IT Answers » Web security

What should I do with this Watchguard Firebox 500? I don’t have the system manager for it…

Ingram87 — Fri, 22 Apr 2011 21:16:06 +0000

I was given a Watchguard Firebox 500 today. The model number is F2064N. Apperantly, you need the Firebox System Manager application to manage these devices, which is only available if you have the device actiavated on your watchguard account. Unfortunately, I don’t have that.

Should I destroy it with a chainsaw, or is there some type of open source software I can load onto this? dd-wrt came to mind at first, however, it doesn’t support this device.

Pros & cons of SaaS security solutions?

TeachMeIT — Thu, 03 Feb 2011 21:04:18 +0000

Do you have any suggestions or experience with SaaS for web security solutions? Pros & cons? What considerations should we make before shopping for this sort of solution?

Security concerns with file share sites

DexstaOSXppc — Tue, 20 Jul 2010 22:14:18 +0000

what are file share sites full online storage security issues

Web Links that are Password Protected

Rufojr — Thu, 01 Jul 2010 18:04:32 +0000

Is there a way to put documents on the Web site and put a password on them so only certain people can open them?

Can what I do on my PC be monitored via a cable tap?

Dannyg1 — Sun, 21 Feb 2010 22:47:32 +0000

Can what I do on my PC be monitored via a direct manually split cable tap on my roof?
I have Zonealarm running but it typically asks for GHP services to IP addresses I dont recognize and asks for server and trusted zone access status inexplicably and often

WEBSITE SECURITY

Tonus — Sun, 06 Sep 2009 04:39:16 +0000

We are an IT Security firm in Africa, presently some of our clients websites are under attack from hackers. I need to know how I can get professionsl IT security to help us carry vulnerability test and penetrating test on our client’s website to help beef-up security.

SSO on the web, 2-factor security

Justgottabeaway — Thu, 03 Sep 2009 11:31:15 +0000

Looking for a secure authentication and authorization process on WWW – to include federated logon to multiple pages (single sign on behavior) with more security than uid/pwd access – but without issuing a physical device (“something you have”)? Some websites are copperating partners – others are owned by the customer.

How to recover deleted history

Bflofan — Tue, 16 Jun 2009 01:54:04 +0000

Question Edited by Michael Tidmarsh

iSeries on the Web – some pages HTTP, some HTTPS?

Chance — Thu, 21 May 2009 02:34:13 +0000

Warning: newbie to web programming and all the security implications…

We are developing a small shopping website to be hosted on our iSeries. We will be purchasing an SSL certificate.

Only some of our pages need to be encrypted (https). Most of the pages do not contain sensitive info, so do not need to be encrypted (http is ok).

How is this accomplished (i.e. some pages have http, others have https)?

TIA

Configure SSL on Apache 2.0 (Windows 2003)

PaulHobbs — Tue, 07 Apr 2009 03:15:53 +0000

I provide an application hosting service, and most of my clients require SSL. In most cases I generate the CSR on the server (which I host), I send the CSR to the customer and they get a certificate issued by a CA, and everything works nicely. For testing, I generate a self-signed certificate, and this also works nicely (albeit, with the usual warning from the browser that the certificate is not signed).

But I have new client that doesn’t use a CA – they generate the certificate themselves. I have implemented the certificate (eg: uat.mycustomer.com.cer), but when I browse to https://uat.mycustomer.com, I get the normal warning about the certificate being unsigned. When I check the certificate, it is issued by internal.mycustomer.com.

I informed my customer about the problem, so they sent me an additional certificate – the root authority (internal.mycustomer.com.cer). But I have no idea what to do with this.

How do I implement this additional certificate?