Search Results

Search found 30819 results on 1233 pages for 'software security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 851/1233 | < Previous Page | 847 848 849 850 851 852 853 854 855 856 857 858  | Next Page >

  • Scheduled task username changed

    - by Ernst
    Hi, I created a user on our exchange server, but later changed the username. Now, when I create a scheduled task for that user, and change it's settings (run only when logged on), the username is automatically changed back to the old username. What's causing this and how do I make sure the correct, new username is used for the task (otherwise it won't run), security settings are okay. I did already log in with a different user to delete the profile on the computer and tried again with this user to no avail. The OS is windows xp, the exchange server is on windows server 2003. Thanks

    Read the article

  • [ASP.NET] Problems with error: "Access to the path <path> is denied."

    - by Tony
    Hi, I was looking for the the trick to resolve that error (google, stackoverflow.com etc) and every nothing works. I need to dinamically create an .aspx file via the asp.net application. What I've done to try fix it: 1) In the folder's Properties - Security, I've added IUSR_TONY and also IIS_IUSRS and allow them the Full control to the folder. Just to check if that will help. Nope, it won't. 2) in the IIS Manager, I tried to change the Application's Pool Defaults Identity (based on that) I checked all options, with no success I don't know what to do more to fix it. Any ideas ?

    Read the article

  • For Loop help In a Hash Cracker Homework.

    - by aaron burns
    On the homework I am working on we are making a hash cracker. I am implementing it so as to have my cracker. java call worker.java. Worker.java implements Runnable. Worker is to take the start and end of a list of char, the hash it is to crack, and the max length of the password that made the hash. I know I want to do a loop in run() BUT I cannot think of how I would do it so it would go to the given max pasword length. I have posted the code I have so far. Any directions or areas I should look into.... I thought there was a way to do this with a certain way to write the loop but I don't know or can't find the correct syntax. Oh.. also. In main I divide up so x amount of threads can be chosen and I know that as of write now it only works for an even number of the 40 possible char given. package HashCracker; import java.util.*; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; public class Cracker { // Array of chars used to produce strings public static final char[] CHARS = "abcdefghijklmnopqrstuvwxyz0123456789.,-!".toCharArray(); public static final int numOfChar=40; /* Given a byte[] array, produces a hex String, such as "234a6f". with 2 chars for each byte in the array. (provided code) */ public static String hexToString(byte[] bytes) { StringBuffer buff = new StringBuffer(); for (int i=0; i<bytes.length; i++) { int val = bytes[i]; val = val & 0xff; // remove higher bits, sign if (val<16) buff.append('0'); // leading 0 buff.append(Integer.toString(val, 16)); } return buff.toString(); } /* Given a string of hex byte values such as "24a26f", creates a byte[] array of those values, one byte value -128..127 for each 2 chars. (provided code) */ public static byte[] hexToArray(String hex) { byte[] result = new byte[hex.length()/2]; for (int i=0; i<hex.length(); i+=2) { result[i/2] = (byte) Integer.parseInt(hex.substring(i, i+2), 16); } return result; } public static void main(String args[]) throws NoSuchAlgorithmException { if(args.length==1)//Hash Maker { //create a byte array , meassage digestand put password into it //and get out a hash value printed to the screen using provided methods. byte[] myByteArray=args[0].getBytes(); MessageDigest hasher=MessageDigest.getInstance("SHA-1"); hasher.update(myByteArray); byte[] digestedByte=hasher.digest(); String hashValue=Cracker.hexToString(digestedByte); System.out.println(hashValue); } else//Hash Cracker { ArrayList<Thread> myRunnables=new ArrayList<Thread>(); int numOfThreads = Integer.parseInt(args[2]); int charPerThread=Cracker.numOfChar/numOfThreads; int start=0; int end=charPerThread-1; for(int i=0; i<numOfThreads; i++) { //creates, stores and starts threads. Runnable tempWorker=new Worker(start, end, args[1], Integer.parseInt(args[1])); Thread temp=new Thread(tempWorker); myRunnables.add(temp); temp.start(); start=end+1; end=end+charPerThread; } } } import java.util.*; public class Worker implements Runnable{ private int charStart; private int charEnd; private String Hash2Crack; private int maxLength; public Worker(int start, int end, String hashValue, int maxPWlength) { charStart=start; charEnd=end; Hash2Crack=hashValue; maxLength=maxPWlength; } public void run() { byte[] myHash2Crack_=Cracker.hexToArray(Hash2Crack); for(int i=charStart; i<charEnd+1; i++) { Cracker.numOfChar[i]////// this is where I am stuck. } } }

