Search Results

Search found 40122 results on 1605 pages for 'ms access 2007'.

Page 632/1605 | < Previous Page | 628 629 630 631 632 633 634 635 636 637 638 639  | Next Page >

• Single sign-on for intranet?

  - by Jason Swett

  I'm trying to set up a single sign-on for my intranet. I've found a couple solutions online but I'm not sure if they apply to my particular situation. I have several subdomains on the same server. One level of user should be able to access all subdomains and another level of user should only be able to access some subdomains. Signing into one subdomain should make it so you don't have to log into any others. Can anyone point me in the right direction? I'm on Ubuntu using Apache.

  Read the article

• Detecting man-in-the-middle attacks?

  - by Ilari Kajaste

  There seem to be many possible ways to create man-in-the-middle attacks on public access points, by stealing the access point's local IP address with ARP spoofing. The possible attacks range from forging password request fields, to changing HTTPS connections to HTTP, and even the recently discovered possibilit of injecting malicious headers in the beginning of secure TLS connections. However, it seems to be claimed that these attacks are not very common. It would be interesting to see for myself. What ways are there to detect if such an attack is being attempted by someone on the network? I guess getting served a plain HTTP login page would be an obvious clue, and of course you could run Wireshark and keep reading all the interesting ARP traffic... But an automated solution would be a tiny bit more handy. Something that analyzes stuff on the background and alerts if an attack is detected on the network. It would be interesting to see for myself if these attack are actually going on somewhere.

  Read the article

• Securing smtp with login

  - by Paul Peelen

  I have a ispconfig server, and it seems that someone is using it to send spam. I got about 130 "Mail Delivery System" email about declined send email. This spammer uses my email address as sent from adress, so I get all these email adresses to my mail. I am using Postfix and Courier. I installed my server according to this guide: http://www.howtoforge.com/perfect-server-debian-lenny-ispconfig3-p3 I did this a few months ago. My question: Can I secure my server to require login to be able to send email, and if so... how? Thanks! EDIT Some data from mail.log, these kind of error show up constantly: Jun 15 17:58:16 bolt postfix/qmgr[10712]: CC7DA1242AE: from=<paul@*****.se>, size=3782, nrcpt=1 (queue active) Jun 15 17:58:16 bolt postfix/smtp[11337]: CC7DA1242AE: to=<[email protected]>, relay=none, delay=4641, delays=4640/0.01/0.32/0, dsn=4.4.3, status=deferred (Host or domain name not found. Name service error for name=cmlisboa.pt type=MX: Host not found, try again) Jun 15 17:58:19 bolt postfix/smtpd[10836]: connect from static-200-105-220-154.acelerate.net[200.105.220.154] Jun 15 17:58:20 bolt postfix/smtpd[10836]: NOQUEUE: reject: RCPT from static-200-105-220-154.acelerate.net[200.105.220.154]: 550 5.1.1 <advertising@*****.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<[email protected]> to=<advertising@*****.com> proto=ESMTP helo=<static-200-105-220-154.acelerate.net> Jun 15 17:58:20 bolt postfix/smtpd[10836]: lost connection after DATA (0 bytes) from static-200-105-220-154.acelerate.net[200.105.220.154] Jun 15 17:58:20 bolt postfix/smtpd[10836]: disconnect from static-200-105-220-154.acelerate.net[200.105.220.154] Jun 15 17:58:29 bolt postfix/smtpd[10834]: connect from unknown[62.176.172.226] Jun 15 17:58:32 bolt postfix/smtpd[10834]: 386791241F9: client=unknown[62.176.172.226] Jun 15 17:58:34 bolt postfix/cleanup[10975]: 386791241F9: message-id=<[email protected]> Jun 15 17:58:34 bolt postfix/qmgr[10712]: 386791241F9: from=<[email protected]>, size=867, nrcpt=1 (queue active) Jun 15 17:58:35 bolt postfix/smtpd[10834]: disconnect from unknown[62.176.172.226] Jun 15 17:58:35 bolt amavis[11084]: (11084-17) Blocked SPAM, [62.176.172.226] [62.176.172.226] <[email protected]> -> <*****@*****>, Message-ID: <[email protected]>, mail_id: XczovKoMBYNr, Hits: 18.471, size: 867, 833 ms Jun 15 17:58:35 bolt postfix/smtp[10732]: 386791241F9: to=<*****@*****>, relay=127.0.0.1[127.0.0.1]:10024, delay=3.5, delays=2.7/0/0/0.83, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=11084-17 - SPAM) Jun 15 17:58:35 bolt postfix/qmgr[10712]: 386791241F9: removed Jun 15 17:58:43 bolt postfix/smtpd[10836]: warning: 178.121.154.194: address not listed for hostname mm-194-154-121-178.dynamic.pppoe.mgts.by Jun 15 17:58:43 bolt postfix/smtpd[10836]: connect from unknown[178.121.154.194] Jun 15 17:58:45 bolt postfix/smtpd[10727]: connect from unknown[180.134.223.86] EDIT #2 Got some more info from the logs, this is a send request: mail.info.1:Jun 15 16:41:57 bolt amavis[5399]: (05399-06) Passed CLEAN, [110.139.48.64] [110.139.48.64] <paul@*****.se> -> <[email protected]>, Message-ID: <CHILKAT-MID-7c54ebcf-5501-de9b-f0b1-4f0234290d8d@HP-IRISH>, mail_id: 35l56Ramx6Nc, Hits: -2.941, size: 3329, queued_as: 2485770086, 136 ms mail.info.1:Jun 15 16:41:57 bolt postfix/smtp[4743]: 375C570082: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=4.8, delays=4.7/0/0/0.14, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=05399-06, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 2485770086) Which apparently got thrue. Any ideas how to restrict this?

