Search Results

Search found 32953 results on 1319 pages for 'access secret'.

Page 273/1319 | < Previous Page | 269 270 271 272 273 274 275 276 277 278 279 280  | Next Page >

• Git clone/push/pull - where's that username comes from?

  - by Kuroki Kaze

  I've set up gitosis and able to pull/push through ssh. Gitosis is installed on Debian Lenny server, I'm using git from windows machine (msysgit). The strange thing, if I enable loglevel = DEBUG in gitosis.conf, I see something like this when doing any actions with gitosis server: D:\Kaze\source\test-project>git pull origin master DEBUG:gitosis.serve.main:Got command "git-upload-pack 'test_project.git'" DEBUG:gitosis.access.haveAccess:Access check for '[email protected]' as 'writable' on 'test_project.git'... DEBUG:gitosis.access.haveAccess:Stripping .git suffix from 'test_project.git', new value 'test_project' DEBUG:gitosis.group.getMembership:found '[email protected]' in 'test' DEBUG:gitosis.access.haveAccess:Access ok for '[email protected]' as 'writable' on 'test_project' DEBUG:gitosis.access.haveAccess:Using prefix 'repositories' for 'test_project' DEBUG:gitosis.serve.main:Serving git-upload-pack 'repositories/test_project.git' From 192.168.175.128:test_project * branch master -> FETCH_HEAD Already up-to-date. Question is: why am I *[email protected]? This email is in global user.email config variable, too. Yesterday, when the gitosis was installed, it seen me as kaze@KAZE, this is the name under which I was added to gitosis-admin group (and it worked). But today git (or gitosis) started to see me as [email protected]. This is true for all repositories I push or clone. I had to add this address to gitosis.conf directly on server to be able to edit configs again (it worked). There is 2 public keys in keydir: [email protected] and [email protected], their content is identical and they have kaze@KAZE at end. Origin URL looks like git@lennyserver:test_project. Now, the question is - why Git (or gitosis) suddenly decided to call me by email instead of name@machinename? I've changed a couple things trying to set up Gitosis (updated git on server to 1.6.0 for example), but maybe I broke something in my local git installation?

  Read the article

• Bypass proxy authentication [closed]

  - by Diego Queiroz

  My scenario: My network has a proxy that requires interative authentication. When I access any URL, an username and password is requested to enable navigation. I do have a valid username/password (this means I have permissions to access external content). I do not have access to the proxy server (any change to the proxy server is not an option). What I need: I need to bypass the interative authentication process and make it an automated authentication process. What I do NOT need/want: I do not need/want to hack the network. I do not need/want to access unauthorized content. In other words, I just need to find a way to "save" my password in the computer (security is not a problem) to allow application that does not support this kind of interative authentication to access the internet (like non-browser software that also uses HTTP port). My guess: My guess is to develop a new proxy server that will run in the local machine (eg, a proxy for the network proxy). This proxy server will access my network proxy, authenticate and forward the content. Of course this is a last resort. I prefer to not need to develop a proxy server. Does someone know other solution? (any operating system)

  Read the article

• Enable FTP on OS X 10.8 Mountain Lion Server

  - by Oleg Trakhman

  There is a LAN comprising several mac machines (iMac, Mac Pro, macbook etc.), Airport Express router and Mac Mini Server running OS X Server 10.8 (Mountain Lion Server). I need to share a folder on Mac Mini Server by FTP. What did I try so far: Made special partition for FTP Access, call it "Reports" So shared folder would be "/Volumes/Reports" Gave access every user and group in system, and also enabled guest access. I checked posix acl, which is "rwxrwxrwx", I checked sharing settings in "Preferences.app" and "Server.app" Checked that users have access to FTP service Enabled FTP in Server.app I tried access to shared folder (by FTP): via Cyberduck via Finder via shell: ftp server.local And what I got: $ ftp [email protected] Trying 10.0.2.2... Connected to server.local. 220 10.0.2.2 FTP server (tnftpd 20100324+GSSAPI) ready. 331 User ftpuser accepted, provide password. Password: 530 User ftpuser may not use FTP. and $ ftp [email protected] Trying 10.0.2.2... Connected to server.local. 220 10.0.2.2 FTP server (tnftpd 20100324+GSSAPI) ready. 331 User admin accepted, provide password. Password: 530 User admin denied by SACL. ftp: Login failed ftp> (admin is administrator account , ftpuser is special user account made to access ftp) What I'm doing wrong? Getting really tired of this...

  Read the article

• Connecting to my home router web interface from work

  - by Joe

  Hi, I'm trying to connect to my home router web interface from work. I use dyndns, because I don't have a static IP at home, and it works perfectly from any other place except my workplace (update: I made a mistake, see edit below). When trying to access the web interface from work I get a "500 Server Error" with the code: SERVER_RESPONSE_RESET. I'm not trying to use any protocols such as remote desktop, I'm only trying to access the web interface. I can access any other web page from my workplace with no problems, and I think my router web interface is like any other web page, isn't it? I thought maybe my work place proxy blocks addresses of services like dyndns, so I also applied another trick. Since I have a web page on my own domain (say www.mydomain.com) which I can access from work, I tried adding a CNAME to my domain which is linked to the dyndns address (router.mydomain.com). This way if anyone enters the address router.mydomain.com from anywhere, they reach my home router web interface, and there's no way of knowing it's a dyndns address (or is there?). However, it still doesn't work from my workplace (I get the same error message). Any ides? Edit: I'm sorry to say I made a mistake earlier. I used to be able to access my home router web interface from my old workplace, and I thought it was still possible since I don't recall making any configuration changes. However, after reading the replies, I went over to my old workplace and checked, and it doesn't work from there either. I'm very sorry for giving out wrong and misleading information about my problem. So to summarize: my problem is that I can't access my home router web interface from anywhere.

  Read the article

• Port 22 is not responding

  - by Emanuele Feliziani

  I'm trying to make the jump to VPS from shared hosting for better performances and greater flexibility, but am stuck with the fact that I can't access the machine via ssh. First of all, the machine is a CentOS 6.3 cPanel x64 with WHM 11.38.0. Sshd is running (it appears in the current running processes). Making a port scan I see that port 22 is not responding. Port 21 is, but I am not able to access the machine via ftp (I think it's a security measure, but I don't know where to disable/enable it). So, I'm stuck in WHM and have no way to access the configuration of the machine, neither via ssh nor with ftp/sftp. When trying to connect with ssh via Terminal I only get this: ssh: connect to host xx.xx.xxx.xxx port 22: Operation timed out I also tried to access with the hostname instead of the IP address and it's the same. There seem to be no firewall in WHM and I have whitelisted my home IP address to access ssh, though there were no restrictions in the first place. I have been wandering through all the settings and options in WHM for several hours now, but can't seem to find anything. Does anybody have a clue as to where I should start investigating? Update: Thanks everyone. It was in fact a matter of firewall. There was a firewall not controlled by the WHM software. I managed to crack into the console from the vps control panel (a terrible, terrible java app that barely took my keyboard input) and disabled the firewall altogether running service iptables stop so that I was able to access the console via ssh with the terminal. Now I will have to set up the firewall again because the command I ran looks like having completely wiped the iptables. Can you recommend any newby-friendly resource where I can learn how to go about this and what should I block? Or should I just go with something like this: http://configserver.com/cp/csf.html ? Thanks again to everyone who helped me out.

  Read the article

• Should I expect ICMP transit traffic to show up when using debug ip packet with a mask on a Cisco IOS router?

  - by David Bullock

  So I am trying to trace an ICMP conversation between 192.168.100.230/32 an EZVPN interface (Virtual-Access 3) and 192.168.100.20 on BVI4. # sh ip access-lists 199 10 permit icmp 192.168.100.0 0.0.0.255 host 192.168.100.20 20 permit icmp host 192.168.100.20 192.168.100.0 0.0.0.255 # sh debug Generic IP: IP packet debugging is on for access list 199 # sh ip route | incl 192.168.100 192.168.100.0/24 is variably subnetted, 2 subnets, 2 masks C 192.168.100.0/24 is directly connected, BVI4 S 192.168.100.230/32 [1/0] via x.x.x.x, Virtual-Access3 # sh log | inc Buff Buffer logging: level debugging, 2145 messages logged, xml disabled, Log Buffer (16384 bytes): OK, so from my EZVPN client with IP address 192.168.100.230, I ping 192.168.100.20. I know the packet reaches the router across the VPN tunnel, because: policy exists on zp vpn-to-in Zone-pair: vpn-to-in Service-policy inspect : acl-based-policy Class-map: desired-traffic (match-all) Match: access-group name my-acl Inspect Number of Half-open Sessions = 1 Half-open Sessions Session 84DB9D60 (192.168.100.230:8)=>(192.168.100.20:0) icmp SIS_OPENING Created 00:00:05, Last heard 00:00:00 ECHO request Bytes sent (initiator:responder) [64:0] Class-map: class-default (match-any) Match: any Drop 176 packets, 12961 bytes But I get no debug log, and the debugging ACL hasn't matched: # sh log | inc IP: # # sh ip access-lists 198 Extended IP access list 198 10 permit icmp 192.168.100.0 0.0.0.255 host 192.168.100.20 20 permit icmp host 192.168.100.20 192.168.100.0 0.0.0.255 Am I going crazy, or should I not expect to see this debug log? Thanks!

  Read the article

• Issues with Apache redirect to www-prefixed URL

  - by lamp_scaler

  I have a website with domain mysite.com. I would like to have it so that if a user types in "mysite.com" it will redirect to "www.mysite.com". Additionally, "mysite.com/subdir" will also redirect to "www.mysite.com/subdir". I've looked and made changes with vhosts and also rewrites, but it's not working for the "mysite.com/subdir"-"www.mysite.com/subdir" case. Every time I type in "mysite.com/subdir", it will redirect to "www.mysite.com". Only "www.mysite.com/subdir" works. Not sure how to troubleshoot this. I turned on rewrite logs and didn't see anything obvious, yet. This is my config files so far. Please let me know what I'm missing. Thanks! FYI: I'm using CentOS 5.4, nginx 1.2.0 on top of Apache 2.2.3. The site itself is built with CodeIgniter framework. http.conf: ServerTokens Prod ServerRoot "/etc/httpd" PidFile run/httpd.pid Timeout 120 KeepAlive Off MaxKeepAliveRequests 100 KeepAliveTimeout 15 <IfModule prefork.c> StartServers 8 MinSpareServers 5 MaxSpareServers 10 ServerLimit 256 MaxClients 60 MaxRequestsPerChild 10000 #StartServers 8 #MinSpareServers 5 #MaxSpareServers 20 #ServerLimit 256 #MaxClients 256 #MaxRequestsPerChild 4000 </IfModule> <IfModule worker.c> StartServers 2 MaxClients 150 MinSpareThreads 25 MaxSpareThreads 75 ThreadsPerChild 25 MaxRequestsPerChild 0 </IfModule> Listen 69 LoadModule auth_basic_module modules/mod_auth_basic.so LoadModule auth_digest_module modules/mod_auth_digest.so LoadModule authn_file_module modules/mod_authn_file.so LoadModule authn_alias_module modules/mod_authn_alias.so LoadModule authn_anon_module modules/mod_authn_anon.so LoadModule authn_dbm_module modules/mod_authn_dbm.so LoadModule authn_default_module modules/mod_authn_default.so LoadModule authz_host_module modules/mod_authz_host.so LoadModule authz_user_module modules/mod_authz_user.so LoadModule authz_owner_module modules/mod_authz_owner.so LoadModule authz_groupfile_module modules/mod_authz_groupfile.so LoadModule authz_dbm_module modules/mod_authz_dbm.so LoadModule authz_default_module modules/mod_authz_default.so LoadModule ldap_module modules/mod_ldap.so LoadModule authnz_ldap_module modules/mod_authnz_ldap.so LoadModule log_config_module modules/mod_log_config.so LoadModule logio_module modules/mod_logio.so LoadModule env_module modules/mod_env.so LoadModule ext_filter_module modules/mod_ext_filter.so LoadModule mime_magic_module modules/mod_mime_magic.so LoadModule expires_module modules/mod_expires.so LoadModule deflate_module modules/mod_deflate.so LoadModule headers_module modules/mod_headers.so LoadModule usertrack_module modules/mod_usertrack.so LoadModule setenvif_module modules/mod_setenvif.so LoadModule mime_module modules/mod_mime.so LoadModule dav_module modules/mod_dav.so LoadModule autoindex_module modules/mod_autoindex.so LoadModule dav_fs_module modules/mod_dav_fs.so LoadModule vhost_alias_module modules/mod_vhost_alias.so LoadModule negotiation_module modules/mod_negotiation.so LoadModule dir_module modules/mod_dir.so LoadModule actions_module modules/mod_actions.so LoadModule speling_module modules/mod_speling.so LoadModule alias_module modules/mod_alias.so LoadModule rewrite_module modules/mod_rewrite.so LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_balancer_module modules/mod_proxy_balancer.so LoadModule proxy_ftp_module modules/mod_proxy_ftp.so LoadModule proxy_http_module modules/mod_proxy_http.so LoadModule proxy_connect_module modules/mod_proxy_connect.so LoadModule cache_module modules/mod_cache.so LoadModule suexec_module modules/mod_suexec.so LoadModule disk_cache_module modules/mod_disk_cache.so LoadModule file_cache_module modules/mod_file_cache.so LoadModule mem_cache_module modules/mod_mem_cache.so LoadModule cgi_module modules/mod_cgi.so LoadModule version_module modules/mod_version.so #rpaf settings LoadModule rpaf_module modules/mod_rpaf-2.0.so RPAFenable On RPAFproxy_ips 127.0.0.1 RPAFsethostname On # The header where the real client IP address is stored. RPAFheader X-Forwarded-For Include conf.d/*.conf User apache Group apache ServerAdmin root@localhost ServerName www.mysite.com:80 UseCanonicalName Off DocumentRoot "/var/www/html" <Directory /> Options FollowSymLinks AllowOverride All </Directory> <Directory "/var/www/html"> Options Indexes FollowSymLinks AllowOverride All Order allow,deny Allow from all </Directory> <IfModule mod_userdir.c> UserDir disable </IfModule> DirectoryIndex index.html index.html.var AccessFileName .htaccess <Files ~ "^\.ht"> Order allow,deny Deny from all </Files> <DirectoryMatch "^/.*/\.svn/"> Order deny,allow Deny from all </DirectoryMatch> TypesConfig /etc/mime.types DefaultType text/plain <IfModule mod_mime_magic.c> MIMEMagicFile conf/magic </IfModule> HostnameLookups Off ErrorLog logs/error_log LogLevel warn LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%h %l %u %t \"%r\" %>s %b" common LogFormat "%{Referer}i -> %U" referer LogFormat "%{User-agent}i" agent CustomLog logs/access_log combined ServerSignature Off Alias /icons/ "/var/www/icons/" <Directory "/var/www/icons"> Options Indexes MultiViews AllowOverride None Order allow,deny Allow from all </Directory> <IfModule mod_dav_fs.c> DAVLockDB /var/lib/dav/lockdb </IfModule> ScriptAlias /cgi-bin/ "/var/www/cgi-bin/" <Directory "/var/www/cgi-bin"> AllowOverride None Options None Order allow,deny Allow from all </Directory> IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip AddIconByType (TXT,/icons/text.gif) text/* AddIconByType (IMG,/icons/image2.gif) image/* AddIconByType (SND,/icons/sound2.gif) audio/* AddIconByType (VID,/icons/movie.gif) video/* AddIcon /icons/binary.gif .bin .exe AddIcon /icons/binhex.gif .hqx AddIcon /icons/tar.gif .tar AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip AddIcon /icons/a.gif .ps .ai .eps AddIcon /icons/layout.gif .html .shtml .htm .pdf AddIcon /icons/text.gif .txt AddIcon /icons/c.gif .c AddIcon /icons/p.gif .pl .py AddIcon /icons/f.gif .for AddIcon /icons/dvi.gif .dvi AddIcon /icons/uuencoded.gif .uu AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl AddIcon /icons/tex.gif .tex AddIcon /icons/bomb.gif core AddIcon /icons/back.gif .. AddIcon /icons/hand.right.gif README AddIcon /icons/folder.gif ^^DIRECTORY^^ AddIcon /icons/blank.gif ^^BLANKICON^^ DefaultIcon /icons/unknown.gif #AddDescription "GZIP compressed document" .gz #AddDescription "tar archive" .tar #AddDescription "GZIP compressed tar archive" .tgz ReadmeName README.html HeaderName HEADER.html IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t AddLanguage ca .ca AddLanguage cs .cz .cs AddLanguage da .dk AddLanguage de .de AddLanguage el .el AddLanguage en .en AddLanguage eo .eo AddLanguage es .es AddLanguage et .et AddLanguage fr .fr AddLanguage he .he AddLanguage hr .hr AddLanguage it .it AddLanguage ja .ja AddLanguage ko .ko AddLanguage ltz .ltz AddLanguage nl .nl AddLanguage nn .nn AddLanguage no .no AddLanguage pl .po AddLanguage pt .pt AddLanguage pt-BR .pt-br AddLanguage ru .ru AddLanguage sv .sv AddLanguage zh-CN .zh-cn AddLanguage zh-TW .zh-tw LanguagePriority en zh-CN zh-TW ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv ForceLanguagePriority Prefer Fallback AddDefaultCharset UTF-8 AddType text/x-component .htc AddType application/x-compress .Z AddType application/x-gzip .gz .tgz AddHandler type-map var AddType text/html .shtml AddOutputFilter INCLUDES .shtml Alias /error/ "/var/www/error/" <IfModule mod_negotiation.c> <IfModule mod_include.c> <Directory "/var/www/error"> AllowOverride None Options IncludesNoExec AddOutputFilter Includes html AddHandler type-map var Order allow,deny Allow from all LanguagePriority en es de fr ForceLanguagePriority Prefer Fallback </Directory> </IfModule> </IfModule> BrowserMatch "Mozilla/2" nokeepalive BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0 BrowserMatch "RealPlayer 4\.0" force-response-1.0 BrowserMatch "Java/1\.0" force-response-1.0 BrowserMatch "JDK/1\.0" force-response-1.0 BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully BrowserMatch "MS FrontPage" redirect-carefully BrowserMatch "^WebDrive" redirect-carefully BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully BrowserMatch "^gnome-vfs/1.0" redirect-carefully BrowserMatch "^XML Spy" redirect-carefully BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully vhost.conf: NameVirtualHost *:69 <VirtualHost *:69> ServerName mysite.com ServerAlias vip.mysite.com Redirect / http://www.mysite.com/ </VirtualHost> <VirtualHost *:69> DocumentRoot /home/mysite/mysite/www ServerName www.mysite.com </VirtualHost> <VirtualHost *:69> DocumentRoot /home/mysite/mysite/www/assets ServerName static.mysite.com </VirtualHost> <VirtualHost *:69> DocumentRoot /home/mysite/admin/www ServerName admin.mysite.com </VirtualHost> <VirtualHost *:69> DocumentRoot /home/other/trunk/www ServerName othersite.com ServerAlias www.othersite.com </VirtualHost> <VirtualHost *:69> DocumentRoot /var/www/html ServerName test.mysite.com ServerAlias test2.mysite.com </VirtualHost> /home/mysite/mysite/www/.htaccess: RewriteEngine on # In my case all CI files are outside this web root, so we can # allow any files or directories that exist to be displayed directly RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d # hide index.php RewriteRule .* index.php/$0 [L] # BEGIN Compress text files <ifModule mod_deflate.c> <filesMatch "\.(css|js|x?html?|php)$"> SetOutputFilter DEFLATE </filesMatch> </ifModule> # END Compress text files # BEGIN Expire headers <ifModule mod_expires.c> ExpiresActive On ExpiresDefault "access plus 1 seconds" ExpiresByType image/x-icon "access plus 2592000 seconds" ExpiresByType image/jpeg "access plus 2592000 seconds" ExpiresByType image/png "access plus 2592000 seconds" ExpiresByType image/gif "access plus 2592000 seconds" ExpiresByType application/x-shockwave-flash "access plus 2592000 seconds" ExpiresByType text/css "access plus 604800 seconds" ExpiresByType text/javascript "access plus 604800 seconds" ExpiresByType application/javascript "access plus 604800 seconds" ExpiresByType application/x-javascript "access plus 604800 seconds" ExpiresByType application/xhtml+xml "access plus 600 seconds" </ifModule> # END Expire headers # BEGIN Cache-Control Headers <ifModule mod_headers.c> <filesMatch "\.(ico|jpe?g|png|gif|swf)$"> Header set Cache-Control "max-age=2592000, public" </filesMatch> <filesMatch "\.(css)$"> Header set Cache-Control "max-age=604800, public" </filesMatch> <filesMatch "\.(js)$"> Header set Cache-Control "max-age=604800, private" </filesMatch> </ifModule> # END Cache-Control Headers # BEGIN Turn ETags Off <ifModule mod_headers.c> Header unset ETag </ifModule> FileETag None # END Turn ETags Off /etc/nginx/conf.d/default.conf: server { listen 80; server_name static.mysite.com; location / { root /home/mysite/mysite/www/assets; index index.html index.htm; expires max; } } server { listen 80; server_name *.mysite.com www.mysite.com vip.mysite.com; #Set this larger if uploading big files client_max_body_size 5m; location / { proxy_pass http://127.0.0.1:69; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 90; #client_max_body_size 10m; client_body_buffer_size 128k; proxy_buffer_size 4k; proxy_buffers 4 32k; } }

  Read the article

• VPN into multiple LAN Subnets

  - by Rain

  I need to figure out a way to allow access to two LAN subnets on a SonicWall NSA 220 through the built-in SonicWall GlobalVPN server. I've Googled and tried everything I can think of, but nothing has worked. The SonicWall NSA management web interface is also very unorganized; I'm probably missing something simple/obvious. There are two networks, called Network A and Network B for simplicity, with two different subnets. A SonicWall NSA 220 is the router/firewall/DHCP Server for Network A, which is plugged into the X2 port. Some other router is the router/firewall/DHCP server for Network B. Both of these networks need to be managed through a VPN connection. I setup the X3 interface on the SonicWall to have a static IP in the Network B subnet and plugged it in. Network A and Network B should not be able to access each other, which appears the be the default configuration. I then configured and enabled VPN. The SonicWall currently has the X1 interface setup with a subnet of 192.168.1.0/24 with a DHCP Server enabled, although it is not plugged in. When I VPN into the SonicWall, I get an IP address supplied by the DHCP Server on the X1 interface and I can access Network A remotely although I do not have access to Network B. How can I allow access to both Network A and Network B to VPN clients although keep devices on Network B from accessing Network A and vice-versa. Is there some way to create a VPN-only subnet (something like 10.100.0.0/24) on the SonicWall that can access Network A and Network B without changing the current network configuration or allowing devices on both netorks "see" each other? How would I go about setting this up? Diagram of the network: (Hopefully this kind of helps) WAN1 WAN2 | | [ SonicWall NSA 220 ]-(X3)-----------------[ Router 2 ] | | (X2) 192.168.2.0/24 10.1.1.0/24 Any help would be greatly appriciated!

  Read the article

• Random "not accessible" "you might not have permission to use this network resource"

  - by Jim Fred

  A couple of computers, both Win7-64 can connect to shares on a NAS server, at least most of the time. At random intervals, these Win7-64 computers cannot access some shares but can access others on the same NAS. When access is denied, a dialog box appears saying "\\myServer\MyShare02 not accessible...you might not have permission to use this network resource..." Other shares, say \\myServer\MyShare01, ARE accessible from the affected computers and yet other computers CAN access the affected shares. Reboots of the affected computers seem to allow the affected computer to connect to the affected shares - but then, getting a cup of coffee seems to help too. When the problem appears, the network seems to be ok e.g. the affected computers can access other shares on the affected server and can ping etc. Also Other computers can access the affected shares. The NAS server is a NetGear ReadyNas Pro. The problem might be on the NAS side such as a resource limitation but since only 2 Win7-64 PCs seem to be affected the most, the problem could be on the PC side - I'm not sure yet. I of course searched for solutions and found several tips addressing initial connection problems (use correct workgroup name, use IP address instead of server name, remove security restrictions etc) but none of those remedies address the random nature of this problem.

  Read the article

• Is it ok to share private key file between multiple computers/services?

  - by Behrang

  So we all know how to use public key/private keys using SSH, etc. But what's the best way to use/reuse them? Should I keep them in a safe place forever? I mean, I needed a pair of keys for accessing GitHub. I created a pair from scratch and used that for some time to access GitHub. Then I formatted my HDD and lost that pair. Big deal, I created a new pair and configured GitHub to use my new pair. Or is it something that I don't want to lose? I also needed a pair of public key/private keys to access our company systems. Our admin asked me for my public key and I generated a new pair and gave it to him. Is it generally better to create a new pair for access to different systems or is it better to have one pair and reuse it to access different systems? Similarly, is it better to create two different pairs and use one to access our companies systems from home and the other one to access the systems from work, or is it better to just have one pair and use it from both places?

  Read the article

• Why can't I browse my D: drive, even if I'm in the Administrators group?

  - by Nic Waller

  My fileserver running Windows Server 2008 has two logical drives; the C: drive contains all of the system and application data, and the D: drive contains all of the business data. There are several shares on the top level of the D: drive that are working fine. However... When logged into the fileserver interactively via Remote Desktop, only the Domain Administrator and local Administrator accounts can browse the D: drive. I set up an account called "Maintenance" and added it to the local Administrators group, but when logged in with this user, I can't browse into the D: drive. The D: drive has the following permissions ACL: Full Access - SYSTEM Full Access - MACHINE\Administrators It won't even let me view the ACL for the E: drive. So I tried taking ownership of the E: drive, then I can read the ACL, and "Effective Permissions" says that I have full access. But I still get this error message. Location is not available D:\ is not accessible. Access is denied. Here's a screenshot proving that I get access denied even when I have Full Access. http://www.getdropbox.com/gallery/2319942/1/errors?h=2bd644

  Read the article

• Network problems that might be related to NAT

  - by nenne

  Hello, I have an odd setup where there is a router(Router 2) routing between network network 1 and network 2. One router(Router 1) with nat for internet access that routes between internet and network 1. There are people in both of these networks. All the clients in network 1 can access the internet, the clients in network 2 can access the clients in network 1 and can also access the router 1. Router 1 can also access clients in network 2. However, the clients in network 2 cannot reach the internet. I cannot think about anything in the routing tables that would hinder this, since Router 1 can reach the clients in network 2 and vice versa. Can it be that nat starts the session between router 2 and the internet site/machine instead of the client and the internet machine? Does anyone have any ideas? I have very little control over router 2(its basicly an ISP vpn net service) but full access to router 1. Its an ubuntu 10.04 with iptables for nat/firewall setup.

  Read the article

• How do I fix a permissions problem with MS Distributed File System?

  - by charlesrandall

  I have a computer that is new, Windows 7, that is supposed to have access to particular network resources on a Distributed File System. However, despite all permissions being set correctly, I have consistent trouble accessing them. For instance, I'm supposed to be able to reach \company.org\main\subdir. All the permissions have been granted, only when I try to access it by name, it tells me I don't have permission to access \main. This is where the fun starts. If I ping company.org, get the IP, replace company.org by the IP, I can then access \IP\main\subdir without any problems at all. However we have a ton of scripts and build tools that access the network resource by name. My sysadmin has found that using MS's dfsutil.exe, we can fix it temporary using this sequence of commands: C:\dfsutil.exe /pktinfo C:\dfsutil.exe /PktFlush C:\dfsutil.exe /SpcFlush C:\dfsutil.exe /PurgeMupCache C:\dfsutil.exe /pktinfo After that, everything is great... until I reboot, or until some unspecified time later where suddenly I don't have access to \main\ anymore. Hoping to find a more permanent solution than waiting for it to break and running a batch file.

  Read the article

• Safely transfer files from pc with internet connection to lan without allowing any other form of communication

  - by Hugh Quenneville

  In the company that I work there are computers that are connected to the Internet and computers that are connected to a Local Area Network. The LAN is considered a "safe zone" and the files that reside there should never be copied/moved to a computer that has Internet Access. So, now, if we want to download an installer for an application for example, we download it in a pc that has Internet Access and then move it using a "secure USB stick" to the Local Area Network. Is there a way to create an "safe, one-way connection" between a computer with Internet access and a computer from the LAN? This practically means that only files from the computer with the Internet access can be copied/moved to the LAN. In addition to that, if you want to transfer files you would have to provide your security credentials for the network (so, that only users with the appropriate access levels will be able to transfer files). Is it possible to create something like that and make it completely safe (or at least "equally safe" with the USB method that we currently use) or the fact that the computer with Internet access is connected with a wire to the LAN is a security risk by itself? NOTE: the LAN setup involves 2 Windows 2003 servers with Active Directory, Web servers and pretty much all the services that you would expect to find in a Windows network.

  Read the article

• Wireless connection silently dies randomly

  - by Force Flow

  I have two WAP4410N wireless access points powered using Power-Over-Ethernet. They are both connected to the same LAN and broadcasting the same SSID with a WPA2 password. One is using channel 1, while the other is using channel 11. There is coverage overlap where the signal from both access points hover around -75db to -85db while standing in the same physical location. DHCP is disabled, and is being provided by another network device. Every day or so, devices can connect and authenticate to the access points, but are not granted an IP address (and subsequently are unable access to the LAN or Internet). For devices that had already retrieved an IP address prior to the issue exhibiting itself, the devices simply stop communicating with LAN and Internet. However, I can still access each access point's web admin interface from the LAN. If I reboot both devices, the problem vanishes and devices are once again able to get an IP address and connect to the LAN and Internet. Are these symptoms of signal interference between the two WAPs or is this a completely different issue?

  Read the article

• Best practice ACLs to prepare for auditors?

  - by Nic

  An auditor will be visiting our office soon, and they will require read-only access to our data. I have already created a domain user account and placed them into a group called "Auditors". We have a single fileserver (Windows Server 2008) with about ten shared folders. All of the shares are set up to allow full access to authenticated users, and access restrictions are implemented with NTFS ACL's. Most folders allow full access to the "Domain Users" group, but the auditor won't need to make any changes. It takes several hours to update NTFS ACL's since we have about one million files. Here are the options that I am currently considering. Create a "staff" group to assign read/write instead of "Domain Users" at the share level Create a "staff" group to assign read/write instead of "Domain Users" at the NTFS level Deny access to the "Auditors" group at the share level Deny access to the "Auditors" group at the NTFS level Accept the status quo and trust the auditor. I will probably need to configure similar users in the future, as some of our contractors require a domain account but shouldn't be able to modify our client data. Is there a best practice for this?

  Read the article

• facebook connect api "Cannot use string offset as an array in" error

  - by Rees

  Please help! I have been grappling with this error for days and I cannot for the life of me figure it out. I am using facebook connect and fetching a "contact_email" attribute using their api method users_getInfo. The issue is that when I execute this PHP file, i get this error: "Cannot use string offset as an array in...". This error specifically refers to this line of code: $firstName=$user_details[0]['contact_email']; I'm thinking this is because the user_getInfo method is not returning any results... However, the most ridiculous part about all this is that, I can execute the code below several dozens of times in a row SUCCESSFULLY without the above error, BUT THEN randomly without changing ANY code at all, I will suddenly encounter this error, in which case it will begin to give me an error several dozens of times, and then AGAIN without any code change, start executing successfully again. This odd behavior occurs regardless of the attribute i am fetching.. (contact_email, first_name, last_name, etc.). I am running php 5.2.11. Is there something I'm missing?? Please Help! include_once 'site/fbconnect/config.php'; //has $api_key and $secret defined. include_once 'site/facebook-platform/client/facebook.php'; global $api_key,$secret; $fb=new Facebook($api_key,$secret); $fb-require_login(); $fb_user=$fb-get_loggedin_user(); $user_details=$fb-api_client-users_getInfo($fb_user,array('last_name','first_name','contact_email')); $email=$user_details[0]['contact_email']; $firstName=$user_details[0]['first_name']; $lastName=$user_details[0]['last_name'];

  Read the article

• How to set up RPX widget and facebook app to be able to authenticate with rpx_now?

