Search Results

Search found 5084 results on 204 pages for 'policy routing'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 96/204 | < Previous Page | 92 93 94 95 96 97 98 99 100 101 102 103  | Next Page >

  • What is your company's stance on Developers using Laptops?

    - by codepunk
    I am a developer and my company is moving towards a "no laptop" policy in fear of them being lost or stolen and source code being compromised. Now I don't work for NASA, the military or anything labeled Top Secret but our code is very important to our business nonetheless (as all source code would be). I'll be honest, I disagree with this policy against laptops and wanted to see what others think. I'd like to know: What is your team/company's stance on laptops Your company's size and/or field (small, medium or large, Fortune 500, etc). Whether you've had to take any extra precautions (signing any additional legal, ensure your hard drive is encrypted, etc). Thanks!

    Read the article

  • how to use iptables to block the IP of device connected to openwrt router

    - by scola
    I have two routers(A,B).the A connect to internet with IP:192.168.1.1 The openwrt router B connect the lan of A by bridge with static IP:192.168.1.111. I am learning to use iptables to control the devices connected to B(wlan) . I use my phone to connect wifi of B,the phone's IP is IP:192.168.1.100.it can surf the internet normally. I want to block the phone's IP to make the phone can not connect to internet. refer to http://bredsaal.dk/some-small-iptables-on-openwrt-tips iptables -A input_wan -s 192.168.1.100 --jump REJECT iptables -A forwarding_rule -d 192.168.1.100 --jump REJECT but it do not work.the phone still connect to internet normally. and I tried other chain(INPUT,OUTPUT,FORWARD).so many chains confused me. iptables -I OUTPUT -o br-lan -s 192.168.1.100 -j DROP and it do not work again. I'm sure that the iptables have no problem. root@OpenWrt:/etc# iptables -L|grep Chain Chain INPUT (policy ACCEPT) Chain FORWARD (policy DROP) Chain OUTPUT (policy ACCEPT) Chain forward (1 references) Chain forwarding_lan (1 references) Chain forwarding_rule (1 references) Chain forwarding_wan (1 references) Chain input (1 references) Chain input_lan (1 references) Chain input_rule (1 references) Chain input_wan (1 references) Chain output (1 references) root@OpenWrt:/etc# ifconfig br-lan Link encap:Ethernet HWaddr 0C:82:68:97:57:BA inet addr:192.168.1.111 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::e82:68ff:fe97:57ba/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:14976 errors:0 dropped:0 overruns:0 frame:0 TX packets:7656 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2851980 (2.7 MiB) TX bytes:1902785 (1.8 MiB) eth0 Link encap:Ethernet HWaddr 0C:82:68:97:57:BA UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:58201 errors:0 dropped:11 overruns:0 frame:0 TX packets:45012 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:54591348 (52.0 MiB) TX bytes:5711142 (5.4 MiB) Interrupt:4 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:312 errors:0 dropped:0 overruns:0 frame:0 TX packets:312 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:39961 (39.0 KiB) TX bytes:39961 (39.0 KiB) mon.wlan0 Link encap:UNSPEC HWaddr 0C-82-68-97-57-BA-00-48-00-00-00-00-00-00-00-00 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:4900 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:32 RX bytes:1223807 (1.1 MiB) TX bytes:0 (0.0 B) wlan0 Link encap:Ethernet HWaddr 0C:82:68:97:57:BA UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:37346 errors:0 dropped:0 overruns:0 frame:0 TX packets:49662 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:32 RX bytes:3808021 (3.6 MiB) TX bytes:54486310 (51.9 MiB) root@OpenWrt:/etc/config# cat network config 'interface' 'loopback' option 'ifname' 'lo' option 'proto' 'static' option 'ipaddr' '127.0.0.1' option 'netmask' '255.0.0.0' config 'interface' 'lan' option 'ifname' 'eth0' option 'type' 'bridge' option 'proto' 'static' option 'ipaddr' '192.168.1.111' option 'netmask' '255.255.255.0' option 'gateway' '192.168.1.1' option dns 192.168.1.1 and how to use iptables to control the network of wlan? Thanks in advance and sorry for poor English.

    Read the article

  • Prevent member of administrator group loging in via Remote Desktop

    - by Chris J
    In order to support some build processes on our Server 2003 development servers, we require a common user account that has administrative privs. Unfortuantly, this also means that anyone that knows the password can also gain admin privs on a server. Assume that trying to keep the password secret is a failed exercise. Developers that need admin privs already have admin privs so should be able to log in as themselves. So the question is a simple one: is there anything I can configure to prevent people (ab)using the account to gain administrator on servers they shouldn't have administrator on? I'm aware that devs could disable anything that is put in place, but that's then down to process and auditing to track and manage. I don't mind where or how: it can be via the local security policy, group policy, a batch file executed in the user's profile, or something else.

    Read the article

  • Using unsigned drivers in Windows 8

    - by T. Fabre
    I just migrated from Windows 7 x64 to 8, but I can't get my VPN software to run anymore : the SafeNet IKE service (installed by SafeNet SoftRemoteLT GA, used by my VPN provider) cannot start anymore. I found that by default unsigned drivers are disabled on Win8, and that is what is blocking the driver. The System event log tells me that the driver (apparently, C:\WINDOWS\SysWow64\Drivers\IPSECDRV.sys ) was blocked when I try to manually start the service (SafeNet IKE Service). I get the same messages for another driver, crypto.sys found in the same folder. I tried using bcdedit to enable unsigned drivers : bcdedit /set loadoptions DDISABLE_INTEGRITY_CHECKS bcdedit /set testsigning ON After reboot, same error. I tried by booting into Win 8's test mode, same issue. Applying the code signing policy (Enabled, Ignore) does not help either. Running gpresult does show that the policy is applied. Any help welcome.

    Read the article

  • Problems restoring old backups in NetBackup 6.5

    - by gharper
    I had a server that was decommissioned & replaced last year, and since the server was no longer in use, I deleted it's client & backup policy from the NetBackup Admin Console shortly afterwards. I recently got a request to restore a file from the old server, however when I specify the source client for the restore, I get an error message saying: WARNING: server (backupserver) does not contain any backups for client (oldserver) using the specified policy type (Standard) as requested by client (backupserver). [Ok] In addition to that error, I can't seem to run a Client Backup report on the old client any more to determine what tapes I need to recall in order to re-index and restore the files... My questions: Does deleting the client somehow remove NetBackups ability to ever restore files from the old system, even if the backups have a retention period of infinity? Is there a way to restore the file from the tape, assuming I can figure out which tape I need?

    Read the article

  • How do I execute a script or program on Windows Shut Down

    - by Subhen
    I want to run a exe or bat file when window shut down? I want to unmount few drives , which are mounted by my application , when user shutdown the system. For that I need to execute another exe on shutdown, which will disconnect drives mounted by my app. I got few links which shows we can create a entry in Group Policy to execute a programe while window shut down. I am not sure how I can add a entry to Group ploicy by C++ code. Again , group policy doesn't work with Win Vista. Any other better approach ?

    Read the article

  • How soon does nginx's token bucket replenish when limiting at requests per minute?

    - by Michael Gorsuch
    We've decided that we want to experiment and limit requests per minute instead of requests per second on our sites. However, I am confused by the burst parameter in this context. I am under the impression that when you use the 'nodelay' flag, the rate limiting facility acts like a token bucket instead of a leaky bucket. That being the case, the bucket size is equal to the burst parameter, and every time that you violate the policy (say 1 req/s), you have to put a token in the bucket. Once the bucket is full (being equal to the burst setting), you are given a 503 error page. I am also under the impression that once a violator stops going against the policy, a token is removed from the bucket at a rate of 1 token/s allowing him to regain access to the site. Assuming that I have the above correct, my question is what happens when I start regulating access per minute? If we chose 60 requests per minute, at what rate does the token bucket replenish?

    Read the article

  • Does Windows Home Server support folder redirection?

    - by Shawn Miller
    Windows provides the ability to redirect specific user folders to server locations, using a group policy extension called Folder Redirection. The Wikipedia article and Microsoft's marketing page for Windows Home Server suggests a tons of great features, but I don't see anything about specifically about Folder Redirection. I currently run a domain controller in the home so that I can push the folder redirection group policy down to all PCs. Windows Home Server looks like a better fit, but I'd hate to give up on the ease of folder redirection to automatically save all documents, music, pictures to the file server. Any thoughts?

