Search Results

Search found 4533 results on 182 pages for 'castle proxy'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 129/182 | < Previous Page | 125 126 127 128 129 130 131 132 133 134 135 136  | Next Page >

  • router - Problem Sharing internet connection in my router

    - by luis velasco
    Hi we are 4 roomates at the university but I have a problem. One of my roomies is downloading torrents all the time. When somebody need make a call or doing something like you tube or a quiz using the internet conection. The internet is very slow.... I can not create a network using a computer as a proxy. I just need a good router (and in the budget no more than $50).. I just want to split 16MB. In a separated 4 x 4 mb (theoretically)..

    Read the article

  • Installing PHP 5.3 on a Windows host with both Apache and IIS

    - by Hippyjim
    I'm currently experimenting with a couple of configurations of Apache and IIS on the same server box - so far using Apache as a proxy for IIS is winning, but another of my setups has Apache on a non-standard port with IIS taking the majority of traffic. Both of these machines currently have PHP 5.2 installed. I want to upgrade to PHP 5.3, but the installer asks which server I'm running - I'm running both - so what do I tell it? Which configuration will be the most flexible, tell it we're running IIS, or tell it we're running Apache?

    Read the article

  • Cannot install any Feature/Role on Windows Server 2008 R2 Standard

    - by Parsa
    I was trying to install Exchange 2010 prerequisites, when I encountered some error. All look like the same. Like this one: Error: Installation of [Windows Process Activation Service] Configuration APIs failed. the server needs to be restarted to undo the changes. My server is running Windows Server 2008 R2 Standard Edition. UPDATE: I tried installing the prerequisites one by one using PowerShell. Now I have errors on RPC over Http proxy: Installation of [Web Server (IIS)] Tracing Failed, Attempt to install tracing failed with error code 0x80070643. Fatal error during installation. Searching about the error code doesn't tell me much more than something went wrong when trying to update windows. Installing Http Tracing alone also doesn't make any difference.

    Read the article

  • If I'm a web server, for which accounts can I turn off shells within passwd file?

    - by eric01
    I am making a web server running LAMP and want to access it using SSH. When I open the passwd file, I see all those accounts and I want to know for which ones I can put false. I have the following accounts: root, daemon, bin, sys, sync, games, man, lp, mail, news, uucp, proxy, www-data backup, list, irc, gnats, nobody, libuuid, syslog, messagebus, whoopsie, mandscape, sshd, eric Except root, sshd and eric, which ones should I not disable? How about www-data and sshd? Thanks a lot for your help.

    Read the article

  • Issue varnish purge through CloudFlare to Varnish

    - by Michael
    I've been working on this for a while and can't seem to find any solution. I have varnish sitting in front of my nginx server, with CloudFlare sitting in front. When I issue a curl -X PURGE host CloudFlare picks it up and of course denies it with a 503 error. If I use direct.host to bypass CloudFlare it hits the Varnish server and it accepts the request but it does nothing since direct.host isn't used so there is nothing in the cache for that url. I am using WordPress and there is a WordPress Varnish Purge plugin, it says to add the following line to wp-config.php: define('VHP_VARNISH_IP','127.0.0.1') This is specifically to work with proxy servers and/or CloudFlare to make sure the request goes to the Varnish server rather than CloudFlare, but that doesn't seem to help. Anyone see this before and have any idea?

    Read the article

  • Why aren't connections released by the tomcat AJP connector

    - by Chris
    I have here a jboss with a web application. The tomcat is configured to use the ajp connector. Incoming connections are tunneled via an apache reverse proxy to the connector. Now I recognized that under heavy load the connector keeps a bunch of connections in "keep alive" mode for eternity and doesn't release them any more. With the normal HTTP connector the app did well, but now with the ajp connector we have regular app stallments. Can someone give me some advice where to start to look to resolve this issue? Why does the connector not release the connection again after idling for 300 secs? thanks, chris

