Search Results

Search found 3844 results on 154 pages for 'firewall bypass'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 121/154 | < Previous Page | 117 118 119 120 121 122 123 124 125 126 127 128  | Next Page >

  • How to make Firefox use TCP for DNS

    - by miniBill
    I want to use TCP for DNS, to bypass my ISP's slow and broken DNS servers. I'm not using (and don't want to use) a proxy. Note: I want to use DNS over TCP because if I use it over udp, no matter what server I set, I get answers from my ISP's DNS. Notice that I will fiercely downvote whoever suggests: programs to do TCP over DNS, the setting in about:config to make DNS go over the proxy too: I'm not using a proxy, use another DNS: I've already set up Google as my DNS, but I get intercepted. Example of what I mean by saying intercept: $ dig @8.8.8.8 thepiratebay.se ; <<>> DiG 9.8.1 <<>> @8.8.8.8 thepiratebay.se ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24385 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;thepiratebay.se. IN A ;; ANSWER SECTION: thepiratebay.se. 28800 IN A 83.224.65.41 ;; Query time: 50 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Sun Sep 16 22:51:06 2012 ;; MSG SIZE rcvd: 49 $ dig +tcp @8.8.8.8 thepiratebay.se ; <<>> DiG 9.8.1 <<>> +tcp @8.8.8.8 thepiratebay.se ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15131 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;thepiratebay.se. IN A ;; ANSWER SECTION: thepiratebay.se. 436 IN A 194.71.107.15 ;; Query time: 61 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Sun Sep 16 22:51:10 2012 ;; MSG SIZE rcvd: 49 If it matters, I'm using Firefox 14 on Gentoo Linux.

    Read the article

  • Can't get Passwordless (SSH provided) SFTP working

    - by Shoaibi
    I have chrooted sftp setup as below. # Package generated configuration file # See the sshd_config(5) manpage for details # What ports, IPs and protocols we listen for Port 22 # Use these options to restrict which interfaces/protocols sshd will bind to #ListenAddress :: #ListenAddress 0.0.0.0 Protocol 2 # HostKeys for protocol version 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key #Privilege Separation is turned on for security UsePrivilegeSeparation yes # Lifetime and size of ephemeral version 1 server key KeyRegenerationInterval 3600 ServerKeyBits 768 # Logging SyslogFacility AUTH LogLevel INFO # Authentication: LoginGraceTime 120 PermitRootLogin without-password StrictModes yes AllowGroups admins clients RSAAuthentication yes PubkeyAuthentication yes #AuthorizedKeysFile %h/.ssh/authorized_keys # Don't read the user's ~/.rhosts and ~/.shosts files IgnoreRhosts yes # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication no # similar for protocol version 2 HostbasedAuthentication no # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication #IgnoreUserKnownHosts yes # To enable empty passwords, change to yes (NOT RECOMMENDED) PermitEmptyPasswords no # Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) ChallengeResponseAuthentication no # Change to no to disable tunnelled clear text passwords #PasswordAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosGetAFSToken no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes X11Forwarding yes X11DisplayOffset 10 PrintMotd no PrintLastLog yes TCPKeepAlive yes #UseLogin no #MaxStartups 10:30:60 #Banner /etc/issue.net # Allow client to pass locale environment variables AcceptEnv LANG LC_* #Subsystem sftp /usr/lib/openssh/sftp-server # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication and # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication via ChallengeResponseAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and ChallengeResponseAuthentication to 'no'. UsePAM yes Subsystem sftp internal-sftp Match group clients ChrootDirectory /var/chroot-home X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp a dummy user root:~# tail -n1 /etc/passwd david:x:1000:1001::/david:/bin/sh Now in this case david can sftp using say filezilla client and he is chrooted to /var/chroot-home/david/. But what if i was to setup a passwordless auth? I have tried pasting his key in /var/chroot-home/david/.ssh/authorized_keys but no use, tried ssh'ing as david to the box and it just stops at "debug1: Sending env LC_CTYPE = C" after i supply it password and there is nothing shown in auth.log, may be because it can't find the homedir. If i do "su - david" as root i see "No directory, logging in with HOME=/" which makes sense. Symlink doesn't help either. I have also tried with: Match group clients ChrootDirectory /var/chroot-home/%u X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp a dummy user root:~# tail -n1 /etc/passwd david:x:1000:1001::/var/chroot-home/david:/bin/sh This way if i don't change /var/chroot-home/david to root:root sshd complains about bad ownership or permission modes, and if i do, david can no longer upload/delete anything directly in his home while using sftp from filezilla.

    Read the article

  • can not connect through SCP, but SSH connections works

    - by Joe Cabezas
    i am trying to connect to my server to transfer file using scp: $ scp -v -r -P <port> <user>@<host>:~/dir/ dir/ this is the output: OpenSSH_5.2p1, OpenSSL 0.9.8r 8 Feb 2011 debug1: Reading configuration data /Users/joe/.ssh/config debug1: Reading configuration data /etc/ssh_config debug1: Connecting to <host> [<host>] port <port>. debug1: Connection established. debug1: identity file /Users/joe/.ssh/identity type -1 debug1: identity file /Users/joe/.ssh/id_rsa type -1 debug1: identity file /Users/joe/.ssh/id_dsa type -1 ssh_exchange_identification: Connection closed by remote host but connecting via SSH works fine: $ ssh <user>@<host> -p <port> <user>@<host>'s password: <user>@<host>:~$ OK what can be wrong with this? my /etc/ssh/sshd_config file on the host is: # Package generated configuration file # See the sshd_config(5) manpage for details # What ports, IPs and protocols we listen for Port <port> # Use these options to restrict which interfaces/protocols sshd will bind to #ListenAddress :: #ListenAddress 0.0.0.0 Protocol 2 # HostKeys for protocol version 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key HostKey /etc/ssh/ssh_host_ecdsa_key #Privilege Separation is turned on for security UsePrivilegeSeparation yes # Lifetime and size of ephemeral version 1 server key KeyRegenerationInterval 3600 ServerKeyBits 768 # Logging SyslogFacility AUTH LogLevel INFO # Authentication: LoginGraceTime 120 PermitRootLogin yes StrictModes yes RSAAuthentication yes PubkeyAuthentication no #AuthorizedKeysFile %h/.ssh/authorized_keys # Don't read the user's ~/.rhosts and ~/.shosts files IgnoreRhosts yes # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication no # similar for protocol version 2 HostbasedAuthentication no # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication #IgnoreUserKnownHosts yes # To enable empty passwords, change to yes (NOT RECOMMENDED) PermitEmptyPasswords no # Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) ChallengeResponseAuthentication no # Change to no to disable tunnelled clear text passwords #PasswordAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosGetAFSToken no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes X11Forwarding yes X11DisplayOffset 10 PrintMotd no PrintLastLog yes TCPKeepAlive yes #UseLogin no #MaxStartups 10:30:60 #Banner /etc/issue.net # Allow client to pass locale environment variables AcceptEnv LANG LC_* Subsystem sftp /usr/lib/openssh/sftp-server # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication and # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication via ChallengeResponseAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and ChallengeResponseAuthentication to 'no'. UsePAM yes

