Search Results

Search found 20592 results on 824 pages for 'anything'.

Page 608/824 | < Previous Page | 604 605 606 607 608 609 610 611 612 613 614 615  | Next Page >

• Network problems that might be related to NAT

  - by nenne

  Hello, I have an odd setup where there is a router(Router 2) routing between network network 1 and network 2. One router(Router 1) with nat for internet access that routes between internet and network 1. There are people in both of these networks. All the clients in network 1 can access the internet, the clients in network 2 can access the clients in network 1 and can also access the router 1. Router 1 can also access clients in network 2. However, the clients in network 2 cannot reach the internet. I cannot think about anything in the routing tables that would hinder this, since Router 1 can reach the clients in network 2 and vice versa. Can it be that nat starts the session between router 2 and the internet site/machine instead of the client and the internet machine? Does anyone have any ideas? I have very little control over router 2(its basicly an ISP vpn net service) but full access to router 1. Its an ubuntu 10.04 with iptables for nat/firewall setup.

  Read the article

• LighTPD and PHP not working if outside of LightTPD folder

  - by Marco83

  I need to set up a simple web server with PHP on Windows XP that a number of different people will use for local testing. I'm using LightTPD 1.4.30-4-IPv6-Win32-SSL and PHP 5.2. So far I've created this folder structure: tools/ LightTPD/ htdocs/ PHP/ I set up PHP as CGI and the document root as server_root + "/htdocs". It works fine (well, it's slow but I don't want to bother with FastCGI for now :) ). My problem is when I try to put the htdocs outside of LightTPD folder, like this: htdocs/ tools/ LightTPD/ PHP/ I update the document root to server_root + "/../../htdocs" and while static HTML pages work fine, PHP pages stop working (they return a "No input file specified"). I literally just change the document root, I didn't change anything in the php.ini or anywhere else. Please also note that I left all doc_root, user_dir and cgi.force_redirect to the default values in php.ini, and it works when htdocs is inside LightTPD, but not when I move it ouside. Any idea of why it's breaking?? Here's my lightTPD.conf: server.modules = ( "mod_access", "mod_accesslog", "mod_alias", "mod_cgi", "mod_status", ) include "variables.conf" include "mimetype.conf" # THIS WORKS server.document-root = server_root + "/htdocs" # THIS DOESN'T #server.document-root = server_root + "/../../htdocs" server.upload-dirs = ( temp_dir ) index-file.names = ( "index.php", "index.pl", "index.cgi", "index.cml", "index.html", "index.htm", "default.htm" ) server.event-handler = "libev" url.access-deny = ( "~", ".inc" ) $HTTP["url"] =~ "\.pdf$" { server.range-requests = "disable" } static-file.exclude-extensions = ( ".php", ".pl", ".cgi" ) server.errorlog = server_root + "/logs/error.log" ######### Options that are good to be but not neccesary to be changed ####### dir-listing.activate = "enable" #### CGI module cgi.assign = ( ".php" => server_root + "/../PHP/php-cgi.exe" ) status.status-url = "/server-status" status.config-url = "/server-config"

  Read the article

• Uninstalled server 2008 now router won't handle DHCP

  - by john

  My set up is this. server behind router, router has a server and switch connected to it with multiple computers. router used to serve DHCP and DNS, a couple of days ago installed AD, DNS and DHCP on the server, and the server gave out IP's. For various reasons we had to uninstall the domain on our server. I removed AD, DHCP and DNS from the roles and set the router back to serving DHCP and DNS. Now I can't get computers on the network. I reset my router back to factory defaults, and if I plug a computer directly into the router I can get a IP address, but all the computers behind the switch can't get an IP address and can't see the router. All my computers say unidentified network, and if I ping the router it says host is unreachable. On the other hand, my wireless devices are just fine and connect no problem. But for desktops, ipconfig /release doesn't release anything and /renew can't find a server to renew on. My router log shows several FIN scans but they are from innocuous websites (google, netgear) and it shows a couple of smurf attacks but they are all from my external IP. Any ideas? the server isn't even connected to the route right now, and all the computers are set for dynamic IP addresses.. I don't know what else to try? Any help?

