Search Results

Search found 9696 results on 388 pages for 'proxy authentication'.

Page 275/388 | < Previous Page | 271 272 273 274 275 276 277 278 279 280 281 282  | Next Page >

• xinet vs iptables for port forwarding performance

  - by jamie.mccrindle

  I have a requirement to run a Java based web server on port 80. The options are: Web proxy (apache, nginx etc.) xinet iptables setuid The baseline would be running the app using setuid but I'd prefer not to for security reasons. Apache is too slow and nginx doesn't support keep-alives so new connections are made for every proxied request. xinet is easy to set up but creates a new process for every request which I've seen cause problems in a high performance environment. The last option is port forwarding with iptables but I have no experience of how fast it is. Of course, the ideal solution would be to do this on a dedicated hardware firewall / load balancer but that's not an option at present.

  Read the article

• AIX 7.1 su root password bug?

  - by exxoid

  In our AIX 7.1 machine there is a weird bug we've ran into.. If you are logged into the AIX box via SSH as a regular user and you try to su - you get prompted for the password, lets say our password is "P@$$w0rd23", you can type "P@$$w0rd2ANYTHING" and it will still grant you root. As long as you have "P@$$w0rd2" it will grant you root regardless of what else you specify in the authentication and even though the actual password is "P@$$w0rd23". This seems to be a bug? Anyone see anything like this before? Thanks.

  Read the article

• Nginx save file to local disk

  - by Dean Chen

  My case is: In our China company, we have to access one web server in USA headquarter through Internet. But network is too slow, and we download many big image files. All our developers have to wait. So we want to setup a Nginx which acts as reverse proxy, its upstream is our USA web server. Question is can we make Nginx save the image files from USA web server into its local disk? I mean let Nginx act as one cache server.

  Read the article

• how to have publishing, blog and wiki features together?

  - by George2

  Hello everyone, I am using SharePoint 2007 Enterprise + Publishing portal template + Windows Server 2008. I want to have blog and wiki features as well as publishing portal features. Any ideas how to integrate publishing portal, blog and wiki? For integrate, I mean using the same user name and password to pass through authentication of publishing portal, blog and wiki. And should I setup 3 different site collections for publishing portal, blog and wiki (I find if I setup publishing portal site collection, I can not create blog and wiki sub-site)? thanks in advance, George

  Read the article

• How do I get around restrictive email policies by ISP?

  - by Peter Turner

  Apparently we've been restricted (though packet filtering) to some arbitrarily small and untenable number of emails a day by some bankrupt ISP (and they say that's how it's always been chortle). We've been using our own mail server for the last 15 years, and only recently they've been giving us guff. Is there a way for a legitimate business to email their clients, who really want to receive these emails, by bypassing the ISP? The way we've been doing it is by breaking up into 20 or 30 emails, but that gets complicated and requires a lot of manual labor by the receptionist, and unless she's really careful we wind up emailing lots of people twice. So what are my options (Hosted Email, Lithuanian Proxy Server, Different ISP, not writing awful PHP that sends out zillions of emails and gets us blacklisted)?

  Read the article

• Dediced server for all network functions?

  - by Alan

  I want to set up a fictional network configuration for a school in my neighborhood. They have about 50 computers altogether, 2X20 in computer rooms for students and another 10 scattered around for various professors. They should all access the internet through a dedicated Linux router machine. What they would like is to have domain names for those three computer groups. Lab1, Lab2 and Professors. The computers in Lab2 and Lab1 should have static ip and should all be named by numbers. So there should be 1@Lab1, 2@Lab1.... etc. And the Professors network should have a DHCP, with authentication. Is it an ok solution to have all these functions on a single server? (The one which will be used as a router) Do I have to set a local DNS for domain naming? Do the host names for Lab computers have to be set on the clients, or can they be automatically assigned?

  Read the article

• What is the best IP/Subnet set up strategy for a multi-server webhosting setup?

  - by Roy Andre

  Sorry for the mixed-up title, but let me try to explain better: We run a hosting solution, which until now has supported shared hosting and VPSes. Easy enough. We are now getting larger clients which require a more complex setup. We have more or less settled the server-setup itself, which will consist of: 1-2 Frontend Proxy/Load balancing servers 2+ Application servers 1 Database server 1 optional Memcached server The issue we are dealing with is to agree on a flexible and easy-to-maintain IP setup. So far we've been into VLAN'ing the internal servers in its own subnet, we've though of assigning an official IP to each server, and so on. What will be the best approach here? Any best practices? Using one official IP on the Frontend server, and then just set up an internal subnet for the servers behind that? We could then just NAT in any eventual sources required to access for instance the DB server directly over 3306.

  Read the article

• IIS7 folder permissions

  - by Eanna

  I build a basic WCF service that I now want to host in IIS7 under Windows Server 2008 R2. I added the service as an application under the default web site but whenever i try to run the application I get the following error: HTTP Error 500.19 - Internal Server Error The requested page cannot be accessed because the related configuration data for the page is invalid. Config Error - Cannot read configuration file due to insufficient permissions The only way I can get this service working is if i choose to "connect as" the server Administrator when adding the service. the "application user (pass-through authentication)" option does not seem to work. Could anyone help me out, I've just started using IIS7 and have no idea what to do... Thanks

  Read the article

• How do I setup a Gnome 3.2 VPN connection (Fedora 16)

  - by mpeters

  I just switched to Gnome 3 on a new laptop to try it out. Lots of things are different, but I think I can get used to them. But I'm having a real problem trying to figure out how to get the new network manager to setup a VPN through the GUI. I have openvpn, NetworkManager and NetworkManager-openvpn installed, but when I click on the network icon in gnome-shell there is nothing about vpn connections in there. When I click the "Network Settings" link in that menu I just see menus for Wired, Wireless and Network Proxy and none of those screens has anything for VPN connections either. Any suggestions about where I need to look to setup my connections and how to make it easier connect when I need to?

  Read the article

• Can arbitrary email addresses be stored in AD userPrincipalName?

  - by Rob Potter

  I have a web app that is front-ended by ISA, natively authenticating against AD. All users currently log on with sAMAccountName. I would like to allow users to provide a personal email address and be able to authenticate against this instead. From what I understand the AD userPrincipalName is typically used for an internally generated logon name, which by convention, is often their internally generated email address. The web app that I have is web scale (circa 3 million accounts*) and not an internal, corporate app, so the email addresses will be from diverse domains. Can I just set the AD userPrincipalName attribute to the user's email address, and then will ISA natively authenticate against this attribute instead? I heard rumours of AD having a maximum number of domain suffixes that it allows in AD userPrincipalName...? (presumably it catalogues them). [*I realise that AD is not the ideal authentication directory for a user population of this scale.]

  Read the article

• How to back up OWA exchange emails without Outlook

  - by fpghost

  My university uses Microsoft Outlook Web Access (OWA) e-mail. Soon they will close my e-mail account as my course has ended, but I really do not want to lose the archive of emails and attachments. I've read a backup to something called a .pst can be made if one has access to Microsoft Outlook but I do not. Is there any other way I could back these up? (preferably on Ubuntu 12.04 but I also have access to Win 7 if need be). One idea I played with is using davmail to allow access via Thunderbird and performing some kind of backup with that. However, I cannot seem to get past Authentication failed: invalid user or password, retry with domain\user.

  Read the article

• How do I split an internet connection into 4 equal connections?

  - by luis velasco

  My 4 roomates and I have a problem: One of my roomies is downloading torrents all the time. When somebody need make a call or doing something like you tube or a quiz using the internet conection. The internet is very slow.... I can not create a network using a computer as a proxy. I just need a good router (and in the budget no more than $50).. I just want to split a 16MB connection into a separated 4 x 4 mb (theoretically)..

  Read the article

• How do I use XQuartz with ssh on OS X?

  - by cwd

  I've downloaded the latest stable version of XQuartz on my Snow Leopard machine, and I'm trying to make an ssh connection with X forwarding but X11 keeps opening. How can I get OS X to use XQuartz? I had X11 installed I downloaded and installed XQuartz X11 is not open / running XQuartz is open and running I try and connect to a remote system using iTerm2: ssh user@remote -X X11 opens. XQuartz is still open, but I doubt it is doing anything. I also tried moving X11 to the trash but then the ssh connection will not complete, even though XQuartz is open. I also get the two warnings which I don't understand how to fix, even after reading the ssh man page. Warning: untrusted X11 forwarding setup failed: xauth key data not generated Warning: No xauth data; using fake authentication data for X11 forwarding.

