Search Results

Search found 3101 results on 125 pages for 'packet filtering'.

Page 41/125 | < Previous Page | 37 38 39 40 41 42 43 44 45 46 47 48  | Next Page >

  • Best practices for encrypting continuous/small UDP data

    - by temp
    Hello everyone, I am having an application where I have to send several small data per second through the network using UDP. The application need to send the data in real-time (no waiting). I want to encrypt these data and insure that what I am doing is as secure as possible. Since I am using UDP, there is no way to use SSL/TLS, so I have to encrypt each packet alone since the protocol is connectionless/unreliable/unregulated. Right now, I am using a 128-bit key derived from a passphrase from the user, and AES in CBC mode (PBE using AES-CBC). I decided to use a random salt with the passphrase to derive the 128-bit key (prevent dictionary attack on the passphrase), and of course use IVs (to prevent statistical analysis for packets). However I am concerned about few things: Each packet contains small amount of data (like a couple of integer values per packet) which will make the encrypted packets vulnerable to known-plaintext attacks (which will result in making it easier to crack the key). Also, since the encryption key is derived from a passphrase, this will make the key space way less (I know the salt will help, but I have to send the salt through the network once and anyone can get it). Given these two things, anyone can sniff and store the sent data, and try to crack the key. Although this process might take some time, once the key is cracked all the stored data will be decrypted, which will be a real problem for my application. So my question is, what is the best practices for sending/encrypting continuous small data using a connectionless protocol (UDP)? Is my way the best way to do it? ...flowed? ...Overkill? ... Please note that I am not asking for a 100% secure solution, as there is no such thing. Cheers

    Read the article

  • Best practices for encrytping continuous/small UDP data

    - by temp
    Hello everyone, I am having an application where I have to send several small data per second through the network using UDP. The application need to send the data in real-time (on waiting). I want to encrypt these data and insure that what I am doing is as secure as possible. Since I am using UDP, there is no way to use SSL/TLS, so I have to encrypt each packet alone since the protocol is connectionless/unreliable/unregulated. Right now, I am using a 128-bit key derived from a passphrase from the user, and AES in CBC mode (PBE using AES-CBC). I decided to use a random salt with the passphrase to derive the 128-bit key (prevent dictionary attack on the passphrase), and of course use IVs (to prevent statistical analysis for packets). However I am concerned about few things: Each packet contains small amount of data (like a couple of integer values per packet) which will make the encrypted packets vulnerable to known-plaintext attacks (which will result in making it easier to crack the key). Also, since the encryption key is derived from a passphrase, this will make the key space way less (I know the salt will help, but I have to send the salt through the network once and anyone can get it). Given these two things, anyone can sniff and store the sent data, and try to crack the key. Although this process might take some time, once the key is cracked all the stored data will be decrypted, which will be a real problem for my application. So my question is, what is the best practices for sending/encrypting continuous small data using a connectionless protocol (UDP)? Is my way the best way to do it? ...flowed? ...Overkill? ... Please note that I am not asking for a 100% secure solution, as there is no such thing. Cheers

    Read the article

  • Is this the right way to write a ProtocolDecoder in MINA?

    - by phpscriptcoder
    public class CustomProtocolDecoder extends CumulativeProtocolDecoder{ byte currentCmd = -1; int currentSize = -1; boolean isFirst = false; @Override protected boolean doDecode(IoSession is, ByteBuffer bb, ProtocolDecoderOutput pdo) throws Exception { if(currentCmd == -1) { currentCmd = bb.get(); currentSize = Packet.getSize(currentCmd); isFirst = true; } while(bb.remaining() > 0) { if(!isFirst) { currentCmd = bb.get(); currentSize = Packet.getSize(currentCmd); } else isFirst = false; //System.err.println(currentCmd + " " + bb.remaining() + " " + currentSize); if(bb.remaining() >= currentSize - 1) { Packet p = PacketDecoder.decodePacket(bb, currentCmd); pdo.write(p); } else { bb.flip(); return false; } } if(bb.remaining() == 0) return true; else return false; } } Anyone see anything wrong with this code? When a lot of packets are received at once, even when only one client is connected, one of them might get cut off at the end (12 bytes instead of 15 bytes, for example) which is obviously bad.

