Search Results

Search found 5390 results on 216 pages for 'ssl vpn'.

Page 174/216 | < Previous Page | 170 171 172 173 174 175 176 177 178 179 180 181  | Next Page >

• Filtering attachment types in Google Apps (free Google Business)

  - by Ernest

  We have Google apps in our company for mail delivery, our business can't pay the business version yet, however, we need to control the attachment types that employees download. We recently switched from another hosting provider who recomended us to plug Google Apps for mail when we moved the domain, we had a firewall before which was able to prevent certain file types to be downloaded. I know the business version has section for filtering mail (postini services). Is there a hack around my problem? Anyone ever had this problem? Thank you! UPDATE: The main problem is gmail apps uses ssl connection, can this be changed ? how can i get the firewall to filter files only allowing *.doc, *.xls y *.pdf.

  Read the article

• linux intrusion detection software

  - by Sam Hammamy

  I have an Ubuntu VPS that I use for practice and deploying prototypes as I am a python developer. I recently started teaching my self sys admin tasks, like installing OpenLDAP. I happened to turn off the ufw firewall for just a minute, and when I ran an netstat command, I saw a foreign ip connected to ssh that I traced to china. I'd like to know a few things: 1) Is there any good network intrusion detection software, such that if any IP that's outside a specific range connects to the VPN, I can be notified? -- I am thinking about scripting this, but I'm pretty sure there's something useful out there and I believe in the wisdom of crowds. 2) How did this person gain access to my server? Is it because my firewall was down? Or is it because they browsed my LDAP directory and from there figured out a way to connect (there was a clear text password in the tree but it wasn't one used by the server's sshd)?

  Read the article

• How to convert non key, value java arguments to applet params? (args like -Xmx64m)

  - by bwizzy

  I'm trying to use xvpviewer (based on TightVNC) to VNC into my VMs running on Citirx XenServer. There are a couple of caveats required with trusting the certificate from XenServer which I've got working. Essentially I'm trying to convert the java command below (which works on the command line to launch VncViewer) for use in an applet that can be accessed via HTML page. java -Djavax.net.ssl.trustStore=/tmp/kimo.jks -Xmx64m -jar VncViewer.jar HOST "/console?ref=OpaqueRef:141f4204-2240-4627-69c6-a0c7d9898e6a&session_id=OpaqueRef:91a483c4-bc40-3bb0-121c-93f2f89acc3c" PORT 443 PROXYHOST1 192.168.0.5 PROXYPORT1 443 SocketFactory "HTTPSConnectSocketFactory" I know I can put the HOST, PORT etc arguments into param tags for the applet but I'm not sure how to apply the two initial argments.

  Read the article

• Error moving a certificate to remote server

  - by edh

  Hi- I am trying to obtain a certificate and move it to a remote server. It is a report server which requires its own certificate for SSL but is not running IIS. I have a server running IIS 6 so i created a fake website to create a csr, obtained a certificate from a 3rd party, then processed and installed the cert on the fake website. I want to then move the certificate to a remote server. when it asks for the server name and credentials i supply them, hit next, then get the error, 'class not registered'. any ideas? Thanks -Ed

  Read the article

• Forcing exact hostname match in IIS

  - by iis_newbie

  I am looking how to force an exact hostname match within IIS when using https. For instance, I want "https://works.mysite.com/resource" to be ok, but "https://noworks.mysite.com/resource" to return 404 (assuming they both resolve to the same IP). IIUC, the default behavior of IIS when going to "https://noworks.mysite.com/resource" is to get a cert warning, if the user presses continue, the user is able to access the URL. I was able to do this by generating a *.mysite.com SSL cert, and then specify the hostname within the bindings in IIS, but without the * in the beginning, the hostname field is disabled and blank. Am I missing something simple here?

  Read the article

• Backup solution

  - by user66115

  We are currently looking for a new backup solution. Our current network is 5 remote location with a tape backup in each plant. Right now we are looking at a MPLS VPN and running backups out of our main plant. The main thing that we backup are user private folders and department files. And each plant has it's own file server that houses CAD drawings. My main plan is to have every thing but that CAD drawing at the main faculty. We would start with a main backup of the drawing files and then do change backups back to the main plant. Besides tapes what would be the best way to backup. Our contact at Pc Connection is point us toward a Tandberg Data device.

  Read the article

• Protecting a SVN server

  - by user35072

  For various reasons we are finding it increasingly difficult to work with remote workers. We are a very small developer shop and it's becoming impractical to do manual merges on a daily basis. So we're left with little choice (?) but to consider opening up our SVN servers. I'm looking into the following: Full HTTPS session Running non-80 port Strong password policy Is this enough to prevent someone hacking and stealing data? I will also look into VPN but first would like to understand any alternative solutions.

