Search Results

Search found 57588 results on 2304 pages for 'jack desai@oracle com'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 964/2304 | < Previous Page | 960 961 962 963 964 965 966 967 968 969 970 971  | Next Page >

  • LAMP Server: (104) Connection reset by peer

    - by StephenM
    A user reported the following problem when attempting to visit www.airlinemogul.com. The requested URL could not be retrieved While trying to retrieve the URL: http://www.airlinemogul.com/airlinemogul/index.php The following error was encountered: * Read Error The system returned: (104) Connection reset by peer An error condition occurred while reading data from the network. Please retry your request. There are no other issues reported by any other users, so it may be an isolated issue. Could anyone give me any suggestions as to how I could investigate the problem further or find a solution? Thanks.

    Read the article

  • Need help identiying a nasty rootkit in Windows

    - by goofrider
    I have a nasty rootkit that not tools seem to be able to idenity. I know for sure it's a rootkit, but I can figure out which rootkit it is. Here's what I gathered so far: It creates multiple copies of itself in %HOME%\Local Settings\Temp with names like Q.EXE, IAJARZ.exe, etc., and install them as hidden services. These EXE have SysInternals identifiers in them so they're definitely rootkits. It hooked very deep in the system, including file read/write, security policies, registry read/write, and possibly WinSock/TCP/IP. When going to Sophos.com to download their software, the rootkit inject something called Microsoft Ajax Tootkit into the page, which injects code into the email submission form in order to redirect it. (EDIT: I might have panicked. Looks like Sophos does use an AJAZ email form, their form is just broken on Chrome so it looked like a mail form injection attack, the link is http://www.sophos.com/en-us/products/free-tools/virus-removal-tool/download.aspx ) Super-Antispyware found a lot of spyware cookies, in the name of .kaspersky.2o7.net, etc. (just chedk 2o7.net, looks like it's a legit ad company) I tried comparing DNS lookup from the infected systems and from system in other physical locations, no DNS redirections it seems. I used dd to copy the MBR and compared it with the MBR provided by ms-sys package, no differences so it's not infecting MBR. No antivirus or rootkit scanner be able to identify it. Most of them can't even find it. I tried scanning, in-situ (normal mode), in safe mode, and boot to linux live CD. Scanners used: Avast, Sophos anti rootkit, Kasersky TDSSKiller, GMER, RootkitRevealer, and many others. Kaspersky reported some unsigned system files that ought to be signed (e.g. tcpip.sys), and reported a number of MD5 mismatches. But otherwise couldn't identify anything based on signature. When running Sysinternal RootkitRevealer and Sophos AntiRootkit, CPU usage goes up to 100% and gets stucked. The Rootkit is blocking them. When trying running/installing HiJackThis, RootkitRevealer and some other scanners, it tells me system security policy prevent running/installing it. The list of malicious acitivities go on and on. here's a sample of logs from all my scans. In particular, aswSnx.SYS, apnenfno.sys and PROCMON20.SYS has a huge number of hooks. It's hard to tell if the rootkit replaced legit program files like aswSnx.SYS (from Avast) and PROCMON20.SYS (from Sysinternal Process Monitor). I can't find whether apnenfno.sys is from a legit program. Help to identify it is appreciated. Trend Micro RootkitBuster ------ [HIDDEN_REGISTRY][Hidden Reg Value]: KeyPath : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg Root : 586bfc0 SubKey : Cfg ValueName : g0 Data : 38 23 E8 D0 BF F2 2D 6F ... ValueType : 3 AccessType: 0 FullLength: 61 DataSize : 32 [HOOKED_SERVICE_API]: Service API : ZwCreateMutant Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS OriginalHandler : 0x8061758e CurrentHandler : 0xaa66cce8 ServiceNumber : 0x2b ModuleName : aswSnx.SYS SDTType : 0x0 [HOOKED_SERVICE_API]: Service API : ZwCreateThread Image Path : c:\windows\system32\drivers\apnenfno.sys OriginalHandler : 0x805d1038 CurrentHandler : 0xaa5f118c ServiceNumber : 0x35 ModuleName : apnenfno.sys SDTType : 0x0 [HOOKED_SERVICE_API]: Service API : ZwDeleteKey Image Path : C:\WINDOWS\system32\Drivers\PROCMON20.SYS OriginalHandler : 0x80624472 CurrentHandler : 0xa709b0f8 ServiceNumber : 0x3f ModuleName : PROCMON20.SYS SDTType : 0x0 HiJackThis ------ O23 - Service: JWAHQAGZ - Sysinternals - www.sysinternals.com - C:\DOCUME~1\jeff\LOCALS~1\Temp\JWAHQAGZ.exe O23 - Service: LHIJ - Sysinternals - www.sysinternals.com - C:\DOCUME~1\jeff\LOCALS~1\Temp\LHIJ.exe Kaspersky TDSSKiller ------ 21:05:58.0375 3936 C:\WINDOWS\system32\ati2sgag.exe - copied to quarantine 21:05:59.0217 3936 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:05:59.0342 3936 C:\WINDOWS\system32\BUFADPT.SYS - copied to quarantine 21:05:59.0856 3936 BUFADPT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:05:59.0965 3936 C:\Program Files\CrashPlan\CrashPlanService.exe - copied to quarantine 21:06:00.0152 3936 CrashPlanService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:00.0246 3936 C:\WINDOWS\system32\epmntdrv.sys - copied to quarantine 21:06:00.0433 3936 epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:00.0464 3936 C:\WINDOWS\system32\EuGdiDrv.sys - copied to quarantine 21:06:00.0526 3936 EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:00.0604 3936 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe - copied to quarantine 21:06:01.0181 3936 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0321 3936 C:\Program Files\AddinForUNCFAT\UNCFATDMS.exe - copied to quarantine 21:06:01.0430 3936 OTFSDMS ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0492 3936 C:\WINDOWS\system32\DRIVERS\tcpip.sys - copied to quarantine 21:06:01.0539 3936 Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0601 3936 C:\DOCUME~1\jeff\LOCALS~1\Temp\TULPUWOX.exe - copied to quarantine 21:06:01.0664 3936 HKLM\SYSTEM\ControlSet003\services\TULPUWOX - will be deleted on reboot 21:06:01.0664 3936 C:\DOCUME~1\jeff\LOCALS~1\Temp\TULPUWOX.exe - will be deleted on reboot 21:06:01.0664 3936 TULPUWOX ( UnsignedFile.Multi.Generic ) - User select action: Delete 21:06:01.0757 3936 C:\WINDOWS\system32\Drivers\usbaapl.sys - copied to quarantine 21:06:01.0866 3936 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0913 3936 C:\Program Files\VMware\VMware Player\vmware-authd.exe - copied to quarantine 21:06:02.0443 3936 VMAuthdService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:02.0443 3936 vmount2 ( UnsignedFile.Multi.Generic ) - skipped by user 21:06:02.0443 3936 vmount2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:06:02.0459 3936 vstor2 ( UnsignedFile.Multi.Generic ) - skipped by user 21:06:02.0459 3936 vstor2 ( UnsignedFile.Multi.Generic ) - User select action: Skip

