|
<b>Finally problem resolved.</b>
Just uninstalled emgucv, fixed dll's using ccleaner (as played with dll's a lot), system rerstarted, installed emgucv 2.2 (I guess most stable version).
|
|
|
|
|
i have three questions , any help will be appreciated
How to simply explain 3 tier archetecture before an interview panel ?
How the data is passing between different layers in real time ?
What is the difference between 3 tier and n-tier archetecture ?
|
|
|
|
|
Try typing each one of those phrases into Google. You should get several really great links there.
|
|
|
|
|
I an worried about hackers breaking into my program. I was wondering if I could separate my program into three parts on three different computers:
1. Has access to the internet and collects data and transfers data to the second computer.
2. Analyzes data and sends results to part three.
3. Has access to the internet and returns results.
I do not want any data getting to the second computer, except the specific data and in one direction only. The same goes for part 2.
Is this possible? How would I go about doing this?
Any help would be greatly appreciated.
Michael
|
|
|
|
|
Google using the following search term and read up.
security demilitarized zone
|
|
|
|
|
Thanks for your input, I read about Security DMZ and it doesn't appear to be as secure as I would like it to be. I want something that is absolutely full proof.
|
|
|
|
|
MAW30 wrote: I want something that is absolutely full proof.
Yeah, so does everyone else. Too bad it doesn't exist. If companies that spend millions of dollars on their infrastructure can't keep the bad guys out, what makes you think you can?
|
|
|
|
|
100 % security can't be achieved since the first encryption method was "hacked".
But you can achieve a high security Level by encrypting the transferred Messages.
For example using a private and a public key with common encryption Standards like
Diffie Hellman encryption. If you want to be sure to have a good encryption use mathematical
formulas with elliptic curves and encrypt with the calculated prime.
But for all of this you Need knowledge in cryptography.
Protecting the Hardware your program is running on also enhances your security.
But i'd say more than 80%-90% secure is impissible without an overextended amount
of work which might not be worth the data you want to protect.
if(this.signature != "")
{
MessageBox.Show("This is my signature: " + Environment.NewLine + signature);
}
else
{
MessageBox.Show("404-Signature not found");
}
|
|
|
|
|
Thanks, if I build my own firewall and only allow specific data to enter, can I block everything else.
I want to have my code on a separate computer which only allows one direction of data so my code can not be copied. Any results go to the next computer allowing only certain types of data, then sent to the internet.
|
|
|
|
|
Well, don't get me wrong, but what makes you that paranoid?
Setting up a firewall like mcaffee or kaspersky, yeah understandable.
Is it a Company Network? There you should have a firewall already!
by configuring the firewall you can block several Inputs yes, but mainly datatransfer
uses http,ftp port or anythink like that, so the blocking of incoming stuff depends on open ports.
Yes you might block ip's but thats inefficent and costs 2 much time.
The Point i want to say is, that the attacker intrudes your system through your open ports, if you only opend http (i think 80) and you are currently not using it, he can do!
The next i don't quite understand, is the copying code?
Your application runs as an .exe file? So how should someone steal that code? This might only work if he steals your .exe file.
The important thing for you should be to secure that your data, Input and Output is safe.
That is what most hackers like to steal.
For example, an application for calculating super secret stuff is worthless without the Input data to begin calculation.
But if you want to encapsule everything then set up:
-Internet Access Server that Forwards the data
-Transfer Server for communication between your servers
-application Hardware that runs your code
-database Server for the data
I personally think that this is unnecessary for private persons.
in a Company this is as i know it the usual Network structure
if(this.signature != "")
{
MessageBox.Show("This is my signature: " + Environment.NewLine + signature);
}
else
{
MessageBox.Show("404-Signature not found");
}
|
|
|
|
|
Thanks,
"Your application runs as an .exe file? So how should someone steal that code? This might only work if he steals your .exe file."
This is what I am worried about I understand that it is possible to download everything on your computer. Data coming and going I do not care about, I spent years developing the software, if it got into someone else's hands it will have been a waste of time.
|
|
|
|
|
Well in this case.
According to following Posts, do what they said.
A Firewall that meets your requirements would be any available like kaspersky or mcaffee, they got a lot Options to restrict Connections.
Other OS that might fit your restrictions are Linux os'es cause there you can adjust a lot of user restrictions and Settings
But i really really wonder what might be so valuable to protect it like fort knox
if(this.signature != "")
{
MessageBox.Show("This is my signature: " + Environment.NewLine + signature);
}
else
{
MessageBox.Show("404-Signature not found");
}
|
|
|
|
|
MAW30 wrote: I want something that is absolutely full proof.
And I want to be king of the world. But there is absolutely no chance of either happening. Well to be fair it is perhaps likely that I could be king of the world. But as for your desire - it isn't going to happen.
|
|
|
|
|
Machine 2 should be behind a very strict firewall that opens only the port your application uses to receive and return data. Run it on a minimal OS without known security concerns Machine 1 and 3 should probably be the same one and it should open a connection to machine 2. Now your only access to machine 2 is your own protocol code for the data transfer so even if someone gets their hands on machine 1/3 they can't do anything more than send data to it (as long as you write your code correctly).
