Search Results

Search found 15441 results on 618 pages for 'ssl security'.

Page 129/618 | < Previous Page | 125 126 127 128 129 130 131 132 133 134 135 136  | Next Page >

• Windows azure: Security Concerns

  - by veda

  I am concern about the security of the data and application on Windows Azure... I read in a book that The windows azure provides security through service-level agreement. Can anyone tell me about the What kind of authentication mechanisms used to protect my data. How Microsoft provides these securities...

  Read the article

• Anyone got Twitter xAuth working with the Compact Framework yet?

  - by peSHIr

  This question is related to a number of other questions on oAuth on the Compact Framework (one, two) but seems slightly more specific to me, as it specifically involves getting Twitters xAuth API call (meant for non web applications to be able to do oAuth) working on the Compact Framework. Are SSL HTTP connections and the encryption methods needed for xAuth needed part of Compact Framework 3.5? Did anyone get the Twitter xAuth working on Windows Mobile already? If so, what libraries did you use for this? Any tips are welcome.

  Read the article

• Security issue when returning local filesystem results in a custom Windows Federated Search Provider

  - by user561922

  hi- i'm following the instructions on how to build a custom search provider for windows federated search: http://msdn.microsoft.com/en-us/library/dd742956(v=VS.85) i'm returning local results of the form: File://C:\Users\user\file.txt however, when i perform a search, i get results that say: "This item was blocked because of your Internet security settings". how can i change my security settings so that federated search will allow my customer search provider to return local filesystem results? thanks.

  Read the article

• Why does Perl's Crypt::SSLeay timeout on Intel Mac OS X machines?

  - by Joe

  A have a Perl cron job that recently started having its HTTPS connections start failing with an error of "500 SSL read timeout". I've tracked that the error is being thrown as part of an alarm in Crypt::SSLeay, but I don't know if this is simply something taking too long to respond. So far, I've adjusted the timeout from the default 30 seconds to 10 minutes and it still times out. I've moved the script to other machines, and those on Intel Mac OS X systems all time out, while those under Linux, or on PPC Mac OS X systems run fine, so I don't think it's changes on the network or remote server. When the process started having problems does not coincide with any software updates or reboots on the machine, and I've contacted the server I'm connecting to, and everyone claims that they haven't changed anything. Does anyone have recommendations on trying to debug HTTPS, or have you ever seen this behavior and give recommendations on something I might've overlooked at that could've caused this problem?

  Read the article

• How to make iPhone application accept incorrect server certificate but only specific one?

  - by Igor Romanov

  I need to work with private HTTPS API and client has incorrect certificate on the host. Certificate is for www.clienthost.com and I'm working with api.clienthost.com. So I need to connect via HTTPS to api.clienthost.com ignoring incorrect certificate but still make sure it is the one for www.clienthost.com and not something else. I found this answer: http://stackoverflow.com/questions/933331/how-to-use-nsurlconnection-to-connect-with-ssl-for-an-untrusted-cert and it seems to solve half of my problem but I'm trying to figure out how to still check certificate for host is one I expect to see and not different.

  Read the article

• Can we ask user for credit card number or paypal details,store credit card number on our server, can

  - by Hiren Gujarati

  Can we get credit card number from user or paypal details & use them for premium service of our application ? is apple accept this application if we directly get this information & use it in our api on server for transaction. Using ssl will be accpted by apple ? I have check from 1) http://stackoverflow.com/questions/1763306/credit-card-purchase-of-physical-goods-via-an-iphone-application 2) http://stackoverflow.com/questions/1707701/receiving-payments-trough-paypal-and-credit-card 3) http://stackoverflow.com/questions/1366864/using-the-paypal-api-in-an-iphone-application but not clear about all...

  Read the article

• sudoers security

  - by jetboy

  I've setup a script to do Subversion updates across two servers - the localhost and a remote server - called by a post-commit hook run by the www-data user. /srv/svn/mysite/hooks/post-commit contains: sudo -u cli /usr/local/bin/svn_deploy /usr/local/bin/svn_deploy is owned by the cli user, and contains: #!/bin/sh svn update /srv/www/mysite ssh cli@remotehost 'svn update /srv/www/mysite' To get this to work I've had to add the following to the sudoers file: www-data ALL = (cli) NOPASSWD: /usr/local/bin/svn_deploy cli ALL = NOEXEC:NOPASSWD: /usr/local/bin/svn_deploy Entries for both www-data and cli were necessary to avoid the error: post commit hook failed: no tty present and no askpass program specified I'm wary of giving any kind of elevated rights to www-data. Is there anything else I should be doing to reduce or eliminate any security risk?

