Search Results

Search found 9109 results on 365 pages for 'external authorization'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 100/365 | < Previous Page | 96 97 98 99 100 101 102 103 104 105 106 107  | Next Page >

  • Open ports broken from internal network

    - by ksvi
    Quick summary: Forwarded port works from the outside world, but from the internal network using the external IP the connection is refused. This is a simplified situation to make the explanation easier: I have a computer that is running a service on port 12345. This computer has an internal IP 192.168.1.100 and is connected directly to a modem/router which has internal IP 192.168.1.1 and external (public, static) IP 1.2.3.4. (The router is TP-LINK TD-w8960N) I have set up port forwarding (virtual server) at port 12345 to go to port 12345 at 192.168.1.100. If I run telnet 192.168.1.100 12345 from the same computer everything works. But running telnet 1.2.3.4 12345 says connection refused. If I do this on another computer (on the same internal network, connected to the router) the same thing happens. This would seem like the port forwarding is not working. However... If I run a online port checking service on my external IP and the service port it says the port is open and I can see the remote server connecting and immediately closing connection. And using another computer that is connected to the internet using a mobile connection I can also use telnet 1.2.3.4 12345 and I get a working connection. So the port forwarding seems to be working, however using external IP from the internal network doesn't. I have no idea what can be causing this, since another setup very much like this (different router) works for me. I can access a service running on a server from inside the network both through the internal and external IP. Note: I know I could just use the internal IP inside of the network to access this service. But if I have a laptop that must be able to do this both from inside and outside it would be annoying to constantly switch between 1.2.3.4 and 192.168.1.100 in the software configuration. Router output: > iptables -t nat -L -n Chain PREROUTING (policy ACCEPT) target prot opt source destination ACCEPT all -- 0.0.0.0/0 224.0.0.0/3 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 to:192.168.1.101 DNAT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:25 to:192.168.1.101 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:110 to:192.168.1.101 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:12345 to:192.168.1.102 DNAT udp -- 0.0.0.0/0 192.168.1.1 udp dpt:53 to:217.118.96.203 Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- 192.168.1.0/24 0.0.0.0/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination

    Read the article

  • Security in Software

    The term security has many meanings based on the context and perspective in which it is used. Security from the perspective of software/system development is the continuous process of maintaining confidentiality, integrity, and availability of a system, sub-system, and system data. This definition at a very high level can be restated as the following: Computer security is a continuous process dealing with confidentiality, integrity, and availability on multiple layers of a system. Key Aspects of Software Security Integrity Confidentiality Availability Integrity within a system is the concept of ensuring only authorized users can only manipulate information through authorized methods and procedures. An example of this can be seen in a simple lead management application.  If the business decided to allow each sales member to only update their own leads in the system and sales managers can update all leads in the system then an integrity violation would occur if a sales member attempted to update someone else’s leads. An integrity violation occurs when a team member attempts to update someone else’s lead because it was not entered by the sales member.  This violates the business rule that leads can only be update by the originating sales member. Confidentiality within a system is the concept of preventing unauthorized access to specific information or tools.  In a perfect world the knowledge of the existence of confidential information/tools would be unknown to all those who do not have access. When this this concept is applied within the context of an application only the authorized information/tools will be available. If we look at the sales lead management system again, leads can only be updated by originating sales members. If we look at this rule then we can say that all sales leads are confidential between the system and the sales person who entered the lead in to the system. The other sales team members would not need to know about the leads let alone need to access it. Availability within a system is the concept of authorized users being able to access the system. A real world example can be seen again from the lead management system. If that system was hosted on a web server then IP restriction can be put in place to limit access to the system based on the requesting IP address. If in this example all of the sales members where accessing the system from the 192.168.1.23 IP address then removing access from all other IPs would be need to ensure that improper access to the system is prevented while approved users can access the system from an authorized location. In essence if the requesting user is not coming from an authorized IP address then the system will appear unavailable to them. This is one way of controlling where a system is accessed. Through the years several design principles have been identified as being beneficial when integrating security aspects into a system. These principles in various combinations allow for a system to achieve the previously defined aspects of security based on generic architectural models. Security Design Principles Least Privilege Fail-Safe Defaults Economy of Mechanism Complete Mediation Open Design Separation Privilege Least Common Mechanism Psychological Acceptability Defense in Depth Least Privilege Design PrincipleThe Least Privilege design principle requires a minimalistic approach to granting user access rights to specific information and tools. Additionally, access rights should be time based as to limit resources access bound to the time needed to complete necessary tasks. The implications of granting access beyond this scope will allow for unnecessary access and the potential for data to be updated out of the approved context. The assigning of access rights will limit system damaging attacks from users whether they are intentional or not. This principle attempts to limit data changes and prevents potential damage from occurring by accident or error by reducing the amount of potential interactions with a resource. Fail-Safe Defaults Design PrincipleThe Fail-Safe Defaults design principle pertains to allowing access to resources based on granted access over access exclusion. This principle is a methodology for allowing resources to be accessed only if explicit access is granted to a user. By default users do not have access to any resources until access has been granted. This approach prevents unauthorized users from gaining access to resource until access is given. Economy of Mechanism Design PrincipleThe Economy of mechanism design principle requires that systems should be designed as simple and small as possible. Design and implementation errors result in unauthorized access to resources that would not be noticed during normal use. Complete Mediation Design PrincipleThe Complete Mediation design principle states that every access to every resource must be validated for authorization. Open Design Design PrincipleThe Open Design Design Principle is a concept that the security of a system and its algorithms should not be dependent on secrecy of its design or implementation Separation Privilege Design PrincipleThe separation privilege design principle requires that all resource approved resource access attempts be granted based on more than a single condition. For example a user should be validated for active status and has access to the specific resource. Least Common Mechanism Design PrincipleThe Least Common Mechanism design principle declares that mechanisms used to access resources should not be shared. Psychological Acceptability Design PrincipleThe Psychological Acceptability design principle refers to security mechanisms not make resources more difficult to access than if the security mechanisms were not present Defense in Depth Design PrincipleThe Defense in Depth design principle is a concept of layering resource access authorization verification in a system reduces the chance of a successful attack. This layered approach to resource authorization requires unauthorized users to circumvent each authorization attempt to gain access to a resource. When designing a system that requires meeting a security quality attribute architects need consider the scope of security needs and the minimum required security qualities. Not every system will need to use all of the basic security design principles but will use one or more in combination based on a company’s and architect’s threshold for system security because the existence of security in an application adds an additional layer to the overall system and can affect performance. That is why the definition of minimum security acceptably is need when a system is design because this quality attributes needs to be factored in with the other system quality attributes so that the system in question adheres to all qualities based on the priorities of the qualities. Resources: Barnum, Sean. Gegick, Michael. (2005). Least Privilege. Retrieved on August 28, 2011 from https://buildsecurityin.us-cert.gov/bsi/articles/knowledge/principles/351-BSI.html Saltzer, Jerry. (2011). BASIC PRINCIPLES OF INFORMATION PROTECTION. Retrieved on August 28, 2011 from  http://web.mit.edu/Saltzer/www/publications/protection/Basic.html Barnum, Sean. Gegick, Michael. (2005). Defense in Depth. Retrieved on August 28, 2011 from  https://buildsecurityin.us-cert.gov/bsi/articles/knowledge/principles/347-BSI.html Bertino, Elisa. (2005). Design Principles for Security. Retrieved on August 28, 2011 from  http://homes.cerias.purdue.edu/~bhargav/cs526/security-9.pdf

