Search Results

Search found 4196 results on 168 pages for 'proxy'.

Page 117/168 | < Previous Page | 113 114 115 116 117 118 119 120 121 122 123 124  | Next Page >

• How do I deny all requests not from cloudflare?

  - by phillips1012

  I've recently gotten denial of service attacks from multiple proxy ips, so I installed cloudflare to prevent this. Then I started noticing that they're bypassing cloudflare by connecting directly to the server's ip address and forging the host header. What is the most performant way to return 403 on connections that aren't from the 18 ip addresses used by cloudflare? I tried denying all then explicitly allowing the cloudflare ips but this doesn't work since I've set it up so that CF-Connecting-IP sets the ip allow tests for. I'm using nginx 1.6.0.

  Read the article

• Connect iPad to windows 7 VPN

  - by Linuz

  My iPad keeps spitting out the error: "A connection could not be established to the PPP server." I am trying to connect it to a VPN I set up with Windows 7 as an incoming connection. On the iPad, I went into the VPN settings, added a new PPTP VPN with the following information Server: Windows 7 Computer's IP RSA SecurID: OFF Account: Account Username Password: Account Password Encryption Level: Auto Send All Traffic: ON Proxy: Off Now I know that it is making some connection to the Windows 7 Computer because whenever I intentionally put in the wrong VPN password on the iPad, it makes me put in the correct one before trying to connect again. All the ports are forwarded on my router for PPTP, and my Windows 7 Firewall is even off to try to get this to work. Any help would be greatly appreciated, thanks.

  Read the article

• Google Chrome Enterprise - Any Gotchas?

  - by AJ

  Has anyone rolled out Google Chrome to a medium / large organisation? I would like to suggest it to our management (because I think it would work very nicely with some of our intranet applications), and I would like to find out what problems (if any) the rest of the world has been experiencing with it. Have you found any problems? I'm thinking of enterprise-level problems. I'm thinking that we can solve anything that requires a specific configuration / proxy setting / etc. I don't really know what I think might be a problem, but I wonder if there are any usability problems that occur when non-geeks use it? Or problems which only rear their ugly heads when you've got 50 users all doing something unexpected. Any helpful information or suggestions would be appreciated. Thanks. UPDATED: We tend to use Microsoft stuff, so Sharepoint, IIS, SQL Server, are typical building blocks of internal sites. (Thanks, @Jim, for reminding me to mention that).

  Read the article

• Where does apache store initialization state for mod_proxy_balancer

  - by khoxsey

  I run apache2 on Ubuntu as a caching load-balancing reverse proxy in front of a group of application servers. I have noticed that the balancer maintains some state for some of the attributes visible in /balancer-manager such as whether an IP is enabled/disabled, load factor, etc. My site has periods of high (and low) usage, and recently as I added a new server to the working group I noticed that the load balancer picked up the new server but had it set to Disabled. I'm curious where that data is stored, and/or how it is initialized.

  Read the article

• Make server unavailable gracefully using Powershell in ARR

  - by Carl Bergquist

  We are using ARR as reverse proxy and I would like to make a server unavailable for various reasons. How can this be done using Powershell? Edit 1: I found this http://blogs.iis.net/anilr/archive/2009/11/09/using-arr-config-extensibility-to-gracefully-stop-server.aspx tutorial for using JScript. But I'm not able to translate it to powershell. Edit 2: Using the Set-WebConfigurationProperty in WebAdministration module I'm able to changes settings for a server. I found SetState in %windir%\system32\inetsrv\config\schema\arr_schema.xml but I don't know how to invoke that method.

