Search Results

Search found 14718 results on 589 pages for 'domain registration'.

Page 510/589 | < Previous Page | 506 507 508 509 510 511 512 513 514 515 516 517  | Next Page >

• How Could My Website Be Hacked

  - by Kiewic

  Hi! I wonder how this could happen. Someone delete my index.php files from all my domains and puts his own index.php files with the next message: Hacked by Z4i0n - Fatal Error - 2009 [Fatal Error Group Br] Site desfigurado por Z4i0n Somos: Elemento_pcx - s4r4d0 - Z4i0n - Belive Gr33tz: W4n73d - M4v3rick - Observing - MLK - l3nd4 - Soul_Fly 2009 My domain has many subdomains, but only the subdomains that can be accessed with an specific user were hacked, the rest weren't affected. I assumed that someone entered through SSH, because some of these subdomains are empty and Google doesn't know about them. But I checked the access log using the last command, but this didn't show any activity through SSH or FTP the day of the attack neither seven days before. Does anybody has an idea? I already changed my passwords. What do you recommend me to do? UPDATE My website is hosted at Dreamhost. I suppose they have the latest patches installed. But, while I was looking how they entered to my server, I found weird things. In one of my subdomains, there were many scripts for execute commands on the server, upload files, send mass emails and display compromising information. These files had been created since last December!! I have deleted those files and I'm looking for more malicious files. Maybe the security hold is an old and forgotten PHP application. This application has a file upload form protected by a password system based on sessions. One of the malicious scripts was in the uploads directory. This doesn't seem like an SQL Injection attack. Thanks for your help.

  Read the article

• Debian Squeeze Linux 9p virtfs guest mount failure

  - by Tero Kilkanen

  First some background information on the server: Host OS: Debian Linux Squeeze + qemu-kvm version 1.0+dfsg-8~bpo60+1 Guest OS: Debian Linux Squeeze I use qemu-kvm via libvirt. I have set up 9p VirtFS with the following in Guest's XML config: <filesystem type='mount' accessmode='passthrough'> <source dir='/srv/www'/> <target dir='wwwdata'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x0'/> </filesystem> That is, I want to share /srv/www to the guest OS using mount tag wwwdata. When I try to mount the VirtFS share from the guest, I get an error message: root@server:~# mount -t 9p -o trans=virtio,version=9p2000.L2 wwwdata /srv/www/ mount: wwwdata: can't read superblock I also tried virtfs target dir/mount_tag www at first. I got the same error message. However, I was able to mount the VirtFS share using mount tag www1111, or www1 or similar. Some more notes on this one. dmesg doesn't show anything useful either in guest or the host. The only sign is this entry in the guest dmesg: [ 36.054936] Installing v9fs 9p2000 file system support Does anyone know how to get this working correctly? Google gives no useful information on this issue; I've tried several searches.

  Read the article

• can't figure out why apache LDAP auth fails

  - by SethG

  Suddenly, yesterday, one of my apache servers became unable to connect to my LDAP (AD) server. I have two sites running on that server, both of which use LDAP to auth against my AD server when a user logs in to either site. It had been working fine two days ago. For reasons unknown, as of yesterday, it stopped working. The error log only says this: auth_ldap authenticate: user foo authentication failed; URI /FrontPage [LDAP: ldap_simple_bind_s() failed][Can't contact LDAP server], referer: http://mysite.com/ I thought perhaps my self-signed SSL cert had expired, so I created a new one for mysite.com, but not for the server hostname itself, and the problem persisted. I enabled debug-level logging. It shows the full SSL transaction with the LDAP server, and it appears to complete without errors until the very end when I get the "Can't contact LDAP server" message. I can run ldapsearch from the commandline on this server, and I can login to it, which also uses LDAP, so I know that the server can connect to and query the LDAP/AD server. It is only apache that cannot connect. Googling for an answer has turned up nothing, so I'm asking here. Can anybody provide insight to this problem? Here's the LDAP section from the apache config: <Directory "/web/wiki/"> Order allow,deny Allow from all AuthType Basic AuthName "Login" AuthBasicProvider ldap AuthzLDAPAuthoritative off #AuthBasicAuthoritative off AuthLDAPUrl ldaps://domain.server.ip/dc=full,dc=context,dc=server,dc=name?sAMAccountName?sub AuthLDAPBindDN cn=ldapbinduser,cn=Users,dc=full,dc=context,dc=server,dc=name AuthLDAPBindPassword password require valid-user </Directory>

