Search Results

Search found 3466 results on 139 pages for 'firewall traversal'.

Page 27/139 | < Previous Page | 23 24 25 26 27 28 29 30 31 32 33 34  | Next Page >

• AWS EC2 security group source

  - by greener

  I'm currently trying to configure a security group and allow MS SQL connections from my other instance. I want to be able to specify the security group's name as the source. But the connection is not going through. The instance's firewall has a rule to allow connections on the port. In fact, if I specify the IP of the machine as the source, it works. Just not the security group name. There are two other rules for the same port and they're for specific IPs only. What am I doing wrong?

  Read the article

• FTP on Linux "Failed to retrieve directory listing" not firewall issue

  - by Jaka Prasnikar

  I've got an VPS in germany running Debian X64. I have very strange issue. I have ISPConfig CP installed using proftpd and I can not connect to FTP by any means. Few hours ago I've had installed DirectAdmin on CentOS same VPS and same issue. Simply when I connect to FTP server I get these: Status: Resolving address of web02.defikon.com Status: Connecting to 130.255.190.71:21... Status: Connection established, waiting for welcome message... Response: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- Response: 220-You are user number 1 of 50 allowed. Response: 220-Local time is now 12:15. Server port: 21. Response: 220-This is a private system - No anonymous login Response: 220-IPv6 connections are also welcome on this server. Response: 220 You will be disconnected after 15 minutes of inactivity. Command: USER default1 Response: 331 User default1 OK. Password required Command: PASS ****** Response: 230-User default1 has group access to: client0 sshusers Response: 230 OK. Current restricted directory is / Command: OPTS UTF8 ON Response: 200 OK, UTF-8 enabled Status: Connected Status: Retrieving directory listing... Command: PWD Response: 257 "/" is your current location Command: TYPE I Response: 200 TYPE is now 8-bit binary Command: PASV Error: Connection timed out Error: Failed to retrieve directory listing I even tried telnet localhost 21 and the same happends. Once I issue command "LIST" I get time out. I've tried every thing and I can't get this to work =( Please help ! P.S.: iptables is turned off.

  Read the article

• ADMIN$ and other shares not working remotely on XP machines

  - by makerofthings7

  I'm trying to use ADMT to migrate several XP machines to a new domain and the utility (nor command line) is able to access the admin$ share or any drive share. I've added the required registry key (HKCurrent\Services\LanMan\Param) for both servers and workstation admin sharing, rebooted the PC and still am unable to access it. How can I access the admin share on these PCs? If it helps, this machine used to have McAfee installed, and the Windows firewall enabled. I stoppped both of them and the machine is still not allowing me to access it remotely by a drive$ share.

  Read the article

• How to redirect logs from Cisco firewall to a specific file ?

  - by nitins

  We need to redirect the logs from our Cisco firewall(SA520-K9) to syslogd server(it's a CentOS server). The settings are done on the firewall. But the messages from firewall are going to /var/log/messages and console instead of /var/log/firewall.log which is our requirent. *.info;mail.none;authpriv.none;cron.none /var/log/messages authpriv.* /var/log/secure mail.* -/var/log/maillog cron.* /var/log/cron *.emerg * uucp,news.crit /var/log/spooler local7.* /var/log/firewall.log This is our syslog config file. Any advices ?

  Read the article

• Running a Vonage router behind a Linksys Firewall

  - by sludge

  I have a Vonage router used for outgoing VOIP calls. It gets a LAN ip by connecting to a Linksys WRT54g via DHCP. From there, it cannot actually get a WAN ip or connect out. What do I need to port forward?

  Read the article

• Windows 8 Pro Remote Desktop issue

  - by Mike C.

  I have a weird issue here. I'm running Windows 8 Pro. The client computer is also running Windows 8 Pro. Remote Desktop works when I'm in the same network. I tried connecting using my external IP Address and my DynDNS account, neither works. I disabled Windows Firewall and setup DMZ for my computer on the router, still can't get remote desktop to work. I verified www.canyouseeme.org, port 3389 is open, which is obvious since I'm running DMZ! My ISP, Bell Canada (modem/router: Sagemcom F@st 2864), blocks port 80 and 25, but I don't need those for RDP, do I? The funny thing is RDP rejects the connection instantaneously for my IP or DynDNS while it takes a while for another address. Thank you, Michael

  Read the article

• How can I track down what part of pfsense is blocking website access?

