Search Results

Search found 13119 results on 525 pages for 'tcp ip'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 114/525 | < Previous Page | 110 111 112 113 114 115 116 117 118 119 120 121  | Next Page >

  • Programmatically add IP(s) or domain(s) to Relay Restrictions in SMTP Virtual Server on IIS 6

    - by RJ
    I have been given a task to create an admin page to programmatically add IPs or domains to a SMTP Relay Restrictions using C#. I spent some time researching this since yesterday and finally traced this down to a few posts on several website that use the System.DirectoryServices.DirectoryEntr class. Using the examples I found, I can add or deny IPs or domains under Connection control but not Relay Restrictions. What would be the commands in C# to add IPs to the Relay Restrictions? Below is a pic of the GUI in IIS for reference.-

    Read the article

  • LogParser query to grab only external IP addresses from IIS logs?

    - by Josh
    I'm working on a public website that is used by both external visitors and internal employees. I'm after the external visitor hits, but I can't think of a good way to filter out the internal IP ranges. Using LogParser, what is the best way to filter IISW3C logs by IP range? This is all I've come up with so far, which can't possibly be the best or most efficient way. WHERE [c-ip] NOT LIKE (10.10.%, 10.11.%) Any help is appreciated.

    Read the article

  • How to stop IIS7 from listening on a specific IP address and port?

    - by webworm
    I am trying to install Apache on Windows Server 2008. The installation ends with a warning that the IP address I configured Apache to listen on cannot be bound. When I use netstat -a -p tcp to see if any processes are listening on the IP address and port I see several entires .. one of which shows as listening on 0.0.0.0:80. Here is a partial list of the output. Proto Local Address Foreign Address State TCP 0.0.0.0:80 MYSERVERNAME:0 LISTENING This looks to be IIS7 listening on all IP addresses on port 80. The confusing thing is that I stopped IIS7. All websites are shown as stopped. I tried iisreset /STOP as well as using the IIS7 Manager, yet something is still listening on 0.0.0.0:80. I have even made sure that every web site is bound to another IP address other than the one I want freed for Apache. Has anyone else run into this?

    Read the article

  • Are my iptables secure?

    - by Patricia
    I have this in my rc.local on my new Ubuntu server: iptables -F iptables -A INPUT -i eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --dport 9418 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -i eth0 -p tcp --sport 9418 -m state --state ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --dport 5000 -m state --state NEW,ESTABLISHED -j ACCEPT # Heroku iptables -A INPUT -i eth0 -p tcp --sport 5000 -m state --state ESTABLISHED -j ACCEPT # Heroku iptables -A INPUT -p udp -s 74.207.242.5/32 --source-port 53 -d 0/0 --destination-port 1024:65535 -j ACCEPT iptables -A INPUT -p udp -s 74.207.241.5/32 --source-port 53 -d 0/0 --destination-port 1024:65535 -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -i eth0 -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT iptables -P INPUT DROP iptables -P FORWARD DROP 9418 is Git's port. 5000 is a port used to manage Heroku apps. And 74.207.242.5 and 74.207.241.5 are our DNS servers. Do you think that this is secure? Can you see any holes here? Update: Why is it important to block OUTPUT? This machine will be used only by me.

    Read the article

  • How do I access an Ubuntu VirtualBox guest at a static IP from an OS X host?

    - by David Siegel
    How does one configure an Ubuntu guest to use a static IP that's visible to an OS X host, and ensure that the static IP is independent of the host's network configuration? I previously used bridged networking for my guest, but I'm constantly moving my host between networks so the guest IP is always different. First, I tried setting the guest network configuration to NAT and forwarding host port 1022 to guest port 22, so I could at least ssh to a fixed address (localhost:1022): $ VBoxManage setextradata "Ubuntu Server" "VBoxInternal/Devices/e1000/0/LUN#0/Config/SSH/Protocol" "TCP" $ VBoxManage setextradata "Ubuntu Server" "VBoxInternal/Devices/e1000/0/LUN#0/Config/SSH/GuestPort" 22 $ VBoxManage setextradata "Ubuntu Server" "VBoxInternal/Devices/e1000/0/LUN#0/Config/SSH/HostPort" 1022 Then, $ ssh localhost -p 1022 ssh: connect to host localhost port 1022: Connection refused But this didn't work (guest has no network access with NAT and OS X refused the connection, as you can see). I'd love a general solution that would let me communicate with my guest at a fixed IP.

