V6 and Multiple Virtual Sensors
In a few places, we have a sensor both behind and in front of a firewall and both of them are underutilized. With v6, it would seem that monitoring both links using separate physical monitoring interfaces and virtual sensors would be possible. I'm concerned about problems this might cause. For example, I already know that today CSMARS doesn't include the interface from the original raw message, so I won't be able to differentiate based on that. Will CSMARS toss the "duplicate" event anyway? Any other reasons this configuration isn't advisable? Anyone doing this in production today?
Well the normalizer engine gets affected by putting your IPS in front and behind your firewall. With different Virtual sensor you would be able to take out this issue. I had some issues with this. So what i did was to have my IPS inline pair behind the PIX firewall and have promiscous port connect outside. Something like you have your Router connect to your hub and your pix outside connect to the hub too. Then you have a promiscous port connected to this hub. This way you would know the attacks happening outside of your Firewall. This is what i use, but my design is a bit more than this and i have a specific reason to use the hub here.
-Hoogen
Similar Messages
-
I am currently evaluating Oracle WAS on Linux.
It works fine except if I try to have Spyglass serve more than
one virtual host. When I do this it stops with an Internal error
after serving a few files.
Q. Does anyone have Spyglass serving for more than one virtual
host on the same port.
Q. What could be the problem
I use RH 5.1
Johnny Verhoeven
nullWeb is stupidly easy - Apache has extensive support for multiple virtual hosts in a single server and will happily support as many domains/hostnames as you can throw at it.
Mail is a little trickier since it needs to hook into some kind of directory server to validate user addresses.
Mac OS X's Open Directory does support this, but it's a little cumbersome (basically every user has to exist in the main Open Directory domain as well as having a secondary email address(es) in the other domain(s).
This can get especially tricky when you have users with the same shortname in different domains - for example if you give [email protected] a secondary email address of [email protected] and you then get a new user [email protected], you can't give the third 'joe' the address 'joe' in Open Directory since that's already taken. This means he'll have to login using different credentials from his email address. Confused yet? You bet.
If you're prepared to eschew Open Directory you can just use Postfix's built-in support for virtual hosting, but it's a little more complex to setup and support and is entirely command-line based (i.e. there's no GUI for setting it up or supporting it).
So, for that reason you might be prepared to setup multiple virtual machines for each domain. It really depends on how much the domains are related (if at all). -
Hello.
I am looking to put in an IPS. I would like to monitor two segments, but read this in the docs...
"To avoid definition ordering issues, no conflicts or overlaps are allowed in assignments-you assign interfaces, inline interface pairs, inline VLAN pairs, and VLAN groups to a specific virtual sensor so that no packet is processed by more than one virtual sensor."
Say I have two virtual sensors and subnets A and B. My question is that packets from segment A will go thru virtual-sensor1, but may (depending on routing) need to pass thru the VLAN pair of virtual-sensor2 to subnet B. Judging from above, this is not possible, since it says the packet can only be seen once. Please advise if I am interpreting the docs correctly.
Any suggestions or insight is appreciated! Thanks!Ah, okay; just to clarify... What they are speaking of is when the packet goes thru the IPS the first time, it stays in one virtual sensor during it's "session" thru it and is should not processed by any other virtual sensor.
If the packet reenters the IPS on a different interface pair (ie; virtual sensor) then that is OK.
Thanks for the reply! -
Can multiple Virtual Devices use the same IVI Driver Sessions?
I am using Switch Executive 2.0 and I'm having problems creating multiple Virtual Devices.
I have created a virtual device on a development computer that has no hardware connected to it. This virtual device uses specific drivers to simulate the devices. The problem I'm having is that when I create a second virtual device and try to add the same IVI Switches as the first Virtual device, I'm getting the following error:
An error has occurred while attempting to access the device deviceA_ivi.
Error -223116 occurred:
Internal Software error occurred in Switches software. Please contact National Instruments Support.
File name: .\source\mxsWrappers\tMXSObject.cpp
Line Number 192:
Status Code: -223116
Can someone please explain why?Can you please elaborate on how did you create those simulated devices? Namely, what does your IVI configuration look like? What does the driver session for the logical name look like? What's the software module? What's the hardware module? What is the driver setup string, and what is the simulation mode for the device in question?
