Search Results

Search found 4786 results on 192 pages for 'traffic shaping'.

Page 123/192 | < Previous Page | 119 120 121 122 123 124 125 126 127 128 129 130 | Next Page >

Are there any FIPS-140-2 certified solutions for Linux?

- by Mark Renouf

I'm not even 100% certain what this involves, but my current understanding is this: use of only approved cryptographic algorithms for network traffic (easy, we use SSL and lock down the algorithms to only the really strong ones). Some form of physical data protection, involving disk encryption and physical tamper evident packaging. Obviously we're on our own if we need a tamper-proof product. But what about software for encrpytion. My guess is just using LUKS (although secure) will not be certified because it's open source (gov't seems a bit biased towards proprietary solutions here). Guardian Edge was mentioned by someone, but that appears to be complete Windows-based. So we need something like it, certified FIPS-140 compliant we can use on Linux.

Read the article
MSSQL instance shuts down

- by citronas

I'm currently developing a new ASP.net project hosted on a Windows Server 2008 RC2 with an MSSQL 2008 Express Database. I have three SQL instances (for different purposes) running which currently all contain a single database. For apprently no reason, these instances tend to shut down after some days, for no apparent reason. There might be low or none traffic to these instances, because there might be some days in a row, where I can't develop. It now occured several times, that one or two of these three instances just shut down, so that I can't access the database, without manually starting the instance. I can't seem to find a event log entry for the shutdown, which is most likely because I just enabled logging (why is the default setting off?) So the questions are: * Why does a SQL instance shut down? (Is there such thing as a "Shut down instance after 3 days of inactivity"? * How can I achieve that the instances are running 24/7?

Read the article
Cookies blocked by router?

- by Martin wiboe

Hello, My friend has a D-Link DI-524 router that she uses for her home broadband. It's a pretty vanilla setup with the standard firewall settings, DHCP enabled etc. However, recently she has experienced something strange - cookies are not working on every computer on her LAN, whether using FF3.5 or IE8. I tried viewing the HTTP traffic using Fiddler2, and the requests come through fine (mind you, Internet browsing still works flawlessly) but whenever a website tries to set a cookie using the "Set-Cookie:" header, my computer sees that line as "Set-*ookie:" with the cookie contents removed. I have never seen anything like this - do you have any idea? Regards, Martin

Read the article
What would be the total expenses of running an in-home web server?

- by techaddict

I have several hosting accounts with companies, and plan to keep them. However, I would like to try my hand at creating my own home web-server, both for fun and for the learning experience. I would like to know the expenses involved, including: electricity costs (greater than light bulb?) internet costs (will I have to upgrade my internet? Or is 3-5Mbps upload speed fine for a web server with medium amount of traffic? Would I have to get a separate internet connection?) other unknown expenses Consider that I will configure the web server myself, so that is not an expense. Also consider that I already have a computer (year-old Dell laptop, 15R) to use to be dedicated as the web server.

Read the article
Linux box acting as wireless access point to share the internet connection

- by Suresh

A linux machine is connected to internet over two interfaces ppp0 and ppp1 using two modems. Also this machine acts as wireless access point through an interface say, eth0 with ip address 192.168.1.1 and acts as gateway for the connected devices through this network with subnet mask 255.255.255.0 Now is it possible to achieve the following: When any of the connected devices through wireless AP needs internet connection linux machine has to use ppp1 interface for internet. If any of the applications on the linux machine needs internet connection linux machine should use ppp0 interface for the internet. Can this be achieved by adding rules to chains in filter/nat tables? If the kernel routing table has a default rule to route the default traffic through interface ppp0, wil kernel completely ignore ppp1 for internet? PS: new to networking and routing concepts, If the question is not clear leave a comment, will try to give more information.

Read the article
How do I configure OpenVPN for accessing the internet with one NIC?

