Search Results

Search found 26004 results on 1041 pages for 'debian based'.

Page 346/1041 | < Previous Page | 342 343 344 345 346 347 348 349 350 351 352 353 | Next Page >

IP Blacklists and suspicious inbound and outbound traffic

- by Pantelis Sopasakis

I administer a web server and recently we had our IP banned (!) from our host after they received a notification e-mail for abuse. In particular our server is allegedly involved in spam attacks over HTTP. The content of the abuse report email we received was not much informative - for example the IP addresses our server is supposed to have attacked against are not included - so I started a wireshark session checking for suspicious traffic over TCP/HTTP while trying to locate possible security holes on the system. (Let me note that the machine runs a Debian OS). Here is an example of such a request... Source: 89.74.188.233 Destination: 12.34.56.78 // my ip Protocol: HTTP Info: GET 'http://www.media.apniworld.com/image.php?type=hv' HTTP/1.0 I manually blacklisted this host (as well as some other ones) blocking them with iptables, but I can't keep on doing manually all day long... I'm looking for an automated way to block such IPs based on: Statistical analysis, pattern recognition or other AI-based analysis (Though, I'm reluctant to trust such a solution, if exists) Public blacklists Using DNSBL I actually found out that 89.74.188.233 is blacklisted. However other IPs which are strongly suspicious like 93.199.112.126 (i.e. http://www.pornstarnetwork.com/account/signin), unfortunately were not blacklisted! What I would like to do is to automatically connect my firewall with DNSBL (or some other blacklist database) and block all traffic towards blacklisted IPs or somehow have my local blacklist automatically updated.

Read the article
File creation time on Windows vs Linux

- by Sergei

We have following setup: mountserver - debian linux fileserver1 - Windows 2008 R2 Storage server fileserver2 - Celerra NS20 exporting CIFS share workstation - windows 7 with mapped drive to share on fileserver2 What we are doing: mounted share from fileserver1 on mountserver, e.g. /shared/fileserver1 mounted share from fileserver2 on mountserver, e.g. /shared/fileserver2 ran rsync on mountserver to sync data from fileserver1 to fileserver2.Used atime as parameter to sync data not older than X after a while tried to delete data older that Y on /shared/fileserver2. From what I see, linux stat command on mountserver returns following when quering file on /shared/fileserver2: At the same time when I open property for the same file using mapped drive connected to fileserver2,I see following for the same file: As you can see, Created date of 12 August shown in Windows Explorer is nowhere to be seen using stat command Am I missing something here?

Read the article
How to execute programs on mounted partition

- by DevNoob

This is the aplication I want to run. -rwxr-xr-x 1 manuel manuel 582841 Nov 22 09:51 PromServerMain This is the fstab entry /dev/sda8 /media/data0 ext4 defaults,user 0 2 This is the mountpoint lrwxrwxrwx 1 manuel manuel 5 Nov 16 14:23 data -> data0 drwxrwxr-x 9 manuel manuel 4096 Nov 22 09:26 data0 This is what I get manuel@P5KC /media/data/Projekte/PromServer/src $ ./PromServerMain bash: ./PromServerMain: Keine Berechtigung manuel@P5KC /media/data/Projekte/PromServer/src $ sudo ./PromServerMain sudo: unable to execute ./PromServerMain: Permission denied Even as root. I have no clue whats wrong. Any suggestions? System is Debian Wheezy Xfce.

Read the article
Unix domain socket firewall

- by lagab

Hello, everyone. I've got a problem with my debian server. Probably there is some vulnerable script at my web-serser, which is running from www-data user. I also have samba with winbind installed, and samba is joined to windows domain. So, probably this vulnerable script allows hacker to bruteforce out domain controller through winbind unix domain socket. Actually I have lots of such lines at netstat -a output: unix 3 [ ] STREAM CONNECTED 509027 /var/run/samba/winbindd_privileged/pipe And our DC logs contain lots of recorded authentication attems from root or guest accounts. How can I restrict my apaches access to winbind? I had an idea to use some kind of firewall for IPC sockets. Is it possible?