  Read the article

• Apache forwarding to tomcat shows a blank page

  - by MNS

  I have an application running on tomcat at http ://www.example.com:9090/mycontext. The host name in server.xml points to www .example.com. I do not have localhost anymore. I am using apache to forward requests to tomcat using mod_proxy. Things work fine as long as the ProxyPath is /mycontext. The server name setup in virtual host is www .abc.com and http ://www.abc.com/mycontext works fine. However I would like to ignore the context path and simply use http://www.abc.com/ to forward requests to http://www.example.com:9090/mycontext. When I do this, apache shows me a blank page. What am I missing here? I have not changed anything in server.xml except the default host to www .example.com. <VirtualHost *:80> ServerName www.abc.com ProxyRequests Off ProxyPreserveHost On <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPass / http://www.example.com:9090/mycontext ProxyPassReverse / http://www.example.com:9090/mycontext </VirtualHost> Thanks

  Read the article

• Website hosted on my virtualbox web server not displaying images or applying css when viewed through phone

  - by WebweaverD

  I would really appreciate it if someone could help me. Please let me know if you need more info in the comments. My Set Up I have a windows 7 pc. On it I run a virtual box VM with a ubuntu 12 guest os and LAMP setup. I share files between the two machines using samba from linux to windows and using windows file sharing (Workgroup) the other way round. The vm is set up with a bridged network adapter and can happily serve web pages to my host machine. I use DHCP reservations on my home wireless router/modem to reserve an ip for the vm and give it a sitename.dev in my windows host file so I can access it at sitename.dev through the browser. The Problem So far so good but I have a dev project which needs a lot of mobile template development, now obviously I can use a browser plugin to simulate a mobile device but I would like to be able to see the real thing easily on my phone during development. So ideally I would like a similar setup on my iphone to my windows setup Now I'm not great on networking and dont have much experience with web server set up. So when I typed the ip of my virtual box into my iphone i wasnt expecting to see anything. I was pleasantly surprised when my site loaded up. The javascript even seems to be running but the images and css are not happening. My Question 1) What is happening here, is it something to do with the bridged set up on the vm network? 2)How do I make the sites load properly through my phone Notes I've also tried another phone. The same sites viewed on live servers work fine.

  Read the article

• Setting up Virtual Host in Fedora Core 15 using apache

  - by Roland

  I'm trying to setup a couple of Virtual Host files on my Localhost PC running Fedora Core 15. Now I get this working, but now onloy one Virtual Host site works, and if I type in 127.0.0.1/test/testApp.php which is not related to the Virtual Host site , I get redirected to the Virtual Host site. Here's what I did. I created a new folder called virtualhosts in /etc/httpd/ where all my host files are stored in the following format site.conf In /etc/conf/httpd.conf I enabled NameVirtualHost *:80 and included the host files at the bottom of the config page like this Include virtualhosts/*.conf In /etc/hosts I added the line 127.0.0.1 website No when I run sudo httpd -t I get Syntax OK I restart apache and then the Virtualhost works, but as soon as I add other hosts and only use 127.0.0.1 as above it still links to the original host. Am I doing anything wrong here or left out something? An example of my Virtual Host file looks like this <VirtualHost *:80> ServerAdmin [email protected] DocumentRoot /var/www/html/website/ ServerName website ServerAlias website ErrorLog logs/dev-error_log CustomLog logs/dev-access_log common Alias /blog /var/www/html/blog/ <Directory /var/www/html/website/> Options FollowSymLinks Allow Override All Order allow,deny allow from all </Directory> #php_value error_reporting E_ALL & ~E_NOTICE & ~E_DEPRECATED php_flag display_errors On php_value date.timezone Europe/London </VirtualHost>

  Read the article

• Every month, scheduled task fails and password must be reset - why?

  - by Ducain

  [NOTE: I posted this originally at StackOverflow but it got no traction there - reposting here.] We have a bit of software installed at a few client locations that runs (via Windows task scheduler) a few times each day. In ONLY ONE of the client locations, we have a unique problem: each month, the task will stop working, after running every day for weeks. Twice now it's failed on the 2nd of the month. When I walk the client through troubleshooting it, we've found that it can't start - access denied. To fix it, we simply re-enter the same exact password, and then off it goes happy as a clam. I've never heard of this issue, and their IT people say they don't have anything running once a month that might cause that. I'm at a complete loss here. Any ideas as to why this might be happening? Further details: Windows XP pro machine. Task is being fired with credentials from a local admin account. Computer is always on, and connected to the net.

