I just set up a test CentOS 5.4 host to run the Freeswitch IP PBX. Although the process is up and running and I can connect to the host through SSH, none of the IP phones can connect to Freeswitch:
Does someone know if CentOS comes with a firewall by default that would allow SSH connections but nothing else? "ps aux" returned nothing that looked like a firewall process.
tell me the default runlevels in the firewall for the netfs service. I messed with it and rather than enable it, I would like to set it back to default.
View 4 Replies View RelatedAm I safe when surfing the web with default Firewall setting? Can My Computer be hacked when the firewall is in the default setting? I have no knowledge on configuring Firewalls
View 11 Replies View RelatedI am currently trying to make my computer as secure as it can possibly be. I am configuring the firewall to be restrictive by default, but I have some programs that are still unable to connect to the internet.
1. Pidgin Internet Messenger (I use AIM and MSN)
2. Skype
Is it safe to connect a computer running a freshly installed ubuntu desktop edition directly to the internet? Or do I need to actively configure a firewall before connecting it?
View 3 Replies View RelatedIm a long time windows user and just installed Ubuntu 9.10 and have heard that i dont need any antivirus or spyware program on it, also is the firewall enabled by default if there is one and last thing do you need to do things like disk clean and defrag if so how.
View 6 Replies View RelatedHow come FC11 is set by default to reset the IPTables firewall to ACCEPT across the board each restart?
View 4 Replies View RelatedI'm riding just a firewall. these are the processes running.
I want to remove scsi_eh_x processes, and I have only disk sata.
How do I remove these processes permanently?
I'm at my wits end at this point.
CentOS 5
iptables 1.4.1.1
APF 9.7
Webmin 1.4.80 (yes i can be a gui noob at times)
I'm currently running a dedicated server that hosts a couple of sites and runs a game server or two. I was using iptables on its own for a while, but recently I'm a target of all sorts of attacks (typically aimed directly at the gameserver on port 7777. UDP flood attacks, etc). I'm also seeing an spike in foreign spam, SSH brutes, and a few people in Turkey thought it would be cute to download files over and over and over I have decided to start banning entire countries, using the subnets listed here [URL]... I'm trying to block Central and South america (189,190,200,201.x.x.x), China, Ukraine, Turkey, Iran, Spain and Italy. I do this because a majority of the traffic from those areas are usually up to no good.
I installed APF so I could easily add these ranges in deny_hosts.rules and be done with it. I added the ranges, which turned out to be too many, and the system tanked. I decreased the amount of ranges to just 4:
189.0.0.0/8
190.0.0.0/8
200.0.0.0/8
201.0.0.0/8
Restarted APF and it loaded fine. Do an apf --list and iptables --list and it shows those 4 ranges as blocked. The only issue...I have people from 190.x and 200.x connecting to the gameserver and PLAYING. Its as if the firewall isnt there. Also, adding those ranges to /etc/hosts.deny (or whatever) doesn't block them either.
I add one of my own ips and I get blocked instantly. WTF?? I look in the iptables for webmin, and it shows an empty firewall. I do iptables --list and it shows the ranges I added in APF. I'm looking at building (or whatever its called) an fresh iptables with the geoip module added in. [URL]...
I've never done anything like this, and I don't want to kill the box. I also don't want to spend the effort if 1) something is wrong with my system to begin with and 2) the geoip module doesn't work. geoip module aside....how exactly should i configure the firewall? Empty iptables completely and then rely on APF for everything? Oh and heres another tidbit: I tried this before 2 years ago and it used to be that anything I put in APF would show when i looked at iptables using the webmin module. Thats no longer the case now. That was also on CentOS 4 when it did that. I don't know if moving to 5 is whats preventing it now.
In a nutshell, I'm new at this and I'm being inundated with terrible people trying to do terrible things and I'm ready to just give up. Can someone just give me a quick rundown on:
1) how to test that my firewall is actually firewalling
2) how I should configure the/a firewall on this CentOS5. Not too specific, I just want to know if I should empty iptables then load apf, should i not bother with APF (i like it when it works), is there a specific order of doing things?
I'm stuck at server with OpenNA installed, which has no relation with CentOS but If anyone knows GIPTABLES firewall to point me somewhere I can get configuring.I need to open 2 custom ports but I just can't get it to work.
View 2 Replies View RelatedI've got a home firewall setup running CentOs 5.2. It's got two wired interfaces: inside and out and I'm successfully using iptables to filter and nat traffic in and out as expected. Recently I've added an AirLink101 AWLH4030 wireless nic that is recognized as the AR5212/AR5213 chipset. It appears that I have everything configured properly and I've eradicated every error encountered so far. Currently, I have my ath0 interface up and essid set but am unable to connect or even see the AP from my laptop. Here is a metric shit ton of debug/output for any networking gurus to ponder over:
Ethernet Devices:
Code:
alias lsEth='lspci -v | grep "Ethernet" -A 7'
Code:
lsEth
01:09.0 Ethernet controller: VIA Technologies, Inc. VT6105 [Rhine-III] (rev 86)
Subsystem: D-Link System Inc Unknown device 1406
Flags: bus master, stepping, medium devsel, latency 64, IRQ 209
[code]...
I have centos with software firewall enable , but i want to set up hardware firewall can anybody guide how to install and configure hardware firewall in centos
View 3 Replies View Relatedhow to setup centos to act as router and firewall at our office i just installed the os now i dont know where to go from here i have all the isp adresses,dns and gateway any assistance coz am really interested in learning linux thanxs iused some instructions on this site [URL] and when i try the /sysctl.config on my terminal now i get the message permission denied
View 5 Replies View RelatedI have installed VMWare inside Windows Server 2003 and inside the VMWare I have Installed CentOS, I am successfully running a web server for local staff to access in this i use Webmin, mySQL, PHP.. my server is working normally.
