Search Results

Search found 22139 results on 886 pages for 'security testing'.

Page 392/886 | < Previous Page | 388 389 390 391 392 393 394 395 396 397 398 399  | Next Page >

• Managing accounts on a private website for a real-life community

  - by Smudge

  Hey Pro Webmasters, I'm looking at setting-up a walled-in website for a real-life community of people, and I was wondering if anyone has any experience with managing member accounts for this kind of thing. Some conditions that must be met: This community has a set list of real-life members, each of whom would be eligible for one account on the website. We don't expect or require that they all sign-up. It is purely opt-in, but we anticipate that many of them would be interested in the services we are setting up. Some of the community members emails are known, but some of them have fallen off the grid over the years, so ideally there would be a way for them to get back in touch with us through the public-facing side of the site. (And we'd want to manually verify the identity of anyone who does so). Their names are known, and for similar projects in the past we have assigned usernames derived from their real-life names. This time, however, we are open to other approaches, such as letting them specify their own username or getting rid of usernames entirely. The specific web technology we will use (e.g. Drupal, Joomla, etc) is not really our concern right now -- I am more interested in how this can be approached in the abstract. Our database already includes the full member roster, so we can email many of them generated links to a page where they can create an account. (And internally we can require that these accounts be paired with a known member). Should we have them specify their own usernames, or are we fine letting them use their registered email address to log-in? Are there any paradigms for walled-in community portals that help address security issues if, for example, one of their email accounts is compromised? We don't anticipate attempted break-ins being much of a threat, because nothing about this community is high-profile, but we do want to address security concerns. In addition, we want to make the sign-up process as painless for the members as possible, especially given the fact that we can't just make sign-ups open to anyone. I'm interested to hear your thoughts and suggestions! Thanks!

  Read the article

• Plug a Hole in Cisco's NetFlow Coverage

  Netflow has changed since Cisco first introduced it. To get the maximum security benefit from this useful protocol, make sure collectors operating on your network are able to collect, analyze and store Flexible NetFlow templates and data.

  Read the article

• Blue Coat Backing Armored Browser

  Networking and security firm offers commercial support for Quaresso, a startup offering a new spin on the armored browser with remote support to shore up the last mile.

  Read the article

• java webservice requires usernametoken over basichttpbinding (3 replies)

  I need to call a Java webservice. I can add a service reference without problems, and I get Intellisense in Visual Studio. However, when I try to call a service method I get an error message saying &quot;Missing (user) Security Information&quot;. I n my code I try to set usercredentials: testWS.WarrantyClaimServiceClient svc new TestClient.testWS.WarrantyClaimServiceClient(); svc.ClientCredentials.UserName....

  Read the article

• CVE-2010-2761 Code Injection Vulnerability in Perl

  - by Umang_D

  CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2010-2761 Improper Control of Generation of Code ('Code Injection') vulnerability 4.3 Perl Solaris 9 Contact Support Solaris 10 SPARC : 146032-05 x86 : 146033-05 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

  Read the article

• Fixing a NoClassDefFoundError

  - by Chris Okyen

  I have some code: package ftc; import java.util.Scanner; public class Fer_To_Cel { public static void main(String[] argv) { // Scanner object to get the temp in degrees Farenheit Scanner keyboard = new Scanner(System.in); boolean isInt = true; // temporarily put as true in case the user enters a valid int the first time int degreesF = 0; // initialy set to 0 do { try { // Input the temperature text. System.out.print("\nPlease enter a temperature (integer number, no fractional part) in degrees Farenheit: "); degreesF = Integer.parseInt(keyboard.next()); // Get user input and Assign the far. temperature variable, which is casted from String to int. } // Let the user know in a user friendly notice that the value entered wasnt an int ( give int value range ) , and then give error log catch(java.lang.Exception e) { System.out.println("Sorry but you entered a non-int value ( needs to be between ( including ) -2,147,483,648 and 2,147,483,647 ).. \n"); e.printStackTrace(); isInt = false; } } while(!isInt); System.out.println(""); // print a new line. final int degreesC = (5*(degreesF-32)/9); // convert the degrees from F to C and store the resulting expression in degreesC // Print out a newline, then print what X degrees F is in Celcius. System.out.println("\n" + degreesF + " degrees Farenheit is " + degreesC + " degrees Celcius"); } } And The following error: C:\Program Files\Java\jdk1.7.0_06\bin>java Fer_To_Cel Exception in thread "main" java.lang.NoClassDefFoundError: Fer_To_Cel (wrong name: ftc/Fer_To_Cel) at java.lang.ClassLoader.defineClass1(Native Method) at java.lang.ClassLoader.defineClass(ClassLoader.java:791) at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:14 at java.net.URLClassLoader.defineClass(URLClassLoader.java:449) at java.net.URLClassLoader.access$100(URLClassLoader.java:71) at java.net.URLClassLoader$1.run(URLClassLoader.java:361) at java.net.URLClassLoader$1.run(URLClassLoader.java:355) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:354) at java.lang.ClassLoader.loadClass(ClassLoader.java:423) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308) at java.lang.ClassLoader.loadClass(ClassLoader.java:356) at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:480) The code compiled without compile errors, but presented errors during execution. Which leads me to two questions. I know Errors can be termed Compiler, Runtime and Logic Errors, but the NoClassDefFoundError inherits java.lang.LinkageError. Does that make it a Linker error, being niether of the three types of errors I listed, If I am right this is the answer. For someone else who obtains the singular .java file and compiles it, would this be the only way to solve this problem? Or can I (should I ) do/have done something to fix this problem? Basically, based on a basis of programming, is this a fault of me as the writer? Could this be done once on, my half and be distributed and not needed be done again?

