|
|
|
|
y*m
发帖数: 60 | 5 Panther bitten by second data damaging bug
By Tony Smith
Posted: 04/11/2003 at 13:30 GMT
Mac OS X 10.3's FileVault system, which protects each user's home folder with
on-the-fly 128-but AES data encryption, has been found to contain a
data-damaging glitch, Apple has admitted.
The bug manifests itself as a request to regain lost disk space in the
encrypted directory. If the user responds in the affirmative, FileVault's
reclamation process damages the user's keychain data. Keychain is the Mac OS' |
|
E***r
发帖数: 1037 | 6 还是那么感性,那么有煽动力
那遣词造句,诗一样
(空洞无物)
郎咸平说过,广告的本质
不是打公司和产品的知名度
打的是产品精神
果子做到了
http://www.apple.com/iphone/why-theres-iphone/
Every iPhone we’ve made — and we mean every single one — was built on the
same belief. That a phone should be more than a collection of features.
That, above all, a phone should be absolutely simple, beautiful, and magical
to use.
It should have hardware and software that were designed to work with each
other. And enhance each other. By people who frequently see each other. That
’... 阅读全帖 |
|
l*******9
发帖数: 177 | 7 Found the encryption and decryption things are pretty helpful.
i.e. in generating CAPTCHA images, using encrypted values
on the query string is quite necessary...
What are the (en|de)crypting methods you ppl are using? or what
other kinds of tech I can use to handle this.....
//bow. |
|
J*X
发帖数: 1001 | 8 我在linode上租了个vps,在godaddy上买了个域名。昨天折腾了一晚,最后搞不定Let'
s Encrypt SSL certificate
错误信息如下:
[Sun Aug 12 01:27:03 CST 2018] Domain does not exist.
[Sun Aug 12 01:27:03 CST 2018] Error add txt for domain:_acme-challenge.xxx.
com
[Sun Aug 12 01:27:03 CST 2018] Please check log file for more details: /usr/
local/acme.sh/acme.sh.log
Let's Encrypt SSL Certificate create failed!
我不明白它为啥说domain doesn‘t exist,因为现在如果访... 阅读全帖 |
|
z*q
发帖数: 29 | 9 I have a file encrypted with RSA. The algorithm to decrypt it is:
m^d%n
m is the encrypted data, and I know d and n, which are large numbers in big
endian format.
I am required to decrypt the file using these information. Anybody has
experience on that, and could you tell me how to do that?
Thanks a lot! |
|
u*******y
发帖数: 8 | 10 Hi, I am supposed to have my web server (NT Server 4) to
connect a SQL Server database server machine (NT Server 4).
There's no LAN connection. I can only use TCP/IP through
internet. I hope the connection is encrypted. The Books
Online said I need to setup server network protocol to
multiprotocol and enable the encryption. But multiprotocol
use some naming service to resolve the server name. Books
online says multiprotocol client uses WINS to resolve name
for TCP/IP.
The problem is that the two |
|
y********o
发帖数: 2565 | 11 Is it public key encryption?
that they simply use dictionary lookup (or maybe a very little guessing work
). Consider this, if somebody gets your data, he can run the Brute-force
attack freely on his comput
result is verifiable; for certificate/key encryption, you cannot guess
because there is no way to verify if your guess is correct or not. |
|
i****a
发帖数: 36252 | 12 哦我看贴不仔细
都在reporting datadate 里。backup 那个database ,report 都有了。SSRS server
config 的 encryption key 也要 backup,否则 data source 要重设 connectuon
string 和 login
也可以去页介面 report manager 上download. 如果report数量大看能不能写个script
download
Encryption key 还是要restore的
[发表自未名空间手机版 - m.mitbbs.com] |
|
c**t
发帖数: 2744 | 13 They are encrypted, hard for 3rd party to decrypt. But for caller itself,
the encryption is not a issue
know |
|
d*****s
发帖数: 173 | 14 T1给了5个ip 50.20.38.106-50.20.38.110
asa5510 0/0口绑定了地址50.20.38.110,0/1接内部网络
想要从外部通过50.20.38.106访问内部web server 192.168.1.110
我参考cisco文档配置了static nat,但是还是无法访问,请问哪里出了问题,谢谢!
http://www.cisco.com/en/US/docs/security/asa/asa83/configuration/guide/nat_objects.html#wp1119793
asa版本是8.3
附上我的配置
ASA Version 8.3(1)
!
hostname ciscoasa
domain-name default.domain.invalid
enable password b4RZzua6LpNOeJCF encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
dns-guard
!
interface Ethernet0/0
nameif outside
security-... 阅读全帖 |
|
a***n
发帖数: 262 | 15 I did not see the static nat.
