Search Results

Search found 32299 results on 1292 pages for 'unauthorized access'.

Page 384/1292 | < Previous Page | 380 381 382 383 384 385 386 387 388 389 390 391 | Next Page >

Tracking changes to firewall configs?

- by jmreicha

Myself and one other indivdual will be taking over some of the daily firewall management duties soon and I'm looking for a way to track changes on our firewall configurations for auditing purposes and need some ideas on a good way to track changes the changes that are made. I don't have a lot of specific criteria but here are some of the basic things I would like to be able to do: Access to previous revisions of firewall configs Access to changes made and by whom When specific changes were made I'm wondering if some sort of revision control software would work here as a way to track the the changes? Or if some other approach would work better for managing the change control in this situation. I'm open to any and all suggestions at this point. EDIT: We are using a Checkpoint pair, one passive one active configuration. I will update again with specific model numbers when I get a chance.

Read the article
Configure custom SSL certificate for RDP on Windows Server 2012 in Remote Administration mode?

- by Ryan Bolger

So the release of Windows Server 2012 has removed a lot of the old Remote Desktop related configuration utilities. In particular, there is no more Remote Desktop Session Host Configuration utility that gave you access to the RDP-Tcp properties dialog that let you configure a custom certificate for the RDSH to use. In its place is a nice new consolidated GUI that is part of the overall "edit deployment properties" workflow in the new Server Manager. The catch is that you only get access to that workflow if you have the Remote Desktop Services role installed (as far as I can tell). This seems like a bit of an oversight on Microsoft's part. How can we configure a custom SSL certificate for RDP on Windows Server 2012 when it's running in the default Remote Administration mode without needlessly installing the Remote Desktop Services role?

Read the article
Postfix multiple checks

- by xBlue

I want to achieve the following with Postfix: Run all emails through a black list Allow any clients sending to a list of domains Allow some clients sending to any domain This is what I have: (postfix is on 10.0.8.0 and some of the senders are 10.0.8.0 and 10.0.9.0) mynetworks_style = subnet smtpd_recipient_restrictions = check_recipient_access sqlite:/etc/postfix/access-bl.query, check_client_access hash:/etc/postfix/trusted_clients, check_recipie nt_access hash:/etc/postfix/local_domains, reject_unauth_destination, permit So, right now the black list works. File /etc/postfix/trusted_clients contains who can send anywhere (3), file /etc/postfix/local_domains contains where you can send (2). Those two are fine, they return properly. My problem is getting all three working together. Not sure if it's an ordering issue. Currently sending a test from 10.0.9.17 and I get Relay access denied. If I add: mynetworks = 10.0.8.0/24 10.0.9.0/24 then anyone can send anywhere, so #2 is not working. Postfix version is 2.10 on Ubuntu 14.04. Any ideas?

Read the article
VMXNET3 nic loses the ability to update ARP table after N hours

- by Peter

I have a fedora 18 VM that stops updating the arp table on eth1 after running for a number of hours to days. There are other VMs on the same hypervisor that can access all of the same networks without issue. A tcpdump of the offending NIC shows only ARP broadcasts but no responses. None of the other VMs on the vDS see the ARP broadcasts from the offending NIC. The only way I can currently solve the problem is to reboot the VM and then everything works for a while. I've tried changing the port on the vDS and even flipping the network configurations after I lose eth1's ARP table, but the ARP problem follows eth1 but I can access the machines that were originally on eth1. If I statically add the arp entries for machines on the same subnet I have no problems with connectivity. The Hypervisor is an HP BL49X series with flex-10 network modules. Has anyone seen anything like this before?

Read the article
How can I get rid of / hide :2eDS_Store files on my linux netatalk server?

