 . These systems are connected to a switch and the switch is connected to the ISP's modem. Neither the switch nor the modem support firewall options. I don't have any firewall device and I'm not willing to individually configure firewalls on all the systems (via gui/iptables). Is it possible to make an Ubuntu system into something like a software firewall, so that all the traffic/packets sent to or from the WAN(internet) would be allowed/denied based on its firewall rules?

Read the article
eSTEP TechCast - November 2013 Material available

- by uwes

Dear Partners,We would like to extend our sincere thanks to those of you who attended our TechCast on "The Operational Management benefits of Engineered Systems". The materials (presentation, replay) from the TechCast are now available for all of you via our eSTEP portal. You will need to provide your email address and the pin below to access the downloads. Link to the portal is shown below.URL: http://launch.oracle.com/PIN: eSTEP_2011The material can be found under tab eSTEP TechCast. Feel free to explore also the other delivered TechCasts and more useful information under the Download and Links tab. Any feedback is appreciated to help us improve the service and information we deliver.Thanks and best regards,Partner HW Enablement EMEA

Read the article
Microsoft Offers Cheap Windows 8 Upgrade

Though the software giant hasn't answered all of the questions, Computerworld collected many of them in one place and included the answers. You can also visit Microsoft's blog post for the details. Starting at general availability, if your PC is running Windows XP, Windows Vista, or Windows 7 you will qualify to download an upgrade to Windows 8 Pro for just $39.99 in 131 markets. And if you want, you can add Windows Media Center for free through the 'add features' option within Windows 8 Pro after your upgrade, the Microsoft blog post helpfully states. If you choose to upgrade, the Windows 8...

Read the article
secure offline PC storage accessible through javascript

- by turbo2oh

I'm attempting to build a browser-based HTML5 application that has the ability to store data locally on a PC (not mobile device) when offline. This data is sensitive and must be secure. Of course the trick is trying to find a way to be able to access the secure data with Javascript. I've ruled out browser local storage since its not secure. Could this be accomplished with a local database? If so, where could the DB credentials be stored? Javascript obviously doesn't seem like a good option to store them since its user-readable.

Read the article
Cannot remove script virus in Ubuntu [duplicate]

- by Daniel Yunus

This question already has an answer here: Should I be worried about a possible threat? 2 answers After I scan via clamav/clamtk, I found 1 possible threat that I cannot remove/quarantine. How to remove virus? Or Is this false positive? /usr/lib/ruby/1.9.1/rdoc/generator/template/darkfish/js/thickbox-compressed.js PUA.Script.Packed-1

Read the article
Microsoft Launches Outlook.com

Microsoft announced the news in its Outlook blog, calling the new service modern email for the next billion mailboxes. The company is touting a fresh, clean user interface with fewer pixels in the header and no display ads; it should work well on portable devices. Another key point: it uses Exchange ActiveSync to synchronize your mail, calendar and social experience across your smartphone, tablet and desktop computer. Perhaps the biggest advance, though, is that Microsoft is connecting the email service to Facebook, Twitter, LinkedIn, Google; Skype will be part of this list, too, though i...

Read the article
Microsoft Unveils Xbox SmartGlass

SmartGlass won't be available to consumers until the fall, and if the reviews of the feature's capability are any indication, it's going to feel like a very long wait. SmartGlass lets you switch from watching something on your TV to watching it on your tablet or smartphone, and vice versa. But that's only the beginning. SmartGlass also lets developers turn smartphones and tablets into Xbox 360 controllers. Thus, if you're playing a sports-based game with your friends, you can enter your strategic plays into your smartphone, so he can't tell what your team is about to do. Or, with a baseball ga...

Read the article
Will using HTTPS hurt my site's SEO or other statistics?

- by yannbane

I've set up a WordPress blog. Since I have to log into it from many different locations/machines, I've also got an SSL certificate, and set up Apache to redirect HTTP to HTTPS. It all works, but I'm wondering whether that's an overkill. Since most people who go to my site don't have to log in, I'm starting to wonder whether HTTPS has some drawbacks. If so, should I look for a way to make HTTPS optional?

Read the article
Log of data transfer and copied from Ubuntu

- by Gaurav_Java

Yesterday my friend ask me for some files i told him that take it from my system i don't see . what extra files or data he take from my system . I was thinking is here any application or method which shows what data is copied to which USB (if name available then shows name or otherwise device id ). and what data is beign copied to ubuntu machine . It is some like history of USB and System data . i think this feature is in KDE this will really useful in may ways. it provides real time and monitoring utility to monitor USB mass storage devices activities on any machine .

Read the article

< Previous Page | 356 357 358 359 360 361 362 363 364 365 366 367 | Next Page >