  Read the article

• Exposing the AnyConnect HTTPS service to outside network

  - by Maciej Swic

  We have a Cisco ASA 5505 with firmware ASA9.0(1) and ASDM 7.0(2). It is configured with a public ip address, and when trying to reach it from the outside by HTTPS for AnyConnect VPN, we get the following log output: 6 Nov 12 2012 07:01:40 <client-ip> 51000 <asa-ip> 443 Built inbound TCP connection 2889 for outside:<client-ip>/51000 (<client-ip>/51000) to identity:<asa-ip>/443 (<asa-ip>/443) 6 Nov 12 2012 07:01:40 <client-ip> 50999 <asa-ip> 443 Built inbound TCP connection 2890 for outside:<client-ip>/50999 (<client-ip>/50999) to identity:<asa-ip>/443 (<asa-ip>/443) 6 Nov 12 2012 07:01:40 <client-ip> 51000 <asa-ip> 443 Teardown TCP connection 2889 for outside:<client-ip>/51000 to identity:<asa-ip>/443 duration 0:00:00 bytes 0 No valid adjacency 6 Nov 12 2012 07:01:40 <client-ip> 50999 <asa-ip> 443 Teardown TCP connection 2890 for outside:<client-ip>/50999 to identity:<asa-ip>/443 duration 0:00:00 bytes 0 No valid adjacency We finished the startup wizard and the anyconnect vpn wizard and here is the resulting configuration: Cryptochecksum: 12262d68 23b0d136 bb55644a 9c08f86b : Saved : Written by enable_15 at 07:08:30.519 UTC Mon Nov 12 2012 ! ASA Version 9.0(1) ! hostname vpn domain-name office.<redacted>.com enable password <redacted> encrypted passwd <redacted> encrypted names ip local pool vpn-pool 192.168.67.2-192.168.67.253 mask 255.255.255.0 ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! interface Vlan1 nameif inside security-level 100 ip address 192.168.68.250 255.255.255.0 ! interface Vlan2 nameif outside security-level 0 ip address <redacted> 255.255.255.248 ! ftp mode passive dns server-group DefaultDNS domain-name office.<redacted>.com object network obj_any subnet 0.0.0.0 0.0.0.0 pager lines 24 logging enable logging asdm informational mtu outside 1500 mtu inside 1500 icmp unreachable rate-limit 1 burst-size 1 no asdm history enable arp timeout 14400 no arp permit-nonconnected ! object network obj_any nat (inside,outside) dynamic interface timeout xlate 3:00:00 timeout pat-xlate 0:00:30 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 timeout floating-conn 0:00:00 dynamic-access-policy-record DfltAccessPolicy user-identity default-domain LOCAL http server enable http 192.168.68.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart crypto ipsec ikev2 ipsec-proposal DES protocol esp encryption des protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal 3DES protocol esp encryption 3des protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES protocol esp encryption aes protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES192 protocol esp encryption aes-192 protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES256 protocol esp encryption aes-256 protocol esp integrity sha-1 md5 crypto ipsec security-association pmtu-aging infinite crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP crypto map outside_map interface outside crypto map inside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP crypto map inside_map interface inside crypto ca trustpoint _SmartCallHome_ServerCA crl configure crypto ca trustpoint ASDM_TrustPoint0 enrollment self subject-name CN=vpn proxy-ldc-issuer crl configure crypto ca trustpool policy crypto ca certificate chain _SmartCallHome_ServerCA certificate ca 6ecc7aa5a7032009b8cebcf4e952d491 <redacted> quit crypto ca certificate chain ASDM_TrustPoint0 certificate f678a050 <redacted> quit crypto ikev2 policy 1 encryption aes-256 integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 10 encryption aes-192 integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 20 encryption aes integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 30 encryption 3des integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 40 encryption des integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 enable outside client-services port 443 crypto ikev2 remote-access trustpoint ASDM_TrustPoint0 telnet timeout 5 ssh 192.168.68.0 255.255.255.0 inside ssh timeout 5 console timeout 0 vpn-addr-assign local reuse-delay 60 dhcpd auto_config outside ! dhcpd address 192.168.68.254-192.168.68.254 inside ! threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept ssl trust-point ASDM_TrustPoint0 inside ssl trust-point ASDM_TrustPoint0 outside webvpn enable outside enable inside anyconnect image disk0:/anyconnect-win-3.1.01065-k9.pkg 1 anyconnect image disk0:/anyconnect-linux-3.1.01065-k9.pkg 2 anyconnect image disk0:/anyconnect-macosx-i386-3.1.01065-k9.pkg 3 anyconnect profiles GM-AnyConnect_client_profile disk0:/GM-AnyConnect_client_profile.xml anyconnect enable tunnel-group-list enable group-policy GroupPolicy_GM-AnyConnect internal group-policy GroupPolicy_GM-AnyConnect attributes wins-server none dns-server value 192.168.68.254 vpn-tunnel-protocol ikev2 ssl-client default-domain value office.<redacted>.com webvpn anyconnect profiles value GM-AnyConnect_client_profile type user username <redacted> password <redacted> encrypted tunnel-group GM-AnyConnect type remote-access tunnel-group GM-AnyConnect general-attributes address-pool vpn-pool default-group-policy GroupPolicy_GM-AnyConnect tunnel-group GM-AnyConnect webvpn-attributes group-alias GM-AnyConnect enable ! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum client auto message-length maximum 512 policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp inspect ip-options ! service-policy global_policy global prompt hostname context call-home reporting anonymous Cryptochecksum:12262d6823b0d136bb55644a9c08f86b : end Clearly we are missing something, but the question is, what?

