Search Results

Search found 41561 results on 1663 pages for 'linux command'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 508/1663 | < Previous Page | 504 505 506 507 508 509 510 511 512 513 514 515  | Next Page >

  • How do I format this regex so it will work in fail2ban?

    - by chapkom
    I've just installed fail2ban on my CentOS server in response to an SSH brute force attempt. The default regular expressions in fail2ban's sshd.conf file do not match any entries in audit.log, which is where SSH seems to be logging all connection attempts, so I am trying to add an expression that will match. The string I am trying to match is as follows: type=USER_LOGIN msg=audit(1333630430.185:503332): user pid=30230 uid=0 auid=500 subj=user_u:system_r:unconfined_t:s0-s0:c0.c1023 msg='acct="root": exe="/usr /sbin/sshd" (hostname=?, addr=<HOST IP>, terminal=sshd res=failed)' The regular expression I am attempting to use is: ^.*addr=<HOST>, terminal=sshd res=failed.*$ I've used regextester.com and regexr to try to build the regex. The testers give me a match for this regex:^.*addr=\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}, terminal=sshd res=failed.*$ but fail2ban-regex complains if I don't use the <HOST> tag in the regex. However, using ^.*addr=<HOST>, terminal=sshd res=failed.*$ gives me 0 matches. At this point, I am totally stuck and I would greatly appreciate any assistance. What am I doing wrong in the regex I am trying to use?

    Read the article

  • subversion: enforce TLS

    - by Daniel Marschall
    Hello, I am running subversion on a Debian Squeeze system with Apache2 and mod_dav for viewing the contents with a webbrowser. I want to enforce the usage of TLS, so that the login data and the SVN contents cannot be read from the connection. I have tried following: <Location /svn> DAV svn SVNParentPath /daten/subversion/ # our access control policy AuthzSVNAccessFile /daten/subversion/access_control # try anonymous access first, resort to real # authentication if necessary. Satisfy Any Require valid-user # how to authenticate a user AuthType Basic AuthName "Subversion repository" AuthUserFile /daten/subversion/.htpasswd # Test SSLRequireSSL RewriteEngine On RewriteCond %{SERVER_PORT} !443 RewriteRule ^svn/(.)$ https://www.viathinksoft.de/svn/$1 [R,L] </Location> at file /etc/apache2/conf.d/subversion.conf Alas, this does not work. There is no redirect and there is still a HTTP request working at /svn/(projectname)/(somefolder) . This SSL-enforce-policy should work for - viewing the contents with webbrowser - retrieve contents with TurtoiseSVN client - committing contents with TurtoiseSVN client Can you please help me? Regards Daniel Marschall

    Read the article

  • Script for checking the nologin accounts and then disable the account

    - by suma
    "Could you please share the scripts which does the below ?" I have written a script that scans all the relevent logs daily, makes a list of people that have had any activity that day, and maintains database (just a text file) of users and the last time they logged in. Then I have a second script that examines the database for dates more than x days ago, an notifies the user and administrator 2 weeks prior to locking the account. And if there are any dates more than x+y days ago, deletes the account altogether. This seems to be working for me - but I would like to use a non-proprietary solution if one is available. "Could you please share the scripts?"

    Read the article

  • WMII Terminal Width of 80 Columns for xterm (colrules)

    - by BCable
    I'm trying to get WMII to split horizontally at 80 columns for xterm, but I'm only seeing a way to do this via percentage. It would be nice to be able to set it by something other than percentage for various resolutions, but if I have to deal with that I will. The problem is that even percentages don't work at my resolution (1366x768). 47+47 in /colrules yields 79 characters and 48+48 yields 81 characters. As far as I can tell, there is no decimal system allowed so I could do 47.5 for instance. I came from Ion3 and I'm used to using 80 column terminals, resizable by the keyboard, to get a reasonable cut off point for VIM when I'm coding. I would just settle with using the mouse, but WMII seems to be much more fluid than Ion3, so I would have to do it a LOT, which sounds annoying. Any ideas?

    Read the article

  • Iptables mark incoming packet - vpn routing

    - by Tom
    I have connected my home to my workplace for out of house backup reasons through openvpn. The connection is working nicely. At work I have 5 fixed IP addresses. Now I would like to assign one of these IP addresses to be forwarded to my home machine. I have confirmed packet arrival at my home machine with tcpdump. The problem is that my default route at home is NOT the tun0 (naturally), but eth0 to my own ISP. So I created a separate routing table to route my tun0 packets back to where they belong, but do not how to mark the incoming packet which arrive through tun0 with iptables, so I can drive them back. I do not want any port restrictions, but only what comes from tun0 should leave through tun0 thanks tom

    Read the article

  • How can I prevent firefox from using bitmap fonts at certain zoom levels?

