Search Results

Search found 5414 results on 217 pages for 'rules and alerts'.

Page 114/217 | < Previous Page | 110 111 112 113 114 115 116 117 118 119 120 121  | Next Page >

  • openldap search acl

    - by Patrick
    I'm trying to write an access control for OpenLDAP to allow a user to search with a certain base dn, but only get results back from certain sub dn's. I've played with lots of different rules but cant get it to work. I'm not sure its even possible. For example: I have the user with the dn uid=testuser,ou=people,dc=example,dc=com. I want this user to be able to search with a base of dc=example,dc=com and get back entries in ou=people,dc=example,dc=com. There are lots of other sub OUs under dc=example,dc=com, but only entries in ou=people should be returned (for bonus, I'd only like certain attributes to be returned as well). Can this be done?

    Read the article

  • allow SSH to bypass VPN on OSX mavericks, openvpn, pf

    - by zycho42
    My home computer connects to the internet through an OpenVPN connection. However, I would like to be able to connect to my home computer from outside over ssh. Ssh is set up and working, but when I connect to the vpn ssh is only accessible from inside my home network. I figure what's going wrong is my router forwards incoming ssh connections to my mac, but then my mac replies over the vpn, so the connection from outside times out. I've got pf set up for a couple of other things, but I can't figure out how to let the ssh replies bypass the vpn using pf. I've come across other solutions that use ip tables, routing tables and rules, but I can't figure out how to set that up on mavericks. I've been searching for this for a while now but I haven't found a working solution. Any help would be greatly appreciated!

    Read the article

  • Can I use MX records to deliver some addresses to Google Apps and some to my server?

    - by Josh
    I have whm installed on my VPS, which my domain MX records are pointing to: 0:mail.mydomain.com and whm/cpanel has mail forwarding rules which pipes certain @mydomain email addresses into my CRM software. But for certain email addresses I want to forward into Google Apps. For example, [email protected], [email protected] pipes into cPanel -- CRM (mail.mydomain.com) but [email protected] should be going to Google MX records. Is that possible? The reason why is I want to register for Google Apps such as analytics and other Google services under [email protected]. My initial thoughts were to add a subdomain such as [email protected] and point that subdomain's MX records to Google.. but I want to avoid this if possible.

    Read the article

  • When to increase AWS RDS MySQL Server instance to larger CPU/RAM?

    - by rksprst
    I'm wondering at what stage do I need to increase the image for the RDS MySQL server to a larger CPU/RAM instance. The CPU utilization graph is near 0. The Avg Free Memory is around 150MB. The Avg Swap Usage is 420MB. Read Latency is 0-20ms/op it spikes up randomly. Avg write latency is on average 5ms/op but spikes up to 10-20ms/op. Are there some common rules here that I should follow? Thanks!

    Read the article

  • Proxification rulte for System process

    - by kseen
    I'm trying to configure Microsoft Visual Studio 2010 remote debugging and ran into issue: while connecting to remote computer running MSVSMON, client computer sends SYN request for connection. It makes it under the System process (as I see it in TCPView). As every network apps should be configured to use proxy in our network, I'm trying to add devenv.exe to proxification rules to make its traffic goes thru LAN's proxy server. It doesn't help. So my question is how can I make that low-level-system traffic will go through local area network proxy server?

    Read the article

  • Why is port 444 open on this router?

    - by TJ Thind
    I have a Cisco RV110W. I ran nmap at it from the outside and nmap reports that the router has tcp port 444 open. Yet there are no port forwarding rules specifying this port. It should as far as I can tell, be closed. There's even a service listening to that port which I can connect to through telnet. I threw some SNPP commands at it but the service doesn't respond to any of them so I don't believe it's SNPP. Does anyone have any idea why this particular router has tcp port 444 open? I haven't been able to find anything in the manual or on Cisco's website.

    Read the article

  • Cron stopped working, partially working.

    - by Robi
    Our cron script stopped working in different dates in August. What can be the possible reasons? We did not change anything. Our hosting showed us a log where we can see that cron is executing our scripts. But, nothing is happening in our scripts. If we manually execute the scripts, we're getting correct results like before. I showed the commands to hosting and they showed me that the commands are working. What should I tell my hosting? what should I do? They are php scripts which are executed by CRON and they just post to facebook and twitter. They don't execute any hard or huge things. I even asked my hosting if we broke any rules.

