Search Results

Search found 21441 results on 858 pages for 'internet man'.

Page 512/858 | < Previous Page | 508 509 510 511 512 513 514 515 516 517 518 519 | Next Page >

Access router set up as a bridge behind another router

- by Alari Truuts

I have a problem my ISP is refusing to help me with, even though they put up the whole system. Specifications: There's a Thomson TG784 router through which the internet comes in to the building, Behind that (for some reason) is a Juniper NetScreen 5XT - 105 Firewall/Router? which leads to an AMX nxa-enet24 switch that carries the connections all over the building and a series of Apple AirPorts for wifi. Problem: The first router (Thomson) is required for ipTV (by Elion). The tv or ipTV box has to be connected straight to the Thomson router. My service provider cannot see the Thomson router from their side, but see the Juniper, so we might think the Thomson has been configured as a bridge. I need a way to access the Thomson router and see it's configurations, because currently, when connecting a Samsung tv to that router (with elion app for ipTV viewing) or even a computer, it cannot access the internet and even if it could, it would update the Thomson router software, losing it's configurations which I need to preserve. I'm unable to find out the Thomson routers ip address to connect to it, and when directly conencting with a cat5 cable, it doesn't give me an ip address. Hope someone can show me the correct direction for solving my issue. Thank you all for reading, and I appreciate any help, Alari Truuts

Read the article
Can 'screen' grab an existing process and tie itself to it?

- by warren

Scenario: Started a process that's going to take "a while" to complete outside of screen. Need to leave the terminal / netowrk hiccups Process lost Would be nice if: Started a process outside of screen Realize error Run screen <magic-goes-here> and it grabs the active process to itself From the man pages and --help info, I don't see a way this can be done. Is this possible directly with screen? If not, is it possible to change the owning shell of a process, so that the bash (or other shell of your choosing) instance inside screen can have a command run which will change the parent shell of the initial process to itself from the originator?

Read the article
Unable to send mail to hotmail from rackspace cloud

- by Jo Erlang

I'm having issue sending mail from postfix on a rackspace cloud instance for my domain. Hotmail says "550 SC-001 (SNT0-MC4-F35) Unfortunately, messages from 198.101.x.x weren't sent. Please contact your Internet service provider since part of their network is on our block list. " Here is the mail log Sep 20 08:02:59 mydomain postfix/smtpd[1810]: disconnect from localhost[127.0.0.1] Sep 20 08:02:59 mydomain postfix/smtp[1814]: 59CFF4B191: to=<[email protected]>, relay=mx3.hotmail.com[65.55.92.184]:25, delay=0.19, delays=0.1/0.01/0.06/0.01, dsn=5.0.0, status=bounced (host mx3.hotmail.com[65.55.92.184] said: 550 SC-001 (SNT0-MC4-F35) Unfortunately, messages from 198.101.x.x weren't sent. Please contact your Internet service provider since part of their network is on our block list. You can also refer your provider to http://mail.live.com/mail/troubleshooting.aspx#errors. (in reply to MAIL FROM command)) Sep 20 08:02:59 mydomain postfix/smtp[1814]: 59CFF4B191: lost connection with mx3.hotmail.com[65.55.92.184] while sending RCPT TO I have implemented rDNS, SPF and DKIM they all are looking fine. I have checked my IP and domain, on most of the spam black lists and it is listed as ok on those, (not listed as spamming IP) What should I try next?

Read the article
What is this component?

- by bAN

Hi everyone, i'm just looking an old mother board waiting for my favorite TVShow and and i wonder what's this component? Every motherboard i've seen have this kind of solenoid (I am sure that you already settled this question). But what is this? What is his function? If an hardware specialist can try to answer my question.. I will be an happy man.. I join a Picture.. Strange and mystic kind of solenoid.

Read the article
How do I capture my second monitor using avconv?

- by Codemonkey

With this command: avconv -f x11grab -s 2560x1440 -i :0.0 I can stream video from my main monitor. I also have a second, 1080p monitor on which I do my gaming. I want to stream from that monitor. This doesn't work: avconv -f x11grab -s 1920x1080 -i :0.1 I assume I have to use -i :0.0 and somehow specify that it should capture 1920x1080 pixels from X position 2560 and Y position 0. My gaming monitor is placed to the right of my main monitor. Unfortunately the man page for avconv is miles long, so I haven't had any luck figuring this out on my own. I have tried Using -vf with crop like this: -vcodec libx264 ... -vf "crop=$IN_WIDTH:$IN_HEIGHT:2560:360" But that only displayed 1080p video from the top left corner of my main display.