  Read the article

• Is there a way for IIS6 to do http and https together in the same site?

  - by puffpio

  The site needs to be accessible both from HTTP and HTTPS (in case the client wants the form submissions to be secure or not) The site is hosted in IIS6 and ideally I'd like to be able to just have one website in there and it can handle both http and https..is this possible? alternatively i was thinking maybe creating a "secure" subdirectory in the site and duplicating everything in there as well..is that feasible? this is further complicated that it is using asp.net 3.5's routing ability to do url rewrites so even if I create a secure subdirectory, i dunno if it will actually pick up that it's supposed to be SSL approved

  Read the article

• java web start security warning

  - by ria

  I have a web application that downloads a jar file from the web server using java web start. The jar is signed using J2SE security tool. However, I get the security warning "The application digital signature cannot be verified. Do you want to run the application?" Am I missing something that is causing this??

  Read the article

• Network Security and Encryption explained in laymen terms

  - by Ehrann Mehdan

  Although I might pretend very well that I known a thing about networks or security and it might help me pass an interview, or fix a bug, I don't really feel I'm fooling anyone. I'm looking for a laymen terms explanation of nowadays network security concepts and solutions. The information is scattered around and I didn't find a resource for "dummies" like me (e.g experienced Java developers that can speak the jargon but have no real clue what it means) Topics I have a weak notion about and want to understand better as a Java developer PGP Public / Private keys RSA / DES SSL and 2 way SSL (keystore / trustore) Protecting against Man in the middle fraud Digital Signature and Certificates Is there a resource out there that really explains it in a way that doesn't require a Cisco certificate / Linux lingo / know what is subnet masking or other plumbing skills?

  Read the article

• jersey security and session management

  - by Adhir

  Hi, Is there a way for session management or security available programatically in Jersey specification. e.g. like a web-application session management. Or is transaction, session, security all handeled by the containor on which the jersey application is deployed. Adhir

  Read the article

• Is this iptables NAT exploitable from the external side?

  - by Karma Fusebox

  Could you please have a short look on this simple iptables/NAT-Setup, I believe it has a fairly serious security issue (due to being too simple). On this network there is one internet-connected machine (running Debian Squeeze/2.6.32-5 with iptables 1.4.8) acting as NAT/Gateway for the handful of clients in 192.168/24. The machine has two NICs: eth0: internet-faced eth1: LAN-faced, 192.168.0.1, the default GW for 192.168/24 Routing table is two-NICs-default without manual changes: Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 (externalNet) 0.0.0.0 255.255.252.0 U 0 0 0 eth0 0.0.0.0 (externalGW) 0.0.0.0 UG 0 0 0 eth0 The NAT is then enabled only and merely by these actions, there are no more iptables rules: echo 1 > /proc/sys/net/ipv4/ip_forward /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE # (all iptables policies are ACCEPT) This does the job, but I miss several things here which I believe could be a security issue: there is no restriction about allowed source interfaces or source networks at all there is no firewalling part such as: (set policies to DROP) /sbin/iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT /sbin/iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT And thus, the questions of my sleepless nights are: Is this NAT-service available to anyone in the world who sets this machine as his default gateway? I'd say yes it is, because there is nothing indicating that an incoming external connection (via eth0) should be handled any different than an incoming internal connection (via eth1) as long as the output-interface is eth0 - and routing-wise that holds true for both external und internal clients that want to access the internet. So if I am right, anyone could use this machine as open proxy by having his packets NATted here. So please tell me if that's right or why it is not. As a "hotfix" I have added a "-s 192.168.0.0/24" option to the NAT-starting command. I would like to know if not using this option was indeed a security issue or just irrelevant thanks to some mechanism I am not aware of. As the policies are all ACCEPT, there is currently no restriction on forwarding eth1 to eth0 (internal to external). But what are the effective implications of currently NOT having the restriction that only RELATED and ESTABLISHED states are forwarded from eth0 to eth1 (external to internal)? In other words, should I rather change the policies to DROP and apply the two "firewalling" rules I mentioned above or is the lack of them not affecting security? Thanks for clarification!

