Search Results

Search found 22600 results on 904 pages for 'remote connection'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 535/904 | < Previous Page | 531 532 533 534 535 536 537 538 539 540 541 542  | Next Page >

  • How can I effectively block torrenting?

    - by Chauncellor
    My WNR1000v3 is serving six people and two of them have decided that despite my warnings they're going to torrent heavily all day. Not dealing with that crap I decided to reserve their IPs and set up port blocking 1000-65535 at all times of the day. However.... looking at the log reveals that stuff is still going through. Half of the entries are saying: [LAN access from remote] from <externalIP>:16001 to 192.168.1.7:18946 Friday, Oct 12,2012 22:47:05 and half are saying: [Service blocked: BlockTorrents] from source 192.168.1.7, Friday, Oct 12,2012 22:46:26 Is this because of uPNP? Or does the 'block services' feature Netgear has only work with outgoing connections? Is there something that I'm missing? If it is indeed uPNP, how could I effectively block their torrenting without hurting everyone's use of services like Skype, Playstation Network, etc.?

    Read the article

  • Optimized CSF LFD to miminize false positive emails on new install? Centos6.2 + ISPConfig3

    - by Damainman
    I have a remote dedicated server running CentOS 6.2 x64bit with ISPConfig3. This is a brand new install. Server Purpose: Basic LAMP Web Hosting with PureFTPD, BIND, CLAMAV, RKHunter. Any advice or link to a guide which will clearly explain how to optimize the CSF+LFD configuration is greatly appreciated. I am not exactly sure on where to start what I shouldn't loosen the restrictions on. At the moment my inbox is flooding with alerts from LFD such as: Suspicious process running under user postfix Excessive resource usage: haldaemon Account: haldaemon Resource: Process Time Exceeded: 1823 1800 (seconds) Executable: /usr/sbin/hald Command Line: hald PID: 1031 Killed: No Excessive resource usage: amavis Time: Tue Jun 5 12:43:35 2012 -0700 Account: amavis Resource: Virtual Memory Size Exceeded: 330 200 (MB) Executable: /usr/bin/perl Command Line: amavisd (virgin child) PID: 27931 Killed: No Excessive resource usage: apache Time: Tue Jun 5 12:35:33 2012 -0700 Account: apache Resource: Virtual Memory Size Exceeded: 437 200 (MB) Executable: /usr/sbin/httpd Command Line: /usr/sbin/httpd PID: 27286 Killed: No

    Read the article

  • Windows DNS Server 2008 R2 fallaciously returns SERVFAIL

    - by Easter Sunshine
    I have a Windows 2008 R2 domain controller which is also a DNS server. When resolving certain TLDs, it returns a SERVFAIL: $ dig bogus. ; <<>> DiG 9.8.1 <<>> bogus. ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 31919 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;bogus. IN A I get the same result for a real TLD like com. when querying the DC as shown above. Compare to a BIND server that is working as expected: $ dig bogus. @128.59.59.70 ; <<>> DiG 9.8.1 <<>> bogus. @128.59.59.70 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30141 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;bogus. IN A ;; AUTHORITY SECTION: . 10800 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2012012501 1800 900 604800 86400 ;; Query time: 18 msec ;; SERVER: 128.59.59.70#53(128.59.59.70) ;; WHEN: Wed Jan 25 14:09:14 2012 ;; MSG SIZE rcvd: 98 Similarly, when I query my Windows DNS server with dig . any, I get a SERVFAIL but the BIND servers return the root zone as expected. This sounds similar to the issue described in http://support.microsoft.com/kb/968372 except I am using two forwarders (128.59.59.70 from above as well as 128.59.62.10) and falling back to root hints so the preconditions to expose the issue are not the same. Nevertheless, I also applied the MaxCacheTTL registry fix as described and restarted DNS and the whole server as well but the problem persists. The problem occurs on all domain controllers in this domain and has occurred since half a year ago, even though the servers are getting automatic Windows updates. EDIT Here is a debug log. The client is 160.39.114.110, which is my workstation. 1/25/2012 2:16:01 PM 0E08 PACKET 000000001EA6BFD0 UDP Rcv 160.39.114.110 2e94 Q [0001 D NOERROR] A (5)bogus(0) UDP question info at 000000001EA6BFD0 Socket = 508 Remote addr 160.39.114.110, port 49710 Time Query=1077016, Queued=0, Expire=0 Buf length = 0x0fa0 (4000) Msg length = 0x0017 (23) Message: XID 0x2e94 Flags 0x0100 QR 0 (QUESTION) OPCODE 0 (QUERY) AA 0 TC 0 RD 1 RA 0 Z 0 CD 0 AD 0 RCODE 0 (NOERROR) QCOUNT 1 ACOUNT 0 NSCOUNT 0 ARCOUNT 0 QUESTION SECTION: Offset = 0x000c, RR count = 0 Name "(5)bogus(0)" QTYPE A (1) QCLASS 1 ANSWER SECTION: empty AUTHORITY SECTION: empty ADDITIONAL SECTION: empty 1/25/2012 2:16:01 PM 0E08 PACKET 000000001EA6BFD0 UDP Snd 160.39.114.110 2e94 R Q [8281 DR SERVFAIL] A (5)bogus(0) UDP response info at 000000001EA6BFD0 Socket = 508 Remote addr 160.39.114.110, port 49710 Time Query=1077016, Queued=0, Expire=0 Buf length = 0x0fa0 (4000) Msg length = 0x0017 (23) Message: XID 0x2e94 Flags 0x8182 QR 1 (RESPONSE) OPCODE 0 (QUERY) AA 0 TC 0 RD 1 RA 1 Z 0 CD 0 AD 0 RCODE 2 (SERVFAIL) QCOUNT 1 ACOUNT 0 NSCOUNT 0 ARCOUNT 0 QUESTION SECTION: Offset = 0x000c, RR count = 0 Name "(5)bogus(0)" QTYPE A (1) QCLASS 1 ANSWER SECTION: empty AUTHORITY SECTION: empty ADDITIONAL SECTION: empty Every option in the debug log box was checked except "filter by IP". By contrast, when I query, say, accounts.google.com, I can see the DNS server go out to its forwarder (128.59.59.70, for example). In this case, I didn't see any packets going out from my DNS server even though bogus. was not in the cache (the debug log was already running and this is the first time I queried this server for bogus. or any TLD). It just returned SERVFAIL without consulting any other DNS server, as in the Microsoft KB article linked above.

