Search Results

Search found 293 results on 12 pages for 'jamie hutber'.

Page 3/12 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Decoding PAM configuration files ...

    - by Jamie
    Could someone point me to some (recent) documentation that would help me with decoding PAM configuration file lines like this: auth [success=2 default=ignore] pam_unix.so nullok_secure auth [success=1 default=ignore] pam_winbind.so krb5_auth krb5_ccache_type=FILE cached_login try_first_pass I'm trying to get my Ubuntu box (testing 10.04 Server Beta 2) to use Active Directory, and the last step is to get PAM on the unix box to work, but I'm wary about making changes (and locking myself out) without understanding how to merge what I'm reading here with what ubuntu has implemented.

    Read the article

  • Suggest methods for testing changes to "pam.d/common-*" files

    - by Jamie
    How do I test the changes to the pam.d configuration files: Do I need to restart the PAM service to test the changes? Should I go through every service listed in the /etc/pam.d/ directory? I'm about to make changes to the pam.d/common-* files in an effort to put an Ubuntu box into an active directory controlled network. I'm just learning what to do, so I'm preparing the configuration in a VM, which I plan to deploy in metal in the coming week. It is a clean install of Ubuntu 10.04 Beta 2 server, so other than SSH daemon, all other services are stock.

    Read the article

  • Can snort output an alert for a portscan (sfPortscan) to syslog?

    - by Jamie McNaught
    I've been working on this for too long now. I'm sure the answer should be obvious, but... Snort manual: http://www.snort.org/assets/125/snort_manual-2_8_5_1.pdf lists two logging outputs on pg 39 (pg 40 according to Acrobat Reader) as: "Unified Output" and "Log File Output" which I am guessing the former refers to the "unified" output mode... which makes me think the answer is "No, snort cannot output alerts for detected portscans to syslog." Config file I've been using is: alert tcp any 80 -> any any (msg:"TestTestTest"; content: "testtesttest"; sid:123) preprocessor sfportscan: proto { all } \ memcap { 10000000 } \ scan_type { all } \ sense_level { high } \ logfile { pscan.log } (yes, very basic I know). A simple nmap triggers output to the pscan.log Can anyone confirm this? Or point out how I do this?

    Read the article

  • Visio 2010 64 bit won't run

    - by jamie
    I have recently installed Visio 2010 Premium 64 bit and although it installed fine, when i try to run it i get c:\windows\WinSxS\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_04480933ab2137b1\mfc90u.dll is either not designed to run on Windows or it contains an error. Try installing the program again using the original installation media or contact your system administrator or the software vendor for support I've uninstalled and reinstalled the application but it just won't work. Any clues/suggestions? Office 2010 which i installed prior is working fine.

    Read the article

  • Find all duplicate files by md5 hash

    - by Jamie Curran
    I'm trying to find all duplicate files based upon md5 hash and ordered by file size. So far I have this: find . -type f -print0 | xargs -0 -I "{}" sh -c 'md5sum "{}" | cut -f1 -d " " | tr "\n" " "; du -h "{}"' | sort -h -k2 -r | uniq -w32 --all-repeated=separate The output of this is: 1832348bb0c3b0b8a637a3eaf13d9f22 4.0K ./picture.sh 1832348bb0c3b0b8a637a3eaf13d9f22 4.0K ./picture2.sh 1832348bb0c3b0b8a637a3eaf13d9f22 4.0K ./picture2.s d41d8cd98f00b204e9800998ecf8427e 0 ./test(1).log Is this the most efficient way?

    Read the article

  • Ubuntu 10.04 server crash

    - by Jamie
    I'm running an Ubuntu 10.04 (x64) as a web/mysql server. The server became unresponsive to SSH, Ping, HTTP etc. and the technician with physical access to the machine sent me this screengrab here: http://img442.imageshack.us/img442/389/img00062201012211332.jpg from the connected monitor before he rebooted (and the situation is fixed). I'm not sure what log this information is kept in as I can't find the text after checking the logs after reboot. Can anyone help me to investigate what happened to try and ensure it doesn't happen again? Thanks

    Read the article

  • Active directory authentication for Ubuntu Linux login and cifs mounting home directories...