Of course in any real situation the security risk is not the technical setup but the people involved in writing, storing and maintaining the code that goes on machine 2.
|
|
|
|
|
Thanks,
By what you wrote above it sound like data can travel in both directions, can I block data going in one direction, if not then machine 3 is unnecessary.
|
|
|
|
|
You need data to go into machine 2 and come out of it. I don't see what you're going to gain by requiring that to be through two separate connections.
|
|
|
|
|
MAW30 wrote: Is this possible? How would I go about doing this? Yes, could be done. The more interesting question is "how would one hack such a system".
MAW30 wrote: I an worried about hackers breaking into my program. Make sure that PC 2 is not connected to the internet, the LAN, that Wireless and bluetooth is down and make the USB ports inaccessible using glue. Further you'd like to make sure that the client only connects to the specific IP that you define, and communicate over a secure connection using a self-signed certificate. Disable all non-required services, like FTP, remove all non-essential users. Ideally, you'd write the access-log to a DVD-R. A network-admin could elaborate more on how to configure the network to secure it further - consult them, it's worth it. Aw, and don't use Windows for server 2 or 3.
Also hook up a huge siren to the speaker of that desktop, and have it holler whenever there's an unknown/unexpected entry in the access log.
Why? Well, PC1 will probably be a Windows-PC. Does it update automatically? Does it also update some client-software automatically? Think Adobe Flash or your virusscanner and the likes. If PC1 could be compromised, the next logical step would to be to flood PC2 with garbage-requests. That's assuming the hacker would know that there's a second PC that's "more" interesting; most if them will only be interested in Win-PC's that can easily be turned into spam/mining bots.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Thanks,
What other operating system do you recommend, and is it wise to go out a separate computer PC 3 or does it make any difference to go out the same way it went in (my original thought was it wouldn't be able to send data out the way it came in). Does the firewall operate along with the OS or is it completely different. Is there one I could buy that would meet my requirements or would I need to write it myself, if so suggestions where to start, C# code, etc.
|
|
|
|
|
MAW30 wrote: What other operating system do you recommend On the maximum paranoia setting, I'd go for any Linux-version that can be compiled by hand (and verify the MD5 after downloading). Any minimum installation would do. Recommended basic settings here[^].
MAW30 wrote: (my original thought was it wouldn't be able to send data out the way it came in) That will depend mostly on the client; the hardware and drivers do not care which way the data flows on a TCP-connection. You DO want to block incoming connections - on almost every port, for almost every IP.
MAW30 wrote: Does the firewall operate along with the OS or is it completely different. There can be multiple; next to the hardware-firewall there's a firewall in Windows. Additionally, if you're using services, there's a firewall pattern[^]. That's usually something you build yourself, as only your app can validate a request.
Happy hunting
--edit
As an alternative; PC2 could block *all* incoming connections - it could fetch it's data from PC1 using a secured service. You'd be polling a bit, but then again, the PC won't be doing much other stuff
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
modified 11-Dec-13 12:56pm.
|
|
|
|
|
Thanks,
The information you gave me was very enlightening, I really like your last idea about polling.
Michael
|
|
|
|
|
What do you think of the following:
http://www.ghacks.net/2009/09/15/firestarter-simple-to-use-powerful-desktop-firewall/
|
|
|
|
|
Sounds good; I added it to my bookmarks
The complexity of iptables makes it hard to configure (which makes the chance of mistake bigger) and one is less inclined to check/update a complex system than it is with a kind and easy system.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
I am new to Image processing , I am trying to implement a IRIS detection application fro my academics.
In the application i have successfully detected right eye from input stream . After that i have to perform the iris detection operations.
Please help me to solve this issue.
1.What should i do to detect the iris accurately? (Code samples would be useful)
2.Why application is not any circles form web camera input stream ?
Thanks in advance
|
|
|
|
|
|
Dear all
I converted a sample from C# to VB and get an error message. It looks simple, but still I don't understand... Would it be possible that C# allows calling an event directly, while VB doesn't? Or did my conversion tool go wrong?
Here's the short sample code:
private void OnWaveControlContextMenuPopup(ContextMenu menu)
{
if (this.WControlContextMenuPopup == null)
return;
this.WControlContextMenuPopup(menu);
}
where WControlContextMenuPopup is defined as an event:
public event WControlContextMenuPopupDelegate WaveControlContextMenuPopup;
After conversion I get the error message "Public Event WControlContextMenuPopup in an event and cannot be called directly. Use 'RaiseEvent'...". The error is shown in lines 2 and 5 of the converted code:
Private Sub OnWControlContextMenuPopup(menu As ContextMenu)
If Me.WControlContextMenuPopup Is Nothing Then <-----
Return
End If
Me.WControlContextMenuPopup(menu) <-----
End Sub
What would I have to change in the VB code to get the required result without error?
Thanks for some insight...
Mick
|
|
|
|