Search Results

Search found 6198 results on 248 pages for 'traffic filtering'.

Page 167/248 | < Previous Page | 163 164 165 166 167 168 169 170 171 172 173 174  | Next Page >

• Not Able To Connect to Shared Resource

  - by bobber205

  We are using an older version of BartPE and are not able to connect to shared folders on our subnet. It says the network name could not be found. Connecting to the shared folder on the machine that is hosting it works fine. Any ideas on what might cause this? Thanks! Edit1: Got wireshark running and monitored traffic from the offending machine and tried to map. ZERO packets from the other machine were seen. :(

  Read the article

• Reject recipient in postfix mail relay

  - by galets

  I have about 3 knows email addresses in my domain, which don't exist and to which a lot of spam is sent. Some of this spam is pretty heavy, and I'm wasting a lot of traffic on it, so I don't want to even receive emails if their destination is one of those 3 addresses. Since I know that the users don't exist I would like postfix to reject emails during RCPT TO: negotiation. Basically, all I want is to update some config with those 3 addresses, and every email sent to them must fail to come in. I want to stress out following: postfix works as a relay for domain, there is no local users postfix has no knowledge about validity of other emails within domain, so it cannot simply reject unknown recipients

  Read the article

• how to split a pcap file into a set of smaller ones

  - by facha

  Hi, everyone I have a huge pcap file (generated by tcpdump). When I try to open it in wireshark, the program just gets unresponsive. Is there a way to split a file in set of smaller ones to open them one by one? The traffic captured in a file is generated by two programs on two servers, so I can't split the file using tcpdump 'host' or 'port' filters. I've also tried linux 'split' command :-) but with no luck. Wireshark wouldn't recognize the format.

  Read the article

• Get IP network range after reverse DNS?

  - by Max

  For analytics purposes, I'm looking at large sets of IP addresses in server log files. I'm trying to perform reverse-DNS lookups to understand where traffic is coming from - e.g. what percentage of IPs resolve to corporations, schools, government, international etc. Despite a bunch of optimizations, individually reverse-DNS'ing every IP address still appears to be fairly expensive though. So - is there any way to obtain an entire range of IPs from a reverse-DNS? If yes, this could greatly reduce the number of actual reverse-DNS lookups. Example (numbers slightly obfuscated): Log file contains a request from an IP 128.151.162.17 Reverse DNS resolves to 11.142.152.128.in-addr.arpa 21599 IN PTR alamo.ceas.rochester.edu (So this is a visitor from Rochester University, rochester.edu) Now, would it be safe to assume that all at least all IPs from 128.151.162.* will also resolve to rochester.edu? What about 128.151.*.*? Is there a way to get the exact IP range?

  Read the article

• How to remap IPs visible from local machine to IPs visible from a machine I have SSH access to?

  - by gooli

  I'm so far out of my depth I don't even know what to google for. There's a server I can connect to via SSH. Via that server I can access other server on its subnet via SSH. What I want to do is be able to access the machines that server has access to directly. Say the server IP is 192.168.7.7 and is the only one in the 192.168.x.x range I have access to. I'd like to configure things in such a way that when I to access say 192.168.7.100 on my machine, the connection will go through an SSH tunnel I open to 192.168.7.7 and out to 192.168.7.100. I would like this to work for any port if at all possible. I know I can set an HTTP proxy and even a SOCKS proxy, but I'm wondering is there is a way to actually remap some of the IP my machine sees to IP only visible from the remote machine. What would this configuration be called? IS this NAT, VPN, IP2IP or something else? How can I set up this on a Windows client box that connects via SSH to a Linux box? Sounds to me like I need to set up some kind of filtering on the network driver or possibly a virtual NIC, but I'm not sure where to go next.

