Search Results

Search found 21678 results on 868 pages for 'network traffic'.

Page 494/868 | < Previous Page | 490 491 492 493 494 495 496 497 498 499 500 501 | Next Page >

Firewall still blocking port 53 despite listing otherwise?

- by Tom

I have 3 nodes with virtually the same iptables rules loaded from a bash script, but one particular node is blocking traffic on port 53 despite listing it's accepting it: $ iptables --list -v Chain INPUT (policy DROP 8886 packets, 657K bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- lo any anywhere anywhere 2 122 ACCEPT icmp -- any any anywhere anywhere icmp echo-request 20738 5600K ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED 0 0 ACCEPT tcp -- eth1 any anywhere node1.com multiport dports http,smtp 0 0 ACCEPT udp -- eth1 any anywhere ns.node1.com udp dpt:domain 0 0 ACCEPT tcp -- eth1 any anywhere ns.node1.com tcp dpt:domain 0 0 ACCEPT all -- eth0 any node2.backend anywhere 21 1260 ACCEPT all -- eth0 any node3.backend anywhere 0 0 ACCEPT all -- eth0 any node4.backend anywhere Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 15804 packets, 26M bytes) pkts bytes target prot opt in out source destination nmap -sV -p 53 ns.node1.com // From remote server Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2011-02-24 11:44 EST Interesting ports on ns.node1.com (1.2.3.4): PORT STATE SERVICE VERSION 53/tcp filtered domain Nmap finished: 1 IP address (1 host up) scanned in 0.336 seconds Any ideas? Thanks

Read the article
Application runs fine when executed directly, fails as scheduled task (security issues)

- by Carl

I have an application that loads some files from a network share (the input folder), extracts certain data from them and saves new files (zips them with SharpZLib) on a different network share (output folder). This application runs fine when you open it directly, but when it is set to a scheduled task, it fails in numerous places. This application is scheduled on a Win 2003 server. Let me say right off the bat, the scheduled task is set to use the same login account that I am currently logged in with, so it's not because it's using the LocalSystem account. Something else is going on here. Originally, the application was assigning a drive letter to the input folder using WNetGetConnectionA(). I don't remember why this was done, someone else on our team did that and she's gone now. I think there was some issue with using the WinZip command line with a UNC path. I switched from the WinZip command line utility to using SharpZLib because there were other issues with using the WinZip command line. Anyway, the application failed when trying to assign a drive letter with the error "connection already established." That wasn't true and even after trying WNetCancelConnection(), it still didn't work. Then I decided to just map the drive manually on the server. Then when the app calls Directory.Exists(inputFolderPath) it returns false, even though it does exist. So, for whatever reason, I cannot read this directory from within the application. I can manually navigate to this folder in Windows Explorer and open files. The app log file shows that the user executing it on the schedule is the user I expect, not LocalSystem. Any ideas?

Read the article
Multicast File copy with Unicast responses

- by kirbuchi

I'm trying to do some multicast big file copies over to remote clients on the other side of a satellite link. The idea is to minimize the amount of traffic going up to the satellite. I tried using uftp without luck. The problem is that, even though we can reach clients via multicast from our central Hub, they aren't able to respond to a multicast address (it's not supported by the return link). As uftp needs to respond to a multicast address in order to report any missing packets I'm out of luck. So does anyone have any recommendations or alternatives I can use to do the trasfers? Any tip or pointer would be appreciated.

Read the article
Under what circumstances might an IIS6 website be automatically deleted?

- by E. Anderson

Late last week my colleagues did some hardware maintenance on one of our vmWare esxi servers. One of the guests is a Windows Server 2003 Web Edition system that runs our low-traffic web sites. We discovered this morning that one of those websites was no longer working with what appeared to be an SSL error. After logging in, I found that the web site in question had been deleted from IIS! Is it possible for this to happen without a user actually going in and deleting that single web site? All of the other sites were fine. The files for the site in question had not been touched. I just re-created the web site, assigned the SSL cert, and everything was working again. When I logged in, I did see the 'Unexpected Shutdown' dialog.

Read the article
Switch to switch encryption over a wireless bridge (TrustSec?)

