Search Results

Search found 18450 results on 738 pages for 'website attacks'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 174/738 | < Previous Page | 170 171 172 173 174 175 176 177 178 179 180 181  | Next Page >

  • Apache server in raspberry PI not visible from outside( public IP)

    - by Kronos
    I have made a fresh install of Arch Linux ARM into a Raspberry PI and I mounted there a LAMP, all fresh. I have another Arch(x86) in my laptop with Apache also there, and as far as I know, two web servers cannot run in the same network segment so, the problem is as follows. I my laptop, having Apache running, if I enter via the public ip of my network everything turns ok and I can see my website but, (obviously turning this server down) if I enter from the public IP with the Apache running in the raspberry pi( yes, only that Apache running) i cannot see my website in there. Also, if I access via local network it is a normal success, I can see my website. So, I can enter my raspberry website only via local but in my other web server i can enter it via local and public. I have the same conf files in both of them so what is the difference? I was planning in making the rpi as a development server. Thanks in advance

    Read the article

  • virtual directories in iis7.0 got deleted in windows 2008

    - by subash
    hi , After installing iis6.0 metabase compatibility and iis6.0 console in the iis7.0 ,i am not able to create new virtual directory in Default website( which is marked with a small red mark). when i right click on" Default website",it generates following message box "there was an error while performing this operation...the application '/' does not exist." and i am working in the windows 2008 environment .can any one help me in getting back my old virtual directories in default website?

    Read the article

  • Proftpd: only allow one address

    - by tomkeim
    Hello, I am searching for it on Google, but i didn't find anything. Is there a way tho set up proftpd that it will only accept a connection on ftp.website.ext and not on website.ext or test.website.ext I am running proftpd on Debian 5 Tom

    Read the article

  • Ask a DNS server what sites it hosts - and how to possibly prevent misuse

    - by Exit
    I've got a server which I host my company website as well as some of my clients. I noticed a domain which I created, but never used, was being attacked by a poke and hope hacker. I imagine that the hacker collected the domain from either hitting my DNS server and requesting what domains are hosted. So, in the interest of prevention and better server management, how would I ask my own DNS server (Linux CentOS 4) what sites are being hosted on it? Also, is there a way to prevent these types of attacks by hiding this information? I would assume that DNS servers would need to keep some information public, but I'm not sure if there is something that most hosts do to help prevent these bandwidth wasting poke and hope attacks. Thanks in advance.

    Read the article

  • Is this form of cloaking likely to be penalised?

    - by Flo
    I'm looking to create a website which is considerably javascript heavy, built with backbone.js and most content being passed as JSON and loaded via backbone. I just needed some advice or opinions on likely hood of my website being penalised using the method of serving plain HTML (text, images, everything) to search engine bots and an js front-end version to normal users. This is my basic plan for my site: I plan on having the first request to any page being html which will only give about 1/4 of the page and there after load the last 3/4 with backbone js. Therefore non javascript users get a 'bit' of the experience. Once that new user has visited and detected to have js will have a cookie saved on their machine and requests from there after will be AJAX only. Example If (AJAX || HasJSCookie) { // Pass JSON } Search Engine server content: That entire experience of loading via AJAX will be stripped if a google bot for example is detected, the same content will be servered but all html. I thought about just allowing search engines to index the first 1/4 of content but as I'm considered about inner links and picking up every bit of content I thought it would be better to give search engines the entire content. I plan to do this by just detected a list of user agents and knowing if it's a bot or not. If (Bot) { //server plain html } In addition I plan to make clean URLs for the entire website despite full AJAX, therefore providing AJAX content to www.example.com/#/page and normal html to www.example.com/page is kind of our of the question. Would rather avoid the practice of using # when there are technology such as HTML 5 push state is around. So my question is really just asking the opinion of the masses on if it's likely that my website will be penalised? And do you suggest an alternative which avoids 'noscript' method