    - by Ryan Thompson
    In firefox 3.6 on Ubuntu 9.10, certain sites seem to use bitmap fonts for any fixed-width fonts, but only at specific zoom levels. This site and other stackexchange sites are among the affected sites, and of course the default zoom level is affected. At unaffected zoom levels, I get the expected smooth curvy fonts. How can I make firefox use the nice curvy smooth fonts at all zoom levels?

    Read the article

  • Limiting Failed SSH Logins

    - by nitins
    I would like to limit failure retries on my Fedora machine to 5. I think I can accomplish it with PAM. But was unable to to do this. I have referred to this article to do this http://www.puschitz.com/SecuringLinux.shtml Please provide suggestions

    Read the article

  • Read floppy from OpenVMS machine

    - by Goyuix
    I have a floppy I need to read the contents from - unfortunately it was formatted and the data written on an OpenVMS server. I believe the floppy is formatted "Files-11" and I can see parts of the MFT [equivalent] and file contents through a hex editor, however I would love to be able to mount this and actually read the files off. Is there a Files-11 FUSE module or other kernel module I can install to read this format? Any standalone utilities that can understand a floppy image taken with dd?

    Read the article

  • Keepalived for more than 20 virtual addresses

    - by cvaldemar
    I have set up keepalived on two Debian machines for high availability, but I've run into the maximum number of virtual IP's I can assign to my vrrp_instance. How would I go about configuring and failing over 20+ virtual IP's? This is the, very simple, setup: LB01: 10.200.85.1 LB02: 10.200.85.2 Virtual IPs: 10.200.85.100 - 10.200.85.200 Each machine is also running Apache (later Nginx) binding on the virtual IPs for SSL client certificate termination and proxying to backend webservers. The reason I need so many VIP's is the inability to use VirtualHost on HTTPS. This is my keepalived.conf: vrrp_script chk_apache2 { script "killall -0 apache2" interval 2 weight 2 } vrrp_instance VI_1 { interface eth0 state MASTER virtual_router_id 51 priority 101 virtual_ipaddress { 10.200.85.100 . . all the way to . 10.200.85.200 } An identical configuration is on the BACKUP machine, and it's working fine, but only up to the 20th IP. I have found a HOWTO discussing this problem. Basically, they suggest having just one VIP and routing all traffic "via" this one IP, and "all will be well". Is this a good approach? I'm running pfSense firewalls in front of the machines. Quote from the above link: ip route add $VNET/N via $VIP or route add $VNET netmask w.x.y.z gw $VIP Thanks in advance. EDIT: @David Schwartz said it would make sense to add a route, so I tried adding a static route to the pfSense firewall, but that didn't work as I expected it would. pfSense route: Interface: LAN Destination network: 10.200.85.200/32 (virtual IP) Gateway: 10.200.85.100 (floating virtual IP) Description: Route to VIP .100 I also made sure I had packet forwarding enabled on my hosts: $ cat /etc/sysctl.conf net.ipv4.ip_forward=1 net.ipv4.ip_nonlocal_bind=1 Am I doing this wrong? I also removed all VIPs from the keepalived.conf so it only fails over 10.200.85.100.

    Read the article

  • /etc/hosts.deny ignored in Ubuntu 14.04

    - by Matt
    I have Apache2 running on Ubuntu 14.04LTS. To begin securing network access to the machine, I want to start by blocking everything, then make specific allow statements for specific subnets to browse to sites hosted in Apache. The Ubuntu Server is installed with no packages selected during install, the only packages added after install are: apt-get update; apt-get install apache2, php5 (with additional php5-modules), openssh-server, mysql-client Following are my /etc/hosts.deny & /etc/hosts.allow settings: /etc/hosts.deny ALL:ALL /etc/hosts.allow has no allow entries at all. I would expect all network protocols to be denied. The symptom is that I can still web browse to sites hosted on the Apache web server even though there is a deny all statement in /etc/hosts.deny The system was rebooted after the deny entry was added. Why would /etc/hosts.deny with ALL:ALL be ignored and allow http browsing to sites hosted on the apache web server?

    Read the article

  • Create kickstart configuration file from existing configuration.

    - by ÜMineiro
    Is there a script or another way to automatically generate a kickstart configuration file from the system state of an existing server so that the file can be use to replicate (not clone) the configuration of the system in another install? I know that the anaconda-ks.cfg file is stored on the /root dir. but the system in question have been extensively changed since it's installation, and the file is of no use now.

