Search Results

Search found 25872 results on 1035 pages for 'document security'.

Page 486/1035 | < Previous Page | 482 483 484 485 486 487 488 489 490 491 492 493 | Next Page >

Regulating outgoing traffic on ubuntu VM

- by DazSlayer

I am making a virtual network setup for my high school cybersecurity team to practice. I am connecting all the VMs together through a VPN and then people who are practicing will VPN in and ssh/remote desktop into the different VMs. The problem is that for practicing, they will need root access into the VMs and because the VMs are connecting to my personal network, the VMs pose a security risk to my personal network. Is there any way in either VMWare or VirtualBox or even making an unchangeable iptable (I can make all the windows VMs go thru a linux VM) to prevent people from connecting to my local network via the VM?

Read the article
Climbing the hacker ladder

- by cobie

This is not a question in which I am asking for opinions rather I am asking for first hand experience. I have been programming in python for quite a while and I feel solid enough in python programming. I can come up with algorithms for problems and implement them but I somehow feel I am stuck with remaining an apprentice. What are some first hand experiences on how to climb up the ladder and become better at programming as in learning about browsers security, compilers etc. Personal experiences would be valued in responses.

Read the article
Can realtek 8192cu usb wireless card be used in ubuntu 12.04 with kernel 3.2.0?

- by waterloo2005

I do like the post RTL8188CUS Wireless USB Dongle doesn't work unless I disable wireless security . But when I plug my 8192cu usb wireless card, my computer screen is off. At that time I even can not use Alt SysRq k or Alt SysRq + reisub. I compile the latest driver of 8192cu on ubuntu 12.04 with kernel 3.2.0-34. In RealTek site, I download 8192cu drive which is for Linux Kernel 2.6.18~2.6.38 and Kernel 3.0.8. But now in Ubuntu12.04 my kernel is 3.2.0-34. Every time I plug the usb 8192cu wireless card my system halts. Now I try to blacklist both the system's rtl8192cu driver and the new 8192cu driver I compile, but the system still halts when I plug the usb driver. What about you ? Thanks!

Read the article
Speaking in Omaha: December 7, 2011

- by Bill Graziano

I’m presenting in Omaha on Writing Faster SQL at 6PM on December 7th. You can find meeting details on the Omaha SQL Server User Group page. The meeting location requires an RSVP so building security has a list of attendees. The presentation is a series of suggestions on improving performance. It ranges from simple things like comparing indexed columns to scalar values up to tips for reducing query compiles and asynchronous processing patterns. Nearly all of these come from specific issues I’ve encountered working on poorly performing SQL Servers.

Read the article
My Oracle Support Accreditation for Database and Enterprise Manager

- by A. G.

Have you actively used My Oracle Support for 6-9 months? Take your expertise to the next level—become accredited! By completing the accreditation learning series, you can increase your proficiency with My Oracle Support’s core functions and build skills to help you leverage Oracle solutions, tools, and knowledge that enable productivity. Accreditation learning paths are available for Oracle Database and Enterprise Manager, which focus on product-specific best practices, recommendations, and tool enablement—up leveling your capabilities with these Oracle products. Course topics include: Oracle Database Staying informed Install Patching Upgrade Performance Security Scalability Enterprise Manager Staying informed Supportability Certification Patching Upgrade Performance Diagnostic Tools Troubleshooting Visit the My Oracle Support Accreditation Index and get started with the Level 1 My Oracle Support Accreditation path and product-specific Level 2 learning paths for Oracle Database and Enterprise Manager.

Read the article
Package version updates policy

- by Sandman4

Not sure if here it's the right place to ask, if not - please point me to the right direction. Let's say there's a package, for the sake of real-world example - bind9. In Precise and in Quantal it's version 9.8.1. The original developer (ISC) currently provide versions 9.8.4 which is a bugfix release in the 9.8 line, and 9.9.2 which is a "new features" branch. It looks like when a security issue is encountered, the specific bugfix is backported into 9.8.1. Now the question: Why maintainers don't just update to the latest bugfix release ? Why to backport only certain patches ? Is it intentionally or just there's no maintaner who would take the effort to update to the latest bugfix release ?

Read the article
Hands-on GlassFish FREE Course covering Deployment, Class Loading, Clustering, etc.

