Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Does anyone know where I could find a list of safe-for-work (i.e. no porn, piracy sites, etc) domain names that I can use to stress test software that performs asynchronous DNS lookups without raising questions if my network admin happens to be watching?
At least several thousand would be ideal. Most lists I've found have not been filtered at all. So far, using "raw" lists for DNS queries have not raised any questions, but my next step is to create TCP connections.
EDIT: I've cleared everything with local network admin people, however, this would still be nice to have for future developers on the project.
I think you probably worry too much. Having said that how about doing a google search for 'interesting facts about butterflies', parsing all the resulting domains and using those?
Your network admin will probably be more concerned with the fact that you're stress testing a network service on his network on the order of thousands of domains. If you have any kind of decent corporate firewall it's inspecting DNS queries and could choke on a high rate of queries. If your requirement is a legitimate business requirement the best option is to have your boss talk to the head of the network department to CYA.
Related
Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 days ago.
Improve this question
So my school has blocked all websites (for now at least) and I'm wondering if there was a way to access them without entering into them. What I've thought is that this could be done with google as google search can show you certain parts of pages.
Also, the current configuration of the firewall allows you to do google search and access certain websites. I also know that they perform this using a man in the middle attack intercepting SSL connections. Is there any VPN, tool or script that can bypass this? Something to do with packets obfuscation using XOR gates? I've tried using many different VPNs but all seem to not work.
Thanks in advance.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 2 years ago.
Improve this question
I have a MediaWiki (1.32.0) running locally via WAMP on my Windows PC. I want to make the Wiki privately available online to people with a username/password that then allows people to see the Wiki.
So basically I have two big problems:
I've never hosted a wiki before, but I have hosted other, less complicated sites (such as my old personal website on HostGator) - but these sites never required a "back end" to serve content
I've never created a password blocked website. I'm thinking we'll just have one username/password combo, because we'll only allow 5-20 editors max on the Wiki; there will never be more than 1000 visitors simultaneously (and that's very, very generously high)
Any advice on either of these issues would be much, much appreciated.
Miraheze free wiki hosting will take care of this easily.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
I want to create multiple services, which support an SSO (Single Sign-On) service.
To simplify, a google like services. With a single account you can use all services (and you log in once).
I found many ideas, but I want to have some opinions on how to design these services, and which technologies are the most adequate:
many or one database ??
creating an auth api ??
sharing session ?
using nosql databse or not ?
duplicate user information foreach database ?
separate users tables on a single database ?
node js vs php !!
...
Update
I know this is opinion based (I ask for your opinions), I wish to have different proposition of design patterns.
It's purely theorique, so I can understand how it can be done.
This is totally opinion based, and will likely be closed. But...
Don't write your own auth service. There are many good packages out there, and very few people are really qualified to write authentication and authorization platforms. If you really don't want to use a pre-packaged solution, at least use one of them as a template.
Here is a good list of SSO solutions, pick one or two and give them a try. Many are free and open-source. I have had luck with OpenAM, but many others are also very good.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I planning to run a private media wiki server on debian(SELinux) for all my important home documents.
I would like to be able to securely access it from the outside with laptop, tablet, or even a live-CD like LPS. It seems to me I would have the smallest attack surface if I only provided SSH to the cloud and tunneled in, maybe even incorporate a port knock to prevent casual detection. I will be serving content to a known and essentially unchanging set of users. Bandwidth efficiency isn't really a factor as concurrent connections would be rare.
Is there a more secure way to access a web server? It seems the government really likes to use smart cards although I'm not sure how. What about client side browser certificates? Yubikey?
The safest solution is probably using a virtual private network so that the server cannot be contacted at all except through an SSH-like protocol. A decent router should support this; you can get more help over at SuperUser.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Before I go crazy and try to script a way to lock folks out of their accounts on multiple failed attempts, is a captcha ideal? I've seen several sites that do this, but wasn't sure how effective it would be. Granted, if a human is indeed trying to "hack" into someone else's account, I would think blocking access for a few minnutes would be much better than having them input some random obscure characters.
CAPTCHAs are a common solution. They're rarely ideal.
One suggestion: Offer x chances (say 3) at which point you lock the account and then require some sort of email validation to unlock.
Otherwise, I think giving 1 or 2 freebie chances is fine and then switching over to a CAPTCHA'd login is acceptable.
If you aren't having spambot problems, CAPTCHA's are rarely a good solution. They are just annoying. I agree with DA's email verification idea.