Search Results

Search found 3101 results on 125 pages for 'packet filtering'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 74/125 | < Previous Page | 70 71 72 73 74 75 76 77 78 79 80 81  | Next Page >

  • Title: Better logging for cronjob output

    - by Stefan Lasiewski
    I am looking for a better way to log cronjobs. Most cronjobs tend to spam email or the console, get ignored, or create yet another logfile. In this case, I have a Nagios NSCA script which sends data to a central Nagios sever. This send_nsca script also prints a single status line to STDOUT, indicating success or failure. 0 * * * * root /usr/local/nagios/sbin/nsca_check_disk This emails the following message to root@localhost, which is then forwarded to my team of sysadmins. Spam. forwarded nsca_check_disk: 1 data packet(s) sent to host successfully. I'm looking for a log method which: Doesn't spam the messages to email or the console Don't create yet another krufty logfile which requires cleanup months or years later. Capture the log information somewhere, so it can be viewed later if desired. Works on most unixes Fits into an existing log infrastructure. Uses common syslog conventions like 'facility' Some of these are third party scripts, and don't always do logging internally.

    Read the article

  • ASA 5540 v8.4(3) vpn to ASA 5505 v8.2(5), tunnel up but I cant ping from 5505 to IP on other side

    - by user223833
    I am having problems pinging from a 5505(remote) to IP 10.160.70.10 in the network behind the 5540(HQ side). 5505 inside IP: 10.56.0.1 Out: 71.43.109.226 5540 Inside: 10.1.0.8 out: 64.129.214.27 I Can ping from 5540 to 5505 inside 10.56.0.1. I also ran ASDM packet tracer in both directions, it is ok from 5540 to 5505, but drops the packet from 5505 to 5540. It gets through the ACL and dies at the NAT. Here is the 5505 config, I am sure it is something simple I am missing. ASA Version 8.2(5) ! hostname ASA-CITYSOUTHDEPOT domain-name rngint.net names ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! interface Vlan1 nameif inside security-level 100 ip address 10.56.0.1 255.255.0.0 ! interface Vlan2 nameif outside security-level 0 ip address 71.43.109.226 255.255.255.252 ! banner motd ***ASA-CITYSOUTHDEPOT*** banner asdm CITY SOUTH DEPOT ASA5505 ftp mode passive clock timezone EST -5 clock summer-time EDT recurring dns server-group DefaultDNS domain-name rngint.net access-list outside_1_cryptomap extended permit ip host 71.43.109.226 host 10.1.0.125 access-list outside_1_cryptomap extended permit ip 10.56.0.0 255.255.0.0 10.0.0.0 255.0.0.0 access-list outside_1_cryptomap extended permit ip 10.56.0.0 255.255.0.0 10.106.70.0 255.255.255.0 access-list outside_1_cryptomap extended permit ip 10.56.0.0 255.255.0.0 10.106.130.0 255.255.255.0 access-list outside_1_cryptomap extended permit ip host 71.43.109.226 host 10.160.70.10 access-list inside_nat0_outbound extended permit ip host 71.43.109.226 host 10.1.0.125 access-list inside_nat0_outbound extended permit ip 10.56.0.0 255.255.0.0 10.0.0.0 255.0.0.0 access-list inside_nat0_outbound extended permit ip 10.56.0.0 255.255.0.0 10.106.130.0 255.255.255.0 access-list inside_nat0_outbound extended permit ip 10.56.0.0 255.255.0.0 10.106.70.0 255.255.255.0 access-list inside_nat0_outbound extended permit ip host 71.43.109.226 10.106.70.0 255.255.255.0 pager lines 24 logging enable logging buffer-size 25000 logging buffered informational logging asdm warnings mtu inside 1500 mtu outside 1500 icmp unreachable rate-limit 1 burst-size 1 icmp permit any inside no asdm history enable arp timeout 14400 global (outside) 1 interface nat (inside) 0 access-list inside_nat0_outbound nat (inside) 1 0.0.0.0 0.0.0.0 route outside 0.0.0.0 0.0.0.0 71.43.109.225 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 timeout floating-conn 0:00:00 dynamic-access-policy-record DfltAccessPolicy aaa-server TACACS+ protocol tacacs+ aaa-server TACACS+ (inside) host 10.106.70.36 key ***** aaa authentication http console LOCAL aaa authentication ssh console LOCAL aaa authorization exec authentication-server http server enable http 192.168.1.0 255.255.255.0 inside http 10.0.0.0 255.0.0.0 inside http 0.0.0.0 0.0.0.0 outside snmp-server host inside 10.106.70.7 community ***** no snmp-server location no snmp-server contact snmp-server community ***** snmp-server enable traps snmp authentication linkup linkdown coldstart crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto map outside_map 1 match address outside_1_cryptomap crypto map outside_map 1 set pfs group1 crypto map outside_map 1 set peer 64.129.214.27 crypto map outside_map 1 set transform-set ESP-3DES-SHA crypto map outside_map interface outside crypto isakmp enable outside crypto isakmp policy 1 authentication pre-share encryption des hash md5 group 2 lifetime 86400 telnet timeout 5 ssh 10.0.0.0 255.0.0.0 inside ssh 0.0.0.0 0.0.0.0 outside ssh timeout 5 console timeout 0 management-access inside dhcpd auto_config outside ! dhcpd address 10.56.0.100-10.56.0.121 inside dhcpd dns 10.1.0.125 interface inside dhcpd auto_config outside interface inside ! dhcprelay server 10.1.0.125 outside dhcprelay enable inside dhcprelay setroute inside dhcprelay timeout 60 threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept tftp-server inside 10.1.1.25 CITYSOUTHDEPOT-ASA-Confg webvpn tunnel-group 64.129.214.27 type ipsec-l2l tunnel-group 64.129.214.27 ipsec-attributes pre-shared-key ***** ! ! prompt hostname context

