Search Results

Search found 1705 results on 69 pages for 'syn packet'.

Page 46/69 | < Previous Page | 42 43 44 45 46 47 48 49 50 51 52 53 | Next Page >

How to have 2 windows machines on the same network with the same IP address

- by Stu

I have a custom made ADC device that is spitting out data by addressed UDP packets. I have that device plugged into a 4 port switch. I have one windows embedded standard 7 machine which is the normal recipient of that data. To be able to receive the data (Using LabVIEW) the windows network adapter IPv4 settings must have a static IP address that corresponds to the UDP packet destination. I would like to add a second windows machine (This one is just regular Win 7 Pro) to simultaneously catch the data, however with all devices connected to the switch, the Win 7 Pro machine recognizes an IP address conflict and will not take the setting for the required static IP address. (The network adaptor settings show that the correct value has been entered but ipconfig shows that it is not actually set.) Neither windows machine needs to transmit network data, they only need to be able to receive the UDP data from the ADC device. Is there any way to disable this IP address conflict detection 'feature' of windows networking?

Read the article
IP issue with Heartbeat & DRBD

- by adam0345

I'm in the process of setting up 3-node stacked DRBD, and i'm experiencing a rather bizarre issue. Two nodes are located at the data center, and the 3rd node is located locally. The Primary and Secondary nodes are working as expected, however the 3rd node won't connect to the primary. If I ping the IP provided by heartbeat on the 3rd node it will return 100% packet loss, if I reset networking interfaces, ping will then return a few successful packets, but then stop returning any packets. I can't work out any reason why this would be behaving like this. All nodes are running Debian Squeeze, and the latest version of DRBD.

Read the article
Meaning of Bridge-Check in iptables flowchart

- by networkIT

In the famous iptables flow-chart what does bridge-check exactly stands for ? I couldn't find any documentation. The only clue I found was while scanning the MikroTik RouterOS documentation ( RouterOS is build upon a Linux 2.6.16 kernel ), I found this : In-interface Bridge = Checks if the input interface is a port for a bridge or is the bridge. Manual:Packet Flow Comparing both flow-charts brings clues that iptables Bridge-check might equal MikroTik In-Interface Bridge. Is this true ? Else, what might be the meaning of iptables Bridge-Check ?

Read the article
Have OS X send wake on lan before printing to shared printer

- by Dean Hill

I have a MacBook that prints to a shared Windows 7 printer. Sometimes the Windows machine is asleep, and the Mac will just queue up its print requests. I recently created a script to send a wake-on-lan packet to a Windows 7 machine. This wakes up the Windows machine and printing starts. Great, but I think the system can be automated en Is it possible to have the MacBook run the wake-on-lan script everytime something is printed? Stated more generally, can I have the OS X print subsystem execute a script everytime something is printed?

Read the article
Windows Filtering Platform not turning off until admin logon. Win2008R2sp1

- by rjt

Just installed Windows Server 2008R2 SP1 to see if it would fix this problem, but it didn't. Until an administrator logs onto the domain controller, there are many events that WFP blocked a connection from Server60 to Server60 or Server60 to Server70. Both server60 and server70 are the domain controllers. One the admin logs on, the WFP events stop. The firewall is off by default GPO. Yes, i know that the WFP kicks in during the boot up sequence until the firewall takes over or in my case does not take over (since Vista), but i clearly should not have to autologon to a domain controller and call autolock or something. Example event LEVEL = Information Source = Microsoft Windows Security Auditing EventID = 5152 "Filtering Platform Packet Drop" and its evil twin id = 5157 "Filtering Platform Connection" "The Windows Filtering platform has blocked a connection." Direction %%14593 SourceAddress 192.168.10.60 SourcePort 49677 DestAddress 192.168.10.60 DestPort 389 Protocol 6 FilterRTID 65667 LayerName %%14611 LayerRTID 48 RemoteUserID S-1-0-0 RemoteMachineID S-1-0-0 windows-server-2008-r2 WFP BFE WindowsFilteringPlatform BaseFilteringEngine

Read the article
Routing using Linux with 2 NIC cards

- by Kevin Parker

Configured Clear OS to be in Gateway mode on a machine with two NIC cards. eth0:192.168.2.0/24 with ip 192.168.2.27 which is connected to a modem and thus have internet connectivity. eth1:192.168.122.0/24 with ip 192.168.122.10 which is connected to other machines in LAN through switch. LAN machines with network 192.168.122.0 is not getting internet.How can they get internet Through Clear OS gateway.I have enabled packet forwarding in clear os using "ip_forward=1" What am i missing?.Can you please help me in this. Following are the static routing i have added: on LAN machine1 with ip address 192.168.122.11 ip route add 192.168.2.0/24 via 192.168.122.10 dev eth0 ip route show 192.168.2.0/24 via 192.168.122.10 dev eth0 192.168.122.0/24 dev eth0 proto kernel scope link src 192.168.122.11 But still 192.168.2.0/24 network is not reachable.Where can be the problem??

Read the article
Cisco access list logging. Why is there a difference between IPv4 and IPv6?

- by growse

I've got a Cisco 877 router. I've got an IPv4 access list and an IPv6 access list set up and configured similar to this: interface Dialer1 ... ip access-group INTERET-IN ipv6 traffic-filter IPV6-IN Each of these access lists has a final rule of deny ip/ipv6 any any log. However, in my syslog I notice that there's a difference in formatting between the two types of entries. IPv4 will say: %SEC-6-IPACCESSLOGP: list INTERNET-IN denied udp 88.89.209.63(137) -> 1.2.3.4(137), 1 packet Whereas the IPv6 list will say %IPV6_ACL-6-ACCESSLOGNP: list IPV6-IN/240 denied 59 2001:0:5EF5:79FD:14F9:B773:3EBA:3EE3 (Dialer1) -> 2001:800:1000:0::1, 8 packets Both have broadly the same information, but the IPv6 log entry is missing the protocol type and port, both of which are very useful if I'm trying to troubleshoot connectivity. Why is this? How do I get IPv6 deny logs to display the protocol and port used, if any?

Read the article
Is visiting HTTPS websites on a public hotspot secure?

- by Calmarius

It's often said that HTTPS SSL/TLS connections are encrypted and said to be secure because the communication between the server and me is encrypted (also provides server authentication) so if someone sniffs my packets, they will need zillions of years to decrypt if using brute force in theory. Let's assume I'm on a public wifi and there is a malicious user on the same wifi who sniffs every packet. Now let's assume I'm trying to access my gmail account using this wifi. My browser does a SSL/TLS handshake with the server and gets the keys to use for encryption and decryption. If that malicious user sniffed all my incoming and outgoing packets. Can he calculate the same keys and read my encrypted traffic too or even send encrypted messages to the server in my name?

Read the article
Exclude pings from apache error logs (ran from PHP exec)

- by fooraide

Now, for a number of reasons I need to ping several hosts on a regular basis for a dashboard display. I use this PHP function to do it: function PingHost($strIpAddr) { exec(escapeshellcmd('ping -q -W 1 -c 1 '.$strIpAddr), $dataresult, $returnvar); if (substr($dataresult[4],0,3) == "rtt") { //We got a ping result, lets parse it. $arr = explode("/",$dataresult[4]); return ereg_replace(" ms","",$arr[4]); } elseif (substr($dataresult[3],35,16) == "100% packet loss") { //Host is down! return "Down"; } elseif ($returnvar == "2") { return "No DNS"; } } The problem is that whenever there is an unknown host, I will get an error logged to my apache error log (/var/log/apache/error.log). How would I go about disabling logs for this particular function ? Disabling logs in the vhost is not an option since logs for that vhost are relevant, just not the pings. Thanks,

Read the article
Setting up a linux switch

- by Shahmir Javaid

I have a C++ Program to sniff each and every packet that crosses my linux box. However i need to now get my linux box to listen to every traffic in my network. I could buy a managed switch and set up port spanning, but i aint paying 200+ £'s for a switch and plus gives me a chance to learn. My Network +---------Computer A | Internet-----Router------Switch-------------+---------Linux Box | +---------Computer B Proposed Network +---------Computer A | Internet-----Router------Linux Box--------Switch eth0^ ^eth1 | +---------Computer B How would i setup this in linux. Do i just configure both the ethernet on different IP Address on the same network. Or am i completelly on the wrong track My System Fedora 13. Thanks

Read the article
How can I measure TCP timeout limit on NAT firewall for setting keepalive interval?

- by jmanning2k

A new (NAT) firewall appliance was recently installed at $WORK. Since then, I'm getting many network timeouts and interruptions, especially for operations which would require the server to think for a bit without a response (svn update, rsync, etc.). Inbound SSH sessions over VPN also timeout frequently. That clearly suggests I need to adjust the TCP (and ssh) keepalive time on the servers in question in order to reduce these errors. But what is the appropriate value I should use? Assuming I have machines on both sides of the firewall between which I can make a connection, is there a way to measure what the time limit on TCP connections might be for this firewall? In theory, I would send a packet with gradually increasing intervals until the connection is lost. Any tools that might help (free or open source would be best, but I'm open to other suggestions)? The appliance is not under my control, so I can't just get the value, though I am attempting to ask what it currently is and if I can get it increased.

Read the article
How can I tell if my ISP is redirecting my DNS queries?

- by Nack

I've attempted to use some DNS services like OpenDNS, and no matter what I do the DNS queries don't return the expected results. Watching the packet traffic on my firewall, I can see the queries go out to the intended DNS server address and responses coming back, but the results are not as expected, for example, the OpenDNS test page always fails even though the requests appear to be going to their servers. I suspect my ISP is intercepting DNS queries and sending them to their own servers. Is there a way to verify this? Is there something else I might be missing? I'm using 3G wireless service from Sprint.

Read the article
Troubles doing transparent proxy for virtual machines

- by Dan H

Hi iptables gurus. First here is the basic topology: Internet | Gateway | Workstation---eth0---virbr0 | +-----+-----+ | | | vm1 vm2 vm3 I need to test a traffic analyzer running on my workstation, listening on some port (say 8990) on eth0. The rule [I think] I want is "any packets leaving virbr0 going anywhere to port 80 must instead go to port 8990 on eth0". My software running on port 8990 does its own check of the NAT packet mangling to push the packets through after it inspects them. I've been banging my head on this, with different variants of: iptables -t nat -A PREROUTING -i virbr0 -p tcp --dport 80 -j DNAT \ --to 10.0.0.10:8990 And I've tried the more generic method of using the mangle table with --set-mark and ip rule add fwmark, but I'm not getting it. I guess what's confusing me is that everything runs on the same box. Thanks for any guidance.

Read the article
Manually forcing TCP connection to retry

- by Vi.

I have a TCP connection (SSH session to some computer for example) Network suddenly goes down and drops all packets (disconnected cable, out of range). TCP resends packets again and again, retrying with increasing delays. I see the problem and plug the cable back (or restore network somehow). TCP connection finally successfully resends some packet and continues. The problem is that I need to wait for a some timeout on point 5. I want to use my opened SSH session now and not wait for 5-10 seconds until it finds out that connection is working again. How to force all TCP connections to resend data without delays in GNU/Linux?

Read the article
Frequent occurence of FULL GC.

