Search Results

Search found 6517 results on 261 pages for 'reverse dns'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 190/261 | < Previous Page | 186 187 188 189 190 191 192 193 194 195 196 197  | Next Page >

  • Port 53 UDP Outgoing flood

    - by DanSpd
    Hello I am experiencing very huge problem. I have 4 computers in network, and from each a lot of data is being sent to ISP name servers. Sometimes data is being sent a little from each computer in network, sometimes it is just a lot of data from one computer. I have antivirus (Avast) and malware scan (SpyBot) I know port 53 UDP is dns which resolves domain IP so its' needed. Also I have read that ISP name server might have been infected. So what is the best thing to do in this situation. Also sometimes internet starts to lag really because of port 53

    Read the article

  • Obfuscate strings in Python

    - by Caedis
    I have a password string that must be passed to a method. Everything works fine but I don't feel comfortable storing the password in clear text. Is there a way to obfuscate the string or to truly encrypt it? I'm aware that obfuscation can be reverse engineered, but I think I should at least try to cover up the password a bit. At the very least it wont be visible to a indexing program, or a stray eye giving a quick look at my code. I am aware of pyobfuscate but I don't want the whole program obfuscated, just one string and possibly the whole line itself where the variable is defined. Target platform is GNU Linux Generic (If that makes a difference)

    Read the article

  • Work around for yahoo mail slowness (using 100% cpu)

    - by Tony Lee
    My yahoo mail is very slow sometimes. When it is, I notice that IE8 is using 100% cpu. Using sysinternals process explorer I discovered the thread using all the cpu in IE8 has Flash in the stackwalk. I upgraded flash from 9 to 10, but the problem persists. I'm about to edit hosts to block the flash content by redirecting the yahoo and ad click dns entries. Is there some easier way to get flash to behave? The fix for the long run will be switching to gmail.

    Read the article

  • Iterating backward

    - by MBennett
    Suppose I have a vector<int> myvec and I want to loop through all of the elements in reverse. I can think of a few ways of doing this: for (vector<int>::iterator it = myvec.end() - 1; it >= myvec.begin(); --it) { // do stuff here } for (vector<int>::reverse_iterator rit = myvec.rbegin(); rit != myvec.rend(); ++rit) { // do stuff here } for (int i = myvec.size() - 1; i >= 0; --i) { // do stuff here } So my question is when should I use each? Is there a difference? I know that the first one is dangerous because if I pass in an empty vector, then myvec.end() - 1 is undefined, but are there any other hazards or inefficiencies with this?

    Read the article

  • How to best migrate one Windows 2008 R2 / SharePoint / Exchange / Terminal Services (All-in-one) int

    - by MadBoy
    Hello, My client has one machine with Windows 2008 R2 and everything on it. By everything I mean AD, DNS, SharePoint 2010 Standard, Exchange 2010 Standard, Terminal Services, Office 2010 and a bunch of additional apps. Everything stands on I7 x 2 and 36gb ram for 7 people total. I've decided that we should virtualize it and split things into 4 VM's and keep host only with Hyper-V installed to host all the machines. What problems should I expect? What good advices can you give. My plan is that when i move everything to VM's i will move vm's to safe place and format the host as it has a lot of really bad things happening on it. But this also means that everything will be wiped from current solution so I have to be sure that Exchange etc will work when host gets wiped. MadBoy

    Read the article

  • Write a function that returns the longest palindrome in a given string. e.g "ccddcc" in the string "

    - by Learner
    I thought of a solution but it runs in O(n^2) time Algo 1: Steps: Its a brute force method Have 2 for loops for i = 1 to i less than array.length -1 for j=i+1 to j less than array.length This way you can get substring of every possible combination from the array Have a palindrome function which checks if a string is palindrome so for every substring (i,j) call this function, if it is a palindrome store it in a string variable If you find next palindrome substring and if it is greater than the current one, replace it with current one. Finally your string variable will have the answer Issues: 1. This algo runs in O(n^2) time. Algo 2: Reverse the string and store it in diferent array Now find the largest matching substring between both the array But this too runs in O(n^2) time Can you guys think of an algo which runs in a better time. If possible O(n) time

    Read the article

  • PCAP Web Service Usage Logging for Dummies

    - by nick
    I've been assigned the task (for work) of working with PCAP for the first time in my life. I've read through the tutorials and have hacked together a real simple capture program which, it turns out, isn't that hard. However, making use of the data is more difficult. My goal is to log incomming and outgoing web service requests. Are there libraries (C or C++) that stitch together the packets from PCAP that would make reporting on this simple? Baring that is there something short of reading all of the RFC's from soup to nuts that will allow me to have an "ah-ha!" moment (all of the tutorials seem to stop at the raw packet level which isn't useful for me)? It looks like PERL has a library that may do this and I may eventually attempt a reverse engineer from PERL. NOTE BENE: Web Server logs aren't acceptable here as I will be intercepting on a routing device. If I had access to those I'd be done and happy...I don't.