    Read the article

  • DNS lookup when using a CDN

    - by Steven Wu
    Using a CDN can vastly improve the load time of a website. I been thinking of using it to host all my external files like CSS, JS, Images, Videos etc. However I was thinking when linking to a CDN, wouldn't the browser have to use additional DNS lookup? So wouldn't this be counter productive? Or is the benefit to host every external files on a CDN out weighs the additional cost of a DNS lookup? What are your thoughts?

    Read the article

  • How to fix 'grub error file not found' when installing 12.04?

    - by Tomasz Grabowski
    i'm trying to install Ubuntu. I don't know if it is important, but i'm trying to install it on external HDD. In the end i have external bootable HDD which only displays: error: file not found grub recovery> From the beginning: I've downloaded ubuntu-12.04-desktop-i386.iso I've used LiLi USB Creator (LinuxLive) to create bootable pendrive from that image I've bootet from it, it works I've clicked "Try ubuntu", it works too. I've used GParted to look over drivers (disks) My primary embedded disk is seen as /dev/sda My attached external disk as /dev/sdb My PenDrive as /dev/sdc I've created partitions on /dev/sdb Fist partition for system (over 200GiB) Second was there already (it's xsf, and i don't want to touch it :P) Third is extended partition, with 1 locital partiton (10GiB) for swap I've started installation i've choose "somethin else" in ... i belive secound screeb then is selected /dev/sdb as boot disk for first partiton of /dev/sdb i set i want ext3 file system, i've check "formattin" checkbox, and mount path set to "/" firs logical partiton set as swap partition After installation finished, i restarted my computer. When i boot from my primary disc it's work ok, my previous operating system - vista - works ok. When i set my BIOS to boot from my external disc, i only get that message: error: file not found grub recovery> I've try to reinstall it, but didn't help... In desperation, i've try to read a bit about that "grub recovery" command-line and experiment a bit... I'm not sure if this has had any point, or if it give you some information (notice, that i don't know what i'm doing :P ) when i've type command: insmod (hd1,1)/boot/grub/linux.mod i've get message: unknown filesystem the same with: insmod (hd1,msdos1)/boot/grub/linux.mod the same with: insmod ext3 but i get no message after command: insmod ext2 ... notice that i really don't know what this command exactly do, but than i thought that maybe if i reinstall ubuntu with ext2 filesystem, it will work. I've done that, but symptoms are the same. I've go back to that Live version of ubuntu, filesystem and basics directories seems to be present on /dev/sdb1 ... i'm completely unfamiliar with GRUB. I'm also don't know which wersion of GRUB it is, i hope there is only one version on ubuntu-12.04-desktop-i386.iso Any help? Thax

