Search Results

Search found 5618 results on 225 pages for 'recursive dns'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 168/225 | < Previous Page | 164 165 166 167 168 169 170 171 172 173 174 175  | Next Page >

  • Virus blocking incoming connections ?

    - by Benoît
    Hello, on my windows 2003 server, all incoming connections are dropped. I can see them getting in using Wireshark, but even a single ping from another computer fails. All locally initiated connection work fine (i'm asking from the server). This server is the DC/DHCP/DNS/File server, so computer clients are in the dark. I've run varius antivirus and removal tools without any luck. The Windows Firewall is disabled. I'm wild-guessing at some virus/worm. How can i check why these incoming ICMP/TCP SYN/etc are dropped ? Anyone has any knowledge about such situations ? Thanks.

    Read the article

  • CentOS Existing host to new host with all data/files

    - by ganesh
    Good noon. Our small startup management decided to move our production server from existing provider to azure. We have centOS on both. It is for classified's related site, considerable amount of data and ~thousands users with their disc space quota. This is our first time moving our servers. I need your Guidance and suggestions on these. 1) How to migrate the mysql db (dump OR slave OR copy filesystem)? 2) How to manage the emails during the downtime. 3) Manage the files 4) How to security/Firewall check list for the new system 5) IP/DNS related Checklist 6) Anything that I missed out!. Since first time, planning to be more cautious. Any reference documents Highly appreciated. Thank you all!.

    Read the article

  • Postfix sends email to spam (gmail, hotmail)

    - by razorxan
    I recently installed a postfix + dovecot + dkim multi domain, multi user, multi alias mail server on my debian squeeze system. Everything works except for one big issue that basically makes the whole thing useless: Every single email sent by my server goes straight into spam. (gmail, hotmail) First thing i did is doing the well known allaboutspam test and all is checked (green) except for the BATV thing (yellow): Reverse dns: green HELO Greeting: green RBL: green BATV: yellow SPF: green DKIM: green URIBL: green SPAMAssassin: green Greylist: green I'm really confused and i can't see a way to solve this issue. Ask me any detail if you need.

    Read the article

  • How to set RpcClientAccessServer for a Exchange 2010 mailbox database to a load balancer

    - by Archit Baweja
    I have 2 Exchange 2010 servers each with a Mailbox Database. I have also setup a Hardware Load Balancer (KEMP LoadMaster 2200 to be precise) to load balance the CAS role access. My HLB has an IP of 192.168.1.100. I've setup the DNS A record for mail.mydomain.com to point to 192.168.1.100. However when I try to set the RpcClientAccessServer on a mailbox database using Set-MailboxDatabase "My Mailbox Database" -RpcClientAccessServer mail.mydomain.com I get an error saying Exchange server "mail.mydomain.com" was not found. Please make sure you have typed it correctly. + CategoryInfo : NotSpecified: (:) [], ManagementObjectNotFoundException + FullyQualifiedErrorId : 4082394C Any ideas?

    Read the article

  • My windows xp wireless hotspot wifi isn't working

    - by Dominic Grenier
    I add the hotspot the regular way. Yet it doesn't show up as available when I try to connect to it using my other Ubuntu laptop. And nothing can connect to it. Yesterday, I successfully made it work for 5 minutes and then it stopped without me changing any configuration. I've already tryed resetting the DNS. Edit: I've updated my Broadcom 802.11b/g driver to a generic but more recent version. I've also repaired the WMI, now the advanced tab of my primary connection is available and the hand meaning the connection is shared appeared. But the computers still connect the wrong way around. (Windows to ubuntu instead of ubuntu to windows) Reinstalled SP3...

    Read the article

  • Does an SMTP request contain host header information (or just the IP of the targeted SMTP server)?