    Read the article

  • Converting IPv4 or IPv6 address to a long for comparisons

    - by Justin Akehurst
    In order to check if an IPv4 or IPv6 address is within a certain range, I've got code that takes an IPv4 address, turns that into a long, then does that same conversion on the upper/lower bound of the subnet, then checks to see if the long is between those values. I'd like to be able to do the same thing for IPv6, but saw nothing in the Python 2.6 standard libraries to allow me to do this, so I wrote this up: import socket, struct from array import array def ip_address_to_long(address): ip_as_long = None try: ip_as_long = socket.ntohl(struct.unpack('L', socket.inet_pton(socket.AF_INET, address))[0]) except socket.error: # try IPv6 try: addr = array('L', struct.unpack('!4L', socket.inet_pton(socket.AF_INET6, address))) addr.reverse() ip_as_long = sum(addr[i] << (i * 32) for i in range(len(addr))) except socket.error as se: raise ValueError('Invalid address') except Exception as e: print str(e) return ip_as_long My question is: Is there a simpler way to do this that I am missing? Is there a standard library call that can do this for me?

    Read the article

  • Outgoing mail from linux not being delivered

    - by Jason
    I can't seem to send mail through my php scripts or through the linux console on my Centos 5.5 LAMP server, when the email is addressed to go to a domain that is hosted by my box. I think it is something to do with the email routing internally, or the DNS servers that the box uses not reporting the correct MX records. Basically my box doesn't host any mail, it's all hosted on google apps. My name servers are hosted by a 3rd party provider and I am using webmin. Webmin doesn't recognise the settings on the 3rd party provider. I'm unsure how to fix this. Previously when I had this problem on a cpanel server, I would edit the remotedomains and localdomains files, moving domains from one file to another and it would fix the problem. What information do I need to provide for anyone to work out what the issue is? Thanks

    Read the article

  • multiple domains, one static IP address and latency

    - by shirish
    how is latency affected when multiple domains are using one single static IP address ? The scenario is in shared web-hosting By latency meaning the DNS lookup the client has to do. As far as I understand it, the browser would hit the root servers to try to figure out the IP Address and it belongs where and then when it comes to the correct server, it probably looks up some sort of table to determine which site names much and show that site as such via browser to the user. Is my understanding correct or backwards or what ?

    Read the article

  • Is it possible to host a website in the 'ether' of the Internet -- not on a server -- so that it can

    - by Chris Altman
    This is a theoretical problem I am curious about. Websites are hosted on servers. Servers can be taken offline. Is it possible to host a website in the 'ether' of the Internet -- not on a server -- so that it cannot be taken down? One example, is that the website is hosted on other websites, like a parasite. Another is that it is assembled through storing pieces on DNS machines, routers, etc., so that it get assembled on the fly. The purpose is that this website could live forever because no one person can remove it. The answers I am looking for are plausible idea/approaches on technically how this could be built.

    Read the article

  • Powershell, Task Scheduler or loop and sleep

    - by Paddy Carroll
    I have a job that needs to go off every minute or so, it loads a DLL i have written in C# that retrieves state for an SQL Server Mirror (Primary, Mirror and witness) for a number of databases; it allows us to poke DNS to show where the primary instances are. Please don't mention Clustering - We're not doing that. I can't be arsed to write a service, there simply isn't enough time do I Task Scheduler - every minute: Invoke a powershell script that loads the DLL does the business Task scheduler - At Startup : Invoke a similer powershell script that loads the DLL once but then loops and sleeps, refreshing the Object that the DLL exposes. Pros and cons?