  - by Andrei

  Using the sample app for rpx_now gem ( http://github.com/grosser/rpx_now_example) on localhost:3000, I have successfully logged in via Google Accounts, myOpenID, Yahoo, but cannot make it via Facebook. In the RPX app/widget settings I have set my facebook-app key and secret. In my facebook app settings, the Connect URL is myappname.rpxnow.com. But when I try to connect, then I don't even see a facebook login page, just a number of redirects and I am back to my localhost with the following exception http://gist.github.com/386520 . Before I was successfully connecting with oauth2 gem, however, without fetching user data - only authentication. That time I set only key/secret and localhost as my Connect URL. Currently, I don't even ask for email etc., but still the same problem. Can it happen because rpx_now cannot get requested user data from facebook? Or it is a problem of facebook key/secret? May be I need to provide more settings of my facebook app? RPXNow::ApiError in UsersController#create Got error: Invalid parameter: token (code: 1), HTTP status: 200 RAILS_ROOT: /home/Andrei/rpx_now_example Application Trace | Framework Trace | Full Trace /usr/lib/ruby/gems/1.8/gems/rpx_now-0.6.20/lib/rpx_now/api.rb:71:in `parse_response' /usr/lib/ruby/gems/1.8/gems/rpx_now-0.6.20/lib/rpx_now/api.rb:21:in `call' /usr/lib/ruby/gems/1.8/gems/rpx_now-0.6.20/lib/rpx_now.rb:23:in `user_data' /home/Andrei/rpx_now_example/app/controllers/users_controller.rb:16:in `create' Request Parameters: None Show session dump Response Headers: {"Content-Type"="", "Cache-Control"="no-cache"}

  Read the article

• CoreData : store images to DB or not?

  - by Meko

  Hi.I am making an app that it takes photos from web site for some Username and shows it on UITable with username then when clicking user name it shows photos for this user and then clicking to name of photo it shows full screen photo. My question is I am using NSData to get photos from internet.Am I have to save also those data to CoreDAta? I am using like when pressing name of user it again creates NSData and downloads photos from internet and shows them on UTable. And it takes time. What is good approach? and How can save this images to CoreDAta? I am using this method NSData *imageData=[flickr dataForPhotoID:firstPhoto.id fromFarm:firstPhoto.farm onServer:firstPhoto.server withSecret:firstPhoto.secret inFormat: FlickrFetcherPhotoFormatSquare]; and here definition of dataForPtohoID method - (NSData *)dataForPhotoID:(NSString *)photoID fromFarm:(NSString *)farm onServer:(NSString *)server withSecret:(NSString *)secret inFormat:(FlickrFetcherPhotoFormat)format { #if TEST_HIGH_NETWORK_LATENCY sleep(1); #endif NSString *formatString; switch (format) { case FlickrFetcherPhotoFormatSquare: formatString = @"s"; break; case FlickrFetcherPhotoFormatLarge: formatString = @"b"; break; } NSString *photoURLString = [NSString stringWithFormat:@"http://farm%@.static.flickr.com/%@/%@_%@_%@.jpg", farm, server, photoID, secret, formatString]; NSURL *url = [NSURL URLWithString:photoURLString]; return [NSData dataWithContentsOfURL:url]; }

  Read the article

• If attacker has original data and encrypted data, can they determine the passphrase?

  - by Brad Cupit

  If an attacker has several distinct items (for example: e-mail addresses) and knows the encrypted value of each item, can the attacker more easily determine the secret passphrase used to encrypt those items? Meaning, can they determine the passphrase without resorting to brute force? This question may sound strange, so let me provide a use-case: User signs up to a site with their e-mail address Server sends that e-mail address a confirmation URL (for example: https://my.app.com/confirmEmailAddress/bill%40yahoo.com) Attacker can guess the confirmation URL and therefore can sign up with someone else's e-mail address, and 'confirm' it without ever having to sign in to that person's e-mail account and see the confirmation URL. This is a problem. Instead of sending the e-mail address plain text in the URL, we'll send it encrypted by a secret passphrase. (I know the attacker could still intercept the e-mail sent by the server, since e-mail are plain text, but bear with me here.) If an attacker then signs up with multiple free e-mail accounts and sees multiple URLs, each with the corresponding encrypted e-mail address, could the attacker more easily determine the passphrase used for encryption? Alternative Solution I could instead send a random number or one-way hash of their e-mail address (plus random salt). This eliminates storing the secret passphrase, but it means I need to store that random number/hash in the database. The original approach above does not require storage in the database. I'm leaning towards the the one-way-hash-stored-in-the-db, but I still would like to know the answer: does having multiple unencrypted e-mail addresses and their encrypted counterparts make it easier to determine the passphrase used?

  Read the article

• How can I get the mapi system stub dll to pass extended mapi calls to my dll?

