Basic schema design and security mechanisms for slowing down bandwidth

Similar Messages

• How to Set up HTTPOnly and SECURE FLAG for session cookies

  Hi All,
  To fix some vulnerability issues (found in the ethical hacking , penetration testing) I need to set up the session cookies (CFID , CFTOKEN , JSESSIONID) with "HTTPOnly" (so not to access by other non HTTP APIs like Javascript). Also I need to set up a "secure flag" for those session cookies.
  I have found the below solutions.
  For setting up the HTTPOnly for the session cookies.
  1] In application.cfc we can do this by using the below code. Or we can do this in CF admin side under Server Settings » Memory Variables
       this.sessioncookie.httponly = true;
  For setting up the secure flag for the session cookies.
  2] In application.cfc we can do this by using the below code. Or we can do this in CF admin side under Server Settings » Memory Variables
       this.sessioncookie.secure = "true"
  Here my question is how we can do the same thing in Application.cfm?. (I am using ColdFusion version 10). I know we can do this using the below code , incase of HTTPOnly (for example).
  <cfapplication setclientcookies="false" sessionmanagement="true" name="test">
  <cfif NOT IsDefined("cookie.cfid") OR NOT IsDefined("cookie.cftoken") OR cookie.cftoken IS NOT session.CFToken>
    <cfheader name="Set-Cookie" value="CFID=#session.CFID#;path=/;HTTPOnly">
    <cfheader name="Set-Cookie" value="CFTOKEN=#session.CFTOKEN#;path=/;HTTPOnly">
  </cfif>
  But in the above code "setclientcookies" has been set to "false". In my application (it is an existing application) this has already been set to "true". If I change this to "false" as mentioned in the above code then ColdFusion will not automatically send CFID and CFTOKEN cookies to client browser and we need to manually code CFID and CFTOKEN on the URL for every page that uses Session. Right???. And this will be headache.Right???. Or any other way to do this.
  Your timely help is well appreciated.
  Thanks in advance.

  BKBK wrote:
  Abdul L Koyappayil wrote:
  BKBK wrote:
  You can switch httponly / secure on and off, as we have done, for CFID and CFToken. However, Tomcat automatically switches JsessionID to 'secure' when it detects that the protocol is secure, that is, HTTPS.
  I couldnt understand this. I mean how are you relating this with my question.
  When Tomcat detects that the communication protocol is secure (that is, HTTPS), it automatically switches on the 'secure' flag for the J2EE session cookie, JsessionID. Tomcat is configured to do that. Coldfusion has no say in it. So, for JsessionID, 'secure' is automatically set to 'false' when HTTP is detected and automatically set to 'true' when HTTPS is detected.
       If this is the case then why I am getting below info for jsessionid (As you mentioned it should set with SECURE flag . Right???). Note that we are using web server - Apache vFabric .And the application that we are using is in https and there is no hit is going from https to http.
  Name:
  JSESSIONID
  Content:
  782BF97F50AEC00B1EBBF1C2DBBBB92F.xyz
  Domain:
  xyz.abc.pqr.com
  Path:
  Send for:
  Any kind of connection
  Accessible to script:
  No (HttpOnly)
  Created:
  Wednesday, September 3, 2014 2:25:10 AM
  Expires:
  When the browsing session ends
  BKBK wrote:
  2]When I checked CF Admin->Server Settings->Memory Variables I found that J2EE SESSION has been set to YES. So does this mean that do we need to set HTTPOnly and SECURE flag for JSESSIONID only or for CF session cookies (CFID AND CFTOKEN ) as well ?.
  Set HTTPOnly / Secure for the session cookies that you wish to use. Each cookie has its pros and cons. For example, the JsessionID cookie is more secure and more Java-interoperable than CFID/CFToken but, from the explanation above, it forbids the sharing of sessions between HTTP and HTTPS.
       I understood that setting thos flags (httponly/secure) is as per my wish. But my question was , is it necessary to set those flags forcf session cookies (cfid and cftoken) as we have enabled J2EE session in CF admin?. Or in other way as the session management is J2EE based do we need to set those flags for CF session cookies?.
  BKBK wrote:
  3]If I need to set HTTPOnly and SECURE flag for JSESSIONID , how can I do that.
  It is sufficient to set the HTTPOnly only. As I explained above, Tomcat will automatically set 'secure' to 'true' when necessary, that is, when the protocol is HTTPS.
       I understood that it is sufficient to set httponly only.but how we will set it for jsessionid?. This is my question. Apache vFabric will alos set secure to true automatically. Any idea??