    Read the article

  • IP Address doesnt get passed with Squid as a reverse proxy.

    - by Arcath
    Im using squid as a reverse proxy to host multiple web servers on one internet IP. It works fine and has been doing so for the past few months. I have just noticed that every request sent to my servers is logged as comming from the squid servers IP address. Is there anyway to make squid pass the originating IP to the web servers?

    Read the article

  • IP Address doesnt get passed with Squid as a reverse proxy.

    - by Arcath
    Im using squid as a reverse proxy to host multiple web servers on one internet IP. It works fine and has been doing so for the past few months. I have just noticed that every request sent to my servers is logged as comming from the squid servers IP address. Is there anyway to make squid pass the originating IP to the web servers?

    Read the article

  • SMTP IP - Bad reputation, how do I work around?

    - by Louis van Tonder
    I recently had a spamming incident and got listed on a blacklist. I have rectified the issue, removed from the blacklist, but my IP reputation is now classified as a high volume sender. What is the best way to rectify this? I have an additional IP address. I am thinking configure my server to make outbound SMTP connections using the other IP. My questions are: How long does it take for my reputation to stabilize again? How do I configure my server/mailserver to use a specified outbound IP? Setup: Server 2008 Web hMailserver 2 IPs configured on one NIC Cloud based server Your urgent help would be greatly appreciated. Cheers

    Read the article

  • TIME_WAIT in netstat of Apache processes

    - by Howard
    What are the meaning of the TIME_WAIT when using netstat of my web server process? I am sure the web server is not over loaded. tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 15655/apache2 tcp 0 0 x.x.x.x:80 123.125.66.35:19667 SYN_RECV - tcp 0 0 x.x.x.x:80 113.138.59.140:12186 TIME_WAIT - tcp 0 0 x.x.x.x:80 66.249.67.121:59493 ESTABLISHED 23702/apache2 tcp 0 0 x.x.x.x:80 69.28.51.206:40652 TIME_WAIT - tcp 0 0 x.x.x.x:80 221.126.149.99:51877 TIME_WAIT - tcp 0 0 x.x.x.x:80 221.126.149.99:51872 TIME_WAIT - tcp 0 0 x.x.x.x:80 123.125.66.19:13084 TIME_WAIT -

    Read the article

  • JTextField that has inner fields or preformated format, something like the ip field in windows

    - by dimitar
    Hello guys, i want to create a text field that will be for date and will have dd.mm.YYYY format. Now what i want to do is the user to type only the numbers, not the dots to. So the field would be like: _ _. _ _ . _ _ _ _ So when the user wants to type the date: 15.05.2010 for example, he will only type the numbers in the sequence 15052010. Also i would like, when he preses on left or right arrow, the cursor to go from one field(not JTextField, but field in the JTextField). So lets say i have JTextField with text in it: 15.05.2010, so if user is on the beginning and he preses right arrow, the cursor to go to the .05 field. I hope you understand me 'cos right now i don't any idea how to make this, or at least how to look for it on google. Thank you.

    Read the article

  • Open ports for Apache Tomcat-7.0.32 on Linux Mandriva

    - by ivanov-void
    I installed Apache Tomcat-7.0.32 on Linux Mandriva and I want to make it accessible. for this I need to open ports in iptables. I added the following rules- iptables -A INPUT -p tcp -m tcp --dport 8081 --syn -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 8010 --syn -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 8444 --syn -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 8006 --syn -j ACCEPT then save and restart iptables - /etc/init.d/iptables save /etc/init.d/iptables restart verify, that ports is open - netstat -tulpn | less I am running command - netstat-ntpl | grep java and see - When I disable the firewall, I see the start page of the server on request - http://server_ip:8081/ When enable - server not accessible from outside. In what may be the cause? I would be most grateful for the information! Thank you!

    Read the article

  • How do I access an Ubuntu VirtualBox guest at a static IP from an OS X host?

