Search Results

Search found 1047 results on 42 pages for 'restrict'.

Page 23/42 | < Previous Page | 19 20 21 22 23 24 25 26 27 28 29 30  | Next Page >

• Barring connections if VPN is down.

  - by Majid

  I have a VPN account and use it for sensitive communication. However the VPN connection sometimes is dropped while my main connection to the internet is still alive. The pages I visit through VPN are on HTTP (not secure) and have javascript code which pings the host every minute or so on a timer. So it happens sometimes that the VPN connection is dropped and yet js sends a request to the server (with the cookies). How could I restrict connections so they only happen if the VPN is live? Edit - Some required details were missing OS: Windows XP SP2 Browser (mostly used): Google Chrome Firewall: Windows default Sites to filter: not all traffic but all in a list of sites like abc.com, xyz.com

  Read the article

• Apply Group Policy to Remote Desktop Services users but not when they log on to their local system

  - by Kevin Murray

  Running Windows Server 2008 Service Pack 2 with Remote Desktop Services role. I want to hide the servers drives using a GPO, but not the users local drives when they are logged on to their local system. Using a GPO, I went to "User Configuration - Policies - Administrative Template - Windows Components - Windows Explorer" and enabled "Hide these specified drives in My Computer" and "Prevent access to drives from My Computer" and in both used "Restrict all drives". Then under "Security Filtering" for the GPO, I restricted it to the system running Remote Desktop Services and the specific users who will be using RDS. I then applied the GPO to our domain and it worked a little too well. Not only was I successful in getting the GPO to work for RDS users, but it also affected those same users at their local systems as well. I've tried everything I can think of, but can't figure out how to apply this just to the RDS but not at their local system. What am I missing?

  Read the article

• Mikrotik queues and limiting total upstream bandwidth

  - by g18c

  With a Mikrotik router (form of embedded Linux) I have created simple queues per machine matched by source IP address. Each of the 4 machine queues has an unlimited burst 3Mbps/3Mbps for Tx/Rx. During speedtest.net on all 4 machines at the same time, each machine shows 3Mbps (and is limited correctly there), however the total bandwidth on the uplink goes to 12Mbps (i need to set this to 10Mbps max for the upstream). I want to restrict the actual traffic passing across the uplink port to 10Mbps regardless of what the other queues are doing (I need this catch all queue to have the final say on the uplink speed). For example I need: Scenario A Machine A transferring @ 3Mbps Machine B transferring @ 3Mbps Machine C transferring @ 3Mbps Machine D transferring @ 0Mbps Up-link speed = 9Mbps Scenario B Machine A trying to transfer @ 3Mbps Machine B trying to transfer @ 3Mbps Machine C trying to transfer @ 3Mbps Machine D trying to transfer @ 3Mbps Up-link speed = 10Mbps Actual transfer speed of machine A,B,C,D = 2.5Mbps This is to allow slight over subscription of bandwidth queues as not all will be transmitting at 3Mbps all the time. Is this possible and if so how would one go about doing this?

  Read the article

• php registration form - limit emails [closed]

  - by Daniel

  i want to restrict certain emails to my website. an example would be that i only want people with gmail accounts to register to my website. { /* Check if valid email address */ $regex = "^[_+a-z0-9-]+(\.[_+a-z0-9-]+)*" ."@[a-z0-9-]+(\.[a-z0-9-]{1,})*" ."\.([a-z]{2,}){1}$"; if(!eregi($regex,$subemail)){ $form->setError($field, "* Email invalid"); } $subemail = stripslashes($subemail); } this is what i have so far to check if its a valid email.

  Read the article

• How to fight off against a government's internet censorship?

  - by Fellknight

  I live in a country where the left-wing totalitarian regime that it's our government has begun the procedures (legal and physical) to restrict the internet access of it's citizens following the footsteps of China and Cuba. I believe that free access to information is a human right and should not be under any circumstances restricted or sanctioned, i don't want to live in country that does otherwise. Unfortunately leaving for good for the time being it's not an alternative. What I (and all the people that think like me) need to know is; if there are ways of bypassing the possible protections that will be implemented soon?, like the Chinese do . I'm afraid that even proxys might not suffice in the long term since our ISP will be implementing the regulation. Any information or explanation on this will be deeply appreciate it.

  Read the article

• Protect apache pages by URL

  - by Thomas

  Is it possible to allow access to specific URLs only to certain networks? Basically, I would like to restrict access to the admin area only to the local network This area's pages are prefixed by /admin Essentially, I would like all /admin/* to be forbidden from public access. Can apache handle such a case? Thanks UPDATE Using your suggestions I came up to <LocationMatch admin> Order allow,deny deny from all Allow From 192.168.11.0/255.255.255.0 </LocationMatch> However, I get 403 even though I am on the network. Additionally, if I put apache behind haproxy, is this going to work? Because the traffic will be coming from 127.0.0.1 to apache

  Read the article

• How can I change ACLs recursively using cacls.exe?

  - by maaartinus

  I want to restrict the access for everything inside the work directory to me and the system only. I tried this with the following command: cacls.exe work /t /p 'PIXLA09\Maaartin:f' 'NT AUTHORITY\SYSTEM':f However it doesn't work at all. The following command should show only the two specified users but instead shows a very long list of permissions: cacls.exe work/somedirectory I tried to use /g instead of /p, too. Since I didn't use /e the permissions shouldn't get edited but replaced. Any ideas what's wrong?

  Read the article

• Block a machine from accessing the internet

  - by Simon Rigby

  After some confirmation that I have thinking right in this scenario. We have a number of wired and wireless machines which presently have direct internet access. I also have a Linux (Ubuntu) server which is used as a file server for the network. Essentially I would like to be able to turn internet access on and off for machines. My plan is to block these machines by MAC address at the router. I would then set up a proxy server on the Linux box (ie Squid) so that the machines I wish to restrict can access the internet via the proxy. As I can adjust access via ACLs in squid, I would be able to switch on or off a machines access to the internet without having to further adjust the router's MAC rules. And of course I could go further and create a few scripts to assist with this admin task. Does this seem sound and have I over looked anything? Any help greatly appreciated. Simon.

  Read the article

• Server 2008 Active directory file sharing Restriction

  - by Usman

  My network scenario is: Two location connected each other through Wireless towers. 1st network ip address are 10.10.10.1 to 10.10.10.150 2nd network ip address are 10.10.10.200 to 10.10.10.254 Both location using their own ACTIVE DIRECTORY (MS SERVER 2008) and share their data with each other network through file sharing. My Problem is that every single client can explore the whole network. by simply typing \computername. i want to implement some restriction on network regarding file sharing. i want to restrict 1st Network Clients to open 2nd network Computer or server. Is there have any Group Policy or Folder permission scenario that i implement on my both network..

  Read the article

• How to limit access to Exchange 2003 Mobile Actviesync server by user?

  - by micilin

  So I was asked to set up an Exchange Activesync mobile gateway. That's done. It's a separat eExchange 2003 front-end server configured for SSL, and I've put an off-domain ISA server in front of it. Now I'm being asked to limit which users can connect to it. By default an Exchange front-end server allows any user who has a mail account to connect to the front -end server. So I'm looking at the permissions on the various IIS sites/apps on the server, but I know that it's easy to break Exchange Front-end server perms. So I've got the following in IIS: Exadmin Exchange EchWeb Microsoft-SErver-ActiveSync MobileAdmin OMA And a couple of others that I dont think are relevant. Can I change the permissions on one of these to restrict who can connect to Activesync? As a bonus: Can I do it in a way that does not affect ordinary browser based Exchange Access? Thanks in Advance!!

  Read the article

• Delegation Permissions to admins in Active Directory/Taskpads

  - by user1569537

  I am trying to provide taskpads to few admins to operate on few tasks delegated to them at OU level.I ran into the following problem; lets say i delegated access to the admin on OU X and which is ability to modify groups such as sample group X1 , he must be able to add any users from OU X to the group X1. The issue here is while testing i found out the admin can do the above but also can add a user Y1 from the OU Y(which he doesnt have delegated permissions) to the group X1.What am i missing? how to restrict admin from adding users out of OU to the groups he has modify access to? Please ask me if any more details/clarification required.

  Read the article

• controlling the bandwidth using tc

  - by Supratik

  Hi I have two NIC etho is connected to the internet and eth1 is connected to the LAN. I want to restrict the download limit using iptables and linux tc. So I wrote a test script to verify if it is working. My iptables configuration is as below. iptables -t mangle -N INBOUND iptables -t mangle -I PREROUTING -i eth0 -j INBOUND iptables -t mangle -A INBOUND -j MARK --set-mark 60 My ingress configuration is as below. tc qdisc add dev eth0 handle 1: ingress tc filter add dev eth0 parent 1: protocol ip prio 1 handle 60 fw police rate 100kbit burst 20kbit drop flowid :1 Can you please tell me what I am missing here ?

  Read the article

• virtualbox port forwarding - firewall config

  - by Roose

  i have a ubuntu host system with virtualbox running a windows server. In Virtualbox i have configured the network with a NAT interface and port forwarding for the RDP deamon running inside the vm. That works really well - i can connect to the windows rdp service over the internet. TCP *:3389 - *:3389 Now i like to restrict the access to the rdp service to only 3 public ip addresses and have no idea how to do that via iptables / shorewall. Something like: ACCEPT net:91.x.x.x fw tcp 3389 (shorewall rule) isn't working. Would be glad for any hint.

  Read the article

• Users will be kicked out of a network drive (DFS)

  - by user71563

  Hi, In early January 2011, we completely switched to Windows Server 2008 R2 and Windows 7. On our domain controller set up a DFS is that the users as "Z: drive" is displayed. The DFS was it in the same way during our time with Windows Server 2003 R2 and Windows XP. At the time it has always worked without problems. Since Windows 7, we have sometimes the case that when a user accesses to the Z drive, the Explorer will return to the workplace without a user can do. After two to three trials of the Explorer remains in the network drive and the users work. This phenomenon occurs irregularly and you can not restrict exactly why. In the event log at the time no obvious entries are logged. Does anyone know the problem or has had similar experiences? I am grateful for any help. Greetings, sY!v3Rs

  Read the article

• 'Singleton' application - or let the user only launch one instance of a program at the time

  - by Disco

  I'm running a few linux desktops; mainly for kids (yeah, trying to teach them the right OS at early stage) (running Ubuntu 10.10, Gnome) The problem is that they found very funny to make their workstations (actually, old 512 Mb pentium 4) by launching thousands of firefox instances. I'm looking for a way to restrict them to launch 'N' instances of a particular application. Haven't figured yet how. Thought of a monitoring daemon but I think that would be too ressources hungry. Any idea of a script/trick to achieve this ? Note: i might have 1-2 level of users (the kids, and the more grown up kids) so i have also to limit per user; something like user1: 3firefox, user2: 2firefox instances.

  Read the article

• How to disabled password authentication for specific users in SSHD

  - by Nick

  I have read several posts regarding restricting ALL users to Key authentication ONLY, however I want to force only a single user (svn) onto Key auth only, the rest can be key or password. I read How to disable password authentication for every users except several, however it seems the "match user" part of sshd_config is part of openssh-5.1. I am running CentOS 5.6 and only have OpenSSH 4.3. I have the following repos available at the moment. $ yum repolist Loaded plugins: fastestmirror repo id repo name status base CentOS-5 - Base enabled: 3,535 epel Extra Packages for Enterprise Linux 5 - x86_64 enabled: 6,510 extras CentOS-5 - Extras enabled: 299 ius IUS Community Packages for Enterprise Linux 5 - x86_64 enabled: 218 rpmforge RHEL 5 - RPMforge.net - dag enabled: 10,636 updates CentOS-5 - Updates enabled: 720 repolist: 21,918 I mainly use epel, rpmforge is used to the latest version (1.6) of subversion. Is there any way to achieve this with my current setup? I don't want to restrict the server to keys only because if I lose my key I lose my server ;-)

  Read the article

• How can I stop ntbackup requiring my new password every time I'm forced to change my Windows passwor

  - by Lunatik

  I have a scheduled job that runs each night using ntbackup which copies a folder on my HDD to a network share. The problem is that every time I'm required to change my Windows password I have to remember to change it in ntbackup aswell, otherwise the backup fails silently i.e. I get no warning that the backup isn't being done. Is there a way to schedule this job so it will automatically pick up my new Windows password, or somehow not be tied to my main login? My user account type is Debugger, not full Administrator, so I'm not sure if that would restrict me in any way, e.g. still forcing a four-weekly password change on a dedicated user account for this. The PC runs XP SP2 on a Windows Server 2003 R2 domain.

  Read the article

• Is there an image viewer which *won't* show every file in the current folder?

  - by hawbsl

  Looking for a Windows image viewer which can be started from the command line but which allows me to specify/restrict which files I want it to page through. As parameters. The good 'ol Windows Picture Viewer would be fine except that it'll show/cycle through all the pictures in the current folder. In my case I want to say something like: someimgvwr.exe "cat.jpg" "cow.jpg" "cub.jpg" so that only those three files will be displayed and not "pig.jpg" which might also happen to be there in the same folder. Actually, if it allowed something like this: someimgvwr.exe "c*.jpg" that would be even more perfect. Do any of the many image viewers that are out there allow such a thing?