- by Viji

Hi, There is a frequent occurence of FULL GC in our system. We are using Java application running on Tomcat server. Our application is running using internal load balancer setup. We are seeing lot of Full GC's in the server logs due to which the application is hung and Proxy errors are occured. The Java parameter values we are using are: Webapp wrapper: wrapper.java.additional.4=-Xms382M wrapper.java.additional.5=-Xmx1024M Backapp wrapper: wrapper.java.additional.4=-Xms382M wrapper.java.additional.5=-Xmx1024M The error found in webapp wrapper logs: INFO | jvm 1 | 2010/11/26 09:33:19 | [PSYoungGen: 1398460K-140291K(1514624K)] 4623364K-3491394K(5009920K), 0.7285303 secs] [Times: user=1.42 sys=0.00, real=0.72 secs] INFO | jvm 1 | 2010/11/26 09:33:19 | 68539.126: [Full GC DEBUG | wrapperp | 2010/11/26 09:33:19 | send a packet PING : ping Tried to change the JVM values to increase the heap size. But of no use. I suspect that there could be some other reason other than these parameters which is causing the issue. Can anyone please help me on this?

Read the article
Websocket handshake response not forwarded from TCP to client

- by Saharsh

I am trying to create a websocket server. I can see the websocket client's opening handhshake. My response to it is received by the client laptop (I can see this on wireshark). So the TCP connection has been established. But the client (a chrome websocket client extension) does not receive the handshake packet. What could be a possible reason for TCP to not forward the handshake to the client or for the client to not be able to read the TCP message? Client handshake: GET HTTP/1.1 Upgrade: websocket Connection:Upgrade Cache-Control:no-cache Host:192.168.0.101 Origin:http://www.websocket.org Pragma:no-cache Sec-WebSocket-Extensions:permessage-deflate; client_max_window_bits, x-webkit-deflate-frame Sec-WebSocket-Key: qrmw/m+BoZije6h9HYKmVw== Sec-WebSocket-Version:13 Upgrade:websocket Server Response: HTTP/1.1 101 Switching Protocols Upgrade: websocket Connection: Upgrade Sec-WebSocket-Accept: jj1g5Io57m9ks8cme3jkbyo2asc= Access-Control-Allow-Origin: http://www.websocket.org Server: xyz Sec-WebSocket-Extensions: Thanks!

Read the article
TCP 30 small packets per second flood connection with server

- by Denis Ermolin

I'm testing connection with flash client and cloud server(boost::asio for software) over TCP connection. My connection with server already is really poor - 120 ms ping in average. I found when i start to send packets with 2 bytes size (without tcp header) with speed 30 packets/s - ping grow to 170-200 average. I think that it's really bad and my bad connection and bad cloud provider is reason for this high ping without any load. What do you think? (I tested my software - it can compute about 50k small packets/s so software is not a problem). I measure my ping through flash client - send packet with timestamp and immediatly send from server to client.

Read the article
Manually forcing TCP connection to retry

- by Vi

I have a TCP connection (SSH session to some computer for example) Network suddenly goes down and drops all packets (disconnected cable, out of range). TCP resends packets again and again, retrying with increasing delays. I see the problem and plug the cable back (or restore network somehow). TCP connection finally successfully resends some packet and continues. The problem is that I need to wait for a some timeout on point 5. I want to use my opened SSH session now and not wait for 5-10 seconds until it finds out that connection is working again. How to force all TCP connections to resend data without now in GNU/Linux?

Read the article
ASA 5540 v8.4(3) vpn to ASA 5505 v8.2(5), tunnel up but I cant ping from 5505 to IP on other side

