Search Results

Search found 13404 results on 537 pages for 'george host'.

Page 331/537 | < Previous Page | 327 328 329 330 331 332 333 334 335 336 337 338 | Next Page >

Security issues of running PHP scripts as the owner of the PHP file with suexec

- by thomasrutter

I'm using suexec to ensure that PHP scripts (and other CGI/FastCGI apps) are run as the account holder associated with the relevant virtual host. This allows for securing each users' scripts from reading/writing by other users. However, it occurs to me that this opens up a different security hole. Previously, the web server ran as an unprivileged user, with read-only access to user's files (unless the user changed the file permissions for some reason). Now, the web server can also write to user's files. So while I've prevented different users taking advantage of each other's scripts, I've made it so that in the event that some application has a remote code injection vulnerability, it now has not only read access but also write access to all that user's scripts and website. How can I deal with this? One idea I've had is to create a second user account for each user account in the system, so that each user has their own user account, and all their scripts are run under another user account. But that seems cumbersome.

Read the article
Which is the best way to deploy a JBoss application?

- by andreash

Hi there, we are currently developing a JBoss application. To deploy it, we have a total of four servers (three years old). I am wondering which might be the best to do? There could be a load balancer (even a load-balancer cluster, for failover) in front of two servers, each holding one JBoss and one PostgreSQl host inside XEN environments. Does this make sense? Are there other, better options? Thanks a lot for your advice!

Read the article
Pasting extended ACL contents into telnet session to Cisco Router SIM

- by Kyle Brandt

I have a telnet session to a dynamips router sim. When I try to paste the contents of an actually working ACL retrieved from 'show run' into the access list, only part of gets pasted. The session is something like: enable conf t ip access-list extended Internet <PASTE of Rules> It stops right in the middle of a line: permit tcp any host 123.123.123.123 gt 1 ! should be gt 1023 Anyone know what is happening? The source is an extended access list.

Read the article
Dovecot not working pop3 with postfix

- by samer na

$ telnet localhost pop3 Trying ::1... Trying 127.0.0.1... telnet: Unable to connect to remote host: Connection refused $ netstat -l tcp 0 0 *:www : LISTEN tcp 0 0 localhost.localdoma:ipp : LISTEN tcp 0 0 *:smtp : LISTEN tcp 0 0 localhost.localdo:mysql : LISTEN and nothing about dovecot in mail.log or mail.err when I run this service dovecot start I got start: Rejected send message, 1 matched rules; type="method_call", sender=":1.553" (uid=1000 pid=26250 comm="start) interface="com.ubuntu.Upstart0_6.Job" member="Start" error name="(unset)" requested_reply=0 destination="com.ubuntu.Upstart" (uid=0 pid=1 comm="/sbin/init")) in dovecot.conf protocols = imap imaps pop3 pop3s disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " mail_location = maildir:/var/spool/mail/%d/%n mail_access_groups = mail first_valid_uid = 106 first_valid_gid = 106 protocol imap { } protocol pop3 { listen=*:110 pop3_uidl_format = %08Xu%08Xv } protocol lda { postmaster_address = [email protected] mail_plugins = quota log_path = /var/log/dovecot-deliver.log info_log_path = /var/log/dovecot-deliver.log } auth default { mechanisms = digest-md5 plain passdb sql { args = /etc/dovecot/dovecot-mysql.conf } userdb sql { args = /etc/dovecot/dovecot-mysql.conf } user = root }

Read the article
Crossover cable in addition to normal network connection on servers?

- by Zero0ne

I have 2 servers, both with Windows 2003 R2 Each have 2 NIC ports that are 10/100/1000 They are both connected to our LAN + joined to the domain (1 NIC port free on each server) The problem is that our main router is only 10/100 on the ports that these servers are connected to. Since one server is going to host SQL 2005 and the other will be running Altiris NS7, I was hoping that I could use a crossover cable to connect the two directly, thus taking advantage of their 1gbps NIC cards. Is this possible? If so what steps do I need to take to accomplish this? What needs to be done to make sure that when the app server is communicating with the SQL server that it is using the direct link vs traversing the LAN? Thanks a lot!

