Daily Archives

Articles indexed Friday August 31 2012

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 14/18 | < Previous Page | 10 11 12 13 14 15 16 17 18  | Next Page >

  • Block IP Address including ICMP using UFW

    - by dr jimbob
    I prefer ufw to iptables for configuring my software firewall. After reading about this vulnerability also on askubuntu, I decided to block the fixed IP of the control server: 212.7.208.65. I don't think I'm vulnerable to this particular worm (and understand the IP could easily change), but wanted to answer this particular comment about how you would configure a firewall to block it. I planned on using: # sudo ufw deny to 212.7.208.65 # sudo ufw deny from 212.7.208.65 However as a test that the rules were working, I tried pinging after I setup the rules and saw that my default ufw settings let ICMP through even from an IP address set to REJECT or DENY. # ping 212.7.208.65 PING 212.7.208.65 (212.7.208.65) 56(84) bytes of data. 64 bytes from 212.7.208.65: icmp_seq=1 ttl=52 time=79.6 ms ^C --- 212.7.208.65 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 79.630/79.630/79.630/0.000 ms Now, I'm worried that my ICMP settings are too generous (conceivably this or a future worm could setup an ICMP tunnel to bypass my firewall rules). I believe this is the relevant part of my iptables rules is given below (and even though grep doesn't show it; the rules are associated with the chains shown): # sudo iptables -L -n | grep -E '(INPUT|user-input|before-input|icmp |212.7.208.65)' Chain INPUT (policy DROP) ufw-before-input all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-before-input (1 references) ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 11 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 12 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 ufw-user-input all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-user-input (1 references) DROP all -- 0.0.0.0/0 212.7.208.65 DROP all -- 212.7.208.65 0.0.0.0/0 How should I go about making it so ufw blocks ICMP when I specifically attempt to block an IP address? My /etc/ufw/before.rules has in part: # ok icmp codes -A ufw-before-input -p icmp --icmp-type destination-unreachable -j ACCEPT -A ufw-before-input -p icmp --icmp-type source-quench -j ACCEPT -A ufw-before-input -p icmp --icmp-type time-exceeded -j ACCEPT -A ufw-before-input -p icmp --icmp-type parameter-problem -j ACCEPT -A ufw-before-input -p icmp --icmp-type echo-request -j ACCEPT I'm tried changing ACCEPT above to ufw-user-input: # ok icmp codes -A ufw-before-input -p icmp --icmp-type destination-unreachable -j ufw-user-input -A ufw-before-input -p icmp --icmp-type source-quench -j ufw-user-input -A ufw-before-input -p icmp --icmp-type time-exceeded -j ufw-user-input -A ufw-before-input -p icmp --icmp-type parameter-problem -j ufw-user-input -A ufw-before-input -p icmp --icmp-type echo-request -j ufw-user-input But ufw wouldn't restart after that. I'm not sure why (still troubleshooting) and also not sure if this is sensible? Will there be any negative effects (besides forcing the software firewall to force ICMP through a few more rules)?

    Read the article

  • VLAN Through Switch Doesn't Work

    - by vcsjones
    I have the following scenario: I have a Cisco Aironet 1040 access point. I have it configured with two SSIDs, each going to a different VLAN. So: SSID internal : VLAN 90 SSID guest : VLAN 70 On the router side, I have a Cisco RV220W (with the radios now turned off) and have setup VLANs with like VLAN IDs. VLAN 90 : 192.168.90.0/24 VLAN 70 : 192.168.70.0/24 As far as DHCP is concerned, each VLAN has a "DHCP Server" in the router's configuration: So with the access point connected directly to the router, everything works great. I connect to the internal network, and I get a 192.168.90.x address, and the guest network gets a 70.xxx address. Next I introduced a Cisco SG200-50 PoE switch between the router and the access point. The port is configured as a trunk port, so the VLAN tags should go right through the switch back to the router. However, when something is connected to the access point, nothing works. It isn't able to get an IP address, and manually assigning one doesn't seem to let any traffic route. Given that the access point works correctly when connected to the router directly, I believe the switch is misconfigured. What am I missing here? What can I use to better diagnose what the problem might be? It's small business equipment, so CLI access is not available. Below are screenshots of the switch's config. The access point is connected to GE2.