-Serge
Srdan Zirojevic -
Multiple domains and multiple IPs in the same MacMini Server
I am sure that this topic has been faced already but I cannot find enough information to really dig into a solution.
I have a macmini server with two IPs let say x.x.x.12 and x.x.x.13 .
The server is set up on the first IP. It has his primary zone, machine record, mail aslias and www alias.
Lets call the server domain server.domain1.com
Everything works fine I have a couple of local users and a couple of LDAP users. Just to test the machine setup.
I can send and receive emails using any of the users as [email protected]
Now I would like to have another domain, domain2.com in the same server .
The final goal is to have users under different domains. They have their own email box, calendar, etc.
It will be preferable that I can share the same username with different domains. But I can live without that option.
My first test was to have the second domain called server.domain2.com using the second IP. x.x.x.13 .
For that I created another Primary Zone with domain2.com as machine record of x.x.x.13 . To use the second IP I simply create another Ethernet interface on the macmini.
In the Mail -> Advance settings I added the host aliases as well as virtual hosting domains for domains2.com.
With this setting I can send emails as [email protected] or [email protected] but when I replay to their messages I get a "Relay access denied" error from server.domain1.com .
I also tryed another domain pointing to x.x.x.12, the same as server.domain1.com . I did not create any extra Primary Zone but the local host aliases and the virtual hosting domains.
Same issue. I can send but I get a "Relay access " error.
As you might notice I am a novice on servers settings. I just try to recreate a similar environment common to Virtual Hosting providers for my own website playground but I cannot cut through this email configuration obstacle.
Any significant meaning that can be leading me to learn how to do it will be very very appreciated . (beside lynda,com tutorials that I followed already but do not mention multiple domains for mails).
Thanksthe problem I try to solve is to manage multiple domains in one MacMini Server.
Having two IPs is secondary.
I would like that each domains has his own users with emails, iCals, Wiki and web sites.
The main problem is having emails to work for any additional domain beside the default one on the machine IP.
I also got an additional IP address to be used on the same server hoping that it make things easier but apparently is making things more difficult. -
I am having issues related to storage and I believe this is causing my computer to slow down. "Other" files part is the major occupier(180 GB). I have done Omni disk and multiple other cleaning(iTunes-device, restart, etc), yet have not been able to empty any more space, nor to speed up my computer? Any suggestions? All your contributions are welcomed. Thanks. Mehmet Mazhar Celikoyar
Below is the result:
Hardware Information:
MacBook Pro (15-inch, Mid 2009)
MacBook Pro - model: MacBookPro5,3
1 3.06 GHz Intel Core 2 Duo CPU: 2 cores
4 GB RAM
Video Information:
NVIDIA GeForce 9400M - VRAM: 256 MB
NVIDIA GeForce 9600M GT - VRAM: 512 MB
Audio Plug-ins:
BluetoothAudioPlugIn: Version: 1.0
AirPlay: Version: 1.9
AppleAVBAudio: Version: 2.0.0
iSightAudio: Version: 7.7.3
Startup Items:
HP IO - Path: /Library/StartupItems/HP IO
System Software:
OS X 10.9 (13A603) - Uptime: 3 days 22:8:6
Disk Information:
ST9500420ASG disk0 : (500.11 GB)
EFI (disk0s1) <not mounted>: 209.7 MB
Macintosh HD (disk0s2) /: 499.25 GB (220.49 GB free)
Recovery HD (disk0s3) <not mounted>: 650 MB
HL-DT-ST DVDRW GS23N
USB Information:
Apple Inc. Built-in iSight
Apple Internal Memory Card Reader
Apple Inc. Apple Internal Keyboard / Trackpad
Apple Computer, Inc. IR Receiver