    Read the article

  • Setting up Ubuntu Server as a Router with DHCPD and 3 Ethernet devices

    - by cengbrecht
    My configuration: Ubuntu 12.04 DHCP3-server eth0, eth1, eth2 Edit: removed br0&br1 eth0 is the external connection eth1 & eth2 are the internal network eth1 and eth2 are supposed to be seperate networks of student/teachers respectivly. What I would like to have is the internet from external device bridged to device 1 and 2, with the DHCP server controlling the two internal devices. Its already working with DHCP, the part I am stuck on is bridging for internet. I have setup a script that I found here: Router With the original script he linked here: Ubuntu Router Guide echo -e "\n\nLoading simple rc.firewall-iptables version $FWVER..\n" IPTABLES=/sbin/iptables #IPTABLES=/usr/local/sbin/iptables DEPMOD=/sbin/depmod MODPROBE=/sbin/modprobe EXTIF="eth0" INTIF="eth1" INTIF2="eth2" echo " External Interface: $EXTIF" echo " Internal Interface: $INTIF" echo " Internal Interface: $INTIF2" EXTIP=`ifconfig $EXTIF | grep 'inet addr:' | sed 's#.*inet addr\:\([0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\).*#\1#g'` echo " External IP: $EXTIP" #====================================================================== #== No editing beyond this line is required for initial MASQ testing == The rest of the script below this is as is. I can get ip from the eth1 & eth2 devices, and my computer can see them, and them it, however, internet is not being passed through. If you need more information please just let me know. EDIT: So I had a 255.255.254.0 network, I believe that was causing the issue. Not sure if it will matter on the second card, I will test later. After changing the subnet to 255.255.255.0 the pings will pass through, however, I cannot get DNS requests to pass? My new Config for Firewall Rules # /etc/iptables.up.rules # Generated by iptables-save v1.4.12 on Wed Nov 28 19:43:28 2012 *mangle :PREROUTING ACCEPT [39:4283] :INPUT ACCEPT [39:4283] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [12:4884] :POSTROUTING ACCEPT [13:5145] COMMIT # Completed on Wed Nov 28 19:43:28 2012 # Generated by iptables-save v1.4.12 on Wed Nov 28 19:43:28 2012 *filter :FORWARD ACCEPT [0:0] :INPUT ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A FORWARD -j LOG -A FORWARD -m state -i eth1 -o eth0 --state NEW,ESTABLISHED,RELATED -j ACCEPT -A FORWARD -m state -i eth2 -o eth0 --state NEW,ESTABLISHED,RELATED -j ACCEPT -A FORWARD -m state -i eth0 -o eth1 --state NEW,ESTABLISHED,RELATED -j ACCEPT -A FORWARD -m state -i eth0 -o eth2 --state NEW,ESTABLISHED,RELATED -j ACCEPT COMMIT # Completed on Wed Nov 28 19:43:28 2012 # Generated by iptables-save v1.4.12 on Wed Nov 28 19:43:28 2012 *nat :INPUT ACCEPT [0:0] :PREROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] -A POSTROUTING -o eth0 -j MASQUERADE -A POSTROUTING -o eth0 -j SNAT --to-source 192.168.1.25 COMMIT # Completed on Wed Nov 28 19:43:28 2012 Not sure what else you may need, but I am using Webmin to control the server(Needed for the operators on site to know how to use it.) If you could explain it as standard CLI commands, or edits to this file directly then we should be ok. :) And thanks again Erik, I do believe your edits did help.

    Read the article

  • How to install my currrent Ubuntu based OS on to an extenal drive?

    - by Godel Fishbreath
    I have found urls to install ubuntu to a HD. But my current system has been upgraded and updated so often that it does not resemble anything on the web or on my drive disks. So giving my a url to how to install ubuntu will fail. Give me instead 'how to install my current Linux/Ubuntu based system (11.04) and all the upgrades to my external HD. Or alternately how to back up the OS into a bootable external HD. I am looking for either urls or a very complete explanation.

    Read the article

  • How to automatically switch monitors with my laptop dock

    - by Cas
    I have a Dell Precision M4300 with a Dell Dock PRO1X running Ubuntu Natty. When I have the laptop docked the lcd display is off and I use two external monitors however when I undock the laptop it does not switch to the laptop screen. The same happens when I dock the laptop, it does not switch to the external monitors. If I reboot the laptop it will choose the correct setup but it will not automatically change monitors with Ubuntu running. My Xorg.conf

    Read the article

  • Running Built-In Test Simulator with SOA Suite Healthcare 11g in PS4 and PS5

    - by Shub Lahiri, A-Team
    Background SOA Suite for Healthcare Integration pack comes with a pre-installed simulator that can be used as an external endpoint to generate inbound and outbound HL7 traffic on specified MLLP ports. This is a command-line utility that can be very handy when trying to build a complete end-to-end demo within a standalone, closed environment. The ant-based utility accepts the name of a configuration file as the command-line input argument. The format of this configuration file has changed between PS4 and PS5. In PS4, the configuration file was XML based and in PS5, it is name-value property based. The rest of this note highlights these differences and provides samples that can be used to run the first scenario from the product samples set. PS4 - Configuration File The sample configuration file for PS4 is shown below. The configuration file contains information about the following items: Directory for incoming and outgoing files for the host running SOA Suite Healthcare Polling Interval for the directory External Endpoint Logical Names External Endpoint Server Host Name and Ports Message throughput to be simulated for generating outbound messages Documents to be handled by different endpoints A copy of this file can be downloaded from here. PS5 - Configuration File The corresponding sample configuration file for PS5 is shown below. The configuration file contains similar information about the sample scenario but is not in XML format. It has name-value pairs specified in the form of a properties file. This sample file can be downloaded from here. Simulator Configuration Before running the simulator, the environment has to be set by defining the proper ANT_HOME and JAVA_HOME. The following extract is taken from a working sample shell script to set the environment: Also, as a part of setting the environment, template jndi.properties and logging.properties can be generated by using the following ant command: ant -f ant-b2bsimulator-util.xml b2bsimulator-prop Sample jndi.properties and logging.properties are shown below and can be modified, as needed. The jndi.properties contains information about connectivity to the local Weblogic Managed Server instance and the logging.properties file controls the amount of logging that can be generated from the running simulator process. Simulator Usage - Start and Stop The command syntax to launch the simulator via ant is the same in PS4 and PS5. Only the appropriate configuration file has to be supplied as the command-line argument, for example: ant -f ant-b2bsimulator-util.xml b2bsimulatorstart -Dargs="simulator1.hl7-config.xml" This will start the simulator and will keep running to provide an active external endpoint for SOA Healthcare Integration engine. To stop the simulator, a similar ant command can be used, for example: ant -f ant-b2bsimulator-util.xml b2bsimulatorstop

