Search Results

Search found 1721 results on 69 pages for 'eric charles'.

Page 30/69 | < Previous Page | 26 27 28 29 30 31 32 33 34 35 36 37  | Next Page >

  • OSSIM - Snort/OSSEC/Nagios Logging Config Question

    - by Eric
    Quick n00b OSSIM question. I've looked around but haven't found exactly what I'm looking for. I currently have a Nagios, OSSEC, Nessus, and Snort server and I want to keep those servers active but just ship the logs to the OSSIM server and have it do the correlating and graphing. Can that be done? Everything I've seen is putting the various software functions actually on the OSSIM box but I don't want to do that. I'm running CentOS on all of the systems. Thanks.

    Read the article

  • Insufficient Permissions on UNC Path for Physical Path in IIS7

    - by Eric C
    I've got a multi-server setup where Server A is hosting the html files and Server B is running IIS 7.5. I've specified a UNC path for the Physical Path of the website on Server B. When I try to hit localhost I'm receiving the following error: Cannot read configuration file due to insufficient permissions I am able to browse and modify files in the UNC path on Server B. I'm guessing it has something to do with IIS_IUSRS of Server B not having permissions, but I'm unsure how to add them to the shared directory of Server A.

    Read the article

  • IE Kerberos failure on some machines with CNAME web server (with SPN for host's A record)

    - by Eric Thames
    It's fairly well known that IE doesn't like to do Kerberos against hosts that are registered in DNS as CNAMEs. What happens is that IE turns around and uses the underlying A record for the host for looking up the Service Principal Name (SPN). On a test network we are able to get Kerberos working by having the SPN registered for the A record of the host, so that Kerberos authentication happens successfully when accessing the web server via it's CNAME in the browser. Kerberos authentication works properly when directly accessing the web server with the A record host in the URL, but for various reasons that are beyond my control, it is desired to use the CNAME. On the production network, this same configuration fails though and I can't figure out why. Any thoughts? This is a java web application using the SPNEGO library - not IIS. Kerberos authentication is working properly in both the test and production networks (and has been confirmed to not fail back to NTLM), but the CNAME access only works in test.

    Read the article

  • Selenium server causes crazy load on server - how to prevent?

    - by Eric
    I'm running this linux: Linux host.themepark.com 2.6.32-220.4.1.el6.x86_64 #1 SMP Tue Jan 24 02:13:44 GMT 2012 x86_64 x86_64 x86_64 GNU/Linux And I run the Selenium stand-alone server on my box with this command: java -jar /home/l/cron/selenium-server-standalone-2.24.1.jar > /logs/selenium.log 2>&1 & Here's the problem: as soon as I do that, the server load starts skyrocketing. I even went back and downloaded older versions of the Selenium server, but same results with 2.23.1, 2.23.0, and 2.19.0. Note that the server load starts going nuts before I issue ANY commands to Selenium or do anything else. All I'm doing is firing up the server, per the command above. This used to work perfectly on my server without causing massive server load, so something has changed, but I'm not sure what. My server is a managed VPS so I don't know if there is some kind of auto-update script that kicked in or what... but it's a problem. (Incidentally, even though the server load climbs like crazy, everything still works: after firing up Selenium, my server creates a screen with Xvfb so Firefox will be happy, then a PHP script talks to Selenium to do what it needs to do before shutting everything down. It takes a LONG time, and the load gets all the way up to 8 [!!!] before it is finished, which kills my web server and makes the main site horribly unresponsive... but it does get everything done.) Any suggestions for what is going on, why it's started doing this and/or, most importantly, how I can make Selenium not kill the server when it starts up... would be GREATLY appreciated!

