Search Results

Search found 1965 results on 79 pages for 'salt packets'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 54/79 | < Previous Page | 50 51 52 53 54 55 56 57 58 59 60 61  | Next Page >

  • Problem in listening to multicast in multihomed Linux server

    - by Lior
    I am trying to write a multicast client on a machine with two NICs, and I can't make it work. I can see with a sniffer that once I start the program the NIC (eth4) start receiving the multicast datagrams: y.y.y.y. (some ip) - z.z.z.z (multicast ip, not my eth4 NIC IP) UDP Source port: kkk (some other port) Destination port: xxx (multicast port) However, I can't get those packets using my program (listening to port xxx on eth4). I also added: route add 224.0.0.0 netmask 240.0.0.0 dev eth4 Searched the web for some examples/explanations, but it seems like I do what everybody else does. Any help will be appreciated. is there anything else to do with route/iptables?

    Read the article

  • PSAD Firewall/ UDP flood?

    - by Asad Moeen
    Well I'm actually trying to block a UDP Flood on the Application port because the string "getstatus" is causing my application to make large output due to a small input to the attacker's IP. I installed PSAD firewall to do the job. psad -S shows 3000,000 logged packets at the application port and top ports in Scan but does not block the IP of the attacker however other IP Addresses with small number of connections are dropped. I'm thinking that since output is also being made to the attacker, this is why its not getting blocked because iptables rate-limiting is also exactly doing the same thing and not blocking the IP where outgoing connection is also made. Any guesses why it won't work?

    Read the article

  • Just one client bound to address and port: does it make a difference broadcast versus unicast in terms of overhead?

    - by chrisapotek
    Scenario: I am implementing failed over for a network node, so my idea is to make the master node listens on a broadcast ip address and port. If the master node fails, another failover node will start listening on this broadcast address (and port) and take over. Question: My concern is that I will be using a broadcast IP address just for a single node: the master. The failover node only binds if the master fails, in other words, almost never. In terms of network/traffic overhead, is it bad to talk to a single node through a broadcast address or the network somehow is smart enough to know that nobody else is listening to this broadcast address and kind of treat it as a unicast in terms of overhead? My concern is that I will be flooding my network with packets from this broadcast address even thought I am just really talking to a single node (the master). But I can't use unicast because the failover node has to be able to pick up the master stream quickly and transparently in case it fails.

    Read the article

  • Always use one slow connection in preference of a "faster" one

    - by billc.cn
    In Windows, there's this automatic metric thing where the metric is selected according to the declared speed of the link. I now have a gigabit LAN routed to a 2MB DSL service and a HSDPA mobile broadband connection. The former is always chosen for Internet packets even though the latter is actually faster. I tried setting the mobile broadband's interface metric to 1 and raising its priority in the advanced settings of the adapter settings, but this does not seem to affect the metric of the default route. The default route to the Ethernet interface always have a lower metric than the mobile broadband interface. Am I missing something here?

    Read the article

  • Public Facing Recursive DNS Servers - iptables rules

    - by David Schwartz
    We run public-facing recursive DNS servers on Linux machines. We've been used for DNS amplification attacks. Are there any recommended iptables rules that would help mitigate these attacks? The obvious solution is just to limit outbound DNS packets to a certain traffic level. But I was hoping to find something a little bit more clever so that an attack just blocks off traffic to the victim IP address. I've searched for advice and suggestions, but they all seem to be "don't run public-facing recursive name servers". Unfortunately, we are backed into a situation where things that are not easy to change will break if we don't do so, and this is due to decisions made more than a decade ago before these attacks were an issue.

    Read the article

  • strange behaviour - dhclient needs to be run twice in order to connect to wireless

    - by splicer
    I am trying to connect my to my wlan without the use of NetworkManager. I run the following commands after boot: iwconfig wlan0 enc <WEP passwd> mode managed essid <name> channel 6 ifconfig wlan0 up dhclient wlan0 At this point, dhclient stalls for ages (perhaps 2 minutes), then it returns with PING 192.168.1.254 (192.168.1.254) from 192.168.1.65 wlan0: 56(84) bytes of data. --- 192.168.1.254 ping statistics --- 3 packets transmitted, 0 received, +3 errors, 100% packet loss, time 3000ms pipe 3 .. The strange thing is that when I run pkill dhclient; dhclient wlan0 right after this, it connects in about <3 seconds. Any idea what could be the cause of this problem? Edit: oh, and I did try using the -timeout flag on dhclient but that didn't seem to make any difference (it still stalled for ages).

    Read the article

  • Is SYN flooding still a threat?