- by metatheorem

I am planning to connect an existing Cisco 3750 switch to a 3560C switch over a wireless PTP bridge. The bridge will be WPA2 protected, but I am looking for an additional measure of security between the switches to prevent other wireless access through either switch. They do not support IPSec, only 802.1Q tunnels, and buying additional hardware is not likely an option. I am looking into using TrustSec manual mode between the switches. After some effort reading into TrustSec and MACsec, I am mostly certain this is a good choice over the wireless bridge, keeping in mind it is a shared medium. Two questions: Can I reliably prevent other wireless traffic from accessing the switches using TrustSec? Does anyone know of any better options with the 3000 series switches?

Read the article
Windows 2008 R2 Not resolving IP's or domains

- by InsaneAR

I have two servers with Microsoft Windows Server 2008 R2 x64, and today I realized that one of them don't resolve IP's or domain names. If I ping the same machine IP, it respond, but if I ping an external IP (like 8.8.8.8 or any other) it does not work. The same with domain names. At Windows Event Viewer I'm having Warning 1014: Name resolution for the name timed out after none of the configured DNS servers responded THE SERVER HAS CONNECTIVITY, I'm connected remotely and the services and incoming traffic (like FTP, etc) are working OK. Things I've done & tested: Run Kaspersky Virus Removal 10 Restart/Turn off the DNS Client service Clean the hosts file Reboot the server Turn off the Windows Firewall (there's not another firewall) Quit or replace the current DNS servers I just can ping the same machine IP or the gateway! Can anybody help me?

Read the article
Can't access server from external IP

- by Mathias

I have a problem with my web server; I can't access it from the external IP address. I'm using an IIS 7 server, but I've tried with apache on Linux as well. I have forwarded all traffic on port 80 to my computer, but it just won't work. I've done port forwarding with my Minecraft server, and it did work, but when I try it with a web server, no. I've been looking on many many forums, but their methods don't work for me. My router is a Speedport W 723V, if anyone knows that one. Any help is appreciated.

Read the article
htaccess rewrite condition old site to new site with querystring

- by Brandon Braner

I am not even going to pretend to fully understand how htaccess rewrite conditions work. I've been working on this for a while searching and searching. I have an old Wordpress site www.old-site.com and a new site www.site.com. Wordpress uses query strings page_id=# to redirect to pages. On the old site page_id=2 went to a specific page but on the new site it goes the the home page. I need old-site/?page_id=2 to go to site.com/our-company Here is what I am trying RewriteCond %{HTTP_HOST} ^(www\.)?old-site.com$ [NC] RewriteCond %{QUERY_STRING} ^page_id=2$ RewriteRule ^(.*)$ http://www.site.com/our-company/ [R=301,L] If I take out the rewrite condition for query string it redirects all traffic from old-site.com to the company page on the new site. Where am I going wrong? I have about 15 redirects I need to do this way.

Read the article
How to configure OpenVPN server to use custom default gateway?

- by Arenim

I have a vpn server at address 10.1.0.2 and the server have another ip in it's network -- 10.0.0.2 in his subnet (it's a tun2socks router). But default server's gateway is NOT 10.0.0.2 (and it's ok) but another external IP. I want all the client's traffic to be forwarded through this ip address -- 10.0.0.2. Here is part of my server's config: dev tap0 server-bridge 10.1.0.1 255.255.255.0 10.1.0.50 10.1.0.100 push "route 10.0.0.0 255.255.255.0" ; now client can ping 10.0.0.2 push "redirect-gateway def1 bypass-dhcp" push "dhcp-option DNS 10.1.0.1" push "dhcp-option WINS 10.1.0.1" in fact i want some like push "redirect-gateway 10.0.0.2" How can I achieve this?

Read the article
Authenticating SSL in Paros Proxy

- by Chevi

I need to inspect some traffic from my iPhone to debug an application, which is going and coming from an https address. Since I don't have a Mac at the moment, I tried with Paros proxy, which I had used before. It's working fine with http connections, but whenever I try to open a website with SSL encryption in Mobile Safari it says that the certificate is not trusted. I can "Continue" and it would work, but not on Applications. How can I set up a trusted certificate with Paros and the iPhone? Thanks in advance, Alex UPDATE: I'm going to try and create my own SSL certificate for testing with Windows' MakeCert UPDATE 2: For some reason I could get Windows SDK to install, so I haven't tried this yet...

