Search Results

Search found 17054 results on 683 pages for 'jms request reply'.

Page 276/683 | < Previous Page | 272 273 274 275 276 277 278 279 280 281 282 283 | Next Page >

TLS_REQCERT and PHP with LDAPS

- by John

Problem: Secure LDAP queries via command-line and PHP to an AD domain controller with a self-signed certificate. Background: I am working on a project where I need to enable LDAP look-ups from a PHP web application to a MS AD domain controller that is using a self-signed certificate. This self-signed certificate is also using a domain name that is not a FQDN - think of something like people.campus as the domain name. The web application would take the user's credentials and pass them on to the AD domain controller to verify if the credntials are a match or not. This seems simple, but I am having problems trying to get PHP and the self-signed certificate to work. Some people have suggested that I changed the TLS_REQCERT variable from "request" to "never" within the OpenLDAP configuration. I am concerned that this might have larger implications such as a man-in-the-middle attack and I am not comfortable changing this setting to never. I have also read some places online where one can take a certificate and place it as a trusted source within the openldap configuration file. I am curious if that is something that I could do for the situation that I have? Can I, from the command line, obtain the self-signed certificate that the AD domain controller is using, save it to a file, and then have openldap use that file for the trust that it needs so that I do not need to adjust the variable from request to never? I do not have access to the AD domain controller and as a result cannot export the certificate. If there is a way to obtain the certificate from the command line, what commands do I need to use? Is there an alternate method of handling this issue that would be better in the long run? I have some CentOS servers and some Ubuntu servers that I am working with to try and get this going on. Thanks in advance for your help and ideas.

Read the article
timeout with apache & php w/ each virtual host has his own user process

- by acemtp

I have 10 unix users in /home/. Each user is for a specific subdomain for example user www in /home/www/public_html is for www.mywebsite. blog in /home/blog/public_html is for blog.mywebsite. 90% is php and 10% ror for the moment i use apache + fastcgi that use SuexecUserGroup to setup the process with the good user. it seems to works but i have a strange behavior where after a few hours/days, the server stop answering (timeout) but the cpu load is still very low (it's a big server), the apache status display lot of "W" Sending Reply states but there's still 50 idle workers so it should be able to answer. in the older server (lot of slower) we add only one user and using mod_php and we never had this issue. is there another way to do that without fastcgi and SuexecUserGroup or do you know what's going wrong?

Read the article
How browsers handle multiple IPs

- by Sandman4

Can someone direct me to information on exact browsers behavior when browser gets multiple A records for a given hostname (say ip1 and ip2), and one of them is not accessible. I interested in EXACT details, like (but not limited to): Will browser get 2 IPs from OS, or it will get only one ? Which ip will browser try first (random or always the first one) ? Now, let's say browser started with the failed ip1 For how long will browser try ip1 ? If user hits "stop" while it waits for ip1, and then clicks refresh which IP will browser try ? What will happen when it times-out - will it start trying ip2 or give error ? (And if error, which ip will browser try when user clicks refresh). When user clicks refresh, will any browser attempt new DNS lookup ? Now let's assume browser tried working ip2 first. For the next page request, will browser still use ip2, or it may randomly switch ips ? For how long browsers keep IPs in their cache ? When browsers sends a new DNS request, and get SAME ips, will it CONTINUE to use the same known-to-be-working IP, or the process starts from scratch and it may try any of the two ? Of course it all may be browser dependent, and may also vary between versions and platforms, I'd be happy to have maximum of details. The purpose of this - I'm trying to understand what exactly users will experience when round-robin DNS based used and one of the hosts fails. Please, I'm NOT asking about how bad DNS load balancing is, and please refrain from answering "don't do it", "it's a bad idea", "you need heartbeat/proxy/BGP/whatever" and so on.

Read the article
HP ML150 G6 upgrading RAM/CPU beyond specs?

- by Morten Green Hermansen

I am being told that some limits on some HP servers can be crossed. Do any of you have any experience with that? A ML150/G6 is limited to 48GB RAM but I have been talking to a German company that guaranties me that this server will be able to be upgraded to 384GB RAM (using 32GB memory modules and 2 CPUs) http://www.compuram.de/en/memory,HP+%28-Compaq%29,Server,Proliant,ML150+G6.htm Can this really be true? The server that I have is using E5504 CPUs but will I be able to upgrade to any CPU that is using a LGA1366 socket? All from a low wattage L5640 all the way to the 6 core, high wattage versions like an X5650? (If cooling and power is adequate ofcause). Is there any limitation with powerregulators and chipset (Intel 5500). I am looking forward to any reply. Thanks in advance and best regards, - Morten Green Hermansen, Fanitas

Read the article
SQL 2008 managing 2 Instances on single Physical server

- by Rajeev

Hi, I need some calrification about managing SQL server 2008. The scenario is as follows: I have One Windows Physical server at Primary site, I want to have Two different applications database on it, so shall I create two Instances on same server or shall have diffenrent server for another database. First Database is for management purpose while second would be used for Reporting purpose. There is a second database at the secondary site, which will be in Passive mode and I intend to connect them through MSCS. Now, can I have both Instances on Single server and both will work fine? The management database will be used more. Please reply soon. Can both Instances have dedicated reources allocated to them?

Read the article
Ubuntu hang, and cannot be soft-reset after resuming from stand by mode

- by Phuong Nguyen

I have downgrade my xorg drivers, so I can hibernate and stand by my ubuntu smoothly. However, in some case, there's a problem. My ubuntu get hang. When I tried to switch to console mode (Ctrl+Alt+F1), then I cannot login. The system always reply with an error whenever I tried to press a key. When I press Ctrl+Alt+Del to perform a softreset, here what's it said: [80141.320122] end_request: I/O error, dev sda, sector 193687181 init: control-alt-delete main process (5660) terminated with status 2. This error is not even recorded in syslog. I guess this should be a problem with my hard disk since it said something about a bad sector. Exactly, what kind of error is this?

Read the article
Firefox: Unload a tab manually

- by unor

Firefox has a setting "Don't load tabs until selected" (see How do I make Firefox 13 Load All My Tabs on Startup or when Resuming Reload). I like that behaviour. I am searching for a way to "deload"/deactivate a tab manually for a session (until I reload it). It should stop all running JavaScript functions and plugins (like Flash). The whole webpage content may disappear until I reload/re-activate the tab, but that is not a requirement. The title has to be displayed as tab label (like it is the case with the startup setting, too). The workaround would be to restart Firefox and don't switch to the tab I want to be deactivated. This is pretty annoying, of course. EDIT: Here is what I found so far (thanks, @bytebuster!) BarTab no longer being maintained (see why) BarTab Lite seems to miss this functionality from BarTab Dormancy experimental; comes with warning that it "may eat your session" Tab Mix Plus Feature request: Unload Tab feature Tab Utilites seems to offer this functionality only for automatic unloading Feature request: Add "unload tab" to tab context menu. UnloadTab removed from addons.mozilla.org (who knows why)

Read the article
trouble running multiple domains on tomcat behind apache via mod_jk

- by mkoryak

I am having trouble setting up tomcat6 with 2 virtual hosts, behind apache2. if i have just one host defined in tomcat, and one jk worker, everything works fine. as soon as i define another jk worker and a corresponding tomcat host i get this error in jk.log: 9:3075328656] [info] ajp_connect_to_endpoint::jk_ajp_common.c (922): Failed opening socket to (69.164.218.75:8009) (errno=111) [Tue Feb 08 03:08:13 2011] [17159:3075328656] [error] ajp_send_request::jk_ajp_common.c (1507): (dogself) connecting to backend failed. Tomcat is probably not started or is listening on the wrong port (errno=111) [Tue Feb 08 03:08:13 2011] [17159:3075328656] [info] ajp_service::jk_ajp_common.c (2447): (dogself) sending request to tomcat failed (recoverable), because of error during request sending (attempt=2) [Tue Feb 08 03:08:13 2011] [17159:3075328656] [error] ajp_service::jk_ajp_common.c (2466): (dogself) connecting to tomcat failed. [Tue Feb 08 03:08:13 2011] [17159:3075328656] [info] jk_handler::mod_jk.c (2615): Service error=-3 for worker=dogself my tomcat server.xml looks like this: <Service name="Catalina"> <Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" URIEncoding="UTF-8" redirectPort="8443" /> <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" /> <Engine name="Catalina" defaultHost="dogself.com"> <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/> <Host name="dogself.com" appBase="webapps-dogself" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false"> </Host> <Host name="nousophia.com" appBase="webapps-test" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false"> </Host> </Engine> </Service> my workers.properties looks like this: # workers.properties - ajp13 # # List workers worker.list=dogself,nousophia # Define dogself worker.dogself.port=8009 worker.dogself.host=dogself.com worker.dogself.type=ajp13 worker.nousophia.port=8009 worker.nousophia.host=nousophia.com worker.nousophia.type=ajp13 tomcat is started/restarted i followed these directions for setting it up: http://stackoverflow.com/questions/1765399/linking-apache-to-tomcat-with-multiple-domains can someone confirm that it would work as above?

Read the article
ipv6 reverse DNS delegation

- by user1709492

I currently have 2001:1973:2303::/48 assigned to me and i'll be assigning /64's to customer's I'd like to have 1 zonefile for the /48 where i can essentially point / redirect query to different nameservers. Example ( Desired effect ) 2001:1973:2303:1234::/64 -> ns1.example.com, ns2.example.com 2001:1973:2303:2345::/64 -> ns99.example2.com, ns100.example2.com 2001:1973:2303:4321::/64 -> ns1.cust1.com, ns2.cust1.com Current /48 zonefile $TTL 3h $ORIGIN 3.0.3.2.3.7.9.1.1.0.0.2.ip6.arpa. @ IN SOA ns3.example.ca. ns4.example.ca. ( 2011071030 ; serial 3h ; refresh after 3 hours 1h ; retry after 1 hour 1w ; expire after 1 week 1h ) ; negative caching TTL of 1 hour IN NS ns3.example.ca. IN NS ns4.example.ca. 1234 IN NS ns1.example.com. NS ns2.example.com. 2345 IN NS ns99.example2.com. NS ns100.example2.com. 4321 IN NS ns1.cust1.com. NS ns2.cust1.com. Where am i going wrong ? My request seems simple to me atleast. To put it in terms of firewalling i want to redirect traffic client queries 2001:1973:2303:4321::1 - ns3.example.ca sees the request and redirects the query to ns1.cust1.com - ns1.cust1.com answers the query with omg.itworks.ca ( provided ns1.cust1.com is properly configured.

Read the article
Filtering semi-solicited spam

- by Ketil

While traditional UCE (get rich quick, enlarge your body parts, Nigerian barristers) are handled adequately, I'm still receiving a lot of not quite unsolicited spam. This is typically from commercial services forwarding "invites" from my "friends" and then "reminding" me of their services. Typical offenders are Facebook, Linkedin, dropbox, bebox, etc etc. (Of course, none of these services provide any way of opting out, except possibly by registering, which they will then take as an invitation to stuff your mailbox with even more crap) What is a good way to deal with these? I can of course junk them using procmail, but is it a better idea to e.g. bounce them, or at least send a reply informing the sender (and "friend") that I am not interested in their service nor their spam. Any solutions to this?

Read the article
VMWare web UI intermittent access on CentOS

- by PeteWilliams

Hiya, I've got a CentOS 5.2 server that I'm trying to get set up as a development environment. As part of this, I planned to install VMWare Server 2 and set up several virtual development servers. I've got as far as installing VMWare Server 2 but access to the remote control panel is only working intermittently. If I access it through Firefox at https://127.0.0.1:8333/ui/# it usually says either: "Connection intterupted: connection was reset before the page loaded" Or "Firefox can't establish a connection to the server at 127.0.0.1" But every now and then it lets me in and I'll manage a few clicks in the web UI before it kicks me out with the following error: "The server could not complete a request (HTTP 0 ). The server encountered an unexpected condition that prevented it from fulfilling the request. If this problem persists, please contact your system administrator." I've done all the updates available in CentOS except one OpenOffice one that is causing a conflict, and I re-ran wmware-config.pl after updating the kernel. Though I went with all the defaults as I don't really know what I'm doing! I've since rebooted and nothing changed. I've also tried accessing the control panel remotely from another machine in the network and the results are the same. Does anyone have any ideas what might be causing this and how I can resolve it? I'm afraid I'm a developer playing at sys-admin, so I may be missing something obvious! Many thanks Pete Update I have now reinstalled both the operating system and VMWare and I'm still getting the same issue. I wonder if it's a result of the settings I'm putting in on the config.pl script..?

Read the article
ping alternative to measure routing distance (on Windows)

- by Marco Demaio

Hello, in order to measure aprroximately the rouitng distance (to see if a server is close to my country or too far away) I usually use ping command. I'm in Italy, when I ping Italian servers I get 36ms when I ping US EAST servers I get an average of 120ms when I ping US WEST servers I get an average of 200ms etc. Unfortunately some web hosters turn off the ping reply on their servers, so my question is how do I detect the routing distance, is there another easy to use command in Windows to accomplish the same task? Thanks!

Read the article
Requests are making it to my app server, but not into node.js -- why?

- by Zane Claes

I detailed in this question on StackOverflow how some random requests are not making it from the client to my Node.js app server, resulting in a gateway timeout. In summary, identical requests are, at random, not even making it far enough to trigger a console.log() in my first line of express middleware. I need to narrow down the problem, though, to find out WHERE the traffic is being lost and it was suggested that I try a packet sniffer on my app servers. Here's my setup: 2x Load Balancers (m1.larges) 2x node.js servers (also m1.large) Here's what's interesting/unusual: the node.js servers started as PHP servers with an Apache stack and continue to serve PHP files for my domain (streamified.me). However, I use a little httpd.conf magic on the app servers so that requests to api.streamified.me get routed over port 8888 to the node.js server: RewriteCond %{HTTP_HOST} ^api.streamified.me RewriteRule ^(.*) http://localhost:8888$1 [P] So, the request hits the load balancer = goes to an app server = gets routed to port 8888 if it's intended for the API = gets handled by node.js So, in the same httpd.conf file, I turned on RewriteLogLevel 5 and then created a simple PHP+CURL script on my localhost to hit my api.streamified.me with a random URL (which should cause node.js to trigger a simple "not found" response) until it resulted in a Gateway timeout. Here, you can see that it has happened -- and the rewrite log shows that the request was definitely received by the app server and forwarded to port 8888... but it was never received by node.js (or, at least, the first line of code in the first line of middleware never gets it...) Image Link: http://i.stack.imgur.com/3OQxS.png

Read the article
Equivalent of LogRotate for Windows?

- by mfinni

We have a huge logfile being written by a vendor's application. Let's assume the vendor won't do anything that we ask. Is there any way of rotating that logfile somehow? We're looking at about 300 MB an hour being written - I'd much rather chunk that into 10 MB pieces, and let anything older than a day or over 1000 files fall off a cliff. (I know I know, possible duplicate of How do you rotate apache logs on windows without interrupting service? ) Aha - the Chomp log was dead, but searching for "chomp logrotate brought me to it's new site. I'll give it a try tomorrow and reply if I like it. I'd still like to hear about software anyone else is using that works for this.

Read the article
Apache returns HTTP 206 for GET /file.mp3

- by javano

I am making a get request to an SSL enabled site on apache (so wireshark isn't giving me anything to useful). In my Apache SSL access log I see the following entry: 1.2.3.4 - my.username [15/Nov/2012:16:52:01 +0000] "GET /uploads/file.mp3 HTTP/1.1" 206 534400 "https://site.com/uploads/layla.mp3" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.19 (KHTML, like Gecko) Ubuntu/12.04 Chromium/18.0.1025.168 Chrome/18.0.1025.168 Safari/535.19" Why is this happening? I'm not familiar with the HTTP 206 response code but searching the Internet I can see it is a partial content GET requests. I understand correctly, my browser is making a partial GET request not for the full file. Is that correct? If so, is this a browser issue or is the web server instructing my browser to do so? I have tested in Firefox also and in both browser, I am not sent the file. If I rename the file to file.jpg I can download it through my browser and rename it to .mp3 and it plays. How can I troubleshoot this issue?

Read the article
how limit the number of open TCP streams from same IP to a local port?

- by JMW

Hi, i would like to limit the number of concurrent open TCP streams from the the same IP to the server's (local) port. Let's say 4 concurrent conncetions. How can this be done with ip tables? the closest thing, that i've found was: In Apache, is there a way to limit the number of new connections per second/hour/day? iptables -A INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --set iptables -A INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --update --seconds 86400 --hitcount 100 -j REJECT But this limitation just messures the number of new connections over the time. This might be good for controlling HTTP traffic. But this is not a good solution for me, since my TCP streams usually have a lifetime between 5 minutes and 2 hours. thanks a lot in advance for any reply :)

Read the article
How to make a server check it's own availability on the web?

- by Javawag

Hi all, Just a quick question – my server is running at my house serving www pages at www.javawag.com. The problem is that my home internet connection keeps dropping randomly - for about 10 mins at a time. This is only an intermittent problem and will go away soon I hope. However, my server doesn't recover properly - when the connection comes back, I can still access it at 192.168.0.8 (locally) without any issue, but at www.javawag.com there's no reply! (Just an aside - my home internet connection is dynamic ISP, the domain www.javawag.com points to javawag.dyndns.org which in turn points to my IP, updated every minute by ddclient on the server) Is there some way for the server to check if it's accessible from the outside world periodically, and if not restart Apache/reboot? Oh, and if I reboot the problem fixes itself also! Javawag

Read the article
VMWare web UI intermittent access on CentOS

- by PeteWilliams

I've got a CentOS 5.2 server that I'm trying to get set up as a development environment. As part of this, I planned to install VMWare Server 2 and set up several virtual development servers. I've got as far as installing VMWare Server 2 but access to the remote control panel is only working intermittently. If I access it through Firefox at https://127.0.0.1:8333/ui/# it usually says either: "Connection intterupted: connection was reset before the page loaded" Or "Firefox can't establish a connection to the server at 127.0.0.1" But every now and then it lets me in and I'll manage a few clicks in the web UI before it kicks me out with the following error: "The server could not complete a request (HTTP 0 ). The server encountered an unexpected condition that prevented it from fulfilling the request. If this problem persists, please contact your system administrator." I've done all the updates available in CentOS except one OpenOffice one that is causing a conflict, and I re-ran wmware-config.pl after updating the kernel. Though I went with all the defaults as I don't really know what I'm doing! I've since rebooted and nothing changed. I've also tried accessing the control panel remotely from another machine in the network and the results are the same. Does anyone have any ideas what might be causing this and how I can resolve it? I'm afraid I'm a developer playing at sys-admin, so I may be missing something obvious! Many thanks Pete Update I have now reinstalled both the operating system and VMWare and I'm still getting the same issue. I wonder if it's a result of the settings I'm putting in on the config.pl script..?

Read the article
How can I setup OpenVPN with IPv4 and IPv6 using a tap device?

- by Lekensteyn

I've managed to setup OpenVPN for full IPv4 connectivity using tap0. Now I want to do the same for IPv6. Addresses and network setup (note that my real prefix is replaced by 2001:db8): 2001:db8::100:0:0/96 my assigned IPv6 range 2001:db8::100:abc:0/112 OpenVPN IPv6 range 2001:db8::100:abc:1 tap0 (on server) (set as gateway on client) 2001:db8::100:abc:2 tap0 (on client) 2001:db8::1:2:3:4 gateway for server Home laptop (tap0: 2001:db8::100:abc:2/112 gateway 2001:db8::100:abc:1/112) | | | (running Kubuntu 10.10; OpenVPN 2.1.0-3ubuntu1) | wifi | | router | | OpenVPN INTERNET | eth0 | /tap0 VPS (eth0:2001:db8::1:2:3:4/64 gateway 2001:db8::1) (tap0: 2001:db8::100:abc:1/112) (running Debian 6; OpenVPN 2.1.3-2) The server has both native IPv4 and IPv6 connectivity, the client has only IPv4. I can ping6 to and from my server over OpenVPN, but not to other machines (for example, ipv6.google.com). net.ipv6.conf.all.forwarding is set to 1, I've tried disabling net.ipv6.conf.all.accept_ra as well, without luck. Using tcpdump on both the server and client, I can see that packets are actually transferred over tap0 to eth0. The router (2001:db8::1) send a neighbor solicitation for the client (2001:db8::100:abc:2) to eth0 after it receives the ICMP6 echo-request. The server does not respond to that solicitation, which causes the ICMP6 echo-request not be routed to the destination. How can I make this IPv6 connection work?