  Read the article

• Window 2003 Server - Logon Failure error message in Event Viewer

  - by user45192

  Hi guys, I received alot of event logged in the event viewer with this message. I notice is always the same user id which encounters this error. The user id is use by an application to access the database. However, this account does not exits on this server. How do I trace the services/program use by this user id which causes these error messages? Reason=Unknown user name or bad password&&User Name=&&Domain=&&Logon Type=3&&Logon Process=NtLmSsp&&Authentication Package=NTLM&&Workstation Name=&&Caller User Name=-&&Caller Domain=-&&Caller Logon ID=-&&Caller Process ID=-&&Transited Services=-&&Source Network Address=-&&Source Port=-&&User=SYSTEM&&ComputerName=

  Read the article

• Postfix configuration w.r.t. port 25

  - by Monkey Boson

  After a considerable amount of research, I have configured my postfix server to use dovecot to accept SMTPS connections over port 465 and everything works swimmingly. Unfortunately, I forgot that, unless I listen to port 25, I'm not going to receive any e-mail from the net. I'm hoping somebody knows off the top of their head how to open up port 25 on Postfix for anonymous users, but disallow relaying and any other bad things on that port. And to leave the port 465 the way it is. As to my current configuration, I changed the master.cf file: smtps inet n - n - - smtpd and the main.cf file: # Use our SSL certificates smtpd_tls_cert_file = .....cer smtpd_tls_key_file = .....key smtpd_tls_security_level = may # Use Dovecot for SASL authentication smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_sasl_authenticated, reject_unauth_destination Any help is appreciated!

  Read the article

• How can I send a Wake on Wireless LAN (WoWLAN) / Wake on Demand request manually?

  - by pioto

  This is similar to, but not the same as, http://serverfault.com/questions/1721/is-wireless-wake-on-lan-possible. I know it is supposed to be possible. The question is, how do I do whatever the AirPort Basestation will do? All I can find so far is that supposedly I need to send something with Wireless Multimedia Extensions (WMM): Basically, I want to be able to wake up my Mac Mini remotely, probably using my Linux laptop. Does anyone know of a tool to do this? Basic Wake on LAN tools do not seem to be the right thing. I don't need the Sleep Proxy Service bit, because I already know the MAC address of the system I want to wake up.

  Read the article

• How secure is using "Normal password" for SMTP with connection type = STARTTLS?

  - by harshath.jr

  I'm using an email client for the first time - for the most part I've always used gmail via the web interface. Now I'm setting up thunderbird to connect to an email server of my own (on my own server, own domain name, etc). The server machine (and the email server on it) was preconfigured for me. Now i figured out away by which I'm able to send and receive email, but I noticed that in the outgoing and incoming servers section, the connection type was STARTTLS (and not SSL/TLS), and the Authentication Type was "Normal Password". Does this mean that the password will be sent across in plain text? I'm very paranoid about security - its the only way that it works for me. Can someone please post links that explain how SMTP (my outbound server) and IMAP (my inbound server) servers work, and what connection type means what? Thanks! PS: If this question does not belong here, please redirect me.

  Read the article

• How does pptpd (poptop) or pppd work with eap-tls and mppe-128?

  - by Henk

  To create a VPN I've installed pptpd on an Ubuntu domU (Debian domUs can also be created). MSCHAPv2 isn't a very strong authentication protocol so I'd like to use EAP-TLS. I've set up a FreeRADIUS server and certificates for EAP-TLS before (for use with WPA), and I've also set up a pptp server with mschap-v2 auth, but I can't figure out how to combine the two. Maybe pppd can use EAP-TLS on its own, but I can't find support for it in the Ubuntu package. If I need to patch the package, that's fine, I know how to patch Debian packages (provided the patch applies cleanly). Also, can MPPE still be used when pppd is configured to use EAP? Because it says in the manual several times that MPPE requires MSCHAP. However, other docs like this one: http://www.nikhef.nl/~janjust/ppp/ seem to refute that. The clients are running Mac OS X Leopard and GNU/Linux, there's no need to fix anything for Windows.

  Read the article

• SAMBA and Linux ACLs -- "Permission denied" on write to share but file written nevertheless

  - by MCH

  I set up a writable share directory "/home/net/share" with acl like this: sudo mkdir -p "/home/net/share" sudo setfacl -m "u:localuser:rwx,u:remoteuser:rwx,g:users:rwx" "/home/net/share" My /etc/samba/smb.conf looks like this: [global] workgroup = w server string = server security = user load printers = no log file = /var/log/samba/%m.log max log size = 50 dns proxy = no printing = bsd printcap name = /dev/null disable spoolss = yes encrypt passwords = true invalid users = nobody root follow symlinks = yes wide links = yes [share] comment = Writable by localuser and remoteuser path = /home/net/share valid users = remoteuser read only = no public = no printable = no Locally, localuser and remoteuser have user accounts and smbpasswds and can both read, create and delete files in /home/net/share. But when I log on from a different machine (like this: sudo mount -t cifs //server/share mountpoint/ -o username=remoteuser ), I get "Permission denied" both when trying to create directories and files, oddly though, it does create files (not directories!) despite these messages! How can I get this working?