  Read the article

• rsync per-site configuration file?

  - by Scott

  I know how to configure a per-site entry for ssh, but is there any kind of a client configuration for rsync that allows per-site configuration options and aliases or similar shortcuts like the .ssh/config? I'm curious because I have a minimal ssh server installed on my android phone and I also have a minimal rsync tool on it as well. I'm getting tired of having to root login onto the phone and sym-link both tools to standard places the android OS looks for executables as the ssh server is bare bones and has a typical *bear multi-link binary for the basic unix commands (that does not include rsync) I end up having to include --rsync-path=/path/to/rsync/android/files/rsync every time I want to do any rsyncing of the files on my phone, but this path is always the same. I've gotten around it in the meantime with a glob approach in a shell script wrapper, but this sometimes limits the customization I can do with the rsync call. I'm just wondering if there is anything similar to the .ssh/config file where I can create an alias for my phone (e.g. 'android') where specifying rsync android:/mnt/sdcard will automatically assume --rsync-path=/blah/blah/blah --no-g --no-p --no-t etc. Tre`

  Read the article

• Cloning to a smaller hard drive with DDRescue

  - by krebshack

  I am currently working with a 700 GB Seagate hard drive that's beginning to fail. I'll call this "SDB" from now on. I'd like to clone it while I'm still able to. However, the only hard drive that I have available is a 500 GB WD hard drive. I'll call this "SDC" from now on. The partition scheme on SDB is as follows: 9.77 GB is allocated to a recovery partition and the remaining 688.87 GB is allocated to a Windows partition. Both are formatted using NTFS. There is no partition scheme on SDC. I know how to clone one hard drive to another using DDRescue but I've only done it using hard drives that are the same size. For your reference, I'll normally use the command "ddrescue -v -r 3 /dev/sdb /dev/sdc example.log". I'd like to know if it's possible to do this with DDRescue. I've read the manual from GNU (http://www.gnu.org/software/ddrescue/manual/ddrescue_manual.html) and I haven't seen anything indicating that it is possible. I'm just looking for some confirmation that this is a correct impression. If it's not possible, then it would be helpful if any of y'all would be able to make some work around suggestions. But please don't feel obligated to do that. I don't want to have my one thread bogged down with two many questions.

  Read the article

• Possible for linux bridge to intercept traffic?

  - by A G

  I have a linux machine setup as a bridge between a client and a server; brctl addbr0 brctl addif br0 eth1 brctl addif br0 eth2 ifconfig eth1 0.0.0.0 ifconfig eth2 0.0.0.0 ip link set br0 up I also have an application listening on port 8080 of this machine. Is it possible to have traffic destined for port 80 to be passed to my application? I have done some research and it looks like it could be done using ebtables and iptables. Here is the rest of my setup: //set the ebtables to pass this traffic up to ip for processing; DROP on the broute table should do this ebtables -t broute -A BROUTING -p ipv4 --ip-proto tcp --ip-dport 80 -j redirect --redirect-target DROP //set iptables to forward this traffic to my app listening on port 8080 iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --on-port 8080 --tproxy-mark 1/1 iptables -t mangle -A PREROUTING -p tcp -j MARK --set-mark 1/1 //once the flows are marked, have them delivered locally via loopback interface ip rule add fwmark 1/1 table 1 ip route add local 0.0.0.0/0 dev lo table 1 //enable ip packet forwarding echo 1 > /proc/sys/net/ipv4/ip_forward However nothing is coming into my application. Am I missing anything? My understanding is that the target DROP on the broute BROUTING chain will push it up to be processed by iptables. Secondly, are there any other alternatives I should investigate? Edit: IPtables gets it at nat PREROUTING, but it looks like it drops after that; the INPUT chain (in either mangle or filter) doesn't see the packet.