  Read the article

• How can I measure TCP timeout limit on NAT firewall for setting keepalive interval?

  - by jmanning2k

  A new (NAT) firewall appliance was recently installed at $WORK. Since then, I'm getting many network timeouts and interruptions, especially for operations which would require the server to think for a bit without a response (svn update, rsync, etc.). Inbound SSH sessions over VPN also timeout frequently. That clearly suggests I need to adjust the TCP (and ssh) keepalive time on the servers in question in order to reduce these errors. But what is the appropriate value I should use? Assuming I have machines on both sides of the firewall between which I can make a connection, is there a way to measure what the time limit on TCP connections might be for this firewall? In theory, I would send a packet with gradually increasing intervals until the connection is lost. Any tools that might help (free or open source would be best, but I'm open to other suggestions)? The appliance is not under my control, so I can't just get the value, though I am attempting to ask what it currently is and if I can get it increased.

  Read the article

• Why are the external IP of my router not the same as the external IP of my computer

  - by Martin

  I have a standard network setup where all my network devices, both WIFI and ethernet, are connected to the same router. Lately, however, I've been experiencing some very strange behavior. It started as a simple connecting error, when I tried to reach an FTP server using the external IP. Of course I went right into one of those CheckMyIP sites, to double check the IP and it turned out to be correct. Then I went into my router setup, which is through a tool called aiport-tool, because I have an Apple Aiport Extreme router. Turns out the router displays a different external IP, and for some reason that external IP works when I try to access the FTP server. Can anyone explain what is going on? Why are the devices connected to the router displaying an incorrect external IP? BTW i have no VPN/proxy setups on any of my devices.

  Read the article

• Kill UDP port that has no process?

  - by Chocohound

  I can't bind to UDP port 500 from my code (yes I'm running w/ sudo). The port is reported as "already in use" (Mac os X), but doesn't have an associated process: $ sudo netstat -na | grep "udp.*\.500\>" udp4 0 0 192.168.50.181.500 *.* udp4 0 0 192.168.29.166.500 *.* But sudo lsof doesn't show a process on port 500 (ie sudo lsof -i:500 -P reports nothing). How can I unbind port 500 so I can use it again? I believe I have a bad VPN client that isn't cleaning up after itself, but I can't get rid of this without rebooting the machine.

  Read the article

• IP not detected in terremark enteprise cloud server - how to install VMware on instance?

  - by JohnMerlino

  Using terremark enteprise cloud, when you create a server, you assigned an IP address to them and that IP is visible under Detected IP when selecting the server. However, I created a server, with IP address and I created an internet service and connected it with a node. I used protocol TCP and mapped it to port 3001. But I notice when I select my server, the IP address doesnt dsplay under Detected IP and then I VPN Connect, launch terminal and try to SSH with the IP to my server, and I get connection timed out. I presume the reason lies in that the IP address is not being detected. Someone suggested that my VMware-Tools is out of date and in fact on the server instance for VMware-Tools it does say "out of date". I'm not sure how to mount the instance and install VMware-Tools. I am using Mac OSX. Someone said that it will only work on PC running IE.

  Read the article

• How to specify multiple HostName/Port combinations in .ssh/config

  - by leoluk

  I have multiple notebooks and workstations which pull and push from multiple Mercurial repositories on a central server. I usually use .ssh/config to set an alias: Host repo-server HostName server.somedomain User user143 IdentityOnly yes IdentityFile ~/hgkey Port 156 ... and some more options, you get the idea. I can then simply do a hg push ssh://repo-server//hgroot/someproject on every local repository, and I can change the server address and port in one place. For workstations, this works fine, but the notebooks can access the server either from inside the network or from outside, using a different address and a different port. Is there any way I can specify multiple HostName/Port combinations so that SSH automatically tries them in order? This way, the users could push and pull without having to care about the correct address. (of course, using a VPN would be the most correct solution)

  Read the article

• Internal Outlook clients prompted for OWA login when only accessing local internal Exchange server?

  - by TallGuy

  Hope someone can help with this one. Scenario is an internal Exchange 2003 server. OWA front end server in the DMZ. OWA logins work fine, with SSL configured. Over the last week (3 times so far) when an internal person opens their Outlook and then tries to open an email with JPG attachments they are prompted for the webmail login. Why? Even if they enter their valid webmail OWA login it fails and reprompts once for each attachment. Once they get through the multiple login prompts, they can double-click to open the attachments, but they are all blank. Any ideas on what could cause this? Why would someone accessing an email from an internal Outlook client get prompted for details of the OWA/webmail server login?