    Read the article

  • apache mod_cache in v2.2 - enable cache based on url

    - by Janning
    We are using apache2.2 as a front-end server with application servers as reverse proxies behind apache. We are using mod_cache for some images and enabled it like this: <IfModule mod_disk_cache.c> CacheEnable disk / CacheRoot /var/cache/apache2/mod_disk_cache CacheIgnoreCacheControl On CacheMaxFileSize 2500000 CacheIgnoreURLSessionIdentifiers jsessionid CacheIgnoreHeaders Set-Cookie </IfModule> The image urls vary completely and have no common start pattern, but they all end in ".png". Thats why we used the root in CacheEnable / If not served from the cache, the request is forwarded to an application server via reverse proxy. So far so good, cache is working fine. But I really only need to cache all image request ending in ".png". My above configuration still works as my application server send an appropriate Cache-Control: no-cache header on the way back to apache. So most pages send a no-cache header back and they get not cached at all. My ".png" responses doesn't send a Cache-Control header so apache is only going to cache all urls with ".png". Fine. But when a new request enters apache, apache does not know that only .png requests should be considered, so every request is checking a file on disk (recorded with strace -e trace=file -p pid): [pid 19063] open("/var/cache/apache2/mod_disk_cache/zK/q8/Kd/g6OIv@woJRC_ba_A.header", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) I don't want to have apache going to disk every request, as the majority of requests are not cached at all. And we have up to 10.000 request/s at peak time. Sometimes our read IO wait spikes. It is not getting really slow, but we try to tweak it for better performance. In apache 2.4 you can say: <LocationMatch .png$> CacheEnable disk </LocationMatch> This is not possible in 2.2 and as I see no backports for debian I am not going to upgrade. So I tried to tweak apache2.2 to follow my rules: <IfModule mod_disk_cache.c> SetEnvIf Request_URI "\.png$" image RequestHeader unset Cache-Control RequestHeader append Cache-Control no-cache env=!image CacheEnable disk / CacheRoot /var/cache/apache2/mod_disk_cache #CacheIgnoreCacheControl on CacheMaxFileSize 2500000 CacheIgnoreURLSessionIdentifiers jsessionid CacheIgnoreHeaders Set-Cookie </IfModule> The idea is to let apache decide to serve request from cache based on Cache-control header (CacheIgnoreCacheControl default to off). And before simply set a RequestHeader based on the request. If it is not an image request, set a Cache-control header, so it should bypass the cache at all. This does not work, I guess because of late processing of RequestHeader directive, see https://httpd.apache.org/docs/2.2/mod/mod_headers.html#early I can't add early processing as "early" keyword can't be used together with a conditional "env=!image" I can't change the url requesting the images and I know there are of course other solutions. But I am only interested in configuring apache2.2 to reach my goal. Does anybody has an idea how to achieve my goal?

    Read the article

  • Windows 2008 R2 CA and auto-enrollment: how to get rid of >100,000 issued certificates?

    - by HopelessN00b
    The basic problem I'm having is that I have 100,000 useless machine certificates cluttering up my CA, and I'd like to delete them, without deleting all certs, or time jumping the server ahead, and invalidating some of the useful certs on there. This came about as a result of accepting a couple defaults with our Enterprise Root CA (2008 R2) and using a GPO to auto-enroll client machines for certificates to allow 802.1x authentication to our corporate wireless network. Turns out that the default Computer (Machine) Certificate Template will happily allow machines to re-enroll instead of directing them to use the certificate they already have. This is creating a number of problems for the guy (me) who was hoping to use the Certificate Authority as more than a log of every time a workstation's been rebooted. (The scroll bar on the side is lying, if you drag it to the bottom, the screen pauses and loads the next few dozen certs.) Does anyone know how to DELETE 100,000 or so time-valid, existing certificates from a Windows Server 2008R2 CA? When I go to delete a certificate now, now, I get an error that it cannot be delete because it's still valid. So, ideally, some way to temporarily bypass that error, as Mark Henderson's provided a way to delete the certificates with a script once that hurdle is cleared. (Revoking them is not an option, as that just moves them to Revoked Certificates, which we need to be able to view, and they can't be deleted from the revoked "folder" either.) Update: I tried the site @MarkHenderson linked, which is promising, and offers much better certificate manageability, buts still doesn't quite get there. The rub in my case seems to be that the certificates are still "time-valid," (not yet expired) so the CA doesn't want to let them be deleted from existence, and this applies to revoked certs as well, so revoking them all and then deleting them won't work either. I've also found this technet blog with my Google-Fu, but unfortunately, they seemed to only have to delete a very large number of certificate requests, not actual certificates. Finally, for now, time jumping the CA forward so the certificates I want to get rid of expire, and therefore can be deleted with the tools at the site Mark linked is not a great option, as would expire a number of valid certificates we use that have to be manually issued. So it's a better option than rebuilding the CA, but not a great one.

    Read the article

  • How to Block a HTTP Website along with Its All Subdomain using IPTABLE

    - by netnovice
    I run a small HTTP web proxy site . We can not modify anything there in Proxy program. Few users mainly use Yahoo Web mail for Spamming and We need to block yahoo web mail access only ( complete yahoo website is also Ok) through our proxy . specially .mail.yahoo.com.. Like - we need to block URL like - http://uk-mg61.mail.yahoo.com http://in-mg61.mail.yahoo.com etc. etc. Note : We generaly open http://mail.yahoo.com in browser - but after loggin in it forwards it to Urls like above but all those are subdomain of mail.yahoo.com My target is if we can get all IP list for all available subdomain of mail.yahoo.com I can block it totally . We can only use IPTABLE ...I know using proxy itself we can check HTTP header and check Host field for .mail.yahoo.com. and block it. Solution : Follwoign what I did using IPtable . I collected IP CIDR block for yahoo mainly for yahoo web mail ( mail.yahoo.com ) as much as possible ( using linux host and whois command ) [ like 66.163.160.0/19 nd 98.136.0.0/14 etc ] and applied follwing command Like iptables -A OUTPUT -p tcp -d 66.163.160.0/19 -m state --state NEW -j DROP etc. Things are working fine. user can not access yahoo mail BUT the problem is I need to be updated with the avaialble CIDR YAHOO IP list ... I am ready to do it every week. I collected many from Net... You know theer are countles subdomain of mail.yahoo.com and seems every week Yahoo adding new IP... But what I observed some time user can bypass our rule and the reason obvously all the avaialble Ips are not entered in IPtable yet. What we need to do is enter all Ips of mail.yahoo.co But where do I find all subdomain for mail.yahoo.com I know we can get it from DNS but I must not be allowed to make DNS axfr query. Also doing reverse DNS will have performance issue. I want to know all subdomain of .mail.yahoo.c Can I get it from yahoo site. I have the list of all YAHOO smtp IP....but I need webmail Ip... ( http://public.yahoo.com/carloc/ymail.html ) Can you please share your Idea. Thank you