    Read the article

  • How can I connect to a Windows server using a Command Line Interface? (CLI)

    - by HopelessN00b
    Especially with the option to install Server Core in Server 2008 and above, connecting to Windows servers over a CLI is increasingly useful ability, if not one that's very widespread amongst Windows administrators. Practically every Windows GUI management tool has an option to connect to a remote computer, but there is no such option present in the built-in Windows CLI (cmd.exe), which gives the initial impression that this might not be possible. Is it possible to remotely management or administer a Windows Server using a CLI? And if so, what options are there to achieve this?

    Read the article

  • Strongswan and OpenVPN together

    - by cmorgia
    I have an host in Amazon EC2 which is configured with an OpenVPN Access Server. The only client to this server is acting as a gateway from a private network. I installed StrongSWAN 5 on the same host to allow windows 7 and iOS clients to connect using IPSEC. Both services works but what I cannot figure out is how to configure StrongSWAN to consider the OpenVPN tunnel endpoint as the only gateway available to clients. Basically I want all the traffic that comes from IPSEC clients to be entirely forwarded to the OpenVPN tunnel. The remote OpenVPN client that is exposing the private network has forwarding enabled and appropriate masquerading configured. The only missing point is to have the OpenVPN tunnel as the gateway for IPsEC clients

    Read the article

  • How to bypass AllowTCPFowarding=no by installing own forwarder?

    - by Eric B.
    In the man pages for sshd_config, for the AllowTCPForwarding option, it states: AllowTcpForwarding Specifies whether TCP forwarding is permitted. The default is “yes”. Note that disabling TCP forwarding does not improve security unless users are also denied shell access, as they can always install their own forwarders. How do I install my own forwarder? I have a remote server in which I disabled TCPForwarding a long while ago. I would like to "enable" it for myself only, by using my own forwarder, while keeping the forwarding closed to the other users. I've looked around, but cannot seem to find the right pkgs to accomplish this. Can anyone please elaborate? Thanks! Eric

    Read the article

  • Can't start my Windows XP Virtual Machine: Insufficient Disk Space

    - by Rob
    Okay, I currently have a server with two virtual machines installed on it, a CentOS5.4 and a Windows XP. I was remote desktopping the Windows XP chatting on IRC, and all of a sudden I lost connection. I checked with my HyperVisor and tried to restart it, and it won't start at all. It's giving me this error: Message from server0297.serverpool.gnet.ba: Failed to extend swap file (fileHandle 16414) from 0 KB to 524288 KB: No space left on device. Could not power on VM : No space left on device. Failed to power on VM info 4/17/2010 9:49:20 PM root Basically I bought the set up from a host, he installed the HyperVisor and the VirtualMachines, and honestly I don't really know what I'm doing. I've looked at some of the settings, and I can't figure it out. If you need any additional information, I'll try to provide it. The CentOS5.4 is still starting and working flawlessly, if that's relevant.