  Read the article

• No remote access to PostgreSQL db

  - by gattol

  i'm stuck in connecting to a PostresSQL database from remote host. The server is accepting incoming connections on port 5432 and i've configured pg_hba.conf like this: local all all md5 host all all 0.0.0.0/0 md5 and the postgresql.conf like this: listen_addresses = '*' port = 5432 max_connections = 100 I don't have any problem accessing from local but when i try to connect via psql with something like this: psql -U myuser -h hostname db_name I get this error: psql: FATAL: no pg_hba.conf entry for host "87.zz.yy.xxx", user "myuser", database "db_name", SSL off I also tried to put the host 87.zz.yy.xxx in the pg_hba.conf file without success.

  Read the article

• VoIP and IPv6 with IPsec

  - by PhilCisco

  Hi, I had some basic questions about VoIP in a IPv6 architecture, right now I'm running VoIP in a v4 architecture, and I was thinking about to change everything to v6. my questions are not that practical but I would like to understand it well. Question 1: if i had internet full v6 or v4 and that I enable IPsec on my v6 router do I still need a VPN through the internet ? because my routers will anyway exchange their pub/priv key or their certificate to ensure the communication. Question 2: If the answer to question 1 is yes then I only have two advantages to put my VoIP architecture to IPv6 the second advantage for me is the NAT which I will not have anymore. I know that right now I should anyway still use things like NAT-PT, Tunnelling and so one but in full v6 are their any other advantages ? Thank you

  Read the article

• Advice on off-site backup of Hyper-V Failover Cluster

  - by Paul McCowat

  We are currently setting up a Server 2008 R2 which will be off-site over a leased line with VPN. At the main site is 2 x Hyper-V hosts in a failover cluster with PowerVault M3000i iSCSI SAN. We are using BackupAssist for local backups and each host backups up itself and it's guests nightly creating a 500GB backup each which is copied to a 2TB rotated NAS drive. Files and SQL DB's are also backed up / log shipped etc. Looking for the best way to backup the Hyper-V VM's and copy them off-site so that the OS's are only a month old and the data is a day old. The main backups are too large to transfer between backups so options discussed so far are: Take rotating individual backups of the VM's each day and copy over, Day 1 SQL VM, Day 2 Exchange VM etc, would require more storage. Look in to Hyper-V snapshots, however don't believe these are supported in clustering. 3rd party replication tools

  Read the article

• Logging the client IP with Nginx/Varnish/Apache

  - by jetboy

  I have Nginx listening on port 443 as an SSL terminator, and proxying unencrypted traffic to Varnish on the same server. Varnish 3 is handling this traffic, and traffic coming in directly on port 80. All traffic is passed, unencrypted, to Apache instances on other servers in the cluster. The Apache instances use mod_rpaf to replace the logged client IP with the contents of the X-Forwarded-For header. My problem is that if the traffic is coming via Nginx, while the 'correct' client IP is getting logged in the VarnishNCSA logs, it looks as if Varnish is (understandably) replacing Nginx's X-Forwarded-For header with 127.0.0.1 downstream, and this is getting logged with Apache. Is there a nice simple way to stop Varnish rewriting X-Forwarded-For if it's already populated?

  Read the article

• Mitigating the 'firesheep' attack at the network layer?

  - by pobk

  What are the sysadmin's thoughts on mitigating the 'firesheep' attack for servers they manage? Firesheep is a new firefox extension that allows anyone who installs it to sidejack session it can discover. It does it's discovery by sniffing packets on the network and looking for session cookies from known sites. It is relatively easy to write plugins for the extension to listen for cookies from additional sites. From a systems/network perspective, we've discussed the possibility of encrypting the whole site, but this introduces additional load on servers and screws with site-indexing, assets and general performance. One option we've investigated is to use our firewalls to do SSL Offload, but as I mentioned earlier, this would require all of the site to be encrypted. What's the general thoughts on protecting against this attack vector? I've asked a similar question on StackOverflow, however, it would be interesting to see what the systems engineers thought.

  Read the article

• Accessing subfolders of a windows share from linux

  - by Born2Smile

  Hi, at my work they have a funny setup: my home folder is a subfolder to a share, as such: \\server\share\subfolder Now I have full permissions to the subfolder, but no permissions to share. From windows I can connect to the VPN of my work place, type the above address into any address field, and voila: I see the contents of my home folder. In Linux (using Ubuntu) however, I can't figure out how to connect directly to the subfolder. Every attempt I can think of keeps returning "Access denied", because I don't have permission to view the share. Any help on how to connect to the subfolder would be greatly appreciated :) Cheers, Born2Smile

  Read the article

• What ports do I allow over my internal firewall interface?

