On Fri, Mar 29, 2013 at 2:10 PM, Rick Faircloth r...@whitestonemedia.comwrote:
Thanks for the reply, Pete... If I remember all of the conversation
correctly, when we came to the dingfor consecutive session variables, the
scanning vendor rep did mention thefact that a CFToken was involved and
Thanks for the info, Pete. That should satisfy the compliance company that
ColdFusion'scombination of CFID and CF-Token are, indeed, truly randomand meets
their requirements. Rick
To: cf-talk@houseoffusion.com
Subject: Re: PCI-Compliance Ding for Non-Random CFID's
Date: Mon, 1 Apr 2013
I wouldn't think this would be that difficult! Normally, I would include
variables in a struct (when I'm using AJAX, whichis almost always) and view the
variables when they're returned to the calling page. However, there are times,
like right now, when I just want to have a look at allthe
I've been trying to deal with security scans and getting my serverup to
PCI-Compliance standards. One ding that has been an issue from the start has
involvedwhat the scan refers to as dced. The first support tech at the
scanning company didn't know whatit was. I can't find out very much from
Sure
cfdump var=#arguments# output=c:/temp.html format=html /
That will throw all the arguments into an html file on the c drive.
Cheers,
Rob
On 2013-04-01 1:36 PM, Rick Faircloth r...@whitestonemedia.com wrote:
I wouldn't think this would be that difficult! Normally, I would include
Dump them all to a file, then view the file.
Regards
Russ Michaels
www.michaels.me.uk
www.cfmldeveloper.com - Free CFML hosting for developers
www.cfsearch.com - CF search engine
On Apr 1, 2013 6:36 PM, Rick Faircloth r...@whitestonemedia.com wrote:
I wouldn't think this would be that
I have vague memories of that being an issue with HP buffer overflow, but
it has been years. Google of HP dced says problems on port 135, but
again this is really old.
http://www.securityfocus.com/archive/1/369697
On Mon, Apr 1, 2013 at 10:43 AM, Rick Faircloth r...@whitestonemedia.comwrote:
I've been trying to deal with security scans and getting my serverup to
PCI-Compliance standards. One ding that has been an
issue from the start has involvedwhat the scan refers to as dced. The first
support tech at the scanning company didn't know
what it was. I can't find out very much
but aren't they scanning the interface from a public network? If so,
you should have a very small number of listening ports. Maybe just
two: TCP/80 and TCP/443. There is no reason why you'd expose
TCP/135 to a public network (especially if you're running Windows).
Good advice; in my
Just started looking into SOLR search in CF10. Is it possible to do a search on
a document for example of 30 pages of ppt document and be able to return the
page where your search criteria exists, e.g. Your search for blah is on page
10 of file.pptx or on pages 10, 15 and 20 of file.pptx.
Use the step debugger.
On Monday, April 1, 2013, Russ Michaels wrote:
Dump them all to a file, then view the file.
Regards
Russ Michaels
www.michaels.me.uk
www.cfmldeveloper.com - Free CFML hosting for developers
www.cfsearch.com - CF search engine
On Apr 1, 2013 6:36 PM, Rick
11 matches
Mail list logo