    Read the article

  • Check for Existence of a Result in Linq-to-xml

    - by NateD
    I'm using Linq-to-XML to do a simple "is this user registered" check (no security here, just making a list of registered users for a desktop app). How do I handle the result from a query like this: var people = from person in currentDoc.Descendants("Users") where (string)person.Element("User") == searchBox.Text select person; I understand the most common way to use the result would be something like foreach (var line in people){ //do something here } but what do you do if person comes back empty, which is what would happen if the person isn't registered? I've looked around on this site and on MSDN and haven't found a really clear answer yet. Extra credit: Give a good explanation of what people contains.

    Read the article

  • Apache 13 permission denied in user's home directory

    - by Dave
    Hi, My friend's website was working fine until he moved the document root from /var/www/xxx to /home/user/xxx Apache give 13 permission denied error messages when we try to access the site via a web browser. The site is configured as a virtual directory. All the Apache configurations were unchanged (except for the directory change). We tried to chmod 777 /home/user/xxx, chown apache /home/user/xxx. But they didn't work. Is there some kind of security feature set on the user's home directories? The server OS is CentOS (Godaddy VPS). Any help is appreciated! Thanks!

    Read the article

  • Displaying Powerpoint slides on a web page automatically

    - by Jamie
    Anyone know of any Flash components that would do the job of displaying an external PPT/PPTX file in a Flash movie on a web page? Or a way of automatically parsing uploaded Powerpoint docs from a PHP-based CMS and displaying them on a web page. Our client needs to be able to upload a Powerpoint documents on their site without any intervention (if necessary). I know about Slideshare and the like, but the content needs to live on the client's web server due to security restrictions. Also, Adobe Presenter seems to require Adobe software/plugins on the clients machine which wouldn't be ideal. Thanks in advance

    Read the article

  • AesCryptoServiceProvider not part of SymmetricAlgorithm?

    - by user330006
    I have a quick little app that steps through the possible symmetric encryption methods. I get them with the following line: private static List<Type> GetAlgorithmTypes { get { return Assembly.GetAssembly(typeof(SymmetricAlgorithm)).GetTypes().Where( type => type.IsSubclassOf(typeof(SymmetricAlgorithm))).ToList(); } } As you can see when i run this, AesCryptoServiceProvider is not a member of this group, even though it inherits from AES, which does belong to SymmetricAlgorithm and shows up in my list. This wouldn't be so much of a problem, i can manually add the provider in the group if i have too, but then if i try to retrieve this type by its name: Type t = Type.GetType("System.Security.Cryptography.AesCryptoServiceProvider"); i get a null object for AesCryptoServiceProvider, but not for any of the other items in the group. This is really strange, and i'm wondering if anyone has any ideas. It's kinda making me need to use tripleDES because of this (since my machines are all running the FIPS compliance requirement). Thanks for any help!

    Read the article

  • Trouble getting Flash socket policy file to work.

    - by Alex
    Basically I'm using Flash to connect to a Java server. Despite my Java application replying to the , in the Flash debug log it lists (not sure about the order as there are lots): * Security Sandbox Violation * Connection to 192.168.1.86:4049 halted - not permitted from http://127.0.0.1:8888/Current/wander.swf Warning: Timeout on xmlsocket://192.168.1.86:4049 (at 3 seconds) while waiting for socket policy file. This should not cause any problems, but see http://www.adobe.com/go/strict_policy_files for an explanation. Error: Request for resource at xmlsocket://192.168.1.86:4049 by requestor from http://127.0.0.1:8888/Current/wander.swf is denied due to lack of policy file permissions. What I don't understand is, the server (port 4049) receives the request, outputs the policy file and then closes the connection, surely it shouldn't time out? The policy file I'm using is: <?xml version="1.0"?> <cross-domain-policy><allow-access-from domain="*" to-ports="*" /> </cross-domain-policy>

    Read the article

  • Storing script files outside web root

    - by memilanuk
    I've seen recommendations to store some or all php include files some place other than in the web document root directory (username/public_html in my case) for the specific reason of protecting php files with sensitive information (like database connection and login info) in the event that the web server hiccups and stops protecting php files and they become 'visible' to outsiders who know where to look. It seems somewhat paranoid to me, but I'm guessing people have gotten burned badly on this before so I'm willing to go along. The suggestion usually takes the form of having the include files in something like '../include_files/' so its not directly in the document root and not directly accessible to outsiders through the web server. My question is this: is there a significant difference in security between that way and just putting your 'include_files' directory under the document root and sticking an .htaccess file in there (with the appropriate entries)? Would putting an .htaccess file in '../include_files/' make any significant improvement there? TIA, Monte

    Read the article

  • Why isn't UTF-8 allowed as the "ANSI" code page?

