Search Results

Search found 13059 results on 523 pages for 'security hole'.

Page 300/523 | < Previous Page | 296 297 298 299 300 301 302 303 304 305 306 307  | Next Page >

• Are you ready for the needed changes to your Supply Chain for 2013?

  - by Stephen Slade

  With the initiation of the Dodd-Frank Act, companies need to determine if their products contain 'conflict materials' from certain global markets as the Rep of Congo. The materials include metals such as gold, tin, tungsten and tantalum. Compaines with global sourcing face new disclosure requirements in Feb'13 related to business being done in Iran. Public companies are required to disclose to U.S. security regulators if they or their affiliates are engaged in business in Iran either directly or indirectly.  Is your supply chain compliant?  Do you have sourcing reports to validate?  Where are the materials in your chips & circuit boards coming from? In the next few weeks, responsible companies will be scrutinizing their supply chains, subs, JVs, and affiliates to search for exposure. Source: Brian Lane, Atty at Gibson Dunn Crutcher, as printed in the WSJ Tues, Dec 11, 2012 p.B8

  Read the article

• Creating a secure SQL server login - CHECK_EXPIRATION & CHECK_POLICY

  - by cabhilash

  In SQL Server you can create users using T-SQL or using the options provided by SQL Server Management Studio.   CREATE LOGIN sql_user WITH PASSWORD ='sql_user_password' MUST_CHANGE, DEFAULT_DATABASE = defDB, CHECK_EXPIRATION = ON, CHECK_POLICY = ONAs mentioned in the previous article (http://weblogs.asp.net/cabhilash/archive/2010/04/07/login-failed-for-user-sa-because-the-account-is-currently-locked-out-the-system-administrator-can-unlock-it.aspx) when CHECK_POLICY = ON user account follows the password rules provided in the system on which the SQL server is installed. When MUST_CHANGE keyword is used user is forced to change the password when he/she tries to login for the first time. CHECK_EXPIRATION and CHECK_POLICY are only enforced on Windows Server 2003 and later. If you want to turn off the password expiration enforcement or security policy enforcement, you can do by using the following statements. (But these wont work if you have created your login with MUST_CHANGE and user didn't change the default password) ALTER LOGIN sql_login WITH CHECK_EXPIRATION = OFF go ALTER LOGIN sql_login WITH CHECK_POLICY = OFF

  Read the article

• Prevent anonymous access to form and application pages in SharePoint 2010

  - by shehan

  When you create a Publishing site that has anonymous access enabled, you will notice that anonymous users will not be able to access pages that reside in the “_layouts” virtual directory (e.g. http://siteX/_layouts/viewlsts.aspx). This is because the publishing infrastructure activates a hidden feature that prevents anonymous users from accessing these types of pages. However, if you were to create a site collection based of  Blank Site Template, you would notice that these pages are accessible by anonymous users. The fix is quite simple. There is a hidden feature that you would need to manually activate via stsadm. The feature is called “ViewFormPagesLockDown” (and is available in the Features folders in the 14 hive) To activate it: stsadm -o activatefeature -filename ViewFormPagesLockDown\feature.xml -url http://ServerName Once activated anonymous users will be promoted to enter credentials when they try to access form and application pages. The feature can also be deactivated for publishing sites that have it automatically turned on.   Technorati Tags: SharePoint 2010,anonymous,lockdown,pages,security

  Read the article

• INFORMATION INDEPTH NEWSLETTER Database Insider June Edition

  - by jgelhaus

  Top News Stories include: Oracle #1 in RDBMS Share Gartner released its 2011 worldwide RDBMS market share research based on total software revenues, Market Share: All Software Markets, Worldwide 2011, and Oracle remained first in worldwide RDBMS share in 2011. KScope12:  The Oracle Development Tools User Group Conference The Oracle Development Tools User Group (ODTUG) will hold its annual conference, known as Kscope, in San Antonio, Texas, June 24–28. We asked ODTUG's Vice President Monty Latiolais for a sneak preview—and to share strategies for getting the most out of the event. New Independent Report Endorses Oracle Database Firewall In a new KuppingerCole Product Research Note, Martin Kuppinger concludes that Oracle Database Firewall "should definitely be evaluated and is amongst the recommended products in the database security market segment."  Check out the full edition today!

  Read the article

• Bitdefender Safebox Offers 2GB Free Storage for Android Users

  - by Jason Fitzpatrick

  Android: If you’re always on the lookout for new–and free!–cloud storage solutions, security company BitDefender has a new cloud service for Android uers. Safebox accounts come with a free 2GB storage to get you started. For those of you in the “You can never have enough backups!” camp, Bitdefender’s Safebox is a new offering (currently only available for PC/Android setups) on the remote-storage market. Free personal accounts come with 2GB of storage which is on par with other cloud storage providers. If you’re looking for cloud storage with the maximum number of features and heavy third-party support you’ll want to stick with a well established player like Dropbox. If you’re just looking for some extra storage for overflow media or some redundancy for your current backup solution, Safebox is a viable storage solution. Bitdefender Safebox [via Addicted Tips] Make Your Own Windows 8 Start Button with Zero Memory Usage Reader Request: How To Repair Blurry Photos HTG Explains: What Can You Find in an Email Header?

  Read the article

• I can't do "sudo"

  - by Klevin92

  Let's describe it from the beginning: I was planning to re-enable the password requirement in LightDM for security reasons. But, since my PC's been sluggish these times, it FC'd the password setup when I was entering and now I can't enter it even with combinatorics. I have followed the tips in the Help page, but with all of them I have issues: I try to enter recovery mode (so that I type passwd and my name and change it), but it is a black screen just like my boot screen (because of nVidia graphic card compatibility issue), then I can't do anything I also tried the editting "shadow" file, but the guide talks about some commas that I just don't see where they are supposed to be. I even tried deletting the keyring file like it's said, but nothing happens (except that I lose the other passwords) So is there anything I can do to have my password back? (a bonus would be stopping all this sluggish, apps not responding, etc)

  Read the article

• Creating a remote management interface

  - by Johnny Mopp

  I'm looking for info on creating a remote management interface for our software. This is not anything illicit. Our software is for live TV production and once they go on-air we can't access the PC (usually through LogMeIn). I would like to be able to upload/download files and issue commands to our software. The commands would be software specific like "load this file" or "run this script" or "return this value" etc. A socket connection is preferred but the problem is most of our PCs are behind firewalls and NAT servers. I'm not sure where to start. I think HTTP tunneling is the way to go but am wondering if there are other options or recommendations. Also, assume our clients are not willing to open up ports for security reasons. Thanks.

  Read the article

• Relaunch: Help & Support Center

  - by Axinom

  More content, more interactivity, more social media: new help & support center for AxCMS.net collects all available information and news around AxCMS.net installation, deployment, development, and usage. Web: http://help.axcms.net/ Free download: http://www.AxCMS.net New chapter "Basic Concepts" is designed to provide users with an introduction and understanding of AxCMS.net. You will be introduced to the different AxCMS.net components, elements, use of built-in features such as categories and relations, deployment, workflow and security topics. This information forms a self-study guide as an introduction to AxCMS.net

  Read the article

• running jar in a terminal using axis2

  - by Emilio

  I'm trying to run in the command line a java application distributed in a jar file. It call an axis2 web service, so the jar contains a /axis2client directory with rampart.mar security module. It works fine while I run it in netbeans, but it throws an exception if I try to run it in a terminal using this command: java -jar myfile.jar The Exception: org.apache.axis2.AxisFault: invalid url: //file:/home/xxx/Desktop/myfile.jar!/axis2client/ (java.net.MalformedURLException: no protocol: //file:/home/xxx/Desktop/myfile.jar) As you can see, it's trying to use the /axis2client directory inside the jar, as when I run it in Netbeans, but It fails with a MalformedURLException. I think it's something about the protocol 'file:', probably '//file:/' must be 'file:///'. The problem is that I cannot change this call to the directory because the method that loads the /axis2client directory it's not mine, it's from another library that use my project and include all the axis2 support. So, any idea?? Thanks in advance lads!

  Read the article

• OOW Session: Trends in Identity Management

  - by B Shashikumar

  In his Identity Management address today, Amit Jasuja - VP of Oracle Identity Management and Security Products, will discuss several key identity management trends and showcase how innovation is the key driver behind Oracle’s latest Identity Management 11gR2 release. This session will focus on how the latest 11gR2 release of Oracle Identity Management addresses emerging identity management requirements for mobile, social, and cloud computing. It also explores how existing Oracle Identity Management customers are simplifying implementations and reducing total cost of ownership. When: Monday, October 1, at 10:45 a.m., Where: Moscone West L3, room 3003, (session ID# CON9405) For a complete listing of all identity management sessions, hands-on labs, and more, check out the Focus on Identity Management now. 