  Read the article

• Multiple Resource Management Error vulnerabilities in libexpat

  - by chandan

  CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-0876 Resource Management Errors vulnerability 4.3 libexpat Solaris 10 SPARC: 137147-07 X86: 137148-07 Solaris 11 11/11 SRU 11.4 CVE-2012-1148 Resource Management Errors vulnerability 5.0 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

  Read the article

• WebCenter Customer Spotlight: SICE

  - by me

  Author: Peter Reiser - Social Business Evangelist, Oracle WebCenter  Solution SummarySociedad Ibérica de Construcciones Eléctricas, S.A. (SICE) is a Spanish company specializes in engineering and technology integration for intelligent transport systems and environmental control systems. They had a large quantity of engineering and environmental planning documents  which they wanted to manage, classify and integrate with their existing enterprise resource planning (ERP) system. SICE adapted  Oracle WebCenter Content to classify and manage more than 30 different types, defined a security plan to ensure the integrity and recovery of various document types and integrated the document management solution with SICE’s third-party enterprise resource planning (ERP) system. SICE  accelerated time to market for all projects, minimized time required to identify and recover documents  and achieved greater efficiency in all operations. Company Overview Created in 1921, Sociedad Ibérica de Construcciones Eléctricas, S.A. (SICE) currently specializes in engineering and technology integration for intelligent transport systems and environmental control systems. It has more than 2,500 employees, with operations in Spain and various locations in Latin America, the United States, Africa, and Australia. Business Challenges They had a large quantity of engineering and environmental planning documents generated in research and projects which they wanted to manage, classify and integrate with their existing enterprise resource planning (ERP) system. Solution Deployed SICE worked with the Oracle Partner ABAST Solutions to evaluate and choose the best document management system, ultimately selecting Oracle WebCenter Content over other options including  Documentum, SharePoint, OpenText, and Alfresco.They adapted Oracle WebCenter Content to classify and manage more than 30 different types, defined a security plan to ensure the integrity and recovery of various document types and integrated the document management solution  with SICE’s third-party enterprise resource planning (ERP) system to accelerate incorporation with the documentation system and ensure integrity ERP system data. Business Results SICE  accelerated time to market for all projects by releasing reports and information that support and validate engineering projects, stored all documents in a single repository with organizationwide accessibility, minimizing time required to identify and recover documents needed for reports to initiate and execute engineering and building projects. Overall they achieved greater efficiency in all operations, including technical and impact report development and construction documentation management. “The correct and efficient management of information is vital to our environmental management activity. Oracle WebCenter Content  serves as a basis for knowledge management practices, with the objective of adding greater value to everything that we do.” Manuel Delgado, IT Project Engineering, Sociedad Ibérica de Construcciones Eléctricas, S.A Additional Information SICE Customer Snapshot Oracle WebCenter Content

  Read the article

• The Best Articles for Using and Customizing Windows 8

  - by Lori Kaufman

  Now that Windows 8 Enterprise is available to the public as a 90-day evaluation and Windows 8 Pro is available for Microsoft TechNet subscribers, we decided to collect links to the Windows 8 articles we’ve published since the release of the Developer Preview. How To Switch Webmail Providers Without Losing All Your Email How To Force Windows Applications to Use a Specific CPU HTG Explains: Is UPnP a Security Risk?