    Read the article

  • postfix smtp relay script

    - by Peter Sander
    I have a Postfix server and using it with Outlook (POP/SMTP). I have different sender addresses for an account. Now I want to configure a relay for a specific sender address. For example I have postfix for my main domain domain1.com. Now I have a sender address that is domain2.com. For that sender address I want that postfix to relay mail to a second SMTP server. I think that should be possible without problems. But the problem is that I have to create a SSH tunnel to the second server to connect to the SMTP server. But I cant use a persistent SSH connection so I want to know if it is possible that postfix executes some script before relaying the mail to the second SMTP server. I already found some information for executing a script when incomming emails but I only want to establish the SSH tunnel before postfix relays the mail to the second SMTP server.

    Read the article

  • AWS RDS Timeout

    - by warder57
    I know next to nothing about networking/servers. So I'm assuming I'm missing something obvious. All of the resources I can find on this, either don't work or are outdated. I created a brand new AWS account on the free plan. I created a postgres RDS DB instance. I made sure that this RDS instance is set to publicly accessible. This RDS instance has the default VPC/Security Group settings. In order to connect to this DB from my local machine, I used pgadmin3 and followed the instructions provided on the AWS documentation page. Seen here: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ConnectToPostgreSQLInstance.html I've double checked all of the information required to connect: Host: whatever.whatever.us-west-2.rds.amazonaws.com Port: 5432 Username: USERNAME Password: PASSWORD When I try to connect to the database, my connection fails due to a timeout. (During step 4 in the above guide.) Can anyone point me to whatever I am missing? Thanks in advance

    Read the article

  • How to get HTTP preseed to work correctly on Ubuntu 10.04 LTS (Lucid)?