  Read the article

• Registering publicly Mail server and Web server in a free dns server

  - by Bruno Vieira

  I'm trying to host the e-mails and the site of our company into our private server. I've already followed the Gentoo Virtual Mailhosting System with Postfix Guide and my mail server is working (actually it sends mails for the local users and for external users it goes to spam) and know how to set an Apache 2 server. What I don't know (and I mean really don't) is how to make them public. I did some research and found that I should ask my ISP to change the reverse DNS to my company domain in order to prevent my mails to be marked as spam, they are doing. I already know I have to configure a DNS Server, it seems like my register provider already has one but I don't know how I can configure CNET, A, MX, TXT and all those tags (Is it tags the name?) and If I must do some other configuration on my server. My Server: Linux mail 3.2.21-gentoo #1 SMP My /etc/hosts: 127.0.0.1 mail.example.com.br example example.com.br ::1 mail.example.com.br mail example.com.br My /etc/conf.d/hostname: hostname ="mail" What am I missing? If there's a guide about how to configure I would really be grate. Thanks in advance for the help. Cheers

  Read the article

• Cannot send email outside of network using Postfix

  - by infmz

  I've set up an Ubuntu server with Request Tracker following this guide (the section about inbound mail would be relevant). However, while I'm able to send mail to other users within the network/domain, I cannot seem to reach beyond - such as my personal accounts etc. Now I have no idea what is causing this, I thought that all it takes is for the system to fetch mail through our exchange server and be able to deliver in the same way. However, that hasn't been the case. I have found another server setup in a similar fashion (CentOS 5, Request Tracker but using Sendmail), however it is a dated server and whoever's built it has kindly left no documentation on how it works, making it a pain to use that as a reference system! :) At one point, I was told I need to set up a relay between the local server's email add and our AD server but this didn't seem to work. Sorry, I know next to nothing about mailservers, my colleagues nothing about Linux so it's a hard one for me. Thank you! EDIT: Result of postconf -N with details masked =) alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no config_directory = /etc/postfix inet_interfaces = all mailbox_command = procmail -a "$EXTENSION" mailbox_size_limit = 0 mydestination = myhost.mydomain.com, localhost.mydomain.com, , localhost myhostname = myhost.mydomain.com mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 myorigin = /etc/mailname readme_directory = no recipient_delimiter = + relayhost = EXCHANGE IP smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes Sample log message: Sep 4 12:32:05 theedgesupport postfix/smtp[9152]: 2147B200B99: to=<[email protected]>, relay= RELAY IP :25, delay=0.1, delays=0.05/0/0/0.04, dsn=5.7.1, status=bounced (host HOST IP said: 550 5.7.1 Unable to relay for [email protected] (in reply to RCPT TO command))

  Read the article

• 554 5.7.1 <mail_addr>: Relay access denied centos postfix

  - by Relicset

  I have problem in send mail from postfix in centos I have following setup mail server postfix for sending mail but I am getting error. As in the link I tried following commands telnet localhost smtp Trying ::1... Connected to localhost. Escape character is '^]'. 220 mydomain.com ESMTP Postfix ehlo localhost 250-mydomain.com 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN mail from:<domain.com> 250 2.1.0 Ok rcpt to:<[email protected]> 554 5.7.1 <[email protected]>: Relay access denied Edit-1 In terminal this works echo TEST | mail -v -s "Test mail" [email protected] my postconf -n shows belog information alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 home_mailbox = Maildir/ html_directory = no inet_interfaces = localhost inet_protocols = all mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain mydomain = dummy.com myhostname = dummy.com mynetworks = all mynetworks_style = host myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES sample_directory = /usr/share/doc/postfix-2.6.6/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop unknown_local_recipient_reject_code = 550 What configuration I have to perform to send mails from my server.

  Read the article

• Squirrelmail receiving duplicate emails

  - by Austin

  A client of mine is experiencing issues with his email, it appears that whenever he receives email from a certain domain it comes as duplicates. Not only are they duplicates but the duplicated items have a (+) sign next to them which usually indicates an attachment. Could this be because of a forwarding issue? Here are the headers: Return-Path: <[email protected]> Received: from bigcat.centralmasswebdesign.com (root@localhost) by tarbellconstruction.com (8.13.1/8.13.1) with ESMTP id o4OFnO23003379 for <[email protected]>; Mon, 24 May 2010 11:49:24 -0400 X-ClientAddr: 72.249.26.200 Received: from mf3.spamfiltering.com (mf3.spamfiltering.com [72.249.26.200]) by bigcat.centralmasswebdesign.com (8.13.1/8.13.1) with ESMTP id o4OFnOjF005520 for <[email protected]>; Mon, 24 May 2010 11:49:24 -0400 X-Envelope-From: [email protected] X-Envelope-To: [email protected] Received: From 67-132-16-226.dia.static.qwest.net (67.132.16.226) by mf3.spamfiltering.com (MAILFOUNDRY) id 6lzIAmdLEd+oFQAw for [email protected]; Mon, 24 May 2010 15:49:23 -0000 (GMT) Received: from mail pickup service by WMA2-EXCH1.NELCO-USA.net with Microsoft SMTPSVC; Mon, 24 May 2010 11:49:18 -0400 Content-Transfer-Encoding: 7bit Importance: normal Priority: normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4325 Content-Class: urn:content-classes:message MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----_=_NextPart_001_01CAFB58.AAB268D0" Subject: weekly activity report for week ending May 22, 2010 Date: Mon, 24 May 2010 11:49:16 -0400 Message-ID: <15BCC4D99E8CBF48A2FA37A318CFF5C801209CCC@wma2-exch1.NELCO-USA.net> X-MS-Has-Attach: yes X-MS-TNEF-Correlator: Thread-Topic: weekly activity report for week ending May 22, 2010 thread-index: Acr7WKpdCelRCiocT1eBY2YN5Ma8DA== From: "Mike LeBlanc" <[email protected]> To: "Keith Berube" <[email protected]>, "Ken Tarbell" <[email protected]> X-OriginalArrivalTime: 24 May 2010 15:49:18.0361 (UTC) FILETIME=[AB546890:01CAFB58]