  Read the article

• SNMP counter issues with cisco RV082

  - by Chance

  Does anyone else poll this router with SNMP? We are using firmware version: 2.0.0.19-tz We are having problems with the traffic counters, some of them appear to be implemented as 16 bit counter instead of 32 bit counters. The reason this is causing problems is that they roll over (at 65,000) to 0 in less than our minute polling cycle, really skewing our metrics. The counter for the Lan (interface 2) seems to be functioning properly, however interfaces 3 and 4 (WAN and DMZ / WAN2) rollover at 65000. Tue May 11 08:38:31 EDT 2010 IF-MIB::ifInOctets.1 = Counter32: 137634 IF-MIB::ifInOctets.2 = Counter32: 1865677943 IF-MIB::ifInOctets.3 = Counter32: 12450 IF-MIB::ifInOctets.4 = Counter32: 49354 Look at counter IF-MIB::ifInOctets.4 5 seconds later: Tue May 11 08:38:36 EDT 2010 IF-MIB::ifInOctets.1 = Counter32: 137634 IF-MIB::ifInOctets.2 = Counter32: 1865836207 IF-MIB::ifInOctets.3 = Counter32: 13167 IF-MIB::ifInOctets.4 = Counter32: 12900 Any suggestions? Seems like a bug to me, however I just wanted to make sure I wasn't crazy.. Thanks!

  Read the article

• Is there a way to bridge two outgoing TCP connections in order to bypass firewalls and NAT?

  - by TK Kocheran

  We're all familiar with the problem of port-forwarding and NAT: if you want to expose something to accepting an incoming connection, you need to configure port-forwarding on the router or conjure up some other black magickery to "punch holes" in the firewall using UDP or something. I'm fairly new to the whole "hole-punching" concept so could someone explain how it works? Essentially, I'd like to understand how hole-punching would work and the theory behind it, as well as if two TCP connections could be bridged via a third party. Since there's no issue with outgoing TCP connections since it's handled with NAT, could a third party bridge the connections so that the two parties are still connected but without the bandwidth cost of traffic going through the third party?

  Read the article

• Trying to understand why VLANs need to be created on intermediate switches

  - by Jon Reeves

  I'm currently studying for the Cisco switching exam and having trouble understanding exactly how 802.1q tagging works. Given three daisy chained switches (A,B, and C) with trunk ports between them and VLAN 101 defined on both end switches (A and C), I'm not sure why the VLAN also needs to be defined on the middle one (B)? Note that I am not disputing that it does need to be configured, I'm just trying to understand why exactly. As I understand it, traffic from VLAN 101 on switch A will be tagged as it goes through the trunk to switch B. According to the documentation I have read, trunks will pass all VLANs by default, and the .1q tag is only removed when the frame leaves through an access port on the relevant VLAN. From this I would expect switch B to simply forward the tagged frame unchanged through the trunk to switch C. Can anyone shed some light on how switch B processes this frame and why it does not get forwarded through the other trunk ?

  Read the article

• Thomson TG585v7 router - promiscuous mode

  - by Nikita

  I have a TG585v7 as a router with several machines plugged into it. In the default setup, the packets are only delivered to the specific machine but I want to be able to setup to monitor all network traffic on one of the machines, i.e. I need those packets to be picked up when my ethernet card is in promiscuous mode. Is this possible? Guide here has this "mcastpromisc Make the IP interface multicast promiscuous. OPTIONAL", is this what I am looking for? Does it mean I need to manually add all my machines by their MAC addresses to be able to receive packets destined for them? Or am I out of luck and I need to get a better router?

