beporter
Last Activity: Aug 2 '07, 05:31 PM
Joined: Nov 5 '06
Location:
-
What I'm looking to avoid is having to manually log into the registrar's website and write everything down by hand. -
Shell Script to Dump all Domain Zone Records?
I've been searching the internet for some kind of script that will utilize dig or similar to dump ALL A, CNAME, MX, TXT, etc. records for a given domain. Is there any way to retrieve all of the records and IP addresses without knowing the actual subdomains to query? For example, if I just know "mydomain.c om" is there any way to find the A and MX records (and the IPs they point to) for mail.mydomain.c om programatically ?
My... -
I haven't disappeared: just more sporadic availability.
Thanks for the feedback Al, that's very helpful. I still think the price point might be a sticking point, but it would definitely make it more reasonable with your explanations. It's odd that the default set of purchase options on the website doesn't really work together though.
I'll provide some more feedback as soon as I can!Leave a comment:
-
So to sum up, here's what it looks like we've come up with:
* Standard LAMP setup on a locked down server (only ports 80/443 open for Apache). Once the system is in place, I can have the owner of the company enter a new root password to help protect the console. Further, we can physically lock the machine up if necessary.
* MySQL database (locked down to only localhost access) with 3 tables:
...Code:passwords{ int:id,Leave a comment:
-
Yes, I do need to protect against the employees who are technically less capable, but I also need to protect against an attacker that might be relatively competent. Yes, a garbled password would thwart the average employee, but would give us no extra protection against anyone else. The chances of such an attack are much lower of course, but the consequences are much worse.
However, the important thing to keep in mind is that the overall...Leave a comment:
-
I would prefer to avoid any Microsoft-centric technologies if a homebrew solutions is in order. Anything more "openly" available is fine though. I can handle just about any programming language, but Perl or PHP would probably be my first picks unless I was given a reason to use something else.
I've looked at quite a few open source solutions that already exists, such as KeePass, w3pw, Universal Password Manager, Password...Leave a comment:
-
Wow, that's darn near exactly what I am looking for. The system is RDBMS-based, which abstracts data storage and backup, it's accessible from the web so it's highly cross-platform, it has a high level of self-auditing, the storage of the passwords is done in a highly secure fashion, and it allows multiple concurrent user logins. It has extras that I wouldn't need in this case, such as per-user restrictions, but those can be ignored of course. I think...Leave a comment:
-
I'm not sure this would present a significant stumbling block for an attacker competent enough to obtain a dump of the MySQL database to begin with, but as I said in my previous post, it can't hurt.
That was my thinking as well. PHP, Perl, and a whole range of others are perfectly acceptable.
Again I agree. MySQL is a piece of cake.
Yes, I...Leave a comment:
-
Of course. Though if somebody does obtain a copy of the passwords table, the difference between whether it's encrypted or not will make very little difference-- really it will just be a matter of how much time it takes before they crack it. Computing power is cheap enough now that you might as well have given them an unencrypted copy. Somebody tell me if I'm off base.
Another good point. This will always be...Leave a comment:
-
Thank you very much for all of your feedback!
I'm afraid this is just one of many projects currently on my plate, and I apologize profusely if it takes me a little while to reply. I am anxious to sit down over the long weekend coming up and respond to all of your input, but right now I must attend to more pressing matters. (Clients are clients.)
Again, thank you all for your input, and I hope that this discussion will...Leave a comment:
-
Thanks yet again Killer. I've posted a redirect thread in the Database Lounge. Hopefully that might bring a couple new eyes here and generate some discussion. I won't give up hope yet, and I genuinely appreciate your help.
It's a shame that so many minds have to be so segregated. I mean, it makes sense to have topical boards for certain things, so that people who have very specific questions know the best place to ask them, but what...Leave a comment:
-
Well, 10 days and only one response, which unfortunately wasn't even so helpful. I can't believe nobody has any suggestions at all!
Thanks to Killer for his input.
I doubt I'll come back to thescripts.com for any future discussion.Leave a comment:
-
Please also keep in mind that the client requesting this "solution" is currently storing their passwords in cleartext in an Excel file hosted on an open network share. In other words, they are in critical need of a huge increase in security. The system doesn't have to be perfect, but it has to be a couple orders of magnitude better than what they have currently.Leave a comment:
-
A perfectly acceptable and reasonable point, however it unfortunately neglects the purpose the database. The passwords themselves need to be recoverable. That is, in fact, the whole point of the database: to securely store a number of passwords in a single location so that they can be retrieved and used later. I'm thinking a lot like the Mac OS X Keychain (the description here is better than Apple's if you are unfamiliar with the technology), except...Leave a comment:
-
Multi-user Password Database Solutions?
First time poster here! Let me get straight to it...
I'm currently not in a position that lets me interact with other developers face to face on a regular basis, and I am in need of some "round table" discussion on a project that has be given to me. Let me describe the functional requirements I have in as general terms as possible first:
1) The task charged to me is to investigate, and if possible implement,...
No activity results to display
Leave a comment: