Search Results

Search found 10501 results on 421 pages for 'hardware firewall'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 73/421 | < Previous Page | 69 70 71 72 73 74 75 76 77 78 79 80  | Next Page >

  • blocking port 80 via iptables

    - by JoyIan Yee-Hernandez
    I'm having problems with iptables. I am trying to block port 80 from the outside, basically plan is we just need to Tunnel via SSH then we can get on the GUI etc. on a server I have this in my rule: Chain OUTPUT (policy ACCEPT 28145 packets, 14M bytes) pkts bytes target prot opt in out source destination 0 0 DROP tcp -- * eth1 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 state NEW,ESTABLISHED And Chain INPUT (policy DROP 41 packets, 6041 bytes) 0 0 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 state NEW,ESTABLISHED Any guys wanna share some insights?

    Read the article

  • Uncorrectable machine check

    - by GregC
    I am experiencing rare but real unrecoverable machine checks on HP DL370 G6 dual-core Xeon server. I ran memtest86+ before, and ran CPU-intensive operations without any problems. In your opinion, does this indicate a real problem, or is it normal and expected behavior? How would you approach this problem? EDIT after some troubleshooting, it seems that these machine checks, as well as problems when showing device manager can be traced back to NC375i NICs. All is well when the NICs are not in the server. Further improvements to stability of HP Gen6 with Intel Xeon have been brought in with BIOS update in September 2013 HP Update DVD. Intel's newer microcode makes these CPUs much more stable. We haven't seen hardware-related BSODs since the update in September.

    Read the article

  • How can I prevent OpenVPN Client from blocking inbound connections while a tunnel is connected?

    - by joshudson
    We have this machine that we RDP into for using OpenVPN. When a tunnel is connected, it is not possible to RDP into the machine. Should we get disconnected, this is a problem (machine is headless). How can I stop OpenVPN from blocking inbound RDP? I do not have access to the server configuration. If there's anything interesting on the client to check you'll have to tell me how to get at it. I eliminated the possibility of routing issue before asking the question. Only inbound connections cannot be opened. Outbound connections to LAN can be opened just fine. EDIT: Don't bother answering. The problem disappeared without any known changes being made.

    Read the article

  • SSH Tunnel doesn't work in China

    - by Martin
    Last year I was working in China for a few months. I never bothered setting up a real VPN, but just created a SSH tunnel, and changed my browsers proxy settings to connect through it. Everything worked great (except flash of course) but that was fine. However, now I'm back in China but I'm having problems with this approach. I do the same thing as last time, and according to https://ipcheckit.com/ my IP address is indeed the IP of my (private) server in the US, and I'm logging in to my server using a fingerprint I created long before going to China so no MITM should be possible. Furthermore the certificate from ipcheckit.com is from GeoTrust - so everything should be OK However, I still can't access sites which are blocked in China. Any idea how this could be possible?

    Read the article

  • Mirror network packets from WiFi to Ethernet in an ASUS Router RT N53

    - by fazineroso
    I have an ASUS RT N53 router, running the default firmware (Linux 2.6.22 with busybox and uclibc). I need to capture data packets from some Wi-Fi devices I have connected to that router (iPad and some smartphones), but the router is not forwarding any package coming from Wi-Fi devices to the Ethernet Ports. Any idea how can I proceed? Available tools in the router are iptables (no tee option, though), ebtables, brctl... Currently the ethernet and Wifi devices are forming a bridge: # brctl show bridge name bridge id STP enabled interfaces br0 8000.50465dc06be2 no vlan0 eth1 No ebtables rules: # ebtables -L Bridge table: filter Bridge chain: INPUT, entries: 0, policy: ACCEPT Bridge chain: FORWARD, entries: 0, policy: ACCEPT Bridge chain: OUTPUT, entries: 0, policy: ACCEPT

    Read the article

  • Reverse web proxy with time constraints

    - by user2893458
    I have a web application which produces several unique URLs of the type http://service.company.com/service.html?type=aaaa&key=jfiZm6u6cW where the last part is a randomly generated key. Each such URL provides access to an instance of the service provided. I am looking for a way to restrict access to those URLs based on time constraints, as an example URL#1 should be available between 8:00AM and 10:00AM on May 30, URL#2 should be available between 10:30AM and 12:00PM on May 31, and so on. I already have a resource scheduling application based on Drupal and would like to find a way to include those URLs as scheduled resources. The web application is deployed on Apache Tomcat, so I don't have the knowledge or the resources to alter it, therefore I thought that I could put some sort of reverse proxy in front of the web app that could implement the time constraint feature. In my thoughts the reverse proxy would allow or disallow access to each URL based on the rules that my scheduling application would provide. There may be other ways to deliver such a solution, but I can't think of anything better, so the question is: is there a reverse web proxy architecture that could allow access to the destination URLs based on time and date rules? Any other ideas are more than welcome.

    Read the article

  • Cisco FWSM -> ASA upgrade broke our mail server

    - by Mike Pennington
    We send mail with unicode asian characters to our mail server on the other side of our WAN... immediately after upgrading from a FWSM running 2.3(2) to an ASA5550 running 8.2(5), we saw failures on mail jobs that contained unicode. The symptoms are pretty clear... using the ASA's packet capture utility, we snagged the traffic before and after it left the ASA... access-list PCAP line 1 extended permit tcp any host 192.0.2.25 eq 25 capture pcap_inside type raw-data access-list PCAP buffer 1500000 packet-length 9216 interface inside capture pcap_outside type raw-data access-list PCAP buffer 1500000 packet-length 9216 interface WAN I downloaded the pcaps from the ASA by going to https://<fw_addr>/pcap_inside/pcap and https://<fw_addr>/pcap_outside/pcap... when I looked at them with Wireshark Follow TCP Stream, the inside traffic going into the ASA looks like this EHLO metabike AUTH LOGIN YzFwbUlciXNlck== cZUplCVyXzRw But the same mail leaving the ASA on the outside interface looks like this... EHLO metabike AUTH LOGIN YzFwbUlciXNlck== XXXXXXXXXXXX The XXXX characters are concerning... I fixed the issue by disabling ESMTP inspection: wan-fw1(config)# policy-map global_policy wan-fw1(config-pmap)# class inspection_default wan-fw1(config-pmap-c)# no inspect esmtp wan-fw1(config-pmap-c)# end The $5 question... our old FWSM used SMTP fixup without issues... mail went down at the exact moment that we brought the new ASAs online... what specifically is different about the ASA that it is now breaking this mail? Note: usernames / passwords / app names were changed... don't bother trying to Base64-decode this text.

    Read the article

  • Does the size of the monitor Matter?

    - by Arsheep
    I have a old computer, and I want to buy a big LCD. The best I've found so far is Viewsonic's 24" LCD TFT monitor. So will it run without any problems, or do I need to upgrade the video cards or something as well? The computer is not too old: it has P4 board and celeron processor, with 128 graphics memory. And in display properties, it says that the maxium that I can use is 1280 x 1024 resolution. I am noob hardware-wise, so need help on this stuff. Thanks

    Read the article

  • 1K incoming http post requests per second, each with a 10-50K file

    - by Blankman
    I'm trying to figure out what kind of server setup I will need to support: 1K http post requests per second each post will contain a xml file between 5-50K (average of 25 kilobytes) Even if I get a 100 Mb/s connection with my dedicated box (they usually give 10 Mb/s but you can upgrade), from my calculations that is about 12K kb/s which means about 480 25kb files per second. So this means I need around 3 servers then, each with 100 Mb/s connection. Would a single server running HAProxy be able to redirect the requests to other servers or does this mean I need to get something else that can handle more than 100 Mb/s to proxy things out to the other servers? If my math is off I'd appreciate any corrections you may have.

    Read the article

  • Opening ports with IPTables not working - Ubuntu

    - by user41416
    So, I have these rules set in iptables: # iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpts:6850:6999 ACCEPT udp -- anywhere anywhere udp dpts:6850:6999 ACCEPT tcp -- anywhere anywhere tcp dpt:6881 Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Although, the ports are not open :/ here is a telnet attempt: # telnet localhost 6999 Trying 127.0.0.1... telnet: Unable to connect to remote host: Connection refused Any idea why this is happening? Do I need to reboot or do someone to make the changes permanent? Last time I rebooted the rules disappeared from iptables :/

    Read the article

  • How to control/check CheckPoint rules changes (and another System events)

    - by user35115
    I need to check/control all system events on many CheckPoint FW1 - don't misunderstand - not rules triggering, but events such admins log on, rules changes and etc. I found out that I can make an log export using 2 methods: Grab logs Use special script that redirect Checkpoint log entries to syslog, FW1-Loggrabber But it's not clear for me does such logs also contain information that i need (admins log on, rules changes)? And If yes is it possible to filter events? I also suppose, that if system bases on *nix platform it must be a ploy - use based functions of the system to do what i want. Unfortunately i don't know where to "dig". May be you know? Updated: New info "FW-1 can pipe its logs to syslog via Unix's logger command, and there are third party log-reading utilities" So, the main question is how do my task in the best way? Has anybody already resolved such problem? P.S. I' m new with CheckPoint, so all information will be useful for me. Thank you.

    Read the article

  • Searching Objects on SonicWALL (NSA 2600, SonicOS 6.1)

    - by Justin Scott
    Ok, this may sound like a dumb question, but does the SonicOS web interface not have a search option for object definitions? One of my clients recently decided to replace their Astaro Security Gateways with SonicWALL firewalls. These sit in front of a small data center full of servers and we have several hundred custom service and address definitions that need to be ported. The SonicOS interface provides a basic list for service and address definitions but no search option to be found. To make it worse, there is no option to list them all on one page (they're paginated 50 at a time) so I can't use the text search on the web browser either. The Astaro units have a nice search option on their definitions so perhaps I just got spoiled by their software. Am I missing something or is there some way to search for an object without paging through the list and finding an entry manually?

    Read the article

  • Dead USB flash drive

    - by Unsliced
    So a friend has come to me with a problem. They have a dead USB thumb drive which no longer responds when plugged into a machine. I've tried it in a Mac and it doesn't even respond, at least on a Windows XP machine it sees that it is there but can't show it in explorer, just that whatever is plugged in has malfunctioned. There is obviously current because the activity light on the drive illuminates. I'm looking for suggestions, please. I have access to Mac or Windows hardware and am happy to experiment (and even to pay if the solution works!) It's a bit late to recommend regular backups, but in the lack of that, what's the next best forensic advice? Edit: I should stress that, if possible, we're trying to rescue the data, after all, thumb drives are basically disposable and hardly worth the bother if there's no emotional or functional reason for wanting to rescue it!

    Read the article

  • identify a router that cuts certain port

    - by Sergiks
    Is there a way to identify which particular router between me and some server blocks connections on certain port? I am in a hotel in Thailand, where they have recently changed some settings in their equipment, and now I cannot reach any of my servers in Europe and USA by SSH / port 22. More traditional ports like 80 or 21 are open. traceroute command shows each particular router in the middle. But is there a way to identify one that filters out port 22?

    Read the article

  • Does NAT change the source MAC address?

    - by user44073
    I'm trying to secure my home network but don't really need the complexity of a VPN so I'm trying to figure out other options. I'd like to allow my iPhone remote access to my home servers but I can't depend on the IP address because it changes quite often (due to the 3G network, etc). Can I filter incoming connections on my router (pfsense) by MAC address or does NAT change the source as it's passing through the different routers on the internet?

    Read the article

  • Remote Desktop AND monitor fail on restart (Win2008R2)

    - by Wesley
    I am in the process of building a small 3 server farm. Each machine is running Window Server 2008 R2. As is normal, I am in the process of installing patch after patch to bring the machine up to snuff. Every time I restart the machine, or most every time, when I try to remote in to the machine I get the Log In window, but then almost immediately I get the message that my remote session was ended. If I physically walk over to the machine and plug in a monitor and keyboard, I see nothing. If I leave the keyboard and monitor in and restart the machine by force, the computer reboots just fine. When windows starts, I get no error message about windows not starting or being shut off unexpectedly. Once I log into the machine physically by the keyboard, I can then remote in to the machine at that point. Very confused. This happens on all 3 machines, these machines have different hardware.

    Read the article

  • UFW blocking webrick on port 3000

    - by t Book
    On a ubuntu 10.0.4 server runs redmine. starting webrick with: ./server webrick -e production -b lvps46-173-79-113.dedicated.hosteurope.de -d makes redmine available in browser. as soon as we enable ufw, webrick can´t be accessed anymore. of course we allowed Port 3000 from anywhere ufw allow 3000/tcp ufw allow 3000/udp also a grep for iptables doesn´t show a deny rule iptables -nL | grep 3000 find the whole iptables output here http://pastebin.com/k6WNqdPU checking lsof -ni tcp:2222 tells me ruby is listening on port 3000 ruby 3457 root 5u IPv4 864846667 0t0 TCP 46.173.79.113:3000 (LISTEN) What else can we check? what´s wrong with the ufw rules for port 3000?