Read the article
Eliminate single point of failure for webservers?

- by George Bailey

I know in DNS, that each of the DNS servers will be tried to see if they will respond I know in email that in the event of a failure it will go to the next one in the list or it will hold the mail for a period of time As far as I know,, in webservers,, the browser will get one of the webserver IP addresses and try it and if it fails it will give up. Is this correct? If so,, then the only way to direct traffic away from a failed IP address would be with the DNS servers.. and even that would not update immediately?

Read the article
Best practices for encrytping continuous/small UDP data

- by temp

Hello everyone, I am having an application where I have to send several small data per second through the network using UDP. The application need to send the data in real-time (on waiting). I want to encrypt these data and insure that what I am doing is as secure as possible. Since I am using UDP, there is no way to use SSL/TLS, so I have to encrypt each packet alone since the protocol is connectionless/unreliable/unregulated. Right now, I am using a 128-bit key derived from a passphrase from the user, and AES in CBC mode (PBE using AES-CBC). I decided to use a random salt with the passphrase to derive the 128-bit key (prevent dictionary attack on the passphrase), and of course use IVs (to prevent statistical analysis for packets). However I am concerned about few things: Each packet contains small amount of data (like a couple of integer values per packet) which will make the encrypted packets vulnerable to known-plaintext attacks (which will result in making it easier to crack the key). Also, since the encryption key is derived from a passphrase, this will make the key space way less (I know the salt will help, but I have to send the salt through the network once and anyone can get it). Given these two things, anyone can sniff and store the sent data, and try to crack the key. Although this process might take some time, once the key is cracked all the stored data will be decrypted, which will be a real problem for my application. So my question is, what is the best practices for sending/encrypting continuous small data using a connectionless protocol (UDP)? Is my way the best way to do it? ...flowed? ...Overkill? ... Please note that I am not asking for a 100% secure solution, as there is no such thing. Cheers

Read the article
Proxy - Some general questions

- by user68802

Is it possible to accomplish the following scenario with a proxy server? We are having one internet facing server that we want to put behind a proxy for some reasons. We want everything to work as before. When they do a request all connections will be forward to the internal server which will send back the information through the proxy. We want to be able to change to proxy to show an maintenance page whenever we are doing maintenance and change it back to forwarding traffic when we are done. We do also want to be able to keep forwarding all users that are using the sites but show an maintenance page for all new users for a time before showing the maintenance page for everyone in order to give the users some time to finish their work before kicking them out.

Read the article
IPTables: allow SSH access only, nothing else in or out

- by Disco

How do you configure IPTables so that it will only allow SSH in, and allow no other traffic in or out? Any safety precautions anyone can recommend? I have a server that I believe has been migrated away from GoDaddy successfully and I believe is no longer in use. But I want to make sure just because ... you never know. :) Note that this is a virtual dedicated server from GoDaddy... That means no backup and virtually no support.

Read the article
Yum through http proxy

- by eodchop

I have several Fedora 13 servers that have to connect through an http proxy for yum updates. All port 80 traffic has to be routed through this proxy. I have setup the proxy server in the network settings GUI. I can browse the internet just fine. I have also setup my proxy information in /etc/yum.conf as follows: proxy=http:proxy.largecorp.corp/accelerated_pac_base.pac proxy_user=user proxy_password=password I then added the export HTTP_PROXY="http:proxy.largecorp.corp/accelerated_pac_base.pac" to /etc/bashrc and sourced the file. When i run yum update: Loaded plugins:presto, refresh-packagekit Error: Cannot retrieve repository metadata (repomd.xml) fro repository: fedora. Please verify its path and try again. All of the repo urls are the defaults, as this is a fresh install.