  Read the article

• Dropbox won't connect on Ubuntu 10.10 (Waiting For Connection)

  - by slhck

  I run Ubuntu 10.10 (2.6.35-25) on an x86 machine and try to install Dropbox by downloading the latest .deb file from the website. Now, first it will install dropbox-nautilus (requiring me to restart Nautilus before that) and then ask me to start Dropbox itself. The Dropbox client opens and indefinitely waits for a connection as there is a connection error. Of course, I don't use a proxy server and I'm writing this post from this very machine, so there's no problem with the internet connection. I'm not using a firewall (at least not that I know of, the Ubuntu installation is relatively untouched so far). Does anybody have some pointers?

  Read the article

• Scripting a database copy from MS Sql 2005 to 2008 without detach/backup/RDP

  - by James Santiago

  My goal is to move a single SQL 2005 database to a seperate 2008 server. The issue is my level of access to both servers. On each I can only access the database and nothing else. I cant create a backup file or detach the database because I don't have access to the file system or to create a proxy. I've tried using the generate script function of sql 2005 management studio express to restore the schema but receive command not supported errors when attempting to execute the sql on the new database. Similarly I tried using EMS SQL Manager 2005 Lite to script a backup of the schema and data but ran into similar problems. How do I go about acomplishing this? I can't seem to find any solutions outside of using the detach and backup functions.

  Read the article

• Mono on Linux: Apache or Nginx

  - by Furism

  Hi, I'm developing an ASP.NET application that will be run under Linux/Mono for various reasons (mostly to stay away from IIS, quite frankly). Of course the first web server I had in mind was Apache. But Apache, for all its advantages, adds a lot of overhead. Also, the application I'm building needs to be highly scalable and performance is one of the main concern. Apache has, obviously, a very good reputation and its record speaks for itself, but I don't need things like Reverse Proxy or Load Balancing because dedicated network devices would be used for that. So those modules from Apache will never be used. So basically my question is: since Nginx seems to fit exactly needs, is there any caveat I should be aware of? For instance, is Nginx renowned to be particularity safe? When security flaws are detected, how fast are they patched? Any insight on the pros and cons of using either of those servers in conjunction with Mono is welcome.

  Read the article

• Setting lusca and dansguardian iptables on Ubuntu 12.04 to prevent loop

  - by Heri YT

  I have a server with ubuntu 12:04 operating system, which runs as a proxy cache server lusca and DansGuardian as well as internet content filter. With the following composition: the client browser - lusca - DansGuardian - internet. And all this running only on one machine only, the following is a partial configuration on my server lusca: http_port 3128 transparent cache_peer 192.168.0.1 parent 8080 0 no-query no-digest no-netdb-exchange default which is also only found on the DansGuardian default settings namely: filterip="blank" filterport=8080 proxyip=192.168.0.1 proxyport=3128 The question is: Can all goes well? By simply relying on one machine only? What causes the "WARNING: Forwarding loop detected for:"? is not problematic if we leave? How to solve "WARNING: Forwarding loop detected for:" found in / var / log / lusca / cache.log Thank you.

  Read the article

• supervise apache with daemontools

  - by perlwle

  I am trying to setup daemontools for two apaches in one server. one apache 2.2 listening on port 80 proxy request to a second apache 1.3 listening on port 8888. ./run script as following: #!/bin/sh # apache 1.3 exec /apache_1_3/apache/bin/httpd -F #!/bin/sh # apache 2.2 exec /apache_2_2/apache/bin/httpd -D FOREGROUND daemontools monitors both apache fine. however, If I stop apache2.2 (using svc -t or apachectl), the apache 1.3 will see the following error in error_log [crit] (98)Address already in use: make_sock: could not bind to port 8888 I had to manually apachectl stop the apache1.3 to stop the error message clobber the log file. There is no such problem before using daemontools. any idea why this is happening?

