Search Results

Search found 5174 results on 207 pages for 'prevent'.

Page 100/207 | < Previous Page | 96 97 98 99 100 101 102 103 104 105 106 107 | Next Page >

IPFW not locking people out

- by Cole

I've had some brute-forcing of my ssh connection recently, so I got fail2ban to hopefully prevent that. I set it up, and started testing it out by giving wrong passwords on my computer. (I have physical access to the server if I need to unblock myself) However, it never stops me from entering passwords. I see in /var/log/fail2ban.log that fail2ban kicked in and banned me, and there's a ipfw entry for my IP, but I'm not locked out. I've changed the configuration around, and then tried just using the ipfw command myself, but nothing seems to lock me out. I've tried the following blocks: 65300 deny tcp from 10.0.1.30 to any in 65400 deny ip from 10.0.1.30 to any 65500 deny tcp from 10.0.1.30 to any My firewall setup has a "allow ip from any to any" rule after these though, maybe that's the problem? I'm using Mac OS 10.6 (stock ipfw, it doesn't seem to have a --version flag) Thanks in advance.

Read the article
TFTP uploads failing

- by dunxd

I am running TFTPD via xinetd on a Centos 5.4 server. I am able to access files via tftp fine, so I know the service is running ok. However, whenever I try and upload a file I get a 0 Permission denied message. I have already created the file in /tftpboot and set the permissions to 666. My tftpd config has verbose logging (-vvvv), but all I see in my /var/log/messages is: START: tftp pid=20383 from=192.168.77.4 I have seen some mention that SELinux can prevent TFTPD uploads, but I'd expect to see something in the logs. I have SELinux set in permissive mode. Any ideas?

Read the article
Internet speed showing high value but never felt that speed [closed]

- by Kiran D Pillai

I use Reliance Netconnect+ in my Toshiba Satellite laptop. My OS is Windows 7 Ultimate. I've seen speeds up to 1500 kbps when travelling and have an average speed of 400 kbps at my room premises. I'm sorry, I've never felt that much speed while browsing or downloading. Sometimes I think some other programs are also sharing the same network. It is just showing 200 or 500 kbps but I feel 25 or 50 kbps. Is there any way to prevent them? I use Google Chrome downloaded from Google site. Please suggest me some solutions.

Read the article
Reverse DNS does not match SMTP banner vs Reverse DNS mismatch

- by MadBoy

I have to make decision whether my Reverse DNS should match SMTP banner but Reverse DNS to DNS and vice versa stays different or vice versa. Which one to choose? I have an 2x Exchange 2010 server with one SMTP Sender with TMG 2010. TMG has 2 links connected so that we have 2 separate internet providers. The problem is I have no way to control TMG behavior on which link is used to send emails as it picks it randomly. I have 2 MX records: - mail.test.com which resolves to IP and IP resolves to mail.test.com - mail2.test.com which resolves to IP2 and IP2 resolves to mail.test.com This was done to prevent smtp banner issues but it provides problems with Reverse DNS if the server on the other side is eager enough to do comparison. But I've checked with Google and they also don't have that in perfect condition.

Read the article
puppet duplicate resources and virtual resources

- by user45097

Overview Hi just started using Puppet and have been unable to suss something. Problem Because of normalization when I add 2 classes to a node with packages that have the same dependencies it fails. In simple terms have duplicate resources - in this case the package libssl. Note: packages are being held to prevent latest packages being installed. QUestion What's the best practice way to get round this? class ssh { package { 'openssh-server': ensure = installed, require = libssl } package { 'libssl': ensure = installed, } } class apache { package { 'apache': ensure = installed, require = libssl, } package { 'libssl': ensure = installed, } } node server { include apache include openssl-server

Read the article
How to tell X.org to reload input device module?

- by Vi

When X.org boots up, Synaptics touchpad works well. But when I remove the module it falls back to /dev/input/mice and don't use normal driver even when touchpad is available again. Xorg.0.log: ... (II) XINPUT: Adding extended input device "Synaptics Touchpad" (type: TOUCHPAD) (--) Synaptics Touchpad: touchpad found # { rmmod psmouse && echo mem /sys/power/state && modprobe psmouse; } (WW) : No Device specified, looking for one... (II) : Setting Device option to "/dev/input/mice" ... How to tell X.org to try it's InputDevice again (without restarting X server)? P.S. rmmod psmouse is needed to prevent crashing of Acer Extensa 5220 when resuming from suspend-to-ram. Update: Found answer myself: Doing xinput set-int-prop "Synaptics Touchpad" "Device Enabled" 8 1 after reloading the kernel module reloads touchpad. Now suspend-to-ram works OK.

