Search Results

Search found 34321 results on 1373 pages for 'firewall access'.

Page 93/1373 | < Previous Page | 89 90 91 92 93 94 95 96 97 98 99 100 | Next Page >

error: "net.netfilter.nf_conntrack_acct" is an unknown key

- by anonymous

Hello, i have the next error when i run 'sysctl -p' error: "net.netfilter.nf_conntrack_acct" is an unknown key net.netfilter.nf_conntrack_acct = 1 net.ipv4.netfilter.ip_conntrack_max = 9527600 net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 7200 lsmod ipv6 289352 34 loop 19724 0 nf_conntrack_ipv4 19352 0 nf_conntrack 71440 1 nf_conntrack_ipv4 joydev 15232 0 evdev 14592 0 ext3 125456 3 jbd 54696 1 ext3 mbcache 13188 1 ext3 raid1 24832 4 md_mod 81700 5 raid1 thermal_sys 17728 0 Debian 5.0.8 Any idea? Thanks

Read the article
Delayed internet access

- by Joel Coel

When I (and presumably my users) first start up or log in to my computer I can't get internet access until several minutes after logging in. Internet pages like serverfault.com will time out. During this time I can access internal web servers. Sometimes pinging the gateway seems to fix the problem. I'm using Windows 7 on this machine with wifi, and the problem seems limited to the wifi network, which is on a separate vlan. The wired network does not share the problem, but I know it's not the wifi connection itself because the internal sites work. The wifi access point is attached to a 3Com 4200 switch, with the port set for vlan 2 untagged, vlan 1 tagged. The 4200 has a fiber connection to a 3Com 4900SX fiber switch that acts almost as a router here. The fiber connection is vlan 1 untagged vlan 2 tagged at both ends. The gateway is then attached to a different 4200 (vlan 1 untagged, vlan 2 tagged) that has a similar fiber connection to the 4900SX. vlan 2 has 192.168.8.0/22 IPs, vlan 1 has 10.1.0.0/16 IPs. The 4900SX has an interface for both vlans (10.1.1.1/192.168.8.1), as does the gateway (10.1.1.5/192.168.8.5). There is one dchp server for both vlans on the same switch as the gateway. It chooses a dhcp scope based on the interface used by the 4900sx to forward the dhcp request. There is also a network access list on the 4900sx set to deny all vlan2 traffic to any 10.1.x.x host, with exceptions made for a few servers, including dhcp, 4900sx, and the gateway. I think that about covers it. Any ideas on why internet access would be delayed like this?

Read the article
Changing Internet connection on ISA Server 2000

- by garyb32234234

Hi We are getting a new internet connection installed and will need to unplug the old one and connect this to our ISA Server 2000. Will this be a simple swap out job? We will be given a new ip, which i know i will have to enter into the external network card TCP/IP page. I will also be given the default gateway to enter. The ISP engineer said we may have to reset the ARP? cache, if we dont know how we will have to reset the ISA server? Has anyone any experience? The current connection is with the same ISP but it was owned by the business park were we are located and they linked up an ethernet port to what i assume is their own router. Hope you can help, i know that ISA 2000 is somewhat less easy to use than the newer versions.

Read the article
Remote access not working without connected monitor

- by winSharp93

I am trying to configure a Windows Server 2008 as a Home Server for my personal use (mainly for storing documents, hosting source-control, etc.). The "server" consists of an Intel Atom 2700DC board and an Intel SSD. Configuring remote access to the server, I am confronted with a very strange problem: As long as a monitor is connected to my server, remote access works without any problems. However, when no monitor is connected at boot-time, remote access simply won't work (I keep getting errors when trying to connect that the remote server was not found or that remote access is disabled). Windows definitely boots when no monitor is connected as I receive a message asking me whether to enter safe mode when booting after powering the server down by plugging the power cord. When I plug in a monitor after boot, it stays turned off and remote desktop connections still fail. Do you have any ideas about what I could try?

Read the article
Iptables rule creation error: No chain/target/match by that name

- by MikO

I'm trying to create my first VPN on a VPS with CentOS 6, following this tutorial. When I have to create an iptables rule to allow proper routing of VPN subnet, with this command: iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE It throws this error: iptables: No chain/target/match by that name I was searching and I've found that this error is usually thrown when you misspell something, but as far as I understand, the rule is correct...

Read the article
can the remote app rd web access be accessed from my local system

- by shiva

I am new to the remote app remote desktop access. I can access the application that i have published from my server using the link FQDN\rdweb. But on trying to access the same url from my local system(outside the server domain, say from my home pc) i get a not found error. Is there anything that i need to change in my local system to be able to access the remote applications? Or is it that for accessing webapps i need to be logged into the server? Please help me understand this

Read the article
Debian pure-ftpd, Restrict access

- by durduvakis

I am running Debian Wheezy, with ISPConfig 3, plus ModSecurity and I would like to restrict access to ftp to specific IP(s) globally (not to specific ftp users only), that can be either 127.0.0.1 or one I would manually add later. I would also like to completely disable ftp access from the web, but allow only from ftp-client software (if that is possible). The idea of closing firewall ports is not what I want. I know I can do this setting some firewall rule though, but that is not what I currently need. I have managed to do this for example on phpmyadmin inside it's .conf file, but unfortunately I cannot find any configuration to alter for pure-ftpd in my system. Restricting web-ftp access maybe possible by adding some rule in apache2 conf, but I am not sure how to write such a rule. Thanks to everyone that can help cheers

Read the article
Windows Server 2008: Limit UDP/TCP packets per IP or ban

- by WBAR

How I can limit UDP/TCP packets per IP send to my host (or better PORT) per second or minute ? Would be nice to ban that IP for 12/24 hours or even for ever. I got Windows Server 2008 and I'm very poor in Windows administration but quite good in Linux. EDIT: By basic problem is that They sending a lot of rubbish UPD and TCP packets.. TCP packets without SYNCH, fragmented UDP packets so my servers stop responding.. So I need to cut off users (IPs) sending more than X packets per second. I need solution witch provides me, somehow, configurable: X packets of certain type (UDP, TCP or both - lets say parameter named Z ) are allowed to be received by IP on Y port, otherwise this packet should be DROPPED. My virtual hosts are hosted by VirtualBox and I'm able to forward all incoming packets certain type and certain port to the specific Virtual Host, but I need to DROP them before my VirtualBox receive them.

Read the article
Which is prefered internet security + Antivirus solution for Windows, with good detection rate? [clo

- by metal gear solid

Possible Duplicate: Free antivirus solutions for Windows Which is the best internet security + Antivirus solution for Windows? free/opensource or commercial it doesn't matter I need best solution. Is Kaspersky best ? or any other? http://www.kaspersky.com/kaspersky_internet_security Award-winning technologies in Kaspersky Internet Security 2010 protect you from cybercrime and a wide range of IT threats: * Viruses, Trojans, worms and other malware, spyware and adware * Rootkits, bootkits and other complex threats * Identity theft by keyloggers, screen capture malware or phishing scams * Botnets and various illegal methods of taking control of your PC or Netbook * Zero-day attacks, new fast emerging and unknown threats * Drive-by download infections, network attacks and intrusions * Unwanted, offensive web content and spam

Read the article
Is there any way to set up a malware-blocking transparent proxy on an Airport Extreme?

- by Chris R

I'd like to add some kind of easily-administered transparent HTTP proxy to my home network. Ideally, it would allow me to, for example, redirect web requests to blacklisted servers into nothing, block certain kinds of content, et al. My home network at the moment consists of a mac mini media server that could -- if the load wasn't huge -- fill this role as well, an Airport Extreme, and a mac laptop that is my main machine. I'm reasonably technically savvy, so don't spare the complicated answers.

Read the article
Auto Forward mails to gmail from Outlook

- by Jaison

I have a highly secured computer windows server 2003 where my outlook express is configured, i want to forward all the mails coming from Outlook to gmail. I put some auto forward rule in outlook but its not working. (May be auto forwarding is disabled). I can forward mails manually. Is there anyway to get rid off this problem?

Read the article
iptables -- OK, **now** am I doing it right?

- by Agvorth

This is a follow up to a previous question where I asked whether my iptables config is correct. CentOS 5.3 system. Intended result: block everything except ping, ssh, Apache, and SSL. Based on xenoterracide's advice and the other responses to the question (thanks guys), I created this script: # Establish a clean slate iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT iptables -F # Flush all rules iptables -X # Delete all chains # Disable routing. Drop packets if they reach the end of the chain. iptables -P FORWARD DROP # Drop all packets with a bad state iptables -A INPUT -m state --state INVALID -j DROP # Accept any packets that have something to do with ones we've sent on outbound iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT # Accept any packets coming or going on localhost (this can be very important) iptables -A INPUT -i lo -j ACCEPT # Accept ICMP iptables -A INPUT -p icmp -j ACCEPT # Allow ssh iptables -A INPUT -p tcp --dport 22 -j ACCEPT # Allow httpd iptables -A INPUT -p tcp --dport 80 -j ACCEPT # Allow SSL iptables -A INPUT -p tcp --dport 443 -j ACCEPT # Block all other traffic iptables -A INPUT -j DROP Now when I list the rules I get... # iptables -L -v Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 DROP all -- any any anywhere anywhere state INVALID 9 612 ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED 0 0 ACCEPT all -- lo any anywhere anywhere 0 0 ACCEPT icmp -- any any anywhere anywhere 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:ssh 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:http 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:https 0 0 DROP all -- any any anywhere anywhere Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 5 packets, 644 bytes) pkts bytes target prot opt in out source destination I ran it and I can still log in, so that's good. Anyone notice anything major out of wack?

Read the article
Routing Traffic on Ubuntu to give Raspberry PI Internet Access

- by Scruffers

I'm hoping someone can point me in the right direction for setting up my Linux (Ubuntu 12.04) box to route traffic from eth0 to wlan0. I'll try and explain the problem I am trying to solve: I currently have two separate networks: [RaspberryPi/eth0] 192.168.2.2 / 255.255.255.0 ^ | v [Ubuntu/eth0] 192.168.2.1 / 255.255.255.0 And: [Ubuntu/wlan0] 192.168.1.100 / 255.255.255.0 ^ | v [ADSL router] 192.168.1.1 / 255.255.255.0 So currently if I want to access the RaspberryPI I can SSH from the Ubuntu box to the PI. And if I want to use the Internet, I have full access from the Ubuntu box, but nothing from the RaspberryPI - the two networks are partitioned. What I would like to do is configure things so that the RaspberryPI has Internet access via the Ubuntu box and out to the Internet. I tried to create a bridge, but got the message "wlan0: operation not supported" (wireless chipset is Ralink RT3062). I'm sure giving the Raspberry PI Internet access should be easy to do in this configuration, but I am a bit lost - can someone point me in the right direction please?

Read the article
Add multi monitor option to remote desktop web access

- by Eds

I have a test environment for a remote desktop farm with a connection broker load balancing logins across remote desktop session host servers. All servers are built on Server 2012 R2. Using rd web access, we can access this farm from anywhere. When logging in via web access, you can choose the screen resolution or use full screen. If you have two monitors when selecting full screen, it will always use both your monitors. Does anyone know how to adjust the RDWeb page so that you can choose whether or not to use both your monitors? This option is in the GUI from RDP 6.1 onwards, so I would imagine there is a way to also add it the web access page.

Read the article
Shorewall SHOW DYNAMIC command doesn't work

- by Andrew Burns

Setting up shorewall dynamic zones, http://shorewall.net/Dynamic.html shows the command shorewall show dynamic zone where zone is one of your zones. I can get the add and delete commands to work, but not the show dynamic command. Here is a shell session, with output from ipset list that proves that the items are indeed there. $ ipset list CPREM_br0 Name: CPREM_br0 Type: hash:ip Header: family inet hashsize 1024 maxelem 65536 Size in memory: 16520 References: 66 Members: 192.168.85.153 $ shorewall add br0:192.168.85.200 CPREM Host br0:192.168.85.200 added to zone CPREM $ shorewall show dynamic CPREM $ ipset list CPREM_br0 Name: CPREM_br0 Type: hash:ip Header: family inet hashsize 1024 maxelem 65536 Size in memory: 16536 References: 66 Members: 192.168.85.153 192.168.85.200 $ shorewall delete br0:192.168.85.200 CPREM Host br0:192.168.85.200 deleted from zone CPREM $ ipset list CPREM_br0 Name: CPREM_br0 Type: hash:ip Header: family inet hashsize 1024 maxelem 65536 Size in memory: 16536 References: 66 Members: 192.168.85.153 I am using the packaged version from Ubuntu 12.04 (4.4.26.1-1)

Read the article
CodeIgnitor Error 403 Access forbidden

- by 01010011

Hi, I extracted CodeIgnitor to XAMPP's htdocs and when I tried to access index.php like this: h t t p://127.0.0.1/ci/index.php I get the following error message: Access forbidden! You don't have permission to access the requested object. It is either read-protected or not readable by the server. Error 403...... How can I troubleshoot this problem?

Read the article
Are there other application layer firewalls like Microfot TMG (ISA) that do advanced http rules?

- by Bret Fisher

Since the old days ISA and now TMG have had several great features that I often want to deploy to my customers because of the enhanced functionality and security, but often the cost of an additinal server HW, Windows Server, and TMG license is too much to justify when compaired to a $300-500 appliance. Are there other gateway firewalls that can perform one or more of these application layer features: pre-auth incoming http traffic against AD/LDAP before sending packets to internal server (forms auth or basic creds popup)? read host headers of incoming http traffic (even on https) to a single public IP and route packets to different internal servers based on that host header?

Read the article
Bridge Intrusion Prevention Vyatta

- by Steve

I am trying to create a bridge with ThreatStop, IPS and block a few ports. This bridge will sit in front of my servers. All is working apart from the IPS. I have read the documentation on configuring IPS, I have something configured that it hasn't complained about and nothing is logged so I believe that it isn't working. Is it possible to set-up IPS on a vyatta bridge? Also is it possible to read the logs/events with Snorby? I have also posted this on the Vyatta forums

Read the article
Access NFS share from cygwin?

- by Jason Voegele

We have a Windows 2003 Server on which we have installed Microsoft's Services for UNIX, and we have mounted a few NFS shares that contain shared resources that we need to access from this box. When I log in to this server with remote desktop, I am able to browse the contents of the NFS shares and everything works fine. However, one use case that we have is that we need to access this server using SSH, and still be able to access the NFS shares. We are running the Cygwin SSH daemon to provide SSH access to the server, but for some reason when we log in to the Windows 2003 server using SSH we can no longer access the NFS shares. To demonstrate, here is the output of the 'mount' command, first from a Cygwin shell when logged in with remote desktop: $ mount C:/cygwin/bin on /usr/bin type ntfs (binary,auto) C:/cygwin/lib on /usr/lib type ntfs (binary,auto) C:/cygwin on / type ntfs (binary,auto) C: on /cygdrive/c type ntfs (binary,posix=0,user,noumount,auto) O: on /cygdrive/o type nfs (binary,posix=0,user,noumount,auto) P: on /cygdrive/p type nfs (binary,posix=0,user,noumount,auto) Z: on /cygdrive/z type nfs (binary,posix=0,user,noumount,auto) And now, the same 'mount' command when logged in with SSH: $ mount C:/cygwin/bin on /usr/bin type ntfs (binary,auto) C:/cygwin/lib on /usr/lib type ntfs (binary,auto) C:/cygwin on / type ntfs (binary,auto) C: on /cygdrive/c type ntfs (binary,posix=0,user,noumount,auto) Notice the missing O: P: and Z: NFS shares in the latter. Can anyone tell me why I am unable to see these NFS shares when logged in with SSH? Thanks!

Read the article
setup advanced filtering and access restrictions on dd-wrt using iptables

- by Nova deViator

I have a linksys WRT54GL router with a DD-WRT installed and I want to setup some advanced filtering that seem to not be available through "Access restrictions" web gui option. I guess I would be using IPTABLES then. I have ssh access to router and can run iptables, but I'm not so experienced with iptables. So here are my needs: my policy would be deny all first and then allow exceptions allow all http (port 80) access to WAN through wireless allow all other traffic only to PCs with specific MAC addresses allow internet access to PC with specific MAC address according to schedule (let's say everyday between 18:00-21:00) is this possible to setup with IPtables? could somebody help me a bit with it? or should go and RTFM?