Read the article
Question about ubuntu untrusted source, gpg, keyserver

- by ???

I have mirrored the ubuntu archive repository (I must say it's rather huge). Then, I can apt-get install with no problem, but it prompts with following warning: WARNING: The following packages cannot be authenticated! xxxx, xxxx, ... Install these packages without verification [y/N]? Well, you can always install it. But, I can't install from the ubuntu software GUI. Which require trusted source. So, 1. How to force the GUI to install untrusted package? 2. Should I configure GPG to receive some public keys? (I've already installed ubuntu-keyring, debian-keyring, but it still untrusted) 3. Should I configure GPG to receive unknown keys from some specific keyservers, automatically?

Read the article
Intel ICH9/10R raid 5 drive failure

- by davpen

About a year ago I was using the native Intel ICH9R Raid 5 an Intel P35 based motherboard. The system was running Vista x64 and when one of the drives failed Vista blue screened on boot until I had figured out which drive had failed and removed it (a rather nerve racking hit and miss affair). The same thing happened some months later on another similar system so it wasn't a once off. This wasn't the robust raid 5 drive failure behavior that I would have hoped for and expected. I moved to Highpoint Rocketraid 2300 and haven't had any problems although I have yet to have a drive fail with this set up. But I am now looking to build a new system based on an i7 and Windows 7. At the moment Highpoint doesn't have drivers for Windows 7 so I am considering moving back to the on board Intel Raid. Yes I know I that I might get away with using the Vista drivers but I don't really want to take that chance with critical data. The question then is has anyone else experienced a drive failure with Intel raid and how did the OS and drivers handle it? Is it safe to go back?

Read the article
How to set up memcached to use unix socket?

- by alfish

While I could use memcached on Debian to use the default 11211 port, but I've had great difficulty setting up unix socket, Form what I'v read, I know that I need to create a memcache.socket and add -s /path/to/memcache.socket -a 0766 To /etc/memcached.conf and comment out the default connection port and IP, i.e. -p 11211 -l 127.0.0.1 However, when I restart memcached I get internal server errors on Drupal site. I'm trying to implement unix sockets to avoid TCP/IP overhead and boost overal memcached performance, however not sure how much performance gain one can expect of this tweak. I appreciate your hints or possibly configs to to resolve this.

Read the article
Postfix sends email to spam (gmail, hotmail)

- by razorxan

I recently installed a postfix + dovecot + dkim multi domain, multi user, multi alias mail server on my debian squeeze system. Everything works except for one big issue that basically makes the whole thing useless: Every single email sent by my server goes straight into spam. (gmail, hotmail) First thing i did is doing the well known allaboutspam test and all is checked (green) except for the BATV thing (yellow): Reverse dns: green HELO Greeting: green RBL: green BATV: yellow SPF: green DKIM: green URIBL: green SPAMAssassin: green Greylist: green I'm really confused and i can't see a way to solve this issue. Ask me any detail if you need.

Read the article
How to configure Postfix client relay to Exchange 2010 server

- by helcim

I'm getting (delivery temporarily suspended: SASL authentication failed; server myserver.com[xxx.xxx.xxx.x] said: 535 5.7.3 Authentication unsuccessful) when I try to relay mail from Postfix 2.5.5-1.1 on Debian Lenny box to Exchange 2010. I think I tried all possible combinations but I'm definitely missing something. Here is relevant part of main.cf: broken_sasl_auth_clients = yes smtp_sasl_auth_enable = yes smtp_sasl_security_options = noanonymous smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_pix_workarounds = smtp_sasl_type = cyrus smtp_always_send_ehlo = yes relayhost = myserver.com And I got libsasl2-modules installed. Anybody managed to successfully relay mail between Postfix and Exchange? Oh, and I already double-checked if password is right.