    Read the article

  • exception creating a JDBC Conection Pool Glassfish v3

    - by jon
    Hi all, I am experiencing problems creating a connection pool in glassfish v3, just for reference i am using the Java EE glassfish bundle. my enviroment vars are as follows Url: jdbc:oracle:thin:@localhost:1521:xe User: sys Password : xxxxxxxx which i think is all i need to make a connection. but i get the following exception WARNING: Can not find resource bundle for this logger. class name that failed: com.sun.gjc.common.DataSourceObjectBuilder SEVERE: jdbc.exc_cnfe_ds java.lang.ClassNotFoundException: oracle.jdbc.pool.OracleDataSource at java.net.URLClassLoader$1.run(URLClassLoader.java:202) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:190) at java.lang.ClassLoader.loadClass(ClassLoader.java:307) at java.lang.ClassLoader.loadClass(ClassLoader.java:248) at java.lang.Class.forName0(Native Method) at java.lang.Class.forName(Class.java:247) at com.sun.gjc.common.DataSourceObjectBuilder.getDataSourceObject(DataSourceObjectBuilder.java:279) at com.sun.gjc.common.DataSourceObjectBuilder.constructDataSourceObject(DataSourceObjectBuilder.java:108) at com.sun.gjc.spi.ManagedConnectionFactory.getDataSource(ManagedConnectionFactory.java:1167) at com.sun.gjc.spi.DSManagedConnectionFactory.getDataSource(DSManagedConnectionFactory.java:135) at com.sun.gjc.spi.DSManagedConnectionFactory.createManagedConnection(DSManagedConnectionFactory.java:90) at com.sun.enterprise.connectors.service.ConnectorConnectionPoolAdminServiceImpl.getManagedConnection(ConnectorConnectionPoolAdminServiceImpl.java:520) at com.sun.enterprise.connectors.service.ConnectorConnectionPoolAdminServiceImpl.getUnpooledConnection(ConnectorConnectionPoolAdminServiceImpl.java:630) at com.sun.enterprise.connectors.service.ConnectorConnectionPoolAdminServiceImpl.testConnectionPool(ConnectorConnectionPoolAdminServiceImpl.java:442) at com.sun.enterprise.connectors.ConnectorRuntime.pingConnectionPool(ConnectorRuntime.java:898) at org.glassfish.admin.amx.impl.ext.ConnectorRuntimeAPIProviderImpl.pingJDBCConnectionPool(ConnectorRuntimeAPIProviderImpl.java:570) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.glassfish.admin.amx.impl.mbean.AMXImplBase.invoke(AMXImplBase.java:1038) at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:836) at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:761) at javax.management.MBeanServerInvocationHandler.invoke(MBeanServerInvocationHandler.java:288) at org.glassfish.admin.amx.util.jmx.MBeanProxyHandler.invoke(MBeanProxyHandler.java:453) at org.glassfish.admin.amx.core.proxy.AMXProxyHandler._invoke(AMXProxyHandler.java:822) at org.glassfish.admin.amx.core.proxy.AMXProxyHandler.invoke(AMXProxyHandler.java:526) at $Proxy233.pingJDBCConnectionPool(Unknown Source) at org.glassfish.admingui.common.handlers.JdbcTempHandler.pingJdbcConnectionPool(JdbcTempHandler.java:99) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at com.sun.jsftemplating.layout.descriptors.handler.Handler.invoke(Handler.java:442) at com.sun.jsftemplating.layout.descriptors.LayoutElementBase.dispatchHandlers(LayoutElementBase.java:420) at com.sun.jsftemplating.layout.descriptors.LayoutElementBase.dispatchHandlers(LayoutElementBase.java:394) at com.sun.jsftemplating.layout.event.CommandActionListener.invokeCommandHandlers(CommandActionListener.java:150) at com.sun.jsftemplating.layout.event.CommandActionListener.processAction(CommandActionListener.java:98) at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88) at javax.faces.component.UIComponentBase.broadcast(UIComponentBase.java:772) at javax.faces.component.UICommand.broadcast(UICommand.java:300) at com.sun.webui.jsf.component.WebuiCommand.broadcast(WebuiCommand.java:160) at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:775) at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1267) at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:82) at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101) at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118) at javax.faces.webapp.FacesServlet.service(FacesServlet.java:312) at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1523) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:343) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215) at com.sun.webui.jsf.util.UploadFilter.doFilter(UploadFilter.java:240) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:277) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:188) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:641) at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:97) at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:85) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:185) at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:332) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:233) at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:239) at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:791) at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:693) at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:954) at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:170) at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:135) at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:102) at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:88) at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:76) at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:53) at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:57) at com.sun.grizzly.ContextTask.run(ContextTask.java:69) at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:330) at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:309) at java.lang.Thread.run(Thread.java:619) WARNING: RAR8054: Exception while creating an unpooled [test] connection for pool [ testingManagmentDataConnection ], Class name is wrong or classpath is not set for : oracle.jdbc.pool.OracleDataSource WARNING: Can not find resource bundle for this logger. class name that failed: com.sun.gjc.common.DataSourceObjectBuilder does anyone have any ideas what i am doing wrong/ what i will have to do to correct this issue, Thanks for your time Jon

    Read the article

  • SQL Server Rights to backup drive

    - by Sam
    I'm trying to copy a backup I've made from one server to another using either an SSIS or Powershell step in a job. I've run into the same error on both systems when running the step under the sql agent. I receive errors that the path does not exist. I've tried granting the agent rights to e:\backups, where the file is located, but it still doesn't work. When I use a proxy for the step, it works fine. Can anyone help me with what permissions to grant to sqlagent? Rights look to have been granted to MSSQL$Instance1 on the backup drive.