    Read the article

  • No architecture vs architecture-specific binaries

    - by Aaron
    From what I understand, the noarch suffix means that it's architecture independent and should work universally. If this is the case, why should I install architecture-specific packages at all? Why not just go straight for the noarch? Are there optimizations in the x86 or x64 binaries that aren't found in the noarch binaries? What's best for high performance applications? Folding@Home does this with their controller:

    Read the article

  • Setting up Zend Framework 2 on GoDaddy

    - by Yossi
    I tried setting up ZF2 on the GoDaddy shared servers, though it doesn't work. I tried to download it directly, and using the git composer (which I managed to install successfully on the server). The error I'm receiving from PHP is this: Warning: Unexpected character in input: '\' (ASCII=92) state=1 in /home/content/82/5123082/html/tmp/ZendSkeletonApplication/public/index.php on line 12 Parse error: syntax error, unexpected T_STRING in /home/content/82/5123082/html/tmp/ZendSkeletonApplication/public/index.php on line 12 The PHP version the account is running: PHP 5.3.13 (cli) (built: May 14 2012 16:26 The Linux server that is used is: Linux ...secureserver.net ... #1 SMP Fri Jul 15 08:15:44 EDT 2011 i686 i686 i386 GNU/Linux CentOS release 5.5 (Final) Any ideas what I'm doing wrong? I never worked with ZF1, and I know there are custom solution out there for ZF1, but I didn't manage to port them into ZF2.

    Read the article

  • Is it bad to have a very full hard drive on a high traffic database server?

    - by MikeN
    Running an Ubuntu server with MySQL for a high traffic production database server. Nothing else is running on the machine except the MySQL instance. We store daily database backups on the DB server, is there any performance hit or reason why we should keep the hard disk relatively empty? If the disk is filled up to 86%+ with the database and all of the backups, does it hurt performance at all? So would the DB server running with 86-90%+ full capacity perform less well in any way than the server running with only a 10% full disk? The total disk size on the server is over 1 TB so even 10% of the disk should be enough for basic O/S swapping and such.

    Read the article

  • Overriding RPM public key database

    - by pilcrow
    Can rpm be persuaded to import and fetch public keys from an arbitrary pubkey database? On the same build machine I've got two automated users who each need to verify package signatures from different sources, signed under different keys. If I rpm --import pkg-source1.pub pkg-source2.pub, each user will be able to verify packages intended for the other. I'd rather each user not know about the other's public keyring. Is there a way I can specify an alternate or supplementary pubkey database on a per-user or per-rpm(8)-invocation basis?

    Read the article

  • Trying to install a freshly built RPM but it says it is dependent on a lib it should not be dependent on

    - by LouisC
    The package in question is samba-3.6.7. I've built the package successfully, but when trying to install it, it returns, error: failed dependencies: libtalloc.so.1 is needed by samba-3.6.7 I have no clue why this happens. libtalloc.so.1 is provided by my current samba package (which I am replacing), but this new samba provides libtalloc.so and libtalloc.so.2. Why is it still dependent on libtalloc.so.1 and how can I fix it? Thanks :)

    Read the article

  • Upgrade OpenSSL 0.9.8k to OpenSSL 1.0.1c on Ubuntu 10.04

    - by Nina
    We're currently using Ubuntu 10.04 and based on the PCI Compliance results, we're told to upgrade our OpenSSL. I attempted to do this using this reference: http://sandilands.info/sgordon/upgrade-latest-version-openssl-on-ubuntu and http://www.lunarforums.com/dedicated_web_hosting_at_lunarpages/upgrading_openssl-t35015.0.html Unfortunately, they didn't work for me. And when I attempted to remove the old version prior to installation, it looks like it broke a few thins in the system. The article from Steve Gordon seemed like it would work for me, but when I ran the openssl version command, it still read that it was the old version. I was wondering if anyone has any suggestions on what I should do. Fix: After following the steps from Steven Gordon, make sure you restart apache and / or restart your computer (I did both, but I'm sure a simple restart will fix it right up).

    Read the article

  • XenServer/Center: Shared SRs for hosts not in same pool?

    - by 3molo
    I would like to use the same SRs on XenServer hosts that are not able to be part of the same pool (because of not having the exact same cpu feature set, if I understand it correctly) in order to share templates, being able to (manually) start a host on another node, backing up running hosts on other hardware etc etc. The technology for SR can be any of iSCSI, NFS or CIFS, iSCSI would obviously be preferred. Trying to add an iSCSI volume renders a "This LUN is already in use as SR iSCSI - Shared Storage on pool xxxxxx.". Adding a NFS share on one XS host, creating a template there and then checking another XS host reveals they don't agree on used space etc. Coming from a vSphere world this is quite baffling, but if these are limitations then I will have to rethink some of the concepts for this low budget project.

    Read the article

  • Install McAfee ePO Agent via Group Policy

    - by neildeadman
    We have recently deployed ePO to our infrastructure, but the Agent will not deploy to all systems. We suspect this is a firewall issue as disabing Windows Firewall generally makes it work. We have decided to install the Agent via Group Policy to make sure all systems get the it and then ePO will deploy VirusScan on reboot. Following the manual I have run: Framepkg.exe /gengpomsi /SiteInfo=<sharedpath>\SiteList.xml /FrmInstLogLoc=<localtempDir> \<filename>.log and then created the GPO, but it never installs. Has anyone managed to get this working? Or maybe they can suggest a resolution for the failed installs of Agent deploy from ePO?

    Read the article

  • Strange Jmeter connection refuse on Tomcat

    - by Tommy
    I tried difference setting in Jmeter and Tomcat. If the Threads number in JMeter is 1~200, Then tomcat is okay. If It is 300, Then after serving few requests, tomcat starts to output errors. Here is the error show in JMeter java.net.ConnectException: Connection refused: connect at java.net.PlainSocketImpl.socketConnect(Native Method) at java.net.PlainSocketImpl.doConnect(Unknown Source) at java.net.PlainSocketImpl.connectToAddress(Unknown Source) at java.net.PlainSocketImpl.connect(Unknown Source) at java.net.SocksSocketImpl.connect(Unknown Source) at java.net.Socket.connect(Unknown Source) at java.net.Socket.connect(Unknown Source) at sun.net.NetworkClient.doConnect(Unknown Source) at sun.net.www.http.HttpClient.openServer(Unknown Source) at sun.net.www.http.HttpClient.openServer(Unknown Source) at sun.net.www.http.HttpClient.<init>(Unknown Source) at sun.net.www.http.HttpClient.New(Unknown Source) at sun.net.www.http.HttpClient.New(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection.plainConnect(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection.connect(Unknown Source) at org.apache.jmeter.protocol.http.sampler.HTTPJavaImpl.sample(HTTPJavaImpl.java:483) at org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:62) at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1018) at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1004) at org.apache.jmeter.threads.JMeterThread.process_sampler(JMeterThread.java:411) at org.apache.jmeter.threads.JMeterThread.run(JMeterThread.java:297) at java.lang.Thread.run(Unknown Source) My tomcat server.xml in eclipse <!--The connectors can use a shared executor, you can define one or more named thread pools--> <Executor name="tomcatThreadPool" namePrefix="catalina-exec-" maxThreads="2000" minSpareThreads="250" acceptCount="2000"/> <Connector executor="tomcatThreadPool" URIEncoding="UTF-8" connectionTimeout="20000" port="8080" protocol="HTTP/1.1" redirectPort="8443" /> Any idea why this is happening ? How do i check the server.xml is correctly used? It is a JSF2 application if it helps. Thanks in advance.