Read the article
How to tell X.org to reload input device module? (Working around suspend-to-ram crash on Acer laptop

- by Vi

When X.org boots up, Synaptics touchpad works well. But when I remove the module it falls back to /dev/input/mice and don't use normal driver even when touchpad is available again. Xorg.0.log: ... (II) XINPUT: Adding extended input device "Synaptics Touchpad" (type: TOUCHPAD) (--) Synaptics Touchpad: touchpad found # { rmmod psmouse && echo mem /sys/power/state && modprobe psmouse; } (WW) : No Device specified, looking for one... (II) : Setting Device option to "/dev/input/mice" ... How to tell X.org to try it's InputDevice again (without restarting X server)? P.S. rmmod psmouse is needed to prevent crashing of Acer Extensa 5220 when resuming from suspend-to-ram. Update: Found answer myself: Doing xinput set-int-prop "Synaptics Touchpad" "Device Enabled" 8 1 after reloading the kernel module reloads touchpad. Now suspend-to-ram works OK.

Read the article
Can one have multiple name servers that don't all belong to the same TLD/provider?

- by Simon

In light of the GoDaddy outage we updated our name server list for our domain to include an additional name server provider. The list looks something like this: ns61.domaincontrol.com ns54.domaincontrol.com ns1.dreamhost.com ns2.dreamhost.com Both Godaddy and Dreamhost have zone entries to handle the A and MX records. The idea is that if one provider goes out the other will be a fall-back. However, when I tested my config with http://www.intodns.com/ I am getting a warning about SOA serials not being agreed. Have I misunderstood some fundamentals in name-server config? What can I do to prevent future problems?

Read the article
Online backup solution

- by Petah

I am looking for a backup solution to backup all my data (about 3-4TB). I have look at many services out there, such as: http://www.backblaze.com/ http://www.crashplan.com/ Those services look very good, and a reasonable price. But I am worried about them because of incidents like this: http://jeffreydonenfeld.com/blog/2011/12/crashplan-online-backup-lost-my-entire-backup-archive/ I am wondering if there is any online back solution that offers a service level agreement (SLA) with compensation for data loss at a reasonable price (under $30 per month). Or is there a good solution that offers a high enough level of redundancy to mitigate the risk? Required: Offsite backup to prevent data loss in terms of fire/theft. Redundancy to protect the backup from corruption. A reasonable cost (< $30 per month). A SLA in case the service provider faults on its agreements.

Read the article
Corrupt file indicative of corrupt hard drive?

- by Elipsicon

I have noticed that two files on my (almost full) 2 TB hard drive have been corrupted. One file has 20 kB (!) corrupted, i.e. consecutive 20 kB have changed, even though the modification date of the file hasn't changed and I haven't worked with this file for over a year. This tells me that something "below" the file system level has messed with the data and the only thing I can think of is hardware failure, most likely hard disk failure. I've tested my RAM already and it works flawlessly. I'm using ext4 on Linux, if that is of any help. Is this normal? Is it time to change my hard drive disk before something worse happens? What can I do to prevent that from happening in the future? Is there some built-in feature of, or extension to ext4 that includes additional error correcting code and/or watches files for changes that haven't been caused by the OS?

