Search Results

Search found 10550 results on 422 pages for 'syntax rules'.

Page 226/422 | < Previous Page | 222 223 224 225 226 227 228 229 230 231 232 233  | Next Page >

• How can I debug Cisco Firewall ASA "Dispatch Unit" very high CPU utilisation from ASDM?

  - by Andy

  I have recently had my first firewall installed so I am very new to this whole situation. I am finding that Dispatch unit is becoming overloaded and it would appear to be the reason I get serious bouts of lag on my server. The firewall has had little configuration apart from me blocking all the ports in "Access Rules" and allowing only the ones the server needs and from where it needs them. I guess what I am after is assistance with locating the issues causing "Dispatch Unit" to take up all the CPU Regards --Edit-- With ASDM statistics I found that packets inbound (peak of 70-100k/sec from <1k/sec normal), traffic inbound (peak of 40-50kbits/sec from <1kbits/sec normal) and CPU all peak at the same time so I am pretty sure it is an attack of some sort but as a beginner with ASA I am not sure how to resolve

  Read the article

• Cannot deploy reports on localhost/reports

  - by Jackson Sunuwar

  I am using Microsoft SQL Server 2008 R2, Sql Server Reporting Services(SSRS) on an xp virtual machine.. I have created a report and am trying to deploy it... but getting this error... The specified report server URL http://localhost/Reports could not be found. Verify the syntax of the URL and that the report server exists. I went to see my "services".... SQL Server (SQLEXPRESS) is "started", but SQL Server (MSSQLSERVER) is not. When I try to start it, it says windows could not start the sql server on local computer error code 10048 I tried to go in cmd and tried C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -sMSSQLSERVER I get this, Server Error: 17058, Severity: 16, State: 1. can someone please help me...

  Read the article

• Can't Allow Specific Port in Windows Firewall Advanced Security - Windows 2008

  - by Jody

  In the Outbound Rules, I set up a rule to allow outbound connection from port 26. But, it doesn't work. However, if I allow "all port" for this rule, this will work, but then all ports will be allowed too. What is the reason? Is there any conflicting rule? I need to fix this as soon as possible. -Edit to add : I'm trying to allow email access to mail server outside (port 26). The thing is, even if I telnet using port 26, it will not work, unless I allow "all ports". Specific port will not do.

  Read the article

• Bad request - Invalid Hostname Error when using ARR IP address

  - by syloc

  I'm trying to setup a simple ARR system. I have 1 ARR machine load balancing between 2 APP servers. I can reach the app sites if i use the server name of the ARR machine. (http://arrserver/app) But i can't do it with its IP address. (http://10.7.10.25/app). It gives the "Bad Request - Invalid Hostname". In the ARR machine i configured the default site's bindings to "All Unassigned","80" (default values). Do i need to change the binding rule or need additional url rewrite rules? And also, in the ARR server http://127.0.0.1/app doesn't work. But http://localhost/app works fine. Thx in advance

  Read the article

• Check a list of passwords strength

  - by user144705

  Is there any way to check a list of passwords whether they strong or not? I have a list of passwords, around 2000, and want to check them against this policy Password must contain a minimum of eight (8) characters Password must contain at least one letter Password must contain at least one number Password must contain at least one punctuation character And count how many compliant with that policy before we save them. Is there any tool, script or maybe rules in excel to do this instead of doing it manually? Could you please help me?

  Read the article

• htaccess order Deny,Allow rule

  - by aspiringCodeArtisan

  I'd like to dynamically add IPs to a block list via htaccess. I was hoping someone could tell me if the following will work in my case (I'm unsure how to test via localhost). My .htaccess file will have the following by default: order allow,deny allow from all IPs will be dynamically appended: Order Deny,Allow Allow from all Deny from 192.168.30.1 The way I understand this is that it is by default allow all with the optional list of deny rules. If I'm not mistaken Order Deny,Allow will look at the Deny list first, is this correct? And does the Allow from all rule need to be at the end?

  Read the article

• Using wget to recursively download whole FTP directories

  - by user9406

  I want to copy all of the files and folders from one host to another. The files on the old host sit at /var/www/html and I only have FTP access to that server, and I can't TAR all the files. Regular connection to the old host through FTP brings me to the /home/admin folder. I tried running the following command form my new server: wget -r ftp://username:[email protected] But all I get is a made up index.html file. What the right syntax for using wget recursively over FTP?

