secure government government cloud security - Page 64

How secure is Remote Desktop from Mac OS X to Windows Server 2003?

- by dwhsix

It's unclear to me exactly how secure Remote Desktop access from Mac OS X to a Windows Server 2003 machine is. Is the communication encrypted by default? What level of encryption? Are there best practices for making this as secure as possible? I found http://www.mobydisk.com/techres/securing_remote_desktop.html but it's unclear how much of that is still relevant for current versions of RDP and Windows Server. I know I can tunnel RDP over ssh, but is that overkill or redundant?

Read the article

Creating a secure multicast tunnel with socat

- by ams

How we can create secure multicast tunnels ith socat? Assume that we have a list of IP address, CIDR network addresses that we want to create secure tunnel to them. I found this: socat STDIO UDP4-DATAGRAM:224.1.0.1:6666,range=192.168.10.0/24 but I want a secure tunnel and different adds with net addrs I want to create script that give the IPs and net addresses and creates a secure tunnel ./myscript IP1 NetAdd1 IP2 NetAdd2 .... How can I send these parameters to socat? Does socat multicast have any limits?

Read the article

How can I have APF block script kiddies that mod_security detects?

- by Gaia

Read the article

How does Antimalware Doctor infect computers?

- by Pyrolistical

I didn't do anything stupid like run random .exe or visit questionable websites, but as I was just Googling I get infected by Antimalware Doctor. At that point I just shutdown my computer and reformatted, so I didn't check if I had the latest version of Flash or Firefox. Is it possible to get infected just because I didn't have my Flash newer than 10.1 and some random flash ad infected me? There doesn't seem to be any information on how Antimalware Doctor works asides from how to remove it.

Read the article

creating secure multicast with socat

- by arash

How we can create secure tunnels multicast with socat? Assume we have a list of ip address, CIDR network addresses that we want to create secure tunnel to them. I found this socat STDIO UDP4-DATAGRAM:224.1.0.1:6666,range=192.168.10.0/24 but I want a secure tunnel and different adds with net addrs I want to create script that give the IPs and net addresses and create secure tunnel ./myscript IP1 NetAdd1 IP2 NetAdd2 .... how can i send this parametersw to socat? Socat multicast hasn't any limits? Thanks for your help

Read the article

How secure is Remote Desktop from OSX to Windows Server 2003?

- by dwhsix

It's unclear to me exactly how secure Remote Desktop access from OSX to a Windows Server 2003 machine is. Is the communication encrypted by default? What level of encryption? Are there best practices for making this as secure as possible? I found http://www.mobydisk.com/techres/securing_remote_desktop.html but it's unclear how much of that is still relevant for current versions of RDP and Windows Server. I know I can tunnel RDP over ssh, but is that overkill or redundant? Thanks...

Read the article

Beast / CRIME / Beach attack and stopping it

- by user2143356

I have read so much on all this but not entirely sure I understand what has gone on. Also, is this one, two or three problems? It looks to me like three, but it's all very confusing: Beast CRIME Beach It seems the solution may be to simply not use compression with HTTPS traffic (or is that just on one of them?) I use GZIP compression. Is that okay, or is that part of the problem? I also use Ubuntu 12.04 LTS Also, is non-HTTPS traffic okay? So after reading all the theory I just want the solution. I think this may be the solution, but can someone please confirm I have understood everything so I am not likely to suffer from this attack: SOLUTION: Use GZIP compression on HTTP traffic, but don't use any compression on HTTPS traffic

Read the article

Grandma's Computer - Can a user that belongs only to the "Users" group in Windows XP install malware, virus or IE addons?

- by DanC

I am trying to figure out if having a user in the "Users" group will be enough to prevent her from install unwanted software. The things that I don't want the user to be able to install are: virus malware bandoo stuff Internet Explorer Addons To put you in context, I am thinking of my grandma's computer, I want her to be able to read all her email stuff and attachments, but without the hassle of needing to reinstall the whole computer every few months. The computer will run Windows XP, with some free antivirus. It will not be part of any domain. It is just a home computer. Linux, I have tried making her use it, but she was already accustomed to Windows and was not really an option to have her re-learn where was the shutdown button. So, are these considerations enough to prevent her installing unwanted software? What other options come to you mind? Thanks

Read the article

Is it a good practice to run identd in 2010?

