Setting routing between two networks – 2 interfaces – Windows 7

I have two network interfaces on one computer COMP-A.

First interface IP 10.10.10.34 /255.0.0.0

Second interface IP 192.168.0.23 /255.255.255.0

Computer via first interface is connected to network A (other computers)
Computer via second interface is connected to network B.

I connect with the computer (COMP-A) from network A. And I have access to remote desktop etc.

I also need access to devices from network B.

Is it possible to make some routing between network interfaces to have access to devices from network B when I am connected to network A.

For example:

I am connected to network A with IP 10.10.142.23 and can ping COMP-A (IP 10.10.10.34). I need to ping device from network B with IP 192.168.0.26.

Setting Deny Permissions with ICACLS on “This Folder”

ICACLS “{PATH}” /DENY “{AD Group}:(D)”

I want to deny the ability for {AD Group} to delete the parent folder but still have permissions to delete child folder and files. However, when I set the DENY Delete on the parent, it prevents Traverse Folder access to the folder.

I read that this is a synchronize error but if I set (D,S) I can traverse the folder but I can also delete it.

Currently ACL_FILE_IST is the only permission on the folder.

Has anyone seen a workaround?

ICACL COMMANDS

  • ICACLS “C:TEMPTestPermissions” /GRANT “ACL_FILE_IST:(OI)(CI)(M)”
  • ICACLS “C:TEMPTestPermissions” /DENY “ACL_FILE_IST:(D)”

ICACLS ACL

testpermissions

D:PAI(D;;0x110000;;;S-1-5-21-964777865-1556211951-2005962405-8309)(A;OICI;0x1301bf;;;S-1-5-21-964777865-1556211951-2005962405-8309)

Port forwarding on debian before setting tor exit relay live required?

Before setting exit relay live, do i have to setup port forwarding for 9001, as ORPort is using it if so then how i will do it on Debian Stretch 9.0.

Torrc file below;

ORPort 9001
DirPort 80
Nickname Name
RelayBandwidthRate 1024 KB
RelayBandwidthBurst 1024 KB
ContactInfo Name

DirPortFrontPage /./usr/share/doc/tor/tor-exit-notice.html

ExitPolicy accept *:20-23 # FTP, SSH, telnet
ExitPolicy accept *:43 # WHOIS
ExitPolicy accept *:53 # DNS
ExitPolicy accept *:79-81 # finger, HTTP
ExitPolicy accept *:88 # kerberos
ExitPolicy accept *:110 # POP3
ExitPolicy accept *:143 # IMAP
ExitPolicy accept *:194 # IRC
ExitPolicy accept *:220 # IMAP3
ExitPolicy accept *:389 # LDAP
ExitPolicy accept *:443 # HTTPS
ExitPolicy accept *:464 # kpasswd
ExitPolicy accept *:531 # IRC/AIM
ExitPolicy accept *:543-544 # Kerberos
ExitPolicy accept *:554 # RTSP
ExitPolicy accept *:563 # NNTP over SSL
ExitPolicy accept *:636 # LDAP over SSL
ExitPolicy accept *:706 # SILC
ExitPolicy accept *:749 # kerberos
ExitPolicy accept *:873 # rsync
ExitPolicy accept *:902-904 # VMware
ExitPolicy accept *:981 # Remote HTTPS management for firewall
ExitPolicy accept *:989-995 # FTP over SSL, telnets, IMAP over SSL, etc
ExitPolicy accept *:1194 # OpenVPN
ExitPolicy accept *:1220 # QT Server Admin
ExitPolicy accept *:1293 # PKT-KRB-IPSec
ExitPolicy accept *:1500 # VLSI License Manager
ExitPolicy accept *:1533 # Sametime
ExitPolicy accept *:1677 # GroupWise
ExitPolicy accept *:1723 # PPTP
ExitPolicy accept *:1755 # RTSP
ExitPolicy accept *:1863 # MSNP
ExitPolicy accept *:2082 # Infowave Mobility Server
ExitPolicy accept *:2083 # Secure Radius Service (radsec)
ExitPolicy accept *:2086-2087 # GNUnet, ELI
ExitPolicy accept *:2095-2096 # NBX
ExitPolicy accept *:2102-2104 # Zephyr
ExitPolicy accept *:3128 # SQUID
ExitPolicy accept *:3389 # MS WBT
ExitPolicy accept *:3690 # SVN
ExitPolicy accept *:4321 # RWHOIS
ExitPolicy accept *:4643 # Virtuozzo
ExitPolicy accept *:5050 # MMCC
ExitPolicy accept *:5190 # ICQ
ExitPolicy accept *:5222-5223 # XMPP, XMPP over SSL
ExitPolicy accept *:5228 # Android Market
ExitPolicy accept *:5900 # VNC
ExitPolicy accept *:6660-6669 # IRC
ExitPolicy accept *:6679 # IRC SSL
ExitPolicy accept *:6697 # IRC SSL
ExitPolicy accept *:8000 # iRDMI
ExitPolicy accept *:8008 # HTTP alternate
ExitPolicy accept *:8074 # Gadu-Gadu
ExitPolicy accept *:8080 # HTTP Proxies
ExitPolicy accept *:8087-8088 # Simplify Media SPP Protocol, Radan HTTP
ExitPolicy accept *:8332-8333 # BitCoin
ExitPolicy accept *:8443 # PCsync HTTPS
ExitPolicy accept *:8888 # HTTP Proxies, NewsEDGE
ExitPolicy accept *:9418 # git
ExitPolicy accept *:9999 # distinct
ExitPolicy accept *:10000 # Network Data Management Protocol
ExitPolicy accept *:11371 # OpenPGP hkp (http keyserver protocol)
ExitPolicy accept *:12350 # Skype
ExitPolicy accept *:19294 # Google Voice TCP
ExitPolicy accept *:19638 # Ensim control panel
ExitPolicy accept *:23456 # Skype
ExitPolicy accept *:33033 # Skype
ExitPolicy reject :