    Read the article

  • The PATRIOT Act and how it relates to the Internet

    The subject of the Internet and anonymity is a very sticky situation for me because I primarily develop web applications for a living.  As a part of my job I have to track users as they enter, navigate and leave specific applications. The level of tracking depends on where the user goes within a website.  The basic information that I capture includes the user’s IP address, browser type, operating system, the date/time they entered the site and the URL from which the user was referred to the website. In addition to the custom logging that is placed on the website, web servers also have methods of logging built-in as well. Web server logging allows companies to have a central repository to store all user activity across the entire server. Not to mention that they can also create a central repository that allows multiple servers to store log files in one location. This allows users to be tracked across multiple servers as they browse website located on a specific collection of servers that host multiple websites. All this being said there are methods to attempt to protect your privacy by using proxy servers and increasing your browser security levels, but that will only limit the amount of logging not eliminate it. I have to agree with Traynor when he states that the PATRIOT Act eviscerates the constitutional protections of anonymous communication on the Internet. Therefore, given the recent passage and implementation of the PATRIOT Act, the constitutional guarantees of the right to anonymity have been severely compromised. I think that the PATRIOT Act is a direct violation of our first amendment rights because it allows for the government to directly monitor any and all activity on the internet including communications, usage, and transactions that can occur.  This opens the door to scrutiny and persecution of individuals who are not in line with the government’s beliefs and actions. If England had this type of monitoring capabilities during the revolutionary war, I believe it would have been almost impossible to succeed from England.

    Read the article

  • Procmail Postfix issue

    - by Blucreation
    Our server is using CENTOS uses postfix: Nov 1 11:31:52 webserver postfix/smtpd[30424]: 822A91872F: client=unknown[5.133.168.42], sasl_method=PLAIN, [email protected] Nov 1 11:31:52 webserver postfix/cleanup[30427]: 822A91872F: message-id=<[email protected]> Nov 1 11:31:52 webserver postfix/qmgr[1067]: 822A91872F: from=<[email protected]>, size=620, nrcpt=1 (queue active) Nov 1 11:31:52 webserver postfix/virtual[30505]: 822A91872F: to=<[email protected]>, relay=virtual, delay=0.12, delays=0.12/0/0/0, dsn=2.0.0, status=sent (delivered to maildir) Nov 1 11:31:52 webserver postfix/qmgr[1067]: 822A91872F: removed Nov 1 11:31:52 webserver postfix/smtpd[30424]: disconnect from unknown[5.133.168.42] I have this in my etc/postfix/main.cf: mailbox_command = /usr/bin/procmail -a "$EXTENSION" My etc/procmailrc contains: PATH="/usr/bin" SHELL="/bin/bash" LOGFILE="/var/log/procmail.log" VERBOSE="YES" LOG="#TEST#" I don't think procmail is picking up on my procmailrc as nothing ever gets logged from normal emails. If i type this: procmail DEFAULT=/dev/null VERBOSE=yes LOGFILE=/var/log/procmail.log /dev/null </dev/null I get entries in my log file so i know procmail is working Am i doing something wrong? am i missing something? I eventually want my rule to call a php script only if the subject contains "SUPPORT TICKET" and the to is "[email protected]" but that's once i this issue solved.