    - by David Siegel
    How does one configure an Ubuntu guest to use a static IP that's visible to an OS X host, and ensure that the static IP is independent of the host's network configuration? I previously used bridged networking for my guest, but I'm constantly moving my host between networks so the guest IP is always different. First, I tried setting the guest network configuration to NAT and forwarding host port 1022 to guest port 22, so I could at least ssh to a fixed address (localhost:1022): $ VBoxManage setextradata "Ubuntu Server" "VBoxInternal/Devices/e1000/0/LUN#0/Config/SSH/Protocol" "TCP" $ VBoxManage setextradata "Ubuntu Server" "VBoxInternal/Devices/e1000/0/LUN#0/Config/SSH/GuestPort" 22 $ VBoxManage setextradata "Ubuntu Server" "VBoxInternal/Devices/e1000/0/LUN#0/Config/SSH/HostPort" 1022 Then, $ ssh localhost -p 1022 ssh: connect to host localhost port 1022: Connection refused But this didn't work (guest has no network access with NAT and OS X refused the connection, as you can see). I'd love a general solution that would let me communicate with my guest at a fixed IP.

    Read the article

  • Centos iptables configuration for Wordpress and Gmail smtp

    - by Fabrizio
    Let me start off by saying that I'm a Centos newby, so all info, links and suggestions are very welcome! I recently set up a hosted server with Centos 6 and configured it as a webserver. The websites running on it are nothing special, just some low traffic projects. I tried to configure the server as default as possible, but I like it to be secure as well (no ftp, custom ssh port). Getting my Wordpress to run as desired, I'm running into some connection problems. 2 things are not working: installing plugins and updates through ssh2 (failed to connect to localhost:sshportnumber) sending emails from my site using the Gmail smtp (Failed to connect to server: Permission denied (13)) I have the feeling that these are both related to the iptables configuration, because I've tried everything else (I think). I tried opening up the firewall to accept traffic for ports 465 (gmail smtp) and ssh port (lets say this port is 8000), but both the issues remain. Ssh connections from the terminal are working fine though. After each change I tried implementing I restarted the iptables service. This is my iptables configuration (using vim): # Generated by iptables-save v1.4.7 on Sun Jun 1 13:20:20 2014 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m tcp --dport 8000 -j ACCEPT -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT -A INPUT -p tcp -m tcp --dport 465 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A OUTPUT -o lo -j ACCEPT -A OUTPUT -p tcp -m tcp --dport 8000 -j ACCEPT -A OUTPUT -p tcp -m tcp --dport 465 -j ACCEPT COMMIT # Completed on Sun Jun 1 13:20:20 2014 Are there any (obvious) issues with my iptables setup considering the above mentioned issues? Saying that the firewall is doing exactly nothing in this state is also an answer... And again, if you have any other suggestions for me to increase security (considering the basic things I do with this box), I would love hear it, also the obvious ones! Thanks!

    Read the article

  • Best way to block a country by IP address?

    - by George Edison
    I have a website that needs to block a particular country based on IP address. I am more than aware that IP-based blocking is not a foolproof method for blocking visitors, but it is a necessary step in the right direction. Since I'm using PHP, what I would do is use a GeoIP database like geoplugin.net. However, I'm curious to know if there's a better way of doing this. The website is on a shared webserver (I don't have root access) and it is running Apache on centOS. I guess my question is "can an .htaccess file be configured to block by IP using an external source to lookup IP addresses."

    Read the article

  • Trouble with port 80 nating (XenServer to WebServer VM)

    - by Lain92
    I have a rent server running XenServer 6.2 I only have 1 public IP so i did some NAT to redirect ports 22 and 80 to my WebServer VM. I have a problem with the port 80 redirection. When i use this redirection, i can get in the WebServer's Apache but this server lose Web access. I get this kind of error : W: Failed to fetch http://http.debian.net/debian/dists/wheezy/main/source/Sources 404 Not Found [IP: 46.4.205.44 80] but i can ping anywhere. XenserverIP:80 redirected to 10.0.0.2:80 (WebServer). This is the port 80 redirection part of my XenServer iptables : -A PREROUTING -i xenbr1 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.0.0 .2:80 -A INPUT -i xenbr1 -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT COMMIT What is wrong in my configuration? Is there a problem with XenServer? Thanks for your help ! Edit : Here is my iptables full content : *nat :PREROUTING ACCEPT [51:4060] :POSTROUTING ACCEPT [9:588] :OUTPUT ACCEPT [9:588] -A PREROUTING -p tcp -m tcp --dport 1234 -j DNAT --to-destination 10.0.0.2:22 -A PREROUTING -i xenbr1 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.0.0 .2:80 -A POSTROUTING -s 10.0.0.0/255.255.255.0 -j MASQUERADE COMMIT *filter :INPUT ACCEPT [5434:4284996] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [5014:6004729] -A INPUT -i xenbr1 -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT COMMIT Update : I have a second server with 10.0.0.3 as IP and it has the same problem that 10.0.0.2 has.