- by Lekensteyn

I've been trying to get OpenVPN to work for three days. After reading many questions, the HOWTO, the FAQ and even parts of a guide to Linux networking, I cannot get my an Internet connection to the Internet. I'm trying to set up a OpenVPN server on a VPS, which will be used for: secure access to the Internet bypassing port restrictions (directadmin/2222 for example) an IPv6 connection (my client does only have IPv4 connectivity, while the VPS has both IPv4 and native IPv6 connectivity) (if possible) I can connect to my server and access the machine (HTTP), but Internet connectivity fails completely. I'm using ping 8.8.8.8 for testing whether my connection works or not. Using tcpdump and iptables -t nat -A POSTROUTING -j LOG, I can confirm that the packets reach my server. If I ping to 8.8.8.8 on the VPS, I get an echo-reply from 8.8.8.8 as expected. When pinging from the client, I do not get an echo-reply. The VPS has only one NIC: etho. It runs on Xen. Summary: I want to have a secure connection between my laptop and the Internet using OpenVPN. If that works, I want to have IPv6 connectivity as well. Network setup and software: Home laptop (eth0: 192.168.2.10) (tap0: 10.8.0.2) | | (running Kubuntu 10.10; OpenVPN 2.1.0-3ubuntu1) | wifi | router/gateway (gateway 192.168.2.1) | INTERNET | VPS (eth0:1.2.3.4) (gateway, tap0: 10.8.0.1) (running Debian 6; OpenVPN 2.1.3-2) wifi and my home router should not cause problems since all traffic goes encrypted over UDP port 1194. I've turned IP forwarding on: # echo 1 > /proc/sys/net/ipv4/ip_forward iptables has been configured to allow forwarding traffic as well: iptables -F FORWARD iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT iptables -A FORWARD -j DROP I've tried each of these rules separately without luck (flushing the chains before executing): iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j SNAT --to 1.2.3.4 iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE route -n before (server): 1.2.3.4 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 1.2.3.4 0.0.0.0 UG 0 0 0 eth0 route -n after (server): 1.2.3.4 0.0.0.0 255.255.255.0 U 0 0 0 eth0 10.8.0.0 0.0.0.0 255.255.255.0 U 0 0 0 tap0 0.0.0.0 1.2.3.4 0.0.0.0 UG 0 0 0 eth0 route -n before (client): 192.168.2.0 0.0.0.0 255.255.255.0 U 2 0 0 wlan0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlan0 0.0.0.0 192.168.2.1 0.0.0.0 UG 0 0 0 wlan0 route -n after (client): 1.2.3.4 192.168.2.1 255.255.255.255 UGH 0 0 0 wlan0 10.8.0.0 0.0.0.0 255.255.255.0 U 0 0 0 tap0 192.168.2.0 0.0.0.0 255.255.255.0 U 2 0 0 wlan0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlan0 0.0.0.0 10.8.0.1 128.0.0.0 UG 0 0 0 tap0 128.0.0.0 10.8.0.1 128.0.0.0 UG 0 0 0 tap0 0.0.0.0 192.168.2.1 0.0.0.0 UG 0 0 0 wlan0 SERVER config proto udp dev tap ca ca.crt cert server.crt key server.key dh dh1024.pem server 10.8.0.0 255.255.255.0 push "redirect-gateway def1" ifconfig-pool-persist ipp.txt keepalive 10 120 tls-auth ta.key 0 comp-lzo user nobody group nobody persist-key persist-tun log-append openvpn-log verb 3 mute 10 CLIENT config dev tap proto udp remote 1.2.3.4 1194 resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert client.crt key client.key ns-cert-type server tls-auth ta.key 1 comp-lzo verb 3 mute 20 traceroute 8.8.8.8 works as expected (similar output without OpenVPN activated): 1 10.8.0.1 (10.8.0.1) 24.276 ms 26.891 ms 29.454 ms 2 gw03.sbp.directvps.nl (178.21.112.1) 31.161 ms 31.890 ms 34.458 ms 3 ge0-v0652.cr0.nik-ams.nl.as8312.net (195.210.57.105) 35.353 ms 36.874 ms 38.403 ms 4 ge0-v3900.cr0.nik-ams.nl.as8312.net (195.210.57.53) 41.311 ms 41.561 ms 43.006 ms 5 * * * 6 209.85.248.88 (209.85.248.88) 147.061 ms 36.931 ms 28.063 ms 7 216.239.49.36 (216.239.49.36) 31.109 ms 33.292 ms 216.239.49.28 (216.239.49.28) 64.723 ms 8 209.85.255.130 (209.85.255.130) 49.350 ms 209.85.255.126 (209.85.255.126) 49.619 ms 209.85.255.122 (209.85.255.122) 52.416 ms 9 google-public-dns-a.google.com (8.8.8.8) 41.266 ms 44.054 ms 44.730 ms If you have any suggestions, please comment or answer. Thanks in advance.

Read the article
Can't access VirtualBox host-only network from windows host

- by Markus Orreilly

I've got two vms running on a windows host, each with a host-only network and ips in the 192.168.56.XXX range. One of them is running apache and serving some content that I want to access from my windows host. However, the windows host can't access the apache server at all. The server is running on 192.168.56.103. ipconfig from windows says it's ip for the Virtual Box interface is 169.254.143.37. I tried route add to route 192.168.56.XX traffic, but everything I tried didn't work and I was probably using it wrong. Any ideas on how to make this work?

