Search Results

Search found 80794 results on 3232 pages for 'good time tribe'.

Page 137/3232 | < Previous Page | 133 134 135 136 137 138 139 140 141 142 143 144  | Next Page >

• iptables - quick safety eval & limit max conns over time

  - by Peter Hanneman

  Working on locking down a *nix server box with some fancy iptable(v1.4.4) rules. I'm approaching the matter with a "paranoid, everyone's out to get me" style, not necessarily because I expect the box to be a hacker magnet but rather just for the sake of learning iptables and *nix security more throughly. Everything is well commented - so if anyone sees something I missed please let me know! The *nat table's "--to-ports" point to the only ports with actively listening services. (aside from pings) Layer 2 apps listen exclusively on chmod'ed sockets bridged by one of the layer 1 daemons. Layers 3+ inherit from layer 2 in a similar fashion. The two lines giving me grief are commented out at the very bottom of the *filter rules. The first line runs fine but it's all or nothing. :) Many thanks, Peter H. *nat #Flush previous rules, chains and counters for the 'nat' table -F -X -Z #Redirect traffic to alternate internal ports -I PREROUTING --src 0/0 -p tcp --dport 80 -j REDIRECT --to-ports 8080 -I PREROUTING --src 0/0 -p tcp --dport 443 -j REDIRECT --to-ports 8443 -I PREROUTING --src 0/0 -p udp --dport 53 -j REDIRECT --to-ports 8053 -I PREROUTING --src 0/0 -p tcp --dport 9022 -j REDIRECT --to-ports 8022 COMMIT *filter #Flush previous settings, chains and counters for the 'filter' table -F -X -Z #Set default behavior for all connections and protocols -P INPUT DROP -P OUTPUT DROP -A FORWARD -j DROP #Only accept loopback traffic originating from the local NIC -A INPUT -i lo -j ACCEPT -A INPUT ! -i lo -d 127.0.0.0/8 -j DROP #Accept all outgoing non-fragmented traffic having a valid state -A OUTPUT ! -f -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT #Drop fragmented incoming packets (Not always malicious - acceptable for use now) -A INPUT -f -j DROP #Allow ping requests rate limited to one per second (burst ensures reliable results for high latency connections) -A INPUT -p icmp --icmp-type 8 -m limit --limit 1/sec --limit-burst 2 -j ACCEPT #Declaration of custom chains -N INSPECT_TCP_FLAGS -N INSPECT_STATE -N INSPECT #Drop incoming tcp connections with invalid tcp-flags -A INSPECT_TCP_FLAGS -p tcp --tcp-flags ALL ALL -j DROP -A INSPECT_TCP_FLAGS -p tcp --tcp-flags ALL NONE -j DROP -A INSPECT_TCP_FLAGS -p tcp --tcp-flags ACK,FIN FIN -j DROP -A INSPECT_TCP_FLAGS -p tcp --tcp-flags ACK,PSH PSH -j DROP -A INSPECT_TCP_FLAGS -p tcp --tcp-flags ACK,URG URG -j DROP -A INSPECT_TCP_FLAGS -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP -A INSPECT_TCP_FLAGS -p tcp --tcp-flags ALL FIN,PSH,URG -j DROP -A INSPECT_TCP_FLAGS -p tcp --tcp-flags FIN,RST FIN,RST -j DROP -A INSPECT_TCP_FLAGS -p tcp --tcp-flags SYN,RST SYN,RST -j DROP -A INSPECT_TCP_FLAGS -p tcp --tcp-flags ALL SYN,FIN,PSH,URG -j DROP -A INSPECT_TCP_FLAGS -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP #Accept incoming traffic having either an established or related state -A INSPECT_STATE -m state --state ESTABLISHED,RELATED -j ACCEPT #Drop new incoming tcp connections if they aren't SYN packets -A INSPECT_STATE -m state --state NEW -p tcp ! --syn -j DROP #Drop incoming traffic with invalid states -A INSPECT_STATE -m state --state INVALID -j DROP #INSPECT chain definition -A INSPECT -p tcp -j INSPECT_TCP_FLAGS -A INSPECT -j INSPECT_STATE #Route incoming traffic through the INSPECT chain -A INPUT -j INSPECT #Accept redirected HTTP traffic via HA reverse proxy -A INPUT -p tcp --dport 8080 -j ACCEPT #Accept redirected HTTPS traffic via STUNNEL SSH gateway (As well as tunneled HTTPS traffic destine for other services) -A INPUT -p tcp --dport 8443 -j ACCEPT #Accept redirected DNS traffic for NSD authoritative nameserver -A INPUT -p udp --dport 8053 -j ACCEPT #Accept redirected SSH traffic for OpenSSH server #Temp solution: -A INPUT -p tcp --dport 8022 -j ACCEPT #Ideal solution: #Limit new ssh connections to max 10 per 10 minutes while allowing an "unlimited" (or better reasonably limited?) number of established connections. #-A INPUT -p tcp --dport 8022 --state NEW,ESTABLISHED -m recent --set -j ACCEPT #-A INPUT -p tcp --dport 8022 --state NEW -m recent --update --seconds 600 --hitcount 11 -j DROP COMMIT *mangle #Flush previous rules, chains and counters in the 'mangle' table -F -X -Z COMMIT