    Read the article

  • OpenVPN on port 53

    - by TossUser
    I have an openvpn server setup on UDP port 53 on a public IP. All the connecting clients gets pushed external DNS servers such as 8.8.8.8 and opendns. Sometimes the resolution stops working on the connected vpn clients and I get strange packets in the openvpn log. Now my question is why is that? When a VPN client, let's say 192.168.1.22 does a DNS query that query should go to 8.8.8.8:53 and then an UDP response packet should be sent back to 192.168.1.22 on a high UDP port. Any ideas? Thanks

    Read the article

  • Troubles doing transparent proxy for virtual machines

    - by Dan H
    Hi iptables gurus. First here is the basic topology: Internet | Gateway | Workstation---eth0---virbr0 | +-----+-----+ | | | vm1 vm2 vm3 I need to test a traffic analyzer running on my workstation, listening on some port (say 8990) on eth0. The rule [I think] I want is "any packets leaving virbr0 going anywhere to port 80 must instead go to port 8990 on eth0". My software running on port 8990 does its own check of the NAT packet mangling to push the packets through after it inspects them. I've been banging my head on this, with different variants of: iptables -t nat -A PREROUTING -i virbr0 -p tcp --dport 80 -j DNAT \ --to 10.0.0.10:8990 And I've tried the more generic method of using the mangle table with --set-mark and ip rule add fwmark, but I'm not getting it. I guess what's confusing me is that everything runs on the same box. Thanks for any guidance.

    Read the article

  • Copy only remaining rows after filter to new Excel Workbook

    - by Joel Coehoorn
    I have an Excel file with an external data connection set up. It pulls data in directly from a database, and gives us about 450 rows. The header row allows us to filter the data in the sheet, and we use this as a general purpose tool... I will use the filters to narrow down what I'm looking at based on criteria that change depending on the circumstance. Often, after filtering the data, I want to send just the filtered records to another person. I'd like to copy/paste just the remaining rows into a new Workbook to send via e-mail. Unfortunately, this doesn't work. When I paste the data, it still pastes all the data. The filtered rows are still in the workbook... they're just hidden. I want them gone from the new file completely. How can I do this?

    Read the article

  • Why do people tell me not to use VLANs for security?