    Read the article

  • Loading another domain's content in a modal iframe - acceptable?

    - by user568458
    Is it okay to load another page in an iframe in a modal pop-up window - in terms of legal and ethical standards around displaying 3rd party content? I remember a few years ago there was controversy and a debate about whether it was okay to load another domain's page content on your domain in a full-width iframe, with your site providing a masthead with controls for favouriting, linking etc (e.g. like StumbleUpon). I seem to recall that the consensus was, that it was okay so long as you were clearly in no way claiming ownership of the 3rd party content or attempting to modify the content and so long as there was a 'go to site' button or equivalent; and that sites could ask you to exclude them, but generally speaking, it's an acceptable practice. How acceptable would it be considered to be to load another site's page within a modal (lightbox-like) popup box (following all the above principles: clear attribution and a prominent button that kills the iframe and gives them the 3rd party original)? My expectation would be that it would follow the same principles, and be acceptable so long as these conditions were met. Note that I'm asking about the likely legitimate responses of the 3rd party sites and possible legal position, not about usability or UX. I'm aware that this should never ever ever ever ever be the standard way external links are loaded, and that 99% of the time linking to external content like this would be terrible for usability. My specific use case is one of those 1% of cases where loading a separate page in this tab actually wouldn't be the expected behaviour of a link: an interactive data visualisation tool that also acts as a 'browser' of external content (science papers underlying the data it navigates). All other links within the interactive will change something while staying on the same page. If the user clicked one of these external links by mistake (as people often do, even when they are clearly, noisily labelled) and then had to back-button back, they would lose their fine-grained position in the interactive tool (jquery bbq hashchanges being not appropriate for all elements of the tool). New window/tab will simply open the target page on the 3rd party domain. Opening a new window/tab would also be an alternative option (and has its own disadvantages) - my question is, whether this is an alternative that could be considered (in terms of acceptable practice around intellectual property etc), irrespective of which option is best for UX: which is something we'll decide the proper way, based on actual UX testing.