• CS 6 Design and Web Premium for Windows - convert to Mac compatible version?

  Hi
  I bought CS 6 Design and Web Premium for Windows. I now have an iMac. Please advise on how I get the Mac version.
  Thanks

  Order product | Platform, language swap

• How do I reset my security questions? Normally people are saying something about a rescue email or a thing that will show where your password and security are for me it just shows my two questions  and that is it.- Help

  How do I reset my security questions? Normally people are saying something about a rescue email or a thing that will show where your password and security are for me it just shows my two questions  and that is it.… Help

  Go to Appleid.apple.com and choose Manage ID you can change them from there.
  You can add a rescue email if you don't have one there too.

• Design and Testing Suggestions for Different Screen Resolutions

  Intermediate Dreamweaver CS3 user, in need of "Design and Testing Suggestions for Different Screen Resolutions".
  Thank you, J. Chavez

  Adobe Browser Labb and BrowserShots.org

• Hi. I am going to be buying a macbook air 2012 soon with 4 GB of RAM and wondering how much memory space does norton AV take up and does it drastically slow down the mac. Thanks a lot :)

  Hi
  I am going to be buying a macbook air 2012 model with 4 GB ram soon. I was wondering how much space (memory) does Norton AV take up and does it drastically slow down the computer. Also, I am going off to uni so will predominantly be using the laptop for surfing and MS office.
  Thanks a lot

  Sorry to disagree mende1.  In this age of email attachments and social networks, it is actually a good idea to have a good antivirus on your system. {I realize that this is a religious argument and I will say no more}.  With that said, the general concensus is that Norton AV is terrible. It is intrusive and uses up a lot of cycles.
  There are a lot of better AV clients out there.  I use ClamXav which is free and uses the clamav antivirus that is open source. 

• Hi is there an app for slowing down music for learning purpose ? for itunes

  hi is there an app for slowing down music for learning purpose ? for itunes.

  Search the iTunes store and find out.

• I know i can slow down speed in a movie clip but can i and how do i slow down a transition clip? specifically the scrolling credits. it goes so fast i cant read it

  i know i can slow down speed in a movie clip but can i and how do i slow down a transition clip? specifically the scrolling credits. it goes so fast i cant read it

  never mind i found the answer

• Firewall/Switching/VLAN Design and Security considerations

  Hi,
  Consider the following:
  /SW3---|
  External--S1--FW---/ |Subnet 1
  | \ \ |
  | \__\SW4---|
  | /\
  | / /SW5--|
  External--S2--FW-/ |Subnet 2
  \ |
  \SW6--|
  Requirements:
  Router/Switch/Firewall/NIC resiliency. We can pretty much cover this with HSRP/redundant links(STP)/HA between firewalls/ and (HP) NIC Teaming.
  Question:
  Is it unreasonable to have SW3-SW6 physically on the one switch due to lack of available ports?
  I take it this wouldn't be the securtiy purists choice of implementation?
  If it is reasonable/doable, what are the features on IOS on switches eg. 2950's to implement this?
  Any help appreciated.
  Thanks
  Mark

  You can configure network security by using ACLs by either using the Cluster Management Suite (CMS) or through the command-line interface (CLI). You can also use the security wizard to filter inbound traffic on the Catalyst 2950 switches. Filtering can be based on network addresses or TCP/UDP applications. You can choose whether to drop or forward packets that meet the filtering criteria. To use this wizard, you must know how the network is designed and how interfaces are used on the filtering device. For more information refer to following url:
  http://www.cisco.com/en/US/products/hw/switches/ps628/products_configuration_guide_chapter09186a008007e8ed.html#36127

• Possible (and secure) architectures for E-Recruitment Web Enabled???

