Search Results

Search found 4509 results on 181 pages for 'scope chain'.

Page 96/181 | < Previous Page | 92 93 94 95 96 97 98 99 100 101 102 103 | Next Page >

Create and use intermediate certificate authority on Windows Server 2012?

- by Sid

Background: Server OS is Windows Server 2012. GUI is installed as we come upto speed with powershell. Setup is staging, not production (yet). We have our (internal, domain limited) Root CA installed. I would like to take the Root CA offline to secure storage but before that I'd like to setup an intermediate CA which can take over actual live, online (int-RA-net) functionality Can someone guide me covering: creating the intermediate CA certificate request installing the intermediate CA certificate on domain controller (certification authority role already installed with Root CA online right now) use the intermediate CA to generate a certificate (any use certificate, just for demonstration purposes) Obviously this certification chain would be invalid on computers outside our domain (self trusted root - our root certificate is NOT from common 3rd parties). This last point is NOT a problem.

Read the article
Does a portable secondary laptop LCD monitor exist?

- by Dougnukem

I'm looking to buy a portable secondary LCD monitor for my Macbook Pro, does anything like that exist? I found some laptops that provide a dual 15'' monitor solution (but it's already baked into the hardware). Also some ideas posted about creating this type of setup back in 2007. I'm looking for something that is as thin as a laptop LCD (with maybe a bulky power supply that I could easily daisy chain or plug into a power strip along with my laptop). How difficult would it be to buy a 17'' laptop screen and hook up a DVI connector and power supply, and build a simple monitor stand for it? I've gotten to used to a dual-monitor setup at work and at home with my laptop that having to use my laptop in single-screen mode makes me feel crippled.

Read the article
Can't connect to samba using openVPN

- by Arthur

I'm fairly new to using VPN. For a home project I'm running a OpenVPN server. This server runs within a network 192.168.2.0 and subnet 255.255.255.0 I can connect to this net work using the ip range 5.5.0.0 I guess the subnet is 255.255.255.192, but I'm not really sure about that. When connecting to my VPN network I can access the server via 5.5.0.1 and I can see the samba shares created on that machine. However I'm not allowed to connect to the samba share. When I look at the samba log of the computer which tries to connect I can see these messages: lib/access.c:338(allow_access) Denied connection from 5.5.0.132 (5.5.0.132) These are the share definition in /etc/samba/smb.conf interfaces = 192.168.2.0/32 5.5.0.0/24 security = user # wins-support = no # wins-server = w.x.y.z. // A LOT OF MORE SETTINGS AND COMMENTS hosts allow = 127.0.0.1 192.168.2.0/24 5.5.0.132/24 hosts deny = 0.0.0.0/0 browseable = yes path = [path to share] directory mask = 0755 force create mode = 0755 valid users = [a valid user, which i use to login with] writeable = yes force group = [the group i force to write with] force user = [the user i force to write with] This is the output of the ifconfig command as0t0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:5.5.0.1 P-t-P:5.5.0.1 Mask:255.255.255.192 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:200 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) as0t1 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:5.5.0.65 P-t-P:5.5.0.65 Mask:255.255.255.192 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:200 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) as0t2 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:5.5.0.129 P-t-P:5.5.0.129 Mask:255.255.255.192 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:xxxx errors:0 dropped:0 overruns:0 frame:0 TX packets:xxxx errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:200 RX bytes:xxxx (xxxx MB) TX bytes:12403514 (xxxx MB) as0t3 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:5.5.0.193 P-t-P:5.5.0.193 Mask:255.255.255.192 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:7041 errors:0 dropped:0 overruns:0 frame:0 TX packets:9797 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:200 RX bytes:xxxx (xxxx KB) TX bytes:xxxx (xxxx MB) eth1 Link encap:Ethernet HWaddr 00:0e:2e:61:78:21 inet addr:192.168.2.100 Bcast:192.168.2.255 Mask:255.255.255.0 inet6 addr: xxxx:xxxx:xxxx:xxxx:7821/64 Scope:Link UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 RX packets:xxxx errors:0 dropped:0 overruns:0 frame:0 TX packets:xxxx errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:xxxx (xxxx MB) TX bytes:xxxx (xxxx MB) Interrupt:16 Base address:0x6000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:xxxx errors:0 dropped:0 overruns:0 frame:0 TX packets:xxxx errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:xxxx (xxxx MB) TX bytes:xxxx (xxxx MB) Can anyone tell me what is going wrong? My server is running Ubuntu 12.04 LTS