  Read the article

• how to get rid of certificate error: navigation blocked in ie8

  - by Radek

  when I access our intranet via https I get this "certificate error: navigation blocked" error in IE8 on Windows XP SP3. I can click Continue to this website (not recommended). but I use IE for automation testing so I have to avoid these extra clicks. Any idea? I tried setting “Turn off the Security Settings Check feature” to enabled. setting "Display Mixed Content" to enabled lowering security levels to minimum adding the web server address to trusted zone

  Read the article

• Win 2008 Server & IIS7: ASP installed but displays 'FILE DOWNLOAD - SECURITY WARNING"

  - by AzC

  Hi Dudes, Installed Win 2008 server and IIS7. Enabled ASP Classic and ASP.NET on it. Can't get any ASP scripts to run e.g. desperate.asp containing following line: <% Response.Write "Hello Love, Fancy a Date?" % It just comes up with a "FILE DOWNLOAD - SECURITY WARNING" panel asking em to download. When I select anything it keeps looping. Found lots fo stuff on internet but nothing working. Also same for other ASP scripts HTML works no problem e.g. a file called reply.html containing: Get lost little boy. We only serve French Fries in Macdonalds Any ideas?

  Read the article

• Which linux x86 hardware keystore?

  - by byeo

  I'm terminating SSL/TLS in my DMZ and I have to assume that machine will be hacked. At which point my certificates are compromised. Previously I've used nCipher hardware keystore/accelerator to solve this issue. These cards won't reveal the private key even to root. The card performs the encryption and decryption onboard and is hardened against physical attack. The only way to get at the keys is by attaching a smart card reader to the card itself. I'm having trouble finding information about something to recreate this approach. Is this the domain of specialist switches and firewalls these days? This old page references some of the old hardware: http://www.kegel.com/ssl/hw.html#cards

  Read the article

• SQL2005 reporting server: intense security activity

  - by David Wimbush

  On my reporting server the Security log shows large numbers of Logon/Logoff events, often 10 or more, when you run pretty much any report in the Report Manager. Is this normal or is it a classic sign of having the wrong setup? Some system details: Windows Server 2003 R2 SP2, virtual server running under VMWare). SQL Server 2005 SP3 Standard Edition, running databases, Report Manager, and Ananlysis Services cubes. No other major services on the machine (i.e. it's not a domain controller, Exchange server or anything like that). Any ideas, please, guys?

  Read the article

• Any problems with using a 301 redirect to force https traffic in IIS?

  - by Jess

  Is there any problem with using a 301 redirect to force all traffic to go to a secure-only site? We originally had redirect rules, but enforcing SSL-only seemed more secure. Here is how we set it up: Site 1: https://example.com/ Require SSL set Bound to 443 only Site 2: http://example.com Bound to 80 only Empty folder - no actual html or other data 301 Redirects to https://example.com This seems to work beautifully, but are there any issues with doing this? Would any browsers not recognize the 301 redirect, or could there be security warnings during the redirect?

  Read the article

• Cannot connect via HTTPS in Java app on MacOSX (Certificate validation issue)

  - by johnnyx

  I have a java application that connects to a webservice over https. The domain where i host the webservice has a valid Goddaddy issued SSL certificate. The application works fine on Windows but on MacOSx i receive the following exception when attempting to connect to the webservice via https. sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target I've tested it on two machines running Mac OS X 10.7.2 with the latest java runtime updates. I understand this is usually a problem with self signed certificates that need to be added manually, but i have a valid Godaddy issued certificate. In webbrowsers (safari & firefox) on mac os the certificate is recognized and seems ok. I even tried adding the certificate to the key chain manually like in the gase of a self signed one but to no result.