    - by dan04
    The Windows _setmbcp function allows any valid code page... (except UTF-7 and UTF-8, which are not supported) OK, not supporting UTF-7 makes sense: Characters have non-unique representations and that introduces complexity and security risks. But why not UTF-8? As I understand it, the "ANSI" versions of the Windows API functions convert their arguments to UTF-16, call the equivalent "W" function, and convert any strings in the output to "ANSI". This is what I've been doing manually. So why can't Windows do it for me?

    Read the article

  • accessing pdf via https URL

    - by Paul
    I send out a newsletter email containing URLs to a https website that then redirects to a pdf document. On first invocation of a URL the user is prompted with the typical https browser "security alert" popup, on selecting "Yes" the display of the PDF fails. The HTTP Header on the failed response is: HTTP/1.1 200 OK Server: ECS/HTTP-Server Date: Tue, 16 Mar 2010 15:57:26 GMT Content-type: application/pdf Content-language: en-US Set-cookie: JSESSIONID=0000r111cRz1Vc-PtCJg8Cdu4eR:-1; Path=/ Expires: Thu, 01 Dec 1994 16:00:00 GMT Cache-control: no-cache="set-cookie, set-cookie2" Connection: close Subsequent invocations of the URL successfully opens the PDF (at this point we have the session id cookie set by the initial failed request). The HTTP Header on the successful response is: HTTP/1.1 200 OK Server: ECS/HTTP-Server Date: Tue, 16 Mar 2010 16:53:03 GMT Content-type: application/pdf Content-language: en-US Connection: close The email client is Lotus Notes 6.5 which launches an IE6 browser Any ideas?

    Read the article

  • Why is this not a bug in qmail?

    - by jemfinch
    I was reading DJB's "Some thoughts on security after ten years of Qmail 1.0" and he listed this function for moving a file descriptor: int fd_move(to,from) int to; int from; { if (to == from) return 0; if (fd_copy(to,from) == -1) return -1; close(from); return 0; } It occurred to me that this code does not check the return value of close, so I read the man page for close(2), and it seems it can fail with EINTR, in which case the appropriate behavior would seem to be to call close again with the same argument. Since this code was written by someone with far more experience than I in both C and UNIX, and additionally has stood unchanged in qmail for over a decade, I assume there must be some nuance that I'm missing that makes this code correct. Can anyone explain that nuance to me?

    Read the article

  • Execute Oracle RAC cluster commands via Solaris RBAC?

    - by David Citron
    Executing Oracle RAC cluster management commands such as $ORA_CRS_HOME/bin/crs_start requires root permissions. Using Solaris RBAC (Role-Based Access Control), one can give a non-root user permissions to execute those commands, but the commands still fail internally. Example: $pfexec /opt/11.1.0/crs/bin/crs_stop SomeArg CRS-0259: Owner of the resource does not belong to the group. Is there a complete RBAC solution for Oracle RAC or does the executor need to be root? EDIT: Note that my original /etc/security/exec_attr contained: MyProfile:suser:cmd:::/opt/11.1.0/crs/bin/crs_start:uid=0 MyProfile:suser:cmd:::/opt/11.1.0/crs/bin/crs_start.bin:uid=0 As Martin suggests below, this needed to be changed to add gid=0 as: MyProfile:suser:cmd:::/opt/11.1.0/crs/bin/crs_start:uid=0;gid=0 MyProfile:suser:cmd:::/opt/11.1.0/crs/bin/crs_start.bin:uid=0;gid=0