    - by netvope
    Installation media: ubuntu-10.04-desktop-i386.iso I tried a lot of different boot parameters, but either the installer ignored the preseed configuration, or it boot itself directly as LiveCD. An example of the boot parameters I've tried: auto url=http://mydomain.com/path/preseed.cfg boot=casper only-ubiquity initrd=/casper/initrd.lz quiet splash -- If I remove only-ubiquity, it boots as a LiveCD. If I remove boot=casper, it won't boot. If I add vga=normal locale=en_US console-setup/layoutcode=us console-setup/ask_detect=false interface=auto, it still can't do automatic install. If I remove auto, it's the same. What is the correct boot parameters for launching such an installation? From the apache log of the server hosting preseed.cfg, I see that the installer has no problems fetching the preseed file. My preseed file is almost identical to the one at https://help.ubuntu.com/10.04/installation-guide/example-preseed.txt. Moreover, I have run debconf-set-selections -c preseed.cfg to ensure that the preseed file is correct.

    Read the article

  • capistrano still asks for the 1st password even though I've set up an ssh key???

    - by Greg
    Hi, Background: I've setup an ssh key to avoid having to use passwords with capistrano per http://www.picky-ricky.com/2009/01/ssh-keys-with-capistrano.html. A basic ssh to my server does work fine without asking for passwords. I'm using "dreamhost.com" for hosting. Issue - When I run 'cap deploy' I still get asked for the 1st password (even through the previous 2nd and 3rd password requests are now automated). It is the capistrano command that start with "git clone - q ssh:....." for which the password is being requested. Question - Is there something I've missed? How can I get "cap deploy" totally passwordless? Some excerts from config/deploy.rb are: set :use_sudo, false ssh_options[:keys] = [File.join(ENV["HOME"], ".ssh", "id_rsa")] default_run_options[:pty] = true thanks PS. The permissions on the server are: drwx------ 2 mylogin pg840652 4096 2010-02-22 15:56 .ssh -rw------- 1 mylogin pg840652 404 2010-02-22 15:45 authorized_keys

    Read the article

  • Apache mod_proxy parameters

    - by mike
    Hi! I have a machine running Apache with mod_proxy that I'm using to proxy a local Tomcat server running on another port. The problem is that Tomcat does not support wildcard sub-domains(whole reason for using apache/mod_proxy) and our app uses the subdomain to figure out what account the data should come from. So with that said, is there a way to pass the subdomain as a url parameter via mod_proxy? For example, I have this: ProxyPass / http://example.com:8080/ In a virtual host block and I can access the site from any subdomain. Would is be possible to do something like: ProxyPass / http://example.com:8080/?subdomain=the_sub_domain_requested Thanks for any and all help... Mike

    Read the article

  • Rename Exchange Server 2003 Domain

    - by Debasish Pramanik
    Hi All: We have the following exchange server deployment Windows 2003 Server + Domain Controller + Exchange Server 2003 The domain name was X.COM. everything was working fine but due to some reason we need to rename the domain name to Y.COM. The rename of Domain went well but the rename of Exchange Server 2003 is having issues. When we run the XDR-Fixup we get the following error Operation failed: Could not get 'configurationNamingContext' on RootDSE of this server. Let me know if you have any idea on this.

    Read the article

  • Automate configuration change on Outlook 2007

    - by Julien Vehent
    I am migrating a bunch of mailboxes to google apps. Each user owns several mailboxes each serving different domains (john has john@domain1.com, john@domain2.com, and so on...) Currently, those accounts are hosted on (edit:NOT an exchange server) an old SMTP/POP server we want to replace, and I need to edit their outlook 2007 configuration to change the pop, smtp and password parameters. The hard way to do it is to connect to each outlook session and edit the parameters manually. I want to avoid that. Because that represents over 700 accounts spread between 40 users... :'( How can I automate this configuration change ? In the active directory ? Using a PRF file ? note: I'm a linux sysadmin with very little knowledge of windows's black magic.

