Latest Server related questions

Score: 0
Mahdi Akrami avatar
DNS Port Forward Centos 7
gb flag

how i can have this config?

  • Server A --> use Server B ip as nameserver in /etc/resolve.conf
  • Server B --> forward all req on port 53 to Server C:53 using iptables
  • Server C --> resolve incoming dns queries

Server B iptables config:

iptables -t nat -A PREROUTING -p tcp --dport 53 -j DNAT --to-destination Server_C:53
iptables -t nat -A PREROUTING -p udp --dport 53 -j DNAT --to-destination  ...
Score: 1
Are there any additional security considerations to be taken into account when activating IPv6 as opposed to IPv4?
nl flag

As a sysadmin, I'm fairly experienced with IPv4. As such, I feel comfortable configuring firewalls to expose servers/services to the Internet with public IPv4 addresses.

I have a basic understanding of IPv6 addresses and name resolution in IPv6. Also, I understand that I can use TCP, UDP and ICMP in the same way as with IPv4, just with "a longer address", and that, due to the abundance of addresse ...

Score: 0
topskip avatar
Give VM a static ipv6 address
us flag

I am a ”networking beginner“, so I hope this question makes sense.

I have an Ubuntu 22.04 server and a virtual machine based on qemu/multipass (also running Ubuntu 22.04). The goal is to have the web server running in the vm. I use port forwarding with ipv4 for that.

The machine has a single public ipv4 and a ipv6 /64 net.

I can connect to the web VM from the outside with ipv4 (port 80 and 443), bu ...

Score: 0
JakeDunn34 avatar
How to debug random Outlook crashes (only happening with specific Add-in enabled)?
gp flag

From a lot of our customers, we have been getting reports that Outlook unexpectedly crashes (complete process restart).

So far it has been impossible to reproduce, we can only analyze the logs after the fact and the only thing we know so far is that if we turn one specific add-in off, then the problem stops (it's a local add-in that helps sending e-mails with a configurable template). This add-in ...

Score: 0
Tensar avatar
Setting ep an AI server for multiple users
lt flag

In the University I work, we want to buy a workstation with one or two powerful GPUs. We want students to be able to use the workstation remotely. This is the main restriction. It would be nice if multiple users could use the workstation simultaneous with isolated development environments but with shared resources (GPU, RAM), but this is not as important. Everyone can wait the turn :) I am looking for a ...

Score: 9
dante velli avatar
VPN Server protocol or trick work in iran
yt flag

I hope this question is consistent with the rules of the forum. Our access to the international internet from Iran has become very difficult. Only some specific VPNs work.

Do you have any suggestions for me to set up a vpn server to work in Iran? For example, a specific protocol - a specific trick - using a specific type of data center.

Score: 2
xfscrypt avatar
Proxy pass on subdirectory not working
qa flag

I have an api running at http://127.0.0.1:9650. For example the following is giving a json object as response:

curl http://127.0.0.1:9650/ext/health

I would like to make the following work at https://example.com/my-node/ext/health.

I have the following nginx configuration:

 location /my-node {
    proxy_pass http://127.0.0.1:9650;
    proxy_http_version 1.1;
    proxy_set_header X-Real-IP $remote ...
Score: 0
Fab Pell avatar
How to export a Windows Server CA to Ubuntu
ar flag

I have a working SSL Environment in my test lab on Windows 2019. Now I need to use Apache2 on Ubuntu 22.04 to access a web server over SSL.

In which format I must export the Windows Server CA? I tried .p7b converted to pem, or a certificate exported in base64 but still not working. Getting various errors when I try to start Apache2.

Is there a guide to follow?

Thank you.

Score: 0
Dal avatar
Dell Poweredge R640 - System BIOS has halted
ml flag
Dal

I'm running pfSense on a Dell Poweredge R640, but after upgrading to the latest bios, it has trouble booting. The attached picture says that LBR is not available. Any idea what that means and how to fix it?

Thanks.

Picture of BIOS crash

Score: 0
BraveAdmin avatar
Postgresql 6.9.24 on Oracle Linux 8.6
cn flag

I'm trying to install Postgresql 9.6.24 on Oracle Linux 8.6 as it contains some bug fixes and other patches that we need. This concrete version is not present in the Oracle Linux 8 repositories, only up to version 6.9.22 installing it as a module:

yum install @postgresql:9.6

I tried to install it from RHEL and CentOS repositories, but I find a lot of dependencies issue that, as much as I try to fix ma ...

Score: 0
mohsen shahbazi avatar
send traffic from openvpn to IPIP tunnel
gn flag

We have a network interface that is open to the Internet. (ens160) We created an ipip tunnel and it was established correctly as expected (we placed 10.10.30.1 <-->10.10.30.2 | mytun) then we tried to create an OpenVPN interface to allow remote users access to this ipip tunnel and grant access to 10.10.30.1 server. (OpenVPN was properly setup on 10.10.30.2 server)

Now I need to pass traffic ...