Read the article
How to secure Firefox traffic (+DNS) through SOCKS proxy under Ubuntu 10.04?

- by Maarx

I'm using Ubuntu 10.04, and starting a SOCKS proxy with 'ssh -D', and setting Ubuntu to use it with "System - Preferences - Network Proxy". Firefox uses the proxy, and the proxy's IP appears when I visit a site like http://www.whatismyip.com/. My question is, is Firefox resolving DNS requests through this proxy? Is my web-browsing truly secure? (That is, until I exit the other end of the proxy. I know it's insecure after that.) (And I've verified the keys, I'm not being man-in-the-middled) (And--screw it. You know what I mean. Is it resolving DNS requests through the proxy?) I don't know how I would go about verifying such a thing for myself. Using additional hardware such as another debugging proxy is not an option. If Firefox isn't resolving my DNS requests through the SOCKS proxy, how do I go about fixing it?

Read the article
Weird noise while scanning, using scanimage and a Canon Lide 35

- by Manu

I'm trying to scan a bunch of images, using xsane's scanimage : scanimage --format=tiff --batch --batch-prompt This command scans the first picture perfectly, but as soon as I press enter, the scanner makes a weird noise, and the scanning "arm" moves very, very slowly. If I stop scanimage and start again, it scans normally again. Is there another scanimage option that I need to add? I've checked the man page, but can't see what I'm missing. Edit: the problem seems to be that the scanning "arm" doesn't go back to it's original position after the first scan.

Read the article
[metasploit] Has anyone gotten multi/browser/java_signed_applet to work?

- by marc

Welcome, Today i want test following exploit "exploit/multi/browser/java_signed_applet" on my Ubuntu 10.04 desktop using Metasploit framework. I'm following that guide: http://pauldotcom.com/wiki/index.php/Episode185 When im trying to start exploit, i got error: JVM not initialized. You must install the Java Development Kit, the rjb ruby gem, and set the $JAVA_HOME variable. [-] Falling back to static signed applet. This exploit will still work, but the CERTCN and APPLETNAME variables will be ignored. I have installed sun-java6-jdk, and gem install rjb And patch to JAVA look working because: ls $JAVA_HOME bin ext jre LICENSE README.html COPYRIGHT include lib man THIRDPARTYLICENSEREADME.txt If anyone, have any idea... Except installation of backtrack what is not possible... Because i need use it on my Ubuntu, (have to virtualize XP for test) regards

Read the article
Google Chrome doesn't want to access Facebook

- by Pieter van Niekerk

I have been experiencing a bit of a problem with Chrome over the last couple of days where it doesn't want to access Facebook. When I open Chrome it works fine for a while and then if I were to refresh the page it would give me the Chrome 'This webpage is not available' message. This webpage is not available Google Chrome could not load the webpage because www.facebook.com took too long to respond. The website may be down, or you may be experiencing issues with your Internet connection. Here are some suggestions: Reload this webpage later. Check your Internet connection. Restart any router, modem, or other network devices you may be using. Add Google Chrome as a permitted program in your firewall's or antivirus software's settings. If it is already a permitted program, try deleting it from the list of permitted programs and adding it again. If you use a proxy server, check your proxy settings or contact your network administrator to make sure the proxy server is working. If you don't believe you should be using a proxy server, adjust your proxy settings: Go to the wrench menu Options Under the Hood Change proxy settings... LAN Settings and deselect the "Use a proxy server for your LAN" checkbox. This problem only persists when using the proxy and doesn't occur at all when not on the proxy. I have also tried different browsers (IE9 and Firefox 9.01) but it doesn't occur in any of them. This problem goes away for a while when I restart Chrome, only to happen again a couple of minutes later. I have tried deleting the cookies for Facebook without restarting Chrome, but to no avail. I am using Windows7 with Chrome 17

Read the article
Why won't dhclient use the static IP I'm telling it to request?