    - by Rob
    Well recently I've been reading about different Denial of Service methods. One method that kind of stuck out was SYN flooding. I'm a member of some not-so-nice forums, and someone was selling a python script that would DoS a server using SYN packets with a spoofed IP address. However, if you sent a SYN packet to a server, with a spoofed IP address, the target server would return the SYN/ACK packet to the host that was spoofed. In which case, wouldn't the spoofed host return an RST packet, thus negating the 75 second long-wait, and ultimately failing in its attempt to DoS the server?

    Read the article

  • Iptables mark incoming packet - vpn routing

    - by Tom
    I have connected my home to my workplace for out of house backup reasons through openvpn. The connection is working nicely. At work I have 5 fixed IP addresses. Now I would like to assign one of these IP addresses to be forwarded to my home machine. I have confirmed packet arrival at my home machine with tcpdump. The problem is that my default route at home is NOT the tun0 (naturally), but eth0 to my own ISP. So I created a separate routing table to route my tun0 packets back to where they belong, but do not how to mark the incoming packet which arrive through tun0 with iptables, so I can drive them back. I do not want any port restrictions, but only what comes from tun0 should leave through tun0 thanks tom

    Read the article

  • Destination host unreachable, but the errorlevel is 0 (from a win7)

    - by Doron
    From a windows 7 machine, I ping a non existing ip address. C:ping 192.168.1.222 Pinging 192.168.1.222 with 32 bytes of data: Reply from 192.168.1.222: Destination host unreachable. Reply from 192.168.1.222: Destination host unreachable. Reply from 192.168.1.222: Destination host unreachable. Ping statistics for 192.168.1.222: Packets: Sent = 3, Received = 3, Lost = 0 (0% loss) Even though there is no reply, the errorlevel is set to 0. *what I am trying to do, is figure out if a remote machine is replying to ping. One of my test is to turn off the machine and ping it. For some reason, ping sets errorlevel to 0 *

    Read the article

  • Is an Ethernet point to point connection without a switch real time capable?

    - by funksoulbrother
    In automation and control, it is commonly stated that ethernet can't be used as a bus because it is not real time capable due to packet collisions. If important control packets collide, they often can't keep the hard real time conditions needed for control. But what if I have a single point to point connection with Ethernet, no switch in between? To be more precise, I have an FPGA board with a giga-Ethernet port that is connected directly to my control PC. I think the benefits of giga Ethernet over CAN or USB for a p2p connection are huge, especially for high sampling rates and lots of data generation on the FPGA board. Am I correct that with a point to point connection there can't be any packet collisions and therefore a real time environment is given even with ethernet? Thanks in advance! ~fsb

    Read the article

  • Unable to log iptables

    - by ActuatedCrayon
    I'm having trouble getting iptables to log to any file. My iptables looks like: Chain INPUT (policy ACCEPT 1366 packets, 433582 bytes) pkts bytes target prot opt in out source destination 869 60656 LOG icmp -- venet0 * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 7 Syslogd is the only log helper running. The default syslog.conf didn't work, so I tried adding "kern.=debug -/var/log/iptables.log". But the file already has "kern.* -/var/log/kern.log". There are recent syslog entries, so it's not a permissions thing. I'm running Ubuntu 12.04.1 with 2.6.32-042stab061.2

    Read the article

  • What is an application for "web site recognition"?

    - by OSX Jedi
    This explanation isn't clear to me. Let me describe an application for web site recognition. Suppose that we want to know what everyone is doing with the web at starbuck. We can use wireshark or other programs to sniff all the packets. By grouping all the secondary connections with the primary one, then we would be able to get a much easier picture of user's primary activities. Is this talking about being able to recognize which websites each of the laptops are connecting to?

    Read the article

  • HTTP traffic through PIX VPN from outside site

    - by fwrawx
    I have a remote site with a website that only allows access from the outside IP assigned to our local PIX. I have users connecting to the local networking using a VPN that need to be able to view this remote site. I don't think this works because the packets want to come in and go out over the same (ext) interface. So I'm looking for a way to make this work using the PIX or setting up a service on a server on the local network to act as a middle-man for the HTTP requests. The remote site doesn't support setting up a VPN to our PIX. The remote website is dishing out pages over a non-standard port. Can I use squid or something similar to proxy just one site?

    Read the article

  • What would cause different rates of packet loss between client and server in UDP?