    Read the article

  • Can I extend my total RAM by buying more, and what kind do I need to buy

    - by Xeon06
    I currently have 4 GB total RAM and I would like to get some more, to bring it to a total of 8 GB. Is it possible to simply buy another 4 GB and bring it to 8? If so, what kind should I be buying? There is a lot of different possibilities, DDR3, DDR2, clock speed, etc. I am kind of lost among all this. My current setup goes like this: ACER EG43M mainboard Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz 4 total RAM slots, 2 occupied by 2 GB sticks According to CPU-Z, my memory type is DDR3 (not sure how reliable that is) Full CPU-Z dump Windows 7 64-bit So basically, I want to know whether it's possible to extend my current RAM to get 8 GB total by buying another 4, and if so, what kind of RAM do I need? Note that I am not looking for shopping recommendations. I'm worried about the hardware compatibility.

    Read the article

  • What means empty iptables?

    - by Memochipan
    I'm using CentOS and when type the command: iptables -L -v The output is as follows: Chain INPUT (policy ACCEPT 19614 packets, 2312K bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 13881 packets, 32M bytes) pkts bytes target prot opt in out source destination What does this means I'm able to connect using SSH. Where can I see that rule?

    Read the article

  • Configure clients to navigate through specific wan. Pfsense

    - by leandronn
    I have a machine with a pfsense running. It is configured with three ethernet cards. LAN 192.168.2.1/21 WAN1 200.41.X.2/24 WAN2 200.41.X.3/24 ISP Gateway 200.41.X.1 This is a connection with 5 different IP addresses. WAN1 and WAN2 are directly connected to my ISP router. I need a way to configure some clients navigating through WAN1 and some through WAN2. I am new to pfsense so, please, if you can send me some examples to do this. I can add two squids if it is necessary. Thanks a lot.

    Read the article

  • Cisco ASA Multiple Public IP

    - by KGDI
    I have a Cisco ASA5510 and articles related to ASA and mulitple Public IP says this cant be done. My question is how to best solve a scenario like this: I have 3 zones, Outside, Inside and DMZ Outside is Internet Inside is Client machines DMZ is a zone for servers related to external and internal services. My scenario is a bit more complex, but to keep things simple this will do: I want to place an Exchange server and a web server (externally reachable in the DMZ zone) The webserver uses both TCP80/443, the Exchange server uses 443 So to the problem: With the ASA only having one public IP, how would you make a DNAT to port 443 on both the internal hosts behind 1 Public IP? Usually, when i do this kind of scenario With Linux boxes i use alias Interfaces like eth0:0, eth0:1 and set 1 Public IP on each. To me this must be a pretty common scenario, any ideas on how to solve it With ASA? /KGDI

    Read the article

  • Set generic iptables rules?

    - by tftd
    This may be a really dumb question but how can you open a port on multiple interfaces without defining the interfaces? For example how do I open port 22 on all interfaces? On my machine I have some interfaces that are dynamic and may or may not be available so I have to set "generic" rules. This code is not working for me but I can't figure out why: # My default policy is to drop the input. # The other policies are required like that. $IPTABLES -P INPUT DROP $IPTABLES -P OUTPUT ACCEPT $IPTABLES -P FORWARD ACCEPT $IPTABLES -t nat -P POSTROUTING ACCEPT $IPTABLES -t nat -P PREROUTING ACCEPT $IPTABLES -t mangle -P OUTPUT ACCEPT $IPTABLES -t mangle -P PREROUTING ACCEPT #Open port 22 on all interfaces ? $IPTABLES -A INPUT -p tcp --dport 22 -j ACCEPT So apparently there's something wrong with the last line... but I can't see it?

    Read the article

  • Should I create a second WAN Interface for a new SSLVPN setup on my Sonicwall 2400?

    - by TheSuperman
    Sonic Wall 2400 I'm setting up a new SSLVPN on our Sonicwall, very new to this. I currently have an exchange server as well, so mail.company.com is directed to our mail server. I'd like to setup a clean link for my low end users, remote.company.com to be for the SSLVPN, but I'm not sure how to do this within the Sonicwall? I setup SSLVPN on port 443. Only 1 WAN setup, on the X1 Interface. We have an A record setup with the same static IP used on the WAN Interface, and is configured for mail.company.com. Should I use a new static IP from our block of usable IP's to create the new Remote.Company.com? If so, I have no idea where to start on this on the Sonicwall? Any suggestions?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 69 70 71 72 73 74 75 76 77 78 79 80  | Next Page >