  Read the article

• Single django instance with subdomains for each app in the django project

  - by jwesonga

  I have a django project (django+apache+mod_wsgi+nginx) with multiple apps, I'd like to map each app as a subdomain: project/ app1 (domain.com) app2 (sub1.domain.com) app3 (sub3.domain.com) I have a single .wsgi script serving the project, which is stored in a folder /apache. Below is my vhost file. I'm using a single vhost file instead of separate ones for each sub-domain: <VirtualHost *:8080> ServerAdmin [email protected] ServerName www.domain.com ServerAlias domain.com DocumentRoot /home/path/to/app/ Alias /admin_media/ /usr/local/lib/python2.6/dist-packages/django/contrib/admin/media <Directory /home/path/to/wsgi/apache/> Order deny,allow Allow from all </Directory> LogLevel warn ErrorLog /home/path/to/logs/apache_error.log CustomLog /home/path/to/logs/apache_access.log combined WSGIDaemonProcess domain.com user=www-data group=www-data threads=25 WSGIProcessGroup domain.com WSGIScriptAlias / /home/path/to/apache/kcdf.wsgi </VirtualHost> <VirtualHost *:8081> ServerAdmin [email protected] ServerName sub1.domain.com ServerAlias sub1.domain.com DocumentRoot /home/path/to/app Alias /admin_media/ /usr/local/lib/python2.6/dist-packages/django/contrib/admin/media <Directory /home/path/to/wsgi/apache/> Order deny,allow Allow from all </Directory> LogLevel warn ErrorLog /home/path/to/logs/apache_error.log CustomLog /home/path/to/logs/apache_access.log combined WSGIDaemonProcess sub1.domain.com user=www-data group=www-data threads=25 WSGIProcessGroup sub1.domain.com WSGIScriptAlias / /home/path/to/apache/kcdf.wsgi </VirtualHost> My Nginx configuration for the domain.com: server { listen 80; server_name domain.com; access_log off; error_log off; # proxy to Apache 2 and mod_wsgi location / { proxy_pass http://127.0.0.1:8080/; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_max_temp_file_size 0; client_max_body_size 10m; client_body_buffer_size 128k; proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; } } Configuration for the sub.domain.com: server { listen 80; server_name sub.domain.com; access_log off; error_log off; # proxy to Apache 2 and mod_wsgi location / { proxy_pass http://127.0.0.1:8081/; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_max_temp_file_size 0; client_max_body_size 10m; client_body_buffer_size 128k; proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; } } This set up doesn't seem to work, everything seems to point to the main domain. I've tried http://effbot.org/zone/django-multihost.htm which kind of worked but seems to have issues with loading my css,images,js files.

  Read the article

• Strategies for very fast delivery of webpages.

  - by Cherian

  I run a website Cucumbertown with an initial pay load of nearly 9KB zipped. All my js is delayed loaded with requirejs and modernizer is the only exception. Now all my webpages are Nginx cached and only 10-15% hits go to the backend proxy. And the cache is invalidated by logged in users as proxy_cache_bypass. So for an anonymous user its nearly always a cache hit. I have some basic OS tuning with default via ip dev eth0 initcwnd 15 net.ipv4.tcp_slow_start_after_idle 0 Despite an all cache & large initcwnd my pages still take 2.5 – 3 seconds. I have a yslow score of And page speed at Are there strategies that can help deliver webpages even faster than this? Deliver pages at 1+ second time for 10KB payload? Notes: My servers run of a fairly good data center from Linode at Fremont.

  Read the article

• What should be taken into consideration when deploying Windows 8 in a domain environment?

  - by GaTechThomas

  Edit: Reformulating the question: We have ordered new laptops but before they arrive, our development team is trying to decide whether to install Windows 8 or stick with Windows 7. We have already tested on isolated machines, but we have not yet been allowed to add the machines to the domain. Before we approach the networking group to discuss adding Windows 8 machines to the domain, we need more information on what changes / issues to expect in moving from Windows 7. Are there any aspects we should consider that are specific to Windows 8 clients? Thus far, I've gotten the following feedback: Windows Administrative Shares are disabled New set of Group Policy templates Changes to proxy server settings Additional items along these lines would be helpful. We're not looking for items related to Windows GUI changes, but instead primarily items related to having the machine live and be used on the domain.

  Read the article

• How can i resolve all external addresses to internal address?