    Read the article

  • Linux box acting as wireless access point to share the internet connection

    - by Suresh
    A linux machine is connected to internet over two interfaces ppp0 and ppp1 using two modems. Also this machine acts as wireless access point through an interface say, eth0 with ip address 192.168.1.1 and acts as gateway for the connected devices through this network with subnet mask 255.255.255.0 Now is it possible to achieve the following: When any of the connected devices through wireless AP needs internet connection linux machine has to use ppp1 interface for internet. If any of the applications on the linux machine needs internet connection linux machine should use ppp0 interface for the internet. Can this be achieved by adding rules to chains in filter/nat tables? If the kernel routing table has a default rule to route the default traffic through interface ppp0, wil kernel completely ignore ppp1 for internet? PS: new to networking and routing concepts, If the question is not clear leave a comment, will try to give more information.

    Read the article

  • Routing only some local IPs through VPN on dd-wrt

    - by bo-inge-ostberg
    Much similar to this entry: http://serverfault.com/questions/94283/using-dd-wrt-to-connect-to-vpn-and-forward-all-traffic-of-certain-devices-through , I have set up my router with dd-wrt + OpenVPN to connect to a VPN. This works fine, and all traffic from behind the router goes through the VPN. How do I route(?) traffic in the router so that only certain IPs from the LAN will go through the VPN, while the others take the "normal" route? Is it also possible to allow traffic from certain local IPs to go ONLY through the VPN, making it impossible for them to use the regular internet connection if the VPN is down? I know this question was answered in the post I linked to, but that just doesn't seem to work for me. The routing table and rules change, but traffic still just goes through the VPN.

    Read the article

  • Managing Active Directory Group Membership with a Non-Administrator Account In Server 2008

    - by Laranostz
    I am running Server 2008 R2 in an Active Directory Domain Environment. I have created a group in Active Directory and I have delegated management authority to that group to a user. I want this user to be able to add and remove accounts as needed from that group so that they are exercising some measurement of control without giving them other authority. When I have the user attempt to access the Active Directory Users & Computers Console it prompts them for Administrator credentials. They are using Remote Desktop to access the server, because they do not have Windows 7, and firewall rules prevent using the Remote Management Kit. I do not want to provide them with any level of Administrative rights except the minimum required for them to add/remove users from this group. There are two servers that 'talk' to each other in this isolated environment, a domain controller and a member server, both are only reachable through RDP. Any suggestions?

    Read the article

  • freebsd ipfw tablearg.

    - by Shamanu4
    Hello. I'm configuring freebsd firewall and have such situation: 51000 pipe tablearg ip from not table(17) to table(20) out xmit ng* 51010 pipe tablearg ip from table(21) to not table(17) in recv ng* 51020 pipe tablearg ip from any to table(18) out xmit ng* 51030 pipe tablearg ip from table(19) to any in recv ng* tables 18,19,20,21 have client ip addresses and pipe numbers table 17 list of networks. rules 51020 and 51030 work fine but what is going at 51000 and 51010 ? How to determine firewall to take pipe number from tables 20 and 21 - not from 17 ?

    Read the article

  • Unable to log into Ubuntu

    - by Rodnower
    I have Ubuntu 12.04.1. Last time I did nothing especial, but suddenly some problem appear: I have a login screen (using lightdm), when I attempt a login, I get a console session and returned to the login screen. I see that it is a known issue, so I tried everything from following steps: To removed .XAuthority Configure to use gdm Reinstall lightdm To include my user to nopasswdlogin group But nothing help... So, these are errors from /var/log/auth.log: Oct 3 01:11:48 alphabet-2 lightdm: pam_unix(lightdm:session): session opened for user lightdm by (uid=0) Oct 3 01:11:48 alphabet-2 lightdm: pam_ck_connector(lightdm:session): nox11 mode, ignoring PAM_TTY :0 Oct 3 01:11:48 alphabet-2 lightdm: pam_succeed_if(lightdm:auth): requirement "user ingroup nopasswdlogin" not met by user "andrey" Oct 3 01:11:48 alphabet-2 dbus[704]: [system] Rejected send message, 2 matched rules; type="method_call", sender=":1.35" (uid=104 pid=1709 comm="/usr/lib/indicator-datetime/indicator-datetime-ser") interface="org.freedesktop.DBus.Properties" member="GetAll" error name="(unset)" requested_reply="0" destination=":1.14" (uid=0 pid=1169 comm="/usr/sbin/console-kit-daemon --no-daemon ") Any ideas?

