Search Results

Search found 12281 results on 492 pages for 'ip blocking'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 352/492 | < Previous Page | 348 349 350 351 352 353 354 355 356 357 358 359  | Next Page >

  • Public Facing Recursive DNS Servers - iptables rules

    - by David Schwartz
    We run public-facing recursive DNS servers on Linux machines. We've been used for DNS amplification attacks. Are there any recommended iptables rules that would help mitigate these attacks? The obvious solution is just to limit outbound DNS packets to a certain traffic level. But I was hoping to find something a little bit more clever so that an attack just blocks off traffic to the victim IP address. I've searched for advice and suggestions, but they all seem to be "don't run public-facing recursive name servers". Unfortunately, we are backed into a situation where things that are not easy to change will break if we don't do so, and this is due to decisions made more than a decade ago before these attacks were an issue.

    Read the article

  • MySQL on Windows - how do I set the wait_timeout for connections using named pipes?

    - by gustafc
    I use a MySQL database running on a Windows box, and for performance reasons I'm connecting to it using named pipes. The (Java) application using the database (through Hibernate) can let the connection lie idle for quite a long time, which causes the connection to fail with the following message: com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: The last packet successfully received from the server was 33 558 297 milliseconds ago. The last packet sent successfully to the server was 33 558 297 milliseconds ago. is longer than the server configured value of 'wait_timeout'. You should consider either expiring and/or testing connection validity before use in your application, increasing the server configured values for client timeouts, or using the Connector/J connection property 'autoReconnect=true' to avoid this problem. autoReconnect unfortunately has no effect (and neither does autoReconnectForPools), but the wait_timeout docs state that wait_timeout only applies "to TCP/IP and Unix socket file connections, not to connections made via named pipes, or shared memory". How can I change the wait_timeout for named pipes?

    Read the article

  • Listing the routing table takes long time to complete

    - by Rafal Rawicki
    When I print routes defined on my computer using route, it takes about 5 to 20 seconds to complete. Why does it take so much time? With VPN enabled: $ time sudo route Kernel IP routing table (...) real 0m21.423s user 0m0.000s sys 0m0.012s With no VPN, this is about 5 seconds - still, computer can do a lot in this time. I've repeated my measurements few times, getting very similar results each try. My machine is Ubuntu with 3.0.0 kernel, but as far as I know, route on the other computers works the same way.

    Read the article

  • Wired and wireless conections: force Windows to connect to laptop through Ethernet?

    - by danielkza
    I have a desktop connected to the internet and to my home network through Wi-Fi, and a latptop connected to said desktop through an Ethernet cable. But Windows seems to only reach the laptop through Wi-Fi: I want to transfer files through the wired connection instead. Setting up Internet Connectin Sharing and disconnecting the laptop from Wi-Fi altogether doesn't seem like the most elegant solution to me. I also thought about going to the hosts file and setting up the IP address manually, but that would make the laptop completely unavailable if it's not wired, which happens quite often unfortunately. Is there any way for me to tell Windows to use the wired connection for a particular host if possible, and fallback to any other route it finds otherwise?

    Read the article

  • How do I change the document root of a Linux Apache server?

    - by Daryl Spitzer
    I'm trying to learn how to configure an Apache HTTP server (with which I have no experience) someone else has setup in a VM running Ubuntu 8.04. I know the server is running, since I get "<html><body><h1>It works!</h1></body></html>" when I go to http://1.2.3.4/ (where 1.2.3.4 is the VM's IP number). I found apache2.conf and httpd.conf (among other files) in /etc/apache2/. httpd.conf is empty. I tried adding DocumentRoot "/home/username/temp" into /etc/apache2/httpd.conf and put some simple HTML in /home/username/temp/index.html. But when I reload http://1.2.3.4/ there's no change. Do I need to restart httpd to get it to accept the change to DocumentRoot?

    Read the article

  • Asterisk Connection not working

    - by Tamas Ionut
    I have installed Asterisk on VirtualBox by following the steps from here. Everything went ok until I got to navigate to an IP to configure Asterisk using FreePBX: 10.0.2.15 (Shouldn't be something like 192.168.x.y?? ). However, when I navigated to that url from outside of VirtualBox, that url pointed to nothing. Also I am logged in as root@localhost. Should I be logged in as root@server? I have also validated the installation as described here and everything went well. I am a complete beginner at Asterisk.

    Read the article

  • How can I solve Windows PPTP VPN issues?