apply access-group 100 in outside
then try to use packet-tracer utility
T1给了5个ip 50.20.38.106-50.20.38.110
asa5510 0/0口绑定了地址50.20.38.110,0/1接内部网络
想要从外部通过50.20.38.106访问内部web server 192.168.1.110
我参考cisco文档配置了static nat,但是还是无法访问,请问哪里出了问题,谢谢!
http://www.cisco.com/en/US/docs/security/asa/asa83/configuration/guide/nat_objects.html#wp1119793
asa版本是8.3
附上我的配置
ASA Version 8.3(1)
!
hostname ciscoasa
domain-name default.domain.invalid
enable password b4RZzua6LpNOeJCF encry... 阅读全帖 |
|
x*********n
发帖数: 28013 | 16 昨天谈到tunnel QOS,我就不解了,本来tunnel这个就是virtual的,数据过去都是
encrypt的,既然是encrypt,router怎么查看bit,怎么QOS呢? |
|
p**x
发帖数: 123 | 17 maybe more secure and NAT friendly?;)
interesting that you mentioned IPsec/GRE, I suppose you meant gre over ipsec
since you picked transport mode. with that setup, it is also extra overhead
to provide encryption to routing protocol...i would probably do ipsec over
gre tunnels, so the gre takes care any multicast or broadcast stuff while
the encrypted traffic rides inside the tunnel. it's easier on cpu and memory
too. |
|
c**t
发帖数: 2744 | 18 After more googling, I found:
Tunnel encrypts the header and payload of each packet.
I had the capatured packets (by wireshark), they are all encrypted, question
now becomes how to decrypt. I have the device (iPad, iPhone). |
|
x*********n
发帖数: 28013 | 19 以前在版上很少看到面经,将来也许有人有用。
1.STP的大致情况,被问到第二次了,这次还没讲好,问我message name,BPDU愣是没
想起来,election讲对了一些。
2.HSRP VRRP,这块有点坑爹,讲到election的时候我又开始瞎扯,人家问我priority
default是多少,我瞎蒙100,结果他说对的。。。
3 IPsec vs GRE的区别,我跟他扯,IPsec encrypted的,GRE虽然encrypted了,但是
send的content是plain text的,不知道说对了没。
4.又问OSPF EIGRP,我直接说我们ISP直接static,很少用,BGP经常用。
5. BGP,我跟他扯attribute,从weight开始一个一个讲,先排序,再讲config,降了
点as-path list,route-map,set 一个value,瞎扯了点as prepend。
期间问了我local preference的default number,我说100,还问了如何影响outbound
,我说MED。后来讲着讲着发现,local prefere... 阅读全帖 |
|
r****y
发帖数: 26819 | 20 这些都是我常用的。欢迎大家补充。
Adobe--原来Macromedia--的那一套官方工具,自不用多说。相信用Flash的人都太熟了。
Sothink的SWF Decompiler,这个是必备的万能工具。没有加密的SWF基本都可以用它还原
到FLA和AS文件。Emule上很容易找到。它有一点点小问题,对某些AS代码不能正确读出
来,如果能配合ASV,那就天衣无缝了。
ASV,这是很权威的SWF反编译工具。5.0版以上就很强大了。不容易找到破解过的。
SWF Encrypt,这是制作加密SWF的最好工具。现在用Encrypt加密过的SWF,尚未发现任何
反编译办法。 |
|
a*******i
发帖数: 1105 | 21 The QAM Tuner card cannot handle encrypted content. This is a video capture
card that captures video signal from your STB via HDMI or component after
encrypted content is processed. |
|
P*****r
发帖数: 1308 | 22 ***EDIT***: Just to clarify if I'm using the right mode. What I want to achieve is to bring my printer into the wireless network, so that all wirelessly connected laptop could use the printer, also to re-broadcast the wireless in the 2nd room. I found my signal reduces a lot just a room away from the main router (laptop in the room where the main router is has 300M speed, but just a wall away, I only got about 150M). I don't know if the 520GU (a G router with 54M max speed) rebroadcasting would ... 阅读全帖 |
|
e***y
发帖数: 4472 | 23 Google Chrome Terms of Service
These Terms of Service apply to the executable code version of Google Chrome
. Source code for Google Chrome is available free of charge under open
source software license agreements at http://code.google.com/chromium/terms.html.
1. Your relationship with Google
1.1 Your use of Google’s products, software, services and web sites (
referred to collectively as the “Services” in this document and excluding
any services provided to you by Google under a separate writte... 阅读全帖 |
|
p****j
发帖数: 172 | 24 about $110 after instant discount. Valid for orders placed June 9, 2011 through July 3, 2011.