Read the article
iptables NAT configuration

- by Sarp Kaya

Hello I am experiencing some issues with my iptables. Here's what I want to do: A(eth0)--------(eth0)B(eth2)---------------(eth2)C Brackets are interface names A,B and C are hosts. Now I would like to forward port number 80 of host C so that It would be accessed via host A. host A is 192.168.1.254 host C is 192.168.3.2 I intentionally ACCEPTed all FILTER chain options as the default policy because I wanted to make sure that NAT is working properly first. I enabled ip_forward. So here's what I have done: sudo iptables -A PREROUTING -t nat -p tcp - d 192.168.1.254 -j DNAT --to 192.168.3.2 However it is not working. What am I missing here?

Read the article
Handling FreeBSD package upgrades using pkg_add

- by larsks

I'm trying to use FreeBSD's pkg_add command to install and upgrade binary packages in a build-once-install-on-multiple-machines sort of scenario. It works well when installing a new package, but upgrades are baffling me. For example, if I want to upgrade a package that is depended on by another package, I can't just install it: # pkg_add /path/to/somepackage-2.0.tbz pkg_add: package 'somepackage' or its older version already installed At this point, I can delete the older version of the package if I pass -f to the pkg_delete command: # pkg_delete -f somepackage-1.0 pkg_delete: package 'somepackage-1.0' is required by these other packages and may not be deinstalled (but I'll delete it anyway): anotherpackage-1.0 But...and this is the killer...now the dependency information is gone! I can install the upgrade: # pkg_add /path/to/somepackage-2.0.tbz And now attempts to delete it will succeed without any errors: # pkg_delete somepackage-2.0 How do I handle this gracefully (whereby "gracefully" means "in a fashion that preserves dependency information without requiring me to rebuild/reinstall and entire dependency chain"). Thanks!

Read the article
Unable to log iptables

- by ActuatedCrayon

I'm having trouble getting iptables to log to any file. My iptables looks like: Chain INPUT (policy ACCEPT 1366 packets, 433582 bytes) pkts bytes target prot opt in out source destination 869 60656 LOG icmp -- venet0 * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 7 Syslogd is the only log helper running. The default syslog.conf didn't work, so I tried adding "kern.=debug -/var/log/iptables.log". But the file already has "kern.* -/var/log/kern.log". There are recent syslog entries, so it's not a permissions thing. I'm running Ubuntu 12.04.1 with 2.6.32-042stab061.2

Read the article
Connect using sqlplus to db server through multiple tunnels

- by Samuel Lindblom

I would like to create an SQL Developer connection to a database through a couple of tunnels. The steps right now are: Connect to server A - connect to server B - run sqlplus against tnsname on a server that I do not have ssh access to. Is there an easy way of using SQL Developer instead of sqlplus? I have read through 20 articles on the subject and still have no idea how to actually make the connection. I understand that you can chain ssh -L commands to get the server connection, but I don't know how to use that connection in SQL Developer.

Read the article
SSL Certificate Stops Working after Server Reboot on IIS7, W2K8

- by Zac

We recently upgraded from W2K3/IIS6 to W2K8/IIS7 and have been having problems with our SSL Certificate (Thawte 123 SSL certificate) ceasing to work after rebooting. Initially, the intermediate certificates would stop working and we could repair the problem by reinstalling all of them after the reboot (annoying, but not the end of the world). Unfortunately, this is no longer working. The certificate chain has been doublechecked by several tools and people with decent knowledge but no one has been able to identify the cause of the problem. The bindings in IIS have been checked as well The cert itself is also still valid. NOTE 1: I have seen THIS question which seems to be very similar, but there is no satisfactory answer in that post and it's a year old so not likely to get one any time soon. NOTE 2: I'm asking this on behalf of a co-worker so won't be able to provide instant feedback to any questions/suggestions but I will pass it on. The url is: http://www.flirtalike.com / https://www.flirtalike.com Screenshots:

Read the article
Test tomcat for ssl renegotiation vulnerability

- by Jim

How can I test if my server is vulnerable for SSL renegotiation? I tried the following (using OpenSSL 0.9.8j-fips 07 Jan 2009: openssl s_client -connect 10.2.10.54:443 I see it connects, it brings the certificate chain, it shows the server certificate, and last: SSL handshake has read 2275 bytes and written 465 bytes --- New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA Server public key is 1024 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : DHE-RSA-AES256-SHA Session-ID: 50B4839724D2A1E7C515EB056FF4C0E57211B1D35253412053534C4A20202020 Session-ID-ctx: Master-Key: 7BC673D771D05599272E120D66477D44A2AF4CC83490CB3FDDCF62CB3FE67ECD051D6A3E9F143AE7C1BA39D0BF3510D4 Key-Arg : None Start Time: 1354008417 Timeout : 300 (sec) Verify return code: 21 (unable to verify the first certificate) What does Secure Renegotiation IS supported mean? That SSL renegotiation is allowed? Then I did but did not get an exception or get the certificate again: verify error:num=20:unable to get local issuer certificate verify return:1 verify error:num=27:certificate not trusted verify return:1 verify error:num=21:unable to verify the first certificate verify return:1 HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Content-Type: text/html;charset=ISO-8859-1 Content-Length: 174 Date: Tue, 27 Nov 2012 09:13:14 GMT Connection: close So is the server vulnerable to SSL renegotiation or not?

Read the article
IIS7 Not sending Intermediate SSL Certificate

- by nullabletype

We have a GlobalSign Domain certificate for our domain. I've installed the certificate into IIS and added the GlobalSign Domain Intermediate certificate to the Intermediate certification authorities for the local computer It seems that IIS is not sending through the intermediate certificate (causing an error in firefox), just the domain certificate. I've verified this with OpenSSL and also various websites including GlobalSign's own health checker. Looking In IIS, I can follow through the chain and each certificate is "ok", without the option to install any indicating they already are. Any ideas on what may be wrong?

Read the article
How do I force a specific MTU for only certain TCP ports?

- by Dave S.

Background I have a set of embedded hardware deployed in the field. These remote machines connect back to my servers at AWS running Ubuntu and I use the iptables mangle chain to lower the MTU to 500 so these devices are happy. For reference, this is the iptables rule I am using: -A POSTROUTING -p tcp --sport 12345 --tcp-flags SYN,RST SYN -o eth0 -j TCPMSS --set-mss 500 Current Problem I'm trying to spin up some servers on the Joyent Cloud using SmartOS, but I can't find any information on selectively changing the MTU like I can on Linux (e.g. all info I've found is on changing it globally, which is not what I want). How would I do it so that all connections on TCP port 12345 get the MTU I want?

Read the article
Delete temporary files from batch script in xp

- by Keith Bentrup

I'm looking for a good batch script that would quickly find & clean all the known safe temporary folders/files from Windows (as many variants as possible) machines (e.g. the windows temp folder, all users IE temp folders, etc.). I'm fond of UI tools like CCleaner (over Cleanmgr.exe), but when I'm trying to clean several computers quickly and/or with minimal involvement, it would be nice to have a script. Plus with a script, I could chain several scripts together. Maybe one to then fire up various antivirus and/or malware detectors. Anyone have a good one or can point to a good resource?

Read the article
Quick change of SSH tunnel port forwarding options for SOCKS proxy

- by user1335897

The goal is to have access to internet thru SSH tunneling to SOCKS proxy. Me - ssh-on-my-vps - SOCKS proxy - internet Thing is I want to be able to quickly change the SOCKS proxy in this chain. If I use port forwarding on ssh, I assume I have to re-establish SSH tunnel with new SOCKS proxy address in parameters whenever I want to change proxy. Is that right? If it is, then I probably should always point SSH tunnel to localhost listening proxy server which will send requests to specified SOCKS proxy. So what local proxy I should choose that allows to easily change the destination SOCKS proxy via maybe reading from local file where I would put the SOCKS proxy address or via specifying new SOCKS address in its web-admin page?

Read the article
Is it possible to limit output bandwidth between eth0 and lo?