    Read the article

  • Packets marked by iptables only sent to the correct routing table sometimes

    - by cookiecaper
    I am trying to route packets generated by a specific user out over a VPN. I have this configuration: $ sudo iptables -S -t nat -P PREROUTING ACCEPT -P OUTPUT ACCEPT -P POSTROUTING ACCEPT -A POSTROUTING -o tun0 -j MASQUERADE $ sudo iptables -S -t mangle -P PREROUTING ACCEPT -P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT -P POSTROUTING ACCEPT -A OUTPUT -m owner --uid-owner guy -j MARK --set-xmark 0xb/0xffffffff $ sudo ip rule show 0: from all lookup local 32765: from all fwmark 0xb lookup 11 32766: from all lookup main 32767: from all lookup default $ sudo ip route show table 11 10.8.0.5 dev tun0 proto kernel scope link src 10.8.0.6 10.8.0.6 dev tun0 scope link 10.8.0.1 via 10.8.0.5 dev tun0 0.0.0.0/1 via 10.8.0.5 dev tun0 $ sudo iptables -S -t raw -P PREROUTING ACCEPT -P OUTPUT ACCEPT -A OUTPUT -m owner --uid-owner guy -j TRACE -A OUTPUT -p tcp -m tcp --dport 80 -j TRACE It seems that some sites work fine and use the VPN, but others don't and fall back to the normal interface. This is bad. This is a packet trace that used VPN: Oct 27 00:24:28 agent kernel: [612979.976052] TRACE: raw:OUTPUT:rule:2 IN= OUT=eth0 SRC=XXX.YYY.ZZZ.AAA DST=23.1.17.194 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=14494 DF PROTO=TCP SPT=57502 DPT=80 SEQ=2294732931 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6E01D0000000001030307) UID=999 GID=999 Oct 27 00:24:28 agent kernel: [612979.976105] TRACE: raw:OUTPUT:policy:3 IN= OUT=eth0 SRC=XXX.YYY.ZZZ.AAA DST=23.1.17.194 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=14494 DF PROTO=TCP SPT=57502 DPT=80 SEQ=2294732931 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6E01D0000000001030307) UID=999 GID=999 Oct 27 00:24:28 agent kernel: [612979.976164] TRACE: mangle:OUTPUT:rule:1 IN= OUT=eth0 SRC=XXX.YYY.ZZZ.AAA DST=23.1.17.194 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=14494 DF PROTO=TCP SPT=57502 DPT=80 SEQ=2294732931 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6E01D0000000001030307) UID=999 GID=999 Oct 27 00:24:28 agent kernel: [612979.976210] TRACE: mangle:OUTPUT:policy:2 IN= OUT=eth0 SRC=XXX.YYY.ZZZ.AAA DST=23.1.17.194 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=14494 DF PROTO=TCP SPT=57502 DPT=80 SEQ=2294732931 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6E01D0000000001030307) UID=999 GID=999 MARK=0xb Oct 27 00:24:28 agent kernel: [612979.976269] TRACE: nat:OUTPUT:policy:1 IN= OUT=eth0 SRC=XXX.YYY.ZZZ.AAA DST=23.1.17.194 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=14494 DF PROTO=TCP SPT=57502 DPT=80 SEQ=2294732931 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6E01D0000000001030307) UID=999 GID=999 MARK=0xb Oct 27 00:24:28 agent kernel: [612979.976320] TRACE: filter:OUTPUT:policy:1 IN= OUT=eth0 SRC=XXX.YYY.ZZZ.AAA DST=23.1.17.194 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=14494 DF PROTO=TCP SPT=57502 DPT=80 SEQ=2294732931 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6E01D0000000001030307) UID=999 GID=999 MARK=0xb Oct 27 00:24:28 agent kernel: [612979.976367] TRACE: mangle:POSTROUTING:policy:1 IN= OUT=tun0 SRC=XXX.YYY.ZZZ.AAA DST=23.1.17.194 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=14494 DF PROTO=TCP