    Read the article

  • php startup error Invalid library (maybe not a PHP library) 'pcntl.so'

    - by And-y
    After searching for hours to solve my problem and found nothing helpful I ask my first question here. I want to compile and install php 5.3.17 cli with pcntl extension enabled on a Debian server. The installation was successfull but when I start php cli, the following error is displayed: PHP Warning: PHP Startup: Invalid library (maybe not a PHP library) 'pcntl.so' in Unknown\ on line 0 The following configure is used: './configure' '--prefix=/usr/share' '--datadir=/usr/share/php' '--bindir=/usr/bin' '--libdir=/usr/share' '--includedir=/usr/include' '--with-config-file-path=/etc/php5/cli' '--disable-cgi' '--enable-bcmath' '-- enable-inline-optimization' '--enable-mbstring' '--enable-mbregex' '--enable-pcntl' '--enable-sigchild' '--enable-shmop' '--enable-sysvmsg' '--enable-sysvsem' '--enable-sysvshm' '--with-mysql' '--with-imap' '--with-imap-ssl' '--with-kerberos' In the php.ini following options are set: extension_dir=/usr/lib/php5/20090626/ extension=pcntl.so I hope someone can help me.

    Read the article

  • How to free up block device that is mounted to an inaccessible place?

    - by Vi
    root@vi-notebook:~# cat /proc/mounts | grep raidy /dev/md0 /root/e/i/wpc2/boot/mnt/raidy reiserfs ro,nosuid,nodev,noexec,noatime 0 0 root@vi-notebook:~# umount -n /root/e/i/wpc2/boot/mnt/raidy umount: /root/e/i/wpc2/boot/mnt/raidy: Transport endpoint is not connected root@vi-notebook:~# mount /dev/md/raidy /mnt/raidy/ -t reiserfs -o nodev,nosuid,noexec,acl,noatime mount: /dev/md0 already mounted or /mnt/raidy/ busy The only workaround I found is: root@vi-notebook:~# losetup /dev/loop0 /dev/md/raidy root@vi-notebook:~# mount /dev/loop0 /mnt/raidy/ -t reiserfs -o nodev,nosuid,noexec,acl,noatime

    Read the article

  • Minimizing windows to tray in xfce

    - by Gryllida
    For XFCE (v. 4.8), I'm searching for possible options to minimize windows to tray (iconify). This means that 1) they're not in the window listing and 2) they're not in the alt+TAB menu and 3) when closed, the window hides (it disappears from window listing but still stays running). "alltray" has some weird GTK-related bug (https://bugs.launchpad.net/alltray/+bug/589831; windows hide but unhiding doesn't do anything; they stay in the tray icon until the user undocks them). "trayer" complains that "another systray is already running" and there's no obvious workaround. This question here is to ask about possible minimalistic (as everything in XFCE is) solutions which don't involve manual compiling, and aren't an overkill like cairo-dock is (a rather bloated gnome-style application which creates a new large 'tray' instead of using the existing one). Thanks!

    Read the article

  • if the file changes send email about diff

    - by user62367
    I have 2 script. Script "A", Script "B". Script A is regulary watching the dhcpacks [dhcp release is configured to 2mins] in the logs, for the past 2 minutes. It writes the MAC addresses to a file [/dev/shm/dhcpacks-in-last-2min.txt] every 2 minutes. Ok, this is working, active clients are in this file. Super! Script B: On pastebin I'm trying to create a script, that watches the changes in /dev/shm/dhcpacks-in-last-2min.txt file ( every 1 sec). Ok. But: my watcher script [the pastebined][1] is not working fine - sometime it works, sometime it sends that someoneXY logged out`, but it's not true! Nothing happened, and the problem is not in the Script A. Can someone help me point out, what am I missing? How can I watch a file (in every sec), that contains only MAC addresses, and if someone doesn't get dhcpack in 2 minutes, the file /dev/shm/dhcpacks-in-last-2min.txt changes, and that clients MAC address will be gone from it, and i need to know, who was it [pastebined my script - but somethings wrong with it]. Thank you for any help..I've been pathing my script for days now.. :\

    Read the article

  • How to repair unbootable Fedora install

    - by Cerin
    How do you repair/reinstall Fedora without deleting any existing partitions or data? I was attempting to upgrade some old Fedora 13 servers to 17, following the instructions in the wiki. After the 14-15 upgrade, rebooting resulted in the output: Dropping to debug shell. sh: can't access tty; job control turned off dracut:/# Running dmesg also shows: dracut Warning: No root device "block:/dev/mapper/VolGroup-lv_root" found Googling shows this error is typically related to some weird RAID issues, but my server is a virtual machine not using any RAID. Using a rescue CD, I can chroot /mnt/sysimage, and all packages and data still seems to be there. How do I make the system bootable again?