    Read the article

  • Grails deploy on Tomcat6

    - by Jack
    Hello, while trying to deploy a Grails application into tomcat6 I ran into some problems: I used the grails war command to build up a war, then copied it to var/lib/tomcat6/webapps and tried to restart the container. I had to change default Tomcat policy to skip security exceptions, since I couldn't access environment variable (like grails.env), then tried again but it gives me an exception related to instantiating something, but it's not clear where should I try to fix the error, according to tomcat6 logs the problem is: SEVERE: Exception sending context initialized event to listener instance of class org.codehaus.groovy.grails.web.context.GrailsC$ org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'pluginManager' defined in ServletContext$ at java.lang.Thread.run(Thread.java:619) Caused by: org.codehaus.groovy.grails.exceptions.NewInstanceCreationException: Could not create a new instance of class [Hiberna$ ... 1 more Caused by: java.lang.NoClassDefFoundError: org.hibernate.cfg.Environment It seems like it's unable to load org.hibernate.cfg.Environment class. I checked the applicationContext.xml and it refers to grails.xml to search for plugins, in this last file I actually have HibernateGrailsPlugin. Where should I look to find if the plugin is present?

    Read the article

  • Prepend 'www' to an HTTPS url using .htaccess & mod_rewrite

    - by webfac
    I have a dilemma with this one. With the following code I am able to force SSL on any non SSL url, however when the user (and results from Google) take the user to http://mysite.co.za then we hit an issue as the url is then rewritten to https://mysite.co.za Due to the fact that my certificate is bound to www.mysite.co.za it immediately throws a security error because of the missing 'www' in the url. Can someone point out a way to add the www to the domain when the domain starts with HTTPS and not HTTP? Much appreciated. And the current code to add the https:// is as follows: RewriteCond %{HTTP_HOST} !^www\. RewriteCond %{HTTPS}s ^on(s)| RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    Read the article

  • URL encoded POST bad practice?

    - by StackedCrooked
    I am (just for fun) trying to implement a High Score web-service. I would like it be compatible with REST principles. I want to be able to add a new highscore using url parameters like this http://mydomain.com/hs/add&name=John&score=987. According to REST this must be done using a POST request. Which leads to empty POST request with all data contained in the URL parameters. Would this be considered a bad practice? Update Security is currently not a big concern.

    Read the article

  • Postback problem downloading zip file

    - by Chris Conway
    I've got a problem on a webforms application where a user selects some criteria from dropdowns on the page and hits a button on the page which calls this method: protected void btnSearch_Click(object sender, EventArgs e) They then click on button to download a zip file based on the criteria which calls this method: protected void btnDownload_Click(object sender, EventArgs e) In IE, they are prompted with the bar at the top of the browser that tells them "To help protect your security, Internet Explorer blocked this site from downloading files to your computer". When they click on that bar to download the file, it fires the btnSearch_Click event again. Response.ContentType and Response.AddHeader has been set up correctly. The problem is, that btnSearch appends criteria so basically it is being appended twice and causing problems. Is there something I can do to prevent this? This is a vs2008 web app using c# 3.5 for what it's worth. Thanks!

    Read the article

  • What are the main benefits of implementing a virtual machine as part of an application?

    - by Marplesoft
    Several databases I've been looking at recently implement a virtual machine internally to perform the respective data reads and writes. For an example, check out this article on SQLite's virtual machine they call the 'VDBE'. I'm curious as to what the benefits of such an architecture are. I would assume performance is one but why would a virtual machine like this run faster? In fact, it seems to be that this extra layer could cause it to run slower. So perhaps it's for security? Or portability? Anyway, just curious about this.

    Read the article

  • How to Canonicalize a Stax XML object.

    - by Enrique San Martín
    Hello, i want to Canonicalize a Stax object, the program it's doing it with DOM, but dom can't manage big XML documents (like 1GB), so STAX it's the solution. The Code that i have it's: File file=new File("big-1gb.xml"); org.apache.xml.security.Init.init(); DocumentBuilderFactory dfactory = DocumentBuilderFactory.newInstance(); DocumentBuilder documentBuilder = dfactory.newDocumentBuilder(); Document doc = documentBuilder.parse(file); Canonicalizer c14n = Canonicalizer.getInstance("http://www.w3.org/TR/2001/REC-xml-c14n-20010315"); outputBytes = c14n.canonicalizeSubtree(doc.getElementsByTagName("SomeTag").item(0)); The idea it's do the code below with Stax... Thx :)

    Read the article

  • F# Interactive bug?