- by Douglas Mayle

I'm running a netatalk server process on my linux server that serves files up to Mac client machines. Whenever you use Mac's Finder to access foreign filesystems over netatalk, it creates '.DS_Store' files to store information about the folder. Normally, these files would be hidden by default, and I wouldn't care. Unfortunately, netatalk doesn't allow access to local hidden files, so when the Mac writes and reads these, it renames them :2eDS_Store on the local filesystem. When you have a deep tree, you end up with these littered all over the place, and other Windows and Linux clients have to deal with them. How do I make these available to Mac clients and hidden from everyone else?

Read the article
Down for everyone or just me?

- by Click Ok

When I try access a website, and it is down, I head to http://www.downforeveryoneorjustme.com, and test it. But lately, my home network PCs cannot access facebook.com, and I tried the that service and the answer was: It's just you. http://facebook.com is up. Ok, that got me. I tried several browsers and 3 PCs in my LAN and it don't works. I don't know how to troubleshoot this. What some step-by-step to troubleshoot that problem? Output from ping command: Disparando facebook.com [69.171.234.21] com 32 bytes de dados: Resposta de 69.171.234.21: bytes=32 tempo=256ms TTL=245 Resposta de 69.171.234.21: bytes=32 tempo=255ms TTL=246 Resposta de 69.171.234.21: bytes=32 tempo=251ms TTL=245 Resposta de 69.171.234.21: bytes=32 tempo=255ms TTL=246 PS.: I thank you for the nice help, but then I suppose that the first step of a step-by-step to troubleshoot is ping from command line?

Read the article
Which directive could make apache/rewrite redirect products/ to products.php

- by Fernando

Hello, I am having a trouble with two different apache servers. They are 2.2.x, so minor version is different. At both of them i have the same php application with this .htaccess: RewriteEngine On RewriteCond %{REQUEST_FILENAME} -s [OR] RewriteCond %{REQUEST_FILENAME} -l [OR] RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^.*$ - [NC,L] RewriteRule ^.*$ index.php [NC,L] My issue is that in server A, when i access products/ it redirects me to products.php. While in server B, when i access products/ it redirects me to index.php. This is the correct and wanted behavior. As the modrewrite rules are equal in both servers, any ideas of other directives that could be causing this problem? Thanks!

Read the article
Is it possible to use Logmein to connect to a sleeping (Mac) computer on a wireless network?

- by jaydles

I'm using logmein to access my Mac. So I have the local logmein app running on my MacBook Pro, which is on my home wireless network. I access it either from the website (www.logmein.com) or the Logmein Ignition Apps on the iphone or ipad. My problem is that I have to set my MacBook Pro to not sleep at all when plugged in to make this a practical solution, because logmein cant seem to wake it up. I did change the settings in System Preferences to allow "Wake from Lan", but it seems like this won't work with a a Wifi connection. Am I missing anything? Assuming I'm not, is it bad for my computer to basically leave it running and not asleep most of the time?

Read the article
How can I leave the remote screen locked when I ARD/VNC/etc. to my Mac?

- by Dominic Cooney

I'm currently using Jolly's Fast VNC and Mac OS X's built-in VNC server (System Preferences, Sharing, Screen Sharing) to access my iMac remotely. Here's my problem: When I'm using the iMac remotely, the screensaver deactivates and the screen is unlocked. If someone had physical access to my iMac they could walk up to it and start using it. Is there some way I can set things up so that when I'm using my iMac remotely the screen stays locked, like Windows XP Professional does when you're using RDP? I know I can use X remotely with the iMac locked, but I would like to use Mac applications remotely, too.