    Read the article

  • Passenger 2.2.4, nginx 0.7.61 and SSL

    - by boompa
    Has anyone had any luck configuring Passenger and nginx with SSL? I've spent hours trying to get this configuration working as I'd like, using what few resources there are out there on the net, and I can't get any of the supposedly forwarded headers to show up in the Rails controller. For example, with a conf file of the following (and multiple variations thereof): server { listen 3000; server_name .example.com; root /Users/website/public; passenger_enabled on; rails_env development; } server { listen 3443; root /Users/website/public; rails_env development; passenger_enabled on; ssl on; #ssl_verify_client on; ssl_certificate /Users/website/ssl/server.crt; ssl_certificate_key /Users/website/ssl/server.key; #ssl_client_certificate /Users/website/ssl/CA.crt; ssl_session_timeout 5m; ssl_protocols SSLv3 TLSv1; ssl_ciphers ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X_FORWARDED_PROTO https; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #proxy_set_header X-SSL-Subject $ssl_client_s_dn; #proxy_set_header X-SSL-Issuer $ssl_client_i_dn; proxy_redirect off; proxy_max_temp_file_size 0; } and Rails code in the controller like this: request.headers.each { |k, v| RAILS_DEFAULT_LOGGER.error "Header #{k} Val #{v}" } other headers appear, but not those set in nginx, e.g.: Header rack.multithread Val false Header REQUEST_URI Val /login/new Header REMOTE_PORT Val 64021 Header rack.multiprocess Val true Header PASSENGER_USE_GLOBAL_QUEUE Val false Header PASSENGER_APP_TYPE Val rails Header SCGI Val 1 Header SERVER_PORT Val 3443 Header HTTP_ACCEPT_CHARSET Val ISO-8859-1,utf-8;q=0.7,*;q=0.7 Header rack.request.query_hash Val Header DOCUMENT_ROOT Val /Users/website/public I've even gone so far as to modify Passenger's abstract_request_handler's main_loop method, i.e., headers, input = parse_request(client) if headers if headers[REQUEST_METHOD] == PING process_ping(headers, input, client) else headers.each { |h,v| log.unknown "abstract_request_handler: #{h} = #{v}" } process_request(headers, input, client) end end only to find that the supposedly added headers do not exist there either: abstract_request_handler: HTTP_KEEP_ALIVE = 300 abstract_request_handler: HTTP_USER_AGENT = Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1) Gecko/20090624 Firefox/3.5 abstract_request_handler: PASSENGER_SPAWN_METHOD = smart-lv2 abstract_request_handler: CONTENT_LENGTH = 0 abstract_request_handler: HTTP_IF_NONE_MATCH = "b6e8b9afbc1110ee3bf0c87e119252ad" abstract_request_handler: HTTP_ACCEPT_LANGUAGE = en-us,en;q=0.5 abstract_request_handler: SERVER_PROTOCOL = HTTP/1.1 abstract_request_handler: HTTPS = on abstract_request_handler: REMOTE_ADDR = 127.0.0.1 abstract_request_handler: SERVER_SOFTWARE = nginx/0.7.61 abstract_request_handler: SERVER_ADDR = 127.0.0.1 abstract_request_handler: SCRIPT_NAME = abstract_request_handler: PASSENGER_ENVIRONMENT = development abstract_request_handler: REMOTE_PORT = 64021 abstract_request_handler: REQUEST_URI = /login/new abstract_request_handler: HTTP_ACCEPT_CHARSET = ISO-8859-1,utf-8;q=0.7,*;q=0.7 abstract_request_handler: SERVER_PORT = 3443 abstract_request_handler: SCGI = 1 abstract_request_handler: PASSENGER_APP_TYPE = rails abstract_request_handler: PASSENGER_USE_GLOBAL_QUEUE = false I'm tired of banging my head against the wall, so I'd truly appreciate any help I can get!

    Read the article

  • Bridging VirtualBox over OpenVPN TAP adapter on Windows

    - by Sean Edwards
    I'm trying to configure a virtual machine (VirtualBox guest running Backtrack 4) with a bridged adapter over a VPN connection. The VPN is is hosted by the cybersecurity club at my university, and connects to a sandboxed LAN designed for penetration testing against various servers that the club has built. My host (Windows 7 Ultimate) connects to the VPN fine and is assigned an IP through DHCP, but for some reason the VM can't do the same thing, and I'm not sure why. It's like OpenVPN is filtering out packets from the MAC address it doesn't recognize. I want the virtual machine to bridge over the VPN connection, because our IT office has very strict policies about what you can and can't do on the network. I want to be able to run active attacks (ARP spoofing, nmap, Nessus scans) in the sandbox environment without risking the traffic accidentally going over the university network and getting my internet access revoked. Bridging over the VPN connection and running all attacks from inside the VM would solve that problem. Any idea why the host can use this interface, but the VM can't?

    Read the article

  • how do i upload virtual pc into a wesite using virtual server.

