Search Results

Search found 16644 results on 666 pages for 'traffic management'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 220/666 | < Previous Page | 216 217 218 219 220 221 222 223 224 225 226 227  | Next Page >

  • How do I stop someone from saturating my line & wasting CPU cycles

    - by JoshRibs
    My web host shows inbound & outbound traffic with mrtg. I have a steady 3.5mbps inbound traffic from Nigeria. Even assuming the source IPs & destination ports are blocked with Iptables & verifying nothing is listening on those ports, will the traffic still always pass through the switch & "get" to my server (where my server wastes CPU cycles "dropping" the packets)? Assuming I was setup with a hardware firewall, the traffic would still show in mrtg assuming the firewall is behind the switch? So is there any way to stop someone from saturating your 100mbps line, if they also have a 100mbps line? Other than filing an abuse complaint with the kind folks in Nigeria?

    Read the article

  • Java resource management: please help to understand Findbugs results.

    - by java.is.for.desktop
    Hello, everyone! Findbugs bugs me about a method which opens two Closeable instances, but I can't understand why. Source public static void sourceXmlToBeautifiedXml(File input, File output) throws TransformerException, IOException, JAXBException { FileReader fileReader = new FileReader(input); FileWriter fileWriter = new FileWriter(output); try { // may throw something sourceXmlToBeautifiedXml(fileReader, fileWriter); } finally { try { fileReader.close(); } finally { fileWriter.close(); } } } Findbugs analysis Findbugs tells me Method [...] may fail to clean up java.io.Reader [...] and points to the line with FileReader fileReader = ... Question Who is wrong: me or Findbugs?

    Read the article

  • Beast / CRIME / Beach attack and stopping it

    - by user2143356
    I have read so much on all this but not entirely sure I understand what has gone on. Also, is this one, two or three problems? It looks to me like three, but it's all very confusing: Beast CRIME Beach It seems the solution may be to simply not use compression with HTTPS traffic (or is that just on one of them?) I use GZIP compression. Is that okay, or is that part of the problem? I also use Ubuntu 12.04 LTS Also, is non-HTTPS traffic okay? So after reading all the theory I just want the solution. I think this may be the solution, but can someone please confirm I have understood everything so I am not likely to suffer from this attack: SOLUTION: Use GZIP compression on HTTP traffic, but don't use any compression on HTTPS traffic

    Read the article

  • Retain count = 0 in other function? memory-management problem?

    - by rdesign
    Hey guys, I declared a NSMutableArray in the header-file with: NSMutableArray *myMuArr; and @property (nonatomic, retain) NSMutableArray *myMuArr; In the .m file I've got a delegate from an other class: -(void)didGrabData:(NSArray*)theArray { self.myMuArr = [[[NSMutableArray alloc] initWithArray:myMuArr]retain]; } If I want to access the self.myMuArr in cellForRowAtIndexPath it's empty (I checked the retain count of the array and it's 0) What am I doing wrong? Of course it's released in the dealloc, no where else. I would be very thankfull for any help :0)

    Read the article

  • Is this a good starting point for iptables in Linux?

    - by sbrattla
    Hi, I'm new to iptables, and i've been trying to put together a firewall which purpose is to protect a web server. The below rules are the ones i've put together so far, and i would like to hear if the rules makes sense - and wether i've left out anything essential? In addition to port 80, i also need to have port 3306 (mysql) and 22 (ssh) open for external connections. Any feedback is highly appreciated! #!/bin/sh # Clear all existing rules. iptables -F # ACCEPT connections for loopback network connection, 127.0.0.1. iptables -A INPUT -i lo -j ACCEPT # ALLOW established traffic iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # DROP packets that are NEW but does not have the SYN but set. iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP # DROP fragmented packets, as there is no way to tell the source and destination ports of such a packet. iptables -A INPUT -f -j DROP # DROP packets with all tcp flags set (XMAS packets). iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP # DROP packets with no tcp flags set (NULL packets). iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP # ALLOW ssh traffic (and prevent against DoS attacks) iptables -A INPUT -p tcp --dport ssh -m limit --limit 1/s -j ACCEPT # ALLOW http traffic (and prevent against DoS attacks) iptables -A INPUT -p tcp --dport http -m limit --limit 5/s -j ACCEPT # ALLOW mysql traffic (and prevent against DoS attacks) iptables -A INPUT -p tcp --dport mysql -m limit --limit 25/s -j ACCEPT # DROP any other traffic. iptables -A INPUT -j DROP

