Search Results

Search found 45752 results on 1831 pages for 'ubuntu linux'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 736/1831 | < Previous Page | 732 733 734 735 736 737 738 739 740 741 742 743  | Next Page >

  • IP Blacklists and suspicious inbound and outbound traffic

    - by Pantelis Sopasakis
    I administer a web server and recently we had our IP banned (!) from our host after they received a notification e-mail for abuse. In particular our server is allegedly involved in spam attacks over HTTP. The content of the abuse report email we received was not much informative - for example the IP addresses our server is supposed to have attacked against are not included - so I started a wireshark session checking for suspicious traffic over TCP/HTTP while trying to locate possible security holes on the system. (Let me note that the machine runs a Debian OS). Here is an example of such a request... Source: 89.74.188.233 Destination: 12.34.56.78 // my ip Protocol: HTTP Info: GET 'http://www.media.apniworld.com/image.php?type=hv' HTTP/1.0 I manually blacklisted this host (as well as some other ones) blocking them with iptables, but I can't keep on doing manually all day long... I'm looking for an automated way to block such IPs based on: Statistical analysis, pattern recognition or other AI-based analysis (Though, I'm reluctant to trust such a solution, if exists) Public blacklists Using DNSBL I actually found out that 89.74.188.233 is blacklisted. However other IPs which are strongly suspicious like 93.199.112.126 (i.e. http://www.pornstarnetwork.com/account/signin), unfortunately were not blacklisted! What I would like to do is to automatically connect my firewall with DNSBL (or some other blacklist database) and block all traffic towards blacklisted IPs or somehow have my local blacklist automatically updated.

    Read the article

  • htaccess rewrite different folder url, two index files

    - by Andrew
    I've been searching for awhile now and haven't found anything that comes close to what I'm trying to accomplish. Right now my URL's look like this: www.website.com/something which are using the root folder /index.php Now I have created plugins within folders: /plugins/PLUGINNAME/index.php I want to be able to have URLs like: www.website.com/plugins/PLUGINNAME/anything/iwant/here which are all using /plugins/PLUGINNAME/index.php and not the root directory index.php. Currently www.website.com/plugins/PLUGINNAME/ works, but anything after /PLUGINNAME/xxx defaults to the /index.php.

    Read the article

  • How to execute a shell script on startup?

    - by vijay.shad
    I have create a script to start a server(my first question). Now I want it to run on the system boot and start the defined server. What should I do to get this done? My findings tell me put this file in /etc/init.d location and it will execute when the system will boot. But I am not able to understand how the first argument on the startup will be start? Is this predefined somewhere to use start as $1? If I want to have a case startall that will start all the servers in the script, then what are the options I can manage. My Script is like this: #!/bin/bash case "$1" in start) start ;; stop) stop ;; restart) $0 stop $0 start ;; *) echo "usage: $0 (start|stop|restart)" ;; esac

    Read the article

  • Where is the hostname in /etc/hostname on a debian server used?

    - by Tchalvak
    I have a webserver running a number of websites. When I ssh in, it gives me a tab name of [email protected], which is counterintuitive, making it seem like those tabs are on my localhost. I would like to change the hostname, but I want to be sure that it won't break anything else. So for what purposes does that hostname string get used, and how can I be sure that it won't affect any functioning systems?

    Read the article

  • Mounting Google Driva via WebDav directly on Google

    - by WoJ
    I would like to mount on my RPi my Google Drive using davfs2 but I did not find any direct way to do it for Google Drive. There are instructions on how to use dav-pocket to indirectly do that but these are from 2010. Google group discussions about the lack of direct WebDAV access to Google are roughly from the same time and I could not find any other way to do the mount. Has anything changed and would anyone know if Google enabled WebDAV - and if so what is the URL? An alternate synchronization system would be fine as well (rsync for instance) - I did not find any particular infos either Thank you!