% cat ~/.tor/torrc
ControlPort 9051
CookieAuthentication 1

Setting the time

Imagine the following 24-hour clock that can be controlled by arrow keys:

╔══╗ ┌──┐
║00║:│00│
╚══╝ └──┘
 HH   mm

Pressing the up arrow twice (↑↑) will increase the currently focused hour input:

╔══╗ ┌──┐
║02║:│00│
╚══╝ └──┘
 HH   mm

Pressing the right arrow (→) will focus the other input.

┌──┐ ╔══╗
│02│:║00║
└──┘ ╚══╝
 HH   mm

Pressing the down arrow thrice (↓↓↓) will now decrease this input.

┌──┐ ╔══╗
│02│:║57║
└──┘ ╚══╝
 HH   mm

Shortly put:

  • The up arrow (↑) will increase the currently active input.
  • The down arrow (↓) will decrease the active input.
  • The right arrow (→) will move focus to the right input.
  • The left arrow (←) will move focus to the left input.
  • Up and down movement will loop around as expected for a time input.
  • Left and right movement don’t loop around.

The challenge

The clock starts out at 00:00 with the hour input active (see first schematic). Given a list of input commands, output the resulting time in HH:mm format.
Input can be either a string or a list (or your language equivalent), where the different input directions can be one of the below options:

  • ↑↓←→
  • udlr
  • ^v<>
  • actual arrow key presses if your program has a GUI

Standard loopholes apply.

Test cases

↑↑→↓↓↓ = 02:57
↓→↑←↑→↓ = 00:00
↓→→↓ = 23:59
←←←←→↑ = 00:01
↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓→↓ = 23:59

What happened to the arbitration opt-out profile setting?

From a comment by Tim Post concerning the arbitration opt-out process:

You’ll get a response, and our system is pretty good at catching spoofs (if someone makes DNS lie, then, well, nobody can catch that). And when we make the function something you access from your profile, we’ll prod you to review your setting, most likely, so the worst case is really narrow to begin with.

(emphasis added)

That was back in May. It’s now June October, and I don’t see anything like an opt-out button on my profile page. Is it still being worked out, or was it dropped? Is email the only option?

(On a side note, the ToS notification email that came out a while ago says nothing about the arbitration clause. When did (or does) the clock start ticking on the opt-out?)

What makes a bestseller – Writing or Setting?

Note: I define ‘setting’ as where and when a novel takes place, as well as what the genre entails. It is the background to the picture of the story.

I realize there are a lot of factors that contribute to making bestsellers become bestsellers, and that the list is by no means limited to writing and setting. My concern is with writing versus setting. I’ve seen some books (which I will not name, to avoid the inevitable debate), that to me at least, seem to have become bestsellers simply through their setting. They are written well, certainly, but they are often full of mistakes, and the writing in general is not the stuff of greatness.

This raises the question: can a novel become a bestseller (mostly) because of its setting? Can you get away with mediocre writing and still sell because your setting is popular?

Note: I don’t want to give the impression that I am trying to get away with mediocre writing. 🙂 I’m actually hoping that the answer to the question above is ‘no’; that there is some other reason these novels have become bestsellers.

Setting collider in 3D map (blender file)

New to gamedev and I also have no idea about 3D files but, I’ll try to explain the best I can. We are using our own custom engine built in C++ with OpenGL (glm, gl3w, glfw, entityx)

We have a 3D map in a Blender file (.dae), We want to set the colliders for the hitboxes so the player can’t step outside. My colleagues started doing it by hand, but it would take a tremendous amount of work none of us want to spend doing a trivial task.

We worked with the same map in 2D (doing the same game in 2D and 3D), and my colleagues used a program to do it visually and then importing a .tmx file (I don’t really know how or what program). The question is, is there a way to do the same in 3D? They say Blender (used to create the map) does not provide the tools necessary, or they probably don’t know how.

Thanks in advance and sorry if I explained something wrong, I’ll gladly answer any questions.

Issue creating user and setting password

I am experiencing an issue creating users and setting their password. I have a need to setup a great deal of users but only activate them as they attempt to login. The creation process and activation process is working fine but I am getting a strange error when attempting to login. I initially create a list of users, insert them, then set their password, then deactivate them. For now I am just attempting to get this to set to password123 until I get this to work.

I can run a script in the Developer Console that will allow me to set the password and only once I run that code in the dev console am I able to login. I tried creating a button to set the password and also an update based on a checkbox that sets the user to the same password. I cannot login to the user until I run the setPassword command inside of the developer console.

Here is the code that does this and all is done in a future method by itself

for(Contact currentContact : contacts){

            User u = new User();
            u.isActive = true;
            u.ContactId = currentContact.Id;
            u.LastName = currentContact.LastName;
            u.Alias = currentContact.LastName.substring(0,7);
            u.Email = 'email@email.com';
            u.EmailEncodingKey='UTF-8';
            u.LanguageLocaleKey='en_US';
            u.LocaleSidKey='en_US';
            u.TimeZoneSidKey='America/New_York';
            u.ProfileId = '0000000000asj1';
            u.UserName = currentContact.Attribute__c + '@email.com';
            u.isActive = true;
            userInsertList.add(u);

        }

        if(!Test.isRunningTest()){
            insert userInsertList;
        }

        for(User currentUser : userInsertList){
            if(currentUser.Id != null){
                  System.setPassword(currentUser.Id,'password123');
            }
        }

        for(User currentUser: userInsertList){
            currentUser.IsActive = false;
        }

        if(!Test.isRunningTest()){
            update userInsertList;
        }

Here is the code that activates and resets the user’s password

if(user.IsActive == false){
        system.debug('Activating user');
        user.IsActive = true;           
        update user;
        try{
            system.setPassword(user.Id, 'password123');
        }
        catch(InvalidParameterValueException e){
            system.debug(e.getMessage());
        }
    }

Custom Link code on user object:

webservice static String doPasswordReset(String userId){

    System.setPassword(userId,'Password123');

    return '';
}

Reading this similar stack exchange post I noticed that he is experiencing the same issue but I don’t think that the answers there really answer the question. IF this was something I would have to wait on why does the Developer Console allow me to succesfully run the code and the other ways of running the code does not work. I can see in the Audit Trail that the password is being reset each time I try to run it using all the various methods.

Any help would be greatly appreciated

Edit* Another thing to note is that when I did change the password policy to remember passwords it would prevent me from making it “password123” – throwing an InvalidParameterException something along the lines of previous passwords cannot be used. So it would appear that the password is being changed correctly and the audit trail does show that my calls to set password are the last call that is made.

UPDATE:
I have support looking into my issue they are also experiencing the same issue with the setPassword method not being able to be called from the Future context. I have currently implemented a Schedulable/Batchable process to resolve the issue.

Setting up public key authentication to Linux server from Windows (ppk private key)

I created a public and private key using PuTTYgen and copied the public key to .ssh/authorized_keys under my user account.