    - by Robin M
    I'm having persistent problems with Windows PPTP VPN connections. The VPN appears up whilst the tunnel won't transfer traffic (ping to a remote IP within the VPN works for a while, and then fails). The client receives routing information via DHCP. When the connection fails, the routing table is still correct so I don't think it's a routing problem. My internet connection is via an ADSL2 line. There's software to deal with PPTP problems, like TunnelRat, but I don't want to install v1.1 of the .NET framework and I'd rather get to the bottom of the problem (I have multiple VPN connections and some are more unreliable than others). What can I do to get to the bottom of this? Alternatively, what can I do to keep the connection alive?

    Read the article

  • Cisco, How to do a subnetting scheme using VLSM and RIP-2?

    - by Andrei T. Ursan
    I'm studying for my CCNA exam and I have to create a VLSM scheme using RIP-2 for the following requirements: (this is an exercise) Use the class C network 192.168.1.0 network for your point-to-point connections Using the Class A network 10.0.0.0, plan for the following number of hosts in each location: New York: 1000 Chicago: 500 Los Angeles: 1000 On the LAN and point-to-point connections, select subnet masks that use the smallest ranges of IP addresses possible given the above requirements. In all cases, use the lowest possible subnet numbers. Subnet zero is allowed. My guess is the following: New York: S0/0 192.168.1.1 /24 Fa0/0 10.1.0.1 netmask 255.255.248.0 - because we need 1000 hosts Chicago: S0/0 192.168.1.2 /24 Fa0/0 10.2.0.1 netmask 255.255.252.0 (for 500 hosts) Los Angeles: S0/0 192.168.2.3 /24 Fa0/0 10.3.0.1 netmask 255.255.248.0 (for 1000 hosts) Is this a good configuration? I'm reading the CCNA book but not everything is very clear, so I said to do some exercises... Thank you!

    Read the article

  • How to set up Windows server 2008 to receive email?

    - by Saul
    First off apologies, I'm from a medical background not a networking one, but I've got roped into setting up a windows 2008 server. So far web server running, fixed IP address assigned (within a large private network of the National Health Service in the UK if that makes any difference) and the network team have assigned a DNS entry for me which works, so the server can be addressed as nww.myserver.nhs.uk I've only got ports open on the router for 80 and 443 (http and https) at the moment, so presume I need a different port to enable email services. My need is to be able to accept an email to the domain name like [email protected] in order to pick up a confirmation mail from an SSL issuer (Comodo) I guess to confirm that I control the domain. After that I don't actually need mail services on the server. I see lots of stuff about setting up SMTP services but thought that was about mail out and re-routing, but how do you get the server to "listen" for mail to the domain (assuming I open port xyz or whatever it is) ?

    Read the article

  • Urgent SSH Local Port Redirection

    - by Salina Odelva
    Hi, everyone. I have a shell account but the admin has restricted ssh access to the server. The server is listening on 0.0.0.0:22 but the firewall blocks any incoming attempts to this port. He says he is doing maintenance but I don't believe him and I need to backup my stuff with ssh. My question is that: Is it possible to do this: Me (Wan IP) <- Hosting Server (tcp/8080) redirects to Hosting Server (tcp/22) I don't want to involve my own linux machine in this and I can only make use of ssh.. Thanks!!

    Read the article

  • Hyper-V Server hvremote.wsf Script - ns lookup for DNS Verification test fails

    - by Vazgen
    I'm trying to connect my Hyper-V Server to a Windows 8 client for remote management. I have: Joined server to WORKGROUP Enabled Remote Management Set the server name Set a static IP Set the DNS servers to my ISPs DNS Servers (same as default DNS Servers on my Windows 8 remote management client) Set the correct time zone Created net user on server (net user /add admin password) Added user to special Administrators group on server (hvremote /add:admin) Granted anonymous dcom access on client using hvremote However, the "ns lookup for DNS verification" fails on both the client and server with the same error: Server: my.isps.server.name.net Address: 111.222.333.1 *** my.isps.server.name.net can't find 192.168.1.3: Non-existent domain Thanks for the help.