  Read the article

• FTP "PUT" fails from Virtual Machine, but not host PC: 504 Command not implemented for that paramete

  - by BrianH

  I have an FTP Script I'm using to automate a file transfer. The transfer works fine on my PC (XP SP2), but when I try and run it on a VM on my PC (XP SP2), the "put" commands gives off: 504 Command not implemented for that parameter. FTP File: open [ftp site] [username] [password] cd [directory on FTP server] binary hash put ..\[subfolder1]\[Subfolder2]\[subfolder3]\[filename] bye The FTP site/server is around the world, and not under my control. From what I understand of a 504, that means the command should NEVER work, but since the same script DOES work on my PC (hosting the VM), that eliminates syntax, file naming, etc. The put command when triggered from the VM, actually creates a 0 length file on the target FTP server, but doesn't populate the file.

  Read the article

• Long string insertion with sed

  - by Luis Varca

  I am trying to use this expression to insert the contents of one text file into another after a give string. This is a simple bash script: TEXT=`cat file1.txt` sed -i "/teststring/a \ $TEXT" file2.txt This returns an error, "sed: -e expression #1, char 37: unknown command: `M'" The issue is in the fact that the contents of file1.txt are actually a private certificate so it's a large amount of text and unusual characters which seems to be causing an issue. If I replace $TEXT with a simple ASCII value it works but when it reads the large content of file1.txt it fails with that error. Is there some way to carry out this action? Is my syntax off with sed or my quote placement wrong?

  Read the article

• iptables: built-in INPUT chain in nat table?

  - by ughmandaem

  I have a Gentoo Linux system running linux 2.6.38-rc8. I also have a machine running Ubuntu with linux 2.6.35-27. I also have a virtual machine running Debian Unstable with linux 2.6.37-2. On the Gentoo and Debian systems I have an INPUT chain built into my nat table in addition to PREROUTING, OUTPUT, and POSTROUTING. On Ubuntu, I only have PREROUTING, OUTPUT, and POSTROUTING. I am able to use this INPUT chain to use SNAT to modify the source of a packet that is destined to the local machine (imagine simulating an incoming spoofed IP to a local application or just to test a virtual host configuration). This is possible with 2 firewall rules on Gentoo and Debian but seemingly not so on Ubuntu. I looked around for documentation on changes to the SNAT target and the INPUT chain of the nat table and I couldn't find anything. Does anyone know if this is a configuration issue or is it something that was just added in more recent versions of linux?

  Read the article

• PHP compiled on Mac OSX 10.6 - using /usr/lib when trying to start apache... rather than /opt/local/lib specified when php was configured

  - by Anthony

  PHP 5.3.3 compiled on Mac OSX 10.6 - using /usr/lib when trying to start apache... rather than /opt/local/lib specified when php was configured Why is it trying to load from /usr/lib when I specified in my configure not to? httpd: Syntax error on line 115 of /private/etc/apache2/httpd.conf: Cannot load /usr/libexec/apache2/libphp5.so into server: dlopen(/usr/libexec/apache2/libphp5.so, 10): Library not loaded: /opt/local/lib/libiconv.2.dylib\n Referenced from: /usr/libexec/apache2/libphp5.so\n Reason: Incompatible library version: libphp5.so requires version 8.0.0 or later, but libiconv.2.dylib provides version 7.0.0 The error message above refers to /opt/local/lib which when I run: otool -LD /opt/local/lib/libiconv.2.dylib /opt/local/lib/libiconv.2.dylib: /opt/local/lib/libiconv.2.dylib (compatibility version 8.0.0, current version 8.0.0) /usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 125.0.0) It shows that the version is different than what http is erring out as.

  Read the article

• Use DOS batch to move all files up 1 directory

  - by Harminoff

  I have created a batch file to be executed through the right-click menu in Win7. When I right-click on a folder, I would like the batch file to move all files (excluding folders) up 1 directory. I have this so far: PUSHHD %1 MOVE "%1\*.*" ..\ This seems to work as long as the folder I'm moving files from doesn't have any spaces. When the folder does have spaces, I get an error message: "The syntax of the command is incorrect." So my batch works on a folder titled PULLTEST but not on a folder titled PULL TEST. Again, I don't need it to move folders, just files. And I would like it to work in any directory on any drive. There will be no specific directories that I will be working in. It will be random. Below is the registry file I made if needed for reference. Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\Directory\shell\PullFiles] @="PullFilesUP" [HKEY_CLASSES_ROOT\Directory\shell\PullFiles\command] @="\"C:\\Program Files\\MyBatchs\\PullFiles.bat\" \"%1\""

