Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 2 years ago.
Improve this question
Right now, we're using PGP command line 9.0. Does anybody know if GnuPG will work? It'd be a lot cheaper.
EDIT:
Theoretically, GnuPG/PGP/McAfee eBusiness Server should be able to interoperate. In practice, you pretty much just have to test to see. We did not make GnuPG work with McAfee eBusiness Server.
I've never used McAfee eBusiness Server specifically, but the entire point of GnuPG was to provide Free Software that implemented the OpenPGP spec. Unless McAfee is for some hideously obnoxious reason mandating specific ciphers, there shouldn't be a problem.
Note that if some components are going to be checking a key with PGP, and some with GnuPG, you may want to doublecheck the interoperability FAQ question for GnuPG, as you may, in fact, have to limit your cipher and compression algorithms or signature versions. That FAQ is discussing a much older version of PGP, so it may actually no longer be an issue.
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
Basically my question is relation to every package manager. I'm interested to know that in package manager like apt-get,rpm etc., is there any network security while downloading any file, if yes what kind of it is and is it really required in os like linux
There are security measures, yes, obviously.
All packages in a repository are signed on the server side by a key in an asymmetric manner. That signature is checked by the client (your system) when downloading / installing packages. Only if it can be verified the package is accepted, otherwise an error is thrown. You certainly have seen that already a few times, for example when a repository got updated right whilst you download. Happens. But it is secure in that aspect.
You can very easily verify that yourself: setup your own repository (there are tutorials for that), import the key. Then replace a package stored there by some other file on file system level. Now try to install that file. You will see that it gets rejected because it cannot be verified.
The question whether that really is required is pretty strange. Why would one not want to secure that process? That would leave you vulnerable like the process of installing software on MS-Windows based systems!
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 6 years ago.
Improve this question
HaskellNet seems to be the only available IMAP client library for Haskell, but it doesn't seem to support TLS connections, which is necessary for accessing Gmail's IMAP servers. Are there any alternative Haskell libraries or workarounds?
Sorry to dredge up quite an old post here, but I came across this thread when I had the same issue a while back, and have since written a library which adds SSL/TLS support to HaskellNet. It makes use of another library, connection, which I don't think existed at the time this question was originally posted, and which made adding TLS support significantly easier than it used to be. You can find it here: http://hackage.haskell.org/package/HaskellNet-SSL
Hopefully this will be of some use to anybody else who stumbles upon this thread looking for information about connecting to gmail accounts. In fact, for gmail specifically, there is sample code for connecting to their IMAP/SMTP servers in the repository.
Check out imapget on hackage. It gets around this limitation by creating a proxy port.
Looks like new library appeared since your last post: imap: An efficient IMAP client library, with SSL and streaming.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
We are using this server for almost a year now.
Last forum post seen in November, 2011.
Last server version released 28/03/12.
Just wondering if anyone knows whats happening inside the company?
Should we expect something or should we start looking for alternatives?
I did what you did not do: using email to ask the question to the people able to answer.
And they replied that:
the forum was closed because they could not cope with the amount of accounts created daily to publish junk
the next version will be the most important ever made for G-Wan, with new features like a caching reverse proxy and an elastic load-balancer as well as system replacements like a wait-free memory allocator.
With regard to such developments, a 3-month period without publishing releases sounds reasonable.
More reasonable than assuming that such an 'inactivity period' means that "the project is dead".
Would you say that for other Web servers like Apache which have much larger release cycles?
You should always be expecting something from G-WAN. It's a great piece of software. Here's the other thing too: G-WAN was expertly engineered. That doesn't mean that there are no bugs in it, or that features can't be implemented, but G-WAN is incredibly tight.
It has lean code, it does what it supposed to do, very well, and it is built for the developer to add in the functionality that hasn't been put in there yet.
That's the beauty of it, or one facet of the beauty.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Know anybody, how i can install NodeJS on dd-wrt, openwrt or freewrt system?
Or Maybe on any Router with one on these systems: http://en.wikipedia.org/wiki/List_of_router_or_firewall_distributions
I stumbled across one fellow on Twitter who claimed to have done so back in 2011 April and offered a high-level overview of the process. My research indicates that this will only be possible on little-endian chipsets (e.g. "mipsel", as on the ASUS RT-N16) as even the MIPS version of v8 does not support big-endian implementations of that architecture (e.g. as the Atheros chipset on the Buffalo WZR-HP-AG300H is using).
Sorry, couldn't find any references that indicate it's been done. I suggest checking out the dependencies for Node.
You will need at least the following:
gcc4-g++
git
make
pkg-config
zlib-devel
openssl-devel
openssl
python
Note, that is from the older Cygwin compile instructions so they might not be exactly right.
If you can find all of those for your router OS then it should be possible. Just note that it will take a LONG time to compile.
You may also struggle with memory as most routers are severely lacking. This question on Google has a bit of information.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I am searching for a host for a new commercial website. Among other things, I'd like to know what the various OS - Webserver combinations have in terms of vulnerabilities. What are the vulnerabilities of Redhat + Apache?
See: http://httpd.apache.org/security/vulnerabilities_20.html
Poor system admins is the biggest in my experience.
The biggest risk to any web application server is vulnerabilities in the web application its self. Linux Apache MySQL and PHP (LAMP) is a very secure platform. RedHat's Fedora core is very secure because it uses SELinux, this is somthing that does not exist for Windows. However vulnerabilities such as SQL Injection and XSS can still result in your server getting hacked.
Its kind of a difficult question to answer, the development life cycles are so active you're asking for something that's likely to have been solved already ( and if its been reported so that we know of it, the likelihood its fixed is really high )
What you need is a 0-day hack for them, and asking this list really wont get you those.
Any system is only as strong as its weakest link. Invariably that will not be the OS or the server software, it will be the end application you develop or install.
As suggested here, I could check out the CERT Database.