This is a bit like a DMZ, but it requires no firewall, only a decent NAT, since all incoming ports are blocked on the internal network (unless you want to block outgoing ports).
In this example, we want to achieve secure webmail. The internal server is running an IMAP server. The VPS (Virtual Private Server) is running Apache and a web mail program that connects over IMAP (e.g. SquirrelMail).
You create a passwordless SSH port forwarding from the IMAP server towards the remote VPS (Virtual Private Server).
And then set the webmail to use port 10143. I'm using a high port number so that the SSH forwarding can run as a non-root user.
I now only need to figure out how to automatically reconnect if the SSH connection dies.
So the internal network has no open ports. And even if the VPS gets hacked, they can't connect to the internal network (all the connection start from inside).
Has anyone tried out anything like this? Can anyone point out any possible security problems?
Re:If Ars Technica is so concerned about usability
on
A Better Finder?
·
· Score: 1
It depends. See the following link: http://www.ergogero.com/FAQ/Part6/cfaqPart6 .html#p 6.2
Microsoft Baseline Security Analyzer is a good GUI tool that check for missing hotfixes and various security problems. You can download it at http://www.microsoft.com/TechNet/Security/tools/to ols/MBSAHome.ASP
However, to use this tool, you need to enable the "Server" service, or you'll get weird errors.
I've recently been reviewing a dozen of different software to convert from Word to XML.
So far the best tool I found is upCast (free for personal use) from http://www.infinity-loop.de/.
To convert a Word file: * Use Word's AutoFormat feature to convert visual formatting to Word styles * Redefine all the text as Word styles * Run upCast to convert to XML using the "XML (content, no DTD)" filter * Run HTML Tidy from http://tidy.sourceforge.net/ with the parameters -xml -utf8 -clean -bare .
Other tools that might be worth a second look: * Majix (Open Source) - http://www.tetrasix.com/ * WorX SE - http://www.xyvision.com/ * XML MarkupKit (in German) - http://www.eds.schema.de/download/MarkupKit/ * DocSoft LLC Word-to-XML - http://www.docsoft.com/w2xml.htm
I recommend plugging in an extra hard drive, and using Norton Ghost, or one of the alternatives to back up the partition, before touching it. Since the filesystem is corrupt, you'll probably have to do a bit-to-bit copy for it to work.
Afterwards, you can do whatever experiments you want with it, and still be on the safe side.
Google doesn't seem to have been updated for about 3 months.
e.g. a search for "GXP120" on Google gets me 29 results. The same search at www.alltheweb.com gets me 1012 results.
75GXP nightmare - over 70% failure rate - 18 of 25
on
IBM 120GXP Revisited
·
· Score: 1
For our company we have bought about 25 75GXP drives 30GB drives a year ago.
In a 12 month period, 18 out 25 have already failed.
Luckily, our vendor has agreed to replace the hard drives with a different brand and usually as soon as the weird squeaks started, before major data loss occurred. On the few occasions the hard drive was replaced by the another drive of the same model, it exhibited the same problem.
1% is a normal failure rate for hard drives. 70% FAILURE IS TOTALLY UNACCEPTABLE.
I guess if we'll wait a few months, the failure rate will be near 100%. The problem is that we have to wait for the drive to fail before we can replace them.
It's a bad idea to backup every hour, especially if this is your only backup. If files get corrupted, and you don't notice it immediately, by the hour the rsync'd copy would be corrupted too.
I tried the idea, and there's about a 4x typing speed increase over the regular method. It's very easy to learn, because you don't have to memorize anything. For example, the 3 key has "DEF" written over it. How hard is it to learn that using your index finger would produce a "D", the middle finger a "E", and the ring finger a "F". I caught up with the idea nearly instantly, unlike the palm handwriting recognition, which forces you to learn a new alphabet (although that's not too hard either). From my experience with handwriting recognition, it is slow and error-prone from factors like writing size, speed, hand stability, grip and so on, and it forces you to always look at the screen. With this method you can touch-type without looking at the screen.
The main problems are that it forces you to hold the phone with the other hand, it will probably need to be calibrated for every user, and probably won't work if you're wearing gloves and so on.
But even after all, it's a simple and ingenious solution for most circumstances.
Phone makers just need to add an option to go back to the older method of typing, to handle those circumstances.
Slashdot Mirror
OAuth2 security issues
A similar thing happened in Ireland earlier this month due to a vulnerability in Joomla! http://www.iedr.ie/docs/IEDR_Statement_F_issued_9_November_2012.pdf
Searching on Live Search:
[google]: 751
[google -DummyZXCVB]: 65,806,166
[microsoft]: 80,139,835
[microsoft -DummyZXCVB]: 80,722,350
The ASERTH keyboard layout has all the advantages of the Dvorak layout, but makes switching layout MUCH easier.
http://aserth.com/
D.J. Bernstein's Poly1305-AES seems like an interesting alternative, it's in the public domain.