Apple Inc. BRCM2046 Hub
Apple Inc. Bluetooth USB Host Controller
FireWire Information:
Thunderbolt Information:
Kernel Extensions:
com.rim.driver.BlackBerryUSBDriverInt (0.0.64)
com.livedrive.filesystems.livedrivefs (2.1.14)
Problem System Launch Daemons:
Problem System Launch Agents:
Launch Daemons:
[loaded] com.adobe.fpsaud.plist
[loaded] com.adobe.versioncueCS4.plist
[loaded] com.creativebe.MainMenuHelper.plist
[loaded] com.macpaw.CleanMyMac2.Agent.plist
[loaded] com.magican.castle.plist
[loaded] com.microsoft.office.licensing.helper.plist
[loaded] com.rim.BBDaemon.plist
[failed] com.zeobit.MacKeeper.plugin.AntiTheft.daemon.plist
Launch Agents:
[loaded] com.adobe.CS4ServiceManager.plist
[loaded] com.hp.messagecenter.launcher.plist
[loaded] com.hp.productresearch.plist
[loaded] com.rim.BBLaunchAgent.plist
User Launch Agents:
[loaded] com.adobe.ARM.[...].plist
[failed] com.macpaw.CleanMyMac2Helper.diskSpaceWatcher.plist
[failed] com.macpaw.CleanMyMac2Helper.scheduledScan.plist
[failed] com.macpaw.CleanMyMac2Helper.trashWatcher.plist
[failed] com.UninstallerTool.plist
[failed] com.VolumeWatcherTool.plist
[failed] com.zeobit.MacKeeper.Helper.plist
User Login Items:
BlackBerry Device Manager
HP Scheduler
3rd Party Preference Panes:
Adobe Version Cue CS4
DC30 Xact Driver Panel
Flash Player
Flip4Mac WMV
Perian
Internet Plug-ins:
AdobePDFViewer.plugin
AdobePDFViewerNPAPI.plugin
Default Browser.plugin
Flash Player.plugin
FlashPlayer-10.6.plugin
Flip4Mac WMV Plugin.plugin
iPhotoPhotocast.plugin
JavaAppletPlugin.plugin
OfficeLiveBrowserPlugin.plugin
QuickTime Plugin.plugin
SharePointBrowserPlugin.plugin
Silverlight.plugin
User Internet Plug-ins:
OctoshapeWeb.plugin
Bad Fonts:
None
Time Machine:
Mobile backups: OFF
Auto backup: NO
Volumes being backed up:
Macintosh HD: Disk size: 499.25 GB Disk used: 278.75 GB
Destinations:
TOSHIBA EXT [Local] (Last used)
Total size: 2 TB
Total number of backups: 5
Oldest backup: 2013-10-24 23:21:31 +0000
Last backup: 2013-10-25 02:59:08 +0000
Size of backup disk: Excellent
Backup size 2 TB > (Disk size 499.25 GB X 3)
Top Processes by CPU:
3% WindowServer
1% EtreCheck
1% Microsoft PowerPoint
0% BBLaunchAgent
0% fontd
0% aosnotifyd
Top Processes by Memory:
168 MB Microsoft PowerPoint
123 MB Safari
86 MB Mail
74 MB WindowServer
45 MB com.apple.WebKit.Networking
45 MB com.apple.WebKit.WebContent
41 MB Finder
41 MB PluginProcess
41 MB mds_stores
33 MB Notes
Virtual Memory Statistics:
72 MB Free RAM
1.27 GB Active RAM
1.24 GB Inactive RAM
667 MB Wired RAM
2.58 GB Page-ins
111 MB Page-outs -
Looking to Set Up Multiple Virtual Desktops
Hi, I'm a newb looking to set up multiple virtual desktops for my employees. What would be the best windows image to use and how do I install Chrome onto the machines?
Hi Shru84;
Welcome to Azure. Azure Virtual Machine as the name suggest are Virtual Server which function as your regular server but does not have a physical presence but is hosted on Azure Platform.
We have a variety of OS flavors, there is nothing which is good or bad, its more of a question of your requirement. Please note that the desktop Version of Windows 7/ 8
are at the moment only available for MSDN subscriber.
As for Chrome Installation its the same as installing it on a regular machine, that is opening up a web browser, loggin into chrome download site and installing it. ( http://www.google.com/chrome/ )
Here is an example:
his tutorial shows you how easy it is to create an Azure virtual machine (VM). This tutorial uses a Windows Server image, but that's only one of the many images available through Azure. This includes Windows operating systems, Linux-based operating systems,
and images with installed applications. The images you can choose from depend on the type of subscription you have. For example, desktop images may be available to MSDN subscribers.