  - by Darian

  I am currently setting up a Linux server for a WIFI access-point. When ever someone who is connected to the hotspot/access-point? tries to reload a page they get forced onto the one page. Note: this wont have internet access! ie: user tries accessing www.google.com = it returns 192.168.1.200 or example.domain I've read that "dnsmasq" can be used to redirect any external addresses to an internal address. but haven't had any luck. Anyone have an example of a config for "dnsmasq"? I have also read that this can be done through a proxy?

  Read the article

• How to recover basic networking utilities on Debian?

  - by Rizo

  I am administrating a small server for LAN, providing basic services such as web-proxy, ldap, kerberos, afs, etc. Yesterday there was a power cut so server halted. When I restarted it no network interfaces were available and configured. I tried restarting networking daemon but it just exited with 0 status. So I tried to run one of the interfaces manually, but ifup and ifdown commands simply are not there. No only in PATH, but they disappeared from /sbin. So my question is: how can I recover these network utilities?

  Read the article

• Configuring a Jetty web application on a different port

  - by sHz

  Hi folks, I'm brand new to Jetty. I'd like to ask if its possible to have Jetty listening on port 8080, however where specified, serve a specific web application under say /var/jetty/webapps/<appname> (default on CentOS) served on say port 10000 instead of http://localhost:8080/<appname> i.e. http://localhost:10000/ = http://localhost:8080/<appname&gt; ? If so, what configuration changes would be required to make this work without an additional proxy server? I've googled away, but haven't found a solution (perhaps I've missed something obvious?).

  Read the article

• Calling a WCF service from Java

  - by Ian Kemp

  As the title says, I need to get some Java 1.5 code to call a WCF web service. I've downloaded and used Metro to generate Java proxy classes, but they aren't generating what I expect, and I believe this is because of the WSDL that the WCF service generates. My WCF classes look like this (full code omitted for brevity): public class TestService : IService { public TestResponse DoTest(TestRequest request) { TestResponse response = new TestResponse(); // actual testing code... response.Result = ResponseResult.Success; return response; } } public class TestResponse : ResponseMessage { public bool TestSucceeded { get; set; } } public class ResponseMessage { public ResponseResult Result { get; set; } public string ResponseDesc { get; set; } public Guid ErrorIdentifier { get; set; } } public enum ResponseResult { Success, Error, Empty, } and the resulting WSDL (when I browse to http://localhost/TestService?wsdl=wsdl0) looks like this: <xsd:element name="TestResponse"> <xsd:complexType> <xsd:sequence> <xsd:element minOccurs="0" name="TestSucceeded" type="xsd:boolean" /> </xsd:sequence> </xsd:complexType> </xsd:element> <xsd:element name="ErrorIdentifier" type="q1:guid" xmlns:q1="http://schemas.microsoft.com/2003/10/Serialization/" /> <xsd:simpleType name="ResponseResult"> <xsd:restriction base="xsd:string"> <xsd:enumeration value="Error" /> <xsd:enumeration value="Success" /> <xsd:enumeration value="EmptyResult" /> </xsd:restriction> </xsd:simpleType> <xsd:element name="ResponseResult" nillable="true" type="tns:ResponseResult" /> <xsd:element name="Result" type="tns:ResponseResult" /> <xsd:element name="ResultDesc" nillable="true" type="xsd:string" /> ... <xs:element name="guid" nillable="true" type="tns:guid" /> <xs:simpleType name="guid"> <xs:restriction base="xs:string"> <xs:pattern value="[\da-fA-F]{8}-[\da-fA-F]{4}-[\da-fA-F]{4}-[\da-fA-F]{4}-[\da-fA-F]{12}" /> </xs:restriction> </xs:simpleType> Immediately I see an issue with this WSDL: TestResponse does not contain the properties inherited from ResponseMessage. Since this service has always worked in Visual Studio I've never questioned this before, but maybe that could be causing my problem? Anyhow, when I run Metro's wsimport.bat on the service the following error message is generated: [WARNING] src-resolve.4.2: Error resolving component 'q1:guid' and the outputted Java version of TestResponse lacks any of the properties from ResponseMessage. I hacked the WSDL a bit and changed ErrorIdentifier to be typed as xsd:string, which makes the message about resolving the GUID type go away, but I still don't get any of ResponseMessage's properties. Finally, I altered the WSDL to include the 3 properties from ResponseMessage in TestResponse, and of course the end result is that the generated .java file contains them. However, when I actually call the WCF service from Java, those 3 properties are always null. Any advice, apart from writing the proxy classes myself?