SPT=57502 DPT=80 SEQ=2294732931 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6E01D0000000001030307) UID=999 GID=999 MARK=0xb Oct 27 00:24:28 agent kernel: [612979.976414] TRACE: nat:POSTROUTING:rule:1 IN= OUT=tun0 SRC=XXX.YYY.ZZZ.AAA DST=23.1.17.194 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=14494 DF PROTO=TCP SPT=57502 DPT=80 SEQ=2294732931 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6E01D0000000001030307) UID=999 GID=999 MARK=0xb and this is one that didn't: Oct 27 00:22:41 agent kernel: [612873.662559] TRACE: raw:OUTPUT:rule:2 IN= OUT=eth0 SRC=XXX.YYY.ZZZ.AAA DST=209.68.27.16 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=40425 DF PROTO=TCP SPT=45305 DPT=80 SEQ=604973951 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6B6960000000001030307) UID=999 GID=999 Oct 27 00:22:41 agent kernel: [612873.662609] TRACE: raw:OUTPUT:policy:3 IN= OUT=eth0 SRC=XXX.YYY.ZZZ.AAA DST=209.68.27.16 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=40425 DF PROTO=TCP SPT=45305 DPT=80 SEQ=604973951 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6B6960000000001030307) UID=999 GID=999 Oct 27 00:22:41 agent kernel: [612873.662664] TRACE: mangle:OUTPUT:rule:1 IN= OUT=eth0 SRC=XXX.YYY.ZZZ.AAA DST=209.68.27.16 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=40425 DF PROTO=TCP SPT=45305 DPT=80 SEQ=604973951 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6B6960000000001030307) UID=999 GID=999 Oct 27 00:22:41 agent kernel: [612873.662709] TRACE: mangle:OUTPUT:policy:2 IN= OUT=eth0 SRC=XXX.YYY.ZZZ.AAA DST=209.68.27.16 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=40425 DF PROTO=TCP SPT=45305 DPT=80 SEQ=604973951 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6B6960000000001030307) UID=999 GID=999 MARK=0xb Oct 27 00:22:41 agent kernel: [612873.662761] TRACE: nat:OUTPUT:policy:1 IN= OUT=eth0 SRC=XXX.YYY.ZZZ.AAA DST=209.68.27.16 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=40425 DF PROTO=TCP SPT=45305 DPT=80 SEQ=604973951 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6B6960000000001030307) UID=999 GID=999 MARK=0xb Oct 27 00:22:41 agent kernel: [612873.662808] TRACE: filter:OUTPUT:policy:1 IN= OUT=eth0 SRC=XXX.YYY.ZZZ.AAA DST=209.68.27.16 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=40425 DF PROTO=TCP SPT=45305 DPT=80 SEQ=604973951 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6B6960000000001030307) UID=999 GID=999 MARK=0xb Oct 27 00:22:41 agent kernel: [612873.662855] TRACE: mangle:POSTROUTING:policy:1 IN= OUT=eth0 SRC=XXX.YYY.ZZZ.AAA DST=209.68.27.16 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=40425 DF PROTO=TCP SPT=45305 DPT=80 SEQ=604973951 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6B6960000000001030307) UID=999 GID=999 MARK=0xb I have already tried "ip route flush cache", to no avail. I do not know why the first packet goes through the correct routing table, and the second doesn't. Both are marked. Once again, I do not want ALL packets system-wide to go through the VPN, I only want packets from a specific user (UID=999) to go through the VPN. I am testing ipchicken.com and walmart.com via links, from the same user, same shell. walmart.com appears to use the VPN; ipchicken.com does not. Any help appreciated. Will send 0.5 bitcoins to answerer who makes this fixed.