    - by Olaf
    We are using an external commercial smtp server for our newsletters (sending them through .NET components), and they offer two smtp URLs - smtp.critsend.com and fast.critsend.com -, and the second one is reserved for sending singular emails, the first one for bulk. Using nslookup shows that both resolve to the same 4 IP addresses (fast.critsend.com being an Alias). Question: (how) is it possible for the smtp relay to distinguish between different names? Is there something in the headers that can be compared to host headers in http protocol (I didn't find any intelligible information for a non-sysadmins)? The reason I'm asking is because we would like to use one of the IPs in our newsletter script (which works) rather than a name (in order to save DNS requests), and we are wondering about potential problems.

    Read the article

  • What is the Best Free Linux Gateway

    - by rockinthesixstring
    I'm looking at moving away from using my DIR-825 as a gateway and moving into a Linux box to do it all for me. I've found IPCop, but I'm looking for something with a little more power. My main goal is basically to be able to point different external domain names to different internal servers. backup.example.com - 192.168.0.5 home.example.com - 192.168.0.1 I host my DNS on my own dedicated server (windows), so I don't know much about doing the gateway thing in my home (my hosting provider does it all for me). Do any of you know of any free Linux Distros that can accomplish what I'm looking for?

    Read the article

  • cant access site intermittent as i get site not available

    - by user61438
    i have a news site i check stuff for regularly.. once in a while i cant access it completely from my 5 different browsers and even from the command line, nslookup cant resolve, ping and tracert fails.. all not being able to resolve site name..the problem is specific to this.. i am told by the site support person that problem is that its cache on my machine or on ISP and I say thats not true because this site I access it 1-2-3 times a week from one browser only.. i only fire up the other ones in times of trouble..and when i have the problem even if i try on my secondary machines i still get the same problems.. when problem goes away all works well.... question is whats causing the intermittent dns/http problems... i don't believe this is something to do with my machine because probe disappears without me having done anything at all.

    Read the article

  • Domain Computers Not Listed In Network

    - by Giawa
    Our network computers are all connected to a domain, and I can see them if I search the active directory (I can click 'search active directory' and then select 'computers' and then Find Now, and all of the computers will appear). However, the computers are not listed in the network browser on any of our computers (Win XP, Win7, Linux, etc) which are connected to the domain. DC is running Windows Server 2008 (Windows Server Standard) with a configured DNS and DHCP server. All of the IPs on our local network are static IPs, although I can't see how that would make a difference. I can still connect to computers on the network via \\computer_name, but I cannot browse them in 'network' or in 'my network places'. The computer browser service is not started on the DC, but I tried starting that and it had no effect. DC currently has the firewall configured as 'off' to try to debug this problem. Thanks in advance

    Read the article

  • Redirect some URL requests to CloudFront and the rest direct to the normal server?

    - by indiehacker
    Say I have two types of URL requests that must be handled by my REST API: http://query.restapi.com/image.png?apikey=abc123 http://query.restapi.com/2.0/<apiKey>/resource.json?from=umi.us_census00.state_geometry Is it possible to redirect only some URL requests for static images (ie., regex: *.png?.*) to take advantage of CloudFront's caching and have the rest of the requests go directly to the normal EC2 server (or at least take a speedier indirect route to the normal EC2 server?). Perhaps the added request time for the misses to CloudFront is irrelevant to worry about? Or perhaps my situation is not best to use for CloudFront? I understand I will need to make DNS change where the current URL requests having http://query.restapi.com/some.png?apikey=0123 get redirected to http://d1234.cloudfront.net/some.png, but I am hoping there is some way for just redirecting static .png requests to take advantage of CloudFront?

    Read the article

  • Is it possible to host a website in the 'ether' of the Internet -- not on a server -- so that it cannot be taken down? [closed]

    - by Christopher Altman
    This is a theoretical problem I am curious about. Websites are hosted on servers. Servers can be taken offline. Is it possible to host a website in the 'ether' of the Internet -- not on a server -- so that it cannot be taken down? One example, is that the website is hosted on other websites, like a parasite. Another is that it is assembled through storing pieces on DNS machines, routers, etc., so that it get assembled on the fly. The purpose is that this website could live forever because no one person can remove it. The answers I am looking for are plausible idea/approaches on technically how this could be built.