- by mmcbro

I'm trying to limit the bandwidth between my eth0 output (nginx proxy) to my loopback inteface (apache) by filtering on destination port. Incoming Packet -> Eth0 -> 0.0.0.0:80 Nginx -> tc qdisc class/iptable mangle 2525port -> 127.0.0.1:2525 Apache I don't know if it's even possible I'm just experimenting. My rules are the followings : tc qdisc add dev eth0 root handle 1:0 htb tc class add dev eth0 parent 1:0 classid 1:10 htb rate 2mbps ceil 2mbps prio 0 tc filter add dev eth0 parent 1:0 prio 0 protocol ip handle 10 fw flowid 1:10 iptables -A OUTPUT -t mangle -p tcp --dport 2525 -j MARK --set-mark 10 I also tried to with FORWARD chain but its still the same.

Read the article
Nice way to show Powerpoints and Video

- by kamikatze

I'm looking for a sleek way to display Powerpoint presentations and video footage in sequence. Embedding video in .ppsx is not something i want to do, reasons are plenty (video footage being VC-1 1080p would be the first). Is there a media player (needs to run on win32) capable of playing both formats? My hackish way of doing this would be a .cmd with powerpnt.exe bobloblaw.ppsx mplayer.exe -fs video.wmv pwoerpnt.exe whitepowerbill.ppsx and so on Of course, this has a lots an lots of drawbacks, including begin really hard to break out of the chain :) Thanks a lot.

Read the article
ssh: which side is running the SOCKS proxy?

- by Barry Brown

When I set up a tunnel using dynamic forwarding (ssh -D), which side is running the SOCKS proxy? That is, is the proxy running on the local end (client) or the remote end (server)? Here's the situation: I want to set up several tunnels chained together using -L. Should the -D tunnel be the last one in the chain or the first one? Edit: I found the answer to the second paragraph on Super User (the -D tunnel should be at the remotest end). But I'd still like to know where the proxy code is running.

Read the article
What could be the maximum number of hosts on a 100BaseTX ethernet network ?

- by snowflake

Hello, I'm having two ip networks (192.168.1.x and 192.168.2.x) bridged on a server, but all hosts (fixed IPs) are on the same physical 100BaseTX ethernet (with a daisy chain of 48ports switchs). Often, I loose link between the server and hosts of the second network. Usually if I reboot the host, the connection work again, and if I force connection to be active, the connection keep alive until I ping after a while without active connection. I'm wondering how many hosts can be connected on the same network without troubles, and eventually how many switches can be daisy chained ? I suppose maximum length between hosts to be 100meters to the hub or 200meters between extremity of the network. Somebody is suggesting 8 switches here : http://www.tek-tips.com/viewthread.cfm?qid=1137879&page=12 Any comments on how to find a solution to the problem and not answering directly to the question are welcomed!

Read the article
What is the largest flatscreen monitor available for PC use?

- by Avery Payne

I'll qualify this specifically (by order of preference): must have the highest diagonal measurement, widescreen or "normal" aspect ratio doesn't matter here, just the diagonal. must have the highest resolution available, which means 72 inches of 1280x1024 won't cut it. must not have a TV tuner built into it, I'm not looking for a TV set, this is a monitor! must be available at a retail outlet that caters to the general public, i.e. Best Buy, Sears, Costco (all of these examples are in the U.S., although you can suggest something from whatever chain is in your area/nation/geography). Non-retail or non-physical venues like eBay, or businesses that only cater to other businesses, do not qualify under this requirement. I should be able to walk into this place and purchase it, not just whip up an order online. If you are unsure about this requirement, just ask yourself: can I physically see it before I open my wallet and purchase it?

Read the article
Transfered SSL Certificate to Rackspace Cloud Server - Occasional Errors

- by ngl5000

Okay, I recently tranfered my Comodo SSL certificate from my previous Bluehost account to my new rackspace cloud server. (LAMP stack) Basically I just copy pasted the server cert and key and checked to make sure it was properly installed which it was. Now I am running into some issues, occasionally I will hear from people that they are getting an 'Untrusted Connection Error' while others are not getting this error at all. Recently someone sent me a screen shot of their error and it said: This Certificate is not trusted because no issuer chain was provided. The browser they noticed this on was safari so I cleared all my history data in safari and opened the site but I am not seeing that error. Does anyone have any idea how to fix something like this? Thanks!

Read the article
Are the new Hewlett-Packard "Sandy Bridge"-based notebooks dispatched globally?

- by leladax

I'm currently trying to figure out why a European chain retailer is delaying a dv7 [remaining code number is not same with american]; it is listed in their site for several days and while ordered on Monday they still don't have it in their central storage. In an earlier call I was advised that since Intel announces the processor now it may start dispatching from the 6th. Is that true? Is HP obligated not to dispatch it before the 6th? (normally/legally or as a 'deal between gentlemen'). Does anyone know if HP dispatches normally dv7s now? Did they intentionally not dispatch them to retailers before the CES?