Read the article
Bridge virtual machines out WLAN interface

- by Thomas

It seems that my wlan card (intel 5100 AGN) firmware doesn't allow "spoofing" MAC addresses. This has the side effect of destroying the capability to bridge out my virtual machines on that interface. Apparently this is a common thing on wlan cards. I can see the incoming traffic just fine in my virtual machines, but their DHCP queries don't get bridged out of the WLAN card. It works perfectly well when using the wired ethernet port. Is there a workaround for this? MAC-NAT or something? I don't want to route my virtual machines out to the Internet because I don't want my host OS to even have an IP address. I'm using Linux and KVM for virtualization.

Read the article
rsyslog from Heroku drain creates empty log files

- by Jeff Lee

I'm sending logs from my Heroku app to an rsyslog server, but the resulting log files seem to come up empty. The rsyslog configuration for receiving remote messages is as follows: $template RemoteDailyLog,"/var/log/remote/%hostname%/%$year%/%$month%/%$day%.log" :fromhost-ip, !isequal, "127.0.0.1" -?RemoteDailyLog & ~ My complete rsyslog configuration is available in this paste. This configuration appears to create the directories correctly. I see the Heroku app's logging hostname (of the form "d.xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx") appear in /var/log on the rsyslog host, which implies that log messages are successfully making it to the logging daemon, but the resulting logfiles are zero-size. I'm guessing the issue is with rsyslog, rather than Heroku, but I'm not sure where to look next.

Read the article
ASP.NET MVC Resource not found

- by TheLorax

I am working on an MVC project in Visual Studio 2010 with .NET Framework 4.0 + MVC2 and everything works if I set the target framework to .NET 4.0. However, my host does not offer .NET 4.0 in order to deploy the site I need to get it working on .NET 3.5. I tried converting it to ASP.NET 3.5 and everything builds just fine except now when I try to load the homepage, I get a 404 Error saying: The resource cannot be found. Description: HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable. Please review the following URL and make sure that it is spelled correctly. Requested URL: /home Version Information: Microsoft .NET Framework Version:2.0.50727.4927; ASP.NET Version:2.0.50727.4927 Anyone know why this is? Thank You for Your help. TheLorax

Read the article
Running PHP scripts as the owner of the PHP file: security issues

- by thomasrutter

I'm using suexec to ensure that PHP scripts (and other CGI/FastCGI apps) are run as the account holder associated with the relevant virtual host. This allows for securing each users' scripts from reading/writing by other users. However, it occurs to me that this opens up a different security hole. Previously, the web server ran as an unprivileged user, with read-only access to user's files (unless the user changed the file permissions for some reason). Now, the web user can also write to user's files. So while I've prevented different users taking advantage of each other's scripts, I've made it so that in the event that some application has a remote code injection vulnerability, it now has not only read access but also write access to all that user's scripts and website. How can I deal with this? One idea I've had is to create a second user account for each user account in the system, so that each user has their own user account, and all their scripts are run under another user account. But that seems cumbersome.

Read the article
In *nix, how to determine which filesystem a particular file is on?

- by smokris

In a generic, modern unix environment (say, GNU/Linux, GNU/Solaris, or Mac OS X), is there a good way to determine which mountpoint and filesystem-type a particular absolute file path is on? I suppose I could execute the mount command and manually parse the output of that and string-compare it with my file path, but before I do that I'm wondering if there's a more elegant way. I'm developing a BASH script that makes use of extended attributes, and want to make it Do The Right Thing (to the small extent that it is possible) for a variety of filesystems and host environments.

Read the article
connect two computers together via a rs232 serial port

- by Richard

Wondering if anyone knows of a solution to connect with telnet/ssh through a rs232 serial port Edit: I am looking for a way to connect to computers together via a serial port. I want to be able to view the file system of a computer through a serial port.. Is this possible? Edit: So I have successfully connected two computers together using r232 serial ports with a null modem. The instructions I have used are located here Now how do I get to the file system of the host computer?? Any ideas?

Read the article
Apache2 proxypass

- by gatsby

i'm trying to figure out why my apache2 reverse proxy doesn't work... hope someone can clarify. i'm using an apache server as a gateway with proxy pass: 10.184.1.2 is the IP. these are PP instructions i inserted in the 000-default config file. ProxyPass / http://192.168.102.31/ ProxyPassReverse / http://192.168.102.31/ the host 192.168.102.31 is an internal IP of a subnet wich is not reachable directly by clients, but only by the apache gateway. when i try to access such a address: http://apache_gateway_name/dir i see the client trying to reach 192.168.102.31 address and of course timeout occurs. can someone help? Best regards

Read the article
Does kern.hz still have any relevance in FreeBSD if "dynamic tick mode" is enabled?

- by Frerich Raabe

I'm running a FreeBSD 9.0 setup as a virtual machine in a KVM setup. In previous versions of FreeBSD it was common to force the kern.hz setting to a lower value so that the virtual machine does not keep the host busy because it's handling timer interrupts without having any work to do - the FreeBSD Handbook explains: The most important step is to reduce the kern.hz tunable to reduce the CPU utilization of FreeBSD under the Parallels environment. This is accomplished by adding the following line to /boot/loader.conf: kern.hz=100 Without this setting, an idle FreeBSD Parallels guest OS will use roughly 15% of the CPU of a single processor iMac®. After this change the usage will be closer to a mere 5%. However, in FreeBSD 9, the "dynamic tick mode" (aka "tickless mode") is the default, controlled by the kern.eventtimer.periodic setting which defaults to 0 (read: tickless mode). This makes me wonder - does the tip of lowering kern.hz still have any relevance for making FreeBSD 9 play nicely in a virtual machine setup?

Read the article
set proxy for vpn server on ubuntu server 12.4

- by Morteza Soltanabadiyan

I have a vpn server with HTTPS, L2TP , OPENVPN , PPTP. i want to set proxy in the server so all connection that comes from vpn clients use the proxy that i set in my server. I made a bash script file for it , but proxy not working. gsettings set org.gnome.system.proxy mode 'manual' gsettings set org.gnome.system.proxy.http enabled true gsettings set org.gnome.system.proxy.http host 'cproxy.anadolu.edu.tr' gsettings set org.gnome.system.proxy.http port 8080 gsettings set org.gnome.system.proxy.http authentication-user 'admin' gsettings set org.gnome.system.proxy.http authentication-password 'admin' gsettings set org.gnome.system.proxy use-same-proxy true export http_proxy=http://admin:[email protected]:8080 export https_proxy=http://admin:[email protected]:8080 export HTTP_PROXY=http://admin:[email protected]:8080 export HTTPS_PROXY=http://admin:[email protected]:8080 Now , i dont know what to do to make a global proxy for server and all vpn clients use it automatically.

Read the article
How can I limit CloudFront downloads

- by Alex Crouzen

I'm looking to use Amazon's CloudFront to host some content in the near future. Currently, I'm keeping it very simple and I'm just uploading my content to S3 and then making a distribution available via Cloudfront. However, because I have a limited budget, I'd like to be able to limit the number of downloads or the money spent on bandwidth. As far as I can see, I can't set any quotas or budgets like you can in Google's App Engine, so I'm looking for another way of doing this. Has anyone had any experience doing this? One approach I'm thinking of is having to place a webserver with redirects in between, but that kind of defeats the simplicity of CF for me.