- by mike

Here's my /etc/dhcp3/dhclient.conf: request subnet-mask, broadcast-address, time-offset, routers, domain-name, domain-name-servers, domain-search, host-name, netbios-name-servers, netbios-scope, interface-mtu; timeout 60; reject 192.168.1.27; alias { interface "eth0"; fixed-address 192.168.1.222; } lease { interface "eth0"; fixed-address 192.168.1.222; option subnet-mask 255.255.255.0; option broadcast-address 255.255.255.255; option routers 192.168.1.254; option domain-name-servers 192.168.1.254; } When I run "dhclient eth0", I get this: There is already a pid file /var/run/dhclient.pid with pid 6511 killed old client process, removed PID file Internet Systems Consortium DHCP Client V3.1.1 Copyright 2004-2008 Internet Systems Consortium. All rights reserved. For info, please visit http://www.isc.org/sw/dhcp/ wmaster0: unknown hardware address type 801 wmaster0: unknown hardware address type 801 Listening on LPF/eth0/00:1c:25:97:82:20 Sending on LPF/eth0/00:1c:25:97:82:20 Sending on Socket/fallback DHCPREQUEST of 192.168.1.27 on eth0 to 255.255.255.255 port 67 DHCPACK of 192.168.1.27 from 192.168.1.254 bound to 192.168.1.27 -- renewal in 1468 seconds. I used strace to make sure that dhclient really is reading that conf file. Why isn't it paying attention to my "reject 192.168.1.27" and "fixed-address 192.168.1.222" lines?

Read the article
Ubuntu 10.4 Lucid Server Minimal Install: Slow terminal scrolling

- by noname

I have a minimal install of Ubuntu 10.4 Server for testing and learning purposes. There is a very annoying occurrance: whenever I try to "man dpkg" or any command that load a few screens length of text (eg. "ls -al") the redraw speed of the console is just way too slow. I can see how each new line causes the whole screen to redraw. Note: that this doesn't happen inside X. No gui is installed. I have been experimenting with adding vesafb to the grub line as some guides suggested, but no speedups happened. You might be able to reproduce this behaviour on your linux system by switching to terminal using CTRL+ALT+F1. Is there any way to speed scrolling up?

Read the article
Connecting 2 different subnet masks

- by Jonathan

I'm no network genius, but I have managed to get most things running. I get confused about subnets and gateways though. We have an office server connected to around 20 PC's that all communicate fine. We have just gotten a cutting machine that won't connect to our network. The server has DHCP, but that fails on the cutting machine, so I've been trying to set the IP manually. Server details are as follows: IP: 10.1.1.12 SUBNET: 255.255.255.0 GATEWAY: 10.1.1.1 Internet connection is via the modem which is 10.1.1.1 An office PC is ussually set up through DHCP and has the following settings: IP: 10.1.1.36 SUBNET: 255.255.255.0 GATEWAY: 10.1.1.1 PRIMARY DNS: 10.1.1.12 Cutting Machine computer has 2 network ports. 1 is specifically for the communication between the PC and the cutting machine. It's details must be as follows: IP: 10.100.100.2 SUBNET: 255.255.255.252 GATEWAY: BLANK The other network port need to connect to the server. I was told that the IP and SUBNET need to be as follows: IP: 10.100.100.1 SUBNET: 255.255.255.252 GATEWAY: ?? How can I connect this port to the server and/or the internet. If anyone can offer assistance, it would really be appreaciated.

Read the article
Linux bash: when to use egrep instead of grep?

- by Michael Mao

Hi all : I am preparing for a Linux terminal assessment now, I tried to Google and found most resources are referring to the basic "grep" rather than the more powerful "egrep" -- well, that is at least what the professor said in lecture. I am always working with small samples so performance tuning is a thing too far away. So basically I'd like to know are there any areas where I must switch to egrep to do it in a better way? Is it safe to work with basic "grep" as for now? will there be potential risks? Sorry about my limited knowledge on Linux shell commands, the man page looks like a maze to me and honestly I haven't put much time in understanding all the features both command provide.