  Read the article

• AWS EC2 Oracle RDB connection to Oracle Database Instance

  - by llaszews

  Provisioning my Oracle database instance to AWS EC2 RDB was easy. Just a few clicks! However, getting my connection to my Oracle cloud database was not as easy. A couple things that are not obvious (using Oracle SQL Developer): 1. Need to set up a database security group. 2. Need to use end point for the host name. This video is the best one on the internet to explain both points: http://www.youtube.com/watch?v=ocFURuX0eEw

  Read the article

• CVE-2014-0591 Buffer Errors vulnerability in Bind

  - by Ritwik Ghoshal

  CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2014-0591 Buffer Errors vulnerability 2.6 Bind Solaris 10 Patches planned but not yet available Solaris 11.1 11.1.19.6.0 Solaris 8 Patches planned but not yet available Solaris 9 Patches planned but not yet available Please Note: The patches mentioned above will upgrade Bind to 9.6-ESV-R11. The fix for CVE-2014-0591 was initially distributed via 9.6-ESV-R10-P2 as described at our previous blog post. This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

  Read the article

• Failed update of Ubuntu 10.10 results in unbootable system

  - by chessweb

  Hi, yesterday I performed an automatic security update suggested by the update manager on my virtualized (with VirtualBox on a Windows 7 host) Ubuntu 10.10 installation. The update somehow failed and left me with an unbootable system. When I try to boot, I am told that various folders, files, and what not are missing. Then the system drops into a busybox and leaves me with an (initramfs) prompt. This happens with all kernels I get offered by GRUB, although the error messages are quite different from kernel to kernel. Well, the short of it is this: I don't have the slightest idea on how to get back to a working system and this site is the final straw I'm willing to grab. A complete disaster like this following an update initiated and executed by the system is unheard of in Windows-land; at least I haven't heard of it, yet, and therefore I am going to abandon Ubuntu and Linux altogeteher, if there is no remedy. Regards, RSel

  Read the article

• Cant access ephemeral storage on Amazon ubuntu instance

  - by matt burns

  I want to utilise my ephemeral storage as mentioned in this question but I seem to be falling at the first hurdle. I can't even see /mnt: ~$ df -ah Filesystem Size Used Avail Use% Mounted on /dev/xvda1 8.0G 855M 6.8G 12% / proc 0 0 0 - /proc sysfs 0 0 0 - /sys none 0 0 0 - /sys/fs/fuse/connections none 0 0 0 - /sys/kernel/debug none 0 0 0 - /sys/kernel/security udev 288M 8.0K 288M 1% /dev devpts 0 0 0 - /dev/pts tmpfs 119M 152K 118M 1% /run none 5.0M 0 5.0M 0% /run/lock none 296M 0 296M 0% /run/shm This is from a vanilla instance of an ubuntu AMI (12.04-amd64-server-20120424 ami-a29943cb) I'm not bothered about resizing the partition, I just want to be able to use the space for writing temp files.

  Read the article

• Synaptic returns error

  - by donvoldy666

  I get the following error message when I run synaptic and I can't install any programs SystemError: W:Ignoring file 'getdeb.list.bck' in directory '/etc/apt/sources.list.d/' as it has an invalid filename extension, W:Duplicate sources.list entry 'http://extras.ubuntu.com/ubuntu/ precise/main i386 Packages (/var/lib/apt/lists/extras.ubuntu.com_ubuntu_dists_precise_main_binary-i386_Packages), W:Duplicate sources.list entry 'http://extras.ubuntu.com/ubuntu/ ' precise/main i386 Packages (/var/lib/apt/lists/extras.ubuntu.com_ubuntu_dists_precise_main_binary-i386_Packages), W:Duplicate sources.list entry 'http://extras.ubuntu.com/ubuntu/ precise/main i386 Packages (/var/lib/apt/lists/extras.ubuntu.com_ubuntu_dists_precise_main_binary-i386_Packages), W:Duplicate sources.list entry ' 'http://extras.ubuntu.com/ubuntu'/ precise/main i386 Packages (/var/lib/apt/lists/extras.ubuntu.com_ubuntu_dists_precise_main_binary-i386_Packages), W:Duplicate sources.list entry' 'http://extras.ubuntu.com/ubuntu/ precise/main i386 Packages (/var/lib/apt/lists/extras.ubuntu.com_ubuntu_dists_precise_main_binary-i386_Packages), W:Duplicate sources.list entry 'http://extras.ubuntu.com/ubuntu/ precise/main i386 Packages (/var/lib/apt/lists/extras.ubuntu.com_ubuntu_dists_precise_main_binary-i386_Packages), W:Duplicate sources.list entry 'http://ppa.launchpad.net/ubuntu-mozilla-security/ppa/ubuntu/ precise/main i386 Packages (/var/lib/apt/lists/ppa.launchpad.net_ubuntu-mozilla-security_ppa_ubuntu_dists_precise_main_binary-i386_Packages), E:Encountered a section with no Package: header, E:Problem with MergeList /var/lib/apt/lists/packages.rssowl.org_ubuntu_dists_precise_main_i18n_Translation-en, E:The package lists or status file could not be parsed or opened. I'm new to Linux so please help me out .