    Read the article

  • How can I refactor this to work without breaking the pattern horribly?

    - by SnOrfus
    I've got a base class object that is used for filtering. It's a template method object that looks something like this. public class Filter { public void Process(User u, GeoRegion r, int countNeeded) { List<account> selected = this.Select(u, r, countNeeded); // 1 List<account> filtered = this.Filter(selected, u, r, countNeeded); // 2 if (filtered.Count > 0) { /* do businessy stuff */ } // 3 if (filtered.Count < countNeeded) this.SendToSuccessor(u, r, countNeeded - filtered) // 4 } } Select(...), Filter(...) are protected abstract methods and implemented by the derived classes. Select(...) finds objects in the based on x criteria, Filter(...) filters those selected further. If the remaining filtered collection has more than 1 object in it, we do some business stuff with it (unimportant to the problem here). SendToSuccessor(...) is called if there weren't enough objects found after filtering (it's a composite where the next class in succession will also be derived from Filter but have different filtering criteria) All has been ok, but now I'm building another set of filters, which I was going to subclass from this. The filters I'm building however would require different params and I don't want to just implement those methods and not use the params or just add to the param list the ones I need and have them not used in the existing filters. They still perform the same logical process though. I also don't want to complicated the consumer code for this (which looks like this) Filter f = new Filter1(); Filter f2 = new Filter2(); Filter f3 = new Filter3(); f.Sucessor = f2; f2.Sucessor = f3; /* and so on adding filters as successors to previous ones */ foreach (User u in users) { foreach (GeoRegion r in regions) { f.Process(u, r, ##); } } How should I go about it?

    Read the article

  • UDP packets are dropped when its size is less than 12 byte in a certain PC. how do i figure it out the reason?

    - by waan
    Hi. i've stuck in a problem that is never heard about before. i'm making an online game which uses UDP packets in a certain character action. after i developed the udp module, it seems to work fine. though most of our team members have no problem, but a man, who is my boss, told me something is wrong for that module. i have investigated the problem, and finally i found the fact that... on his PC, if udp packet size is less than 12, the packet is never have been delivered to the other host. the following is some additional information: 1~11 bytes udp packets are dropped, 12 bytes and over 12 bytes packets are OK. O/S: Microsoft Windows Vista Business NIC: Attansic L1 Gigabit Ethernet 10/100/1000Base-T Controller WSASendTo returns TRUE. loopback udp packet works fine. how do you think of this problem? and what do you think... what causes this problem? what should i do for the next step for the cause? PS. i don't want to padding which makes length of all the packets up to 12 bytes.

    Read the article

  • [java] tcp socket communication [send and recieve help]

    - by raven
    hello, I am creating a Chat in java. I have a method (onMouseRelease) inside an object that creates a tcp server and waits for a socket ServerSocket server = new ServerSocket(port); Socket channel = server.accept(); now I want to make a thread that will loop and read data from the socket, so that once the user on the other side sent me a string, I will extract the data from the socket [or is it called packet? sry I am new to this], and update a textbox to add the additional string from the socket [or packet?]. I have no idea how to READ (extract) the information from the scoket [/packet] and then update it into a JTextArea which is called userOutput. And how to Send a string to the other client, so that it will also could read the new data and update its JTextArea. (from what I know, for a 2 sided tcp communication you need one computer to host a server and the other to connect [as a client] and once the connection is set the client can also recieve new information from the socket. Is that true? and please tell me how ) Any help appreciated !! I know this is abit long but I have searched allot and didn't understand [I saw something like printwriter but failed to understand].