    - by John Reynolds
    I've tried the following code in VS2010: open System.Security.Cryptography let rsaTest1 = let ecKey = [|0uy..143uy|] // junk data for testing let ecKeyMod = ecKey.[8..8+128-1] let ecKeyExp = ecKey.[136..136+8-1] let rsa = RSAParameters(Modulus = ecKeyMod, Exponent = ecKeyExp) rsa let rsaTest2 = let ecKey = [|0uy..143uy|] // junk data for testing let rsa = RSAParameters(Modulus = ecKey.[8..8+128-1], Exponent = ecKey.[136..136+8-1]) rsa If I highlight all code and send it to F# Interactive (Alt+Enter), then rsaTest1 works, but rsaTest2 gives an error message, System.NullReferenceException: Object reference not set to an instance of an object. at <StartupCode$FSI_0004>.$FSI_0004.main@() in P:\proj\Tachograph\Project\CompuTachTest\CompuTachTest\rsaTest.fsx:line 16 However, if I change rsaTest2 from a value into a function and call it, let rsaTest2 () = let ecKey = [|0uy..143uy|] // junk data for testing let rsa = RSAParameters(Modulus = ecKey.[8..8+128-1], Exponent = ecKey.[136..136+8-1]) rsa let x = rsaTest2 () then there is no error. F# bug or my mistake?

    Read the article

  • How to force Weblogic to start deployments in active state (i.e. not just prepared)

    - by doublep
    When I start a Weblogic instance with a deployed application, the deployment is sometimes left in prepared state, not in active state. I have to go to Weblogic Console and start the deployment manually, which is quite slow and annoying repetetive work. Since this is done on a development machine — sometimes 50 times a day, — there are no security implication as the server is only visible on the local network. Is there some way to have it always start the deployment active? Note that I'm not redeploying the application, I instead have it "constantly deployed" and stop/start the Weblogic instance using the scripts in bin directory.

    Read the article

  • What is a read only collection in C#?

    - by acidzombie24
    I ran a security code analyst i found myself having a CA2105 warning. I looked at the grade tampering example. I didnt realize you can assign int[] to a readonly int. I thought readonly was like the C++ const and makes it illegal. The How to Fix Violations suggest i clone the object (which i dont want to do) or 'Replace the array with a strongly typed collection that cannot be changed'. I clicked the link and see 'ArrayList' and adding each element one by one and it doesnt look like you can prevent something adding more. So when i have this piece of code what is the easiest or best way to make it a read only collection? public static readonly string[] example = { "a", "b", "sfsdg", "sdgfhf", "erfdgf", "last one"};

    Read the article

  • Converting SQL to LINQ to XML

    - by Morano88
    I'm writing the following code to convert SQL to LINQ and then to XML: SqlConnection thisConnection = new SqlConnection(@"Data Source=3BDALLAH-PC;Initial Catalog=XMLC;Integrated Security=True;Pooling=False;"); thisConnection.Open(); XElement eventsGive = new XElement("data", from c in ?????? select new XElement("event", new XAttribute("start", c.start), new XAttribute("end",c.eend), new XAttribute("title",c.title), new XAttribute("Color",c.Color), new XAttribute("link",c.link))); Console.WriteLine(eventsGive); The name of the table is "XMLC" and I want to refer to it. How can I do that? When I put its name directly VS gives an error. Also when I say thisConnection.XMLC it doesn't work.

    Read the article

  • asp.net webservice user management across pages

    - by nakori
    I'm developing a site that will display confidential readonly information, with data fetched from a WCF service. My question: What is the best approach to user management across different information pages. The service returns a collection with customer info after a secure login. My idea is to have a Customer object class that is stored in session. Is it possible to use things like HttpContext.Current.User.Identity.IsAuthenticated followed by HttpContext.Current.Session["UserId"] without using a database with role-based security? Would I be better off with a combination of local database, Linq to SQL or datasets rather than using just class objects for data fetched from service? thanks, nakori

    Read the article

  • Where to place java applet policy file?

    - by makdere
    Hi all, I am working on an artificial intelligence project which is a logic game and aims two user connecting to the server on the network who acts as an Admin and then start to play one by one. In order to create connections, i have a server code which is just listening on localhost:8000 and assigning team values to the clients as they arrive. After connecting, clients make their move under Admin's control. The question is that when i try to put my code to work in the browser it fails with the following error: java.security.AccessControlException: access denied (java.net.SocketPermission 127.0.0.1:8000 connect,resolve) Even though i have created my own policy, first granting only Socket access permission to the codebase of my project folder (file:///home/xxx/projects/-), after it didnt work i granted all permissions from all codebase. I tried placing my policy file both in the home directory and in the same directory where my applet code resides. Appreciate any tips, thanks.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 847 848 849 850 851 852 853 854 855 856 857 858  | Next Page >