    Read the article

  • Portable Display doesn't work anymore

    - by RipCord
    My USB portable monitor will not work since I installed the hard drive onto an HP laptop. I have installed all the new hardware drivers and do not have any more device issues in device manager view. My old laptop was a lenovo. The new one is an HP. The system seems to recognize devices that I connect via, usb but the portable display still does not show anything on the screen. It is probably a conflict in the registry but I'm not sure how to find it and the Power User does not have the luxury of letting me troubleshoot for hours to isolate the problem.

    Read the article

  • Can't find PC on network

    - by Simon Verbeke
    I just got myself a new laptop, and set it up. It is connected to the wireless internet in my home. I then wanted to create a homegroup between the laptop and my desktop, but they can't find each other. Probably because the desktop has a wired connection to the router and the laptop is connected to a wireless access point. The router and the AP are connected to a switch in the middle by cable. A sketch of the network: Laptop - - - Wireless Access Point ----- Switch ----- Router ----- Desktop ^ ^ ^ ^ Wireless Wired Wired Wired They both point to the same gateway and DHCP-server (on 192.168.0.1). And I can ping to that address from both PCs. When I try to ping either of the PCs the pings time out. The subnets are also the same (255.255.255.0) and the IPs are in the same range (192.168.0.114 laptop, 192.168.0.205 desktop). So I don't really understand what I need to do to be able to access either computer from the other. The weird thing is that Synergy (to use mouse and keyboard over the network) works, just by using the IPs assigned to both PCs. The acces point is a linksys WAP54g, but I'm unsure of the Router, it has a custom casing from our ISP and hides any clues for identifying the product. I'm going to google a bit so I can add that info later. Both PC's are Windows 7 64 bit. The desktop is Ultimate, the laptop Professional.

    Read the article

  • Power supply surges detected during previous power on

    - by Blastcore
    Message is this: "Power supply surges detected during previous power on" "ASUS Auto-Surge was triggered to protect system from unstable power supply" When i went to sleep yesterday and woke up, when i moved the mouse to go back from screen saver, it didn't do anything. So i left it, i came back from class and got this issue. (I didn't restart before going to class... So the screen was left like it was) Today there was a power cut in half of my house. (Computer is on the side that it didn't cut...) Voltages are fine, like always. How do i remove message? It's just maybe sensor glitch? Even disabling the Anti-Surge my PC "shuts down" (Only monitor, but maybe components do too.)

    Read the article

  • Is there a way to automatically keep Chrome/Ask Tool Bar from installing?

    - by hydroparadise
    So of lately, I've had to warn my users to watch out for unwanted programs that are coming in with Adobe Flash and Java updates. Adobe seems to be pushing Google's Chrome and Java with the Ask.com Toolbar. I admit that it could be much worse because both instance simply require an uncheck during some point of the update process, but on a large scale, prevention is better than confrontation. Any suggestions?

    Read the article

  • Router block some sites

    - by Mahesha999
    Hi I was using ADSL Modem/Router earlier. The device is quite old Pronet PN-ADSL 101 E/U model (pics: http://bit.ly/P2YaWy, http://bit.ly/OA700l) Since it had only one RJ45 out, I bought new Wireless Router TPLink TL-WR941ND. It has 4 RJ45 out and 3 wireless antennas. I configured my old router in bridge. Now, if I have to connect my pc to Internet through the old router, I have to enter username and password. Then I connected the RJ45 output of old router to the WAN in of new router. and ran the CD of new router. It configured the new router in PPPoE by saving the username and password in router to dial automatically. So now I have to just plug in the wires in my new routers any RJ45 out. I am able to access the Internet when I connect through new router (both wired and wirelessly), but some sites are getting blocked. Most notably yahoo.com (though ymail.com is working), Microsoft.com. msn.com. These sites work perfectly fine when I connect my pc directly to my old router and enter username and password manually. (However others like google.com. facebook.com works fine when connect through new router) So here these some sites need some parameter set but I am unable to find them out. Can anyone help me. My friend said he also faced same problem. Surprisingly he advised me to see if the same websites will work through Opera turbo mode and boom they worked. So what could be the problem?