    Read the article

  • Using OpenVPN, yet netflix.com blocks access

    - by user837848
    I have set up an OpenVPN server on a VPS in the USA and configured it to route all clients traffic through it. Everything seems to work fine regarding the VPN connection in gerneral. All ip lookup sites show me the us server's ip address and even hulu.com works(it won't work if you are not in the usa). But for some reason netflix.com says "Sorry, Netflix is not available in your country yet.". So I thought that netflix probably uses some more sophisticated ways to determine your location beyond just your ip address. But I could not find a way to get it to work until I dropped the idea of using a VPN and instead connected to the server via a simple socks tunnel with ssh by running: ssh -D 9999 user@serverip All I had to do was changing the key network.proxy.socks_remote_dns in Firefox from false to true to prevent DNS leaks and setting up the socks proxy. Then I could finally watch netflix.com. As a result I concluded that there is nothing in the browser(or something like system timezone) that tells netflix the location, so it has to have something to do with the OpenVPN config. After that I used tcpdump to log all the traffic on the server's network interface venet0 (OpenVZ VPS), visited netflix.com on the client while first connected to the VPN and then connected via socks tunnel and afterwards compared both outputs. The only thing that caught my eye was that while using the socks tunnel the server mainly used ipv6 to connect to netflix whereas it only used ipv4 when the client was connected to the OpenVPN server. But I don't get how that could make such a difference. So what am I missing? Is there a way to configure OpenVPN to also use ipv6 to connect to a website although there is only an ipv4 connection between the VPS and the client? Here is the server.conf of the OpenVPN server (OpenVZ VPS) local serverip port 443 proto tcp dev tun ca ./easy-rsa2/keys/ca.crt cert ./easy-rsa2/keys/vps1.crt key ./easy-rsa2/keys/vps1.key # This file should be kept secret dh ./easy-rsa2/keys/dh1024.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt push "redirect-gateway def1 bypass-dhcp" push "dhcp-option DNS 8.8.8.8" push "dhcp-option DNS 8.8.4.4" client-to-client keepalive 10 120 tls-auth ta.key 0 # This file is secret cipher AES-256-CBC comp-lzo max-clients 4 user nobody group nogroup persist-key persist-tun status openvpn-status.log log-append openvpn.log verb 3 iptables forwarding iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o venet0 -j SNAT --to-source serverip (enabled ipv4 forwarding) I have tried everything always on a Win7 and a Debian client with only ipv4 connections and always made sure that they use the correct DNS server (tested with ipleak.net and tcpdump / wireshark). client.conf: client dev tun proto tcp remote serverip 443 resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert client.crt key client.key ns-cert-type server tls-auth ta.key 1 cipher AES-256-CBC comb-lzo verb 3

    Read the article

  • TCP/IP & throughput between FreeNAS (BSD) server & other LAN machines

    - by Tim Dickerson
    I have got a question for someone that knows BSD a bit better than me that are in regards to my LAN setup at home/work here outside Chicago. I can't seem to fully optimize my network's (LAN) thoughput via my FreeNAS (BSD based) file server. It runs with the latest FreeBSD release which is modified to support several protocols for file transfers and more. Every machine that is behind my Smoothwall (Linux based) router is on the usual 192.168.0.x subnet and for most part works just fine. Behind the Smoothwall box, all machines are connected to a GB HP unmanaged switch. I host a large WISP here and have an OC-3 connection here at home/work and have no issues with downloading/uploading from/to the 'net'. My problem is with throughput. When I try and transfer large files...really any for that matter..between any of the machines to/and from the FreeNAS server via FTP, the max throughput I can achieve say between a Win 7 or a Linux box is ~65Mbit/sec. All machines are running Intel Pro 1000 GB NIC's and all cable is CAT6. Each is set to 'auto negotiation' and each shows 1500 MTU Full Duplex @1GB so I know the hardware is okay. I have not adjusted the MTU on any machine as I understand it to be pointless unless certain configurations are used (I assume I am not one of those). My settings for the FreeNAS machine are the following: # FreeNAS /etc/sysctl.conf - pertinent settings shown kern.ipc.maxsockbuf=262144 kern.ipc.nmbclusters=32768 kern.ipc.somaxconn=8192 kern.maxfiles=65536 kern.maxfilesperproc=32768 net.inet.tcp.delayed_ack=0 net.inet.tcp.inflight.enable=0 net.inet.tcp.path_mtu_discovery=0 net.inet.tcp.recvbuf_auto=1 net.inet.tcp.recvbuf_inc=524288 net.inet.tcp.recvbuf_max=16777216 net.inet.tcp.recvspace=65536 net.inet.tcp.rfc1323=1 net.inet.tcp.sendbuf_inc=16384 net.inet.tcp.sendbuf_max=16777216 net.inet.tcp.sendspace=65536 net.inet.udp.recvspace=65536 net.local.stream.recvspace=65536 net.local.stream.sendspace=65536 net.inet.tcp.hostcache.expire=1 From what I can tell, that looks to be a somewhat optimized profile for a typical BSD machine acting as a server for a LAN. I might be wrong and just wanted to find out from someone that knows BSD better than I do if indeed that is ok or if something is out of tune or what. Are there other ways I would find better for P2P file transfers? I honestly do not know what I SHOULD be looking for with respect to throughput between the NAS box and another client when xferring files via FTP, but I am told that what I get on average (40-70MB/sec) is too low for what it could be. I have thought about adding another NIC in the FreeNAS box as well as the Win7 machine and use a X-over cable via a static route, but wanted to check with someone first to see if that might be worth it or not. I don't know if doing that would bypass the HP GB switch and allow for a machine to machine xfer anyways. The FTP client I use is: Filezilla and have tried both active and passive modes with no real gain over each other. The NAS box runs ProFTPD.