    Read the article

  • Suggestion for software to control internet

    - by redknight
    I need to implement a gateway that will allow me to control the access to the internet of a network made up of a about half a dozen of workstations. My main obejectives are the following: 1- Monitoring of traffic 2- Logging of traffic 3- Access control - block websites (mainly adult) and certian traffic(example torrents) 4- Possibly cache content 5- Easy management interface 6- Preferable free and opensource Serverfault users can you please suggest from your vast experience which software you think is the best to suit my needs? Any suggestion is greatly appreciated. Thank you

    Read the article

  • Load testing nginx inside AWS

    - by andy
    I'm trying to load test nginx running on AWS. I need to try to optimise it to handle 1Gbps of inbound traffic. Currently I've got it to peak at 85Mbit/s by running nginx on an m1.large with 4 other machines hitting it by using ab with -i (for head requests) -k (keepalives) -r (ignore failed requests) -n 500000 -c 20000. I'm struggling to generate more than 85 Mbit/s traffic from 4 machines, yet when I do scp a large file I get nearly 0.25Gbit/s of traffic going over the network. Are there any tools or approaches that I could use to load test nginx that might generate more load? I'm only interested in inbound traffic, so perhaps a DoS tool could help if it chucks away responses? I'm hitting a very small (40 byte) static asset, and have peaked at handling 50K concurrent connections and getting 25k reqs/s when just using a single load generator machine.

    Read the article

  • Sql server management studio reporting "The semaphore timeout period has expired."

    - by nis-simonsen
    On our development sql server, executing any query containing more than approximately 700 characters stalls for about 10 seconds and then reports the following error: Msg 121, Level 20, State 0, Line 0 A transport-level error has occurred when receiving results from the server. (provider: TCP Provider, error: 0 - The semaphore timeout period has expired.) for example, this query select * from FooTable where id = ' (.. and then 700 spaces ..) ' fails fails with the timeout error while this one select * from FooTable where id = ' (.. and then 600 spaces ..) ' fails with the expected Msg 8169, Level 16, State 2, Line 1 Conversion failed when converting from a character string to uniqueidentifier. - immediately. Indeed, throwing any query, including random garbage at our dev sql server exhibits this behaviour, while any other sql server I have available acts as expected, so I would think that the query never actually gets to parsing on the server. I'm at a loss here - any hints?

    Read the article

  • Portforwarding Combine Several Ports

    - by kiraitachi
    Hi I got a Raspberry Pi at A.A.A.B in my local network and I have set up a DMZ on my router so that any incoming traffic that comes to my router gets redirected to my raspberry pi wich I can connect via NO-IP adress. The problem is that I want to set up portforwarding since i got several services running on my Pi like SSH, torrent webgui, webalbum, etc. I had this already done before long time ago, but I forgot a bit the syntax and cant get to set it up. Router Help says: The Application allows you to do port forwarding, but only have the ports open when data flowing out of the trigger ports. When a program sends data out on outgoing ports called trigger ports, the device then allows incoming data on the open ports specified in your port triggering configuration. 1.Trigger Port Start Trigger Port Start Specify the start port on the device that would trigger the device to open ports for incoming data. 2.Trigger Port End Specify the end port on the device that would trigger the device to open ports for incoming data. You can enter a port number the same as the trigger port start or enter a larger port number to specify a port range. 3.Trigger Traffic Protocol Type Select the trigger traffic type. Open Port Specify all the ports to be opened. It's content could be: A single port only. A port range only. Start open port number and end port number should be separated by "-" . Combined several single port and several port ranges. Each single port or port range should be separated by "," . Open Traffic Protocol Type Select the open traffic type. This are the fields: http://es.tinypic.com/view.php?pic=n5lv1k&s=8 I think this is the syntax 1-7999,8001-9090,9092-65535. But each time I want to add it gives me an error. Any ideas?