  Read the article

• What guidelines are best suited for leveraging automatic deployments?

  - by Scott

  We are hoping to leverage a static code analysis tool (Sonar) as part of our continuous integration server, and are hoping to determine some useful guidelines to serve as a base for allowing the deployment to continue. What conditions should we make mandatory before allowing a build to proceed to the next set of testing? The obvious answers include that it compiles and the unit tests are successful. But what are some other things we should require before allowing a build to not be rolled back?

  Read the article

• How to auto-unlock Keyring Manager in 12.10?

  - by Torben Gundtofte-Bruun

  How can I auto-unlock the Keyring Manager in 12.10? This answer for 11.10 doesn't seem to apply because the Keyring Manager looks different in 12.10 so I can't follow the instructions. I have set up my machine to automatically log in to my account. I don't mind the lesser security of having the keyring automatically unlocked. (This is still a home desktop computer of a simple user, not a missile launch system.)

  Read the article

• How to restart colord

  - by Blair Zajac

  A tiff security update came out today for 12.04 and colord is still running with the older shared library # lsof -n | grep DEL | grep /lib colord 3454 colord DEL REG 252,1 3673529 /usr/lib/x86_64-linux-gnu/libtiff.so.4.3.4 Besides restarting the whole system, given there's no /etc/init.d/colord, how do I restart it so it picks up the new libtiff.so.

  Read the article

• How do I maintain a really poorly written code base?

  - by onlineapplab.com

  Recently I got hired to work on existing web application because of NDA I'm not at liberty to disclose any details but this application is working online in sort of a beta testing stage before official launch. We have a few hundred users right now but this number is supposed to significantly increase after official launch. The application is written in PHP (but it is irrelevant to my question) and is running on a dual xeon processor standalone server with severe performance problems. I have seen a lot of bad PHP code but this really sets new standards, especially knowing how much time and money was invested in developing it. it is as badly coded as possible there is PHP, HTML, SQL mixed together and code is repeated whenever it is necessary (especially SQL queries). there are not any functions used, not mentioning any OOP there are four versions of the app (desktop, iPhone, Android + other mobile) each version has pretty much the same functionality but was created by copying the whole code base, so now there are some differences between each version and it is really hard to maintain the database is really badly designed, which is causing severe performance problems also for fixing some errors in PHP code there is a lot of database triggers used which are updating data on SELECT and on INSERT so any testing is a nightmare Basically, any sin of a bad programming you can imagine is there for example it is not only possible to use SQL injections in literally every place but you can log into app if you use a login which doesn't exist and an empty password. The team which created this app is not working on it any more and there is an outsourced team which suggested that there are some problems but was never willing to deal with the elephant in the room partially because they've got a very comfortable contract and partially due to lack of skills (just my opinion). My job was supposed to be fixing some performance problems and extending existing functionality but first thing I was asked to do was a review of the existing code base. I've made my review and it was quite a shock for the management but my conclusions were after some time finally confirmed by other programmers. Management made it clear that it is not possible to start rewriting this app from scratch (which in my opinion should be done). We have to maintain its operable state and at the same time fix performance errors and extend the functionality. My question is, as I don't want just to patch the existing code, how to transform this into properly written app while keeping the existing code working at the same time? My plan is: Unify four existing versions into common code base (fixing only most obvious errors). Redesign db and use triggers to populate it with data (so data will be maintained in two formats at the same time) All new functionality will be written as separate project. Step by step transfer existing functionality into the new project After some time everything will be in the new project Some explanation about #2, right now it is practically impossible to make any updates in existing db any change requires reviewing whole code and making changes in many places. Is such plan feasible at all? Another solution is to walk away and leave the headache to someone else.