    Read the article

  • Is it possible to copy recordings off of a DVR box hard drive?

    - by bdr9
    My cable TV company gives me a Cisco Explorer 8640HDC DVR box that can record shows from TV. I know that it contains a hard drive to save the shows on. What format and file system are used to store the videos on the hard drive? I have looked at the documentation for this DVR box and there is no technical information about the manner in which recordings are stored. Is it possible to connect the hard drive to a computer and extract the recordings from it?

    Read the article

  • Why does Google Chrome ignore "last_known_google_url" property in "Local State" file?

    - by Peter Sivák
    I want to force my Google Chrome web browser (version 21.0.1180.89, 64-bit) to use non-localized search (thus google in english) through address bar, using the default Google search engine. To achieve that, I have to change value of the property last_known_google_url to https://www.google.com/?hl=en& in Local State file (for instance on Linux, the full path to the file is ~/.config/google-chrome/Local State). In that file, there should be the property: "browser": { "last_known_google_url": but it is not. Even if I add there the property, it has no impact on search - Google Chrome does not use the property and still searches in localized version. Another option is to put the property to Preferences file (for instance on Linux, the full path to the file is ~/.config/google-chrome/Default/Preferences) - which works perfectly when I start Google Chrome and do some search - but just after that, the property (actually the whole Preferences file) is overriden, so "the most important" trailing part ?hl=en& of the property value is removed - and without it, the non-localized search does not work anymore. Why does Google Chrome ignore last_known_google_url property in Local State file?

    Read the article

  • If the WiFi switched on, should it disable the ethernet? [closed]

    - by Peter Stuart
    My friend having problems with her laptop and I am trying to help her via SMS. She can't get her laptop connected to the internet via the Ethernet connection and there is no WiFi in the area. Could it be because her WiFi is switch on, she is using an acer aspire. If she manually switches it off could that allow the ethernet connecttion to work? Or is it a missing driver? The cable works fine as her someone else tried it. Thanks Peter

    Read the article

  • Is anyone familiar with this message in Kapersky Internet Security 2010?

    - by tintincutes
    Hi I just started my computer up & opened a website for my checking my mail, when I opened a Kaspersky Internet Security 2010 window popped up. C:\Documents and Settings\username\Local Settings\Application Data\Mozilla\Firefox\Profiles\rse47wp8.default\Cache\C\79\D5CC9d01 Does anyone is familiar with this? I checked the path and this path doesn't exist. I couldn't remember that I have a file of D5CC9d01 once. Can somebody please tell me if this is a virus or not? Thanks

    Read the article

  • BASH function not escaping control characters

    - by ehime
    Hey guys I have a function that I'm using to find stuff, but unfortunately anytime I pass it a control character ($intVal or testing : etc) it chokes. I was wondering what the fix was? I can understand that using $ or % or : etc in grep without escaping causes this issue, but since I'm passing it in by reference I'm not sure how to escape it... Anyway, here's the code. function ffind() { if [ $1 ] ; then find -type f | grep -ir '$1' * | grep -v '.svn' else echo "'$1' is not a valid resource" fi } Example(s): $ ffind $intVal '' is not a valid resource $ ffind "testing :" bash: [: testing: unary operator expected 'testing :' is not a valid resource