    Read the article

  • Combining Shared Secret and Certificates

    - by Michael Stephenson
    As discussed in the introduction article this walkthrough will explain how you can implement WCF security with the Windows Azure Service Bus to ensure that you can protect your endpoint in the cloud with a shared secret but also combine this with certificates so that you can identify the sender of the message.   Prerequisites As in the previous article before going into the walk through I want to explain a few assumptions about the scenario we are implementing but to keep the article shorter I am not going to walk through all of the steps in how to setup some of this. In the solution we have a simple console application which will represent the client application. There is also the services WCF application which contains the WCF service we will expose via the Windows Azure Service Bus. The WCF Service application in this example was hosted in IIS 7 on Windows 2008 R2 with AppFabric Server installed and configured to auto-start the WCF listening services. I am not going to go through significant detail around the IIS setup because it should not matter in relation to this article however if you want to understand more about how to configure WCF and IIS for such a scenario please refer to the following paper which goes into a lot of detail about how to configure this. The link is: http://tinyurl.com/8s5nwrz   Setting up the Certificates To keep the post and sample simple I am going to use the local computer store for all certificates but this bit is really just the same as setting up certificates for an example where you are using WCF without using Windows Azure Service Bus. In the sample I have included two batch files which you can use to create the sample certificates or remove them. Basically you will end up with: A certificate called PocServerCert in the personal store for the local computer which will be used by the WCF Service component A certificate called PocClientCert in the personal store for the local computer which will be used by the client application A root certificate in the Root store called PocRootCA with its associated revocation list which is the root from which the client and server certificates were created   For the sample Im just using development certificates like you would normally, and you can see exactly how these are configured and placed in the stores from the batch files in the solution using makecert and certmgr.   The Service Component To begin with let's look at the service component and how it can be configured to listen to the service bus using a shared secret but to also accept a username token from the client. In the sample the service component is called Acme.Azure.ServiceBus.Poc.Cert.Services. It has a single service which is the Visual Studio template for a WCF service when you add a new WCF Service Application so we have a service called Service1 with its Echo method. Nothing special so far!.... The next step is to look at the web.config file to see how we have configured the WCF service. In the services section of the WCF configuration you can see I have created my service and I have created a local endpoint which I simply used to do a little bit of diagnostics and to check it was working, but more importantly there is the Windows Azure endpoint which is using the ws2007HttpRelayBinding (note that this should also work just the same if your using netTcpRelayBinding). The key points to note on the above picture are the service behavior called MyServiceBehaviour and the service bus endpoints behavior called MyEndpointBehaviour. We will go into these in more detail later.   The Relay Binding The relay binding for the service has been configured to use the TransportWithMessageCredential security mode. This is the important bit where the transport security really relates to the interaction between the service and listening to the Azure Service Bus and the message credential is where we will use our certificate like we have specified in the message/clientCrentialType attribute. Note also that we have left the relayClientAuthenticationType set to RelayAccessToken. This means that authentication will be made against ACS for accessing the service bus and messages will not be accepted from any sender who has not been authenticated by ACS.   The Endpoint Behaviour In the below picture you can see the endpoint behavior which is configured to use the shared secret client credential for accessing the service bus and also for diagnostic purposes I have included the service registry element.     Hopefully if you are familiar with using Windows Azure Service Bus relay feature the above is very familiar to you and this is a very common setup for this section. There is nothing specific to the username token implementation here. The Service Behaviour Now we come to the bit with most of the certificate stuff in it. When you configure the service behavior I have included the serviceCredentials element and then setup to use the clientCertificate check and also specifying the serviceCertificate with information on how to find the servers certificate in the store.     I have also added a serviceAuthorization section where I will implement my own authorization component to perform additional security checks after the service has validated that the message was signed with a good certificate. I also have the same serviceSecurityAudit configuration to log access to my service. My Authorization Manager The below picture shows you implementation of my authorization manager. WCF will eventually hand off the message to my authorization component before it calls the service code. This is where I can perform some logic to check if the identity is allowed to access resources. In this case I am simple rejecting messages from anyone except the PocClientCertificate.     The Client Now let's take a look at the client side of this solution and how we can configure the client to authenticate against ACS but also send a certificate over to the service component so it can implement additional security checks on-premise. I have a console application and in the program class I want to use the proxy generated with Add Service Reference to send a message via the Azure Service Bus. You can see in my WCF client configuration below I have setup my details for the azure service bus url and am using the ws2007HttpRelayBinding.   Next is my configuration for the relay binding. You can see below I have configured security to use TransportWithMessageCredential so we will flow the token from a certificate with the message and also the RelayAccessToken relayClientAuthenticationType which means the component will validate against ACS before being allowed to access the relay endpoint to send a message.     After the binding we need to configure the endpoint behavior like in the below picture. This contains the normal transportClientEndpointBehaviour to setup the ACS shared secret configuration but we have also configured the clientCertificate to look for the PocClientCert.     Finally below we have the code of the client in the console application which will call the service bus. You can see that we have created our proxy and then made a normal call to a WCF in exactly the normal way but the configuration will jump in and ensure that a token is passed representing the client certificate.     Conclusion As you can see from the above walkthrough it is not too difficult to configure a service to use both a shared secret and certificate based token at the same time. This gives you the power and protection offered by the access control service in the cloud but also the ability to flow additional tokens to the on-premise component for additional security features to be implemented. Sample The sample used in this post is available at the following location: https://s3.amazonaws.com/CSCBlogSamples/Acme.Azure.ServiceBus.Poc.Cert.zip

    Read the article

  • Configure xfce4-screenshooter settings

    - by rubo77
    xfce4-screenshooter is the standard screenshot program in XFCE on Xubuntu. How can I configure the settings about which format it saves the screenshot in and in which folder? I noticed, that my settings I made in shutter also affect the settings of xfce4-screenshooter (but not all). EDIT: The man page sais, there is an -o option to open it with an external program. How can I make this default? Then I could set there an external program, that automatically compresses the screenshot to an emailable size

    Read the article

  • Ubuntu 13.XX unable to mount USB HDD. Tried everything. I/O error boot sector/file system

    - by XaviGG
    I know that there are many posts related but none of them helped me. I will jump to the last test because it is the one that should work, but it does not. An external HDD with single partition slow NTFS formatted in Windows, empty and clean. Checked for errors, it tells that not errors where found. Moving to Ubutnu 13.04... Gparted throws the first error when trying to read the disk: Input/output error It appears as unknown the content of the disk. Unable to create partition table or format it, getting the same error when trying. If I try to mount it in the terminal it tells me the same, specifying that also there is an I/O error reading the boot sector. I have this problem since I upgraded (always with fresh install) to 13.04. I thought it will be solved by the 13.10 but it has the same behavior. I tried with two different HDD (HD and SSHD) that work perfectly in Windows 7. In 13.04 at least I got a trying of mounting where the icon of the drive started showing and disappearing until finally it disappeared. But now it doesn't even try. Possible causes: -The HDD was my old main HDD, so it had WIN,RECOVERY,SYSTEM,UBU,SWAP partitions. Maybe the way or place where the partition table is defined is not the best for an external HDD but I don't know a lot in that topic. I would appreciate a lot if someone can give me a guideline to convert one of these HDD in a working external HDD. No files to recover, nothing to care about. Just format completely the disk and be able to use it for storing backups without having to move the files first to the windows partition, load windows and then copy them to the external HDD. Because I want to use a file comparator for the backups. Thanks a lot Edit 1: I found an option in Windows to convert it to a dynamic HDD that warns me that I wont be able to run O.S. after changing. I suppose that is what I need because in the current mode I cannot safely extract it. But it tells me an error that it couldn't change the mode.