    - by ragu88
    dear friends, my school has given me a project on virtual pc and server. i am supposed to create a website with multiple virtual pcs in it.. students are supposed to go to the website and than to the virtual pc and do their lab experiments there... can i no how m i to do that and how do i upload a virtual pc into the website.. i m using ms virtual server 2005 r2.. Ragu

    Read the article

  • IIS SSL is taking all IPs although it is told not to

    - by Martin Sall
    I have a testing system where IIS Express on Windows 7 SSL website has to live together with Cerberus FTP server SSL website (Cerberus FTP has a built-in web server for HTTP uploads). I have set up Windows to use two IPs from my router 192.168.1.128 (for IIS SSL Web Site, using a self-generated SSL certificate for now) 192.168.1.129 (for Cerberus FTP built-in SSL Web Site) In IIS I have set web site binding to use only the IP 192.168.1.128. But still when I launch Cerberus, it says - cannot bind 192.168.1.129:443. I tested in Firefox - indeed, when I go to 192.168.1.129 (or even localhost), I do not get “Unable to connect“ page as expected, but “The connection was reset” instead. IIS is still occupying those IPs, although it is not serving the website on those IPs. When I stop the IIS website, Cerberus FTP Website launches without problems. But then I cannot launch IIS web site, it tells - "The process cannot access the file because it is being used by another process". Why is IIS SSL web site still occupying all IPs?

    Read the article

  • htaccess rewrite different folder url, two index files

    - by Andrew
    I've been searching for awhile now and haven't found anything that comes close to what I'm trying to accomplish. Right now my URL's look like this: www.website.com/something which are using the root folder /index.php Now I have created plugins within folders: /plugins/PLUGINNAME/index.php I want to be able to have URLs like: www.website.com/plugins/PLUGINNAME/anything/iwant/here which are all using /plugins/PLUGINNAME/index.php and not the root directory index.php. Currently www.website.com/plugins/PLUGINNAME/ works, but anything after /PLUGINNAME/xxx defaults to the /index.php.

    Read the article

  • Energy Firms Targetted for Sensitive Documents

    - by martin.abrahams
    Numerous multinational energy companies have been targeted by hackers who have been focusing on financial documents related to oil and gas field exploration, bidding contracts, and drilling rights, as well as proprietary industrial process documents, according to a new McAfee report. "It ... speaks to quite a sad state of our critical infrastructure security. These were not sophisticated attacks ... yet they were very successful in achieving their goals," said Dmitri Alperovitch, McAfee's vice president for threat research. Apparently, the attacks can be traced back over several years, creating a sustained security compromise that has provided access to highly sensitive information that is of huge financial value to competitors. The value of IRM as an additional layer of protection is clear. Whether your infrastructure security is in a sad state or is state of the art, breaches are always a possibility - and in any case, a lot of sensitive information is shared with third parties whose infrastructure security might not be as good as yours. IRM protects the individual information assets directly so that, even if infrastructure security is compromised, your critical information is enrypted and trackable and only accessible to authenticated, authorised, audited users. The full McAfee report is available here.

    Read the article

  • Web and email host migration - Limitations and suggestions to make the process as easy as possible.

    - by Jack Hickerson
    I developed a website for a friend of mine to replace his current 'all inclusive' provider (website creation, updating, web hosting, email hosting). I've already paid for a hosting service which currently houses the website which I have created. I need to cancel the previous service provider to get the domain migrated to the new host, however I will still need to transfer or recreate all of the email addresses that everyone in his company had previously. Is there an easy way migrate email accounts (still linked to the same domain) while migrating to a different host? Will any methods allow all users to retain their archived emails and folder structures? What is the process to do so. Because the current provider is a rather large website development and hosting company, I will have limited access to the data they have stored. As you can probably tell, my knowledge in this area is very limited - any/all suggestions you may have would be greatly appreciated. Thanks in advance. -Jack

    Read the article

  • Google affecting my SERP Rank?