    Read the article

  • Access denied error when running site with SSL

    - by Gonzalo
    i've setup a SSL certificate to use in a website i'm working on. The problem is that when "Require SSL" is checked in iis, i get the following error while trying to access the site: 403 - Forbidden: Access is denied. You do not have permission to view this directory or page using the credentials that you supplied. If that checkbox is not checked, the site works fine (i'm not sure why, but i can even access it through SSL). Not sure if it makes any difference, but my company has an ISA server that we use as a proxy / firewall. Thanks, Gonzalo

    Read the article

  • Pidgin not working with Gtalk

    - by Selvakumar Ponnusamy
    I have downloaded latest Pidgin(version 2.10.6) for Windows and tried to gtalk account to it. It shows "not authorized" error. I have tried many options given in the net and its not working for me, Below are the values I have given, Basic Tab: Protocal: XMPP Username: <my username> Domain: gmail.com Password: <My Password> and enabled Remember password check box Advanced Tab: Connection security: Require Encryption (Default) Unhecked "Allow plaintext auth over unencrypted streams" (Default) Connection Port: 5222 (Default) Connect server: talk.google.com File Transfer proxies: proxy.eu.jabber.org (default) BOSH URL: <Empty> (default) I enabled two step verification process for my gmail account, So I created application specific password and given here. But Its not working. Please help me what could be the problem and how to resolve it?

    Read the article

  • mod_rewrite to page with HTTP auth

    - by Joe
    I'm trying to use modrewrite to proxy http:://myserver/cam1 to an internal, http-auth protected server at http:://admin:[email protected]/cgi/mjpg/mjpg.cgi No matter what I try, though, requests to http:://myserver/cam1 always prompt me for the username and password. I've tried all of these to no avail. RewriteRule ^/cam1 http://admin:[email protected]/cgi/mjpg/mjpg.cgi [P,L] RewriteRule ^/cam1 http://192.168.99.130/cgi/mjpg/mjpg.cgi [E=Authorization:Basic\ YWRtaW46YWRtaW4=,P,L] RewriteRule ^/cam1 http://192.168.99.130/cgi/mjpg/mjpg.cgi [E=HTTP_USERID:admin,E=HTTP_PASSWORD:admin,P,L]` Anybody have any other ideas?

    Read the article

  • DHCP request error. Send_packet now permitted, How to debug, What does it mean

    - by Sparsh Gupta
    Hello I recently installed CSF firewall and have made live a new server which is accepting around 600req/second. Its basically a reverse proxy and I found in pingdom and munin that for a particular time, the response times of the server increased by 3 folds. I looked into logs and exactly at that point, I found loads of entries like this: Feb 27 15:22:09 li235-57 dhclient: DHCPREQUEST of <My IP address> on eth0 to 207.192.68.72 port 67 Feb 27 15:22:09 li235-57 dhclient: send_packet: Operation not permitted Can you help me understand what went wrong and what exactly happened. Is there any settings I should change in CSF or any pointer to debug this further Thanks

    Read the article

  • Necesity of ModSecurity if Apache is behind Nginx

    - by Saif Bechan
    I have my Apache installed behind Nginx. So every request that comes in is first handeled by Nginx. If there is dynamic content needed the request is send to Apache which listens on port 8080. Pretty basic reverse proxy setup. Now with this setup the first entry point is Nginx. Is it still needed to install ModSecurity to protect Apache against unwanted request. Or should I just focus on protecting Nginx as this is the first entry point. All suggestions are welcome.