    Read the article

  • Add user in CentOS 5

    - by Ron
    I created a new user in my CentOS web server with useradd. Added a password with passwd. But I can't log in with the user via SSH. I keep getting 'access denied'. I checked to make sure that the password was assigned and that the account is active. /var/log/secure shows the following error: Aug 13 03:41:40 server1 su: pam_unix(su:auth): authentication failure; logname= uid=500 euid=0 tty=pts/0 ruser=rwade rhost= user=root Please help, Thanks Thanks for the responses so far: I should add that it is a VPS on a remote computer, fresh out of the box. I can log in as the root user quite fine. I can also su to the new user, but I cannot log in as the new user. Here is my sshd_config file: # $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options change a # default value. #Port 22 #Protocol 2,1 Protocol 2 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: # HostKey for protocol version 1 #HostKey /etc/ssh/ssh_host_key # HostKeys for protocol version 2 #HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_dsa_key # Lifetime and size of ephemeral version 1 server key #KeyRegenerationInterval 1h #ServerKeyBits 768 # Logging # obsoletes QuietMode and FascistLogging #SyslogFacility AUTH SyslogFacility AUTHPRIV #LogLevel INFO # Authentication: #LoginGraceTime 2m #PermitRootLogin yes #StrictModes yes #MaxAuthTries 6 #RSAAuthentication yes #PubkeyAuthentication yes #AuthorizedKeysFile .ssh/authorized_keys # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts #RhostsRSAAuthentication no # similar for protocol version 2 #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # RhostsRSAAuthentication and HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes # To disable tunneled clear text passwords, change to no here! #PasswordAuthentication yes #PermitEmptyPasswords no PasswordAuthentication yes # Change to no to disable s/key passwords #ChallengeResponseAuthentication yes ChallengeResponseAuthentication no # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #KerberosGetAFSToken no # GSSAPI options #GSSAPIAuthentication no GSSAPIAuthentication yes #GSSAPICleanupCredentials yes GSSAPICleanupCredentials yes # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication mechanism. # Depending on your PAM configuration, this may bypass the setting of # PasswordAuthentication, PermitEmptyPasswords, and # "PermitRootLogin without-password". If you just want the PAM account and # session checks to run without PAM authentication, then enable this but set # ChallengeResponseAuthentication=no #UsePAM no UsePAM yes # Accept locale-related environment variables AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT AcceptEnv LC_IDENTIFICATION LC_ALL #AllowTcpForwarding yes #GatewayPorts no #X11Forwarding no X11Forwarding yes #X11DisplayOffset 10 #X11UseLocalhost yes #PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes #UseLogin no #UsePrivilegeSeparation yes #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 #ClientAliveCountMax 3 #ShowPatchLevel no #UseDNS yes #PidFile /var/run/sshd.pid #MaxStartups 10 #PermitTunnel no #ChrootDirectory none # no default banner path #Banner /some/path # override default of no subsystems Subsystem sftp /usr/libexec/openssh/sftp-server

    Read the article

  • Building a Mac/PC Network in a Dorm with Network Restrictions

    - by user70340
    I have been a Windows XP user for the last few years, but I recently bought a 15'' MacBook Pro for research purposes. I would like to set up a no-hassle Mac/PC Network at home so that I can access the internet on both computers and hardware between computers (i.e. a harddrive, or a mouse/keyboard with Synergy). Unfortunately, I live in a dorm with silly network restrictions so a solution is not straightforward. In particular: The dorm has a wired and wireless network, both which provide an internet connection. The wired network provides way faster internet (download speeds of 15 MB/s vs. 2 MB/s on wireless), so I would like to somehow exploit this, at least on my PC for Bittorrent :) Multiple devices can connect to the wireless network, but cannot "see" each other on the network (so software like Synergy would not work). Only 1 MAC address can connect to the wired network at a time. Ideally I would just connect a wireless router to the wired network and then have both the Mac and the PC on that, but the 1 MAC address restriction will not allow the both computer to access the internet simultaneously. I cannot think of a way to bypass this restriction (though I'm not network savvy), so I am planning to create a private no-internet network to allow the devices to see each other and share hardware. Here are some thoughts. I would appreciate any feedback at all! If I build a private wireless network: (first choice) I will use a wireless router that is not connected to the internet. My PC and Mac will be connected to each other wirelessly. I can then connect the PC to the internet via a wired network, but then the Mac will not have internet access as its wireless card is already in use. In this case, could I stream internet access from the PC to the Mac via the wireless network? Or could I buy a USB wireless card for the Mac so that it can connect to both my private network and the dorm network? If I build a private wired network: (second choice) Then both the PC and the Mac will connect to the internet wirelessly, which means I cannot take advantage of the faster download speeds.

    Read the article

  • Add user in CentOS 5

    - by Ron
    I created a new user in my CentOS web server with useradd. Added a password with passwd. But I can't log in with the user via SSH. I keep getting 'access denied'. I checked to make sure that the password was assigned and that the account is active. /var/log/secure shows the following error: Aug 13 03:41:40 server1 su: pam_unix(su:auth): authentication failure; logname= uid=500 euid=0 tty=pts/0 ruser=rwade rhost= user=root Please help, Thanks Thanks for the responses so far: I should add that it is a VPS on a remote computer, fresh out of the box. I can log in as the root user quite fine. I can also su to the new user, but I cannot log in as the new user. Here is my sshd_config file: # $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options change a # default value. #Port 22 #Protocol 2,1 Protocol 2 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: # HostKey for protocol version 1 #HostKey /etc/ssh/ssh_host_key # HostKeys for protocol version 2 #HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_dsa_key # Lifetime and size of ephemeral version 1 server key #KeyRegenerationInterval 1h #ServerKeyBits 768 # Logging # obsoletes QuietMode and FascistLogging #SyslogFacility AUTH SyslogFacility AUTHPRIV #LogLevel INFO # Authentication: #LoginGraceTime 2m #PermitRootLogin yes #StrictModes yes #MaxAuthTries 6 #RSAAuthentication yes #PubkeyAuthentication yes #AuthorizedKeysFile .ssh/authorized_keys # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts #RhostsRSAAuthentication no # similar for protocol version 2 #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # RhostsRSAAuthentication and HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes # To disable tunneled clear text passwords, change to no here! #PasswordAuthentication yes #PermitEmptyPasswords no PasswordAuthentication yes # Change to no to disable s/key passwords #ChallengeResponseAuthentication yes ChallengeResponseAuthentication no # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #KerberosGetAFSToken no # GSSAPI options #GSSAPIAuthentication no GSSAPIAuthentication yes #GSSAPICleanupCredentials yes GSSAPICleanupCredentials yes # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication mechanism. # Depending on your PAM configuration, this may bypass the setting of # PasswordAuthentication, PermitEmptyPasswords, and # "PermitRootLogin without-password". If you just want the PAM account and # session checks to run without PAM authentication, then enable this but set # ChallengeResponseAuthentication=no #UsePAM no UsePAM yes # Accept locale-related environment variables AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT AcceptEnv LC_IDENTIFICATION LC_ALL #AllowTcpForwarding yes #GatewayPorts no #X11Forwarding no X11Forwarding yes #X11DisplayOffset 10 #X11UseLocalhost yes #PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes #UseLogin no #UsePrivilegeSeparation yes #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 #ClientAliveCountMax 3 #ShowPatchLevel no #UseDNS yes #PidFile /var/run/sshd.pid #MaxStartups 10 #PermitTunnel no #ChrootDirectory none # no default banner path #Banner /some/path # override default of no subsystems Subsystem sftp /usr/libexec/openssh/sftp-server

    Read the article

  • Is there a switch that will connect directly to my modem and allow my router to serve only as a WiFi connection?