    Read the article

  • Tool to convert a file of HEX to ASCII character set?

    - by Aaron
    Question: Is there a known tool to convert a file consisting of 2 byte Hex into ascii? Note: - Maintain file offset listing in bytes Example: File contents: 00000000 0054 0065 0073 0074 0020 0054 0065 0073 00000008 0074 0020 0054 0065 0073 0074 0020 0054 00000016 0065 0073 0074 0020 0054 0065 0073 0074 00000024 0020 0054 0065 0073 0074 0020 0054 0065 00000032 0073 0074 0020 0054 0065 0073 0074 0020 00000040 0054 0065 0073 0074 000a 0054 0065 0073 00000048 0074 0020 0054 0065 0073 0074 0020 0054 00000056 0065 0073 0074 0020 0054 0065 0073 0074 00000064 0020 0054 0065 0073 0074 0020 0054 0065 Expected output 00000016 0065 0073 0074 0020 0054 0065 0073 0074 |est Test Test Te| 00000032 0073 0074 0020 0054 0065 0073 0074 0020 |st Test Test.Tes| 00000048 0074 0020 0054 0065 0073 0074 0020 0054 |t Test Test Test| 00000064 0020 0054 0065 0073 0074 0020 0054 0065 | Test Test Test |

    Read the article

  • Running OLEDB VB6 Windows Progam Under Wine

    - by Beaner
    I'm trying to install a VB6 Windows program that uses OLEDB to access VFP tables to run under Wine 1.0.1 on Ubuntu 9.10. Wine is configured to Windows version Windows XP. The program install ran okay, and I used winetricks to install MDAC 2.8 and JET 4.0 sp7. I also installed Microsoft's vfpoledb and vfpodbc drivers. The application starts and displays an error message, item cannot be found in the collection corresponding to the requested name or ordinal. Does anyone have an idea how to fix this?

    Read the article

  • How to correctly set up iWARP? Preferably on loopback

    - by ajdecon
    iWARP is a protocol for doing remote direct memory access (RDMA) on top of TCP/IP, so that it can work with Ethernet and other network types as opposed to Infiniband. It works with many of the standard IB interfaces - the IB verbs, for example - so it's all pretty transparent. I'm doing some IB-verbs programming (mostly for the sake of learning about how they work better), and it'd be wonderfully convenient for me if I could use iWARP to do RDMA over my loopback interface, so that I could test some of my code without getting on our IB-connected cluster. :-) But I cannot figure out how to get a "local development environment" set up: there are no tutorials I'm aware of for even setting up iWARP from scratch on a server or a network interface. Can anyone give me a tutorial or point me in the right direction? Environment is Fedora 16 running in VirtualBox.

    Read the article

  • Restrict a port to a single app

    - by viraptor
    I'd like to restrict a range of udp ports to a single application (or a user). What I'd like to achieve is not simply blocking a bind() from other uids, but also remove the range from a pool that can be auto-assigned. For example, if someone tries to explicitly bind 12345, but doesn't run the specified app, they should get EPERM. If someone tries to bind an unspecified port, they should never try to bind 12345 at random. Is there any system that can help here? I tried browsing apparmor / selinux docs, but they seem to do the blocking part only.

    Read the article

  • Recommending simple appliance for DansGuardian, iptables, snort inline

    - by SRobertJames
    I'm currently using a Linksys E2000 with dd-wrt. I'd like to add DansGuardian for Content Filtering and snort-inline for IPS; but those require a more powerful box (mainly, more storage). Can you recommend a good device to use? I'm open to both overwrite-the-firmware (like dd-wrt) and designed-to-be-customized boxes. Requirements: 1. 5+ Ethernet ports, pref. GigE 2. small form factor 3. No noise (office environment) 4. low power 5. Not sure about 802.11 wireless Budget < $400, pref. less.

    Read the article

  • APC module causing strange error

    - by clifgriffin
    When I run php -v I get: PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/apc.so' - /usr/lib64/php/modules/apc.so: undefined symbol: php_pcre_exec in Unknown on line 0 This isn't my first rodeo. I've setup APC multiple times. This is a MediaTemple Dedicated Virtual 4.0 with Plesk 11. Plesk 11 is the only thing essentially different from the other servers I've set this up on. I've verified that pcre-devel is installed. I've compiled APC from source as well as used pecl to install it. No difference. I also tried downgrading to APC 3.0.19, with no love.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 504 505 506 507 508 509 510 511 512 513 514 515  | Next Page >