Read the article
What is the difference between sar -B verses sar -W

- by Mark

I am trying to understand why my system is running slowly. I found the sar command, but wanted to know the difference between sar -B and sar -W I read the man page, and I understand that -B gives me the paging statistics and -W gives me the swapping statistics. What I would like to understand is the following: What is the correlation between the two sets of statistics. When should I be concerned about -B and when about -W? ie, what values from each command should I be concerned with? Which statistic is more closely related to system performance Thanks

Read the article
How do I use novnc on CentOS 6?

- by hyphen this

I came across novnc in a yum search, and wanted to use it so I installed. However, there is no information on how to actually use it. The novnc_server command exits with "Could not find vnc.html". The man page and --help menu are of no help. The README on github says: "Use the launch script to start a mini-webserver and the WebSockets proxy (websockify)." Which is also, of no help. The fedora and CentOS wiki have no info.

Read the article
Cisco Catalyst 3550 + Alteon 184 Load-Balancing Issues...

- by upkels

I have just deployed a couple Cisco Catalyst 3550 switches, and a couple Alteon 184 Web Switches for load-balancing. I can ping all RIPs and VIPs to/from the Alteon. Topology Before: (server) <- (Alteon) <- (Internet) Topology Now: (server) <- (3550) <- Alteon <- (Internet) Cisco Port Configuration (Alteon Uplink Port): description LB_1_PORT_9_PRIMARY switchport access vlan 10 switchport mode access switchport nonegotiate speed 100 duplex full Alteon Port 9 Configuration (VLAN 10 WAN): >> Main# /c/port 9/cur Current Port 9 configuration: enabled pref fast, backup gig, PVID 10, BW Contract 1024 name UPLINK >> Main# /c/port 9/fast/cur Current Port 9 Fast link configuration: speed 100, mode full duplex, fctl none, auto off Cisco Configuration (Load-Balanced Servers Port): description LB_1_PORT_1_PRIMARY switchport access vlan 30 switchport mode access switchport nonegotiate speed 100 duplex full Alteon Port 1 Configuration (VLAN 30 LOAD-BALANCED LAN): >> Main# /c/port 1/cur Current Port 1 configuration: enabled pref fast, backup gig, PVID 30, BW Contract 1024 name LB_PORT_1 >> Main# /c/port 1/fast/cur Current Port 1 Fast link configuration: speed 100, mode full duplex, fctl both, auto on Each of my servers are on vlan 10 and 30, properly communicating. I have tried to turn on VLAN tagging on the Alteon, however it seems to cause all communications to stop working. When I tcpdump -i vlan30 on any of the webservers, I see normal ARP communications, and some STP communications, which may or may not be part of the problem: ... 15:00:51.035882 STP 802.1d, Config, Flags [none], bridge-id 801e.00:11:5c:62:fe:80.8041, length 42 15:00:51.493154 IP 10.1.1.254.33923 > 10.1.1.1.http: Flags [S], seq 707324510, win 8760, options [mss 1460], length 0 15:00:51.493336 IP 10.1.1.1.http > 10.1.1.254.33923: Flags [S.], seq 3981707623, ack 707324511, win 65535, options [mss 1460], len gth 0 15:00:51.493778 ARP, Request who-has 10.1.3.1 tell 10.1.3.254, length 46 etc... I'm not sure if I've provided enough information, so please let me know if any more is necessary. Thank you!

Read the article
Multiple IP's using one NIC connectivity problem - Windows

- by Vincent

I have a frame relay network that is directly connected to a GPRS network. I also have a ADSL high speed network and recently I have been trying to achieve the following network configuration using windows 7 (Also tried XP) with no success to date. On one server I have two NIC's NIC1 I would like the following two static IP address's 10.0.1.110 and 10.0.1.200 the cisco router has a default gateway of 10.0.1.1 the ADSL is DHCP. NIC1 and the cisco router do not have access to the internet. NIC2 is setup for DHCP with a primary DNS and secondary DNS configured to enable internet connectivity. With NIC1 all incoming TCP connections are from IP address's starting with 10.192.x.x I cannot establish a TCP connection to both 10.0.1.110 and 10.0.1.200. Its either one or the other. I have a static route implemented in windows of: route -p 10.192.0.0 mask 255.255.0.0 10.0.1.1 metric 1 I have tried leaving out the gateway in the NIC1 and many other combinations with no success. Can anyone please help? What am I doing wrong?