  Read the article

• Firewall GPO not applying despite being enumerated by gpresult

  - by jshin47

  I have a need to open up the admin$ share on all of my domain's client PC's and I am trying to do so using group policy. I defined computer policy for Windows Firewall with Advanced Security in a policy object linked to the appropriate container and added the appropriate rules. However, they are not being applied! I feel like I have tried all of the obvious steps: I've checked gpresult and the resulting set of policy is the way that I would expect it to look. I've gpupdate /force and gpupdate /sync on a few client computers, but no matter what I do they don't seem to respond to my changes. I know that other computer policies in the GPO are being applied so it is strange that these are not. I have also disabled exceptions on clients in the firewall GPO, but that doesn't seem to be applying either. Here is a screenshot of the firewall.cpl from a client: Basically, although other options in the same GPO ARE applied for computer policy, the firewall settings seem to be ignored.

  Read the article

• monitor just what's going on -on a firewall

  - by bbutle01

  I have this little snapgear firewall. It's a little purpose built box running a custom linux, SH4 processor @240 Mhz, 64MB of ram. Basically how close we are to capacity is a mystery to me. I know I can run top and see the status of all the processes, but how can I see just how much of the processor is going to passing data... and how to estimate when I'm going to need to upgrade, and by tweaking iptables rules, how does that help/hurt the processor. suggestions?

  Read the article

• clear contents from matched column of data in another sheet

  - by Peta

  I have a column of email addresses on sheet 2 col A (but I could put them on sheet 1 if it would make it easier / faster) that I want to remove from sheet 1 col D if matched (there may be 2 or more occurences of the same email to be removed/cleared). (1000s of rows in each sheet). After all day searching forums I’m getting more confused & can't find what I'm looking for. Not sure whether to use .match or .find & .ClearContents & the syntax for iterating through. Thanks very much in anticipation Peta

  Read the article

• vsFTPd and iptables - how to configure them in CentOS 5.5?

  - by Vincenzo

  I've installed vsFTPd in CentOS 5.5, on TWO servers, and added this rule to their iptable-s: -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT Looks like this is not enough, since when I'm trying to upload a file from one server to another, I'm getting this result (IP address is masked): # ftp 99.99.99.99 Connected to …com (99.99.99.99). 220 (vsFTPd 2.0.5) Name (99.99.99.99:root): vinny 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls 227 Entering Passive Mode (99,99,99,99,107,74) ftp: connect: No route to host I've found a few articles in the net about the second rule I have to add to iptables, but I didn't find the right syntax for it. Could you please help?

  Read the article

• mod_rewrite directory path to deeper directory

  - by DA.

  I don't usually work with LAMP and am a bit stumped getting a site working locally. The site is set up to be used via localhost: 1) http://localhost/mysite However, the way the site files are physically on the server the root is located as such: 2) /var/www/mysite/trunk/site I'm trying to figure out a way where I could type #1 but have apache actually looking for the files in #2 so that all of the asset/page links in the web application work. Is mod_rewrite the solution? If so, I'm stumped on the syntax. I have this but it won't work (due, I assume, to it causing an infinite loop) RewriteRule ^mysite/ mysite/trunk/site I have a hunch I need to sprinkle on some regex?

  Read the article

• Passenger, Apache and avoiding page caching

  - by user38382

  I'm hosting a rack application with passenger and apache. The application is setup to cache the content of each request to the public directory after each request. This allows apache to serve the content directly as a static page for future requests. I would like to tell Apache, presumably through some rewrite rules that any requests with query parameters should not be cached, but instead passed down to the rack application. With a mongrel setup I would just redirect it to the balancer if it meets my rewrite conditions. How do you do the same with passenger?

  Read the article

• Linux Live CD for old computer

  - by Joel Coehoorn

  I have a pentium II (that's right, pentium II) with a scant 200MB of ram. This was a high-end workstation in it's day. The machine currently runs dos on a raid array, and I need to pull some data from it. I figure my best chance at this is to use a linux live cd to copy the data to one of our active directory network shares (there is a network card in the machine). Unfortunately, my linux skills are abysmal, so I'm not sure where to get started: Where should I look to find a linux cd that will run well on such an old system Since I'm likely gonna need to be command-line only, what do I need to do to configure the network card and mount the network share via the command line? Bonus points: exact syntax needed to copy and convert the entire volume for use in VMware server 2.0, but really just copying all the data should be enough.