Read the article
Linux Fiber Channel Host Setup Basic

- by Jim

I've been googling for about 4 hours now with no luck. I am trying to setup a Linux server running Oracle Server 6.3 as a Fiber Channel host. And then connect it to a Dell Compellent Fibre Channel Host contain a 500GB Volume. The Oracle server itself contains two Brocade 815 FC HBAs. I've discovered their WWN(I think) via cat /sys/class/fc_host/host1/port_name 0x100000051efc3d85 cat /sys/class/fc_host/host2/port_name 0x100000051efc3d9f The next part is where I am at a loss. I've used iSCSI before...is FC the same deal where you have an initiator and a target? If so where do I specific that in linux? I'm also new to Fiber Channel as a protocol, so i am unsure what is needed to make a transaction? WWN and port ID? Similar to IP:Port combination in the Ethernet world. I've read alot regarding using systool, multipath, fc_transport commands, however none of these is recognized as a valid command from Oracle Server 6.3 Appreciate the guidance and assistance. I installed sccsi-target-utils and can now run rescan-scsi-bus and sg_map -x. rescan-scsi-bus.sh -l -w -r Host adapter 0 (megaraid_sas) found. Host adapter 1 ((null)) found. Host adapter 2 ((null)) found. Host adapter 3 (ata_piix) found. Host adapter 4 (ata_piix) found. Scanning SCSI subsystem for new devices and remove devices that have disappeared Scanning host 0 for SCSI target IDs 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15, LUNs 0 1 2 3 4 5 6 7 Scanning for device 0 2 0 0 .... OLD: Host: scsi0 Channel: 02 Id: 00 Lun: 00 Vendor: DELL Model: PERC H700 Rev: 2.30 Type: Direct-Access ANSI SCSI revision: 05 Scanning for device 0 2 1 0 ... OLD: Host: scsi0 Channel: 02 Id: 01 Lun: 00 Vendor: DELL Model: PERC H700 Rev: 2.30 Type: Direct-Access ANSI SCSI revision: 05 Scanning host 1 for all SCSI target IDs, LUNs 0 1 2 3 4 5 6 7 Scanning for device 1 0 3 1 ... OLD: Host: scsi1 Channel: 00 Id: 03 Lun: 01 Vendor: COMPELNT Model: Compellent Vol Rev: 0505 Type: Direct-Access ANSI SCSI revision: 05 Scanning host 2 for all SCSI target IDs, LUNs 0 1 2 3 4 5 6 7 Scanning host 3 for all SCSI target IDs, LUNs 0 1 2 3 4 5 6 7 Scanning for device 3 0 0 0 ... REM: Host: scsi3 Channel: 00 Id: 00 Lun: 00 DEL: Vendor: TEAC Model: DVD-ROM DV-28SW Rev: R.2A Type: CD-ROM ANSI SCSI revision: 05 Scanning host 4 channels 0 for SCSI target IDs 0, LUNs 0 1 2 3 4 5 6 7 0 new device(s) found. 1 device(s) removed. and sg_map -x /dev/sg0 0 0 32 0 13 /dev/sg1 0 2 0 0 0 /dev/sda /dev/sg2 0 2 1 0 0 /dev/sdb /dev/sg4 1 0 3 1 0 /dev/sdc I'm not sure what this all means...

Read the article
Setting up Virtual Hosts with Apache on Windows 2008 server for multiple sites. Complicated setup,

- by Roeland

Hey guys! I am setting up apache on my windows 2008 server at my home. It will serve 2 functions. Subversion hosting to allow me and some others to manage company documents with version control Local website hosting for web development. Will need to run several websites since I generally work on more then one site at a time. Heres what I have done so far. I set up subversion and apache 2.2 using some walk troughs. I changed the default port to 1337. (im a nerd) Using dyndns.com I created a domain to forward to my home ip which is dynamic. ( company.gotdns.org) I then went into my DNS for my company.com and added a record to point repo.company.com to company.gotdns.org At this point people who need access to my file repository can access by going to repo.company.com/repo which is good so far. My question comes on the next step, setting up virtual hosts with apache. Ideally I would like to have my local website be viewable by some others in the company from their homes. So, say I am working on site1, I would like to have them be able to view this by going site1.roeland.bythepixel.com. At the same time, I would like to have site10.wouter.bythepixel.com go to his local setup for site10. What I have done for this: I went into my DNS for company.com and added a record to point roeland.company.com to company.gotdns.org (which translates to my ip). I added code to my httpd-vhosts.conf (listed at bottom) I added code to my host file (listed at bottom) Hah, so of course this doenst work as excepted.. going to site1.roeland.bythepixel.com doesnt bring up my test1 site. Could anyone point me where I may be going wrong? Thanks! hosts: 127.0.0.1 localhost 127.0.0.1 sensenich.roeland.bythepixel.com ::1 localhost httpd-vhosts.conf: <VirtualHost *:80> ServerAdmin [email protected] DocumentRoot "F:/Current Projects/sensenich.com" ServerName sensenich.roeland.bythepixel.com ErrorLog "logs/sensenich.roeland.bythepixel.com-error.log" CustomLog "logs/sensenich.roeland.bythepixel.com-access.log" common </VirtualHost>

