Search Results

Search found 33247 results on 1330 pages for 'anonymous access'.

Page 77/1330 | < Previous Page | 73 74 75 76 77 78 79 80 81 82 83 84  | Next Page >

  • Wifi hotspot disconnected after some time

    - by Rohit Bansal
    I am trying to use my Ubuntu system as Wifi Hotspot, but for some reason Hotspot get disconnected on its own. Searching for the solution, I found this help : Why is my ethernet connection connecting and disconnecting repeatedly? Reading through the above article I used the following command sudo killall dnsmasq as a result I manage to establish hotspot for around 5-10 sec before getting disconnected as against immediately.... Here's the system log (in case needed) tail -f /var/log/syslog : Apr 1 23:31:42 NetworkManager[901]: <info> Starting dnsmasq... Apr 1 23:31:42 NetworkManager[901]: <info> (wlan0): device state change: ip-config -> activated (reason 'none') [70 100 0] Apr 1 23:31:42 dnsmasq[4159]: started, version 2.57 cachesize 150 Apr 1 23:31:42 dnsmasq[4159]: compile time options: IPv6 GNU-getopt DBus I18N DHCP TFTP IDN Apr 1 23:31:42 dnsmasq-dhcp[4159]: DHCP, IP range 10.42.43.10 -- 10.42.43.100, lease time 1h Apr 1 23:31:42 dnsmasq[4159]: reading /etc/resolv.conf Apr 1 23:31:42 dnsmasq[4159]: using nameserver 220.226.6.104#53 Apr 1 23:31:42 dnsmasq[4159]: using nameserver 220.226.100.40#53 Apr 1 23:31:42 dnsmasq[4159]: cleared cache Apr 1 23:31:42 NetworkManager[901]: <info> Activation (wlan0) successful, device activated. Apr 1 23:31:42 NetworkManager[901]: <info> Activation (wlan0) Stage 5 of 5 (IP Configure Commit) complete. Apr 1 23:31:42 NetworkManager[901]: <info> Activation (wlan0) Stage 4 of 5 (IP4 Configure Get) complete. Apr 1 23:31:42 dbus[885]: [system] Activating service name='org.freedesktop.nm_dispatcher' (using servicehelper) Apr 1 23:31:42 dbus[885]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher' Connection established at this point....now disconnecting after 10 sec... Apr 1 23:31:52 ntpdate[4194]: adjust time server 91.189.94.4 offset -0.011589 sec Apr 1 23:32:01 NetworkManager[901]: <info> (wlan0): IP6 addrconf timed out or failed. Apr 1 23:32:01 NetworkManager[901]: <info> Activation (wlan0) Stage 4 of 5 (IP6 Configure Timeout) scheduled... Apr 1 23:32:01 NetworkManager[901]: <info> Activation (wlan0) Stage 4 of 5 (IP6 Configure Timeout) started... Apr 1 23:32:01 NetworkManager[901]: <info> Activation (wlan0) Stage 5 of 5 (IP Configure Commit) started... Apr 1 23:32:01 NetworkManager[901]: <info> Executing: /sbin/iptables --table filter --insert INPUT --in-interface wlan0 --protocol tcp --destination-port 53 --jump ACCEPT Apr 1 23:32:01 NetworkManager[901]: <info> Executing: /sbin/iptables --table filter --insert INPUT --in-interface wlan0 --protocol udp --destination-port 53 --jump ACCEPT Apr 1 23:32:01 NetworkManager[901]: <info> Executing: /sbin/iptables --table filter --insert INPUT --in-interface wlan0 --protocol tcp --destination-port 67 --jump ACCEPT Apr 1 23:32:01 NetworkManager[901]: <info> Executing: /sbin/iptables --table filter --insert INPUT --in-interface wlan0 --protocol udp --destination-port 67 --jump ACCEPT Apr 1 23:32:01 NetworkManager[901]: <info> Executing: /sbin/iptables --table filter --insert FORWARD --in-interface wlan0 --jump REJECT Apr 1 23:32:01 NetworkManager[901]: <info> Executing: /sbin/iptables --table filter --insert FORWARD --out-interface wlan0 --jump REJECT Apr 1 23:32:01 NetworkManager[901]: <info> Executing: /sbin/iptables --table filter --insert FORWARD --in-interface wlan0 --out-interface wlan0 --jump ACCEPT Apr 1 23:32:01 NetworkManager[901]: <info> Executing: /sbin/iptables --table filter --insert FORWARD --source 10.42.43.0/255.255.255.0 --in-interface wlan0 --jump ACCEPT Apr 1 23:32:01 