  Read the article

• AppUpdater and wamp server

  - by Gerbrand

  I've got an winforms application and I want to implement auto updater to this application. I followed the instructions on the site and got everything setup right. (appupdater application) Now I tried a test and I'm getting the following error back from the appupdater: the remote server returned an error 405 I googled this and this is because my server isn't setup with the right access. I'm using a wampserver and in the apache httpd.conf I added the following lines so my directory is allowed for access: <Directory "c:/wamp/www/updater/V11/"> Options Indexes FollowSymLinks AllowOverride all # onlineoffline tag - don't remove Order Deny,Allow Deny from all Allow from 127.0.0.1 </Directory> But I'm still getting the same error back. I can find information for the IIS configurations, but not for apache. edit: I'm still getting the error, I opened the error log file of apache and I see the following - "PROPFIND /updater/V11/ HTTP/1.1" 405 238 the updater component is using the HTTP-DAV. edit2: it seems that nobody had this kind of situation.

  Read the article

• Missing eth0 configuration file

  - by Godric Seer

  I have two servers both running Scientific Linux 6 on the same network. Since I want SSH access to both of them, I want to give them both static IPs so I can setup port forwarding and not worry how my router assigns local IPs. I found that I need to edit the configuration file /etc/network-scripts/ifcng-eth0, however that file does not exist. The network card works fine, and I am able to ssh as long as I access the router and find the local ip. Can I simply make my own configuration file, or did I miss some step in configuring the system that I need to complete?

  Read the article

• Deploying web services on a RHEL 5 box using Apache/Tomcat/Axis/Java.

  - by Deepak Konidena

  Hi, I am new to the Web services scene. I currently have access to a RHEL5 box and i need to deploy a java web service on it. It runs apache and i know this because i have a website hosted on this machine. Now, i want to deploy a web service on to this website to be able to just pass a link to someone when they need to access my web service. Could someone point out a resource or explain what all i need to get the webservice deployed using Tomcat/Apache Axis and Java. I have done this on Windows (hosted on localhost) but couldn't quite figure out things on linux. Any help is greatly appreciated. Thanks. Deepak.