    Read the article

  • VPN: Disable class based route addition for Windows XP/Vista

    - by brgsousa
    Paraphrasing this SuperUser link: When you set up a VPN, the Windows default is to enable "Use default gateway on remote network." A new default route is added to the routing table pointing to the remote network's gateway, and the existing default route has its metric increased to force all Internet traffic to traverse the tunnel and use the remote network's gateway. All traffic uses the VPN, and traffic destined for the outside world is directed to the remote gateway. When the VPN drops, the route to the remote gateway is removed and the original default route is set back to the original metric. Unchecking "use default gateway on remote network" means that new default route isn't added, so Internet traffic goes out the local gateway, but a new classful route is added to the routing table, using the local adapter's IP, pointing down the VPN. Only traffic destined for the classful network of the local adapter goes down the VPN. This may not be what you want. Checking "Disable class based route addition" means that classful route isn't added to your machine when the VPN starts up, and you'll need to add the appropriate routes for networks that should be routed through the tunnel. But, the option "Disable class based route addition" is available ONLY for Windows 7. How can I do something like that for Windows XP or Vista since they don't have that option? I have searched about for that but, no solution yet.

    Read the article

  • OpenVPN Chaining

    - by noderunner
    I'm trying to set up an OpenVPN "chain", similar to what is described here. I have two separate networks, A and B. Each network has an OpenVPN server using a standard "road warrior" or "client/server" approach. A client can connect to either one for access to the hosts/services on that respective network. But server A and B are also connected to each other. The servers on each network have a "site-to-site" connection between the two. What I'm trying to accomplish, is the ability to connect to network A as a client, and then make connections with hosts on network B. I'm using tun/routing for all of the VPN connections. The "chain" looks something like this: [Client] --- [Server A] --- [Server A] --- [Server B] --- [Server B] --- [Host B] (tun0) (tun0) (tun1) (tun0) (eth0) (eth0) The whole idea is that server A should route traffic destined to network B through the "site-to-site" VPN set up on tun1 when a client from tun0 tries to connect. I did this simply by setting up two connection profiles on server A. One profile is a standard server config running on tun0, defining a virtual client network, IP address pool, pushing routes, etc. The other is a client connection to Server B running on tun1. With ip_forwarding enabled, I then simply added a "push route" to the clients advertising a route to network B. On server A, this seems to work when I look at tcpdump output. If I connect as a client, and then ping a host on network B, I can see the traffic getting passed from tun0 to tun1 on Server A: tcpdump -nSi tun1 icmp The weird thing is that I don't see Server B receiving that traffic through the tunnel. It's as if Server A is sending it through the site-to-site connection like it should, but server B is completely ignoring it. When I look for the traffic on Server B, it simply isn't there. A ping from Server A -- Host B works fine. But a ping from a client connected to Server A to host B does not. I'm wondering if Server B is ignoring the traffic because the source IP does not match the client IP pool that it hands out to clients? Does anyone know if I need to do something on Server B in order for it to see the traffic? This is a complicated problem to explain, so thanks if you stuck with me this far.

    Read the article

  • Can a MAC address be used as a reliable part of a rights management (DRM) scheme?

    - by Jarrod Mosen
    We're currently writing some software that we want to protect. We thought that registering a user's MAC address in a database upon activation of the software seemed viable; we can profile and grab that with a Java applet, (is there a better way?) so getting it isn't too much of a problem. However, we want their computer to only run the application, and download application files/updates from the server when their MAC address has been verified with their one on-file. We understand that this means a lockdown to one computer, but special changes can be made on request. What would be the best way to verify their MAC address, to see if it exists in the database, and then serve them the files to run the application? (And to simply run it on subsequent requests, to prevent re-downloading.)

    Read the article

  • How to configure Apache to act as an SSL proxy to an application server?

    - by ripper234
    I have one physical server that runs: an Apache (httpd) server another web server (let's say Tomcat for sake of argument) on port 1234 Can I configure the Apache server to act as a proxy for SSL traffic, while keeping the application server blissfully unaware of SSL? What I imagine is: Traffic to http://myserevr.com/app is redirected to https://myserver.com/app Traffic to https://myserver.com/app is proxied to the application server. My SSL certificate is only installed on the Apache server, not on the Application server Other traffic to the Apache server (http://myserver.com/anotherapp) is served directly from the Apache server What's the best setup to achieve this? (On Ubuntu, if that matters)

    Read the article

  • Xcode File management. What is best practice?