    Read the article

  • Java if/else behaving strangely

    - by Alex
    I'm a real newbie to java, so please excuse me if this is a hopelessly straightforward problem. I have the following from my java game server: // Get input from the client DataInputStream in = new DataInputStream (server.getInputStream()); PrintStream out = new PrintStream(server.getOutputStream()); disconnect=false; while((line = in.readLine().trim()) != null && !line.equals(".") && !line.equals("") && !disconnect) { System.out.println("Received "+line); if(line.equals("h")){ out.println("h"+EOF); // Client handshake System.out.println("Matched 1"); }else if (line.equals("<policy-file-request/>")) { out.println("..."+EOF); // Policy file System.out.println(server.getInetAddress()+": Policy Request"); disconnect=true; System.out.println("Matched 2"); }else if(line.substring(0,3).equals("GET")||line.substring(0,4).equals("POST")){ out.println("HTTP/1.0 200 OK\nServer: VirtuaRoom v0.9\nContent-Type: text/html\n\n..."); // HTML status page disconnect=true; System.out.println("Matched 3"); } else { System.out.println(server.getInetAddress()+": Unknown command, client disconnected."); disconnect=true; System.out.println("Matched else"); } } server.close(); First of all, the client sends an "h" packet, and expects the same back (handshake). However, I want it to disconnect the client when an unrecognised packet is received. For some reason, it responds fine to the handshake and HTML status request, but the else clause is never executed when there's an unknown packet. Thanks

    Read the article

  • TCP socket communication

    - by raven
    hello, I am creating a Chat in java. I have a method (onMouseRelease) inside an object that creates a tcp server and waits for a socket like this: ServerSocket server = new ServerSocket(port); Socket channel = server.accept(); Now I want to make a thread that will loop and read data from the socket, so that once the user on the other side sends me a string, I will extract the data from the socket (or is it called packet? Sorry, I am new to this) and update a textbox to add the additional string from the socket (or packet?). I have no idea how to READ (extract) the information from the socket(/packet) and then update it into a JTextArea which is called userOutput. And how to send a string to the other client, so that it will also could read the new data and update its JTextArea. From what I know, for a 2 sided TCP communication you need one computer to host a server and the other to connect (as a client) and once the connection is set the client can also receive new information from the socket. Is that true? and please tell me how. Any help is appreciated! I know this is a bit long but I have searched a lot and didn't understand it (I saw something like PrintWriter but failed to understand).

    Read the article

  • Java: GatheringByteChannel advantages?

    - by Jason S
    I'm wondering when the GatheringByteChannel's write methods (taking in an array of ByteBuffers) have advantages over the "regular" WritableByteChannel write methods. I tried a test where I could use the regular vs. the gathering write method on a FileChannel, with approx 400KB/sec total in ByteBuffers of between 23-27 bytes in length in both cases. Gathering writes used an array of 64. The regular method used up approx 12% of my CPU, and the gathering method used up approx 16% of my CPU (worse than the regular method!) This tells me it's NOT useful to use gathering writes on a FileChannel around this range of operating parameters. Why would this be the case, and when would you ever use GatheringByteChannel? (on network I/O?) Relevant differences here: public void log(Queue<Packet> packets) throws IOException { if (this.gather) { int Nbuf = 64; ByteBuffer[] bbufs = new ByteBuffer[Nbuf]; int i = 0; Packet p; while ((p = packets.poll()) != null) { bbufs[i++] = p.getBuffer(); if (i == Nbuf) { this.fc.write(bbufs); i = 0; } } if (i > 0) { this.fc.write(bbufs, 0, i); } } else { Packet p; while ((p = packets.poll()) != null) { this.fc.write(p.getBuffer()); } } }

    Read the article

  • OpenVPN Error : TLS Error: local/remote TLS keys are out of sync: [AF_INET]