    Read the article

  • Gre tunnel Linux Cisco

    - by mezgani
    I've created a GRE tunnel between LAN A and LAN B. LAN A is behind a router, and LAN B is behind a Linux box and this box has a pppoe interface. When i do tcpdump on Linux box i see that the traffic is routerd to Linux box (tunnel end), so my need is routing the tunnel traffic to internet. I've added these rules to my iptables script, and i stay unable to connect to internet from LAN A Permitting Linux to act as router (necessary to forward packets) echo "1" /proc/sys/net/ipv4/ip_forward iptables -A INPUT -p 47 -j ACCEPT iptables -A FORWARD -i ppp0 -j ACCEPT iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -t nat -A POSTROUTING -o gre0 -j MASEQUARADE What i've forgot to set in this case?

    Read the article

  • Cant logon to domain over site-to-site vpn

    - by 3molo
    Tied together branch office with main office over two Cisco ASAs. The (internal) networks on either side can communicate with the other. I can ping, use the DC's DNS service and even join a domain on a new client. I can't however logon, I get the "domain controller is not available" error message on client. I find nothing peculiar in DC's event logs. Sicne it's site-to-site (with ping), it's always up so it should work. No firewall rules (except allow any any) between the two networks (of either side). Main site internal net: 10.10.10.0/24 Branch office net: 10.180.3.0/24 Am I overlooking something here? Where should I start investigating this?d

    Read the article

  • How to test if SYN and FIN are both dropped at the same time in hping3?

    - by snow
    One of the rules to prevent unexpected attack is to prevent SYN & FIN being used together. SYN and FIN are both set $IPT -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP How do I use hping to test if this iptable rule works? hping3 192.168.7.0 --keep -S -F??? Is this complete? When just type iptables -L, it shows: Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere DROP tcp -- anywhere anywhere tcp flags:FIN,SYN/FIN,SYN WHY do I need to put the "SYN,FIN" twice before drop? Is it because one for source and one for destination?

    Read the article

  • What advantages does mod_evasive have over mod_security2 in terms of DDOS protection?

    - by Martynas Sušinskas
    Good day, I'm running an Apache2 server in front of a Tomcat and I need to implement a DDOS protection mechanism on the Apache2 layer. I have two candidates: mod_evasive and mod_security2 with the OWASP core rule set. Mod_security is already installed for overall protection, but the question is: is it worth adding mod_evasive besides mod_security just for the DDOS (does it have any major advantages) or the OWASP crs rules in the /experimental_rules/ directory (modsecurity_crs_11_dos_protection.conf) provide the same protection? Or it's just a matter of preference? The sites are not very high traffic normally. Thank you for your answers, Martynas

    Read the article

  • Is it possible to disable the retry mechanism in Exim

    - by Tony Meyer
    I have a very simple Exim configuration that's just forwarding all mail to a set of destination addresses. When immediate delivery to an address fails, the message is added to the queue (and then processed by the retry rules). I want to change this so that if immediately delivery fails, the message is :blackhole:d. (It's ok if a bounce is generated instead, as I'll just redirect the bounce to the :blackhole:). This needs to occur for temporary failures (i.e. 4xx) as well as permanent (i.e. 5xx) ones. I understand that this means that if delivery can't be done immediately the message will be permanently and irretrievably lost. In this particular context, that isn't a problem. Reading over this, it sounds suspiciously like "how can I improve my spamming Exim server". That really isn't what this is for, and if you can figure out a way I can prove that, I'm happy to do so!