Now I want to access the MySQL server from another WinXP PC (I have installed MYSQL ODBC 5.1 driver) to access the database to create ODBC connection, unfortunately I can not connect it says "Connection Failed: [HY000][MySQL][ODBC 5.1 Driver]Can't connect to MySQL server on '192.168.0.3' (10060)" I think this is firewall issue or its CentOS is not letting the connection to come in.
My host is blocking port 3960 which I need to use for an SVN server, they are telling me that I will have to install my own firewall. I've not done this before and am not sure of what to do or whether anything I can install will be enough protection.
View 2 Replies View RelatedI am running a centOS 5.5 server and can't synchronize with time servers via ntpd. My server sits behind a firewall with only port 80 open and I suspect this is the issue. Do I need to open other ports to connect to the time servers at [URL]?
View 4 Replies View RelatedSmall server running 5.3 - stock postfix configured to use Maildir. Dovecot configured but both pop and imap ports blocked by firewall. Access to mail is via Squirrelmail via https. Configured to virus scan via ClamAV. Works just fine. Now I want to add procmail filtering. So I create these two files - ~/.forward and ~/.procmailrc in my user home dir: "|exec /usr/bin/procmail -f- || exit 75 #mpeters"
View 1 Replies View RelatedI have just installed CentOS and it is working fine!I made a masquerade with the document there: I didn't used the script, because right now, I do not completely understand it, and obviously I am not modifying anything by leaving it like that.I was using Mandriva before and I am used to graphical tools My questions are:I add the following lines in my iptables:
[root@localhost ~]# service iptables stop
[root@localhost ~]# iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
[root@localhost ~]# service iptables save
[code]....
I suspect this is an initial configuration bug. All firewall logs seem to be going to all
three files. That causes a lot of clutter in the log files, and makes it difficult to see whether there are any serious problems being logged.
I am learning to setup firewall in my home for that i have selected four system(sys1,sys2....sys4) for testing .I have configured sys2 to act as a firewall with two NIC. sys3 and sys4 are inside the firewall . sys1 is not connected to firewall for testing purpose.
the IP assignments are follows :
sys1 : ( fedora, not connected to firewall i am thinking, But i am not sure )
IP : 192.168.2.1 ,
gateway : blank
dns1 : blank
dns2 : blank
sys2 firewall ,IPTABLES )
code....
what happened is that sys1(not connected to firewall) can ssh to sys4(connected,inside firewall),since the rules are written not to ssh form sys1 to sys4..
then I came to know whatever the request I give, It directly goes as sys1 --> sys4. Not as sys1-----> sys2(firewall)---> sys4 .and the firewall is not filtering and processing anything for both inbound and outbound (i think it's my mistake some where). the requests are directly going inside without firewall.
I'm trying to build firewall on Debian with 'Firewall Builder'. But it won't let me compile and run unless one interface is set as management. There are two interfaces on my computer: 'eth0' and 'lo'
I don't want to be able to configure firewall remotely, so could I use 'lo' as 'management interface'?
I'm using virtual network (NAT network) for my domU.When I change dom0's firewall setup, the domU will fail to connect to Internet anymore.So far, the only way to bring the network back is reboot dom0 !I try to restart service network and libvirtd on dom0 ... it doesn't work.How can I bring the domU network back without reboot dom0 ?
View 1 Replies View RelatedCan we use iptables as firewall instead of Juniper firewall
View 2 Replies View RelatedI am booting centos 5.4 on machine. The system hangs at line "Applying iptables firewall rules".Is there any way to skip starting iptables service during boot or disable it during boot so the system finally reboots.
View 1 Replies View RelatedI have a CentOS 5.4 box that I am trying to set up as an OpenVPN server. So I modified the firewall by running the following script:
#!/bin/bash
#
# the following rules will flush out any existing chains
[code].....
I need to set up my centOS computer as a firewall in my home network. Ive got 2 interfaces, eth0 and eth1. I want to allow and forward all traffic on eth0 and block all traffic on eth1 except ssh, ping(icmp) and DNS. How do I do this? Ive tried some editing in /etc/sysconfig/iptables but no luck.
View 1 Replies View RelatedI have a question about using taskset. I am using Core 2 Quad box. I set the default affinity to CPU 0, by doing the following:
Edit: /etc/rc.d/rc.sysinit
Addline: /bin/taskset -p 1 0
That has been working fine for me, but from searching the web, I found some suggestion about adding an additional line:
/bin/taskset -p 1 $$
What does that line do?
I checked the man page of taskset and some references for regular expression, and I couldn't find the explanation about the $ character. By the way, 0 for CPU 0, correct? I checked via htop and seemed to be correct...
I have installed samba 3.x on centos 5.x i wan to set default wallpaper for the users in my domain how it can be done.
View 1 Replies View RelatedI'm using CentOS 5.3, and I want to allow my samba server from selinux. I disabled my selinux and it works fine, but I want to keep my seline firewall on and want to allow other workstation to access my samba server.
View 8 Replies View RelatedI've noticed that on one of our servers apache is running on nice 19.Any idea where can I change it back to the default 15?I know I can change it on the apache startup script, but I thought it's probably better to change the default value that was probably changed somewhere.It is running as a service on startup.
View 1 Replies View Related