- by arungupta

René van Wijk, an Oracle ACE Director and a prolific blogger at middlewaremagic.com has shared contents of a FREE hands-on course on GlassFish. The course provides an introduction to GlassFish internals, JVM tuning, Deployment, Class Loading, Security, Resource Configuration, and Clustering. The self-paced hands-on instructions guide through the process of installing, configuring, deploying, tuning and other aspects of application development and deployment on GlassFish. The complete course material is available here. This course can also be taken as a paid instructor-led course. The attendees will get their own VM and will have plenty of time for Q&A and discussions. Register for this paid course. Oracle Education also offers a similar paid course on Oracle GlassFish Server 3.1: Administration and Deployment.

Read the article
Multiple vulnerabilities in Firefox web browser

- by chandan

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-0451 Improper Control of Generation of Code ('Code Injection') vulnerability 4.3 Firefox web browser Solaris 11 11/11 SRU 8.5 CVE-2012-0455 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3 CVE-2012-0456 Information Exposure vulnerability 5.0 CVE-2012-0457 Resource Management Errors vulnerability 9.3 CVE-2012-0458 Permissions, Privileges, and Access Controls vulnerability 6.8 CVE-2012-0459 Permissions, Privileges, and Access Controls vulnerability 7.5 CVE-2012-0460 Permissions, Privileges, and Access Controls vulnerability 6.4 CVE-2012-0461 Denial of Service (DoS) vulnerability 7.5 CVE-2012-0462 Denial of Service (DoS) vulnerability 7.5 CVE-2012-0464 Resource Management Errors vulnerability 7.5 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
How to switch from Apache 2.0 Handler to FastCGI on Ubuntu Zend Server?

- by amoooc

I can't deploy/manage my Joomla websites On Ubuntu 12.04 Zend Server PHP 5.3.14 due to permissions during Joomla installation/J! extensions installation. All files are unwriteable. Only CHMOD 777 will help but of course it's not resolving the problem due to security issues. I think it's because cgi-fcgi is not shipped with Zend Server (only with Zend Server for Windows) Or maybe there is different solution how to make it work? PHP info on Ubuntu Zend Server Server API: Apache 2.0 Handler PHP Version 5.3.14 Zend Server Community Edition 5.6.0 Server Software Apache/2.2.22 (Ubuntu) Zend Framework 1.12.0 I'm already asked similar question here, but unfortunately without solution yet so Ubuntu Community please advice. I would be grateful for any help. Cheers

Read the article
Android : Facebook collecte vos numéros de téléphone sans votre permission, Norton l'a classé parmi les applications à risque sur la plateforme

Android : L'application Facebook collecte vos numéros sans votre permission Norton l'a classée parmi les applications à risque sur la plateformeMobile Insight, le nouvel outil d'analyse de risque embarqué dans la mise à jour de Norton Mobile Security sur Android, a marqué d'un drapeau l'application Facebook sur Android. La raison est que l'application envoie automatiquement le numéro de téléphone de l'utilisateur vers les serveurs de Facebook.L'éditeur Symantec va plus loin dans son explication en révélant que l'envoi du numéro de téléphone se fait au premier lancement de l'application, « même avant que vous ne vous connectiez à votre compte Facebook. Vous n'avez pas besoin de fournir votre numéro, de v...

Read the article
How to make safe and secure forms in asp.net MVC 3

- by anirudha

the asp.net application need all kind of security. unsecure forms may be influence by XSS [cross site scripting] there is some way to solve these type of problem in MVC. first sollution is that use <%= Html.AntiForgeryToken() %> for make secure from cross site scripting. it’s work by machine key in MVC. well you can valid them whenever you got respond from client. you can apply by this attribute on action you give the response behalf of form submission [ValidateAntiForgeryToken] you can secondly use authorize attribute where you can make own definition of authorize attribute in asp.net mvc for more info read david’s post well I am use my own custom attribute who use a different type of authorization :- the who controller use a attribute I put their and the attribute I put their have a logic and logic check the cookie in request who make sure that request they got from user.

Read the article
Multiple vulnerabilities in Thunderbird

- by chandan

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-0451 Improper Control of Generation of Code ('Code Injection') vulnerability 4.3 Thunderbird Solaris 11 11/11 SRU 8.5 CVE-2012-0455 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3 CVE-2012-0456 Information Exposure vulnerability 5.0 CVE-2012-0457 Resource Management Errors vulnerability 9.3 CVE-2012-0458 Permissions, Privileges, and Access Controls vulnerability 6.8 CVE-2012-0459 Permissions, Privileges, and Access Controls vulnerability 7.5 CVE-2012-0460 Permissions, Privileges, and Access Controls vulnerability 6.4 CVE-2012-0461 Denial of Service (DoS) vulnerability 7.5 CVE-2012-0462 Denial of Service (DoS) vulnerability 7.5 CVE-2012-0464 Resource Management Errors vulnerability 7.5 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
Credit Card Payment Processing which APIs do you use?

