Search Results

Search found 10798 results on 432 pages for 'port scanning'.

Page 323/432 | < Previous Page | 319 320 321 322 323 324 325 326 327 328 329 330  | Next Page >

• Is it possible to use IPC inside of a IE8 Browser Helper Object?

  - by Joel

  I need to communicate with a Service using IPC from inside of a Browser Helper Object (registered with IE8). Unfortunately, all of this communication is done through an Assembly API that I have no control over. Whenever this API starts up I get the following error: ExceptionSystem.Runtime.Remoting.RemotingException: Failed to connect to an IPC Port: The system cannot find the file specified. I realize that it is difficult to discern what the issue is without source. However I am curious if anyone knows of anything sort of permissions or DLL issues that would prevent IPC from working in this case.

  Read the article

• Too many values problem

  - by DraskyVanderhoff

  Hi , i was trying to make a full lot of ips for testing using this code : ip_is = [i for i in range(256)] ports = [i for i in range(1024,49152)] return [str(i1)+"."+str(i2)+"."+str(i3)+"."+str(i4)+":"+str(p) for i1,i2,i3,i4,port in ip_is,ip_is,ip_is,ip_is,ports] The problem is the 3rd line in which is made the ip list. If there is a way to make it all at once or how can make one at time in a lazy way ? I'm pretty noob at python :P. Thanks for the Help :)

  Read the article

• Delphi - COM/OLE starting example needed

  - by durumdara

  Hi! 10 years have ellapsed since I used COM/OLE, and I forget 90% of them. Now we need to make a COM object to access some data from PHP/Python (this is specific thing, the php ODBC don't access the output params of a DataBase - like stored proc output), and my idea the I realize a minimal object with one method, and PHP/Python can call this to get the output... procedure ExecSQL(Config, IP, Port, DBName, SQL, IDFieldName : variant) : output output is [IDValue, ErrorMsg, HResult] Please help me a very little example, how to start it? I need only this, but I'm confused by many ActiveX/COM in the palette. What I need to use to make a simple COM DLL, and how to register my COM object with this DLL? Thanks: dd

  Read the article

• jQuery - improve/reduce my ipod-style dropdown code! - challenge?

  - by aSeptik

  Hi all guys! by keeping inspiration from this http://www.filamentgroup.com/examples/menus/ipod.php i have maked my own from scratch cause i have needed this smarty dropdown solution for a client, but more lightweight & efficient! so with a good cup of coffe in my hand i have maked this DEMO: http://jsbin.com/ufuga SOURCE: http://jsbin.com/ufuga/edit since this is a proof o concept, whould be nice to know, before port this into a plugin, what you think about it! is good, bad or can be improved or reduced in size!? i'm glad to share this code with you and whould be nice if you want give me any feedback! ;-) PS: work perfectly in IE6+, Firefox, Chrome, Opera and of course support the jQuery Theme Roller and have zero configuration steps! thank you guys!

  Read the article

• How to add a Web Reference to a SSL web service?

  - by Matt W

  Hi, I have a web service in a C#/3.5 project which has been running fine. This is until I set the "SSL port" in IIS to 443 and set the "IIS - Directory Security - Secure Communications - Require secure channel (SSL)" option to true. Now, the web reference cannot be updated and I cannot add a new web reference to the web service in that site. When I try to view the service in a browse using just HTTP I get the "This page must be viewed over a secure channel" and when viewed with HTTPS on the front I get "This web page not available." Could someone tell me how to get a Web Reference added using Visual Studio to this secure web service, please? Thanks, Matt.

  Read the article

• Protect Plesk login page from search engine eyes

  - by Iman Samizadeh

  Hi Folks, I was wondering if would it be possible to protect the "https://www.DOMAIN.com:8443" URL from search engines listing perhaps using the htaccess to redirect the 8443 port from "DOMAIN" to elsewhere? This is the VZPP Plesk - Login Login to Plesk. Please enter your login information. Username. Password. Interface Language. User Default, ENGLISH (United States), GERMAN (Germany) ... https://www.DOMAIN.com:8443/ - Many Thanks.

  Read the article

• How to debug GWT using Ant

  - by Phuong Nguyen de ManCity fan

  I know that the job would be simpler if I use Google Plugin for Eclipse. However, in my situation, I heavily adapted Maven and thus, the plugin cannot suit me. (In fact, it gave me the whole week of headache). Rather, I relied on a ant script that I learned from http://code.google.com/webtoolkit/doc/latest/tutorial/appengine.html The document was very clear; I follow the article and successfully invoked DevMode using ant devmode. However, the document didn't tell me about debugging GWT (like Google Plugin for Eclipse can do). Basically, I want to add some parameter to an ant task that expose a debug port (something like (com.google.gwt.dev.DevMode at localhost:58807)) so that I can connect my eclipse to. How can I do that?

  Read the article

• How do I make a universal iPhone / iPad application that programmatically uses UISplitViewController

  - by arash13

  I couldn't find a good answer anywhere to this. I am using a UINavigationController for my iPhone app, with everything is generated programmatically, nothing in Interface Builder. I am trying to port my app to iPad, using a UISplitViewController and my existing UINavigationController, but I am not sure where I should have the logic of my program separating the view controllers for iPhone or iPad. Do I set up my main file to use a different app delegate or do I use the same app delegate and have the user interface conditionally set up within it? Besides this, whenever I try to compile my app on the simulator it does not recognize the UISplitViewController or even the condition in which I check if the class exists. Can please someone put me in the right direction, remembering that I am not using any xibs?

  Read the article

• How to determine the pat of the current web site

  - by Velika2

  I wanted to create a function which would return the path of the current web site. This is what I thought was working while running in the IDE: Public Shared Function WebsiteAbsoluteBaseUrl() As String Dim RequestObject As System.Web.HttpRequest = HttpContext.Current.Request Return "http://" & RequestObject.Url.Host & ":" & _ RequestObject.Url.Port & "/" & _ RequestObject.Url.Segments(1) End Function Does this seem like it should work? Is there a more straight forward way?

  Read the article

• WindowsForms difference to simple Console App

  - by daemonfire300

  I currently started to "port" my console projects to WinForms, but it seems I am badly failing doing that. I am simply used to a console structure: I got my classes interacting with each other depending on the input coming from the console. A simple flow: Input -> ProcessInput -> Execute -> Output -> wait for input Now I got this big Form1.cs (etc.) and the "Application.Run(Form1);" But I really got no clue how my classes can interact with the form and create a flow like I described above. I mean, I just have these "...._Click(object sender....)" for each "item" inside the form. Now I do not know where to place / start my flow / loop, and how my classes can interact with the form.

  Read the article

• Programmatic resource monitoring per process in Linux

  - by tuxx

  Hi, I want to know if there is an efficient solution to monitor a process resource consumption (cpu, memory, network bandwidth) in Linux. I want to write a daemon in C++ that does this monitoring for some given PIDs. From what I know, the classic solution is to periodically read the information from /proc, but this doesn't seem the most efficient way (it involves many system calls). For example to monitor the memory usage every second for 50 processes, I have to open, read and close 50 files (that means 150 system calls) every second from /proc. Not to mention the parsing involved when reading these files. Another problem is the network bandwidth consumption: this cannot be easily computed for each process I want to monitor. The solution adopted by NetHogs involves a pretty high overhead in my opinion: it captures and analyzes every packet using libpcap, then for each packet the local port is determined and searched in /proc to find the corresponding process. Do you know if there are more efficient alternatives to these methods presented or any libraries that deal with this problems?

  Read the article

• Git fatal: remote end hung up

  - by Bill

  So I thought I had finally got everything setup on Windows ... then ran into this issue. Current setup URL: ssh://user@host:port/myapp.git Already run Putty - and can connect using valid .ppk keys through the ~/.ssh/authorized_keys direct. In Git and TortoiseGIT - I set both to use "plink.exe". Putty works fine - no issues - but when I run that URL into bash I get for a git clone (url) fatal: the remote end hung up expectedly In a cygwin bash terminal - running "ssh user@host" - works no probs at all. Anyone suggest anything?

  Read the article

• Can .NET load and parse a properties file equivalent to Java Properties class?

  - by Tai Squared

  Is there an easy way in C# to read a properties file that has each property on a separate line followed by an equals sign and the value, such as the following: ServerName=prod-srv1 Port=8888 CustomProperty=Any value In Java, the Properties class handles this parsing easily: Properties myProperties=new Properties(); FileInputStream fis = new FileInputStream (new File("CustomProps.properties")); myProperties.load(fis); System.out.println(myProperties.getProperty("ServerName")); System.out.println(myProperties.getProperty("CustomProperty")); I can easily load the file in C# and parse each line, but is there a built in way to easily get a property without having to parse out the key name and equals sign myself? The C# information I have found seems to always favor XML, but this is an existing file that I don't control and I would prefer to keep it in the existing format as it will require more time to get another team to change it to XML than parsing the existing file.

  Read the article

• Attempting to connect to a CORBA Service using corbaloc url

  - by Megasaur

  String[] orbargs= {}; org.omg.CORBA.ORB orb = org.omg.CORBA.ORB.init(orbargs, null); org.omg.CORBA.Object cobj = orb.string_to_object("corbaloc:iiop:10.1.1.200:6969/OurServiceHelper"); _OurServiceHelper cpsh = _OurServiceHelperHelper.narrow(cobj); // Get's stuck cpsh.ourMethod(); That narrow just hangs. My service is setup to run on a static port. And we know it works since we usually look it up through the NamingService. What am I doing wrong?

  Read the article

• What makes this struct incomplete?

  - by Mechko

  gcc lovingly throws me this error: bst.c:33: error: invalid application of ‘sizeof’ to incomplete type ‘struct BSTNode’ What makes BSTnode incomplete? Below are the struct definitions relevant to BSTnode. struct BSTnode{ struct BSTnode * left; struct BSTnode * right; struct hash minhash; struct hash maxhash; struct DHTid owner; int misses; }; where we have: struct hash{ int hash; } struct DHTid { int islocal; unsigned long addr; unsigned short port; struct DHTnode * node; }; and currently: struct DHTnode{ int something; }

  Read the article

• Windows Server 2008 R2 network adapter stops working, requires hard reboot

  - by Geoff Dalgas

  TL;DR version: Turns out this was a Windows Server 2008 R2 kernel networking bug. After siccing Microsoft support on it, we (eventually) got an unpublished kernel hotfix from Microsoft to address it. If you, too, are experiencing mysterious low-level network driver failures requiring a reboot/bluescreen cycle, you might want that hotfix (or maybe Service Pack 1 whenever it is released, too.) We have been using HAProxy along with heartbeat from the Linux-HA project. We are using two linux instances to provide a failover. Each server has with their own public IP and a single IP which is shared between the two using a virtual interface (eth1:1) at IP: 69.59.196.211 The virtual interface (eth1:1) IP 69.59.196.211 is configured as the gateway for the windows servers behind them and we use ip_forwarding to route traffic. We are experiencing an occasional network outage on one of our windows servers behind our linux gateways. HAProxy will detect the server is offline which we can verify by remoting to the failed server and attempting to ping the gateway: Pinging 69.59.196.211 with 32 bytes of data: Reply from 69.59.196.220: Destination host unreachable. Running arp -a on this failed server shows that there is no entry for the gateway address (69.59.196.211): Interface: 69.59.196.220 --- 0xa Internet Address Physical Address Type 69.59.196.161 00-26-88-63-c7-80 dynamic 69.59.196.210 00-15-5d-0a-3e-0e dynamic 69.59.196.212 00-21-5e-4d-45-c9 dynamic 69.59.196.213 00-15-5d-00-b2-0d dynamic 69.59.196.215 00-21-5e-4d-61-1a dynamic 69.59.196.217 00-21-5e-4d-2c-e8 dynamic 69.59.196.219 00-21-5e-4d-38-e5 dynamic 69.59.196.221 00-15-5d-00-b2-0d dynamic 69.59.196.222 00-15-5d-0a-3e-09 dynamic 69.59.196.223 ff-ff-ff-ff-ff-ff static 224.0.0.22 01-00-5e-00-00-16 static 224.0.0.252 01-00-5e-00-00-fc static 225.0.0.1 01-00-5e-00-00-01 static On our linux gateway instances arp -a shows: peak-colo-196-220.peak.org (69.59.196.220) at <incomplete> on eth1 stackoverflow.com (69.59.196.212) at 00:21:5e:4d:45:c9 [ether] on eth1 peak-colo-196-215.peak.org (69.59.196.215) at 00:21:5e:4d:61:1a [ether] on eth1 peak-colo-196-219.peak.org (69.59.196.219) at 00:21:5e:4d:38:e5 [ether] on eth1 peak-colo-196-222.peak.org (69.59.196.222) at 00:15:5d:0a:3e:09 [ether] on eth1 peak-colo-196-209.peak.org (69.59.196.209) at 00:26:88:63:c7:80 [ether] on eth1 peak-colo-196-217.peak.org (69.59.196.217) at 00:21:5e:4d:2c:e8 [ether] on eth1 Why would arp occasionally set the entry for this failed server as <incomplete>? Should we be defining our arp entries statically? I've always left arp alone since it works 99% of the time, but in this one instance it appears to be failing. Are there any additional troubleshooting steps we can take help resolve this issue? THINGS WE HAVE TRIED I added a static arp entry for testing on one of the linux gateways which still didn't help. root@haproxy2:~# arp -a peak-colo-196-215.peak.org (69.59.196.215) at 00:21:5e:4d:61:1a [ether] on eth1 peak-colo-196-221.peak.org (69.59.196.221) at 00:15:5d:00:b2:0d [ether] on eth1 stackoverflow.com (69.59.196.212) at 00:21:5e:4d:45:c9 [ether] on eth1 peak-colo-196-219.peak.org (69.59.196.219) at 00:21:5e:4d:38:e5 [ether] on eth1 peak-colo-196-209.peak.org (69.59.196.209) at 00:26:88:63:c7:80 [ether] on eth1 peak-colo-196-217.peak.org (69.59.196.217) at 00:21:5e:4d:2c:e8 [ether] on eth1 peak-colo-196-220.peak.org (69.59.196.220) at 00:21:5e:4d:30:8d [ether] PERM on eth1 root@haproxy2:~# arp -i eth1 -s 69.59.196.220 00:21:5e:4d:30:8d root@haproxy2:~# ping 69.59.196.220 PING 69.59.196.220 (69.59.196.220) 56(84) bytes of data. --- 69.59.196.220 ping statistics --- 7 packets transmitted, 0 received, 100% packet loss, time 6006ms Rebooting the windows web server solves this issue temporarily with no other changes to the network but our experience shows this issue will come back. Swapping network cards and switches I noticed the link light on the port of the switch for the failed windows server was running at 100Mb instead of 1Gb on the failed interface. I moved the cable to several other open ports and the link indicated 100Mb for each port that I tried. I also swapped the cable with the same result. I tried changing the properties of the network card in windows and the server locked up and required a hard reset after clicking apply. This windows server has two physical network interfaces so I have swapped the cables and network settings on the two interfaces to see if the problem follows the interface. If the public interface goes down again we will know that it is not an issue with the network card. (We also tried another switch we have on hand, no change) Changing network hardware driver versions We've had the same problem with the latest Broadcom driver, as well as the built-in driver that ships in Windows Server 2008 R2. Replacing network cables As a last ditch effort we remembered another change that occurred was the replacement of all of the patch cords between our servers / switch. We had purchased two sets, one green of lengths 1ft - 3ft for the private interfaces and another set of red cables for the public interfaces. We swapped out all of the public interface patch cables with a different brand and ran our servers without issue for a full week ... aaaaaand then the problem recurred. Disable checksum offload, remove TProxy We also tried disabling TCP/IP checksum offload in the driver, no change. We're now pulling out TProxy and moving to a more traditional x-forwarded-for network arrangement without any fancy IP address rewriting. We'll see if that helps. Switch Virtualization providers On the off chance this was related to Hyper-V in some way (we do host Linux VMs on it), we switched to VMWare Server. No change. Switch host model We've reached the end of our troubleshooting rope and are now formally involving Microsoft support. They recommended changing the host model: http://en.wikipedia.org/wiki/Host_model http://technet.microsoft.com/en-us/magazine/2007.09.cableguy.aspx We did that, and.. we'll see.

  Read the article

• Windows Mobile Development on MacBook Pro?

  - by Ted Nichols

  I am a frequent Windows Mobile application developer in need of a new development laptop. I am considering a MacBook or Macbook Pro running either Fusion from VMWare or Parallels Desktop. This will give me the option to port my applications to the iPhone depending on what MS does with WM 6.5 and 7. Has anybody tried doing Windows Mobile development using Microsoft Windows Mobile Device Center (or ActiveSync) and VS2008 on the MacBook Pro using one of these virtual machines? Does the device emulator work properly? What about debugging a Windows Mobile device over a USB cable? In general, do most USB drivers (non HID) designed for Windows work under these virtual machines? Thanks.

  Read the article

• I have a filter for jquery masonry - but I want to filter moomasonry

  - by Jason

  Hi, I'm using jquery masonry for layout. But I am considering moving to mootools. I have found a masonry port to mootools, called moomasonry - http://www.crionics.com/products/opensource/mooMasonry/Demos/basic.html With help here, I have a filter on the masonry divs by class: $('a.filter').click(function(){ filterBoxes(this.id); }) function filterBoxes(klass){ if (klass == "all") { klass = "box" } $('#holder').find('.' + klass) .hide() .appendTo('#main') .fadeIn('200') $('#main').find('.box:not(.' + klass + ')') .fadeOut( '200', function(){ $(this).appendTo('#holder') ; }); setTimeout(function(){ $('#main').masonry() },500); } But, how would I filter divs by class in mootools? and have it reload masonry after each filter. See my site for example: http://jasondaydesign.com/masonry_demo/

  Read the article

• Authentication for SaaS

  - by josh

  What would be recommended as an authentication solution for a Software-as-a-service product? Specifically, my product would have clients that would typically have low information technology skills, potentially not even having an IT department within their organization. I would still like to have my application authenticate against their internal directory service (eDirectory, Active Directory, etc.). I don't want them, however, to have to open/forward ports (for instance, opening up port 636 so I can do LDAPS binds directly to their directory service). One idea I had was to have an application installed on a server within their organization's network that would backconnect to my service. This would be a persistant socket. When I need to authenticate a user, I send the credentials via the socket (encrypted) - the application then performs a bind/whatever to authenticate against the directory service and replies with OK/FAIL. What would you suggest? My goal here is to essentially have the client install an application within their network, with very little configuration or intervention.

  Read the article

• How to set JtextArea to keep fixed no of rows?

  - by Hippo

  How can i keep no of rows constant in text area. I need to create a console window for my application. If rows exceeds predefined no of rows first rows must get disposed. As if first written row will be destroyed first when i append anything which exceeds no of rows set. One more thing , i need to keep vertical scroll bar. That means no of rows must not be the whatever rows are visible when text area it opened. For example : - no of visible rows on view port are 30. It should keep 120 rows information, which will can be seen with the help of scroll bar.

  Read the article

• making certain cells of an ExtJS GridPanel un-editable

  - by synchronicity

  I currently have a GridPanel with the Ext.ux.RowEditor plugin. Four fields exist in the row editor: port, ip address, subnet and DHCP. If the DHCP field (checkbox) of the selected row is checked, I need to make the other three fields un-editable. I've been trying to perform this code when the beforeedit event is triggered, but to no avail... I've only found ways to make the entire column un-editable. My code so far: this.rowEditor.on({ scope: this, beforeedit: this.checkIfEditable }); checkIfEditable:function(rowEditor, rowIndex) { if(this.getStore().getAt(rowIndex).get('dhcp')) { // this function makes the entire column un-editable: this.getColumnModel().setEditable(2, false); // I want to make only the other three fields of the current row // uneditable. } } Please let me know if any clarification is needed. Any help potentially extending RowEditor to accomplish the target functionality would be greatly appreciated as well!

  Read the article

• Uncheck all checkboxes in repeater except checkbox being checked

  - by Chris Laythorpe

  I know my question reads a bit like that 'how much wood can a woodchuck chuck' line, please excuse that... I have a repeater with checkboxes. There are numerous rows in this repeater - I never know how many - I want only one checkbox checked at any time. If the user changes the checked checkbox, any pre-existing checks are unchecked therefore maintaining a single checked checkbox. I am using VB, but comfortable to port any C#. I want to use JQuery. I have been looking on Google, but only ever seem to find ALL checked, ALL unchecked systems. Any suggestions?

  Read the article

• Porting Django's templates engine to C

  - by sandra

  Hi folks, I recently wrote a simple and tiny embedded HTTP server for my C++ app (QT) and I played a little bit with Ry's http-parser and loved it. This guy is crazy. So I told to myself: "Hey! Why not port the django template engine to C?" That'd be awesome! I know, it won't be an easy task (not at all, I know) but I'd really love to implement this. So I came here for inspiration, ideas, opinions... I'd really love to have some pointers on the subject, ideas, what is already done, which major problems I'll encounter (and how to solve them) - How not to reinvent the wheel... anyway, you got the idea :) Thanks a million times! P.S. Simple code snippets, and links to tools and libs are very welcome! P.P.S. I'm already aware of grantlee, I took a look into its sources. Well... that's C++ and its specific to Qt.

  Read the article

• Choosing embedded EJB 3.x container to run JEE 5 app on Tomcat

  - by grigory

  I am sorry in advance if my question sounds too generic - I am doing all preliminary research myself but nothing substitutes real experience... My goal is to port a legacy JEE application (pre-EJB 3.x) to Tomcat with embedded EJB container. My choices currently stand as follows: JBoss Embeddable EJB Apache OpenEJB OW2 Consortium EasyBeans anything else? I am expecting to use JMS (with MDBs), Session beans (stateful and stateless), JPA and I am really excited about using JSF with Seam. Now, given choices above, are there any advantages in using one or another embedded EJB provider?

  Read the article

• How to stop registration attempts on Asterisk

  - by Travesty3

  The main question: My Asterisk logs are littered with messages like these: [2012-05-29 15:53:49] NOTICE[5578] chan_sip.c: Registration from '<sip:[email protected]>' failed for '37.75.210.177' - No matching peer found [2012-05-29 15:53:50] NOTICE[5578] chan_sip.c: Registration from '<sip:[email protected]>' failed for '37.75.210.177' - No matching peer found [2012-05-29 15:53:55] NOTICE[5578] chan_sip.c: Registration from '<sip:[email protected]>' failed for '37.75.210.177' - No matching peer found [2012-05-29 15:53:55] NOTICE[5578] chan_sip.c: Registration from '<sip:[email protected]>' failed for '37.75.210.177' - No matching peer found [2012-05-29 15:53:57] NOTICE[5578] chan_sip.c: Sending fake auth rejection for device <sip:[email protected]>;tag=cb23fe53 [2012-05-29 15:53:57] NOTICE[5578] chan_sip.c: Sending fake auth rejection for device <sip:[email protected]>;tag=cb23fe53 [2012-05-29 15:54:02] NOTICE[5578] chan_sip.c: Registration from '<sip:[email protected]>' failed for '37.75.210.177' - No matching peer found [2012-05-29 15:54:03] NOTICE[5578] chan_sip.c: Registration from '<sip:[email protected]>' failed for '37.75.210.177' - No matching peer found [2012-05-29 21:20:36] NOTICE[5578] chan_sip.c: Registration from '"55435217"<sip:[email protected]>' failed for '65.218.221.180' - No matching peer found [2012-05-29 21:20:36] NOTICE[5578] chan_sip.c: Registration from '"1731687005"<sip:[email protected]>' failed for '65.218.221.180' - No matching peer found [2012-05-30 01:18:58] NOTICE[5578] chan_sip.c: Sending fake auth rejection for device "unknown" <sip:[email protected]>;tag=dEBcOzUysX [2012-05-30 01:18:58] NOTICE[5578] chan_sip.c: Sending fake auth rejection for device "unknown" <sip:[email protected]>;tag=9zUari4Mve [2012-05-30 01:19:00] NOTICE[5578] chan_sip.c: Sending fake auth rejection for device "unknown" <sip:[email protected]>;tag=sOYgI1ItQn [2012-05-30 01:19:02] NOTICE[5578] chan_sip.c: Sending fake auth rejection for device "unknown" <sip:[email protected]>;tag=2EGLTzZSEi [2012-05-30 01:19:04] NOTICE[5578] chan_sip.c: Sending fake auth rejection for device "unknown" <sip:[email protected]>;tag=j0JfZoPcur [2012-05-30 01:19:06] NOTICE[5578] chan_sip.c: Sending fake auth rejection for device "unknown" <sip:[email protected]>;tag=Ra0DFDKggt [2012-05-30 01:19:08] NOTICE[5578] chan_sip.c: Sending fake auth rejection for device "unknown" <sip:[email protected]>;tag=rR7q7aTHEz [2012-05-30 01:19:10] NOTICE[5578] chan_sip.c: Sending fake auth rejection for device "unknown" <sip:[email protected]>;tag=VHUMtOpIvU [2012-05-30 01:19:12] NOTICE[5578] chan_sip.c: Sending fake auth rejection for device "unknown" <sip:[email protected]>;tag=JxZUzBnPMW I use Asterisk for an automated phone system. The only thing it does is receives incoming calls and executes a Perl script. No outgoing calls, no incoming calls to an actual phone, no phones registered with Asterisk. It seems like there should be an easy way to block all unauthorized registration attempts, but I have struggled with this for a long time. It seems like there should be a more effective way to prevent these attempts from even getting far enough to reach my Asterisk logs. Some setting I could turn on/off that doesn't allow registration attempts at all or something. Is there any way to do this? Also, am I correct in assuming that the "Registration from ..." messages are likely people attempting to get access to my Asterisk server (probably to make calls on my account)? And what's the difference between those messages and the "Sending fake auth rejection ..." messages? Further detail: I know that the "Registration from ..." lines are intruders attempting to get access to my Asterisk server. With Fail2Ban set up, these IPs are banned after 5 attempts (for some reason, one got 6 attempts, but w/e). But I have no idea what the "Sending fake auth rejection ..." messages mean or how to stop these potential intrusion attempts. As far as I can tell, they have never been successful (haven't seen any weird charges on my bills or anything). Here's what I have done: Set up hardware firewall rules as shown below. Here, xx.xx.xx.xx is the IP address of the server, yy.yy.yy.yy is the IP address of our facility, and aa.aa.aa.aa, bb.bb.bb.bb, and cc.cc.cc.cc are the IP addresses that our VoIP provider uses. Theoretically, ports 10000-20000 should only be accessible by those three IPs.+-------+-----------------------------+----------+-----------+--------+-----------------------------+------------------+ | Order | Source Ip | Protocol | Direction | Action | Destination Ip | Destination Port | +-------+-----------------------------+----------+-----------+--------+-----------------------------+------------------+ | 1 | cc.cc.cc.cc/255.255.255.255 | udp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 10000-20000 | | 2 | any | tcp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 80 | | 3 | any | tcp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 2749 | | 4 | any | tcp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 443 | | 5 | any | tcp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 53 | | 6 | any | tcp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 1981 | | 7 | any | tcp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 1991 | | 8 | any | tcp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 2001 | | 9 | yy.yy.yy.yy/255.255.255.255 | udp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 137-138 | | 10 | yy.yy.yy.yy/255.255.255.255 | tcp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 139 | | 11 | yy.yy.yy.yy/255.255.255.255 | tcp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 445 | | 14 | aa.aa.aa.aa/255.255.255.255 | udp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 10000-20000 | | 17 | bb.bb.bb.bb/255.255.255.255 | udp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 10000-20000 | | 18 | any | tcp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 1971 | | 19 | any | tcp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 2739 | | 20 | any | tcp | inbound | permit | xx.xx.xx.xx/255.255.255.255 | 1023-1050 | | 21 | any | all | inbound | deny | any on server | 1-65535 | +-------+-----------------------------+----------+-----------+--------+-----------------------------+------------------+ Set up Fail2Ban. This is sort of working, but it's reactive instead of proactive, and doesn't seem to be blocking everything (like the "Sending fake auth rejection ..." messages). Set up rules in sip.conf to deny all except for my VoIP provider. Here is my sip.conf with almost all commented lines removed (to save space). Notice at the bottom is my attempt to deny all except for my VoIP provider:[general] context=default allowguest=no allowoverlap=no bindport=5060 bindaddr=0.0.0.0 srvlookup=yes disallow=all allow=g726 allow=ulaw allow=alaw allow=g726aal2 allow=adpcm allow=slin allow=lpc10 allow=speex allow=g726 insecure=invite alwaysauthreject=yes ;registertimeout=20 registerattempts=0 register = user:pass:[email protected]:5060/700 [mysipprovider] type=peer username=user fromuser=user secret=pass host=sip.mysipprovider.com fromdomain=sip.mysipprovider.com nat=no ;canreinvite=yes qualify=yes context=inbound-mysipprovider disallow=all allow=ulaw allow=alaw allow=gsm insecure=port,invite deny=0.0.0.0/0.0.0.0 permit=aa.aa.aa.aa/255.255.255.255 permit=bb.bb.bb.bb/255.255.255.255 permit=cc.cc.cc.cc/255.255.255.255

  Read the article

< Previous Page | 319 320 321 322 323 324 325 326 327 328 329 330  | Next Page >