    Read the article

  • NIC bonding with two uplinks

    - by Karolis T.
    Is bonding the preferred way of implementing ISP redundancy? In the texts I've seen, bond device has a netmask, gateway of it's own. How can this be obtained if there are two different gateways from two uplinks, which one to choose? Do I need any special routing rules to go with it or does simply configuring separate interfaces (using Debian, /etc/network/interfaces), i.e eth1, eth2 for their corresponding uplinks and bonding them to bond0 handle routing automatically? If I want to NAT client machines, do they use bond device's IP as a gateway? Does the bond0 device is the device that goes into iptables nat rules? Thanks

    Read the article

  • reverse nslookup fails for single machine

    - by matt wilkie
    I have a computer on a windows Active Directory network for which reverse dns lookup fails. It doesn't matter which machine runs the lookup. The problem computer is a debian vm on a windows server 2003 host. >nslookup wiki.dept Server: primary.internal.domain.org Address: 192.111.222.44 Name: wiki.dept.internal.domain.org Address: 192.111.111.185 >nslookup 192.111.111.185 Server: primary.internal.domain.org Address: 192.111.222.44 *** primary.internal.domain.org can't find 192.111.111.185: Non-existent domain Contents of /etc/resolv.conf on the debian guest: nameserver 192.111.111.244 nameserver 192.111.222.44 search internal.domain.org What is wrong? how do I get ip-to-name resolution to work for this machine? Thank you.

    Read the article

  • I can access \\server via explorer but a program wont

    - by Michael Savage
    From ServerA I can access \\ServerB\Telephony\Files\abcdefgh.pdf using windows explorer. From the same ServerA when I try to access the same file on ServerB using a program (a program that imports files from csv file) I get "File Not Found" error. On \\ServerB\Telephony\ the Share is on and I added the service account that I used to log in to ServerA. I am clueless. Please suggest. (oh, it's a Windows 2008 R2 Server) (btw, I did try IP Address, FQDN but works with Explorer but CVS Importer wont read the path. At one time, I did get Access Denied but I dont get access denied anymore after adding the service account to the share. firewalls are off on the servers) Update: I go to My Computer Network I see many servers but ServerB is not in the list..

    Read the article

  • How can I force all internet traffic over a PPTP VPN but still allow local lan access?

    - by user126715
    I have a server running Linux Mint 12 that I want to keep connected to a PPTP VPN all the time. The VPN server is pretty reliable, but it drops on occasion so I just want to make it so all internet activity is disabled if the VPN connection is broken. I'd also like to figure out a way to restart it automatically, but that's not as big of an issue since this happens pretty rarely. I also want to always be able to connect to the box from my lan, regardless of whether the VPN is up or not. Here's what my ifconfig looks like with the VPN connected properly: eth0 Link encap:Ethernet HWaddr 00:22:15:21:59:9a inet addr:192.168.0.171 Bcast:192.168.0.255 Mask:255.255.255.0 inet6 addr: fe80::222:15ff:fe21:599a/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:37389 errors:0 dropped:0 overruns:0 frame:0 TX packets:29028 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:37781384 (37.7 MB) TX bytes:19281394 (19.2 MB) Interrupt:41 Base address:0x8000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:1446 errors:0 dropped:0 overruns:0 frame:0 TX packets:1446 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:472178 (472.1 KB) TX bytes:472178 (472.1 KB) tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:10.10.11.10 P-t-P:10.10.11.9 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:14 errors:0 dropped:0 overruns:0 frame:0 TX packets:23 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:1368 (1.3 KB) TX bytes:1812 (1.8 KB) Here's an iptables script I found elsewhere that seemed to be for the problem I'm trying to solve, but it wound up blocking all access, but I'm not sure what I need to change: #!/bin/bash #Set variables IPT=/sbin/iptables VPN=`ifconfig|perl -nE'/dr:(\S+)/&&say$1'|grep 10.` LAN=192.168.0.0/24 #Flush rules $IPT -F $IPT -X #Default policies and define chains $IPT -P OUTPUT DROP $IPT -P INPUT DROP $IPT -P FORWARD DROP #Allow input from LAN and tun0 ONLY $IPT -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT $IPT -A INPUT -i lo -j ACCEPT $IPT -A INPUT -i tun0 -m conntrack --ctstate NEW -j ACCEPT $IPT -A INPUT -s $LAN -m conntrack --ctstate NEW -j ACCEPT $IPT -A INPUT -j DROP #Allow output from lo and tun0 ONLY $IPT -A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT $IPT -A OUTPUT -o lo -j ACCEPT $IPT -A OUTPUT -o tun0 -m conntrack --ctstate NEW -j ACCEPT $IPT -A OUTPUT -d $VPN -m conntrack --ctstate NEW -j ACCEPT $IPT -A OUTPUT -j DROP exit 0 Thanks for your help.