NetworkManager[901]: <info> Executing: /sbin/iptables --table filter --insert FORWARD --destination 10.42.43.0/255.255.255.0 --out-interface wlan0 --match state --state ESTABLISHED,RELATED --jump ACCEPT Apr 1 23:32:01 NetworkManager[901]: <info> Executing: /sbin/iptables --table nat --insert POSTROUTING --source 10.42.43.0/255.255.255.0 ! --destination 10.42.43.0/255.255.255.0 --jump MASQUERADE Apr 1 23:32:01 NetworkManager[901]: <info> Executing: /sbin/iptables --table filter --insert INPUT --in-interface wlan0 --protocol tcp --destination-port 53 --jump ACCEPT Apr 1 23:32:01 NetworkManager[901]: <info> Executing: /sbin/iptables --table filter --insert INPUT --in-interface wlan0 --protocol udp --destination-port 53 --jump ACCEPT Apr 1 23:32:01 NetworkManager[901]: <info> Executing: /sbin/iptables --table filter --insert INPUT --in-interface wlan0 --protocol tcp --destination-port 67 --jump ACCEPT Apr 1 23:32:01 NetworkManager[901]: <info> Executing: /sbin/iptables --table filter --insert INPUT --in-interface wlan0 --protocol udp --destination-port 67 --jump ACCEPT Apr 1 23:32:01 NetworkManager[901]: <info> Executing: /sbin/iptables --table filter --insert FORWARD --in-interface wlan0 --jump REJECT Apr 1 23:32:01 NetworkManager[901]: <info> Executing: /sbin/iptables --table filter --insert FORWARD --out-interface wlan0 --jump REJECT Apr 1 23:32:01 NetworkManager[901]: <info> Executing: /sbin/iptables --table filter --insert FORWARD --in-interface wlan0 --out-interface wlan0 --jump ACCEPT Apr 1 23:32:01 NetworkManager[901]: <info> Executing: /sbin/iptables --table filter --insert FORWARD --source 10.42.43.0/255.255.255.0 --in-interface wlan0 --jump ACCEPT Apr 1 23:32:01 NetworkManager[901]: <info> Executing: /sbin/iptables --table filter --insert FORWARD --destination 10.42.43.0/255.255.255.0 --out-interface wlan0 --match state --state ESTABLISHED,RELATED --jump ACCEPT Apr 1 23:32:01 NetworkManager[901]: <info> Executing: /sbin/iptables --table nat --insert POSTROUTING --source 10.42.43.0/255.255.255.0 ! --destination 10.42.43.0/255.255.255.0 --jump MASQUERADE Apr 1 23:32:01 NetworkManager[901]: <info> Starting dnsmasq... Apr 1 23:32:01 NetworkManager[901]: <info> Activation (wlan0) Stage 5 of 5 (IP Configure Commit) complete. Apr 1 23:32:01 NetworkManager[901]: <info> Activation (wlan0) Stage 4 of 5 (IP6 Configure Timeout) complete. Apr 1 23:32:01 NetworkManager[901]: <warn> dnsmasq died with signal 9 Apr 1 23:32:01 NetworkManager[901]: <info> (wlan0): device state change: activated -> failed (reason 'sharing-start-failed') [100 120 18] Apr 1 23:32:01 dnsmasq[4235]: started, version 2.57 cachesize 150 Apr 1 23:32:01 dnsmasq[4235]: compile time options: IPv6 GNU-getopt DBus I18N DHCP TFTP IDN Apr 1 23:32:01 dnsmasq-dhcp[4235]: DHCP, IP range 10.42.43.10 -- 10.42.43.100, lease time 1h Apr 1 23:32:01 NetworkManager[901]: <warn> Activation (wlan0) failed for access point (Reppify Ubuntu) Apr 1 23:32:01 dnsmasq[4235]: reading /etc/resolv.conf Apr 1 23:32:01 dnsmasq[4235]: using nameserver 220.226.6.104#53 Apr 1 23:32:01 dnsmasq[4235]: using nameserver 220.226.100.40#53 Apr 1 23:32:01 dnsmasq[4235]: cleared cache Apr 1 23:32:01 NetworkManager[901]: <warn> Activation (wlan0) failed. Apr 1 23:32:01 NetworkManager[901]: <info> (wlan0): device state change: failed -> disconnected (reason 'none') [120 30 0] Apr 1 23:32:01 NetworkManager[901]: <info> (wlan0): deactivating device (reason 'none') [0] Apr 1 23:32:01 dbus[885]: [system] Activating service name='org.freedesktop.nm_dispatcher' (using servicehelper) Apr 1 23:32:01 dbus[885]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher' Apr 1 23:32:01 NetworkManager[901]: <error> [1333303321.565351] [nm-device-wifi.c:1815] nm_device_wifi_set_mode(): (wlan0): error setting mode 2

