Search Results

Search found 5998 results on 240 pages for 'rise against'.

Page 28/240 | < Previous Page | 24 25 26 27 28 29 30 31 32 33 34 35  | Next Page >

  • Using Varnish (only) for DDoS mitigation

    - by Martin Kanters
    My VPS is suffering from a (D)DoS doing a SYN flood with spoofed IPs. I'm right now searching from ways how to be able to defend (at least a bit) against it. It's running a DirectAdmin apache2 webserver. Mainly used for serving PHP and MySQL. We are using CloudFlare, which are saying that they are able to mitigate (D)DoS at some level, now the attacker knows our real IP address, so CloudFlare isn't helping a bit. I've done some searching on the net and found out about enabling SYN cookies, to defend against it. I've checked my settings and it seems it was enabled all along. I've also read about that Varnish is able to defend against SYN flooding and Slowloris attacks, now I'm pretty interested in using that. The thing is that CloudFlare is already caching a lot from us, and I don't wish to spend too much resources on Varnish. Is it possible and smart to set up Varnish only for the better handling of requests? Are there perhaps better ways which I've missed? Thanks in advance, Martin

    Read the article

  • WSUS performance for unneeded updates

    - by mhouston100
    We have a WSUS server serving around 300 PC's and a couple of dozen servers and a discussion came up at work as to what products to include. We have a single SQL 2005 instance on one of the servers and it has NEVER been updated. My first thought was to just tick the box for SQL 2005 and let WSUS do it's thing to upgrade to the latest service pack at least. One of the other guys here has the opinion that having updates that are relevant to only a small selection of hosts would effect the performance of WSUS as a whole, claiming that each update does a 'check' against all the hosts or something similar. My argument is that manually updating these servers is obviously not working as the admins are not paying attention to what is needed. So my question is: Do updates that only effect a sub-set of the hosts effect the overall performance of the WSUS server in relation to ALL the hosts? (disk space is not an issue at this point) Is there any performance justification for or against manually updating small amounts of products? Basically I'm needing a rebuttal against his argument and I'm unable to find any concrete documentation to prove him wrong.

    Read the article

  • Is this a good starting point for iptables in Linux?

    - by sbrattla
    Hi, I'm new to iptables, and i've been trying to put together a firewall which purpose is to protect a web server. The below rules are the ones i've put together so far, and i would like to hear if the rules makes sense - and wether i've left out anything essential? In addition to port 80, i also need to have port 3306 (mysql) and 22 (ssh) open for external connections. Any feedback is highly appreciated! #!/bin/sh # Clear all existing rules. iptables -F # ACCEPT connections for loopback network connection, 127.0.0.1. iptables -A INPUT -i lo -j ACCEPT # ALLOW established traffic iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # DROP packets that are NEW but does not have the SYN but set. iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP # DROP fragmented packets, as there is no way to tell the source and destination ports of such a packet. iptables -A INPUT -f -j DROP # DROP packets with all tcp flags set (XMAS packets). iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP # DROP packets with no tcp flags set (NULL packets). iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP # ALLOW ssh traffic (and prevent against DoS attacks) iptables -A INPUT -p tcp --dport ssh -m limit --limit 1/s -j ACCEPT # ALLOW http traffic (and prevent against DoS attacks) iptables -A INPUT -p tcp --dport http -m limit --limit 5/s -j ACCEPT # ALLOW mysql traffic (and prevent against DoS attacks) iptables -A INPUT -p tcp --dport mysql -m limit --limit 25/s -j ACCEPT # DROP any other traffic. iptables -A INPUT -j DROP

    Read the article

  • ldap-authentication without sambaSamAccount on linux smb/cifs server (e.g. samba)

    - by umlaeute
    i'm currently running samba-3.5.6 on a debian/wheezy host to act as the fileserver for our department's w32-clients. authentication is done via OpenLDAP, where each user-dn has an objectclass:sambaSamAccount that holds the smb-credentials and an objectclass:shadowAccount/posixAccount for "ordinary" authentication (e.g. pam, apache,...) now we would like to dump our department's user-db, and instead use authenticate against the user-db of our upstream-organisation. these user-accounts are managed in a novell-edirectory, which i can already use to authenticate using pam (e.g. for ssh-logins; on another host). our upstream organisation provides smb/cifs based access (via some novell service) to some directories, which i can access from my linux client via smbclient. what i currently don't manage to do is to use the upstream-ldap (the eDirectory) to authenticate our institution's samba: i configured my samba-server to auth against the upstream ldap server: passdb backend = ldapsam:ldaps://ldap.example.com but when i try to authenticate a user, i get: $ smbclient -U USER \\\\SMBSERVER\\test Enter USER's password: Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.6] tree connect failed: NT_STATUS_ACCESS_DENIED the logfiles show: [2012/10/02 09:53:47.692987, 0] passdb/secrets.c:350(fetch_ldap_pw) fetch_ldap_pw: neither ldap secret retrieved! [2012/10/02 09:53:47.693131, 0] lib/smbldap.c:1180(smbldap_connect_system) ldap_connect_system: Failed to retrieve password from secrets.tdb i see two problems i'm having: i don't have any administrator password for the upstream ldap (and most likely, they won't give me one). i only want to authenticate my users, write-access is not needed at all. can i go away with that? the upstream ldap does not have any samba-related attributes in the db. i was under the impression, that for samba to authenticate, those attributes are required, as smb/cifs uses some trivial hashing which is not compatible with the usual posixAccount hashes. is there a way for my department's samba server to authenticate against such an ldap server?