    Read the article

  • Possible to find what IP address caused a 403.6 error?

    - by Abe Miessler
    I have a website setup in IIS that is rejecting all IP addresses except for a specific set. I thought I had added my machines IP address to this list, but evertime I try to access I get the error: HTTP Error 403.6 - Forbidden: IP address of the client has been rejected. Internet Information Services (IIS) I would like to figure out what IP address it think I am coming form when it rejects me. I tried looking at the IIS logs and in the Security Event Logs but I'm not seeing anything. Suggestions on where to look?

    Read the article

  • How Can I Map IIS on My PC with Static IP to my Domain Name?

    - by Subhen
    Hi, Now I have got an internet connection with Static Ip. I want to know How can I map my website to my Static IP(Received from ISP). I know this is not a good Idea for Security and Performance issues, But just Wanted to know as I can set up a test Project. Again, Can't I just by a domain name and map it to my Static Ip, instead of buying them from WebHosting Providers. Now I have bought the space from bizzhost and hosted my site by setting the Name Server. Thanks, Subhen

    Read the article

  • Can not open ports in iptables on CentOS 5??

    - by abszero
    I am trying to open up ports in CentOS's firewall and am having a terrible go at it. I have followed the "HowTo" here: http://wiki.centos.org/HowTos/Network/IPTables as well as a few other places on the Net but I still can't get the bloody thing to work. Basically I wanted to get two things working: VNC and Apache over the internal network. The problem is that the firewall is blocking all attempts to connect to these services. Now if I issue service iptables stop and then try to access the server via VNC or hit the webserver everything works as expected. However the moment I turn iptables back on all of my access is blocked. Below is a truncated version of my iptables file as it appears in vi -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 5801 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 5901 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 6001 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 5900 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT Really I would just be happy if I could get port 80 opened up for Apache since I can do most stuff via putty but if I could figure out VNC as well that would be cool. As far as VNC goes there is just a single/user desktop that I am trying to connect to via: [ipaddress]:1 Any help would be greatly appreciated!

    Read the article

  • Binding JBoss to IP Address

    - by Anand
    Hi, I am running a JBoss instance on a linux server I am using the ./run.sh -b This is not working what could be the reason. I am unable to share the error message details as of now will post it when I can, till then any alternatives or solutions ?