    Read the article

  • How Hacker Can Access VPS CentOS 6 content?

    - by user2118559
    Just want to understand. Please, correct mistakes and write advices Hacker can access to VPS: 1. Through (using) console terminal, for example, using PuTTY. To access, hacker need to know port number, username and password. Port number hacker can know scanning open ports and try to login. The only way to login as I understand need to know username and password. To block (make more difficult) port scanning, need to use iptables configure /etc/sysconfig/iptables. I followed this https://www.digitalocean.com/community/articles/how-to-setup-a-basic-ip-tables-configuration-on-centos-6 tutorial and got *nat :PREROUTING ACCEPT [87:4524] :POSTROUTING ACCEPT [77:4713] :OUTPUT ACCEPT [77:4713] COMMIT *mangle :PREROUTING ACCEPT [2358:200388] :INPUT ACCEPT [2358:200388] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [2638:477779] :POSTROUTING ACCEPT [2638:477779] COMMIT *filter :INPUT DROP [1:40] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [339:56132] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP -A INPUT -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j DROP -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,PSH,ACK,URG -j DROP -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT -A INPUT -p tcp -m tcp --dport 110 -j ACCEPT -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT -s 11.111.11.111/32 -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT -p tcp -m tcp --dport 21 -j ACCEPT -A INPUT -s 11.111.11.111/32 -p tcp -m tcp --dport 21 -j ACCEPT COMMIT Regarding ports that need to be opened. If does not use ssl, then seems must leave open port 80 for website. Then for ssh (default 22) and for ftp (default 21). And set ip address, from which can connect. So if hacker uses other ip address, he can not access even knowing username and password? Regarding emails not sure. If I send email, using Gmail (Send mail as: (Use Gmail to send from your other email addresses)), then port 25 not necessary. For incoming emails at dynadot.com I use Email Forwarding. Does it mean that emails “does not arrive to VPS” (before arriving to VPS, emails are forwarded, for example to Gmail)? If emails does not arrive to VPS, then seems port 110 also not necessary. If use only ssl, must open port 443 and close port 80. Do not understand regarding port 3306 In PuTTY with /bin/netstat -lnp see Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 992/mysqld As understand it is for mysql. But does not remember that I have opened such port (may be when installed mysql, the port is opened automatically?). Mysql is installed on the same server, where all other content. Need to understand regarding port 3306 2. Also hacker may be able access console terminal through VPS hosting provider Control Panel (serial console emergency access). As understand only using console terminal (PuTTY, etc.) can make “global” changes (changes that can not modify with ftp). 3. Hacker can access to my VPS exploiting some hole in my php code and uploading, for example, Trojan. Unfortunately, faced situation that VPS was hacked. As understand it was because I used ZPanel. On VPS ( \etc\zpanel\panel\bin) ) found one php file, that was identified as Trojan by some virus scanners (at virustotal.com). Experimented with the file on local computer (wamp). And appears that hacker can see all content of VPS, rename, delete, upload etc. From my opinion, if in PuTTY use command like chattr +i /etc/php.ini then hacker could not be able to modify php.ini. Is there any other way to get into VPS?

    Read the article

  • Intermittent internet access on a flat network - Router is connected

    - by Naveed
    I’m looking for some help with network settings. I’ve just started a new job (non-IT!) and we have problems with our office network. I’m the most IT literate in the organisation (15 permanent employees) and so have been dealing with IT issues. Our main bit of software is web-based so we need constant web access but it sometimes goes down for between 20 minutes and 3 hours despite everything seemingly working fine. It’s a flat network with wireless APs, BT Business Broadband 8Mbit connection and that’s about it. We have no servers and no standard settings and staff are encouraged to bring in their own laptops and connect! The network basically exists to provide internet access and that’s it. We also have students accessing the wireless (and I know there’s a whole list of access and content issues etc but right now we just need internet access stabilised). This is what we have: Building 1 Cisco SLM-224P 24-port PoE 10/100 switch with 2 gigabit ports 3 x ZyXEL NWA-3160 wireless APs Samsung OfficeServ 7100 phone server which borrows the building’s wiring Building 2 Netgear GS605-UK 5-port 10/100/1000 switch 1 x ZyXEL NWA-3160 wireless AP 1 x BT Business Hub – 2wire BT2700hgv – is the DHCP server We have 2 link cables between the buildings. One connects the two switches on a gigabit port. The second (oddly) connects the switch in building 2 to the OfficeServ server in building 1. When the internet goes down I can still access the router through a wireless connection. I can also ping websites and get a response. Firefox just says “Cannot connect” etc. The system then heals itself when it feels like it. (Sorry if this is asking too much but) These are my immediate questions… Why would browser-based internet go down? I don’t know enough about protocols etc but I can try to standardise settings. The WAPs have a DNS server setting and I don’t know whether it should be “None” or “From DHCP”. What should be the DHCP server? The router or the Cisco switch? Or something else?! Would there be any problem in connecting the second link from switch to switch? Is that good practice? Is it worth swapping the Netgear GS605 with either a Cisco SG200-08 or Netgear GS108T-200? Is it worth upgrading the router to, for instance, a Cisco RV042G Dual Gigabit router which would also act as a switch? Or is it better to have a separate router and switch in Building 2?

    Read the article

  • Windows doesn't get access to internet though linux easily does

    - by flashnik
    We have a very interesting problem. The network is configured in this way: internet is connected to Trendnet switch TS DHCP server at 192.168.0.1 running on Ubuntu (S) is connected to internet switch DNS is also configured on 192.168.0.1 on S D-Link Wi-Fi boosters are connected to switch TS PCs use D-Link PCI-E Wi-Fi cards to get access to network PCs have both Ubuntu and Windows 7 There are about 40 PCs. When PC is booted to Ubuntu it easily gets access to internet. But when it's booted to Windows 7, it gets a valid IP-address, but doesn't get access to internet. The address, mask, DNS, GW-address are totally the same as when it's booted under Ubuntu. The S is reacheble and pingable. Sometimes when we are lucky the PC gets access to Internet, but after rebooting it can lose it. When PC under Windows has access, it has totally the same settings as when it doesn't. What can be done? UPDATE I shared a dropbox with 2 captures of traffic. Ping.pcap is a capture of pinging 8.8.8.8. And google-browser.pcap is a capture of opening a google.com in a browser, both of them are in tcpdump formats and made by Wireshark on Win PC. The MAC of Win PC ends on b7:63 and IP is 192.168.0.130. UPDATE2 This is ifconfig output from Ubuntu Server eth0 Link encap:Ethernet HWaddr 00:1e:67:13:d5:8d inet addr:193.200.211.74 Bcast:193.200.211.78 Mask:255.255.255.0 inet6 addr: fe80::21e:67ff:fe13:d58d/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:196284 errors:0 dropped:44 overruns:0 frame:0 TX packets:190682 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:158032255 (158.0 MB) TX bytes:156441225 (156.4 MB) Interrupt:19 Memory:c1400000-c1420000 eth0:2 Link encap:Ethernet HWaddr 00:1e:67:13:d5:8d inet addr:192.168.0.1 Bcast:192.168.0.254 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 Interrupt:19 Memory:c1400000-c1420000 eth1 Link encap:Ethernet HWaddr 00:1e:67:13:d5:8c UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) Interrupt:16 Memory:c1300000-c1320000 nslookup from Win results in DNS request timeout, nbtstat in 'not found'.