    - by ian1971
    I've been using Xcode for a while now. One thing that always bugs me is the way it handles files. I like to have my files all in nested folders rather than one big physical folder, but when you create a group in Xcode by default it does not create a folder just a virtual folder within the project. I can see that virtual folders are great for linking code in arbitrary places into your project but once you get beyond a few classes I find the one big folder approach really painful. And then if you try to fix it later it takes ages and is easy to break your build. Is it possible to change this behaviour so that by default it creates a physical folder? Or am I doing it wrong and trying to cling to some other way of working? How do other people work with files in Xcode?

    Read the article

  • SMTP redirecting to other port than 25

    - by Roalt
    How can you redirect your smtp traffic to another port than 25? My ISP blocks incoming traffic to port 25. I've been using ZoneEdit.com for this purpose for years (incoming mail traffic goes to another port and I redirect it via my firewall internally to port 25), but with the new system I cannot do it anymore. I'm not sure if I can do this by configuring MX and A records in the right way or if I need a SMTP redirecting service (such as rollernet.us)? I'm not an expert in Zone records but generally I know my way around for website traffic.

    Read the article

  • Wrapping a point-to-point link

    - by user3712955
    I'm using a pair of IP radios (non-WiFi) to bridge my office engineering LAN (172.0.0.0/8) to a lab in another building. The radios work fine, but they expose a web management interface I'd like to hide, and they also generate traffic (ARP, STP, and more) that I need to keep off my (very, very clean) LAN segments. I have some ARM-Linux boards (similar to Beagle/Panda/RasPi) running Ubuntu, and I've put one at each end of the link, between the radio and the LAN. Each of the boards has 2 wired Ethernet interfaces, eth0 and eth1. The LAN segments are connected to eth0, and the radios are connected to eth1. I'd like to accomplish the following: Keep radio-originated traffic off my LAN segments! Hide all services provided by the radio (web, ssh, etc.) Transparently pass all traffic between the LAN segments (including things like ARP). The above also applies to the ARM-Linux boards: No stray traffic my LAN from them either! I'd like the system to look like a switch: LAN packets arriving at one eth0 appear at the other. And neither eth0 should have an IP address: The working system should behave like a CAT6 cable with some latency (instead of ARM boards and radios). Unfortunately, I'm confused about how to properly configure the ARM Ubuntu systems. What I'm guessing I need is a bridge on each board (br0?) and a VLAN (vlan0 or eth0.0?) to isolate the LAN traffic from everything else as it passes through the ARM boards and the radios. Then I need some kind of a firewall to block sending anything out eth0 that isn't from the other eth0 (via the VLAN). I've looked at the ip and ebtables commands (especially -t broute). While the concepts sorta-kinda make sense, I'm completely lost in the details. Edit: In the perverse case that a system on one of my LAN segments has the same IP address as one of the radios, or as eth1 on the ARM-Ubuntu boards, a VLAN won't work. Which I believe means I need to tunnel all traffic between the two eth0 interfaces to get that "like a wire" behavior. Help? Finally, I'd like to have a way to temporarily expose services on the ARM boards (ssh) and the radios (web) for maintenance purposes. Ideally, it would expose an IP address with ssh available on port 22. Once connected, I figure I'd start an X11 session and run a browser on the ARM board to access the radios. Or something. I could login via the console to enable/disable this, or perhaps could use a GPIO to trigger a script. I feel I've identified most of the pieces needed to make all this happen, but I have no idea how to combine them to make a working system. Thanks!

    Read the article

  • Should we be giving the client's management team direct access to our git hub repository so that the

    - by SharePoint Newbie
    Hi, We are presently working for a client who is new to working with distributed teams. We have teams spread across India and the UK. Although we have decent project tracking tools (Mingle), would it be a good idea to the give the PM at the client access to our git hub repo. Would this be make it easier for them (see what the devs are working on and an insight into what the team has been developing). I agree that noot all commit messages would make sense to them but would this be a good way to boost their confidence in what we are doing? They already can check out our fortnightly releases on our QA and UA environments, but this still is behind dev by 5-6 days. Also, is there any reporting for git hub which makes it easier for PM types to make sense of it all? Thanks

    Read the article

  • Need data on disk drive management by OS: getting base I/O unit size, “sync” option, Direct Memory A

    - by Richard T
    Hello All, I want to ensure I have done all I can to configure a system's disks for serious database use. The three areas I know of (any others?) to be concerned about are: I/O size: the database engine and disk's native size should either match, or the database's native I/O size should be a multiple of the disk's native I/O size. Disks that are capable of Direct Memory Access (eg. IDE) should be configured for it. When a disk says it has written data persistently, it must be so! No keeping it in cache and lying about it. I have been looking for information on how to ensure these are so for CENTOS and Ubuntu, but can't seem to find anything at all! I want to be able to check these things and change them if needed. Any and all input appreciated.