    - by Abner
    Details . . Devices . Internets -50Mbps Cable Internet Modem - Motorola Surfboard Extreme Router - Netgear WNDR3700v3 Switch - D-Link DGS-1008G Wired Ethernet Cable - Cat6_24Awg_ Device Configuration - Modem\Router\Switch . . Internet Usage . Wired Demand XBOX 360 1 Gaming PC 2 PC - HD video . WiFi Demand 3 android + 1 Laptop for browsing and group video chat simultaneously . . Specifics . I am experiencing problems with network speeds and reliability on both wired and wireless connections. On many occasions I experience WiFi Speeds that vary between the 15mbps to 0.50 mbs (or less) and ping ranging from 15ms to 500ms. These results are from when I notice problems with internet lag and run speedtest.net to get details of problems. I have a stretched out floor-plan and old building materials drastically affecting my cellphone signal strength as well). After Reading the "Known Issues" Section on the webpage below http://www.dd-wrt.com/wiki/index.php/Netgear_WNDR3700#Known_Issues I bought the switch and Cat6 cable to increase speed and relieve stress on router in an attempt to fix the symptoms. I thought I'd use the router in a Modem\Switch\Router configuration. I thought I'd only have to use the router for mobile WiFi connections like android or Laptops when necessary (hopefully eliminating the problem caused by the router when subjected to all those demanding Ethernet connections) When I started unboxing the switch, I noticed the manual of this DGS-1008G shows it being connected in the Modem\Router\Switch order and not in the Modem\Switch\Router configuration I was aiming for. I have not been able to find a solid plan to remedy my specific problem without buying another expensive router. I would like to get the speeds I am paying for without buying another router. (My WiFi Adapters would also need to be updated if new router is required, meaning more $$$). I can always sell the switch and get a better one that will bypass the router because my most demanding internet connections are Wired. . . Questions Can I accomplish a Modem\Switch\Router configuration with current switch? Is there a different way to get the wired speed I need while providing WiFi only when necessary? . .

    Read the article

  • Problems with MGCP proxy creation

    - by Popof
    Hi, I'm trying to bypass my ISP router with my FreeBSD server (I've an optical connection so I've a RJ45 used to connect the box to WAN) Internet and TV are working fine (Using igmpproxy to forward TV stream) but I've a problem with phone. ISP's box is connected to the server which gives it a LAN address. The problem is that when the box builds MGCP packets (and especially SDP ones) it uses its LAN address. So I've think of writing an UDP proxy to handle MGCP and SDP packets in order to replace LAN address with server WAN address and then forward packet to WAN. Before starting coding I've captured stream packets using my server as a bridge between WAN connection and the ISP's box. And, in order to see if my solution is viable, I've tried to send those packets to the box using nemesis. I tried to send a packet (found in capture) containing an endpoint audit: AUEP 1447 aaln/[email protected] MGCP 1.0 F: A In the wireshark capture the box replied: 200 1447 OK A: a:PCMU;PCMA;G726-16;G726-24;G726-32;G726-40;G.723.1-5.3;G.723.1-6.3;G729;TELEPHONE-EVENT, fmtp:"TELEPHONE-EVENT 0-15,144,149,159", p:10-30, b:4-40, e:on, t:00, s:on, v:L;M;G;D, m:sendonly;recvonly;sendrecv;inactive;confrnce;replcate;netwtest;netwloop, dq-gi But when I use nemesis, I got an ICMP error: Port unreachable (Type 3, Code 3). To build this packet, WAN source address of the capture is replaced with my server LAN address, using the mgcp-callagent port (2727) and the packet is sent to the LAN address of the box at mgcp-gateway port (2427). The command I use is nemesis udp -S 192.168.2.1 -D 192.168.2.2 -x 2727 -y 2427 -P packet_to_send. I also tried an UDP scan to the box on callagent and gateway port: PORT STATE SERVICE 2727/udp open|filtered unknown 2427/udp closed unknown I found those results a little bit strange because it should be the 2427 port opened, as it was in capture. Internet Protocol, Src: <ISP MGCP Server>, Dst: <My WAN Address> User Datagram Protocol, Src Port: mgcp-callagent (2727), Dst Port: mgcp-gateway (2427) Does someone has any idea about how having my box responding to my requests ? Thanks in advance and sorry for my english.

    Read the article

  • new PC not work with existing router, but works fine when directly connecting to cable modem

    - by user34786
    I bought a new desktop PC (eMachine ET1331G-03W from WalMart) with windows 7 installed, but I can not access internet by connecting to my existing wireless router(LinkSys BEFW11S4) with wired cable. Though all other existing desktops and laptops have no problem connecting to the same router. However, the new desktop PC works fine and able to connect to internet if I bypass the router and directly hook up with the cable modem. At new PC when connecting to the router, I got the below information by typing ipconfig, the IP address looks wrong to me: autoconfiguration IPv4 Address: 169.254.71.140 subnet mask: 255.255.0.0 default gateway: (empty) NetBIOS over Tcpip: Enabled Typing ipconfig at all other desktop and laptop have values like below, which are good to me: Connection-specific DNS Suffix . : IP Address. . . . . . . . . . . . : 192.168.1.140 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.1 The wireless router was on 192.168.1.1, I do not know why the new desktop got 169.254.71.140 IP? It should have something like 192.168.1.xxx, and it was configured to automatically get IP by DHCP. I have tried to switch cables,power off cable modem, router and reboot new pc many times and got no luck. So I believe this is only an issue related to router or new pc configuration. Can someone help me figure out the issue?

    Read the article

  • How to configure apache's mod_proxy_html to work as an ajax proxy?