    Read the article

  • Instantiating and starting a Scala Actor in a Map

    - by Bruce Ferguson
    I'm experimenting with a map of actors, and would like to know how to instantiate them and start them in one fell swoop... import scala.actors.Actor import scala.actors.Actor._ import scala.collection.mutable._ abstract class Message case class Update extends Message object Test { val groupings = "group1" :: "group2" :: "group3":: Nil val myActorMap = new HashMap[String,MyActor] def main(args : Array[String]) { groupings.foreach(group => myActorMap += (group -> new MyActor)) myActorMap("group2").start myActorMap("group2") ! Update } } class MyActor extends Actor { def act() { loop { react { case Update => println("Received Update") case _ => println("Ignoring event") } } } } The line: myActorMap("group2").start will grab the second instance, and let me start it, but I would like to be able to do something more like: groupings.foreach(group => myActorMap += (group -> (new MyActor).start)) but no matter how I wrap the new Actor, the compiler complains with something along the lines of: type mismatch; found : scala.actors.Actor required: com.myCompany.test.MyActor or various other complaints. I know it must be something simple to do with anonymous classes, but I can't see it right now. Any suggestions? Thanks in advance!!

    Read the article

  • psexec: "Access is Denied"?

    - by Electrons_Ahoy
    Inspired by my previous question here, I've been experimenting with PSExec. The goal is to trip off some fairly simple scripts / programs on one WindowsXP machine from another, and as PowerShell 2 doesn't yet do remoting on XP, PSexec seems like it'll solve my problems nicely. However, I can't get anything but the "Access is Denied" error. Here's what I've tried so far: I've got a pair of WindowsXP MCE machines, networked together in a workgroup without a server or domain controller. I've turned off "simple file sharing" on both machines. Under the security policy, Network Access: Sharing and Security model for local accounts is set to Classic, not Guest for both machines. There is an Administrative user for each computer that I know the passwords to. :) With all that, a command like "> psexec \\otherComputer -u adminUser cmd" prompts for the password (like it should) and then exits with: Couldn't access otherComputer: Access is denied. So, at this point I turn to the community. What step am I missing here?

    Read the article

  • How to access programs in one PC using another PC

    - by darkstar13
    Hi, I was recently given an old PC for my remote access at work. The CPU that comes with it has Windows XP installed, 400+ MB of ram, all USB devices disabled. I access my work applications using VPN / Citrix. Basically, it' sooooo slow. Plus it's bulky and it will just occupy space, so I am now hoping to find a way for me to integrate this work PC with my home PC. I tried to put in the hard drive in my home PC CPU, and set the drive as slave. However, when I booted my PC from this hard drive, I am stuck at the screen where windows is prompting me to select how am I going to boot (ex. Safe Mode, Safe mode with command prompt, Last Working Configuration, etc), but whatever option I select, I am still stuck at this option after reboot. I am thinking if maybe I can clone the drive and mount the cloned drive and access the system as a virtual machine. But I don't know if that will work. I would like to know if there's something I can do so I can work at home using my home PC, where I can access my work programs to connect to VPN / Citrix. My home PC's OS is Windows 7 Ultimate x64.

    Read the article

  • Unable to access stackexchange sites from this system

    - by Sandeepan Nath
    Earlier, I was not able to access most of the stackexchange sites like stackoverflow, programmers.SE etc. on my home Windows XP system. I was able to access only a few like http://meta.stackexchange.com and not even http://www.meta.stackexchange.com (note the www). I tried many other sites like http://www.stackoverflow.com, http://area51.stackexchange.com/ but was getting page not found errors on all browsers. Even pinging from terminal was saying destination host unreachable. I did not check recently but may be all SE sites are unreachable now. I was clueless about what could be the issue. I thought some firewall issue? So, I stopped AVG antivirus's firewall, then completely uninstalled it and even turned of windows firewall. But still not reachable even after fresh installation of Windows 7. Then I noticed a "Too many requests" notice on google. This page - http://www.google.co.in/sorry/?continue=http://www.google.co.in/# I don't know why this appeared but I guess somehow too many requests might have been sent to these sites and they blocked me. But in that case, SE would be smart enough to show a captcha like google. So, how to confirm the problem and fix it. Similar questions like these don't look solved yet - Unable to access certain websites Unable to Access Certain Websites I have lately started actively participating in lots of SE sites. There are new new questions popping up in my mind every time and I am not able to ask them. Please help! Thanks

    Read the article

  • Access violations on Windows 2008 VPS

    - by James Hay
    I'm running a Windows 2008 VPS with 2GB RAM. I'm trying to install hMailServer on the VPS but when I get to the "choose installation directory" dialog I get error messages that keep popping up and make it so that I cannot continue. As soon as the dialog opens I get these two errors: "Access violation at address 73F53560. Read of addresss 00000014." "Access violation at address 73EEBE21. Read of addresss 00000018." Once I close these it frees up again but as soon as I click "Browse.." (to choose the directory) I get the following errors repeatedly that reopen if I close them. "Access violation at address 73F0E371. Read of address 00000014." "Access violation at address 73F4A006. Read of address 00000000." I have no idea how to fix these. I can't run memory diagnostics, I assume because it's a VPS and not an actual server.