- by user223833

I am having problems pinging from a 5505(remote) to IP 10.160.70.10 in the network behind the 5540(HQ side). 5505 inside IP: 10.56.0.1 Out: 71.43.109.226 5540 Inside: 10.1.0.8 out: 64.129.214.27 I Can ping from 5540 to 5505 inside 10.56.0.1. I also ran ASDM packet tracer in both directions, it is ok from 5540 to 5505, but drops the packet from 5505 to 5540. It gets through the ACL and dies at the NAT. Here is the 5505 config, I am sure it is something simple I am missing. ASA Version 8.2(5) ! hostname ASA-CITYSOUTHDEPOT domain-name rngint.net names ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! interface Vlan1 nameif inside security-level 100 ip address 10.56.0.1 255.255.0.0 ! interface Vlan2 nameif outside security-level 0 ip address 71.43.109.226 255.255.255.252 ! banner motd ***ASA-CITYSOUTHDEPOT*** banner asdm CITY SOUTH DEPOT ASA5505 ftp mode passive clock timezone EST -5 clock summer-time EDT recurring dns server-group DefaultDNS domain-name rngint.net access-list outside_1_cryptomap extended permit ip host 71.43.109.226 host 10.1.0.125 access-list outside_1_cryptomap extended permit ip 10.56.0.0 255.255.0.0 10.0.0.0 255.0.0.0 access-list outside_1_cryptomap extended permit ip 10.56.0.0 255.255.0.0 10.106.70.0 255.255.255.0 access-list outside_1_cryptomap extended permit ip 10.56.0.0 255.255.0.0 10.106.130.0 255.255.255.0 access-list outside_1_cryptomap extended permit ip host 71.43.109.226 host 10.160.70.10 access-list inside_nat0_outbound extended permit ip host 71.43.109.226 host 10.1.0.125 access-list inside_nat0_outbound extended permit ip 10.56.0.0 255.255.0.0 10.0.0.0 255.0.0.0 access-list inside_nat0_outbound extended permit ip 10.56.0.0 255.255.0.0 10.106.130.0 255.255.255.0 access-list inside_nat0_outbound extended permit ip 10.56.0.0 255.255.0.0 10.106.70.0 255.255.255.0 access-list inside_nat0_outbound extended permit ip host 71.43.109.226 10.106.70.0 255.255.255.0 pager lines 24 logging enable logging buffer-size 25000 logging buffered informational logging asdm warnings mtu inside 1500 mtu outside 1500 icmp unreachable rate-limit 1 burst-size 1 icmp permit any inside no asdm history enable arp timeout 14400 global (outside) 1 interface nat (inside) 0 access-list inside_nat0_outbound nat (inside) 1 0.0.0.0 0.0.0.0 route outside 0.0.0.0 0.0.0.0 71.43.109.225 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 timeout floating-conn 0:00:00 dynamic-access-policy-record DfltAccessPolicy aaa-server TACACS+ protocol tacacs+ aaa-server TACACS+ (inside) host 10.106.70.36 key ***** aaa authentication http console LOCAL aaa authentication ssh console LOCAL aaa authorization exec authentication-server http server enable http 192.168.1.0 255.255.255.0 inside http 10.0.0.0 255.0.0.0 inside http 0.0.0.0 0.0.0.0 outside snmp-server host inside 10.106.70.7 community ***** no snmp-server location no snmp-server contact snmp-server community ***** snmp-server enable traps snmp authentication linkup linkdown coldstart crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto map outside_map 1 match address outside_1_cryptomap crypto map outside_map 1 set pfs group1 crypto map outside_map 1 set peer 64.129.214.27 crypto map outside_map 1 set transform-set ESP-3DES-SHA crypto map outside_map interface outside crypto isakmp enable outside crypto isakmp policy 1 authentication pre-share encryption des hash md5 group 2 lifetime 86400 telnet timeout 5 ssh 10.0.0.0 255.0.0.0 inside ssh 0.0.0.0 0.0.0.0 outside ssh timeout 5 console timeout 0 management-access inside dhcpd auto_config outside ! dhcpd address 10.56.0.100-10.56.0.121 inside dhcpd dns 10.1.0.125 interface inside dhcpd auto_config outside interface inside ! dhcprelay server 10.1.0.125 outside dhcprelay enable inside dhcprelay setroute inside dhcprelay timeout 60 threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept tftp-server inside 10.1.1.25 CITYSOUTHDEPOT-ASA-Confg webvpn tunnel-group 64.129.214.27 type ipsec-l2l tunnel-group 64.129.214.27 ipsec-attributes pre-shared-key ***** ! ! prompt hostname context