  - by Chase Florell

  I've got a PFSense firewall/gateway on our network. Everything works great except for the fact that I cannot access one specific website. Pfsense is running the following packages Country Block LightSquid nmap notes squid squidGuard Strikeback I can access every single website I've ever tried aside from one that we need for business use (http://bridalnetwork.ca) here's the traceroute frodo:~ chase$ traceroute bridalnetwork.ca traceroute to bridalnetwork.ca (192.197.103.73), 64 hops max, 52 byte packets 1 rohan (192.168.5.1) 6.618 ms 1.662 ms 9.207 ms 2 * * * 3 * * rohan (192.168.5.1) 7.225 ms !H 4 rohan (192.168.5.1) 5.314 ms !H 5.701 ms !H 7.573 ms !H frodo:~ chase$ How can I figure out what the reason behind the blockage is? note: this has been tested on every computer on the network with the same results. ps: the pfsense box is 'rohan' (192.168.5.1) Here's what I get with Squid enabled and here's what I get with Squid disabled

  Read the article

• Access to NTP via IP which doesn't change often

  - by faulty

  I'm trying to sync the clock of our production server located in a data center with pool.ntp.org. For security reason, our servers has no internet access unless we requested to open specific ip/port explicitly. I worked out a list of IPs based on 0.asia.ntp.org 1.asia.ntp.org 2.asia.ntp.org 3.asia.ntp.org Not realizing ntp.org is using round robin DNS and the servers being voluntary, they changes from time to time. In fact the IP I've got from 3.asia.ntp.org last month is no longer working now. I'm wondering if there's a publicly known NTP server that doesn't change as often or if there's a way to go around this without having to request an update to the firewall on a monthly basis. I believe many admin is facing the same issue here.

  Read the article

• UDP packets to IP addresses other than specific ones not arriving and not shown in Wireshark

  - by Max

  I'm writing a service using UDP, but I can't manage to reply to the client. When sending to the client via the DHCP-assigned IP (192.168.1.143) Wireshark shows no sent packets. The server receives and Wireshark shows any packet sent by the client (broadcasted). If I send to a random, unassigned IP Wireshark doesn't show it. I thought the NIC would happily send it, since there is a router in the way - shouldn't Wireshark show it, even though it cannot possibly be received by a remote endpoint? If I send to either the router IP or another (specific, there is only one other) computer, the packet is shown in Wireshark. I am running Windows 7, the firewall is turned off using the control panel. Does the fact that wireshark doesn't show these packets mean that they aren't sent? What reason could there be for showing packets to one IP, but not another, on the same subnet?

  Read the article

• Cookies blocked by router?

  - by Martin wiboe

  Hello, My friend has a D-Link DI-524 router that she uses for her home broadband. It's a pretty vanilla setup with the standard firewall settings, DHCP enabled etc. However, recently she has experienced something strange - cookies are not working on every computer on her LAN, whether using FF3.5 or IE8. I tried viewing the HTTP traffic using Fiddler2, and the requests come through fine (mind you, Internet browsing still works flawlessly) but whenever a website tries to set a cookie using the "Set-Cookie:" header, my computer sees that line as "Set-*ookie:" with the cookie contents removed. I have never seen anything like this - do you have any idea? Regards, Martin

  Read the article

• open mysql to any connection on ubuntu

  - by ThomasReggi

  I simply want to open up mysql to be accessible from any server ip. I have already commented out the bind-address in /etc/mysql/my.conf. I have already setup the user account within mysql. I have no clue whats stopping me from connecting. The more challenging I see this being the more I realize how much of a security risk it is, and I get that, I just want to be able to do it temporarily. I think that the iptables firewall is the last thing that is preventing me from achieving this, but sudo iptables -A INPUT -p tcp -m tcp --dport 3306 -j ACCEPT is seemingly doing nothing.

  Read the article

• configure /etc/hosts file so ALL applications always use local network when it makes sense to do so?