  Hello,
  i need informations about posible (and secure) architecture solutions for E-Recruitment Web Enabled.
  I found one basic exsample in the E-Recruiting system architecture guide, but it is a exsample from 2003.
  do someone use E-Recruiting web enabled and in what for a topology?
  regards
  chris

  Hellow Christian,
  Successful e-recruiting relies on strong long-term relationships with both current and potential employees u2013 and on the ability to locate appropriate positions for talented individuals from within and outside the organization. The SAP E-Recruiting application offers innovative support for talent relationship management, as well as traditional central recruiting functions.
  SAP E-Recruiting, a fully Web-enabled, end-to-end recruiting solution, accelerates and streamlines the recruiting process with a comprehensive strategy that that enables your company to build up and draw from a qualified, global pool of internal and external talent. Recruiters can take advantage of this talent pool to quickly find the staff they need, while collaborating closely with hiring managers throughout the hiring process.
  Applicant tracking and reporting functions help organize the processing of job applications and monitor the effectiveness of the recruiting organization. A collaboration platform links SAP E-Recruiting to external systems such as job boards, recruiting service providers, and your company's internal systems.
  Please check this links for reference
  http://www.sap.com/solutions/business-suite/erp/hcm/featuresfunctions/index.epx
  http://www.sap.com/solutions/business-suite/erp/erecruiting.epx
  Thank you,
  Shyam

• How to find the Connection and Security Code for iPad?

  I have a Canon ImageRunner 3025 at the office. I want to connect it with my iPad. I've downloaded the Canon Print & Scan App, but the app requires a Connection code and Security code.  Where can I find this on the printer? 

  Hi, thanks for posting! Canon does not provide direct support for imageRUNNER series products, but your dealer will be able to help you! If you don't have a dealer, please call us at 1-800-OKCANON (652-2666) and we will be happy to provide dealers who are in your area.

• Does the Design and Web Premium for students program for Mac allow multiple downloads on other Mac computers? Can this program be upgraded to be used on windows as well?

  I am a university student that requires a second computer. However, I do not want to purchase a second Adobe Suite Design and Web Premium Program. Does this program allow for multiple downloads? I have a Mac laptop, and I bought the Mac version of the program, is there a way to upgrade it to use it on windows? Or will it only download on a Mac device?

  Chances are your license is only for the Mac platform.
  You are not really limited in the number of times you might download - just the number of installations you can have activated.  You can have activated installations on two machines, though they both have to be running the same platform.  If it is CS6 you can request a platform swap,but that doesn't sound like what you wish to do.

• I seem to be having an issue whenever I open up a new page other sites keeping appearing and the pc has slowed down to a halt. What should i do to restore back to normality?

  I foolishly opened a free online movie site and since then my pc has slowed down and i keep getting other sites popping up constantly.
  What should i do??

  There is no need to download anything to solve this problem.
  You may have installed one or more of the common types of ad-injection malware. Follow the instructions on this Apple Support page to remove it. It's been reported that some variants of the "VSearch" malware block access to the page. If that happens, start in safe mode by holding down the shift key at the startup chime, then try again.
  Back up all data before making any changes.
  One of the steps in the article is to remove malicious Safari extensions. Do the equivalent in the Chrome and Firefox browsers, if you use either of those. If Safari crashes on launch, skip that step and come back to it after you've done everything else.
  If you don't find any of the files or extensions listed, or if removing them doesn't stop the ad injection, ask for further instructions.
  Make sure you don't repeat the mistake that led you to install the malware. It may have come from an Internet cesspit such as "Softonic" or "CNET Download." Never visit either of those sites again. You might also have downloaded it from an ad in a page on some other site. The ad would probably have included a large green button labeled "Download" or "Download Now" in white letters. The button is designed to confuse people who intend to download something else on the same page. If you ever download a file that isn't obviously what you expected, delete it immediately.
  Malware is also found on websites that traffic in pirated content such as video. If you, or anyone else who uses the computer, visit such sites and follow prompts to install software, you can expect more of the same, and worse, to follow. Never install any software that you downloaded from a bittorrent, or that was downloaded by someone else from an unknown source.
  In the Security & Privacy pane of System Preferences, select the General tab. The radio button marked Anywhere  should not be selected. If it is, click the lock icon to unlock the settings, then select one of the other buttons. After that, don't ignore a warning that you are about to run or install an application from an unknown developer.
  Still in System Preferences, open the App Store or Software Update pane and check the box marked
            Install system data files and security updates (OS X 10.10 or later)
  or
            Download updates automatically (OS X 10.9 or earlier)
  if it's not already checked.

