Search Results

Search found 3844 results on 154 pages for 'firewall bypass'.

Page 23/154 | < Previous Page | 19 20 21 22 23 24 25 26 27 28 29 30  | Next Page >

  • Network wide rule to forwared IP address

    - by Patrick
    Hi, we have a virtual machine which hosts a web based bug tracker in our network which is reached internally via e.g. 192.168.1.5:9800. From the outside we made a port forwarding in our firewall so that the web site can be reached via e.g. 72.10.10.10:9800. Now that works fine but the problem is that we got different IP addresses to reach the same service depending if we are in the office or at home and when the service sends out an email the link doesn't always work :) So we are looking for a solution to fix it. One could be to make a rule in out firewall that all communication to 72.10.10.10:9800 is forwarded to 192.168.1.5:9800... If that's possible that is considering it's an IP address + a port. The reason we used a port is because we only got one static public IP address but multiple virtual web appliances. Thanks for any suggestions or solutions :) Patrick PS: The network is a Win 2008 R2 domain by the way

    Read the article

  • Securing a Windows Server 2008 R2 Public Web Server

    - by Denny Ferrassoli
    I'm setting up a public web server: Windows Server 2008 R2, IIS7.5. Does anyone have a tutorial / walkthrough / tips on properly securing a public web server? I've seen a few tutorials but mostly focused on Windows Server 2003. What I've done so far: Created a specific user account for the website / app pool, Renamed Admin account, Installed FTPS, Configured firewall to block any non-public service (web / https), Configured firewall to allow access to management interfaces only from specific IP addresses (rdp, IIS management, ftp) Maybe a few other things but can't remember at the moment... ICMP is allowed... Should I disable all except ping? Port scan reveals only web and https ports. Any other suggestions? Thanks

    Read the article

  • why can't I open a port on Win 7? is it the app's fault?

    - by rjnagle
    I am having problems opening a port from one Windows PC on my local network. On Windows 7 computer ("Computer A") I running Calibre, an ebook management program that has something called an "ebook content server" . In essence, it serves via the web a content catalog. From Computer A, I can access the content server on localhost. ie. http://127.0.0.1:8787 calls up the content server successfully. With ipconfig I have confirmed that its local IP address is 192.168.1.106 From Computer B (a Vista Machine) I can ping 192.168.1.106 I have tried opening/editing a port in the Windows Firewall several times. In Windows firewall -- Allowed Programs in Control Panel, I see a listing for Calibre (with both Home/Work and PUblic checked) In details, I see Name: Calibre, Port Number 8787, Protocol TCP If I use the Advanced Security configuration screen for the firewall, I created an Inbound Rule on Computer A for Calibre (with the settings I indicated). If I run this command line on Computer A, I see: netstat -a -n TCP 0.0.0.0:554 0.0.0.0:0 LISTENING TCP 0.0.0.0:664 0.0.0.0:0 LISTENING TCP 0.0.0.0:2869 0.0.0.0:0 LISTENING TCP 0.0.0.0:3306 0.0.0.0:0 LISTENING TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING TCP 0.0.0.0:6570 0.0.0.0:0 LISTENING TCP 0.0.0.0:6580 0.0.0.0:0 LISTENING TCP 0.0.0.0:8787 0.0.0.0:0 LISTENING TCP 0.0.0.0:10243 0.0.0.0:0 LISTENING TCP 192.168.1.106:63020 74.125.227.51:80 TIME_WAIT TCP [::]:80 [::]:0 LISTENING TCP [::]:135 [::]:0 LISTENING TCP [::]:443 [::]:0 LISTENING TCP [::]:445 [::]:0 LISTENING TCP [::]:554 [::]:0 LISTENING TCP [::]:2869 [::]:0 LISTENING TCP [::]:5357 [::]:0 LISTENING TCP [::]:6570 [::]:0 LISTENING TCP [::]:6580 [::]:0 LISTENING TCP [::]:10243 [::]:0 LISTENING TCP [::]:49152 [::]:0 LISTENING TCP [::]:49153 [::]:0 LISTENING TCP [::]:49154 [::]:0 LISTENING TCP [::]:49155 [::]:0 LISTENING TCP [::]:49170 [::]:0 LISTENING And lots of other junk, but this seems relevant, I see port 80 is open (I run xampp apache web server for windows on Machine A) This is the only time I see port 8787 referenced from the netstat commmand. From Windows Computer B, I can, ping 192.168.1.106 and even view http://drupal.local (on Computer A) and http://192.168.1.106/ (which goes to the Xampp config screen on Computer A). But I cannot access via Computer B htttp://192.168.1.106:8787 or htttp://computerhosta:8787 So what is going wrong? Is this a problem with the Calibre application or have I incorrectly opened the port? What things could possibly interfere with the opening of this port? On a sidenote, I have tried using telnet from Computer B to see if port 80 or 8787 is open for 192.168.1.106. I get no reply for either one. Thanks.