    - by dcerecedo
    I'm trying to build a web site that let's you view and manipulate data from any page in any other website. To do that, I have to bypass 'Allow Origin' problems: i'm loading the other domain's content in an iframe and i have to manipulate its content with javascript downloaded from my domain. My first attempt was to write a simple proxy myself, requesting the other domains page through a server proxy coded in Java that not only serves the content but rebuilds links (src's and href's) in the content so that the content referenced by these links alse get downloaded through my handmade proxy. The result is not bad but has problems with url's in css and scripts. It's then that i realized that mod_proxy_html is supposed to do exactly all this job. The problem is that i cannot figure out how to make it work as expected. Let's suppose my server runs in my-domain.com and to proxy and transform content from another domain i'd make a request like this: my-domain.com/proxy?url=http://another-domain.com/some/content I'd want mod_proxy_html to serve the content and rewrite following URLs in http://another-domain.com/some/content in the following ways: Absolute URLs not from another-domain.com: no rewritting Relative from root urls:/other/content - /proxy?url=http://another-domain.com/other/content Relative urls: other/content - /proxy?url=http://another-domain.com/some/content/other/content Relative to parent urls: ../other/content - /proxy?url=http://another-domain.com/some/other/content The url should be specified at runtime, not configuration time. Can this be achieved with mod_proxy_html? Could anyone provide a simple working configuration to start with? EDIT 1-First approach The following site config will work fine with sites that use absolute url's everywhere like http://www.huffingtonpost.es/. Youc could try on this config on localhost: http://localhost/asset/http://www.huffingtonpost.es/ <VirtualHost *:80> ServerName localhost LogLevel debug ProxyRequests off RewriteEngine On RewriteRule ^/asset/(.*) $1 [P] ProxyHTMLURLMap $1 /asset/ <Location /asset/> ProxyPassReverse / ProxyHTMLURLMap / /asset/ </Location> </VirtualHost> But as explained in the documentation, if I hit a site using relative url's, I'd like to have these rewritten on the html via mod_proxy_html. So I shoud change the Location block as follows: <Location /asset/> ProxyPassReverse / #Depending on your system use one line or the other #Ubuntu: #SetOutputFilter proxy-html #any other system: ProxyHTMLEnable On ProxyHTMLURLMap / /asset/ </Location> ...which doesn't seem to work. Comments, hints and ideas welcome!

    Read the article

  • What does this SAP error mean? recv104 NiIReadrecv nixxi.cp5087

    - by Techboy
    I have an SAP BI Portal system and an SAP BW system. In the Visual Administrator of the BI Portal, section 'JCo RFC Provider' I have created some RFC listeners. In the SAP BW system (in transaction SM59), I have created, tested and activated the relevant RFC connections. When I start a JCo RFC Provider in the BI Portal the BW system that it communicates with produces these errors (displayed from SAP transaction SM21): Operating system call recv failed (error no. 104 ) Module nam Line Error text Caller.... Reason/cal nixxi.cp 5087 recv104 NiIRead recv Documentation for system log message Q0 I : The specified operating system call was returned with an error. For communication calls (receive, send, etc) often the cause of errors are network problems. It could also be a configuration problem at operating system level. (file cannot be opened, no space in the file system etc.). Additional specifications for error number 104 Name for errno number E_UNKNOWN_NO The meaning of the value stored in 'errno' is platform-dependent. The value which occurred here is unknown to the SysLog system. Either there is an incorrect error number in the SysLog message, or the tables TSLE2 or TSLE3 are not completely maintained. Technical details File Offset RecFm System log type Grp N variable message data 6 410220 m Error (Function,Module,Row) Q0 I recv104 NiIReadrecv nixxi.cp5087 There is plenty of space left in the file system, the servers can ping each other and there is no firewall between the servers. The tables (TSLE2 or TSLE3) mentioned in the error message do not provide any additional information. Please can you tell me if this error message refers to something specific, or if it is generic: recv104 NiIReadrecv nixxi.cp5087

    Read the article

  • Watchguard SSLVPN user connection issue

    - by Tory Newnham
    I have a user that needs access to our SSLVPN on our Watchguard firewall from his company issued laptop. The problem is when he tries to connect as himself he cannot connect. If I login to the machine it works fine, if I add him to the domain admins group in Active Directory it works fine… So, we know it is an access issue but I cannot figure out what access he needs. He is in the SSLVPN-Users group which I thought would give them all the access they needed but apparently not… Here is the output of the SSLVPN Logs when trying to connect: 2012-09-14T15:40:55.834 Launching WatchGuard Mobile VPN with SSL client. Version 11.5.3 (Build 339447) Built:Apr 5 2012 00:25:00 2012-09-14T15:41:18.832 Requesting client configuration from X.X.X.X:443 2012-09-14T15:41:20.386 VERSION file is 5.15, client version is 5.15 2012-09-14T15:41:21.924 Error: connect() failed. ret = -1 errno=10061 (...) 2012-09-14T15:41:23.960 Error: connect() failed. ret = -1 errno=10061 2012-09-14T15:42:00.788 Failed Launch Has anyone had the same issue, or have any ideas on what Group Policy changes need to be made in order for him to have access but not be a Domain Admin? Thanks in Advance!

    Read the article

  • QNTC and Windows Server 2008 R2

    - by Ben
    I am having a really hard time getting an iSeries (AS/400) machine talking to my new Windows Server 2008 R2 box using the QNTC file system on the iSeries. I had similar problems getting it to initially talk to a Windows Server 2003 machine, but enabling the local Guest account on the 2003 box solved that one. No such luck with the new 2008 box. When I do a WRKLNK /QNTC/SVR01 on the iSeries (which should show share listings, and does on any 2003 boxes) all I get is (Cannot find object to match specified name.). I know the iSeries likes the same username and password on the remote server, but unfortunately for us this is not the case. Anyhow, it does currently work with different username/password combinations on a 2003 box. To try and get the wretched things talking, I have made the 2008 server pretty open but the iSeries will not see shares on it. I have enabled the local Guest account, turned Windows firewall off, set the share permissions so Everyone has full control but to no avail. I read something on the internet about the iSeries only being able to handle NTLM authentication (and I understand by default that Server 2008 R2 only uses NTLMv2 and has NTLM disabled), so I made a special group policy for the server and tweaked all Group Policy settings under Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\Security Options but the iSeries STILL won't see it. We have a team of programmers who do all the system administration of the iSeries, but they are stumped for ideas on their side, and I'm stumped for ideas on my side. This is driving me crazy now, and if anybody has managed to get an iSeries to talk to Windows Server 2008 R2 using QNTC I would be very appreciative of any suggestions, be it on the Windows side, iSeries settings or even IBM PTF's that might patch anything. The iSeries is running V5R4 and I have *SECOFR privileges on it, if it helps. One final (most important!) note - The programmers think it's my system being tricky, and I think it's theirs - please prove me right :)

    Read the article

  • Access to message queuing system is denied MSMQ?