    - by febreezey
    If I've implemented a reliable UDP file transfer protocol and I have a file that deliberately drops a percentage of packets when I transmit, why would it be more evident that transmission time increases as the packet loss percentage increases going from the client to server as opposed from the server to the client? Is this something that can be explained as a result of the protocol? Here are my numbers from two separate experiments. I kept the max packet size to 500 Bytes and the opposite direction packet loss to 5% with a 1 Megabyte file: Server to Client loss Percentage varied: 1 MB file, 500 b segments, client to server loss 5% 1% : 17253 ms 3% : 3388 ms 5% : 7252 ms 10% : 6229 ms 11% : 12346 ms 13% : 11282 ms 15% : 9252 ms 20% : 11266 ms Client to Server loss percentage varied 1 MB file, 500 b segments, server to client loss 5% 1%: 4227 ms 3%: 4334 ms 5%: 3308 ms 10%: 31350 ms 11%: 36398 ms 13%: 48436 ms 15%: 65475 ms 20%: 120515 ms You can clearly see an exponential increase in the client to server group

    Read the article

  • Meraki's Accounting-Requests to RADIUS server

    - by PachinSV
    I'm running a RADIUS server with some Meraki APs, the process of Authentications is fine... But it seems that the Meraki Cloud Controller is just sending the authentication packets and not the accounting requests. I've tested the RADIUS sending accounting requests with the radclient tool (locally) and it worked. I think that maybe my RADIUS server is ignoring the accounting requests from the MCC because there are some Vendor Specific Attributes that my RADIUS doesn't know. should I add a Meraki's dictionary to my RADIUS configurations? I'm kind of desperate, any idea?

    Read the article

  • how to limit upload bandwidth per user in linux?

    - by Gihan Lasita
    Can anyone provide the tc command to limit upload bandwidth per user in Debian Lenny? I found that to mark packets per user with iptables I can use the following command iptables -t mangle -A OUTPUT -p tcp -m owner --uid-owner testuser -j MARK --set-mark 500 but I have no idea how to use tc update by running following commands, i managed to limit testuser upload bandwidth to 10Mbit iptables -t mangle -N HTB_OUT iptables -t mangle -I POSTROUTING -j HTB_OUT iptables -t mangle -A HTB_OUT -j MARK --set-mark 30 iptables -t mangle -A HTB_OUT -m owner --uid-owner testuser -j MARK --set-mark 10 tc qdisc replace dev eth0 root handle 1: htb default 30 tc class replace dev eth0 parent 1: classid 1:1 htb rate 10Mbit burst 5k tc class replace dev eth0 parent 1:1 classid 1:10 htb rate 10Mbit ceil 10Mbit tc qdisc replace dev eth0 parent 1:10 handle 10: sfq perturb 10 tc filter add dev eth0 parent 1:0 prio 0 protocol ip handle 10 fw flowid 1:10 now the problem is, i do not want to limit testuser's FTP bandwidth but by running above commands FTP speed also limited to 10Mbit. Regards

    Read the article

  • TCP connection stuck in SYN_RECV state despite ACK received, Linux 2.6.18, embedded, ARM

    - by waynix
    My client cannot connect to my protocol port (TCP) after some network glitches, even though all other protocols (telnet/HTTP/FTP) work fine. netstat shows that my server is listening and tcpdump on the server shows all 3 packets are exchanged: 18:29:16.578964 IP 10.9.59.10.3355 10.9.43.131.5084: S 2602965897:2602965897(0) win 65535 <mss 1460,nop,nop,sackOK> 18:29:16.579107 IP 10.9.43.131.5084 10.9.59.10.3355: S 3464857909:3464857909(0) ack 2602965898 win 5840 <mss 1460,nop,nop,sackOK> 18:29:16.579284 IP 10.9.59.10.3355 10.9.43.131.5084: . ack 1 win 65535 But somehow netstat -t shows the connection still in SYN_RECV, as if the ack is not seen by the TCP state machine. I have to restart my server to get it to work. syncookie is not enabled, and I know from client code behavior and tcpdump that there is no SYN flooding. Help much appreciated.

    Read the article

  • Multi Gateway and Backup Routing on a cisco router

    - by user64880
    Hi all, I have a 2611 Cisco Router with only one Fastethernet port Now I have two internet gateways. I want to config my router as when primary routing fails second routing automatically start to route all my packets. When I set 2 IP route command in my router then I check I see it work well but when peer IP on primary routing is down it can not change to second routing until I remove first route command.In the following I write my setting. How can I set it? interface FastEthernet0/0 ip address 81.12.21.100 255.255.255.248 secondary ip address 62.220.97.14 255.255.255.252 ip route 0.0.0.0 0.0.0.0 62.220.97.13 ip route 0.0.0.0 0.0.0.0 81.12.21.97 100 Cheer, Kamal

    Read the article

  • Slow LAN transfer from 3rd party computer

    - by Chris
    Hi Everyone, I've got an odd problem that I'm not really sure where to start the troubleshooting process. I have a 'server' with Windows Server 2008R2 (64-bit) installed and it has a couple of hard drives. If I Remote Desktop into the server and transfer files from one HD to the other, all it fine. If however, I use my workstation (Windows 7 64bit) and open up a shared resource on the server and transfer a file from one hard drive on the server to another HD on the server (not using Remote Desktop, just Windows explorer/Network places), the transfer crawls... It takes about 5mins to discover files/calculate the transfer and then starts transferring at speeds like 56KB/s - 200KB/s. Both machines have Marvel GigE network ports with a TrendNet 8-port green GigE switch. I've set Jumbo packets to 9K on both machines...