  Read the article

• RAID5 issue after replacing motherboard and upgrading firmware

  - by 8steve8

  ok so ive had a 4x2TB(samsung HD204UI w/firmware patch) raid5 array working normally for about a month. It was in a h57 gigabyte motherboard using the intel raid with Windows 7 x64. Today I got an intel h67 motherboard, so I upgraded the intel raid drivers to 10.1.0.1008 from 9.6.0.1014, and I'm not sure if i checked after a reboot, but it caused no problems. I swapped in the new dh67 motherboard, and my array status was "failed". 2 of the 4 drives listed themselves as members, while the other two drives listed themselves as non-members. I tried going back to the old h57 mobo, and downgrading the raid drivers, but the issue remains. It's not port dependent, 2 of the drives always come up as non-members regardless of what port or motherboard they are plugged into. This screenshot should show that the SNs match, which raises the question why the software doesn't realize the drive is a member of the array. I'd like to know if anyone has experienced anything similar, and what should I do, can I force the drive to be recognized as a member (without wiping data)?

  Read the article

• Looking for easiest, most simple solution to run a customised DNS Server for my local network on Windows 7.

  - by Jamie G

  I need to forward some websites, such as http://testing.server/ to an fixed IP address on my local network. I can do this easily on one computer using the hosts file. However, I need this to work for all machines on my network. I think the best way to do this will be to setup my own DNS Servers and add the custom DNS settings there. However, I'm looking for the simplest way possible to do this - I really don't want to spend hours setting up Unix Servers and running tricky terminal based scripts just to do this! My server is a standard Windows 7 machine. My dream would be a nice simple windows program with a GUI where I could input my ISP's DNS server and it would use those records, unless I had specifically set up my own DNS for a domain to use instead. If it had a web based admin system that was accessible from another computer on the network that would be even better. Does anyone know of anything that can do this? Many thanks indeed.

  Read the article

• Office documents on intranet all requiring second login and can't pass auth? Disable webdav?

  - by DOTang

  I am not sure what is going on, but recently all the Office documents on our intranet get prompted a second time for login and according to the error logs it looks like it's trying to use webdav to open (an editable?) version of the document to save directly on the server? We have no sharepoint server setup or anything, but this shouldn't be happening. All I want is for the document to be saved or opened from a local copy in temp like normal. Here is the log: Line 57499: 2011-04-12 15:57:10 (ip) OPTIONS (address) - 443 (username) (user ip) Microsoft-WebDAV-MiniRedir/6.1.7601 - 401 1 1326 1525 238 0 Line 57500: 2011-04-12 15:57:10 (ip) OPTIONS (address) - 443 (username) (user ip) Microsoft-WebDAV-MiniRedir/6.1.7601 - 401 1 1326 1525 238 0 Line 57501: 2011-04-12 15:57:10 (ip) OPTIONS (address) - 443 (username) (user ip) Microsoft-WebDAV-MiniRedir/6.1.7601 - 401 1 1326 1525 238 0 The log basically contains a bunch of these. How can I disable this behavior so that office documents that are downloaded aren't attempted to be used through webdav?? Edit: I should clarify behavior, it asks if you want to save or open it, upon choosing open open, it asks to re-authenicate, you put in the user information and the login box comes up 3 times acting like you entered the wrong password. For some users, after passing the login box the third time, it still opens up, for others their browser just locks up. It also doesn't even look like webdav is installed on our server, I see no config options in IIS for it as outlined on this page: http://learn.iis.net/page.aspx/350/installing-and-configuring-webdav-on-iis-7/#001

  Read the article

• Easiest way to do host name resolution with IPA?

  - by Luke

  We are currently using static LAN IP addresses for our internal non-public facing servers. We don't have DHCP configured. We're using Vyatta for our router and firewall. The firewall is configured to be zone based. We want to setup IPA for centralized authentication (LDAP+Kerberos). IPA is requiring resolvable host names. I want to avoid having to enter DNS records by hand. What is the most painless way to make host names resolvable that works with IPA in a Linux only environment? We arn't using anything to resolve host names now. Up until now we've been using static ip addresses and local users on each server. We've looked at BIND, DHCP (does that even solve the problem?), and multicast DNS. At this point we're not sure which solution would work best. Is there another option we haven't considered? Security is very important. We have multiple zones where each zone has very specific or no access to another zone. DNS for public domains is forwarded from Vyatta to our ISP's DNS server.