    Read the article

  • Cisco PIX firewall blocking inbound Exchange email

    - by sumsaricum
    [Cisco PIX, SBS2003] I can telnet server port 25 from inside but not outside, hence all inbound email is blocked. (as an aside, inbox on iPhones do not list/update emails, but calendar works a charm) I'm inexperienced in Cisco PIX and looking for some assistance before mails start bouncing :/ interface ethernet0 auto interface ethernet1 100full nameif ethernet0 outside security0 nameif ethernet1 inside security100 hostname pixfirewall domain-name ciscopix.com fixup protocol dns maximum-length 512 fixup protocol ftp 21 fixup protocol h323 h225 1720 fixup protocol h323 ras 1718-1719 fixup protocol http 80 fixup protocol rsh 514 fixup protocol rtsp 554 fixup protocol sip 5060 fixup protocol sip udp 5060 fixup protocol skinny 2000 no fixup protocol smtp 25 fixup protocol sqlnet 1521 fixup protocol tftp 69 names name 192.168.1.10 SERVER access-list inside_outbound_nat0_acl permit ip 192.168.1.0 255.255.255.0 192.168.1.96 255.255.255.240 access-list outside_cryptomap_dyn_20 permit ip any 192.168.1.96 255.255.255.240 access-list outside_acl permit tcp any host 213.xxx.xxx.xxx eq 3389 access-list outside_acl permit tcp any interface outside eq ftp access-list outside_acl permit tcp any host 213.xxx.xxx.xxx eq https access-list outside_acl permit tcp any host 213.xxx.xxx.xxx eq www access-list outside_acl permit tcp any interface outside eq 993 access-list outside_acl permit tcp any interface outside eq imap4 access-list outside_acl permit tcp any interface outside eq 465 access-list outside_acl permit tcp any host 213.xxx.xxx.xxx eq smtp access-list outside_cryptomap_dyn_40 permit ip any 192.168.1.96 255.255.255.240 access-list COMPANYVPN_splitTunnelAcl permit ip 192.168.1.0 255.255.255.0 any access-list COMPANY_splitTunnelAcl permit ip 192.168.1.0 255.255.255.0 any access-list outside_cryptomap_dyn_60 permit ip any 192.168.1.96 255.255.255.240 access-list COMPANY_VPN_splitTunnelAcl permit ip 192.168.1.0 255.255.255.0 any access-list outside_cryptomap_dyn_80 permit ip any 192.168.1.96 255.255.255.240 pager lines 24 icmp permit host 217.157.xxx.xxx outside mtu outside 1500 mtu inside 1500 ip address outside 213.xxx.xxx.xxx 255.255.255.128 ip address inside 192.168.1.1 255.255.255.0 ip audit info action alarm ip audit attack action alarm ip local pool VPN 192.168.1.100-192.168.1.110 pdm location 0.0.0.0 255.255.255.128 outside pdm location 0.0.0.0 255.255.255.0 inside pdm location 217.yyy.yyy.yyy 255.255.255.255 outside pdm location SERVER 255.255.255.255 inside pdm logging informational 100 pdm history enable arp timeout 14400 global (outside) 1 interface nat (inside) 0 access-list inside_outbound_nat0_acl nat (inside) 1 0.0.0.0 0.0.0.0 0 0 static (inside,outside) tcp 213.xxx.xxx.xxx 3389 SERVER 3389 netmask 255.255.255.255 0 0 static (inside,outside) tcp 213.xxx.xxx.xxx smtp SERVER smtp netmask 255.255.255.255 0 0 static (inside,outside) tcp 213.xxx.xxx.xxx https SERVER https netmask 255.255.255.255 0 0 static (inside,outside) tcp 213.xxx.xxx.xxx www SERVER www netmask 255.255.255.255 0 0 static (inside,outside) tcp interface imap4 SERVER imap4 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 993 SERVER 993 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 465 SERVER 465 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface ftp SERVER ftp netmask 255.255.255.255 0 0 access-group outside_acl in interface outside route outside 0.0.0.0 0.0.0.0 213.zzz.zzz.zzz timeout xlate 0:05:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00 timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00 timeout sip-disconnect 0:02:00 sip-invite 0:03:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server TACACS+ max-failed-attempts 3 aaa-server TACACS+ deadtime 10 aaa-server RADIUS protocol radius aaa-server RADIUS max-failed-attempts 3 aaa-server RADIUS deadtime 10 aaa-server RADIUS (inside) host SERVER *** timeout 10 aaa-server LOCAL protocol local http server enable http 217.yyy.yyy.yyy 255.255.255.255 outside http 192.168.1.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server community public no snmp-server enable traps floodguard enable sysopt connection permit-ipsec crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac crypto dynamic-map outside_dyn_map 20 match address outside_cryptomap_dyn_20 crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-MD5 crypto dynamic-map outside_dyn_map 40 match address outside_cryptomap_dyn_40 crypto dynamic-map outside_dyn_map 40 set transform-set ESP-3DES-MD5 crypto dynamic-map outside_dyn_map 60 match address outside_cryptomap_dyn_60 crypto dynamic-map outside_dyn_map 60 set transform-set ESP-3DES-MD5 crypto dynamic-map outside_dyn_map 80 match address outside_cryptomap_dyn_80 crypto dynamic-map outside_dyn_map 80 set transform-set ESP-3DES-MD5 crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map crypto map outside_map client authentication RADIUS LOCAL crypto map outside_map interface outside isakmp enable outside isakmp policy 20 authentication pre-share isakmp policy 20 encryption 3des isakmp policy 20 hash md5 isakmp policy 20 group 2 isakmp policy 20 lifetime 86400 telnet 217.yyy.yyy.yyy 255.255.255.255 outside telnet 0.0.0.0 0.0.0.0 inside telnet timeout 5 ssh 217.yyy.yyy.yyy 255.255.255.255 outside ssh 0.0.0.0 255.255.255.0 inside ssh timeout 5 management-access inside console timeout 0 dhcpd address 192.168.1.20-192.168.1.40 inside dhcpd dns SERVER 195.184.xxx.xxx dhcpd wins SERVER dhcpd lease 3600 dhcpd ping_timeout 750 dhcpd auto_config outside dhcpd enable inside : end I have Kiwi SysLog running but could use some pointers in that regard to narrow down the torrent of log messages, if that helps?!