    Read the article

  • Do I need to have a proxy server to have HTTP over SSH?

    - by Johnes thomas
    I want to use HTTP over SSH since in my university most of the sites are blocked. I have my own server to which I can using SSH. What I'm doing right now is have a squid proxy run on the server on a particular port. Then connect using putty to my server via ssh and create a tunnel from a certain local port (which I will enter as proxy server in Firefox) to the squid server. So in putty the configuration is like this for the tunnel: source port:8080 destination:localhost:3128 I want to know is there any other way other than running the squid proxy on my server to tunnel the packets? Thanks.

    Read the article

  • Difference between tc qdisc and netdev_max_backlog

    - by Mediocre Gopher
    I'm wondering what the difference between these two things on linux is. According to the docs tc qdisc can be used to set the queue size for egress and ingress packets coming in and out of the NIC (or that's how I understood it). But from what I understand netdev_max_backlog can also be used to set this. If I were to set both of them which would be used? Or are there actually two queues that are being manipulated in this case? If there are two queues, which queue is above the other (if the application is at the top and the hardware at the bottom)?

    Read the article

  • negative time for a ping echo reply

    - by Mario
    I was happily pinging in the net when suddenly: Pinging X with 32 bytes of data: Reply from .235: bytes=32 time=1444ms TTL=41 Reply from .235: bytes=32 time=1767ms TTL=41 Reply from .235: bytes=32 time=1531ms TTL=41 Reply from .235: bytes=32 time=-1198187ms TTL=41 Ping statistics for .235: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 1444ms, Maximum = -1198187ms, Average = 1073443462ms A negative time for the reply. I checked wireshark and it had the same values: Time delta from previous displayed frame: -1198.187867000 seconds Time since reference or first frame: -1179.935038000 seconds I didn't change the time of the machine while pinging. This was made in my local network at home, from a XP VM in windows 7. So I blame the VM (virtualbox). But I was wondering if this strange behaviour (to me) could have a reason, or if any of you have seen this before. Thank you bye.

    Read the article

  • How to configure machines in a public subnet with two gateways?

    - by Shtééf
    We have a single public /24 subnet, with a BGP router as the primary gateway. Now I'm interested in configuring a second router for redundancy. How do I deal with multiple gateways on the servers in our public subnet? I found some other questions related to multiple gateways that seem to deal with NAT set-ups. In my situation, the servers all have public routed IP-addresses. So from what I can tell, it doesn't really matter which route incoming or outgoing packets take. But I figure the servers need some way of telling when one of the gateways is down, and route around it? Is this accomplished with protocols such as OSPF? And do I need to deploy this on all my servers?

    Read the article

  • Maximum MTU size

    - by user192702
    Thought one of the issues I'm experiencing with the following question is due to MTU rightfully so. ESXi 5 VM Putty session hangs, vSphere client timing out However, when I tried testing the maximum MTU size it seems there's just no limit. Thought Ethernet only allows maximum MTU. But I'm up to 54450. ping -l 54450 192.168.10.7 Pinging 192.168.50.7 with 54450 bytes of data: Reply from 192.168.10.7: bytes=54450 time=1081ms TTL=62 Reply from 192.168.10.7: bytes=54450 time=1079ms TTL=62 Reply from 192.168.10.7: bytes=54450 time=1079ms TTL=62 Reply from 192.168.10.7: bytes=54450 time=1079ms TTL=62 Ping statistics for 192.168.10.7: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 1079ms, Maximum = 1081ms, Average = 1079ms

    Read the article

  • iptables and snatting to different networks

    - by codingfreak
    linuxbox (p.q.r.t) | | INTERNAL ------ ABCD ----- INTERNET (p.q.r.s) (m.n.o.k) ABCD has 3 interfaces connected to linuxbox, INTERNAL N/W, INTERNET. Linuxbox has a private address (p.q.r.t). At present I am snatting the packets from linuxbox to INTERNET at ABCD. I have a small doubt regarding the FTP from linuxbox since I have to support ftp from linuxbox to both INTERNAL N/W as well as in INTERNET. How can I right a rule in iptables present in ABCD where it can decide if the destination ip-address of ftp server is within INTERNAL N/W or in INTERNET and do natting accordingly.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 50 51 52 53 54 55 56 57 58 59 60 61  | Next Page >