    Read the article

  • Async ignored on AJAX requests on Nginx server

    - by eComEvo
    Despite sending an async request to the server over AJAX, the server will not respond until the previous unrelated request has finished. The following code is only broken in this way on Nginx, but runs perfectly on Apache. This call will start a background process and it waits for it to complete so it can display the final result. $.ajax({ type: 'GET', async: true, url: $(this).data('route'), data: $('input[name=data]').val(), dataType: 'json', success: function (data) { /* do stuff */} error: function (data) { /* handle errors */} }); The below is called after the above, which on Apache requires 100ms to execute and repeats itself, showing progress for data being written in the background: checkStatusInterval = setInterval(function () { $.ajax({ type: 'GET', async: false, cache: false, url: '/process-status?process=' + currentElement.attr('id'), dataType: 'json', success: function (data) { /* update progress bar and status message */ } }); }, 1000); Unfortunately, when this script is run from nginx, the above progress request never even finishes a single request until the first AJAX request that sent the data is done. If I change the async to TRUE in the above, it executes one every interval, but none of them complete until that very first AJAX request finishes. Here is the main nginx conf file: #user nobody; worker_processes 1; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; server_names_hash_bucket_size 64; # configure temporary paths # nginx is started with param -p, setting nginx path to serverpack installdir fastcgi_temp_path temp/fastcgi; uwsgi_temp_path temp/uwsgi; scgi_temp_path temp/scgi; client_body_temp_path temp/client-body 1 2; proxy_temp_path temp/proxy; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; # Sendfile copies data between one FD and other from within the kernel. # More efficient than read() + write(), since the requires transferring data to and from the user space. sendfile on; # Tcp_nopush causes nginx to attempt to send its HTTP response head in one packet, # instead of using partial frames. This is useful for prepending headers before calling sendfile, # or for throughput optimization. tcp_nopush on; # don't buffer data-sends (disable Nagle algorithm). Good for sending frequent small bursts of data in real time. tcp_nodelay on; types_hash_max_size 2048; # Timeout for keep-alive connections. Server will close connections after this time. keepalive_timeout 90; # Number of requests a client can make over the keep-alive connection. This is set high for testing. keepalive_requests 100000; # allow the server to close the connection after a client stops responding. Frees up socket-associated memory. reset_timedout_connection on; # send the client a "request timed out" if the body is not loaded by this time. Default 60. client_header_timeout 20; client_body_timeout 60; # If the client stops reading data, free up the stale client connection after this much time. Default 60. send_timeout 60; # Size Limits client_body_buffer_size 64k; client_header_buffer_size 4k; client_max_body_size 8M; # FastCGI fastcgi_connect_timeout 60; fastcgi_send_timeout 120; fastcgi_read_timeout 300; # default: 60 secs; when step debugging with XDEBUG, you need to increase this value fastcgi_buffer_size 64k; fastcgi_buffers 4 64k; fastcgi_busy_buffers_size 128k; fastcgi_temp_file_write_size 128k; # Caches information about open FDs, freqently accessed files. open_file_cache max=200000 inactive=20s; open_file_cache_valid 30s; open_file_cache_min_uses 2; open_file_cache_errors on; # Turn on gzip output compression to save bandwidth. # http://wiki.nginx.org/HttpGzipModule gzip on; gzip_disable "MSIE [1-6]\.(?!.*SV1)"; gzip_http_version 1.1; gzip_vary on; gzip_proxied any; #gzip_proxied expired no-cache no-store private auth; gzip_comp_level 6; gzip_buffers 16 8k; gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript; # show all files and folders autoindex on; server { # access from localhost only listen 127.0.0.1:80; server_name localhost; root www; # the following default "catch-all" configuration, allows access to the server from outside. # please ensure your firewall allows access to tcp/port 80. check your "skype" config. # listen 80; # server_name _; log_not_found off; charset utf-8; access_log logs/access.log main; # handle files in the root path /www location / { index index.php index.html index.htm; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root www; } # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9100 # location ~ \.php$ { try_files $uri =404; fastcgi_pass 127.0.0.1:9100; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } # add expire headers location ~* ^.+.(gif|ico|jpg|jpeg|png|flv|swf|pdf|mp3|mp4|xml|txt|js|css)$ { expires 30d; } # deny access to .htaccess files (if Apache's document root concurs with nginx's one) # deny access to git & svn repositories location ~ /(\.ht|\.git|\.svn) { deny all; } } # include config files of "enabled" domains include domains-enabled/*.conf; } Here is the enabled domain conf file: access_log off; access_log C:/server/www/test.dev/logs/access.log; error_log C:/server/www/test.dev/logs/error.log; # HTTP Server server { listen 127.0.0.1:80; server_name test.dev; root C:/server/www/test.dev/public; index index.php; rewrite_log on; default_type application/octet-stream; #include /etc/nginx/mime.types; # Include common configurations. include domains-common/location.conf; } # HTTPS server server { listen 443 ssl; server_name test.dev; root C:/server/www/test.dev/public; index index.php; rewrite_log on; default_type application/octet-stream; #include /etc/nginx/mime.types; # Include common configurations. include domains-common/location.conf; include domains-common/ssl.conf; } Contents of ssl.conf: # OpenSSL for HTTPS connections. ssl on; ssl_certificate C:/server/bin/openssl/certs/cert.pem; ssl_certificate_key C:/server/bin/openssl/certs/cert.key; ssl_session_timeout 5m; ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; # Pass the PHP scripts to FastCGI server listening on 127.0.0.1:9100 location ~ \.php$ { try_files $uri =404; fastcgi_param HTTPS on; fastcgi_pass 127.0.0.1:9100; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } Contents of location.conf: # Remove trailing slash to please Laravel routing system. if (!-d $request_filename) { rewrite ^/(.+)/$ /$1 permanent; } location / { try_files $uri $uri/ /index.php?$query_string; } # We don't need .ht files with nginx. location ~ /(\.ht|\.git|\.svn) { deny all; } # Added cache headers for images. location ~* \.(png|jpg|jpeg|gif)$ { expires 30d; log_not_found off; } # Only 3 hours on CSS/JS to allow me to roll out fixes during early weeks. location ~* \.(js|css)$ { expires 3h; log_not_found off; } # Add expire headers. location ~* ^.+.(gif|ico|jpg|jpeg|png|flv|swf|pdf|mp3|mp4|xml|txt)$ { expires 30d; } # Pass the PHP scripts to FastCGI server listening on 127.0.0.1:9100 location ~ \.php$ { try_files $uri /index.php =404; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; fastcgi_pass 127.0.0.1:9100; } Any ideas where this is going wrong?

