Posts by blud

IIS should be able to do this just fine - "Bad Gateway" actually has a lot of different subcategories in IIS, so the first thing is to figure out which of those sub categories this falls into. This can sometimes be defined on the error pages if they are enabled.

Connection Timeout - This is generally the most common and usually has to do with something like a firewall on the host. you can enable failed request tracing to track this down

Connection Terminated - This is generally caused when the remote endpoint doesn't get sent the right HTTP headers, and will prematurely close the connection, this should be very visible inside the tomcat logs if that is the case.

No Route - This can happen when using things on multiple subnets or containers on the same server, sometimes there won't be routes (or reverse routes) that allow communication between the containers and/or the other ips.

I think tomcat logs are probably the first place to look to see if connections are even making it there, and if not, then follow up on IIS logs/event viewer to see why not.

If you have tomcat listening on different ports (eg. 8081, 8082, etc.) your rewrite should look like this

<rewrite>
    <rules>
        <rule name="Reverse Proxy to tomcat1" stopProcessing="true">
            <match url="^tomcat1/(.*)" />
            <action type="Rewrite" url="http://localhost:8081/{R:1}" />
        </rule>
        <rule name="Reverse Proxy to tomcat2" stopProcessing="true">
            <match url="^tomcat2/(.*)" />
            <action type="Rewrite" url="http://localhost:8082/{R:1}" />
        </rule>
    </rules>
</rewrite>

Hi Everyone - Just wanted to post here that Dani is MIA for a little bit, she's keeping an eye on DaniWeb via her phone, but is away from her computer. I'm sure she'll be back at it soon!

This turned out to be a problem in the php-mysql module compiled with the default OS, switching from php-mysql to php-mysqlnd (the mysql native driver), enabled the character set to be used.

Custom compiling, or using the nd package should fix the issue.

Should be fixed for now, looks like nginx isn't releasing file handles appropriately, I'll figure it out :)

We're working on making things a bit different on the DaniWeb/Dazah backend. As a result, there were some routing issues that caused logins to break today if you weren't already logged in.

These should be fixed now, sorry for any inconvience.

Spell checker should now be resolved.

Updated code to test for all of the current CVE's

#!/bin/bash

warn() {
if [ "$scary" == "1" ]; then
echo -e "\033[91mVulnerable to $1\033[39m"
else
echo -e "\033[93mFound non-exploitable $1\033[39m"
fi
}

good() {
echo -e "\033[92mNot vulnerable to $1\033[39m"
}

[ -n "$1" ] && bash=$(which $1) || bash=$(which bash)
echo -e "\033[95mTesting $bash ..."
echo $($bash --version | head -n 1)
echo -e "\033[39m"
#r=`a="() { echo x;}" $bash -c a 2>/dev/null`
if [ -n "$(env 'a'="() { echo x;}" $bash -c a 2>/dev/null)" ]; then
echo -e "\033[91mVariable function parser active, maybe vulnerable to unknown parser bugs\033[39m"
scary=1
elif [ -n "$(env 'BASH_FUNC_a%%'="() { echo x;}" $bash -c a 2>/dev/null)" ]; then
echo -e "\033[92mVariable function parser pre/suffixed [%%, upstream], bugs not exploitable\033[39m"
scary=0
elif [ -n "$(env 'BASH_FUNC_a()'="() { echo x;}" $bash -c a 2>/dev/null)" ]; then
echo -e "\033[92mVariable function parser pre/suffixed [(), redhat], bugs not exploitable\033[39m"
scary=0
elif [ -n "$(env 'BASH_FUNC_<a>%%'="() { echo x;}" $bash -c a 2>/dev/null)" ]; then
echo -e "\033[92mVariable function parser pre/suffixed [<..>%%, apple], bugs not exploitable\033[39m"
scary=0
else
echo -e "\033[92mVariable function parser inactive, bugs not explitable\033[39m"
scary=0
fi

r=`env x="() { :; }; echo x" $bash -c "" 2>/dev/null`

if [ -n "$r" ]; then
warn "CVE-2014-6271 (original shellshock)"
else
good "CVE-2014-6271 (original shellshock)"
fi

cd /tmp;rm echo 2>/dev/null
env x='() { function a a>\' $bash -c echo 2>/dev/null > /dev/null

if [ -e echo ]; then
warn "CVE-2014-7169 (taviso bug)"
else
good "CVE-2014-7169 (taviso bug)" …

If you patched on Thursday or Friday, the patch wasn't complete. CVE-2014-7169 covers the new exploit.

Test code
[code]env 'x=() { (a)=>\' bash -c "echo date"; cat /tmp/echo[/code]

Test line should be safe, but yeah talk about a bad day for sysadmins.

Last night she enabled site-wide SSL. Not sure if that would affect your API.

This should be fixed.

It should be noted that she is running a variety of web servers for different types of content. The main site is indeed apache for the php instances, but static content is served via lighttpd. Nginx has a lot of potential, the modules aren't quite ready though.

Yeah, I've had to restart some things a few times this morning, going to follow up with Dani when she gets up.

I'm personally having my own internet issues atm, which is making this take a little bit longer to fix. /sigh

This issue should be resolved :)

We're working on this now :)

I'm super excited about it, with this launch, they also took the price of the 1st generation ipad down $100 across the board. You can get the 16GB wifi for only $399 brand new through their clearance section.

