Search Results

Search found 11313 results on 453 pages for 'ip aliasing'.

Page 315/453 | < Previous Page | 311 312 313 314 315 316 317 318 319 320 321 322 | Next Page >

SSH access from outside to a pc inside network

- by Raja

I have a static IP and ADSL router linked to a linksys wireless router to which all my machines are connected. I would want to setup SVN on one of machines and provide SSH access which should be accessible by users outside my network. Would this be possible? Even just SVN access through web should be fine. Please let me know what all things should be done to achieve this ? I have Ubuntu VM running in a iMac Leopard machine and another 2 Win 7 32/64 bit machines. I can setup standalone Ubuntu or Win XP on another machine. Thanks, Raja.

Read the article
How to use ssl_verify_client=ON on one virtual server and ssl_verify_client=OFF on another?

- by Alexander Artemenko

I want to force ssl client verification for on of my virtual hosts. But get "No required SSL certificate was sent" error, trying to GET something from it. Here are my test configs: # defaults ssl_certificate /etc/certs/server.cer; ssl_certificate_key /etc/certs/privkey-server.pem; ssl_client_certificate /etc/certs/allcas.pem; server { listen 1443 ssl; server_name server1.example.com; root /tmp/root/server1; ssl_verify_client off; } server { listen 1443 ssl; server_name server2.example.com; root /tmp/root/server2; ssl_verify_client on; } First server replies with 200 http code, but second returns "400 Bad Request, No required SSL certificate was sent, nginx/1.0.4". Probably, it is implossible to use ssl_verify_client on the same IP? Should I bind these servers to different IPs, will it solve my problem?

Read the article
Public Facing Recursive DNS Servers - iptables rules

- by David Schwartz

We run public-facing recursive DNS servers on Linux machines. We've been used for DNS amplification attacks. Are there any recommended iptables rules that would help mitigate these attacks? The obvious solution is just to limit outbound DNS packets to a certain traffic level. But I was hoping to find something a little bit more clever so that an attack just blocks off traffic to the victim IP address. I've searched for advice and suggestions, but they all seem to be "don't run public-facing recursive name servers". Unfortunately, we are backed into a situation where things that are not easy to change will break if we don't do so, and this is due to decisions made more than a decade ago before these attacks were an issue.

Read the article
Nginx. How do I reject request to unlisted ssl virtual server?

- by Osw

I have a wildcard SSL certificate and several subdomains on the same ip. Now I want my nginx to handle only mentioned server names and drop connection for others so that it'd look like nginx is not running for unlisted server names (not responding, rejecting, dead, not a single byte in response). I do the following ssl_certificate tls/domain.crt; ssl_certificate_key tls/domain.key; server { listen 1.2.3.4:443 ssl; server_name validname.domain.com; // } server { listen 1.2.3.4:443 ssl; server_name _; // deny all; // return 444; // return 404; //location { // deny all; //} } I've tried almost everything in the last server block, but no success. I get either valid response from known virtual server or error code. Please help.

Read the article
SharePoint Designer prompts for credentials when edited from IE8

- by Rob Nicholson

Our intranet is hosted using the free SharePoint services on Windows 2003. Consider the following page: http://vserver003/help/technology/multimedia/multimedia.htm On selecting "Edit with Microsoft Office SharePoint Designer" from IE8, SPD launches, opens the website and then the selected page - all is well. In order to make moving the intranet easier, we've set-up a DNS setting called intranet.company.local so you can also access the intranet that way: http://intranet.company.local/help/technology/multimedia/multimedia.htm However, when you edit this page, SPD designer prompts you for credential, i.e. domain\username and password. If you enter the details it opens fine. If you don't enter the details, the page still opens but not the website. Any ideas have to get around this prompt? Haven't a clue where to start looking. Thanks, Rob. PS. The same prompt occurs if you use the physical IP address.

Read the article
How can I connect to a CIFS/SMB share on a non-default port?

- by fsckin

I'm trying to get a contractor connected to a CIFS share (port 445). He's not a big shop (so no go on using VPN). His ISP blocks outgoing connections on port 445. I've been doing some rsync to ftp madness as a workaround to have the share available to him, but it's getting out of control -- we're syncing nearly 40GB a day to an external ftp site and it's going to be much easier just to have him connect and only grab the stuff he needs. So... I can have the CIFS share open to the internet (filtered to allow access to his IP only) on port 446. How the heck can he connect to that? I looked through "net use" and didn't see anything about using another port.

Read the article
How to share files between cPanel accounts?

- by Darren

I am setting up a multi-site/multi-store Magento installation, and I want each site to have its own cPanel account so I can setup the SSL and dedicated IP properly. I have tried to create a linux group called 'magento' and changed the files I need to share to that group (even added the users to that group), however when I try to access files through my scripts on those accounts it doesn't acknowledge the files exist. I first made a soft symbolic link which didn't work and then including them to their real location but it didn't work. Am I missing a step in allowing which users can access which files? I added the users to the magento group and like I said changed the group of the files I need to share to them but it's still not working. Thanks, Darren

Read the article
Nginx Rate Limiting by Referrer?

- by SteveEdson

I've successfully set up rate limiting on IP addresses like so, limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s; But I was wondering if its possible to do the same on referrers? For example, if a site gets placed in an iframe on a third party site, which generates too much traffic to handle. I can't find any nginx variables for the referrer anywhere. Is this possible? Or can the solution be achieved in a different way? Thanks.

Read the article
CentOS Existing host to new host with all data/files

- by ganesh

Good noon. Our small startup management decided to move our production server from existing provider to azure. We have centOS on both. It is for classified's related site, considerable amount of data and ~thousands users with their disc space quota. This is our first time moving our servers. I need your Guidance and suggestions on these. 1) How to migrate the mysql db (dump OR slave OR copy filesystem)? 2) How to manage the emails during the downtime. 3) Manage the files 4) How to security/Firewall check list for the new system 5) IP/DNS related Checklist 6) Anything that I missed out!. Since first time, planning to be more cautious. Any reference documents Highly appreciated. Thank you all!.

Read the article
Upgrading OpenSSL in CentOS 5.3

- by Lin

I want to use one IP to host many domains with individual SSL certificates (requires SNI). In CentOS 5.3, the latest version of OpenSSL I can find an RPM for is 0.9.8e, which does not support SNI. I want to upgrade to 0.9.8k but I can't find an RPM. I could compile from source, but if I try to remove the existing OpenSSL package through yum, it wants me to remove all packages that depend on OpenSSL (100+ packages). EDIT: I ended up installing 0.9.8k without overwriting the previous version. Now I both avoid breaking dependencies and can use SNI. Was this the best action?

Read the article
DNS name not on cert

- by blsub6

I've got an interesting one... My users have always typed in 'mail' to get to their mail. There was an internal DNS A record that resolved that to the IP of the mail server. I'm putting in an Exchange server to replace that. In order for people to get their mail, I try putting in an A record that does the same thing as the previous one. When I try to get to OWA, it tells me that the certificate on the server is not trusted. I only have the names: mail.mydomain.com autodiscover.mydomain.com autodiscover.mydomain.internal mydomain.internal mailserver.mydomain.internal so when the browser sees that this cert is trying to cover https://mail/owa it says the cert's not trusted. What amy I supposed to do about that?

Read the article
AWS EC2: How to determine whether my EC2/scalr AMI was hacked? What to do to secure it?

- by Niro

I received notification from Amazon that my instance tried to hack another server. there was no additional information besides log dump: Original report: Destination IPs: Destination Ports: Destination URLs: Abuse Time: Sun May 16 10:13:00 UTC 2010 NTP: N Log Extract: External 184.xxx.yyy.zzz, 11.842.000 packets/300s (39.473 packets/s), 5 flows/300s (0 flows/s), 0,320 GByte/300s (8 MBit/s) (184.xxx.yyy.zzz is my instance ip) How can I tell whether someone has penetrated my instance? What are the steps I should take to make sure my instance is clean and safe to use? Is there some intrusion detection techinque or log that I can use? Any information is highly appreciated.

Read the article
MySQL port 3306 became filtered when configured with Keepalived on Ubuntu server 12.04 lts

- by Ludwig

I'm configuring two load balancer (lb01 & lb02) with keepalived for my two mysql server (db01 & db02) with standard port 3306. There is virtual ip address (192.168.205.10) to access it also act as failover, but somehow the web server in the front can't access this mysql server using vip. Here is my config: Keepalived: Only the mysql part that i added here. LB01: virtual_server 192.168.205.10 3306 { delay_loop 6 lb_algo rr lb_kind DR protocol TCP real_server 192.168.205.4 3306 { weight 10 TCP_CHECK { connect_port 3306 connect_timeout 2 } } } LB02: virtual_server 192.168.205.10 3306 { delay_loop 6 lb_algo rr lb_kind DR protocol TCP real_server 192.168.205.6 3306 { weight 10 TCP_CHECK { connect_port 3306 connect_timeout 2 } } } I already comment out the "bind-address=127.0.0.1" part in both server my.cnf. Also, remove all the firewall prog from my ubuntu server (ufw or iptables). Any help? thanks.