    Read the article

  • powershell task scheduler or loop and sleep

    - by Paddy Carroll
    I have a job that needs to go off every minute or so, it loads a DLL written in C# that retrieves state for an SQL Server Mirror (Primary, Mirror and witness) for a number of databases; it allows us to poke DNS to show where the primary instances are. Please don't mention Clustering - We're not doing that. I can't be arsed to write a service, there simply isn't enough time do I Task Scheduler - every minute: Invoke a powershell script that loads the DLL does the business Task scheduler - At Startup : Invoke a similer powershell script that loads the DLL once but then loops and sleeps, refreshing the Object that the DLL exposes. Pros and cons?

    Read the article

  • Registry corrupted for testing?

    - by Emile
    Hi. Forgive my ignorance. I'm a lowly LAMP stack developer and this is my first post for "c++". We had an Internet Explorer add-on commissioned but then lost support. Allegedly each version has to be have been tested "on a fresh computer since old add-ons could have cause registry errors." I'm not familiar with IE add-on development (or c++ dev). Is this common? Can't one simply reverse registry errors? How to continue testing iterations on one machine? Thanks!

    Read the article

  • How to set RpcClientAccessServer for a Exchange 2010 mailbox database to a load balancer

    - by Archit Baweja
    I have 2 Exchange 2010 servers each with a Mailbox Database. I have also setup a Hardware Load Balancer (KEMP LoadMaster 2200 to be precise) to load balance the CAS role access. My HLB has an IP of 192.168.1.100. I've setup the DNS A record for mail.mydomain.com to point to 192.168.1.100. However when I try to set the RpcClientAccessServer on a mailbox database using Set-MailboxDatabase "My Mailbox Database" -RpcClientAccessServer mail.mydomain.com I get an error saying Exchange server "mail.mydomain.com" was not found. Please make sure you have typed it correctly. + CategoryInfo : NotSpecified: (:) [], ManagementObjectNotFoundException + FullyQualifiedErrorId : 4082394C Any ideas?

    Read the article

  • How to get the place name by latitude and longitude using openstreetmap in android

    - by Gaurav kumar
    In my app i am using osm rather than google map.I have latitude and longitude.So from here how i will query to get the city name from osm database..please help me. final String requestString = "http://nominatim.openstreetmap.org/reverse?format=json&lat=" + Double.toString(lat) + "&lon=" + Double.toString(lon) + "&zoom=18&addressdetails=1"; RequestBuilder builder = new RequestBuilder(RequestBuilder.GET, URL.encode(requestString)); try { @SuppressWarnings("unused") Request request = builder.sendRequest(null, new RequestCallback() { @Override public void onResponseReceived(Request request, Response response) { if (response.getStatusCode() == 200) { String city = ""; try { JSONValue json = JSONParser.parseStrict(response); JSONObject address = json.isObject().get("address").isObject(); final String quotes = "^\"|\"$"; if (address.get("city") != null) { city = address.get("city").toString().replaceAll(quotes, ""); } else if (address.get("village") != null) { city = address.get("village").toString().replaceAll(quotes, ""); } } catch (Exception e) { } } } }); } catch (Exception e1) { }

