512 MB RAM
2.0 GHz Celeron
40 GB HD
6 Ethernet Ports
LCD Front Display
and it's an appliance like the Cobalts but for security, however I was wondering if anyone knew of a way to just use it as a regular either windows headless server or linux server. Also does anyone know if it's possible to upgrade the processor? Maybe even a Xeon as I know all the other models come with Xeon Processors or do they actually use a seperate motherboard?
For these symantec hardware appliances, the hardware is bought separately and then the license for the updates must be bought separately? How does it work?
I've been battling with this issue for days now, and I'm sure the solution is simple, so hopefully someone can guide me.
Basically this is my server setup:
1) Tech Server
2) Server 1
3) Server 2
The tech server hosts the main company website, billing, etc. It is also used as the SSH gateway to get into the other servers. Server 1 and 2 host end user websites.
The tech server has an "id_dsa" key on it for the root user.
Server 1 and Server 2 have the public key in authorized_keys
I am able to access Server 1 and Server 2 from the tech server when logged in as "root". However - when signed in as a standard user (i.e. "nick") I am unable to use the id_dsa key to login to the remote servers.
I've tried setting the HostKey variable in the sshd_config file but that wasn't it. I also tried adding the "-i" command to my ssh command.
The only solution I found was to put the id_dsa file under each standard user account (i.e. copying it to /home/nick/.ssh) - however - that's not very secure.
In a nutshell - how do I get standard SSH users to be able to use the root id_dsa key without being able to view it
Looking for a firewall appliance to stick before two dell servers that are going into a co-location data center.
Do you guys have any favorite FIREWALL appliances? I am looking at the CISCO PIX 501, because it seems to be the standard, but there are others that do virusscan, and malware scans at the hardware level before it enters the servers which caught my interest.
Can anyone recommend an affordable antivirus hardware appliance that can be put in-line between a physical machine acting as a mail server and the switch? I need it only to filter on ONE machine so it would not have to be extremely fast. Spam filtering would be a plus as well. Any recommendations? I am looking for something plug and play.
Does anyone have any experience to share concerning these devices?
I'm having some serious spam issues and would like to look into a better approach to preventing this than the typical SpamAssasin solution bundled with cPanel, Plesk and so on. SA seems rather inefficient, needs a lot of training, can get a lot of false positives, tends to break now and then, and so on.
Have any of you used either the Barracuda or the MailFoundry applicances, or even better - compared them first hand? Are there any similar solutions out there, perhaps cheaper/more cost effective in the long run?
$2000-3000+ for the hardware and around $500 a year for an anti-spam solution is a little steep in my opinion. Especially considering the old and cheap hardware for an example MailFoundry uses. How accurate they actually are in terms of false positives is also seemingly debated. MailFoundry promises a near 0 false positive rate, while some user-experiences suggest somewhere between 6-10% - which could represent an issue just as problematic as spam itself. Nobody wants to lose out on important email. To spend such an amount on a device and updates, it certainly needs to be worth it. Is it?
Are there any equally good or better software based solutions out there, that one could for an example use to set up a custom anti-spam server using existing hardware at the DC?
We are planing to implement a spam appliance like the mailfoundry for our 60 cpanel servers.
What is the best and easiest way to replace the standard cpanel mx entry in the dns zonefiles with our two new MX entries?
Additionaly we need to enable the option "Always accept mail locally even if the primary mx does not point to this server." for all the dnszonefiles where we use the new MX entries.
The problem is, that some customers are using already own mx entries, therefore we can not change all of them, but only the entries which point to the cpanel server.
Does someone have a script for this, or how would you change this?
I have a requirement to bring web-filtering inhouse on our own hardware.
This is to support up to 50 remote sites - I've looked at iron port / barracuda but Im not sure if it can do what is required.
I need each remote site to effectively have a seperate 'account' with the ability for each sites manager to see the traffic just for their site, create users for that site, specify site specific blocks / allows and also monitor which users are browsing which sites.
Does anyone know of a product or application that allows this sort of segmentation? I'm not a big fan of Surf Control (I don't believe it's able to deal with this sort of setup)
The other option is 1 appliance per remote site - but the costs associated with this are probably out of our budget for this project.
This one's an itnerestign one thats been bugging me for a while!
hardware wise, it's just an out-dated supermicro's mini 1U setup (P8SCT in SC512L chassis, prescott 3G, 2G DDR2, 1x WD 250G) which can be easily upgraded to newer, greener configuration such as PDSMI+ or PDSBL-LN2 board with Conroe/Kentsfield CPU, 4G~8G RAM, even raptor 10k drive.
what do you guys think the market out there for this type of appliance? will updated hardware boots the performance by much?
We want to configure our PPA mail node to send all outbound mail through our spam filtering appliance but don't know where to start.
Reading standard Postfix docs give basic instructions on how to direct a handful of domains through a mail relay but we want to direct every outbound email from all domains through our spam filter.
We also want to ensure that any regular updates to the mail node won't break or undo this config.
setting up something that would run via php and then send SMS when its called to do so.
I would need a mobile line attached to the server and then I am a little lost.
Currently what I do is that I have my own monitoring script, then when somethings goes wrong, it emails to one of my email accounts and then it SMS me of the contents. But their service is not always reliable so was wanting to setup something on my own end.
My server in the datacenter has to migrate to new IPs. Is it feasible to add new ip and gateway and have that operating on eth0 -- doing it remotely?
The dc said I can have both IPs concurrently working for the next 10 days or so. But, I'm still unsure if I can safely set the new ip and gateway on the server remotely.
Any help would be appreciated. Of course, I have logged a ticket to see if they will set my new primary ip from the console and all the virtual interfaces ...
But, would like to know for my own information if this process is doable remotely.