Read the article
accessing a web server from the LAN and WAN

- by jessh

My router does not support loopback. In order to view a webpage on my server, I either have to type in the local ip (192.168.1.201), or be on another network. What are my options for making this easier? Here are some possible things: Route all web traffic through an external proxy (seems to be overkill) Run my own DNS server (where to start?!) Buy a new router that supports loopback. Surely there is another way that I can use my laptop on the LAN and the WAN by typing in my domain more easily than these solutions.

Read the article
Security log overflowing with filtering blocks

- by Jacob

I have a Windows 7 workstation whose security log is overflowing with the following errors: Audit Failure 3/31/2010 2:00:50 PM Microsoft-Windows-Security-Auditing 5157 Filtering Platform Connection "The Windows Filtering Platform has blocked a connection." Audit Failure 3/31/2010 2:00:50 PM Microsoft-Windows-Security-Auditing 5152 Filtering Platform Packet Drop "The Windows Filtering Platform has blocked a packet." These are not unexpected events; the firewall is expected to drop unsolicited traffic. However, I can't figure out how to tell Windows to stop writing these events to the security log. I've seen this problem before and have been able to find an answer with the use of Google, but I wasn't able to locate on this this time. Thanks!

Read the article
Which software could I use to setup a 4in6 IP tunnel (RFC 2473) on GNU/Linux

- by Mildred

Here is my problem. I have a server A that has two IP addresses. One public IPv4 and one IPv6. Server B has only one IPv6 address. I want to host most of my services on server B (because I have more disk space on it, I can control it better) but I need the IPv4 of the server A. I would like to set up a 4in6 tunnel (RFC 2473) between A and B so that I can transfer the traffic from the IPv4 address in A to B. If needed, I can request another IPv4 address on the server A, but I'd prefer not to. My question is: which software use to do the 4in6 tunnelling? I suppose OpenVPN can do the thing, but is there any implementation of the 4in6 protocol on Linux? A little more challenging: the IPv4 address comes from a venet interface, which cannot be bridged. How could I transfer ownership of this address I don't use on server A to the server B? Thank you

Read the article
How to test web application performance from other continent?

- by Thomas Einwaller

We are hosting our web application http://timr.com on a server located in Germany. The server handles a high load of traffic very well and everything works as desired in terms of performance and load times. However we sometimes get complaints from our overseas users (US, South America) that the experience slow page loading times. What would be the best way to test the performance of a web application "as if you are on another continent"? I want to make sure that the distance between the server and the user is no problem?

Read the article
How to grow from single server setup

- by Jenkz

I'm looking for resources on how to grow our server setup. We currently have one dedicated server with Rackspace in the UK of the following spec: HPDL385_G2_PrevGen HP Single Dual Core Opteron 2214 (2.2Ghz) 4GB RAM 2x 10,000 SCSI Drives in RAID 1 Our traffic is up to 550,000 UVs per month. The site runs off a PHP and MySQL setup. The database gets an absolute hammering, we have many complex queries joining multilpe tables. We are using APC for PHP caching. I'm getting to the stage where I've done as much DB and query optimisation as I can and wonder what the next step should be...... I've looked at memcache, but I've got the impression that his requires a large amount of RAM and ideally a dedicated box.... So is the next step to have two boxes; one for database, one for Apache? Or is there a step I've overlooked. Our load is usually around the 2 mark, but right now it's up at 20!

Read the article
How to grow from single server setup

- by Jenkz

I'm looking for resources on how to grow our server setup. We currently have one dedicated server with Rackspace in the UK of the following spec: HPDL385_G2_PrevGen HP Single Dual Core Opteron 2214 (2.2Ghz) 4GB RAM 2x 10,000 SCSI Drives in RAID 1 Our traffic is up to 550,000 UVs per month. The site runs off a PHP and MySQL setup. The database gets an absolute hammering, we have many complex queries joining multilpe tables. We are using APC for PHP caching. I'm getting to the stage where I've done as much DB and query optimisation as I can and wonder what the next step should be...... I've looked at memcache, but I've got the impression that his requires a large amount of RAM and ideally a dedicated box.... So is the next step to have two boxes; one for database, one for Apache? Or is there a step I've overlooked. Our load is usually around the 2 mark, but right now it's up at 20!