Read the article
Wireless 802.11x Disconnects

- by BillP3rd

I've looked at (and read) all of the similar questions and none of them get exactly to the issue I'm having at home. I have an 802.11g access point (two, actually, with different SSIDs and on different channels). One is an Airlink AR525W. The other is a Linksys WRT54G v.2. The issue is that at random times, my laptop will lose its wireless connection. This occurs regardless of which access point I'm connected to. When I lose the connection, the affected AP no longer appears in the list of available APs. Also, it doesn't have anything to do with walls or distance. It can happen within 30' and when my laptop is literally within line-of-sight. When it loses the signal, it can take from 10 to 30 minutes to reconnect and it always will without intervention. I've done all the “standard” things to troubleshoot the problem and it has improved. For example, I surveyed other access points in my vicinity and have selected a different channel for each of my APs that no one else nearby is using. Both APs are configured WPA2/AES. I'm down to wondering [Note: This is not a shopping question. I'm not buying a new AP] if the fact that I didn't drop two bills on my APs and instead opted for more modest solutions has anything to do with it? I've oft wondered why anyone would go for the high-end AP when they didn't have to. Also, I am aware of DD-WRT and have chosen not to go there because only one of my APs is supported. Oh, and one final thing. It an HP x64 laptop running Windows 7 Ultimate. The wireless interface is an Atheros AR9285 802.11b/g/n WiFi Adapter. All the latest drivers and service packs have been applied. It did the same thing with my old laptop (a Lenovo) so I don't the problem is in the laptop. It's really annoying when this happens and suggestions of things I haven't thought of or may have overlooked (No, really. As unlikely as it is, I admit that I may have overlooked something :-)) are appreciated.

Read the article
Security question pertaining web application deployment

- by orokusaki

I am about to deploy a web application (in a couple months) with the following set-up (perhaps anyways): Ubuntu Lucid Lynx with: IP Tables firewall (white-list style with only 3 ports open) Custom SSH port (like 31847 or something) No "root" SSH access Long, random username (not just "admin" or something) with a long password (65 chars) PostgreSQL which only listens to localhost 256 bit SSL Cert Reverse proxy from NGINX to my application server (UWSGI) Assume that my colo is secure (Physical access isn't my concern for the time being) Application-level security (SQL injection, XSS, Directory Traversal, CSRF, etc) Perhaps IP masquerading (but I don't really understand this yet) Does this sound like a secure setup? I hear about people's web apps getting hacked all the time, and part of me thinks, "maybe they're just neglecting something", but the other part of me thinks, "maybe there's nothing you can do to protect your server, and those things are just measures to make it a little harder for script kiddies to get in". If I told you all of this, gave you my IP address, and told you what ports were available, would it be possible for you to get in (assuming you have a penetration testing tool), or is this really protected well.