    Read the article

  • Eliminating Windows 7 user tracking registry writes

    - by caffiend
    Windows 7 continues the practice of saving user actions in the registry. I'd like to disable this practice both to avoid reg-file fragmentation and SSD wear, as well as being uncomfortable with programs being able to quickly analyze my usage habits. Even with the "Turn off user tracking" policy enabled, there are at least two areas that still contain user tracking: HKCU\Software\Classes\Local Settings\MuiCache This key stores a cache of most-recently accessed strings, including most-recently ran exe descriptions. MKCU\Software\Classes\Local Settings\Software\Microsoft Windows\Shell\BagMRU This directory stores the most recently viewed folders along with timestamps. Are there additional policy settings/registry entries to disable these writes? If not, is it possible to make these entries Volatile? Would it be practical to create a temporary hive (eg, on ramdisk) and map it over this location?

    Read the article

  • Port forwarding with DNAT and SNAT without touching other packets

    - by w00t
    I have a Linux gateway with iptables which does routing and port forwarding. I want the port forwarding to happen independent of the routing. To port forward, I add this to the nat table: iptables -t nat -A "$PRE" -p tcp -d $GW --dport $fromPort -j DNAT --to-destination $toHost:$toPort iptables -t nat -A "$POST" -p tcp -d $toHost --dport $toPort -j SNAT --to $SRC $PRE and POST are actually destination-specific chains that I jump to from the PREROUTING and POSTROUTING chains respectively so I can keep the iptables clean. $SRC is the IP address I'm SNATing to which is different from the gateway IP $GW. The problem with this setup is that regular routed packets that were not DNATed but happen to go to the same $toHost:$toPort combo will also be SNATed. I wish to avoid this. Any clever things I can do?

    Read the article

  • Conflicting ip routes with local table on attaching a virtual network interface

    - by user1071840
    I have an EC2 instance with these ip rules: $ sudo ip rule show 0: from all lookup local 32766: from all lookup main 32767: from all lookup default I can attach an elastic network interface to it with a private IP. Say the IP of my machine is 10.1.3.12 and the IP of the interface is 10.1.1.190. As soon as I attach the interface to my machine a new entry is added to the routing policy and local routing table: sudo ip rule show 0: from all lookup local 32765: from 10.1.1.190 lookup 10003 32766: from all lookup main 32767: from all lookup default $ sudo ip route show table local broadcast 10.1.1.0 dev eth3 proto kernel scope link src 10.1.1.190 local 10.1.1.190 dev eth3 proto kernel scope host src 10.1.1.190 broadcast 10.1.1.255 dev eth3 proto kernel scope link src 10.1.1.190 broadcast 10.1.3.0 dev eth0 proto kernel scope link src 10.1.3.12 local 10.1.3.12 dev eth0 proto kernel scope host src 10.1.3.12 broadcast 10.1.3.255 dev eth0 proto kernel scope link src 10.1.3.12 broadcast 127.0.0.0 dev lo proto kernel scope link src 127.0.0.1 local 127.0.0.0/8 dev lo proto kernel scope host src 127.0.0.1 local 127.0.0.1 dev lo proto kernel scope host src 127.0.0.1 broadcast 127.255.255.255 dev lo proto kernel scope link src 127.0.0.1 I can send traffic to this ENI directly from a host that can have the same IP as the host the ENI is attached to. This is where the problem starts. I ran tcpdump on the port in question and saw multiple SYNs going to the ENI with src '10.1.3.12' and destination '10.1.1.190' but didn't see even a single ACK. In my understanding if ACKs were being sent from the ENI they'd have destination as 10.1.3.12 i.e. the same as the local machine's IP and such packets will now be routed as local packets matching local routing policy: local 10.1.3.12 dev eth0 proto kernel scope host src 10.1.3.12 I'd like to send all the packets originating from 10.1.1.190 (my ENI) to go back on the same interface i.e. eth3 in this case. Contents of the nee table 10003 are: $ sudo ip route show table 10003 default via 10.1.1.1 dev eth3 I think I can do the following: I don't know if its possible but probably decrease the priority of local table so the packets match the table 10003. Use iptables to mangle these packets and update the local table route to include the mark information But I'm not sure if these are the right approaches.