  - by gkdsp

  I have two Linux CentOS servers setup in a local network. ServerA is 192.168.0.1 and serverB is 192.168.0.2. There's an application on serverA that communicates with serverB using host2.serverAname.com. But, the traffic is blocked on serverB because the port being used has a firewall that only allows traffic on the local network to pass. Thus, serverB needs to see traffic from serverA as originating from 192.168.0.1 (instead of host2.serverA.com). Is there a way I can configure the /etc/hosts file to ensure traffic always sent between the two servers uses local IP addresses, regardless of what hostname is in use, and for ALL applications? If so, could someone walk me through an example? I only have 2 servers, so the simpler the better.

  Read the article

• PFSENSE and IPV6 , direct connect rules

  - by Bgnt44

  My question is about pfsense configuration for ipv6 In theory Ipv6 are fully routable even in a LAN For stating point i ve Using this tutorial : http://doc.pfsense.org/index.php/Using_IPv6_on_2.1_with_a_Tunnel_Broker So my Lan network has ipv4 connection and ipv6 I would like to be able to access my LAN machines by their IPV6 i'm confused with firewall rules which i need to set to be able to do that Even if i set all interfaces to pass all packets, i'm not able to directly access any machine by their IPV6 Did i miss something ? Edit : Ok i found that it work now, think it has always work but my isp seems to support ipv6 sometimes and sometimes not ... weird

  Read the article

• iptables forward rule not working in openwrt

  - by Udit Gupta

  I am trying to apply some iptables forwarding rules in openwrt. Here is my scenario - My server has two cards ath0 and br-lan. br-lan is connected to internet and ath0 to private network. The other m/c in n/w also has ath0 that connects with this server's ath0 and they are able to ping each other. Now, I want other m/c in network to use internet using br-lan of server so I thought of using iptables forwarding rule- Here is what I tried - Server : $ ping 1.1.1.6 // <ath0-ip of client> works fine $ iptables -A FORWARD -i ath0 -o br-lan -j ACCEPT $ /etc/init.d/firewall restart Client : $ ping 1.1.1.5 // <ath0-ip of server> works fine $ ping 132.245.244.60 // <br-lan ip of server> (not working) I am new to iptables stuff and openwrt. What I am doing wrong here ?? Any other help if anyone could suggest for my scenario Edit- m/c - machine n/w - network

  Read the article

• OSX: Why does an uninstalled program ask for inbound connections on login? How do I fix this?

  - by CT

  I uninstalled an application using AppZapper called PdaNet. It is a tethering application for my phone. Now every time I login, I am asked if I would like to allow inboud connections from PdaNet by the firewall. A search for PdaNet with spotlight does not return any results. PdaNet creates its own Ethernet in network preferences. This hung around after uninstall. I deleted it but it did not make a difference. Any ideas? Mac OS X 10.6.4

  Read the article

• tcp flags in iptables: What's the difference between RST SYN and RST and SYN RST ? When to use ALL?

  - by Kris

  I'm working on a firewall for a virtual dedicated server and one of the things I'm looking into is port scanners. TCP flags are used for protection. I have 2 questions. The rule: -p tcp --tcp-flags SYN,ACK,FIN,RST SYN -j DROP First argument says check packets with flag SYN Second argument says make sure the flags ACK,FIN,RST SYN are set And when that's the case (there's a match), drop the tcp packet First question: I understand the meaning of RST and RST/ACK but in the second argument RST SYN is being used. What's the difference between RST SYN and RST and SYN RST ? Is there a "SYN RST" flag in a 3 way handshake ? Second question is about the difference between -p tcp --tcp-flags SYN,ACK,FIN,RST SYN -j DROP and -p tcp --tcp-flags ALL SYN,ACK,FIN,RST SYN -j DROP When should ALL be used ? When I use ALL, does that mean if the tcp packet with the syn flag doesn't have the ACK "and" the FIN "and" the RST SYN flags set, there will be no match ?

  Read the article

• How do I expose a webapp on :8090, even though firewall allows only :80 and :22

  - by Kaustubh P

  I am a noob in Server related stuff, so bear me. I use amazon webservices (EC2) on which I have a webapp running on jetty, which runs on port 8090. I deploy the webapp through the usual method of java -jar start.jar So then to access the app, I have to add a port in the URL, like this: someIP:8090/app But just typing someIP in the browser takes me to a page that shows It works! This is the default web page for this server. The web server software is running but no content has been added, yet. which I assume is apache. I have apache, tomcat and jetty installed. What can I do so that I dont have to specify the port? Do I have to perform port-forwarding? Thanks a lot.