    Read the article

  • Why does mod_security require an ACCEPT HTTP header field?

    - by ripper234
    After some debugging, I found that the core ruleset of mod_security blocks requests that don't have the (optional!) ACCEPT header field. This is what I find in the logs: ModSecurity: Warning. Match of "rx ^OPTIONS$" against "REQUEST_METHOD" required. [file "/etc/apache2/conf.d/modsecurity/modsecurity_crs_21_protocol_anomalies.conf"] [line "41"] [id "960015"] [msg "Request Missing an Accept Header"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/MISSING_HEADER"] [hostname "example.com"] [uri "/"] [unique_id "T4F5@H8AAQEAAFU6aPEAAAAL"] ModSecurity: Access denied with code 400 (phase 2). Match of "rx ^OPTIONS$" against "REQUEST_METHOD" required. [file "/etc/apache2/conf.d/modsecurity/optional_rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "41"] [id "960015"] [msg "Request Missing an Accept Header"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/MISSING_HEADER"] [hostname "example.com"] [uri "/"] [unique_id "T4F5@H8AAQEAAFU6aPEAAAAL"] Why is this header required? I understand that "most" clients send these, but why is their absence considered a security threat?

    Read the article

  • Triple-monitor set-up (2 unique, 1 cloned): Can a VGA splitter be used on one output of a dual-head

    - by stakx
    Background: I'm currently researching hardware components for some kind of information terminal we're building. This application of ours makes use of three output screens: (1) A touch screen where all user input is made; (2) A regular LCD monitor where the requested information is being displayed; and (3) A projector which displays exactly the same signal as screen (2) does. (All screens will run at the same resolution of 1024x768 btw.) Now I figured that using a dual-head video card would be sufficient, let's say a Matrox P690 low-profile PCI card. This would involve having a Y cable connected to the graphics card itself, then two DVI-to-VGA adapters at each end of the Y cable, and then having a VGA splitter on one of the VGA outputs. The following shows the setup in question: 0--1---------2-> VGA (DSUB-15) \ \ ----2-3---------> VGA (DSUB-15) \ \ -----------------> VGA (DSUB-15) 0: graphics card (LFH60 jack) 1: LFH60 to DVI-I dual monitor Y cable 2: DVI-to-VGA adapters 3: VGA splitter cable Question(s): Will this work? I'm particularly concerned about the following points: Can a low-profile PCI video card output a signal which is strong enough for three monitors (even if it's a dual-head card)? Does the combination of so many adapters and splitter cables work? (The LFH-to-DVI cable comes with the video card) Will the VGA splitter cable degrade the signal on the output screen & projector significantly? (If so, would a USB-powered splitter cable remedy this problem?) I can't possibly expect anyone to answer all those questions, but any input is appreciated.

    Read the article

  • cant send using postfix from external ip address

    - by daniel
    i have postfix set up as a satellite to listen on port 587 i can send email outside fine trough the postfix(ubuntu) box from the local network with no problems when i try to connect to the postfix(ubuntu) box from a external ip and send mail it spits back a 554 5.7.1 Relay access denied error i can telnet to it fine, just cant send mail this is my main.cf : smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no append_dot_mydomain = no readme_directory = no smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = smtp_use_tls = no myhostname = cotiso-desktop alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = mydomainname.com, cotiso-desktop, localhost.localdomain, localhost relayhost = smtp.mydomainname.com mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all inet_protocols = all there is no security set up yet, i'm just trying to get it working first any ideas? thanks in advance

    Read the article

  • Help debugging Sendmail/Mailman configuration issue

    - by inxilpro
    Hi folks, I'm trying to configure a server with Sendmail and Mailman. I've been getting "Broken pipe" errors for a while, and have slowly been debugging. I fixed some permission issues, and changed the user that Mailman expects to be called from, among other things. Finally, I'd gone through everything I could think of, so I added a new test to see if it's the Mailman script or Sendmail that's causing the problem. Here's the error I'm getting now (stripped of timestamps and identifying information): <-- MAIL FROM:me@mydomain.com Authentication-Warning: xxxxx.org: xxxxxxxxxxxxxx.net [xx.xx.xxx.xxx] didn't use HELO protocol --- 250 2.1.0 me@mydomain.com... Sender ok <-- RCPT TO: [email protected] --- 250 2.1.5 [email protected]... Recipient ok <-- DATA --- 354 Enter mail, end with "." on a line by itself from=me@mydomain.com, size=20, class=0, nrcpts=1, msgid=<[email protected]>, proto=SMTP, relay=xxxxxxxxxxxxxx.net [xx.xx.xxx.xxx] --- 250 2.0.0 o6KMg2xZ025804 Message accepted for delivery alias [email protected] => "|/bin/echo foo" SYSERR(root): putbody: write error: Broken pipe 0: fl=0x0, mode=20660: CHR: dev=0/15, ino=776, nlink=1, u/gid=0/0, size=0 1: fl=0x1, mode=20660: CHR: dev=0/15, ino=776, nlink=1, u/gid=0/0, size=0 2: fl=0x1, mode=20660: CHR: dev=0/15, ino=776, nlink=1, u/gid=0/0, size=0 3: fl=0x2, mode=140777: SOCK localhost->[[UNIX: /dev/log]] 5: fl=0x0, mode=100600: dev=8/3, ino=486765, nlink=1, u/gid=0/51, size=5 6: fl=0x8000, mode=100640: dev=8/3, ino=65501, nlink=1, u/gid=0/0, size=12288 7: fl=0x8000, mode=100640: dev=8/3, ino=65501, nlink=1, u/gid=0/0, size=12288 8: fl=0x8000, mode=100640: dev=8/3, ino=65510, nlink=1, u/gid=0/0, size=12288 9: fl=0x8000, mode=100640: dev=8/3, ino=65510, nlink=1, u/gid=0/0, size=12288 10: fl=0x8000, mode=100640: dev=8/3, ino=64814, nlink=1, u/gid=0/51, size=12288 11: fl=0x8000, mode=100640: dev=8/3, ino=64814, nlink=1, u/gid=0/51, size=12288 12: fl=0x1, mode=100600: dev=8/3, ino=486767, nlink=1, u/gid=0/51, size=754 13: fl=0x1, mode=10600: FIFO: dev=0/5, ino=7649785, nlink=1, u/gid=0/51, size=0 14: fl=0x0, mode=10600: FIFO: dev=0/5, ino=7649786, nlink=1, u/gid=0/51, size=0 MCI@0x0: NULL MCI@0x0: NULL to="|/bin/echo foo", [email protected] (8/0), delay=00:00:08, xdelay=00:00:00, mailer=prog, pri=30476, dsn=5.0.0, stat=Service unavailable o6KMsnxX025948: DSN: Service unavailable done; delay=00:00:08, ntries=1 The alias in /etc/aliases is: cmtest: "|/bin/echo foo" As you can see, even when trying to pipe to /bin/echo I still get the same error. But I can't for the life of me figure out what else to check. Normal aliases work fine. Any ideas? Thanks!