Read the article
Title: Better logging for cronjob output

- by Stefan Lasiewski

I am looking for a better way to log cronjobs. Most cronjobs tend to spam email or the console, get ignored, or create yet another logfile. In this case, I have a Nagios NSCA script which sends data to a central Nagios sever. This send_nsca script also prints a single status line to STDOUT, indicating success or failure. 0 * * * * root /usr/local/nagios/sbin/nsca_check_disk This emails the following message to root@localhost, which is then forwarded to my team of sysadmins. Spam. forwarded nsca_check_disk: 1 data packet(s) sent to host successfully. I'm looking for a log method which: Doesn't spam the messages to email or the console Don't create yet another krufty logfile which requires cleanup months or years later. Capture the log information somewhere, so it can be viewed later if desired. Works on most unixes Fits into an existing log infrastructure. Uses common syslog conventions like 'facility' Some of these are third party scripts, and don't always do logging internally.

Read the article
Firewall blocks FTP PASV response

- by harper

I have an FTP server that supports passive server mode (using PASV command). This works fine with Windows XP. When I want to access this server from Windows Vista or Windows 7 with firewall enabled I experience an immediate connection shutdown. A reset packet is sent to the server, and the socket is signaled that the server has reset the connection (which is not true). The problem disappears when the firewall is disabled. Connections to other FTP servers work correctly. The difference is that the server's response to PASV does not enclose the address field with parentheses. This is legal as documented in RFC-959 and RFC-1132. How can I configure the firewall to stop this bad behavior?

Read the article
OpenVPN on port 53

- by TossUser

I have an openvpn server setup on UDP port 53 on a public IP. All the connecting clients gets pushed external DNS servers such as 8.8.8.8 and opendns. Sometimes the resolution stops working on the connected vpn clients and I get strange packets in the openvpn log. Now my question is why is that? When a VPN client, let's say 192.168.1.22 does a DNS query that query should go to 8.8.8.8:53 and then an UDP response packet should be sent back to 192.168.1.22 on a high UDP port. Any ideas? Thanks

Read the article
Encrypting absolutely everything, even within the LAN

- by chris_l

Has anybody tried that approach already? I'm really considering it: Instead of relying on network based IDS etc., every packet must use encryption which was initiated by a certificate issued by my own CA. Every client gets a unique client certificate Every server gets a unique server certificate Every service additionally requires to login. Both SSL and SSH would be ok. Access to the internet would be done via an SSL tunnel to the gateway. Is it feasible? Does it create practical problems? How could it be done and enforced? What do you think?

Read the article
Improving sound quality with remote ESD server

- by cuu508

Hi, I'm investigating low-budget ways to get audio from my PC (Ubuntu) to HiFi without wires. I'm currently testing a setup where Asus WL-500gP wireless router runs ESD daemon and has attached USB soundcard which is then plugged into HiFi. I'm testing playback on PC with mpg123-esd and Spotify under Wine. The sound is there, latency is unexpectedly low, but I also hear occassional clicks and some distortion from time to time. I suppose that's because of the low latency and wireless streaming of uncompressed audio--any packet drops, CPU temporarily being busy etc. will cause clicks in sound output. Is there a way around this problem, increasing latency / buffer size somehow perhaps? Streaming using shoutcast protocol seems to be a way out but I have feeling that would be a complex and brittle setup.

Read the article
how to communicate in typical router switch router scenario?

- by Kossel

I'm learning routing using packet tracer simulation and I think this is a very commun scenario: let's say pc4 is the server... why I can't ping from PC1 to 192.168.2.253 (router1) but I can ping 192.168.2.2 (pc0) aren't they the same subnet? what am I missing or have to do in order to reach pc4? (192.168.100.254) from pc 1 (192.168.1.1) is there something like "default gateway" for router? thanks for advice PS: during the simulation it shows error "The routing table does not have a route to the destination IP address. The router drops the packe (from 192.168.2.253 to 192.168.1.1)"

Read the article

< Previous Page | 42 43 44 45 46 47 48 49 50 51 52 53 | Next Page >