    Read the article

  • High mysql server load, sar output

    - by eric
    I have a MySQL Server that should be performing better than it seems to be. We're running ubuntu on a Amazon Cluster Compute (cc1.4xlarge) Linux ip-10-0-1-60 3.2.0-25-virtual #40-Ubuntu SMP Wed May 23 22:20:17 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux Distributor ID: Ubuntu Description: Ubuntu 12.04 LTS Release: 12.04 Codename: precise I have several output files from sar that i'm not really sure how to interpret. For example, I ran: # Individual block device I/O activities sar -d 1 180 > logs/block_device_io.log & which gave me what looks like really high utilisation of my disk (turns out this block device maps to /dev/xvdh on /var/lib/mysql type ext4 (rw,_netdev) The output from my log: 10:48:59 PM DEV tps rd_sec/s wr_sec/s avgrq-sz avgqu-sz await svctm %util 10:49:00 PM dev202-16 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 10:49:00 PM dev202-32 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 10:49:00 PM dev8-0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 10:49:00 PM dev202-112 1008.00 31040.00 1416.00 32.20 1.02 1.01 0.89 90.00 10:49:00 PM dev202-80 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 Am I wrong in thinking this is a problem? I have it above 90% almost the entire time we're seeing slowness. Or does this just mean MySQL is doing what it's supposed to do?

    Read the article

  • Dynamic DNS registration for VPN clients

    - by Eric Falsken
    I've got a VPN server set up in my Active Directory on a remote network. (VPN Server is separate box from DNS/AD) When I dial into the network (client machine is not a member of the AD) the machine does not register its IP or Hostname in the DNS. I've played with all possible combinations of DHCP and RRAS-allocated IP pools, and none of them seem to cause my client to register. Is it because my client has to be a member of the domain? Are there some security settins I can tweak so that it can register its hostname/ip? I've looked in the event logs (System and Security) for the AD, DNS, DHCP, RRAS, and the client machine, and don't see anything relating to DNS Registration. Here's the IPConfig on the client machine (once connected): PPP adapter My VPN Name: Connection-specific DNS Suffix . : mydomain.local Description . . . . . . . . . . . : My VPN Name Physical Address. . . . . . . . . : DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv4 Address. . . . . . . . . . . : 192.168.1.22(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.255 Default Gateway . . . . . . . . . : DNS Servers . . . . . . . . . . . : 192.168.1.52 <- DC1 192.168.1.53 <- DC2 NetBIOS over Tcpip. . . . . . . . : Enabled Edit: It looks like my clients are not recieving the DHCP Scoope Options. I found this great article in Microsoft's KB. So the problem here is that the VPN Server "pre-reserves" the DHCP addresses, but then you have to add the DHCP Relay Agent to relay the secondary request for scope options. My problem is that the DHCP Relay Agent isn't relaying to the local DHCP server (same box as the VPN/RRAS). I've configured the DHCP Relay Agent according to this KB, but it dosn't work for a local DHCP server. (I see the request count increasing, but no responses) I was able to get everything working by specifying the DNS server and domain name in the VPN connection properties on the client. But am still unable to assign it (or the default gateway) dynamically via DHCP. The client also has to be a member of the remote domain.

    Read the article

  • Secure iptables config for Samba

    - by Eric
    I'm trying to setup an iptables config such that outbound connections from my CentOS 6.2 server are allowed ONLY if they are of state ESTABLISHED. Currently, the following setup is working great for sshd, but all the Samba rules get totally ignored for a reason I cannot figure out. iptables Bash script to setup ALL rules: # Remove all existing rules iptables -F # Set default chain policies iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT DROP # Allow incoming SSH iptables -A INPUT -i eth0 -p tcp --dport 22222 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --sport 22222 -m state --state ESTABLISHED -j ACCEPT # Allow incoming Samba iptables -A INPUT -i eth0 -s 10.1.1.0/24 -p udp --dport 137:138 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -d 10.1.1.0/24 -p udp --sport 137:138 -m state --state ESTABLISHED -j ACCEPT iptables -A INPUT -i eth0 -s 10.1.1.0/24 -p tcp --dport 139 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -d 10.1.1.0/24 -p tcp --sport 139 -m state --state ESTABLISHED -j ACCEPT # Enable these rules service iptables restart iptables rule list after running the above script: [root@repoman ~]# iptables -L Chain INPUT (policy DROP) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpt:22222 state NEW,ESTABLISHED Chain FORWARD (policy DROP) target prot opt source destination Chain OUTPUT (policy DROP) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp spt:22222 state ESTABLISHED Ultimately, I'm trying to restrict Samba the same way I have done for sshd. In addition, I'm trying to restrict connections to the following IP address range: 10.1.1.12 - 10.1.1.19 Can you guys offer some pointers or possibly even a full-blown solution? I've read man iptables quite extensively, so I'm not sure why the Samba rules are getting thrown out. Additionally, removing the -s 10.1.1.0/24 flags don't change the fact the rules get ignored.

    Read the article

  • Automatically Applying Security Updates for AWS Elastic Beanstalk

    - by Eric Anderson
    I've been a fan of Heroku since it's earliest days. But I like the fact that AWS Elastic Beanstalk gives you more control over the characteristics of the instances. One thing I love about Heroku is the fact that I can deploy an app and not worry about managing it. I am assuming Heroku is ensuring all OS security updates are timely applied. I just need to make sure my app is secure. My initial research on Beanstalk shows that although it builds and configures the instances for you, after that it moves to a more manual management process. Security updates won't automatically be applied to the instances. It seems there are two areas of concerns: New AMI releases - As new AMI releases hit it seems we would want to run the latest (presumably most secure). But my research seems to indicate you need to manually launch a new setup to see the latest AMI version and then create a new environment to use that new version. Is there a better automated way of rotating your instances into new AMI releases? In between releases there will be security updates released for packages. Seems we want to upgrade those as well. My research seems to indicate people install commands to occasionally run a yum update. But since new instances are created/destroyed based on usage it seems that the new instances would not always have the updates (i.e. the time between the instance creation and the first yum update). So occasionally you will have instances that aren't patched. And you are also going to have instances constantly patching themselves until the new AMI release is applied. My other concern is that perhaps these security updates haven't gone through Amazon's own review (like the AMI releases do) and it might break my app to automatically update them. I know Dreamhost once had a 12 hour outage because they were applying debian updates completely automatically without any review. I want to make sure the same thing doesn't happen to me. So my question is does Amazon provide a way to offer fully managed PaaS like Heroku? Or is AWS Elastic Beanstalk really more of just a install script and after that you are on your own (other than the monitoring and deployment tools they provide)?

    Read the article

  • Two questions about restoring Thunderbird from a backup

    - by Eric
    Setting up a new Windows 7 PC, I'm puzzled by two things in Thunderbird 3.1.9: I restored a profile from a three-month old backup, no problem. I then copied more recent files into the Mail/ directory, but TBird still shows the old messages. The last message in Inbox is dated 3/16/2011 -- how do I get TBird to display all the messages in the Local Folders/Inbox view? A large number of the existing messages are now displayed in separate tabs -- I can't tell you how many, but there could be over 1000. Which file governs this? Or can I hire someone from Mechanical Turk to come over and manually close each tab?

    Read the article

  • What's the difference between the BitTorrent clients named "BitTorrent" and "µTorrent"?

    - by Eric
    A similar question was asked but never really addressed the question, I think in part because of terminology confusion. So to be very clear: what's the difference between the two BitTorrent client, one named "BitTorrent" and the one named "µTorrent"? They look to have identical UIs, right down to the same checkboxes in the prefs dialogs. Why are there two programs with different names that appear to be identical? Is one superior to the other? (Are they different in any way?) Thanks.

    Read the article

  • Bash color prompt and long commands

    - by Eric J.
    I'm colorizing parts of my bash prompt using ANSI escape sequences. This works great, until the command I'm currently typing in is long enough that it has to wrap. Instead of the rest of the command displaying on the next line, it wraps back to column 1 of the current line, overwriting the beginning of the prompt. I get that behavior with this prompt: export PS1="[\u][\033[0;32;40mdemo \033[0;33;40m1.5.40.b\033[0;37;40m] \w> \033[0m" but it works correctly with the same prompt, ANSI sequences remove: export PS1="[\u][demo 1.5.40.b] \w> " I'm connecting using the current version of Putty, with default Putty settings. The OS is Ubuntu 8.10.

    Read the article

  • Time Machine doesn't back up some folders/files (that it should)

    - by Eric
    MacBook Pro 17" (Snow Leopard) -- WD 2TB external drive MacBook Pro 13" (Snow Leopard) -- Seagate 1TB external drive I find that Time Machine sometimes doesn't back up new folders (and the files in them). This occurs both when I choose "Back Up Now" from the Time Machine icon in the Menu Bar and in TM's scheduled backups. These are not excluded folders (nor are then in the TM do-not-back-up list); they're perfectly normal folders (at various locations) inside my home folder. The only way to force them to be backed up is to restart the computer (unmounting & mounting the TM external disk does not help). There seems to be a correlation with new folders (i.e., it's more likely to happen that an entire new folder is not backed up), but this may just be observer bias (because those are the folders that I go check to see if they've been backed up). It's not computer dependent (it happens on two different computers). It's not external disk dependent (it happens on two different external disks). It's not time dependent (not restarting for several days does not fix the problem). What does a restart change that these other events don't? I'm considering deleting the /.fseventsd folder (without restarting the computer) to see if that helps. I haven't tried logging out and logging in (without restarting the computer).

    Read the article

  • 401 - Unauthorized: Access is denied error from web app running in IIS 7.5 using App Pool Identity

    - by Eric Gatesman
    I have an ASP.NET app on a Windows 2008 server, IIS 7.5. When I try to access web site, I get a login popup. If I click "cancel" I get a 401 - Unauthorized: Access is denied due to invalid credentials. The app is using Windows authentication (anonymous is disabled). The app has it's own app pool, running under the App Pool Identity. If I change the app pool to run under the NetworkService account, my website functions just fine. I'm guessing that this is just a permissions issue, but can't figure out what permissions I need to change. I gave the App Pool Identity permissions on the physical directory of the app, but that didn't solve the problem.

    Read the article

  • Horde complains that Imp is not running

    - by Eric J.
    I'm a mostly-Windows guy tasked with setting up email on an Ubuntu 12.04 instance at AWS and hit the following error: When I browse to Horde, after entering my administrative credentials, I get the error message: A fatal error has occurred imp is not activated. Details have been logged for the administrator. I am following the following, quite detailed guide http://www.exratione.com/2012/05/a-mailserver-on-ubuntu-1204-postfix-dovecot-mysql/ This is happening at Step 20, at the text Now fire up you web browser and navigate to your server at http://mail.example.com/ to verify that you can log in as the configured administrative mail user. (of course I used my actual domain). Questions Where is Horde logging the "details"? Any thoughts on why this might happen? I found Google hits suggesting that php5-mcrypt might be missing, but I verified it is installed and up-to-date in my case.

    Read the article

  • Print Microsoft Project chart as giant PDF

    - by Eric
    Hi, I have Adobe's PDF creator installed and I'm using Microsoft Project 2007... I want to print my gantt chart as one giant single-page PDF. (Currently it's set to print on letter sized paper, and it's six pages in a 3x2 layout.) I can't figure out where or how to make those settings. The PDF page setup doesn't seem to be right, nor "page setup" in Project. Help :-)

    Read the article

  • SSH into VirtualBox Guest: Connection Refused

    - by Eric J.
    Setup Windows 7 64-bit host OS running VirtualBox 4.2, with Ubuntu 12.04 guest OS. OpenSSH server is installed and running (ssh -v localhost connects locally in the guest machine). Can SSH to external servers (no outbound Windows firewall rule blocking port 22) Can ping the IP of the guest (192.168.56.101) Problem Using PuTTY to SSH to the IP of the guest OS (192.168.56.101), PuTTY returns almost immediately with Network error: connection refused How can I diagnose & resolve this issue?