  - by Bogatyr

  For various reasons (questioning the reasons is not helpful to me), I'd like to implement my own extended mapi dll for windows xp. I have a skeleton dll now, just a few entrypoints exist for testing, but the system mapi stub (c:\windows\system32\mapi32.dll, I've checked that it's identical to mapistub.dll) will not pass through calls to my dll, while it happily passes the same calls through to MS Outlook's msmapi32.dll, (MAPIInitialize, MAPILoginEx are two such calls). There's some secret handshake between the stub and the extended mapi dll wherein the stub checks that "yup, it's an extended mapi dll": maybe it's the presence of some additional entrypoints I haven't implemented yet, maybe it's the return value from some function, I don't know. I've tried tracing a sample app I wrote that calls MAPIInitialize with STraceNT and ProcessMonitor but that didn't show anything obvious. Tracing has shown that indeed the stub loads my dll, but then finds the secret sauce is missing apparently, and returns an error code instead of calling my dll's function. What more could be needed for calling MAPIInitialize than the presence of MAPIInitialize in my dll's exports table? GetProcAddress says it's there. What I'd like to know is how to minimally extend my skeleton extended mapi dll so that the stub mapi dll will pass through extended mapi calls to my dll. What's the secret sauce? I'd rather not spend a painful week in msvc reverse engineering the stub behavior.

  Read the article

• If attacker has original data, and encrypted data, can they determine the passphrase?

  - by Brad Cupit

  If an attacker has several distinct items (for example: e-mail addresses) and knows the encrypted value of each item, can the attacker more easily determine the secret passphrase used to encrypt those items? Meaning, can they determine the passphrase without resorting to brute force? This question may sound strange, so let me provide a use-case: User signs up to a site with their e-mail address Server sends that e-mail address a confirmation URL (for example: https://my.app.com/confirmEmailAddress/bill%40yahoo.com) Attacker can guess the confirmation URL and therefore can sign up with someone else's e-mail address, and 'confirm' it without ever having to sign in to that person's e-mail account and see the confirmation URL. This is a problem. Instead of sending the e-mail address plain text in the URL, we'll send it encrypted by a secret passphrase. (I know the attacker could still intercept the e-mail sent by the server, since e-mail are plain text, but bear with me here.) If an attacker then signs up with multiple free e-mail accounts and sees multiple URLs, each with the corresponding encrypted e-mail address, could the attacker more easily determine the passphrase used for encryption? Alternative Solution I could instead send a random number or one-way hash of their e-mail address (plus random salt). This eliminates storing the secret passphrase, but it means I need to store that random number/hash in the database. The original approach above does not require this extra table. I'm leaning towards the the one-way hash + extra table solution, but I still would like to know the answer: does having multiple unencrypted e-mail addresses and their encrypted counterparts make it easier to determine the passphrase used?

  Read the article

• JSON Returning Null in PHP

  - by kira423

  Here is the two scripts I have Script 1: if(sha1($json+$secret) == $_POST['signature']) { $conversion_id = md5(($obj['amount'])); echo "OK"; echo $conversion_id; mysql_query("INSERT INTO completed (`id`,`uid`,`completedid`) VALUES ('','".$obj['uid']."','".$conversion_id."')"); } else { } ?> Script 2: <? $json = $_POST['payload']; $secret = "78f12668216b562a79d46b170dc59f695070e532"; $obj = json_decode($json); if(sha1($json+$secret) == $_POST['signature']) { print "OK"; } else { } ?> The problem here is that it is returning all NULL values. I am not an expert with JSON so I have no idea what is going on here. I really have no way of testing it because the information is coming from an outside website sending information such as this: { payload: { uid: "900af657a65e", amount: 50, adjusted_amount: 25 }, signature: "4dd0f5da77ecaf88628967bbd91d9506" } The site allows me to test the script, but because json_decode is providing NULL values it will not get through the signature block. Is there a way I can test it myself? Or is there a simple error in this script that I may have just looked over?

  Read the article

• EDIT: I need to generate a string of 7 chars that is based on the id of the row.

  - by Totty

  EDIT: I need to generate a string of 7 chars that is based on the id of the row. So knowing the id of the image and a secret key, i should get the generated string. the string must contain chars from "a" to "z" and numbers from 0 to 9. I have a dir that contains photos like this dir/p3/i2/s21/thumb.jpg the generated string is p3i2s21, then is used to calculate the path of the image. EDIT: currently im using the id of the image: id = 55 then i modify and i get path = 000000055 then path = "000/000/055" then path = "000/000/055/thumb.jpg" ready to use! now i want something more clever because is easy to track down all the images from a server, because ids are sequencial: 1, 2, 3, 4, 5, 6... so i must think of creating from 55 a string that is 7 char length and will not overlap with other numbers. I can even transform the 55 to 0000055 and from this convert to a 7 char length string using a secret string. then when i got the secret string and the id i want to get back that 7 char length string. Is this possible? i was thinking about hases but they only uses 0-9 and a-e and are more chars.. :s

  Read the article

• paperclip private files

  - by Dmitriy Likhten

  Is there a way to make paperclip attachments private? As in only where I explicitly want a user to be able to access a file, can the user access the file. Obviously the file can't be in a public directory, but how do I get paperclip to check the user's access rights when trying to access that file to begin with?

  Read the article

< Previous Page | 269 270 271 272 273 274 275 276 277 278 279 280  | Next Page >