    Read the article

  • MikroTik ipv6 Tunnel

    - by MikeSmitty
    I've got a MikroTik router set up with the latest stable OS on it, and I just set up an ipv6 tunnel with Hurricane Electric, but I'm having an odd issue with it. I can't ping anything until I first ping the tunnel endpoint on HE's side. After that I can ping any ipv6 address fine, but give it a little time (say, maybe 30 sec) and I can't ping any ipv6 addresses again. Whenever it stops allowing ping to go through I notice the counter on my firewall rule that drops invalid connections goes up. this is my ipv6 firewall config: add action=accept chain=input comment="" connection-state=established \ disabled=no in-interface=sit1 add action=accept chain=input comment="" connection-state=related disabled=no \ in-interface=sit1 add action=accept chain=input comment="" disabled=no in-interface=bridge \ src-address=ipv6_address_here/64 add action=drop chain=input comment="" connection-state=invalid disabled=no \ in-interface=sit1 add action=drop chain=input comment="" disabled=no in-interface=sit1 Any ideas on what it could be?

    Read the article

  • securing server to server http post

    - by ad-inf
    Website is developed on JSF, Servlet, using apache web server. In my website, I accept data submission from few restricted websites using HTTP POST method. We exchange some secure key to ensure that correct source is sending data. But is there any way to ensure that the data is submitted from specific domain / IP address only? In application level I can check request.header('Referer') , but some proxy or firewall might hide the referer. Can this configuration done on firewall or webserver level to authenticate server to server communication? Eg. Say my website is a payment gateway website, integrated with www.abc.com. I want only abc.com to submit data. So a user using abc.com should be able to submit data to my website only through abc.com, and not any other website.

    Read the article

  • Restrict access to ESXi

    - by kdl
    What is the best option to restrict access to ESXi machine so that it could be managed using VSphere client from only certain hosts? I know there is no built-in firewall and everyone recommends placing an ESXi machine behind a firewall, but when this is not an option... Is there any other option like using hosts.allow/deny or anything else? Or I better use ESX instead of ESXi? Edit: In the given circumstances, I am not able to add any additional hardware or use things like managed switches.

    Read the article

  • Can i have a Asterisk IP PBX Server Behind ISA 2000

    - by garyb32234234
    Hello Is it a simple procedure to configure ISA Server 2000 to allow an Asterisk IPPBX connect to SIP provider. On asterisk forums they say the ISA has difficulties handling SIP, softphones that i have installed behind the firewall work fine with the provider when the firewall client is installed on the workstation. With asterisk being a linux based system this will not be an option. Is the config a matter setting up port forwarding, is this a more complicated task on ISA server than just selecting the ports i need and then the ip of the internal machine i want to forward them to? UPDATE: I dont think this is possible from what ive researched Regards Gary

    Read the article

  • SMTP port open - but not open

    - by Frederik Nielsen
    As some of you might know, I am setting up an exchange server. Now I ran into another problem: I cannot connect to the SMTP service from outside the server! The ports are opened in the gateway device (a ZyXEL USG50), Windows firewall is off. I see the packets travekl through the ZyXEL firewall, and I can also see the packets with wireshark on the server, so I know they are getting all the way in to the server. I also know it receives them, and sends out the reply - and this is where things go bad! Analyzing with wireshark, I get these errors in the return packets: Header checksum: 0x0000 [incorrect, should be 0x0779 (may be caused by "IP checksum offload"?)] And: Acknowledgment Number: 0x8e3337d1 [should be 0x00000000 because ACK flag is not set] What the (sorry my French) hell is going on? I really cant figure it out.. Thanks in advance.

    Read the article

  • Web browsing over SSH

    - by Alex Marshall
    Hello, I have something of a difficult situation : our company has a webserver in a remote data center that's, at the moment, only accessible by SSH and the firewall is not easily modifiable because the techs at the data center are unreliable and unreachable lately (not my choice of data center, and switching is not an option at the moment). Are there any browsers or plugins out there that will let me browse over an SSH connection ? I can browse with links and lynx on the SSH command line, but that doesn't give me access to various functionality I need, and it's too hard to find things in the web application running on a Tomcat server on the box that I need access to. Does anybody have any suggestions ? We're already working on getting direct access to the web application by having the firewall opened up, but I need something better in the mean time.

    Read the article

  • Telnet works from desktop but not Server

    - by Joe Estes
    Sending mail via smtp.gmail.com is failing on my server. I looked on some forums and people were saying to make sure you can telnet to the smtp address first. When I telnet from my server i input this and get this error: [root@localhost ~]# telnet smtp.gmail.com 465 telnet: smtp.gmail.com: Temporary failure in name resolution smtp.gmail.com: Host name lookup failure From my OS X desktop I do the same and get this: Macintosh-3:~ joe$ telnet smtp.gmail.com 465 Trying 74.125.127.109... Connected to gmail-smtp-msa.l.google.com. I'm running a fedora core 9 server with a firestarter firewall. I have turned off the firewall and the same error persists. I'm also using port forwarding from my router to this server. I have allowed forwarding for port 465 on my router as well. Can someone please help. Thanks, Joe

    Read the article

  • How should I set up my Hyper-V server and network topology?

    - by Daniel Waechter
    This is my first time setting up either Hyper-V or Windows 2008, so please bear with me. I am setting up a pretty decent server running Windows Server 2008 R2 to be a remote (colocated) Hyper-V host. It will be hosting Linux and Windows VMs, initially for developers to use but eventually also to do some web hosting and other tasks. Currently I have two VMs, one Windows and one Ubuntu Linux, running pretty well, and I plan to clone them for future use. Right now I'm considering the best ways to configure developer and administrator access to the server once it is moved into the colocation facility, and I'm seeking advice on that. My thought is to set up a VPN for access to certain features of the VMs on the server, but I have a few different options for going about this: Connect the server to an existing hardware firewall (an old-ish Netscreen 5-GT) that can create a VPN and map external IPs to the VMs, which will have their own IPs exposed through the virtual interface. One problem with this choice is that I'm the only one trained on the Netscreen, and its interface is a bit baroque, so others may have difficulty maintaining it. Advantage is that I already know how to do it, and I know it will do what I need. Connect the server directly to the network and configure the Windows 2008 firewall to restrict access to the VMs and set up a VPN. I haven't done this before, so it will have a learning curve, but I'm willing to learn if this option is better long-term than the Netscreen. Another advantage is that I won't have to train anyone on the Netscreen interface. Still, I'm not certain if the capabilities of the Windows software firewall as far as creating VPNs, setting up rules for external access to certain ports on the IPs of Hyper-V servers, etc. Will it be sufficient for my needs and easy enough to set up / maintain? Anything else? What are the limitations of my approaches? What are the best practices / what has worked well for you? Remember that I need to set up developer access as well as consumer access to some services. Is a VPN even the right choice?

    Read the article

  • Protecting Windows SMTP service against the spam

    - by MainMa
    Hi, I'm trying to use a Windows SMTP service on Windows Server 2008, but I can't understand how to secure it. Basically, if I open firewall for local network IPs only for %windir%\system32\inetsrv\inetinfo.exe and keep Connection and Relay settings of SMTP Virtual Server to "All except the list below" (with an empty list), a few minutes later I see spam appearing in Queue directory. (Why? Isn't firewall intended to block this?) Now, if I set Connection or Relay to "Only the list below", specifying the range of local IPs, I can't use the SMTP server nevermore (a "Unable to read data from the transport connection: net_io_connectionclosed." exception is thrown). So what is the way to get rid of spam from internet but let send mails from local network?

    Read the article

  • Is there a way to determine which service does an outgoing connection?