    - by jtnire
    Hi Everyone, As per title, why do people tell me not to use VLANs for security purposes? I have a network, where a have a couple of VLANS. There is a firewall between the 2 VLANs. I am using HP Procurve switches and have made sure that switch-to-switch links accept tagged frames only and that host ports don't accept tagged frames (They are not "VLAN Aware"). I've also made sure that the native VLAN (PVID) of the trunk links are not the same as either of the 2 host VLANs. I've also enabled "Ingress Filtering". Furthermore, I've made sure that host ports are only members of a single VLAN, which is the same as the PVID of the respective port. The only ports which are members of multiple VLANs are the trunk ports. Can someone please explain to me why the above isn't secure? I believe I've addressed the double tagging issue.. Thanks

    Read the article

  • Manually forcing TCP connection to retry

    - by Vi
    I have a TCP connection (SSH session to some computer for example) Network suddenly goes down and drops all packets (disconnected cable, out of range). TCP resends packets again and again, retrying with increasing delays. I see the problem and plug the cable back (or restore network somehow). TCP connection finally successfully resends some packet and continues. The problem is that I need to wait for a some timeout on point 5. I want to use my opened SSH session now and not wait for 5-10 seconds until it finds out that connection is working again. How to force all TCP connections to resend data without now in GNU/Linux?

    Read the article

  • Does anyone know of a inexpensive NAT router that has the ability to limit access to the Internet to

    - by Corey
    Does anyone know of a inexpensive NAT router that has the ability to limit access to the Internet to a specific MAC address? I know the Linksys routers have a MAC filtering feature, but it is the opposite of what I need. It allows you to block access to a specific MAC address. I need something that will block all, but allow an exception. I'm dealing with some VOIP issues in my company's network, and I think the answer is to have a separate router on the network for my PBX to use. I want to make sure that other nodes are not allowed to access the Internet via this second router.

    Read the article

  • how to communicate in typical router switch router scenario?

    - by Kossel
    I'm learning routing using packet tracer simulation and I think this is a very commun scenario: let's say pc4 is the server... why I can't ping from PC1 to 192.168.2.253 (router1) but I can ping 192.168.2.2 (pc0) aren't they the same subnet? what am I missing or have to do in order to reach pc4? (192.168.100.254) from pc 1 (192.168.1.1) is there something like "default gateway" for router? thanks for advice PS: during the simulation it shows error "The routing table does not have a route to the destination IP address. The router drops the packe (from 192.168.2.253 to 192.168.1.1)"

    Read the article

  • Firewall blocks FTP PASV response

    - by harper
    I have an FTP server that supports passive server mode (using PASV command). This works fine with Windows XP. When I want to access this server from Windows Vista or Windows 7 with firewall enabled I experience an immediate connection shutdown. A reset packet is sent to the server, and the socket is signaled that the server has reset the connection (which is not true). The problem disappears when the firewall is disabled. Connections to other FTP servers work correctly. The difference is that the server's response to PASV does not enclose the address field with parentheses. This is legal as documented in RFC-959 and RFC-1132. How can I configure the firewall to stop this bad behavior?

    Read the article

  • Improving sound quality with remote ESD server

    - by cuu508
    Hi, I'm investigating low-budget ways to get audio from my PC (Ubuntu) to HiFi without wires. I'm currently testing a setup where Asus WL-500gP wireless router runs ESD daemon and has attached USB soundcard which is then plugged into HiFi. I'm testing playback on PC with mpg123-esd and Spotify under Wine. The sound is there, latency is unexpectedly low, but I also hear occassional clicks and some distortion from time to time. I suppose that's because of the low latency and wireless streaming of uncompressed audio--any packet drops, CPU temporarily being busy etc. will cause clicks in sound output. Is there a way around this problem, increasing latency / buffer size somehow perhaps? Streaming using shoutcast protocol seems to be a way out but I have feeling that would be a complex and brittle setup.

    Read the article

  • Is PO Box on resume to get a call okay?

    - by sanksjaya
    Hello folks! Personally I've applied to quiet a handful of IT admin jobs inside my state and to the ones that are way far away. The sad part is I never miss to get an interview with the jobs in my state, but get a call once in a blue moon from jobs out of my state. Note: All the jobs are of similar nature. Recently one of my friends told me that "Applicants with local addresses are the ones that are even looked upon". How true is this? Does filtering take place at address level before qualifications? Is using a PO box on resume acceptable [one for each state like CA, TX, VA]? Any other suggestions to get calls from out of state? Thank you :) [wiki]

    Read the article

  • Filter tagged threads in Thunderbird

    - by Let_Me_Be
    I have a big issue with Thunderbird, I need to process a lot of emails coming from request tracking system. Since only few of those apply to me personally, I tag these threads with appropriate tags. The issue now is that I would like to filter out threads, that do apply to me and those that I haven't tagged yet. I'm unable to do this, because new emails keep arriving into the already existing threads, and of course, these new emails don't get the tags. Basically I would need some sort of filtering rule, that would apply not to a specific message, but the master message in the thread. Is there some possibility to create such filters, or is there some other facility, that would allow me to do the same? Tags are great, since they are actually saved into the messages and correctly sync across multiple machines when using IMAP.