  Read the article

• EBS Accounts Payables Customer Advisory

  - by cwarticki

  Blogging to let you know of an important set of Oracle Payables patches that were released for R12.1 customers.  Accounts Payable Customer Advisory: Dear Valued Oracle Support Customer, Since the release of R12.1.3 a number of recommended Payables patches have been made available as standalone patches, to help address important business process incidents. Adoption of these patches is highly recommended. To further facilitate adoption of these Payables patches Oracle has consolidated them into a single Recommended Patch Collection (RPC). The RPC is a collection of recommended Payables patches created with the following goals in mind: Stability: Help address issues that are identified by Oracle Development and Oracle Software Support that may interfere with the normal completion of important business processes such as period close. Root Cause Fixes: Help make available root cause fix for data integrity that may delay period close, normal invoice flow and other business actions. Compact: Keep the file footprint as small as possible to help facilitate the install process and minimize testing. Granular: Collection of patches based on functional area that allows customer to apply, based on their individual needs and goals, all three RPC’s at once or in phases. Payables: -          New AP RPC (14273383:R12.AP.B) has all data corruption root cause fixes known to date plus tons of other crucial fixes (Note: 1397581.1). -          Companion must have RPCs: o   Note: 1481221.1: R12.1: Payments Recommended Patch Collection (IBY RPC), August 2012 o   Note: 1481235.1: R12.1: E-Business Tax Recommended Patch Collection (ZX RPC), August 2012 o   Note: 1481222.1: R12.1: Sub Ledger Accounting (SLA) Recommended Patch Collection (XLA RPC), August 2012 -          This time we beat the system far harder on testing and it held up remarkably well. We could not get any data corruption events in the Invoice Cancel/Discard flow (that is the #1 generator) neither we could cause Orphan Events in the system. Therefore this is very good code. Financials: -          ALL FIN modules now have RPCs: full listing is in (Note: 954704.1)

  Read the article

• Lost Drive Puts National Guard Data at Risk

  Tens of thousands of Arkansas National Guard soldiers became the latest victims of a security breach at a military base after an unencrypted external hard drive was discovered missing last month.

  Read the article

• Hacker vows to fight Sony PS3 update, restore Linux support

  <b>ars Technical:</b> "He praised the hardware for its security, but now that Sony has responded by removing the Linux capabilities of the PlayStation 3 entirely, the hacker has decided to fight back..."

  Read the article

• Should EICAR be updated to test the revision of Antivirus system?

  - by makerofthings7

  I'm posting this here since programmers write viruses, and AV software. They also have the best knowledge of heuristics and how AV systems work (cloaking etc). The EICAR test file was used to functionally test an antivirus system. As it stands today almost every AV system will flag EICAR as being a "test" virus. For more information on this historic test virus please click here. Currently the EICAR test file is only good for testing the presence of an AV solution, but it doesn't check for engine file or DAT file up-to-dateness. In other words, why do a functional test of a system that could have definition files that are more than 10 years old. With the increase of zero day threats it doesn't make much sense to functionally test your system using EICAR. That being said, I think EICAR needs to be updated/modified to be effective test that works in conjunction with an AV management solution. This question is about real world testing, without using live viruses... which is the intent of the original EICAR. That being said I'm proposing a new EICAR file format with the appendage of an XML blob that will conditionally cause the Antivirus engine to respond. X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-EXTENDED-ANTIVIRUS-TEST-FILE!$H+H* <?xml version="1.0"?> <engine-valid-from>2010-1-1Z</engine-valid-from> <signature-valid-from>2010-1-1Z</signature-valid-from> <authkey>MyTestKeyHere</authkey> In this sample, the antivirus engine would only alert on the EICAR file if both the signature or engine file is equal to or newer than the valid-from date. Also there is a passcode that will protect the usage of EICAR to the system administrator. If you have a backgound in "Test Driven Design" TDD for software you may get that all I'm doing is applying the principals of TDD to my infrastructure. Based on your experience and contacts how can I make this idea happen?

  Read the article

• Intel GMA 500 support for 11.10

  - by lucazade

  I would like to know if the new open-source video driver included in kernel 3.0.x for the Intel GMA 500 will be included by default in the kernel that will be shipped in Oneiric Ocelot. The driver support of this GFX chipset has always been poor and mainly community-driven, now finally we have a KMS open-source driver, written by kernel hackers, and actually included in staging kernel repo. If there is any kind of testing needed there is a mega-thread on Ubuntu Forums with hundreds of users ready to test everything.

  Read the article

• Should we use an outside CMS?

  - by SomeKittens

  I work at a web design/development shop. Everything we do is centered around the Joomla! CMS. I'm a bit worried-if anything goes wrong with Joomla (major security flaw revealed, Joomla folds and ceases development) we're sunk. I'm meeting with the CEO to plan the next few steps for our company. Should I recommend that we create our own in-house CMS or am I just being paranoid about a single point of failure?