Read the article
Data Execution Prevention problem in Windows Server 2008

- by naveen

Hi guys, I am an ASP.NET developer, who has minimal knowledge in Server administration. I have a database hosted at Windows Server 2008. Today morning onwards it periodically stops working. The message given is something to the effect "The program is being shut down to prevent Data Execution Prevention error" Some other programs are also showing the behavior. I would like to know, what causes this all of a sudden? The server is UN-protected(IE: no anti-virus installed at all), could this be a possible anti-virus/ malware attack? What do we need to do to get the SOL running smoothly again? Regards, Naveen Jose

Read the article
Sorting emails with no To: tags in Outlook

- by user29589

Lately people at work have been sending with mailing lists in blind copies instead of just sending to the mailing lists. I think the intent is to prevent people from accidentally replying to all, but it means that these emails aren't sorted into their proper folders when they arrive. I'd like to at least be able to sort them into a common folder, but these emails arrive with no "To:" line in the headers. I'm using Outlook 2007, and I can't figure out a way to use their built-in rule editor to create a rule that sorts these emails. Is there a plugin that will allow me to sort emails like this, or a better rule editor? Updated: I know this is very old, but this is still very annoying to me. Is there any way to sort these kinds of emails to their own folder?

Read the article
Apache redirect from one domain to another domain

- by cpuguru

Like many users, we tend to register the *.com and *.net versions of our domain names to prevent nefarious squatters. So if we wanted "foo.com" we'd also register "foo.net" and have them both resolve to the same IP address. Trying to set up Apache for the first time and need to know the proper way to redirect requests to "foo.net" to go to "foo.com" instead so that if a user types in "foo.net" they get magically redirected to "foo.com". I've been reading through the Apache URL Rewriting guide (http://httpd.apache.org/docs/1.3/misc/rewriteguide.html) and it's not readily apparent how to do this seemingly simple task. Please advise this apprentice oh wise Apache jedi...

Read the article
Macos default paths prepend my defined paths in vim

- by Bogdan Gusiev

I am trying to call some shell command from vim with like :!ls command. But unfortunately there are some default PATHS that prepends PATHs defined in the original shell. Here is the echo $PATH output in the original shell: /usr/local/heroku/bin:/Users/bogdan/.rvm/gems/ruby-1.9.3-p194/bin:/Users/bogdan/.rvm/gems/ruby-1.9.3-p194@global/bin:/Users/bogdan/.rvm/rubies/ruby-1.9.3-p194/bin:/Users/bogdan/.rvm/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/X11/bin:/Users/bogdan/.rvm/bin:/Users/bogdan/bin:/Users/bogdan/.rvm/bin:/usr/local/Cellar/git/1.7.12.2/libexec/git-core:/Users/bogdan/.rvm/bin and shell called within vim: /usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/X11/bin:/Users/bogdan/.rvm/gems/ruby-1.9.3-p194@devauc/bin:/Users/bogdan/.rvm/gems/ruby-1.9.3-p194@global/bin:/Users/bogdan/.rvm/rubies/ruby-1.9.3-p194/bin:/Users/bogdan/.rvm/bin:/Users/bogdan/bin:/usr/local/Cellar/git/1.7.12.2/libexec/git-core:/Users/bogdan/.rvm/bin Why they appeared right there? How can I prevent that and make vim shell has original PATH variable.

Read the article
Postfix Stagger/Rate Limit Outbound Mail

- by GruffTech

We have a server that sends our weekly newsletter to subscribers, To prevent people like Hotmail or Yahoo from blocking us due to sending too many simultaneous emails to them, Is there a way we can stagger email, or rate-limit outbound emails from postfix? Keep in mind, I dont want the mailserver to stop queueing mail or accepting new messages, Simply defer delivery if there are more then 3-4 messages per destination domain/ipaddress, or something similar. Note: I dont want a Sender Throttle, as described in a similar question, here. I'm looking more for a recipient throttle but haven't had any luck finding out how to do so with PolicyD or Anvil services, and was wondering if anyone else has accomplished such a task.

Read the article
Locking down a box on the web

- by glowcoder

I'm a Java developer who is looking to put a game on the web. I'm not much of a web or server guy, though, and frankly I seem a little lost at where I should start with putting something on the web. My application works fine on my machine, and I'm sure I can make it work fine on any box I put it on. But the security of that box is pretty important. If I sign up for a standard hosting package (let's say from GoDaddy or something) can I simply tell them "make port 12345 open for communication" and let them handle the rest of the security details? If I can't, what are the things I'm going to need to know to prevent my game server from getting hacked to shreds? (Links to solid resources fine by me!) Thanks!