    Read the article

  • UDP packets to IP addresses other than specific ones not arriving and not shown in Wireshark

    - by Max
    I'm writing a service using UDP, but I can't manage to reply to the client. When sending to the client via the DHCP-assigned IP (192.168.1.143) Wireshark shows no sent packets. The server receives and Wireshark shows any packet sent by the client (broadcasted). If I send to a random, unassigned IP Wireshark doesn't show it. I thought the NIC would happily send it, since there is a router in the way - shouldn't Wireshark show it, even though it cannot possibly be received by a remote endpoint? If I send to either the router IP or another (specific, there is only one other) computer, the packet is shown in Wireshark. I am running Windows 7, the firewall is turned off using the control panel. Does the fact that wireshark doesn't show these packets mean that they aren't sent? What reason could there be for showing packets to one IP, but not another, on the same subnet?

    Read the article

  • Install DC again after removing on exchange server

    - by Kawharu
    I had a DC and Exchange 2010 installed on the same machine. I removed the DC role, and Exchange server went crazy. I tried to install the DC role again to fix the problem but ran into this error when running DCPROMO: Active Directory Domain Services could not create the NTDS Settings object for this Active Directory Domain Controller CN=NTDS Settings,CN=DC1,CN=Servers,CN=Manukau,CN=Sites,CN=Configuration,DC=AccessGroupnz,DC=com on the remote AD DC Server1.AccessGroupnz.com. Ensure the provided network credentials have sufficient permissions. "The DSA operation is unable to proceed because of a DNS lookup failure." Do you think I need to run this in an elevated command prompt, or change credentials somewhere to domain admin? Or is it something else?

    Read the article

  • Cisco ASA: How to route PPPoE-assigned subnet?