    Read the article

  • Allow access from outside network with dmz and iptables

    - by Ivan
    I'm having a problem with my home network. So my setup is like this: In my Router (using Ubuntu desktop v11.04), I installed squid proxy as my transparent proxy. So I would like to use dyndns to my home network so I could be access my server from the internet, and also I installed CCTV camera and I would like to enable watching it from internet. The problem is I cannot access it from outside the net. I already set DMZ in my modem to my router ip. My first guess is because i'm using iptables to redirect all inside network to use squid. And not allow from outside traffic to my inside network. Here is my iptables script: #!/bin/sh # squid server IP SQUID_SERVER="192.168.5.1" # Interface connected to Internet INTERNET="eth0" # Interface connected to LAN LAN_IN="eth1" # Squid port SQUID_PORT="3128" # Clean old firewall iptables -F iptables -X iptables -t nat -F iptables -t nat -X iptables -t mangle -F iptables -t mangle -X # Load IPTABLES modules for NAT and IP conntrack support modprobe ip_conntrack modprobe ip_conntrack_ftp # For win xp ftp client #modprobe ip_nat_ftp echo 1 > /proc/sys/net/ipv4/ip_forward # Setting default filter policy iptables -P INPUT DROP iptables -P OUTPUT ACCEPT # Unlimited access to loop back iptables -A INPUT -i lo -j ACCEPT iptables -A OUTPUT -o lo -j ACCEPT # Allow UDP, DNS and Passive FTP iptables -A INPUT -i $INTERNET -m state --state ESTABLISHED,RELATED -j ACCEPT # set this system as a router for Rest of LAN iptables --table nat --append POSTROUTING --out-interface $INTERNET -j MASQUERADE iptables --append FORWARD --in-interface $LAN_IN -j ACCEPT # unlimited access to LAN iptables -A INPUT -i $LAN_IN -j ACCEPT iptables -A OUTPUT -o $LAN_IN -j ACCEPT # DNAT port 80 request comming from LAN systems to squid 3128 ($SQUID_PORT) aka transparent proxy iptables -t nat -A PREROUTING -i $LAN_IN -p tcp --dport 80 -j DNAT --to $SQUID_SERVER:$SQUID_PORT # if it is same system iptables -t nat -A PREROUTING -i $INTERNET -p tcp --dport 80 -j REDIRECT --to-port $SQUID_PORT # DROP everything and Log it iptables -A INPUT -j LOG iptables -A INPUT -j DROP If you know where did I miss, please advice me. Thanks for all your help and I really appreciate it.

    Read the article

  • Getting a "403 access denied" error instead of serving file (using django, gunicorn nginx)

    - by Finglish
    Getting a "403 access denied" error instead of serving file (using django, gunicorn nginx) I am attempting to use nginx to serve private files from django. For X-Access-Redirect settings I followed the following guide http://www.chicagodjango.com/blog/permission-based-file-serving/ Here is my site config file (/etc/nginx/site-available/sitename): server { listen 80; listen 443 default_server ssl; server_name localhost; client_max_body_size 50M; ssl_certificate /home/user/site.crt; ssl_certificate_key /home/user/site.key; access_log /home/user/nginx/access.log; error_log /home/user/nginx/error.log; location / { access_log /home/user/gunicorn/access.log; error_log /home/user/gunicorn/error.log; alias /path_to/app; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Scheme $scheme; proxy_pass http://127.0.0.1:8000; proxy_connect_timeout 100s; proxy_send_timeout 100s; proxy_read_timeout 100s; } location /protected/ { internal; alias /home/user/protected; } } I then tried using the following in my django view to test the download: response = HttpResponse() response['Content-Type'] = "application/zip" response['X-Accel-Redirect'] = '/protected/test.zip' return response but instead of the file download I get: 403 Forbidden nginx/1.1.19 Please note: I have removed all the personal data from the the config file, so if there are any obvious mistakes not related to my error that is probably why. My nginx error log gives me the following: 2012/09/18 13:44:36 [error] 23705#0: *44 directory index of "/home/user/protected/" is forbidden, client: 80.221.147.225, server: localhost, request: "GET /icbdazzled/tmpdir/ HTTP/1.1", host: "www.icb.fi"

    Read the article

  • Typical outbound port list for guest access?

    - by Steve
    I manage a weekly rental house that includes wireless Internet access. I've allowed all outbound ports on my router but my ISP has disabled my Internet access twice now because guests have downloaded (or served up) copyrighted content. So I'd like to institute some port filtering to discourage p2p sharing (see disclaimer below). But I don't want to inconvenience the 99.9% of folks who keep things above-board. My question is, what outbound ports are typically open for rental/hotel wireless Internet access, or where can I find such a list? TCP 80,443,25,110 at a minimum. Though my own email service uses 995 and 465 for SSL, some may use IMAP, I personally use SSH and FTP, so I'll open those. Roughly I figure I need to open access to privileged ports, and close 1024 & above. Is there a whitelist I should institute for commonly used high ports? And does it make sense to block UDP 1024 ? Disclaimer: I realize anyone replying to this message could circumvent the port filtering and share content to their heart's content. I do not need comprehensive p2p blocking, which requires more than a port whitelist. Anyone staying at the house shoulders the responsibility for their Internet use, per the rental contract. Also anyone savvy enough to circumvent the port filters would hopefully be savvy enough to use some sort of peer blocking, thereby preventing the ISP from taking down the service.