Read the article
Firewall Authentication - logon failed

- by RoseofPurple

I am attempting to use a Watchguard firebox 550e with Fireware XTM 11 to authenticate incoming traffic for RDP access. I have configured the firewall to use my domain controller for Active directory authentication with a Windows 2000 server farm and added a couple of user accounts to the users list in the firewall, but when I attempt to log onto the authentication page for the firewall, I get Logon failed. I know that the user names work and that the passwords are correct. I am also certain that I have told it to log on using Active Directory instead of the FireboxDB. I have tried using the username alone, the domain\username, and the email address. I believe that the Search base is correct (DC=mydomainname,DC=com), and I did not change any defaults for sAMAccountName (and I do not recall making any changes to those items when configuring the domain structure). Any assistance would be appreciated.

Read the article
Bridging VirtualBox over OpenVPN TAC adapter on Windows

- by Sean Edwards

I'm trying to configure a virtual machine (VirtualBox guest running Backtrack 4) with a bridged adapter over a VPN connection. The VPN is is hosted by the cybersecurity club at my university, and connects to a sandboxed LAN designed for penetration testing against various servers that the club has built. My host (Windows 7 Ultimate) connects to the VPN fine and is assigned an IP through DHCP, but for some reason the VM can't do the same thing, and I'm not sure why. It's like OpenVPN is filtering out packets from the MAC address it doesn't recognize. I want the virtual machine to bridge over the VPN connection, because our IT office has very strict policies about what you can and can't do on the network. I want to be able to run active attacks (ARP spoofing, nmap, Nessus scans) in the sandbox environment without risking the traffic accidentally going over the university network and getting my internet access revoked. Bridging over the VPN connection and running all attacks from inside the VM would solve that problem. Any idea why the host can use this interface, but the VM can't?

Read the article
Cannot access Application configured on local IIS 7 using IP/machine name

- by SilverHorse

I have a windows 7 machine 64 bit and IIS 7 I have a default website on the IIS.Its binding is {IP: All Unassigned , Port:80 , Host Name : blank} I have added a new asp.net application to that website,mapped physical path, have set the virtual path as "MyWebApp". Application pool for "MyWebApp" is "DefaultAppPool" {.Net Framework: 4.0 ; Managed Pipeline Mode: Classic} The problem I am facing is I can access the website using http://localhost, http://IP.IP.IP.IP and http://MyMachineName But I can not access the Application other than using http://localhost/MyWebApp What should I do if I want to access the webapp using http://MyMachineName/MyWebApp OR http://IP.IP.IP.IP/MyWebApp Please note : I have already created an inbound rule to allow all HTTP traffic for port 80 in firewall settings.

Read the article
Rsyslog mail module not working

- by Henry-Nicolas Tourneur

I would like to email snort alerts from my Debian Lenny fw. Syslog is sending log messages from the firewalls to a central rsyslog. On my central rsyslog, I got something like : $ModLoad ommail $ActionMailSMTPServer server.company.local $ActionMailFrom [email protected] $ActionMailTo [email protected] $ActionExecOnlyOnceEveryInterval 1 $template mailSubject,"[SNORT] Alert from %hostname%" $template mailBody,"Snort message\r\nmsg='%msg%'" $ActionMailSubject mailSubject if $msg regexp 'snort[[0-9]]: [[0-9]:[0-9]:[0-9]].*' then ommail:;mailBody But I doesn't get any mails, I even can trigger snort with something like ping -s 1400, it logs things like following but still no mail ! 2010-01-08T09:25:58+00:00 Hostname snort[4429]: [1:499:4] ICMP Large ICMP Packet [Classification: Potentially Bad Traffic] [Priority: 2]: {ICMP} ip_dest - ip_src Any idea ?

Read the article
What advantages does mod_evasive have over mod_security2 in terms of DDOS protection?

- by Martynas Sušinskas

Good day, I'm running an Apache2 server in front of a Tomcat and I need to implement a DDOS protection mechanism on the Apache2 layer. I have two candidates: mod_evasive and mod_security2 with the OWASP core rule set. Mod_security is already installed for overall protection, but the question is: is it worth adding mod_evasive besides mod_security just for the DDOS (does it have any major advantages) or the OWASP crs rules in the /experimental_rules/ directory (modsecurity_crs_11_dos_protection.conf) provide the same protection? Or it's just a matter of preference? The sites are not very high traffic normally. Thank you for your answers, Martynas

Read the article
Blocking internet poker applications

- by Matthew Savage

I 'look after' the wireless internet for a cafe where I live, and we've noticed that there's quite a substantial slow down of internet speeds when certain users are playing internet poker. I've put in filters to block any HTTP traffic referencing gambling and poker etc, however I want to be able to block any applications (i.e. poker clients) which don't use HTTP. I've tried searching around for a list of poker clients and perhaps their ports, but have had no real luck. Does anyone know what these might be?