    Read the article

  • postfix uses hostname instead of myhostname.

    - by sunny.oxide
    Hi there, I am trying to set up an outgoing mail server for sending emails which is to relay to our ISP. In /etc/postfix/main.cf I have myhostname to ourcompany.example.com and myorigin and mydomain to $myhostname. ourcompany.example.com is resolvable. But looking at the logs in /var/log/maillog it appears that postfix does use the myhostname for the send address, but uses whatever from getmyhostname(), which is set to an internal DNS name since this is an internal server and we only send email out, but not handling incoming email. Any ideas?

    Read the article

  • Permissions nightmare - tried all I know

    - by Ben
    Working on a new client's dev site, which is a wordpress install on a Plesk box. I have SSH root access, and FTP access through a separate account. What I've done so far Initially I couldn't make any changes to any files at all. The permissions on all the template files looked a little screwy (644), so I figured change them to allow group, and add myself to the group: CHMOD Recursive on the theme folder to set everything to 664 Quickly realised I'd broken it, set the folders to 755, kept files as 664 Ownership on all files is a mixture of root:root and 500:500 (there is no user nor group with the ID of 500 on the server). Added myself to the group 'root' so I could modify the files too The Problem This worked OK, in terms of being able to edit the existing files, so I began working. However, I can't upload to the directory, even having run CHOWN -R root:root templatefolder/ and being in the root group. I feel like I must be missing something obvious, and it's doing my head in. Questions: Files in the install owned by 500 with group 500 - I've looked in /etc/group and /etc/passwd and there is no user nor group with this ID. Is that left over from another developer's setup or the previous server (they moved recently)? Is being in the 'root' group enough, or do I need to own the theme folder as 'myftpuser' in order to upload and create new files? Like I say, I have edit access, so I got myself this far. I'm now questioning what to do next!

    Read the article

  • Exchange Server 2010 ActiveSync SSL Certificate Problem

    - by Cell-o
    Hi All, We have a problem related Exchange Server 2010 Activesync.My problem is;When I connecting to activesync from outside, I am receiving the following error. ExRCA is testing Exchange ActiveSync. The Exchange ActiveSync test failed. Test Steps Attempting to resolve the host name mail.xxxxx.com in DNS. The host name resolved successfully. Additional Details IP addresses returned: xx.0.x3.4 Testing TCP port 443 on host mail.x.com to ensure it's listening and open. The port was opened successfully. Testing the SSL certificate to make sure it's valid. The SSL certificate failed one or more certificate validation checks. Test Steps Validating the certificate name. Certificate name validation failed. Tell me more about this issue and how to resolve it Additional Details Host name mail.x.com doesn't match any name found on the server certificate CN=xxxxxx. Thanks in advance all your help.

    Read the article

  • Outgoing mail from linux not being delivered

    - by Jason
    I can't seem to send mail through my php scripts or through the linux console on my Centos 5.5 LAMP server, when the email is addressed to go to a domain that is hosted by my box. I think it is something to do with the email routing internally, or the DNS servers that the box uses not reporting the correct MX records. Basically my box doesn't host any mail, it's all hosted on google apps. My name servers are hosted by a 3rd party provider and I am using webmin. Webmin doesn't recognise the settings on the 3rd party provider. I'm unsure how to fix this. Previously when I had this problem on a cpanel server, I would edit the remotedomains and localdomains files, moving domains from one file to another and it would fix the problem. What information do I need to provide for anyone to work out what the issue is? Thanks