  Read the article

• securing server to server http post

  - by ad-inf

  Website is developed on JSF, Servlet, using apache web server. In my website, I accept data submission from few restricted websites using HTTP POST method. We exchange some secure key to ensure that correct source is sending data. But is there any way to ensure that the data is submitted from specific domain / IP address only? In application level I can check request.header('Referer') , but some proxy or firewall might hide the referer. Can this configuration done on firewall or webserver level to authenticate server to server communication? Eg. Say my website is a payment gateway website, integrated with www.abc.com. I want only abc.com to submit data. So a user using abc.com should be able to submit data to my website only through abc.com, and not any other website.

  Read the article

• ISA Server Route Add Question

  - by Kip

  Hi All, I have a situation where I have and ISA 2006 server (on Win2k3) that has an internal and an externaly facing NIC's. All works fine but I need to add a couple of routes for the following reason: Our monitoring software is on a different network. Our Terminal server is on a different network. Currently, access to the internet, through this proxy server, from the terminal server fails. Also, monitoring of the ISA server via a remote monitor or the installed agent talking to the remote monitor (BMC) also fails. The default enterprise rule on ISA blocks the traffic as I beleive it doesn't trust / know about those networks. Here is my routing table: I need to add a couple of address, but this one being the main one: 192.168.245.137 / mask 255.255.255.192 / gateway 192.168.245.129 But I can't get it to work. Routing is not my strong point but at the moment have no one else available to help. Can you offer any assistance? Please ask if you need more info

  Read the article

• Windows XP app not able to talk to web server

  - by weotch

  My company makes an app built with Adobe Air which talks to our webserver for user authentication. Some users are not able to login. Running Charles Proxy tells us that the "host cannot be found." Loading up the webserver in IE, initially we weren't able to visit the site, we had to add it to trusted sites. My guess is that some security setting is denying our app as well. Does anyone have any suggestions as far as where to make security looser for our app?

  Read the article

• How can I send a Wake on Wireless LAN (WoWLAN) / Wake on Demand request manually?

  - by pioto

  This is similar to, but not the same as, http://serverfault.com/questions/1721/is-wireless-wake-on-lan-possible. I know it is supposed to be possible. The question is, how do I do whatever the AirPort Basestation will do? All I can find so far is that supposedly I need to send something with Wireless Multimedia Extensions (WMM): Basically, I want to be able to wake up my Mac Mini remotely, probably using my Linux laptop. Does anyone know of a tool to do this? Basic Wake on LAN tools do not seem to be the right thing. I don't need the Sleep Proxy Service bit, because I already know the MAC address of the system I want to wake up.

  Read the article

• Chrome is reporting GMail has Invalid Server Certificate, how do I find out who's fiddling with my certs?

  - by chillitom

  Chrome is giving the following warning when ever I try and visit GMail or a bunch of other SSL sites. Invalid Server Certificate You attempted to reach mail.google.com, but the server presented an invalid certificate. You cannot proceed because the website operator has requested heightened security for this domain. This is the certificate the Chrome reports as invalid: -----BEGIN CERTIFICATE----- MIIDIjCCAougAwIBAgIQK59+5colpiUUIEeCdTqbuTANBgkqhkiG9w0BAQUFADBM MQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkg THRkLjEWMBQGA1UEAxMNVGhhd3RlIFNHQyBDQTAeFw0xMTEwMjYwMDAwMDBaFw0x MzA5MzAyMzU5NTlaMGkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh MRYwFAYDVQQHFA1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKFApHb29nbGUgSW5jMRgw FgYDVQQDFA9tYWlsLmdvb2dsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ AoGBAK85FZho5JL+T0/xu/8NLrD+Jaq9aARnJ+psQ0ynbcvIj36B7ocmJRASVDOe qj2bj46Ss0sB4/lKKcMP/ay300yXKT9pVc9wgwSvLgRudNYPFwn+niAkJOPHaJys Eb2S5LIbCfICMrtVGy0WXzASI+JMSo3C2j/huL/3OrGGvvDFAgMBAAGjgecwgeQw DAYDVR0TAQH/BAIwADA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLnRoYXd0 ZS5jb20vVGhhd3RlU0dDQ0EuY3JsMCgGA1UdJQQhMB8GCCsGAQUFBwMBBggrBgEF BQcDAgYJYIZIAYb4QgQBMHIGCCsGAQUFBwEBBGYwZDAiBggrBgEFBQcwAYYWaHR0 cDovL29jc3AudGhhd3RlLmNvbTA+BggrBgEFBQcwAoYyaHR0cDovL3d3dy50aGF3 dGUuY29tL3JlcG9zaXRvcnkvVGhhd3RlX1NHQ19DQS5jcnQwDQYJKoZIhvcNAQEF BQADgYEANYARzVI+hCn7wSjhIOUCj19xZVgdYnJXPOZeJWHTy60i+NiBpOf0rnzZ wW2qkw1iB5/yZ0eZNDNPPQJ09IHWOAgh6OKh+gVBnJzJ+fPIo+4NpddQVF4vfXm3 fgp8tuIsqK7+lNfNFjBxBKqeecPStiSnJavwSI4vw6e7UN0Pz7A= -----END CERTIFICATE----- I think someone or something (proxy, anti-virus, browser extension) is snooping on my SSL traffic. How can I determine who/what is doing this?