You can also create Windows VMs using
your own images as templates. To learn more about Azure VMs, see
Overview of Azure Virtual Machines.
NOTE:
You need an Azure account to complete this tutorial:
You can
open an Azure account for free: You get credits you can use to try out paid Azure services, and even after they're used up you can keep the account and use free Azure services, such as Websites. Your credit card will never be charged, unless you explicitly
change your settings and ask to be charged.
You can
activate MSDN subscriber benefits: Your MSDN subscription gives you credits every month that you can use for paid Azure services.
How to create the virtual machine
This section shows you how to use the From Gallery option in the Management Portal to create the virtual machine. This option provides more configuration choices than the
Quick Create option. For example, if you want to join a virtual machine to a virtual network, you'll need to use the
From Gallery option.
NOTE:
You can also try the richer, customizable Azure Preview Portal to create a virtual machine, automate the deployment of multi-VM application templates, use enhanced VM monitoring and diagnostics features, and more. The
available VM configuration options in the two portals overlap substantially but aren't identical.
Sign in to the Azure Management Portal. Check out the
Free Trial offer if you don't have a subscription yet.
On the command bar at the bottom of the window, click New.
Under Compute, click Virtual Machine, and then click
From Gallery.
The first screen lets you Choose an Image for your virtual machine from one of the lists in the Image Gallery. (The available images may differ depending on the subscription you're using.) Click the arrow to continue.
The second screen lets you pick a computer name, size, and administrative user name and password. If you just want to try out Azure Virtual Machines, fill in the fields as shown in the image below. Otherwise, chose the tier and size required to run your
app or workload. Here are some details to help you fill this out:
New User Name refers to the administrative account that you use to manage the server. Create a unique password for this account and make sure to remember it.
You'll need the user name and password to log on to the virtual machine.
A virtual machine's size affects the cost of using it, as well as configuration options such as the number of data disks you can attach. For details, see
Virtual Machine and Cloud Service Sizes for Azure.
The third screen lets you configure resources for networking, storage, and availability. Here are some details to help you fill this out:
The Cloud Service DNS Name is the global DNS name that becomes part of the URI that's used to contact the virtual machine. You'll need to come up with your own cloud service name because it must be unique in Azure. Cloud services are important
for scenarios using
multiple virtual machines.
For Region/Affinity Group/Virtual Network, use a region that's appropriate to your location. You can also choose to specify a virtual network instead.
NOTE:
If you want a virtual machine to use a virtual network, you must specify the virtual network when you create the virtual machine. You can't join the virtual machine to a virtual network after you create the VM. For more information, see
Azure Virtual Network Overview. - For details about configuring endpoints, see
How to Set Up Endpoints to a Virtual Machine.
The fourth configuration screen lets you configure the VM Agent and some of the available extensions. Click the check mark to create the virtual machine.
NOTE:
The VM agent provides the environment for you to install extensions that can help you interact with or manage the virtual machine. For details, see
Using Extensions.
After the virtual machine is created, the Management Portal lists the new virtual machine under
Virtual Machines. The corresponding cloud service and storage account also are created and are listed in those sections. Both the virtual machine and cloud service are started automatically and the Management Portal shows their status as
Running.
Click Virtual Machines, and then select the appropriate virtual machine.
On the command bar, click Connect.
Click Open to use the Remote Desktop Protocol file that's automatically created for the virtual machine.
Click Connect to continue.
Type the credentials for the administrative account on the virtual machine, and then click
OK.
TIP:
In most cases, you'll use the user name and password that was specified when the virtual machine was created. Check the user name to make sure it has the correct domain information:
If the VM belongs to a domain at your organization, make sure the user name includes the name of that domain.
If the VM doesn't belong to a domain, either remove any domain information by starting the line with '\' or use the VM name as the domain name. For example,
\MyUserName or MyTestVM\MyUserName.
If the VM is a domain controller, type the user name and password of a domain administrator account for that domain.
Click Yes to verify the identity of the virtual machine.
You can now work with the virtual machine remotely.