  Read the article

• Use both OpenVPN & eth0 together

  - by shadyabhi

  I connect to a VPN using openVPN. Now, after the connection is established, all my traffic goes through tun0. My LAN gateway is 10.100.98.4... So, for apps to use my direct internet connnection I did sudo route add default gw 10.100.98.4 But, I cant use tun0 now. I know this because curl --interface tun0 google.com doesnt give me anything.. How do I go about using both connections simultaneously. How can I achieve that? ROUTING TABLES:- Without VPN running:- Destination Gateway Genmask Flags Metric Ref Use Iface 10.100.98.0 * 255.255.255.0 U 1 0 0 eth0 default 10.100.98.4 0.0.0.0 UG 0 0 0 eth0 With VPN:- Destination Gateway Genmask Flags Metric Ref Use Iface 10.10.0.1 10.10.54.230 255.255.255.255 UGH 0 0 0 tun0 10.10.54.230 * 255.255.255.255 UH 0 0 0 tun0 free-vpn.torvpn 10.100.98.4 255.255.255.255 UGH 0 0 0 eth0 10.100.98.0 * 255.255.255.0 U 1 0 0 eth0 default 10.10.54.230 0.0.0.0 UG 0 0 0 tun0 After the route command- Destination Gateway Genmask Flags Metric Ref Use Iface 10.10.0.1 10.10.54.230 255.255.255.255 UGH 0 0 0 tun0 10.10.54.230 * 255.255.255.255 UH 0 0 0 tun0 free-vpn.torvpn 10.100.98.4 255.255.255.255 UGH 0 0 0 eth0 10.100.98.0 * 255.255.255.0 U 1 0 0 eth0 default 10.100.98.4 0.0.0.0 UG 0 0 0 eth0 default 10.10.54.230 0.0.0.0 UG 0 0 0 tun0

  Read the article

• Issues connecting to HP ProCurve switches

  - by BriGuy

  We are having a very strange issue trying to connect to our infrastructure switches via SSH. When you first try connecting to them, the switches will prompt for the password - and then just sit there after it is entered. If you create a second SSH session to the switch (while letting the first one remain open and just sitting there) it will let you log right in. The switches are doing the same thing with RADIUS and local authentication. The other strange part to all of this, is that about 10 switches started doing it all at the same time. As far as actual configuration of the switches, nothing has changed. Occasionally, one switch will start working like normal, but then stop again. These are all HP ProCurve managed switches, but all different models/firmware. Some switches that are not working are using the same firmware as others that are working. UPDATE: 20130312 I am also seeing this same behavior when trying to use telnet. The first telnet session just hangs there, and the second telnet session will let me log in. Rebooting the switches seems to get them working, but I still have 5 production switches that cannot easily be rebooted because of their production roles. Is anyone aware of anything else that can be switched on/off that may reset the logon for remote management or something like that?

  Read the article

• Finding Webserver Vulnerability

  - by Brent

  We operate a webserver farm hosting around 300 websites. Yesterday morning a script placed .htaccess files owned by www-data (the apache user) in every directory under the document_root of most (but not all) sites. The content of the .htaccess file was this: RewriteEngine On RewriteCond %{HTTP_REFERER} ^http:// RewriteCond %{HTTP_REFERER} !%{HTTP_HOST} RewriteRule . http://84f6a4eef61784b33e4acbd32c8fdd72.com/%{REMOTE_ADDR} Googling for that url (which is the md5 hash of "antivirus") I discovered that this same thing happened all over the internet, and am looking for somebody who has already dealt with this, and determined where the vulnerability is. I have searched most of our logs, but haven't found anything conclusive yet. Are there others who experienced the same thing that have gotten further than I have in pinpointing the hole? So far we have determined: the changes were made as www-data, so apache or it's plugins are likely the culprit all the changes were made within 15 minutes of each other, so it was probably automated since our websites have widely varying domain names, I think a single vulnerability on one site was responsible (rather than a common vulnerability on every site) if an .htaccess file already existed and was writeable by www-data, then the script was kind, and simply appended the above lines to the end of the file (making it easy to reverse) Any more hints would be appreciated.

  Read the article

• Is it possible to get ESC to behave as an actual escape key?