    Read the article

  • Can not join comp to the domain... greyed out

    - by Logman
    I have an old WinXP Pro SP3 computer I need to join to the domain, simple right? not really. When I go to control panel - system - computer name and click on CHANGE ("rename this computer") everything is greyed out. I can not set it from workgroup to a domain. I am logged on locally as an admin. (Builtin account and one I created) I have checked local policy (gpedit.msc) on the comp, but it feels like a needle in the haystack. I could probably reload an image faster than trying to fix this...but I am curious so I post here to see if anyone knows of it/fix. I tried reseting the policy to defaults, but no luck: secedit /configure /cfg %windir%\repair\secsetup.inf /db secsetup.sdb /verbose EDIT:

    Read the article

  • outlook iptables configuration

    - by mediaexpert
    I've a Debian mail server, but only the outlook users can't be able to download the emails. I've seen a lot of post about some kind of forwarding port configuration, I've tried some commands, but I don't be able to solve this problem, please help me. below INPUT and FORWARD iptables: Chain INPUT (policy DROP 20 packets, 1016 bytes) pkts bytes target prot opt in out source destination 60833 16M ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 state NEW,ESTABLISHED 18970 971K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:110 state NEW,ESTABLISHED Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT tcp -- * * 192.168.0.0/24 0.0.0.0/0 tcp dpt:110 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT tcp -- * * 192.168.1.0/24 0.0.0.0/0 tcp dpt:110 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:110

    Read the article

  • Security considerations in providing VPN access to non-company issued computers [migrated]

    - by DKNUCKLES
    There have been a few people at my office that have requested the installation of DropBox on their computers to synchronize files so they can work on them at home. I have always been wary about cloud computing, mainly because we are a Canadian company and enjoy the privacy and being outside the reach of the Patriot Act. The policy before I started was that employees with company issued notebooks could be issued a VPN account, and everyone else had to have a remote desktop connection. The theory behind this logic (as I understand it) was that we had the potential to lock down the notebooks whereas the employees home computers were outside of our grasp. We had no ability to ensure they weren't running as administrator all the time / were running AV so they were a higher risk at being infected with malware and could compromise network security. With the increase in people wanting DropBox I'm curious as to whether or not this policy is too restrictive and overly paranoid. Is it generally safe to provide VPN access to an employee without knowing what their computing environment looks like?

    Read the article

  • Windows Server 2003: Nat Port Forwarding Not Working

    - by jM2.me
    The setup is following: Internet (108.99.XXX.XX) <- Windows Server 2003 (10.0.0.1) <- Switch <- Office Computers (10.0.0.100-200 some static routes some manual some automatic) Windows Server has NAT installed on it and two network interfaces are configured properly. The problem is, whenever I try to forward port 80 (or any other) from office computer (lets say 10.0.0.100), it fails. Nic #1 Settings: All settings are obtained from ISP Nic #2 Settings: Set manually IP: 10.0.0.1 Mask: 255.255.255.0 Nat Server is configured to automatically assign IP addresses to private network. Settings are: IP: 10.0.0.0 Mask: 255.255.255.0 Forwarding was done in Routing and Remote Access (local) - IP Routing - NAT/Basic Firewall - Local Area Connection (right click_properties) - services and ports - Web Server HTTP - Private Address: 10.0.0.100 SO what is causing the problem of failure to forward any port from other computer inside private network?

    Read the article

  • How to set up VLAN network

    - by Paddington
    I'm changing my network from having every device on flat network to using VLans. My problem is that we already have a lot of devices on this network(192.168.20.0/24). From theory, I read that each Vlan has to be a different subnet and then I need to configure virtual interfaces on my Cisco router to cater for inter vlan routing. 1) How can I segment this network with minimum down time on the devices already on the network? 2) Can I just create Vlans and leave all these Vlans in the same layer 3 network so that they can go out of the network (I am not too concerned about inter-Vlan routing) or I have to create subnets which means reconfiguring the existing devices (something I do not want).

    Read the article

  • blocking port 80 via iptables

    - by JoyIan Yee-Hernandez
    I'm having problems with iptables. I am trying to block port 80 from the outside, basically plan is we just need to Tunnel via SSH then we can get on the GUI etc. on a server I have this in my rule: Chain OUTPUT (policy ACCEPT 28145 packets, 14M bytes) pkts bytes target prot opt in out source destination 0 0 DROP tcp -- * eth1 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 state NEW,ESTABLISHED And Chain INPUT (policy DROP 41 packets, 6041 bytes) 0 0 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 state NEW,ESTABLISHED Any guys wanna share some insights?