    Read the article

  • Can't add printer on Windows XP

    - by SuperFurryToad
    I've added a HP 4250 printer to about half a dozen Windows XP PCs in our office without any problems whatsoever, but for some reason I haven't been able to add it to one particular PC today. I go through the Add Printer wizard to add a local printer attached to the PC, enter the new port number as a Standard TCP/IP Port, install the driver. At the end of the wizard I get the following error message: Full error message: "windows cannot connect to the printer. either the printer name was typed incorrectly, or the specified printer has lost its connection to the server." This doesn't make any sense as I am able to ping the printer from the PC. The print spooler is running, and any firewall software on the local PC is switched off.

    Read the article

  • PTR Record for host in VLSM subnet

    - by paradroid
    I understand that this is the way a PTR record would be made on a Class A subnet (10.100.250.100 255.0.0.0) dnscmd /RecordAdd 10.in-addr.arpa. 100.250.100 PTR host.domain.tld To clarify the syntax, this is what it should be for a Class C subnet (192.168.1.100 255.255.255.0) dnscmd /RecordAdd 1.168.192.in-addr.arpa. 100 PTR host.domain.tld Is that right? Now how do I do this for a host with the IP address 172.31.111.210 on a 172.31.111.192/26 network? I'm not sure how to do this with a classless subnet mask.

    Read the article

  • Cannot connect to a VPN server - authentication failed with error code 691

    - by stacker
    When trying to connect to a VPN server, I get the 691 error code on the client, which say: Error Description: 691: The remote connection was denied because the user name and password combination you provided is not recognized, or the selected authentication protocol is not permitted on the remote access server. Now, I validated that the username and password are correct, and tried to login with domain name and without. I also installed a certification to use with the IKEv2 security type. I also validated that the VPN server support security method. But I cannot login. In the server log I get this log: Network Policy Server denied access to a user. The user DomainName\UserName connected from IP address but failed an authentication attempt due to the following reason: The remote connection was denied because the user name and password combination you provided is not recognized, or the selected authentication protocol is not permitted on the remote access server. Any idea of what can I do? Thanks in advance!

    Read the article

  • The concept of virtual host and DNS [migrated]

    - by Subhransu
    I have a dedicated server and a mydomain.com (bought from a hosting company). I want to host a website from my dedicated server with the domain mydomain.com i.e. when I enter mydomain.com from browser it should point to the IP(let's say X.X.X.X) of dedicated server(and a particular folder inside it). I have some following queries: In Server I know I need to edit some of the files (like: host or hostname file) in the server but I do not know what exact file I need to edit. How to add a Site enable or Site available in apache2 ? In Hosting Company control Panel Which records to add (A or cname or anyother)? Where Should I add DNS(in dedicated server section or domain name section)? How it is going to affect the behaviour of the domain? in short the question is: How the virtual host works & how to add DNS?

    Read the article

  • prevent search engines indexing depending on domain

    - by Javier
    We have a dedicated server with a hosting company with a couple of dozens of webs in it. It happens that the nameservers (EG: ns1.domain.com, ns2.domain.com) ip's are coincident with some client webs, let's say webclient1.com and webclient2.com Problem is that for a certain searches in google, some results are showing up like ns1.domain.com/result instead of webclient1.com/result which is pretty wrong and annoying for our clients. Actually if you type in the browser ns1.domain.com or ns2.domain.com it will load some pageclients instead. Is there any way to prevent google to track those results only in case the robots are coming to check ns domains? It may be not correct to ask this as well, but why is it happening? is it a result of a bad server configuration? I'm pretty new on these matters, so thank you in advance for any help!

    Read the article

  • How to make AD highly available for applications that use it as an LDAP service

    - by Beaming Mel-Bin
    Our situation We currently have many web applications that use LDAP for authentication. For this, we point the web application to one of our AD domain controllers using the LDAPS port (636). When we have to update the Domain Controller, this has caused us issues because one more web application could depend on any DC. What we want We would like to point our web applications to a cluster "virtual" IP. This cluster will consist of at least two servers (so that each cluster server could be rotated out and updated). The cluster servers would then proxy LDAPS connections to the DCs and be able to figure out which one is available. Questions For anyone that has had experience with this: What software did you use for the cluster? Any caveats? Or perhaps a completely different architecture to accomplish something similar?

    Read the article

  • Good maintained privacy Add-On/settings set that takes usability into account?