    Read the article

  • No clue for high load average on top

    - by Oz.
    We have several machines on Amazon (ec2) of the type c1.xlarge with 16 cpus, running the Amazon AMI. Details on the machine: 7 GB of memory 20 EC2 Compute Units (8 virtual cores with 2.5 EC2 Compute Units each) 1690 GB of instance storage 64-bit platform I/O Performance: High API name: c1.xlarge One out of the several machines is showing a high load average, since we have run the last yum upgrade a couple of weeks a go. We did not yet update the other machines, and everything looks normal on them. The strange thing is that the top command not showing any hint for the cause of the load. CPUs are 4.8%us, 1.1%sy, 0.0%ni, 94.1%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st(see below). Mem is about 1.5GB free. Any idea what could it be, or where else can we check? Many thanks for the help. # # top # top - 07:57:42 up 4:18, 1 user, load average: 1.36, 1.45, 1.47 Tasks: 131 total, 1 running, 130 sleeping, 0 stopped, 0 zombie Cpu(s): 4.8%us, 1.1%sy, 0.0%ni, 94.1%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st Mem: 7120092k total, 5644920k used, 1475172k free, 532888k buffers Swap: 0k total, 0k used, 0k free, 3463936k cached PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 1557 mysql 20 0 1829m 374m 6448 S 14.3 5.4 11:15.09 mysqld 6655 apache 20 0 416m 49m 3744 S 9.3 0.7 0:04.85 httpd 27683 apache 20 0 421m 54m 3708 S 9.0 0.8 0:00.99 httpd 6682 apache 20 0 424m 57m 3788 S 8.3 0.8 0:03.81 httpd 16816 apache 20 0 419m 51m 3760 S 4.3 0.7 0:04.09 httpd 22182 apache 20 0 417m 50m 3756 S 1.7 0.7 0:06.34 httpd 219 root 20 0 0 0 0 S 0.3 0.0 0:00.34 kworker/7:1 699 root 20 0 0 0 0 S 0.3 0.0 0:00.40 kworker/3:1 1 root 20 0 19376 1508 1212 S 0.0 0.0 0:00.29 init 2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd 3 root 20 0 0 0 0 S 0.0 0.0 0:00.71 ksoftirqd/0

    Read the article

  • Why would one of my servers stop being able to access other servers by FQDN?

    - by Newlyn Erratt
    I have a number of servers on our local network and our debian server has suddenly stopped being able to access the other servers via their FQDN. Initial symptom was inability to login with Active Directory accounts. On further inspection, this machine, porkbelly, was unable to access our other servers (e.g. bacon and albert) via their FQDN. That is, they can ping albert by running ping albert but not by running ping albert.domain.local though when running ping albert it will be expanded to albert.domain.local. The server is still accessible from other servers via both porkbelly and porkbelly.domain.local. Upon examination of hosts information and running hostname its hostname and FQDN are correct. The resolv.conf appears correct. It contains: domain domain.local search domain.local nameserver 192.168.0.xxx (the nameserver) The dns server is also our Windows AD server. I'm not even sure where to go from here or why dns seems to be partially working though I don't have much experience. Where should I go from here? What might be causing this issue where machines are visible via their hostname but not their FQDN?

    Read the article

  • Screen multiuser - Permission denied

    - by Zlug
    I'm trying to send input to a screen session from php. So far I have followed the steps explained here Is running GNU Screen suid root the only way to make multiuser mode work? And I have set "multiuser on" and "acladd www-data" in the screenrc file (or well, no. in another file that I use by the -c option but still) My problem now is that whenever i try to acess screen by php exec('screen -S user/session -p 0 -X stuff "test"'."\n", $ret); I get the error: Cannot opendir /var/run/screen/S-user: Permission denied

    Read the article

  • Should I be worry about max number of files in a folder in *NIX filesystems?

    - by ??????
    In a social networking project we want to store user's avatars in a folder. I think in one year or two it'll reach to 140K (I've seen this issue before and it will be around this number). I want to spread files in folders. If a folder contains 1000 files then create another folder and do store files from 1001 to 2000. Is this a good approach or I'm just very cautious about the issue? (File system : EXT3)

    Read the article

  • Apache security for multi-user development web server.

    - by mrmartinblue
    I've been searching and reading through documents all morning and understand that I need to use some combination of chown and probably 'jailing' to securely give programmers access to directories on my centos webserver. Here's the situation: I have an apache web server that has any number of virtual sites located in /var/www/site1 /var/www/site2 etc.. I have different developers that need full access both ssh and vsFTP to only the site they are working on. What is the best way to create and maintain security in this scenario. My thought would be to create a new user for each coder, jail that user to the website directory they are allowed to work in, add their user to a group and set the webroot's owner to that group. Any thoughts? Good, bad, ugly? Thanks!

    Read the article

  • SELinux adding new allowed samba type to access httpd_sys_content_t?