Regards;
Prasant -
Oracle Portal Virtual Host Enhacement for Multiple Virtual Hosts
I open the TAR Number: 4326752.996
The TAR is related to " REQUEST ASSISTANCE FOR MULTIPLE VIRTUAL HOSTS AND MULTIPLE PAGE GROUPS CONFIG. "
This is the Scenario: We Have Oracle Portal installed in a single Box. yes I know I know... but Not everybody is Yahoo or Google for Clusters and all the good stuff, we just want our website managed by Oracle Portal since all our ERP is running Oracle Database. Anyway. 1 Box running Oracle Portal Infrastructure and MidTier.
It turns out that our previous configuration we have the LAMP Solution with PHP, Apache with Virtual Servers configuration very trivial for a regular web server however we have about 6 Virtual domains.
For example:
www.abc.com
www.def.com
www.ghi.com
www.jkl.com
www.mno.com
www.pqr.com
We also like to post all our Intranet Information in this great Portal:
http://intranet.com
Where intranet.com is the same server but setup in our Internal DNS without be a Real Internet Register Domain.
So bottom line we start doing great with Install our single box install, later [GRRRRRR does not come by default in port 80 GRRRRRR, ok need to move and setup the virtual host to resolve our main External website www.abc.com ]
For starters ok it worked we have our main website running Oracle Portal.
Now is time to go to the step number 2.
Setup another Page Group in Portal to be the Page_Group_INTERNAL.
I figure if Apache can setup Virtual Hosts pointing to Independent parts of the File System without be shared. I was expecting some kind of custom configuration where I can setup httpd.conf to point to some specific PageGroups to make sure
www.abc.com => Page_Group_External
never share information with:
intranet.com => Page_Gorup_Internal
My TAR was very quick closed with the Argument that is not what It supposed to do.
Since a virtual host is a common thing to do on Linux and Apache, I wonder if You guys could list this as one of the default features to have multiple virtual domains assosiated with Page Groups that they never talk or share Resources I think that would be really great.
In the mean time I guess we have no option but to put a password for every internal page or take the risk of share our Information to the Internet. Perhaps designate another box with Oracle Portal but In that case Is not really cost/bennefit to use a killer technology for our external site since we just have no more than 30 pages.
Anyway just figure drop you guys a note any advise will be really appreciated.
Best Regards Dino.Hi Martin,
1. To change the target URL of KM resources you can to the following:
Access the URL Generation Service Configuration by navigating to:
System Administration -> System Configuration -> Knowledge Management -> Configuration
Content Management -> Global Services -> URL Generator Service
Change the Host property to "portal.company.com".
2. You change the Port by opening the Visual Administrator and going to : Dispatcher -> Services -> HTTP Provider
Change there the "Ports" entry from (Port:50000,Type:http)to (Port:80,Type:http). Then go on "Save".
3. To remove the "/irj" from the portal URL you can create a index.jsp with the following content, and save it in the J2EE Documentation folder:
<Drive>:\usr\sap\<SAPSID>\JC<J2EE_instance_number>\j2ee\cluster\server0\apps\sap.com\com.sap.engine.docs.examples\servlet_jsp\_default\root
<%
//Send the redirect using server redirection (not client script)
//This will also send the HTTP GET parameters
String queryString = request.getQueryString() ;
if (queryString==null ) {
response.sendRedirect
("irj/servlet/prt/portal/prtroot/com.sap.portal.navigation.portallauncher.default") ;
} else {//redirect with HTTP GET parameters
response.sendRedirect
("irj/servlet/prt/portal/prtroot/com.sap.portal.navigation.portallauncher.default?" + queryString) ;
%>
Hope this helps,
Robert -
Does anyone have a recommended network, hardware and software configuration guide for a Portal installation running with multiple gateways load balanced (ie one URL) that talk to multiple servers?
David,
We've used Resonate (software) to load balance the gateways. It allows
you to group all the gateways under 1 virtual URL and load balance the
incoming connections over each gateway depending on the rules that you
define in Resonate. Look in the SUN portal whitepapers there is one that
talks about it specifically.
As far as load balancing the calls to the portals, the gateways will
automatically load balance across all the portals that they know about
using a simple round-robin rotation. You may be able to use Resonate in
front of the portals but you may need to activate persistance within
Resonate to ensure that the user always ends up on the portal that he
established his initial connection on (if you want that), check with Sun
on this one.