Read the article
can Snort be installed on VPS?

- by jack

Hi Linux Admins I want the maximum security for my linux vps. I found many tutorials round the net but it doesn't cover the Snort. Only those like portentry, logsentry, tripwire and so on. So I'm beginning to think that Snort is not appropriate for a linux host. I think it's suitable only as a proxy/middle-man that checks traffic before passing to acutual targets. I'd like to whether Snort can be installed on VPS which serves typical servers like web/mail. Can Snort be in complict with OSSEC which I think it doesn't check the traffic but the log files only for Intrusion Detection/Anomaly? Thank you.

Read the article
Meta key in Terminal.app vs national characters

- by yacoob

I'm using Terminal.app, and I'd like to use emacs running inside - either locally, or after sshing to remote server. Problem is, I can't get working Meta modifier. Namely, if I enable 'Use option as meta key', Option key works like proper Meta, but I lose ability to enter Polish diacritics (aelósznzc), that are entered with right Option. If I disable 'Use option as meta key', my Meta is gone, but I can again use Polish characters. In this state they appear only with right Option modifier, so I guess it's Terminal.app's fault that it doesn't make a difference between left and right Option key, when the relevant preference is selected. What are my options then? Is there a good solution for my problem? I can always use ESC as a poor man's Meta replacement, but I don't like that idea.

Read the article
Postfix TLS issue

- by HTF

I'm trying to enable TLS on Postfix but the daemon is crashing: Sep 16 16:00:38 core postfix/master[1689]: warning: process /usr/libexec/postfix/smtpd pid 1694 killed by signal 11 Sep 16 16:00:38 core postfix/master[1689]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling CentOS 6.3 x86_64 # postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 disable_vrfy_command = yes home_mailbox = Maildir/ html_directory = no inet_interfaces = all inet_protocols = all local_recipient_maps = mail_owner = postfix mailbox_command = mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, localhost mydomain = domain.com myhostname = mail.domain.com mynetworks = 127.0.0.0/8 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES relay_domains = sample_directory = /usr/share/doc/postfix-2.6.6/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_tls_note_starttls_offer = yes smtp_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_cache.db smtp_use_tls = yes smtpd_delay_reject = yes smtpd_error_sleep_time = 1s smtpd_hard_error_limit = 20 smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks, reject_non_fqdn_hostname, reject_invalid_hostname, permit smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_pipelining, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_destination reject_rbl_client cbl.abuseat.org, reject_rbl_client bl.spamcop.net, permit smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sender_restrictions = permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, permit smtpd_soft_error_limit = 10 smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 550

Read the article
Is encryption really needed for having network security? [closed]

- by Cawas

I welcome better key-wording here, both on tags and title. I'm trying to conceive a free, open and secure network environment that would work anywhere, from big enterprises to small home networks of just 1 machine. I think since wireless Access Points are the most, if not only, true weak point of a Local Area Network (let's not consider every other security aspect of having internet) there would be basically two points to consider here: Having an open AP for anyone to use the internet through Leaving the whole LAN also open for guests to be able to easily read (only) files on it, and even a place to drop files on Considering these two aspects, once everything is done properly... What's the most secure option between having that, or having just an encrypted password-protected wifi? Of course "both" would seem "more secure". But it shouldn't actually be anything substantial. I've always had the feeling using any kind of the so called "wireless security" methods is actually a bad design. I'm talking mostly about encrypting and pass-phrasing (which are actually two different concepts), since I won't even consider hiding SSID and mac filtering. I understand it's a natural way of thinking. With cable networking nobody can access the network unless they have access to the physical cable, so you're "secure" in the physical way. In a way, encrypting is for wireless what building walls is for the cables. And giving pass-phrases would be adding a door with a key. So, what do you think?