Read the article
Can't Launch Firefox on OS X 10.6

- by user61804

When I try to run Firefox 3.6 or 4 beta I get a message saying: Profile Missing Your Firefox profile cannot be loaded. It may be missing or inaccessible. I have tried running the profile manger from the command line using: /Applications/Firefox.app/Contents/MacOS/firefox-bin -ProfileManager I get the same message in the popup, but I also get: Error: Access was denied while trying to open files in your profile directory. I have tried deleting firefox and reinstalling it. I have also tried deleting anything related to Firefox or Mozilla in the ~/Library/Application Support directories, but nothing seems to help. In addition I have run the disk utility to fix any permissions issues. If I create a new profile or run the command with sudo it works. It seem that that Firefox is trying to put the profile somewhere it doesn't have access to write, but I can't figure out how to change this location or change the permissions. Any help would be greatly appreciated.

Read the article
Setting Up an IP Camera in ZoneMinder from Ubuntu

- by Chris S

I recently bought a TV-IP312W wireless IP camera. I've completed the basic setup on the camera itself, and confirmed I can stream video using the utility CamViewer. Now I'm trying to access the camera from ZoneMinder, so I can setup monitors and alerts. However, I'm finding the documentation a bit laking. Following the tutorial and a forum post, I've install ZoneMinder, and can access the web interface, but I'm getting stuck at the "Check that your Camera Works!" section. I can add a monitor, but after I add the configuration: Source Type: FFMPEG Source Path: http://192.168.1.105/cgi/mjpg/mjpeg.cgi?.mjpeg all I get is a broken image. What am I doing wrong?

Read the article
Website requests not reaching IIS?

- by pete the pagan-gerbil

To start off with a confession, I am not a server admin - just a developer tasked with getting to the root of a problem. Please be gentle! I have an intranet ASP.NET website running in IIS on a virtual machine. The website is not accessed very often (the last IIS log file was modified nearly six months ago). Both the IP address and Host header value are now failing to return the website, and the IIS log still doesn't show any more recent activity. The virtual machine was moved to a different physical location a few months ago, and the IP address for it has changed. Could this be what has broken access to the site? What else should I be checking to solve this? I don't have totally unrestricted access to the building's network settings, structures, etc. I would be grateful for any advice, even if I can't use it myself it'll improve my knowledge of what's going on behind the scenes!

Read the article
Is there a security risk for allowing people to set their DNS so their own subdomains can be route to my server?

- by DantheMan

Lets say that I have a web application, built in Django and deployed with Nginx. Is it a good idea to offer a service that allows customers to request that a subdomain can be pointed at it. I figured this: If I dont allow this, then some companies wont want to access the service from http://mydjangoappmadeupname.com/bigcorporation/ They would rather access it through http://service.bigcorporation.com That would effectively mask that they are using an outside resource. Is there a significant risk that I am overlooking? Also do you think it would be easier to just set things up in Django to handle it, allowing Nginx to accept all domains and then pushing them to Django which would filter out if they are allowed or not, or would it be better to just update my Nginx log each time a client wanted this changed?

Read the article
nginx, php-cgi and "No input file specified."

- by Stephen Belanger

I'm trying to get nginx to play nice with php-cgi, but it's not quite working how I'd like. I'm using some set variables to allow for dynamic host names--basically anything.local. I know that stuff is working because I can access static files properly, however php files don't work. I get the standard "No input file specified." error which normally occurs when the file doesn't exist, but it definitely does exist and the path is correct because I can access the static files in the same path. It could possibly be a permissions thing, but I'm not sure how that could be an issue. I'm running this on Windows under my own user account, so I think it should have permission unless php-cgi is running under a different user without me telling it to. . Here's my config; worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; gzip on; server { # Listen for HTTP listen 80; # Match to local host names. server_name *.local; # We need to store a "cleaned" host. set $no_www $host; set $no_local $host; # Strip out www. if ($host ~* www\.(.*)) { set $no_www $1; rewrite ^(.*)$ $scheme://$no_www$1 permanent; } # Strip local for directory names. if ($no_www ~* (.*)\.local) { set $no_local $1; } # Define default path handler. location / { root ../Users/Stephen/Documents/Work/$no_local.com/hosts/main/docs; index index.php index.html index.htm; # Route non-existent paths through Kohana system router. try_files $uri $uri/ /index.php?kohana_uri=$request_uri; } # pass PHP scripts to FastCGI server listening on 127.0.0.1:9000 location ~ \.php$ { root ../Users/Stephen/Documents/Work/$no_local.com/hosts/main/docs; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi.conf; } # Prevent access to system files. location ~ /\. { return 404; } location ~* ^/(modules|application|system) { return 404; } } }