    Read the article

  • Synergy setup broke on upgrade

    - by CoatedMoose
    I had synergy setup working fine with version 1.3.7, however I got a new computer and decided to set it up as well. Because the setup I was working with was ubuntu (server - dual monitors) mac (client) and the new computer (replacing the mac) was windows, I ended up updating everything to 1.4.10. ______ ______ ______ | mac | ubu1 | ubu2 | |______|______|______| The problem is currently that dragging to the left of ubu1 causes the cursor on the mac to flicker briefly and then the cursor shows up at the bottom right corner of ubu2. Here is my .synergy.conf section: screens Andrews-Mac-Mini: ctrl = ctrl alt = meta super = alt Andrew-Ubuntu: end section: links Andrew-Ubuntu: left = Andrews-Mac-Mini Andrews-Mac-Mini: right = Andrew-Ubuntu end And the output from synergys -f NOTE: client "Andrews-Mac-Mini" has connected INFO: switch from "Andrew-Ubuntu" to "Andrews-Mac-Mini" at 1679,451 INFO: leaving screen INFO: screen "Andrew-Ubuntu" updated clipboard 0 INFO: screen "Andrew-Ubuntu" updated clipboard 1 INFO: switch from "Andrews-Mac-Mini" to "Andrew-Ubuntu" at 2398,833 INFO: entering screen

    Read the article

  • Windows 7 Can't Connect to Network Drive on Windows XP

    - by Alex Yan
    I have a Windows XP desktop and a Windows 7 laptop both connected to a TrendNET TEW-432BRP router, which is connected to the Internet. They both have static IPs. The desktop has an external hard drive connected to it. The laptop is wireless and the desktop is wired. I enabled sharing on the external hard drive about two years ago when I bought it. I mapped it as a network drive on the laptop. I think it was yesterday, the laptop just stopped recognizing any of the computers on my network (When I open network, my laptop's the only one on it). I also get an error message "An error occurred while connecting A: to \CERTIFIED-DATA\Expansion Microsoft Windows Network: The network path was not found. The connection has not been restored" when I try to connect to the network drive. Both computers run Avast, and there hasn't been any problems with it. This has happened before but I never figured out why and how to fix it. It's usually fixed when I reinstall the OS of the affected system. Edit: I can't navigate the computer using \\CERTIFIED-DATA. I get a message saying "Windows cannot access \CERTIFIED-DATA. Check the spelling of the name, Otherwise, there might be a problem with your network" I clicked diagnose on the message and it failed to find anything wrong I clicked diagnose on my wireless connection, and it just keeps trying to check if something is wrong with the connection I can ping it successfully

    Read the article

  • Create a bootable .wim from Win 7 system image?

    - by Christian Nikkanen
    I was given an assigment to create a clean install of Windows 7, take a system image of it and make it a bootable image, so it can be booted from our local server. I've readed a few tutorials, but only one worked so far that it created a .wim . But when I transferred it to the server (Windows 2008 Server), navigated to Boot Images -- Add a new boot image But it says it's not bootable. So how would I create a .wim that is good for the server from a 64bit Windows? I have Windows AIK installed.

    Read the article

  • Can I automatically login to ssh using passwords from OS X keychain?

    - by Chaitanya Gupta
    I need to login to an ssh server which doesn't support key based authentication. And I don't want to type the passwords every time. I am using OS X Lion (10.7.2). I have added the passwords to the OS X keychain[1]. Now I can retrieve the password automatically from the keychain using /usr/bin/security, however I can't find a way to send this password to the ssh prompt. I also tried sshpass. However when I try to run it ssh exits with the following error: ssh_askpass: exec(/usr/libexec/ssh-askpass): No such file or directory Permission denied, please try again. ssh_askpass: exec(/usr/libexec/ssh-askpass): No such file or directory Permission denied, please try again. ssh_askpass: exec(/usr/libexec/ssh-askpass): No such file or directory Permission denied (publickey,password). Is there anyway I can login to this server without having to enter the password every time? Notes The scheme I use in keychain looks like this Kind: Internet password Account: username Where: ssh://server-name

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 10 11 12 13 14 15 16 17 18  | Next Page >