  Read the article

• Can't configure PAM + LDAP on Debian Lenny - Getting error=49 on server logs

  - by Jorge Suárez de Lis

  I've been migrating some servers and desktops using Ubuntu 10.04 from getting the users from an old OpenLDAP implementation to a newer Centos Active Directory. I haven't had any problems so far, until I reached a Debian Lenny server. I've set up the server as the others, setting /etc/ldap.conf and /etc/ldap/ldap.conf. However, when I issue "getent passwd", I get nothing from the LDAP server. Reading the pam_ldap manpage, I realized that /etc/ldap.conf was not an accepted file by pam_ldap -it worked with Ubuntu though-, so I renamed it to /etc/pam_ldap.conf. Same result. However, once I've changed the name of this file, when I login using SSH I get this on the LDAP server logs: [20/Jul/2012:11:19:40 +0200] conn=16501 fd=155 slot=155 connection from x.x.x.50 to 10.1.176.237 [20/Jul/2012:11:19:40 +0200] conn=16501 op=0 BIND dn="uid=ubuntu,ou=Applications,ou=CITIUS,dc=inv,dc=usc,dc=es" method=128 version=3 [20/Jul/2012:11:19:40 +0200] conn=16501 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=ubuntu,ou=applications,ou=citius,dc=inv,dc=usc,dc=es" [20/Jul/2012:11:19:40 +0200] conn=16501 op=1 SRCH base="ou=People,ou=CITIUS,dc=inv,dc=usc,dc=es" scope=2 filter="(uid=jorge.suarez)" attrs=ALL [20/Jul/2012:11:19:40 +0200] conn=16501 op=1 RESULT err=0 tag=101 nentries=1 etime=0 notes=U [20/Jul/2012:11:19:40 +0200] conn=16501 op=2 BIND dn="uid=jorge.suarez,ou=People,ou=CITIUS,dc=inv,dc=usc,dc=es" method=128 version=3 [20/Jul/2012:11:19:40 +0200] conn=16501 op=2 RESULT err=49 tag=97 nentries=0 etime=0 The password isn't working. I don't know that could be wrong, anything else seems to be OK. That user/password is working from another clients: [20/Jul/2012:11:29:39 +0200] conn=16528 fd=188 slot=188 connection from x.x.x.224 to 10.1.176.237 [20/Jul/2012:11:29:39 +0200] conn=16528 op=0 BIND dn="uid=ubuntu,ou=Applications,ou=CITIUS,dc=inv,dc=usc,dc=es" method=128 version=3 [20/Jul/2012:11:29:39 +0200] conn=16528 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=ubuntu,ou=applications,ou=citius,dc=inv,dc=usc,dc=es" [20/Jul/2012:11:29:39 +0200] conn=16528 op=1 SRCH base="ou=People,ou=CITIUS,dc=inv,dc=usc,dc=es" scope=2 filter="(uid=jorge.suarez)" attrs=ALL [20/Jul/2012:11:29:39 +0200] conn=16528 op=1 RESULT err=0 tag=101 nentries=1 etime=0 notes=U [20/Jul/2012:11:29:39 +0200] conn=16528 op=2 BIND dn="uid=jorge.suarez,ou=People,ou=CITIUS,dc=inv,dc=usc,dc=es" method=128 version=3 [20/Jul/2012:11:29:39 +0200] conn=16528 op=2 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=jorge.suarez,ou=people,ou=citius,dc=inv,dc=usc,dc=es" I'm using SSHA for storing passwords on the LDAP server. Maybe this is not supported by Debian Lenny? On pam_ldap.conf, I've set up this, as in all the other servers: # Do not hash the password at all; presume # the directory server will do it, if # necessary. This is the default. pam_password md5 Also tried clear, but it didn't work. Anyways, it's weird that issuing getent passwd still gets me no users. However, if I use pamtest from the package libpam-dotfile to test login, it works. # pamtest ssh jorge.suarez Trying to authenticate <jorge.suarez> for service <ssh>. Password: Authentication successful. # pamtest foo jorge.suarez Trying to authenticate <jorge.suarez> for service <foo>. Password: Authentication successful. But "su" won't work also: # su jorge.suarez Id. descoñecido: jorge.suarez Just the output from getent passwd : # getent passwd root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/bin/sh bin:x:2:2:bin:/bin:/bin/sh sys:x:3:3:sys:/dev:/bin/sh sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/bin/sh man:x:6:12:man:/var/cache/man:/bin/sh lp:x:7:7:lp:/var/spool/lpd:/bin/sh mail:x:8:8:mail:/var/mail:/bin/sh news:x:9:9:news:/var/spool/news:/bin/sh uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh proxy:x:13:13:proxy:/bin:/bin/sh www-data:x:33:33:www-data:/var/www:/bin/sh backup:x:34:34:backup:/var/backups:/bin/sh list:x:38:38:Mailing List Manager:/var/list:/bin/sh irc:x:39:39:ircd:/var/run/ircd:/bin/sh gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh nobody:x:65534:65534:nobody:/nonexistent:/bin/sh libuuid:x:100:101::/var/lib/libuuid:/bin/sh Debian-exim:x:101:103::/var/spool/exim4:/bin/false statd:x:102:65534::/var/lib/nfs:/bin/false sshd:x:104:65534::/var/run/sshd:/usr/sbin/nologin luser:x:1000:1000:Usuario local de Burdeos,,,:/home/luser:/bin/bash messagebus:x:105:107::/var/run/dbus:/bin/false sge-admin:x:1001:1001:Administrador do SGE,,,:/home/cluster/sge-admin:/bin/bash ntp:x:107:110::/home/ntp:/bin/false haldaemon:x:108:111:Hardware abstraction layer,,,:/var/run/hald:/bin/false vde2-net:x:109:114::/var/run/vde2:/bin/false uml-net:x:110:115::/home/uml-net:/bin/false polkituser:x:111:116:PolicyKit,,,:/var/run/PolicyKit:/bin/false Debian-pxe:x:113:65534:Dummy user for Debian pxe package,,,:/home/Debian-pxe:/bin/false Nscd was stopped from the beginning.