    - by user1401694
    My problem is a little confusing. I have 2 servers (Windows Server 2008 R2) with MSMQ installed and I want to use Server B to consume a MessageQueue on Server A. When I try to Receive it always throws a message error: "Access to message queuing system is denied.". IP between them. Server A: 172.31.23.130 Server B: 172.31.23.195 FormatName:Direct=TCP:172.31.23.195\private$\queuesource (It's working for Sends) I can ping each server from the other; The firewall is disabled; The "queuesource" has Full Control to "Everyone", "Anonymous Logon", "Network", "Network Services"; Journal is disabled; Authentication is ok; The queue is Transactional. My code in .Net C# is basically like this: MessageQueue _sourceQueue = new MessageQueue(); _sourceQueue.Path = "FormatName:Direct=TCP:172.31.23.195\private$\queuesource"; _sourceQueue.Receive(); // << here throw an exception. Actually I'm using the Private Queue only to avoid Active Directory's problems. For example, if the server DNS fail all network fail. I don't know what do anymore.

    Read the article

  • TortoiseSVN hangs in Windows Server 2012 Azure VM

    - by ZaijiaN
    Following @shanselman's article on remoting into an Azure VM for development, I spun up my own VS 2013 VM, and that image runs on WS 2012. Once I was able to remote in, I started installing all my dev tools, including Tortoise SVN 1.8.3 64bit. Things went south once I started attempting to check out code from my personal svn server. It would hang and freeze often, although sometimes it would work - I was able to partially check out projects, but I would get frequent connection time out errors. My personal svn server (VisualSVN 2.7.2) runs at home on a windows 7 machine, and I have a dyndns url pointing to it. I have also configured my router to passthrough all 443 traffic to the appropriate port on the server. I self-signed a cert and made sure it was imported into the VM cert store under trusted root authorities. I have no problems connecting to my svn server from 4-5 other computers & locations. From the Azure VM, in both IE and Chrome, I can access the repository web browser with no issues. There are no outbound firewall restrictions. I have installed other SVN add-ons for Visual Studio (AnkhSVN, VisualSVN) and attempted to connect with my svn server, with largely the same results - random and persistent connection issues (hangs/timeouts). I spun up a completely fresh WS 2008 Azure VM, and installed TortoiseSVN, and had the same results. So I'm at a loss as to what the problem is and how to fix it. Web searches on tortoisesvn and windows server issues doesn't yield any current or relevant information. At this point, i'm guessing that maybe some setting or configuration that MS Azure VM images is the culprit - although I should probably attempt to spin up my own local WS VM to rule out that it's a window server issue. Any thoughts? I hope I'm just missing something really obvious!

    Read the article

  • Outlook 2007 unable to connect to exchange server

    - by mattwarren
    I came into the office a week ago and outlook has refused to connect ever since, it just says "Disconnected" in the bottom right-hand corner. I've tried restarting it, rebooting Windows etc. I'm the only one if our office who is having this problem, so it's not a general problem with the server. Things I've tried Pinging the server via IP address and host name, both work fine Connecting via OWA, this works using the same machine name Connecting to Exchange via HTTP ("Outlook Anywhere") doesn't work None of the suggestions in this question helped, http://serverfault.com/questions/21755/can-ping-exchange-server-cant-connect-outlook-to-it Disabling Windows firewall on my laptop also has no effect. There are no items in the event viewer that indicate that anything it up. Also no permissions have changed on the server since when it worked. Update: I've just tried logging onto a completely different PC, using my domain controller user-name/password. When I setup outlook on there it also fails, so the problem isn't specific to 1 pc/outlook it's something about my particular user name, but not when using OWA? What else can I do to diagnose this, any suggestions?

    Read the article

  • UNC Path fails by IP "no network provider accepted the given network path", but works using hostname

    - by BoyMars
    I have an unusual problem with a Windows Server 2003 (Standard x86) box. It appears the machine will not accept connections to its shares (locally and from other domain member servers) by using its ip address in a UNC path. The error returned is: "no network provider accepted the given network path" This is the case with the machine's ip address: \\10.0.8.x and even the loopback address: \\127.0.0.1 \\localhost does not work... but using the hostname (fqdn or not) works: \\server & \\server.domain.local The local windows firewall for this server is off, ping/rdp/other services respond fine using the IP address. The following services are running and have been restarted: Computer Browser Workstation Server The server itself has been rebooted too. Event 8032 in the system log indicates that: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{29A6A925-AFB3-47E2-BA59-DDA086DEAE7A}. The backup browser is stopping. The domain controller has not been restarted, no other servers have experienced this problem, yet there are a number of browser (8021) related errors in the logs on this server. Does anyone have any suggestions? I would like to avoid rejoining this server to the domain if possible.

    Read the article

  • Configuring external SMTP server on Azure VM - messages staying in queue

    - by Steph Locke
    I have an external SMTP provider: auth.smtp.1and1.co.uk I am trying to send SQL Server Reporting Services emails via this on an Windows 2012 Azure VM. It is configured sufficiently correctly for emails to be generated, but I've not configured something or mis-configured something as the emails then stay in the queue. Setup details Configured SMTP Virtual Server General: IP Address: Fixed value Access: Access Control: Authentication: ticked Anonymous access Access: Connection Control: All except the list below (which is empty) Access: relay restrictions: Only the list below (which contains 127.0.0.1), ticked 'allow all..' option Delivery: Outbound Security...:Basic Authentication with username and password completed, ticked TLS encryption Delivery: Outbound connections...:TCP port=587 Delivery: Advanced: FQDN=ServerName, smarthost=auth.smtp.1and1.co.uk I then set the following SSRS rsreportserver.config values: <SMTPServer>100.92.192.3</SMTPServer> <SendUsing>2</SendUsing> <SMTPServerPickupDirectory> c:\inetpub\mailroot\pickup </SMTPServerPickupDirectory> <From>[email protected]</From> Tried so far 1) turning the smtp service off and on again (just in case) 2) run SMTPDiag with no errors (also no emails) 3) tried turning off the firewall for the ports (and more generally to see if it made a difference) 4) tried generation from powershell which resulted with message in queue 5) added 25 and 857 as endpoint 6) perused the event log and found some warnings that appear to be about the recipient Message delivery to the remote domain 'gmail.com' failed for the following reason: Unable to bind to the destination server in DNS. Message delivery to the host '212.227.15.179' failed while delivering to the remote domain 'gmail.com' for the following reason: The remote server did not respond to a connection attempt. 7) tried pinging but this appears to be blocked on azure 8) tried more powershell sending on different domains variants (localhost, boxname, internal ip used in smtp properties, 127.0.0.1) - none resulting in success 9) tried adding a remote domain - no change Could anyone recommend what step 10 should be in fixing this issue please?