  Read the article

• Cisco ASA5505 won't sync with NTP

  - by Martijn Heemels

  Today I noticed that the clock my Cisco ASA 5505 firewall was running about 15 minutes late, which surprised me since I've set up the NTP client. My two NTP servers 10.10.0.1 and 10.10.0.2 are virtualized Windows Server 2008 R2 domain controllers, and both have the correct time. As shown below, the ASA knows about the two servers, can ping them and seems to poll them periodically, so I suppose it can reach them both. The ASA claims its time source is NTP, however the clock is unsynchronized. Neither host is marked as synced. Result of the command: "ping 10.10.0.1" Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.10.0.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms Result of the command: "sh ntp ass" address ref clock st when poll reach delay offset disp ~10.10.0.1 .LOCL. 1 78 1024 377 0.5 643.69 17.0 ~10.10.0.2 10.10.0.1 2 190 1024 377 0.9 655.91 58.4 * master (synced), # master (unsynced), + selected, - candidate, ~ configured Result of the command: "sh ntp stat" Clock is unsynchronized, stratum 16, no reference clock nominal freq is 99.9984 Hz, actual freq is 99.9984 Hz, precision is 2**6 reference time is 00000000.00000000 (07:28:16.000 CEST Thu Feb 7 2036) clock offset is 0.0000 msec, root delay is 0.00 msec root dispersion is 0.00 msec, peer dispersion is 0.00 msec Result of the command: "sh clock detail" 10:33:23.769 CEDT Tue Jun 26 2012 Time source is NTP UTC time is: 08:33:23 UTC Tue Jun 26 2012 Summer time starts 02:00:00 CEST Sun Mar 25 2012 Summer time ends 03:00:00 CEDT Sun Oct 28 2012 I've tried the basic steps of manually setting the time and removing and adding the timeservers, to no avail. My ASA's ntp config is simply: ntp server 10.10.0.1 ntp server 10.10.0.2 Do I need to enable authentication to use a Windows NTP server? Any thoughts?

  Read the article

• 1 document pending in printer queue in System Tray that won't go away

  - by White Phoenix

  Edit: I didn't want to do it, but I restarted my computer - cleared the problem right away. Though if I were running a Windows 2003/2008 server, I would hate to have to restart the domain controller just to get rid of this irritating problem. If I run into this problem again, I'm going to try that remove printer/reinstall printer thing. Thanks for your help @Psychogeek. Points for your attempt. Running Windows 7, 32-bit Professional. My printer is an HP OfficeJet Wireless 8500. It's connected to my network wirelessly through TCP/IP as a standalone device. I was having some print problems awhile back and had to do some print spooler stuff as part of my troubleshooting (stopping the Print Spooler service, clearing the print spooler files from C:\Windows\System32\spool\PRINTERS and then restarting the service). I've finally narrowed it down to it being application specific, so that's that. However, as a leftover from all that troubleshooting, my printer icon is stuck in the tray - when I mouseover the icon, Windows says that there is 1 document(s) pending for my username. However, when I open up that printer's queue, there's nothing in there. I restarted the Printer Spooler service and also checked C:\Windows\System32\spool\PRINTERS if there's anything in there - nothing. I did a quick Google search and an answer from one of those "reps" at the Microsoft Socialnet site says for me to uninstall and reinstall the printer. The funny thing is, when I send print jobs, they print just fine - that 1 mystery document stuck in queue isn't stopping anything from happening. Short of having to do that, are there any other quick troubleshooting steps I may be missing?