  Read the article

• Date and time wise Sort nsmutablearray

  - by milanjansari

  Hello everyone, i have one problem when i sort the NSMutablearray using date and time wise. Does anyone have idea how can i sorted array date and time wise Thanks in advance

  Read the article

• good freeware for flowcharts (windows)

  - by Omnipresent

  Guys, I have to present some 'process' or 'flow' of the application at work on friday. I was hoping to prepare a flow chart before i begin the hands on demo. Any suggestions for freeware sw to make simple flowcharts on windows?

  Read the article

• Are there any good programs for actionscript/flex that'll count lines of code, number of functions,

  - by onekidney

  Doug McCune had created something that was exactly what I needed (http://dougmccune.com/blog/2007/05/10/analyze-your-actionscript-code-with-this-apollo-app/) but alas - it was for AIR beta 2. I just would like some tool that I can run that would provide some decent metrics...any idea's?

  Read the article

• How good is Oracle Universal Connection Pool (UCP)

  - by Andrey Ashikhmin

  Does anybody have experience with using Oracle UCP under real production load? Does it handle database reconnects well? Are there any multi-threading issues? Has anybody compared it with C3P0 or Apache DBCP?

  Read the article

• What are some good design patterns for CRUD?

  - by Extrakun

  I am working with a number of data entities which can be created, read, updated and deleted, and I find myself writing more or less the same code for them. For example, I need to sometimes output data as JSON, and sometimes in a table format. I am finding myself writing 2 different types of view to export the data to. Also, the creation of those entities within DB usually differs just by the SQL statements and the input parameters. I am thinking of creating a strategy pattern to represent different 'contexts'. For example, the read() method of an AJAX context will be to return the data as JSON. However, I wonder if others have deal with this problem beforehand and will like to know what design patterns are usually use for CRUD operations.

  Read the article

• Is AsParallel() good practice in a web environment?

  - by Bjorn Bailleul

  I have no doubt that for client applications, AsParallel() will bring some out-of-the-box performance gains. But what if I would use it in a web environment. Let's say I have a widget framework that loops over all widgets to get their data and render output. This would parallelize great no? I do have my doubts on using AsParallel() in this scenario. What if I have a large number of visitors for my site, isn't IIS going to use multiple threads to handle all requests? Aren't there going to be locking issues presented after a while, or threads dying because all processors are in use? It's just a thought, what do you think about this?

  Read the article

• Any good tutorials on using OAuth with Piston?

  - by Hank Gay

  I've looked at the relevant section of the Piston documentation, but it only seems to focus on how to turn it on, not what it would look like for clients or how to test it to verify it's working. The example only seems to use HTTP Basic and curl. Finally, Ned Batchelder's question makes it look like a tutorial is in order. Thanks.

  Read the article

• Reference for good Android UI design patterns.

