How secure is secure?
Thanks to this group and all the high tech individuals who frequent it I
have learned how to protect my PC from the inside out. But what about
security risks to my info 'before' it gets to my computer? Like my mail
box on the server. Could someone hack into that and thumb through my
If so, how would I ever know?
(The short story)
We have a rogue employee at my work who one day decided to run the web
site, she got in tight with the ISP, got tools to set and delete
passwords on a protected directory on the server. Who knows if she has
telnet access to other things, li...security too secure
Summary: security too secure
The security thing won't let me in this sight no matter how I accept,
confirm, get certificate, etc.
Browser Details: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.4; en-GB; rv:1.9.1b4) Gecko/20090423 Firefox/3.5b4
From URL: http://hendrix.mozilla.org/
Note to readers: Hendrix gives no expectation of a response to this feedback
but if you wish to provide one you must BCC (not CC) the sender for them to
...when is secure, secure?
I wrote a custom authentication handler for PureFTPD, using a combination of
authentication methods, for about 4 different types of users.
So far, from testing it, it does look to work properly, and does it's job
pretty well (and fast). I use #!/usr/bin/perl -W as well as use Strict, and
use warnings, and the code returns no errors or warnings when run.
I am right to presume that this basically only really tells me the my syntax
and structure of the application is right? What's a good way to see whether
it is actually SECURE... There is a couple of lines of...Software [In]Security: Twitter Security
Making Your Thoughts as Small and Incomplete as Possible
Just for the record, I don't use Twitter. But if this column were a Twitter
entry, it might read something like:
"If U know neither the enemy nor yourself,U will succumb in every battle"
...form security against security
i have a form in my website which is to be filled by user and that form stores in database(sql server 2005).
but someone told me that anyone can run script in textboxes in that form and can damage database,
so how to avoid such security lack.
it is common practice to use parameterized sql statements or stored procs to insure you are protected from sql injections attacks.
if you concatenate user input directly into a sql statement, then you are at risk.Mike Banavige~~~~~~~~~~~~Need a site code sample in a different language? Try converting it with: http://converte...How secure is AuthenticationTypes.Secure?
I understand that AuthenticationTypes.Secure requests secure authentication using Kerberos or NTLM (??). However, here is a scenario I am trying to understand. Let us say that I am having a regular ASP.NET site - with SSL certificates not installed on the web server. The login sends the request out to an AD server which also does not have certificates installed. However, I have set Secure flag to AuthenticationTypes.Secure. When the username and password data gets transmitted between the application and the LDAP server, how secure are the password and username info? In other words is this in...Security
This is a multi-part message in MIME format.
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
I'm a Mac user 10.4.8 of Thunderbird 188.8.131.52 & am wondering how
"Enabling FIPS" will improve my security? I can't seem to find any
explanation of FIPS under Thunderbird help.
Have a good day R Schwager
Content-Type: text/html; charset=ISO-8859-1
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Tr...Secure connections: how secure are they?
......... both useful and malicious information can be transmitted via network
connections. Standard solutions protect computers against threats present in
standard network connections, but aren't able to counter threats present in
secure connections. Verifying the contents of a secure connection is
impossible by virtue of its secure nature, as demonstrated by the different
types of protection listed above. As a result, malicious data within secure
channels can cause a significant amount of damage, and sometimes more than if
it were to be transmitted via a standard, non-s...How secure is secure enough?
July 28, 2008 (Computerworld) This story originally appeared in
Computerworld's print edition.
If there is a Holy Grail in the information security industry, it surely is
the answer to the question, "How secure is secure enough?"
It's a question that many security managers have either avoided answering
altogether or tried to quickly sidestep by throwing a fistful of mainly
pointless operational metrics at anyone who cared to ask.
"Never d...KLASSP Secure Proxy for password security
See link above. Anyone know if this system has actually been implemented
anywhere? I did some googling and didn't find anything.
Appears to be a nice solution to thwart keyloggers on public computers.
Tom C wrote:
> Hi All,
> See link above. Anyone know if this system has actually been implemented
> anywhere? I did some googling and didn't find anything.
Interesting document. A few points that occur to me:...Is security software becoming a security risk?
"Due to bugs in antivirus software, the security suite becomes a risk
by itself, and adding multiple pieces of security software makes the
problem worse, not better "...
john s. smith wrote:
> "Due to bugs in antivirus software, the security suite becomes a risk
> by itself, and adding multiple pieces of security software makes the
> problem worse, not better "...
...Secure By Design: How Guardian Digital Secures EnGarde Secure Linux
"EnGarde Secure Linux is not just another "repackaged" Linux
distribution, but a modern open source system built from the ground up
to provide secure services in the threatening world of the modern
...."The Community edition of EnGarde Secure Linux is completely free
and open source, and online security and application updates are
freely available with GDSN registration."...
...Security: Show Passwords MAJOR SECURITY RISK
Summary: Security: Show Passwords MAJOR SECURITY RISK
The ability of anyone to view saved passwords is a major security risk.
PASSWORDS should be ENCRYPTED WITH A USER SELECTED PASSWORD
Browser Details: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:184.108.40.206) Gecko/2008070208 Firefox/3.0.1
From URL: http://hendrix.mozilla.org/
...Security Now : Passwords and Cybercafe
My Name is Jean-sebastien OpdeBeeck, from Belgium. I'm new on this
(great) newsgroup. I've just listen ALL SN podcats ... in some days ...
cool and great quality.
About password, and cybercafe, if you are afraid about key log. Why
don't recommand two factor authentication ??? In my company we implement
this (Vasco, RSA, SecureID, ...), so user has to put into his SSL VPN
connection LOGIN and his TOKEN challenge+ PIN code. So you never can
replay the sequence, because it's one time password.
Yes I know, you need money for this, but maximum security i...