    Read the article

  • Cannot access server shares over VPN

    - by DuncanDavies
    I've set up a single hosted server to use as a development environment for a web-based application. The web app is served up fine on port 80, however I'm struggling to get my VPN to behave how I'd expect so the developers don't have the access they require. The VPN connects fine and I can access the back-end database (SQL Server) which resides on the server with the client tools from the laptops. However they cannot access any shared folders. The server's local IP address is 10.x.x.x, and I've assigned a static IP address pool to RRAS (of 192.168.100.1 - 20). The clients pick up a valid IP Address (i.e. 192.168.100.9) when they connect. There is no name resolution setup, DNS or WINS. When connected via VPN the clients can ping the server (192.168.100.1) by IP Address, but cannot map a drive to a shared folder (net use * \\192.168.100.1\xxxxx) - I get 'System error 53 has occurred. The network path was not found.' I don't understand why I can ping by the ip, but not map by it. Some details: Server OS is Windows 2008 (Datacenter) VPN is SSTP using RRAS Clients are all Windows 7 I've tried temporarily disabling the firewalls So, why can we not access the file system when everything else (ping, RDP, SQL Server clients tools) works? Thanks for your help Duncan

    Read the article

  • Need to have access to my office PC from my laptop hopping through two VPN servers

    - by Andriy Yurchuk
    Here's the illustration of what I have ( http://clip2net.com/s/2fvar ): My office PC with it's IP of 123.45.e.f. Office VPN, which I will connect to from my VPS to get to my office PC. My own VPS, which I use as a: client to connect to office VPN (through vpnc, which creates a tun0 with 123.45.c.d IP address); VPN server my laptop can connect to (OpenVPN, tun1, 10.8.0.1) My own laptop I will use as a VPN client to connect to VPS OpenVPN server (will create a tun0 with 10.8.0.2 IP address) Now what I have to do is to allow my laptop to connect to at least my office PC, but preferably to all the 123.45.x.x subnet. Please advice on how to best configure OpenVPN, routing, iptables or whatever else is needed on my VPS so that my laptop could gain access to my office PC. P.S. The reason I'm hopping through my VPS is that being connected to the office WiFi I cannot access my office PC and I cannot connect to office VPN (which is another way to access my office PC). The only way to access my PC from office WiFi I have is hopping though an outside network.

    Read the article

  • Windows Server - share files without access for administrator

    - by Pawel
    We have a MS Windows Server 2008 R8 based server that is administrated by our IT department. We would like to achieve two things simultaneously: A folder on the server, containing several thousand files (new files added frequently) that is accessible to some ActiveDirectory users (e.g. board of directors) but is not accessible by IT department employees IT department employees still maintain rights to administrate the server, including installing new software and services We already checked some solutions: Using NTFS access rights. Unfortunately IT (members of "Administrators" group) can set themselves as new owners of the files and change the permissions so that they gain access to the files. Enabling EFS. Unfortunately even if you do not allow IT to access files, they still can disable EFS completely because they have administrative rights. Moreover as far as I know you have to manually add permissions for all users but the owner for each new file - very inconvenient. Creating a new role for the IT department that has all the privileges apart from taking ownership of files. Unfortunately if you're not a member of the Administrators group, you cannot install new software, no matter what privileges you add to the role. TrueCrypt - nice free encryption software, but with poor sharing capabilities. You can either mount an encryption container on the server (and then IT has access to its contents) or you mount them locally but only one user can mount it for writing. AxCrypt - free encryption software that enables file-by-file encryption on the server. There are some disadvantages though - you have to manually encrypt each new file added. The files have their extensions changes. You can only set one password for all files (so all users have to know this one password). Any other ideas? Our budget is limited so enterprise-class software from Symantec or PGP would probably be not an option.

    Read the article

  • I cannot access Windows Update at all

    - by Cardinal fang
    I have been unable to access the Windows update site for a couple of weeks now. I just get a message saying "Internet Explorer cannot display the webpage" and saying I have connection problems. Same thing is replicated with any other Microsoft site I try to access. The Automatic Updates also do not work. I can access every other wesbite I've surfed to. I've tried Googling the problem and based on what other site have suggested I have cleared my cache and temp files. I've scanning my hard drive with my antivirus in case I have a virus (nada). I've tried turning off my firewall and anti-virus (I run Zone Alarm). I've downloaded SpyBot and scanned my drive with that in case something was missed by Zone Alarm (again nada). Based on suggestions from the smart cookies on the Bad Science forum, I've used nslookup to check my translation isn't wonky (got all the info they said I should get). I've also tried navigating there directly using the IP address I was given (nope). I normally access the internet through a 3 mobile broadband connection, but have also tried connecting using a mate's wi-fi connection in case it was something on my mobile modem interferring. I run Windows XP SP3 with Internet Explorer 7 and Zone Alarm Internet Security Suite as my anti-virus/ firewall. Any suggestions?