  - by blsub6

  I have a Cisco ASA that I have VPN tunnels to connect my internal Windows network. I ran into some trouble logging into my domain so I unblocked all the ports on that internal interface. On a previous question posted here, the general consensus was that I should be blocking ports on my inside interface but my question is: what ports should I unblock? I've tried unblocking ports 88, 139, 135, 389, and 445 and Windows logins still give me problems. Is there some MS documentation somewhere that tells me what I need to unblock to allow Windows logins and other things?

  Read the article

• Can't set up Usermin correctly to allow users to login outside of local network, what am I missing?

  - by thecraic

  I'm fairly new at creating a server, but the biggest problem I am currently having at the moment is getting Usermin set up to be accessible from outside the LAN. I talked to other people that use it and was told that all I need to do is type the url:20000 to access the login screen, but that doesn't work. I have also tried the ip:20000 and that doesn't lead to anything. Instead I get the error message: Error - Bad Request This web server is running in SSL mode. Try the URL https://hostname:10000/ instead. (where hostname is my server's hostname) I know it must be a configuration issue, but I have checked all my settings and as far as I can tell I don't have the ports blocked anywhere. I have the correct ports forwarded on my router and my server firewall doesn't have the port block either. Is there anything I am missing? Any help would be appreciated and I will add more information upon request. Thank You.

  Read the article

• How to limit access to Exchange 2003 Mobile Actviesync server by user?

  - by micilin

  So I was asked to set up an Exchange Activesync mobile gateway. That's done. It's a separat eExchange 2003 front-end server configured for SSL, and I've put an off-domain ISA server in front of it. Now I'm being asked to limit which users can connect to it. By default an Exchange front-end server allows any user who has a mail account to connect to the front -end server. So I'm looking at the permissions on the various IIS sites/apps on the server, but I know that it's easy to break Exchange Front-end server perms. So I've got the following in IIS: Exadmin Exchange EchWeb Microsoft-SErver-ActiveSync MobileAdmin OMA And a couple of others that I dont think are relevant. Can I change the permissions on one of these to restrict who can connect to Activesync? As a bonus: Can I do it in a way that does not affect ordinary browser based Exchange Access? Thanks in Advance!!

  Read the article

• Issues connecting to a pix 501 via console cable

  - by Bourne

  Have a pix 501 that was set up to do filtering and I was working on setting the vpn up when I lost ssh connectivity. Looking at the front, all 4 lan lights blink intensely green but in a very repetitive pattern. The funny thing is there are only 3 devices connected to the 4 ports so that's the first element that doesn't look right to me. Console cable light doesn't turn on when cable is plugged in and have tried rebooting it many many times to see the bootup sequence with no result. Also, I cannot connect to it via pdm or console but the traffic is permitted through. Are there any additional troubleshooting steps I could do or should I count it as dead? Thank you.

  Read the article

• Win 2008 Server configuration

  - by user123790

  Let me preface my question by saying I'm a novice in regards to server configuration. It's been 12+ years since I've attempted this. What we (our small office) are trying to achieve is to setup a Win 2008 server (located in a home) in a home network configuration (basic wireless router w/DHCP) that we (the office) can VPN to from our office. I have installed the software, installed DHCP, removed DHCP from the router, set the scope for 100 IPs and am now looking for information as to where I go from here? I believe I need to configure DNS and possibly set up static routes on the router for the home devices that need internet? The wireless clients are not receiving IPs is the current issue that I'd like to tackle. Also, would it be feasible to use the router's DHCP to assign IPs rather than having the server do it? If so, what would be the most direct way to accomplish this? I appreciate any help in this matter. Thanks

  Read the article

• Little server for a little network: Asus TS Mini + Windows Home Server or other?

  - by microspino

  Hello, I'm building a little network with 4 computer a plotter, 3 printers an a HP Fax/Scan/Copy/Print machine. The network is connected to the web by a D-Link router/firewall. I would like to add little server to have file sharing (reachable via VPN from outside by a single user-road-warrior), automatic backups. I would like to avoid big electrics bills or, to say It in a green way, I would like to avoid useless power consumption made by a big server with hot-plug, Raid, double PSU because I don't need all this stuff. The server must work 24/7 and the budget is between 400€ and 1000€. I'm evaluating the Asus EEE Box (with XP), a TranquilPC (with XP), a FitPC (again with XP), and an Asus TS Mini (with Windows Home Server). I like the latter but since I'm Europe I don't know where I can buy It. Do you have any suggestion/experience to share with me about: which hardware do I have to buy ? which O.S. ?

  Read the article

< Previous Page | 170 171 172 173 174 175 176 177 178 179 180 181  | Next Page >