  Read the article

• Port forwarding does not work always?

  - by ITFan

  I opened port 25374, this is eMule TCP port, then I use canyouseeme.org to check if it is really opened. I got the weird problem : when eMule is running, canyouseeme.org see my port. I got the message : "Success: I can see your service on xxx.xx.xxx.xx on port (25374) Your ISP is not blocking port 25374" When I close eMule then check the port again on canyouseeme.org I got : Error: I could not see your service on xxx.xx.xxx.xx on port (25374) Reason: Connection timed out But when I turn off the windows firewall I got a different error : Error: I could not see your service on xxx.xx.xxx.xx on port (25374) Reason: Connection refused Can anyone please explain to me why it happened like that and how to make the port always opened ? Thanks

  Read the article

• How to block a program from using IPv4?

  - by Ian Boyd

  I have a program that can communicate over IPv4 (TCP and UDP) and over IPv6 (TCP and UDP). I want to block the program from being able to use IPv4. I tried the Windows Firewall: Except it blocks IP sub-protocols (e.g. TCP, UDP, encapsulated IPv6, GRE), rather than blocking IPv4 itself. In other words, I need to block IPv4: IPv4/TCP IPv4/UDP IPv4/ICMPv4 IPv4/GRE IPv4/L2TP while allowing IPv6: IPv6/TCP IPv6/UDP IPv6/ICMPv6 IPv6/GRE IPv6/L2TP Can I block a program from using IPv4? Note: If it cannot be done, then don't be afraid to add that as an answer. There's no shame in giving the correct answer to a question.

  Read the article

• How to configure remote access to multiple subnets behind a SonicWALL NSA 2400

  - by Kyle Noland

  I have a client that uses a SonicWALL NSA 2400 as their firewall. I need to setup a second LAN subnet for a handful of PC. Management has decided that there should be a second subnet even though intend to allow access across the two subnets - I know... I'm having trouble getting communication across the 2 subnets. I can ping each gateway, but I cannot ping or seem to route traffic fron subnet A to subnet B. Here is my current setup: X0 Interface: LAN zone with IP addres 192.168.1.1 X1 Interface: WAN zone with WAN IP address X2 Interface: LAN zone with IP address 192.168.75.1 I have configured ARP and routes for the secondar subnet (X2) according to this SonicWALL KB article: http://www.sonicwall.com/downloads/supporting_multiple_firewalled_subnets_on_sonicos_enhanced.pdf using "Example 1". At this point I don't minding if I have to throw the SonicWALL GVC software VPN client into the mix to make it work. It feel like I have an Access Rule issue, but for testing I made LAN LAN, WAN LAN and VPN LAN rules wide open with the same results.

  Read the article

• I can't do a Remote Assistance session to a Windows XP box from Windows 7.

  - by superkinhluan

  My Mom's computer is running Windows XP, and my desktop running Windows 7. She's having some technical issue, so I want to do a Remote Assistance session to her machine. However, no matter what I've tried, the Remote Assistance program doesn't connect successfully. I've verified that the Windows Firewall (on both my and her machines) is configured properly to allow Remote Assistance program to go through. What's interesting is that I have the same problem when I try to do Remote Assistance from my desktop to my laptop, which is also running Windows XP. However, when I try to connect to my girlfriend's machine, which is runninng Windows 7 this time, the connection is successful. So in the end, I guess there must be some incompability between Windows 7 and Windows XP. Does anyone experience the same issue? How did you resolve it?

  Read the article

• Bridge and OpenVPN with shorewall

  - by Javier Martinez

  I have this scenario and everything it's working OK, but I want to configure my Shorewall and I can't do it. My interfaces are: br0 (bridge of eth0) tun0 (OpenVPN) vnet* (each one of bridged interfaces with public IP's) Public Main IP: 188.165.X.Y OpenVPN IP's: 172.28.0.x Bridge: public ip's So, I have the next configuration for shorewall: /etc/shorewall/zones #ZONE TYPE OPTIONS IN OUT # OPTIONS OPTIONS fw firewall inet ipv4 road ipv4 /etc/shorewall/interfaces #ZONE INTERFACE BROADCAST OPTIONS inet br0 detect routeback road tun+ detect routeback /etc/shorewall/policy #SOURCE DEST POLICY LOG LIMIT: CONNLIMIT: # LEVEL BURST MASK $FW all ACCEPT inet $FW DROP info road all DROP inet road DROP /etc/shorewall/tunnels #TYPE ZONE GATEWAY GATEWAY # ZONE openvpnserver:1194 inet 0.0.0.0/0 The problem is that even with shorewall running I am able to ping or connect to the virtual machines behind the bridge

  Read the article

• How to remove a virus that trigger the internet explorer every some minutes?