  Read the article

• IPSec Offload support in 82576GB controller for Linux

  - by Rodrigo Leal

  Due to migration of servers to cloud computing, we bought several NICs that support mechanisms like SRIOV and VMDQ. Furthermore, as security risk was also a concern and we did not want to create more overhead on the processor, IPSec Offload support was essential. The model chosen was: Intel Gigabit ET2 Quad Port Svr Adptr. (With 82576GB controller): http://ark.intel.com/products/49187/intel-gigabit-et2-quad-port-server-adapter However, we were unable to configure IPSec Offload on Linux. We tried to test on another server we have, a Windows Server 2012 R2, but again without success. It seems that the driver for this controller is not available for windows server 2012 R2, and Linux. The test on windows would be only for verification purposes, we will not use this platform. Could someone confirm this lack of support for Linux?

  Read the article

• Software center not opening

  - by kishore kumar

  $ software-center 2012-09-07 18:45:04,349 - softwarecenter.fixme - WARNING - logs to the root logger: '('/usr/lib/python2.7/dist-packages/dbus/proxies.py', 410, '_introspect_error_handler')' 2012-09-07 18:45:04,349 - dbus.proxies - ERROR - Introspect error on :1.128:/com/ubuntu/Softwarecenter: dbus.exceptions.DBusException: org.freedesktop.DBus.Error.NoReply: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken. 2012-09-07 18:45:29,406 - softwarecenter.ui.gtk3.app - INFO - setting up proxy 'None' 2012-09-07 18:45:29,409 - softwarecenter.db.database - INFO - open() database: path=None use_axi=True use_agent=True 2012-09-07 18:45:29,822 - softwarecenter.backend.reviews - WARNING - Could not get usefulness from server, no username in config file 2012-09-07 18:45:29,973 - softwarecenter.ui.gtk3.app - INFO - show_available_packages: search_text is '', app is None. 2012-09-07 18:45:29,991 - softwarecenter.db.pkginfo_impl.aptcache - INFO - aptcache.open() Killed

  Read the article

• Handling packet impersonating in client-server model online game

  - by TheDespite

  I am designing a server-client model game library/engine. How do I, and should I even bother to handle frequent update packet possible impersonating? In my current design anyone could copy a packet from someone else and modify it to execute any non-critical action for another client. I am currently compressing all datagrams so that adds just a tad of security. Edit: One way I thought about was to send a unique "key" to the verified client every x_time and then the client has to add that to all of it's update packets until a new key is sent. Edit2: I should have mentioned that I am not concerned about whether the actions described in the packet are available to the client at the time, this is all checked by the server which I thought was obvious. I am only concerned about someone sending packets for another client.

  Read the article

• "AND Operator" in PAM

  - by d_inevitable

  I need to prevent users from authenticating through Kerberos when the encrypted /home/users has not yet been mounted. (This is to avoid corrupting the ecryptfs mountpoint) Currently I have these lines in /etc/pam.d/common-auth: auth required pam_group.so use_first_pass auth [success=2 default=ignore] pam_krb5.so minimum_uid=1000 try_first_pass auth [success=1 default=ignore] pam_unix.so nullok_secure try_first_pass I am planning to use pam_exec.so to execute a script that will exit 1 if the ecyptfs mounts are not ready yet. Doing this: auth required pam_exec.so /etc/security/check_ecryptfs will lock me out for good if ecryptfs for some reason fails. In such case I would like to at least be able to login with a local (non-kerberos) user to fix the issue. Is there some sort of AND-Operator in which I can say that login through kerberos+ldap is only sufficient if both kerberos authentication and the ecryptfs mount has succeeded?

  Read the article

• MySQL vs. SQL Server Go daddy, What is the difference bewteen hosted DB and App_Data Db

  - by Nate Gates

  I'm using Goddady for site hosting, and I'm currently using MySQL, because there are less limits on size,etc. My question is what is the difference between using a hosted Godaddy Db such as MySQL vs. creating a SQL Serverdatabase in the the App_Data folder? My guess is security? Would it be a bad idea to use a SQL ServerDB thats located in the App_Data folder? Additional Well I am able to create a .mdf (SQL Server DB file) in the App_Data folder, but I'm really unsure if should use that or not, If I did use it it would simplify using some of the Microsoft tools. Like I said my guess is that it would be less secure, but I don't really know. I know I have a 10gb, file system limit, so I'm assuming my db would have to share that space.