Read the article
Can't log in using second domain controller when first DC is unreachable

- by rbeier

Hi, We're a small web development company. Our domain has two DCs: a main one (BEEHIVE, 192.168.3.20) in the datacenter and a second one (SPHERE2, 10.0.66.19) in the office. The office is connected to the datacenter via a VPN. We recently had a brief network outage in the office. During this outage, we weren't able to access the domain from our office machines. I had hoped that they would fail over to the DC in the office, but that didn't happen. So I'm trying to figure out why. I'm not an expert on Active Directory so maybe I'm missing something obvious. Both domain controllers are running a DNS server. Each office workstation is configured to use the datacenter DC as its primary DNS server, and the office DC as its secondary: DNS Servers . . . . . . . . . . . : 192.168.3.20 10.0.66.19 Both DNS servers are working, and both domain controllers are working (at least, I can connect to them both using AD Users + Computers). Here are the SRV records that point to the domain controllers (I've changed the domain name but I've left the rest alone): C:\nslookup Default Server: beehive.ourcorp.com Address: 192.168.3.20 set type=srv _ldap._tcp.ourcorp.com Server: beehive.ourcorp.com Address: 192.168.3.20 _ldap._tcp.ourcorp.com SRV service location: priority = 0 weight = 100 port = 389 svr hostname = beehive.ourcorp.com _ldap._tcp.ourcorp.com SRV service location: priority = 0 weight = 100 port = 389 svr hostname = sphere2.ourcorp.com beehive.ourcorp.com internet address = 192.168.3.20 sphere2.ourcorp.com internet address = 10.0.66.19 Does anyone have any ideas? Thanks, Richard

Read the article
Colour output piped to less

- by mmacaulay

Operating system: Mac OS 10.6.2 I'd like to be able to see colour output when piping certain commands through less. Two examples: I've got ls aliased to ls --color=auto, so I'd like to be able to see colour when I do this: ls -l | less I've also got the color extension turned on in Mercurial, so I'd like to see colour output from: hg diff | less and hg st | less After some googling, it seems like some versions of less support either -r or -R to make this work, but no dice for me. I can't see anything in the man page that looks like what I need. (-r or -R SEEM to be the right options, but again, they don't seem to work)

Read the article
Web Application Publishing on Citrix with Restricted Access

- by Kanini

We have a Citrix setup enabling users to access our applications from home. Basically, they login to our site using the Windows Authentication. Once, the are successfully logged in, they see the following icons Desktop - Full Screen (which provides them the Desktop as they would see when the login in our office) We now have a requirement where we would like to publish a web application, hxxp://ourlibrary on Citrix with the following security requirement. (this application is already accessible if the users launch the desktop and launch IE within it and navigate to it) The requirement is this - When the are successfully authenticated to our site, they should be able to see The Internet Explorer icon only, NOT the Dekstop - Full Screen icon. On clicking on the icon, Internet Explorer should open up and should automatically navigate to hxxp://ourlibrary They should not be able to access any other URL, such as Google, Hotmail etc., They should not be able to go FileOpen and Browse They should not be able to do FileSave and Browse In effect, they should be able to view the site and that should be it. Any ideas on how to accomplish the security feature? We have already published the application.

Read the article
Connection refused in ssh tunnel to apache forward proxy setup

- by arkascha

I am trying to setup a private forward proxy in a small server. I mean to use it during a conference to tunnel my internet access through an ssh tunnel to the proxy server. So I created a virtual host inside apache-2.2 running the proxy, the proxy_http and the proxy_connect module. I use this configuration: <VirtualHost localhost:8080> ServerAdmin xxxxxxxxxxxxxxxxxxxx ServerName yyyyyyyyyyyyyyyyyyyy ErrorLog /var/log/apache2/proxy-error_log CustomLog /var/log/apache2/proxy-access_log combined <IfModule mod_proxy.c> ProxyRequests On <Proxy *> # deny access to all IP addresses except localhost Order deny,allow Deny from all Allow from 127.0.0.1 </Proxy> # The following is my preference. Your mileage may vary. ProxyVia Block ## allow SSL proxy AllowCONNECT 443 </IfModule> </VirtualHost> After restarting apache I create a tunnel from client to server: #> ssh -L8080:localhost:8080 <server address> and try to access the internet through that tunnel: #> links -http-proxy localhost:8080 http://www.linux.org I would expect to see the requested page. Instead a get a "connection refused" error. In the shell holding open the ssh tunnel I get this: channel 3: open failed: connect failed: Connection refused Anyone got an idea why this connection is refused ?

Read the article

< Previous Page | 508 509 510 511 512 513 514 515 516 517 518 519 | Next Page >