    - by Jamie
    I've configured my Ubuntu 10.04 Server LTS Beta 2 residing on a windows network to authenticate logins using active directory, then mount a windows share to serve as there home directory. Here is what I did starting from the initial installation of Ubuntu. Download and install Ubuntu Server 10.04 LTS Beta 2 Get updates # sudo apt-get update && sudo apt-get upgrade Install an SSH server (sshd) # sudo apt-get install openssh-server Some would argue that you should "lock sshd down" by disabling root logins. I figure if your smart enough to hack an ssh session for a root password, you're probably not going to be thwarted by the addition of PermitRootLogin no in the /etc/ssh/sshd_config file. If your paranoid or not simply not convinced then edit the file or give the following a spin: # (grep PermitRootLogin /etc/ssh/sshd_conifg && sudo sed -ri 's/PermitRootLogin ).+/\1no/' /etc/ssh/sshd_conifg) || echo "PermitRootLogin not found. Add it manually." Install required packages # sudo apt-get install winbind samba smbfs smbclient ntp krb5-user Do some basic networking housecleaning in preparation for the specific package configurations to come. Determine your windows domain name, DNS server name, and IP address for the active directory server (for samba). For conveniance I set environment variables for the windows domain and DNS server. For me it was (my AD IP address was 192.168.20.11): # WINDOMAIN=mydomain.local && WINDNS=srv1.$WINDOMAIN If you want to figure out what your domain and DNS server is (I was contractor and didn't know the network) check out this helpful reference. The authentication and file sharing processes for the Windows and Linux boxes need to have their clocks agree. Do this with an NTP service, and on the server version of Ubuntu the NTP service comes installed and preconfigured. The network I was joining had the DNS server serving up the NTP service too. # sudo sed -ri "s/^(server[ \t]).+/\1$WINDNS/" /etc/ntp.conf Restart the NTP daemon # sudo /etc/init.d/ntp restart We need to christen the Linux box on the new network, this is done by editing the host file (replace the DNS of with the FQDN of the windows DNS): # sudo sed -ri "s/^(127\.0\.0\.1[ \t]).*/\1$(hostname).$WINDOMAIN localhost $(hostname)/" /etc/hosts Kerberos configuration. The instructions that follow here aren't to be taken literally: the values for MYDOMAIN.LOCAL and srv1.mydomain.local need to be replaced with what's appropriate for your network when you edit the files. Edit the (previously installed above) /etc/krb5.conf file. Find the [libdefaults] section and change (or add) the key value pair (and it is in UPPERCASE WHERE IT NEEDS TO BE): [libdefaults] default_realm = MYDOMAIN.LOCAL Add the following to the [realms] section of the file: MYDOMAIN.LOCAL = { kdc = srv1.mydomain.local admin_server = srv1.mydomain.local default_domain = MYDOMAIN.LOCAL } Add the following to the [domain_realm] section of the file: .mydomain.local = MYDOMAIN.LOCAL mydomain.local = MYDOMAIN.LOCAL Conmfigure samba. When it's all said done, I don't know where SAMBA fits in ... I used cifs to mount the windows shares ... regardless, my system works and this is how I did it. Replace /etc/samba/smb.conf (remember I was working from a clean distro of Ubuntu, so I wasn't worried about breaking anything): [global] security = ads realm = MYDOMAIN.LOCAL password server = 192.168.20.11 workgroup = MYDOMAIN idmap uid = 10000-20000 idmap gid = 10000-20000 winbind enum users = yes winbind enum groups = yes template homedir = /home/%D/%U template shell = /bin/bash client use spnego = yes client ntlmv2 auth = yes encrypt passwords = yes winbind use default domain = yes restrict anonymous = 2 Start and stop various services. # sudo /etc/init.d/winbind stop # sudo service smbd restart # sudo /etc/init.d/winbind start Setup the authentication. Edit the /etc/nsswitch.conf. Here are the contents of mine: passwd: compat winbind group: compat winbind shadow: compat winbind hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc: db files Start and stop various services. # sudo /etc/init.d/winbind stop # sudo service smbd restart # sudo /etc/init.d/winbind start At this point I could login, home directories didn't exist, but I could login. Later I'll come back and add how I got the cifs automounting to work. Numerous resources were considered so I could figure this out. Here is a short list (a number of these links point to mine own questions on the topic): Samba Kerberos Active Directory WinBind Mounting Linux user home directories on CIFS server Authenticating OpenBSD against Active Directory How to use Active Directory to authenticate linux users Mounting windows shares with Active Directory permissions Using Active Directory authentication with Samba on Ubuntu 9.10 server 64bit How practical is to authenticate a Linux server against AD? Auto-mounting a windows share on Linux AD login