    - by Martijn Heemels
    We've just received a fiber uplink, and I'm trying to configure our Cisco ASA 5505 to properly use it. The provider requires us to connect via PPPoE, and I managed to configure the ASA as a PPPoE client and establish a connection. The ASA is assigned an IP address by PPPoE, and I can ping out from the ASA to the internet, but I should have access to an entire /28 subnet. I can't figure out how to get that subnet configured on the ASA, so that I can route or NAT the available public addresses to various internal hosts. My assigned range is: 188.xx.xx.176/28 The address I get via PPPoE is 188.xx.xx.177/32, which according to our provider is our Default Gateway address. They claim the subnet is correctly routed to us on their side. How does the ASA know which range it is responsible for on the Fiber interface? How do I use the addresses from my range? To clarify my config; The ASA is currently configured to default-route to our ADSL uplink on port Ethernet0/0 (interface vlan2, nicknamed Outside). The fiber is connected to port Ethernet0/2 (interface vlan50, nicknamed Fiber) so I can configure and test it before making it the default route. Once I'm clear on how to set it all up, I'll fully replace the Outside interface with Fiber. My config (rather long): : Saved : ASA Version 8.3(2)4 ! hostname gw domain-name example.com enable password ****** encrypted passwd ****** encrypted names name 10.10.1.0 Inside-dhcp-network description Desktops and clients that receive their IP via DHCP name 10.10.0.208 svn.example.com description Subversion server name 10.10.0.205 marvin.example.com description LAMP development server name 10.10.0.206 dns.example.com description DNS, DHCP, NTP ! interface Vlan2 description Old ADSL WAN connection nameif outside security-level 0 ip address 192.168.1.2 255.255.255.252 ! interface Vlan10 description LAN vlan 10 Regular LAN traffic nameif inside security-level 100 ip address 10.10.0.254 255.255.0.0 ! interface Vlan11 description LAN vlan 11 Lab/test traffic nameif lab security-level 90 ip address 10.11.0.254 255.255.0.0 ! interface Vlan20 description LAN vlan 20 ISCSI traffic nameif iscsi security-level 100 ip address 10.20.0.254 255.255.0.0 ! interface Vlan30 description LAN vlan 30 DMZ traffic nameif dmz security-level 50 ip address 10.30.0.254 255.255.0.0 ! interface Vlan40 description LAN vlan 40 Guests access to the internet nameif guests security-level 50 ip address 10.40.0.254 255.255.0.0 ! interface Vlan50 description New WAN Corporate Internet over fiber nameif fiber security-level 0 pppoe client vpdn group KPN ip address pppoe ! interface Ethernet0/0 switchport access vlan 2 speed 100 duplex full ! interface Ethernet0/1 switchport trunk allowed vlan 10,11,30,40 switchport trunk native vlan 10 switchport mode trunk ! interface Ethernet0/2 switchport access vlan 50 speed 100 duplex full ! interface Ethernet0/3 shutdown ! interface Ethernet0/4 shutdown ! interface Ethernet0/5 switchport access vlan 20 ! interface Ethernet0/6 shutdown ! interface Ethernet0/7 shutdown ! boot system disk0:/asa832-4-k8.bin ftp mode passive clock timezone CEST 1 clock summer-time CEDT recurring last Sun Mar 2:00 last Sun Oct 3:00 dns domain-lookup inside dns server-group DefaultDNS name-server dns.example.com domain-name example.com same-security-traffic permit inter-interface same-security-traffic permit intra-interface object network inside-net subnet 10.10.0.0 255.255.0.0 object network svn.example.com host 10.10.0.208 object network marvin.example.com host 10.10.0.205 object network lab-net subnet 10.11.0.0 255.255.0.0 object network dmz-net subnet 10.30.0.0 255.255.0.0 object network guests-net subnet 10.40.0.0 255.255.0.0 object network dhcp-subnet subnet 10.10.1.0 255.255.255.0 description DHCP assigned addresses on Vlan 10 object network Inside-vpnpool description Pool of assignable addresses for VPN clients object network vpn-subnet subnet 10.10.3.0 255.255.255.0 description Address pool assignable to VPN clients object network dns.example.com host 10.10.0.206 description DNS, DHCP, NTP object-group service iscsi tcp description iscsi storage traffic port-object eq 3260 access-list outside_access_in remark Allow access from outside to HTTP on svn. access-list outside_access_in extended permit tcp any object svn.example.com eq www access-list Insiders!_splitTunnelAcl standard permit 10.10.0.0 255.255.0.0 access-list iscsi_access_in remark Prevent disruption of iscsi traffic from outside the iscsi vlan. access-list iscsi_access_in extended deny tcp any interface iscsi object-group iscsi log warnings ! snmp-map DenyV1 deny version 1 ! pager lines 24 logging enable logging timestamp logging asdm-buffer-size 512 logging monitor warnings logging buffered warnings logging history critical logging asdm errors logging flash-bufferwrap logging flash-minimum-free 4000 logging flash-maximum-allocation 2000 mtu outside 1500 mtu inside 1500 mtu lab 1500 mtu iscsi 9000 mtu dmz 1500 mtu guests 1500 mtu fiber 1492 ip local pool DHCP_VPN 10.10.3.1-10.10.3.20 mask 255.255.0.0 ip verify reverse-path interface outside no failover icmp unreachable rate-limit 10 burst-size 5 asdm image disk0:/asdm-635.bin asdm history enable arp timeout 14400 nat (inside,outside) source static any any destination static vpn-subnet vpn-subnet ! object network inside-net nat (inside,outside) dynamic interface object network svn.example.com nat (inside,outside) static interface service tcp www www object network lab-net nat (lab,outside) dynamic interface object network dmz-net nat (dmz,outside) dynamic interface object network guests-net nat (guests,outside) dynamic interface access-group outside_access_in in interface outside access-group iscsi_access_in in interface iscsi route outside 0.0.0.0 0.0.0.0 192.168.1.1 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 dynamic-access-policy-record DfltAccessPolicy aaa-server SBS2003 protocol radius aaa-server SBS2003 (inside) host 10.10.0.204 timeout 5 key ***** aaa authentication enable console SBS2003 LOCAL aaa authentication ssh console SBS2003 LOCAL aaa authentication telnet console SBS2003 LOCAL http server enable http 10.10.0.0 255.255.0.0 inside snmp-server host inside 10.10.0.207 community ***** version 2c snmp-server location Server room snmp-server contact [email protected] snmp-server community ***** snmp-server enable traps snmp authentication linkup linkdown coldstart snmp-server enable traps syslog crypto ipsec transform-set TRANS_ESP_AES-256_SHA esp-aes-256 esp-sha-hmac crypto ipsec transform-set TRANS_ESP_AES-256_SHA mode transport crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto dynamic-map outside_dyn_map 20 set pfs group5 crypto dynamic-map outside_dyn_map 20 set transform-set TRANS_ESP_AES-256_SHA crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5 crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP crypto map outside_map interface outside crypto isakmp enable outside crypto isakmp policy 1 authentication pre-share encryption 3des hash sha group 2 lifetime 86400 telnet 10.10.0.0 255.255.0.0 inside telnet timeout 5 ssh scopy enable ssh 10.10.0.0 255.255.0.0 inside ssh timeout 5 ssh version 2 console timeout 30 management-access inside vpdn group KPN request dialout pppoe vpdn group KPN localname INSIDERS vpdn group KPN ppp authentication pap vpdn username INSIDERS password ***** store-local dhcpd address 10.40.1.0-10.40.1.100 guests dhcpd dns 8.8.8.8 8.8.4.4 interface guests dhcpd update dns interface guests dhcpd enable guests ! threat-detection basic-threat threat-detection scanning-threat threat-detection statistics host number-of-rate 2 threat-detection statistics port number-of-rate 3 threat-detection statistics protocol number-of-rate 3 threat-detection statistics access-list threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200 ntp server dns.example.com source inside prefer webvpn group-policy DfltGrpPolicy attributes vpn-tunnel-protocol IPSec l2tp-ipsec group-policy Insiders! internal group-policy Insiders! attributes wins-server value 10.10.0.205 dns-server value 10.10.0.206 vpn-tunnel-protocol IPSec l2tp-ipsec split-tunnel-policy tunnelspecified split-tunnel-network-list value Insiders!_splitTunnelAcl default-domain value example.com username martijn password ****** encrypted privilege 15 username marcel password ****** encrypted privilege 15 tunnel-group DefaultRAGroup ipsec-attributes pre-shared-key ***** tunnel-group Insiders! type remote-access tunnel-group Insiders! general-attributes address-pool DHCP_VPN authentication-server-group SBS2003 LOCAL default-group-policy Insiders! tunnel-group Insiders! ipsec-attributes pre-shared-key ***** ! class-map global-class match default-inspection-traffic class-map type inspect http match-all asdm_medium_security_methods match not request method head match not request method post match not request method get ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum 512 policy-map type inspect http http_inspection_policy parameters protocol-violation action drop-connection policy-map global-policy class global-class inspect dns inspect esmtp inspect ftp inspect h323 h225 inspect h323 ras inspect http inspect icmp inspect icmp error inspect mgcp inspect netbios inspect pptp inspect rtsp inspect snmp DenyV1 ! service-policy global-policy global smtp-server 123.123.123.123 prompt hostname context call-home profile CiscoTAC-1 no active destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService destination address email [email protected] destination transport-method http subscribe-to-alert-group diagnostic subscribe-to-alert-group environment subscribe-to-alert-group inventory periodic monthly subscribe-to-alert-group configuration periodic monthly subscribe-to-alert-group telemetry periodic daily hpm topN enable Cryptochecksum:a76bbcf8b19019771c6d3eeecb95c1ca : end asdm image disk0:/asdm-635.bin asdm location svn.example.com 255.255.255.255 inside asdm location marvin.example.com 255.255.255.255 inside asdm location dns.example.com 255.255.255.255 inside asdm history enable

    Read the article

  • Which mediacenter appliance

    - by Guillaume
    I'm looking to buy a mediacenter appliance, but I am a bit lost by all the offers on the market. Here are the features I am looking for : at least 500Go HDD capable of playing HD (1080p) supporting a good range of video and audio codecs support for subtitles including a DVB-T input (coax) and tuner composite video input 5.1 (or 7.1) analog audio output LAN (100M or Gigabit) fileserver (SMB or NFS) remote control possibly digital output (S/PDIF, TOSLINK, or other) no need for integrated DVD player no need for wifi The Ultio Pro looks nice (http://www.thinkgeek.com/electronics/home-entertainment/d3fe). It just lacks a DVB-T input which is a show killer for me. Thanks for your suggestions.

    Read the article

  • Cannot get git working

    - by Devin Dixon
    I'm trying to install my own git server with these instructions. http://cisight.com/how-to-setup-git-server-using-gitolite-in-ubuntu-11-10-oneiric/ But I am get stuck at this point. git clone --verbose [email protected]:testing.git Cloning into 'testing'... Permission denied (publickey). fatal: The remote end hung up unexpectedly And I think it has something to do with this: gitolite@ip-xxxx:~$ gl-setup tmp/john.pub key_read: uudecode Aklkdfgkldkgldkgldkgfdlkgldkgdlfkgldkgldkgdlkgkfdnknbkdnbkdnbkdnbkfnbkdfnbkdnfbkdfnbdknbkdnbkfnbkdbnkdbnkdfnbkd [email protected] failed fprint failed I always get the fail and I think its preventing me from cloning repo.The repo is there along with gitolite-admin.git repo. The permissions are this: drwxr-x--- 8 gitolite gitolite 4096 Jun 6 16:29 gitolite-admin.git drwxr-x--- 7 gitolite gitolite 4096 Jun 6 16:29 testing.git So my question is what am I missing here?