    Read the article

  • How to Make Red zone Network settings to Endian OS

    - by Gash
    Please help me, Currently we have about 10 pc's sharing internet. and We have CISCO 800 series router that connect the ADSL, to the lan Segment it connect switch throw the switch all pc's are getting connecting. all user pc's having 192.168.3.--- range ips and gateway is 192.168.3.254 now i install the endian firewall to one PC, it must work as firewall,VPN & proxy i made green zone ip as 192.168.3.222 then how to give red zone IP? i know that is static IP but it cant be same range so please help me out to sort this without changing anything in router, if want i can change the internal IP sets instead of 3.-- 10.-- or something like that and also please state me at present i tried Endian firewall red and green zone cables are pluged in to network switch only please help me to overcome this its urgent

    Read the article

  • Ubuntu VM Guest - Samba Service Not Accessible from VM Host via Hostname

    - by phalacee
    I have a Windows 7 Workstation with a Ubuntu 10.10 VM running in Virtual Box 3.2.12 r68302. I recently updated Samba and winbind, and since the update, I am unable to access the machine via it's hostname (\mystique) from the VM Host. I can access it by the "Host-only" IP (\192.168.56.101) and the DHCP Assigned IP address (\10.1.1.20) and I can connect to the webserver on the machine via it's hostname (http://mystique/). As stated, accessing this machine via it's hostname worked fine prior to the update, but has since stopped working. I have added the hostname to the smb.conf for the netbios name, to no avail. My smb.conf [global] section looks like this: workgroup = NETWORK netbios name = Mystique server string = %h server (Samba, Ubuntu) dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d encrypt passwords = true passdb backend = tdbsam obey pam restrictions = yes unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = yes map to guest = bad user usershare allow guests = yes

    Read the article

  • How do I deny all requests not from cloudflare?

    - by phillips1012
    I've recently gotten denial of service attacks from multiple proxy ips, so I installed cloudflare to prevent this. Then I started noticing that they're bypassing cloudflare by connecting directly to the server's ip address and forging the host header. What is the most performant way to return 403 on connections that aren't from the 18 ip addresses used by cloudflare? I tried denying all then explicitly allowing the cloudflare ips but this doesn't work since I've set it up so that CF-Connecting-IP sets the ip allow tests for. I'm using nginx 1.6.0.

    Read the article

  • Should I use an ssl terminator or just haproxy?

    - by Justin Meltzer
    I'm trying to figure out how to set up my architecture for a socket.io app that will require both https and wss connections. I've found many tutorials on the web suggesting that you use something like stud or stunnel in front of haproxy, which then routes your unencrypted traffic to your app. If I were to go this route, is it suggested that haproxy and the ssl terminator be on separate instances, or is it fine if they are on the same EC2 server instance? If I do not want to use a separate ssl terminator, could I use haproxy to terminate the ssl? Or instead would it be possible to proxy these https and wss connections to my application and have the node app terminate the ssl itself?

    Read the article

  • Google Chrome Enterprise - Any Gotchas?

    - by AJ
    Has anyone rolled out Google Chrome to a medium / large organisation? I would like to suggest it to our management (because I think it would work very nicely with some of our intranet applications), and I would like to find out what problems (if any) the rest of the world has been experiencing with it. Have you found any problems? I'm thinking of enterprise-level problems. I'm thinking that we can solve anything that requires a specific configuration / proxy setting / etc. I don't really know what I think might be a problem, but I wonder if there are any usability problems that occur when non-geeks use it? Or problems which only rear their ugly heads when you've got 50 users all doing something unexpected. Any helpful information or suggestions would be appreciated. Thanks. UPDATED: We tend to use Microsoft stuff, so Sharepoint, IIS, SQL Server, are typical building blocks of internal sites. (Thanks, @Jim, for reminding me to mention that).

    Read the article

  • pip install fails on guest Linux Mint 15

    - by synergetic
    On my Windows 7 PC, I installed VMware VM for Linux Mint 15. Windows PC is behind corporate firewall /proxy server. Now inside Linux I issued: sudo apt-get install python-virtualenv Then created ~/projects folder and python virtual environment: mkdir projects cd projects virtualenv venv Then activated my virtual env: . venv/bin/activate So far no problem. Then tried to install python libraries, for example markupsafe: pip install markupsafe It throws an error: Cannot fetch index base URL https://pypi.python.org/simple/ Could not find any downloads that satisfy the requirement markupsafe No distributions at all found for markupsafe Storing complete log in /home/me/.pip/pip.log Inside pip.log I found: <urlopen error [Errno 104] Connection reset by peer> Installing any other library throws similar error. What's wrong here?

    Read the article

  • What compatibility trade-offs do we need to make in order to use a hardened SSL config for Nginx?