    Read the article

  • Rate limit a wireless interface

    - by Jamie Hankins
    I have access to my routers SSH and IPTables. I want to rate limit my guest network to 1Mb/s so they can't guzzle my bandwidth. rai1 RTWIFI SoftAP ESSID:"GuestNetwork" Nickname:"" Mode:Managed Channel=6 Access Point: :F9 Bit Rate=300 Mb/s wdsi0 RTWIFI SoftAP ESSID:"YouCan'tTouchThis" Nickname:"" Mode:Managed Channel=6 Access Point: :F8 Bit Rate=300 Mb/s wdsi1 RTWIFI SoftAP ESSID:"YouCan'tTouchThis" Nickname:"" Mode:Managed Channel=6 Access Point: :F9 Bit Rate=300 Mb/s wdsi2 RTWIFI SoftAP ESSID:"YouCan'tTouchThis" Nickname:"" Mode:Managed Channel=6 Access Point: Not-Associated Bit Rate:300 Mb/s wdsi3 RTWIFI SoftAP ESSID:"YouCan'tTouchThis" Nickname:"" Mode:Managed Channel=6 Access Point: Not-Associated Bit Rate:300 Mb/s I'm just wondering the command I need to limit it. I tried the iwconfig limit command but it failed. Thanks

    Read the article

  • Perl throwing 403 errors!

    - by Jamie
    When I first installed Perl in my WAMP setup, it worked fine. Then, after installing ASP.net, it began throwing 403 errors. Here's my ASP.net config: Load asp.net module LoadModule aspdotnet_module "modules/mod_aspdotnet.so" Set asp.net extensions AddHandler asp.net asp asax ascx ashx asmx aspx axd config cs csproj licx rem resources resx soap vb vbproj vsdisco webinfo # Mount application AspNetMount /asp "c:/users/jam/sites/asp" # ASP directory alias Alias /asp "c:/users/jam/sites/asp" # Directory setup <Directory "c:/users/jam/sites/asp"> # Options Options Indexes FollowSymLinks Includes +ExecCGI # Permissions Order allow,deny Allow from all # Default pages DirectoryIndex index.aspx index.htm </Directory> # aspnet_client files AliasMatch /aspnet_client/system_web/(\d+)_(\d+)_(\d+)_(\d+)/(.*) "C:/Windows/Microsoft.NET/Framework/v$1.$2.$3/ASP.NETClientFiles/$4" # Allow ASP.net scripts to be executed in the temp folder <Directory "C:/Windows/Microsoft.NET/Framework/v*/ASP.NETClientFiles"> Options FollowSymLinks Order allow,deny Allow from all </Directory> Also, what are the code tags for this site?

    Read the article

  • xinet vs iptables for port forwarding performance

    - by jamie.mccrindle
    I have a requirement to run a Java based web server on port 80. The options are: Web proxy (apache, nginx etc.) xinet iptables setuid The baseline would be running the app using setuid but I'd prefer not to for security reasons. Apache is too slow and nginx doesn't support keep-alives so new connections are made for every proxied request. xinet is easy to set up but creates a new process for every request which I've seen cause problems in a high performance environment. The last option is port forwarding with iptables but I have no experience of how fast it is. Of course, the ideal solution would be to do this on a dedicated hardware firewall / load balancer but that's not an option at present.

    Read the article

  • Redmine installation on Ubuntu ... now what?

    - by Jamie
    I've been tinkering/testing with Ubuntu Server 10.04 Beta LAMP stack in a VM and now I've come to the Redmine install. I found a package for it, and issued: sudo tasksel install lamp-server sudo apt-get install redmine Which (I think almost) worked, but I've no idea how to test it, or even know if it's configured. How do I test it? I'm using 10.04 server so I don't have a local GUI.