    Read the article

  • SuSE always logs a user in TVM session

    - by rohan
    Hello all, Our sa recently installed Suse Linux enterprise Desktop 11 on my work box and I logged in first time into a GNOME session without any problems. Last time I logged in I selected the session as TWM and that got me into the T windows manager just fine. Now when I log out and try to log back into a GNOME session, it will still log me into the TVM session. I have tried restarting the box but that has not helped. Though when I remote log in to the machine it will let me get on the GNOME session just fine. I'm guessing this is probably a really simple fix, however I am a Linux newbie and doing a google search isn't yielding me what I'm looking for. My sa cant figure what is wrong either Thanks in advance for your help, Rohan

    Read the article

  • SuSE always logs a user in TVM session

    - by rohan
    Hello all, I recently installed Suse Linux enterprise Desktop 11 on my box. I created an user and logged in first time into a GNOME session without any problems. Last time I logged in I selected the session as TWM and that got me into the T windows manager just fine. Now when I log out and try to log back into a GNOME session, it will still log me into the TVM session. I have tried restarting the box but that has not helped. However, when I remote log in to the machine it will let me got on the GNOME session just fine. I'm guessing this is probably a really simple fix, however I am a Linux newbie and doing a google search isn't yielding me what I'm looking for. Thanks in advance for your help, Rohan

    Read the article

  • rsync to multiple destinations using same filelist?

    - by Dylan B.
    I'm wondering if it's possible for rsync to copy one directory to multiple remote destinations all in one go, or even in parallel. (not necessary, but would be useful.) Normally, something like the following would work just fine: $ rsync -Pav /junk user@host1:/backup $ rsync -Pav /junk user@host2:/backup $ rsync -Pav /junk user@host3:/backup And if that's the only option, I'll use that. However, /junk is located on a slow drive with quite a few files, and rebuilding the filelist of some ~12,000 files each time is agonizingly slow (~5 minutes) compared to the actual transfer/updating. Is it possible to do something like this, to accomplish the same thing: $ rsync -Pav /junk user@host1:/backup user@host2:/backup user@host3:/backup Thanks for looking!

    Read the article

  • SSH is not working .. Password promt is not coming

    - by Sumanth Lingappa
    I am not able to SSH into my ubuntu server since yesterday. I am not using any keyless or public key method.. Its simple SSH with username and password everytime.. However I can do a VNC session running on my ubuntu server.. But I am afraid that if the vnc session goes out, I wont be having any way to login to the server.. My ssh-vvv output is as below.. sumanth@sumanth:~$ ssh -vvv user@serverIP OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to 172.16.2.156 [172.16.2.156] port 22. debug1: Connection established. debug1: identity file /home/sumanth/.ssh/id_rsa type -1 debug1: identity file /home/sumanth/.ssh/id_rsa-cert type -1 debug1: identity file /home/sumanth/.ssh/id_dsa type -1 debug1: identity file /home/sumanth/.ssh/id_dsa-cert type -1 debug1: identity file /home/sumanth/.ssh/id_ecdsa type -1 debug1: identity file /home/sumanth/.ssh/id_ecdsa-cert type -1 debug1: identity file /home/sumanth/.ssh/id_ed25519 type -1 debug1: identity file /home/sumanth/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1 debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1 pat OpenSSH_5* compat 0x0c000000 debug2: fd 3 setting O_NONBLOCK debug3: load_hostkeys: loading entries for host "172.16.2.156" from file "/home/sumanth/.ssh/known_hosts" debug3: load_hostkeys: found key type ECDSA in file /home/sumanth/.ssh/known_hosts:5 debug3: load_hostkeys: loaded 1 keys debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],[email protected],[email protected],[email protected],ssh-ed25519,ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,[email protected],zlib debug2: kex_parse_kexinit: none,[email protected],zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256 debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,[email protected] debug2: kex_parse_kexinit: none,[email protected] debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: setup hmac-md5 debug1: kex: server->client aes128-ctr hmac-md5 none debug2: mac_setup: setup hmac-md5 debug1: kex: client->server aes128-ctr hmac-md5 none debug1: sending SSH2_MSG_KEX_ECDH_INIT debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ECDSA ea:4e:15:52:15:dd:6b:09:d4:36:cb:14:2d:c3:1b:7a debug3: load_hostkeys: loading entries for host "172.16.2.156" from file "/home/sumanth/.ssh/known_hosts" debug3: load_hostkeys: found key type ECDSA in file /home/sumanth/.ssh/known_hosts:5 debug3: load_hostkeys: loaded 1 keys debug1: Host '172.16.2.156' is known and matches the ECDSA host key. debug1: Found key in /home/sumanth/.ssh/known_hosts:5 debug1: ssh_ecdsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /home/sumanth/.ssh/id_rsa ((nil)), debug2: key: /home/sumanth/.ssh/id_dsa ((nil)), debug2: key: /home/sumanth/.ssh/id_ecdsa ((nil)), debug2: key: /home/sumanth/.ssh/id_ed25519 ((nil)),

