Search Results

Search found 11906 results on 477 pages for 'ip restrictions'.

Page 321/477 | < Previous Page | 317 318 319 320 321 322 323 324 325 326 327 328  | Next Page >

• linux dns server

  - by Clear.Cache

  Can someone explain to me how to easily setup a centos 5 (64bit) dns server? I want to use this strictly for dns for my clients who require rdns (ptr) for their domains. I do have IP delegation/authority from the data center and allocated IPs directly from ARIN. I just want to setup a Centos 5 box to use strictly as a dns server, perhaps with redundancy with a secondary, clustered (or not) dns server Server 1 = dns1.mycompany.com Server 2 = dns2.mycompany.com Then, I need simply instructions on how to create rdns records for clients upon request, especially in bulk amounts. Thank you.

  Read the article

• tcpdump selective acknowledgements question

  - by wlaus

  Hi All, I eventually sometimes watch most initial tcp connection attempts like this: tcpdump -nn -Z somepcapuser not src host (12x.x5.109.xxx or 62.75.160.xxx ) and not (port 9001 or 443 or 8080 ) and tcp[tcpflags]&(tcp-syn) !=0 and not tcp[tcpflags]& (tcp-ack) !=0 or icmp this works pretty well to quickly identify oddness so far. However, I now have a question on the following output: 03:53:52.227884 IP 203.81.166.20.53786 62.75.160.xxx.80: S 846930886:846930886(0) win 61690 "<"mss 1460,nop,nop,sackOK,opt-178:f04700000000,nop,wscale 4"" I wonder what the marked portion means, haven't seen that before. Thanks for help wlaus

  Read the article

• Securing a Windows Server 2008 R2 Public Web Server

  - by Denny Ferrassoli

  I'm setting up a public web server: Windows Server 2008 R2, IIS7.5. Does anyone have a tutorial / walkthrough / tips on properly securing a public web server? I've seen a few tutorials but mostly focused on Windows Server 2003. What I've done so far: Created a specific user account for the website / app pool, Renamed Admin account, Installed FTPS, Configured firewall to block any non-public service (web / https), Configured firewall to allow access to management interfaces only from specific IP addresses (rdp, IIS management, ftp) Maybe a few other things but can't remember at the moment... ICMP is allowed... Should I disable all except ping? Port scan reveals only web and https ports. Any other suggestions? Thanks

  Read the article

• Mac Mini's internet very slow, every other device fine (PC, iPhone, Xbox 360)

  - by alex

  I recently haven't used my Mac Mini for about 5 days (however it was left on). I seem to be able to connect and get great download / upload speeds through my PC, Xbox 360, iPhone and parents' laptop. However, my Mac Mini is very slow. OS X's Mail.app is downloading mail at 0.4kbps and then dropping to 0. Skype file transfers are doing the same. Browsing the net is a terrible experience. It is taking 30 seconds or more to download basic pages. All of my devices connect wirelessly to a Netgear router / modem. I have tried giving the Mac Mini a manual IP, and renew DHCP lease, as well as flush DNS in Terminal. I have also rebooted the router / modem twice, and the Mac Mini twice. Do you know what could be causing this? Thanks

  Read the article

• Gradually migrate from one SMTP server to another

  - by Bart van Wissen

  I maintain an application that sends out a ton of e-mail on a daily basis. Soon, we will have to migrate to another SMTP-server for that, which has an ip address that has no reputation with respect to email delivery. So instead of just flipping the switch, I would like to start by sending a small percentage of all mail through the new server, and then gradually increase that percentage until we reach 100%. It wouldn't be very hard to implement something in the application itself, but I would like to know if there is an easier, more reliable out-of-the-box-type solution for this. My first thought was to use round-robin DNS for this, but the servers require different credentials, use different protocols (one uses SASL, the other doesn't) and even different port numbers, so I think that rules out the DNS based solution. Is there any way, for example, to configure Postfix to send 1 out of x e-mails to relay host A and the rest to relay host B? Or perhaps a different MTA?