    Read the article

  • How to calculate continuous motion with angular velocity in 2d

    - by Rulk
    I'm really new with physics. Maybe someone would be able to help me to solve the next problem: I need to calculate position of an agent on the plane(2D) in next time step where time step is large(20+ seconds) What I know about agent's motion: Initial Position Direction(normalised vector) Velocity(linear function from time ) - object always moves along it's direction Angular Velocity(linear function from time) Optional: External force direction External force (linear function from time) Running discreet simulation with t-0 is not an option.

    Read the article

  • I can't shut down nor reboot without console

    - by jgomo3
    After update from 11.04 to 11.10 an wired conduct appears in my machine: Shutdown GUI methods (including reboot) cause only a log off, and in the login screen, shutdown nor reboot options do anything (if you wonder, reboot appears in the shutdown dialog). The only way i can reboot or shutdown is trough console sudo shutdown -h now or sudo reboot. This is OK for me, but not for the rest of the users. How to fix this? Update The syslog output when select shutdown from my desktop is: AptDaemon: INFO: Quitting due to inactivity AptDaemon: INFO: Quitting was requested CRON[5095]: (root) CMD ( [ -x /usr/lib/php5/maxlifetime ] && [ -d /var/lib/php5 ] && find /var/lib/php5/ -depth -mindepth 1 -maxdepth 1 -type f -cmin +$(/usr/lib/php5/maxlifetime) ! -execdir fuser -s {} 2>/dev/null \; -delete) CRON[5094]: (root) MAIL (mailed 1 byte of output; but got status 0x00ff, #012) kernel: [17027.614974] psmouse.c: TouchPad at isa0060/serio4/input0 lost sync at byte 1 kernel: [17027.616510] psmouse.c: TouchPad at isa0060/serio4/input0 lost sync at byte 1 kernel: [17027.618037] psmouse.c: TouchPad at isa0060/serio4/input0 lost sync at byte 1 kernel: [17027.619557] psmouse.c: TouchPad at isa0060/serio4/input0 lost sync at byte 1 kernel: [17027.621046] psmouse.c: TouchPad at isa0060/serio4/input0 lost sync at byte 1 kernel: [17027.621051] psmouse.c: issuing reconnect request acpid: client 1032[0:0] has disconnected acpid: client connected from 1032[0:0] acpid: 1 client rule loaded gnome-session[1836]: WARNING: Unable to stop system: Authorization is required acpid: client 1032[0:0] has disconnected acpid: client connected from 6055[0:0] acpid: 1 client rule loaded rtkit-daemon[1313]: Successfully made thread 6134 of process 6134 (n/a) owned by '119' high priority at nice level -11. rtkit-daemon[1313]: Supervising 4 threads of 2 processes of 2 users. rtkit-daemon[1313]: Successfully made thread 6139 of process 6134 (n/a) owned by '119' RT at priority 5. rtkit-daemon[1313]: Supervising 5 threads of 2 processes of 2 users. rtkit-daemon[1313]: Successfully made thread 6140 of process 6134 (n/a) owned by '119' RT at priority 5. rtkit-daemon[1313]: Supervising 6 threads of 2 processes of 2 users. I suspect that the line gnome-session[1836]: WARNING: Unable to stop system: Authorization is required is related to the issue. When selecting shutdown from the login screen, the output is the same from the line pointed. This is the output: gnome-session[1836]: WARNING: Unable to stop system: Authorization is required acpid: client 1032[0:0] has disconnected acpid: client connected from 6055[0:0] acpid: 1 client rule loaded rtkit-daemon[1313]: Successfully made thread 6134 of process 6134 (n/a) owned by '119' high priority at nice level -11. rtkit-daemon[1313]: Supervising 4 threads of 2 processes of 2 users. rtkit-daemon[1313]: Successfully made thread 6139 of process 6134 (n/a) owned by '119' RT at priority 5. rtkit-daemon[1313]: Supervising 5 threads of 2 processes of 2 users. rtkit-daemon[1313]: Successfully made thread 6140 of process 6134 (n/a) owned by '119' RT at priority 5. rtkit-daemon[1313]: Supervising 6 threads of 2 processes of 2 users. acpid: client 6055[0:0] has disconnected acpid: client connected from 6055[0:0] acpid: 1 client rule loaded

    Read the article

  • RAID-1 and regular drive removal (using RAID-1 as a backup measure)

    - by Vi
    Is using mdadm's RAID-1 of 2 partitions (one on laptop's internal HDD, one on external HDD) a good idea. I want the system to work as RAID-1 if both drives are present, work as regular volume (degradad RAID-1) if external HDD is unplugged and quickly resync when I plug external HDD again. Questions: Is it a good idea? Will write-intent bitmap be enough for this task or I need something else? Should I consider doing it at filesystem level (3b. if yes, how?). Basic requirements are: Quick resync when I re-add the external drive (provided I hasn't changed that partition). More or less consistent data on the removed drive if I remove it not during write/resync operation. If I remove the drive during resync I expect the data to be somewhat inconsistent, but expect quick resync completion when I re-add it again. E.g. I want the the remaining drive to track what is changed (there can be a lot of changes) and that sync back only those parts that need it.

    Read the article

  • RRAS DNS Entries from Windows Vista / 7 Clients

    - by Christopher
    How do I stop a Win 2003 RRAS server from sending it's own DNS info to the VPN Client? We have RRAS running on Win 2003 Server. The server has a fixed IP, but the RRAS is setup to use DHCP for assigning VPN client IPs. Our DHCP is setup to send 4 DNS server entries in this order: Internal DNS Server Backup Internal DNS Server External DNS Server Backup External DNS Server Here's the thing: the RRAS server seems to automatically send it's own DNS entries (from it's NICs) to the client first, and then the entries from DCHP are applied. But since the RRAS server has Internal DNS and Backup Internal DNS as it's own DNS entries, it sends these first, and when the DCHP DNS entries come down, only the ones not already added get added (just the externals). This results in the following DNS list on the VPN client: External DNS Server Backup External DNS Server Internal DNS Server Backup Internal DNS Server This is no good of course, because internal names will no longer resolve. How do I stop the RRAS server from sending it's own DNS info to the VPN Client? Note this doesn't seem to happen on WinXP - it gets the DNS servers direct from the DHCP in the correct order.

    Read the article

  • Migrating from "partial" Exchange 2003 to full Exchange 2003 usability

    - by TheCleaner
    I have a client that is using Exchange 2003 on SBS 2003 R2, but only for calendar sharing and contacts sharing. Their email is still coming to their clients via a POP3 account on each client's Outlook. I'd like to move them over to using Exchange for both email and the other things they are utilizing it for now. Can you folks guide me in the right direction? The setup: external domain is akin to domain.com (and is where they get their POP3 email from now) internal domain is akin to domain.local only simple hardware firewall (no ISA) static external IP is available to use My "assumptions": Setup SMTP default connector in Exchange for their existing external domain Have their existing email backed up to PST files (just in case) Setup the new MX records to point domain.com to the static external IP I'm a little confused how I'm going to setup their existing Exchange accounts with the proper SMTP address though. Right now it is just [email protected]. Do I just need to modify or create a new recipient policy? Are there other steps involved that I'm missing? Anyone with a walkthrough or even a basic "steps" is fine. I'm fairly used to Exchange 03, but I've been on Exchange 07 for a while now so going back is the weird part...plus I don't know what issues Exchange 03 on SBS has versus the normal "version". Thanks for all the help!

    Read the article

  • Sophos UTM in Hyper-V

    - by TheD
    So, I had a previous thread about this Virtualizing Firewalls/UTM. Essentially, I have configured what I think would work, but networking isn't my strong point! Two Virtual Adapters - with IP addresses 192.168.0.2 (External) and 192.168.0.3 (Internal) respectively. The External Adapater looks at 192.168.0.1 (my Zyxel) for it's default gateway. The Internal Adapter, 192.168.0.3, which is what the Sophos UTM listens on, has it's default gateway set to 192.168.0.2, the IP of the External Lan interface. So, PC (192.168.0.11, DHCP) --> (LAN) --> Switch --> 192.168.0.3 (Internal LAN Interface IP) --> Sophos UTM --> 192.168.0.2 (External LAN Interface IP) --> 192.168.0.1 --> Internet Would this be the correct setup, or am I completely out of the game here? Cheers!

    Read the article

  • Will having 2 MX records pointing to different mail server types cause delivery issues?

    - by Lyken
    I've inherited a setup where the mail server is exchange 2010. For some reason, I'm not sure why there is 2 MX records setup. One being the exchange server which is the higher priority while the external (non-exchange) server is the secondary mx record. I don't believe this was done for redundancy reasons as the other mail server is not set to route mail back to the exchange server (it's just the webhosts email for their hosting) The client has been experiencing disappearing email, however after my investigations its not actually disappearing, but exchange is successfully receiving the mail and then passing it on to the external server. It isn't happening all the time, just with some email messages from some domains. My question: Is exchange passing the mail on because it can see the secondary MX record and is configured (somewhere) to send mail out? If so, how do I stop it? Is it as easy as just removing the second MX record pointing to the external mail server and exchange will stop passing mail on? I'm not exchange expert so I'm kinda stumped. Exchange MX tools are saying everything is setup and configured correctly from an external point of view.

    Read the article

  • Permissions on mac for itunes library with multiple users - idea

    - by John
    I currently have a lot of music on an external drive and my itunes set up from there. However, periodically, when the external drive isn't connected, itunes will default back to the library location of my home directory user path. I don't want to mess with an external drive, as my mac HD is large enough to house the music collection. However, I have 4 family members - all with their own logins - using this same gob of music. I don't want 4 copies of the library, only one with all libraries referencing it. So, what I want to do is: 1 - move all music files to a shared directory at /Macintosh HD/users/music. I created this directory and adjusted permissions, so all four users can read and write to this directory. 2 - get all four accounts to reference this library instead of the external or local home locations I am hoping I can just check the box to keep library organized in my account, which is the admin and let itunes move it all. Then delete current libraries for each account and re-add from the new shared location. Will the itunes organization process cause permissions issues either by setting permissions to all the files access to my account only or write permissions or any other 'gotcha'? I am having a hard time coming up with a smooth solution that won't break everything and cause me to have mega duplicates or access issues. I would prefer not to do any xml library file editing if possible. Am I dreaming? Thanks for help.