Read the article
Configuring SASL support in libmemcached

- by John Keyes

I'm trying to build libmemcached with SASL support on OS X Mountain Lion. I have built memcached (1.4.15) with SASL support: $ memcached -S -vv Initialized SASL. slab class 1: chunk size 96 perslab 10922 ... slab class 42: chunk size 1048576 perslab 1 <17 server listening (binary) <18 server listening (binary) <19 send buffer was 9216, now 3728270 <20 send buffer was 9216, now 3728270 <19 server listening (udp) <20 server listening (udp) ... I am trying to build libmemcached with SASL support too. I have tried the following: $ ./configure --prefix=/usr/local \ --with-memcached-sasl=/usr/local/bin/memcached ... $ ./configure --prefix=/usr/local \ --with-memcached-sasl="/usr/local/bin/memcached -S" ... But the resulting configuration summary is the same for both: Configuration summary for libmemcached version 1.0.11 * Installation prefix: /usr/local * System type: apple-darwin12.2.0 * Host CPU: x86_64 * C Compiler: i686-apple-darwin11-llvm-gcc-4.2 (GCC) 4.2.1 (Based on Apple Inc. build 5658) (LLVM build 2336.11.00) * C Flags: -O2 -Werror -Wall -Wextra -std=c99 -Wbad-function-cast -Wmissing-prototypes -Wnested-externs -Woverride-init * C++ Compiler: i686-apple-darwin11-llvm-g++-4.2 (GCC) 4.2.1 (Based on Apple Inc. build 5658) (LLVM build 2336.11.00) * C++ Flags: -O2 -Werror -Wall -Wextra -Wpragmas -D_FORTIFY_SOURCE=2 -Waddress -Wchar-subscripts -Wcomment -Wctor-dtor-privacy -Wfloat-equal -Wformat=2 -Wmissing-field-initializers -Wmissing-noreturn -Wnon-virtual-dtor -Wnormalized=id -Woverloaded-virtual -Wpointer-arith -Wredundant-decls -Wshadow -Wshorten-64-to-32 -Wsign-compare -Wstrict-overflow=1 -Wswitch-enum -Wundef -Wunused-variable -Wwrite-strings -fwrapv -ggdb * CPP Flags: -I/usr/local/include * Assertions enabled: no * Debug enabled: no * Warnings as failure: no * SASL support: Am I doing something incorrectly? Thanks.

Read the article
Screen tearing with GeForce 550 Ti

- by Konair0s

Recently I switched to the new monitor and graphic card - DELL U2312HM and GeForce GTX 550 Ti. I have problems with screen tearing (like in this picture from Wikipedia). Usually it is somewhere in upper part of the screen. Mainly happens in videos (in flash videos tearing heavier). In games all fine, except in-game videos (sometimes even videos built on game engine), but gameplay itself is clear, even in very fast actions. Connection with DVI. Problems both in Linux (Debian GNU/Linux, openSUSE 12.1, Linux Mint 13) and Windows (Windows XP, Windows 7), with various driver versions. 1920x1080, 60Mhz. How can I resolve this?

Read the article
OpenVSwitch and Virtualbox configuration

- by Newbie

I am trying to setup a lab network with OpenVSwitch (Virtual L3 Switch). I want to connect my 3 Virtualbox guest machines (running Debian 6) using OpenVSwitch. But, confused as what should I do first and how should I do this. I mean should I install OpenVSwitch on my VM or on my host machine? If I install on my host machine, then should I make to connect to my VMs. OR If I install OpenVSwitch on one of my VM, then how to connect the rest of the VMs to virtual switch. I know, there is option to connect internal networks in virtualbox, but I a want L3 switch to interconnect my VLANs. Can someone guide me here. Please & Thank you.