  - by leftaroundabout

  So I have finally switched, not so much because I'm yet convinced Emacs in itself is the better editor but because it certainly does have more powerful extensions. I am still using vim-mode though, perhaps that's part of my problem... but I really don't intend to abandon the modes-approach, so I'll probably stay with it. I'm getting along quite well, but one thing I find really unnerving is the behaviour of the esc key (which I have in the shift-lock position). I'm used to relying on this a lot as more or less a "panic key", which may not be nice but I find allows me to work generally quite a bit less caring about the keystrokes themselves, and thus faster. What I'd like this key to do is just get me out of any minibuffer or special editing mode into a well-defined normal state. Perhaps most importantly, I would like it to not do anything unrelated, Simulate meta. What do I have an alt key for? Close windows I'm not even in at the time. Getting interpreted as the final key in some key sequence. ... Is it possible to turn all that off and make esc an actual escape key? Vim-mode does make it behave kind of as I like in some situations, but when other plugins are involves this often breaks. Alternatively, are there different options that might suit my kind of workflow?

  Read the article

• Logging Remote Server Access via Remote Desktop

  - by Nate Bross

  The objective here is to start a simple .NET application I've written which captures some environment variables (time, username, computername, etc) upon login. This .NET application subscribes to the Windows "User logout" event. Upon launch, the application captures the above variables, and creates a record in my database, upon logout (which I'm capturing) I update another field in the same record, with the logout time. The above is working exactly as I would like, when I launch the binary, it makes its initial log entry, then waits for the logout event and updates the same record. Restrictions, the .NET binary should be able to live on a share point (\server\share\myapp\v1) so I can update the application to (\server\share\myapp\v2) and simply update the GPO/Logon script. My initial thought was to use the \domaincontroller\sysvol\ directory to store the binary and then update all user accounts to include a call to my application. Can you see any flaws in this approach? My question is this: First, is there anything wrong with my idea above? Second, if so, what is the best way (through group policy or otherwise) to ensure this application launches whenever a session is started on a server?

  Read the article

• Intel Motherboard Lightning Victim Dies Hard

  - by Stetson RDT

  Today, I have a more hardware-related question. I have an Intel board, and I really do not know which board it is, I built the machine for a relative, but he forgot to keep the documentation. Long story short, the computer was disconnected during a lightning storm, but a lightning strike travelled in via the ethernet cable (It was directly connected to a power brick commonly seen on those long distance ISP Wireless transmitters), and the motherboard was shocked. I am attempting to get this PC going. The problem is as follows: The computer will randomly reboot, just in the middle of anything as it pleases. May load to EFI (or whatever BIOS is nowadays), may load to bootloader, may even get to the OS. But before 5 minutes is up, the system will always die. Out of curiosity, I plugged my voltmeter in to a molex connector. On the 5V side, it gets a good, consistant +5.13V. On the 12V side, it fluctuates, as follows: Upon immediate startup, it soars to 12.11-12.13V. It will now do one of two things: it will immediately jump down to 12.04-12.05V, or hover for about a minute at 12.11-12.13, then jump down. It seems the longer the voltage stays at 12.11-12.13, the shorter the machine will stay running. Also, post codes, whenever the machine locks up, but does not die hard, seem to be between "AA" and "AC". Does this make any sense to anybody? Do you all think this motherboard is salvageable? It was an expensive bugger, and I'd prefer to not replace it.

  Read the article

• troubleshooting really slow login on a (linux) machine

  - by Peeter Joot

  Within the last couple of weeks, any attempt to login to a specific linux server has gotten really slow. Once I've logged in, things appear to run without significant delay, but some other login like activities (like starting a new screen session) are slow. The machine's been rebooted a couple of times recently and that hasn't helped. , and it doesn't appear to be $PATH search (where $PATH can sometimes include bad NFS mounts), which I've seen historically in our environment. I've also tried completely removing my .profile/.bash*/... type of init files to rule out anything bad there. I also see slow login for at least one other userid on the system. One thing I've noticed is the following message when trying to exit from a screen terminal: Utmp slot not found -> not removed and am wondering if this is related (having a vague recollection that Utmp has something to do with login). Any idea what that message means, or how to fix it, and if it would be related? Failing that, what sort of problem determination tools are available to investigate what is slowing down this login process?

  Read the article

• How can I prevent a DDOS attack on Amazon EC2?

