Refusing the outbound traffic

Similar Questions

• IPS detects not not malicious traffic in the outbound direction

  I have an IPS running 4240 6.0. I have an interface in promiscuous mode which is connected to a port which LASTED on the uplink of a switch to my router. I'm doing some tests and noticed that when you use nmap from a host inside a host on a remote subnet, which requires me to send my traffic via the uplink port across the interface that the IPS is followed in an outbound direction, no signature is triggered. However, if I do the scan even reverse the location of the perpetrator and the victim, so the scan comes entering the detector immediately picks up the scan and triggers the appropriate signatures. Why would this behavior occurs and is at - there a way to change this?

  The other fire signatures on "outgoing". Nothing at all?

  The first thing that came to mind is that you could have extended only together as your destination span port is only to see the of receipt and not the transmission traffic. It's only a guess because I don't have all the details here.

  Before we can really begin to consider why, we need some details.

  Which switch model (in which case there is a limitation to the span config).

  What is the span config.

  How are you running nmap (what are the options).

  What alerts are triggered for you on the reverse.

• Hacked? -AVG found lots of markets - where to find the journal on outbound traffic

  Hi all

  I have som major problems - in the framework of playing Poker on the internet, I found a lost my account losses, while I was "dormant" :(

  It happened in the period from November 13-18, and it stopped after I scanned mt PC, closed my credit card etc.

  Here below you can see some of the "heavy": infected files

  ------------------------

  Samlet 53 inficerede filer, risiko-og heraf 5 hoj - Herunder uddrag:

  5 x Trojansk hest

  -Multidropper_c.PCK (exe - fil)

  -Downloader.Generic13.DVUL (dll - fil)

  -Downloader.Generic13.DVUL (dll - fil)

  -Downloader.Generic13.DVUL (dll - fil)

  -Downloader.Generic13.BRBQ (exe - fil)

  1 x IDP. Adware.3D45EAD0

  2 x wire eksekverbar Kurrupt

  -bl.a. Denne: C:\Programs\Danskespil\DanskespilCasino\lauguage\da_DK\images\fcgames\FCPeer.dll

  -----------------------

  ? = I need assistance to find a journal / newspaper on my PC, where I can see the flow of data to target time - if there's time, while I'm 'dormant', ehere the out-live-data-traffic is lager that normal, it will be underestimated my suspecion.

  Thanks for your help

  Anders KR.

  Have you asked AVG support help here?

  The Windows Firewall log file can be used to help identify malicious activity, although it does not provide the information necessary to trace the source of the activity. The Windows Firewall log file is not useful for the analysis of the overall security of your network.

  You can use TCPView for Windows, to show you lists of all TCP and UDP detailed end points. If you need more detail (more than what you probably want), use the MS network monitor.

  Windows Sysinternals can offer other useful tools, you may be interested.

  FYI, some probably articles to include:

  - How to monitor network activity on my computer Windows 7?

  - Windows Firewall with advanced security and IPsec functions.

  - Windows Firewall Notifier to monitor and troubleshoot the network traffic leaving

  I hope this helps.

• Best possible way to monitor traffic AS2 and block the rogue traffic

  This is for AS2 on HTTP/S traffic.

  Our current set up is to filter the traffic on the firewall (incoming & outgoing) with respect to IP addresses and ports.

  But now we are about to change the settings on our firewall source = ANY (inbound traffic) and destination = ANY (for outbound traffic).

  Now, it's time to activate the IPS blade for this parameters to monitor the traffic and block traffic to rogue.

  Please can someone be useful helping as to what is required for protection?

  I look in the signature list but was not sufficiently confident to point out more specific.

  Also the pros and cons for change to "ANY" white list are welcome.

  The default configuration only triggers once the IPS is confident that an attack is underway at 90%.

  I would stick with the default value set if signatures enabled.  The selected set will vary as you update the IP addresses (make sure that update you regularly) in view of the current risks in the wild.

• How do I know if the GRE traffic is encrypted or not?

  Hello world

  Site has

  DEVICE has a VPN Tunnel to

  Site B device B over the Wan link.

  Here device A and B are end devices and connect to ISP and do encryption

  Site A device X that is internal device has simple GRE tunnel to the internal device Site Bs.

  My question is how can I find this GRE tunnel gets encrypted to the device or not?

  Currently, encryption is only the device and B

  Thank you

  Mahesh

  You used some commands 'show' and 'debug' to verify that IPSec security associations have been created and are in place?  Some "debug" commands can display traffic hit the card encryption.

  http://www.Cisco.com/en/us/Tech/tk583/TK372/technologies_tech_note09186a00800949c5.shtml#ipsec_sa

  Which models of routers are device A and B?  You may be able to use something like RITE to mirror the outbound interface to a sniffer to irrefutable evidence of 'Thomas' incrédule

  http://www.Cisco.com/en/us/docs/iOS/12_4t/12_4t11/ht_rawip.html

  Ed

• Since the installation of the latest version of 4.0b12, I am unable to connect to any https through a proxy site. Connection works if no proxy is involved, with the proxy, I get a message like "proxy refuses the connection". Thank you for your answer

  I am connected to the network of the client and I should use a proxy.
  I successfully authenticate to the proxy and I try to access https://mail.google.com.
  I get a message that the proxy refuses the connection.
  I noticed that this happens with all https sites.
  If I connect with my mobile internet stick without proxy, I am able to connect: the combination of proxy and https is a failure.
  Other computers on the same network with different browsers can connect to https via the proxy.