Read the article
C: incompatible types in assignment

- by The.Anti.9

I'm writing a program to check to see if a port is open in C. One line in particular copies one of the arguments to a char array. However, when I try to compile, it says: error: incompatible types in assignment Heres the code. The error is on the assignment of addr #include <sys/socket.h> #include <sys/time.h> #include <sys/types.h> #include <arpa/inet.h> #include <netinet/in.h> #include <errno.h> #include <fcntl.h> #include <stdio.h> #include <netdb.h> #include <stdlib.h> #include <string.h> #include <unistd.h> int main(int argc, char **argv) { u_short port; /* user specified port number */ char addr[1023]; /* will be a copy of the address entered by u */ struct sockaddr_in address; /* the libc network address data structure */ short int sock = -1; /* file descriptor for the network socket */ port = atoi(argv[1]); addr = strncpy(addr, argv[2], 1023); bzero((char *)&address, sizeof(address)); /* init addr struct */ address.sin_addr.s_addr = inet_addr(addr); /* assign the address */ address.sin_port = htons(port); /* translate int2port num */ sock = socket(AF_INET, SOCK_STREAM, 0); if (connect(sock,(struct sockaddr *)&address,sizeof(address)) == 0) { printf("%i is open\n", port); } if (errno == 113) { fprintf(stderr, "Port not open!\n"); } close(sock); return 0; } I'm new to C, so I'm not sure why it would do this.

Read the article
Books for Computer Networking

- by Altimet Gaandu

Hi, I am a student of computer engineering from Vasula University, Somalia. We have a subject called Advanced Computer Networks and the following is the list of recommended books: Text Books: 1. B. A. Forouzan, "TCP/IP Protocol Suite", Tata McGraw Hill edition, Third Edition. 2. N. Olifer, V. Olifer, "Computer Networks: Principles, Technologies and Protocols for Network design", Wiley India Edition, First edition. References: 1. W.Richard Stevens, "TCP/IP Volume1, 2, 3", Addison Wesley. 2. D.E.Comer,"TCP/IPVolumeI and II", PearsonEducation. . 3.W.R. Stevens, "Unix Network Programming", Vol. 1, Pearson Education. 4. J.Walrand, P. Var~fya, "High Performance Communication Networks", Morgan Kaufmann. . 5. A.S.Tanenbaum,"Computer Networks", Pearson Education, Fourth Edition. But we have been unable to find these either in the market or on the internet (read: torrents). Please provide download links to any of these books and oblige. Thanks.

Read the article
How to configure linux routing/filtering to send packets out one interface, over a bridge and into another interface on the same box

- by rj75

I'm trying to test a ethernet bridging device. I have multiple ethernet ports on a linux box. I would like to send packets out one interface, say eth0 with IP 192.168.1.1, to another interface, say eth1 with IP 192.168.1.2, on the same subnet. I realize that normally you don't configure two interfaces on the same subnet, and if you do the kernel routes directly to each interface, rather than over the wire. How can I override this behavior, so that traffic to 192.168.1.2 goes out the 192.168.1.1 interface, and visa-versa? Thanks in advance!

Read the article
How do I distribute my slightly customized Linux in VirtualBox?

- by goodrone

Suppose I've got some Arch Linux installation which I'd like to distribute among students with (sometimes very) basic Linux knowledge to make them able to compile C programs in an environment very similar to that in the university. (Things like Cygwin or MinGW seem to be inappropriate here.) I also choose VirtualBox as a holder for the virtual system. The question is: how do I distribute it? I mean: installing VirtualBox on the target machine (if not still installed) uncompressing and copying my image file (.VDI) registering the image (so that VirtualBox could see it when launched) configuring the guest system in VirtualBox (network, memory, etc.) optionally installing PuTTY to simplify interfacing with the guest Linux Should I create an installer? Which one? Or just write some .BAT-scripts? (Target host system is Windows, mostly XP and Vista.) I definately don't want to have a webpage with screen shot explaining where to click and what to press, because it's boring. Additionaly, what will be the best (the most user-friendly) way to configure network when the guest Linux system is run for the first time?

Read the article
Why might one app connect to SQL backend OK and a second app fail if they share the same connectionstring?