- by Alex R

I know in the "old days" it was good practice to shut this off. But nowadays I have heard that it improves deliverability of email. In the old days people were not worried about spam (or having their outbound email rejected), so that made sense. Of course, the question is only relevant to servers that send email. What is the current, common practice among discerning Linux admins? Run identd or leave it off? Thanks

Read the article

Apache mod_header rule to change all cookies to secure

- by Supowski

I would like to change all cookies to be secure and http-only. It works fine for one cookie, but doesn't work when multiple cookies are set in response. Apache mod_header rule should change cookies from: Set-Cookie cookie1=value; Path=/somePath Set-Cookie cookie2=value; Path=/somePath to Set-Cookie cookie1=value; Path=/somePath; Secure; Http-Only Set-Cookie cookie2=value; Path=/somePath; Secure; Http-Only I use mod_headers for it with following rule: Header edit Set-Cookie ^(.*)$ $1;Secure;HttpOnly It works fine when only one cookie is set, but if there is more than one, it just removes all the following and they are not set at all. Any help how to write mod_headers rule for multiple values? or the problem is in something else?

Read the article

Apache mod_header rule to change all cookies to secure

- by Supowski

I would like to change all cookies to be secure and http-only. I works fine for one cookie, but doesn't work when multiple cookies are set in response. Apache mod_header rule should change cookies from: Set-Cookie cookie1=value; Path=/somePath Set-Cookie cookie2=value; Path=/somePath to Set-Cookie cookie1=value; Path=/somePath; Secure; Http-Only Set-Cookie cookie2=value; Path=/somePath; Secure; Http-Only I use mod_headers for it with following rule: Header edit Set-Cookie ^(.*)$ $1;Secure;HttpOnly It works fine when only one cookie is set, but if there is more than one, it just removes all the following and they are not set at all. Any help how to write mod_headers rule for multiple values? or the problem is in something else?

Read the article

Do I need a hardware firewall for Win 2003?

- by user531723

We have had a Win 2003 server at a co-lo for a while. It is used as a web server and has a very cheap hardware firewall between it and the internet. Ports 3389 and 80 are the only ones forwarded to the server. I am doing some upgrading and wondering if I really need the firewall. Are there any drawbacks to just using the Win 2003 built in firewall to make sure only traffic on 3389 and 80 get through?

Read the article

mod_secdownload in lighttpd support subdirectories for secure stream?

- by zomail

i want to know that lighttpd supports secure stream for subdirectories ? I want to secure my subdirectories within a directory but looks like its not working on subdirectories . I want to secure my subdirectories within download-area directory given below secdownload.secret = "MySecretSecurePassword" secdownload.document-root = "/home/lighttpd/download-area/" secdownload.uri-prefix = "/dl/" secdownload.timeout = 3600

Read the article

Suggestion for a secure small-business e-mail-server needed

- by Lorikun

Hello, we are a small business company (60-100 emploees) handling financial data. We want to have a secure E-Mail Server. What is the best in-house solution? Our laws force us to ?eep the server physically at our place. Is Exchange secure enough, or are we better off with Linux and Postfix+Dovecot? For that reason we will hire a system-administrator, but whats more secure solution? Thanks in advance

Read the article

HttpsCookieFilter - IllegalStateException: getOutputStream() has already been called for this response