  Read the article

• PFSENSE and IPV6 , direct connect rules

  - by Bgnt44

  My question is about pfsense configuration for ipv6 In theory Ipv6 are fully routable even in a LAN For stating point i ve Using this tutorial : http://doc.pfsense.org/index.php/Using_IPv6_on_2.1_with_a_Tunnel_Broker So my Lan network has ipv4 connection and ipv6 I would like to be able to access my LAN machines by their IPV6 i'm confused with firewall rules which i need to set to be able to do that Even if i set all interfaces to pass all packets, i'm not able to directly access any machine by their IPV6 Did i miss something ? Edit : Ok i found that it work now, think it has always work but my isp seems to support ipv6 sometimes and sometimes not ... weird

  Read the article

• securing source code with bitlocker

  - by Daniel Powell

  We need to deploy a web based application at a client site where it will be within their local intranet. Part of our requirement is to provide some basic security to protect our IP. I realise that nothings a 100% guaranteed fix but we are just looking to make it a bit harder for most people. The server will be running server 2008 and I was considering using bitlocker as a cheap and nasty way to protect it. From what I understand assuming the mobo supports it we can use the Transparent bitlocker mode and this means that moving the hdd to another pc will mean the hdd will be unreadable in that machine baring some sort of cold boot attack to steal the encryption keys. Is this assumption correct and in the case that the motherboard or any other component fails in the pc and we need to replace it do we lose access to our data or is there a way to unencrypt it (obviously accessible to only our company) EDIT: we do have legal documents that cover this and we will be locking the pc physically and the client will not have access to the pc (windows login) other than via the website we host on it

  Read the article

• Share the DVB card on windows 7

  - by Bashar Kernel

  I have 2 computers connected to a router and I have a DVB card in one of them. I want to use the one DVB card to feed both of them. I read about it and I know that I want to share the DVB adapter with the Internet Connection Sharing on the LAN network. But when I use the connection sharing, I lose my internet access I tried to use "Bridge Connection", but then I also lost my internet access too. Can any one tell me how to fix this problem? And how to view the channels (for example how to use the VLC)?

  Read the article

• Connect to internet through DC with 2 network interfaces

  - by Ali Foroughi

  I have a network like this : Client 1 <== Wireless ==> Access Point <== Wire ==> DC <== Wireless ==> ADSL Modem Client 1 : IP : 192.168.1.181 DG : 192.168.1.100 DNS : 192.168.1.100 Access Point : IP : 192.168.1.10 DG : 192.168.1.100 DC : IP : 192.168.1.100 DG : 192.168.1.1 DNS : 127.0.0.1 ADSL Modem : IP : 192.168.1.1 I can ping yahoo.com from client1, but cannot browse the internet. UPDATE1 : my DC has two network interfaces that I bridge together. UPDATE2 : I powered down the DC firewall UPDATE3 : I set a forwarder for my DC to 8.8.8.8 (Google dns)

  Read the article

• Mikrotik and NAT/Routing issue

  - by arul

  I have basic NAT/Routing problem with Mikrotik RB750 that I've been unable to solve over the past days. From our ISP we have 26 IP addresses: 10.10.10.192/27, with 10.10.10.193 being the gateway and 10.10.10.194 the first available IP. What I need is that everything connected to ether2 gets a public IP from the DHCP server, and everything connected to ether3 gets a local IP from another DHCP (192.168.100.0/24). All clients should have internet access (I'll figure out bandwidth throttling later) and optimally just 'see' each other (all boxes are Win7, I guess this can ultimately be handled with VPN). Here is my setup: ether1 (10.10.10.194) is connected directly to ISP. 20 clients connected to ether2(10.10.10.195), and another 20 to ether3(10.10.10.196) (both through same 24 port switches). This is my setup, which doesn't work, all 20 clients from ether2 can access the internet, though all comm. seems to come from 10.10.10.194 (is this due to the masquerade on ether1?), and ether3 can't access the internet at all. I think that I need to masquerade ether3, and SNAT/DNAT or NETMAP ether2, but that doesn't work either, I guess that I need to somehow 'wire' both ether2+3 to ether1. Address list: # ADDRESS NETWORK INTERFACE 0 ;;; public 10.10.10.194/32 10.10.10.192 ether1-gateway 1 ;;; inner DHCP 192.168.100.0/24 192.168.100.0 ether3-private 2 ;;; public 10.10.10.195/32 10.10.10.192 ether2-pub 3 ;;; public 10.10.10.196/32 10.10.10.192 ether3-private NAT 0 ;;; ether3 nat chain=srcnat action=src-nat to-addresses=10.10.10.196 src-address=192.168.100.0/24 out-interface=ether3-private 1 ;;; ether3 nat chain=dstnat action=dst-nat to-addresses=192.168.100.0/24 in-interface=ether3-private 2 ;;; ether1 masquerade chain=srcnat action=masquerade to-addresses=10.10.10.194 out-interface=ether1-gateway Routes: # DST-ADDRESS PREF-SRC GATEWAY DISTANCE 0 A S 0.0.0.0/0 ether1-gateway 1 2 A S 10.10.10.192/27 10.10.10.195 ether2-pub 1 3 ADC 10.10.10.192/32 10.10.10.195 ether2-pub 0 ether1-gateway ether3-private 4 ADC 192.168.100.0/24 192.168.100.0 ether3-private 0 IP Pools: # NAME RANGES 0 public-pool 10.10.10.201-10.10.10.220 1 private-pool 192.168.100.2-192.168.100.254 DHCP configs: # NAME INTERFACE RELAY ADDRESS-POOL LEASE-TIME ADD-ARP 0 public-dhcp ether2-pub public-pool 3d 1 private-dhcp ether3-private private-pool 3d Thanks!

  Read the article

• Failed pinging a LAN card of the server from the client using shared internet connection

  - by bobo

  The server (Windows XP Pro SP3) has two LAN cards (LAN card A and B) and is connected to the internet using ADSL. The ADSL connection is shared to LAN card B using Internet Connection Sharing. The client (Windows XP Pro SP3) has one LAN card, and is connected to LAN card B of the server so that it has access to the internet. The IP address on the LAN cards are defined as follows: Server: LAN card A: 192.168.0.3/24 (manually defined by me) LAN card B: 192.168.0.1/24 (manually defined by Internet Connection Sharing) Client: LAN card: 192.168.0.123/24 (assigned by DHCP) Default gateway: 192.168.0.1 From the server, I can ping 192.168.0.123 successfully. From the client, it can access the internet without any problem. I can also ping 192.168.0.1 successfully but for 192.168.0.3, it failed with the Request Timeout error message. Why did the ping fail, and what should be done to make the ping possible? (all firewalls have been turned off.)

  Read the article

• Secure external connection to SQL Server (from third party software)

  - by Bart

  I have a SQL Express 2008 R2 server running on a server in an internal lan network. A few databases are used by some third party software to store data. A SQL-Server user is used by this application to connect to the database. Now I need to access this database using a local installation of the software from an external pc. In this particular case a VPN connection is not the solution I am looking for. I have access to an external linux server, so I tried ssh tunneling from the windows server to the linux server and use the external pc to tunnel it back from the linux server to the client, but this is working very very slow. What are my other options to allow this external connection in a safe way?

  Read the article

• Setup asp.net mvc application as subdomain website

  - by a_m0d

  I'm trying to setup a local application on a subdomain on our company server. There is already an installation of sharepoint running on http://companyweb/, but I would like my application to run on http://orders.companyweb/. I tried creating a new website, leaving the IP address the same as it is for http://companyweb, and just changing the host header value to orders.companyweb. However, no matter where I try to access the site from (different computers around the network, including the server itself), I keep getting 404 errors. I then tried setting up a simple index.html and serving that up as the highest priority; however, I still got 404 errors. This makes me think that I have actually setup the site itself wrong. What should I change to be able to access this application correctly on all the local computers?

  Read the article

• Apache w/out internet connection

  - by robert knobulous

  I have a Vista laptop that I have been running Apache / MySql / Php / PhpMyAdmin on for quite some time without fail. I just use it to test bits of code here and there etc. No problems, until recently when I needed to test something and I happened to be in a place that I could not get an internet connection. Why am I unable to access localhost from the same machine without an internet connection? I am type http://localhost..etc into the browser's address bar and I get the message that I am unable to access without an internet connection. I checked my windows/system32/etc/hosts file and the first two lines are 127.0.0.1 localhost ::1 localhost What am I missing here?

  Read the article

• Raid0 performance degradation?

  - by davy8

  Not sure if this belongs here or on SuperUser, feel free to move as appropriate. I've noticed the performance on my RAID0 setup seems to have degraded over the past months. The throughput is fine, but I think the random access time has increased or something. In use I generally see about 1-5mb/sec when loading stuff in Visual Studio and other apps and it doesn't seem like the CPU is bottlenecking as the CPU utilization is pretty low. I don't recall what Access Time used to be, but HD Tune is reporting 12.6ms Read throughput is showing as averaging about 125MB/sec so it should be great for sequential reads. Defrag daily and it shows fragmentation levels low, so that shouldn't be an issue. Additional info, Windows 7 x64, Intel raid controller on mobo, WD Black 500GB (I think 32mb cache) x2.

  Read the article

• Raid0 performance degradation?

  - by davy8

  Not sure if this belongs here or on SuperUser, feel free to move as appropriate. I've noticed the performance on my RAID0 setup seems to have degraded over the past months. The throughput is fine, but I think the random access time has increased or something. In use I generally see about 1-5mb/sec when loading stuff in Visual Studio and other apps and it doesn't seem like the CPU is bottlenecking as the CPU utilization is pretty low. I don't recall what Access Time used to be, but HD Tune is reporting 12.6ms Read throughput is showing as averaging about 125MB/sec so it should be great for sequential reads. Defrag daily and it shows fragmentation levels low, so that shouldn't be an issue. Additional info, Windows 7 x64, Intel raid controller on mobo, WD Black 500GB (I think 32mb cache) x2.

  Read the article

• OpenVPN Client timing out

  - by Austin

  I recently installed OpenVPN on my Ubuntu VPS. Whenenver I try to connect to it, I can establish a connection just fine. However, everything I try to connect to times out. If I try to ping something, it will resolve the IP, but will time out after resolving the IP. (So DNS Server seems to be working correctly) My server.conf has this relevant information (At least I think it's relevant. I'm not sure if you need more or not) # Which local IP address should OpenVPN # listen on? (optional) ;local a.b.c.d # Which TCP/UDP port should OpenVPN listen on? # If you want to run multiple OpenVPN instances # on the same machine, use a different port # number for each one. You will need to # open up this port on your firewall. port 1194 # TCP or UDP server? ;proto tcp proto udp # "dev tun" will create a routed IP tunnel, # "dev tap" will create an ethernet tunnel. # Use "dev tap0" if you are ethernet bridging # and have precreated a tap0 virtual interface # and bridged it with your ethernet interface. # If you want to control access policies # over the VPN, you must create firewall # rules for the the TUN/TAP interface. # On non-Windows systems, you can give # an explicit unit number, such as tun0. # On Windows, use "dev-node" for this. # On most systems, the VPN will not function # unless you partially or fully disable # the firewall for the TUN/TAP interface. ;dev tap dev tun # Windows needs the TAP-Win32 adapter name # from the Network Connections panel if you # have more than one. On XP SP2 or higher, # you may need to selectively disable the # Windows firewall for the TAP adapter. # Non-Windows systems usually don't need this. ;dev-node MyTap # SSL/TLS root certificate (ca), certificate # (cert), and private key (key). Each client # and the server must have their own cert and # key file. The server and all clients will # use the same ca file. # # See the "easy-rsa" directory for a series # of scripts for generating RSA certificates # and private keys. Remember to use # a unique Common Name for the server # and each of the client certificates. # # Any X509 key management system can be used. # OpenVPN can also use a PKCS #12 formatted key file # (see "pkcs12" directive in man page). ca ca.crt cert server.crt key server.key # This file should be kept secret # Diffie hellman parameters. # Generate your own with: # openssl dhparam -out dh1024.pem 1024 # Substitute 2048 for 1024 if you are using # 2048 bit keys. dh dh1024.pem # Configure server mode and supply a VPN subnet # for OpenVPN to draw client addresses from. # The server will take 10.8.0.1 for itself, # the rest will be made available to clients. # Each client will be able to reach the server # on 10.8.0.1. Comment this line out if you are # ethernet bridging. See the man page for more info. server 10.8.0.0 255.255.255.0 # Maintain a record of client <-> virtual IP address # associations in this file. If OpenVPN goes down or # is restarted, reconnecting clients can be assigned # the same virtual IP address from the pool that was # previously assigned. ifconfig-pool-persist ipp.txt # Configure server mode for ethernet bridging. # You must first use your OS's bridging capability # to bridge the TAP interface with the ethernet # NIC interface. Then you must manually set the # IP/netmask on the bridge interface, here we # assume 10.8.0.4/255.255.255.0. Finally we # must set aside an IP range in this subnet # (start=10.8.0.50 end=10.8.0.100) to allocate # to connecting clients. Leave this line commented # out unless you are ethernet bridging. ;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100 # Configure server mode for ethernet bridging # using a DHCP-proxy, where clients talk # to the OpenVPN server-side DHCP server # to receive their IP address allocation # and DNS server addresses. You must first use # your OS's bridging capability to bridge the TAP # interface with the ethernet NIC interface. # Note: this mode only works on clients (such as # Windows), where the client-side TAP adapter is # bound to a DHCP client. ;server-bridge # Push routes to the client to allow it # to reach other private subnets behind # the server. Remember that these # private subnets will also need # to know to route the OpenVPN client # address pool (10.8.0.0/255.255.255.0) # back to the OpenVPN server. ;push "route 192.168.10.0 255.255.255.0" ;push "route 192.168.20.0 255.255.255.0" # To assign specific IP addresses to specific # clients or if a connecting client has a private # subnet behind it that should also have VPN access, # use the subdirectory "ccd" for client-specific # configuration files (see man page for more info). # EXAMPLE: Suppose the client # having the certificate common name "Thelonious" # also has a small subnet behind his connecting # machine, such as 192.168.40.128/255.255.255.248. # First, uncomment out these lines: ;client-config-dir ccd ;route 192.168.40.128 255.255.255.248 # Then create a file ccd/Thelonious with this line: # iroute 192.168.40.128 255.255.255.248 # This will allow Thelonious' private subnet to # access the VPN. This example will only work # if you are routing, not bridging, i.e. you are # using "dev tun" and "server" directives. # EXAMPLE: Suppose you want to give # Thelonious a fixed VPN IP address of 10.9.0.1. # First uncomment out these lines: ;client-config-dir ccd ;route 10.9.0.0 255.255.255.252 # Then add this line to ccd/Thelonious: # ifconfig-push 10.9.0.1 10.9.0.2 # Suppose that you want to enable different # firewall access policies for different groups # of clients. There are two methods: # (1) Run multiple OpenVPN daemons, one for each # group, and firewall the TUN/TAP interface # for each group/daemon appropriately. # (2) (Advanced) Create a script to dynamically # modify the firewall in response to access # from different clients. See man # page for more info on learn-address script. ;learn-address ./script # If enabled, this directive will configure # all clients to redirect their default # network gateway through the VPN, causing # all IP traffic such as web browsing and # and DNS lookups to go through the VPN # (The OpenVPN server machine may need to NAT # or bridge the TUN/TAP interface to the internet # in order for this to work properly). push "redirect-gateway def1 bypass-dhcp" push "dhcp-option DNS 8.8.8.8" # Certain Windows-specific network settings # can be pushed to clients, such as DNS # or WINS server addresses. CAVEAT: # http://openvpn.net/faq.html#dhcpcaveats # The addresses below refer to the public # DNS servers provided by opendns.com. ;push "dhcp-option DNS 8.8.8.8" push "dhcp-option DNS 8.8.4.4" # Uncomment this directive to allow different # clients to be able to "see" each other. # By default, clients will only see the server. # To force clients to only see the server, you # will also need to appropriately firewall the # server's TUN/TAP interface. ;client-to-client # Uncomment this directive if multiple clients # might connect with the same certificate/key # files or common names. This is recommended # only for testing purposes. For production use, # each client should have its own certificate/key # pair. # # IF YOU HAVE NOT GENERATED INDIVIDUAL # CERTIFICATE/KEY PAIRS FOR EACH CLIENT, # EACH HAVING ITS OWN UNIQUE "COMMON NAME", # UNCOMMENT THIS LINE OUT. ;duplicate-cn # The keepalive directive causes ping-like # messages to be sent back and forth over # the link so that each side knows when # the other side has gone down. # Ping every 10 seconds, assume that remote # peer is down if no ping received during # a 120 second time period. keepalive 10 120 # For extra security beyond that provided # by SSL/TLS, create an "HMAC firewall" # to help block DoS attacks and UDP port flooding. # # Generate with: # openvpn --genkey --secret ta.key # # The server and each client must have # a copy of this key. # The second parameter should be '0' # on the server and '1' on the clients. ;tls-auth ta.key 0 # This file is secret # Select a cryptographic cipher. # This config item must be copied to # the client config file as well. ;cipher BF-CBC # Blowfish (default) ;cipher AES-128-CBC # AES ;cipher DES-EDE3-CBC # Triple-DES # Enable compression on the VPN link. # If you enable it here, you must also # enable it in the client config file. comp-lzo # The maximum number of concurrently connected # clients we want to allow. ;max-clients 100 # It's a good idea to reduce the OpenVPN # daemon's privileges after initialization. # # You can uncomment this out on # non-Windows systems. ;user nobody ;group nogroup # The persist options will try to avoid # accessing certain resources on restart # that may no longer be accessible because # of the privilege downgrade. persist-key persist-tun # Output a short status file showing # current connections, truncated # and rewritten every minute. status openvpn-status.log # By default, log messages will go to the syslog (or # on Windows, if running as a service, they will go to # the "\Program Files\OpenVPN\log" directory). # Use log or log-append to override this default. # "log" will truncate the log file on OpenVPN startup, # while "log-append" will append to it. Use one # or the other (but not both). ;log openvpn.log ;log-append openvpn.log # Set the appropriate level of log # file verbosity. # # 0 is silent, except for fatal errors # 4 is reasonable for general usage # 5 and 6 can help to debug connection problems # 9 is extremely verbose verb 3 # Silence repeating messages. At most 20 # sequential messages of the same message # category will be output to the log. ;mute 20 I've tried on multiple computers by the way. The same result on all of them. What could be wrong? Thanks in advance, and if you need other information I'll gladly post it. Information for new comments root@vps:~# iptables -L -n -v Chain INPUT (policy ACCEPT 862K packets, 51M bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 3 packets, 382 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 4641 298K ACCEPT all -- * * 10.8.0.0/24 0.0.0.0/0 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain OUTPUT (policy ACCEPT 1671K packets, 2378M bytes) pkts bytes target prot opt in out source destination And root@vps:~# iptables -t nat -L -n -v Chain PREROUTING (policy ACCEPT 17937 packets, 2013K bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 8975 packets, 562K bytes) pkts bytes target prot opt in out source destination 1579 103K SNAT all -- * * 10.8.0.0/24 0.0.0.0/0 to:SERVERIP Chain OUTPUT (policy ACCEPT 8972 packets, 562K bytes) pkts bytes target prot opt in out source destination