    - by nathan.f77
    I found some hardened SSL settings in github.com/ioerror/duraconf. Here is the header from the config: This is an example of a high security, somewhat compatible SSLv3 and TLSv1 enabled HTTPS proxy server. The server only allows modes that provide perfect forward secrecy; no other modes are offered. Anonymous cipher modes are disabled. This configuation does not include the HSTS header to ensure that users do not accidentally connect to an insecure HTTP service after their first visit. It only supports strong ciphers in PFS mode: ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; # Only strong ciphers in PFS mode ssl_ciphers ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA; ssl_protocols SSLv3 TLSv1; If we were to use these settings on our website, what does "somewhat compatible" mean? For example, would IE6 still be able to connect?

    Read the article

  • Make server unavailable gracefully using Powershell in ARR

    - by Carl Bergquist
    We are using ARR as reverse proxy and I would like to make a server unavailable for various reasons. How can this be done using Powershell? Edit 1: I found this http://blogs.iis.net/anilr/archive/2009/11/09/using-arr-config-extensibility-to-gracefully-stop-server.aspx tutorial for using JScript. But I'm not able to translate it to powershell. Edit 2: Using the Set-WebConfigurationProperty in WebAdministration module I'm able to changes settings for a server. I found SetState in %windir%\system32\inetsrv\config\schema\arr_schema.xml but I don't know how to invoke that method.

    Read the article

  • TvTuner as webcamera

    - by BarsMonster
    Hi, I have decent TVTuner which can capture both analog signal & HDMI. I am able to connect my camera and see output of it in realtime in VirtualDub. I want to be able to use it in Skype and other software which use webcams. The problem is that they only use first "videoinput" of my videodevice, but HDMI is 3rd, and there is no interface to switch (in Skype for example)... So could you suggest any "proxy" software which can take video from Tuner, and show as a webcam?

    Read the article

  • Connect iPad to windows 7 VPN

    - by Linuz
    My iPad keeps spitting out the error: "A connection could not be established to the PPP server." I am trying to connect it to a VPN I set up with Windows 7 as an incoming connection. On the iPad, I went into the VPN settings, added a new PPTP VPN with the following information Server: Windows 7 Computer's IP RSA SecurID: OFF Account: Account Username Password: Account Password Encryption Level: Auto Send All Traffic: ON Proxy: Off Now I know that it is making some connection to the Windows 7 Computer because whenever I intentionally put in the wrong VPN password on the iPad, it makes me put in the correct one before trying to connect again. All the ports are forwarded on my router for PPTP, and my Windows 7 Firewall is even off to try to get this to work. Any help would be greatly appreciated, thanks.

    Read the article

  • Mono on Linux: Apache or Nginx

    - by Furism
    Hi, I'm developing an ASP.NET application that will be run under Linux/Mono for various reasons (mostly to stay away from IIS, quite frankly). Of course the first web server I had in mind was Apache. But Apache, for all its advantages, adds a lot of overhead. Also, the application I'm building needs to be highly scalable and performance is one of the main concern. Apache has, obviously, a very good reputation and its record speaks for itself, but I don't need things like Reverse Proxy or Load Balancing because dedicated network devices would be used for that. So those modules from Apache will never be used. So basically my question is: since Nginx seems to fit exactly needs, is there any caveat I should be aware of? For instance, is Nginx renowned to be particularity safe? When security flaws are detected, how fast are they patched? Any insight on the pros and cons of using either of those servers in conjunction with Mono is welcome.

    Read the article

  • Exposing the AnyConnect HTTPS service to outside network

    - by Maciej Swic
    We have a Cisco ASA 5505 with firmware ASA9.0(1) and ASDM 7.0(2). It is configured with a public ip address, and when trying to reach it from the outside by HTTPS for AnyConnect VPN, we get the following log output: 6 Nov 12 2012 07:01:40 <client-ip> 51000 <asa-ip> 443 Built inbound TCP connection 2889 for outside:<client-ip>/51000 (<client-ip>/51000) to identity:<asa-ip>/443 (<asa-ip>/443) 6 Nov 12 2012 07:01:40 <client-ip> 50999 <asa-ip> 443 Built inbound TCP connection 2890 for outside:<client-ip>/50999 (<client-ip>/50999) to identity:<asa-ip>/443 (<asa-ip>/443) 6 Nov 12 2012 07:01:40 <client-ip> 51000 <asa-ip> 443 Teardown TCP connection 2889 for outside:<client-ip>/51000 to identity:<asa-ip>/443 duration 0:00:00 bytes 0 No valid adjacency 6 Nov 12 2012 07:01:40 <client-ip> 50999 <asa-ip> 443 Teardown TCP connection 2890 for outside:<client-ip>/50999 to identity:<asa-ip>/443 duration 0:00:00 bytes 0 No valid adjacency We finished the startup wizard and the anyconnect vpn wizard and here is the resulting configuration: Cryptochecksum: 12262d68 23b0d136 bb55644a 9c08f86b : Saved : Written by enable_15 at 07:08:30.519 UTC Mon Nov 12 2012 ! ASA Version 9.0(1) ! hostname vpn domain-name office.<redacted>.com enable password <redacted> encrypted passwd <redacted> encrypted names ip local pool vpn-pool 192.168.67.2-192.168.67.253 mask 255.255.255.0 ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! interface Vlan1 nameif inside security-level 100 ip address 192.168.68.250 255.255.255.0 ! interface Vlan2 nameif outside security-level 0 ip address <redacted> 255.255.255.248 ! ftp mode passive dns server-group DefaultDNS domain-name office.<redacted>.com object network obj_any subnet 0.0.0.0 0.0.0.0 pager lines 24 logging enable logging asdm informational mtu outside 1500 mtu inside 1500 icmp unreachable rate-limit 1 burst-size 1 no asdm history enable arp timeout 14400 no arp permit-nonconnected ! object network obj_any nat (inside,outside) dynamic interface timeout xlate 3:00:00 timeout pat-xlate 0:00:30 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 timeout floating-conn 0:00:00 dynamic-access-policy-record DfltAccessPolicy user-identity default-domain LOCAL http server enable http 192.168.68.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart crypto ipsec ikev2 ipsec-proposal DES protocol esp encryption des protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal 3DES protocol esp encryption 3des protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES protocol esp encryption aes protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES192 protocol esp encryption aes-192 protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES256 protocol esp encryption aes-256 protocol esp integrity sha-1 md5 crypto ipsec security-association pmtu-aging infinite crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP crypto map outside_map interface outside crypto map inside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP crypto map inside_map interface inside crypto ca trustpoint _SmartCallHome_ServerCA crl configure crypto ca trustpoint ASDM_TrustPoint0 enrollment self subject-name CN=vpn proxy-ldc-issuer crl configure crypto ca trustpool policy crypto ca certificate chain _SmartCallHome_ServerCA certificate ca 6ecc7aa5a7032009b8cebcf4e952d491 <redacted> quit crypto ca certificate chain ASDM_TrustPoint0 certificate f678a050 <redacted> quit crypto ikev2 policy 1 encryption aes-256 integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 10 encryption aes-192 integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 20 encryption aes integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 30 encryption 3des integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 40 encryption des integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 enable outside client-services port 443 crypto ikev2 remote-access trustpoint ASDM_TrustPoint0 telnet timeout 5 ssh 192.168.68.0 255.255.255.0 inside ssh timeout 5 console timeout 0 vpn-addr-assign local reuse-delay 60 dhcpd auto_config outside ! dhcpd address 192.168.68.254-192.168.68.254 inside ! threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept ssl trust-point ASDM_TrustPoint0 inside ssl trust-point ASDM_TrustPoint0 outside webvpn enable outside enable inside anyconnect image disk0:/anyconnect-win-3.1.01065-k9.pkg 1 anyconnect image disk0:/anyconnect-linux-3.1.01065-k9.pkg 2 anyconnect image disk0:/anyconnect-macosx-i386-3.1.01065-k9.pkg 3 anyconnect profiles GM-AnyConnect_client_profile disk0:/GM-AnyConnect_client_profile.xml anyconnect enable tunnel-group-list enable group-policy GroupPolicy_GM-AnyConnect internal group-policy GroupPolicy_GM-AnyConnect attributes wins-server none dns-server value 192.168.68.254 vpn-tunnel-protocol ikev2 ssl-client default-domain value office.<redacted>.com webvpn anyconnect profiles value GM-AnyConnect_client_profile type user username <redacted> password <redacted> encrypted tunnel-group GM-AnyConnect type remote-access tunnel-group GM-AnyConnect general-attributes address-pool vpn-pool default-group-policy GroupPolicy_GM-AnyConnect tunnel-group GM-AnyConnect webvpn-attributes group-alias GM-AnyConnect enable ! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum client auto message-length maximum 512 policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp inspect ip-options ! service-policy global_policy global prompt hostname context call-home reporting anonymous Cryptochecksum:12262d6823b0d136bb55644a9c08f86b : end Clearly we are missing something, but the question is, what?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 125 126 127 128 129 130 131 132 133 134 135 136  | Next Page >