    Read the article

  • Bridging LXC containers to host eth0 so they can have a public IP

    - by Vianney Stroebel
    UPDATE: I found the solution there: http://www.linuxfoundation.org/collaborate/workgroups/networking/bridge#No_traffic_gets_trough_.28except_ARP_and_STP.29 # cd /proc/sys/net/bridge # ls bridge-nf-call-arptables bridge-nf-call-iptables bridge-nf-call-ip6tables bridge-nf-filter-vlan-tagged # for f in bridge-nf-*; do echo 0 $f; done But I'd like to have expert opinions on this: is it safe to disable all bridge-nf-*? What are they here for? END OF UPDATE I need to bridge LXC containers to the physical interface (eth0) of my host, reading numerous tutorials, documents and blog posts on the subject. I need the containers to have their own public IP (which I've previously done KVM/libvirt). After two days of searching and trying, I still can't make it work with LXC containers. The host runs a freshly installed Ubuntu Server Quantal (12.10) with only libvirt (which I'm not using here) and lxc installed. I created the containers with : lxc-create -t ubuntu -n mycontainer So they also run Ubuntu 12.10. Content of /var/lib/lxc/mycontainer/config is: lxc.utsname = mycontainer lxc.mount = /var/lib/lxc/test/fstab lxc.rootfs = /var/lib/lxc/test/rootfs lxc.network.type = veth lxc.network.flags = up lxc.network.link = br0 lxc.network.name = eth0 lxc.network.veth.pair = vethmycontainer lxc.network.ipv4 = 179.43.46.233 lxc.network.hwaddr= 02:00:00:86:5b:11 lxc.devttydir = lxc lxc.tty = 4 lxc.pts = 1024 lxc.arch = amd64 lxc.cap.drop = sys_module mac_admin mac_override lxc.pivotdir = lxc_putold # uncomment the next line to run the container unconfined: #lxc.aa_profile = unconfined lxc.cgroup.devices.deny = a # Allow any mknod (but not using the node) lxc.cgroup.devices.allow = c *:* m lxc.cgroup.devices.allow = b *:* m # /dev/null and zero lxc.cgroup.devices.allow = c 1:3 rwm lxc.cgroup.devices.allow = c 1:5 rwm # consoles lxc.cgroup.devices.allow = c 5:1 rwm lxc.cgroup.devices.allow = c 5:0 rwm #lxc.cgroup.devices.allow = c 4:0 rwm #lxc.cgroup.devices.allow = c 4:1 rwm # /dev/{,u}random lxc.cgroup.devices.allow = c 1:9 rwm lxc.cgroup.devices.allow = c 1:8 rwm lxc.cgroup.devices.allow = c 136:* rwm lxc.cgroup.devices.allow = c 5:2 rwm # rtc lxc.cgroup.devices.allow = c 254:0 rwm #fuse lxc.cgroup.devices.allow = c 10:229 rwm #tun lxc.cgroup.devices.allow = c 10:200 rwm #full lxc.cgroup.devices.allow = c 1:7 rwm #hpet lxc.cgroup.devices.allow = c 10:228 rwm #kvm lxc.cgroup.devices.allow = c 10:232 rwm Then I changed my host /etc/network/interfaces to: auto lo iface lo inet loopback auto br0 iface br0 inet static bridge_ports eth0 bridge_fd 0 address 92.281.86.226 netmask 255.255.255.0 network 92.281.86.0 broadcast 92.281.86.255 gateway 92.281.86.254 dns-nameservers 213.186.33.99 dns-search ovh.net When I try command line configuration ("brctl addif", "ifconfig eth0", etc.) my remote host becomes inaccessible and I have to hard reboot it. I changed the content of /var/lib/lxc/mycontainer/rootfs/etc/network/interfaces to: auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 179.43.46.233 netmask 255.255.255.255 broadcast 178.33.40.233 gateway 92.281.86.254 