Read the article
reverse nslookup fails for single machine

- by matt wilkie

I have a computer on a windows Active Directory network for which reverse dns lookup fails. It doesn't matter which machine runs the lookup. The problem computer is a debian vm on a windows server 2003 host. >nslookup wiki.dept Server: primary.internal.domain.org Address: 192.111.222.44 Name: wiki.dept.internal.domain.org Address: 192.111.111.185 >nslookup 192.111.111.185 Server: primary.internal.domain.org Address: 192.111.222.44 *** primary.internal.domain.org can't find 192.111.111.185: Non-existent domain Contents of /etc/resolv.conf on the debian guest: nameserver 192.111.111.244 nameserver 192.111.222.44 search internal.domain.org What is wrong? how do I get ip-to-name resolution to work for this machine? Thank you.

Read the article
Cisco VPN and .pcf file

- by yael

I have few of profiles .pcf files , and I used them in order to automate the vpmclient connection VIA CLI command I have WIN XP server for example vpmclient connect "customor_alpha" until now everything is ok but I have problem with the last of my profiles - area1.pcf the problem is when I type in CMD window the following ( to create VPN connection ) vpmclient connect "area1" after 2 second CISCO window will pop up and ask for password , ( username already defined in window ) please advice what could be the problem , why I get the "CISCO PVN window" ? or maybe I have some in correct syntax in my .pcf file , I checked the .pcf file again and again and I couldn't find the problem ? example of area1.pcf ( only example - not my real pcf ) [main] Description=connection to TechPubs server Host=10.10.99.30 AuthType=1 GroupName=docusers GroupPwd= enc_GroupPwd=158E47893BDCD398BF863675204775622C49<SNIPPED> EnableISPConnect=0 ISPConnectType=0 ISPConnect= ISPCommand= Username=alice SaveUserPassword=0 UserPassword= enc_UserPassword= NTDomain= EnableBackup=1 BackupServer=Engineering1, Engineering2, Engineering 3, Engineering4 EnableMSLogon=0 MSLogonType=0 EnableNat=1 EnableLocalLAN=0 TunnelingMode=0 TCPTunnelingPort=10000 CertStore=0 CertName= CertPath= CertSubjectName SendCertChain=0 VerifyCertDN=CN=”ID Cert”,OU*”Cisco”,ISSUER-CN!=”Entrust”,ISSURE-OU!*”wonderland” DHGroup=2 PeerTimeOut=90 ForceNetLogin=

Read the article
Cutting users off in Windows console sessions

- by RoRy

I'm currently working in a company where many of us log onto hosts/servers under Windows Server 2008 via console session. If one person is logged on and another tries it causes the person who was logged on first (and maybe doing something important) to be cut off. Is there such a thing as an application for such events where before logging on people can see if any other IP address is controlling the host/server? Also, if the person on the console session had the ability to leave a note for anybody thinking of taking over the session of when they are finished etc.. I have many other ideas for such things but could someone tell me if such an application exists?

Read the article
Ubuntu and mysql server. Something isnt allowing me to connect

- by acidzombie24

I have a question about mysql settings http://serverfault.com/questions/94054/remote-connections-and-mysql-on-ubuntu/94088#94088 now i want to figure out why i cannot connect. I made sure bind-address was commented out. I can ping the server within the VM but i cannot ping it from within the VM using mysqladmin --protocol=tcp --host=self_ip ping. I also followed along and check if my ports were open and they look like they are. I setup samba on that VM and can access that with no problem as well. It looks like ubuntu does not have a firewall either (i figured this out before) so i am stumped why the server isnt allowing my connection. Apparently the config file works on another person side http://www.pastie.org/742545 I am using Ubuntu 6.06 LTS just because of 'support' reasons. So hopefully this will be 'easy'?

Read the article
How many virtual processors or cores should I assign to my Guest OS?