I have signed up a new rack and the provider give me the following information:
Service IP address assigned: Default Gateway: 10.0.0.193 Assigned WAN IP: 10.0.0.192/30 LAN IP Block: 172.16.0.192/27
*first three digits of IPs are changed.
In Windows 2003, I can use the LAN IP with Default Gateway and I can browse the net without problem (with warning though). But, when I configure the Cisco switch (2950), it didn't allow me to use gateway that is in different subnet. I have checked the LAN IP Block and it seems that all IPs in that subnet can be used. Could you teach me how to config the switch and the other servers?
im trying to setup a vps server on one of my dedicateds, (for personal use) ive got the vps running and os installed etc but i cannot for the life of me setup networking. i have 2 ips from my datacenter but they havent given me a default gateway ip and dont seem to know what one is so does anyone know how to get the default gateways ip for a ip (the ip i have is in the 66.79.185.xxx group )
What type of free email scanner gateway that you are using? I am using SA, Clam and Qmail. It's a little old and w/o the GUI for client to manage the settings.
I'm thinking to switch to something with GUI. Perhaps the combination of Exim, SA, Clam, MAilScanner and a GUI.
I'm doing a project for my school ( a small technical college) and we're trying to come up with some sort of wireless authentication gateway. This doesn't need to be locked down and super secure, this is a state run school with an open wifi network. Basically we want all wireless users to be forced to view a splash page/AUP and agree to it before being able to access the web.
couple issues: -Super low budget, so enterprise solutions are pretty much out of the question -must be as transparent as possible to the use: no MAC registering with the IT dept. no added software, no RADIUS certs etc. -we have limited access to the actual router and all administration but be done by the upstream provider(including inter-vlan routing)
I've looked at NoCAT and really like it but because of the existing network topology its going to be hard to force all traffic through a central box for filtering/auth
What I'm wondering is if there is a way to do selective DNS poisoning to redirect all lookups to a web authentication server(similar to nocat's system). After a host is authenticated their DNS would resolve correctly. I know someone could just go out by IP or potentially use different DNS servers but we really aren't that concerned about it, all they have to do is click 'accept' anyway.
I have been trying to determine if I should use Postfix or Exim for our new SMTP gateway. My biggest obstacle is in trying to determine if Postfix can handle the processing as efficiently as Exim.
Basically we have hundreds of domains that will have email going through the gateway. I need to know if Postfix can be configured to perform different actions based on the recipient domain (i.e. block receipt of message or add a header and deliver). It looks like this functionality is handled by using a 3rd party tool like "amavisd".
The problem is that it looks like I have to wait for the DATA to be received before I can send the mail to the filtering tool rather than just waiting until the last RCPT command. It is also unclear as to whether the message will be denied during delivery with a 550 error being returned or whether the message is accepted and a postmaster message is sent. Obviously I would prefer the 550 error.
I have a Linux Server (CentOS 4.4) running, it has two network cards.
1. Onboard 100MBit (eth0), uses DHCP to obtain IP, this card is the only one that is able to connect to the internet. IP: 192.168.1.13 Subnet: 255.255.255.0 Gateway: 192.168.1.1 Bcast: 192.168.1.255
2. PCI Gigabit card (eth1), uses static IP, and is connected to my Windows machines via a CROSSOVER cable. IP: 192.168.2.2 Subnet: 255.255.255.0 Gateway: NONE Bcast: 192.168.2.255
Before I installed the gigabit card all internet was working fine. However now i cannot even ping? here is some more info:
Today at 12.50 pm my (ubuntu 14.04.1 LTS) server running plesk 12.0.18 suddenly stopped serving websites. Any attempts to access a webpage on any vhost returned the 502 bad gateway using Nginx error messsage.When I looked at the nginx logs, I found messages like:
Connection refused) while connecting to upstream, client: m.m.m.m, server: , request: "GET /server-status HTTP/1.0", upstream: URL....
Restarting apache & nginx (/etc/init.d/apache2 restart & /etc/init.d/nginx restart) made no difference and I had to reboot to restore http access.
Strangely if I browsed with port 7080 specified (i.e. http://n.n.n.n:7080), this worked fine for all vhosts, so apache (which I believe is listening on this port while nginx listens on port 80) is working fine - nginx is just not able to pass stuff to it?
this is a fresh Plesk 12 installation on a Dedicated Server, on Debian 6. I haven't installed a License key yet.When i tried to run MIgration Manager, the loading was taking forever. Also, when i try to enter Webserver Configurations Troubleshooter, i get 502 Bad Gateway nginx error.In the /var/log/sw-cp-server/error_log i get this error:
Code: 2015/06/17 11:42:47 [error] 3918#0: *52 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: A.B.C.D, server: , request: "GET /modules/configurations-troubleshooter/index.php/index/list HTTP/1.1", upstream: "fastcgi://unix:/var/run/sw-engine.sock:", host: "X.X.X.X:8443", referrer: "https://X.X.X.X:8443/admin/module/list?context=modules" When i try to insert a Plesk License, i also get this error:
We are having some problems with a Foundry Bigiron 4000.
The hardware config is as following:
- Bigiron 4000 chassis
- 2x B8GMR3-A management (active + standby)
- 2x B24E
Once every couple of days now, we get the following error in syslog:
Code: 2009-10-05 20:40:00User.Warning8x.xx.50.1Oct 5 20:39:59 gateway IP: IP: Duplicate IP address 8x.xx.38.1 detected sent from MAC address 0004.d3ea.e200 interface 3/13, 1 packets, first packet received at time 1 days 20 hours 41 minutes 37 seconds since bootup!............
we have two servers; webserver and database server connected directly to each other via a standard cat6 cross-over cable. I am setting up their static IP's and have a few questions.
Both are running windows 2003. I went and setup the static ip's as follows:
