I have a LAMP server setup at home with wordpress. Static IP on the server and port 80 forwarded on the router to that server. Apache listening on port 80 and virtual host configured accordingly.
It was working fine but now when I browse to my domain gws.voyez.ca (that points to my public IP) browser just shows “Tunnel Connection Failed”. Oddly enough, I can still access pages in that folder (eg. gws.voyez.ca/test.html or gws.voyez.ca/phpinfo.php serve fine). This only happens externally; on internal LAN no issues. Have tried from multiple devices and different browsers.
It was working fine for a few weeks and just seems to have broken (no changes that I can think of).
Potentially ISP blocking something?
Thanks for reading.
I applied for a telecommuting job. The prospective employer said they needed to see if my personal PC was sufficient (RAM, available space, etc.). In order for them to do this, I had to copy an address into a pop-up window and select start. This process left a folder on my desktop and I saw one of the files was fbevents.js.
- Did they need this file to access my files
- Did they access this file from my PC and if so what might the purpose be?
In a docker container I am reading the files /proc/stat and /proc/meminfo. As I understand they are the ones of the host. (Not local to the docker container) In a meeting, a co-worker said that this is a security breach and must be vetted by internal security consultants. The container does neither run privileged, nor as root. My program inside the container does neither.
Question 1: is he right in saying, that this is a security breach? Question 2: What if I bind-mounted the host’s /proc directory to some folder of the container. Would that then be a security breach?
This answer from 2015 suggests that data from the Australian Stock Exchange can be accessed using
FinancialData["AX:CBA"]. However, when I run this I get
Missing [NotAvailible]. Am I doing something wrong, or has the ASX been quietly removed from Mathematica?
I have paid membership to some program. But they are not allowing to watch all videos at once. They allow us to watch 1 video per week. To watch 60 videos, i have to wait for 60 weeks. So i need help to access that content which is blocked on a web page. The page displays a message ‘You can view this content only after 1 week from your date of Registration’. I need help whether i can access such videos with some cookies or any other scripts.
Any help is greatly appreciated!
I noticed this while testing SNI-based HTTPS filtering for fun.
mail.yahoo.com is blocked when accessed directly. It is not blocked if you login to your Yahoo account and access mail.yahoo.com via the “Mail” link. I ran a packet capture and see there are no Client Hello messages with the mail.yahoo.com name in the SNI extension field when I click the “Mail” link.
My assumption is that the client is somehow re-using the same connection since the *.yahoo.com certificate is valid for both domains. Anybody with some deeper knowledge of TLS able to clarify what’s going on or able to point me in direction of some documentation?
Also, if that’s the case, then why does Chrome send a Client Hello w/ Google subdomains when attempting similar tests via accounts.google.com?
NOTE: I’m blocking UDP/80 and UDP/443, so QUIC should not be influencing my results. Also, I use deep inspection in my day-to-day, so please no responses telling me to stop using SNI-filtering.
The idea is the following:
I have a port open (P) on a remote machine (R) with a service application running which is listening on (P). I would like to connect from a client machine to the service application on the remote machine.
I leave the port open so I can connect directly from my client via the ip and the port to the service application on the remote machine.
I restrict the service application via firewall to localhost and forward (P) with an ssh tunnel to my client machine.
My own conclusion:
If I open the port of the service application across the internet, then I have to trust that it cannot be exploited for remote code execution on (R).
If I use an ssh tunnel, then I only have to trust that the listening ssh port cannot be exploited. The number of open ports is reduced and hence the attack surface (from my point of view). I would still be vulnerable if my client machine was compromised, but I’m accepting that risk anyway when using ssh.
So my question is, is my conclusion correct? Is it more secure to use an ssh tunnel and forward a port instead of exposing that port directly?
I want to make an windows software for clients that clients can register inside the software and it will store the registration to an online MySQL.
However when i googled “how to do this”, I found that to establish such a MySQL connection I should provide a sql user with the right to modify the sql database. And I would also provide that sql user’s password. (All these should be in my code)
This comes to a problem, if someone decompiled my application, he can get my code, and get my sql user and password, and he can see and do anything to my sql database.
Is there anyway to prevent this?
I’m currently getting a 401 error when I try to access my SharePoint site on Firefox on mac. Usually when I login on a windows computer using FF I’m prompted to enter credentials, but for some reason I am not prompted on the mac? Does anyone know how I can get it to prompt for credentials?
Update: The mac is not connect to the domain, but it is connect to the network through wifi.