    Read the article

  • Excel: conditionally format a cell using the format of another, content-matching cell

    - by Eric A. Meyer
    I have an Excel spreadsheet where I’d like to be able to create a “key” of formatted cells with unique values, and then in another sheet format cells using the key formatting. So for example, my key is as follows, with one value per cell and the visual formatting indicated in parentheses: A (red background) B (green background) C (blue background) So that’s on one sheet (or in a remote corner of the current sheet—whichever is better). Then, in an area that I mark for conditional formatting, I can type one of those three letters and have the cell where I typed it visually formatted according to the key. So if I type a “B” into one of the conditionally formatted cells, it gets a green background. (Note that I’m using backgrounds here solely for ease of explanation: ideally I want to have all visual formatting copied over, whether it’s foreground color, background color, font weight, borders, or whatever. But I’ll take what I can get, obviously.) And—just to make it extra-tricky—if I change the formatting in the key, that change should be reflected in cells that reference the key. Thus, if I change the “B” formatting in the key from a green background to a purple background, any “B” in the main sheet should switch to the new color. Similarly, it should be possible to add or remove values from the key and have those changes applied to the main data set. I’m okay with the formatting-update-on-key-change being triggered by clicking a button or something. I suspect that if any of this is possible it will require VBA, but I’ve never used it so I’ve no idea where to start if that’s the case. I’m hoping it’s possible without VBA. I know it’s possible to just use multiple conditional formats, but my use case here is that I’m trying to create the above-described capability for someone who isn’t conversant with conditional formatting. I’d like to let them be able to define a key, update it if necessary, and keep on truckin’ without me having to rewrite the spreadsheet’s formatting rules for them. --- UPDATE --- So I think I was a bit unclear about my original request. Let me try again with an image. The image shows the “key” on the left, where values and styles are defined using keyboard and mouse input. On the right, you see the data that should be formatted to match the key. Thus if I type a “C” into a cell in the Data area, it should be blue-backed. Furthermore, if I change the formatting of “C” in the Key to have a purple background, all the “C” cells should switch from blue to purple. For further craziness, if I add more to the Key (say, “D” with a yellow background) then any “D” cells will be styled to match; if I remove a Key entry, then matching values in the Data area should revert to default styling. So. Is that more clear? Is it possible, in whole or in part? I don’t have to use conditional formatting for this; in fact, at this point I suspect I probably shouldn’t. But I’m open to any approach!

    Read the article

  • OSSEC agent behind NAT

    - by Eric
    I am working on an OSSEC deployment where I will have multiple agents behind 1 public IP. Below is an example of the setup Private Network OSSEC-Agent1 (192.168.1.10) OSSEC-Agent2 (192.168.50.33) OSSEC-Agent3 (10.10.10.1) Those IPs NAT to 1 public IP (1.1.1.1) Then 1.1.1.1 talks to the public OSSEC server on 2.2.2.2 I've read some OSSEC documentation talking about NAT here, but it doesn't tell me exactly what I need to know. Their example is using an entire /24 subnet and mine will mainly have multiple agents to only 1 public IP. With the setup so far, I brought Agent1 online fine and it is communicating to the OSSEC server. However Agent2 continues to fail trying to connect to 2.2.2.2. Even though when I added the key, I had the correct name for it, so I know it talked to the portal at least once for that information. I'm assuming it's just getting confused with the multiple keys to 1 public IP. I basically want to know if this is possible and/or if I'm just overlooking something simple. Any help would be greatly appreciated.