    - by Asad Moeen
    The following are some of my website's details. Home-page: [thebluewaffles].[com] Keywords: Blue Waffles- Rest of the keywords are post/subject specific. Site Description: Health Articles Blog Site Age: 1.5 years A short history: When I started my website, the few things in my mind when posting content were at-least 500 words on each page and writing of all the articles with to the point information. I didn't go really fast with it which is why I only have about 15 articles in 1.5 years. The SEO strategy was more simple. I shared links through Social Marketing websites and some Article Sharing websites after which I could see my website's rankings in top 5 SERP results. I ranked good enough for about 8 months continuously but didn't keep updating content due to which there were some 3 rough months when no content was posted due to some personal work. The SERPS dropped to 2nd page in April and almost started disappearing in May. I asked a lot of people about it and most came up with the reason of "no updates to site" so I started updating my site again since the day, November has almost started and I see no signs of my website's ranking. Another important point is that when I post a new article, and do a title search in Google, I see it ranks good enough for the first 10 hours and then disappears. What could be wrong here?

    Read the article

  • Browser says "Waiting for www.xyz.com" for a very long time

    - by Phil
    When I load my website (hosted with Ipage). The browser often takes an incredible long time saying "Waiting for www.xyz.com ..." before any elements of the site actually appear. After this "Waiting for" process, the text, images and everything else actually load quite fast. I contacted my host with my tracert result and they said they optimized my website database and increased the memory available to PHP on my account to 64 Mb.They also said they have checked the issue by accessing my website and found that it is loading fine without any slowness. It seems to be a temporary issue. Please try to access your website with different browser and network. I tried different browsers and networks but this "Waiting for" process always takes too long. My website is http://www.surreyextra.com/ . It's Wordpress and BuddyPress. I'm in the UK while Ipage host is placed in the USA, can this potentially be a problem? I have tried a number of optimizations, like minifying my CSS and JS files and use catching but the problem hasn't improved. So is it my host's fault, should I contact them again?

    Read the article

  • IIS 7 - Application pools

    - by vikp
    I made a CompanySite website in IIS - it's the only website on that server. I created .NET 4 Integrated pool for that website. I've installed ASP.Net site into CompanySite and it works fine. Now I'd like to install an application within this site. I create another .NET 4 application pool for that application. Then I install application into CompanySite using that application pool. As soon as setup starts off the website goes offline either with 503 or with The page cannot be displayed because an internal server error has occurred. The only way to fix this (that I have found) is to uninstall that application and restart Windows Server, not just IIS server. Question is how can I install multiple applications within a single site? THank you

    Read the article

  • How to host many websites using same public IP address but different domains.

    - by Roberto Sebestyen
    I know how to configure one IIS instance to run many websites using the same public ip address, but different domain names (As long as I have control over the domains). But how can you configure many IIS servers running on different virtual machines in the same network, to host websites using the same public IP addres, but different domain names? Normailly in IIS under the website you can set the headers to which the website will respond to. but what if that website is on a different machine?

    Read the article

  • Search ranking for important keywords has gone down drastically [duplicate]

    - by Vaivhav
    This question already has an answer here: How to diagnose a search engine ranking drop? 5 answers Firstly, we are a small entrepreneurial team of 3 persons and I am more like an amateur webmaster of the company's website as we cannot really afford a technical guy/department right now. A few weeks earlier, our website traffic and rankings for most keywords decreased overnight. I did a lot of reading henceforth and learned about Penguin 2.1 which people said is the reason for the drop. Something like this had never happened before. Now, I have gone through the entire Google webmaster help section. It says there that if a manual penalty is taken against us, we would notice a message in Manual Actions page. So far, we haven't received any notice from Google for web spam. Some SEO guys I contacted said they found spam links in our backlink profile. I do believe I had mistakenly purchased a cheap link/SEO scheme when I was yet very new to SEO. This was more than a year back but since then we have been legitimate. Moreover, how do I find out which is a spam link and which is not? Our content is all original, refreshing and the best you will find in our niche. We also have a blog but on a different domain (wordpress.com) from where we send out anchored links to our business website. Is this a good thing to do? Now, how should we proceed and recover our traffic/rankings. I tried searching in webmasters for a way to reach google and ask them why the traffic has decreased suddenly, but I couldn't find a contact form or something. Can someone please go through our website and help in making things more clear regarding the reason for the drop, along with a solution. Will really appreciate this as I can't get to figure this out and its taking a lot of time. Vaivhav