Read the article
database replication for new user signup

- by Jeff Storey

I have a database that stores the users of my application. When a new user signs up, a record is inserted into the database for that user. I have a replicated version (slave) of this database (using mysql for now). What I'm concerned about is this scenario: step 1: user signs up and user record is inserted into the database step 2: user then tries to login, and the login process queries the database for the user. however, this query hits the slave database, but the user record has not yet been replicated in the slave and it returns an error that the user does not exist. This is a pretty trivial example, but I can see how it can apply to a lot of cases. Is there a strategy for configuring replicated databases to help prevent this situation?

Read the article
What are the pros/cons of blocking a program from running in %appdata%, %temp%, etc.?

- by poke

While researching ways to prevent CryptoLocker, I saw a forum post that advised using Group Policy Objects (GPO) and/or antivirus software to block run access in the following locations: %appdata% %localappdata% %temp% %UserProfile% Compressed archives Obviously, anything written in a forum should be taken with caution. I do see advantages to do doing this, though, primarily because malware likes to execute out of these locations. Of course, this could impact legitimate programs as well. What are the drawbacks to blocking run access to these locations? What are the advantages?

Read the article
Safely Remove Hardware (USB drive) needs End Process for rundll32.exe - Windows XP SP3

- by Michael Warner

Image Name PID Modules ========================= ====== ============================================= rundll32.exe 252 ntdll.dll, kernel32.dll, msvcrt.dll, GDI32.dll, USER32.dll, IMAGEHLP.dll, ShimEng.dll, AcGenral.DLL, ADVAPI32.dll, RPCRT4.dll, Secur32.dll, WINMM.dll, ole32.dll, OLEAUT32.dll, MSACM32.dll, VERSION.dll, SHELL32.dll, SHLWAPI.dll, USERENV.dll, UxTheme.dll, guard32.dll, fltlib.dll, comctl32.dll, comctl32.dll, NvMcTray.dll, SETUPAPI.dll, IMM32.dll, nvapi.dll I have to end the rundll32.exe process to safely remove my USB drive. Given the modules rundll32.exe is running, do you know which running module(s) would prevent the USB drive from being safely removed, and if so is there a more permanent straightforward solution such as changing an automatic service (the list from services.msc) into a disabled/manual service or maybe something else you can think of?

Read the article
Regarding Reinstalling PostgreSQL

- by Vivalavista

I was using PostgreSQL 8.4. I tried removing it through Synaptic Manager and then I tried to install 9.1, but I still version 8.4. I deleted all the files associated with postgresql. Now I am unable to install any version of PostgreSQL. When I try I get this error: Setting up postgresql-9.1 (9.1.3-1~lucid) ... .: 12: Can't open /usr/share/postgresql-common/maintscripts-functions dpkg: error processing postgresql-9.1 (--configure): subprocess installed post-installation script returned error exit status 2 dpkg: dependency problems prevent configuration of postgresql: postgresql depends on postgresql-9.1; however: Package postgresql-9.1 is not configured yet. dpkg: error processing postgresql (--configure): dependency problems - leaving unconfigured No apport report written because the error message indicates its a followup error from a previous failure. Errors were encountered while processing: postgresql-9.1 postgresql E: Sub-process /usr/bin/dpkg returned an error code (1) Please tell me the way to remove postgres completely so I can install a fresh version.

Read the article
check_mk IPMI PCM sensor reading randomly fails

- by Julian Kessel

I use check_mk_agent for monitoring a server with IPMI and the freeipmi-tools installed. As far as I can see, the monitoring randomly detects no value returned by the IPMI Sensor "Temperature_PCH_Temp". That's a problem since it results in a CRITICAL state triggering a notification. The interruption lasts only over one check, the following is always OK. The temperature is in no edge area and neither the readings before the fail nor after show a Temp that is tending to overrun a treshold. Has someone an idea on what could be the reason for this behaviour and how prevent it?