  Read the article

• CryptSvc not matched by Windows 7 Firewall rule

  - by theultramage

  I am using Windows Firewall in conjunction with a third-party tool to get notified about new outbound connection attempts (Windows Firewall Notifier or Windows Firewall Control). The way these tools do it is by setting the firewall to deny by default, and to add an auditing policy to log blocked connections into the Security event log. Then they watch the log, and display notification about newly added entries. netsh advfirewall set allprofiles firewallpolicy blockinbound,blockoutbound auditpol /set /subcategory:{0CCE9226-69AE-11D9-BED3-505054503030} /failure:enable With this configuration in place, I now need to craft outbound allow rules for applications and system services. Here is the rule for CryptSvc, the service frequently used for certificate validation and revocation checking: netsh advfirewall firewall add rule name="Windows Cryptographic Services" action=allow enable=yes profile=any program="%SystemRoot%\system32\svchost.exe" service="CryptSvc" dir=out protocol=tcp remoteport=80,443 The problem is, this rule does not work. Unless I change the scope to "all programs and services" (which is really unhealthy), connection denied events like the following will keep appearing in the security log: Event 5157, Microsoft Windows security auditing. The Windows Filtering Platform has blocked a connection. Application Information: Process ID: 1476 (<- svchost.exe with CryptSvc and nothing else) Application Name: \device\harddiskvolume1\windows\system32\svchost.exe Network Information: Direction: Outbound Source Address: 192.168.0.1 Source Port: 49616 Destination Address: 2.16.52.16 Destination Port: 80 Protocol: 6 (<- TCP) To make sure it's CryptSvc, I have let the connection through and reviewed its traffic; I also configured CryptSvc to run in its own svchost instance to make it more obvious: ;sc config CryptSvc type= share sc config CryptSvc type= own So... why is it not matching the firewall rule, and how to fix that?

  Read the article

• squidGuard hangs during setup

  - by richard

  I have a squid proxy on my Debian-Gnu-Linux-laptop configured to block some web sites. I can set a browser to use this proxy, but I can also configure it to not use it. As I an using it to block some sites. I do not wish and application to be able to bypass the proxy. Is it possible to to configure a fire wall to black outgoing traffic except if sent by the proxy application or user? I would like a simple configurator if possible.

  Read the article

• Asterisk: Forcing a sip peer to connect via ipv6?

  - by growse

  I've got an asterisk server that connects to an upstream provider over a WAN. The upstream provider supports both IPv4 and IPv6 connectivity, and the asterisk server is behind a NAT. When asterisk connects to the upstream sip peer via IPv6, everything works perfectly. The issue I have is that when I configure the asterisk server IPv6 address via DHCPv6, a race condition means that asterisk sometimes ends up attempting to contact the upstream peer via IPv4 (the SIP DNS name has both A and AAAA records). This is because asterisk starts up before the system has a valid IPv6 address. The connection does not work via IPv4 because of the NAT. Is there a way of configuring the peer to specify that it should only be contactable over IPv6? I guess it might be possible to hack together a firewall rule to deny all IPv4 traffic to that IP, but it'd be easier to configure this within asterisk itself.

  Read the article

• Windows clients not using NTP server provided via DHCP

  - by gencha

  I have a network consisting mostly of Windows Vista and 7 clients and an Ubuntu server. The server provides both the DHCP and NTP services through dhcp3-server and openntpd. In my dhcpd.conf, the subnet is declared as follows: subnet 10.10.10.0 netmask 255.255.255.0 { range 10.10.10.10 10.10.10.200; option broadcast-address 10.10.10.255; option routers 10.10.10.1; option ntp-servers 10.10.10.1; } The clients don't seem to be using the NTP server though. When I capture the network traffic with Wireshark during the DHCP process, I also see no mention of the NTP option in the DHCP offer message. I am not quite sure if the clients would have to specifically request that option to receive it or if I have to make another configuration to offer the option.

  Read the article

• Need Recommendations: Network Software and Hardware Setup for small firm

  - by Rogue

  Will be starting a small graphics design firm soon, with 20 employees. Therefore need software to manage the network. Have bought a bulk license of Windows 7. I have a spare computer which can act as a server if necessary, but its an ancient Dell machine (Pentium-III). If required I would purchase an extra machine, but would like to avoid unnecessary costs at start up. Following are the main functions that I would like to perform: Need to monitor\control network traffic and internet usage, restrict access to certain websites Alerts when access to certain software's, and when trying to tamper with privileges Ability to view desktops of any computer at any given time Limit access to certain hardware like USB ports,etc Limit access to folders on the computer Log/Report of all actions including keystrokes performed on any computer Local Network chat and talk client Collaboration and Work logs Any Software available to do all of the above and also any additional hardware required besides network switches, network card's and CAT5e cables. Any other recommendations besides the above mentioned hardware setup