    Read the article

  • Configuration Help for Sendmail Required

    - by Vinayak Mahadevan
    Hi I need some help with respect to sendmail configuration. The basic problem is that I have some employees working from other places and they need access to their mail. So what I have done right now is whatever mails which are meant for them which are generated from within the company and collected by my internal mail server is bounced to an external mail server from where the employees access it. This is done through a email id on a different domain. This was working fine till I restricted the external mailing access for certain users using rulesets in sendmail.cf. Once I had put that in place only people who had external mailing rights could send mails to people outside the office. What I would like to know is that is there anyway where I can expose sendmail on two different ips and thereby configure everybody's email id to point to the same internal mail server using 2 different ips. one ip when inside the company and one ip outside the company. Is it possible that I have one static ip configured for both internal access and external access or is there any otherway it can be done with sendmail. Can anybody help me Sorry for the long post Regards Vinayak

    Read the article

  • In spite of correct DNS, Exchange sending to wrong destination server for single outbound domain

    - by beporter
    My company uses an SBS 2003 server and makes use of Exchange to host our own email. We also have a linux server hosting domains for some of our clients. In order for us to send to those clients, we had internal DNS set up to shadow the client domains to provide "correct" MX records inside our network. For example, public DNS for a domain abc.com might point to 1.2.3.4, but internally we have MX records set up to route mail for abc.com to 172.16.0.4, which is the linux email server. This setup was entirely functional; this is just back story. We've recently moved one of our client domains from our internal linux server to an external email provider. When we did that, we naturally deleted our internal shadow DNS records so our Exchange server would fetch correct (public) DNS records and route mail out to the new external host. This has NOT had any effect on Exchange though. Even after rebooting the Exchange server and completely flushing the DNS cache (nslookups on the Exchange machine itself correctly resolve to the new external address) Exchange still attempts to deliver messages for the domain to our internal server! Exchange correctly routes to all other internal and external domains when sending email. Somehow Exchange is trying to deliver to a machine that by all accounts it has no business trying to use for just this one domain. Is there a DNS cache that Exchange uses internally? Is there a way to flush that internal cache? What else could I be missing?

    Read the article

  • Removing forward lookup zone broke our site - why?

    - by user102469
    I'm fairly new to the job and trying to get to grips with the infrastructure here. We've moved a site from being locally hosted on our own network to an external host (1&1). I've transferred the DNS hosting from the previous DNS host to 1&1 to keep things simple. Once everything had gone through, visitors that were external to our network were being directed to the new site on 1&1 but requests from within our network were still going to our own server. I noticed in the DNS server that there was a forward lookup zone for the site pointing to our own server still. My (admittedly simplistic) understanding was that pausing that zone would then cause the DNS server to get the address for the site from our external DNS servers and our users would start landing on our new site. However, what happened instead was that they were being met with "page not found" type errors. I've resolved it my modifying the forward lookup zone A record to point to the external web server but would like to get an understanding as to why pausing the zone didn't work. Would deleting the zone work? I am reluctant to try that as creating it again will not be as easy as simply pressing "start". Many thanks.

    Read the article

  • Setting Windows 7's Recycle Bin to automatically have a default disk space allocation for deleted files from newly mounted drives

    - by galacticninja
    How do I set Windows 7's Recycle Bin to automatically have a default disk space allocation for deleted files from external hard drives and TrueCrypt-mounted volumes? I remember in Windows XP, I can set a percentage of total disk space that will automatically be used as storage capacity for deleted files by the Recycle Bin, and this will be applied to all external HDs or TC-mounted volumes. Windows 7 defaults to the 'Don't move files to the Recycle Bin. Remove files immediately when deleted' setting for newly mounted external HDs and TC mounted volumes. Since I am expecting deleted files to go to the Recycle Bin, sometimes this causes an 'Oops' when I delete files in external hard drives or TC mounted volumes, as Windows does not move deleted files to the Recycle Bin, but just deletes the files permanently. I have to remember to manually set a custom Recycle Bin storage space for each new drive that is mounted by Windows to avoid this issue. I only use and mount TrueCrypt file containers, not drives. I also don't mount TrueCrypt file containers as removable drives. ('Mount volume as removable medium' is unchecked in Mount Options.) In my $Recycle.Bin > Properties > Security settings, 'System' and 'Administrators' are already set to 'Full Control', while 'Users' only have 'Special Permissions' checked in gray. There are no other groups. I haven't changed or edited anything in these settings. I am using Windows 7 Ultimate.

    Read the article

  • Permissions in OS X for iTunes library with multiple users

    - by John
    I currently have a lot of music on an external drive and my iTunes set up from there. However, periodically, when the external drive isn't connected, iTunes will default back to the library location of my home directory user path. I don't want to mess with an external drive, as my Mac's HD is large enough to house the music collection. However, I have 4 family members – all with their own logins – using this same gob of music. I don't want four copies of the library, only one with all libraries referencing it. So, what I want to do is: Move all music files to a shared directory at /Macintosh HD/users/music. I created this directory and adjusted permissions, so all four users can read and write to this directory. Get all four accounts to reference this library instead of the external or local home locations I am hoping I can just check the box to keep library organized in my account, which is the admin and let iTunes move it all. Then delete current libraries for each account and re-add from the new shared location. Will the iTunes organization process cause permissions issues either by setting permissions to all the files access to my account only or write permissions or any other 'gotcha'? I am having a hard time coming up with a smooth solution that won't break everything and cause me to have mega duplicates or access issues. I would prefer not to do any XML library file editing if possible. Am I dreaming?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 96 97 98 99 100 101 102 103 104 105 106 107  | Next Page >