    Read the article

  • Git version control with multiple users

    - by ignatius
    Hello, i am a little bit lost with this issue, let me explain you my problem: I want to setup a git repository, three of four users will contribute, so they need to download the code and shall be able to upload their changes to the server or update their branch with the latest modifications. So, i setup a linux machine, install git, setup the repository, then add the users in order to enable the acces throught ssh. Now my question is, What's next?, the git documentation is a little bit confusing, i.e. when i try from a dummy user account to clone the repository i got: xxx@xxx-desktop:~/Documentos/git/test$ git clone -v ssh://[email protected]/pub.git Initialized empty Git repository in /home/xxx/Documentos/git/test/pub/.git/ [email protected]'s password: fatal: '/pub.git' does not appear to be a git repository fatal: The remote end hung up unexpectedly is that a problem of privileges? need any special configuration? i want to avoid using git-daemon or gitosis, sorry, maybe my question sound silly but git is powerfull but i admit not so user friendly. Thanks Br

    Read the article

  • Can not su to normal user

    - by Summer Nguyen
    I have a centos 5.8 box with gitolite installed . It worked fine until I yesterday my gitolite didn't work. ( fatal the remote end hung up unexpectedly) I logged to the box using root account. and then su to git user but I can't. I test again by creating a new user , but I also can not su to that user. Any idea ?, thank you very much. P.S: I installed postfix the day before , but I'm not sure if postfix cause the problem.

    Read the article

  • cron not even sending local mail to /var/mail/

    - by Yang
    I'm using a very plain Ubuntu Server 9.04, and cron isn't delivering any mail to my /var/mail/USER (the file hasn't even been created). Here's my full crontab: # m h dom mon dow command 15 * * * * $HOME/.cron/sync-bookmarks.bash If I add # m h dom mon dow command 15 * * * * $HOME/.cron/sync-bookmarks.bash >& /tmp/log then I see the stdout and stderr in /tmp/log. I'm not (yet) interested in actual remote email delivery, just local delivery to the mail spool file. Why isn't mail working? Thanks in advance for any tips.

    Read the article

  • IPSEC tunnel Fortinet Transparent Mode to inside Fortinet firewall in NAT Mode does not respond to i

    - by TrevJen
    I have 2 fortinet firewalls (fully patched); fw1 is providing an IPSEC tunnel in transparent mode. beneath this firewall is a fw2, a NAT firewall with a VIP address that has been confirmed to work. This configuration is required for my customers who want to connect to a public address space inside of the tunnel, in order to prevent cross over in IP space. This configuration works great for traffic going outbound to the remote side of the tunnel, but not inbound. While sniffing the traffic, I can see the inbound traffic going out of the fw1, but it is never seen at the fw2. Cust Net > 10.1.1.100 | | | FW1 >TRANSPARENT IPSEC | | | FW2 EXT >99.1.1.1.100-VIP | FW2 NAT >192.1.1.100-NAT

    Read the article

  • speeding up cvs pserver over WAN

    - by Aleksandar Ivanisevic
    I have a remote location with 5 developers that are using a CVS (pserver) repository in main office via WAN, but the bandwidth i have is only a couple of hundred kbps so CVS operations are fairly slow. Is there any way to speed this up? I can rsync over a local copy of the CVS root(s) every couple of minutes, so this can handle the updates, but obviously not the commits. Is there any way to say to CVS to update from one server, but push to another one? Any other ideas?

    Read the article

  • Process for configuring network settings on a headless rack mount device

    - by PherricOxide
    I'm with a small company that plans to sell a rack mounted network appliance which is configurable via a web interface (think of a router configuration page sort of deal), and I'm wondering in large data center like environments what the process usually is for the initial setup of such systems. The main question is, if the system is headless, how do you get initial remote access to it? Do companies usually first plug a server into a monitor/keyboard/mouse in order to configure the network settings before mounting it in a rack? How else would they know what the IP address of the machine was if DHCP (and it can't be hard coded because of IP conflict potential)?

    Read the article

  • IIS 7 - Provisioning portal

    - by Doug
    I am wanting to setup our production IIS environments with a provisioning portal to ensure that deployment staff always setup sites in a uniform configuration, and that they don't actually have remote access to the servers directly. What is the best 'simple' provisioning tool for such a purpose? Do people write their own using something like Powershell remoting? I don't want to install a tool like HELM or similar as it feels like it creates unnecessary bloat on top of a production environment. features should include: create new website and app pool combo restart, start and stop application pools change bindings on websites

    Read the article

  • How would you shorten 5,000+ URLs? [closed]

    - by Tyler J Fisher
    How would you go about shortening approximately 5,000 permalinks? The links point to a remote media archiving server, and are unlikely to change. Example URLs: rtsp://foo-1.bar.com/xx/xx/xx/xx.rm http://media.foo.org/xx/xx/xx.mp4 The URLs are going to be stored in a local MySQL database, as such it's crucial that the URLs are in a manageable form (i.e bit.ly or ow.ly). There are bulk URL shortening services, but those only allow shortening of 100 links/day, which isn't technically feasible so I need to think of something else.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 531 532 533 534 535 536 537 538 539 540 541 542  | Next Page >