    Read the article

  • Apache Mod SVN Access Forbidden

    - by Cerin
    How do you resolve the error svn: access to '/repos/!svn/vcc/default' forbidden? I recently upgraded a Fedora 13 server to 16, and now I'm trying to debug an access error with a Subversion server running on using Apache with mod_dav_svn. Running: svn ls http://myserver/repos/myproject/trunk Lists the correct files. But when I go to commit, I get the error: svn: access to '/repos/!svn/vcc/default' forbidden My Apache virtualhost for svn is: <VirtualHost *:80> ServerName svn.mydomain.com ServerAlias svn DocumentRoot "/var/www/html" <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory "/var/www/html"> Options Indexes FollowSymLinks AllowOverride None Order allow,deny Allow from all </Directory> <Location /repos> Order allow,deny Allow from all DAV svn SVNPath /var/svn/repos SVNAutoversioning On # Authenticate with Kerberos AuthType Kerberos AuthName "Subversion Repository" KrbAuthRealms mydomain.com Krb5KeyTab /etc/httpd/conf/krb5.HTTP.keytab # Get people from LDAP AuthLDAPUrl ldap://ldap.mydomain.com/ou=people,dc=mydomain,dc=corp?uid # For any operations other than these, require an authenticated user. <LimitExcept GET PROPFIND OPTIONS REPORT> Require valid-user </LimitExcept> </Location> </VirtualHost> What's causing this error? EDIT: In my /var/log/httpd/error_log I'm seeing a lot of these: [Fri Jun 22 13:22:51 2012] [error] [client 10.157.10.144] ModSecurity: Warning. Operator LT matched 20 at TX:inbound_anomaly_score. [file "/etc/httpd/modsecurity.d/base_rules/modsecurity_crs_60_correlation.conf"] [line "31"] [msg "Inbound Anomaly Score (Total Inbound Score: 15, SQLi=, XSS=): Method is not allowed by policy"] [hostname "svn.mydomain.com"] [uri "/repos/!svn/act/0510a2b7-9bbe-4f8c-b928-406f6ac38ff2"] [unique_id "T@Sp638DCAEBBCyGfioAAABK"] I'm not entirely sure how to read this, but I'm interpreting "Method is not allowed by policy" as meaning that there's some security Apache module that might be blocking access. How do I change this?

    Read the article

  • Windows Server - share files without access for administrator

    - by Pawel
    We have a MS Windows Server 2008 R8 based server that is administrated by our IT department. We would like to achieve two things simultaneously: A folder on the server, containing several thousand files (new files added frequently) that is accessible to some ActiveDirectory users (e.g. board of directors) but is not accessible by IT department employees IT department employees still maintain rights to administrate the server, including installing new software and services We already checked some solutions: Using NTFS access rights. Unfortunately IT (members of "Administrators" group) can set themselves as new owners of the files and change the permissions so that they gain access to the files. Enabling EFS. Unfortunately even if you do not allow IT to access files, they still can disable EFS completely because they have administrative rights. Moreover as far as I know you have to manually add permissions for all users but the owner for each new file - very inconvenient. Creating a new role for the IT department that has all the privileges apart from taking ownership of files. Unfortunately if you're not a member of the Administrators group, you cannot install new software, no matter what privileges you add to the role. TrueCrypt - nice free encryption software, but with poor sharing capabilities. You can either mount an encryption container on the server (and then IT has access to its contents) or you mount them locally but only one user can mount it for writing. AxCrypt - free encryption software that enables file-by-file encryption on the server. There are some disadvantages though - you have to manually encrypt each new file added. The files have their extensions changes. You can only set one password for all files (so all users have to know this one password). Any other ideas? Our budget is limited so enterprise-class software from Symantec or PGP would probably be not an option.

    Read the article

  • Linux kernel - can't access sda16 & sda17

    - by osgx
    I can't access sda16 sda17 and higher partitions from my linux. This linux is rather debian (very old); kernel 2.6.23. So, I know that so old linux kernel can't access 16 partitions on single sata disk. What version of kernel should I use to be able access sda16, sda17 etc? I want to update only a kernel, not a whole Linux distribution. PS. There is an WindowsNT kernel which can access and format 16, 17 or higher partition, but my intention is to use sda16 and sda17 from linux (I want Linux Kernel). PPS: dmesg: sd 2:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA sda: sda1 sda2 sda3 sda4 < sda5 sda6 sda7 sda8 sda9 sda10 sda11 sda12 sda13 sda14 sda15 > sd 2:0:0:0: [sda] Attached SCSI disk sd 4:0:0:0: [sdb] xxx 512-byte hardware sectors ... So, there is no mapping of sda16, sda17, ... to sdb. Sdb is the second physical hard drive.

    Read the article

  • "Access is Denied" when executing application from Command Prompt

    - by xpda
    Today when I tried to run an old DOS utility from the XP Command prompt, I got the message "Access is Denied." Then I found that most of the DOS utilities would not run, even though I have "full control" over them. They worked just fine a few weeks ago, and I have not made any OS changes other than Windows Upgrades. Then I tried running edlin.exe and edit.com from the Windows\system32 folder. Same result - "Access is Denied." I tried running these applications from Windows Explorer and got the message "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item." I am logged in as a member of Administrators and have full control over these files. I tried logging in as THE Administrator, with no change. I checked the security settings on the files, and have full control over all of them. I have tried copying the files to different drives, booting in safe mode, and running without antivirus and firewall, all with no change. Does anybody know what could cause this?

    Read the article

  • Allowing access to company files accross the internet

    - by Renaud Bompuis
    The premise I've been tasked with finding a solution to the following scenario: our main file server is a Linux machine. on the LAN, users simply access the files using SMB. each user has an account on the file server and his/her own access rights. user accounts are simple passwd/group security accounts, not NIS/LDAP. The problem We want to give users (or at least some of them, say if they belong to a particular group) the ability to access the files from the Internet while travelling. Ideally I'd like a seamless solution. Maybe something that allows the user to access a mapped drive would be ideal. A web-oriented solution is also good but it should present files in a way that is familiar to users, in an explorer-like fashion for instance. Security is a must of course, and users would be expected to log-in. The connection to the server should also be encrypted. Anyone has some pointers to neat solutions? Any experiences? Edit The client machines are Windows only.