    Read the article

  • SSL and mod_rewrite error

    - by wnoveno
    Hi, I have https on my site. Pages with rewritten URL in my site are inaccessible while direct urls (folders). here's the htaccess ## 2009-12-17 16:52 JGC [START] ## Enable http compression for this site <IfModule mod_deflate.c> SetOutputFilter DEFLATE ## Directive "DeflateCompressionLevel" not allowed in .htaccess, only valid in server config and virtual hosts # DeflateCompressionLevel 9 # file-types indicated will not be compressed SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary SetEnvIfNoCase Request_URI \.(?:swf|flv|pdf)$ no-gzip dont-vary SetEnvIfNoCase Request_URI \.(?:exe|t?gz|zip|gz2|sit|rar)$ no-gzip dont-vary <IfModule mod_headers.c> Header append Vary User-Agent </IfModule> </IfModule> ## 2009-12-17 16:52 JGC [END] ## 2010-03-05 16:05 JGC [START] #<IfModule mod_alias.c> #RedirectMatch 301 ^(/)$ /online-casino-poker-register.html #RedirectMatch 301 ^(/en)$ /en/online-casino-poker-register.html #RedirectMatch 301 ^(/en/)$ /en/online-casino-poker-register.html #RedirectMatch 301 ^(/en\.html)$ /en/online-casino-poker-register.html #RedirectMatch 301 ^(/sc)$ /sc/online-casino-poker-register.html #RedirectMatch 301 ^(/sc/)$ /sc/online-casino-poker-register.html #RedirectMatch 301 ^(/sc\.html)$ /sc/online-casino-poker-register.html #RedirectMatch 301 ^(/ch)$ /ch/online-casino-poker-register.html #RedirectMatch 301 ^(/ch/)$ /ch/online-casino-poker-register.html #RedirectMatch 301 ^(/ch\.html)$ /ch/online-casino-poker-register.html #</IfModule> ## 2010-03-05 16:05 JGC [END] ## # @version $Id: htaccess.txt 10492 2008-07-02 06:38:28Z ircmaxell $ # @package Joomla # @copyright Copyright (C) 2005 - 2008 Open Source Matters. All rights reserved. # @license http://www.gnu.org/copyleft/gpl.html GNU/GPL # Joomla! is Free Software ## ##################################################### # READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE # # The line just below this section: 'Options +FollowSymLinks' may cause problems # with some server configurations. It is required for use of mod_rewrite, but may already # be set by your server administrator in a way that dissallows changing it in # your .htaccess file. If using it causes your server to error out, comment it out (add # to # beginning of line), reload your site in your browser and test your sef url's. If they work, # it has been set by your server administrator and you do not need it set here. # ##################################################### ## Can be commented out if causes errors, see notes above. Options +FollowSymLinks # # mod_rewrite in use RewriteEngine On #RewriteLog "/var/www/html/dafa888/rewrite.log" #RewriteLogLevel 3 RewriteCond %{HTTP_COOKIE} !jfcookie\[lang\] [NC] RewriteCond %{HTTP:Accept-Language} ^zh-cn [NC] RewriteRule ^$ /sc/ [L,R=301] RewriteCond %{HTTP_COOKIE} !jfcookie\[lang\] [NC] RewriteCond %{HTTP:Accept-Language} ^zh-tw [NC] RewriteRule ^$ /ch/ [L,R=301] #RewriteCond %{HTTP_COOKIE} !jfcookie[lang] [NC] #RewriteCond %{HTTP_COOKIE} jfcookie\[lang\] [NC] #RewriteCond %{HTTP_COOKIE} jfcookie\[lang\]=([^;]+) [NC] #RewriteRule ^(.*)$ /%1/$1 [NC,QSA] ########## Begin - Rewrite rules to block out some common exploits ## If you experience problems on your site block out the operations listed below ## This attempts to block the most common type of exploit `attempts` to Joomla! # # Block out any script trying to set a mosConfig value through the URL RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR] # Block out any script trying to base64_encode crap to send via URL RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR] # Block out any script that includes a <script> tag in URL RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR] # Block out any script trying to set a PHP GLOBALS variable via URL RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR] # Block out any script trying to modify a _REQUEST variable via URL RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) # Send all blocked request to homepage with 403 Forbidden error! RewriteRule ^(.*)$ index.php [F,L] # ########## End - Rewrite rules to block out some common exploits # Uncomment following line if your webserver's URL # is not directly related to physical file paths. # Update Your Joomla! Directory (just / for root) RewriteBase / #RewriteCond %{HTTP_HOST} ^(.*)$ [NC] #RewriteRule ^(.*)$ http://www.%1/$1 [R=301] ########## Begin - Joomla! core SEF Section # RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_URI} !^/index.php RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$ [NC] RewriteRule (.*) index.php RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L] # ########## End - Joomla! core SEF Section

    Read the article

  • How much traffic a linux-based shaper would be able to chew

    - by facha
    Hi, everyone I have a linux based traffic shaper (iptables + tc htb policy). It works in bridge mode. Shapes traffic based on IPs and ports (there are about 100 rules in the "mangle" chain of iptables). Right now its throughoutput is about 100 mb/s (I don't remember pps, there are about 800 users in the network). Just was wondering - when I will hit the limit. How much traffic could a linux-based shaper possibly get throuhg it. If you have one under heavy load, please could you write what machine you use and what load there is. Or if you have any other info about the subj, please write as well. Thanks in advance.