David Broeren wrote:
Recommended configuration for load balanced Portal with load balancer,
multiple gateways and multiple servers.
Does anyone have a recommended network, hardware and software
configuration guide for a Portal installation running with multiple
gateways load balanced (ie one URL) that talk to multiple servers?
Try our New Web Based Forum at http://softwareforum.sun.com
Includes Access to our Product Knowledge Base! -
Has anyone deployed a midlet on a virtual sensor under windows 7 64 bit?
Hello
I need help and I would really appreciate if any one can save me.
when I want to deploy a midlet on a virtual sensor in Solarium, I get this error: "Cannot load C:\Program Files\Java\jdk1.7.0_21\jre\bin\client\jvm.dll"
My OP is windows 7 (64 bit). my java is also 64 bit and I should remind that there is no jvm.dll in in client folder in 64 bit java. So I set the address of jvm.dll to:
"C:\Program Files\Java\jdk1.7.0_21\jre\bin\server"
but still I get the same error.Got the exact same problem aswell, finally fed up with it now as i just started up firefox and 14 new windows opened because of this bug, luckily my computer can handle them but someone with a slower processor it would have been a nightmare, needs fixing ASAP.
Reverting back to 3.6.3 until this issue is solved. (link for anyone wanting to do the same below)
http://www.filehippo.com/download_firefox/7345/ -
Multiple virtual displays like linux - possible?
Hi, I'm a Linux user and I use/rely on multiple virtual displays to do my work; can't imagine living without this capabiltiy. Just curious if OSX's window manager allows this or not? I've looked around on the imac my daughter uses and in the Mountain Lion manual but can't find any info on it.
Thanks!Gottcha! I finally found it in the book. That's what I'm talkin' 'bout. Thanks a bunch...I figured since OSX is Unix it should have it somewheres...LOL.
Kim
PS: Just clicked up 3 or 4 in Mission Control. That should do it. (I can't get used to the Apple Lingo and frankly silly names. Just say virtual display (what "spaces" really is) and i'm good with that. Sigh...)
If anyone in development cares, frankly this is a bit clutsy. You have to go to "mission control" to get to your other displays? -
Is SSL and multiple websites possible with Lion Server?
this is the obligatory apology from a nub here....
I have not been a sys admin since the days of NT 4.0.
I like to think that "hey, i might need a touch up here and there, but I think I can find my way around..." Wrong.
I have been searching, and reading and searching and reading, and trying everything I can think of.. and I CAN NOT figure out how to get mutliple websites working with Lion Server, using self signed certs 1 for each of my subdomains.
Has anyone, anywhere (thank you google for returning searches to me from 2004?!?! More puzzled confusion....) posted a step by step guide yet???
I have a mac mini, and I have two domain names that are resolving to my exterinal interface on my router just fine, and I have tried what I thought was
every different possible combination of voodoo, magic, 00000...MoreTestingNeeded.conf, and all the other tricks.
Is it possible to get ssl and multiple websites working with one IP address?
Thanks...Thank you very much for your time and input. My birthday was fantastic! Thanks for asking.
I found out about SNI while researching an error I was getting in the log. I really never found any definitive "this is what you need to do", so I was going to get back to it later.
You probably know this, but Lion Server breaks out all of the virtual hosts into seperate documents in the "sites" directory. All I do is I launch the server.app, and in the web component, I enter the name of the website that I want to resolve to my server, and I give it the path to the docs. Thats it. There is no DNS configuration to speak of, on my part, and I don't believe that its necessary (?) to touch the httpd.conf file at this point yet either, even though I think I hear others saying you do. (I have no issues with getting into the file and making any changes, I just thought it was interesting.)
I am still trying to figure out how a user is supposed to add any other types of services LIKE ftp, etc. I know and use the server admin tools, but I have found that the app really does do its job in terms of creating all the dns records for resolving the sites you create. I sure hope its not just using the host file, is it? I never see any additional files in the DNS manager, for any of the subdomains. Where are they?