    - by Josh
    allow samba_share_t httpd_sys_content_t {read execute getattr setattr write}; allow smbd_t httpd_sys_content_t {read execute getattr setattr write}; I am taking a stab in the dark with resources I've looked at, at various places that the above policies are what I want. I basically want to allow Samba to write to my web docs without giving it free access to the operating system. I read a post by a NSA rep saying the best way was defining a new type and allowing both samba and httpd access. Setting the content to public content (public_content_rw_t) does not work without making use of some unrestrictive booleans. To state this in short, how do I allow samba to access a new type?

    Read the article

  • Eucalyptus / no bootable EBS yet - any alternatives to Eucalyptus?

    - by itgorilla
    I've read a couple of articles that Eucalyptus doesn't support bootable EBS yet. This is a problem since you can't make a backup form an instance like you a able on Amazon cloud or Rack Space Cloud. If you ever reboot the physical Ecalyptus sever that's running the node controller the instance is gone along with all your settings. Are there any alternatives to Eucalyptus or is just the only game in town when it comes to open source cloud?

    Read the article

  • Migrate data from one server to another using rsync

    - by Leonid Shevtsov
    I'm moving from one VPS to another, and I figured that the simplest way to transfer data would be rsync. However, the data is owned by a user, www-data, which doesn't have ssh privileges, and I'd like it to be owned by the same (named) user on the target machine. Obviously I need all file permissions preserved. I have SSH access via another user with sudo privileges on both machines. Is this possible to do this with rsync?

    Read the article

  • Unattended Kickstart Install

    - by Eric
    I've looked around quite a bit and have seen similar setup and questions, but none seem to work for me. I'm using the following command to create a custom ISO: /usr/bin/livecd-creator --config=/usr/share/livecd-tools/test.ks --fslabel=TestAppliance --cache=/var/cache/live This works great and it creates the ISO with all of the packages and configs I want on it. My issue is that I want the install to be unattended. However, every time I start the CD, it asks for all of the info such as keyboard, time zone, root password, etc. These are my basic settings I have in my kickstart script prior to the packages section. cdrom install autopart autostep xconfig --startxonboot rootpw testpassword lang en_US.UTF-8 keyboard us timezone --utc America/New_York auth --useshadow --enablemd5 selinux --disabled services --enabled=iptables,rsyslog,sshd,ntpd,NetworkManager,network --disabled=sendmail,cups,firstboot,ip6tables clearpart --all So after looking around, I was told that I need to modify my isolinux.cfg file to either do "ks=http://X.X.X.X/location/to/test.ks" or "ks=cdrom:/test.ks". I've tried both methods and it still forces me to go through the install process. When I tail the apache logs on the server, I see that the ISO never even tries to get the file. Below are the exact syntax I'm trying on my isolinux.cfg file. label http menu label HTTP kernel vmlinuz0 append initrd=initrd0.img ks=http://192.168.56.101/files/test.ks ksdevice=eth0 label localks menu label LocalKS kernel vmlinuz0 append initrd=initrd0.img ks=cdrom:/test.ks label install0 menu label Install kernel vmlinuz0 append initrd=initrd0.img root=live:CDLABEL=PerimeterAppliance rootfstype=auto ro liveimg liveinst noswap rd_NO_LUKS rd_NO_MD rd_NO_DM menu default EOF_boot_menu The first 2 give me a "dracut: fatal: no or empty root=" error until I give it a root= option and then it just skips the kickstart completely. The last one is my default option that works fine, but just requires a lot of user input. Any help would be greatly appreciated.

    Read the article

  • Skipping intermediate Ubuntu OS upgrade to latest one,How do I upgrade from 9.04 to 10.04.2?

    - by Yadnesh
    I'm currently runing Ubuntu 9.04 Jaunty. I want to upgrade to 10.04.02, but whenever I use the Update manager to do this, it fails with the error "An upgrade from 'jaunty' to 'lucid' is not supported with this tool". I also tried to run sudo do-release-upgrade -d, but it fails with the same error message: Checking for a new ubuntu release Done Upgrade tool signature Done Upgrade tool Done downloading extracting 'lucid.tar.gz' authenticate 'lucid.tar.gz' against 'lucid.tar.gz.gpg' tar: Removing leading `/' from member names Reading cache Checking package manager Can not upgrade An upgrade from 'jaunty' to 'lucid' is not supported with this tool.