  - by sat

  Hi, I would like to get some links for getting started with design patterns.My requirement is , (at Initial stage) How to go about developing a particular pattern , say customized ListView which can be shared across applications . e.g. Applications will call something like drawCustomizedListView(params...) and my code will draw the listview according to the parameters supplied. This is particularly useful when across the applications I have to draw customized views. My intention is, I should not repeat the same code everywhere for doing similar task. Any references for the above requirement ?

  Read the article

• Is there a good way of automatically generating javascript client code from server side python

  - by tat.wright

  I basically want to be able to: Write a few functions in python (with the minimum amount of extra meta data) Turn these functions into a web service (with the minimum of effort / boiler plate) Automatically generate some javascript functions / objects for rpc (this should prevent me from doing as many stupid things as possible like mistyping method names, forgetting the names of methods, passing the wrong number of arguments) Example python: def hello_world(): return "Hello world" javascript: ... <!-- This file is automatically generated (either dynamically or statically) --> <script src="http://myurl.com/webservice/client_side_javascript"> </script> ... <script> $('#button').click(function () { hello_world(function (data){ $('#label').text(data))) } </script> A bit of research has shown me some approaches that come close to this: Automatic generation of json-rpc services from functions with a little boiler plate code in python and then using jquery and json to do the calls (still easy to make mistakes with method names - still need to be aware of urls when calling, very irritating to write these calls yourself in the firebug shell) Using a library like soaplib to generate wsdl from python (by adding copious type information). And then somehow convert this into javascript (not sure if there is even a library to do this) But are there any approaches closer to what I want?

  Read the article

• Python: Figure out local timezone

  - by Adam Matan

  I want to compare UTC timestamps from a log file with local timestamps. When creating the local datetime object, I use something like: >>> local_time=datetime.datetime(2010, 4, 27, 12, 0, 0, 0, tzinfo=pytz.timezone('Israel')) I want to find an automatic tool that would replace thetzinfo=pytz.timezone('Israel') with the current local time zone. Any ideas?

  Read the article

• Any good source of explanatory documentation on ColorMatrix?

  - by mackenir

  I'd like to try using ColorMatrix, but am only able to find examples that convert an image to grayscale. And even then, they tend to be presented as a chunk of 'magic numbers' code with no explanation. Does anyone know of a 'tutorial' on how to use ColorMatrix? For example I'd be interested in converting a grayscale image to a color image, where white == transparent, and black = a solid color, with gray pixels somewhere in between. Could ColorMatrix do that?

  Read the article

• Good blog about CPP

  - by Yongwei Xing

  Hi all Can you recommend some independent blogs about C++? Best Regards,

  Read the article

• What's a good Lua IDE for linux?

  - by Brendan Abel

  I'm looking for a lua IDE on linux. The majority of suggestions I've seen so far are windows only. I would have liked to use one of the Eclipse plugins for lua, but both of them -- LuaEclipse and LunarEclipse -- haven't been updated in nearly two years, and don't seem to work with Eclipse 3.5. If you have had any luck in getting lua working in Eclipse, I would be very interested.

  Read the article

• ESXi boot time with 9 iSCSI targets

  - by Myles Gray

  Our ESXi hosts have always been slow booting when it came to iscsi_vmk loaded successfully - sitting here for almost 5 minutes. In all a full server reboot takes almost 12 minutes. We have 9 iSCSI targets per host (5 SANs with redundant interfaces) configured as dynamic discovery targets. Has anyone experienced this? Can it be remedied with static discovery mode? Are there any debug steps we can work through to help diagnose this? (All our targets are accessible at boot so i'm assuming the host isn't stuck retrying to connect to a target)

  Read the article

• What is a good Javascript RDFa parser implementation?

  - by tremoloqui

  I am looking to implement a client side RDFa based formatting for a web application. This would be similar to Mark Birbeck's ubiquity-rdfa project. Mark's project looks fantastic but it has at least two drawbacks: It is slow. Adding RDFa formatting to a simple page causes a noticeable delay in page loading. It is complex. The ubiquity-rdfa project makes use of the w3c fresnel specification which is complex way to add simple annotations to client markup. I am looking for a lighter weight way of adding annotations through client code and I don't mind doing some work to get it. What I would like is a fast and reliable Javascript RDFa parser. Some implementations that I have found include: W3C RDFa bookmarklet parser Elias Torres RDFa extractor I am interested to know if you would recommend one of these, or another, RDFa Javascript implementation. Thanks!