    - by fluxtendu
    I'm redoing my firewall configuration with more restrictive policies and I would like to determine the provenance (and/or destination) of some outgoing connections. I have an issue because they come from svchost.exe and go to web content/application delivery providers - or similar: 5 IP in range: 82.96.58.0 - 82.96.58.255 --> Akamai Technologies akamaitechnologies.com 3 IP in range: 93.150.110.0 - 93.158.111.255 --> Akamai Technologies akamaitechnologies.com 2 IP in range: 87.248.194.0 - 87.248.223.255 --> LLNW Europe 2 llnw.net 205.234.175.175 --> CacheNetworks, Inc. cachefly.net 188.121.36.239 --> Go Daddy Netherlands B.V. secureserver.net So is it possible to know which service does a particular connection? Or what's your recommendation about the rules applied to these ones? (Comodo Firewall & Windows 7)

    Read the article

  • Unix domain socket firewall

    - by lagab
    Hello, everyone. I've got a problem with my debian server. Probably there is some vulnerable script at my web-serser, which is running from www-data user. I also have samba with winbind installed, and samba is joined to windows domain. So, probably this vulnerable script allows hacker to bruteforce out domain controller through winbind unix domain socket. Actually I have lots of such lines at netstat -a output: unix 3 [ ] STREAM CONNECTED 509027 /var/run/samba/winbindd_privileged/pipe And our DC logs contain lots of recorded authentication attems from root or guest accounts. How can I restrict my apaches access to winbind? I had an idea to use some kind of firewall for IPC sockets. Is it possible?

    Read the article

  • LAN speeds and firewall/switch connections

    - by microchasm
    I have a small network with about ten users. All workstations flow into a Dell PowerConnect 3424 which then has a single link to a SonicWALL firewall and from there to a cable modem. More important than internet connectivity is speed between machines (specifically a Windows Server box on the LAN which everyone uses simultaneously). I believe the 3424 has gigabit connections, but they look like they're for stacking. Is there a way to test the speeds on the LAN to see where the speeds are at? Is there any low-hanging fruit insofar as increasing speeds?

    Read the article

  • i am not able to connect to the application hosted on port 80

    - by shiva
    I am trying to access an application that is hosted on port 80. When i try the url from my personal computer , the site is not reachable but the same url on the server( which hosts the application) i am able to access the site. When i disable the firewall then i am able to access the site from my pc. So there is some rule which is blocking this port. How do i determine what windows firewall rule is blocking this port. I have disables IIS as well. Kindly point me in the right direction

    Read the article

  • connect to ssh server thru 80 via HTTP proxy?

    - by im_chc
    Hi, Please help: I want to connect to my ssh server at home However, I'm behind a corporate (CORP) firewall, which blocks almost all ports (443, 22, 23 etc). But it seems that 80 is not blocked, coz I am able to surf the web after I login (i.e. IE sets to CORP's proxy server, and start IE - displayed CORP intranet portal - type in google.com - dialog pops up for userid + pwd - login successful, and surf without restrictions) My ssh server listens at 443. My question is: Is there a way to connect from a computer behind the CORP firewall to the ssh server thru the 80 port, with the ssh server still listening on port 443? Changing the ssh server to listen to port 80 is not an option, coz my home ISP blocks 80. Can I use a public proxy which listens at 80? After some research on google I found that there is something called "connect to SSH thru an HTTP proxy" using the Cockscrew software. Is it useful? Or is there some other way to solve the problem?

    Read the article

  • monitor just what's going on -on a firewall

    - by bbutle01
    I have this little snapgear firewall. It's a little purpose built box running a custom linux, SH4 processor @240 Mhz, 64MB of ram. Basically how close we are to capacity is a mystery to me. I know I can run top and see the status of all the processes, but how can I see just how much of the processor is going to passing data... and how to estimate when I'm going to need to upgrade, and by tweaking iptables rules, how does that help/hurt the processor. suggestions?

    Read the article

  • ASA firewalls: how does stateful filtering affect my access lists?

    - by Nate
    Ok, so assume that I have an ingress access list that looks like this: access-list outside_in extended ip permit any X.Y.Z.1 eq 25 access-group outside_in in interface outside And I want to do egress filtering. I want to allow inside machines to respond on port 80, and I want to allow ports over 1024. Given that the firewall is statefull, do I need to have the rule access-list inside_in extended ip permit X.Y.Z.1 any eq 25 in my inside_in ACL, or can I get away with just access-list inside_in extended ip permit any any gt 1024 access-group inside_in in interface inside In other words, if I apply an egress access list, do I have to explicitly allow machines to respond to requests allowed by the ingress access list, or does the statefullness of the firewall handle that for me? Thanks!

    Read the article

  • Why is rsync.exe [cwRsync] trying to open a port when in client mode?

    - by hemancuso
    I'm trying to use a cygwin compiled version of rsync [the cwrsync package] on Windows and in seemingly whatever configuration I test in there is a request to the user presented by Windows Firewall to allow inbound traffic. If you deny this request, everything works fine - as expected. I'm doing a vanilla push rsync.exe localpath user@remotepath:/absolutepath and it works just fine. I've also attempted this command having deleted ssh from the path and using rsync on local paths - still a firewall prompt. Why is this listen() happening and is there a way I can force the client to not attempt to listen without recompiling and maintaing a patch?