Read the article
Transmission-daemon not picking up on watch directory

- by Mild Fuzz

Trying to get my transmission-daemon to pick up files from a dropbox folder, to make remote starting easier (it's a headless system). As far as I can tell, the settings.json file is as expected, but none of the files I place in the folder get picked up. I have checked that dropbox is syncing correctly. Here is the whole settings.json file, but the relevant lines are included below: "watch-dir": "/home/john/Dropbox/torrents", "watch-dir-enabled": true Update It appears to be a permissions issue. From /var/log/syslog: Unable to watch "/home/john/Dropbox/torrents": Permission denied (watch.c:79) I have tried stopping the daemon - sudo service transmission-daemon stop - changing permissions of folder using chown - sudo chown -R john /home/john/Dropbox/torrents - restarting daemon - sudo service transmission-daemon start Same result, however Update 2 Permissions for the folder are: drwsrwsrwx 2 john debian-transmission 4096 2012-04-09 19:40

Read the article
How to diagnose remote assistance problem

- by cantabilesoftware

I have a long standing issue with remote assistance between a home and work PC. My wife and I both use MSN messenger and I used to be able to control her PC at home via MSN Remote Assistance. Some time ago however this stopped working and I don't know why. We're both running the latest versions of MSN Live Messenger and I've checked the appropriate firewall ports are open, but it still doesn't work and MSN just says something useless like "The person isn't responding". Any suggestions for how can I diagnose this? More info: I just tried direct Remote Desktop between work PC and home PC and it works fine - so I presume all the appropriate ports are open. Just Remote Assistance doesn't work. I'd like to get RA working so I can demonstrate how to do things remotely. With Remote Desktop the person at the other end gets booted off and can't see. With Remote Assistance they can follow along step by step. Some comments below suggest using other solutions, which is fine and do work, but there must be a way to diagnose RA and get it working. Experimenting with this some more, the notebook that I was using at work today that refused to connect works fine for remote assistance when I bring it home. So I guess this must be a problem with our network configuration at work. I've checked that 3389 is open on firewall on office router and remote desktop works both ways.... just not remote assistance. I've read that remote assitance won't work if client and server are both behind Non-UPnP/NAT routers. If one has UPnP it's supposed to work. Office router doesn't have UPnP enabled but my home one does. I've also scoured the event logs on both ends, nothing noteworthy - unless I'm looking in the wrong spot). Note (copied from comment): I've just tried ShowMyPC which is based on VNC and it works, but I'd still like to figure out what's wrong with RA - it's just bugging me. The question is only about Remote Assistance, no need to propose solutions based on other programs.[/edit by Gnoupi]

Read the article
Limit disk I/O one program creates?

- by Posipiet

Hardware: one virtualization server. Dual Nehalem, 24GB RAM, 2 TB mirrored HD. Software: Debian, KVM, virt-manager on the server with several virtual machines that use Linux too. 2 TB Disk is a big LVM, each VM gets a logical volume and makes its own partitions in that. Problem: One of the programs that runs on one of the VMs creates huge disk load. This never was an issue, because the program never ran on such a powerful hardware. Now the CPUs are fast, and lots of I/O is the result. We cant do much against that at the moment, because the tool is a black box. On the other hand, the speedy computation is welcome. The program creates about 5 GB of temp files which get overwritten during the next iteration. Question: How can we limit the disk I/O for the process?

Read the article
Exim: How to turn off DKIM for forwarded mail?

- by Andrew

I have DKIM configured in Exim for outgoing mail, as per the documentation. Exim signs all outgoing mail. But some of that outgoing mail is forwarded, thanks to a users .forward file. This is a problem for me, because some of those messages are spam (my exim configuration does not do any verification) and I don't want to take responsibility for them. But I can't figure out how to configure Exim not to sign these messages. My configuration is basically the Debian Squeeze default, with a few DKIM_* macros set. I can post more details, but I think seeing any example of conditional DKIM signing would set me right.