- by Mat Banik

Following exception is thrown every once in a while and it shows up in localhost log file in tomcat log directory. If anyone know how to get rid of it, all help would be appreciated. BTW the filter is working fine I just don't know why this exception is happening. Stack trace: java.lang.IllegalStateException: getOutputStream() has already been called for this response at org.apache.catalina.connector.Response.getWriter(Response.java:611) at org.apache.catalina.connector.ResponseFacade.getWriter(ResponseFacade.java:198) at javax.servlet.ServletResponseWrapper.getWriter(ServletResponseWrapper.java:112) at javax.servlet.ServletResponseWrapper.getWriter(ServletResponseWrapper.java:112) at org.springframework.web.servlet.view.freemarker.FreeMarkerView.processTemplate(FreeMarkerView.java:366) at org.springframework.web.servlet.view.freemarker.FreeMarkerView.doRender(FreeMarkerView.java:283) at org.springframework.web.servlet.view.freemarker.FreeMarkerView.renderMergedTemplateModel(FreeMarkerView.java:233) at org.springframework.web.servlet.view.AbstractTemplateView.renderMergedOutputModel(AbstractTemplateView.java:167) at org.springframework.web.servlet.view.AbstractView.render(AbstractView.java:250) at org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1047) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:817) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:719) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:644) at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:549) at javax.servlet.http.HttpServlet.service(HttpServlet.java:617) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.opensymphony.sitemesh.webapp.SiteMeshFilter.doFilter(SiteMeshFilter.java:65) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:198) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:176) at org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145) at org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92) at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:381) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:368) at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109) at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380) at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380) at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380) at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:119) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:187) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380) at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380) at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:57) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380) at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380) at org.springframework.security.web.access.channel.ChannelProcessingFilter.doFilter(ChannelProcessingFilter.java:109) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380) at org.springframework.security.web.session.ConcurrentSessionFilter.doFilter(ConcurrentSessionFilter.java:109) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380) at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:169) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) //Here is the servlet I suspect is trowing the exception. at package.HttpsCookieFilter.doFilter(HttpsCookieFilter.java:38) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298) at org.apache.coyote.http11.Http11NioProcessor.process(Http11NioProcessor.java:886) at org.apache.coyote.http11.Http11NioProtocol$Http11ConnectionHandler.process(Http11NioProtocol.java:721) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:2256) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603) at java.lang.Thread.run(Thread.java:717) The HttpsCookieFilter class: public class HttpsCookieFilter implements Filter { private static Logger log = Logger.getLogger(HttpsCookieFilter.class); @Override public void destroy() { } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { final HttpServletRequest req = (HttpServletRequest) request; final HttpServletResponse res = (HttpServletResponse) response; final HttpSession session = req.getSession(false); if (session != null) { setCookie(req, res); } try{ chain.doFilter(request, response); // <- Exception thrown from here }catch (IllegalStateException e){ log.warn("HttpsCookieFilter redirect problem! ", e); } } @Override public void init(FilterConfig arg0) throws ServletException { } private void setCookie( HttpServletRequest request, HttpServletResponse response) { Cookie cookie = new Cookie("JSESSIONID", request.getSession(false).getId()); cookie.setMaxAge(-1); cookie.setPath(getCookiePath(request)); cookie.setSecure(false); response.addCookie(cookie); } private String getCookiePath(HttpServletRequest request) { String contextPath = request.getContextPath(); return contextPath.length() > 0 ? contextPath : "/"; } } web.xml <?xml version="1.0" encoding="UTF-8"?> <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee/web-app_2_5.xsd"> <listener> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> </listener> <listener> <listener-class>org.springframework.web.context.request.RequestContextListener</listener-class> </listener> <listener> <listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class> </listener> <filter> <filter-name>httpsCookieFilter</filter-name> <filter-class>com.iteezy.server.web.servlet.HttpsCookieFilter</filter-class> </filter> <filter-mapping> <filter-name>httpsCookieFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter> <filter-name>filterChainProxy</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter> <filter-mapping> <filter-name>filterChainProxy</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> ... The reason for integrating this filter comes from Spring security FAQs: I'm using Tomcat (or some other servlet container) and have enabled HTTPS for my login page, switching back to HTTP afterwards. It doesn't work - I just end up back at the login page after authenticating. This happens because sessions created under HTTPS, for which the session cookie is marked as “secure”, cannot subsequently be used under HTTP. The browser will not send the cookie back to the server and any session state will be lost (including the security context information). Starting a session in HTTP first should work as the session cookie won't be marked as secure.

Read the article

Oracle Open World / Public Sector / Identity Platform

- by user12604761

For those attending Oracle Open World (Oct. 1st - 3rd, 2012 at the Moscone Center in San Francisco), the following details are recommended: OOW Focus on Public Sector. Also, Oracle's foundational Identity and Access Management and Database Security products that support government security ICAM solutions are covered extensively during the event, the following will be available: The focus is on Oracle's Modern Identity Management Platform. Integrated Identity Governance Mobile Access Management Complete Access Management Low Risk Upgrades The options for attendees include 18 sessions for Identity and Access Management, 9 Identity and Access Management demonstration topics at the Identity Management Demo Grounds, and 2 hands on labs, as well as 21 database security sessions. Oracle Public Sector Reception at OOW: Join Oracle's Public Sector team on Monday, October 1 for a night of food and sports in a casual setting at Jillian’s, adjacent to Moscone Center on Fourth Street. In addition to meeting the Public Sector team, you can enjoy Monday Night Football on several big screen TVs in a fun sports atmosphere. When: Monday, October 1, 6:30 p.m.–9:30 p.m. Where: Jillian's, 101 Fourth Street, San Francisco