  I work with the development of Firefox on this team. As far as I know, they seem to think that there are 2 or 3 different with the same symptoms or very similar problems, all involving proxies. They think that they have set their all for RC1.

  Right now, it seems that we just want to test an early version.

  You can get that here:

  http://ftp.mozilla.org/pub/mozilla.or.../Firefox-4.0b13pre.en-US.Win32.installer.exe

  Install this somewhere (not in your current installation directory), quit all instances of Firefox and try it. I would like to know if it works.

• now, I have no audio device, tried to download the realtek drivers but failed: class installer has refused the request to install or update the device?

  Original title: the class installer has refused the request to install or update the device?

  now I don't have a device audio, reinstalled windows xp with recovery disk, tried to download the realtek drivers but failed.

  Hello

  1. What is the status of the sound card in Device Manager?

  The following article might be useful: no sound in Windows

• Windows Vista refuses the upgrade to Windows 7

  I have window vista OEM version running on my Dell inspiron 1520, I want to window7, but always I have a code error on my computer, resistant to the installation, once again, I'm trying to re - run Windows vista may be the missing file will be restored, but he refuses the displays of window vista. Please help me.

  Hello

  Go to your computer / computer laptop manufacturer Web site and see if Windows 7 drivers are available for your make and model computer / laptop.

  If this is not available, Windows 7 will not properly work for you.

  Run the "Windows 7 Upgrade Advisor.

  http://www.Microsoft.com/en-US/Download/details.aspx?ID=20

  Check if your specifications are compatible for Windows 7:

  "Windows 7 system requirements"

  http://Windows.Microsoft.com/en-us/Windows7/products/system-requirements

  "Windows 7 Compatibility Center" for software and hardware:

  http://www.Microsoft.com/Windows/compatibility/Windows-7/en-us/default.aspx

  Windows 7 upgrade paths:

  http://TechNet.Microsoft.com/en-us/library/dd772579 (v = ws.10) .aspx

  «Installation and reinstallation of Windows 7»

  http://Windows.Microsoft.com/en-us/Windows7/installing-and-reinstalling-Windows-7

  See you soon.

• Networking - can not access the Internet since I refused the offer of renewal for the Windows Live OneCare safety

  It seems that since I refused the offer of renewal of Windows Live OneCare security - which costs $50.00 per year - but is FREE via my ISP no longer, I can access Internet Explorer or is applications such as my printer, sounds etc... I called the mfg and they want $100.00! Seems that the warranty is sold out, as well!  Is there someone who can help free of charge until I get MORE money for MS?  I contacted my ISP & everything works well on their end, it's a problem of network management - they showed me how to run in safe mode to fix this problem.  Hope it works & thank you for the help!

  http://OneCare.live.com/standard/EN-AU/default.htm

  It is an abandoned product.

  http://social.Microsoft.com/forums/en-us/category/windowsliveonecare/

  I have suggesty repost you in the Forums above Windows Live OneCare.

  See you soon.

  Mick Murphy - Microsoft partner

• BlackBerry BB Q10 - Q10 refuses the connection with some email Exchange ActiveSync accounts

  Hello @ all,

  I'm quite new in the universe BB and have a serious problem with a Q10:

  We miss MS - Exchange Server 2010 and a "new" BB - Q10.

  It is not possible to configure ActiveSync with our Chief Executive Officer Exchange account. Other accounts)<700MB email)="" can="" be="" configured="" in="" no="" time="" and="" work="">

  The BB refuses the connection to account our CEO Exchange with the error message:

  "There was an unexpected problem. Maybe some functions do not work properly.

  (translated from the German original "Es ist ein unerwartetes problem aufgetreten.) Einen function some Funktionen nicht duly".)

  Well, this is sort of an understatement, actually ActiveSync does not work a little.

  Does anyone have an idea how to solve this problem without Exchange-box backup mailbox of the Chief Executive Officer, empty it, plug in the BB and restoring the mailbox again?

  Any hint is appreciated.

  Thanks in advance!

  Concerning

  Gnampf

  Unfortunately the suggestion of KnottyRope has not helped.

  Something with the AD-account seems to be wrong.

  I solved the problem of

  • adding a new account similar to what does not work in ExchangeServer via the ManagementConsole
  • adding this new account in Outlook, the Chief Executive Officer
  • copy all contacts, emails a calendar to this new account entries
  • removal of the old Exchange mailbox (and ONLY the mailbox) of the ExchangeServer without touching the user AD
  • the configuration of the correct e-mail address for "send to" and "answer to" in the ExchangeManagementConsole, so that an e-mail, sent by "answer to", to find the right box the letters

  As a result, our CEO can use his well known-name of user and password for Windows, but sees a slightly different name account in Outlook.