Read the article
Indexing text file content with command line query

- by Drew Carlton

I take daily notes in a plaintext file labeled with date in the YYYYMMDD format. These files are no more than 100 lines long, and are written in a blog style format. I'd like to be able search these files as if they were blog posts indexed by google, with some phrase query returning the most relevant/recent date filenames, with a snippet containing the relevant part. Ideally it would be something like this: #searchindex "laptop no sound" returns: 20100909.txt: ... laptop sound isn't working... 20100101.txt ... sound is too loud... debating what laptop to buy... and so on and so forth. I'm working on a linux platform (Debian with GNOME). I've looked at beagle and tracker, but they just seem complete overkill for what I want.

Read the article
How can I view updatedb database content, and then exclude certain files/paths?

- by rubo77

The updatedb database on my debian server is quite slow. where is the database located and how can I view its content and find out if there are some paths with useless stuff, that I could add to the prunepaths? my /etc/updatedb.conf looks like this: ... # filesystems which are pruned from updatedb database PRUNEFS="NFS nfs nfs4 afs binfmt_misc proc smbfs autofs iso9660 ncpfs coda devpts ftpfs devfs mfs shfs sysfs cifs lustre_lite tmpfs usbfs udf" export PRUNEFS # paths which are pruned from updatedb database PRUNEPATHS="/tmp /usr/tmp /var/tmp /afs /amd /alex /var/spool /sfs /media /var/backups/rsnapshot /var/mod_pagespeed/" ... and how can I prune all paths that contain */.git/* and */.svn/* ?

Read the article
Getting Dell E6320 with I7 to work with 3 monitors at 1920x1080p x 3

- by MadBoy

I want to buy Dell E6320 which comes with Intel Core I7-2620M (2.70GHz, 4MB cache, Dual Core) with Intel HD Graphics 3000. Laptop will come with docking station. I want to connect 3 monitors to that docking station so that working at home would give me some additional boost. Docking station will allow me to connect only 2 monitors so I'm looking at following other options: Matrox TRIPLEHEAD2GO DIGITAL Edition or TRIPLEHEAD2GO DP Edition. But reading Matrox Support Page intel GPU can't run the highest resolution with 3 monitors connected, it even gets worse since it seems monitors would have to be able to work at 50hz. Also I'm not sure but it seems that Matrox doesn't split the monitors as 3 separate monitors but simply as one big space (which is a bit opposite to what I need) Buy 2 or maybe just 1 USB based monitor but it would also mean having 1 or 2 different monitors then the main one, unless I buy 3 USB based monitors which would mean more money to spend. Also I found only couple of models and most of them require USB 3.0 and no other cables to plug in (nice but costly - couldn't find decent monitor with only USB for sending signal and having power connected normally) . But docking station has only one USB 3.0 port. Can I use hub and still get it to work? Find some converters from Digital to USB (I think DisplayLink does some?) Buy different laptop but what kind? I need it to be I7, small (13"), fast and lightweight. At same time it requires docking station that I can use at home to connect 3 external monitors. Some other suggested solution... Edit: I need 3 monitors for work in terms of coding in Visual Studio or having word/excel/outlook open. Nothing fancy. Maybe some movie once in a while.

Read the article
Problem with Xen, xvda and sda

- by Javier J. Salmeron Garcia

I am creating a cloud for my university using Eucalyptus with Xen (PCs have Debian Squeeze 64 bit installed). I have a problem with the following guest configuration: # # Configuration file for the Xen instance evenmorefinalfoo, created # by xen-tools 4.2 on Thu May 26 11:03:06 2011. # # # Kernel + memory size # kernel = '/boot/vmlinuz-2.6.32-5-xen-amd64' ramdisk = '/boot/initrd.img-2.6.32-5-xen-amd64' vcpus = '1' memory = '128' # # Disk device(s). # root = '/dev/sda2 ro' disk = [ 'file:/home/xen/domains/evenmorefinalfoo/disk.img,sda2,w', 'file:/home/xen/domains/evenmorefinalfoo/swap.img,sda1,w', ] As you can see, the disk and swap images are meant to be mounted on sda1 and sda2. However, when I start the guest, these are mounted on xvda1 xvda2, provoking an error. Is there anything that I can do about that? It seems like it is a Xen error. Thank you in advance,