  Read the article

• Can't get .htaccess to work

  - by orokusaki

  I'm using Apache2 on Ubuntu Lucid Lynx. I have config set to use .htaccess like normal. This is my default site: <VirtualHost *:80> ServerAdmin webmaster@localhost DocumentRoot /var/www <Directory /> Options FollowSymLinks AllowOverride All </Directory> <Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride All Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog /var/log/apache2/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog /var/log/apache2/access.log combined Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> </VirtualHost> I've tried lower case "all" (AllowOverride all) as well. My .htaccess file looks like this: //Rewrite all requests to www Options +FollowSymLinks RewriteEngine on RewriteCond %{HTTP_HOST} ^mydomain.com [nc] RewriteRule ^(.*)$ http://www.mydomain.com/$1 [r=301,nc] //301 Redirect "old_junk.html" File to "new_junk.html" Redirect 301 /old_junk.html /new_junk.html //301 Redirect Entire Directory "old_junk/" to "new_junk/" RedirectMatch 301 /old_junk/(.*) /new_junk//$1 // Copy and paste redirect examples from above: (with mydomain replaced with my actual domain... and my computer is plugged in)

  Read the article

• SpamAssassin bayesian score discrepancies

  - by CaptSaltyJack

  This makes my brain hurt. For some reason, SpamAssassin is giving high scores to certain emails, but when I test them on the command line, they get a low score. This one particular email has this in the header: X-Spam-Flag: YES X-Spam-Score: 8.521 X-Spam-Level: ******** X-Spam-Status: Yes, score=8.521 tagged_above=-9999 required=5 tests=[BAYES_99=3.5, BAYES_999=0.2, HTML_MESSAGE=0.001, NO_RECEIVED=-0.001, NO_RELAYS=-0.001, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.886, RAZOR2_CHECK=0.922, URIBL_RHS_DOB=1.514] autolearn=no Yet when I dump the raw email into a file msg and run sudo su amavis -c 'spamassassin -t msg', I get this output: Content analysis details: (3.8 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.5 URIBL_RHS_DOB Contains an URI of a new domain (Day Old Bread) [URIs: cliobeads.com] -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP 0.0 HTML_MESSAGE BODY: HTML included in message -0.0 BAYES_20 BODY: Bayes spam probability is 5 to 20% [score: 0.1855] 1.9 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level above 50% [cf: 100] 0.5 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50% [cf: 100] 0.9 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/) I'm really confused as to why when the email comes in, it gets a completely different score attached to it than when I run spamassassin -t. Is there some other way I should be testing emails? Also, my users have the ability to drag false positives into a folder called "False Positives," and every day a cron job fires off that runs this on every message in every user's folder: sa-learn --dbpath=/var/lib/amavis/.spamassassin --ham /tmp/*-*.eml >/dev/null I ran sudo locate bayes_toks and there's definitely only one bayes DB on the system, in /var/lib/amavis/.spamassassin. I'm clueless, any help would be great and may help restore my sanity!

  Read the article

• Should windows services be created with custom users, or should I use one of LocalSystem/LocalServic

  - by Justin Dearing

  I'm asking the question in general for the average custom developed NT service or unix OSS daemon ported to windows with SCM support. However, at the moment my immediate concern is for mongodb. From my experience with UNIX I like all my services to run as different unprivileged users. The way this has translated to windows is as follows: Create a local (or domain if it has to talk to SQL server) windows user with a long random password (lately an ASCII85 encoded guid generated from a different machine). Set it to next expire and forbid it from changing its password. Remove that user from the "Users Group". Grant that user "Login as a Service" permission. Give it read permission to the folder where the app resides, and write permission to the logs and data files the applications use. Assign the user to the service. Troubleshoot until the service starts. My feeling is that the unprivileged users are less powerful than the 3 special service users. I also feel that by isolating which users run which services, I would limit collateral damage if a way to compromise one service was found.

  Read the article

• 403 Forbidden when Deploying asp.net 4.0 site to IIS 7

  - by Jordan

  So I have an EC2 instance running, the URL NoWeatherSurprises.com I have the DNS pointing there, and I set up a new site in IIS 7 and pointed it to a folder. I used Visual Studios Web Developer 2010 express to publish to this folder. It now has the binaries and such. However if I go to NoWeatherSurprises.com I get the welcome to IIS 7 screen. I'd expect to go to my application If I navigate to http://noweathersurprises.com/weather/ [weather was the folder I published to under wwwroot] I get a 403 forbidden. I have no idea why, I am guessing that it is trying to do a directory listing or something instead of launching my MVC Application. So 2 problems in summary. It is not pointing the domain to the folder directly and I need to add /weather I am getting a 403 forbidden instead of the results of my home controller with the index action. I am new to IIS 7, I had been using IIS 6 and had a lot less trouble setting it up, but I suspect that's my own fault and i am just missing something. Thanks in advance for any help