1.5TB FreeAgent® GoFlex™ Ultra–portable Drive
Features:
USB 2.0 plug-and-play
Easy-to-use preloaded backup software with encryption
Upgrade to USB 3.0, FireWire® 800 or powered eSATA or access
content over the network and on TV
2-year limited warranty
In the box:
GoFlex™ ultra-portable drive
Backup with encryption software pre-loaded on drive
NTFS driver... 阅读全帖 |
|
i***l
发帖数: 9994 | 25 agreed, you made some good points.
a file encryptor surely is easier to use than a disk encryptor like
truecrypt. However I still prefer open source file encryptor over closed-
source software. I'd rather use 7zip to encrypt a file since it is open
source.
something to read:
"In 2008, the FBI attempted to break encryption on hard drives using a
program called TrueCrypt, but the equipment was finally returned after a
year of failed tries."
http://www.cybercrimereview.com/2012/01/tech-watch-truecr... 阅读全帖 |
|
s***g
发帖数: 495 | 26 搞好了。问题在于/etc/config/wireless中:
option encryption psk2
而不是:
option encryption psk |
|
P*****C
发帖数: 105 | 27 現在packet forward,也就是NAT,主要也是用在ipv4上。如果是software NAT,CPU能
力就很重要。像目前一線的dual core ARM, 一般300 ~ 400 mbps也就到頂了。
所以,現在大部份是hardware NAT,那CPU的能力也不重要了。CPU主要的還是用在其它
的service上面。比如VPN encryption.這個就一般也沒有hardware encryption,只能
靠cpu了。
不過ipv6大部分都是pass through,如果再普及一點,這個NAT意義也不大。 |
|
J*X
发帖数: 1001 | 28 【 以下文字转载自 BuildingWeb 讨论区 】
发信人: JTX (JTX), 信区: BuildingWeb
标 题: 大佬们问个SSL certificate的问题
发信站: BBS 未名空间站 (Sat Aug 11 13:43:34 2018, 美东)
我在linode上租了个vps,在godaddy上买了个域名。昨天折腾了一晚,最后搞不定Let'
s Encrypt SSL certificate
错误信息如下:
[Sun Aug 12 01:27:03 CST 2018] Domain does not exist.
[Sun Aug 12 01:27:03 CST 2018] Error add txt for domain:_acme-challenge.xxx.
com
[Sun Aug 12 01:27:03 CST 2018] Please check log file for more details: /usr/
local/acme.sh/acme.sh.log ... 阅读全帖 |
|
h**h
发帖数: 132 | 29 Most of my experiences are w/ Cisco, but for network administrator,
we only know a few outmost configs, and a very limited understanding
of the inner theory:-(
For speed of IPSec, there are two different things
1> for interactive traffic, such as telnet, it may be slow, not only
because the buffer of packets, but also protocol overhead
2> Encryption overhead, it depends on whether it is a hardware based
or software based, many of cisco's devices are utilizing ASIC and offload
encryption from pro |
|
h**h
发帖数: 132 | 30 I guess so, at least that's what we do. both need to configure
for the particular peers, some steps but not limited to these
1> make sure both are using the same encryption, transform-set
authentication, using correct trigger for interesting traffic and etc.
2> generate keys (say RSA-Encrypted nonces) if none
3> obtain pubkey and distribute to the other (manual process)
4> configure pubkey for remote peer
5> test it out!!!
again, IPSec only works for peer session for particular interesting
packe |
|
r****r
发帖数: 6957 | 31 我很土,最近网上BANKING总会被提示"Your browser is unable to perform strong
encryption. For your protection, we require 128 bit encryption in order to
secure your banking session." blah, blah.
那位大下知道怎么该这个设置? 我用的是IE6.0
谢乐 |
|
a*******t
发帖数: 891 | 32 yes, need the same software with the same key
use the oldest and most secured encryption method: send a regular mail to her
with a decoding key. send her "encrypted" email which only can be decoded with
your keys : ] |
|
x******0
发帖数: 1058 | 33 家里的无线路由器是Dynex Enhanced G Router, Authentication采用的是WPA-PSK,
Encryption Technique采用的是TKIP. 因为我的Laptop比较老 (2005买的DELL
Inspiron 600M), 所以Authentication采用的是WPA-Personal, Encryption Technique
采用的是TKIP. 但就是连不上家里的无线路由器. 家里的另一台laptop采用WPA-PSK 和
TKIP 组合就没有问题. 但wikipedia上说:
WPA-Personal Also referred to as WPA-PSK (Pre-shared key) mode
到底问题在哪儿?
谢谢! |
|
b****s
发帖数: 472 | 34 if you transport this key without any encrpytion, what's the point
to use encryption on you messages?
why not use public key encryption like rsa, dh? java has a security package
that can do many stuff for you. |
|
m******t
发帖数: 2416 | 35
That's what .Net does. You can put all the states in ViewState,
which is essentially an encrypted hidden field and gets carried
back and forth between requests.