Read the article
ldap sync with outlook

- by Dr Casper Black

I have a task to research the possibilities of LDAP as a centralized Address Book. I have setup a openLDAP on debian 5.07. I managed to search the LDAP contacts from MS Outlook 2007 (with some drawbacks like Outlook cant recognize street and organization fields). My question is, is it possible ,& how, to sync data on LDAP server with applications that support LDAP? I could not find any data on this topic. EDIT: The point is, to have a centralized list of contacts that can be sync with various applications, for instance Outlook, Thunderbird, Phonebook on mobile phones...etc The Question is, Is it possible to transfer (update) data on a client application from LDAP database and viceversa? So not to search LDAP server data, but to download contact that are not available in the client application (Outlook) and upload data to LDAP if the contact is in (Outlook) and not in LDAP database and the other way around, in other words synchronize.

Read the article
How to install seleniumHQ for Python on Windows?

- by Katie

I would like to know how to install SeleniumHQ (http://seleniumhq.org/download/) on Windows XP/Vista/7? On Ubuntu/Debian system you need to just type those commands: $ sudo apt-get install python-pip $ sudo pip install selenium $ sudo apt-get install python-pip xvfb xserver-xephyr $ sudo pip install selenium and then I can do this: #!/usr/bin/env python from selenium import selenium # ... but how about Windows? Thanks for any help (I know where to find Selenium doc but still - would anybody be so kind to give me some steps: I mean, download this, do that ...) THANKS:)

Read the article
Solaris 10 opencsw git package issue with bitbucket git hosting

- by zephyrus00jp

Has anyone tried using `git' from opencsw package in order to work with bitbucket source hosting service (under solaris10)? I tried to use git as the bitbucket documentation explains, and - under Debian GNU/Linux, it worked flawlessly as described, but - under Solaris 10, I got Authentication Failed message. I even tried to run truss to see anything is suspicious but could not find any smoking gun under solaris why it failed. ldd git-binary didnd't show anything suspicious either (except for the libcrypt library which could be a suspicious to think about export restrictions. Have they shipped incompatible version? BUT since the password is typed into https: connection, I suspect it is only a matter of web-level cryptography and should be universal these days.) I am now tempted to compile git suite under solaris 10, but I did find people who seem to be using git with bitbucket under solaris 10 and am wondering what could be wrong.

Read the article
Secure Server Distro

- by Drama

Hello, I have a root-server (i7/24GB/1TB) running Ubuntu 10.04 LTS as my OS. After some security audits (OpenVAS, Retina etc) I see that Ubuntu isn't the most secure system for a semi-corporate environment. Its updated from many sources, ofc from the Ubuntu security repo too. But nevertheless I could exploit my OpenSSL install with an exploit from August/September. There are some critical updates needed which Ubuntu does not provide. I was using Debian and Ubuntu for almost 5 years but now I doubt. What distro is secure and up to date from your point of view? How can I make the server more secure? Outsourcing of every software-module to a VM? I am not new to server-hardening, my packages are up to date I read Ubuntu Security Notices and I have no unneeded services installed on my server. Thanks.

Read the article
syslog ip ranges to specific files using `rsyslog`

- by Mike Pennington

I have many Cisco / JunOS routers and switches that send logs to my Debian server, which uses rsyslogd. How can I configure rsyslogd to send these router / switch logs to a specific file, based on their source IP address? I do not want to pollute general system logs with these entries. For instance: all routers in Chicago (source ip block: 172.17.25.0/24) to only log to /var/log/net/chicago. all routers in Dallas (source ip block 172.17.27.0/24) to only log to /var/log/net/dallas. Finally, these logs should be rotated daily for up to 30 days and compressed. NOTE: I am answering my own question

Read the article

< Previous Page | 342 343 344 345 346 347 348 349 350 351 352 353 | Next Page >