Score: 0
PawelC avatar
Npm install and ng build takes 35-40min
gb flag

I have environment:

  • Jenkins
  • Docker
  • proxmox with vm and lxc container
  • angular 9 project

Problem is with my Dockerfile building, it takes around 35-40min.

My dockerfile

FROM node:12.6-stretch

ARG ABSOLUTE_PATH=./app
ARG build_command="node --max_old_space_size=5120 node_modules/@angular/cli/bin/ng build"
COPY $ABSOLUTE_PATH/package.json /app/package.json
COPY $ABSOLUTE_PATH/.npmrc /app/.npmrc

WORK ...
Score: 0
java_mechanic avatar
Issue in showing Apache ErrorDocument based on HTTP_USER_AGENT and REMOTE_ADDR
sa flag

I need to restrict access to application based on ip address and need to block displaying page if it is opened other than chrome. Now i can able to restrict ip, But if i put the browser checking option, then instead of ip address checking, browser checking error document is displaying.

RewriteEngine on
RewriteMap hosts-allow "txt:D:\conf\apache\allowlist.txt" ErrorDocument 403 "This ip is not permi ...

Score: 1
Dr.Tautology avatar
Centos7: Firewalld port 80 not being blocked
fm flag

Why am I able to telnet to my machine on port 80 when I do not have http or port 80 opened and there are no services listening on port 80?

sudo firewall-cmd --list-all --zone=public

public (active)
  target: default
  icmp-block-inversion: no
  interfaces: em1
  sources:
  services: dhcpv6-client ssh
  ports: 12345/tcp
  protocols:
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  ...
Score: 1
JimmyTheCuck avatar
Enable Brotli for Apache on Google Cloud Compute Engine website
ls flag

I installed and enabled the Brotli module just fine through SSH. Then, I added this to my port 80 VirtualHost config:

<IfModule mod_brotli.c>
    SetOutputFilter BROTLI_COMPRESS
    SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-brotli
    AddOutputFilterByType BROTLI_COMPRESS text/html text/plain text/xml text/css text/javascript application/javascript
</IfModule>

After restarting Apa ...

Score: 2
Dr.Tautology avatar
Centos7 machine refusing connection to port
fm flag

I'm trying to make sure that the machine is accepting tcp connections on port 8245, however I am unable to connect.

When I try from an external machine: telnet myhostname.com 8245

I get:

Unable to connect to remote host: Connection refused

I have already added the port on the host machine via firewall-cmd:

sudo firewall-cmd --zone=public --add-port=8245/tcp --permanent
sudo firewall-cmd --reload
Score: 1
nevets avatar
Is it necessary to put public and private subnet in different vpc for extra safety
at flag

Currently we put public accessible resources like ALB inside public subnet, application servers and data storages inside private subnet (different data storage, say RDS and Elasticache, have their own subnets). All the subnets are living inside a single VPC.

My question is, is it 1) possible; 2) necessary to split this VPC into 2 separate VPCs, one VPC contains only public subnet and another VPC  ...

Score: 0
Trouble mounting an NFS mount-point on a firewall system which works perfectly on other internal systems: How do I find the cause?
ru flag

This is on Fedora Core 35: This environment is mature and has a few systems that are called either firewalls or gateways, and for the first time, we want to do an NFS share to one of these systems.

After having trouble with the mount on the client, I proved the server's config is fine by doing an identical mount on a different internal system using copy-paste of the /etc/fstab entry. I figured it ...

Score: 0
Rino Bino avatar
Linux changes mount point permissions after reboot
us flag

This is specifically on Ubuntu 20.04, but I believe the behavior is common:

Please take this fstab entry, creating a read-only mount:

/data/testDir/iso/ubuntu-20.04.4-live-server-amd64.iso /data/testDir/mnt iso9660 ro 0 0

Here is the related directory structure for that:

# ls -l /data/testDir/
drwxr-xr-x 2 root root   50 Apr  7 22:07 iso
drwxr-xr-x 1 root root 2048 Feb 23  2022 mnt

Everything mounts fi ...

Score: 2
winter avatar
csrf token missing pgadmin via nginx
de flag

I am using postgres, pgadmin, nginx docker images, also using gunicorn and launching using docker-compose.

I am able to do following things sucessfully as below:

  1. All services are up and running.
  2. Able to login pgadmin(via nginx).
  3. Able to create server and fired queries on database.

Issue is: when I click on logout button. Although, I am able to logout and redirected to login page. But on terminal, I am ...

Score: -1
Dell PE RHEL 7 terrible performance
cn flag

We have an 'old' Dell PE r740xd server with quite high specs, installed with rhel 7 (latest). Running ls -l on / can take minutes.