  Read the article

• Can't ping some IP addresses in the same subnet (LAN) Windows 2011 Server

  - by Ricardo

  Hi I’m running in Windows Small Server 2011 server standard (192.168.1.108), it’s my dhcp and dns server too, but suddenly all other users can’t get internet. My gateway is 192.168.1.1. After a lots of tested I can saw that my server can’t get into the router (192.168.1.1), and also into some others computers, but some other computers answer the ping command. In fact the same computer with the IP 192.168.1.9 didn't answer, but with the IP 192.168.1.63, it response! I have no routers, firewall, vlans or anything that disallow the traffic between computers, in fact when I changed the server IP address (192.168.1.109), I be able to ping the other computers and gateway, but if a back to the 192.168.1.108 the trouble comeback. I hope you can help me with this issue Ricardo

  Read the article

• VPN/AFP server for centralized TimeMachine backups

  - by Keith Johnson

  I am a sysadmin for a small group of about 7 people who prefer Apple machines for their work. These machines are currently either a) not backed up at all, or b) backed up using Retrospect(Which I'm not very fond of). I don't really have the budget for anything fancy, and I'd like to keep it as user friendly as possible. Ideally I am thinking of a VPN server they can connect to(to keep the traffic secure, and because they work from home frequently) along with an AFP server for use with TimeMachine. The goal would be to get better backup coverage, along with user-initiated restores and overall ease of use. Does this seem like a reasonable idea? Has anyone done this before? Are there any obvious problems I've overlooked?

  Read the article

• Hyper-V R2 Performance Counters

  - by Ascendo

  Hi all I've been playing around with the WMI performance counters for Hyper-V. Of interest to me are the Virtual NIC bytes/sec input and output counters. I notice that the results are very "spikey". Over what time period is the latest counter averaged? I'm trying to calculate total traffic volume per VM, but sometimes a very high instantaneous poll result is inflating the result as I only poll the result each minute. I would prefer to read a 'bytes total' counter instead of a 'bytes/sec' counter - is there such a thing? Thanks Acendo

  Read the article

• Saving music wisely: Why save 'Queen - Bohemian Rhapsody.mp3' millions of times?

  - by hsmit

  As far as I'm concerned, Queen's song 'bohemian rhapsody' is one of the most popular songs all time. But for the purpose of this message you may replace this with another track. At the same time I think 60% of the digital-music listeners have this track. Sometimes we have multiple copies: different versions of the track, different devices, unwanted duplicates in download folders, itunes folders etc.. Wouldn't it be much smarter to store these songs only once? You can imagine various solutions for this. How would you accomplish this? Some criteria that may help you find an answer: It must reduce disk space It must remember which music belongs to you (DRM) It must use network traffic efficiently

  Read the article

• Why should I use Firewall Zones and not just Address Objects?

  - by SRobertJames

  I appreciate Firewall Address Objects and Address Groups - they simplify management by letting me give a name to a group of addresses. But I don't understand what Firewall Zones (LAN, WAN, DMZ, etc.) do for me over Address Groups. I know all firewalls have them, so there must be a good reason. But what do I gain by stating a rule applies to all traffic from LAN Zone to WAN Zone which comes from LAN Address Group to WAN Address Group? Why not just mention the Address Groups?

  Read the article

• Apache vs Lighttpd: Weird behavior in reverse proxy mode.

  - by northox

  Context: I have an Apache server running in reverse proxy mode in front of a Tomcat java server. It handle HTTP and HTTPS and send those request back and forth to the Tomcat server on an internal HTTP port. Goal: I'm trying to replace the reverse proxy with Lighttpd. Problem: while asking for the same HTTPS url, while using Apache as the reverse proxy, the Tomcat server redirect (302) to an HTTPS page but with Lighttpd it redirect to the same page in HTTP (not HTTPS). Question: What does Lighttpd could do different in order to have a different result from the backend server? In theory, using Apache or Lighttpd server as a reverse proxy should not change anything... but it does. Any idea? I'll try to find something by sniffing the traffic on the backend tomcat server.