  - by Hoang

  Some days ago, I got a file in Windows Live Messenger by an account of my friend, I thought it was a normal file because he normally sent me some files as well. But this time, I had no luck, he got the virus from someone else. I don't know what happens in my computer excepts that my computer hard disk runs as mad and every some minutes it trigger the internet explorer to launch some ads page, includes doubleclick, cam4, motor, etc.... How do I remove this virus from my computer? I don't have any virus program installed yet. My computer os: Windows Vista, the Windows Firewall is disabled somehow that I could not reenable it.

  Read the article

• FTP not listing files behind firewall (setsockopt (ignored): Permission denied)

  - by KennyDs

  We are developing a Magento application that has a module that works with FTP. Today we deployed this on the testing environment which is setup in the following way: Gateway server which has the following iptables rules: # iptables -L -n -v Chain INPUT (policy ACCEPT 2 packets, 130 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 165 13720 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED Chain FORWARD (policy ACCEPT 7 packets, 606 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- eth1 eth0 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 15 965 ACCEPT all -- eth0 eth1 0.0.0.0/0 0.0.0.0/0 0 0 REJECT all -- eth1 eth1 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain OUTPUT (policy ACCEPT 126 packets, 31690 bytes) pkts bytes target prot opt in out source destination These are set at runtime via the following bash script: #!/bin/sh PATH=/usr/sbin:/sbin:/bin:/usr/bin # # delete all existing rules. # iptables -F iptables -t nat -F iptables -t mangle -F iptables -X # Always accept loopback traffic iptables -A INPUT -i lo -j ACCEPT # Allow established connections, and those not coming from the outside iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -i eth1 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow outgoing connections from the LAN side. iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT # Masquerade. iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE # Don't forward from the outside to the inside. iptables -A FORWARD -i eth1 -o eth1 -j REJECT # Enable routing. echo 1 > /proc/sys/net/ipv4/ip_forward The gateway server is connected to the WAN via eth1 and is connected to the internal network via eth0. One of the servers from eth1 has the following problem when trying to list files over ftp: $ ftp -vd myftpserver.com Connected to myftpserver.com 220 Welcome to MY FTP Server ftp: setsockopt: Bad file descriptor Name (myftpserver.com:magento): XXXXXXXX ---> USER XXXXXXXX 331 User XXXXXXXX, password please Password: ---> PASS XXXX 230 Password Ok, User logged in ---> SYST 215 UNIX Type: L8 Remote system type is UNIX. Using binary mode to transfer files. ftp> ls ftp: setsockopt (ignored): Permission denied ---> PORT 192,168,19,15,135,75 421 Service not available, remote server has closed connection When I try listing the files in passive mode, same result. When I run the same command on the gateway server, everything works fine so I believe that the issue is happening because of the iptables rules not forwarding properly. Does anyone have an idea which rule I need to add to make this work?

  Read the article

• mystery Internet traffic to port 445

  - by Ben Collver

  Recently, I noticed traffic from the office network to TCP port 445 on the Internet [a]. Below are the Linux firewall log entries to Facebook's network [b] and Google's network [c]. I would like to identify the source of this traffic. My first guess is that Facebook and Google might be using multiple TCP ports for SSL load balancing. However, I could not confirm this based on the web proxy logs. What else might it be? [a] http://support.microsoft.com/kb/204279 [b] Sep 4 08:30:03 firewall01 kernel: IN=eth0 OUT=eth2 SRC=10.0.0.131 DST=69.171.237.34 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=14287 DF PROTO=TCP SPT=51711 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 [c] Aug 28 06:02:41 firewall01 kernel: IN=eth0 OUT=eth2 SRC=10.0.0.115 DST=173.194.33.47 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=4558 DF PROTO=TCP SPT=49294 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0

  Read the article

< Previous Page | 23 24 25 26 27 28 29 30 31 32 33 34  | Next Page >