    Read the article

  • NAS for Mac OS X Server

    - by SamAdmin
    I'm using Mac OS X Server and want to allow the users that connect to their network accounts to store their data on a NAS drive. I want the users to connect to the Lion server as this allows for better policies and management for me and for their afp share to be located on a NAS drive. I've looked into home directories and network logins however I don't want the users to connect into a different login environment, just an authentication against their provided account on the Lion server and for their finder to take them to their own storage area - located on the NAS drive. Currently I am using FreeNAS for both authentication and storage however there are getting to be far too many people to manage each afp share and account, plus just using FreeNAS is extremely limiting for expansion and if something goes wrong with 1 entity the entire system goes down. Using the Lion server for user accounts and policies will be much better for this expanding business. I have looked into LDAP, using the Lion server as an LDAP server to authenticate against for FreeNAS however I have had issues with this and thought a different approach could be better from the other side of the situation... Providing the account with somewhere to store data rather than the afp share authenticating against an LDAP server. I am wrong to try it this way? Is it possible to logically add storage to a Mac OS X Server which can be recognised as a local drive, so can be used for network accounts?

    Read the article

  • What is NetFx in the Windows SDK?

    - by emddudley
    What is NetFx, in the context of the Windows SDK? What differentiates NetFx tools from the tools in the regular SDK bin directory? I noticed that the version of sgen.exe in C:\Program Files\Microsoft SDKs\Windows\v7.0A\bin\ was built against .NET 2.0, but the version in C:\Program Files\Microsoft SDKs\Windows\v7.0A\bin\NETFX 4.0 Tools\ was built against .NET 4.0.

    Read the article

  • How to make meld prefer an SVN diff over a CVS diff

    - by tolomea
    We have some directories that are tracked in both CVS and SVN (loooong story). When I change a file in one of these and run meld it diffs it against the SVN version. However for some of the other developers it diffs against CVS. Is there a way to specify which one gets priority? Everyone is using Meld 1.3.0

    Read the article

  • Searching phpbb's 'topic_title' via MYSQL php, but exact match doesn't work

    - by Mint
    $sql = sprintf("SELECT topic_title FROM `phpbb_topics` WHERE `topic_title` LIKE '%%%s%%' LIMIT 20", mysql_real_escape_string('match this title')); Which I run this query in phpMyAdmin the results are: (correct) match this title match this title 002 But when I run that same MYSQL query in PHP I get: (incorrect) match this title 002 I have also tried MATCH AGAINST with the same result with both php and phpMyAdmin: $sql = "SELECT topic_title FROM phpbb_topics WHERE MATCH (topic_title) AGAINST('match this title' IN BOOLEAN MODE)"; Whats going on? I'v been searching all over the place and have found next to no help :(

    Read the article

  • Passing existing cookie to Web service

    - by danny.lesnik
    HI have the following scenario: 1) i'm authenticated against some aSP.NET web site and my session time out expires in 24 hours. 2) after several time I would like to run query against asp.net Web Service located on the site using existing authentication. What should I add to cookie Container? I how do sent existing cookie to Web service? Thank you in Advance. Danny.

    Read the article

  • How to match filetype with regular expression?

    - by Sanarothe
    Hi. I'm stuck trying to get a regex to match a filetype in a sorting script. Dir.foreach(savedirs[0]) do |x| puts "Matching " + x + " against filetypes." case x when x.match(/^.*\.exe$/i) then puts x when x.match(/\.jpe?g$/) then FileUtils.move(x, sortpath[".exe"], :verbose => true) when x =~ /\.jpg$/ then FileUtils.move(x, sortpath[".jpg"]) end end I can't get any of these to match on in windows. All I need is to confirm that a given filename matches against compatible filetypes.

    Read the article

  • Is a control tree cached after the first call to FindWindowEx/EnumChildWindows?

    - by Ion Todirel
    I noticed that if you call FindWindowEx or EnumChildWindows against a hWnd that belongs to a window that's not in the foreground, i.e. minimized, then they don't report any children. On the other hand if I first call SetForegroundWindow against the window I'm querying, and after that FindWindowEx or EnumChildWindows, they report all the children. Next calls report all the children even if the window I'm interested in is not in foreground. It's almost it does some sort of caching after the first call?

    Read the article

  • Could a truly random number be generated using pings to psuedo-randomly selected IP addresses?