Read the article
Does anyone provide a Skype connection service?

- by Runc

Is there a way of offering Skype access to incoming calls while keeping all telephony traffic over our chosen business telephony provision? Is there a 3rd party who can route incoming Skype calls to our telephone system? The business has had requests from contacts wanting to call us via Skype, but we want to keep all telephony via our PBX and phone lines as our geographic location limits our available internet bandwidth. We also prevent installation of non-standard applications on desktops and do not want to add Skype to our build. I was wondering if there were any 3rd parties that provide a connection service that would allow our contacts to call via Skype and us receive the calls via our phone system.

Read the article
Detecting man-in-the-middle attacks?

- by Ilari Kajaste

There seem to be many possible ways to create man-in-the-middle attacks on public access points, by stealing the access point's local IP address with ARP spoofing. The possible attacks range from forging password request fields, to changing HTTPS connections to HTTP, and even the recently discovered possibilit of injecting malicious headers in the beginning of secure TLS connections. However, it seems to be claimed that these attacks are not very common. It would be interesting to see for myself. What ways are there to detect if such an attack is being attempted by someone on the network? I guess getting served a plain HTTP login page would be an obvious clue, and of course you could run Wireshark and keep reading all the interesting ARP traffic... But an automated solution would be a tiny bit more handy. Something that analyzes stuff on the background and alerts if an attack is detected on the network. It would be interesting to see for myself if these attack are actually going on somewhere.

Read the article
Stripping a spike from rrdtool when removespike.pl doesn't find any

- by raccettura

I know when rrdtool graphs (using rrdtool 1.4) network traffic and the host is restarted a spike is a pretty normal thing to see. In the past I've just run that removespike.pl script that is hosted by the author and it strips the spike and I'm good to go. The last few times I've rebooted removespike.pl finds no spikes, but it's obvious that there are spikes. So my question is, how can I easily remove these spikes and get my graphs usable again? Right now it's so skewed it's meaningless.

Read the article
Replace an IP address with it's whois using bash

- by user2099762

I have a traffic log similar to this "page visited" for xxx.xxx.xxx.xxx at 2013-10-30 and I would like to replace the ip address with the result of it's whois lookup. I can export the ip addresses to a separate file and then do a whois on each line, but im struggling to combine them all together. Ideally i'd like to replace the ip address in the same string and print the new string to a new file. So it would look like "page visited" for example.com at 2013-10-30 Can anyone help Here's what I have so far grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' clean_cites.txt > iplist.txt for i in `cat iplist.txt` do OUTPUT=$(geoiplookup -f /usr/share/GeoIP/GeoIPOrg.dat $i) echo $i,$OUTPUT >> visited.txt done Like I said,this produces a separate file with a list of ip addresses and their relevant hostnames, so I either need to search for the ip address in file and and replace it with the text in file b (which will give the ip address and hostname) or replace the ip address in place. Thanks

Read the article
SSL Proxy: Forwarding without the encryption

- by John

I have a python application listening on port 9001 for HTTP traffic. I'm trying to configure Apache (or anything, really) to listen on port 443 for HTTPS connections, and then forward the connection, sans encryption, to port 9001 on the same machine. My application would then reply via the proxy, where the encryption would be reapplied, and returned to the client transparently. I'm not doing anything crazy with the site names and SSL certs, I have one public IP, one hostname, and one SSL cert. Stripping the encryption at the proxy doesn't seem to be a common requirement. Is what I'm asking for a normal requirement? Are there other concerns with this sort of configuration?

Read the article
Bridge virtual machines out WLAN interface

- by Thomas

It seems that my wlan card (intel 5100 AGN) firmware doesn't allow "spoofing" MAC addresses. This has the side effect of destroying the capability to bridge out my virtual machines on that interface. Apparently this is a common thing on wlan cards. I can see the incoming traffic just fine in my virtual machines, but their DHCP queries don't get bridged out of the WLAN card. It works perfectly well when using the wired ethernet port. Is there a workaround for this? MAC-NAT or something? I don't want to route my virtual machines out to the Internet because I don't want my host OS to even have an IP address. I'm using Linux and KVM for virtualization.

Read the article

< Previous Page | 119 120 121 122 123 124 125 126 127 128 129 130 | Next Page >