    Read the article

  • questions about toucan manager

    - by user23950
    I'm new to this application toucan manager. How do I use it to download mediafire files automatically. By just providing the links. What link do I have to put in it? This: http://www.mediafire.com/?yoqygwzsyem Or this: http://download783.mediafire.com/yerhxuymxd3g/yoqygwzsyem/op-338-muxed.mp4 Because when I put the one with the .mp4, it checks the link endlessly. And one more thing, I've seen something like: you have to agree first w/ mediafire's bla bla bla. When I try to check the mediafire icon in the toucan manager.

    Read the article

  • Why is my connection slow?

    - by Jay R.
    I have a Dell Precision T5400 with a Broadcom 1Gb onboard NIC. For some strange reason, when I access machines on our local network, the best I can get is around 125KB/s download speed. My laptop that has a 10/100Mb NIC onboard usually gets around 300KB/s or better from the same network resource. Both machines are plugged into the same 1Gb switch which connects to our local network wall jack at 100Mb half duplex. There is also a printer plugged into the same switch at 100Mb full. The resource I'm using for the test is a 30MB zip file copied from a jetty webserver that is running as part of a cruisecontrol installation. The cruisecontrol installation is running WindowsXP with full real-time antivirus and Altiris patch management and inventory running. That stuff on its own is eating some of the download speed. I've seen the laptop reach into the multiple MB/s download speed before, but the desktop never seems to get past 125KB/s to 130KB/s. In WindowsXP, before I upgraded the driver in the desktop, it was that slow. In Fedora, it is still slow even though it appears to be using the same driver version as the upgraded Windows driver. The upgraded Windows driver is faster, but still not nearly as fast as the laptop. What gives? Any insight to improve the situation would be appreciated. Could it be that the BroadCom board just isn't that good, or the driver in linux is just not as good as the Windows one?

    Read the article

  • Simulating audio playback on headless linux server

    - by afro
    Hi people, We have a headless linux server (Debian 5) we use for runnin integration tests of our web-page code. Among these tests are ones implemented using Selenium, which practically simulates a user browsing our pages and clicking on things. One of these tests is failing now, because it involves starting a flash-based audio player and checking to see whether the progress bar gets displayed properly. The reason this test fails is that there is no way to play the audio, and no sound card on the machine, which has simple webserver hardware. So, my question would be: Is there a simple way of giving a program the impression that its audio output is being processed, and playback is taking place? I don't have to record the playback, or redirect it or anything like that, just a dummy soundcard, like the dummy X-server we aer using, which actually does not need to display stuff. I have tried using JACK, but it's too complicated, and the documentation does not even answer this very simple question. I also installed alsa on the server; it 'pretends' to run, but when a program tries to play audio, just spews error and debug information having to do with the non-existence of a soundcard. It would be really awesome if one of you has a simple answer to this question. Cheers, Ulas

    Read the article

  • Zimbra Relaying from Postfix connection timed out sending multiple emails?

    - by liamTc
    I have a web server setup with postfix which is relaying email to a zimbra server. This working fine however I have attempted to send a few thousand emails and now the connection from postfix to zimbra is timing out. All of the emails have been deferred on the postfix queue. If I try to send individual emails from postfix to zimbra it works fine. But if I try to flush the postfix queue all of the emails time out. In mail.log the emails look like this: postfix/error[2494]: 32B0950C04: to=, relay=none, delay=19431, delays=19402/29/0/0.01, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to mail.server.com[123.45.678.91]:25: Connection timed out) I have also noticed that in the above message it says "relay=none" for these emails that are failing. But the emails that do send say "relay=domainname.com". How I can resolve this, by sending the emails in the queue and avoiding this from happening again?