  Read the article

• How to open a server port outside of an OpenVPN tunnel with a pf firewall on OSX (BSD)

  - by Timbo

  I have a Mac mini that I use as a media server running XBMC and serves media from my NAS to my stereo and TV (which has been color calibrated with a Spyder3Express, happy). The Mac runs OSX 10.8.2 and the internet connection is tunneled for general privacy over OpenVPN through Tunnelblick. I believe my anonymous VPN provider pushes "redirect_gateway" to OpenVPN/Tunnelblick because when on it effectively tunnels all non-LAN traffic in- and outbound. As an unwanted side effect that also opens the boxes server ports unprotected to the outside world and bypasses my firewall-router (Netgear SRX5308). I have run nmap from outside the LAN on the VPN IP and the server ports on the mini are clearly visible and connectable. The mini has the following ports open: ssh/22, ARD/5900 and 8080+9090 for the XBMC iOS client Constellation. I also have Synology NAS which apart from LAN file serving over AFP and WebDAV only serves up an OpenVPN/1194 and a PPTP/1732 server. When outside of the LAN I connect to this from my laptop over OpenVPN and over PPTP from my iPhone. I only want to connect through AFP/548 from the mini to the NAS. The border firewall (SRX5308) just works excellently, stable and with a very high throughput when streaming from various VOD services. My connection is a 100/10 with a close to theoretical max throughput. The ruleset is as follows Inbound: PPTP/1723 Allow always to 10.0.0.40 (NAS/VPN server) from a restricted IP range >corresponding to possible cell provider range OpenVPN/1194 Allow always to 10.0.0.40 (NAS/VPN server) from any Outbound: Default outbound policy: Allow Always OpenVPN/1194 TCP Allow always from 10.0.0.40 (NAS) to a.b.8.1-a.b.8.254 (VPN provider) OpenVPN/1194 UDP Allow always to 10.0.0.40 (NAS) to a.b.8.1-a.b.8.254 (VPN provider) Block always from NAS to any On the Mini I have disabled the OSX Application Level Firewall because it throws popups which don't remember my choices from one time to another and that's annoying on a media server. Instead I run Little Snitch which controls outgoing connections nicely on an application level. I have configured the excellent OSX builtin firewall pf (from BSD) as follows pf.conf (Apple App firewall tie-ins removed) (# replaced with % to avoid formatting errors) ### macro name for external interface. eth_if = "en0" vpn_if = "tap0" ### wifi_if = "en1" ### %usb_if = "en3" ext_if = $eth_if LAN="{10.0.0.0/24}" ### General housekeeping rules ### ### Drop all blocked packets silently set block-policy drop ### all incoming traffic on external interface is normalized and fragmented ### packets are reassembled. scrub in on $ext_if all fragment reassemble scrub in on $vpn_if all fragment reassemble scrub out all ### exercise antispoofing on the external interface, but add the local ### loopback interface as an exception, to prevent services utilizing the ### local loop from being blocked accidentally. ### set skip on lo0 antispoof for $ext_if inet antispoof for $vpn_if inet ### spoofing protection for all interfaces block in quick from urpf-failed ############################# block all ### Access to the mini server over ssh/22 and remote desktop/5900 from LAN/en0 only pass in on $eth_if proto tcp from $LAN to any port {22, 5900, 8080, 9090} ### Allow all udp and icmp also, necessary for Constellation. Could be tightened. pass on $eth_if proto {udp, icmp} from $LAN to any ### Allow AFP to 10.0.0.40 (NAS) pass out on $eth_if proto tcp from any to 10.0.0.40 port 548 ### Allow OpenVPN tunnel setup over unprotected link (en0) only to VPN provider IPs ### and port ranges pass on $eth_if proto tcp from any to a.b.8.0/24 port 1194:1201 ### OpenVPN Tunnel rules. All traffic allowed out, only in to ports 4100-4110 ### Outgoing pings ok pass in on $vpn_if proto {tcp, udp} from any to any port 4100:4110 pass out on $vpn_if proto {tcp, udp, icmp} from any to any So what are my goals and what does the above setup achieve? (until you tell me otherwise :) 1) Full LAN access to the above ports on the mini/media server (including through my own VPN server) 2) All internet traffic from the mini/media server is anonymized and tunneled over VPN 3) If OpenVPN/Tunnelblick on the mini drops the connection, nothing is leaked both because of pf and the router outgoing ruleset. It can't even do a DNS lookup through the router. So what do I have to hide with all this? Nothing much really, I just got carried away trying to stop port scans through the VPN tunnel :) In any case this setup works perfectly and it is very stable. The Problem at last! I want to run a minecraft server and I installed that on a separate user account on the mini server (user=mc) to keep things partitioned. I don't want this server accessible through the anonymized VPN tunnel because there are lots more port scans and hacking attempts through that than over my regular IP and I don't trust java in general. So I added the following pf rule on the mini: ### Allow Minecraft public through user mc pass in on $eth_if proto {tcp,udp} from any to any port 24983 user mc pass out on $eth_if proto {tcp, udp} from any to any user mc And these additions on the border firewall: Inbound: Allow always TCP/UDP from any to 10.0.0.40 (NAS) Outbound: Allow always TCP port 80 from 10.0.0.40 to any (needed for online account checkups) This works fine but only when the OpenVPN/Tunnelblick tunnel is down. When up no connection is possbile to the minecraft server from outside of LAN. inside LAN is always OK. Everything else functions as intended. I believe the redirect_gateway push is close to the root of the problem, but I want to keep that specific VPN provider because of the fantastic throughput, price and service. The Solution? How can I open up the minecraft server port outside of the tunnel so it's only available over en0 not the VPN tunnel? Should I a static route? But I don't know which IPs will be connecting...stumbles How secure would to estimate this setup to be and do you have other improvements to share? I've searched extensively in the last few days to no avail...If you've read this far I bet you know the answer :)