  Read the article

• Good practices for intialising properties ?

  - by Rubans

  HI, I have a class property that is a list of strings, List. Sometimes this property is null or if it has been set but the list is empty then count is 0. However elsewhere in my code I need to check whether this property is set, so currently my code check whether it's null and count is 0 which seems messy. if(objectA.folders is null) { if(objectA.folders.count == 0) { // do something } } Any recommendation on how this should be handled? Maybe I should always initialise the property so that it's never null? Appolgies if this is a silly question.

  Read the article

• Opposite of mktime() in php?

  - by AFK

  How could I convert a unix timestamp , i.e. from time(), into a m-d-Y string using php?

  Read the article

• Automatic logout Microsoft VSS6 user who is not using it for long time

  - by PAUL

  Suppose some user logged in to VSS for long time but VSS admin need to log off those user who is not using VSS for certain periode of time(such as 15 minutes).How to do it?

  Read the article

• Win 7 laptop taking a long time to log on when off the domain

  - by pigeon

  I've clicked through on a few forums but unable to find a suggestion for this issue. I have a user with a HP laptop which will boot perfectly fine whilst connected to the network but at home it will take 4 minutes to log on. Some suggestions I have had is that its looking for the DNS server of the domain. Another was that it was suggested it was a roaming profile (it isn't). So hoping someone has encountered Windows 7 acting like this and has some suggestions. The other users on this domain don't have the issue and its a mix of XP and Win 7 client PCs.

  Read the article

• TortoiseSVN : Good 'patch file' viewer ?

  - by mishal153

  Hi, The default patch file viewer is messy (ie. no side by side diff view etc). I tried setting the path of beyondCompare exe in "Settings-Unified Diff Viewer-custom", but beyond compare also behaves same as default diff tool. Is there a way to atleast allow side by side diff in patch files ? If so, what is the method ? My aim is to allow emailing of changes so that they can be reviewed before I commit them :) Mishal

  Read the article

• ASP.NET Custom Control

  - by Alyn

  I am building an ASP.NET Web User Control which has a panel within it. How do I make the Panel within the user control resizable (i.e. with handles) at design time in Visual Studio. I need to create a design class or something?? Thanks.

  Read the article

• Long time to access network when windows 7 resumes from sleep

  - by jamie

  Although my machine resumes from sleep very quickly, the network access takes quite a few seconds. Why should this be? I have specified fixed IPs, hardcoded the DNS and gateway settings. Any clues as to how i can speed this up?

  Read the article

• Connect to wired and wireless networks at same time, Ubuntu

  - by Gary Chambers

  Currently, I have a media PC running Ubuntu 10.04 that I am trying to connect via a wired network cable directly to a NAS box, and wirelessly to the router. This works no problem after I run sudo /etc/init.d/networking restart but I can't get both interfaces to come up on system startup. My /etc/network/interfaces file reads as follows: auto eth0 iface eth0 inet static address 10.0.1.2 netmask 255.255.254.0 broadcast 10.0.1.255 network 10.0.1.0 auto wlan2 iface wlan2 inet dhcp As I say, I know this works, because I can get it to work by restarting the network interfaces, but I can't bring them both up on system startup. Does anyone know why this might be?

  Read the article

• How to develop good debugging skills? [closed]

  - by Sasha

  Possible Duplicate: Debugging techniques How can I improve my debugging skills? I am thinking in the context of C++ under UNIX, C#, and in general. Please suggest how I can improve in these areas in terms of: Approaches to take, where to start, and how to proceed. Tools to use, and how use them effectively. Recommended material (books, articles) to read and lectures to watch.

  Read the article

< Previous Page | 133 134 135 136 137 138 139 140 141 142 143 144  | Next Page >