    Read the article

  • Windows XP: how to disable automatic encryption on downloaded files

    - by T. Webster
    I have Windows XP SP3 and every file I download is automatically encrypted no matter what directory I save the downloaded file in. So it's not as simple as turning off encryption of any specific directory, the file will be downloaded as encrypted regardless of whether the directory is encrypted or not. Is there a policy or registry setting somewhere to disable this automatic encryption? (EDIT: I doubt it's malware since this OS was just installed on this machine. It's my work PC and by default I think there's some group policy or other setting which not only sets everything in My Documents to encrypted, but also everything I download, no matter where it's downloaded to. )

    Read the article

  • Allow Domain Users to install software on their computers

    - by Christa
    How would I go about allowing a 'domain user' to install software on their computer. I have active directory and group policy in place. Is there a setting in group policy that would allow this? I don't really want to make the domain users domain admins as well. There is a way to do this by adding the user to their local admins group under computer management. I need this for about 50 users so that gets to be a long process with that many users. Server: Windows Server 2008 R2 Client Machines: Windows 7

    Read the article

  • windows 8 on macbook locks after 2 mins despite high performance settings

    - by Mark
    I am running my Macbook Prop as a Windows 8 machine using bootcamp and for some reason, when I leave the keyboard/mouse alone for 2 mins it locks the PC (i.e. goes to the lock screen). I have (of course) checked the power settings and I can assure you that it is not set to these settings. I did notice that when I added my work's Mail Account the computer asked me to accept some group policy settings, which I did, so I suspect that this is a group policy setting, but I cannot find it. Can someone help? P.S. I have searched these forums first, and this is different to the PC going to sleep once locked, this is locking while logged in after 2 mins. Thanks.

    Read the article

  • web.config caching differences

    - by Ivanhoe123
    What are the differences between these two approaches of caching (set up through web.config file)? <caching> <profiles> <add extension=".php" policy="DisableCache" kernelCachePolicy="DisableCache" /> <add extension=".html" policy="CacheForTimePeriod" kernelCachePolicy="CacheForTimePeriod" duration="7:00:00" /> </profiles> </caching> and: <staticContent> <clientCache cacheControlMode="UseMaxAge" cacheControlMaxAge="7.00:00:00" /> </staticContent> If the first one has img/css/js extensions added, would both work the same way? Thank you!

    Read the article

  • Can you change the type of Active Directory Password Complexity to be different than MS version?

    - by littlegeek
    Here it states that the policy must adhere to Passwords must meet complexity requirements determines whether password complexity is enforced. If this setting is enabled, user passwords meet the following requirements: The password is at least six characters long. The password contains characters from at least three of the following five categories: English uppercase characters (A - Z) English lowercase characters (a - z) Base 10 digits (0 - 9) Non-alphanumeric (For example: !, $, #, or %) Unicode characters The password does not contain three or more characters from the user's account name. They only setting is to ENABLE or DISABLE this feature. I was wondering if there is a way to change this policy? IF so where?

    Read the article

  • How to read iptables -L output?

    - by skrebbel
    I'm rather new to iptables, and I'm trying to understand its output. I tried to RTFM, but to no avail when it comes to little details like these. When iptables -vnL gives me a line such as: Chain INPUT (policy DROP 2199 packets, 304K bytes) I understand the first part: on incoming data, if the list below this line does not provide any exceptions, then the default policy is to DROP incoming packets. But what does the 2199 packets, 304K bytes part mean? Is that all the packets that were dropped? Is there any way to find out which packets that were, and where they came from? Thanks!

    Read the article

  • Windows Server VPN: Error 720

    - by Nikita Zernov
    I want to created vpn server on Windows Server 2012. First I installed Active Directory domain services, then Remote Access server role. Opened Gettng Started Wizard, entered configure just vpn. Then in Routing and Remote access selected Configure and Enable Routing and Remote Access. There selected custom configuration, vpn. Then created user in active directory and allowed network access permission. After this I tried to connect to vpn from windows 8. I get the following error: Error 720: A connection t the remote computer could not be established. You might need to change the network settings for this connection. What should I do?

    Read the article

  • Cannot logon guest account in windows 7

    - by Javy
    I'm using Windows 7 Home edition. When I try to create any guest account, it fails to load at login with the error: "The User Profile Service failed the logon. User profile cannot be loaded” I can login as admin and my home user with no problems. Every guest account that I create fails. I found this on a microsoft text article: This error may occur if the "Do not logon users with temporary profiles" Group Policy setting is configured. I've tried to find the Group Policy settings and cannot locate it anywhere. Some sites indicate I need to upgrade windows to access it. Is there a way to use guest accounts without upgrading?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 92 93 94 95 96 97 98 99 100 101 102 103  | Next Page >