- by reidLinden

I've just received an upgraded Host machine, and am looking to push some of those advances to my workstations Guest OS(s). In particular, I used to have a single processor, with 2 cores, so my Guest OS only had 1/1. Now, I've got a single processor with 8 cores, so I'm curious about what would be recommended for my Guest OS now? 1 processor/4 cores? 2 processors/2 cores? 4 processors/1 core? My instinct says to stick with the number of physical processors (or less), but, is that based on reality? I spent a good while looking for an answer to this, but perhaps my google-karma isn't in my favor today.

Read the article
shared web hosting architecture in a university setting

- by gaspol

We're in the process of creating a shared webhosting infrastructure for our university. Departments within the university can host their sites on this infrastructure. We're thinking of setting up multiple, load balanced web servers attached to shared storage (for web content and Apache config files). There will also be database servers behind these web servers. Does anyone have any other suggestions about this? Any recommendations for an alternative setup? Would having cPanel/WHM/Plesk be a good idea to automate account creation/maintenance?

Read the article
How would I put together a site requiring several TB? [closed]

- by acidzombie24

Lets say I have a site with unmetered 100MBPS bandwidth (i assume its bits?) and the ram i require. Most plans i see offer HDD that hold 250gb and 1TB. But what happens if i compile/generate enough data that i require 10tb or 25tb? (I'd likely have two servers but...) I wouldn't be serving all of that data (well not to the public) so CDN wouldn't make sense. What do i do in this scenario? Do I need to get a custom plan from a hosting provider? (if so how do i find them?) Are there services that allow me to mount remote drives (that sounds wrong unless its a CDN so maybe not). Are there host that deals specifically with unmetered bandwidth and provides lots of disk space? Math says ~1TB is the most i'll ever need but if i happen to need more i'd like to know my options.

Read the article
Sending mail to local address crashes web server (sendmail)

- by deceze

When trying to send mail automatically from a script at example.com via PHP's mail() to [email protected], the Apache server throws an Internal Error. I believe internally it is configured to use sendmail. The message gets dropped into ~/dead.letter and the general error log reads: [Wed May 12 11:26:45 2010] [error] [client xxx.xxx.xxx.xxx] malformed header from script. Bad header=/home/example/dead.letter... S: /home/example/www/test.php Trying any other address, not @example.com, works just fine. I have googled and serverfaulted for solutions, but they all require to edit configuration files in /etc/mail and similar system places, which is not an option, since this problem occurs on a shared host in which I only have access to ~/. Does anyone have a suggestion?

Read the article
Get sessions' remote IP from Teamviewer log file

- by etuardu

I'd like to know who has logged in to my machine and when. I have two TeamViewer log files: Connections_incoming.txt and TeamViewer7_Logfile.log. The first one is quite plain and lists, as its name says, the incoming connections to the machine, reporting the local name of the remote host, login time, logout time, and some ids. e.g.: 173274362 MYLAPTOP 20-02-2012 17:32:16 20-02-2012 17:50:42 Master RemoteControl {C5AAE483-ED0B-54B8-9235-7AE597CAD342} This is almost all what I need, but unfortunately no remote IP address is reported here, so I checked for IPs in TeamViewer7_Logfile.log but it is really messy. It indeed contains some IP addresses but I can't understand which one is bound with the items in the first log file. Is there a way to interpolate the two logs to get what I need? Should I search the second file for some particular text? What do you suggest?

Read the article
Xen private networking between multiple hosts

- by Joe

I have two physical hosts running Xen 3.2, sharing storage via iSCSI. On these two hosts are a number of domUs and I'd like to network them in multiple private networks so they can only contact other domUs on their private network. My understanding of the xen documentation suggests it's possible to do this within one dom0 (ie create virtual networks between domUs), but I've found nothing explaining how this can be implemented across multiple dom0s on different hosts. The only thing that jumps to mind is manually creating iptable rules to route data to the other host, but this seems to lack elegance and could quickly grow cumbersome. Any suggestions? All advice is much appreciated!

Read the article

< Previous Page | 327 328 329 330 331 332 333 334 335 336 337 338 | Next Page >