    Read the article

  • Bridging LXC containers to host eth0 so they can have a public IP

    - by Vianney Stroebel
    UPDATE: I found the solution there: http://www.linuxfoundation.org/collaborate/workgroups/networking/bridge#No_traffic_gets_trough_.28except_ARP_and_STP.29 # cd /proc/sys/net/bridge # ls bridge-nf-call-arptables bridge-nf-call-iptables bridge-nf-call-ip6tables bridge-nf-filter-vlan-tagged # for f in bridge-nf-*; do echo 0 $f; done But I'd like to have expert opinions on this: is it safe to disable all bridge-nf-*? What are they here for? END OF UPDATE I need to bridge LXC containers to the physical interface (eth0) of my host, reading numerous tutorials, documents and blog posts on the subject. I need the containers to have their own public IP (which I've previously done KVM/libvirt). After two days of searching and trying, I still can't make it work with LXC containers. The host runs a freshly installed Ubuntu Server Quantal (12.10) with only libvirt (which I'm not using here) and lxc installed. I created the containers with : lxc-create -t ubuntu -n mycontainer So they also run Ubuntu 12.10. Content of /var/lib/lxc/mycontainer/config is: lxc.utsname = mycontainer lxc.mount = /var/lib/lxc/test/fstab lxc.rootfs = /var/lib/lxc/test/rootfs lxc.network.type = veth lxc.network.flags = up lxc.network.link = br0 lxc.network.name = eth0 lxc.network.veth.pair = vethmycontainer lxc.network.ipv4 = 179.43.46.233 lxc.network.hwaddr= 02:00:00:86:5b:11 lxc.devttydir = lxc lxc.tty = 4 lxc.pts = 1024 lxc.arch = amd64 lxc.cap.drop = sys_module mac_admin mac_override lxc.pivotdir = lxc_putold # uncomment the next line to run the container unconfined: #lxc.aa_profile = unconfined lxc.cgroup.devices.deny = a # Allow any mknod (but not using the node) lxc.cgroup.devices.allow = c *:* m lxc.cgroup.devices.allow = b *:* m # /dev/null and zero lxc.cgroup.devices.allow = c 1:3 rwm lxc.cgroup.devices.allow = c 1:5 rwm # consoles lxc.cgroup.devices.allow = c 5:1 rwm lxc.cgroup.devices.allow = c 5:0 rwm #lxc.cgroup.devices.allow = c 4:0 rwm #lxc.cgroup.devices.allow = c 4:1 rwm # /dev/{,u}random lxc.cgroup.devices.allow = c 1:9 rwm lxc.cgroup.devices.allow = c 1:8 rwm lxc.cgroup.devices.allow = c 136:* rwm lxc.cgroup.devices.allow = c 5:2 rwm # rtc lxc.cgroup.devices.allow = c 254:0 rwm #fuse lxc.cgroup.devices.allow = c 10:229 rwm #tun lxc.cgroup.devices.allow = c 10:200 rwm #full lxc.cgroup.devices.allow = c 1:7 rwm #hpet lxc.cgroup.devices.allow = c 10:228 rwm #kvm lxc.cgroup.devices.allow = c 10:232 rwm Then I changed my host /etc/network/interfaces to: auto lo iface lo inet loopback auto br0 iface br0 inet static bridge_ports eth0 bridge_fd 0 address 92.281.86.226 netmask 255.255.255.0 network 92.281.86.0 broadcast 92.281.86.255 gateway 92.281.86.254 dns-nameservers 213.186.33.99 dns-search ovh.net When I try command line configuration ("brctl addif", "ifconfig eth0", etc.) my remote host becomes inaccessible and I have to hard reboot it. I changed the content of /var/lib/lxc/mycontainer/rootfs/etc/network/interfaces to: auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 179.43.46.233 netmask 255.255.255.255 broadcast 178.33.40.233 gateway 92.281.86.254 It takes several minutes for mycontainer to start (lxc-start -n mycontainer). I tried replacing gateway 92.281.86.254 by : post-up route add 92.281.86.254 dev eth0 post-up route add default gw 92.281.86.254 post-down route del 92.281.86.254 dev eth0 post-down route del default gw 92.281.86.254 My container then starts instantly. But whatever configuration I set in /var/lib/lxc/mycontainer/rootfs/etc/network/interfaces, I cannot ping from mycontainer to any IP (including the host's) : ubuntu@mycontainer:~$ ping 92.281.86.226 PING 92.281.86.226 (92.281.86.226) 56(84) bytes of data. ^C --- 92.281.86.226 ping statistics --- 6 packets transmitted, 0 received, 100% packet loss, time 5031ms And my host cannot ping the container: root@host:~# ping 179.43.46.233 PING 179.43.46.233 (179.43.46.233) 56(84) bytes of data. ^C --- 179.43.46.233 ping statistics --- 5 packets transmitted, 0 received, 100% packet loss, time 4000ms My container's ifconfig: ubuntu@mycontainer:~$ ifconfig eth0 Link encap:Ethernet HWaddr 02:00:00:86:5b:11 inet addr:179.43.46.233 Bcast:255.255.255.255 Mask:0.0.0.0 inet6 addr: fe80::ff:fe79:5a31/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:64 errors:0 dropped:6 overruns:0 frame:0 TX packets:54 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:4070 (4.0 KB) TX bytes:4168 (4.1 KB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:32 errors:0 dropped:0 overruns:0 frame:0 TX packets:32 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2496 (2.4 KB) TX bytes:2496 (2.4 KB) My host's ifconfig: root@host:~# ifconfig br0 Link encap:Ethernet HWaddr 4c:72:b9:43:65:2b inet addr:92.281.86.226 Bcast:91.121.67.255 Mask:255.255.255.0 inet6 addr: fe80::4e72:b9ff:fe43:652b/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1453 errors:0 dropped:18 overruns:0 frame:0 TX packets:1630 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:145125 (145.1 KB) TX bytes:299943 (299.9 KB) eth0 Link encap:Ethernet HWaddr 4c:72:b9:43:65:2b UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:3178 errors:0 dropped:0 overruns:0 frame:0 TX packets:1637 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:298263 (298.2 KB) TX bytes:309167 (309.1 KB) Interrupt:20 Memory:fe500000-fe520000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:6 errors:0 dropped:0 overruns:0 frame:0 TX packets:6 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:300 (300.0 B) TX bytes:300 (300.0 B) vethtest Link encap:Ethernet HWaddr fe:0d:7f:3e:70:88 inet6 addr: fe80::fc0d:7fff:fe3e:7088/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:54 errors:0 dropped:0 overruns:0 frame:0 TX packets:67 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:4168 (4.1 KB) TX bytes:4250 (4.2 KB) virbr0 Link encap:Ethernet HWaddr de:49:c5:66:cf:84 inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) I have disabled lxcbr0 (USE_LXC_BRIDGE="false" in /etc/default/lxc). root@host:~# brctl show bridge name bridge id STP enabled interfaces br0 8000.4c72b943652b no eth0 vethtest I have configured the IP 179.43.46.233 to point to 02:00:00:86:5b:11 in my hosting provider (OVH) config panel. (The IPs in this post are not the real ones.) Thanks for reading this long question! :-) Vianney

    Read the article

  • Why do I get "General Failure" when pinging host name on a Win 7 node on the network?

    - by hydroparadise
    This is a very peculiar problem with a station on our network. The client pc is running Windows 7 Pro. What makes this problem interesting is that this client is the only node on the network that seems to be experiencing this proglem. When I try to ping a specific Win 08 server by host name, I get an IPv6 address and get General failure. But when I ping it's IPv4 address, it responds just fine. My first thought would check the DNS server the name resolutions to see what would be going on, but the problem begs the quesion, why does the station get an IPv6 address back and fails as opposed to using the IPv4 settings (which are static btw). What gives? I am including a screen shot of trying the one specific server and failing while trying another server with success. All other nodes on the network don't have problems communicating with the server the one station is having issues with.

    Read the article

  • What is the Best Free Linux Gateway

    - by rockinthesixstring
    I'm looking at moving away from using my DIR-825 as a gateway and moving into a Linux box to do it all for me. I've found IPCop, but I'm looking for something with a little more power. My main goal is basically to be able to point different external domain names to different internal servers. backup.example.com - 192.168.0.5 home.example.com - 192.168.0.1 I host my DNS on my own dedicated server (windows), so I don't know much about doing the gateway thing in my home (my hosting provider does it all for me). Do any of you know of any free Linux Distros that can accomplish what I'm looking for?

    Read the article

  • Routing different domains on a VPS

    - by Hans Wassink
    We just went from shared hosting to a VPS server. We have several domain names that we have pointing to our dns, but they all point to the root of the server. What I would like now is a setup where every domain name gets its own map so we can run different sites on the VPS server. Like: www.example.com points to: /var/www/example.com www.imapwnu.com points to: /var/www/imapwnu.com First of all, is this possible? Second, I have root SSH access and Webmin, on a LAMP server running on Ubuntu. Webmin doesnt have Bind9 (I dont know if I need that, some forums pointed me towards something called bind). Thanks in advance

    Read the article

  • Draw text on a loaded pdf file with Zend Framework

    - by Rick de Graaf
    Hello, I'm trying to load a existing pdf file, and fill this with database information. Loading the file and everything is working, except for writing data to the loaded page. It doesn't write text to the loaded page. If I add a new page en use a foreach to apply drawing to all pages, all added pages are written, except for the loaded one. Below is the code I'm using: $pdf = Zend_Pdf::load('./documents/agreements/_root/gegevens.pdf'); // Load pdf $pdf->pages = array_reverse($pdf->pages); // reverse pages $pdf->pages[] = new Zend_Pdf_Page(Zend_Pdf_Page::SIZE_A4); // Add a page (A4) $font = Zend_Pdf_Font::fontWithName(Zend_Pdf_Font::FONT_HELVETICA); // Set font foreach($pdf->pages as $page) // Apply settings+text to every page (total of 2) { $page->setFont($font, 36); $page->setAlpha(0.25); $page->drawText('LALALALALALALA', 62, 260, 'UTF-8'); } $pdf->save('./documents/agreements/Gegevens_'.$this->school_id.'.pdf'); // Save file

    Read the article

  • In Django, how to create tables from an SQL file when syncdb is run

    - by Sidney
    Hi, How do I make syncdb execute SQL queries (for table creation) defined by me, rather then generating tables automatically. I'm looking for this solution as some particular models in my app represent SQL-table-views for a legacy-database table. So, I've created their SQL-views in my django-DB like this: CREATE VIEW legacy_series AS SELECT * FROM legacy.series; I have a reverse engineered model that represents the above view/legacytable. But whenever I run syncdb, I have to create all the views first by running sql scripts, otherwise syncdb simply creates tables for them (if a view is not found). How do I make syncdb run the above mentioned SQL?

    Read the article

  • Need help identiying a nasty rootkit in Windows

    - by goofrider
    I have a nasty rootkit that not tools seem to be able to idenity. I know for sure it's a rootkit, but I can figure out which rootkit it is. Here's what I gathered so far: It creates multiple copies of itself in %HOME%\Local Settings\Temp with names like Q.EXE, IAJARZ.exe, etc., and install them as hidden services. These EXE have SysInternals identifiers in them so they're definitely rootkits. It hooked very deep in the system, including file read/write, security policies, registry read/write, and possibly WinSock/TCP/IP. When going to Sophos.com to download their software, the rootkit inject something called Microsoft Ajax Tootkit into the page, which injects code into the email submission form in order to redirect it. (EDIT: I might have panicked. Looks like Sophos does use an AJAZ email form, their form is just broken on Chrome so it looked like a mail form injection attack, the link is http://www.sophos.com/en-us/products/free-tools/virus-removal-tool/download.aspx ) Super-Antispyware found a lot of spyware cookies, in the name of .kaspersky.2o7.net, etc. (just chedk 2o7.net, looks like it's a legit ad company) I tried comparing DNS lookup from the infected systems and from system in other physical locations, no DNS redirections it seems. I used dd to copy the MBR and compared it with the MBR provided by ms-sys package, no differences so it's not infecting MBR. No antivirus or rootkit scanner be able to identify it. Most of them can't even find it. I tried scanning, in-situ (normal mode), in safe mode, and boot to linux live CD. Scanners used: Avast, Sophos anti rootkit, Kasersky TDSSKiller, GMER, RootkitRevealer, and many others. Kaspersky reported some unsigned system files that ought to be signed (e.g. tcpip.sys), and reported a number of MD5 mismatches. But otherwise couldn't identify anything based on signature. When running Sysinternal RootkitRevealer and Sophos AntiRootkit, CPU usage goes up to 100% and gets stucked. The Rootkit is blocking them. When trying running/installing HiJackThis, RootkitRevealer and some other scanners, it tells me system security policy prevent running/installing it. The list of malicious acitivities go on and on. here's a sample of logs from all my scans. In particular, aswSnx.SYS, apnenfno.sys and PROCMON20.SYS has a huge number of hooks. It's hard to tell if the rootkit replaced legit program files like aswSnx.SYS (from Avast) and PROCMON20.SYS (from Sysinternal Process Monitor). I can't find whether apnenfno.sys is from a legit program. Help to identify it is appreciated. Trend Micro RootkitBuster ------ [HIDDEN_REGISTRY][Hidden Reg Value]: KeyPath : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg Root : 586bfc0 SubKey : Cfg ValueName : g0 Data : 38 23 E8 D0 BF F2 2D 6F ... ValueType : 3 AccessType: 0 FullLength: 61 DataSize : 32 [HOOKED_SERVICE_API]: Service API : ZwCreateMutant Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS OriginalHandler : 0x8061758e CurrentHandler : 0xaa66cce8 ServiceNumber : 0x2b ModuleName : aswSnx.SYS SDTType : 0x0 [HOOKED_SERVICE_API]: Service API : ZwCreateThread Image Path : c:\windows\system32\drivers\apnenfno.sys OriginalHandler : 0x805d1038 CurrentHandler : 0xaa5f118c ServiceNumber : 0x35 ModuleName : apnenfno.sys SDTType : 0x0 [HOOKED_SERVICE_API]: Service API : ZwDeleteKey Image Path : C:\WINDOWS\system32\Drivers\PROCMON20.SYS OriginalHandler : 0x80624472 CurrentHandler : 0xa709b0f8 ServiceNumber : 0x3f ModuleName : PROCMON20.SYS SDTType : 0x0 HiJackThis ------ O23 - Service: JWAHQAGZ - Sysinternals - www.sysinternals.com - C:\DOCUME~1\jeff\LOCALS~1\Temp\JWAHQAGZ.exe O23 - Service: LHIJ - Sysinternals - www.sysinternals.com - C:\DOCUME~1\jeff\LOCALS~1\Temp\LHIJ.exe Kaspersky TDSSKiller ------ 21:05:58.0375 3936 C:\WINDOWS\system32\ati2sgag.exe - copied to quarantine 21:05:59.0217 3936 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:05:59.0342 3936 C:\WINDOWS\system32\BUFADPT.SYS - copied to quarantine 21:05:59.0856 3936 BUFADPT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:05:59.0965 3936 C:\Program Files\CrashPlan\CrashPlanService.exe - copied to quarantine 21:06:00.0152 3936 CrashPlanService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:00.0246 3936 C:\WINDOWS\system32\epmntdrv.sys - copied to quarantine 21:06:00.0433 3936 epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:00.0464 3936 C:\WINDOWS\system32\EuGdiDrv.sys - copied to quarantine 21:06:00.0526 3936 EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:00.0604 3936 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe - copied to quarantine 21:06:01.0181 3936 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0321 3936 C:\Program Files\AddinForUNCFAT\UNCFATDMS.exe - copied to quarantine 21:06:01.0430 3936 OTFSDMS ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0492 3936 C:\WINDOWS\system32\DRIVERS\tcpip.sys - copied to quarantine 21:06:01.0539 3936 Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0601 3936 C:\DOCUME~1\jeff\LOCALS~1\Temp\TULPUWOX.exe - copied to quarantine 21:06:01.0664 3936 HKLM\SYSTEM\ControlSet003\services\TULPUWOX - will be deleted on reboot 21:06:01.0664 3936 C:\DOCUME~1\jeff\LOCALS~1\Temp\TULPUWOX.exe - will be deleted on reboot 21:06:01.0664 3936 TULPUWOX ( UnsignedFile.Multi.Generic ) - User select action: Delete 21:06:01.0757 3936 C:\WINDOWS\system32\Drivers\usbaapl.sys - copied to quarantine 21:06:01.0866 3936 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0913 3936 C:\Program Files\VMware\VMware Player\vmware-authd.exe - copied to quarantine 21:06:02.0443 3936 VMAuthdService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:02.0443 3936 vmount2 ( UnsignedFile.Multi.Generic ) - skipped by user 21:06:02.0443 3936 vmount2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:06:02.0459 3936 vstor2 ( UnsignedFile.Multi.Generic ) - skipped by user 21:06:02.0459 3936 vstor2 ( UnsignedFile.Multi.Generic ) - User select action: Skip