    Read the article

  • iptables issue on plesk

    - by Fred Rufin
    i don't know how to open a specific port (rtmp=1935) on my CentOS server using Plesk or itables. I created new rules for port 1935 i/o using Plesk/Modules/Firewall but this doesn't work. Nmap scanning tells me this : 1935/tcp filtered rtmp . So i decided to have look at my iptable using SSH (iptables -L), and iptables seems to contain my rules (tcp spt:macromedia-fcs): Chain INPUT (policy DROP) target prot opt source destination VZ_INPUT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED REJECT tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN reject-with tcp-reset DROP all -- anywhere anywhere state INVALID ACCEPT all -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination VZ_FORWARD all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED REJECT tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN reject-with tcp-reset DROP all -- anywhere anywhere state INVALID ACCEPT all -- anywhere anywhere Chain OUTPUT (policy DROP) target prot opt source destination VZ_OUTPUT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED REJECT tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN reject-with tcp-reset DROP all -- anywhere anywhere state INVALID ACCEPT all -- anywhere anywhere Chain VZ_FORWARD (1 references) target prot opt source destination Chain VZ_INPUT (1 references) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpt:http ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT tcp -- anywhere anywhere tcp dpt:smtp ACCEPT tcp -- anywhere anywhere tcp dpt:pop3 ACCEPT tcp -- anywhere anywhere tcp dpt:domain ACCEPT udp -- anywhere anywhere udp dpt:domain ACCEPT tcp -- anywhere anywhere tcp dpts:filenet-tms:65535 ACCEPT udp -- anywhere anywhere udp dpts:filenet-tms:65535 ACCEPT tcp -- anywhere anywhere tcp dpt:cddbp-alt ACCEPT tcp -- anywhere anywhere tcp dpt:pcsync-https ACCEPT tcp -- localhost.localdomain localhost.localdomain ACCEPT tcp -- anywhere anywhere tcp dpt:macromedia-fcs ACCEPT udp -- localhost.localdomain localhost.localdomain Chain VZ_OUTPUT (1 references) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp spt:http ACCEPT tcp -- anywhere anywhere tcp spt:ssh ACCEPT tcp -- anywhere anywhere tcp spt:smtp ACCEPT tcp -- anywhere anywhere tcp spt:pop3 ACCEPT tcp -- anywhere anywhere tcp spt:domain ACCEPT udp -- anywhere anywhere udp spt:domain ACCEPT tcp -- anywhere anywhere ACCEPT udp -- anywhere anywhere ACCEPT tcp -- anywhere anywhere tcp spt:cddbp-alt ACCEPT tcp -- anywhere anywhere tcp spt:pcsync-https ACCEPT tcp -- localhost.localdomain localhost.localdomain ACCEPT tcp -- anywhere anywhere tcp spt:macromedia-fcs ACCEPT udp -- localhost.localdomain localhost.localdomain My rules seems to be OK but there is no connection to 1935 port using a browser. I can connect to this port with SSH (typing "wget myServerIP:1935") but maybe this is because it is an SSH tunelling ? I don't know how to do.

    Read the article

  • Add Zune Desktop Player to Windows 7 Media Center

    - by DigitalGeekery
    Are you a Zune owner who prefers the Zune player for media playback? Today we’ll show you how to integrate the Zune player with WMC using Media Center Studio. You’ll need to download Media Center Studio and the Zune Desktop player software. (See download links below) Also, make sure you have Media Center closed. Some of the actions in Media Center Studio cannot be performed while WMC is open. Open Media Center Studio and click on the Start Menu tab at the top of the application.   Click the Application button. Here we will create an Entry Point for the Zune player so that we can add it to Media Center. Type in a name for your entry point in the title text box. This is the name that will appear under the tile when added to the Media Center start menu. Next, type in the path to the Zune player. By default this should be C:\Program Files\Zune\Zune.exe. Note: Be sure to use the original path, not a link to the desktop icon.   The Active image is the image that will appear on the tile in Media Center. If you wish to change the default image, click the Browse button and select a different image. Select Stop the currently playing media from the When launched do the following: dropdown list.  Otherwise, if you open Zune player from WMC while playing another form of media, that media will continue to play in the background.   Now we will choose a keystroke to use to exit the Zune player software and return to Media Center. Click on the the green plus (+) button. When prompted, press a key to use to the close the Zune player. Note: This may also work with your Media Center remote. You may want to set a keyboard keystroke as well as a button on your remote to close the program. You may not be able to set certain remote buttons to close the application. We found that the back arrow button worked well. You can also choose a keystroke to kill the program if desired. Be sure to save your work before exiting by clicking the Save button on the Home tab.   Next, select the Start Menu tab and click on the next to Entry points to reveal the available entry points. Find the Zune player tile in the Entry points area. We want to drag the tile out onto one of the menu strips on the start menu. We will drag ours onto the Extras Library strip. When you begin to drag the tile, green plus (+) signs will appear in between the tiles. When you’ve dragged the tile over any of the green plus signs, the  red “Move” label will turn to a blue “Move to” label. Now you can drop the tile into position. Save your changes and then close Media Center Studio. When you open Media Center, you should see your Zune tile on the start menu. When you select the Zune tile in WMC, Media Center will be minimized and Zune player will be launched. Now you can enjoy your media through the Zune player. When you close Zune player with the previously assigned keystroke or by clicking the “X” at the top right, Windows Media Center will be re-opened. Conclusion We found the Zune player worked with two different Media Center remotes that we tested. It was a times a little tricky at times to tell where you were when navigating through the Zune software with a remote, but it did work. In addition to managing your music, the Zune player is a nice way to add podcasts to your Media Center setup. We should also mention that you don’t need to actually own a Zune to install and use the Zune player software. Media Center Studio works on both Vista and Windows 7. We covered Media Center Studio a bit more in depth in a previous post on customizing the Windows Media Center start menu. Are you new to Zune player? Familiarize yourself a bit more by checking out some of our earlier posts like how to update your Zune player, and experiencing your music a whole new way with Zune for PC.   Downloads Zune Desktop Player download Media Center Studio download Similar Articles Productive Geek Tips How To Rip a Music CD in Windows 7 Media CenterIntegrate Hulu Desktop and Windows Media Center in Windows 7Using Netflix Watchnow in Windows Vista Media Center (Gmedia)Fixing When Windows Media Player Library Won’t Let You Add FilesBuilt-in Quick Launch Hotkeys in Windows Vista TouchFreeze Alternative in AutoHotkey The Icy Undertow Desktop Windows Home Server – Backup to LAN The Clear & Clean Desktop Use This Bookmarklet to Easily Get Albums Use AutoHotkey to Assign a Hotkey to a Specific Window Latest Software Reviews Tinyhacker Random Tips VMware Workstation 7 Acronis Online Backup DVDFab 6 Revo Uninstaller Pro Bypass Waiting Time On Customer Service Calls With Lucyphone MELTUP – "The Beginning Of US Currency Crisis And Hyperinflation" Enable or Disable the Task Manager Using TaskMgrED Explorer++ is a Worthy Windows Explorer Alternative Error Goblin Explains Windows Error Codes Twelve must-have Google Chrome plugins

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 117 118 119 120 121 122 123 124 125 126 127 128  | Next Page >