Here is the contents of what appears to be the first file read, that is for SSL enabled sites:
``````````````````````````````````````````````````````````````````
This is "0000_any_443.conf:"
`````````````````````````````````````````````````````````````````
## Default Virtual Host Configuration
NameVIrtualHost *:443
<VirtualHost *:443>
ServerAdmin [email protected]
DocumentRoot "/path/to/the/docs"
DirectoryIndex index.html index.php /wiki/ default.html
CustomLog "//log" cmbndvhst
ErrorLog "/"
<IfModule mod_ssl.c>
SSLEngine On
SSLCipherSuite "SOMEGARBAGEIDONTKNOWIFISHOULDSHAREORWHAT"
SSLProtocol -ALL +SSLv3 +TLSv1
SSLProxyEngine On
SSLCertificateFile "/sslcerts/certs/*.DOMAIN.COM.XXXXXXXXXXXXXXXXXXXXXXXXXXXX.cert.pem"
SSLCertificateKeyFile "/sslcerts/certs/*.DOMAIN.COM.XXXXXXXXXXXXXXXXXXXXXXXXXXX.key.pem"
SSLCertificateChainFile "/path/*.DOMAIN.COM.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.chain.pem"
SSLProxyProtocol -ALL +SSLv3 +TLSv1
</IfModule>
<Directory "/Path/To/The/Docs/XXXX/SDFSDD">
Options All +MultiViews -ExecCGI -Indexes
AllowOverride None
<IfModule mod_dav.c>
DAV Off
</IfModule>
</Directory>
Include /httpd_passwordreset_required.conf
</VirtualHost>
```````````````````````````````````````````````````````````````````````````````` `````````````
So.. my questions are:
Where in the .confs do I add what I need from your above items? Would it go each of the site docs that I need? I am really not sure what apple is doing here.
I have 4 domain names resolving to my server right now, and subdomains to each of the domains. So there are a total of about 10 "site" docs, not a big deal to change each, I just wonder if Lion overwrites these docs with each refresh or what? Also, If I try to add a third .com right now it breaks the whole site.
(Out of conversation, but I just remembered this. I just had to "quit" out of the server.app.) When installing the directory server, it hangs on "getting certificates". The spinning wheel (not the rainbow collered one, but the black one by the words "Getting Certificates") just sits there and spins. I finally just hit the red X and relaunch server.
Lastly, you meniton importing the key. I am using the key manager within the server app. I am not sure where and how I would make the cert and key you are referring to for the importing? I have tried to use the key manager in the OS, but I am not sure of the relationship between that key manager app, and the key manager within the server.app. I have tried to create certs in the keymanager in the OS side, but I do not know how to get them to show up for use in the keymanager in the server.app.
BTW: Thanks. Thanks for the help. I really appreciate it. -
Multiple virtual host impacting performance
Is there a performance issue with relation to the number of virtual hosts
which one server is hosting? If there is, how many can an average server
handle before one would see a performance hit?
Thank you.Web is stupidly easy - Apache has extensive support for multiple virtual hosts in a single server and will happily support as many domains/hostnames as you can throw at it.
Mail is a little trickier since it needs to hook into some kind of directory server to validate user addresses.
Mac OS X's Open Directory does support this, but it's a little cumbersome (basically every user has to exist in the main Open Directory domain as well as having a secondary email address(es) in the other domain(s).
This can get especially tricky when you have users with the same shortname in different domains - for example if you give [email protected] a secondary email address of [email protected] and you then get a new user [email protected], you can't give the third 'joe' the address 'joe' in Open Directory since that's already taken. This means he'll have to login using different credentials from his email address. Confused yet? You bet.
If you're prepared to eschew Open Directory you can just use Postfix's built-in support for virtual hosting, but it's a little more complex to setup and support and is entirely command-line based (i.e. there's no GUI for setting it up or supporting it).
So, for that reason you might be prepared to setup multiple virtual machines for each domain. It really depends on how much the domains are related (if at all). -
Random question: Why are there multiple virtual consoles?
I'm very interested in every single detail of some things and that has spawned a random question.
Why do we have multiple virtual consoles(proper term?) ? i.e. if I am looking at my desktop I can simply hit ctrl-alt-f3 for example, and poof! I'm at a new login prompt.
What is/are the purpose(s) for this feature? Can someone name off some scenarios?
Thanks!Forgotten Path wrote:
How so? I tried running
virtualbox --startvm Windoze
on a virtual console and received an error about finding the X server.