  Read the article

• Apache wont start after attempting to install SSL

  - by yummm

  Below is what my VirtualHosts look like in httpd.conf <VirtualHost *:80> # Admin email, Server Name (domain name) and any aliases ServerAdmin [email protected] ServerName mydomain.com ServerAlias www.mydomain.com # Index file and Document Root (where the public files are located) DirectoryIndex index.php DocumentRoot /home/mydomain/public_html/mydomain.com/public # Custom log file locations LogLevel warn ErrorLog /home/mydomain/public_html/mydomain.com/log/error.log CustomLog /home/mydomain/public_html/mydomain.com/log/access.log combined </VirtualHost> <VirtualHost *:443> SSLEngine on SSLCertificateFile /etc/httpd/conf/ssl.crt/mydomain.com.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/mydomain.com.key ServerName mydomain.com DirectoryIndex index.php DocumentRoot /home/mydomain/public_html/mydomain.com/public </VirtualHost> I'm using the latest version of Apache on CentOS and there isn't any error being generated. Apache just will not start. Any ideas what I'm doing wrong? UPDATE - Found these messages in the error log: [Tue Mar 16 02:07:57 2010] [error] Init: Private key not found [Tue Mar 16 02:07:57 2010] [error] SSL Library Error: 218710120 error:0D094068:asn1 encoding routines:d2i_ASN1_SET:bad tag [Tue Mar 16 02:07:57 2010] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag [Tue Mar 16 02:07:57 2010] [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error [Tue Mar 16 02:07:57 2010] [error] SSL Library Error: 218734605 error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib

  Read the article

• Need troubleshooting advice for intermittent dns problems with requests on isp nameservers

  - by Mnebuerquo

  I've been having some intermittent dns problems with a web server, where certain isp's dns servers don't have my hostnames in cache and fail to look them up. At the same time, queries to opendns for those hostnames resolve correctly. It's intermittent, and it always works fine for me, so it's hard to identify the problem when someone reports connectivity problems to my site. My website is on a server running linux with Plesk. My dns records are configured with plesk (so my server is its own dns master). Domain name is registered with godaddy. I'm not real knowledgeable about dns, so I don't really know how to begin with troubleshooting. I've started learning to use dig, but while I can read the manpage to learn the syntax, I don't really know what questions to ask. Since the problem is intermittent I haven't been able to really catalog many symptoms. Symptoms I have observed: Certain people repeatedly reported intermittent problems connecting to my website. This was only from certain networks. (Ex: One guy could connect reliably from his office but not his home.) Sometimes I notice my browser taking a long time looking up the hostname for my site (Firefox shows a message in the status bar at the bottom). For me this is in the ten second range. ssh connections from anywhere to my server take a long time to connect but then seem to work fine once connected. So hopefully the folks on serverfault can point me to a good beginner tutorial for understanding dns, and suggest troubleshooting questions to ask next time one of my users reports connectivity problems.

  Read the article

• ssh connection slow when using @hostname.com but now when using @ipaddress

  - by Alex Recarey

  When connecting to a Debian server using ssh, if I use [email protected] (the IP address of hte server) the connection is instant. If however I use [email protected] (a DNS redirected to the IP address of the server) the ssh connection hangs for a 20 seconds before connecting successfully. The ssh logs show the following: [alex@alex home]$ ssh -v -v [email protected] OpenSSH_5.5p1, OpenSSL 1.0.0c-fips 2 Dec 2010 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug2: ssh_connect: needpriv 0 and here it hangs during 20 seconds before continuing. I think it might have something to do with reverse DNS or similar (the server does not really "know" it's name is hostname.com, it just has that DNS rediriected to its IP address). I have added the following options to /etc/ssh/sshd_config: UseDNS no GSSAPIAuthentication no to no effect. The server's DNS records in /etc/resolv.conf are configured correctly: ping hostname.com PING sub.domain.com (X.X.X.X) 56(84) bytes of data. 64 bytes from replicant (X.X.X.X): icmp_seq=1 ttl=64 time=0.029 ms 64 bytes from replicant (X.X.X.X): icmp_seq=2 ttl=64 time=0.050 ms?s Thanks for the help. Solution: It seems the DSL router my ISP saddled me with was causing the trouble. Changing my DNS server from 192.168.1.1 (router's IP) to google's (8.8.8.8, always good to know when you are in a hurry) instantly solved the connection delay problem. I am guessing that the 50€ router provided does not cache DNS entries, although I don't understand why pinging the DNS address had no delay, and 20 seconds is too long of a wait, even for uncached DNS. Tnanks again for the help!

  Read the article

• Windows clients unable to access Samba share on AD joined Linux box every 7 days

  - by Hassle2

  The problem: Every 7 days, 2 Windows Servers are unable to access a SMB/CIFS share. It will start working after a handful of hours. The environment: OpenFiler Linux box joined to 2003 AD Domain Foreground app on Win2003 server access the SMB/CIFS share with windows credentials Another process on Win2008 access the share via SQL Server with windows credentials The Samba version on the Linux box is 3.4.5. Security is set to ADS wbinfo and getent return back expected users and groups Does not look to be a double hop issue as it's always the 2 accounts, regardless of the calling user. There is a DNS entry in both forward and reverse lookup zone for the linux box The linux box's computer object in active directory shows that it was modified around/at the same time that the two clients started failing to access the share Trying to access the share via IP works when by name does not Rebooting the Windows server takes care of it (it's production and only restarted it once) Restarting smbd, winbind, nmbd had no effect Error in samba log for the client in question: smbd/sesssetup.c:342(reply_spnego_kerberos) Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE! The Question: Does this look like the machine account password is changing (hence the AD object showing the updated modified date) or are the two windows clients unable to request a new ticket that works against this linux box?