    - by Lucidity
    Fist off thanks for reading this, I appreciate any and all suggestions. I am having some serious problems reconnecting to my OpenVPN client using Riseup.net's VPN. I have spent a few days banging my head against the wall in attempts to set this up on my iOS devices....but that is a whole other issue. I was however able to set it up on my Mac OS X specifically on my Windows Vista 32 bit BootCamp VM with relatively little trouble. To originally connect I only had to modify the recommended Config file very slightly (Config file included at the end of this post): - I had to enter the code directly into my config file - And change "dev tap" to "dev tun" So I was connected. (Note - I did test to ensure the VPN was actually working after I originally connected, it was. Also verified the .pem file (inserted as the coding in my config file) for authenticity). I left the VPN running. My computer went to sleep. Today I went to use the internet expecting (possibly incorrectly - I am now unsure if I was wrong to leave it running) to still be connected to the VPN. However I saw immediately I was not. I went to reconnect. And was (am) unable to. My logs after attempting to connect (and getting a connection failed dialog box) show everything working as it should (as far as I can tell) until the end where I get the following lines: Mon Sep 23 21:07:49 2013 us=276809 Initialization Sequence Completed Mon Sep 23 21:07:49 2013 us=276809 MANAGEMENT: >STATE:1379995669,CONNECTED,SUCCESS, OMITTED Mon Sep 23 21:22:50 2013 us=390350 Authenticate/Decrypt packet error: packet HMAC authentication failed Mon Sep 23 21:23:39 2013 us=862180 TLS Error: local/remote TLS keys are out of sync: [AF_INET] VPN IP OMITTED [2] Mon Sep 23 21:23:57 2013 us=395183 Authenticate/Decrypt packet error: packet HMAC authentication failed Mon Sep 23 22:07:41 2013 us=296898 TLS: soft reset sec=0 bytes=513834601/0 pkts=708032/0 Mon Sep 23 22:07:41 2013 us=671299 VERIFY OK: depth=1, C=US, O=Riseup Networks, L=Seattle, ST=WA, CN=Riseup Networks, [email protected] Mon Sep 23 22:07:41 2013 us=671299 VERIFY OK: depth=0, C=US, O=Riseup Networks, L=Seattle, ST=WA, CN=vpn.riseup.net Mon Sep 23 22:07:46 2013 us=772508 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Mon Sep 23 22:07:46 2013 us=772508 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Mon Sep 23 22:07:46 2013 us=772508 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Mon Sep 23 22:07:46 2013 us=772508 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Mon Sep 23 22:07:46 2013 us=772508 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA So I have searched for a solution online and I have included what I have attempted below, however I fear (know) I am not knowledgeable enough in this area to fix this myself. I apologize in advance for my ignorance. I do tech support for a living, but not this kind of tech support unfortunately. Other notes and troubleshooting done - - Windows Firewall is disabled completely, as well as other Anti-virus programs - Tor is disabled completely - No Proxies running - Time is correct in all locations - Router Firmware is up to date - Able to connect to the internet and as far as I can tell all necessary ports are open. - No settings have been altered since I was able to connect successfully. - Ethernet as well as wifi connections attempted, resulted in same error. Also tried adding the following lines to my config file (without success or change in error): persist-key persist-tun proto tcp (after reading that this error generally occurs on UDP connections, and is extremely rare on TCP) resolv-retry infinite (thinking the connection may have timed out since the issues occurred after leaving VPN connected during about 10 hrs of computer in sleep mode) All attempts resulted in exact same error code included at the top of this post. The original suggestions I found online stated - (regarding the TLS Error) - This error should resolve itself within 60 seconds, or if not quit wait 120 seconds and try again. (Which isnt the case here...) (regarding the Out of Sync" error) - If you continue to get "out of sync" errors and the link does not come up, then it means that something is probably wrong with your config file. You must use either ping and ping-restart on both sides of the connection, or keepalive on the server side of a client/server connection, in order to gracefully recover from "local/remote TLS keys are out of sync" errors. I wouldn't be surprised if my config file is lacking, or not correct. However I can confirm I followed the instructions to a tee. And was able to connect originally (and have not modified my settings or config file since I was able to connect to when the error began occurring). I have a very simple config file: client dev tun tun-mtu 1500 remote vpn.riseup.net auth-user-pass ca RiseupCA.pem redirect-gateway verb 4 <ca> -----BEGIN CERTIFICATE----- [OMITTED] -----END CERTIFICATE----- </ca> I would really appreciate any help or suggestions. I am at a total loss here, I know I'm asking a lot here. Though I am a new user on this site I help others on many forums including Microsoft's support community and especially Apple's support communities, so I will definitely pass on anything I learn here to help others. Thanks so so so much in advance for reading this.

    Read the article

  • Weird FTP issue between Unity Express and Windows Server 2008 FTP

    - by user33975
    My VOIP specialist complained about not being able to run backups of the Unity Express onto our FTP server (Microsoft FTP on Server 2008). I did a packet trace and observed some weird behavior that I think is even kind of funny in a way. The Unity FTP client is able to initiate both control and data connections with no problem, even being able to LIST directories and CWD into them. But as soon as the client sends a SYST command (not sure why it cares), the server replies with "Windows_NT" and lo and behold...the client immediately sends a QUIT command! I've seen this happen consistently on my packet captures. I tried pointing the Unity FTP client to a FileZilla FTP server, and viola...it worked fine! Has anyone else observed this? I thought it was kinda funny, being that Cisco seems to not like Microsoft that much...

    Read the article

  • Multi language support in wireshark

    - by Ajay
    Do we have multiple language support with Wireshark. We are using Windows Xp SP2 and Ubuntu Linux environment. Actually we have a plugin which is UDP based and we have a requirement to Analyse the Information in Packet List Pane and Packet Details Pane to be viewed in other languages like French, German, Italian etc ... So is it possible with Wireshark version - 1.2.0. For e.g. Can we also have all the Menu Items etc ... all text in Wireshark which is there in English to be seen in French, German and Italian.

    Read the article

  • sftp and public keys

    - by Lizard
    I am trying to sftp into an a server hosted by someone else. To make sure this worked I did the standard sftp [email protected] i was promted with the password and that worked fine. I am setting up a cron script to send a file once a week so have given them our public key which they claim to have added to their authorized_keys file. I now try sftp [email protected] again and I am still prompted for a password, but now the password doesn't work... Connecting to [email protected]... [email protected]'s password: Permission denied, please try again. [email protected]'s password: Permission denied, please try again. [email protected]'s password: Permission denied (publickey,password). Couldn't read packet: Connection reset by peer I did notice however that if I simply pressed enter (no password) it logged me in fine... So here are my questions: Is there a way to check what privatekey/pulbickey pair my sftp connection is using? Is it possible to specify what key pair to use? If all is setup correctly (using correct key pair and added to authorized files) why am I being asked to enter a blank password? Thanks for your help in advance! UPDATE I have just run sftp -vvv [email protected] .... debug1: Authentications that can continue: publickey,password debug3: start over, passed a different list publickey,password debug3: preferred gssapi-with-mic,publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Offering public key: /root/.ssh/id_rsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Server accepts key: pkalg ssh-rsa blen 277 debug2: input_userauth_pk_ok: SHA1 fp 45:1b:e7:b6:33:41:1c:bb:0f:e3:c1:0f:1b:b0:d5:e4:28:a3:3f:0e debug3: sign_and_send_pubkey debug1: read PEM private key done: type RSA debug1: Authentications that can continue: publickey,password debug1: Trying private key: /root/.ssh/id_dsa debug3: no such identity: /root/.ssh/id_dsa debug2: we did not send a packet, disable method debug3: authmethod_lookup password debug3: remaining preferred: ,password debug3: authmethod_is_enabled password debug1: Next authentication method: password It seems to suggest that it tries to use the public key... What am I missing?

    Read the article

  • How to drop packets in a custom Intrusion Detection System

    - by tzoukos
    Hi there, I'm trying to build a custom Intrusion Detection and Prevention System (IDS/IPS). I found a great utility named ROPE which can scan the packet payload and drop the packet that doesn't follow the rules, set by a script. This serves my purpose completely, since what I want to do is check the payload for some specific text and then drop it or allow it ( the string feature in iptables wouldn't do me any good, because I want to check more than one string in tha payload, like usernames, id's, etc ). However, ROPE is really old and despite my many attempts I haven't managed to install it properly. Do you know any similar program that will help me drop packets in iptables depending on the payload? Any suggestion is greatly appreciated :)

    Read the article

  • Gateway on a virtual network interface used by LXC guests

    - by linkdd
    I'm currently having some problems with configuring a gateway for a virtual network interface. Here is what I've done : I created a virtual network interface : # brctl addbr lxc0 # brctl setfd lxc0 0 # ifconfig lxc0 192.168.0.1 promisc up # route add -net default gw 192.168.0.1 lxc0 The output of ifconfig gave me what I wanted : lxc0 Link encap:Ethernet HWaddr 22:4f:e4:40:89:bb inet adr:192.168.0.1 Bcast:192.168.0.255 Masque:255.255.255.0 adr inet6: fe80::88cf:d4ff:fe47:3b6b/64 Scope:Lien UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 RX packets:623 errors:0 dropped:0 overruns:0 frame:0 TX packets:7412 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:0 RX bytes:50329 (49.1 KiB) TX bytes:335738 (327.8 KiB) I configured dnsmasq to provide a DNS server (using the default : 192.168.1.1) and a DHCP server. Then, my LXC guest is configured like this : lxc.network.type=veth lxc.network.link=lxc0 lxc.network.flags=up Every thing is working perfectly, my containers have an IP (192.168.0.57 and 192.168.0.98). I can ping the host and the containers from the containers and from the host : (host)# ping -c 3 192.168.0.114 PING 192.168.0.114 (192.168.0.114) 56(84) bytes of data. 64 bytes from 192.168.0.114: icmp_req=1 ttl=64 time=0.044 ms 64 bytes from 192.168.0.114: icmp_req=2 ttl=64 time=0.038 ms 64 bytes from 192.168.0.114: icmp_req=3 ttl=64 time=0.043 ms --- 192.168.0.114 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 1998ms rtt min/avg/max/mdev = 0.038/0.041/0.044/0.007 ms (guest)# ping -c 3 192.168.0.1 PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data. 64 bytes from 192.168.0.1: icmp_req=1 ttl=64 time=0.048 ms 64 bytes from 192.168.0.1: icmp_req=2 ttl=64 time=0.042 ms 64 bytes from 192.168.0.1: icmp_req=3 ttl=64 time=0.042 ms --- 192.168.0.1 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 1999ms rtt min/avg/max/mdev = 0.042/0.044/0.048/0.003 ms Now, it's time to configure the host as a gateway for the network 192.168.0.0/24 : #!/bin/sh # Clear rules iptables -F iptables -t nat -F iptables -t mangle -F iptables -X iptables -A FORWARD -i lxc0 -o eth0 -j ACCEPT iptables -A FORWARD -i eth0 -o lxc0 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE echo 1 > /proc/sys/net/ipv4/ip_forward The final test failed completely, ping the outside : (guest)# ping -c 3 google.fr PING google.fr (173.194.67.94) 56(84) bytes of data. From 192.168.0.1: icmp_seq=3 Redirect Host(New nexthop: wi-in-f94.1e100.net (173.194.67.94)) From 192.168.0.1 icmp_seq=1 Destination Host Unreachable From 192.168.0.1 icmp_seq=2 Destination Host Unreachable From 192.168.0.1 icmp_seq=3 Destination Host Unreachable --- google.fr ping statistics --- 3 packets transmitted, 0 received, +3 errors, 100% packet loss, time 2017ms Did I missed something ?

    Read the article

  • Enabling publickey authentication for server's sshd

    - by aaron
    I have two servers running RHEL 5. Both have nearly identical configurations. I have set up RSA Publickey authetication on both, and one works but the other does not: [my_user@client] $ ssh my_user@server1 --- server1 MOTD Banner --- [my_user@server1] $ and on the other server: [my_user@client] $ ssh my_user@server2 my_user@server2's password: --- server2 MOTD Banner --- [my_user@server2] $ server2's /etc/ssh/sshd_config file snippet: RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys When I run ssh -vvv I get the following snippet: debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug3: Next authentication method: publickey debug1: Offering public key: /home/my_user/.ssh/id_rsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Authentication that can continue: publickey,gssapi-with-mic,passowrd debug1: Offering public key: /home/my_user/.ssh/id_dsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Authentication that can continue: publickey,gssapi-with-mic,passowrd debug3: authmethod_lookup password debug3: remaining preferred: ,password debug3: authmethod_is_enabled password debug1: Next authentication method: password my_user@server2's password:

    Read the article

  • UDP packets to IP addresses other than specific ones not arriving and not shown in Wireshark

    - by Max
    I'm writing a service using UDP, but I can't manage to reply to the client. When sending to the client via the DHCP-assigned IP (192.168.1.143) Wireshark shows no sent packets. The server receives and Wireshark shows any packet sent by the client (broadcasted). If I send to a random, unassigned IP Wireshark doesn't show it. I thought the NIC would happily send it, since there is a router in the way - shouldn't Wireshark show it, even though it cannot possibly be received by a remote endpoint? If I send to either the router IP or another (specific, there is only one other) computer, the packet is shown in Wireshark. I am running Windows 7, the firewall is turned off using the control panel. Does the fact that wireshark doesn't show these packets mean that they aren't sent? What reason could there be for showing packets to one IP, but not another, on the same subnet?

    Read the article

  • Is an Ethernet point to point connection without a switch real time capable?

    - by funksoulbrother
    In automation and control, it is commonly stated that ethernet can't be used as a bus because it is not real time capable due to packet collisions. If important control packets collide, they often can't keep the hard real time conditions needed for control. But what if I have a single point to point connection with Ethernet, no switch in between? To be more precise, I have an FPGA board with a giga-Ethernet port that is connected directly to my control PC. I think the benefits of giga Ethernet over CAN or USB for a p2p connection are huge, especially for high sampling rates and lots of data generation on the FPGA board. Am I correct that with a point to point connection there can't be any packet collisions and therefore a real time environment is given even with ethernet? Thanks in advance! ~fsb

    Read the article

  • MySQL-5.5.10 - Lost connection to MySQL server during query (Both Web Clients and MySQL Slaves)

    - by kwiksand
    We've just upgraded our existing MySQL5.1 DB servers to newer (much better) hardware with MySQL 5.5, and things have been going mostly smoothly for almost 6 weeks. Just the last few days, I've noticed a few errors, such as: From a MySQL Slave: [ERROR] Error reading packet from server: Lost connection to MySQL server during query ( server_errno=2013) Or From Apache/Other: Lost connection to MySQL server at 'reading initial communication packet', system error: 110 At one point this evening, many webnodes reported this error for a three minute period (many such reports as this was in a busy period). However, the issues don't appear to correspond with any times of extreme load. For all intents and purposes, the connection/thread load on MySQL is at a normal rate (between about 10 and 40 connected threads), and Web load has been a LOT higher at times over the last few weeks. Could there bee other reasons for these connection errors, that I'm not seeing?

    Read the article

  • How to debug ssh authentication failures with gssapi-with-mic

    - by Arthur Ulfeldt
    when i ssh to DOMAIN\user@localhosts-name authentication works fine through gssapi-with-mic: debug3: remaining preferred: gssapi,publickey,keyboard-interactive,password debug3: authmethod_is_enabled gssapi-with-mic debug1: Next authentication method: gssapi-with-mic debug2: we sent a gssapi-with-mic packet, wait for reply debug3: Wrote 112 bytes for a total of 1255 debug1: Delegating credentials debug3: Wrote 2816 bytes for a total of 4071 debug1: Delegating credentials debug3: Wrote 80 bytes for a total of 4151 debug1: Authentication succeeded (gssapi-with-mic). when I connect to a different machine It just seems to stop half way through the gssapi-with-mic authentication: debug1: Next authentication method: gssapi-with-mic debug2: we sent a gssapi-with-mic packet, wait for reply debug3: Wrote 112 bytes for a total of 1255 debug1: Delegating credentials debug3: Wrote 2816 bytes for a total of 4071 <----- ???? debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive How should I go about finding out what happened differently the second time. How can I find out if/why the auth was rejected by kerberos?

    Read the article

  • What is the equivalent of 127.255.255.255 for OS/X machines so I can test broadcast udp packets without a network?

    - by JohnPristine
    I am trying to test my program that makes use of broadcast UDP (not multicast!). In Linux, I can use the 127.255.255.255:64651 address and everything works beautifully, in other words, I send a packet to 127.255.255.255:64651 and multiple clients listening on that port get the packet. A real broadcast example! Unfortunately on my OS/X machine (Mountain Lion) the same example does not work. Is there any way I can get 127.255.255.255 to work on mac machines? Any other solution to get broadcast working on my mac machine without a network? Note: It has to be broadcast, not multicast.

    Read the article

  • default gateway of a host

    - by varun
    if my understanding is correct, the following is what happens when a host A wants to communicate with a machine X outside its network. 1) The host ,checks it routing table to find out if there is any direct routes to the machine. 2) It finds out that the machine is outside its network and has to sent the packets to the default gateway(router) R. 3) The host sents an ARP broadcast to get the mac of the router R. 4) After getting the MAC, the host creates a packet with src IP and MAC as that of the host A, dest IP of the remote machine X and dest MAC of the router R. 5)The router R receives the packet, either drops its or sents its to its next hope, which can be another router or the remote machine X itself. Can anyone explain, how the steps would be, if i set the default gateway of the host A as host A itself...?

    Read the article

  • Problem with Jumbo Frames

    - by Spookyone
    Hello, I am trying to set up jumbo frames on my gigabit home LAN but no luck so far. My setup is: * D-Link DIR-655 router, HW Revision A3, Firmware 1.21 EU * Synology DS107+, Firmware 3.0-1337 * Laptop w/ Win7 x64, external PCIx NIC managed by "Generic Marvel Yukon 88E8053 based Ethernet Controller" The router is supposed to support jumbo frames but doesn't feature any relevant setting. I set the Jumbo Packet value to 9000 on both the NIC and the Synobox but it doesn't work, ping -f -l 8972 says "Packet needs to be fragmented but DF set". Is there any other setting I overlooked, the DIR-655 doesn't actually support jumbo frames, or what else could be the problem?

    Read the article

  • Unable to connect to mysql through JDBC connector through Tomcat or externally.

    - by iftrue
    I've installed a stock mysql 5.5 installation, and while I can connect to the mysql service via the mysql command, and the service seems to be running, I cannot connect to it through spring+tomcat or from an external jdbc connector. I'm using the following URL: jdbc:mysql://myserver.com:myport/mydb with proper username/password, but I receive the following message: server.com: Communications link failure The last packet sent successfully to the server was 0 milliseconds ago. the driver has not received any packets from the server. and tomcat throws: com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: Communications link failure The last packet sent successfully to the server was 0 milliseconds ago. The driver has not received any packets from the server. sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57) Which seems to be the same issue as if I try to connect externally.

    Read the article

  • Block spam by using geoip filter?

    - by faultyserver
    We are looking for a way to be able to block spam based on geographic location by filtering using geoip. context: we rarely have any email correspondence outside of the USA, so we would like to block all incoming email outside the US except for maybe one or two countries. After a little Googling I have found a couple of solutions that may work (or not), but I would like to know what other sysadmins are currently doing or what they would recommend as a solution. Here is what I have found so far: Using PowerDNS and its GeoIP backend it is possible to use geoip for filtering. Normally this backend is used to help distribute load as a kind of load balancing but I dont see why it couldnt be used to kill spam as well? Possibly use the Maxmind lite country database and some scripting to do a similar job. Ideally what I am looking for is a solution that would handle decent load and scale well too...aren't we all! ;) Thanks in advance for your help! :-)

    Read the article

< Previous Page | 37 38 39 40 41 42 43 44 45 46 47 48  | Next Page >