Read the article
Delete temporary files from batch script in xp

- by Keith Bentrup

I'm looking for a good batch script that would quickly find & clean all the known safe temporary folders/files from Windows (as many variants as possible) machines (e.g. the windows temp folder, all users IE temp folders, etc.). I'm fond of UI tools like CCleaner (over Cleanmgr.exe), but when I'm trying to clean several computers quickly and/or with minimal involvement, it would be nice to have a script. Plus with a script, I could chain several scripts together. Maybe one to then fire up various antivirus and/or malware detectors. Anyone have a good one or can point to a good resource?

Read the article
How do I change the canvas size of a PNG with ImageMagick (GraphicsMagick)? (How to pad with transparency?)

- by Pistos

Alternatively: How do I take a non-square PNG and "fill out" the "rest" of the image with transparency so that the resulting square image has the original image centered in the square? ULTIMATELY, what I want is to take any image of any GM-supported format of any size, and create a scaled-down PNG (say, 40 pixels maximum for either dimension), with aspect ratio maintained, transparency-padded for non-square original images, AND with an already-prepared 40x40 PNG transparency mask applied. I already know how to scale down and keep aspect ratio; I already have the command for applying my composite. My only missing piece is square-alizing non-square images (padding with transparency). Single command preferred; multi-command chain acceptable. (edit) Extra info: Here's the composite command I'm using: gm composite -compose copyopacity mask.png source-and-target.png source-and-target.png where mask.png has white pixels for what I want to keep of source-and-target.png and transparent pixels for what I want to remove (and become transparent) of source-and-target.png.

Read the article
Problem with Ctrl key on a hp 2510p

- by Ernelli

I have a tricky problem with my corporate Compaq hp 2510p, the ctrl key is not working properly at all times. I belive that it is hooked in some filter chain that processes certain ctrl+[key] combinations which is very annoying. I would like some pointers on how to proceed when analysing what application/setup can can cause this kind of keyboard filtering to happen. Anyway some more background info: Ctrl works together with X, C, V. Both in editors and terminals (Ctrl-C, Z etc) but Ctrl-Shift-Esc and Ctrl-Alt-Del does not work. Very annoying so my only option for logging in us using HP's security app. Shift-Arrow works for selecting text, but not Ctrl-shift arrow to select word by word, but Ctrl-Arrow works when moving the caret word by word. Now the strange thing is that everything works ok with an external USB keyboard so it might be the driver, but still, google yields 0 when searching for the problem description. I have vm-ware player installed (but not running it), HP Protect Tools installed, if any of these could affect the keyboard driver.

Read the article
How do I configure namecheap for "arbitrarily-nested" wildcard subdomains?

- by rabidsnail

I'm trying to set up something like nyud.net, where any arbitrary chain of subdomains resolves to the same CNAME record (which in my case points to an amazon elastic load balancer). Ex: www.gogle.com.nyud.net:8080 points to one of their cache servers, which looks at the HOST header and returns www.google.com. I'm using namecheap as my dns host. Adding a CNAME record for *.mydomain.com doesn't seem to do anything (nslookup gives NXDOMAIN for all subdomains). What do I have to do to set this up? Do I have to use something fancier than namecheap (like route53)?

Read the article
Install multiport module on iptables

- by tarteauxfraises

I'am trying to install "fail2ban" on Cubidebian, a Debian port for Cubieboard (A raspberry like board). The following rule failed due to "-m multiport --dports ssh" options (It works, when i run manually the command without multiple options). $ iptables -I INPUT -p tcp -m multiport --dports ssh -j fail2ban-ssh" iptables: No chain/target/match by that name. When i make a cat on "/proc/net/ip_tables_matches", i see that multiport module is not loaded: $ cat /proc/net/ip_tables_matches u32 time string statistic state owner pkttype mac limit helper connmark mark ah icmp socket socket quota2 policy length iprange ttl hashlimit ecn udplite udp tcp What can i do to compile or to enable the multiport module? Thanks in advance for your help

Read the article

< Previous Page | 92 93 94 95 96 97 98 99 100 101 102 103 | Next Page >