    Read the article

  • CentOS 5.7 issues with iptables

    - by Corey Whitaker
    I'm trying to set up IPTables on a new CentOS server. This server will function as an FTP server that I need to be accessible from the outside, however, I want to lock down SSH to only accept internal IP connections. I need to allow SSH for 10.0.0.0/8 and 172.16.132.0/24. Below I've posted my /etc/sysconfig/iptables file. Whenever I apply this, I essentially lock myself out and I have to access it via console using Vsphere. Can somebody show me what I'm doing wrong? I'm connecting from my laptop with an IP of 172.16.132.226. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [115:15604] :RH-Firewall-1-INPUT - [0:0] -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -p esp -j ACCEPT -A RH-Firewall-1-INPUT -p ah -j ACCEPT -A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A RH-Firewall-1-INPUT -s 10.0.0.0/8 -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A RH-Firewall-1-INPUT -s 172.16.132.0/24 -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 20 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT

    Read the article

  • Windows 7: how can I add an IP range in the "route" command?

    - by KeyStroke
    Hi, I'm using two network connections, and I tried using the "route" command so that when I access a specific internal IP on my LAN, it would use connection 1, anything else would go normally through connection 2 (which doesn't have access to my LAN). The problem is I have a bunch of internal IP's that I need to access, and the "route" command doesn't seem to allow me to add an IP range instead of specific IP. And connection 1 doesn't have internet access, so I can't use it as my default connection. Any idea how this can be solved? Your help is appreciated

    Read the article

  • HTML form submits and the hostname changes to IP address

    - by Shamik
    I am facing a peculiar problem. The problem is, my webapp is being installed behind a proxy. The request gets submitted to the proxy which forwards the request to the original host that is running the websphere web application. The problem I am facing is, when I access the webapp, its URL looks like the below http://www.myproxy.com Lets say I get a form on this URL, when I submit the form, it is getting submitted to another URL - http://10.1.2.87 Since the URL is changing, application server thinks it is a different session and throws the login page again. The login page comes thru a filter which checks whether user is already authenticated in the session or not. I do not have much knowledge on proxy settings .. where do you think is the problem?

    Read the article

  • Is this a good starting point for iptables in Linux?

    - by sbrattla
    Hi, I'm new to iptables, and i've been trying to put together a firewall which purpose is to protect a web server. The below rules are the ones i've put together so far, and i would like to hear if the rules makes sense - and wether i've left out anything essential? In addition to port 80, i also need to have port 3306 (mysql) and 22 (ssh) open for external connections. Any feedback is highly appreciated! #!/bin/sh # Clear all existing rules. iptables -F # ACCEPT connections for loopback network connection, 127.0.0.1. iptables -A INPUT -i lo -j ACCEPT # ALLOW established traffic iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # DROP packets that are NEW but does not have the SYN but set. iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP # DROP fragmented packets, as there is no way to tell the source and destination ports of such a packet. iptables -A INPUT -f -j DROP # DROP packets with all tcp flags set (XMAS packets). iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP # DROP packets with no tcp flags set (NULL packets). iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP # ALLOW ssh traffic (and prevent against DoS attacks) iptables -A INPUT -p tcp --dport ssh -m limit --limit 1/s -j ACCEPT # ALLOW http traffic (and prevent against DoS attacks) iptables -A INPUT -p tcp --dport http -m limit --limit 5/s -j ACCEPT # ALLOW mysql traffic (and prevent against DoS attacks) iptables -A INPUT -p tcp --dport mysql -m limit --limit 25/s -j ACCEPT # DROP any other traffic. iptables -A INPUT -j DROP

    Read the article

  • What's the best way to block IP spoofing on a layer 3 switch?

    - by toupeira
    We're hosting Dedicated Servers and are currently using old 3com switches with IP-based ACLs. So each port has an ACL that allows all IP addresses assigned to this customer, and blocks everything else. But now 3com was bought by HP, and the follow-up model only supports basic ACL that aren't flexible enough to both allow certain IPs while blocking others. Looking at other switches in a similar price-range, we've found that most of them have similar problems or don't offer any ACL features at all. I assume this could also somehow be done with VLANs, but if I understand this correctly we'd still need some kind of ACL to actually specify the valid IP addresses for each port. What do you use to make sure your customers don't use unassigned IP addresses? Or what switches can you recommend that have flexible ACL functionality?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 110 111 112 113 114 115 116 117 118 119 120 121  | Next Page >