  Read the article

• XP Missing AD in secuirity location

  - by Rodent43

  I have a few Window XP clients that are part of a domain, when trying to set the permissions on the security tab and pressing location to search the AD for users it only presents the local machine... So I follow this path Right click folder Properties Security Add in the locations field where I would normally see the windows domain, I am only seeing the local machine name??? So only users that have a local account can be added to the folders permissions... Any tips would be appreciated

  Read the article

• Security review of an authenticated Diffie Hellman variant

  - by mtraut

  EDIT I'm still hoping for some advice on this, i tried to clarify my intentions... When i came upon device pairing in my mobile communication framework i studied a lot of papers on this topic and and also got some input from previous questions here. But, i didn't find a ready to implement protocol solution - so i invented a derivate and as i'm no crypto geek i'm not sure about the security caveats of the final solution: The main questions are Is SHA256 sufficient as a commit function? Is the addition of the shared secret as an authentication info in the commit string safe? What is the overall security of the 1024 bit group DH I assume at most 2^-24 bit probability of succesful MITM attack (because of 24 bit challenge). Is this plausible? What may be the most promising attack (besides ripping the device out off my numb, cold hands) This is the algorithm sketch For first time pairing, a solution proposed in "Key agreement in peer-to-peer wireless networks" (DH-SC) is implemented. I based it on a commitment derived from: A fix "UUID" for the communicating entity/role (128 bit, sent at protocol start, before commitment) The public DH key (192 bit private key, based on the 1024 bit Oakley group) A 24 bit random challenge Commit is computed using SHA256 c = sha256( UUID || DH pub || Chall) Both parties exchange this commitment, open and transfer the plain content of the above values. The 24 bit random is displayed to the user for manual authentication DH session key (128 bytes, see above) is computed When the user opts for persistent pairing, the session key is stored with the remote UUID as a shared secret Next time devices connect, commit is computed by additionally hashing the previous DH session key before the random challenge. For sure it is not transfered when opening. c = sha256( UUID || DH pub || DH sess || Chall) Now the user is not bothered authenticating when the local party can derive the same commitment using his own, stored previous DH session key. After succesful connection the new DH session key becomes the new shared secret. As this does not exactly fit the protocols i found so far (and as such their security proofs), i'd be very interested to get an opinion from some more crypto enabled guys here. BTW. i did read about the "EKE" protocol, but i'm not sure what the extra security level is.

  Read the article

• Sharepoint page level security

  - by ifunky

  Hi, Another SharePoint question from myself! I've created a subsite and from within Sharepoint designer I've created a new aspx page, all nice and simple so far. I can't seem to find where I can change the security on this new page, only site admins can view the page and everyone else gets access denied. It doesn't seem to inherit the permissions from the parent and I can't see where to change the security settings! Please help, I'm sure it's something simple! Thanks Dan

  Read the article

• immplementing security with session variables, how it is insecure

  - by haansi

  Hello, I am doing web based projects in dotnet. Currently I am implementing security using session variables. I keep current user id and user type in session and authenticate user from these session variables (say Session["UserId"],Session["UserName"] and Session["UserType"]) I do authentications. Please guide me how it is insecure ? I heard such security can be broken and applications can be hacked very easily, like it is possible to get session id and directly connect to that session id etc. Please guide me on this thanks

  Read the article

• How do I update Safari on Windows?

  - by James A. Rosen

  I'd like to update Safari to 4.0.5 for security reasons, but I can't figure out how to run the Apple updater manually. On Mac there's usually a "Check for Updates" menu item, but I don't see one on the Windows version. I tried downloading the latest version from http://www.apple.com/safari/download/, but Windows won't let me open the file, saying it is a security risk.

  Read the article

• Keystore in PKCS12 format seems empty to keytool, but is read by Firefox?!

  - by hjh

  I have a problem with a keystore in pkcs12 format, which contains a private key I need to use to authenticate myself (using mutual authentication) to a remote SSL server. The keystore file can be read perfectly fine by Firefox, and when used, I can access the remote server without problems. However, my Java program does not work with the keystore file. And if I use keytool to list keys inside the file, it seems empty -- while it is clearly not! How can I get Java/keytool to see the private key inside the keystore?

  Read the article

• Windows Security popup window pops up each time any connection is made

  - by MC Emperor

  I have a problem with the Windows Security popup below. It pops up every time the system tries to make connection with any internet source. It's very annoying, and I don't know how to resolve the problem. (The popup window below is in Dutch, but says something like Connect to somedomain.com. Then it expects you to give your credentials.) I am running on a Windows 7 x64 OS. Now how do I solve this problem? Is it a Windows Firewall problem?

  Read the article

< Previous Page | 125 126 127 128 129 130 131 132 133 134 135 136  | Next Page >