Search Results

Search found 1965 results on 79 pages for 'salt packets'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 53/79 | < Previous Page | 49 50 51 52 53 54 55 56 57 58 59 60  | Next Page >

  • tcp flags in iptables: What's the difference between RST SYN and RST and SYN RST ? When to use ALL?

    - by Kris
    I'm working on a firewall for a virtual dedicated server and one of the things I'm looking into is port scanners. TCP flags are used for protection. I have 2 questions. The rule: -p tcp --tcp-flags SYN,ACK,FIN,RST SYN -j DROP First argument says check packets with flag SYN Second argument says make sure the flags ACK,FIN,RST SYN are set And when that's the case (there's a match), drop the tcp packet First question: I understand the meaning of RST and RST/ACK but in the second argument RST SYN is being used. What's the difference between RST SYN and RST and SYN RST ? Is there a "SYN RST" flag in a 3 way handshake ? Second question is about the difference between -p tcp --tcp-flags SYN,ACK,FIN,RST SYN -j DROP and -p tcp --tcp-flags ALL SYN,ACK,FIN,RST SYN -j DROP When should ALL be used ? When I use ALL, does that mean if the tcp packet with the syn flag doesn't have the ACK "and" the FIN "and" the RST SYN flags set, there will be no match ?

    Read the article

  • Connect wired-only devices to a remote wireless access point?

    - by billpg
    Hi everyone. In building A, I have a Netgear wireless access point using WPA2. Works great, no problems. In building B, I have some devices that only have wired Ethernet ports. They can't see my access point. What I need is a gizmo that connects over-the-air to my access point in building A, talks WPA2, and converts the packets to and from a wired Ethernet port. Netgear-access-point in building A      (WPA2 WiFi) Wireless bridge device          <-- Looking for this.      (Cat5 ethernet) My devices in building B. I've looked for devices on Amazon, but the descriptions are infuriatingly unclear. It says it supports WPA2, but does it support it as a client? Grrr... Any recommendations please?

    Read the article

  • Routing for IPSec tunnel

    - by Emre A
    Hello. For Juniper NetScreen-NS25, I configured a site-to-site IPSec tunnnel. For the outside interface of remote site, I also needed to go through tunnel which has the same IP as IPSec gateway. Now, when I add static route to route that outside interface IP through tunnel while tunnel is up, there would be no problem at all but if the tunnel is down for some reason, it cannot be re-established as the routing for the IPSec gateway IP which is the same as outside interface IP is set to go through tunnel which it needed to re-etablish at that time. So, packets won't hit that IP. I tried adding another routing entry which has metric 2 through other gateway but it did'nt succeeded. So, what type of routing should I configure to reach that IP when tunnel is down. Thanks in advance.

    Read the article

  • Full speed internal switch bandwidth but per-port set external bandwidth?

    - by garg
    I am in an environment where all the machines are behind a switch that I don't have access to. Each ethernet wall port has limited bandwidth depending on how much has been paid for each port. The problem is that some people have 10Mbps connections and some have 100Mbps connections and this causes problems with local intranet file transfers and operating system/software deployments. Operating systems can take hours to be deployed if the machine is on 10mbps. Do you know if it is possible with most switches to set a rule that would limit bandwidth coming in/going out to an extranet, but keep full bandwidth if the packets are destined to go to a local machine? For example, the internet might be limited to 10Mbps, but internal servers would get gigabit speeds? Thanks

    Read the article

  • Samba - Is my server vulnerable to CVE-2008-1105?

    - by Joao Heleno
    Hi! I have a CentOS server that is running Samba and I want to verify the vulnerability addressed by CVE-2008-1105. What scenarios can I build in order to run the exploit that is mentioned in http://secunia.com/advisories/cve_reference/CVE-2008-1105/? http://secunia.com/secunia_research/2008-20/advisory/ says that "Successful exploitation allows execution of arbitrary code by tricking a user into connecting to a malicious server (e.g. by clicking an "smb://" link) or by sending specially crafted packets to an "nmbd" server configured as a local or domain master browser." More info: http://www.samba.org/samba/security/CVE-2008-1105.html http://secunia.com/secunia_research/2008-20/advisory/

    Read the article

  • Random flickering on 2.6.32 kernels after suspend

    - by whitequark
    I have XUbuntu 9.10 installed on a Toshiba NB200 netbook with Intel video card that's handled with i915 driver. With 2.6.31 stable, recommended kernel everything but WiFi works fine: Atheros ath9k WiFi shows too small signal power and loses packets in 'bursts' sometimes. With 2.6.32-* (I tested -9 to -11 from Ubuntu's kernel unstable ppa) everything works fine just prior to first suspend: echo mem >/sys/power/state. After it random unidentified fullscreen 'one-frame' flickering begins in Xorg, and after a couple of minutes everything eventually hangs while showing filled grey (not white; it is like default button colour) screen; no X keys are working: Ctrl+Alt+Fn don't, blind typing in console too. Magic SysRq still works and I was able to reboot. Also there is one out-of-tree kernel module called omnibook that is required to turn on WiFi and Bluetooth. Any advices?