- by user3330840

It's for a Point of Sale Terminal where the customer will bring the physical credit card and it will be swiped through the terminal. The business has a merchant account on some banks. So, how do I start accepting credit cards in my app? The credit cards that needs to be accepted include: visa, master-card, amex, discover. Which APIs do I need to use? The programming language doesn't matter it can be in any programming languages Java/C#/C++/Python or anything. Will there be a single API or multiple APIs that need to be integrated? (I know some about PCI compliance and security encryption)

Read the article
Public JCP EC Meeting on 10 June

- by Heather VanCura

The next JCP EC Meeting is open to the public! We hope you will join us on Tuesday, 10 June at 08:00 AM PDT. Agenda includes a discussion on the latest JCP.Next news--JSR 364, Broadening JCP Membership. We hope you will join us, but if you cannot attend, the recording and materials will also be public on the JCP.org multimedia page. Meeting details below. ------------------------------------------------------- Topic: Public EC Meeting Date: Tuesday, June 10, 2014 Time: 8:00 am, Pacific Daylight Time (San Francisco, GMT-07:00) Meeting Number: 807 111 580 Meeting Password: 6893 ------------------------------------------------------- To start or join the online meeting ------------------------------------------------------- Go to https://jcp.webex.com/ ------------------------------------------------------- Audio conference information ------------------------------------------------------- +1 (866) 682-4770 (US) Conference code: 5731908 Security code: 6893 Global access numbers

Read the article
Windows Telephone Scam Continues to Circulate

Microsoft addressed the scam via a blog post during the middle of last year. Cyberthieves call homes in English-speaking countries after finding their phone numbers in telephone directories. The callers usually identify themselves as engineers from Windows Support or other legitimate-sounding organizations. They claim that your computer has been sending error messages and may have been compromised. To fix the problem, they offer a free security check. Despite being detected last year, this particular scam is still making the rounds. A recent article by news channel ABC 15 out of Arizona r...

Read the article
https (SSL) instead of http

- by user1332729

I am building myself a new website, out of privacy and security concerns I am contemplating trying to make it https only. It will be mobile-friendly using media queries but I am concerned--especially for mobile users--about the increased bandwidth. How much will doing so increase my bandwidth or slow load times? For pages where I'm not transferring sensitive information, should I leave external links (to a jQuery library, or a web font for instance) in http? Simply put, I have read articles saying the entire web would be more secure if everything was SSL but my actual knowledge of implementation is limited to payment gateways and log-in pages and such. I apologize for the open-ended nature of the question but anything, even just simple answers to the specific questions is welcomed.

Read the article
New perspectives in a SPARC/virtualization/cloud session at the Oracle OpenWorld

- by Karoly Vegh

Attending Oracle OpenWorld? You definitely should. If you do, come see me at the "Breakthrough in Private Cloud Management on SPARC T-Series Servers" session on Wednesday at 11:45 in Moscone South 270, the right session to get the consolidation discussion running at lunch :) I am of course going to talk about Oracle VM for SPARC (former LDoms), the performance overhead impact of virtualization, the importance of data security in the cloud, instance separation and the open potentials of verified platform and cost savings. For more details: https://oracleus.activeevents.com/connect/sessionDetail.ww?SESSION_ID=2590 See you there!

Read the article
New Development Snapshot

A fairly massive set of changes this time, mostly around .NET 4.0 suport and IKVM.Reflection fixes. Targetting .NET 4.0 Please note that the work isn't done yet (in particular, I haven't checked in all the changes required for the .NET 4.0 security model), but it is now possible to build assemblies with ikvmc that target and reference .NET 4.0 while running ikvmc on the .NET 2.0 runtime. C:\jikvmc test.class -nostdlib -lib:\windows\microsoft.net\framework\v4.0.30319 ...Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

Read the article
Introducing Next-Generation Enterprise Auditing and Database Firewall Platform Webcast, 12/12/12