It takes several minutes for mycontainer to start (lxc-start -n mycontainer). I tried replacing gateway 92.281.86.254 by : post-up route add 92.281.86.254 dev eth0 post-up route add default gw 92.281.86.254 post-down route del 92.281.86.254 dev eth0 post-down route del default gw 92.281.86.254 My container then starts instantly. But whatever configuration I set in /var/lib/lxc/mycontainer/rootfs/etc/network/interfaces, I cannot ping from mycontainer to any IP (including the host's) : ubuntu@mycontainer:~$ ping 92.281.86.226 PING 92.281.86.226 (92.281.86.226) 56(84) bytes of data. ^C --- 92.281.86.226 ping statistics --- 6 packets transmitted, 0 received, 100% packet loss, time 5031ms And my host cannot ping the container: root@host:~# ping 179.43.46.233 PING 179.43.46.233 (179.43.46.233) 56(84) bytes of data. ^C --- 179.43.46.233 ping statistics --- 5 packets transmitted, 0 received, 100% packet loss, time 4000ms My container's ifconfig: ubuntu@mycontainer:~$ ifconfig eth0 Link encap:Ethernet HWaddr 02:00:00:86:5b:11 inet addr:179.43.46.233 Bcast:255.255.255.255 Mask:0.0.0.0 inet6 addr: fe80::ff:fe79:5a31/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:64 errors:0 dropped:6 overruns:0 frame:0 TX packets:54 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:4070 (4.0 KB) TX bytes:4168 (4.1 KB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:32 errors:0 dropped:0 overruns:0 frame:0 TX packets:32 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2496 (2.4 KB) TX bytes:2496 (2.4 KB) My host's ifconfig: root@host:~# ifconfig br0 Link encap:Ethernet HWaddr 4c:72:b9:43:65:2b inet addr:92.281.86.226 Bcast:91.121.67.255 Mask:255.255.255.0 inet6 addr: fe80::4e72:b9ff:fe43:652b/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1453 errors:0 dropped:18 overruns:0 frame:0 TX packets:1630 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:145125 (145.1 KB) TX bytes:299943 (299.9 KB) eth0 Link encap:Ethernet HWaddr 4c:72:b9:43:65:2b UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:3178 errors:0 dropped:0 overruns:0 frame:0 TX packets:1637 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:298263 (298.2 KB) TX bytes:309167 (309.1 KB) Interrupt:20 Memory:fe500000-fe520000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:6 errors:0 dropped:0 overruns:0 frame:0 TX packets:6 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:300 (300.0 B) TX bytes:300 (300.0 B) vethtest Link encap:Ethernet HWaddr fe:0d:7f:3e:70:88 inet6 addr: fe80::fc0d:7fff:fe3e:7088/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:54 errors:0 dropped:0 overruns:0 frame:0 TX packets:67 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:4168 (4.1 KB) TX bytes:4250 (4.2 KB) virbr0 Link encap:Ethernet HWaddr de:49:c5:66:cf:84 inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) I have disabled lxcbr0 (USE_LXC_BRIDGE="false" in /etc/default/lxc). root@host:~# brctl show bridge name bridge id STP enabled interfaces br0 8000.4c72b943652b no eth0 vethtest I have configured the IP 179.43.46.233 to point to 02:00:00:86:5b:11 in my hosting provider (OVH) config panel. (The IPs in this post are not the real ones.) Thanks for reading this long question! :-) Vianney

    Read the article

  • Ubuntu VPN Server (PPTPD) Configuration - Pass Traffic to Internet

    - by SnAzBaZ
    I am trying to configure PPTPD on my Ubuntu box to pass all VPN traffic through to it's internet connection, so I essentially want it to work like a Proxy. I think the problem is that no default gateway is being assigned to my PPTP client (Windows 7). I can connect to the VPN fine, I get an IP address and DNS servers but no default gateway. Do I need to configure a specific option to tell the VPN server to forward all traffic it receives down it's eth0 port and out to the internet. Thanks!

    Read the article

  • Facebook doesn't work on computer, but work on mobile device, both use the same router

    - by sasa
    I have a very strange problem and I'm thinking that can be problem with dns or something similar, but not sure and don't know how to solve. My computer is connected to router and every site works fine except facebook (Chrome and Firefox). Chrome shows "Error 101 (net::ERR_CONNECTION_RESET): The connection was reset." But, on mobile device witch is connected to the same router facebook works fine (Fb application and Delphin browser). Pinging facebook works fine. Clearing cookies and cache didn't help. Also, I performed antivirus and antimalware scan and there is nothing. What can be a problem? Update: I'm also connect notebook on that wifi router, and on it works fine. nslookup facebook.com Server: UnKnown Address: 192.168.1.1 Non-authoritative answer: Name: facebook.com Addresses: 2a03:2880:2110:3f01:face:b00c:: 2a03:2880:10:1f02:face:b00c:0:25 2a03:2880:10:8f01:face:b00c:0:25 69.171.224.37 69.171.229.11 69.171.242.11 66.220.149.11 66.220.158.11

    Read the article

  • Why do I get "General Failure" when pinging host name on a Win 7 node on the network?

    - by hydroparadise
    This is a very peculiar problem with a station on our network. The client pc is running Windows 7 Pro. What makes this problem interesting is that this client is the only node on the network that seems to be experiencing this proglem. When I try to ping a specific Win 08 server by host name, I get an IPv6 address and get General failure. But when I ping it's IPv4 address, it responds just fine. My first thought would check the DNS server the name resolutions to see what would be going on, but the problem begs the quesion, why does the station get an IPv6 address back and fails as opposed to using the IPv4 settings (which are static btw). What gives? I am including a screen shot of trying the one specific server and failing while trying another server with success. All other nodes on the network don't have problems communicating with the server the one station is having issues with.

    Read the article

  • Network Path not found while joining Active Directory

    - by Chiggins
    So I have an Amazon EC2 box running Windows Server 2008 with Active Directory installed on it. I also have a Windows 7 virtual machine, which is set to use the Active Directory box as its DNS and WINS server. I'm trying to join the virtual machine to the domain, and I'm asked for authentication. I give authentication, wait a minute, and I get an error saying: The following error occurred attempting to join the domain "ad.chigs.me": The network path was not found. How can I fix this so that I'll be able to join the domain?

    Read the article

  • Lost contact with my NAS after changing its IP

    - by Beles
    I did some brain-dead reconfiguring of my D-Link DNS-323 NAS some days ago. I have a home network where each computer gets a dynamically allocated IP address starting at 192.168.1.100. The irritating point (for me at least) was that the NAS changed IP if the power went down or I turned off the router. I then had to remap a drive-letter to point to the new IP address of the NAS. To remedy that I configured the NAS to have a static IP, 192.168.0.10. I had no good reason to choose that IP, other than I found it in a user manual for the NAS. After I changed the IP and rebooted the NAS it disappeared from the network and was never to be found again. Now I have a black brick standing in my home, looking good, but "dead". Could anyone point me in a direction which helps me solve this problem? I have about 100gb worth of pic of my children on this brick so I really want it back :-) Sincerely,

    Read the article

  • multiple domains, one static IP address and latency

    - by shirish
    how is latency affected when multiple domains are using one single static IP address ? The scenario is in shared web-hosting By latency meaning the DNS lookup the client has to do. As far as I understand it, the browser would hit the root servers to try to figure out the IP Address and it belongs where and then when it comes to the correct server, it probably looks up some sort of table to determine which site names much and show that site as such via browser to the user. Is my understanding correct or backwards or what ?

    Read the article

  • LinkSys WRT54GL + AM200 in half-bridge mode - Setup guide recommendations?

    - by Peter Mounce
    I am basically looking for a good guide on how to set up my home network with this set of hardware. I need: Dynamic DNS Firewall + port-forwarding VPN Wake-on-LAN from outside firewall VOIP would be nice QoS would be nice (make torrents take lower priority to other services when those other services are happening) DHCP Wireless + WPA2 security Ability to play multiplayer computer games I am not a networking or computing neophyte, but the last time I messed with network gear was a few years ago, so am needing to dust off knowledge I kinda half have. I have read that I should be wanting to set up the AM200 in half-bridge mode, so that the WRT54GL gets the WAN IP - this sounds like a good idea, but I'd still like to be advised. I have read that the dd-wrt firmware will meet my needs (though I gather I'll need the vpn-specific build, which appears to preclude supporting VOIP), but I'm not wedded to using it. My ISP supplies me with: a block of 8 static IPs, of which 5 are usable to me a PPPoA ADSL2+ connection

    Read the article

  • Need help identiying a nasty rootkit in Windows

    - by goofrider
    I have a nasty rootkit that not tools seem to be able to idenity. I know for sure it's a rootkit, but I can figure out which rootkit it is. Here's what I gathered so far: It creates multiple copies of itself in %HOME%\Local Settings\Temp with names like Q.EXE, IAJARZ.exe, etc., and install them as hidden services. These EXE have SysInternals identifiers in them so they're definitely rootkits. It hooked very deep in the system, including file read/write, security policies, registry read/write, and possibly WinSock/TCP/IP. When going to Sophos.com to download their software, the rootkit inject something called Microsoft Ajax Tootkit into the page, which injects code into the email submission form in order to redirect it. (EDIT: I might have panicked. Looks like Sophos does use an AJAZ email form, their form is just broken on Chrome so it looked like a mail form injection attack, the link is http://www.sophos.com/en-us/products/free-tools/virus-removal-tool/download.aspx ) Super-Antispyware found a lot of spyware cookies, in the name of .kaspersky.2o7.net, etc. (just chedk 2o7.net, looks like it's a legit ad company) I tried comparing DNS lookup from the infected systems and from system in other physical locations, no DNS redirections it seems. I used dd to copy the MBR and compared it with the MBR provided by ms-sys package, no differences so it's not infecting MBR. No antivirus or rootkit scanner be able to identify it. Most of them can't even find it. I tried scanning, in-situ (normal mode), in safe mode, and boot to linux live CD. Scanners used: Avast, Sophos anti rootkit, Kasersky TDSSKiller, GMER, RootkitRevealer, and many others. Kaspersky reported some unsigned system files that ought to be signed (e.g. tcpip.sys), and reported a number of MD5 mismatches. But otherwise couldn't identify anything based on signature. When running Sysinternal RootkitRevealer and Sophos AntiRootkit, CPU usage goes up to 100% and gets stucked. The Rootkit is blocking them. When trying running/installing HiJackThis, RootkitRevealer and some other scanners, it tells me system security policy prevent running/installing it. The list of malicious acitivities go on and on. here's a sample of logs from all my scans. In particular, aswSnx.SYS, apnenfno.sys and PROCMON20.SYS has a huge number of hooks. It's hard to tell if the rootkit replaced legit program files like aswSnx.SYS (from Avast) and PROCMON20.SYS (from Sysinternal Process Monitor). I can't find whether apnenfno.sys is from a legit program. Help to identify it is appreciated. Trend Micro RootkitBuster ------ [HIDDEN_REGISTRY][Hidden Reg Value]: KeyPath : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg Root : 586bfc0 SubKey : Cfg ValueName : g0 Data : 38 23 E8 D0 BF F2 2D 6F ... ValueType : 3 AccessType: 0 FullLength: 61 DataSize : 32 [HOOKED_SERVICE_API]: Service API : ZwCreateMutant Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS OriginalHandler : 0x8061758e CurrentHandler : 0xaa66cce8 ServiceNumber : 0x2b ModuleName : aswSnx.SYS SDTType : 0x0 [HOOKED_SERVICE_API]: Service API : ZwCreateThread Image Path : c:\windows\system32\drivers\apnenfno.sys OriginalHandler : 0x805d1038 CurrentHandler : 0xaa5f118c ServiceNumber : 0x35 ModuleName : apnenfno.sys SDTType : 0x0 [HOOKED_SERVICE_API]: Service API : ZwDeleteKey Image Path : C:\WINDOWS\system32\Drivers\PROCMON20.SYS OriginalHandler : 0x80624472 CurrentHandler : 0xa709b0f8 ServiceNumber : 0x3f ModuleName : PROCMON20.SYS SDTType : 0x0 HiJackThis ------ O23 - Service: JWAHQAGZ - Sysinternals - www.sysinternals.com - C:\DOCUME~1\jeff\LOCALS~1\Temp\JWAHQAGZ.exe O23 - Service: LHIJ - Sysinternals - www.sysinternals.com - C:\DOCUME~1\jeff\LOCALS~1\Temp\LHIJ.exe Kaspersky TDSSKiller ------ 21:05:58.0375 3936 C:\WINDOWS\system32\ati2sgag.exe - copied to quarantine 21:05:59.0217 3936 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:05:59.0342 3936 C:\WINDOWS\system32\BUFADPT.SYS - copied to quarantine 21:05:59.0856 3936 BUFADPT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:05:59.0965 3936 C:\Program Files\CrashPlan\CrashPlanService.exe - copied to quarantine 21:06:00.0152 3936 CrashPlanService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:00.0246 3936 C:\WINDOWS\system32\epmntdrv.sys - copied to quarantine 21:06:00.0433 3936 epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:00.0464 3936 C:\WINDOWS\system32\EuGdiDrv.sys - copied to quarantine 21:06:00.0526 3936 EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:00.0604 3936 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe - copied to quarantine 21:06:01.0181 3936 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0321 3936 C:\Program Files\AddinForUNCFAT\UNCFATDMS.exe - copied to quarantine 21:06:01.0430 3936 OTFSDMS ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0492 3936 C:\WINDOWS\system32\DRIVERS\tcpip.sys - copied to quarantine 21:06:01.0539 3936 Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0601 3936 C:\DOCUME~1\jeff\LOCALS~1\Temp\TULPUWOX.exe - copied to quarantine 21:06:01.0664 3936 HKLM\SYSTEM\ControlSet003\services\TULPUWOX - will be deleted on reboot 21:06:01.0664 3936 C:\DOCUME~1\jeff\LOCALS~1\Temp\TULPUWOX.exe - will be deleted on reboot 21:06:01.0664 3936 TULPUWOX ( UnsignedFile.Multi.Generic ) - User select action: Delete 21:06:01.0757 3936 C:\WINDOWS\system32\Drivers\usbaapl.sys - copied to quarantine 21:06:01.0866 3936 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0913 3936 C:\Program Files\VMware\VMware Player\vmware-authd.exe - copied to quarantine 21:06:02.0443 3936 VMAuthdService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:02.0443 3936 vmount2 ( UnsignedFile.Multi.Generic ) - skipped by user 21:06:02.0443 3936 vmount2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:06:02.0459 3936 vstor2 ( UnsignedFile.Multi.Generic ) - skipped by user 21:06:02.0459 3936 vstor2 ( UnsignedFile.Multi.Generic ) - User select action: Skip

    Read the article

  • How come I can't ping my home computer?

    - by bikefixxer
    I'm trying to set up a vpn into my home computer in order to access files from wherever. I have the home computer set up with a no-ip dynamic dns program so I can always connect, and have also tried using the actual ip address. However, when I try to connect or even ping from anywhere outside of my house I can't get through. I've tried putting that particular computer in the dmz, turned off the computers firewall and anti-virus, and I still don't get anything. I have comcast as my home internet provider. I have also tried from two different locations. Are there any other solutions I can try or is comcast the issue? I used to be able to do this when I ran a small web server at home for fun but now nothing works. Thanks in advance for any suggestions!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 164 165 166 167 168 169 170 171 172 173 174 175  | Next Page >