  Read the article

• Remote Access Without Explicit Permission: Convenience or Liability?

  - by routeNpingme

  For outsourced professional IT remote support, one habit most new technicians get into is the "instead of getting the user to start up remote support each time, I'll go ahead and install LogMeIn / GoToMyPC / Remote Desktop / whatever so that if they call again, I can just jump on and help them". This of course opens up a potential liability because a client PC on a network that we don't own is being accessed without a user explicitly providing permission by clicking a "Yes, allow technician to control my PC" option. I realize the rules totally change when you're an IT admin over a network that you "own", but this is outsourced IT support. Just curious what others' policies are. Is this an acceptable practice for convenience and I'm turning into one of those "security is more important than anything" people, or is this really a liability?

  Read the article

• Why can't my networks reach each other?

  - by HOLOGRAPHICpizza

  We have two Buffalo WZR-HP-G300NH2 routers, with the default firmware, DD-WRT v24SP2-MULTI (10/31/11) std - build 17798. Each has a separate cable internet connection with a public static IP address. They are both in the 24.123.68.0/24 space. Both of them can contact pretty much the whole internet, and they can both be accessed out on the internet with no problem, but for some reason they can't talk to each other! When I try to ping one from the other I always get "Destination Host Unreachable". There are no strange routing or firewall rules in place. And they are both set to respond to pings, I can ping them from outside. Our main IT guy is going to call our ISP on Monday, but I'm impatient, so does anyone have any ideas?

  Read the article

• How do I use memmap to reserve memory on boot?

  - by alexl

  Ive got a laptop with some corrupted ram addresses, so I'm trying to use memmap to reserve them before linux boots up. Ive been trying to use memmap=10M$1024M' as a kernel boot option, but linux crashes (with no errors) and restarts. If I use a different syntax for memmap likememmap=1023M@0M` it boots fine. Do I have to specify a certain size block to reserve or could my kernel version not support reserving memory with memmap? Maybe I'm better off using memmap=exactmap, and if so, could somebody point me to a good faq on how to use it?

  Read the article

• What's the situation that requires stateful firewall?

  - by Eonil

  I just know there is two kind of firewalls. Stateless and stateful. It's hard to determine what kind of firewall I have to use. Currently I have to run firewall within same machine runs services, Basically I want stateless because of its less resource consumption. However if it is not sufficient for security, it's meaningless. I'll run HTTP, SSH, NFS (only over SSH), and some custom made server on several TCP/UDP ports. Should I use stateful firewall? (edit) Maybe the question can be assumed as 'Should I use stateful rules?'.

  Read the article

• What is fastest way to backup a disk image over LAN?

  - by David Balažic

  Sometimes I boot sysrescd or a similar live linux on a PC to backup the hardrive over local network to my server. I noticed many times, that the transfer speed is not optimal (slower than HDD and network speed). Any rules of thumb what to do and what to avoid? What I typically do is something like: dd bs=16M if=/dev/sda | nc ... # on client nc ... | dd bs=16M of=/destination/disk/backup1 # on server I also "throw" in lzop (other are way too slow) and sometimes on the fly md5sum calculation (both of uncompressed and compress source). I try to add (m)buffer (or other alternatives) to improve throughput (and get a progress indicator). I noticed that even with enough free CPU, adding commands to the pipeline slows things down. Typically the destination is on a NTFS volume (accessed via ntfs-3g, with the _big_writes_ option).

  Read the article

< Previous Page | 222 223 224 225 226 227 228 229 230 231 232 233  | Next Page >