  Read the article

• Join ActiveDirectory (Win 2k8R2) to OpenDirectory(Snow Leopard)

  - by Tom O'Connor

  The vast majority of questions and so on regarding the interoperability of Active and Open directories involves getting Mac clients to see an AD and auth against it. What we'd like to do is get a Windows 7 workstation to auth completely against Open Directory. We tried setting it up as an NT4 type PDC, and that doesn't work satisfactorily. We tried using pGina and the LDAP backend, which allows Authentication, but has no support for Authorization, and as a result, if we mount an NFS Share, the user has the rights to do anything they damn well please. Not ideal for security (Totally bloody unacceptable, actually). We tried using a Samba server (newer version than on the Open Directory Server) as an intermediate, so that it knows about the LDAP server on the OD Server, but uses Samba 4 instead of v3. That didn't work either. We could login, but couldn't mount, and if we did, we had the same rights as with pGina. If we right-click the mounted drive in Windows, and have a look at NFS UID, it returns -2, not the correct (mapped) UID. So the final plan I've got is to use an Active Directory, inside a Windows 2008R2 Virtual Machine. What I want to achieve is to have the Active Directory sync it's user data from OpenDirectory (read-only would be fine). That way, we'd have the ability to connect Windows 7 clients to a "virtual domain" which would actually just grab information from OD's LDAP. All the information I've found is about how to go the other way. Does anyone know how we can do this?

  Read the article

• Kerberos service on win2k dc will not start following disk failure

  - by iwilson68

  Hi, I have a win2k (mixed mode domain) with 4 DCS. One of these also acts an exchange 2000 server which uses 2 logical volumes from an MSA 2000 array. AD etc is stored on local drives. We experienced a problem last week when the raid array fell back to a redundant controller and this temporarily meant that the two logical drives were not visible to the server for around 5 minutes and a couple of reboots. The log records these Events as Type: Warning Event Source: Disk Event Category: None Event ID: 51 Date: 06/11/2009 Time: 11:46:23 User: N/A Computer: server1 Description: An error was detected on device \Device\Harddisk1\DR1 during a paging operation. Following these problems, the server “kerberos Key Distribution” service refuses to start with an “error.31 a device attached to the system is not functioning”. All other automatic start services (including net logon) are running and there are no DNS issues etc. All devices are also functioning but the two logical MSA disks are now numbered in the Windows Disk Management MMC as 2 and 4 and I suspect that they may have previously been identified as disks 1 & 2 and perhaps windows still sees this as an ongoing failure?? Replication has not been affected but obviously there are many audit failures in the security log relating to users and workstations presumably linked to the Kerberos issue. Attempting to manually start the kerberos service generates the following in the System Log. Event Type: Error Event Source: Service Control Manager Event Category: None Event ID: 7023 Date: 09/11/2009 Time: 09:46:55 User: N/A Computer: Server1 Description: The Kerberos Key Distribution Center service terminated with the following error: A device attached to the system is not functioning. DCDIAG passes all tests except “Advertising” and “Services” which I believe relate directly to the failure of Kerberos only. Any advice would be appreciated.

  Read the article

• Apache mod_auth_kerb asking 2 authentication

  - by Rianto Wahyudi

  I've configured Apache to use mod_auth_kerberos. So far everything is working nicely for client thats connected to Active Directory and have their browser to ntlm enabled. When clients are not in the domain or the browser configurerd not to authenticate automatically, they are being prompted by 2 login prompt. The first login prompt is blank and the second one is the oen that we configured First Login prompt: http://www.screencast.com/t/ZGNlZTQwZm Second Login prompt : http://www.screencast.com/t/MDA2N2Fl From the log ( first authentication) : [Wed Jan 06 15:47:29 2010] [debug] src/mod_auth_kerb.c(1684): [client x.x.x.x] [pid 2562] kerb_authenticate_user entered with user (NULL) and auth_type Kerberos In the first loging prompt , I can put any text for username and password. Once the first login form submited, it will ask for the 2nd login prompt. Apache have following config : <Directory /web/apache2/htdocs> AllowOverride All AuthType Kerberos AuthName "Staff Access ONLY Kerb-Auth" KrbAuthRealms EXAMPLE.COM Krb5Keytab /etc/httpd/conf.d/example.ktab Allow from localhost Require valid-user <Directory> What could be the cause of the first authentication and how can I get rid of them ?