  - by cwd

  One of the servers I use is hosted on the Amazon EC2 cloud. Every few months we appear to have a DDOS attack on this sever. This slows the server down incredibly. After around 30 minutes, and sometimes a reboot later, everything is back to normal. Amazon has security groups and firewall, but what else should I have in place on an EC2 server to mitigate or prevent an attack? From similar questions I've learned: Limit the rate of requests/minute (or seconds) from a particular IP address via something like IP tables (or maybe UFW?) Have enough resources to survive such an attack - or - Possibly build the web application so it is elastic / has an elastic load balancer and can quickly scale up to meet such a high demand) If using mySql, set up mySql connections so that they run sequentially so that slow queries won't bog down the system What else am I missing? I would love information about specific tools and configuration options (again, using Linux here), and/or anything that is specific to Amazon EC2. ps: Notes about monitoring for DDOS would also be welcomed - perhaps with nagios? ;)

  Read the article

• Must have local user to authenticate Samba to AD?

  - by Phil

  I've got a CentOS 5.3 server with Samba running. I've joined this server to my domain in the hopes of allowing AD users some access to my Samba shares. I've found that this works, but only as long as the AD username that I'm trying to authenticate with is also a local user on the server. In other words, if I'm trying to access a share, and try to authenticate with the AD username "joe", I get errors unless I create a user named 'joe' on the server. I don't have to create a matching password or anything....the local user's password is always blank, so I do know that the authentication is actually happening against the AD. Here's my smb.conf file: [global] workgroup = <mydomain> server string = <snip> netbios name = HOME security = ADS realm = <mydomain.com> password server = <snip> auth methods = winbind log level = 1 log file = /var/log/samba/%m.log [amore] path = /var/www/amore browseable = yes writable = yes valid users = DOMAIN\user1 DOMAIN\user2 DOMAIN\user3 DOMAIN\user4 I would assume that my kerberos settings are fine, as I've joined the domain and can use wbinfo to see users and groups. However, I can provide that info if necessary. Anyone have any ideas?

  Read the article

• Is Ubuntu a bad distro for a standalone mysql database server?

  - by DhruvPathak

  I read an article here : http://www.mysqlperformanceblog.com/2011/12/08/which-linux-distribution-for-mysql-server/ On the other end there are Debian and Ubuntu. Both use tool called dpkg for package management. There isn’t a month that I log in to a system based on either distribution where there are no issues with packages consistency. Unfinished installations, unresolved conflicts are so common that it’s just beyond simple negligence. The packaging system is just not robust enough. Another problem is that one broken package may block you from installing or uninstalling anything else. Imagine that someone left system in such shape, you prepared for downtime, stopped MySQL and… error – text editor has not been properly installed, so you cannot upgrade MySQL either until the problem is fixed. In a stressful situation when downtime clock ticks – annoying at best We prefer Ubuntu server because of familiarity and Ubuntu also being development environment. Questions: Is Ubuntu used commonly in production for a mysql database server ? Is it worth the trouble ever to have one distro eg Ubuntu in web server, and another say Red Hat in database server ? Or Is a homogenous server pool a better choice ?

  Read the article

• saving data from a failing drive

  - by intuited

  An external 3½" HDD seems to be in danger of failing — it's making ticking sounds when idle. I've acquired a replacement drive, and want to know the best strategy to get the data off of the dubious drive with the best chance of saving as much as possible. There are some directories that are more important than others. However, I'm guessing that picking and choosing directories is going to reduce my chances of saving the whole thing. I would also have to mount it, dump a file listing, and then unmount it in order to be able to effectively prioritize directories. Adding in the fact that it's time-consuming to do this, I'm leaning away from this approach. I've considered just using dd, but I'm not sure how it would handle read errors or other problems that might prevent only certain parts of the data from being rescued, or which could be overcome with some retries, but not so many that they endanger other parts of the drive from being saved. I guess ideally it would do a single pass to get as much as possible and then go back to retry anything that was missed due to errors. Is it possible that copying more slowly — e.g. pausing every x MB/GB — would be better than just running the operation full tilt, for example to avoid any overheating issues? For the "where is your backup" crowd: this actually is my backup drive, but it also contains some non-critical and bulky stuff, like music, that aren't backups, i.e. aren't backed up. The drive has not exhibited any clear signs of failure other than this somewhat ominous sound. I did have to fsck a few errors recently — orphaned inodes, incorrect free blocks/inodes counts, inode bitmap differences, zero dtime on deleted inodes; about 20 errors in all. The filesystem of the partition is ext3.

  Read the article

< Previous Page | 604 605 606 607 608 609 610 611 612 613 614 615  | Next Page >