    Read the article

  • Should I buy matching hard drives for a NAS RAID 1 array?

    - by Jamie Ide
    I'm planning to buy a NAS (network attached storage) box and I've picked the Synology DS209. I want to set up a RAID 1 array and I'm wondering if I should buy a matching pair of hard drives or if it would be better to buy from different manufacturers. I'm concerned that a matching pair would be more likely to fail at the same time.

    Read the article

  • Mounting windows shares with Active Directory permissions

    - by Jamie
    I've managed to get my Ubuntu (server 10.04 beta 2) box to accept logins from users with Active Directory credentials, now I'd like those users to access there permissible windows shares on a W2003 R2 server. The Windows share ("\srv\Users\") has subdirectories named according to the domain account users and permissions are set accordingly. I would like to preserve these permissions, but don't know how to go about it. Would I mount as an AD administrator or have each user mount with there own AD credentials? How do determine between using mount.smbfs or mount.cifs?

    Read the article

  • Autocorrect for "fat fingers" - MS Word

    - by Jamie Bull
    I'm wondering if anyone knows of a plug-in for MS Word which can handle key-presses of surrounding keys when typing at speed (rather like iPhone or Android autocorrect)? My use case is in transcribing interviews where I need to type quickly (even with the playback at half speed) - but I don't do this often enough to become a proficient touch typist. I will also be paying close attention to the text produced in subsequent analysis so I have a reasonable expectation that I'll catch any "hilarious" autocorrect errors. Any pointers to plug-ins which work at either a system level or within MS Word would be great. Even in an open source word processor at a pinch, though I'd miss the MS Word environment and my macros. Thanks.

    Read the article

  • hosts.deny not blocking ip addresses

    - by Jamie
    I have the following in my /etc/hosts.deny file # # hosts.deny This file describes the names of the hosts which are # *not* allowed to use the local INET services, as decided # by the '/usr/sbin/tcpd' server. # # The portmap line is redundant, but it is left to remind you that # the new secure portmap uses hosts.deny and hosts.allow. In particular # you should know that NFS uses portmap! ALL:ALL and this in /etc/hosts.allow # # hosts.allow This file describes the names of the hosts which are # allowed to use the local INET services, as decided # by the '/usr/sbin/tcpd' server. # ALL:xx.xx.xx.xx , xx.xx.xxx.xx , xx.xx.xxx.xxx , xx.x.xxx.xxx , xx.xxx.xxx.xxx but i am still getting lots of these emails: Time: Thu Feb 10 13:39:55 2011 +0000 IP: 202.119.208.220 (CN/China/-) Failures: 5 (sshd) Interval: 300 seconds Blocked: Permanent Block Log entries: Feb 10 13:39:52 ds-103 sshd[12566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.119.208.220 user=root Feb 10 13:39:52 ds-103 sshd[12567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.119.208.220 user=root Feb 10 13:39:52 ds-103 sshd[12568]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.119.208.220 user=root Feb 10 13:39:52 ds-103 sshd[12571]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.119.208.220 user=root Feb 10 13:39:53 ds-103 sshd[12575]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.119.208.220 user=root whats worse is csf is trying to auto block these ip's when the attempt to get in but although it does put ip's in the csf.deny file they do not get blocked either So i am trying to block all ip's with /etc/hosts.deny and allow only the ip's i use with /etc/hosts.allow but so far it doesn't seem to work. right now i'm having to manually block each one with iptables, I would rather it automatically block the hackers in case I was away from a pc or asleep