  Read the article

• exim4 redirect mail sent to *@domain1.example.com to *@domain2.example.com

  - by nightcoder

  Current situation: We have a VPS that hosts a website example.org. Exim is configured to work as a smarthost. All emails sent through exim are successfully relayed to another mail server (that is working on example.com). Goal: To forward mail sent to *@example.org to *@example.com, i.e. change the recipient's address from *@example.org to *@example.com. Problem: If I send email to address *@example.org, then it seems exim doesn't change the address, it still relays the message to another mail server but recipient is still *@example.org. Maybe the redirect is not applied for some reason. Configuration and logs: /etc/exim4/update-exim4.conf.conf: dc_eximconfig_configtype='smarthost' dc_other_hostnames='' dc_local_interfaces='' dc_readhost='example.org' dc_relay_domains='example.org' dc_minimaldns='false' dc_relay_nets='0.0.0.0/32' dc_smarthost='example.com::26' CFILEMODE='644' dc_use_split_config='false' dc_hide_mailname='true' dc_mailname_in_oh='true' dc_localdelivery='maildir_home' /etc/exim4/conf.d/router/999_exim4-config_redirect (created by me): domain_redirect: debug_print = "R: forward for $local_part@$domain" driver = redirect domains = example.org data = [email protected] (for now data is set to a specific address for simplicity and testing) exim log when sending email to [email protected] (should be redirected to [email protected]): 2012-03-20 19:40:07 1SA4ud-0005Dw-7k <= [email protected] U=www-data P=local S=657 2012-03-20 19:40:08 1SA4ud-0005Dw-7k => [email protected] R=smarthost T=remote_smtp_smarthost H=domain2.com [184.172.146.66] X=TLS1.0:RSA_AES_256_CBC_SHA1:32 DN="C=US,2.5.4.17=#13053737303932,ST=TX,L=Houston,STREET=Suite 400,STREET=11251 Northwest Freeway,O=HostGator.com,OU=HostGator.com,OU=Comodo PremiumSSL Wildcard,CN=*.hostgator.com" 2012-03-20 19:40:08 1SA4ud-0005Dw-7k Completed So, the address is not changed :( Please help! I'm trying to make it work for half a day already :(

  Read the article

• Help: Setup Outgoing Mail Server Only for Multiple Domains Using Postfix?

  - by user57697

  I want an outgoing mail server ONLY for multiple domains. I plan to use Postfix as that seems to be the easiest to setup being very new to Ubuntu/Linux. The setup I plan to have are as follows: I want to use virtual domain with postfix i.e. my multiple websites must be able to send an email from each their respective domains i.e. [email protected] is sent from my domain1.com website and [email protected] is sent from domain2.com website This is an outgoing mail server only i.e. I don't want any returned (or otherwise) email sent to my postfix server. Incoming mail is handled by Google Apps/Gmail and is already setup. I already set my SPF recording to designate my mx records and postfix server ip as valid email servers i.e. "v=spf1 mx include:mydomain.com -all" How can I achieve this? I'm frankly a little confused, so some help would be appreciated. I attempted to follow these guides here, but it doesn't seem right (and it isn't clear what all the settings mean): How to configure Postfix virtual domains http://www.sysdesign.ca/guides/postfix_virtual.html Postfix Installation *.slicehost.com/2008/7/29/postfix-installation Basic Postfix settings (main.cf) *.slicehost.com/2008/7/31/postfix-basic-settings-in-main-cf I can only post one link, but those articles above can be found by replacing * with articles in the hyperlink.