- by Troy Kitch

Join us, December 12 at 10am PT/1pm ET, to hear about a new Oracle product that monitors Oracle and non-Oracle database traffic, detects unauthorized activity including SQL injection attacks, and blocks internal and external threats from reaching the database. In addition, this new product collects and consolidates audit data from databases, operating systems, directories, and any custom template-defined source into a centralized, secure warehouse. This new enterprise security monitoring and auditing platform allows organizations to quickly detect and respond to threats with powerful real-time policy analysis, alerting and reporting capabilities. Based on proven SQL grammar analysis that ensures accuracy, performance, and scalability, organizations can deploy with confidence in any mode. You will also hear how organizations such as TransUnion Interactive and SquareTwo Financial rely on Oracle today to monitor and secure their Oracle and non-Oracle database environments. Register for the webcast here.

Read the article
Are there good replacements for client-side java in web programming? [closed]

- by varesa

Now since the latest java exploit, and many others in the past, people are again recommended to get rid of java on their computers for good. I, as a java web applications developer, am think about possible alternatives. Many seem to have gotten rid of java, so I would not like to develop for an environmet, that users do not have on their computers, and that they are not willing to install for security reasons. Are there any other real options that HTML5 + JS? (Don't take me wrong about not wanting HTML5+JS, I just want to know the options)

Read the article
Proxy Client for Ubuntu

- by WindowsEscapist

I want to use a proxy for web browsing similar to Ultrasurf for Windows. I've tried to use TOR, but it isn't working! The problem is whenever I search something along the lines of "ubuntu + linux proxy", sites assume that I want to set up a proxy server rather than use one. I just want something with little to no configuration needed (i.e. I don't have my own proxy server). UltraSurf is a free software which enables users inside countries with heavy Internet censorship to visit any public web sites in the world safely and freely. Users in countries without internet censorship also use it to protect their internet privacy and security.

Read the article
StreamInsight will not push feature releases through Microsoft Update going forward

- by Roman Schindlauer

Until now, we've released StreamInsight through the Microsoft Download Center, and also released it out through Microsoft Update. Going forward, we will only release new StreamInsight versions through the Microsoft Download Center and only use MU to release service packs and security fixes (should any be needed). As a result of this decision, we are pulling off the recent StreamInsight 2.1 release from MU; this release is still available in Download Center. Don’t worry: there’s nothing wrong with the versions we’ve shipped in MU, we’ve just adjusted how we use MU. There is no action necessary from our customers as a result of this change, and we are not rolling back any changes to your current installation, so if you have installed StreamInsight 2.1 recently through the Microsoft Update, they will still work fine. Regards, The StreamInsight Team

Read the article
Startup value for Win7

- by Mike

Problem at a glance: For Win 7, Ubuntu One changes the startup value to enabled whenever I run it More Details: If I change the startup value in: Control Panel System and Security Administrative Tools System Configuration Startup to disabled for Ubuntu One (since I don't want it to start when I log on), it succesfully stops Ubuntu One from starting at logon However, if I start the Ubuntu One manually, it changes the above startup value to enabled. Is there a way to prevent Ubuntu One from changing its startup value? I want it to stay disabled. I haven't found anything relevant in Ubuntu One's settings dialog.

Read the article
How can I remove bluetooth-applet in 11.10?

- by dunderhead

I tried adding rfkill block bluetooth to /etc/rc.local. This did not work. I tried adding both blacklist bluetooth and blacklist btusb to etc/modprobe.d/blacklist.conf. This did not work. So I went to Synaptic to remove it altogether, but when I marked bluez for removal it said it was going to also remove gnome-shell as well! So naturally I didn't do that. (Is it sane to run a potential security problem like bluetooth by default? And why is something like that so tightly integrated into Gnome shell?) Can anyone tell me how to get rid of this annoying and unnecessary process?

Read the article
Alternatives to OAuth?

- by sdolgy

The Web industry is shifting / has shifted towards using OAuth when extending API services to external consumers & developers. There is some elegance in simple....and well, the 3-step OAuth process isn't too bad ... i just find it is the best of a bad bunch of options. Are there alternatives out there that could be better, and more secure? The security reference is derived from the following URLs: http://www.infoq.com/news/2010/09/oauth2-bad-for-web http://hueniverse.com/2010/09/oauth-2-0-without-signatures-is-bad-for-the-web/

Read the article

< Previous Page | 482 483 484 485 486 487 488 489 490 491 492 493 | Next Page >