    Read the article

  • Finding spoofed IP address on network

    - by Jared
    I have a few IP spoof dropped messages coming out of my Sonicwall firewall, we'll call them Source A and Source B. Both of these sources have the same mac address indicating they're coming from the layer 3 switch behind my firewall. Source A has an ip within a valid subnet on my network and it shows up in the ARP table of my layer 3 switch. I was able to trace the exact location and fix the issue. Source B's ip however, is not within valid subnet on my network and it's not showing up in my layer 3 switches arp table. Any idea how I can trace the location of this device within my network? Thanks in advance.

    Read the article

  • Windows Server 2008 constantly spamming external IP's on outbound TCP port 445

    - by RSXAdmin
    Hi Server Fault, I have a Windows Server 2008 box running as a Domain Controller. I have noticed in my Cisco ASA firewall logs that this box is continuously sending out (like a thousand requests a second) requests on TCP port 445 to external hosts. I have made an effort to deny this outbound traffic from getting on the internet (using the ASA), however I would like these requests to stop from even occurring at all. I have tried disabling TCP/IP over NetBIOS. I have even turned on Windows Advanced Firewall on the box itself to block outbound 445 but the ASA still detects this particular traffic hitting it. I have other DC's and similar type boxes which are not behaving the same way as this box. Is this normal? Is there a way to stop this spamming? Have I been infected? Thank you universe.

    Read the article

  • Amazon EC2 firewall rules & VPN connections

    - by John
    I'm moving from Rackspace to Amazon EC2. One thing I like about our Rackspace setup is that it is extremely secure. The MySQL box can only be accessed via internal IPs, and we have a Cisco VPN firewall that allows us to dial in remotely and access port 3306 as though we were on the internal network. I'd like to figure out how to replicate this setup with EC2. How can I make the MySQL box so that port 3306 can only be accessed on the internal network? What about the VPN piece of things? I know Amazon has the VPC service, but it seems like that's for the purpose of connecting to an existing network. I don't have an existing network. I want to essentially create one inside Amazon and connect to that. What are my options? Any good tutorials on how to get started? Thanks in advance for your help

    Read the article

  • Windows Filtering Platform not turning off until admin logon. Win2008R2sp1

    - by rjt
    Just installed Windows Server 2008R2 SP1 to see if it would fix this problem, but it didn't. Until an administrator logs onto the domain controller, there are many events that WFP blocked a connection from Server60 to Server60 or Server60 to Server70. Both server60 and server70 are the domain controllers. One the admin logs on, the WFP events stop. The firewall is off by default GPO. Yes, i know that the WFP kicks in during the boot up sequence until the firewall takes over or in my case does not take over (since Vista), but i clearly should not have to autologon to a domain controller and call autolock or something. Example event LEVEL = Information Source = Microsoft Windows Security Auditing EventID = 5152 "Filtering Platform Packet Drop" and its evil twin id = 5157 "Filtering Platform Connection" "The Windows Filtering platform has blocked a connection." Direction %%14593 SourceAddress 192.168.10.60 SourcePort 49677 DestAddress 192.168.10.60 DestPort 389 Protocol 6 FilterRTID 65667 LayerName %%14611 LayerRTID 48 RemoteUserID S-1-0-0 RemoteMachineID S-1-0-0 windows-server-2008-r2 WFP BFE WindowsFilteringPlatform BaseFilteringEngine

    Read the article

  • Windows Server 2008 R2 - Can't connect RDP over the Internet

    - by Jonathan DeMarks
    I have two networks: Domain and Public, Domain is a VPN connection and Public is the local connection to the network. This is not a domain controller or a DNS/DHCP server. I can connect via RDP from the local network (192.168.1.), from the VPN network (10.1.2.), and from the VPN network over the internet. I cannot connect from the internet (anywhere besides where the server is VPN'd) Wireshark indicates that the server is getting packets, and the audit log is indicating that the packets are being dropped. Advanced Firewall has explicit options to allow RDP, and has no deny policies. I have also tried turning Firewall off completely to no avail. I'm really lost on this one.

    Read the article

< Previous Page | 19 20 21 22 23 24 25 26 27 28 29 30  | Next Page >