Read the article

Roger Jennings’ Cloud Computing with the Windows Azure Platform

- by guybarrette

Writing and publishing a book about a technology early in its infancy is cruel. Your subjected to many product changes and your book might be outdated the day it reaches the book stores. I bought Roger Jennings “Cloud Computing with the Windows Azure Platform” book knowing that it was published in October 2009 and that many changes occurred to the Azure platform in 2009. Right off the bat and from a technology point of view, some chapters are now outdated but don’t reject this book because of that. In the first few chapters, Jennings does a great job at explaining Cloud Computing and the Azure platform from a business point of view, something that few Azure articles and blogs fail to do right now. You may want to wait for the second edition and read Jennings’ outstanding Azure focused blog in the meantime. var addthis_pub="guybarrette";

Read the article

VMware sort VMware Go Pro sa solution de virtualisation Cloud pour PME, passerelle vers VMware vSphere

VMware sort VMware Go Pro Sa solution de virtualisation Cloud pour PME, passerelle vers VMware vSphere VMware vient d'annoncer la sortie de sa solution de virtualisation Cloud pour les PME : VMware Go Pro. VMware Go Pro a pour principal objectif de faciliter les efforts de virtualisation des petites et moyennes entreprises en leur proposant un outil ergonomique, qui simplifie la gestion des systèmes d'information et qui veut améliorer la productivité. L'outil intègre une console centrale unique, pour fédérer et simplifier l'administration des infrastructures physiques et virtuelles. Une console qui permet de « libérer les équipes des tâches récurrentes afin de se consacr...

Read the article

Verizon, IBM Take Data Recovery to the Cloud

Verizon and IBM want to give enterprise customers a cloud-based option for backing up and recovering massive data reservoirs.

Read the article

Google I/O 2012 - Beyond Paper: Google Cloud Print and the Future of Printing

Google I/O 2012 - Beyond Paper: Google Cloud Print and the Future of Printing Akshay Kannan Use Google Cloud Print's API to send documents to a printer (or anywhere else) quickly and easily. We're currently integrated with Chrome, ChromeOS, mobile Gmail/Docs, and most new printers, and that's just the start. We provide a configurable JavaScript API, an Android Intent, as well as HTTP and XMPP interfaces for sending documents and receiving them in virtually any format. Come learn how to enable printing from your web and mobile apps on any device to any printer in the world, with just a few lines of code! For all I/O 2012 sessions, go to developers.google.com From: GoogleDevelopers Views: 41 1 ratings Time: 01:06:43 More in Science & Technology

Read the article

Cloud and On-Premises Applications Integration using Oracle Integration Adapters

- by Ramkumar Menon

See how Oracle Integration adapters will continue to provide connectivity and harness information from diverse enterprise applications and technologies—both on-premises and in the cloud on our Exclusive Openworld session - "CON8642 - Cloud and On-Premises Applications Integration, Using Oracle Integration Adapters ". The session will cover the trends and themes of Application Integration today, and describe how Oracle's suite of Adapters help you integrate and extend your Applications using a Service Oriented Architecture today and in the future. Session Speakers Vikas Anand - Director, Product Management Ramkumar Menon - Senior Product Manager, SOA Suite Stephen Mcritchie - SOA Suite Product Development Schedule: Wednesday, Oct 3, 1:15 PM - 2:15 PM - Moscone South - 310, San Francisco

Search Results

Search found 19074 results on 763 pages for 'secure government government cloud security'.

Page 64/763 | < Previous Page | 60 61 62 63 64 65 66 67 68 69 70 71 | Next Page >

- by dwhsix

- by ams

- by Gaia

- by Pyrolistical

- by arash

- by dwhsix

- by user2143356

- by DanC

- by Alex R

- by Supowski

- by Supowski

- by user531723

- by zomail

- by Lorikun

- by Mat Banik

- by user12604761

- by guybarrette

- by Ramkumar Menon

< Previous Page | 60 61 62 63 64 65 66 67 68 69 70 71 | Next Page >