  But it's something that it can withstand, until the synchronization with the BB works. And, so far at the moment, it seems to work.

  This workaround is perhaps useful to others.

  Concerning

  Gnampf

• g.clear () call to the method object refuses the development of drawing for checkbox

  Hello

  I have this custom field extend the CheckboxField, with him object method is overloaded as follows:

  protected void paint (Graphics g)
  {
  int bgColor = _fontStyle.getBackgroundColor ();
  If (bgColor! = - 1).
  {
  g.setBackgroundColor (_fontStyle.getBackgroundColor ());
  g.Clear ();
  }
  g.setColor (_fontStyle.getForegroundColor ());
  Super.Paint (g);
  }

  the _fontSytle is defined by the user and transmitted as a reference of custom style, everything works fine in a first time without g.clear (), but I soon found out when the background color is black, while the foreground is white, paint reverse color. So I added this g.clear () and the problem was solved.

  However, the compensation seems to graphics here refuses the development of drawing and I was not able to trace which is cleaned and what is the indicator for the development of design. BTW, the "g.isDrawingStyleSet (Graphics.DRAWSTYLE_FOCUS)" returns true.

  So I was wondering if anyone here can provide a diagnosis on what could be the cause and how to fix it. Thanks in advance.

  Christian

  Nope, the g.clear () must be called to display the colors correctly. As I said, it can work in some cases, but just mess up from time to time.

  So what I do now is take a workaround to override the drawFocus() as default

  protected void drawFocus(Graphics g, boolean on)
      {
          refreshFooter(on ? getLabel() : "");
          // customize draw focus logic here as the default one conflicts with the paint method
          XYRect rec = new XYRect();
          getFocusRect(rec);
          g.invert(rec);
      }
  

  Thus the development of drawing must rely on paint and so don't mess the color.

  In any case, thanks much for the reply!

• The QoS traffic shaping and shaping tip

  Hello

  Could someone tell me what is the difference between traffic and shaping of edge smoothing?

  Kind regards.

  The main reasons to use the traffic shaping are to control access to the available bandwidth to ensure that traffic is consistent with specific policies and to regulate the flow of traffic to avoid congestion. Some reasons for example for the use of the following traffic shaping:

  Control access to bandwidth when the policy dictates that the average rate of a given interface must not exceed a certain rate.

  Configure traffic on an interface if you have a network with different access rates. Suppose that one end of the link in a frame relay network runs at 256 Kbps and the other end of the link works to 128 Kbps. sending packets to 256 Kbps may cause applications to stop using the link.

  A similar and more complex case would be a network of link layer giving indications of congestion on the terminal equipment of data access with different rate attached devices (DTE). The network may be able to deliver more speed transit to a DTE device to a precise moment than at any other time.

  If you offer a service of low speed, the traffic shaping allows you to use the router to partition your T1 or T3 links into smaller strings.

  The traffic shaping prevents packet loss. Its use is especially important in Frame Relay networks, because the switch cannot determine which packages have priority or what packages should be removed in the event of congestion.

  Specifying the rate of advanced formatting allows you to make better use of available bandwidth by allowing more data than the EIF to be sent if the bandwidth is available.

• Calculation fail with (impossible to rename the outbound log file)

  Hello

  I am running a calculation script that breaks down after running for some time. I see that the problem comes from the entity dimension that has something of 4,000 members. My calc calculation script only a subset of this dimension.   I do see messages of any detail just the message log applications which ends with failure to rename the log file, exit below.

  Impossible to rename the outbound log file [Wed Oct 21 11:25:26 2015]...

  Calculator Information message: run block - [No_Activity], [Deg - 47], [No_Location], [2870], [No_Academic], [D801200], [original], [FY15], [CAD], [F9plus3]

  Cannot rename the outbound log file

  Looks like you are running with SET MSG DETAIL, is that correct?

  Has the potential to create a lot of log entries. Just a guess but you run out of space in your/diagnostics/logs folder?

• I bought Lightroom from a shop in Switzerland. Setup refuses the activation key, saying that the parcel is a forgery and that I need to contact the customer service. It's Saturday and I would like to install the product by Monday

  Hello

  I bought Lightroom from a shop in Switzerland. Setup refuses the activation key, saying that the parcel is a forgery and that I need to contact the customer service. It's Saturday and I would like to install the product by Monday! Is it possible to do? Thanks for your help, best looks.

  Dominique

  Thanks to you two, John and Kglad, for your responses. I have contacted Adobe and they had me download the package from their website. The problem was apparently with the package on the purchased version. Problem solved.

  Best regards.

• How can I migrate settings from AIcc to 2014 AIcc once I've opened and accidentally refused the offer to migrate my old settings?

  How can I migrate settings from AIcc to 2014 AIcc once I've opened and accidentally refused the offer to migrate my old settings?

  No question. Once the process has converted your prefs, the old stuff has simply disappeared.

  Mylenium