Then I try to specify the private key when trying to log in, but apparently it doesn’t pick it up and keep asking for the username/password I originally had. I’m using WinSCP to connect and specify the private key in Advanced/Authentication section. Am I missing any steps in WinSCP?

enter image description here

The content of authorized_keys looks like as below

ssh-rsa AAAAB3NzaC1yc2EAAAABpEVSiiRXi7tOHpkOyFa9w2OLpBep31k9lePCK7RQxsdfs9u11+rdu0XCidRKOY5j4anD1eDaNBj87wqZbsreRe5cFcsakyGUAYXAvqgGApvsep31k9lePCK7RQxlOY5j4anD1eDaNBj8LJO++K3SkUN8E0srRBO8YyMT6Y03/F7+AAAAB3NzaC1yc2Q4h2RLGtr12CDKSBVAnFEc+JucuF4uF0WY4Sh66MSFI63mCQFu9iYNYwWyT6lUo6sks4WypEVSiiRXi7tOHpkOyFa9w2OLpBzAlTA/VSQwdNTFYUI1vquaufZ9ORzTa6dkbBRo/mLVdevYSRMSDw1BUcinYz/ogdxRvw==

I changes the permission to .ssh to 700 and authorized_keys to 600.

Although I go to authentication section in WinSCP and specify the private key (as shown in the screenshot) it looks like it still need username and password and doesn’t pick it up.


When I use PuTTY and specify the private key, after entering the login username it says

Server refused our key

Here is the log from PuTTY

2018-04-28 17:43:05 Connecting to 158.85.98.202 port 22
2018-04-28 17:43:05 We claim version: SSH-2.0-PuTTY_Release_0.70
2018-04-28 17:43:05 Server version: SSH-2.0-OpenSSH_7.4
2018-04-28 17:43:05 Using SSH protocol version 2
2018-04-28 17:43:05 Doing ECDH key exchange with curve Curve25519 and hash  SHA-256
2018-04-28 17:43:05 Server also has ecdsa-sha2-nistp256 host key, but we don't know it
2018-04-28 17:43:05 Host key fingerprint is:
2018-04-28 17:43:05 ssh-ed25519 256         6b:0d:e2:f6:c5:9e:15:84:0c:1b:2c:19:62:cd:5b:ef
2018-04-28 17:43:05 Initialised AES-256 SDCTR client->server encryption
2018-04-28 17:43:05 Initialised HMAC-SHA-256 client->server MAC algorithm
2018-04-28 17:43:05 Initialised AES-256 SDCTR server->client encryption
2018-04-28 17:43:05 Initialised HMAC-SHA-256 server->client MAC algorithm
2018-04-28 17:43:05 Reading key file "C:Users\Desktopprivate_key.ppk"
2018-04-28 17:43:09 Offered public key
2018-04-28 17:43:09 Server refused our key
2018-04-28 17:43:09 Using SSPI from SECUR32.DLL
2018-04-28 17:43:09 Attempting GSSAPI authentication
2018-04-28 17:43:09 GSSAPI authentication request refused

Setting default permission for session files

How could I set default permissions for session files so that both apache-php-process and some-other-user’s-php-process can rw them? The session is created by some-other-user’s-php-process and after that apache-php-process should be able to read and write it.

Now the default permission for session files is 600. It should be 660 or 666. Where and how can I set this permission (eg. httpd.cond or php.ini)? So that no need to use chmod every time after session_start().

The server is my own, so no need to avoid this for security reasons.

Apache version is 2.2.15, php is 5.3.3, server is Centos6 64-bit.

And because first question is: why do you need this, I answer to this first: I have build few sites with suphp on the server and the logic is build over this, so there are tens of calls to session_start() and all php-processes are owned by some specific user. I have a getimage.php, which loads images, in some page there can be tens or hundreds of thumbnails on the same page (I want it this way!). Although I have 100M internet, the page loads slowly because of every call to getimage.php, new php-process is started. getimage.php uses sessions for restricting user access to specific images. I tested to create an Apache handler for php and use different file extension for this: getimage.apachephp. The speedup was huge! But the problem is that I have manually chmod the session file to allow apache-php-process to access the session file. And I thought that if chmod could be made automatically in every session file creation, the process becomes more meaningfull.


EDIT:
One possible solution is to use

session_save_path("0;666;/path/to/sessfile");
umask(0);
session_start();

Or if you want to avoid 666 and use a little more secure 660, both apache-user and suphp-user have to belong into same group eg. web and after session is created to change group of created session file to web. I selected 666 for simplicity.