You can get native GNU tools for Win32 from:
http://unxutils.sourceforge.net/
In Spain, Jazztel offers 1024/300/35, and ya.com offers 1024/300/34. Not available everywhere.
Take a look at PowerDNSn s/
http://www.powerdns.com/products/powerd
Article
If it causes a blue screen you can report it to the security team. You won't be ignored.t y/contact. asp
http://www.microsoft.com/technet/securi
You can use PCRE with VIM:_ id=393
http://vim.sourceforge.net/tips/tip.php?tip
Use perl instead grep, e.g.:
cat filename | perl -ne 'print if (/myregexp/)'
Take a look at http://rescuecd.sf.net/
Excellent toolkit, and it can be adapted to create your own rescue CD. Based on Debian.
In this example, we want to achieve secure webmail. The internal server is running an IMAP server. The VPS (Virtual Private Server) is running Apache and a web mail program that connects over IMAP (e.g. SquirrelMail).
You create a passwordless SSH port forwarding from the IMAP server towards the remote VPS (Virtual Private Server).
And then to create the SSH port forwarding for IMAP.
And then set the webmail to use port 10143. I'm using a high port number so that the SSH forwarding can run as a non-root user.
I now only need to figure out how to automatically reconnect if the SSH connection dies.
So the internal network has no open ports. And even if the VPS gets hacked, they can't connect to the internal network (all the connection start from inside).
Has anyone tried out anything like this?
Can anyone point out any possible security problems?
It depends.6 .html#p 6.2
See the following link:
http://www.ergogero.com/FAQ/Part6/cfaqPart
Microsoft Baseline Security Analyzer is a good GUI tool that check for missing hotfixes and various security problems.o ols/MBSAHome.ASP
You can download it at http://www.microsoft.com/TechNet/Security/tools/t
However, to use this tool, you need to enable the "Server" service, or you'll get weird errors.
I've recently been reviewing a dozen of different software to convert from Word to XML.
.
So far the best tool I found is upCast (free for personal use) from http://www.infinity-loop.de/
To convert a Word file:
* Use Word's AutoFormat feature to convert visual formatting to Word styles
* Redefine all the text as Word styles
* Run upCast to convert to XML using the "XML (content, no DTD)" filter
* Run HTML Tidy from http://tidy.sourceforge.net/ with the parameters -xml -utf8 -clean -bare .
Other tools that might be worth a second look:
* Majix (Open Source) - http://www.tetrasix.com/
* WorX SE - http://www.xyvision.com/
* XML MarkupKit (in German) - http://www.eds.schema.de/download/MarkupKit/
* DocSoft LLC Word-to-XML - http://www.docsoft.com/w2xml.htm
I recommend plugging in an extra hard drive, and using Norton Ghost, or one of the alternatives to back up the partition, before touching it. Since the filesystem is corrupt, you'll probably have to do a bit-to-bit copy for it to work.
Afterwards, you can do whatever experiments you want with it, and still be on the safe side.
The following programs allow to convert/create JPEG2000 images under Windows.
http://www.xnview.com/
http://www.slowview.at/
Google doesn't seem to have been updated for about 3 months.
e.g. a search for "GXP120" on Google gets me 29 results.
The same search at www.alltheweb.com gets me 1012 results.
For our company we have bought about 25 75GXP drives 30GB drives a year ago.
In a 12 month period, 18 out 25 have already failed.
Luckily, our vendor has agreed to replace the hard drives with a different brand and usually as soon as the weird squeaks started, before major data loss occurred. On the few occasions the hard drive was replaced by the another drive of the same model, it exhibited the same problem.
1% is a normal failure rate for hard drives.
70% FAILURE IS TOTALLY UNACCEPTABLE.
I guess if we'll wait a few months, the failure rate will be near 100%. The problem is that we have to wait for the drive to fail before we can replace them.
Always keep offsite backups
It's a bad idea to backup every hour, especially if this is your only backup. If files get corrupted, and you don't notice it immediately, by the hour the rsync'd copy would be corrupted too.
They also sound like tanks... Not something you would want to backup overnight in your a bedroom.
In QBASIC it's even shorter.
?"Hello World."
I tried the idea, and there's about a 4x typing speed increase over the regular method. It's very easy to learn, because you don't have to memorize anything. For example, the 3 key has "DEF" written over it. How hard is it to learn that using your index finger would produce a "D", the middle finger a "E", and the ring finger a "F". I caught up with the idea nearly instantly, unlike the palm handwriting recognition, which forces you to learn a new alphabet (although that's not too hard either). From my experience with handwriting recognition, it is slow and error-prone from factors like writing size, speed, hand stability, grip and so on, and it forces you to always look at the screen. With this method you can touch-type without looking at the screen.
The main problems are that it forces you to hold the phone with the other hand, it will probably need to be calibrated for every user, and probably won't work if you're wearing gloves and so on.
But even after all, it's a simple and ingenious solution for most circumstances.
Phone makers just need to add an option to go back to the older method of typing, to handle those circumstances.