But then, the keyword here is "encrypted". |
|
g*****g
发帖数: 34805 | 36 It's the encryption key, which is a secret long random number, makes
encryption secure. Bouncy castle is even open source, we are using it
in production. And we are a company on email security. You can wiki
PKI to understand more.
engin
变了 |
|
N*D
发帖数: 3641 | 37 I don't want to expose the encryption algorithm and the key to people who
want to use it. Is there any way to do this? Thanks.
engin
变了
Are you worried about your java code being reverse engineered and stolen, or
are you worried about your encryption algorithm being decompiled and
cracked? |
|
g*****g
发帖数: 34805 | 38 You always need a keystore on server side, which contain
public and private keys. Server sends the public key (certificate)
to client first time the client connects. The client uses
the cert to encrypt the traffic and it can be only decrypted with
the keystore. This is assymetric (actually a random key is generated
to do symmetric entryption and the random key itself is encrypted
assymetrically)
Now the problem is the public key, a public key needs to be signed
by a trusted CA or your browser wi |
|
k***r
发帖数: 4260 | 39 这两天在弄RSA implementation。找到的open source code都不适合需要,或者不能
指定我自己的key (by specifying the e, n, p, q, d values),或者不能encrypt
strings,只能encrypt BigInteger。如果哪位有合适的code,欢迎share一下!
String 到 BigInteger 的转换和data chunking没太弄懂。如果弄懂了自己写这块也行
。 |
|
b******y
发帖数: 9224 | 40 我曾经用过AxCrypt,不错。但是生成的encrypted file不是ascii的。
有哪位大侠给说说有啥软件, free的,可以encrypt to ascii文件格式吗?
ascii格式的好处是,可以存到任何地方。 |
|
m******t
发帖数: 2416 | 41
server.
it
I respectfully disagree with all of you. 8-)
An encrypted (e.g. gpg) password still offers
some protection even when the server is
physically hacked.
Also from a legal standpoint, encrypting passwords
is considered part of the "due diligence" effort
in protecting customer data. I believe both SOX and
PCI compliances require it (which my client is
currently painfully going through). |
|
a***n
发帖数: 584 | 42 A common practice in some of the projects would be encrypting with SHA-1
plus SALT. However, it is more of a trap-door function. That is, not easy to
revert back. So, if you want keep your secrets temporarily till finding a
new encrypting method, then maybe using Triple-DES. |
|
a***n
发帖数: 584 | 43 A common practice in some of the projects would be encrypting with SHA-1
plus SALT. However, it is more of a trap-door function. That is, not easy to
revert back. So, if you want keep your secrets temporarily till finding a
new encrypting method, then maybe using Triple-DES. |
|
e********y
发帖数: 66 | 44 我觉得authentication和encryption是不一样的。如果你你说的是encryption得到话,
那大部分应该是AES。老系统可能是3DES等。不是很确定。 |
|
S*A
发帖数: 7142 | 45 password encrypted on the harddisk level. No password your harddisk
has shit inside. Can't boot. You might as well get a new machine to
use.
Some company does that in case the laptop is lost or stolen, the
best you can do is reinstall. You can't get the existing data
in the laptop.
The new ATA commands allow encryption related capability on the
harddisk itself. |
|
c*****m
发帖数: 1160 | 46 Linux (Ubuntu)下,我用了两种不同的方式给硬盘加密:
1,安装完系统后, 指定第二个partition是加密的,密文存在/boot/encrypt下,只有
root可以访问。
2,安装系统期间就指定所有硬盘加密,指定密文。
第一种方式的问题是:如果别人黑了root,不是就能看到密文了么?甚至,这个 /boot
/encrypt 根本就不是加密的,别人拿着硬盘的话,是不是不用黑root,都能翻出来?
第二种方式的问题是:每次重启,都必须在机器前physically 输入密文。因为系统需
要密文才能跑起来,跑网络。
请问你们的common practice是什么? |
|
c*****m
发帖数: 1160 | 47 Linux (Ubuntu)下,我用了两种不同的方式给硬盘加密:
1,安装完系统后, 指定第二个partition是加密的,密文存在/boot/encrypt下,只有
root可以访问。
2,安装系统期间就指定所有硬盘加密,指定密文。
第一种方式的问题是:如果别人黑了root,不是就能看到密文了么?甚至,这个 /boot
/encrypt 根本就不是加密的,别人拿着硬盘的话,是不是不用黑root,都能翻出来?
第二种方式的问题是:每次重启,都必须在机器前physically 输入密文。因为系统需
要密文才能跑起来,跑网络。
请问你们的common practice是什么? |
|