    Read the article

  • Advantage of Software Development [on hold]

    - by user93319
    The worth of a brand that a corporation carries is way too high than its physical presence. If you are venturing into an online business, you need to take special care about the corporate image of your business. Nowadays, it is very important for every organization to have its own website. To enhance the online presence of a company it is important to have a good website design as well as the blueprint of the design. A quality site can enhance organizational growth and it can lend a hand an in achieving company’s goals promptly. When websites have gained so much meaning, it is advisable for an organization to seek professional support for the construction of its own exclusive portals. Expert help may again is essential when one needs for a complete renovation on the Web. Any group is necessary to do a bit of introspection before it make a decision to look for the services of a professional web software development company. It is good to be completely clear-headed regarding one’s requirements. To start with, a business should be familiar with who its potential clientele are. Once this main factor has been give consideration, an association can go ahead and get its website designed accordingly. On approaching a corporation that offers software development services India to its customers, a client can make sure that their site is ready with all the most up-to-date features. Professional Assistance Matters Professional service supplier is identified to furnish a site with easy to use features that prompt visitors to come back again and again. Yet one more benefit of receiving aid from professionals is that they can let you know of the type of content that you should place on display over your site. For example, a business that wants to draw the interest of experts belong to the corporate world must make sure that the language used on its website is crisp and official.

    Read the article

  • Issues using gmail with google apps and external domain

    - by Jonathan Kelly
    I have recently tried to use gmail through google apps as my main email client, but I'm experiencing a few different problems. I am managing the domain (conjunktiondesign.co.uk) through 123reg.co.uk but it is hosted through fasthosts.co.uk. I transfered the domain to 123reg as fasthosts did not allow me to change the MX records myself. I followed the setup instructions step by step on google apps and changed the MX records as they told me to. My email was now working perfectly but my website was down and I was getting the following error: The dnsserver returned: No DNS records I have a friend that is using the same system as me (ie. Externally hosted domain and google apps mail) and I changed my 123reg details to the same that he had (as his was working perfectly - both email and website). I changed my name servers to point to fasthosts, rather than 123reg and I added an A record called '@' pointing to fasthosts IP address. I also created another A record called 'www' pointing to fasthosts IP address. After I did this, my website worked almost immediately but I have only realised that since changing it my email is now down. I have not received anything since Saturday. I am a web designer and would consider myself fairly tech savvy, but I have no idea about A records, CNAME's and all the things I have been messing about with! What I ultimately need is someone to help me get my email and website working at the same time, rather than one being down when the other is OK. I seem only able to get one or the other working. I have now changed the name servers back to 123reg in an attempt to get my email back as it is more important than my website at this stage. Any help is much appreciated. Thanks.

    Read the article

  • How can I use domain masking without having self referral in Google Analytics

    - by Cdore
    I have one old domain that points to a website's server's ip (let's call it www.oldsite.com). I have a new one, www.newsite.com, that is set up to be forwarded to a specific page on the website. Due to the way the host of newsite.com places the website in a frame, in Google Analystics, the newsite.com is listed as a source rather than the source they were at before hand, causing a self referral. A solution is to edit the code of the iframe as I looked up, but there's no way to really edit the host's masking source code of course. Another solution I did previously was have www.newsite.com point to the address that www.oldsite.come pointed to. It solved the analytics problems, but in exchange, the url masking no longer worked. In the address bar, it came up as www.oldsite.com. Is there a way to make me have url masking and be able to forward to agree with google analytics? The server of the website is hosted on a cloud server, if this is anymore information.

    Read the article

  • iptables : how to correctly allow incoming and outgoing traffic for certain ports?