    Read the article

  • PowerShell Remoting: No credentials are available in the security package

    - by TheSciz
    I'm trying to use the following script: $password = ConvertTo-SecureString "xxxx" -AsPlainText -Force $cred = New-Object System.Management.Automation.PSCredential("domain\Administrator", $password) $session = New-PSSession 192.168.xxx.xxx -Credential $cred Invoke-Command -Session $session -ScriptBlock { New-Cluster -Name "ClusterTest" -Node HOSTNAME } To remotely create a cluster (it's for testing purposes) on a Windows Server 2012 VM. I'm getting the following error: An error occurred while performing the operation. An error occurred while creating the cluster 'ClusterTest'. An error occurred creating cluster 'ClusterTest'. No credentials are available in the security package + CategoryInfo : NotSpecified: (:) [New-Cluster], ClusterCmdletException + FullyQualifiedErrorId : New-Cluster,Microsoft.FailoverClusters.PowerShell.NewClusterCommand All of my other remote commands (installing/making changes to DNS, DHCP, NPAS, GP, etc) work without an issue. Why is this one any different? The only difference is in the -ScriptBlock tag. Help!

    Read the article

  • Network Path not found while joining Active Directory

    - by Chiggins
    So I have an Amazon EC2 box running Windows Server 2008 with Active Directory installed on it. I also have a Windows 7 virtual machine, which is set to use the Active Directory box as its DNS and WINS server. I'm trying to join the virtual machine to the domain, and I'm asked for authentication. I give authentication, wait a minute, and I get an error saying: The following error occurred attempting to join the domain "ad.chigs.me": The network path was not found. How can I fix this so that I'll be able to join the domain?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 186 187 188 189 190 191 192 193 194 195 196 197  | Next Page >