Read the article
Strategy and AI for the game 'Proximity'

- by smci

'Proximity' is a strategy game of territorial domination similar to Othello, Go and Risk. Two players, uses a 10x12 hex grid. Game invented by Brian Cable in 2007. Seems to be a worthy game for discussing a) optimal strategy then b) how to build an AI Strategies are going to be probabilistic or heuristic-based, due to the randomness factor, and the high branching factor (starts out at 120). So it will be kind of hard to compare objectively. A compute time limit of 5s per turn seems reasonable. Game: Flash version here and many copies elsewhere on the web Rules: here Object: to have control of the most armies after all tiles have been placed. Each turn you received a randomly numbered tile (value between 1 and 20 armies) to place on any vacant board space. If this tile is adjacent to any ally tiles, it will strengthen each tile's defenses +1 (up to a max value of 20). If it is adjacent to any enemy tiles, it will take control over them if its number is higher than the number on the enemy tile. Thoughts on strategy: Here are some initial thoughts; setting the computer AI to Expert will probably teach a lot: minimizing your perimeter seems to be a good strategy, to prevent flips and minimize worst-case damage like in Go, leaving holes inside your formation is lethal, only more so with the hex grid because you can lose armies on up to 6 squares in one move low-numbered tiles are a liability, so place them away from your main territory, near the board edges and scattered. You can also use low-numbered tiles to plug holes in your formation, or make small gains along the perimeter which the opponent will not tend to bother attacking. a triangle formation of three pieces is strong since they mutually reinforce, and also reduce the perimeter Each tile can be flipped at most 6 times, i.e. when its neighbor tiles are occupied. Control of a formation can flow back and forth. Sometimes you lose part of a formation and plug any holes to render that part of the board 'dead' and lock in your territory/ prevent further losses. Low-numbered tiles are obvious-but-low-valued liabilities, but high-numbered tiles can be bigger liabilities if they get flipped (which is harder). One lucky play with a 20-army tile can cause a swing of 200 (from +100 to -100 armies). So tile placement will have both offensive and defensive considerations. Comment 1,2,4 seem to resemble a minimax strategy where we minimize the maximum expected possible loss (modified by some probabilistic consideration of the value ß the opponent can get from 1..20 i.e. a structure which can only be flipped by a ß=20 tile is 'nearly impregnable'.) I'm not clear what the implications of comments 3,5,6 are for optimal strategy. Interested in comments from Go, Chess or Othello players. (The sequel ProximityHD for XBox Live, allows 4-player -cooperative or -competitive local multiplayer increases the branching factor since you now have 5 tiles in your hand at any given time, of which you can only play one. Reinforcement of ally tiles is increased to +2 per ally.)

Read the article
How can I make it difficult to install a new operating system on a certain computer?

- by D W

I want to host a website on a desktop computer running Ubuntu with a Windows virtual machine. I will give away the computer in exchange for a number of months of remote web hosting. I want to add some kind of lock (hardware or otherwise) so that the end users will have difficulty just reinstalling Windows and using the machine as they want, in contradiction to the contract. Ideally, I'd want the machine to die if reinstallation of the OS is attempted. It doesn't have to be completely insurmountable, but it has to be difficult enough to prevent casual reinstallation. Perhaps on bootup the system can check whether certain files exist on the computer and refuse to boot if they do not. I don't know if this is possible, but maybe BIOS is password protected, and searches for files before boot up. The files it looks for could be date sensitive, i.e. require remote replacement on a schedule.

Read the article
Lock down SFTP access on OpenSolaris

- by Simon

Hi all, I have an OpenSolaris 2009.06 server and I'd like to enable a user to remotely change files in a specific directory, ideally via SFTP or FTP-via-SSH. This user does not yet have an account on the machine and I'd like to create it so it's as restricted as possible. Is there a canonical way of doing this? I know about OpenSolaris' role-based access control and authorizations model, but I figure it's a lot of work (i.e., a lot I can mess up) to really lock down a full-blown user account (prevent fork bombs, make sure there's really no other file in the file system which can be written to...). Any hint is greatly appreciated. Thanks, Simon

Read the article
Can /etc/hosts.deny/allow be overridden?

- by Tar

I have security measures put in place to keep unwanted users out of my server. I've changed the SSH port, disabled root login, have a software firewall to block portscans, and have entries in hosts.deny and hosts.allow. I have various services denied to all but another server of mine should my IP change, and two other administrators + my own IP address. My question is, can hosts.deny/allow configuration be overridden so that they can gain access to my server? Does using chroot jail for running things like an IRC server and Teamspeak server prevent people from gaining access to my server and screwing with it?

Read the article

< Previous Page | 96 97 98 99 100 101 102 103 104 105 106 107 | Next Page >