Search Results

Search found 1461 results on 59 pages for 'blocked'.

Page 45/59 | < Previous Page | 41 42 43 44 45 46 47 48 49 50 51 52  | Next Page >

• I've got very brazen pop3 attack how to protect the server?

  - by Ken Tang

  Today I have brazen attack to my pop3-dovecot server and mail log is full over (200MB) with this kind of information: Nov 11 09:28:14 lax dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<shawn>, method=PLAIN, rip=200.233.152.111, lip=myip Nov 11 09:28:14 lax dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<shop>, method=PLAIN, rip=200.233.152.111, lip=myip Nov 11 09:28:14 lax dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<sitetest>, method=PLAIN, rip=200.233.152.111, lip=myip Nov 11 09:28:14 lax dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<solar>, method=PLAIN, rip=200.233.152.111, lip=myip Nov 11 09:28:15 lax dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<services>, method=PLAIN, rip=200.233.152.111, lip=myip I just blocked attacker's ip by iptables -A INPUT -s 200.233.152.111 -j DROP But it this can be continued anytime from other ips. My question is: Is there any method to disallow anyone to connect my pop3 server (except only me?) because my ip is dynamic from ISP side so I don't know how to make pop3 server know that it is exactly me connecting to. Thank you in advance!

  Read the article

• Can not open ports in iptables on CentOS 5??

  - by abszero

  I am trying to open up ports in CentOS's firewall and am having a terrible go at it. I have followed the "HowTo" here: http://wiki.centos.org/HowTos/Network/IPTables as well as a few other places on the Net but I still can't get the bloody thing to work. Basically I wanted to get two things working: VNC and Apache over the internal network. The problem is that the firewall is blocking all attempts to connect to these services. Now if I issue service iptables stop and then try to access the server via VNC or hit the webserver everything works as expected. However the moment I turn iptables back on all of my access is blocked. Below is a truncated version of my iptables file as it appears in vi -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 5801 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 5901 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 6001 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 5900 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT Really I would just be happy if I could get port 80 opened up for Apache since I can do most stuff via putty but if I could figure out VNC as well that would be cool. As far as VNC goes there is just a single/user desktop that I am trying to connect to via: [ipaddress]:1 Any help would be greatly appreciated!

  Read the article

• Redirection of outbound UDP port.

  - by pboin

  For my residential service, I changed ISPs to Zoom/Armstrong. Just after that, my NTP daemons stopped working. I dug deep and diagnosed the problem: Unprivileged ports are getting out. When i run 'ntpdate' for example, I go out on a high, unprivleged port, and get a response on UDP 123. That's fine. The 'ntpd' daemon though, expects to go out on 123 and get its reply there as well. This must be a common problem, because it's directly addressed in the NTP troubleshooting guide. Just to see what would happen, I wrote a detailed email to the general support address at Armstrong. They replied almost immediately with a complete technical answer! They have everything <1024 blocked, except for a few ports to support outbound VPN. So, the question: Can I use IPtables to essentially re-write my outbound UDP 123 up to 2123 or something like that? If I do, does there need to be a corresponding 2123-123 rule to translate the reply? This seems like NAT, but with ports, not addresses. I tried, but can't seem to get iptables to do what I want. I'm not sure if it's my lack of skill, or if I'm trying the wrong solution. True, I could run ntpdate from cron, but that loses all of the adjustment smarts of NTP.

  Read the article

• Migrating WebLogic 10.3.0 to new host. Slow managed server startup times

  - by wadevondoom

  We are migrating our Blue Martini Commerce application (only supported on WebLogic 10.3.0) to a new host (Redhat 6.3 on a VMWare ESX vm). We are seeing extremely slow start up times for our managed server(s) that is basically 20x slower than our current production. As a for instance the Publish managed server takes ~30 - 45 seconds in current production and in the new environment it takes ~10 minutes. The setup uses the same domain structure and JVM as the current production environment. The same setup files are used. We use jdk1.6.0_33 on 64 bit architecture. We used the generic 64bit weblogic installer and used pack / unpack utilities to migrate the domain. The JAVA_OPTS to start this server are: "-d64 -Xms256m -Xmx512m -XX:PermSize=48m -XX:MaxPermSize=256m" The sysadmins have checked /etc/sysctl.conf and /etc/limits.conf to ensure we were not hitting some kind of process limit. As I am not sure what this managed server does from a Blue Martini perspective during the phase of startup I also had the DBA check to ensure that Oracle RAC (11.2.0.3) wasn't also hitting some kind of process limit or if there was a tns listener issue. The new host is quite a bit stricter with their server lock downs so there are a few differences.... Redhat 6.3 in new env, RH 5.7 in current SElinux is targeted in new env and disabled in current VM in new env and dedicated hardware in current iptables disabled in current. It was enabled in new prod but I had them disable it just in case I apologize for not being more specific. I am mostly hoping got some tips. I do not have the typical root access I would normally have in this environment. I am just hoping got a path forward. I did a few 'kill -3' to see if there are blocked threads and I got nadda. The service works for all intents and purposes it is just painfully slow. Thanks you all in advance for reading and best regards. Wade

  Read the article

• Remote network traffic not passing through VPN

  - by John Virgolino

  We have the following topology: LAN A LAN B LAN C 10.14.0.0/16 <-VPN-> 10.18.0.0/16 --- SONICWALL <-VPN-> M0N0WALL --- 10.32.0.0/16 Traffic between LAN A and LAN B works perfectly. Traffic between LAN C and LAN B works perfectly. Traffic between LAN A and LAN C, not so much. LAN A's gateway has a route to LAN C that points to the Sonicwall. The Sonicwall has a route to LAN A pointing to the VPN gateway connecting LAN B to LAN A. Tracing packets on the Sonicwall shows the LAN C destined traffic to arrive on the Sonicwall, but it does not forward the traffic, it dies there. Traffic from LAN B gets forwarded. Tracing packets on the Sonicwall while sending traffic from LAN C destined for LAN A shows nothing. This tells me that the M0N0WALL is not forwarding traffic for the 10.14.0.0 network and the Sonicwall is not forwarding from 10.14.0.0. The SA on the Sonicwall terminates on the WAN ZONE and is defined to use an address group that incorporates both the 10.14.0.0 and 10.18.0.0 networks. The M0N0WALL is configured for the 10.18.0.0 network and I have tried with both a static route to 10.14.0.0 and without on the M0N0WALL. I tried manually adding the 10.14.0.0 network to the SA on the M0N0WALL, but that really aggravated it and the SA never came up, so I reverted. I have checked all the firewall rules to make sure nothing is blocked. All of the Sonicwall auto-added rules look right. Specs: Sonicwall TZ200, Enhanced OS M0N0WALL v1.32 I'm at a loss at this point. Any help would be appreciated.

  Read the article

• Use autocomplete in dropdown cells with Excel 2007?

  - by Martin

  I want to make a survey with Excel and I therefore have defined the cells for the answers as a dropdown cell which only accepts answers from a certain list, e. g.: The two Lists List1 and List2 (yellow cells) are the possible answers for the questions in Block 1.x resp. 2.x (blue) . There might be a block 4 with more questions, which again use List1 for their possible answers. My problem is: I'd like to be able to use the autocompleate feature to fill in the blue cells with the dropdown menu, so that the user only types 5 and it automatically expands to "5: extremely important" or "5: extremely difficult". According to my research on the www, this should be possible if I add the list with possible answers directly above the cells where autocomplete should work (I did this with the green helper cells which could be hidden) . But I have to enter at least 4 characters 5: e to get the autocompleted suggestion. Is there a way to make autocomplete already replace a "5" by the corresponding valid term? As the survey file shall be distributed to a lot of people "outside", I can not use VBA magic because it may be blocked on their computer and might not work. EDIT: it seems to have to do with the numbers I use: If I'd start my List items with A, B, C instead of 1, 2, 3, it would work perfectly. Excel seems to ignore the pure numbers when they are entered and does not try to autocomplete them.. is there a workaround? (I hope it is clear what I want, it seems a little difficult to explain.)

  Read the article

• hosting company blocking google bots and crawlers [closed]

  - by Jayapal Chandran

  Hi, I am having a site for the past three years and it is very active for the past two years. Until not the site is working well and also now but not after the hosting company blocked google bots. Many pages appeared in the first page of the google search. After they started blocking i couldn't see my links in the first page instead they appeared after 5 pages or they did not appear at all. Will hosting companies be so stupid that they block and dont mention it to their users. They want to protect themselves by making the websites at stake. I display google ads and not this month i got only half for this 10 days. I have made requests to other hosting companies like blue host and monster host that i wan to transfer my domain by making a condition that the will not block google bots which stops the business indirectly. so any kind of help will be helpful. how can i claim what i lost from the hosting company. what other hosting companies consider the users (by informing the events like changing the IP or blocking google bot.) It was really working hard to bring up my site but these people just crashed down my site in a few days. :-(

  Read the article

• VMware Workstation Bridged Network Host UnReachable

  - by user2097818

  VMware Workstation 7 on Win7-64 (Home Premium). I have confirmed this on any guest running on this machine (from winxp to debian). I am using a bridged network connection for my guests (Automatic on VMnet0). All of the network configuration is done with DHCP (including on the host). Problem What I can not do: Ping my host machine from inside any VM. (either shows me "Destination Host Unreachable" or will just timeout) What I CAN do right after power up, with no problems at all. I can connect to the internet from inside the VM I can ping my router from inside the VM I can ping other machines on my network from inside the VM Other machines can ping the VM Other machines can ping the host My host machine can ping the VM (this one is important. read further) Details So I have my router assigned as 192.168.2.1/255.255.255.0, and the router provides the DHCP service (and it seems to be doing so successfully). There are no IP conflicts on the network that I am aware of. All Gateways and Subnet masks are appropriate and matching. My entire workshop is on one single subnet, with one single DHCP server and gateway. There is one method in which I can ping successfully, but it requires an active connection initiated from the host (I start pinging from host to VM). During the period of the active connection, I can successfully ping from VM to host, using explicit IP address. As soon as the host connection is closed, the VM ping starts hanging with the same old messages. My Thoughts This really feels like a firewall problem, but I have turned off all firewalls on host and VM, powered down the network, powered back up, and the problem still persists. And if it was firewall, why would only the IP address associated with bridged VM networks be blocked. I feel as though my host operating system (Win7) is somehow configured incorrectly, or, VMware Workstation is configured incorrectly from the host side. Although I have done my best to put everything in default, I feel like I am missing something silly.

  Read the article

• iptables : how to allow incoming ftp traffic?

  - by logansama

  Hi, Still fighting my way through the jungle that is called iptables. I have managed to allow FTP access outside of our LAN: both these would work. NOTE: eth0 is the LAN interface and eth1 is the WAN interface. iptables -t filter -A FORWARD -i eth0 -p tcp --dport 20:21 -j ACCEPT or iptables -A FORWARD -i eth0 -o eth1 -p tcp --sport 20:21 --dport 1024:65535 -j ACCEPT But when i connect to a external FTP server i manage to log in and all is fine until it wishes to List the directory content. Then nothing happens as the data is blocked, due to the fact that i do not have a rule set up to allow it! (my last rule on the FORWARD chain is to block all traffic) I have tried a gazillion rules (many of which i did not understand) to try and allow the FTP traffic back through my server. One such rule for example was: iptables -A FORWARD -i eth1 -o eth0 -p tcp --sport 20:21 --dport 1024:65535 -j ACCEPT But i cannot get the List to work. It just times out after a while. Would anyone perhaps know how to build a rule which would allow FTP to List / allow such traffic back? Or have a link to sources i could work through? Thank you,

  Read the article

• Which program is locking all my executable files?

  - by Tom Wijsman

  When updating any software product, as well as manually trying to replace .exe files, it says that access is denied to the file and in fact the System process is holding a handle to the file when I check it with Process Explorer. This must be a driver or something that is malfunctioning was my first though, but now I wonder how I figure out which driver / program is doing this and why it is so. Unlocker doesn't seem to be working for me, unless someone can tell me how to use it properly other than making it appear a magical wand in the notification area.... This is what Unlocker puts in my event log: The description for Event ID 1060 from source Application Popup cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer. If the event originated on another computer, the display information had to be saved with the event. The following information was included with the event: \??\C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys the message resource is present but the message is not found in the string/message table Upon searching event 1060 I get: <file name> has been blocked from loading due to incompatibility with this system. Perhaps it is because I have 64 bit?

  Read the article

• Exchange 2003 Internet Mail Size Limits

  - by scampbell

  I have unsuccessfully tried to increase per user incoming mail size settings by editing their user account settings on our Exchange server, but large incoming mail from external domains is still blocked using the default global settings. After reading here: http://support.microsoft.com/default.aspx?scid=kb;en-us;322679 I see that All Internet e-mail messages use the global setting for limits on sending and on receiving. The message categorizer evaluates the sender's sending limit and the recipient's receiving limit. In example 2 earlier, a user with a user mailbox limit of 3 MB could receive messages from another user with a 3-MB sending limit. Because Internet users use the global setting, they can send only a 2-MB message. Which to me is madness! Surely if I want to allow a user to receive mail up to a certain size then I should be able to set it as such? Is there a specific way of getting round this? Would setting the global defaults high and setting a lower, say 10MB, limit on the SMTP connector do the trick? Thanks.

  Read the article

• How to handle OpenVPN client as a service, when the laptop is physically on the network already?

  - by James

  The Setup I've gotten OpenVPN working on our Windows XP laptops. Users are limited, so I went ahead and set OpenVPN client to run as a service, which is great anyway because that means they are on the VPN before logging in, so login scripts work, plus we can do remote support even if the user can not log in (such as connecting via VNC or resetting passwords). It is also configured to send all traffic over the tunnel, so when, for example, they browse the internet it is just like browsing from our corporate network. The Qestion(s) So, I'm wondering how does the OpenVPN client act when the computer is already physically on the same network as the OpenVPN server? Right now, the client is configured to connect the the public dns name which will resolve to the public ip address which will NOT get reflected back to the OpenVPN server, so it is affectively blocked from connecting to the OpenVPN server while on the network. Is that a good thing? Or will it constantly try to connect, using up system resources and network resources? We will likely have hundreds of laptops regularly on the physical network with this, so it could contribute to a lot of unnecessary network chatter. Alternatively Would it be better to have the firewall reflect the port back to the OpenVPN server and let it connect? Or have our internal dns resolve the name to the private ip and allow them to connect directly? Would traffic then go over the vpn connection (which I do not want, when already on the physical network)? Or is it possible to tell it to ignore the connection when the client and server are already on the same network? TLDR What's a sane way of handling OpenVPN client running as an always-on service when the client and server will often be on the same network?

  Read the article

• Window 7 image in vmware will allow network connection out but not http

  - by Ormis

  I am currently trying to create a set of images to deploy on my network, but I've run in to a snag. When I create my own Windows 7 image I can successfully use NAT for connecting to the network but whenever I try to access a webpage I get nothing. To be more specific, All firewalls/iptables are disabled on my host machine, my virtual machine, and my network. I can do lookups and all addresses respond correctly (i'm even using Google's DNS). On the host OS i have full connectivity. On the virtual machine I can ping any device I want and all addresses resolve correctly. Within a browser I cannot reach any page via hostname or IP. I feel almost like port 80 is being blocked but i can't find any reason this would be the case. If anyone has had this occur before, I would love some insight to the problem. I initially asked this on stackoverflow and now my eyes are now opened up to superuser. Thank you for any help you can provide.

  Read the article

• How to safely use grub rescue> in Fedora 16? System does not boot anymore

  - by YumYumYum

  When i boot my PC, i get this in my Fedora 16 distro. I have tried as following but none allowing me to boot anymore. Any help please? I am blocked completely. Grub loading. Welcome to GRUB! error: file not found. Entering rescue mode... grub rescue> grub rescue> ls (hd0) (hd0,gpt3) (hd0,gpt2) (hd0,gpt1) grub rescue> ls (hd0,gpt2)/ ./ ../ lost+found/ memtest86+-4.20 grub2/ System.map-3.1.0-0.rc3.git0.0.fc16.i686 config 3.1.0.0.rc3.git0.0.fc16.i686 grub/ vmlinuz-3.1.0.0.rc3.git0.0.fc16.i686 elf-memtest86+-4.20 initramfs-3.1.0.0.rc3.git0.0.fc16.i686.img initramfs-3.1.0.0.rc4.git0.0.fc16.i686.img System.mpa-3.1.0.0.rc3.git0.0.fc16.i686 config-3.1.0.0.rc3.git0.0.fc16.i686 vmlinuz-3.1.0.0.rc3.git0.0.fc16.i686 grub rescue> set prefix=(hd0,gpt2)/boot/grub grub rescue> set root=(hd0,gpt2) grub rescue>insmod normal error unknown filesystem. or sometimes "error: file not found." grub rescue>normal unknown command normal

  Read the article

• All computers on network get stuck waiting for some sites indefinetely

  - by zacaj

  This happens across three computers, running windows 7 and Ubuntu, firefox, opera, and chrome (all latest versions). I am connected to the internet through a Verizon wireless usb modem. When I try to open some web pages they will never finish loading (and usually never even show anything). The status bar at the bottom of the browser will display "Waiting for X" The servers it gets stuck on include: platform.twitter.com s7.addthis.com connect.facebook.net ajax.googleapis.com 2mdn.net Ive been getting away with just blocking them in AdBlock up until now, however the last two have been causing problems. There are some sites which require googleapis.com to load correctly, and some that wont ever load unless its blocked. eBay requires access to 2mdn.net to load pictures. On top of this its getting really annoying having to update AdBlock across all these computers whenever a new site pops up. I'm hoping there's some easier way to fix this? The different sites causing the freeze indicate to me that it's either a problem on my end (somehow?) or some server side software that got updated with a new bug?

  Read the article

• Sendmail Configuration for Exchange Server

  - by user119720

  i need help for sendmail configuration in our linux machine. Here the things: I want to send email to outside by using our exchange server as the mail relay.But when sending the email through the server,it will response "user unknown".To make it worse, it will bounce back all the sent message to my localhost. I already tested our configuration by using external mail server such as gmail and yahoo,the configuration is working without any issue and the email can be sent to the recipient.Most of the configuration of my sendmail is based on here. authinfo file : AuthInfo:my_exchange_server "U:my_name" "I:my_email" "P:my_passwd" "M:PLAIN LOGIN" AuthInfo:my_exchange_server:587 "U:my_name" "I:my_email" "P:my_passwd" "M:PLAIN LOGIN" sendmail.mc : FEATURE(authinfo,hash /etc/mail/authinfo.db) define(`SMART_HOST', `my_exchange server')dnl define('RELAY_MAILER_ARGS', 'TCP $h 587') define('ESMTP_MAILER_ARGS', 'TCP $h 587') define('confCACERT_PATH', '/usr/share/ssl/certs') define('confCACET','/usr/share/ssl/certs/ca-bundle.crt') define('confSERVER_CERT','/usr/share/ssl/certs/sendmail.pem') define('confSERVER_KEY','/usr/share/ssl/certs/sendmail.pem') define('confAUTH_MECHANISMS', 'EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN') TRUST_AUTH_MECH('EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN') define('confAUTH_OPTIONS, 'A')dnl My first assumptions the problem occur is due to the authentication problem, as exchange server need encrypted authentication (DIGEST-MD5).I have already changed this in the authinfo file (from plain login to digest-md5 login) but still not working. I also can telnet our exchange server.So the port is not being blocked by firewall. Can someone help me out with this problems?I'm really at wits ends. Thanks.

  Read the article

• Does a high run queue length average result in poor performance for a web server?

  - by Domino

  I'm trying to narrow down the list of suspects of web servers that perform moderately well most of the time with occasional bouts of poor performance. I'm analyzing the data collected and summarized by sar. I've noticed a few things, one of which is high number of tasks in the run queue. 10:15:01 AM runq-sz plist-sz ldavg-1 ldavg-5 ldavg-15 blocked 10:25:01 AM 2 150 0.05 0.05 0.06 0 10:35:01 AM 4 149 0.08 0.12 0.09 0 10:45:01 AM 6 150 0.13 0.19 0.15 0 10:55:01 AM 1 150 0.08 0.10 0.13 0 11:05:01 AM 4 150 0.20 0.35 0.23 0 11:15:01 AM 3 149 0.02 0.09 0.15 0 11:25:01 AM 7 149 0.04 0.05 0.11 0 11:35:01 AM 4 150 0.14 0.15 0.13 0 11:45:01 AM 6 150 0.27 0.18 0.16 0 11:55:01 AM 5 150 0.08 0.10 0.13 0 12:05:01 PM 3 149 0.35 0.40 0.26 0 12:15:01 PM 19 155 0.02 0.10 0.16 1 12:25:01 PM 2 150 0.00 0.07 0.12 0 12:35:02 PM 3 151 0.58 0.24 0.17 0 12:45:01 PM 8 150 0.02 0.13 0.15 0 12:55:01 PM 6 149 0.81 0.29 0.18 0 01:05:01 PM 3 148 0.00 0.09 0.13 0 01:15:01 PM 7 149 0.00 0.04 0.11 0 I believe these are 10 minute averages. Is this an indicator that the web server is not performing as fast as it could if the average run queue length was lower?

  Read the article

• TCP/UDP hole punching from and to the same NAT network

  - by Luc

  I was wondering if tcp/udp hole punching would still work when you are in the same network (behind a NAT), and what the packet's path would be. What happens when using hole punching on the same network, is that it will send a packet out with the same destination and source address. Only the source and destination port would differ. I imagine a router with NAT loopback enabled will handle this as it should, but how about other routers? Would they drop the packet, or would a router (the first?) from the ISP bounce the packet back after which it gets handled okay? I'm wondering because I was thinking about using this technique to circumvent a block between peers in a network (like a school network where clients can only access the internet, but any contact with each other is blocked). The only other option is to use a man in the middle as proxy (tunnel?). The disadvantage of this is that you have to have a server with significantly more bandwidth than one that would only do hole punching. Also the latency would increase significantly.

  Read the article

• Are there any other causes of this error that are NOT related to initial setup?

  - by LordScree

  I'm trying to diagnose an issue at a customer site. They are receiving the following error: A network-related or instance-specific error occurred while establishing a connection to SQL Server I've seen this a few times, but only during the initial setup - it's often caused by one of the following: The database server is turned off The network connection between the database server and the application is closed or somehow blocked (e.g. a firewall) The SQL Server instance is not set up to receive remote connections from the application server (e.g. TCP is turned off, remote connections are disabled, or the "SQL Server Browser" service is stopped/disabled) However, if I assume that no configuration changes have been made, I'm trying to postulate on what the reason might be for getting this error at a random point after the initial setup. My initial thought is: SQL Server machine has run out of resources (e.g. RAM) and is unable to accept new requests from the application server Is this a valid theory? What other possible causes are there of this error that are not related to the initial setup of the server / application connection? Or is it simply impossible that this error could occur without a configuration change having been made (either on the SQL Server side, application side, or somewhere in-between (network))? NOTE: I believe this question differs from the plethora of questions related to this error message because the application and server have been talking to each other quite happily until now (most, if not all, other questions seem to relate to initial setup).

  Read the article

• What Logs / Process Stats to monitor on a Ubuntu FTP server?

  - by Adam Salkin

  I am administering a server with Ubuntu Server which is running pureFTP. So far all is well, but I would like to know what I should be monitoring so that I can spot any potential stability and security issues. I'm not looking for sophisticated software, more an idea of what logs and process statistics are most useful for checking on the health of the system. I'm thinking that I can look at various parameters output from the "ps" command and compare to see if I have things like memory leaks. But I would like to know what experienced admins do. Also, how do I do a disk check so that when I reboot, I don't get a message saying something like "disk not checked for x days, forcing check" which delays the reboot? I assume there is command that I can run as a cron job late at night. How often should it be run? What things should I be looking at to spot intrusion attempts? The only shell access is SSH on a non-standard port through UFW firewall, and I regularly do a grep on auth.log for "Fail" or "Invalid". Is there anything else I should look at? I was logging the firewall (UFW) but I have very few open ports (FTP and SSH on a non standard port) so looking at lists of IP's that have been blocked did not seem useful. Many thanks

  Read the article

• Sendmail slow to accept emails

  - by Rich

  I have a PHP web app which is using SMTP to sendmail on localhost to send email. I would like sendmail to accept the mail request immediately and queue it for later sending, as I don't want to have user-facing request threads blocked on emails. Sendmail is installed with the default settings on RHEL web servers. Sometimes sendmail is blocking for a long time after the MAIL command is sent -- sometimes taking 60 or 90 seconds to accept the mail. The time take is usually very close to 60 or 90 sec, which makes me think this is some kind of timeout. I have looked in the sendmail logs, and there are plenty of "deferred" emails, but nothing which looks responsible for this delay. How can I diagnose what is slowing down sendmail? How can I configure sendmail to always accept the mail immediately and to queue the mail for later sending? Update: I'm not sure, but it looks like this might be linked to aol.com addresses. I strongly suspect that sendmail is doing some kind of blocking receipient address verification at the accept-email-for-sending stage. How can I disable that, so that sendmail doesn't block my UI threads? Update 2: This only seems to happen at busy times. Perhaps I am running out of sendmail threads or something? How can I check that?

  Read the article

• rDNS for SMTP server locally with Mail hosted by third party

  - by Zleviticus

  Ok We have a difference of opinion on something and wanted to get some expert advice. We host our mail with our main domain "OurDomain.net" with a third part mail provider. We have an in house application that has to be able to send mail out to our clients. The problem is that sometimes the mail is flaky and will stop users from functioning in the program for 30 sec or more and appears to lock up. We have determined that the issue is with the mail piece. One solution is to use Database mail to queue up outbound emails to send out. The other is to set up an intenal SMTP server and send out mail through it. My fear is that we wil not be able to get rDNS to work properly and most of the mail will be blocked by our various client spam filters. Is it possible to set up the DNS for the servers so that we can send mail out like [email protected] using the smtp server in house and still pass the rDNS parameters that are normally set on spam filters? enquiring minds want to know.

  Read the article

• How do I know if I managed to completely remove an undetected trojan?

  - by ubuntuisbetter

  I catched a trojan that uses explorer.exe to reproduce itself in case of deletion of its autostart entry or main exe file in Programs/x. It had already tried to contact a suspicious server over explorer.exe, blocked that via my firewall. I: Removed the autostart entries from the registry Looked through my services if there was anything suspicious Deleted the trojan from Programs/ Went through System Volume Information to find a 2 month old explorer.exe and replaced the possibly infected one. There are no suspicious processes running now anymore (no duplicate explorer.exe) and nothing wants to connect this trojan owners sever either. I checked my system with several anti-malware programs too. What the trojan did: Started a second explorer.exe Always when I deleted the main trojan exe file it was reproduced (by the second explorer.exe) Always when I deleted the autostart entry it was reproduced by the explorer.exe too. When I terminated the suspicious explorer.exe, which used only half as much memory as the less suspicious one from Windows, a strange thing that I know from the computers in my Informatics class happened: A window popped up in the top left of my explorer-less desktop, titled "Personal settings for ... are ..." that obviously copied some files. Then both explorer.exes started again and the trojan was everywhere again. What did the trojan actually do to get explorer to rescue it? Is my PC clean of this newish trojan now? What are the other locations I should check for the trojan? The trjoan doesn't seem very high-level, could it have changed other system files or is the autostart entry vital for it? Thanks in advance, Your trojan paranoid friend (Getting linux in a week)

  Read the article

• Have some questions about setting up a VPN to my private cloud servers

  - by Pure.Krome

  I've got a number of Virtual Servers running at a pretty big Cloud provider. They are all running Windows 2008 R2. I have a CISCO ASA firewall in front of them. Currently, I've got all ports blocked except 80/443/21/3386 (for Remote Desktop). I asked to have a VPN enabled on the firewall and they said it's easy to do BUT I need to use the 3rd party Cisco software. Now, I don't want to get into a debate about it .. but we don't want to install anything extra on our -client- computers. We all use Windows 7 and we love using the built in VPN client to connect to other private LANS we have setup in other locations. So i'm wondering what options I have to create a VPN tunnel to our private cloud LAN? All our cloud servers are part of WORKGROUP, so there's no Active Directory .. nor do we want to install all that. Secondly, we know we can open up a firewall port - so any ports for starting a VPN is fine! Lastly, I was thinking of just using one of the existing servers as the VPN server (and using the Windows VPN software) .. but I'm not sure this is a good thing? Remember - we just want to use the baked in VPN software in Windows 7 .. which is PPTP or SSTP or L2TP/IPSEC. I would -LOVE- to use some free OSS software. For usernames/passwords? We'd probably just have one account .. like U:Hithere P:whatever.. so we don't need any hardcore account management, like Active Directory, etc. So does anyone have any ideas?

  Read the article

• Allow SFTP in iptables

  - by Kevin Orriss

  I have just purchased a VPS from linode and am going through the setup guide. I have everything running (apache2, php, mysql etc) but I am being denied access via SFTP when using fileZilla to upload a file. Now this is my second time installing the server as I missed a section out the first time. I was able to connect to my server through SFTP on filezilla the first time and the thing I missed out was adding a new user and editing the iptables in the firewall. So it would seem that the guide I have been following has blocked SFTP but allowed SSH. Here is the iptables file: *filter # Allow all loopback (lo0) traffic and drop all traffic to 127/8 that doesn't use lo0 -A INPUT -i lo -j ACCEPT -A INPUT ! -i lo -d 127.0.0.0/8 -j REJECT # Accept all established inbound connections -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow all outbound traffic - you can modify this to only allow certain traffic -A OUTPUT -j ACCEPT # Allow HTTP and HTTPS connections from anywhere (the normal ports for websites and SSL). -A INPUT -p tcp --dport 80 -j ACCEPT -A INPUT -p tcp --dport 443 -j ACCEPT # Allow SSH connections # # The -dport number should be the same port number you set in sshd_config # -A INPUT -p tcp -m state --state NEW --dport 22 -j ACCEPT # Allow ping -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT # Log iptables denied calls -A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7 # Reject all other inbound - default deny unless explicitly allowed policy -A INPUT -j REJECT -A FORWARD -j REJECT COMMIT All I would like is a line I need to put in there which allows SFTP over port 22. Thank you for reading this.

  Read the article

< Previous Page | 41 42 43 44 45 46 47 48 49 50 51 52  | Next Page >