    Read the article

  • How do you set rate limit access to your API using Iptables?

    - by Cory
    How can you set rate limit access to API using Iptables. Tried to set limit using port 80, but I don't want to set limit to the web access entirely. Is there a way to specified a subdomain rather than port. Example: set rate limit to api.example.com not example.com? If there is no way to set rate limit by subdomain, what is the suggested rate limit access to port 80 without risking blocking a legitimate web user? One connection per second would be enough?

    Read the article

  • Wordpress multisite and redirect

    - by Dr I
    I come to you because I'm facing a really strange effect on my hosting. I currently manage a server contening a NGINX/PHP-CGI and a wordpress multisite in it. My sites are created using subsite.domaine.tld, for now, my three subsites are correctly accessibles through the url: subsite.domain.tld. My goal is to allow my subsite on the host domain to be access through their respective unique domain. For exemple: www.domainA.com would redirect to subsite1.host.domain.tld. If I do that using the following setting on the domainA Public DNS: www 10800 IN CNAME subsite1.host.domain.tld. When I try to access www.domainA.com I don't go to subsite1.host.domain.tld but instead I'm redirect to the Wordpress ROOT site where I create my Network (host.domain.tld). Is there a trick to deal with?

    Read the article

  • Setup secure shared hosting (Apache, PHP, MySQL)

    - by Apaz
    So I'm setting up a shared hosting with Apache, PHP, MySQL and the biggest question mark is how to do with PHP, since there is a million options out there how to configure it securely. The plan is: Chroot for MySQL (built in support for chroot) Chroot for Apache (mod_security) Each user executing their PHP-scripts as their own user (see below) Set open_basedir Disable all "evil" php-functions (allow_url_fopen, system, exec, and so on) Ive looked at suexec and suphp but they seems very slow; http://blog.stuartherbert.com/php/2007/12/18/using-suexec-to-secure-a-shared-server/ http://blog.stuartherbert.com/php/2008/01/18/using-suphp-to-secure-a-shared-server/ So I've looked some more and found some other solutions: apache2-mpm-itk + mod_php(?) mod_fcgid + php-fpm mod_fastcgi + php-fpm Ive tried a simple setup with mod_fastcgi + php-fpm and it seems to work, runs as correct user and so on, but the protection against directory traveling is still open_basedir(?) One solution for that could be to use php-fpm's chroot option, but that causes a lot of other issues like domain name resolver does not work sending mail does not work Tips?

    Read the article

  • Does a mini PCIe SSD fit into a Acer Aspire One?

    - by Narcolapser
    Question: What, if any, mini PCIe SSDs fit into the mini PCIe slot of the Acer Aspire one AOD250? Info: I have an Aspire One and I've been considering loading it with an SSD. The mini PCIe drives fascinate me and so I want to try that approach. Also they tend to be cheaper and not much slower. (at least not on Read time which matters more for a netbook) But I've heard that some times computers don't support certain mini PCIe cards. And I was wondering if anyone knew about the Aspire One? I tried asking Acer tech support, but they didn't know jack and spent the whole time informing that I would have to support my Ubuntu install on my own, which I was. Anyway. Rant Aside, I'm looking at this drive: http://www.newegg.com/Product/Product.aspx?Item=N82E16820183252 It states it is exclusively for the Eee PC. now does that mean It was designed for the Eee PC but will work in my netbook. or is something going to go wrong? (like right now my concern is it physically not fitting.) Any information would be appreciated. o7

    Read the article

  • Set up simple reverse proxy using IIS

    - by Ropstah
    I would like to reverse proxy my Jira installation on a Windows server 2008 machine. Jira is running under: http://jira.domain.com:8080/ and is accessible as such. The machine also runs IIS for hosting several ASP.NET websites. I followed instructions here: http://blogs.iis.net/carlosag/archive/2010/04/01/setting-up-a-reverse-proxy-using-iis-url-rewrite-and-arr.aspx and installed URL rewrite and ARR. I now have a “Web farm” node in my IIS instance but I’ve got no idea on how to proceed. I tried adding some rules but this made the rest of my IIS websites stop responding. Is there a simple way to say: 1. Forward http://jira.domain.com to http://localhost:8080 2. Ignore other domains and route them as usual Any help is greatly appreciated!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 960 961 962 963 964 965 966 967 968 969 970 971  | Next Page >