    Read the article

  • Encrypting absolutely everything, even within the LAN

    - by chris_l
    Has anybody tried that approach already? I'm really considering it: Instead of relying on network based IDS etc., every packet must use encryption which was initiated by a certificate issued by my own CA. Every client gets a unique client certificate Every server gets a unique server certificate Every service additionally requires to login. Both SSL and SSH would be ok. Access to the internet would be done via an SSL tunnel to the gateway. Is it feasible? Does it create practical problems? How could it be done and enforced? What do you think?

    Read the article

  • Apache Tomcat - Responding for IP However Not for Domain

    - by user3322152
    I have just started setting up a VPS. I installed Tomcat to deploy some test applications on. The problem I am having is the following. An 'A' record has been setup for my website's primary domain as vps.mydomain.com. This is resolving fine for SSH and TS3. When it comes to Tomcat, using vps.mydomain.com:8080 does not result in the default landing page. However, 111.222.333.444:8080 does load the default Tomcat page. I read through the manual and within the server.xml added an Alias; this however has not had any effect. Is there any trickery required in order to get Tomcat to serve my applications or is this likely to be some kind of filtering mechanism for requests placed upon me by my hosting provider?

    Read the article

  • Logins with only HTTP - are they as insecure as I'm thinking?

    - by JoeCool1986
    Recently I was thinking about how websites like gmail and amazon use HTTPS during the login process when accessing your account. This makes sense, obviously, since you're typing in your account username and password and you would want that to be secure. However, on Facebook, among countless other websites, their logins are done with simple HTTP. Doesn't that mean that my login name and password are completely unencrypted? Which, even worse, means that all those people who login to their facebooks (or similar sites) at a wifi hotspot in public are susceptible to anyone getting their credentials using a simple packet sniffer (or something similar)? Is it really that easy? Or am I misunderstanding internet security? I'm a software engineer working on some web related stuff, and although at the current time I'm not too involved with the security aspect of our software, I knew I should probably know the answer to this question, since it's extremely fundamental to website security. Thanks!

    Read the article

  • In Wireshark's Protocol Hierarchy Statistics screen, is the total byte count of a capture the sum of the Bytes column or just the top line (Frame)?

    - by Howiecamp
    Part 1 - I'm looking at Wireshark's Protocol Hierarchy Statistics screen (sample below), is the total byte count of the capture the sum of the Bytes column or just the top line (Frame)? I'm 99% that it's the latter because of protocol rollup but I wanted to conform. Part 2 - From Wireshark documentation on this screen, "Protocol layers can consist of packets that won't contain any higher layer protocol, so the sum of all higher layer packets may not sum up to the protocols packet count. Example: In the screenshot TCP has 85,83% but the sum of the subprotocols (HTTP, ...) is much less. This may be caused by TCP protocol overhead, e.g. TCP ACK packets won't be counted as packets of the higher layer)." Can you explain this?

    Read the article

  • Searching for online database software/cms

    - by ButterdBread
    I am searching for a software or CMS that manages and displays large online databases, as some kind of frontend to MySQL or any other database. It should be accessible through the browser, be as secure as possible (offering login). The data I'd like to store would be personal information such as name, adress and birthday - also I'd need to be able to add custom fields as well. Also forms and the possibility to download the data in an excel? table would be great. PHPmyadmin is not an option, it should be similar to a CRM but more closely adapted to managing database tables, searching for entries and filtering data. It should be possible to have many user accounts with different rights, with each of them being able to acces certain parts of the data and entering own data. Is there something out there, that might get close to what I imagine? I appreciate any help!

    Read the article

  • How to retrieve connection details of CheckPoint SSL Network Extender?

    - by amoe
    My workplace uses a Java-based VPN tool named CheckPoint SSL Network Extender. I would like to configure the VPN connection myself using stock OS tools, because I find the applet to be rather unstable. How would I go about getting all of the connection details needed to manually connect to the VPN? My workplace only supports the official client. When I am connected with the Java applet, if I run ipconfig /all I can see that a hidden network connection is created named Check Point Virtual Network Adapter For SSL Network Extender - Packet Scheduler Miniport. I can see the various IP and DNS details there as well. However, because I need to log in to the applet-based tool, I presume I need to export some kind of key in order to use OS tools to configure this. Is this even possible? Answers for any OS are great although I am using Windows XP to test, and also want to use Linux clients.

    Read the article

  • LAN full of public ipv4 addresses - How to filter it?

    - by sparc86
    The answer to my question maybe is not that hard but anyways, I do not know what to do. So, I just got in a new job in a Univerisity and I found out that the network (the LAN) is full of public IP addresses. Seriously, the whole LAN (probably more than 150 hosts) has it' own internet IP address and I don't know how to manage it. I have a very good experience using iptables (Linux firewall) in a NAT'ed environment. But then how should I proceed in an environment where all my LAN is working with a bunch of public IP addresses? Should I just use the "forward" rules and ignore the NAT rules or is there any other issue in such environment which I should take care? Can I add a firewall between the router and the LAN in order to produce packet filtering for these public IP addresses in my LAN or will this just not work? Thanks!

    Read the article

  • Route using certain IP address

    - by spa
    I have a server with two public IPs. Both IPs are added to eth0 using ip addr add. Now I'd like to contact a server which uses IP address filtering. Only requests are allowed which use the second IP address. Is there are way to set this up using the standard route command in Linux? I guess that's not the case. So the only solution I see right now: Setup a virtual device let's say eth0:0 and bind the second IP address to it. Then I can reference the device in the route command. Edit: I can't use the second IP as primary one easily as this IP is used as failover IP.

    Read the article

  • How do I connect my Samsung 6 Series TV to network through a proxy?

    - by JGC
    I have a Samsung 6 series LCD TV which can connect to internet by LAN. When I connect my TV to my Windows 7 laptop which get its internet from AS share it, it can connect to the Internet. My TV can connect to YouTube, but in my country this site is filtered. I want to use an antifilter(proxy) program to bypass the filtering. The problem is the TV does not recognize the proxy port or program. How can I configure the TV or the network to use the proxy?

    Read the article

  • Can OpenVPN be set up so the server doesn't have interface that is part of the VPN?

    - by BCS
    I'm looking to set up a VPN (OpenVPN is my first choice but I'm not stuck with it) in such a way that the server that hosts the VPN is not visible from within the VPN. That is; any packet that a client sends via the VPN interface will get delivered to another client's VPN interface or get dropped. In the other direction, the server shouldn't have a VPN interface at all and normal network operations shouldn't be able to send packets on the network. Can this be done? All the docs I have found have assumed that clients will connect via DHCP (this requiring that the server connect at least to that extent) but I can't think of any reason that a VPN couldn't use static IP's or that the DHCP server couldn't be implemented inside the VPN (see edit) server without setting up a VPN interface on the server. Edit: Based on the link on bridged mode from Phil Hollenback's answer it seems that OpenVPN does in fact have the "internal DHCP server" that I'm thinking of.

    Read the article

  • Filemaker show total from related table

    - by Mr_Chimp
    I have a bit of experience with Access and SQL but I'm new to Filemaker. I have a layout which shows a list of projects. One of the fields I want it to show is "total amount of paid invoices up to the end of the last financial year". The invoices are stored on another table so I will need to pick from this table all records where "project id" = "project id" (this is set up as a relationship between the tables) and also "invoice is paid" = yes AND "date invoice paid" < start of last financial year. My question is how do I go about getting and showing that data? I can get a total easily enough, it's filtering out these specific rows that I'm having trouble with. I'm guessing there's an easy solution...

    Read the article

  • How to run wireshark on the background without the GUI?

    - by user60968
    Hello everybody, I am trying to run Wireshark on Mac OS X, on the background. I did install the command line utilities, and so I am able to start wireshark and capture packet using the command line. The only thing I want now is to run it on the background, without even having the X11 icon on the task bar and see the window of wireshark. I believe it is possible but can't find anything on the doc of Wireshark. Maybe another way would be to find a trick to hide an icon on Mac OS X... If anybody already did that or have an idea... Thank you Please excuse my English which is not perfect at all

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 70 71 72 73 74 75 76 77 78 79 80 81  | Next Page >