Read the article
Best Performing Remote Desktop Software for WAN

- by Dave

I've been tasked with connecting a computer in one of our branches in the midlands to one in south wales. We have been using windows remote desktop but find it too slow. The ADSL on the computer were connecting to is about 6Mb Download and 470Kb Upload so not majorly fast. That connection is also shared with about 10 other internet users. I'm trying to find out if the is any remote desktopn connecting software that performs better than the microsoft remote desktop software. Or, would i be better using a KVM over IP? I've looked into connecting the offices through BT's fiber optic but at £21k a year rental were trying to find a cheaper solution! Any help would be great. Thanks, Dave,

Read the article
Apache doesn't autostart because vpn isn't up yet.

- by Col. Shrapnel

I have a FreeBSD8 server, and VPN connection to my ISP. I use mpd5 and it works fine. A have an Apache server whch works fine, if I start it manually, after VPN is get up. But when I add it to rc.conf autostart, it fail to start, saying (49) can't assign requested address: make_sock could not bind to address I suppose it's because VPN isn't up yet and no IP address assigned to the interface which i set in the Listen directive in the httpd.conf. If i set Listen to the existing 127.0.0.1, it fail to serve wan requests. Is there a solution, either to delay apache autostart or configure it some different?

Read the article
Error while setting up Anywhere Access on Windows Server 2012 Essential (personalized domain name from Microsoft)

- by Thomas

I am trying to setup Anywhere Access on a Windows Server 2012 Essential Release Candidate, but keep getting this error: "The domain name was not setup for your server. Wait a few minutes and run the wizard again. An unknown error occurred. Please wait a few minutes and then try again". These are the options that I selected in the Wizard: I want to set up a new domain name Get a personalized domain name from Microsoft Entered my Windows live id and password xxxx.remotewebaccess.com And on the next page the error is displayed. I have setup my router (Linksys WRT160N) to forward all TCP traffic to the Server. UPnP is also enabled. If I hit my public (dynamic) IP (http://188.182.194.182/) I get the Windows Server 2012 homepage. Any ideas?

Read the article
Smart subdomain routing via reverse proxy

- by Trevor Hartman

I have two servers on my home network: OSX Server and an Ubuntu Server. I'd love to have external subdomains osx.mydomain.com point to osx and ubuntu.mydomain.com point to ubuntu. I know the normal way to do this is to have a static external IP address for each, but that's not an option as this is just my home setup. My question is: is there a way to do this with some reverse proxy trickery? OSX is currently the default entry point for all traffic. I was able to setup a reverse proxy on OSX for ubuntu.mydomain.com on port 80, so web traffic was correctly being proxied to my ubuntu. I'd like to ssh and do a bunch of other stuff though!

Read the article
How Do I Change the Windows7 LAN Proxy Config from the Command Line

- by david.barkhuizen

In Windows7, Is it possible to define/change the proxy config from the command line ? So, using the gui, I would go: Start Control Panel Network and Internet Internet Options Connections LAN Settings and then - enable/disable the proxy - define IP:port of proxy server But I would like to rather do this from the command line (so that I can run the command from a batch-file with a shortcut key - enabling me to switch proxy configs using a short-cut, rather than having to wade through the MS wizard). I've looked at using netsh.exe to change the settings for WinHTTP, but this seems to be thr wrong thing to do, as the WinHTTP setting do not appear to be related to the LAN settings. Much appreciated folks.

Read the article
How can I limit the upload/download bandwidth on my CentOS server?

- by Dan Nestor

How can I limit the upload and download bandwidth on my CentOS server? This is a box with a single interface, eth0. Ideally, I would like a command-line solution (I've been trying to use tc), something that I could easily switch on and off in a script. So far I've been trying to do something like tc filter add dev eth0 protocol ip prio 50 u32 police rate 100kbit burst 10240 drop but I'm obviously missing a lot of knowledge and information. Can somebody help with a quick one-liner? Many thanks, Dan

Read the article
D-Link DNS-323 NAS firmware update

- by Mark Beaton

Hi all, I've got a D-Link DNS-323 NAS enclosure holding a bunch of multimedia files that I've (possibly stupidly) just updated the firmware on, from 1.03 to 1.08. The updater indicated it applied the firmware patch successfully, but after rebooting it I can no longer get into it via the web interface, either via the static IP I had assigned it before the update, or by any of the DHCP-assigned addresses that I can see are currently assigned by my router. The unit just sits there, with the drives (2x512 set up as RAID-1) thrashing away seemingly forever... So, my question - has anyone had a similar experience with one of these units? Any advice etc? I've googled the hell out of it, and can't find anything useful.

Read the article
10 gigabit or 1 gigabit switch

- by Guntis

We are planning to move mysql to dedicated box. At this moment we have web servers and mysql is running on each. Question is: cheaper is to buy 10G switch and put 10G network card into mysql server. Or buy normal gigabit switch and connect mysql box to switch with multiple network cables. In 1G scenario then we give each web server different mysql IP address. I don't think, that mysql box with one 1G link is enough to to satisfy multiple web box mysql traffic. At this moment we have 3 servers witch are running mysql/web. Plan is to add fourth server for mysql only. Thanks. Edit: if we buy 1G switch with mini-GBIC ports. Can we put in mini-GBIC 10G connectors and then connect mysql box to that port?

Read the article
Sharepoint database connection issue after upgrade to SQL Server 2008 R2

- by Neil Hoff

I took a backup of all our Sharepoint WSS 3.0 databases and restored them to a new Windows 2008 R2 server. The new SQL server has the same name and IP address as the old one. The only difference between the two is the new one has SQL 2008 R2 and the old one has SQL 2005. When I navigate to the sharepoint url I get this error: Cannot connect to the configuration database. I checked the logs at this location: "%commonprogramfiles%/Microsoft Shared/web server extensions/12/Logs" and found this error: System.Data.SqlClient.SqlException: Login failed. The login is from an untrusted domain and cannot be used with Windows authentication. Any ideas?

Read the article
Listing the routing table takes long time to complete

- by Rafal Rawicki

When I print routes defined on my computer using route, it takes about 5 to 20 seconds to complete. Why does it take so much time? With VPN enabled: $ time sudo route Kernel IP routing table (...) real 0m21.423s user 0m0.000s sys 0m0.012s With no VPN, this is about 5 seconds - still, computer can do a lot in this time. I've repeated my measurements few times, getting very similar results each try. My machine is Ubuntu with 3.0.0 kernel, but as far as I know, route on the other computers works the same way.

Read the article
Cisco, How to do a subnetting scheme using VLSM and RIP-2?

- by Andrei T. Ursan

I'm studying for my CCNA exam and I have to create a VLSM scheme using RIP-2 for the following requirements: (this is an exercise) Use the class C network 192.168.1.0 network for your point-to-point connections Using the Class A network 10.0.0.0, plan for the following number of hosts in each location: New York: 1000 Chicago: 500 Los Angeles: 1000 On the LAN and point-to-point connections, select subnet masks that use the smallest ranges of IP addresses possible given the above requirements. In all cases, use the lowest possible subnet numbers. Subnet zero is allowed. My guess is the following: New York: S0/0 192.168.1.1 /24 Fa0/0 10.1.0.1 netmask 255.255.248.0 - because we need 1000 hosts Chicago: S0/0 192.168.1.2 /24 Fa0/0 10.2.0.1 netmask 255.255.252.0 (for 500 hosts) Los Angeles: S0/0 192.168.2.3 /24 Fa0/0 10.3.0.1 netmask 255.255.248.0 (for 1000 hosts) Is this a good configuration? I'm reading the CCNA book but not everything is very clear, so I said to do some exercises... Thank you!

Read the article
Wpa supplicant suddenly stopped working

- by Grzenio

Hi, Recently my wireless stopped working on my Debian testing system. It just doesn't connect. The best I get (only after a reboot) is that it says it did connect, but failed to get IP address. But usually it just tries to connect, disconnects straight away, connects again etc. so it never manages to associate correctly. I am sure it did work about a month ago, stopped working after recent upgrades from the repository. Any ideas how to find the issue and fix it?

Read the article

< Previous Page | 311 312 313 314 315 316 317 318 319 320 321 322 | Next Page >