    - by Rubytastic
    Im trying to get incoming and outgoing traffic to be enabled on specific ports, because I block everything at the end of the iptables rules. INPUT and FORWARD reject. What would be the appropiate way to open certain ports for all traffic incoming and outgoing? From docs I found below but one has to really define both lines? iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT I try to open ports for xmpp service and some other deamons running on server. Rules: *filter # Allow all loopback (lo0) traffic and drop all traffic to 127/8 that doesn't use lo0 -A INPUT -i lo -j ACCEPT -A INPUT -d 127.0.0.0/8 -j REJECT # Accept all established inbound connections -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow all outbound traffic - you can modify this to only allow certain traffic -A OUTPUT -j ACCEPT # Allow HTTP # Prevent DDOS attacks (http://blog.bodhizazen.net/linux/prevent-dos-with-iptables/) # Disallow HTTPS -A INPUT -p tcp --dport 80 -m state --state NEW -m limit --limit 50/minute --limit-burst 200 -j ACCEPT -A INPUT -m state --state RELATED,ESTABLISHED -m limit --limit 50/second --limit-burst 50 -j ACCEPT -A INPUT -p tcp --dport 443 -j DROP # Allow SSH connections # The -dport number should be the same port number you set in sshd_config -A INPUT -p tcp -s <myip> --dport ssh -j ACCEPT -A INPUT -p tcp -s <myip> --dport 5984 -j ACCEPT -A INPUT -p tcp --dport ssh -j REJECT # Attempt to block portscans # Anyone who tried to portscan us is locked out for an entire day. -A INPUT -m recent --name portscan --rcheck --seconds 86400 -j DROP -A FORWARD -m recent --name portscan --rcheck --seconds 86400 -j DROP # Once the day has passed, remove them from the portscan list -A INPUT -m recent --name portscan --remove -A FORWARD -m recent --name portscan --remove # These rules add scanners to the portscan list, and log the attempt. -A INPUT -p tcp -m tcp --dport 139 -m recent --name portscan --set -j LOG --log-prefix "Portscan:" -A INPUT -p tcp -m tcp --dport 139 -m recent --name portscan --set -j DROP -A FORWARD -p tcp -m tcp --dport 139 -m recent --name portscan --set -j LOG --log-prefix "Portscan:" -A FORWARD -p tcp -m tcp --dport 139 -m recent --name portscan --set -j DROP # Stop smurf attacks -A INPUT -p icmp -m icmp --icmp-type address-mask-request -j DROP -A INPUT -p icmp -m icmp --icmp-type timestamp-request -j DROP -A INPUT -p icmp -m icmp -j DROP # Drop excessive RST packets to avoid smurf attacks -A INPUT -p tcp -m tcp --tcp-flags RST RST -m limit --limit 2/second --limit-burst 2 -j ACCEPT # Don't allow pings through -A INPUT -p icmp -m icmp --icmp-type 8 -j DROP # Log iptables denied calls -A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7 # Reject all other inbound - default deny unless explicitly allowed policy -A INPUT -j REJECT -A FORWARD -j REJECT COMMIT

    Read the article

  • Why we can change our IP address?

    - by iamstupid
    I across some websites that offer change of our IP addresses. It says, we can surf net anonymously, including changing our IP address and location. Most of the softwares are not free, so I have not try it out yet. But my question is, so, IP addresses will no longer be unique or valid for identify which computer were sending/request the information? I though only the ISP can determine our IP, so we can change our IP from some commercial softwares huh? Case: If I change my IP address, I go to a website which is supposed to be banned by my country, will the ISP let me pass the check and I will be able to browse the website which should be blocked? another question: From what I know, if we want to go to certain website, here is the flow: My Computer = ISP = Website = ISP = My computer I am not sure, if its the correct flow, but I am sure that, whichever website I want to visit, I need to go through my ISP, isnt it?. So if we change out IP, our ISP will record our new IP or the original(assigned-by-ISP) IP? Sorry for my bad English.

    Read the article

  • setting up a sub domain on windows hosting

    - by jason
    I'm trying to set up a sub domain for development on a windows server and am having problems setting the correct details in the httpd.ini file and hoped someone could help. I have set up the subdomain http://dev.website.com The files that I want to use for this subdomain are on the server in a folder called development http://www.website.com/development in the directory structure they are in /htdocs/development What do I need to add the the httpd.ini file to point the http://dev.website.com to the files located in the /htdocs/development folder on the server?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 170 171 172 173 174 175 176 177 178 179 180 181  | Next Page >