    - by _ande_turner_
    The question posed came about during a 2nd Year Comp Science lecture while discussing the impossibility of generating numbers in a deterministic computational device. This was the only suggestion which didn't depend on non-commodity-class hardware. Subsequently nobody would put their reputation on the line to argue definitively for or against it. Anyone care to make a stand for or against. If so, how about a mention as to a possible implementation?

    Read the article

  • Finding the SQL output of a parameterized query

    - by Dan Monego
    I'm making a parameterized query using C# against a SQL server 2005 instance, and I'd like to take a look at the SQL that is run against the database for debugging purposes. Is there somewhere I can look to see what the output SQL of the parameterized command is, either in the database logs or in the Visual Studio debugger?

    Read the article

  • How can I link to a specific glibc version

    - by falstaff
    When I compile something on my Ubuntu Lucid 10.04 PC it gets linked against glibc. Lucid uses 2.11 of glibc. When I run this binary on another PC with an older glibc, the command fails saying there's no glibc 2.11... As far as I know glibc uses symbol versioning. Can I force gcc to link against a specific symbol version? In my concret use I try to compile a gcc cross toolchain for ARM.

    Read the article

  • Unable to get members of Universal Distribution List using Powershell

    - by PowerShellScripter
    I am trying to write a script to list out all members of a "Universal Distribution List" using Powershell. However I keep getting an empty result set back. When I run the following command against a "Global Distribution List" it works fine and I can see who belongs to it. dsquery group -name "SomeGroup" | dsget group -members -expand However as I mentioned when I run this against a "Universal Distribution List" I get no results. Can anyone help?

    Read the article

  • Git pre-commit hook: getting list of changed files

    - by Mikko Ohtamaa
    I am developing validation and linting utility to be integrated with various commit hooks, including Git one https://github.com/miohtama/vvv Currently validators and linters are run against the whole project codebase on every commit. However, it would be much more optimal to run them against changed files only. For this, I would need to know changed files list in my Git precommit hook (in Python) https://github.com/miohtama/vvv/blob/master/vvv/hooks/git.py What options I have to extract the changed files list (in Python if that matters)?

    Read the article

  • Any good OpenID php consumer libs?

    - by daniels
    I need a php lib that can auth using OpenID against sites offering this service, like Google, Yahoo, Wordpress, etc... Anyone used any lib that actuallly works? I've tryied a few but couldn't get any to auth against Google, Yahoo, or Wordpress.

    Read the article

  • Advanced Form Validation in JavaScript

    - by Kaji
    I'm already familiar with how to use onSubmit to evaluate form content against RegEx to ensure it meets static parameters for acceptable content. What I'm wondering is if there is a way to further provide validation against a MySQL database, such as if you want to make sure an e-mail address hasn't been used yet before submitting a form and having to re-load the field data back into the proper places for correction.

    Read the article

  • installing a ruby gem with a native extension

    - by ajstack
    I want to install a ruby gem which tries to build a native extension. The gem in this case is nokogiri. If I do gem install nokogiri, the native extension dynamically links against libxml, libxslt libs. I want to statically link against those libs. How should I go about this?

    Read the article

  • How to hash a password and store for later verification with another digest

    - by oxygen8
    I am using gsoap's wsseapi plugin and would like to store hashed sha1 passwords rather than plain text. I have spent a rediculous amount of time experimenting with various methods of hashing the plain text password for storage. Can anyone suggest a way to hash a password so it can be later verified against a username token digest sent by the client. I can't seem to get the client password to authenticate against my stored hash

    Read the article

  • When exactly would a DLL use a different heap than the executable?

    - by Milo
    I know that if your DLL static links against a different version of the runtime then it creates its own heap. It will also if it is instructed to make a heap. Under these circumstances, it is unsafe for the DLL to delete what the exe allocated. In what cases does this NOT apply (as in, it is safe for the DLL to delete what the exe allocated)? Is it safe if both the exe and the DLL static link against the same runtime library? Thanks

    Read the article

  • Rendering ExtJs components without panels?

    - by Tower
    Hi, Take a look at this example: http://www.extjs.com/deploy/dev/examples/multiselect/multiselect-demo.html On it, there are components rendered against a panel. I've been searching for a way to render components without a panel, so that they are laid out against empty background directly, without any window-like panels. Is there a way to accomplish this?

    Read the article

  • MySQL - How do I insert an additional where clause into this full-text search (updated)

    - by Steven
    I want to add a WHERE clause to a full text search query (to limit to past 24 hours), but wherever I insert it I get Low Level Error. Is it possible to add the clause and if so, how? Here is the code WITHOUT the where clause: $query = "SELECT *, MATCH (story_title) AGAINST ('$query' IN BOOLEAN MODE) AS Relevance FROM stories WHERE MATCH (story_title) AGAINST ('+$query' IN BOOLEAN MODE) HAVING Relevance > 0.2 ORDER BY Relevance DESC, story_time DESC;

    Read the article

< Previous Page | 24 25 26 27 28 29 30 31 32 33 34 35  | Next Page >