    Read the article

  • Shaping outbound Traffic to Control Download Speeds with Linux

    - by Kyle Brandt
    I have a situation where a server makes lots of requests from big webservers all at the same time. Currently, I have not control over the amount of requests or the rate of the requests from the application that does this. The responses from these webservers is more than the internet line can handle. (Basically, we are launching a DoS on ourselves). I am going to get push to get this fixed at the application level, but for the time being, is there anyway I can use traffic shaping on the Linux server to control this? I know I can only shape outbound traffic, but maybe there is a way I can slow the TCP responses so the other side will detect congestion and this will help my situation? If there is anything like this with tc, what might the configuration look like? The idea is that the traffic control might help me control which packets get dropped before they reach my router.

    Read the article

  • private address in traceroute results

    - by misteryes
    I use traceroute to check paths on a remote host, and I notice that there are some private IPs, like 10.230.10.1 bash-4.0# traceroute -T 132.227.62.122 traceroute to 132.227.62.122 (132.227.62.122), 30 hops max, 60 byte packets 1 194.199.68.161 (194.199.68.161) 1.103 ms 1.107 ms 1.097 ms 2 sw-ptu.univ.run (10.230.10.1) 1.535 ms 1.625 ms 2.172 ms 3 sw-univ-gazelle.univ.run (10.10.20.1) 6.891 ms 6.937 ms 6.927 ms 4 10.10.5.6 (10.10.5.6) 1.544 ms 1.517 ms 1.518 ms why there are private addresses near the host? what are the purposes that these private addresses are used? I mean why they want to put the public IP behind private IPs? thanks!

    Read the article

  • Not Able To Connect to Shared Resource

    - by bobber205
    We are using an older version of BartPE and are not able to connect to shared folders on our subnet. It says the network name could not be found. Connecting to the shared folder on the machine that is hosting it works fine. Any ideas on what might cause this? Thanks! Edit1: Got wireshark running and monitored traffic from the offending machine and tried to map. ZERO packets from the other machine were seen. :(

    Read the article

  • Bridging VirtualBox over OpenVPN TAP adapter on Windows

    - by Sean Edwards
    I'm trying to configure a virtual machine (VirtualBox guest running Backtrack 4) with a bridged adapter over a VPN connection. The VPN is is hosted by the cybersecurity club at my university, and connects to a sandboxed LAN designed for penetration testing against various servers that the club has built. My host (Windows 7 Ultimate) connects to the VPN fine and is assigned an IP through DHCP, but for some reason the VM can't do the same thing, and I'm not sure why. It's like OpenVPN is filtering out packets from the MAC address it doesn't recognize. I want the virtual machine to bridge over the VPN connection, because our IT office has very strict policies about what you can and can't do on the network. I want to be able to run active attacks (ARP spoofing, nmap, Nessus scans) in the sandbox environment without risking the traffic accidentally going over the university network and getting my internet access revoked. Bridging over the VPN connection and running all attacks from inside the VM would solve that problem. Any idea why the host can use this interface, but the VM can't?

    Read the article

  • benchmark tcp: ab or iperf like tool to send hex/binary/pcap data?

    - by olan
    Hello all, I have written a server in Twisted for a current project I'm working on, and now I need to test it. It receives TCP packets, with the payload consisting of just a serialised binary string. I want to be able to test the server for concurrency/throughput using the binary data as the payload, but can not find any tool that will allow me to do this. I tried iperf -F but it didn't work, as I think it was sending the binary/hex data as chars. I've also looked at ab which seems to be perfect - if only for http. As well as these, I've had a look at tcpreplay, but it doesn't perform any testing (or establish TCP connections) so it's not much use. Any help would be greatly appreciated as I'm rather stuck on this one!

    Read the article

  • Can Linux works as 802.1X authenticator in bridge mode ?

    - by Kartoch
    I want to create a lab for my students with netkit (a network emulator based on 802.1X) to study 802.1X. I can create the authentication server (FreeRadius) and configure the client with XSupplicant connected by a switch (a Linux in bridge mode). I'm looking to a way to configure the switch as Authenticator, i.e.: when the client is connected, the switch only forwards EAP packets to the authentication server. then the switch lets the user access to the local network when the authentication server authorizes the client. At the present time there is a lot of documentation to do this with a wireless point but no one for a switch. Does anyone have an idea or know the good software for it ?