    Read the article

  • Building a PC, advice on SSD/Hybrid Hard Drives

    - by Jamie Hartnoll
    I am looking at building a new PC, it's mainly for office (graphics heavy) use and programming. Looking for good performance with opening and closing programs and files as well as a fast boot. I plan to have 3 primary hard drives Windows 7 Programs (photoshop etc) Current Files (There'll also be a large storage capacity back up drive, but this will be the Seagate drive I already have.) So, my question is, looking at standard "old fashioned" hard drives and SSD drives, obviously there's a massive price difference. I have been looking at drives like this: http://www.ebuyer.com/268693-corsair-120gb-force-3-ssd-cssd-f120gb3-bk-cssd-f120gb3-bk and this: http://www.ebuyer.com/321969-momentus-xt-750gb-sata-2-5in-7200rpm-hybrid-8gb-ssd-in-st750lx003 Having no experience of using either I don't know what's the most efficient thing to go for. Clearly the SSD will have better performance, but: If, for example, I had an SSD for Windows (say about 100gB), that would clearly give me the boot speed I want, then I guess my real questions are: If I were to buy one more SSD, would it give the greatest improvement on standard performance if used to store programs, or currently used files? Given that the OS is on an SSD, should I not bother with the 3 drives and instead, partition that Hybrid drive to store programs and currently used files on it? Obviously, option two is cheaper and option one could cause me storage issues, but that's when I can dump files I am not currently using onto another drive. Any, I am open to suggestions... so what do you suggest?!

    Read the article

  • Can I rely on S3 to keep my data secure?

    - by Jamie Hale
    I want to back up sensitive personal data to S3 via an rsync-style interface. I'm currently using s3cmd - a great tool - but it doesn't yet support encrypted syncs. This means that while my data is encrypted (via SSL) during transfer, it's stored on their end unencrypted. I want to know if this is a big deal. The S3 FAQ says "Amazon S3 uses proven cryptographic methods to authenticate users... If you would like extra security, there is no restriction on encrypting your data before storing it in Amazon S3." Why would I like extra security? Is there some way my buckets could be opened to prying eyes without my knowing? Or are they just trying to save you when you accidentally change your ACLs and make your buckets world-readable?

    Read the article

  • Which network performance management software do you use?

    - by Jamie Keeling
    Hello, I am looking at the various options available for network performance management software, some of the solutions I've found so far are: Proprietary: HP - ProCurve Universal: SolarWinds - Orion Open Source: OpenNMS I am trying to discover the benefits of each package over the other and reasons as to why you would go for one (Such as size of the network, overall cost etc..). I'm curious as to which ones other people use and why? Each customer has their own needs and requirements and it would be great to hear some of yours. Thank you for your time.

    Read the article

  • How can I use `SetEnvIf` to clear an Apache2 environment variable?

    - by Jamie
    In my apache2 configuration I've got these lines: SetEnv log_everything # Create the environment variables based on access requests SetEnvIf Request_URI "^/orders/.*$" download_access !log_everything SetEnvIf Request_URI "^/download/.*$" download_access !log_everything SetEnvIf Request_URI "^/wg/.*$" wg_1x1_access !log_everything # Log the accesses using the generated environment variable as conditionals. CustomLog ${APACHE_LOG_DIR}/download.log combined env=download_access CustomLog ${APACHE_LOG_DIR}/wg.log combined env=wg_1x1_access RewriteEngine on RewriteRule "^/wg/.+$" "/wg/1x1.gif" ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined env=log_everything Which currently logs all the "download" and "orders" requests to "download.log" and "wg" requests to "wg.log", but everything is also going to access.log. How can I configure this so that "wg" and "download/orders" requests won't be duplicated in access.log?

    Read the article

  • Network access to VM only from host ...

    - by Jamie
    I'm trying to do some testing of Ubuntu 10.04 Beta 2 Server in a VMWare environment. The host is XP, and the VM software is VMPlayer. Problem is, I want to be able to see the VM from the network, not just from the host. I can SSH into the VM from the host, but from any other machine on the network I can't even get the VM to respond to a ping. Going the other way (from the VM out) isn't a problem at all. The VM software did an 'easy installer' so I'm not really sure what was going on with the networking. Suggestions?

    Read the article

  • "success=n" control syntax in pam.conf / pam.d/* files ...

    - by Jamie
    After sucessfully configuring Kerberos, this is what I've found in /etc/pam.d/common-auth file: auth [success=2 default=ignore] pam_unix.so nullok_secure auth [success=1 default=ignore] pam_winbind.so krb5_auth krb5_ccache_type=FILE cached_login try_first_pass auth requisite pam_deny.so auth required pam_permit.so Does the success=2 control value mean that if the pam_unix.so fails, the authentication skips to the auth requisite pam_deny.so line or to the last line?

    Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >