Search Results

Search found 1461 results on 59 pages for 'blocked'.

Page 44/59 | < Previous Page | 40 41 42 43 44 45 46 47 48 49 50 51  | Next Page >

• How to publish internal data to the internet - as simple as possible

  - by mlarsen

  I Asked this at Staock Overflow, but I would like your oppinion too as it has as much to do with administration as it does with coding. We have a .net 2-tier application where a desktop program is talking to a database. We support MS SQL Server 2000, 2005, 2008 and Oracle 9, 10 and 11. The application is sold, not as shrink-wrap, but pretty close. It is quite important for us that the installation and configuration is as easy as possible as installation instructions are usually supplied in written form to the customers internal IT-department. Our application is usually not seen as mission critical for the IT-department, so we need to keep their work down to a minimum. Now we are starting to get wishes for a web application build on top of the same data. The web application will be hosted by us and delivered as a SaaS application. Now the challenge is how to move data back and forth between the web application and the customers internal database. as I see it we have some requirements: We must be ready to handle the situation where the customers database is not accessible from the DMZ. I guess the easiest solution is that all communication is initiated from inside the customers lan. As little firewall configuration as possible. The best is if we can run without any special configuration as long as outgoing traffic from the customers lan are not blocked. If we need something changed in the firewall, we must be able to document that the change is secure. It doesn't have to be real time. Moving data in batches every ten minutes or so is OK. Data moves both ways, but not the same tables, so we don't have to support merges. It would be nice if we don't have to roll our own framework completely. Looking forward to hear your suggestions.

  Read the article

• E-mail duplication problem

  - by Gavin Osborn

  I have taken out a hosting agreement with a well respected hosting provider for a couple of internet facing servers. We have deployed several applications to these servers which send various e-mails back to us for reporting purposes. Context: Each server runs Windows Server 2003 R2 with the IIS 6.0 SMTP service installed. Each application is configured to use the local instance of IIS to send e-mails. The external IP address of each server is mapped to a particular domain eg: server1.mydomain.com server2.mydomain.com These e-mails are sent from a company domain name and not the domain name of the hosted servers (eg: [email protected]) Symptoms: A small number (<1%) of e-mails sent from these applications appear to be duplicated. These are exact duplicate in terms of both content and message headers. The Fix: I contacted my hosting provider and they told me this was a common problem & instructed me to: Change the HELO response of your mail server service to a FQDN (server1.mydomain.com && server2.mydomain.com) Create a DNS A record that resolves the FQDN of your mail server to the primary IP address of your sending mail server. Create a PTR record that resolves your primary IP address back to your mail server's FQDN In the sending domain's (mycompanydomain.com) DNS zone file, add the appropriate SPF record for your hosted servers. eg: v=spf1 a mx include:mydomain -all The Problem Continues: I made all of the changes as prescribed above, I was a little hesitant because these steps seemed to suggest they were more for stopping your messages getting blocked than they were for stopping them from being duplicated - but I am certainly no expert in these matters. It has been 5 days since I applied this fix and the problem still persists. I am certain that these problems are not a bug in the software because they are 4 different applications installed on 2 different servers, all of whom are exhibiting this strange behaviour. This behaviour has also not been seen in our UAT environment. Were my hosts correct to suggest this fix? If not, does anyone know what could be the cause of this problem? Many Thanks

  Read the article

• IPtables - Accept Arbitrary Packets

  - by Asad Moeen

  I've achieved a lot on blocking attacks on GameServers but I'm stuck on something. I've blocked major requests of game-server which it aceepts in the form "\xff\xff\xff\xff" which can be followed by the actual queries like get status or get info to make something like "\xff\xff\xff\xff getstatus " but I see other queries if sent to the game-server will cause it to reply with a "disconnect" packet with the same rate as input so if the input rate is high then the high output of "disconnect" might give lag to the server. Hence I want to block all queries except the ones actual clients use which I suppose are in the form "\xff\xff\xff\xff" or .... so, I tried using this rule : -A INPUT -p udp -m udp -m u32 ! --u32 0x1c=0xffffffff -j ACCEPT -A INPUT -p udp -m udp -m recent --set --name Total --rsource -A INPUT -p udp -m udp -m recent --update --seconds 1 --hitcount 20 --name Total --rsource -j DROP Now where the rule does accept the clients but it only blocks requests in the form "\xff\xff\xff\xff getstatus " ( by which GameServer replies with status ) and not just "getstatus " ( by which GameServer replies with disconnect packet ). So I suppose the accept rule is accepting the simple "string" as well. I actually want it to also block the non-(\xff) queries. So how do I modify the rule?

  Read the article

• Windows 7 notebook turn off by itself, how to check if it is due to CPU being too hot?

  - by Jian Lin

  I have a Dell Studio 15 notebook, and it just started turning off by itself yesterday. Could it be that the CPU is too hot? I have had several notebooks before and every one of them I can put them on the bed without any problem. This Dell Studio Notebook, however, seems like have the air / fan outlet pointed outward from the bottom back of the notebook, so I suspect that the air is partially blocked when it is on the bed. Are there Win 7 tools that can monitor the CPU temperature, or will some 3rd party tool be needed? (I try to stick to official tools nowadays). Also, it is running Win 7 Ulitmate, there is actually no utility or background service from Win 7 or from Dell that detects when the temperature is too hot (or 95% near the max), pop out a message box giving a warning and say that the computer will go into sleep mode in 1 minute, but instead just turn off the computer by brute force (cutting out the power) right then and there? Update: it turned off right in front of my eyes -- it is not doing any windows update or anything. just normal use and jooooop, it turned off.

  Read the article

• I get "An error occurred while Windows was synchronizing with [name of time server]." when trying t

  - by ChrisF

  Prompted by the answers to this question I decided to give the Windows built in time synchronisation another go. However, no matter what time server I use I get this error: "An error occurred while Windows was synchronizing with [name of time server]." The help suggests the following as reasons for failure: You are not connected to the Internet. Establish an Internet connection before you attempt to synchronize your clock. Your personal or network firewall prevents clock synchronization. Most corporate and organizational firewalls will block time synchronization, as do some personal firewalls. Home users should read the firewall documentation for information about unblocking network time protocol (NTP). You should be able to synchronize your clock if you switch to Windows Firewall. The Internet time server is too busy or is temporarily unavailable. If this is the case, try synchronizing your clock later, or update it manually by double-clicking the clock on the taskbar. You can also try using a different time server. The time shown on your computer is too different from the current time on the Internet time server. Internet time servers might not synchronize your clock if your computer's time is off by more than 15 hours. To synchronize the time properly, ensure that the date and time settings are set close to your current time in the Date and Time Properties in Control Panel. Now the first reason is clearly wrong - I am connected to the internet. I can see the 2nd being the most likely cause. I have Sygate Personal Firewall running, but it normally asks if something it trying to connect for the first time. Does anyone know I can unblock the NTP protocol - or at least check if it is blocked?. I don't think it's #3 or #4 as I've tried a number of different servers including the one currently used by Atomic Clock Sync. Though if someone knows the address of a UK time server I can double check this.

  Read the article

• Unable to record using Jmeter

  - by krish

  Hi, I am trying to record a http web page using Jmeter 2.3.3 version.I has setup the JMeter proxy and tried, but did n't work. I have followed the below steps. Launch jmeter 2.3.3, added thred group to test plan Under Workbench-add-non-test elements- added HTTP proxy server. proxy server setting are port:9090, target:use recording controller, grouping:donot group samplers, Type:HTTp request and checked the boxes of all under http sampler settings Saved the settings Now in browser(IE 7.0 or firefox 3.0.16), under connection settings, setup the manual proxy settings as local host and port as 9090(no auto detect settings nothing, only manual proxy). Setting saved Now in the jmeter, started the http proxy server. Open a browser and hit the webpage needs to be tested. The page is not opened. In fact because of the changes made in browsers, no pages are opened. Whenever i try hitting a page, the pages are recorded in the Jmeter. but without the page open, how can i test. I looking for an immediate answer and my work is blocked. Immediate answer would be appreciated.

  Read the article

• What kind of server attacks should i be aware of nowadays

  - by Saif Bechan

  I am recently running a web server, and there is a lot of information online, but it can all be a little confusing. I recently opened my logwatch logs and saw that i get attacked a lot by all sorts of bots. Now I am interested in a list with things I definitely should be aware of nowadays, and possible ways to prevent them. I have read stories about server crashed by floods, crashed by email, and all sorts of crazy stuff. Thing I already did: I have recently blocked all my ports, except for the http and email ports. I disabled IPv6, this was giving me a lot of named errors I have turned on spam DNS blackhole lists to fight spam - sbl.spamhaus.org; - zen.spamhaus.org; - b.barracudacentral.org; I installed and configured mod_security2 on apache There is no remote access possible to my databases That is all i did so far, further I am not aware of any other threats. I want to know if the following things have to be protects. Can I be flooded by emails. How can i prevent this Can there be a break in or flood of my databses Are there things like http floods or whatever Are there any other things i should know before i go public with my server I also want to know if there is some kind of checklist with must-have security protections. I know the OWASP list for writing good web applications, is there something for configuring a server.

  Read the article

• Dovecot authentification not working

  - by user1488723

  I run a Ubuntu 10.04 VPS with Postfix and Dovecot installed. For a while I had problems with the mailserver itself (Postfix) but now it runs ok. I can telnet into it from localhost (telnet localhost 25 while logged in) and Im blocked if I try to do it from the outside (telnet mail.example.org 25). This is as it should be according to my main.cf However when I try to log in using Dovecot (openssl s_client -connect mail.example.com:993) I'm allowed in but denied when trying to identify myself as a user: Excerpt from Dovecot log in: Key-Arg : None Start Time: 1341074622 Timeout : 300 (sec) Verify return code: 18 (self signed certificate) OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready. When I continue and try to log in to a specific user with the command: A001 login user password I get: A001 NO [AUTHENTICATIONFAILED] Authentication failed. I've reset the password to ensure it is correct and I know the user (user) exists on the system. When I do /etc/init.d/dovecot reload I get: /etc/init.d/dovecot: 29: maildir:~/Maildir: not found * Reloading IMAP/POP3 mail server dovecot [ OK ] Could it be that the mailboxes isn't found? Postfix main.cf: home_mailbox = Maildir/ mailbox_command = recipient_delimiter = + inet_interfaces = all smtpd_use_tls = yes smtpd_tls_auth_only = no smtpd_tls_loglevel = 1 smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem smtpd_sasl_auth_enable = yes smtpd_client_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination broken_sasl_auth_clients = yes smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = $mydomain Dovecot.conf: protocols = imap imaps disable_plaintext_auth = no log_timestamp = "%b %d %H:%M:%S " ssl = yes ssl_cert_file = /etc/postfix/ssl/smtpd.crt ssl_key_file = /etc/postfix/ssl/smtpd.key mail_location = maildir:~/Maildir auth_verbose = yes mail_access_groups = mail auth_username_chars = abcdefghijklmnopqrstuvwxyz0123456789 protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep } auth default { mechanisms = plain login passdb pam { } userdb passwd { } socket listen { client { path = /var/spool/postfix/private/auth user = postfix group = postfix mode = 0660 } } }

  Read the article

• Can't create new Volume on Unallocated Space

  - by natediggs

  I installed Windows Server 2008 R2 on a Dell server that has one volume that is a 6 TB RAID 5 array. I created a 120GB install volume and I'm now trying to create a 5 TB data volume. For what ever reason Windows will not allow me to create a new volume out of all of the unalocated space. Windows will allow me to create a new volume out of one 2TB block of unallocated space but not the remaining 3.5 TB block. Tried to post a screen shot but I was blocked. If I right click on the 1949.85 GB block of space there is the option to create a new volume. If I click on the 3539.5 GB block of space that option is grayed out. If I go into diskpart and try to create a new partition, diskpart says that there is only 1949GBs free on the volume. I know this process works because I did the exact same thing on another server that we have that is the exact same hardware configuration on which I used the exact same Server 2008 R2 install image. Any help would be greatly appreciated. Nate

  Read the article

• Why we can change our IP address?

  - by iamstupid

  I across some websites that offer change of our IP addresses. It says, we can surf net anonymously, including changing our IP address and location. Most of the softwares are not free, so I have not try it out yet. But my question is, so, IP addresses will no longer be unique or valid for identify which computer were sending/request the information? I though only the ISP can determine our IP, so we can change our IP from some commercial softwares huh? Case: If I change my IP address, I go to a website which is supposed to be banned by my country, will the ISP let me pass the check and I will be able to browse the website which should be blocked? another question: From what I know, if we want to go to certain website, here is the flow: My Computer = ISP = Website = ISP = My computer I am not sure, if its the correct flow, but I am sure that, whichever website I want to visit, I need to go through my ISP, isnt it?. So if we change out IP, our ISP will record our new IP or the original(assigned-by-ISP) IP? Sorry for my bad English.

  Read the article

• Extract and view Outlook contacts attachment sent to Gmail

  - by matt wilkie

  A friend forwarded a contact list to my gmail account from Outlook (2007 or 2010, not sure which). I can see there is an attachment in gmail but when I save it to my local drive it's just a plain text file containing the text This attachment is a MAPI 1.0 embedded message and is not supported by this mail system. If I use gmail's "show original message" it contains in part: This is a multipart message in MIME format. ------=_NextPart_000_0016_01CC6656.CE12F030 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit ------=_NextPart_000_0016_01CC6656.CE12F030 Content-Type: application/ms-tnef; name="winmail.dat" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="winmail.dat" eJ8+Ih0VAQaQCAAEAAAAAAABAAEAAQeQBgAIAAAA5AQAAAAAAADoAAEIgAcAGAAAAElQTS5NaWNy b3NvZnQgTWFpbC5Ob3RlADEIAQgABQAEAAAAAAAAAAAAAQkABAACAAAAAAAAAAEDkAYASAgAACgA --8<---snip---8<-- GUC/9NKH95rABgMA/g8HAAAAAwANNP0/pQ4DAA80/T+lDvAm ------=_NextPart_000_0016_01CC6656.CE12F030-- How do I save the attached winmail.dat properly, and open the winmail.dat and extract the contact list? I'm running Windows 7 x64, but have access to an ubuntu linux vmware appliance if needed. I have Outlook 2010, but can't use it to connect directly to gmail as pop3 and imap are blocked by the corporate firewall.

  Read the article

• Redirection of outbound UDP port NTP.

  - by pboin

  For my residential service, I changed ISPs to Zoom/Armstrong. Just after that, my NTP daemons stopped working. I dug deep and diagnosed the problem: Unprivileged ports are getting out. When i run 'ntpdate' for example, I go out on a high, unprivleged port, and get a response on UDP 123. That's fine. The 'ntpd' daemon though, expects to go out on 123 and get its reply there as well. This must be a common problem, because it's directly addressed in the NTP troubleshooting guide. Just to see what would happen, I wrote a detailed email to the general support address at Armstrong. They replied almost immediately with a complete technical answer! They have everything <1024 blocked, except for a few ports to support outbound VPN. So, the question: Can I use IPtables to essentially re-write my outbound UDP 123 up to 2123 or something like that? If I do, does there need to be a corresponding 2123-123 rule to translate the reply? This seems like NAT, but with ports, not addresses. True, I could run ntpdate from cron, but that loses all of the adjustment smarts of NTP.

  Read the article

• Office 2003 Service Pack 3- Not able to install

  - by kabirrao

  I am trying to install Office 2003 SP3 on a windows 2003 EE server (used as a terminal server) which already have office 2003 SP2. I am getting an error that says "Update can not be applied". Below are the eventviewer entries for Application: _ Event Type: Warning Event Source: MsiInstaller Event Category: None Event ID: 1015 Date: 1-2-2010 Time: 5:51:22 User: Domain\domainadmin Computer: TER01 Description: Failed to connect to server. Error: 0x800401F0 For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. _ Event Type: Information Event Source: MsiInstaller Event Category: None Event ID: 11708 Date: 1-2-2010 Time: 5:52:23 User: Domain\domainadmin Computer: TER01 Description: Product: Microsoft Office Professional Edition 2003 -- Installation failed. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Data: 0000: 7b 39 30 31 31 30 34 30 {9011040 0008: 39 2d 36 30 30 30 2d 31 9-6000-1 0010: 31 44 33 2d 38 43 46 45 1D3-8CFE 0018: 2d 30 31 35 30 30 34 38 -0150048 0020: 33 38 33 43 39 7d 383C9} _ Event Type: Information Event Source: McLogEvent Event Category: None Event ID: 257 Date: 1-2-2010 Time: 5:52:23 User: NT AUTHORITY\SYSTEM Computer: TER01 Description: Would be blocked by access protection rule (rule is in warn-only mode) (Common Standard Protection:Prevent common programs from running files from the Temp folder).

  Read the article

• Port Forwarding to put my web server on The Internet

  - by Chadworthington

  I went to http://canyouseeme.org/ to check to see what my external IP address. Regardless of what port I enter, it tells me that the port is blocked. I have a LinkSys router that basically has the default settings with the exception that I have WEP encrptin setup and I have forwarded a few ports, including 80 and 69. I forwarded them to the 192.x.x.103 IP address of the PC which is running IIS. That PC runs Symantec Endpoint Protection, which I right mouse clicked in the tray to Disable. These steps used to make my PC visible so I could host my own web site in IIS on port 80, or some other port, like 69. Yet, the Open Port tool cannot see my IP when it checks eiether port and when I navigate to http://my external ip/ I get "page cant be displayed" At first I was thinking that maybe Comcast is blocking port 80, but 69 doesnt work eiether. I do not see any other blockking set up in my router and, as I mentioned, I went with teh defaults except where discussed. This is a corporate PC and Symantec End Point Protecion is new to it (this previously worked on teh same PC with Symantec Protection Agent), but I thought that disabling Sym End Pt from the tray, that that would effectively neutralize it. I do not have the rights to kill the program itself. Any suggestions on what else to try to make my PC externally visible?

  Read the article

• I have enabled hidden administrator in Win 7 home, but programs still dont work.

  - by Angela

  I have Windows 7 Home Premium, and would like to do some maintenance tasks such as running Disk Defragmenter. However, this and other programs and applications that I'm accustomed to using are now blocked. For these programs, there is a shield icon next to their icons and nothing happens when I click on them. I notice that the screen blinks slightly, but I do not get prompted for a password and the program still does not run. It seems these programs may only be accessible through an Administrator account. However, right-clicking and selecting "Run As Administrator" does not work. After some research, I found a way to enable the hidden built-in Administrator account. I booted the computer into safe mode. In the command prompt, I typed net user administrator /active:yes. I gave the account a password. I rebooted the system. There is now an Administrator account on the home screen. However, the locked programs behave no differently for me when I use this account. What could cause this problem? How can I fix it?

  Read the article

• Port 5357 TCP on Windows 7 professional 64 bit?

  - by Registered

  Is there a reason this port is open, a quick Nmap scan and Nessus scan reveal it's open, why? Are there any ramifications if I close this port via the firewall rule set? Or does anyone here now more info about this port besides Google? WTF? 1)http://www.symantec.com/connect/blogs/who-left-tunnel-door-open-windows-firewall-vista-0 I know the talk is about Vista, but I am pretty sure it's the same port on 7, also. 2)Port 5357 common errors:The port is vulnerable to info leak problems allowing it to be accessed remotely by malicious authors. (Web Services for Devices) I am blocking this crap, if I have issues will just re-enable. Damn windows. Inbound rule for Network Discovery to allow WSDAPI Events via Function Discovery. [TCP 5357] You just got blocked, until I break something, will see. Time to re-Nmap and re-Nessus. Nmap scan 0 open ports after closing Port 5357,Win7 still works for now, one more scan with Nessus just to make sure all is well.

  Read the article

• IIS7 ASP.NET application - 2 identical apps in 2 identical app pools, 1 is responsive and 1 is not

  - by Ben

  I have an ASP.NET (v4.0) web app that is installed in a virtual directory (as an application) and is hosted in it's own app pool. This is repeated for each instance of the app (i.e. per customer). The app pools are integrated (not classic) mode and LoadUserProfile is set to true. Otherwise, default settings. Each instance currently has it's own copy of the code/config, and it's own data folder (basic file read/writes). 1 instance of this app runs well (operation used for comparison takes ~4 seconds). Every other instance runs slowly (from 10-25 seconds for the same operation). If I move the slower instance to the "fastest" app pool that instance springs to life. If I move the faster instance into the slower app pool that instance slows to a crawl. The app pools were created in the same way initially - manually. I later used the powershell copy routine to ensure an exact copy of the faster app pool and still the same behaviour. Comparing the apppool.config files shows they are identical barring the virtual directory assignments. There are no shared resources that are being blocked, so far as I can tell, and I tested that by shutting down the performant app pool and restarting... slow is still slow, and then when I restart that app pool (so it's loaded last) it's still faster...

  Read the article

• No LAN and SMB access, and Explorer not responsive, when using a second connection

  - by Lorenzo

  I apologize if this is a duplicate question, I know that there are several questions about multiple connection (LAN + LAN and LAN + dialup) but I haven't been able to find one that fits my scenario. I'm still using Windows XP on my corporate laptop, and I'm connected to the corporate LAN via Ethernet. The LAN NIC has a public IP address, although not accessible externally, obtained via the corporate DNS server. This connection is firewalled and requires a proxy to access Internet. To access Internet sites blocked by the corporate firewall, I use my smartphone via USB tethering. It is seen as a new LAN interface, and I get a private IP address (class 192.168..). There are two problems: The LAN is not accessible, as the default gateway goes to the tethering NIC. I'd like to solve this, but I can live with it. My PC becomes unresponsive if I use Windows Explorer to view local files, or even when I open the start menu. I guess that this is caused by attemps to connect to a mapped network drive. But I disabled the "Client for Microsoft Networks" in the tethering NIC. Why the system still hangs? Of course if I disable the Ethernet NIC, Explorer stops hanging. If you need further details, add a comment. Thanks!

  Read the article

• Users and Groups management on 7 Home Premium

  - by AviD

  Recently upgraded the home pc from XP pro, to Windows 7 Home Premium. I'm looking for a solution for a few things that seem to be missing from this edition... Since Local Users and Groups is blocked on Home Premium, I can't figure out how to manage groups, or even do anything even slightly advanced to users (basically, create/group/picture is it). net localgroup, net users, net etc dont seem to work - getting "system error 5". While I'm on the topic, I cant activate (what was once) "Local Security Policy"... Looking for any help, advice, or even a new direction cuz things is differ'nt on Winnows7... To clarify, I'm looking to do some of the following, which were simply back in XP-land: remote user only (i.e. no local logon) Grant special privileges for specific user grant access to e.g. C$ share for specific remote user create custom groups for users, to be able to separate privileges of say, my wife's from my kids define quite specifically what each user can do (beyond just standard users) Harden OS (hmm, i guess maybe what i'm looking for is security hardening guide for 7...?)

  Read the article

• How do I change Firefox's user agent via about:config?

  - by wahle509

  My work has blocked Internet access with Firefox. I know how to change the value of “general.useragent.extra.firefox” through about:config, but when I try to change it to IE, I still can’t access any website. I have Firefox 3.5.6 and Internet Explorer 7 installed on my desktop. Now, would I have to use the user agent that Internet Explorer 7 is currently using on my computer or can I use any Internet Explorer user agent? The user agent that Internet Explorer 7 is using right now is: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; InfoPath.2; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022). Do I just copy that and use it as the user agent in Firefox? How can I make this work?

  Read the article

• What does "incoming" and "outgoing" traffic mean?

  - by mgibsonbr

  I've seen many resources explaining how to set up a server's firewall to allow incoming and outgoing traffic on HTTP standard ports (80 and 443), but I can't figure out why I would need either of them. Do I need to unblock both for a "regular" web site to work? For file uploads to work? Are there situations where it would be advisable to unblock one and leave the other blocked? Sorry if that's a basic question, but I couldn't find it explained anywhere (also I'm not a native english speaker). I know in a "regular" web site the client is always the one who initiates a request, so I'm assuming a web server must accept incoming traffic on those ports, and my common sense tells me the server is allowed to send a response without unblocking anything else (otherwise it wouldn't make sense to have two types of rules). Is that correct? But what is an outgoing web (service) traffic, and what would be its use? AFAIK if the server wanted to initiate a connection with another machine, the specific port that matters is the one in the other end (i.e. the destination port would be 80), on its end any free port could be used (the source port would be random). I can open HTTP requests from my server (using wget for instance) without unblocking anything. So I'm assuming my concepts of "incoming" and "outgoing" are wrong somehow.

  Read the article

• Need info on scripts and Autoforward through Exchange Server in Outlook 2010

  - by user103037

  I am using the below information to auto-forward my work emails to my BB via a gmail account. The script works fine. But my work email ask's for every email to send either classifield or unclassified. What and where would I add into the below script to autoforward unclassified? I have written some VBA script to do this bypass the server's disabling of auto-forward. Basically it mimics the user forwarding the email rather than the server doing an auto-forward. It's pretty simple: Sub AutoForwardAllSentItems(Item As Outlook.MailItem) Dim strMsg As String Dim myFwd As Outlook.MailItem Set myFwd = Item.Forward myFwd.Recipients.Add "[email protected]" myFwd.Send Set myFwd = Nothing End Sub It's beyond the scope of this post to give detailed instructions, but here's a summary: Add the above code in the Visual Basic editor of Outlook (Alt-F11 should get your started). Be sure to change [email protected] to the address where you want the mail to go Tell Outlook to run this code for each inbound message (Tools - Rules and Alerts - New Rule - Check Messages when they arrive - Next - YES - Checkbox "Run a Script" - Then select the script you just created. Now Outlook should automatically forward each email you receive, but it won't be blocked by the Admin as an "Auto-forward".

  Read the article

• I've got very brazen pop3 attack how to protect the server?

  - by Ken Tang

  Today I have brazen attack to my pop3-dovecot server and mail log is full over (200MB) with this kind of information: Nov 11 09:28:14 lax dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<shawn>, method=PLAIN, rip=200.233.152.111, lip=myip Nov 11 09:28:14 lax dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<shop>, method=PLAIN, rip=200.233.152.111, lip=myip Nov 11 09:28:14 lax dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<sitetest>, method=PLAIN, rip=200.233.152.111, lip=myip Nov 11 09:28:14 lax dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<solar>, method=PLAIN, rip=200.233.152.111, lip=myip Nov 11 09:28:15 lax dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<services>, method=PLAIN, rip=200.233.152.111, lip=myip I just blocked attacker's ip by iptables -A INPUT -s 200.233.152.111 -j DROP But it this can be continued anytime from other ips. My question is: Is there any method to disallow anyone to connect my pop3 server (except only me?) because my ip is dynamic from ISP side so I don't know how to make pop3 server know that it is exactly me connecting to. Thank you in advance!

  Read the article

• How can I create a simple Exchange 2010 backup solution?

  - by bduncanj

  I'm sure this question's been asked a dozen times in one form or another, however after much searching, there doesn't appear to be an obvious simple recovery solution for a single Exchange box. We're using Exchange 2010 on a single server, the server hosts the AD and nothing else on the network uses the AD. The intent is to run this server as you would an externally hosted Exchange server - access only via HTTP (RPC mode or OWA) - all other ports blocked. I've a daily backup running, using Windows Server 2008 volume shadow service to backup the Exchange data to an external hard disk. My question is, how do I perform a bare metal recovery of this server? 1) Do I need to be explicitly including the active directory information in this nightly backup, or will it be there by virtue of the fact that this system is the primary AD server and the Windows backup service knows this? 2) I understand I can re-install Server 2008 onto my new hardware (in the case of hardware failure) and then run Exchange 2010 setup.exe with a /recover argument, referencing the backup volume. 3) It is acceptable to have some downtime during this recovery process. But is there anything else I should be aware of? Thanks! Duncan

  Read the article

• Redirection of outbound UDP port.

  - by pboin

  For my residential service, I changed ISPs to Zoom/Armstrong. Just after that, my NTP daemons stopped working. I dug deep and diagnosed the problem: Unprivileged ports are getting out. When i run 'ntpdate' for example, I go out on a high, unprivleged port, and get a response on UDP 123. That's fine. The 'ntpd' daemon though, expects to go out on 123 and get its reply there as well. This must be a common problem, because it's directly addressed in the NTP troubleshooting guide. Just to see what would happen, I wrote a detailed email to the general support address at Armstrong. They replied almost immediately with a complete technical answer! They have everything <1024 blocked, except for a few ports to support outbound VPN. So, the question: Can I use IPtables to essentially re-write my outbound UDP 123 up to 2123 or something like that? If I do, does there need to be a corresponding 2123-123 rule to translate the reply? This seems like NAT, but with ports, not addresses. I tried, but can't seem to get iptables to do what I want. I'm not sure if it's my lack of skill, or if I'm trying the wrong solution. True, I could run ntpdate from cron, but that loses all of the adjustment smarts of NTP.

  Read the article

< Previous Page | 40 41 42 43 44 45 46 47 48 49 50 51  | Next Page >