    Read the article

  • IIS7.5 - about app pool ID's and folder read/write access

    - by merk
    I did some searching and it looks like for each app pool, there should be an account created called IIS APPPOOL\AppPoolName - however i can see no such account when i try to modify the permissions on a folder to give that app write access. The closest I have found is the IIS_IUSRS group. Now, if i go into that group and look at the members, i see several IIS APPPOOL\PoolName members. But where are these members coming from? Why don't they show up under the users? And why can't i add a specific one to a folder? It doesn't make sense to me to add the IIS_IUSRS group to a folder since they gives every site access to the folder. To be more specific, I'm setting up wordpress and it unfortunately wants write access to the root folder. So i want to restrict it as much a possible. I was trying to figure out how to set it so that the WP root folder has write access only for the ID that the blog's app pool is running under. When i drill down into the IIS_IUSRS group, i do not see the app pool for the blog listed there. The settings for the blog's app pool are: No managed code, Classic, ApplicationPoolIdentity, and it's named 'blog' So any explanations regarding these users that are created for the app pools, and why the blog doesn't seem to belong to the iusrs group? thanks

    Read the article

  • windows xp cannot access admin share

    - by barlop
    I have 3 systems. A,B,Compx all on xp. but comps A and B have an issue with Compx. Compx has network shares I can access. I can do \\compx and get some. But I cannot access the admin share c$ \\compx\c$ gives a login prompt, and I can't get any user/pass to work. I looked at permissions but don't see an issue. Nevertheless, I will describe what I see in the permissions. In the security tab of C, I have Administrators,creator owner,everyone,bob,system,users (6 things there) "creator owner" has nothing ticked, I can't seem to change that. If I tick so they all get ticked, and click apply, 2.5min and it's completed its opration and they all untick. Though this isn't the root of the problem. Since I get the same in the share I can access. In advanced, I see those 6 things, Administrators,creator owner,everyone,bob,system,users (6 things there) all "full control" all are "this folder, subfolders and files".. except creator owner, which is just subfolders and files only I look at the properties for the share I can see. looks the same, except in security..advanced, double clicking any of them the boxes are all ticked but greyed. That's not the problem though since I can access that share. So, I don't know what the problem is.

    Read the article

  • How can I tell why I have access to a file share on Windows Server

    - by Joel
    I have a file share on a Windows 2008 R2 server in a AD domain (call it \SECURESERVER\STUFF) and I am not sure if I have the share and folder permissions set up right. I noticed the problem when I set up new server (WORKGROUP\FOREIGNSERVER) that was not joined to the domain and tried to copy some files off of \SECURESERVER\STUFF. I was surprised to find that when I tried to access the files, it did not prompt me for a username and password and proceeded to give me full access to the files. That worried me so I tried the same thing on some workstations that were not in the domain and they did NOT have the same behavior (they did prompt for a username/password as desired/expected). So, I think there is something peculiar about FOREIGNSERVER. I am logging into it with a local admin account, but my domain and SECURESERVER should know nothing of this server. I've carefully gone through the share and folder permissions on the share but I can't find the reason that FOREIGNSERVER has access. How can I find out why FOREIGNSERVER has access to SECURESERVER?

    Read the article

  • Cannot access new folders created in my Apache2 document-root

    - by user235101
    I have tried to create a new folder 'test' in my documentroot of my Apache2 installation, however, whenever I try and access it from a web-browser it gives me a 403 (forbidden) error. My virtualhosts file - <VirtualHost *:80> ServerAdmin webmaster@localhost ServerName REMOVED DocumentRoot /var/www/ <Directory /> Options FollowSymLinks AllowOverride All AuthType Digest AuthName "documentroot" AuthDigestProvider file AuthUserFile /etc/apache2/htpasswd Require user REMOVED AllowOverride Indexes </Directory> <Directory /var/www/> Options FollowSymLinks Options -Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all </Directory> <Directory /var/www/share/> Order Deny,Allow Allow from all Satisfy any </Directory> <Directory /var/www/REMOVED/> Order Deny,Allow Allow from all Satisfy any </Directory> <Directory /var/www/stream/> Order Deny,Allow Allow from all Satisfy any </Directory> <Directory /var/www/test> Order Deny,Allow Allow from all Satisfy any </Directory> ErrorLog /var/log/apache2/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog /var/log/apache2/access.log combined <Directory /var/www/REMOVED> AuthType Digest AuthName "rutorrent" AuthDigestDomain /var/www/REMOVED/ http://46.105.127.19/REMOVED AuthDigestProvider file AuthUserFile /etc/apache2/htpasswd Require valid-user SetEnv R_ENV "/var/www/REMOVED" AllowOverride Indexes </Directory> </VirtualHost> Image of the permissions - Other information - If I create a new folder (and use chmod --reference to ensure it has the same permissions as an accessible folder), I get a 403 client-side. If I copy folder 'rapidleech' to the name 'rapidleech1', it will let access 'rapidleech1', but no longer 'rapidleech', until I delete the copy. In my logs I found nothing logged in errors.log, and only that it delivered a 403 in access.log. All the appropriate users are members of www-data.

    Read the article

< Previous Page | 73 74 75 76 77 78 79 80 81 82 83 84  | Next Page >