    Read the article

  • Does a site's bounce rate influence Google rankings?

    - by Joel Spolsky
    Does Google consider bounce rate or something similar in ranking sites? Background: here at Stack Exchange we noticed that the latest Google algorithm changes resulted in about a 20% dip in traffic to Server Fault (and a much smaller dip in traffic to Super User). Stack Overflow traffic was not affected. There was an article on WebProNews which hypothesized that bounce rate might be a ranking signal in Google's latest Panda update. According to Google Analytics, these are our bounce rates over the last month: Site Bounce Rate Avg Time on Site ------------- ----------- ---------------- SuperUser 84.67% 01:16 ServerFault 83.76% 00:53 Stack Overflow 63.63% 04:12 Now, technically, Google has no way to know the bounce rate. If you go to Google, search for something, and click on the first result, Google can't tell the difference between: a user who turns off their computer a user who goes to a completely different web site a user who spends hours clicking around on the website they landed on What Google does know is how long it takes the user to come back to Google and do another search. According to the book In The Plex (page 47), Google distinguishes between what they call "short clicks" and "long clicks": A short click is a search where the user quickly comes back to Google and does another search. Google interprets this as a signal that the first search results were unsatisfactory. A long click is a search where the user doesn't search again for a long time. The book says that Google uses this information internally, to judge the quality of their own algorithms. It also said that short click data in which someone retypes a slight variation of the search is used to fuel the "Did you mean...?" spell checking algorithm. So, my hypothesis is that Google has recently decided to use long click rates as a signal of a high quality site. Does anyone have any evidence of this? Have you seen any high-bounce-rate sites which lost traffic (or vice-versa)?

    Read the article

  • Cloud computing - database loading question

    - by workwise
    Following is the situation, I want to know whether what I want is possible in cloud computing and is it the best way for me: 1) My main site has a Database with tables with millions of rows, and entries are added almost every second. 2) I will setup a mysql mirror, so there will be a backup database always in sync with the main one. 3) There are few tens of thousands of images- growing. So say total size of images few tens of gigabytes. I will be keeping the image data also in sync on the backup server. 4) There can be short periods where traffic can go 100X the average traffic. 5) I will be using memcache heavily - most database and even frequently used disk files/images will be in RAM. I want that the main site runs on a dedicated server. The backup server is say an Amazon EC2 instance. Now note that since it is live backup, I need to run a small instance continuously. I want that when I anticipate high traffic, I should be able to run a large instance on the cloud and transfer the traffic there. The main point is - I do not want to spend time in "loading" the database on the large instance, as it typically can take few minutes or even hours (experience). So is it possible to just scale the memory/CPU on demand, and not having to load the database or sync up the filesystem? I want to setup my backup scripts etc just ONCE. Thanks JP

    Read the article

  • How should I structure my database to gain maximum efficiently in this scenario?

    - by Bob Jansen
    I'm developing a PHP script that analyzes the web traffic of my clients websites. By placing a link to a javascript on the clients website (think of Google Analyses), my script harvests information like: the visitors IP address, reference link, current page link, user agent, etc. Now my clients can view these statistics via a control panel that I have build. These clients can also adjust profile settings, set firewall rules, create support tickets and pay invoices. Currently all the the traffic is stored in one table. You can imagine that this tabel would become very large as some my clients receive thousands of pageviews per day. Furthermore, all the traffic data of each client would be stored in the same table, creating a mess. This is the same for the firewall rules currently, and the invoice and support system. I'm looking for way to structure my database in a more organized way to hold large amounts of data of multiple users. This is the first project that I'm developing that deals with so much data, and would like to hear suggestions and tips. I was thinking of using multiple databases to structure the data. The main database will store users data (email,pass,id,etc) admin/website settings. Than each client will have an unique database labeled prefix_userid, which carry tables holding their traffic, invoice, and support ticket data. Would this be a solution, and would it slow down or speed up overall performances (that is spreading the data over muliple databases). I have a solid VPS, but would like to safe and be as effient as possible.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 216 217 218 219 220 221 222 223 224 225 226 227  | Next Page >