• Editing tips for slowing down HD (flash) clips?  Trimming HD clips?

  Hello all... I'm new to HD flash content and have a couple of questions about some techniques that could speed up my workflow. I'm used to 'log and capture', but just now beginning my first projects ever using 'log and transfer' of HD content from flash cards. Anyway, here's what I'm hoping I could do:
  1. In the past with DV tape, I would drop an entire captured clip (usually and entire tape worth of video) into my Sequence then change the speed of that entire clip from 100% to 80% for my editing needs before cutting it up for editing. With this new log and transfer, it takes every clip between takes and makes them their own independent clip (IE- each time you stop recording on the shoot it makes what you just recorded a clip, whether it's 10 seconds or one hour long). So instead of having a hour's worth of footage with pink break point markers after doing a 'DV Start/Stop Detect' function, you get a boat load of 10 to 15 second individual clips.
  Question: Is it possible to select all the clips or set something in the sequence settings to change all of the clips speed from 100% (real time) to say 80% (bit of slow motion) without having adjust each individual clip one-by-one?
  2. In the past with DV tape, after slowing down my entire clip I would then go through and make cuts a second before and a second after each and every break point (or pink break point marker after doing a DV Start/Stop Detect). Maybe I've always done this the hard way, who know, so I was wondering if there's a way to select all of this HD content in my Sequence (the individual clips as described in my first question) and automatically have FCP trim a second off the start and finish of each clip (whether it's been slowed down or not)? This obviously would accomplish being able to add transitions between clips (unless there's another way to accomplish adding transitions between clips without trimming them?).
  Anyway pointers would be great! I love the HD flash content, but now I'm just realizing my old techniques with DV when it comes to the basic editing isn't going to work with this HD content from flash cards, making my job take 2-3 times as long as it would in the past. So I'm hoping FCP has added these kind of 'shortcuts' much like they did with being able to apply a single transition to a selected batch of clips.
  I'm up to date on all software and what not... running FCP 7.0.1.
  Thanks in advance!

  Thanks for the response, but I have access to the FCP user manual and have already read that. I usually only come here as a last resort. I'm hoping somebody can actually answer my two specific questions vs. directing me to a user manual that I already have. Specifically the two questions I asked above with a simple set of instructions on how to accomplish both, it either is at all possible. The user manual did not provide those answers for me and if it did, I'm not understanding it.
  And if what you are saying is I can import, or 'log and transfer', all of the footage from one card as one long clip then treating it like it's DV 'log and capture' footage I'd love to know the settings on how to accomplish that as well. I tried that and looked for settings and read the manual and I'm not seeing where that is possible.
  I'm not a Hollywood film producer, so spoon feeding might be necessary! I'm hoping to get 'on the fly' help and advice from others that might know what I'm trying to accomplish and do it themselves all the time vs. sitting in front of my editing stations for a week trying to figure it out on my own after reading a vague user manual.

• Elements 12.1 Organizer slow and locks up.  Slows down my entire iMac.

  I have an iMac running OS X 10.9.2 and have downloaded the update of Elements 12.1 and also shut off all of the media analysis functions and organizer runs so slow it is ridiculous.  It takes 10 minutes to move one file from one folder to another.  It also slows down everything on my iMac to a crawl.  Hard drive sounds like it is running continuously and the the spinning rainbow of death when doing very basic functions.  I've had to go back to an old Bridge software until this can be fixed.  I would return the whole thing since 12 doesn't seem to add much to my old version 8 in functionality and there are a lot of poorly place UI issues in expert mode.  I'd like to use the software, but it doesn't seem to work.  Any ideas?
  Scott

  Hi,
  Please try repairing and optimize your catalog.
  You can do this by: File > Manage Catalogs. Here you can both the options.
  Thanks,
  Anwesha