    Read the article

  • Mac OS X Server 10.6.6 DNS not responding properly, get a "Truncated, retrying in TCP mode" for subdomain

    - by Eric Arseneau
    If I do an nslookup on youtube.com, no problem, if I do one with www.youtube.com, failure. See details below. [~] nslookup youtube.com Server: 192.168.1.1 Address: 192.168.1.1#53 Non-authoritative answer: Name: youtube.com Address: 74.125.127.93 Name: youtube.com Address: 74.125.47.93 Name: youtube.com Address: 74.125.95.93 [~] nslookup www.youtube.com ;; Truncated, retrying in TCP mode. ;; Connection to 192.168.1.1#53(192.168.1.1) for www.youtube.com failed: connection refused. If I do the same from a Windows machine its fine, its when I do it from a Mac workstation that I get the issue. I have rebooted, both server and workstation, I did a changeip, but nothing is working. Any recommendations?

    Read the article

  • Recover an HP recovery partition

    - by eric.chartier
    I have a (semi)-dead hard drive with an HP recovery partition on it. My goal is to Buy a new hard drive Copy the recovery partition to a drive ( dd if=/dev/sdb1 of=~/recovery.bak ) Make a new partition of 12000 mb with Windows 7 Copy back recovery partition to the new drive ( dd if=~/recovery.bak of=/dev/sdb1 ) Then press F11 when the laptop boots. However, this doesn't work. Any idea why? Edit: I suspect the F11 doesn't work because the laptop tries to boot the laptop, because my partition is the primary partition of the drive. Does anyone have any experience dealing with stuff like this?

    Read the article

  • Restoring WordPress EC2 instance from snapshot results in 403 Forbidden error

    - by Eric Matthew Turano
    This problem has been perplexing me for weeks now. Here's how the issue goes: Launch Amazon Linux 64-bit instance, successfully install WordPress, and site is active w/ no issues Create snapshot of the instance's root volume Shut down instance Create volume from snapshot, attach to instance, and reboot instance Associate Elastic IP with instance Once that's done and I try logging onto the site, I am redirected to myurl.com/wp-admin/install.php and greeted with this message: Forbidden: You don't have permission to access /wp-admin/install.php on this server. Apache/2.2.25 (Amazon) Server at www.myurl.com Port 80 Port 80 is open on the inbound security group settings, so that's not the issue. Keep in mind all I am doing is merely creating a new volume and attaching it to the same instance, and this issue comes up. What am I doing wrong, and how can I create a complete backup of my instance without this error occuring?

    Read the article

  • Consolidate SQL Server Reporting Services

    - by Eric C. Singer
    I've been a big fan of consolidating as many DB's to a few SQL servers for a while and I've had great success with it. However, I've never had to deal with SQL reporting services. Has anyone migrated SSRS from a bunch of random SQL servers into a consolidated SQL server? I don't exactly know a whole lot about SSRS which is part of the problem. To my knowlege, it's one DB per SSRS instance, so it sounds like i'd need to find a way of exporting data and merging it. Basically the process used to look like: Move DB from SQL Express to shared SQL server Change point in APP to point at new SQL server With reporting services, how do I move the reporting service compenent of the DB as well? I realize I may need to tweak the app, but my question is on the SQL side.

    Read the article

  • Log centralization, display, transport and aggregation at scale v2

    - by Eric DANNIELOU
    This is a duplicate question of Log transport and aggregation at scale and http://stackoverflow.com/questions/1737693/whats-the-best-practice-for-centralised-logging, but the answers might differ now : The softwares described in 2009 may have changed since (for example Octopussy evolved from version 0.9 to 1.0.5). Rsyslog has become the default on most linux distro. Requirements have changed (security, software configuration management, ...). I'd like to ask the following questions : How do you centralize, display and archive system logs? How would you like to do it now if you had to? Most linux distro use rsyslog nowadays, which can provide reliable log transport. But some older unices, network devices and maybe windows box still use old udp rfc-style transport. How did you manage to get reliable transport? Storing logs for a few months can represent a huge amount of disk space. How do you store them? rdbms? Compressed and encrypted text files?

    Read the article

< Previous Page | 26 27 28 29 30 31 32 33 34 35 36 37  | Next Page >