Search Results

Search found 1249 results on 50 pages for 'eric lubow'.

Page 16/50 | < Previous Page | 12 13 14 15 16 17 18 19 20 21 22 23  | Next Page >

  • Secure iptables config for Samba

    - by Eric
    I'm trying to setup an iptables config such that outbound connections from my CentOS 6.2 server are allowed ONLY if they are of state ESTABLISHED. Currently, the following setup is working great for sshd, but all the Samba rules get totally ignored for a reason I cannot figure out. iptables Bash script to setup ALL rules: # Remove all existing rules iptables -F # Set default chain policies iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT DROP # Allow incoming SSH iptables -A INPUT -i eth0 -p tcp --dport 22222 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --sport 22222 -m state --state ESTABLISHED -j ACCEPT # Allow incoming Samba iptables -A INPUT -i eth0 -s 10.1.1.0/24 -p udp --dport 137:138 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -d 10.1.1.0/24 -p udp --sport 137:138 -m state --state ESTABLISHED -j ACCEPT iptables -A INPUT -i eth0 -s 10.1.1.0/24 -p tcp --dport 139 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -d 10.1.1.0/24 -p tcp --sport 139 -m state --state ESTABLISHED -j ACCEPT # Enable these rules service iptables restart iptables rule list after running the above script: [root@repoman ~]# iptables -L Chain INPUT (policy DROP) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpt:22222 state NEW,ESTABLISHED Chain FORWARD (policy DROP) target prot opt source destination Chain OUTPUT (policy DROP) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp spt:22222 state ESTABLISHED Ultimately, I'm trying to restrict Samba the same way I have done for sshd. In addition, I'm trying to restrict connections to the following IP address range: 10.1.1.12 - 10.1.1.19 Can you guys offer some pointers or possibly even a full-blown solution? I've read man iptables quite extensively, so I'm not sure why the Samba rules are getting thrown out. Additionally, removing the -s 10.1.1.0/24 flags don't change the fact the rules get ignored.

    Read the article

  • Two questions about restoring Thunderbird from a backup

    - by Eric
    Setting up a new Windows 7 PC, I'm puzzled by two things in Thunderbird 3.1.9: I restored a profile from a three-month old backup, no problem. I then copied more recent files into the Mail/ directory, but TBird still shows the old messages. The last message in Inbox is dated 3/16/2011 -- how do I get TBird to display all the messages in the Local Folders/Inbox view? A large number of the existing messages are now displayed in separate tabs -- I can't tell you how many, but there could be over 1000. Which file governs this? Or can I hire someone from Mechanical Turk to come over and manually close each tab?

    Read the article

  • What's the difference between the BitTorrent clients named "BitTorrent" and "µTorrent"?

    - by Eric
    A similar question was asked but never really addressed the question, I think in part because of terminology confusion. So to be very clear: what's the difference between the two BitTorrent client, one named "BitTorrent" and the one named "µTorrent"? They look to have identical UIs, right down to the same checkboxes in the prefs dialogs. Why are there two programs with different names that appear to be identical? Is one superior to the other? (Are they different in any way?) Thanks.

    Read the article

  • Bash color prompt and long commands

    - by Eric J.
    I'm colorizing parts of my bash prompt using ANSI escape sequences. This works great, until the command I'm currently typing in is long enough that it has to wrap. Instead of the rest of the command displaying on the next line, it wraps back to column 1 of the current line, overwriting the beginning of the prompt. I get that behavior with this prompt: export PS1="[\u][\033[0;32;40mdemo \033[0;33;40m1.5.40.b\033[0;37;40m] \w> \033[0m" but it works correctly with the same prompt, ANSI sequences remove: export PS1="[\u][demo 1.5.40.b] \w> " I'm connecting using the current version of Putty, with default Putty settings. The OS is Ubuntu 8.10.

    Read the article

  • Time Machine doesn't back up some folders/files (that it should)

    - by Eric
    MacBook Pro 17" (Snow Leopard) -- WD 2TB external drive MacBook Pro 13" (Snow Leopard) -- Seagate 1TB external drive I find that Time Machine sometimes doesn't back up new folders (and the files in them). This occurs both when I choose "Back Up Now" from the Time Machine icon in the Menu Bar and in TM's scheduled backups. These are not excluded folders (nor are then in the TM do-not-back-up list); they're perfectly normal folders (at various locations) inside my home folder. The only way to force them to be backed up is to restart the computer (unmounting & mounting the TM external disk does not help). There seems to be a correlation with new folders (i.e., it's more likely to happen that an entire new folder is not backed up), but this may just be observer bias (because those are the folders that I go check to see if they've been backed up). It's not computer dependent (it happens on two different computers). It's not external disk dependent (it happens on two different external disks). It's not time dependent (not restarting for several days does not fix the problem). What does a restart change that these other events don't? I'm considering deleting the /.fseventsd folder (without restarting the computer) to see if that helps. I haven't tried logging out and logging in (without restarting the computer).

    Read the article

  • 401 - Unauthorized: Access is denied error from web app running in IIS 7.5 using App Pool Identity

    - by Eric Gatesman
    I have an ASP.NET app on a Windows 2008 server, IIS 7.5. When I try to access web site, I get a login popup. If I click "cancel" I get a 401 - Unauthorized: Access is denied due to invalid credentials. The app is using Windows authentication (anonymous is disabled). The app has it's own app pool, running under the App Pool Identity. If I change the app pool to run under the NetworkService account, my website functions just fine. I'm guessing that this is just a permissions issue, but can't figure out what permissions I need to change. I gave the App Pool Identity permissions on the physical directory of the app, but that didn't solve the problem.

    Read the article

  • Horde complains that Imp is not running

    - by Eric J.
    I'm a mostly-Windows guy tasked with setting up email on an Ubuntu 12.04 instance at AWS and hit the following error: When I browse to Horde, after entering my administrative credentials, I get the error message: A fatal error has occurred imp is not activated. Details have been logged for the administrator. I am following the following, quite detailed guide http://www.exratione.com/2012/05/a-mailserver-on-ubuntu-1204-postfix-dovecot-mysql/ This is happening at Step 20, at the text Now fire up you web browser and navigate to your server at http://mail.example.com/ to verify that you can log in as the configured administrative mail user. (of course I used my actual domain). Questions Where is Horde logging the "details"? Any thoughts on why this might happen? I found Google hits suggesting that php5-mcrypt might be missing, but I verified it is installed and up-to-date in my case.

    Read the article

  • Print Microsoft Project chart as giant PDF

    - by Eric
    Hi, I have Adobe's PDF creator installed and I'm using Microsoft Project 2007... I want to print my gantt chart as one giant single-page PDF. (Currently it's set to print on letter sized paper, and it's six pages in a 3x2 layout.) I can't figure out where or how to make those settings. The PDF page setup doesn't seem to be right, nor "page setup" in Project. Help :-)

    Read the article

  • SSH into VirtualBox Guest: Connection Refused

    - by Eric J.
    Setup Windows 7 64-bit host OS running VirtualBox 4.2, with Ubuntu 12.04 guest OS. OpenSSH server is installed and running (ssh -v localhost connects locally in the guest machine). Can SSH to external servers (no outbound Windows firewall rule blocking port 22) Can ping the IP of the guest (192.168.56.101) Problem Using PuTTY to SSH to the IP of the guest OS (192.168.56.101), PuTTY returns almost immediately with Network error: connection refused How can I diagnose & resolve this issue?

    Read the article

  • Excel: conditionally format a cell using the format of another, content-matching cell

    - by Eric A. Meyer
    I have an Excel spreadsheet where I’d like to be able to create a “key” of formatted cells with unique values, and then in another sheet format cells using the key formatting. So for example, my key is as follows, with one value per cell and the visual formatting indicated in parentheses: A (red background) B (green background) C (blue background) So that’s on one sheet (or in a remote corner of the current sheet—whichever is better). Then, in an area that I mark for conditional formatting, I can type one of those three letters and have the cell where I typed it visually formatted according to the key. So if I type a “B” into one of the conditionally formatted cells, it gets a green background. (Note that I’m using backgrounds here solely for ease of explanation: ideally I want to have all visual formatting copied over, whether it’s foreground color, background color, font weight, borders, or whatever. But I’ll take what I can get, obviously.) And—just to make it extra-tricky—if I change the formatting in the key, that change should be reflected in cells that reference the key. Thus, if I change the “B” formatting in the key from a green background to a purple background, any “B” in the main sheet should switch to the new color. Similarly, it should be possible to add or remove values from the key and have those changes applied to the main data set. I’m okay with the formatting-update-on-key-change being triggered by clicking a button or something. I suspect that if any of this is possible it will require VBA, but I’ve never used it so I’ve no idea where to start if that’s the case. I’m hoping it’s possible without VBA. I know it’s possible to just use multiple conditional formats, but my use case here is that I’m trying to create the above-described capability for someone who isn’t conversant with conditional formatting. I’d like to let them be able to define a key, update it if necessary, and keep on truckin’ without me having to rewrite the spreadsheet’s formatting rules for them. --- UPDATE --- So I think I was a bit unclear about my original request. Let me try again with an image. The image shows the “key” on the left, where values and styles are defined using keyboard and mouse input. On the right, you see the data that should be formatted to match the key. Thus if I type a “C” into a cell in the Data area, it should be blue-backed. Furthermore, if I change the formatting of “C” in the Key to have a purple background, all the “C” cells should switch from blue to purple. For further craziness, if I add more to the Key (say, “D” with a yellow background) then any “D” cells will be styled to match; if I remove a Key entry, then matching values in the Data area should revert to default styling. So. Is that more clear? Is it possible, in whole or in part? I don’t have to use conditional formatting for this; in fact, at this point I suspect I probably shouldn’t. But I’m open to any approach!

    Read the article

  • OSSEC agent behind NAT

    - by Eric
    I am working on an OSSEC deployment where I will have multiple agents behind 1 public IP. Below is an example of the setup Private Network OSSEC-Agent1 (192.168.1.10) OSSEC-Agent2 (192.168.50.33) OSSEC-Agent3 (10.10.10.1) Those IPs NAT to 1 public IP (1.1.1.1) Then 1.1.1.1 talks to the public OSSEC server on 2.2.2.2 I've read some OSSEC documentation talking about NAT here, but it doesn't tell me exactly what I need to know. Their example is using an entire /24 subnet and mine will mainly have multiple agents to only 1 public IP. With the setup so far, I brought Agent1 online fine and it is communicating to the OSSEC server. However Agent2 continues to fail trying to connect to 2.2.2.2. Even though when I added the key, I had the correct name for it, so I know it talked to the portal at least once for that information. I'm assuming it's just getting confused with the multiple keys to 1 public IP. I basically want to know if this is possible and/or if I'm just overlooking something simple. Any help would be greatly appreciated.

    Read the article

  • Mac OS X Server 10.6.6 DNS not responding properly, get a "Truncated, retrying in TCP mode" for subdomain

    - by Eric Arseneau
    If I do an nslookup on youtube.com, no problem, if I do one with www.youtube.com, failure. See details below. [~] nslookup youtube.com Server: 192.168.1.1 Address: 192.168.1.1#53 Non-authoritative answer: Name: youtube.com Address: 74.125.127.93 Name: youtube.com Address: 74.125.47.93 Name: youtube.com Address: 74.125.95.93 [~] nslookup www.youtube.com ;; Truncated, retrying in TCP mode. ;; Connection to 192.168.1.1#53(192.168.1.1) for www.youtube.com failed: connection refused. If I do the same from a Windows machine its fine, its when I do it from a Mac workstation that I get the issue. I have rebooted, both server and workstation, I did a changeip, but nothing is working. Any recommendations?

    Read the article

  • Recover an HP recovery partition

    - by eric.chartier
    I have a (semi)-dead hard drive with an HP recovery partition on it. My goal is to Buy a new hard drive Copy the recovery partition to a drive ( dd if=/dev/sdb1 of=~/recovery.bak ) Make a new partition of 12000 mb with Windows 7 Copy back recovery partition to the new drive ( dd if=~/recovery.bak of=/dev/sdb1 ) Then press F11 when the laptop boots. However, this doesn't work. Any idea why? Edit: I suspect the F11 doesn't work because the laptop tries to boot the laptop, because my partition is the primary partition of the drive. Does anyone have any experience dealing with stuff like this?

    Read the article

  • Log centralization, display, transport and aggregation at scale v2

    - by Eric DANNIELOU
    This is a duplicate question of Log transport and aggregation at scale and http://stackoverflow.com/questions/1737693/whats-the-best-practice-for-centralised-logging, but the answers might differ now : The softwares described in 2009 may have changed since (for example Octopussy evolved from version 0.9 to 1.0.5). Rsyslog has become the default on most linux distro. Requirements have changed (security, software configuration management, ...). I'd like to ask the following questions : How do you centralize, display and archive system logs? How would you like to do it now if you had to? Most linux distro use rsyslog nowadays, which can provide reliable log transport. But some older unices, network devices and maybe windows box still use old udp rfc-style transport. How did you manage to get reliable transport? Storing logs for a few months can represent a huge amount of disk space. How do you store them? rdbms? Compressed and encrypted text files?

    Read the article

  • Restoring WordPress EC2 instance from snapshot results in 403 Forbidden error

    - by Eric Matthew Turano
    This problem has been perplexing me for weeks now. Here's how the issue goes: Launch Amazon Linux 64-bit instance, successfully install WordPress, and site is active w/ no issues Create snapshot of the instance's root volume Shut down instance Create volume from snapshot, attach to instance, and reboot instance Associate Elastic IP with instance Once that's done and I try logging onto the site, I am redirected to myurl.com/wp-admin/install.php and greeted with this message: Forbidden: You don't have permission to access /wp-admin/install.php on this server. Apache/2.2.25 (Amazon) Server at www.myurl.com Port 80 Port 80 is open on the inbound security group settings, so that's not the issue. Keep in mind all I am doing is merely creating a new volume and attaching it to the same instance, and this issue comes up. What am I doing wrong, and how can I create a complete backup of my instance without this error occuring?

    Read the article

  • Consolidate SQL Server Reporting Services

    - by Eric C. Singer
    I've been a big fan of consolidating as many DB's to a few SQL servers for a while and I've had great success with it. However, I've never had to deal with SQL reporting services. Has anyone migrated SSRS from a bunch of random SQL servers into a consolidated SQL server? I don't exactly know a whole lot about SSRS which is part of the problem. To my knowlege, it's one DB per SSRS instance, so it sounds like i'd need to find a way of exporting data and merging it. Basically the process used to look like: Move DB from SQL Express to shared SQL server Change point in APP to point at new SQL server With reporting services, how do I move the reporting service compenent of the DB as well? I realize I may need to tweak the app, but my question is on the SQL side.

    Read the article

  • Map Caps-Lock to Control in Windows 8.1

    - by Eric Huang
    Before the Windows 8.1 update, I was able to map Caps-Lock to Controls through the type of registry tweak in this post: Remapping a keyboard key in windows 8.1 However, after updating to 8.1, my tweak no longer works. What I had done was Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout] "Scancode Map"=hex:00,00,00,00,00,00,00,00,02,00,00,00,1d,00,3a,00,00,00,00,00 Windows 8.1 may have changed how it interprets the keyboard layout registry, I'm guessing. I'm an avid emacs user, so this problem is a life-or-death scenario for me.

    Read the article

  • moving to a new dedicated server and need advice on the new setup

    - by Eric Martin
    I currently have a dedicated server that we have outgrown and we are moving to another server. Our current setup was a 8gb W2008R2 server running a W2008R2 IIS virtual machine using VMWare. We are moving to a 2 cpu 24 gb server with W2012 R2 on Hyper-V. On our virtual machine we are running iis 7.5 and sql server. Sql Server seems to want to eat up all the memory so I had to cap it at 2gb, which doesn't seem sufficient. My question is, when I move the virtual machine to the new server, should I create 2 virtual machines, one for sql server and one for IIS? Or should I leave them both on the same virtual machine? Or even, put the Sql Server on the dedicated server and run the IIS in the vm? I'd like some input on how this should be done, I've not got the experience needed to make the right call. Thanks!

    Read the article

  • Monitor blinks frequently

    - by Eric J.
    I recently resolved an issue that was causing one monitor not to be recognized by Windows by running a tool called Driver Sweeper to remove all old driver remnants, then updating to the latest nVidia drivers. Prior to that procedure the main monitor worked fine. After that procedure (now with the second monitor recognized), the main monitor blinks frequently. About once every 15-30 seconds, the monitor goes dark for the blink of an eye. Sometimes it only appears to happen in the bottom portion of the monitor, but other times it seems to affect the whole screen. Can this be caused by the particular driver? Could it just be an unlucky coincidence and the main monitor is starting to fail? I hesitate to experiment with new driver versions after having just restored the second monitor to a working state, so hope for some feedback before heading down that road.

    Read the article

  • Why is /usr/bin/env permission denied to rails server?

    - by Eric Hopkins
    I've just set up rails on an apache server running on Ubuntu, and when I try to go to the root page it gives this error: /usr/bin/env: bash: Permission denied env and all the directories in the path all have permissions 755. I tried setting env to have permissions 777 but still got the same error. Rails is running as "nobody". Why is this happening? I don't know what else to try. In /etc/apache2/sites-available/api.conf: <VirtualHost *:80> ServerName api.thinknation.ca ServerAlias api.thinknation.ca DocumentRoot /var/www/api/public ErrorLog /var/www/logs/error.log CustomLog /var/www/logs/access.log combined RailsSpawnMethod smart <Directory /var/www/api/public> # This relaxes Apache security settings. AllowOverride all # MultiViews must be turned off. Options -MultiViews -Indexes # Uncomment this if you're on Apache >= 2.4: Order allow,deny Allow from all #Require all granted </Directory> </VirtualHost> From config/database.yml in my rails directory (with sensitive user names and passwords omitted): default: &default adapter: mysql2 encoding: utf8 pool: 5 username: root password: socket: /var/run/mysqld/mysqld.sock development: <<: *default database: api_development test: <<: *default database: api_test production: <<: *default url: <%= ENV['DATABASE_URL'] %> database: api username: ------------ password: ------------ Not sure what other details or files are relevant, I will add them if needed.

    Read the article

  • Samba server NETBIOS name not resolving, WINS support not working

    - by Eric
    When I try to connect to my CentOS 6.2 x86_64 server's samba shares using address \\REPO (NETBIOS name of REPO), it times out and shows an error; if I do so directly via IP, it works fine. Furthermore, my server does not work correctly as a WINS server despite my samba settings being correct for it (see below for details). If I stop the iptables service, things work properly. I'm using this page as a reference for which ports to use: http://www.samba.org/samba/docs/server_security.html Specifically: UDP/137 - used by nmbd UDP/138 - used by nmbd TCP/139 - used by smbd TCP/445 - used by smbd I really really really want to keep the secure iptables design I have below but just fix this particular problem. SMB.CONF [global] netbios name = REPO workgroup = AWESOME security = user encrypt passwords = yes # Use the native linux password database #passdb backend = tdbsam # Be a WINS server wins support = yes # Make this server a master browser local master = yes preferred master = yes os level = 65 # Disable print support load printers = no printing = bsd printcap name = /dev/null disable spoolss = yes # Restrict who can access the shares hosts allow = 127.0.0. 10.1.1. [public] path = /mnt/repo/public create mode = 0640 directory mode = 0750 writable = yes valid users = mangs repoman IPTABLES CONFIGURE SCRIPT # Remove all existing rules iptables -F # Set default chain policies iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT DROP # Allow incoming SSH iptables -A INPUT -i eth0 -p tcp --dport 22222 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --sport 22222 -m state --state ESTABLISHED -j ACCEPT # Allow incoming HTTP #iptables -A INPUT -i eth0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT #iptables -A OUTPUT -o eth0 -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT # Allow incoming Samba iptables -A INPUT -i eth0 -p udp --dport 137 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p udp --sport 137 -m state --state ESTABLISHED -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport 138 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p udp --sport 138 -m state --state ESTABLISHED -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 139 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --sport 139 -m state --state ESTABLISHED -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 445 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --sport 445 -m state --state ESTABLISHED -j ACCEPT # Make these rules permanent service iptables save service iptables restart**strong text**

    Read the article

  • Windows 7 Multi-NIC woes

    - by Eric
    I have Comcast business Internet here. It gives me 5 static IPs. Most of the machines in my house connect to a router like every other household. It has a 192.168.117.x subnet, DHCP Server, etc. and all is well. However, I have a second machine on MY desk that has a life Internet IP. Up until yesterday, this machine was running XP Pro. The primary NIC was manually set to 192.168.117.241 with no gateway, and the secondary NIC was manually set to 173.x.x.171 with a gateway of 173.x.x.174. This worked just fine for years. Yesterday I replaced that XP machine with a brand new Windows 7 x64 box. Again, I configured it the same way. The onboard NIC was given a static 192.168.117.x address with no gateway, and the secondary NIC was given a live Internet IP address with the proper router, etc. 2 Problems. First is that the internal network (192.168.117.x) is listed as a public network because there's no gateway, so that means no homegroup, no file sharing, none of that. And I can't change it from what I'm reading... The second is that the machine reports the "router" ip address as it's address, and not the address that it's supposed to. I'm ready to tear my hair out over this. Any ideas?

    Read the article

  • Log into another XP machine's SQL Server with a different userid? (WORKGROUP, not domain)

    - by Eric H.
    I have two machines at home, both XP Pro SP3. I have no domain controller, so they're both just in WORKGROUP. How can I, using Windows Authentication, log into an instance of SQL Server running on the other machine? Whenever I try it, it seems to try to login as 'Guest', even though I have entered the machine name (OTHER-DESKTOP), and login (OTHER-DESKTOP\otheruser) in the User Accounts Control Panel box. It works fine if I use sql server name and password, so I know the server is running. Any clues?

    Read the article

< Previous Page | 12 13 14 15 16 17 18 19 20 21 22 23  | Next Page >