- by hawbsl

Trying to figure out a SQL connection error 26 in our app. We've got two closely related apps Foo and FooAddIn. Foo is a Winforms app built in VS2010 and runs fine and connects fine to our SQLExpress back end. FooAddIn is an Outlook AddIn which references Foo.exe and connects to the same SQL Express instance. Or rather, it doesn't connect, instead reporting: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified) Now, both apps share the same connectionstring and we've verified they really do share the same connectionstring. At this stage we're just testing from within the same developer machine, so the apps are on the same machine, going via the same VS2010 IDE. So a lot of the advice online for this error doesn't apply because the fact that Foo connects through to SQL Express tells us the database is there and available and can be reached. What else is there to check? One thing is that Foo and FooAddIn are running different runtime versions of System.Data (v2.0.50727 and v4.0.30319). Could that be a factor?

Read the article
Troubles doing transparent proxy for virtual machines

- by Dan H

Hi iptables gurus. First here is the basic topology: Internet | Gateway | Workstation---eth0---virbr0 | +-----+-----+ | | | vm1 vm2 vm3 I need to test a traffic analyzer running on my workstation, listening on some port (say 8990) on eth0. The rule [I think] I want is "any packets leaving virbr0 going anywhere to port 80 must instead go to port 8990 on eth0". My software running on port 8990 does its own check of the NAT packet mangling to push the packets through after it inspects them. I've been banging my head on this, with different variants of: iptables -t nat -A PREROUTING -i virbr0 -p tcp --dport 80 -j DNAT \ --to 10.0.0.10:8990 And I've tried the more generic method of using the mangle table with --set-mark and ip rule add fwmark, but I'm not getting it. I guess what's confusing me is that everything runs on the same box. Thanks for any guidance.

Read the article
.htaccess redirect not preserving http_referer header

- by CodeToaster

We're merging with another company, and we want to redirect content from their (Apache) website to our (IIS) site. When traffic arrives at our site, we inspect the HTTP_REFERER, and if the visitor was just redirected from the company's site that we just merged with, they'll be presented with a "splash" page announcing the merger. I've added the line... Redirect / http://www.oursite.com/ ...to their .htaccess, which works fine, except that when the browser is redirected it doesn't send the HTTP_REFERER header. I've tried redirecting with redirect codes 301, 302 and 307 (the default, I believe, is 302) and all have the same effect (redirects fine, but no HTTP_REFERER). Can anyone provide some insight into why HTTP_REFERER wouldn't be included?

Read the article
How to setup an Openvpn server with two gateways to internet

- by fourat

I have an openvpn server behind two wan interfaces: eth1 and eth2 where eth1 is the default gw and eth2 is where openvpn binds to. The problems my ovpn server is replying back to ovpn client via the default gw (through eth1) and the tcp negociation is lost before establishing any tunnel. Here's what's happening: wan client -----> eth2 ----> openvpn -----> eth1 ----> lost and not delivered back to client Is there a way to tell ovpn to stick on eth2 and consider it for all traffic ?

Read the article
How can I solve Windows PPTP VPN issues?

- by Robin M

I'm having persistent problems with Windows PPTP VPN connections. The VPN appears up whilst the tunnel won't transfer traffic (ping to a remote IP within the VPN works for a while, and then fails). The client receives routing information via DHCP. When the connection fails, the routing table is still correct so I don't think it's a routing problem. My internet connection is via an ADSL2 line. There's software to deal with PPTP problems, like TunnelRat, but I don't want to install v1.1 of the .NET framework and I'd rather get to the bottom of the problem (I have multiple VPN connections and some are more unreliable than others). What can I do to get to the bottom of this? Alternatively, what can I do to keep the connection alive?

Read the article
How can I tell if my ISP is redirecting my DNS queries?

- by Nack

I've attempted to use some DNS services like OpenDNS, and no matter what I do the DNS queries don't return the expected results. Watching the packet traffic on my firewall, I can see the queries go out to the intended DNS server address and responses coming back, but the results are not as expected, for example, the OpenDNS test page always fails even though the requests appear to be going to their servers. I suspect my ISP is intercepting DNS queries and sending them to their own servers. Is there a way to verify this? Is there something else I might be missing? I'm using 3G wireless service from Sprint.

Read the article

< Previous Page | 490 491 492 493 494 495 496 497 498 499 500 501 | Next Page >