    Read the article

  • Connecting both WAN and LAN ports to the same hub

    - by C. Lee
    For some reason I wish to connect the WAN port and the LAN port on a router to the same hub and make the hub is connected to both networks, the Internet and a private network. Below is a diagram of the network configuration I'd like to build. I tried this and it didn't work as expected. PC 1 has no problem, but PC 2 cannot connect to the Internet. When I ping 192.168.0.1 from PC 2, all packets are lost. It works well when PC 2 is connected directly to the router. What's the problem with the network configuration above?

    Read the article

  • dhclient configures /etc/resolv.conf with invalid entry

    - by kubal5003
    I'm trying to figure out why running dhclient on my interface sets /etc/resolv conf to the ip number of my gateway(router). This entry is invalid and each and every time causes inability to resolve any address. I would like to: stop dhclient from overwriting the /etc/resolv.conf or make dhclient write there the valid dns ip from my router More on the environment: I'm using virtual Debian Wheezy as a client system on Windows Seven x64. It is run by Virtualbox with networking mode set to bridged (all packets from debian are injected to my network interface on windows). If I manually configure the /etc/resolv.conf then everything works fine. Doing this on every boot is quite annoying.. PS I know I can write a script to do it for me, but this is not the solution I want. //edit router ip: 192.168.1.100 /etc/resolv.conf AFTER running dhclient eth0: "nameserver 192.168.1.100" what I would like the /etc/resolv.conf to look like: "nameserver 89.202.xxxx" (I don't have to provide the real ip do I? )

    Read the article

  • Suddenly blocked from a site

    - by Diego Romero
    Suddenly from a time to now I haven't been able to go to a site I used to go frequently for maintenance (Wordpress). I tried different browsers, restarting my laptop, clearing cache, history, cookies. Also did a ping to the site ip, go 4 packets send and 4 lost. This is a problem I think with only my laptop, since I've been able to go into the site from other devices in the same network. I have also tried connecting to the same site from a completely different network with the same problem. I really don't know what to do about this, any advices? PS: site hosted in wp engine if that has anything to do with this problem.

    Read the article

  • dd-wrt Bonjour/ netbios etc on two subnets

    - by user72182
    Hi I was wondering if any clever people out there could help me. I have a network setup with two different subnets 192.168.1.0 and 192.168.0.0 one router is connected to a VPN (via OpenVPN) the other is not. Both routers have static routes to each other and a device on one can communicate to another without issues when using IP addresses. My problem is I want to use services like Bonjour, Netbios and Apple Talk across the two networks, which currently does not work. A laptop connected on one subnet will not see a laptop connected on another. Is there anyway that you can connect the two networks together so these sort of local service will work??? I guess I have to forward the boardcast packets but I have no idea how to do this. Thanks for any help...

    Read the article

  • Multicasting and multicast address

    - by Zia ur Rahman
    I have confusion about the multicast addresses, I have read an example which is given by. Suppose two applications have been built to send audio over a network. One application accepts and digitizes an audio input stream, and then sends the resulting frame across the network to other application. The second application receives the digitized audio from the network, converts it back to the audio signal and plays the result over a speaker. Unless the two applications use broadcast to send frames, no other computers on the network will receive a copy of the frame. Multicasting provides an excellent solution to the problems of allowing some computers to participate in audio transmission. To use multicasting , a multicast address must be chosen for the audio application. And the receiving application passes the multicast address to the network interface. The interface begins to accept the packets sent to that address. Question: how this multicast address is chosen, how the receiving application knows that the sender using this specific destination address for the audio frames.

    Read the article

  • Problem in listening to multicast in multihomed Linux server

    - by Lior
    I am trying to write a multicast client on a machine with two NICs, and I can't make it work. I can see with a sniffer that once I start the program the NIC (eth4) start receiving the multicast datagrams: y.y.y.y. (some ip) - z.z.z.z (multicast ip, not my eth4 NIC IP) UDP Source port: kkk (some other port) Destination port: xxx (multicast port) However, I can't get those packets using my program (listening to port xxx on eth4). I also added: route add 224.0.0.0 netmask 240.0.0.0 dev eth4 Searched the web for some examples/explanations, but it seems like I do what everybody else does. Any help will be appreciated. is there anything else to do with route/iptables?

    Read the article

  • PSAD Firewall/ UDP flood?

    - by Asad Moeen
    Well I'm actually trying to block a UDP Flood on the Application port because the string "getstatus" is causing my application to make large output due to a small input to the attacker's IP. I installed PSAD firewall to do the job. psad -S shows 3000,000 logged packets at the application port and top ports in Scan but does not block the IP of the attacker however other IP Addresses with small number of connections are dropped. I'm thinking that since output is also being made to the attacker, this is why its not getting blocked because iptables rate-limiting is also exactly doing the same thing and not blocking the IP where outgoing connection is also made. Any guesses why it won't work?

    Read the article

  • Public Facing Recursive DNS Servers - iptables rules

    - by David Schwartz
    We run public-facing recursive DNS servers on Linux machines. We've been used for DNS amplification attacks. Are there any recommended iptables rules that would help mitigate these attacks? The obvious solution is just to limit outbound DNS packets to a certain traffic level. But I was hoping to find something a little bit more clever so that an attack just blocks off traffic to the victim IP address. I've searched for advice and suggestions, but they all seem to be "don't run public-facing recursive name servers". Unfortunately, we are backed into a situation where things that are not easy to change will break if we don't do so, and this is due to decisions made more than a decade ago before these attacks were an issue.

    Read the article

  • Packet loss with all adapters on one PC only on the LAN

    - by Enigmativity
    I have a Windows 7 64-bit machine that is losing up to 20% of IP packets on both adapters - wireless & LAN. Browser traffic appears to be affected the most, but it is happening to all protocols. All other computers on the network are functioning fine. If I ping from my faulty machine to any machine on the LAN (wired or wirelessly), including the router/gateway and internet sites, I get up to 20% packet loss. If I do the following commands: ipconfig /release ipconfig /renew then I sometimes get my network performance back for a matter of a few seconds to less than a couple of minutes. Rebooting also works for a short period of time. This problem has been occurring for a couple of months and is getting worse. The computer used to work just fine. I updated the wireless adapter firmware the other day with no effect. Does anyone know what is happening?

    Read the article

  • Belkin router issue

    - by walr1
    Hi, My cousin and I bought a wireless Belkin router for testing purposes. Please keep in mind for all of our tests there is no ethernet cable plugged in, just the router's power cord. We have been trying to "flood" it with PING requests on its default address 192.168.2.1, but it isn't doing a thing; not even logging any attempts of too many requests. I've disabled the firewall, disabled PING request block, etc. Any idea why this thing isn't being affected? We sent 4 million packets and it hasn't done a thing. Quite odd! Thanks.

    Read the article

  • SYN flooding still a threat to servers?

    - by Rob
    Well recently I've been reading about different Denial of Service methods. One method that kind of stuck out was SYN flooding. I'm a member of some not-so-nice forums, and someone was selling a python script that would DoS a server using SYN packets with a spoofed IP address. However, if you sent a SYN packet to a server, with a spoofed IP address, the target server would return the SYN/ACK packet to the host that was spoofed. In which case, wouldn't the spoofed host return an RST packet, thus negating the 75 second long-wait, and ultimately failing in its attempt to DoS the server?

    Read the article

  • Just one client bound to address and port: does it make a difference broadcast versus unicast in terms of overhead?

    - by chrisapotek
    Scenario: I am implementing failed over for a network node, so my idea is to make the master node listens on a broadcast ip address and port. If the master node fails, another failover node will start listening on this broadcast address (and port) and take over. Question: My concern is that I will be using a broadcast IP address just for a single node: the master. The failover node only binds if the master fails, in other words, almost never. In terms of network/traffic overhead, is it bad to talk to a single node through a broadcast address or the network somehow is smart enough to know that nobody else is listening to this broadcast address and kind of treat it as a unicast in terms of overhead? My concern is that I will be flooding my network with packets from this broadcast address even thought I am just really talking to a single node (the master). But I can't use unicast because the failover node has to be able to pick up the master stream quickly and transparently in case it fails.

    Read the article

  • PuTTY/SSH: How to Prevent Auto-Logout?

    - by feklee
    My ISP's SSH server (Debian 2.0) logs me out after 35 minutes of inactivity, when connected with PuTTY (Windows XP). This is a big problem when I utilize the server for port-forwarding. The final messages displayed in the terminal: This terminal has been idle 30 minutes. If it remains idle for 5 more minutes it will be logged out by the system. Logged out by the system. PuTTY options that do not help: Sending of null packets to keep session active. Seconds between keepalives (0 to turn off): 30 [x] Enable TCP keepalives (SO_KEEPALIVE option) Any idea how to avoid the auto-log-out? Should I try another SSH client?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 49 50 51 52 53 54 55 56 57 58 59 60  | Next Page >