    Read the article

  • Why is my firewall preventing me from accessing some websites

    - by nosx
    I have an old Belkin router and when I enable the firewall I cannot access certain websites. For example: http://www.avisynth.org With Firewall Enabled: Main page loads and begins to do a meta refresh which never finishes. With Firewall Disabled: Main page loads and the meta refresh completes as normal and I am taken to the wiki page. I have not setup any rules in my firewall that would prevent this site from loading, yet it refuses to load unless I have the firewall disabled completely. My router has a hidden page with advanced settings on it for the firewall which I was able to acccess and take a screenshot of, but I did not want to mess with these values unless I absolutely have to do so: What might be causing this problem and how would I go about fixing it?

    Read the article

  • Run one virtual machine on a Linux server + standard Linux functions

    - by fistameeny
    Hi, I am looking for a method to setup a Linux server (running Ubuntu Server) that uses Samba for file sharing, as well as hosting a Windows virtual machine (in this case, Windows Small Business Server 2003, which in turn hosts SQL Server Express - Exchange won't be used on this). I would like to have the Linux server serving the files over Samba, and hosting the Virtual Machine. This obviously rules ESXi out as it couldn't do Samba at the same time. What would be the next best solution to give reasonable speed? Vmware Server 2.0, VirtualBox, Xen? There will be 10-15 users accessing the Samba shares and the SQL Express virtual machine. Matt

    Read the article

  • Getting back the old alt-tab windows switching behavior in Windows 7?

    - by Carlos A. Ibarra
    When you run more than 6 applications on Windows 7 and you press alt-TAB, icons representing the first 6 applications and the desktop appear on the first row of the grid and you can cycle with alt-TAB-TAB... through the 6 most recently used windows the usual way, but the 7th and other less recently used windows don't follow the same rules. Instead they get grouped together according to their application but disregarding whether they were recently used or not. This new behavior is mentioned here. I am very used to the old way of cycling and the new system is driving me crazy. I tend to have 20 or so windows open at one time and I frequently need to alt-tab to the 7th or 8th window on the stack but it doesn't work the same anymore. Does anyone know how to put back the old behavior, so that alt-tab-tab-tab... goes through the whole list in most-recent to least-recent order?

    Read the article

  • Tracking Security Vulnerability remediation

    - by Zypher
    I've been looking into this for a little while, but havn't really found anything suitable. What I am looking for is a system to track security vulnerability remdiation status. Something like "bugzilla for IT" What I am looking for is something pretty simple that allows the following: batch entry of new vulnerabilities that need to be remediated Per user assignment AD/LDAP Authentiation Simple interface to track progress - research, change control status, remediated, etc. Historical search ability Ability to divide by division Ability to store proof of resolution for the Security Team to access Dependency tracking Linux based is best (that's my group :) ) Free is good, but cost doesn't matter so much if the system is worth it The systems doesn't have to have all of these features, but if it did that would be great. yes we could use our helpdesk software, but that has a bunch of pitfalls such as triggering SLA alerts and penalties as well as not easily searchable outside of a group. Most of what I have found are bug tracking systems that are geared towards developers, and are honstely way overkill for what I am looking for. Server Faults input is greatly appreciated as always!

    Read the article

  • windows firewall and network location switch after establishing a vpn connection

    - by Konrads
    Hello, I am looking for a reasonable solution for network location switching after VPN connection is established for Windows 7. The scenario is as follows: For location public (employee plugging in his laptop in hotel, public wi-fi,etc) all inbound connections are restricted, only outbound VPN + www is enabled. Employee then initiates a VPN connection, VPN pushes routes to 10.0.0.0/8 subnet Now I would like to have lax security rules for traffic from/to 10.0.0.0/8 that comes through the VPN interface, while still protecting the laptop from traffic that comes via uplink interface as if it was private. How to achieve this switching and duality? One option I see is switching to IPSec...

    Read the article

  • Custom Filter in cPanel to Auto-Delete Emails with Russian Characters

    - by John Conde
    I get a lot of spam to my email account from Russia. The emails themselves (name, subject, body) are in Russian and I was hoping to create a custom filter in cPanel (not in SpamAssassin but in cPanel itself) to catch these emails and delete them before they hit my inbox. I've tried setting up rules to flag emails with these characters but they still are getting through. This leads me to believe that there is an encoding issue at play here. Unfortunately I do not know how to overcome this. Ideas?

    Read the article

< Previous Page | 110 111 112 113 114 115 116 117 118 119 120 121  | Next Page >