Read the article
Forward domain for flavors.me yet retain own_domain.com/blog

- by romant

I wish to have my flavors.me use my own domain, yet still wish to retain access to own_domain.com/blog The way flavors.me works now is that I must have the DNS A record point at their IP. Which obviously will prevent me from still having access to own_domain.com/blog Am posting this to gather some ideas. What ought to be the best way of solving this? I am trying to stave off the need for a subdomain for the blog if I can help it. Is there some magic with htaccess and domain masking that can occur without SEO penalties? Thank you.

Read the article
Forward domain for flavors.me yet retain own_domain.com/blog

- by romant

I wish to have my flavors.me use my own domain, yet still wish to retain access to own_domain.com/blog The way flavors.me works now is that I must have the DNS A record point at their IP. Which obviously will prevent me from still having access to own_domain.com/blog Am posting this to gather some ideas. What ought to be the best way of solving this? I am trying to stave off the need for a subdomain for the blog if I can help it. Is there some magic with htaccess and domain masking that can occur without SEO penalties? Thank you.

Read the article
VPN using Zywall

- by Rune FS

I've played around with a certificate based VPN (normally I don't do hardware) we've manged to setup the connection and the tunnel between the routers is working correctly. We now need the last step. There's no connection to the computers on the other end. What could we have forgotten? (we're testing with two standard configured Win7 machines) EDIT: Just to clarify the tunnel is working I can ping the router on the other end. I can't access the computers on the other side of that router and vice versa. (It's also possible to access the remotemangement console of the remote router on the LAN IP)

Read the article
What do these "Cron Daemon" email errors mean?

- by Meltemi

Anyone know what this means? Getting one of these every minute in one user's inbox: From: Cron Daemon <[email protected]> Subject: Cron <joe@mail> /tmp/.d/update >/dev/null 2>&1 To: [email protected] Received: from murder ([unix socket]) by mail.domain.com (Cyrus v2.2.12-OS X 10.3) with LMTPA; Tue, 04 May 2010 10:35:00 -0700 shell-init: could not get current directory: getcwd: cannot access parent directories: Permission denied job-working-directory: could not get current directory: getcwd: cannot access parent directories: Permission denied

Read the article
How to give an apache user read/write permissions?

- by Amy

How can I give another user on the server the same read/write access permissions just like when I am logged in as root?

Read the article
Monitor the shell activity of a user on your Unix system?

- by Joseph Turian

Trust, but verify. Let's say I want to hire someone a sysadmin, and give them root access to my Unix system. I want to disable X windows for them, only allow shell usage (through SSH, maybe), so that all operations they perform will be through the shell (not mouse operations). I need a tool that will log to a remote server all commands they issue, as they issue them. So even if they install a back door and cover their tracks, that will be logged remotely. How do I disable everything but shell access? Is there a tool for instantaneously remotely logging commands as they are issued?

Read the article
Configure IE to use MS Word Viewer as .doc viewer on Citrix server with Office installed

- by Adam Towne

We have a small number of citrix servers that all have office installed. Only a small subset of users have access to office. Everyone is set to open office documents with the free viewers on the Citrix servers. We control access to office through NTFS permissions. We now have a large number of users who need to be able to view office documents from a webpage. Opening office files normally works fine. When users open the office documents from the link in a webpage, it ignores the file associations and attempts to open the document with the full office program. How can I change the program that IE uses to open office documents, or how can I force it to use the file associations I set in the operating system?

Read the article

< Previous Page | 380 381 382 383 384 385 386 387 388 389 390 391 | Next Page >