Some specs:

# lscpu
Architecture:          x86_64
CPU op-mode(s):        32-bit, 64-bit
Byte Order:            Little Endian
CPU(s):                80
On-line CPU(s) list:   0-79
Thread(s) per core:    2
Core(s) per socket:    20
Socket(s):             2
NUMA node(s):      ...
Score: 0
MAXdB avatar
ssh config file correct syntax of "Match host" vs "Host" to utilize actual address instead of nickname
us flag

My goal is to put in some common properties for a subset of the hosts in the config. The following two examples are close except for replacing a Host section with a Match section and destination host aliases. The first example here works as intended, if I'm matching against the nickname. However, my goal is to apply the special parameters to every host on a particular subnet. Wildcarding the Host alia ...

Score: 2
amin avatar
OPENvpn server traffic not use sshuttle
cz flag

I have 2 server (server A and server B). I installed Openvpn on server A and use OPENVPN CONNECT on my laptop and iphone (iOS) and all thing is ok. now when i check my ip in laptop and iOS show SERVER A IP. good.

I installed sshuttle on server A and after run:

sshuttle --dns -D -r root@SERVER_B_IP

after entry password, now my ip in server A is SERVER B IP and all thing is fine.

when i use openvpn  ...

Score: 0
0zr1z3 avatar
Bypassing openvpn block for tryhackme
it flag

when i try to connect to tryhackme network the connection just stalls and won't connect here is the log

2022-10-05 18:56:26 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-2 ...
Score: 0
acgbox avatar
On linux, what are the recommended extension for access control lists ACL?
ng flag

I have read many HowTo's, e-books, internet pages, etc, about the use of ACLs in programs like iptables, squid, etc. on linux In the examples, they use the following file extensions:

file.lst
file.acl
file.txt
file (no extension)

In the examples, the content of the ACLs is varied (urls, IP addresses, MAC addresses, etc.)

question: On linux, what are the recommended extension for access control lists ACLs ...

Score: 0
Delvin avatar
GPO Update: Missing GP In sysvol
sr flag

I'm having a bit of trouble. I'm created a group policy to create a short to the desktop with a url link. I've done this in the pass without any issues, but now, i'm getting an error that one of the gp is missing on our DC1 and DC 2. I determined that this isn't a replication issue as i was able to create files on both dc1 and dc2 respectively and both files were able to show up. I did a dcspofix on dc1 ...

Score: 0
Fabio S avatar
Fail2Ban filter for Apache GSSAPI module
in flag

Does someone know if there is a Fail2Ban filter for Apache GSSAPI Module Authentication (mod_auth_gssapi)?

The Fail2Ban "apache-auth.conf" filter seems not working for this kind of authentication.

Thanks in advance

Score: 0
how to stop nginx 302 error
my flag

I have a site with Ubuntu 20.04, php 8.1, and nginx 1.23.1. If I restart nginx and php-fpm I can login, browse the site, and everything works. If I wait a certain amount of time with no activity on the site (10-15 minutes?), I start getting 302 Found errors no matter what page I try to go to. If I restart nginx and php-fpm again, everything starts working again. I can't figure out what's causing this. H ...

Score: 0
infinitesteps avatar
How do I find architectures supported by an emulator for use when defining a libvirt domain?
tg flag

When creating a libvirt guest using XML, how do I determine what 'arch' values are valid for <domain><os><type arch=?>? The problem is, for example, arm is invalid and must be armv7l instead. How is one supposed to know that?

The documentation says:

There are also two optional attributes, arch specifying the CPU architecture to virtualization, and machine referring to the machine ...

Score: 0
AnFi avatar
Always start NetworkManager after laptop boot with WiFi and WWAN disabled
fi flag

How to make Network managers always start (after laptop boot) with WiFi and WWAN disabled?

I prefer to always enable them manually after laptop boot for security and connection cost control reasons.

Extra info:

  1. Disabling auto-connect is not a valid option in my case as WWAN (LTE) connection is unstable (breaks too frequently) See https://serverfault.com/a/1112325/163277

The Stunning Power of Questions

Much of an executive’s workday is spent asking others for information—requesting status updates from a team leader, for example, or questioning a counterpart in a tense negotiation. Yet unlike professionals such as litigators, journalists, and doctors, who are taught how to ask questions as an essential part of their training, few executives think of questioning as a skill that can be honed—or consider how their own answers to questions could make conversations more productive.

That’s a missed opportunity. Questioning is a uniquely powerful tool for unlocking value in organizations: It spurs learning and the exchange of ideas, it fuels innovation and performance improvement, it builds rapport and trust among team members. And it can mitigate business risk by uncovering unforeseen pitfalls and hazards.

For some people, questioning comes easily. Their natural inquisitiveness, emotional intelligence, and ability to read people put the ideal question on the tip of their tongue. But most of us don’t ask enough questions, nor do we pose our inquiries in an optimal way.

The good news is that by asking questions, we naturally improve our emotional intelligence, which in turn makes us better questioners—a virtuous cycle. In this article, we draw on insights from behavioral science research to explore how the way we frame questions and choose to answer our counterparts can influence the outcome of conversations. We offer guidance for choosing the best type, tone, sequence, and framing of questions and for deciding what and how much information to share to reap the most benefit from our interactions, not just for ourselves but for our organizations.