  Read the article

• FastCGI and Apache 500 error intermittently

  - by benkorn1

  Hello, I have a FastCGI (mod_fastcgi)problem. It happens every once in a while, and does not casue a complete server meltdown, just 500 errors. Here are a couple things. First I am using APC so PHP is in control of it's own processes, not FastCGI. Also, I have the webroot set as: /var/www/html And the fcgi-bin inside: /var/www/html/fcgi-bin First off here is the apache error_log: [Fri Jan 07 10:22:39 2011] [error] [client 50.16.222.82] (4)Interrupted system call: FastCGI: comm with server "/var/www/html/fcgi-bin/php.fcgi" aborted: select() failed, referer: http://www.domain.com/ I also ran strace on the 'fcgi-pm' process. Here is a snip from the trace around the time it bombs out: 21725 gettimeofday({1294420603, 14360}, NULL) = 0 21725 read(14, "C /var/www/html/fcgi-bin/php.fcgi - - 6503 38*", 16384) = 46 21725 alarm(131) = 0 21725 select(15, [14], NULL, NULL, NULL) = 1 (in [14]) 21725 alarm(0) = 131 21725 gettimeofday({1294420603, 96595}, NULL) = 0 21725 read(14, "C /var/www/html/fcgi-bin/php.fcgi - - 6154 23*C /var/www/html/fcgi-bin/php.fcgi - - 6483 28*", 16384) = 92 21725 alarm(131) = 0 21725 select(15, [14], NULL, NULL, NULL) = 1 (in [14]) 21725 alarm(0) = 131 21725 gettimeofday({1294420603, 270744}, NULL) = 0 21725 read(14, "C /var/www/html/fcgi-bin/php.fcgi - - 5741 38*", 16384) = 46 21725 alarm(131) = 0 21725 select(15, [14], NULL, NULL, NULL) = 1 (in [14]) 21725 alarm(0) = 131 21725 gettimeofday({1294420603, 311502}, NULL) = 0 21725 read(14, "C /var/www/html/fcgi-bin/php.fcgi - - 6064 32*", 16384) = 46 21725 alarm(131) = 0 21725 select(15, [14], NULL, NULL, NULL) = 1 (in [14]) 21725 alarm(0) = 131 21725 gettimeofday({1294420603, 365598}, NULL) = 0 21725 read(14, "C /var/www/html/fcgi-bin/php.fcgi - - 6179 33*C /var/www/html/fcgi-bin/php.fcgi - - 5906 59*", 16384) = 92 21725 alarm(131) = 0 21725 select(15, [14], NULL, NULL, NULL) = 1 (in [14]) 21725 alarm(0) = 131 21725 gettimeofday({1294420603, 454405}, NULL) = 0 I noticed that the 'select()' seems to stay the same regardless, however the read() changes its return from 46 to some other number while it is bombing out. Has anyone seen anything like this. Could this be some sort of file locking? Thanks, Ben

  Read the article

• DNS zone file SPF configuration to support sending mail from multiple servers and gmail

  - by Tauren

  I want to configure SPF on a domain to allow mail to be sent from: the x.com website server (x.com and www.x.com - both at same IP) it's MX servers (smtp.x.com, mx.x.com, mail.x.com) another server that isn't listed as an MX server (somehost.x.com) via gmail using an account that has authenticated use of [email protected] Will this zone file work? If not, what are the problems with it? $ttl 38400 @ IN SOA ns1.x.com. hostmaster.x.com. ( 201003092 ; serial 8H ; refresh 15M ; retry 1W ; expire 1H ) ; minimum @ NS ns1.x.com. @ NS ns2.x.com. @ MX 10 mx.x.com. @ MX 20 smtp.x.com. @ MX 30 mailhost.x.com. ; SPF records @ IN TXT "v=spf1 a mx a:somehost.x.com include:_spf.google.com ~all" mx IN TXT "v=spf1 a -all" smtp IN TXT "v=spf1 a -all" mailhost IN TXT "v=spf1 a -all" Questions: Is _spf.google.com the right thing to include for gmail.com, or is it only for Google Hosted Apps? If only for Google Apps, what should I include to send from gmail.com? If mail shouldn't be sent from anywhere else, is it safe to use -all instead of ~all? Does it make sense to add specific SPF records for each of the mail servers? Any other problems with the zone file? I want to confirm these things before making changes to my zone file. The file has SPF configured basically the same now, just without google.com and somehost, but I want to make sure I won't break things when I change it.

  Read the article

• Exchange 2010 Mail Enabled Public Folder Unable to Recieve External (anon) e-mail.

  - by Alex

  Hello All, I am having issues with my "Public Folders" mail enabled folders receiving e-mails from external senders. The folder is setup with three Accepted Domains (names changed for privacy reasons): 1 - domain1.com (primary & Authoritative) 2 - domain2.com (Authoritative) 3 - domain3.com (Authoritative) When someone attempts to send an e-mail to [email protected] from inside the organization, the e-mail is received and placed in the appropriate folder. However, when someone tries to send an e-mail from outside the organization (such as a gmail account), the following error message is received: "Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 554 554 Recipient address rejected: User unknown (state 14)." When I try to send an e-mail to the same folder, using the same e-mail address above ([email protected]), but with domain2.com instead of domain3.com, it works as intended (both internal & external). I have checked, double checked, and triple checked my DNS settings comparing those from domain2 & domain3 with them both appearing identical. I have tried recreating the folders in question with the same results. I have also ran Get-PublicFolderClientPermission "\Web Programs\folder" with the following results for user anonymous: RunspaceId : 5ff99653-a8c3-4619-8eeb-abc723dc908b Identity : \Web Programs\folder User : Anonymous AccessRights : {CreateItems} Domain2.com & Domain3.com are duplicates of each other, but only domain2.com works as intended. All other exchange functions are functioning properly. If anyone out there has any suggestions, I would love to hear them. I've just hit a brick wall. Thanks for all your help in advance! --Alex

  Read the article

< Previous Page | 506 507 508 509 510 511 512 513 514 515 516 517  | Next Page >