  Read the article

• apt-get update bzip2 errors

  - by Tejas Kale

  I installed Ubuntu 11.10 today on my Lenovo w500. After that when i tried running sudo apt-get update This is the error i am getting. Get:117 http://ftp.jaist.ac.jp oneiric-security/universe TranslationIndex [73 B] 99% [48 Sources bzip2 0 B] [22 Sources bzip2 5,294 kB] 1,983 kB/s 0s bzip2: Compressed file ends unexpectedly; perhaps it is corrupted? *Possible* reason follows. bzip2: Inappropriate ioctl for device Input file = (stdin), output file = (stdout) It is possible that the compressed file(s) have become corrupted. You can use the -tvv option to test integrity of such files. You can use the `bzip2recover' program to attempt to recover data from undamaged sections of corrupted files. I found the following similar question : Errors while updating Ubuntu 11.10 , But the solutions mentioned ( changing the download server, running apt-get clean, apt-get autoclean) and have also tried removing the /var/cache/apt/archives/lists direcotry. As a result of this, I am unable to install any new packages.

  Read the article

• Setting up Oracle Linux 6 with public-yum for all updates

  - by wcoekaer

  I just wanted to give you a quick example on how to get started with Oracle Linux 6 and start using the updates we published on http://public-yum.oracle.com. Download Oracle Linux (without the requirement of a support subscription) from http://edelivery.oracle.com/linux. Install Oracle Linux from the ISO or DVD image Log in as user root Download the yum repo file from http://public-yum.oracle.com # cd /etc/yum.repos.d # wget http://public-yum.oracle.com/public-yum-ol6.repo If you want, you can edit the repo file and enable other repositories, I enabled [ol6_UEK_latest] by just setting enabled=1 in the file with a text editor. Run yum repolist to show the registered channels and you see we are including everything including the latest published RPMs. Now you can just run yum update and any time we release new security errata or bugfix errata for OL6, they will be posted and you will automatically get them. It's very easy, very convenient and actually very cool. We do a lot more than just build OL RPMs and distribute them, we have a very comprehensive test farm where we test the packages extensively.

  Read the article

• Controllers in CodeIgniter

  - by Dileep Dil

  I little bit new to the CodeIgniter framework and this is my first project with this framework. During a chat on StackOverflow somebody said that we need to make controllers tiny as possible. Currently I have a default controller named home with 1332 lines of codes (and increasing) and a model named Profunction with 1356 lines of codes (and increasing). The controller class have about 46 functions on it and also with model class. I thought that Codeigniter can handle large Controllers or Models well, is there any problem/performance issue/security issues regarding this?

  Read the article

• How to create an Access database by using ADOX and Visual C# .NET

  - by SAMIR BHOGAYTA

  Build an Access Database 1. Open a new Visual C# .NET console application. 2. In Solution Explorer, right-click the References node and select Add Reference. 3. On the COM tab, select Microsoft ADO Ext. 2.7 for DDL and Security, click Select to add it to the Selected Components, and then click OK. 4. Delete all of the code from the code window for Class1.cs. 5. Paste the following code into the code window: using System; using ADOX; private void btnCreate_Click(object sender, EventArgs e) { ADOX.CatalogClass cat = new ADOX.CatalogClass(); cat.Create("Provider=Microsoft.Jet.OLEDB.4.0;" +"Data Source=D:\\NewMDB.mdb;" +"Jet OLEDB:Engine Type=5"); MessageBox.Show("Database Created Successfully"); cat = null; }

  Read the article

• What should be included in risk management section of software's architecture documentation?

  - by Limbo Exile

  I am going to develop a Java application (a Spring Web application that will be used to extract data from various data sources) and I want to include risk management of the software in the architecture documentation. By risk management (I am not sure if this is the right name) I mean documenting possibilities of what can go wrong with the software and what to do in those cases. At first I tried to draft some lists, including things like database performance decrease, change of external components that the software interacts with, security breaches etc. But as I am not an experienced developer I cannot rely on those drafts, I don't think they are exhaustive. I searched web hoping to find something similar to the Joel Test or to find any other resource that will cite the most popular causes of problems that should be included and analyzed in risk management documentation, but I haven't found much. Finally, my question is: What should be included in risk management section of software's architecture documentation?

  Read the article

< Previous Page | 296 297 298 299 300 301 302 303 304 305 306 307  | Next Page >