Read the article
nginx redirect what is not coming from load balancing

- by dawez

I have nginx on SERVER1 that is acting as load balancing between SERVER1 and SERVER2 in SERVER1 I have the upstreams for the load balancing defined as : upstream de.server.com { # similar upstreams defined also for other languages # SELF SERVER1 server 127.0.0.1:8082 weight=3 max_fails=3 fail_timeout=2; # other SERVER2 server otherserverip:8082 max_fails=3 fail_timeout=2; } The load balancing config on SERVER1 is this one: server { listen 80; server_name ~^(?<LANG>de|es|fr)\.server\.com; location / { proxy_pass http://$LANG.server.com; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # trying to pass a variable in the header to SERVER2 proxy_set_header Is-From-Load-Balancer 1; } } Then in server 2 I have: server { listen 8082; server_name localhost; root /var/www/server.com/public; # test output values add_header testloadbalancer $http_is_from_load_balancer; add_header testloadbalancer2 not_load_bal; ## other stuff here to process the request } I can see the "testloadbalancer" in the response header is set to 1 when the request is coming from the load balancing, it is not present when from a direct access: SERVER2:8082 . I would like to bounce back to the SERVER1 all the direct requests that are sent to SERVER2, but keep the ones from the load balancing. So this should forbid direct access to SERVER2:8082 and redirect to SERVER1:80 .

Read the article
How can I make IPv6 on OpenVPN work using a tap device?

- by Lekensteyn

I've managed to setup OpenVPN for full IPv4 connectivity using tap0. Now I want to do the same for IPv6. Addresses and network setup (note that my real prefix is replaced by 2001:db8): 2001:db8::100:0:0/96 my assigned IPv6 range 2001:db8::100:abc:0/112 OpenVPN IPv6 range 2001:db8::100:abc:1 tap0 server side (set as gateway on client) 2001:db8::100:abc:2 tap0 client side 2001:db8::1:2:3:4 gateway for server Home laptop (tap0: 2001:db8::100:abc:2/112 gateway 2001:db8::100:abc:1/112) | | | (running Kubuntu 10.10; OpenVPN 2.1.0-3ubuntu1) | wifi | | router | | OpenVPN INTERNET | eth0 | /tap0 VPS (eth0:2001:db8::1:2:3:4/64 gateway 2001:db8::1) (tap0: 2001:db8::100:abc:1/112) (running Debian 6; OpenVPN 2.1.3-2) The server has both native IPv4 and IPv6 connectivity, the client has only IPv4. I can ping6 to and from my server over OpenVPN, but not to other machines (for example, ipv6.google.com). Using tcpdump on both the server and client, I can see that packets are actually transferred over tap0 to eth0. The router (2001:db8::1) send a neighbor solicitation for the client (2001:db8::100:abc:2) to eth0 after it receives the ICMP6 echo-request. The server does not respond to that solicitation, which causes the ICMP6 echo-request not be routed to the destination. How can I make this IPv6 connection work?

Read the article
outgoing mail for web app (multiple domains as sender)

- by solid

I have a web app "myapp.com" that users can use to set up their own websites. Our application is written in php and should be able to do the following: send mails to our own users "from: [email protected]" send mails from our clients to their clients "from: [email protected]" We don't need to take care of incoming mails, just send out mails with the correct from and reply-to addresses. We cannot make this work using Google Apps (limited to our own domain in the from-field) and we cannot make google apps or google apps domains for all our clients, so we are looking for another simple to manage and set up solution. Does anyone have experience with this, please let me know! Thanks

Read the article
Easiest way to allow direct HTTPS connection in Intercept mode?