  Read the article

• Redhat with a reverse proxy, a specific configuration

  - by jessica

  The setup I am trying to put together consists on a server connected to the internet (a redhat box) and 2 Apache Tomcat boxes not connected to the internet. Let's call the server Server and the two Apache Tomcats, Apache1 and Apache2. So, assuming my external IP is 102.1.1.1, Apache1 is 10.1.1.1 and Apache2 is 10.1.1.2, what I'm trying to configure is a reverse proxy so that if the request goes into http://102.1.1.1/mywebserver1/ it will be directed to Apache1 and if the request goes into http://102.1.1.1/mywebserver2/ it will be forwarded to Apache2. Now, I don't need a cache on the proxy since there is application sitting in those tomcats and each request needs to get a fresh answer. I searched for a while and I tried building this with Squid but i can't get it to work the way I need it. Anyone knows how to do this? What software do I need? How do I configure the reverse proxy? Thanks! jessica

  Read the article

• DNS Server Spoofed Request Amplification DDoS - Prevention

  - by Shackrock

  I've been conducting security scans, and a new one popped up for me: DNS Server Spoofed Request Amplification DDoS The remote DNS server answers to any request. It is possible to query the name servers (NS) of the root zone ('.') and get an answer which is bigger than the original request. By spoofing the source IP address, a remote attacker can leverage this 'amplification' to launch a denial of service attack against a third-party host using the remote DNS server. General Solution: Restrict access to your DNS server from public network or reconfigure it to reject such queries. I'm hosting my own DNS for my website. I'm not sure what the solution is here... I'm really looking for some concrete detailed steps to patch this, but haven't found any yet. Any ideas? CentOS5 with WHM and CPanel. Also see: http://securitytnt.com/dns-amplification-attack/

  Read the article

• Squid 3 reloading makes it stop serving requests

  - by coredump

  So, we use Squid 3 here (3.0.STABLE8-3+lenny4), pretty standard configuration (no dansguardian or similar) + NTLM authentication with LDAP background, circa 1000 users on a busy day, and our acls reference some external files (allowed/blocked sites/ip addresses). On Squid 2.X we used to be capable of reloading it's configuration (to add or sites or addresses to rules, etc) and squid would not stop serving during the reload. Since we changed to 3.0, that seems to be impossible: everytime we use reload (or -k reconfigure) it stop serving requests for as long as 2 minutes, and clients receive a Configured proxy is not accepting connections message. I checked the documentation and got nothing about it, does anyone else suffer from this problem or is it a isolated case on my setup? Also, if you have Squid 3.0 and doesn't suffer from this problem, how is your squid configured?

  Read the article

• Configuring TMUX's status bar

  - by wdkrnls

  I want my tmux session to show my current ip address in the right hand side of the status bar but I am having the hardest time figuring up the right syntax. The command works perfectly in the shell, but tmux won't parse it. set -g status-right '#[fg=white]#(host (hostname))' [Note: I am using the fish shell] I really want it to be: set -g status-right '#[fg=white]#(hostname)@#(host (hostname) | cut -d " " -f 4)' But since I can't get the former status bar to work, this is a lost cause. The weird thing is I got the first one to work once, but then I added the cut.

  Read the article

• 401 Using Multiple Authentication methods IE 10 only

  - by jon3laze

  I am not sure if this is more of a coding issue or server setup issue so I've posted it on stackoverflow and here... On our production site we've run into an issue that is specific to Internet Explorer 10. I am using jQuery doing an ajax POST to a web service on the same domain and in IE10 I am getting a 401 response, IE9 works perfectly fine. I should mention that we have mirrored code in another area of our site and it works perfectly fine in IE10. The only difference between the two areas is that one is under a subdomain and the other is at the root level. www.my1stdomain.com vs. portal.my2nddomain.com The directory structure on the server for these are: \my1stdomain\webservice\name\service.aspx \portal\webservice\name\service.aspx Inside of the \portal\ and \my1stdomain\ folders I have a page that does an ajax call, both pages are identical. $.ajax({ type: 'POST', url: '/webservice/name/service.aspx/function', cache: false, contentType: 'application/json; charset=utf-8', dataType: 'json', data: '{ "json": "data" }', success: function() { }, error: function() { } }); I've verified permissions are the same on both folders on the server side. I've applied a workaround fix of placing the <meta http-equiv="X-UA-Compatible" value="IE=9"> to force compatibility view (putting IE into compatibility mode fixes the issue). This seems to be working in IE10 on Windows 7, however IE 10 on Windows 8 still sees the same issue. These pages are classic asp with the headers that are being included, also there are no other meta tags being used. The doctype is being specified as <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//" "http://www.w3.org/TR/html4/loose.dtd"> on the portal page and <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> on the main domain. UPDATE1 I used Microsoft Network Monitor 3.4 on the server to capture the request. I used the following filter to capture the 401: Property.HttpStatusCode.StringToNumber == 401 This was the response - Http: Response, HTTP/1.1, Status: Unauthorized, URL: /webservice/name/service.aspx/function Using Multiple Authetication Methods, see frame details ProtocolVersion: HTTP/1.1 StatusCode: 401, Unauthorized Reason: Unauthorized - ContentType: application/json; charset=utf-8 - MediaType: application/json; charset=utf-8 MainType: application/json charset: utf-8 Server: Microsoft-IIS/7.0 jsonerror: true - WWWAuthenticate: Negotiate - Authenticate: Negotiate WhiteSpace: AuthenticateData: Negotiate - WWWAuthenticate: NTLM - Authenticate: NTLM WhiteSpace: AuthenticateData: NTLM XPoweredBy: ASP.NET Date: Mon, 04 Mar 2013 21:13:39 GMT ContentLength: 105 HeaderEnd: CRLF - payload: HttpContentType = application/json; charset=utf-8 HTTPPayloadLine: {"Message":"Authentication failed.","StackTrace":null,"ExceptionType":"System.InvalidOperationException"} The thing here that really stands out is Unauthorized, URL: /webservice/name/service.aspx/function Using Multiple Authentication Methods With this I'm still confused as to why this only happens in IE10 if it's a permission/authentication issue. What was added to 10, or where should I be looking for the root cause of this? UPDATE2 Here are the headers from the client machine from fiddler (server information removed): Main SESSION STATE: Done. Request Entity Size: 64 bytes. Response Entity Size: 9 bytes. == FLAGS ================== BitFlags: [ServerPipeReused] 0x10 X-EGRESSPORT: 44537 X-RESPONSEBODYTRANSFERLENGTH: 9 X-CLIENTPORT: 44770 UI-COLOR: Green X-CLIENTIP: 127.0.0.1 UI-OLDCOLOR: WindowText UI-BOLD: user-marked X-SERVERSOCKET: REUSE ServerPipe#46 X-HOSTIP: ***.***.***.*** X-PROCESSINFO: iexplore:2644 == TIMING INFO ============ ClientConnected: 14:43:08.488 ClientBeginRequest: 14:43:08.488 GotRequestHeaders: 14:43:08.488 ClientDoneRequest: 14:43:08.488 Determine Gateway: 0ms DNS Lookup: 0ms TCP/IP Connect: 0ms HTTPS Handshake: 0ms ServerConnected: 14:40:28.943 FiddlerBeginRequest: 14:43:08.488 ServerGotRequest: 14:43:08.488 ServerBeginResponse: 14:43:08.592 GotResponseHeaders: 14:43:08.592 ServerDoneResponse: 14:43:08.592 ClientBeginResponse: 14:43:08.592 ClientDoneResponse: 14:43:08.592 Overall Elapsed: 0:00:00.104 The response was buffered before delivery to the client. == WININET CACHE INFO ============ This URL is not present in the WinINET cache. [Code: 2] Portal SESSION STATE: Done. Request Entity Size: 64 bytes. Response Entity Size: 105 bytes. == FLAGS ================== BitFlags: [ClientPipeReused, ServerPipeReused] 0x18 X-EGRESSPORT: 44444 X-RESPONSEBODYTRANSFERLENGTH: 105 X-CLIENTPORT: 44439 X-CLIENTIP: 127.0.0.1 X-SERVERSOCKET: REUSE ServerPipe#7 X-HOSTIP: ***.***.***.*** X-PROCESSINFO: iexplore:7132 == TIMING INFO ============ ClientConnected: 14:37:59.651 ClientBeginRequest: 14:38:01.397 GotRequestHeaders: 14:38:01.397 ClientDoneRequest: 14:38:01.397 Determine Gateway: 0ms DNS Lookup: 0ms TCP/IP Connect: 0ms HTTPS Handshake: 0ms ServerConnected: 14:37:57.880 FiddlerBeginRequest: 14:38:01.397 ServerGotRequest: 14:38:01.397 ServerBeginResponse: 14:38:01.464 GotResponseHeaders: 14:38:01.464 ServerDoneResponse: 14:38:01.464 ClientBeginResponse: 14:38:01.464 ClientDoneResponse: 14:38:01.464 Overall Elapsed: 0:00:00.067 The response was buffered before delivery to the client. == WININET CACHE INFO ============ This URL is not present in the WinINET cache. [Code: 2]

  Read the article

• Remote Desktop to Virtual Machine

  - by Valvaris

  Hello: I recently reformatted one of my servers with Windows Server 2008 x64 and with that, installed the latest version of VMWare server on it. Within that, I created a new Windows Server 2003 R2 x86 virtual machine for the purposes of being a backup domain controller. I was able to successfully configure it as a domain controller and have it provide DNS service to my domain. I've been using the VMWare remote console to set this up and figured it was time to get remote desktop working. I set it up as I have with many other computers on my network (hitting the checkbox, making the firewall isn't blocking it) and I cannot get remote desktop to connect to it. I've tried using the computer name and its IP address neither work. I can ping the computer from the outside but the Virtual machine cannot ping anything from inside it. All machines are on the same subnet. I can't seem to figure this out.

  Read the article

• allow SSH to bypass VPN on OSX mavericks, openvpn, pf

  - by zycho42

  My home computer connects to the internet through an OpenVPN connection. However, I would like to be able to connect to my home computer from outside over ssh. Ssh is set up and working, but when I connect to the vpn ssh is only accessible from inside my home network. I figure what's going wrong is my router forwards incoming ssh connections to my mac, but then my mac replies over the vpn, so the connection from outside times out. I've got pf set up for a couple of other things, but I can't figure out how to let the ssh replies bypass the vpn using pf. I've come across other solutions that use ip tables, routing tables and rules, but I can't figure out how to set that up on mavericks. I've been searching for this for a while now but I haven't found a working solution. Any help would be greatly appreciated!

  Read the article

• Windows 7 Connection Sharing unable to access some sites

  - by Kristopher Ives

  I have a pretty sad networking situation that involves connecting to an open Wireless network and sharing that connection to an Ethernet that is plugged into a Linksys router. This has been done with XP and Windows 7, and it works great with XP. The problem with Windows 7 is that only some DNS will work. I don't know if it's been poisoned on the network above us (which we have no control over), but we've tried clearing the DNS cache as well as moving to using Google's DNS servers (8.8.8.8, 8.8.4.4). Here is a really quick list of sites that won't respond to DNS requests at all via dig, although if I get the IP address I can ping them: facebook.com yuilibrary.com twitter.com A lot of sites do work though. Anyone have an idea? It may be a subnet problem? If anyone wants more info let me know.

  Read the article

• Restoring WordPress EC2 instance from snapshot results in 403 Forbidden error

  - by Eric Matthew Turano

  This problem has been perplexing me for weeks now. Here's how the issue goes: Launch Amazon Linux 64-bit instance, successfully install WordPress, and site is active w/ no issues Create snapshot of the instance's root volume Shut down instance Create volume from snapshot, attach to instance, and reboot instance Associate Elastic IP with instance Once that's done and I try logging onto the site, I am redirected to myurl.com/wp-admin/install.php and greeted with this message: Forbidden: You don't have permission to access /wp-admin/install.php on this server. Apache/2.2.25 (Amazon) Server at www.myurl.com Port 80 Port 80 is open on the inbound security group settings, so that's not the issue. Keep in mind all I am doing is merely creating a new volume and attaching it to the same instance, and this issue comes up. What am I doing wrong, and how can I create a complete backup of my instance without this error occuring?

  Read the article

• ifconfig ignores alias on IPv6

  - by Marten Lehmann

  When I add an IPv4 address for the interface eth0:0 with ifconfig, it is created correctly: ifconfig eth0:0 add 192.168.10.10 This can be verified by ifconfig or "ip a". When I add an IPv6 address however, ifconfig seems to ignore the alias of the interface: ifconfig eth0:0 add fc00::2/48 The address fc00::2/48 is added to eth0 then, not to eth0:0, no matter if eth0:0 previously exists with an IPv4 address or not. I'm doing this on CentOS 5 but I guess it is a general behaviour of ifconfig? Am I doing something wrong or is this by intention? I'm using separate aliases for interfaces very often and I hoped to use it for IPv6 as well. Kind regards Marten

  Read the article

• What response should be made to a continued web-app crack attempt?

  - by Tchalvak

  I've issues with a continuous, concerted cracking attempt on a website (coded in php). The main problem is sql-injection attempts, running on a Debian server. A secondary effect of the problem is being spidered or repeatedly spammed with urls that, though a security hole has been closed, are still obviously related attempts to crack the site, and continue to add load to the site, and thus should be blocked. So what measures can I take to: A: Block known intruders/known attack machines (notably making themselves anonymous via botnet or relaying servers) to prevent their repeated, continuous, timed access from affecting the load of the site, and B: report & respond to the attack (I'm aware that the reporting to law enforcement is almost certainly futile, as may be reporting to the ip/machine where the attacks are originating, but other responses to take would be welcome).

  Read the article

• Dell OpenManage iDrac

  - by mhouston100

  I have installed OpenManage Server Administrator on a Windows 7 workstation with the assumption that nothing needed to be done on the actual server I am trying to manage. The server has an iDrac v7 component and I was under the impression that OpenManage just connects to that? When I try to connect I put the IP address of the iDrac console and the username/password and I get a 'Connection Error' message. So my question, does OpenManage have to be installed on the server that is to be managed, even if it has a DRAC connection?

  Read the article

• Cannot get git working

  - by Devin Dixon

  I'm trying to install my own git server with these instructions. http://cisight.com/how-to-setup-git-server-using-gitolite-in-ubuntu-11-10-oneiric/ But I am get stuck at this point. git clone --verbose [email protected]:testing.git Cloning into 'testing'... Permission denied (publickey). fatal: The remote end hung up unexpectedly And I think it has something to do with this: gitolite@ip-xxxx:~$ gl-setup tmp/john.pub key_read: uudecode Aklkdfgkldkgldkgldkgfdlkgldkgdlfkgldkgldkgdlkgkfdnknbkdnbkdnbkdnbkfnbkdfnbkdnfbkdfnbdknbkdnbkfnbkdbnkdbnkdfnbkd [email protected] failed fprint failed I always get the fail and I think its preventing me from cloning repo.The repo is there along with gitolite-admin.git repo. The permissions are this: drwxr-x--- 8 gitolite gitolite 4096 Jun 6 16:29 gitolite-admin.git drwxr-x--- 7 gitolite gitolite 4096 Jun 6 16:29 testing.git So my question is what am I missing here?

  Read the article

• Loadbalance UDP traffic with session affinity and way to take servers in & out of rotation

  - by William

  What is the best way to go about load balancing UDP traffic among a whole bunch of servers, while keeping session affinity based on the users' IP? I need to also be able to take servers in and out of rotation for new clients, so when they join for the first time, they get put on a server in a list of available servers, and clients already connected would stay connected to their specific server. I have written the software to maintain a list, but I can't seem to find anything that would perform this functionality. If you need the context, this is to facilitate game tournaments for Minecraft: Pocket Edition, which is done with UDP traffic, I cannot change the protocol. And, because tournaments open and close, I need to be able to place players on their proper servers. Performance is also a priority, I have a program to do this but it is very bloated and slow. Thanks for any help! William

  Read the article

• Exchange Disconnecting on EHLO with remote telnet

  - by Timothy Baldridge

  When I go to the local terminal on my Exchange box (SBS 2008) I can do this: telnet 127.0.0.1 25 220 Exchange banner here EHLO example.com 250 Server name However when I go from another box, or from the actual IP of the server I get this: telnet 192.168.21.20 25 220 Exchange banner here EHLO example.com 421 4.4.1 Connection timed out Connection to host lost. The odd thing is, this server is currently in production and working fine (receiving mail for our entire domain). But my C# programs can't send mail to it (they get this same error). Any ideas?

  Read the article

• Cyrus: How Do I Configure saslauthd For Authentication?

  - by Nick

  I'm trying to get Cyrus IMAP (v 2.2 on Ubuntu 9.04) setup and working, but I'm having a bit of trouble getting the login working correctly. I've created a mailbox for my test user "nrahl": cm user/nrahl and then created a password: $ saslpasswd2 nrahl I'm attempting to connect to the mailbox using Thunderbird. I'm using the machine's LAN IP address as the host, and "nrahl" as the username. It connects to the server and prompts me for the password. When I enter it, I get "Login to server failed." in Thunderbird, and /var/log/mail.log shows: Apr 15 19:20:01 IMAP cyrus/imap[1930]: accepted connection Apr 15 19:20:09 IMAP cyrus/imap[1930]: badlogin: [192.168.5.21] plaintext nrahl SASL(-13): authentication failure: checkpass failed Part of /etc/imapd.conf with comments removed: sieveusehomedir: false sievedir: /var/spool/sieve #mailnotifier: zephyr #sievenotifier: zephyr #dracinterval: 0 #drachost: localhost hashimapspool: true allowplaintext: yes sasl_mech_list: PLAIN #allowapop: no #sasl_maximum_layer: 256 #loginrealms: example.com #virtdomains: userid #defaultdomain: sasl_pwcheck_method: saslauthd #sasl_auxprop_plugin: sasldb sasl_auto_transition: no UPDATE: When setting: sasl_pwcheck_method: alwaystrue in /etc/imapd.conf, login works correctly. So I'm assuming the issue is saslauthd related.

  Read the article

• Can't access a local site site on LAN

  - by Dilawar

  I have lighttpd setup on a machine (say ip is 10.107.105.13) with following details. inet addr : 10.107.105.13 Bcast : 10.107.111.255 Mask : 255.255.240.0 I can access my site on this computer by using firefox http://localhost/index.html. Now I am trying to access this site from another computer with following details inet addr : 10.14.42.7 Bcast : 10.14.42.255 Mask : 255.255.255.0 But it says 'access denied'. nmap 10.107.105.13 gives the following output. PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 1234/tcp open hotline 3306/tcp open mysql 9418/tcp open git Following is the output of iptables -L -n -v on 10.107.105.13 141 11207 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 FORWARD and OUTPUT section empty. What is wrong with all this?

  Read the article

• IPSEC tunnel Fortinet Transparent Mode to inside Fortinet firewall in NAT Mode does not respond to i

  - by TrevJen

  I have 2 fortinet firewalls (fully patched); fw1 is providing an IPSEC tunnel in transparent mode. beneath this firewall is a fw2, a NAT firewall with a VIP address that has been confirmed to work. This configuration is required for my customers who want to connect to a public address space inside of the tunnel, in order to prevent cross over in IP space. This configuration works great for traffic going outbound to the remote side of the tunnel, but not inbound. While sniffing the traffic, I can see the inbound traffic going out of the fw1, but it is never seen at the fw2. Cust Net > 10.1.1.100 | | | FW1 >TRANSPARENT IPSEC | | | FW2 EXT >99.1.1.1.100-VIP | FW2 NAT >192.1.1.100-NAT

  Read the article

• Active directory authentication for Ubuntu Linux login and cifs mounting home directories...

  - by Jamie

  I've configured my Ubuntu 10.04 Server LTS Beta 2 residing on a windows network to authenticate logins using active directory, then mount a windows share to serve as there home directory. Here is what I did starting from the initial installation of Ubuntu. Download and install Ubuntu Server 10.04 LTS Beta 2 Get updates # sudo apt-get update && sudo apt-get upgrade Install an SSH server (sshd) # sudo apt-get install openssh-server Some would argue that you should "lock sshd down" by disabling root logins. I figure if your smart enough to hack an ssh session for a root password, you're probably not going to be thwarted by the addition of PermitRootLogin no in the /etc/ssh/sshd_config file. If your paranoid or not simply not convinced then edit the file or give the following a spin: # (grep PermitRootLogin /etc/ssh/sshd_conifg && sudo sed -ri 's/PermitRootLogin ).+/\1no/' /etc/ssh/sshd_conifg) || echo "PermitRootLogin not found. Add it manually." Install required packages # sudo apt-get install winbind samba smbfs smbclient ntp krb5-user Do some basic networking housecleaning in preparation for the specific package configurations to come. Determine your windows domain name, DNS server name, and IP address for the active directory server (for samba). For conveniance I set environment variables for the windows domain and DNS server. For me it was (my AD IP address was 192.168.20.11): # WINDOMAIN=mydomain.local && WINDNS=srv1.$WINDOMAIN If you want to figure out what your domain and DNS server is (I was contractor and didn't know the network) check out this helpful reference. The authentication and file sharing processes for the Windows and Linux boxes need to have their clocks agree. Do this with an NTP service, and on the server version of Ubuntu the NTP service comes installed and preconfigured. The network I was joining had the DNS server serving up the NTP service too. # sudo sed -ri "s/^(server[ \t]).+/\1$WINDNS/" /etc/ntp.conf Restart the NTP daemon # sudo /etc/init.d/ntp restart We need to christen the Linux box on the new network, this is done by editing the host file (replace the DNS of with the FQDN of the windows DNS): # sudo sed -ri "s/^(127\.0\.0\.1[ \t]).*/\1$(hostname).$WINDOMAIN localhost $(hostname)/" /etc/hosts Kerberos configuration. The instructions that follow here aren't to be taken literally: the values for MYDOMAIN.LOCAL and srv1.mydomain.local need to be replaced with what's appropriate for your network when you edit the files. Edit the (previously installed above) /etc/krb5.conf file. Find the [libdefaults] section and change (or add) the key value pair (and it is in UPPERCASE WHERE IT NEEDS TO BE): [libdefaults] default_realm = MYDOMAIN.LOCAL Add the following to the [realms] section of the file: MYDOMAIN.LOCAL = { kdc = srv1.mydomain.local admin_server = srv1.mydomain.local default_domain = MYDOMAIN.LOCAL } Add the following to the [domain_realm] section of the file: .mydomain.local = MYDOMAIN.LOCAL mydomain.local = MYDOMAIN.LOCAL Conmfigure samba. When it's all said done, I don't know where SAMBA fits in ... I used cifs to mount the windows shares ... regardless, my system works and this is how I did it. Replace /etc/samba/smb.conf (remember I was working from a clean distro of Ubuntu, so I wasn't worried about breaking anything): [global] security = ads realm = MYDOMAIN.LOCAL password server = 192.168.20.11 workgroup = MYDOMAIN idmap uid = 10000-20000 idmap gid = 10000-20000 winbind enum users = yes winbind enum groups = yes template homedir = /home/%D/%U template shell = /bin/bash client use spnego = yes client ntlmv2 auth = yes encrypt passwords = yes winbind use default domain = yes restrict anonymous = 2 Start and stop various services. # sudo /etc/init.d/winbind stop # sudo service smbd restart # sudo /etc/init.d/winbind start Setup the authentication. Edit the /etc/nsswitch.conf. Here are the contents of mine: passwd: compat winbind group: compat winbind shadow: compat winbind hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc: db files Start and stop various services. # sudo /etc/init.d/winbind stop # sudo service smbd restart # sudo /etc/init.d/winbind start At this point I could login, home directories didn't exist, but I could login. Later I'll come back and add how I got the cifs automounting to work. Numerous resources were considered so I could figure this out. Here is a short list (a number of these links point to mine own questions on the topic): Samba Kerberos Active Directory WinBind Mounting Linux user home directories on CIFS server Authenticating OpenBSD against Active Directory How to use Active Directory to authenticate linux users Mounting windows shares with Active Directory permissions Using Active Directory authentication with Samba on Ubuntu 9.10 server 64bit How practical is to authenticate a Linux server against AD? Auto-mounting a windows share on Linux AD login

  Read the article

• Detecting man-in-the-middle attacks?

  - by Ilari Kajaste

  There seem to be many possible ways to create man-in-the-middle attacks on public access points, by stealing the access point's local IP address with ARP spoofing. The possible attacks range from forging password request fields, to changing HTTPS connections to HTTP, and even the recently discovered possibilit of injecting malicious headers in the beginning of secure TLS connections. However, it seems to be claimed that these attacks are not very common. It would be interesting to see for myself. What ways are there to detect if such an attack is being attempted by someone on the network? I guess getting served a plain HTTP login page would be an obvious clue, and of course you could run Wireshark and keep reading all the interesting ARP traffic... But an automated solution would be a tiny bit more handy. Something that analyzes stuff on the background and alerts if an attack is detected on the network. It would be interesting to see for myself if these attack are actually going on somewhere.

  Read the article

< Previous Page | 317 318 319 320 321 322 323 324 325 326 327 328  | Next Page >