  Read the article

• QR Codes for Files on Google Code

  - by Synetech inc.

  Hi, When you download files from Google Code now (example), in addition to the text version of the SHA1 hash, it includes a QR code of it. The device that the file was downloaded to is the one that has to hash the file. But, if it can download the file (ie, has access to the webpage), it also has access to the text version of the hash, so the QR code seems completely useless—and more work to decode when the raw text is available. How would reading the hash into a mobile phone allow you to verify the file you download to the computer? Or if you download the file to the phone, how would you use the phone to take a picture of the QR code displayed on the webpage on its own screen? Does anyone know what the point to the QR code is or how you would use it to verify the downloaded file (I don’t mean QR codes in general, but specifically in this context).

  Read the article

• What's the simplest configuration of SVN on a Windows Server to avoid plain text password storage?

  - by detly

  I have an SVN 1.6 server running on a Windows Server 2003 machine, served via CollabNet's svnserve running as a service (using the svn protocol). I would like to avoid storing passwords in plain text on the server. Unfortunately, the default configuration and SASL with DIGEST-MD5 both require plain text password storage. What is the simplest possible way to avoid storing passwords in plain text? My constraints are: Path-based access control to the SVN repository needs to be possible (currently I can use an authz file). As far as I know, this is more-or-less independent of the authentication method. Active directory is available, but it's not just domain-connected windows machines that need to authenticate: workgroup PCs, Linux PCs and software that uses PySVN to perform SVN operations all need to be able to access the repositories. Upgrading the SVN server is feasible, as is installing additional software.

  Read the article

• My IPSec VPN isn't allowing me to connect

  - by jbondhus

  I'm following this guide to create an IPsec VPN on a debian server. I followed all the steps, and it still isn't working. If I try connecting to it, I get an error. I've looked for the logs, but I'm not sure where they would be put, other than /var/logs. I aim to be able to browse the internet from my home connection, and access my home network as if it is my local network (eg. access my home fileserver and printers, and screen share my home computers remotely without a complicated port forwarding setup.

  Read the article

• "svn: Cannot negotiate authentication mechanism" for OSX CLI and WinXp TortoiseSVN, but linux CLI works

  - by dacracot

  I had a working subversion server which used the passwd file which stores passwords in clear text. My requirements changed so that passwords now need to be encrypted. I did everything according to the book to use SASL, or so I believe, but now only the linux command line can authenticate. My OSX users, which also use command line, and my WinXp users, which use TortoiseSVN get errors. Linux versions are 1.6.11. OSX versions are 1.6.17. And TortoiseSVN versions are 1.7.4. /opt/subversion/QRpage/conf/svnserve.conf: [general] anon-access = none auth-access = write realm = ABC [sasl] use-sasl = true min-encryption = 128 max-encryption = 256 /etc/sasl2/svn.conf: pwcheck_method: auxprop auxprop_plugin: sasldb sasldb_path: /etc/sasldb2 mech_list: DIGEST-MD5 Then I add new users via: saslpasswd2 -c -f /etc/sasldb2 -u ABC dacracot But for instance OSX users get this error trying to check out: $ svn co svn://svn.nowhere.org/QRpage svn: Cannot negotiate authentication mechanism

  Read the article

• Disable/enable the proxy on a tab by tab basis in Firefox

  - by Rich

  Is it possible to disable/enable the proxy connection on a tab-by-tab basis in Firefox? I can access the internet with the proxy enabled, and I can access our internal servers with the proxy disabled, but neither configuration allows the other. I have a feeling that Firefox 4's per tab profiles may permit this, but was wondering whether there was a way to achieve this on Firefox 3.6.13, perhaps through the use of an extension. For the moment I'm making do with quickProxy (not QuickProxy which I've just discovered while trying to find quickProxy) which allows me to switch the proxy on and off for the whole browser, but would prefer something more fine-grained.

  Read the article

• FTP an entire folder via the command line

  - by Chris Southam

  I'm looking so migrate some websites to a new server. I have SSH access to the current one but only FTP access to the new one. How can I via Centos and SSH copy entire folders to the new server via FTP? I can log into the new server via the built in FTP client on Centos but I'm not sure of the commands after this. I need to move the httpdocs folder from the old to the public_html folder of the new server. I'd love to do this server to server as it'll be a lot quicker than download - upload via my broadband connection. Yours, Chris

  Read the article

• Nearest PC equivalent to Mac Target Disk Mode?

  - by username

  Mac firmware has a special boot mode that allows you to offer its internal hdd to another computer as an external disk (you just connect the two machines via an IEEE 1394 cable). Only the second machine needs a functioning OS installed. Any good suggestions for something similar on the PC side of things? Block level access isn't important to me, I'd just like to be able to copy files off it. It doesn't matter to me if it uses Ethernet, IEEE 1394, or wifi - I just like having a quick way to access files on a client PC. Is there any single-purpose Linux distro specially designed to do this? It'd be nice to have something super simple, quickbooting, and small that I could install on a USB drive. I used to use Knoppix, but it's overkill as a Target Mode replacement.

  Read the article

< Previous Page | 628 629 630 631 632 633 634 635 636 637 638 639  | Next Page >