    - by Foo Bar
    For some weeks I've been trying to find a good set of Firefox Addons that give me a good portion of privacy/security without losing to much of usability. But I can't seem to find a nice combination of add-ons/settings that I'm happy with. Here's what I tried, together with the pros and cons that I discovered: HTTPS Everywhere: Has only pro's: just install and be happy (no interaction needed), loads known pages SLL-encrypted, is updated fairly often NoScript - Fine, but needs a lot of fine-tuning, often maintained, mainly blocks all non-HTML/CSS Content, but the author sometimes seems to do "untrustworthy" decission RequestPolicy - seems dead (last activity 6 months ago, has some annoying bugs, official support mail address is dead), but the purpose of this is really great: gives you full control over cross-site requests: blocks by default, let's you add sites to a whitelist, once this is done it works interaction-less in the background AdBlock Edge: blocks specific cross-site requests from a pre-defined whitelist (can never be fully sure, need to trust others) Disconnect: like AdBlock Edge, just looking different, has no interaction possibilities (can never be fully sure, need to trust others, can not interact even if I wanted to) Firefox own Cookie Managment (block by default, whitelist specific sites), after building own whitelist it does it's work in the background and I have full control All These addons together basically block everything unsecure. But there are a lot of redundancies: NoScript has a mixed-content blocker, but FF has it's own for a while now. Also the Cookie blocker from NoScript is reduntant to my FF-Cookie setting. NoScript also has an XSS-blocker, which is redundant to RequestPolicy. Disconnect and AdBlock are extremly redundant, but not fully. And there are some bugs (especially RequestPolicy). And RequestPolicy seems to be dead. All in all, this list is great but has these heavy drawbacks. My favourite set would be "NoScript Light" (only script blocking, without all the additonal redundant-to-other-addons hick-hack it does) + HTTPS Everywhere + RequestPolicy-clone (maintained, less buggy), because RequestPolicy makes all other "site-blockers" obsolete (because it blocks everything by default and let's me create a whitelist). But since RequestPolicy is buggy and seems to be dead I have to fallback to AdBlock Edge and Disconnect, which don't block all and and need more maintaining (whitelist updates, trust-check). Are there addons that fulfill my wishes?

    Read the article

  • On RouterOS, how will transparent proxying (with DNAT) affect reporting of netflows?

    - by Tim
    I have a box running Mikrotik RouterOS, which is set up to do transparent web proxying, as described here. In short, this means that I have a firewall rule for destination NAT causing any port 80 traffic to get redirected to port 8080 on the router, which is received by the Mikrotik local web proxy. The local web proxy then makes the web request on the client's behalf, in this case to a parent web proxy server (which in turn does the real web request). My question is, how will this two-part process get reported in the logging of traffic flow information (netflows)? Looking at the logged information, what I seem to be seeing is this: One flow recorded from client machine (private IP) to remote proxy (8080) Another flow recorded from router to remote proxy (8080) The original request that the client made to port 80 isn't recorded. I want to write code to analyse traffic usage, so I want to be sure I'm not losing information if I discard the latter of these.

    Read the article

  • How to upgrade a single instance's size without downtime

    - by Justin Meltzer
    I'm afraid there may not be a way to do this since we're not load balancing, but I'd like to know if there is any way to upgrade an EC2 EBS backed instance to a larger size without downtime. First of all, we have everything on one instance: both our app and our database (mongodb). This is along the lines i'm thinking: I know you can create snapshots of your EBS and an AMI of your instance. We already have an AMI and we create hourly snapshots. If I spin up a new separate instance of a larger size and then implement (not sure what the right term is here) the snapshots so that our database is up to date, then I could switch the A record of our domain from the old ip address to the new one. However, I'm afraid that after copying over the data from the snapshot, by the time it takes to change the A record and have that change propagate, the data could potentially be stale. Is there a way to prevent this, and is there a better way to do this than I am suggesting?

    Read the article

  • Oracle Advanced Security Options is Blank

    - by mak4pi
    I just installed Oracle DB 10gR2 with Oracle Advanced Security, but cannot see the algorithms. [user@db-1] adapters Installed Oracle Net transport protocols are: IPC BEQ TCP/IP SSL RAW Installed Oracle Net naming methods are: Local Naming (tnsnames.ora) Oracle Directory Naming Oracle Host Naming Oracle Names Server Naming Installed Oracle Advanced Security options are: Where are all the algorithms for Oracle Advanced Security options please? I checked the $ORACLE_HOME/bin/adapters file and it's looking for naea256i, naemd5i, etc. in the naetab.so file, but none of these are listed in the naetab.so file. What's wrong with the naetab.so file? Thanks.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 348 349 350 351 352 353 354 355 356 357 358 359  | Next Page >