    Read the article

  • Log Files from bash script output

    - by neildeadman
    I have a script that runs (this works fine). I'd like to produce logfiles from its output and still show it on screen. I have this command that creates three files from this blog: ((./fk.sh 2>&1 1>&3 | tee errors.log) 3>&1 1>&2 | tee output.log) 2>&1 | tee final.log This does exactly what I want it to. My only issue is that I create files in my script and copy them somewhere, and I'd like to copy these logfiles there too, which I can't do whilst this script is running. I also wanted to make it easier for any user to run my script, so I created another script to run this script. According to this post (see last post) I can put a . before the script name and I can use variables assigned in my called script from the first script if I use them in the first. It doesn't seem to work though and I can't figure out why or find alternative methods. Can anyone help?

    Read the article

  • What happens to running processes when I lose a remote connection to a *nix box?

    - by David Marble
    I occasionally lose my remote SSH connection to my VPS. I use screen for long-running processes, but am wondering what happens to the processes I had running aside from those run within a screen session if I lose the connection to the box. When I re-establish a connection to the box, what happened to the bash and sshd processes that were running when I lost the connection? Today I lost connection repeatedly and noticed many more bash and sshd processes than usual. If there are processes hanging around, do I need to kill them? How could I determine which processes were abandoned from my previous session? Thanks for any replies!

    Read the article

  • Configure all hosts, then create a list of the config for all hosts?

    - by AME
    I deployed a huge number of hosts with Ansible - which did work very nice. Each host got its individual settings and configuration. Now I'd like to generate a config file for another system that uses these hosts. For it, I need for every host a part of the generated configuration (the one that configures the database). Here is an example of the situation with two hosts having different configuration and the other system that uses a part of the Ansible-generated configuration: host1 ansible configured dbA host2 ansible configured dbQ The other system: host1 = dbA host2 = dbQ The values are computed differently (dbQ instead of dbB for host2 for example) if it belongs in a different cluster and so on, making it unpractical to just read out host configuration from the host_vars. I believe I would need to iterate over the hosts and let Ansible figure out the computed values for the variables like it would when deploying, but I do not know how to put that result in one template. Please advise :)

    Read the article

  • How can I fix a broken AVI file?

    - by KeyboardMonkey
    I have a broken AVI, it won't play in VLC, Xine or MPlayer. I tried Handbrake (reads the file and resets the source to None), OggConvert, Avidemux and mencoder fail to read the file, I cannot seem to reencode this file. I suspect the header info is corrupt, is there a way to get the a/v streams out with a missing header?

    Read the article

  • Help debugging Sendmail/Mailman configuration issue

    - by inxilpro
    Hi folks, I'm trying to configure a server with Sendmail and Mailman. I've been getting "Broken pipe" errors for a while, and have slowly been debugging. I fixed some permission issues, and changed the user that Mailman expects to be called from, among other things. Finally, I'd gone through everything I could think of, so I added a new test to see if it's the Mailman script or Sendmail that's causing the problem. Here's the error I'm getting now (stripped of timestamps and identifying information): <-- MAIL FROM:[email protected] Authentication-Warning: xxxxx.org: xxxxxxxxxxxxxx.net [xx.xx.xxx.xxx] didn't use HELO protocol --- 250 2.1.0 [email protected]... Sender ok <-- RCPT TO: [email protected] --- 250 2.1.5 [email protected]... Recipient ok <-- DATA --- 354 Enter mail, end with "." on a line by itself [email protected], size=20, class=0, nrcpts=1, msgid=<[email protected]>, proto=SMTP, relay=xxxxxxxxxxxxxx.net [xx.xx.xxx.xxx] --- 250 2.0.0 o6KMg2xZ025804 Message accepted for delivery alias [email protected] => "|/bin/echo foo" SYSERR(root): putbody: write error: Broken pipe 0: fl=0x0, mode=20660: CHR: dev=0/15, ino=776, nlink=1, u/gid=0/0, size=0 1: fl=0x1, mode=20660: CHR: dev=0/15, ino=776, nlink=1, u/gid=0/0, size=0 2: fl=0x1, mode=20660: CHR: dev=0/15, ino=776, nlink=1, u/gid=0/0, size=0 3: fl=0x2, mode=140777: SOCK localhost->[[UNIX: /dev/log]] 5: fl=0x0, mode=100600: dev=8/3, ino=486765, nlink=1, u/gid=0/51, size=5 6: fl=0x8000, mode=100640: dev=8/3, ino=65501, nlink=1, u/gid=0/0, size=12288 7: fl=0x8000, mode=100640: dev=8/3, ino=65501, nlink=1, u/gid=0/0, size=12288 8: fl=0x8000, mode=100640: dev=8/3, ino=65510, nlink=1, u/gid=0/0, size=12288 9: fl=0x8000, mode=100640: dev=8/3, ino=65510, nlink=1, u/gid=0/0, size=12288 10: fl=0x8000, mode=100640: dev=8/3, ino=64814, nlink=1, u/gid=0/51, size=12288 11: fl=0x8000, mode=100640: dev=8/3, ino=64814, nlink=1, u/gid=0/51, size=12288 12: fl=0x1, mode=100600: dev=8/3, ino=486767, nlink=1, u/gid=0/51, size=754 13: fl=0x1, mode=10600: FIFO: dev=0/5, ino=7649785, nlink=1, u/gid=0/51, size=0 14: fl=0x0, mode=10600: FIFO: dev=0/5, ino=7649786, nlink=1, u/gid=0/51, size=0 MCI@0x0: NULL MCI@0x0: NULL to="|/bin/echo foo", [email protected] (8/0), delay=00:00:08, xdelay=00:00:00, mailer=prog, pri=30476, dsn=5.0.0, stat=Service unavailable o6KMsnxX025948: DSN: Service unavailable done; delay=00:00:08, ntries=1 The alias in /etc/aliases is: cmtest: "|/bin/echo foo" As you can see, even when trying to pipe to /bin/echo I still get the same error. But I can't for the life of me figure out what else to check. Normal aliases work fine. Any ideas? Thanks!

    Read the article

  • iptables secure squid proxy

    - by Lytithwyn
    I have a setup where my incoming internet connection feeds into a squid proxy/caching server, and from there into my local wireless router. On the wan side of the proxy server, I have eth0 with address 208.78.∗∗∗.∗∗∗ On the lan side of the proxy server, I have eth1 with address 192.168.2.1 Traffic from my lan gets forwarded through the proxy transparently to the internet via the following rules. Note that traffic from the squid server itself is also routed through the proxy/cache, and this is on purpose: # iptables forwarding iptables -A FORWARD -i eth1 -o eth0 -s 192.168.2.0/24 -m state --state NEW -j ACCEPT iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A POSTROUTING -t nat -j MASQUERADE # iptables for squid transparent proxy iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to 192.168.2.1:3128 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128 How can I set up iptables to block any connections made to my server from the outside, while not blocking anything initiated from the inside? I have tried doing: iptables -A INPUT -i eth0 -s 192.168.2.0/24 -j ACCEPT iptables -A INPUT -i eth0 -j REJECT But this blocks everything. I have also tried reversing the order of those commands in case I got that part wrong, but that didn't help. I guess I don't fully understand everything about iptables. Any ideas?

    Read the article

  • Maximizing TCP connections on HAProxy load balancer

    - by imaginative
    I am currently using HAProxy in order to load balance tcp connections from clients to my Erlang app server. The connection is persistent, which means I'm limited to roughly 64K clients on an optimized server (I'm currently running HAProxy on an m1.large EC2 instance). My app server is designed to horizontally scale based on the number of TCP connections. What's worrying me though is I'll need an equal number of HAProxy servers as app servers since it's a 1:1 connection. Is there currently a way to "proxy" the tcp connection to the app server so that once HAProxy sends the client off to my Erlang server, it can free up the connection, ready to serve another client? Are there any papers, existing solutions out there I can read so that I only have to worry about the 64K limit on my app servers, and not on the load balancing servers themselves?

    Read the article

  • SSH Advanced Logging

    - by Radek Šimko
    I've installed OpenSUSE on my server and want to set ssh to log every command, which is send to system over it. I've found this in my sshd_config: # Logging # obsoletes QuietMode and FascistLogging #SyslogFacility AUTH #LogLevel INFO I guess that both of those directives has to be uncommented, but I'd like to log every command, not only authorization (login/logout via SSH). I just want to know, if someone breaks into my system, what did he do.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 732 733 734 735 736 737 738 739 740 741 742 743  | Next Page >