  Read the article

• On an unencrypted public wi-fi hotspot, what exactly is a packet sniffer doing to get another computer's packet?

  - by hal10001

  I get mixed results when reading information security articles, some of them stating that in order to do something similar you need to also setup some sort of honeypot with a running access point and local Web server to intercept traffic. Then other articles seem to indicate you don't need that, and you can just run Wireshark, and it will detect all packets being sent on the network. How could that be, and what exactly is a packet sniffer doing to get those packets? Does this involve intercepting wireless signals transmitted over the wireless protocol and frequency via the NIC on the computer running a program like Wireshark?

  Read the article

• how to split a pcap file into a set of smaller ones

  - by facha

  I have a huge pcap file (generated by tcpdump). When I try to open it in wireshark, the program just gets unresponsive. Is there a way to split a file in set of smaller ones to open them one by one? The traffic captured in a file is generated by two programs on two servers, so I can't split the file using tcpdump 'host' or 'port' filters. I've also tried linux 'split' command :-) but with no luck. Wireshark wouldn't recognize the format.

  Read the article

• Is encryption really needed for having network security? [closed]

  - by Cawas

  I welcome better key-wording here, both on tags and title. I'm trying to conceive a free, open and secure network environment that would work anywhere, from big enterprises to small home networks of just 1 machine. I think since wireless Access Points are the most, if not only, true weak point of a Local Area Network (let's not consider every other security aspect of having internet) there would be basically two points to consider here: Having an open AP for anyone to use the internet through Leaving the whole LAN also open for guests to be able to easily read (only) files on it, and even a place to drop files on Considering these two aspects, once everything is done properly... What's the most secure option between having that, or having just an encrypted password-protected wifi? Of course "both" would seem "more secure". But it shouldn't actually be anything substantial. I've always had the feeling using any kind of the so called "wireless security" methods is actually a bad design. I'm talking mostly about encrypting and pass-phrasing (which are actually two different concepts), since I won't even consider hiding SSID and mac filtering. I understand it's a natural way of thinking. With cable networking nobody can access the network unless they have access to the physical cable, so you're "secure" in the physical way. In a way, encrypting is for wireless what building walls is for the cables. And giving pass-phrases would be adding a door with a key. So, what do you think?

  Read the article

• Firewall issue with multiple SIP PROXY / REGISTRAR servers

  - by MikeBrom

  Hi We have a pair of Internet-facing SIP PROXY/REGISTRAR servers (for resilienced and load-balancing). When a SIP phone registers, it will be handled by one of the REGISTRAR servers (round-robin DNS) - and since this registration is renewed, the firewall port/address translation is maintained. Therefore, when a call is to be sent back to the phone the INVITE message passes successfully through the firewall. However, it is likely that the phone may register with one of the two servers, but the INVITE may come from the other. In this situation, the call fails since there is no translation in place on the firewall. Is there a feature in the SIP protocol to facilitate this? Any other ideas? As our traffic grows, we will no doubt end-up with more than two servers - so the problem will escalate. Thanks, Mike

  Read the article

• Cisco ASA 5505 and slow download speeds for Apple devices

  - by James

  For traffic routing through my ASA 5505, downloads for all Apple devices, including AppleTV iPad gen 1 IMac MacBook Pro are very slow. speedof.me show less than 1 Mbps download (where I should have 20 Mbps +), yet for any Windows-based device, the download speeds are in excess of 20 Mbps. The Windows device, including the iMac and MacBook Pro machines, are connected via ethernet cable. Why are Apple devices experiencing such pain? Is it an ASA setting, or something else? Thanks.

  Read the article

< Previous Page | 163 164 165 166 167 168 169 170 171 172 173 174  | Next Page >