- by Nicolo

I know the SSL issue has been beaten to death I'm using DNS redirect to force my clients to use my intercept proxy. As we all know, intercepting HTTPS connection is not possible unless I provide a fake certificate. What I want to achieve here is to allow all HTTPS requests connect directly to the source server, thus bypassing Squid: HTTP connection Proxy by Squid HTTPS connection Bypass Squid and connect directly I spent the past few days goolging and trying different methods but none worked so far. I read about SSL tunneling using the CONNECT method but couldn't find any more information on it. I tried a similar method in using RINETD to forward all traffic going through port 443 of my Squid back to the original IP of www.pandora.com. Unfortunately, I did not realize all other HTTPS requests are also forwarded to the IP of www.pandora.com. For example, https://www.gmail.com also takes me to https://www.pandora.com Since I'm running the Intercept mode, the forwarding needs to be dynamic and match each HTTPS domain name with proper original IP. Can this be done in Squid or iptables? Lastly, I'm directing traffic to my Squid server using DNS zone redirect. For example, a client requests www.google.com, my DNS server directs that request to my Squid IP, then my transparent Squid will proxy that request. Will this set up affect what I'm trying to achieve? I tried many methods but couldn't get it to work. Any takes on how to do this?

Read the article
Is it okay to use an administrator account for everyday use if UAC is on?

- by Valentin Radu

Since I switched to Windows 7 about 3 years ago, and now using Windows 8.1, I have become familiar with the concept of User Account Control and used my PC the following way: a standard account which I use for every day work and the built-in Administrator account activated and used only to elevate processes when they request so, or to ”Run as administrator” applications when I need to. However, recently after reading more about User Account Control, I started wondering if my way of working is good? Or should I use an administrator account for every day work, since an administrator account is not elevated until requested by apps, or until I request so via the ”Run as administrator” option? I am asking this because I read somewhere that the built-in Administrator account is a true administrator, by which I mean UAC doesn't pop up when logged in within it, and I am scared of not having problems when potential malicious software come into scene. I have to mention that I do not use it on a daily basis, just when I need to elevate some apps. I barely log in into it 10 times a year... So, how's better? Thanks for your answers! And Happy New Year, of course! P.S. I asked this a year ago (:P) and I think I should reiterate it: is an administrator account as safe these days as a standard account coupled with the built-in Administrator account when needed?

Read the article
How to get http requests details in a tcpdump?

- by tucson

I am trying to get a tcpdump trace of some http requests. Here is what I got so far (I replaced the real IP addresses with REMOTE and LOCAL): C:\>Windump -na -i 3 ip host REMOTE and ip src LOCAL and tcp port 80 Windump: listening on \Device\NPF_{8056BE5E-BDBB-44E6-B492-9274B410AD66} 13:13:34.985460 IP LOCAL.4261 > REMOTE.80: . 1784894764:1784894765(1) ack 1268208398 win 65535 13:13:38.589175 IP LOCAL.4302 > REMOTE.80: F 3708464308:3708464308(0) ack 982485614 win 65535 13:13:38.589285 IP LOCAL.4303 > REMOTE.80: F 890175362:890175362(0) ack 2462862919 win 65535 13:13:38.589330 IP LOCAL.4304 > REMOTE.80: F 1838079178:1838079178(0) ack 156173959 win 65535 13:13:38.589374 IP LOCAL.4305 > REMOTE.80: F 3952718843:3952718843(0) ack 2209231545 win 65535 13:13:38.589413 IP LOCAL.4306 > REMOTE.80: F 446105750:446105750(0) ack 3141849979 win 65535 13:13:38.590265 IP LOCAL.4302 > REMOTE.80: . ack 2 win 65535 13:13:38.590403 IP LOCAL.4304 > REMOTE.80: . ack 2 win 65535 13:13:38.590429 IP LOCAL.4303 > REMOTE.80: . ack 2 win 65535 13:13:38.590484 IP LOCAL.4305 > REMOTE.80: . ack 2 win 65535 13:13:38.590514 IP LOCAL.4306 > REMOTE.80: . ack 2 win 65535 But I do not get the following level of details: Request URL:http://domain.com/index.php Request Method:POST Status Code:200 OK POST /index.php HTTP/1.1 Host: domain.com Connection: keep-alive Content-Length: 151 Cache-Control: max-age=0 etc How can I get this level of data?

Read the article

< Previous Page | 272 273 274 275 276 277 278 279 280 281 282 283 | Next Page >