  Read the article

• What is the canonical resource on multi-tenancy web applications using ruby + rails

  - by AlexC

  What is the canonical resource on multi-tenancy web applications using ruby + rails. There are a number of ways to develop rails apps using cloud capabilities with real elastic properties but there seems to be a lack of clarity with how to achieve multitenancy, specifically at the model / data level. Is there a canonical resource on options to developing multitenancy rails applications with the required characteristics of data seperation, security, concurrency and contention required by an enterprise level cloud application.

  Read the article

• Warning: Why your Internet might fail on May 5

  <b>IT News:</b> "On May 5, the world's top domain authorities (led by ICANN, the US Government and Verisign) will complete the first phase of the roll-out of DNSSEC (Domain Name System Security Extensions) across the 13 root servers that direct user requests to the relevant websites on the internet."

  Read the article

• Warning: Why your Internet might fail on May 5

  <b>IT News:</b> "On May 5, the world's top domain authorities (led by ICANN, the US Government and Verisign) will complete the first phase of the roll-out of DNSSEC (Domain Name System Security Extensions) across the 13 root servers that direct user requests to the relevant websites on the internet."

  Read the article

• Critical Patch Updates During EBS 11i Exception to Sustaining Support Period

  - by Elke Phelps (Oracle Development)

  As previously blogged in the EBS 11i and 12.1 Support Timeline Changes entry, two important changes to the Oracle Lifetime Support policies were announced at Oracle OpenWorld 2012 - San Francisco.  These changes affect E-Business Suite Releases 11i and 12.1. Critical Patch Updates for EBS 11i during the Exception to Sustaining Support Period You may be wondering about the availability of Critical Patch Updates (CPU) for EBS 11i during the Exception to Sustaining Support period.  The following details the E-Business Suite Critical Patch Update support policy for EBS 11i during the Exception to Sustaining Support period: Oracle will continue to provide CPUs containing critical security fixes for E-Business Suite 11i.  CPUs will be packaged and released as as cumulative patches for both ATG RUP 6 and ATG RUP 7. As always, we try to minimize the number of patches and dependencies required for uptake of a CPU; however, there have been quite a few changes to the 11i baseline since its release.  For dependency reasons the 11i CPUs may require a higher number of files in order to bring them up to a consistent, stable, and well tested level. EBS 11i customer will continue to receive CPUs up to and including the October 2014 CPU. Where can I learn more? There are two interlocking policies that affect the E-Business Suite:  Oracle's Lifetime Support policies for each EBS release (timelines which were updated by this announcement), and the Error Correction Support policies (which state the minimum baselines for new patches). For more information about how these policies interact, see: Understanding Support Windows for E-Business Suite Releases What about E-Business Suite technology stack components? Things get more complicated when one considers individual techstack components such as Oracle Forms or the Oracle Database.  To learn more about the interlocking EBS+techstack component support windows, see these two articles: On Apps Tier Patching and Support: A Primer for E-Business Suite Users On Database Patching and Support: A Primer for E-Business Suite Users Where can I learn more about Critical Patch Updates?The Critical Patch Update Advisory is the starting point for relevant information. It includes a list of products affected, pointers to obtain the patches, a summary of the security vulnerabilities, and links to other important documents.  Related Articles EBS 11i and 12.1 Support Timeline Changes Frequently Asked Questions about Latest EBS Support Changes Extended Support Fees Waived for E-Business Suite 11i and 12.0

  Read the article

• How Secure Are Your ID Cards From Counterfeiting

  ID cards are increasingly used by organizations as a key component of their security infrastructure. As such, there is an increasing concern that ID cards are secure so that they can NOT be fraudulen... [Author: Edmond Shi - Computers and Internet - May 23, 2010]

  Read the article

• Download the Hummingbirds Theme for Windows 7

  - by Asian Angel

  Are you looking for a new nature theme for your desktop? Then make your desktop hum with perfection using the Hummingbirds Theme for Windows 7. The theme comes with eleven images featuring the wonderful photographic work of Desiree Skatvold. Download the Hummingbirds Theme [Windows 7 Personalization Gallery] HTG Explains: Is UPnP a Security Risk? How to Monitor and Control Your Children’s Computer Usage on Windows 8 What Happened to Solitaire and Minesweeper in Windows 8?

  Read the article

< Previous Page | 388 389 390 391 392 393 394 395 396 397 398 399  | Next Page >