Home » Information Security » Page 5
I want to run an untrusted program in SELinux (or other) sandbox. If I
allow this program to connect to every port of every server (except of
probably localhost and 127.*), will it compromise security?More
generally, what is the purpose of same domain policy? Is it only
because cookies? (If so, it's OK for me, as my software does not use
cookies.)
I want to run an untrusted program in a sandbox. I allow this program
to read/write already opened files and to connect to every port of
every server (except of probably localhost and 127.*) and nothing
else.What are arguments pro and contra SELinux vs AppArmor for this
specific task?
So I'm working from a local cafe, doing some web development, and need
to see something in my Apache's access log. And to my surprise, in the
log I see, every 30 seconds or so, a request for my root web page,
coming from 192.168.1.1 -- the cafe's Verizon router. Is this a normal
or known behavior? Or is it Bad?
In a software project, a software vendor is responsible to deliver a
piece of software. Everything else, including the infrastructure
setup, database and application server
installation/configuration/maintenance, etc. are not the
responsibility of the software vendor.Contractually, the software
vendor is to provide BCP (business contingency plan) and DRP (disaster
recovery plan) documents. The question is, which sections in these
documents are the responsibility of the software vendor? In ot
I've been wondering lately if RC4 is so flawed in all its forms, why
is it that it is still being supported by all major browsers per
default? Why does the typical chrome browser prefer
ECDHE-ECDSA-RC4128-SHA over ECDHE-ECDSA-AES128-SHA?
In assigning budget rationally - ie proportionally to the risk in a
particular area, how can you calculate the relative risks?I can think
of examples where clients of mine have secured their websites very
well, but have no security on their front door and no vetting of
contractors - this seems crazy but usually boils down to the fact they
have had no way to compare risks.Answers can be quantitative or
qualitative, but I'm just interested in how this is done in
organisations you know.
I fairly often happen across forums spammed with messages such as:
Arugula (Eruca sativa) is an quarterly green, pretended or roquette.
It's been Traditional times, overclever 20 flat has be useful to
"foodie" movement.Before impediment 1990s, thrill was norm harvested
foreign wild. Colour has naturalized reactionary world, on top of
everything elseloftier Europe addition North America. Arugula is all
round Mediterranean region, wean away from Morocco and Portugal,
eastern Lebano
The company I work for needs a system to perform monthly credit card
charges to customer accounts. Customers will be able to update their
credit card information from an online interface written in PHP (which
will be presented through HTTP over SSL). The monthly charges will be
run manually through a password-protected admin area of the same
interface, which will basically amount to a batch call to
Authorize.Net's API.My coworkers want to store the (encrypted) credit
card information in a MySQ
I've seen data on the cost of a breach including lot of surveys and
research by Verizon and the Ponemon Institute. But in terms of an
actual vulnerability, what are the factors to consider to determine
the cost? Few things I had in mind are: Risk factor: SQL Injection vs
Reflected XSSCost to detect manually or by automated scannersCost to
fix in terms of developer hoursCosts associated with vulnerability
leading to failing a compliance auditHow do you security and risk
management prof
The transaction ID for DNS queries can take values from 1 to 65,536
and my computer pseudorandomly chooses one for each DNS request. If I
sents 1,024 false replies per request, how many requests should I
trigger to compromise the DNS cache with probability 99%? or as close
tot hat as I can get. ThanksI'm getting a result of .6 requests which
doesn't seem right to me. Feel as though it should be around 30

- Technology - Languages
+ Webmasters
+ Development
+ Development Tools
+ Internet
+ Mobile Programming
+ Linux
+ Unix
+ Apple
+ Ubuntu
+ Mobile & Tablets
+ Databases
+ Android
+ Network & Servers
+ Operating Systems
+ Coding
+ Design Software
+ Web Development
+ Game Development
+ Access
+ Excel
+ Web Design
+ Web Hosting
+ Web Site Reviews
+ Domain Name
+ Information Security
+ Software
+ Computers
+ Electronics
+ Hardware
+ Windows
+ PHP
+ ASP/ASP.Net
+ C/C++/C#
+ VB/VB.Net
+ JAVA
+ Javascript
+ Programming
Privacy Policy - Copyrights Notice - Feedback - Report Violation 2018 © BigHow