  Read the article

• Connection reseted- error 101

  - by Maja

  I have a problem with internet connection- when i try to load website, it will always write this error:Error 101 (net::ERR_CONNECTION_RESET): Connection was reseted. I'm using Win7 64 bit and I have this router: asus rt n10. First, i tried to change MTU from 1504 to 1472 and it worked for a while, but yesterday it started again. Now I have MTU 1440 but I don't want to lower it more. Is there another solution? Btw I have no malware in my laptop (I used the avast scan) and I've also deleted cookies and disabled proxy server (I'm not using any).

  Read the article

• Can vCenter 4 authenticate and authorize against a virtual directory server??

  - by iforeman

  Hi I am looking into Identity managment in our environment. We currently use Active Directory and Sun's Enterprise Directory server (6.3). I was wondering if I used the Virtual Directory Server of the Enterprise Directory server, would we be able to point the vCenter clients to this Directory service for authentication and authorization rather than at the AD source. The reason for this is that we have more users we want to add to the management role of this server but not all are in AD, a fair number are in the Sun LDAP v3. directory. Thanks in advance Ian

  Read the article

• Truecrypt system partion partially encryted but then drive corrupted and won't boot - decrypting so I can access files to backup?

  - by Dr.Seuss

  So I was attempting to encrypt my (Windows 7) system drive with Truecrypt and it stopped at around 15% and said that there was a segment error and that it could not proceed until it was fixed. So, I restarted the computer and ran HDD Regenerator which subsequently fixed the bad sectors on the drive, but now my system cannot boot. So, I run a number of recovery disks to no avail (Windows repair is unable to fix) and the drive won't mount on a linux version run from a CD because the drive is encrypted. So I tried mounting the drive using Truecrypt under the Linux distribution on the disk and selected "Mount partition using system encryption without pre-boot authentication" so I can decrypt, but I get an error message about it only being possible once the entire system is encrypted. How do I get out of this mess? I need to be able to back up the data that's on that partially encrypted drive so I can reinstall my operating system.

  Read the article

• iPad revocable vpn access

  - by carpat

  I'm a programmer at my organization, but somehow got drafted into looking into some server stuff so forgive me of my ignorance: They want to give our sales people secure access to our internal sites using their iPads. This must be secure (obviously) but also revocable from the company's side (if someone quits they can no longer access our network). I see from http://support.apple.com/kb/HT1288 that the iPad supports "RSA SecurID", "CRYPTOCard", and "Kerberos" authentication methods. Will one of these do what we need? Are there any major differences between them?

  Read the article

• How to install Gitlab in a VM on a production server?

  - by Michaël Perrin

  I have a production server running Ubuntu 12.04 and I would like to install on it a VM with Gitlab (using Vagrant and Virtualbox). Let's say that the address to access Gitlab is gitlab.mydomain.com . The DNS zone has been configured to point to the IP address of the server. I want users to be able to access to Gitlab (either for pushing to a repository, or for accessing to the web interface) from the outside. The VM has been configured to have an IP address. It means that when browsing http://gitlab.mydomain.com for instance, the request has to be forwarded to the VM on the server, ie. to the VM IP address. What are the ways to configure this? Can Apache be used as a proxy? In this case, I guess it only works for HTTP requests, but not for pushing to a Git repository on the VM.

  Read the article

• Limiting and redirect port access with useragent

  - by linuxcore

  I'm trying to write iptables string match rule To block http://domain.com:8888 and https://domain.com:8888 when it matches the supplied string in the rule. And another rule to redirect the ports also from 8888 to 7777 I tried following rules but unfortunately didn't work iptables -A INPUT -p tcp -s 0.0.0.0/0 -m string --string linuxcore --algo bm --sport 8888 -j DROP iptables -t raw -A PREROUTING -m string --algo bm --string linuxcore -p tcp -i eth0 --dport 8888 -j DROP iptables -t nat -A PREROUTING -p tcp --dport 8888 -m string --algo bm --string "linuxcore" -j REDIRECT --to-port 7777 iptables -A INPUT -t nat -p tcp --dport 8888 -m string --algo bm --string "linuxcore" -j DROP I want to do this from iptables not the webserver because the server may not have a webserver and those ports are working on internal proxy or something like ..etc

  Read the article

< Previous Page | 271 272 273 274 275 276 277 278 279 280 281 282  | Next Page >