  Read the article

• Perl module error on solaris-10

  - by ramesh.mimit

  I have installed perl and pm_dbdmysql perl module on solaris-10. I have a perl script which makes the mysql DB connection to a diff server and runs some queries and returns the results. Its working fine on linux(redhat) but when I am running the script on solaris-10 its giving me the below error: 2010-12-14 00:00:00 and 2010-12-14 23:59:59DAILY INSIDE : 2010-12-14 00:00:00 -- 2010-12-14 23:59:59 install_driver(mysql) failed: Can't locate DBD/mysql.pm in @INC (@INC contains: /usr/local/lib/perl5/5.10.1/i86pc-solaris /usr/local/lib/perl5/5.10.1 /usr/local/lib/perl5/site_perl/5.10.1/i86pc-solaris /usr/local/lib/perl5/site_perl/5.10.1 .) at (eval 15) line 3. Perhaps the DBD::mysql perl module hasn't been fully installed, or perhaps the capitalisation of 'mysql' isn't right. Available drivers: DBM, ExampleP, File, Gofer, Multiplex, Proxy, Sponge, Sybase. at cerberus_report.pl line 114 Though dbd-mysql perl module is already installed. PKGINST: CSWpmdbdmysql NAME: pm_dbdmysql - MySQL driver for the Perl5 Database Interface (DBI) Is it something related to the path variables to need some other perl moudule dependency!

  Read the article

< Previous Page | 113 114 115 116 117 118 119 120 121 122 123 124  | Next Page >