Source: http://store.apple.com/us/browse/home/specialdeals/clearance/ipad?mco=MTM3NDc1NzM

From another account, if you bring up the "Terminal" application, you can type "sudo su -" and put in your user password to get "root" level access to access the files from all the accounts. If this doesn't work you can try "su - <username>" and type in their password to get into their user. This can be very useful to verify the files are still there, and that the permissions are set correctly.

As stated with the previous replys, Apple computers are a great purchase, and would highly recommend them. Using Parallels desktop or VMware fusion, will allow you to run visual studio without even rebooting into a windows install. If you still want a native install, bootcamp is wonderful, and will do the job just fine.

I personally find this interface more user friendly and easier to read than than the last one, and this happens every time she changes it, a few people say it sucks, then everyone gets used to it and likes it a lot, and complains when it changes again. Some of the fonts are a little large, but other than that, I love the new format.

It appears that comcast has blocked the mail server. I'll contact them to get this fixed.

It's more of a freelance sport.

PayPal now offers an nifty API that you can build into your website to accept credit cards without forcing people to leave your site as well. Amazon payments and google checkout are also both good payment services that allow people to use credit cards etc. to pay.

The CPU Virtualization support, is a new set of calls that the CPU can support that will allow it to perform more efficiently when running tasks belonging to a virtualized environment. Previously, it was *possible* to run virtual machines on PCs, but it was done at a great cost of performance, and resources. With the new extensions supported in the CPU, it allows them to function more efficiently without having the "emulate" the other system. Linux's "wine" and similar technologies are a special type of emulation, but again, it comes at a high cost of resources, and lacks a lot of native features. The CPU Virtualization support allows for applications to make the most efficient use of the processor for virtualized environments.

So, we got things worked out. Turned out to be compatibility issues with new software.

Microsoft does use Unix/Linux servers for a few of their production environments, but that is obvious to anyone in the field looking for a job. They recently had several positions open for *nix Sysadmins. I'll say this again: Microsoft makes great Desktop/Client software.

On that note, I would recommend looking up your monitor specifications, because some support an even higher refresh rate, and over time, that is a setting that becomes very obvious.

You may want to make sure that the host file on your computer doesn't have any erroneous entries in it.

If you go to start -> run -> notepad c:\windows\system32\drivers\etc\hosts

It should open a file that looks like this:

# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

127.0.0.1       localhost

If it doesn't, overwrite it with the data above, and save it. Then try to download your updates again.

:(

Processors generate heat. It is a very simple concept, with the newer processors, they are more 'energy efficient' which means they *will* perform less work, and thus generate less heat when you are doing nothing on the computer.

Unless you are running one of the original Pentium series processors, you are wrong.

If you are going to argue, go read the Intel Whitepages on how their processors work, and come back.

The disk drive does produce heat, unfortunately CPU (and newer chasis fans) are not designed for the hard disk drive, and if you don't believe me, open up a server, the fans are pulling air from the front, running it over the CPU heat sinks and out the back. Most of the time they are tunneled through plastic, so the air ONLY hits the CPUs, and RAM.

http://www.2cpu.com/gallery/sm-5015-UR/5015M_UR

If you *really* don't believe me, I can sit next to a daniweb server (which doesn't use any disk usage at all), force the CPU to spike, and the fans will go from 1k RPM to 15k RPM instantly.

While we don't recommend breaking your workplace rules, since it could get you fired, it is rather easy to bypass DNS. Each system has a 'hosts' file located in the c:\windows\system32\drivers\etc\ folder, you would place an entry like this into that file:
216.178.38.131 www.myspace.com myspace.com

This will allow your system to resolve the host without using DNS.

Again, it is strongly recommended that you think before you act, as most for most companies changing these files is a fireable offense.

Again, this is a public forum, yes, it may not have been on topic, but people have the ability to suggest alternatives. Lets keep our pride and ego out of this, as I'm sure I know people that have more experience than all of us combined. I'm going to lock this thread now, as it isn't serving any purpose right now except starting fights.

Everyone has the right to their own opinion, you said yourself that the live CD included over 900 applications, to native linux users, this seems rather bloated. My live CD includes 130 applications, and does everything that I need it to do. Lets try to cool off the personal attacks, just because we don't like the OS your recommending, isn't cause to get all up in arms, we are just letting other people know there are alternatives, and what our opinion is.

I thought I would expand a little bit on this thread.

I was a beta tester for Windows Vista, since well before the 'Beta' was actually released, and I am very confident in saying that due to the complexity of Windows Vista, there isn't a VM (Virtual Machine) enviroment out there that could maximize the performance of vista. While it is possible to install vista on a virtual machine (I've done it), I had a lot of issues that didn't happen when I had installed it on a real machine.

Microsoft has taken the liberty to explicitly state in Vista's ToS, that it can not be install on any virtualization enviroments at the current time. So even if you wanted to install Vista on VMWare, you would be breaking the Terms Of Service, and most likely wouldn't be getting the real experience from Vista.

One disclaimer I would like to make to this thread as well, is that people should not be confused about what a 'Beta' is. A 'Beta' is a piece of software that is not complete. Because of this, it will generally run much slower than the real product, because of the debugging features that are enabled, and will likely have many issues that you will not see in the final release. Now that the full version of Vista is released, the newer version will run a lot cleaner than any of the betas that were released before. People should be very skeptical of …