  Read the article

• Home Directory Folders

  - by George

  I am looking for a way to acomplish the following: Currently users have home drives mapped via AD profile as follow: \\fileserver\users\username However if once a user was able to access \\fileserver\users and view everyones folder, but had no access to them. This is not ideal since we have people saving important stuff to on their drives. How can I restrict users permissions and views only to THEIR home drives? I also saw this solution, but not sure if it would apply to me: ================================================================================ Share level permissions - Everyone full permission and remove all others On the file/folder level set the following: Authenticated users special permissions on the root of the \\server\homeshare\ to Check the boxes next to the following: Traverse folder / execute file List Folder / read data Read attributes Read extended attributes / List item All other boxed leave unchecked and make sure you apply "This Folder Only" Domain Adminsfull rights and apply “this folder, subfolders, and files” This will block the users from accessing other user home directories. When you create the new user and set the home directory it will create the folder for you with the correct permissions.

  Read the article

• Restricting output to only allow localhost using iptables

  - by Dave Forgac

  I would like to restrict outbound traffic to only localhost using iptables. I already have a default DROP policy on OUTPUT and a rule REJECTing all traffic. I need to add a rule above that in the OUTPUT chain. I have seen a couple different examples for this type of rule, the most common being: -A OUTPUT -o lo -j ACCEPT and -A OUTPUT -o lo -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT Is there any reason to use the latter rather than the former? Can packets on lo have an address other than 127.0.0.1?

  Read the article

• Connecte RemoteApp to Exising Session

  - by Fowl

  Due to the slightly retardedness of an app I've got to run, I've got a server auto logging in on boot with the app on auto start. Remote desktop at my leisure to check on its status, etc. Gross, but it works. Now I've tried out RemoteApp which seems to work ok (ie. remotes the notification icon, balloons...) except for the fact that it creates a new session (and therefore instance of my app) - this confuses the heck out of app and it means that if I was using 'full' remote desktop I lose all my state. "Restrict each user to a single session" doesn't work. IIRC "Windows XP Mode" uses RemoteApp and it doesn't seem to have any trouble switching between modes. So how can I connect to a running app?

  Read the article

• Two virtual host one with Domain name one with internal ip#?

  - by Abhishek

  Is it possible to have two virtual host configurations for the same server - one with internal ip address and one with domain name? Something like <VirtualHost {{internal-ipaddress}}:80> ....... </VirtualHost> <VirtualHost {{domain-name}}:80> ....... </VirtualHost> Note that the internal IP address and the domain name belong to the same server or same server instance. I am asking this to restrict some URLs for external users, redirect to https all external access and allow everything for internal users(without https)..

  Read the article

• what are the vulnerabilities installing openvpn client on a customer's unattended server?

  - by senorsmile

  We run Pfsense as our primary firewall. We also have OpenVPN server running on that box to allow us to remotely connect to our network. My question is: if we have a customer's mostly unattended server that we want to access remotely, what security vulnerabilities are there to installing openvpn on the customer's server as a client connecting to our network. Presumably, we would want to limit/restrict that server's access to the rest of our network. How do we lock openvpn down and are there ways to detect abnormal activity coming from an openvpn client?

  Read the article

• Limit a process's relative (not absolute) processor consumption in Linux

  - by BobBanana

  What is the standard way in Linux to enforce a system policy to limit the relative CPU use of a single process? That is, on a quad-core machine, I never want a process to use more than 2 CPUs at once, even if the process creates more threads. I do not want an absolute time limit, just a relative limit so that one task cannot dominate the machine. This is also different than renice, which allows a process to use all the resources but just politely step aside if others need them too. ulimit is the usual resource limiting tool, but it does not allow such CPU restrictions.. it can limit the number of processes per user, or absolute CPU time, not restrict the maximum number of active threads of a single process. I've found a couple of user-level tools, like CPUlimit, but not a system level tool or setting. Does such a standard resource controller exist in Linux (Red Hat Enterprise, if it matters.) If there is such a limit imposed, how would a user identify it?

  Read the article

• iptables, allow access from certain MAC addresses

  - by user788171

  Presently, I limit which clients can access my server by using IP addresses via iptables, only approved IP addresses can connect. However, the problem with this is if a client is on a laptop and goes to a different location, they can no longer connect because the IP has changed. For a variety of reasons, iptables authentication is the only option I have. Is there a way to restrict access by device instead of ip address. For instance, only allow certain MAC address to connect to port 5000. Is it possible to do this via iptables? Note, the computers are not on the same network, they could be connecting from anywhere in the world.

  Read the article

< Previous Page | 19 20 21 22 23 24 25 26 27 28 29 30  | Next Page >