Here is my ~/.xinitrc
#xset b off
setxkbmap -option ctrl:nocaps
case $WM in
kde)
ck-launch-session dbus-launch startkde
gnome)
ck-launch-session dbus-launch gnome-session
compiz)
~/bin/compiz&
ck-launch-session dbus-launch compiz ccp
#ck-launch-session dbus-launch fusion-icon
lxde)
~/bin/lxde&
ck-launch-session dbus-launch startlxde
openbox)
~/bin/openbox&
ck-launch-session dbus-launch openbox
e17)
ck-launch-session dbus-launch
enlightenment_start
vb)
VirtualBox -startvm "Windows XP" -fullscreen
xfce4)
ck-launch-session dbus-launch startxfce4
i3)
ck-launch-session dbus-launch i3
ck-launch-session dbus-launch startxfce4
esac
From the console, use :
WM=vb startx
or, if there is already something running on Screen 0 (OpenBox, Xfce4, whatever) simply:
WM=vb startx -- :1
Note that the examples start VitutalBox. I could just as easily set WM to any of the other environments defined in my .xinitrc.
I have also made this work straight from kdm. I think I created a custom session, but I may have created a .desktop file in /usr/share/apps/kdm/sessions/
I am not using kdm on this machine and I don't remember
edit: Typo
Last edited by ewaller (2012-02-11 23:14:09) -
hi,
1. Can I use the default virtual sensor vs0 for the incoming traffic on all the interfaces.
2. How can I allocate interfaces to the AIP-SSM module.
3. How can I allocate interafces to the IDSM module.
I am assuming that the interfaces assigned are the ones on which inline inspection is performed.The AIP-SSM does not have 'both' of these modes. This is only valid for sensors/IDSM AFAIK.
The AIP is 'internally connected' to the ASA and has only two deployment modes available instead of three, here is a brief description from CCO:
#Is the AIP-SSM module to function or be deployed in promiscuous or inline mode?
* Promiscuous mode means that a copy of the data is sent to the AIP-SSM while the ASA forwards the original data on to the destination. The AIP-SSM in promiscuous mode can be considered to be an intrusion detection system (IDS). In this mode, the trigger packet (the packet that causes the alarm) can still reach the destination. Shunning can take place and stop additional packets from reaching the destination, however the trigger packet is not stopped.
* Inline mode means that the ASA forwards the data to the AIP-SSM for inspection. If the data passes AIP-SSM inspection, the data returns to the ASA in order to continue being processed and sent to the destination. The AIP-SSM in inline mode can be considered to be an intrusion prevention system (IPS). Unlike promiscuous mode, inline mode (IPS) can actually stop the trigger packet from reaching the destination.
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807335ca.shtml
Regards
Farrukh
Maybe you are looking for
-
My daughter's iPod touch is disabled and I cannot connect to iTunes
My daughter's iPod went crazy the other day making noises (she was no where around) and when I found it the message said that the iPod was Disabled and that it should be connected to iTunes.I tried this and it said that it might need an upgrade and p
-
Page numbers in Word TOC not correct; have to open doc and update
I'm using RoboHelp HTML 9 and Word 2010. I generate a Word doc (.docx) as one of my outputs. The Word TOC works -- that is, if I Ctrl-Click one of the items in the TOC, I'm taken to that item. A user just came up to me asking why the page numbers are
-
CS4 Bridge Error Message-"The operation couldnot be completed. Not Enough MEMORY ERROR MESSAGES
http://forums.adobe.com/message/3469769 I originally posted this in Photoshop but employee thought expertise was lacking in that forum and that I should move my question to this one. Seems very few Adobe CSx users use Bridge....go figure! Anyway gett
-
Hello, I must have changed a setting, so that the "Delete" and "Junk" buttons above the mail pane have disappeared, and an "Archive" button has appeared instead. This is true only for my mail through Gmail (IMAP), but when i open a mail from my other
-
I have a cable modem, new AExtreme, one g5 imac wired to router, and several laptops(PC and Mac) connecting wirelessly. I have added a HP 4050 laserjet (via ethernet, RJ45 cable). I have tried ever friggin setting, config i can think of, and I cannot