Read the article
ASA5500 series logging for management interface in transparent mode

- by ANervousTwitch

i have a cisco asa5520 in transparent mode. the interface is on the same subnet as some windows machines, which are generating a lot of broadcast traffic that is filling up the logs. is there any way to have it not log that its blocking those packets? its a bunch of these messages: "through-the-device packet to from management-only network is denied: udp src..." im also seeing some of those zeroconf requests that id like to drop logging for. i tried to just put a rule on the management interface, but apparently thats not allowed.

Read the article
Redirection of outbound UDP port.

- by pboin

For my residential service, I changed ISPs to Zoom/Armstrong. Just after that, my NTP daemons stopped working. I dug deep and diagnosed the problem: Unprivileged ports are getting out. When i run 'ntpdate' for example, I go out on a high, unprivleged port, and get a response on UDP 123. That's fine. The 'ntpd' daemon though, expects to go out on 123 and get its reply there as well. This must be a common problem, because it's directly addressed in the NTP troubleshooting guide. Just to see what would happen, I wrote a detailed email to the general support address at Armstrong. They replied almost immediately with a complete technical answer! They have everything <1024 blocked, except for a few ports to support outbound VPN. So, the question: Can I use IPtables to essentially re-write my outbound UDP 123 up to 2123 or something like that? If I do, does there need to be a corresponding 2123-123 rule to translate the reply? This seems like NAT, but with ports, not addresses. I tried, but can't seem to get iptables to do what I want. I'm not sure if it's my lack of skill, or if I'm trying the wrong solution. True, I could run ntpdate from cron, but that loses all of the adjustment smarts of NTP.

Read the article
SNMP closed state in CentOS

- by anksoWX

I'm having a problem here, I've added to my IPtables rules this: -A INPUT -p tcp -m state --state NEW -m tcp --dport 161 -j ACCEPT -A INPUT -p udp -m state --state NEW -m udp --dport 161 -j ACCEPT but when I scan with nmap or any other tool it says this: Not shown: 998 filtered ports PORT STATE SERVICE 22/tcp open ssh 161/tcp closed snmp also when I am doing: netstat -apn | grep snmpd tcp 0 0 127.0.0.1:199 0.0.0.0:* LISTEN 3669/snmpd<br> udp 0 0 0.0.0.0:161 0.0.0.0:* 3669/snmpd<br> unix 2 [ ] DGRAM 226186 3669/snmpd Also: service iptables status Table: filter Chain INPUT (policy ACCEPT) num target prot opt source destination 1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 4 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:161 5 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:161 6 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 7 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT) num target prot opt source destination 1 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) num target prot opt source destination Any idea what's going on? There is no UDP in closed/open state. what do I have to do?

Read the article
Understanding Authorized Access to your Google Account

- by firebush

I'm having trouble understanding what I'm am granting to sites when they have "Authorized Access to my Google Account." This is how I see what has authorized access: Log into gmail. Click on the link that is my name in the upper-right corner, and from the drop-down select Account. From the list of links to the left, select Security. Click on Edit next to Authorized applications and sites. Authenticate again. At the top of the page, I see a set of sites that have authorized access to my account in various ways. I'm having trouble finding out information about what is being told to me here. There's no "help" link anywhere on the page and my Google searches are coming up unproductive. From the looks of what I see there, Google has access to my Google calendar. I feel comfortable about that, I think. But other sites have authorization to "Sign in using your Google account". My question is, what exactly does that authorization mean? What do the sites that have authorization to "Sign in using my Google account" have the power to do? I hope that this simply means that they authorize using the same criterion that gmail does. I assume that this doesn't grant them the ability to access my email. Can someone please calm my paranoia by describing (or simply pointing me to a site that describes) what these terms mean exactly? Also, if you have any thoughts about the safety of this feature, please share. Thanks!

Read the article
IIS server unable to access the file path

- by anil namde

I have installed web application behind IIS which access the files/directory located on the another machine. Now while developing the application using the Visual Studio 2008 then Developer Web Server it provides when build the site was able to access the location. However when the site is deployed on the IIS its saying Unable to access the file because of insufficient permissions. Can some one please help regarding what could be the issue ? any idea or pointers could be helpful. Thanks,

Read the article

< Previous Page | 89 90 91 92 93 94 95 96 97 98 99 100 | Next Page >