Fedora Security :: Access To Vds Blockage?
Apr 2, 2010
I use putty and plink through ssh to support some process on my vd server (fedora-7) at godaddy. When login with plink frequently (ones per 10 seconds for just few minutes a day), the server blocks my access everywhere (sftp, http, control panel) for about 10 minutes and resumes then.Customer Support told me they do not have any blocker but I see that my ip is blocked for these 10 min. meanwhile I can access everything there from other address.
View 7 Replies
ADVERTISEMENT
May 23, 2011
As of 5 days ago I lost connectivity on HTTP, SSH, and SIP to any international address expect within South Africa.I did contact the service provider and they told me that there are not blocking any ports and everything seems fine on their side. My server is been colocated on their network.Here are our diagnostics1) I can ping from the box to any address using IP and DNS2) I can ping from an international address to the box using IP and DNS.3) I CAN NOT access HTTP, SSH, SIP from any clients outside SA.3b) CAN access all ports within SA.4)NMAP[root@localhost ~]# nmap -T5 -sV localhostInteresting ports on localhost.localdomain (127.0.0.1):
Not shown: 1671 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 4.3 (protocol 2.0)
[code]....
View 1 Replies
View Related
Mar 15, 2010
I have connected a Windows 7 pc to a Ubuntu pc using a crossover cable & TCPIP. This works fine - can ping both ways and can 'see' both icons however when I try to setup the printer in Ubuntu the task fails at a prompt fpr user name - workgroup - password prompt. It tells me I must give a password to connect to the Windows box. This setup has worked when using WinXP but fails now. I have used all passwords known to me but nada. Where in the world is the Authentication dialogue originated? I'm both new to linux commands and loosing the will to live!
View 2 Replies
View Related
Jul 8, 2010
How can I display the IP addresses that have accessed my Fedora machine via SSH? In particular i want to know if they logged in and what they may have done while logged in.
View 2 Replies
View Related
Apr 7, 2010
I have 2 users: carol, carol2 and 2 files in /: filea, fileb. I want to carol has access only to filea and carol2 only to fileb. I need to do this with MLS (range). I dont want do this with levels because user that is higher has access to both files. How to do that?
View 13 Replies
View Related
Jul 27, 2011
I recently set up a web server at home, using a non-standard port, due to my ISP blocking 80. I just checked my log files, and I see a TON of entries indicating that a file was not found "proxy-1.php", "proxyheader.php", etc. I do not have these files, not intend to have them as part of my website. I did a whois looking by IP address for several of these, and they all seem to come from an ISP in China. Is there a way to BLOCK any IP address outside the US (that is somewhat simple to do?)
View 5 Replies
View Related
Dec 13, 2010
I have installed Bind 9 on a new Fedora machine:
Code:
[root@***]# rpm -q bind
bind-9.7.2-1.P3.fc13.i686
It was yum installed and all went well without error but I'm not able to access bind on port 53. Selinux is disabled for this test, and the iptables have been saved to the below config in the INPUT chain:
Code:
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere udp dpt:domain state NEW
[Code].....
View 6 Replies
View Related
Mar 19, 2009
I'm doing a research to protect my pc from physical access. What I'm facing here is that my company created a program for fedora 8 and plans to sell the unit away. We created a function where you can configure the program using any web browser from a network so we do not want anybody to have access to the fedora except for out personnel.
Based on my research, I've found [URL] this guide to protect people from accessing grub and single user. I am currently researching on preventing others to clone the harddisk. I would like to know if there are any other methods to prevent people from unauthorized access to fedora.
View 14 Replies
View Related
Oct 6, 2009
I'm currently running a dual boot (VistaFedora 11) system. I've noticed that the first time I access files on the Windows partition (via Nautilus GUI) I'm prompted for root access. However, on subsequent attempts to access the Windows partition I am NOT prompted for root access (even after I close/re-open Nautilus). My concern is that I'm leaving my root access "open".
View 4 Replies
View Related
Mar 24, 2011
I'm trying to find a file access honeypot for our Fedora server.That is, if a local file is accessed, it should notify someone. Plain and simple..
View 8 Replies
View Related
Dec 13, 2009
I've got two routers, 10.0.0.0/23 and 192.168.2.0/24, which are joined by a Linux box with interfaces eth0 (10.0.0.2) and ra0 (192.168.2.2). I've got masquerading for ra0, and a route to 192.168.2.0/24 on 10.0.0.0's router. I CAN ping hosts on 192.168.2.0 from 10.0.0.0 just fine, but I CANNOT access web pages.Strangely, If I enable masquerading on eth0, and add a route to 192.168.2.0s router to 10.0.0.0, I can ping AND access web pages from 192.168.2.0Here is my current iptables
Code:
*filter
:INPUT ACCEPT [0:0]
[code]...
View 14 Replies
View Related
Mar 6, 2010
I'm trying to setup ssh access on my Fedora 12 laptop. I get the following error message in /var/log/secure when I try to login from another machine using ssh and the login is denied:
Code:
sshd[3025]: error: Could not get shadow information for <user>
sshd[3025]: Failed password for <user> from <ip> port <port> ssh2
If I do a 'setenforce 0' I can login and no error is logged.
View 10 Replies
View Related
Mar 13, 2009
I went to print something and I get this message: Summary: SELinux is preventing access to files with the default label, default_t.
Detailed Description: SELinux permission checks on files labeled default_t are being denied. These files/directories have the default label on them. This can indicate a labeling problem, especially if the files being referred to are not top level directories. Any files/directories under standard system directories, /usr, /var. /dev, /tmp, ..., should not be labeled with the default label. The default label is for files/directories which do not have a label on a parent directory. So if you create a new directory in / you might legitimately get this label.
View 3 Replies
View Related
Mar 13, 2009
I am trying to give access to ONE single user to start and shutdown tomcat server. The problem being, when I enter syntax: username ALL= /etc/init.d/tomcat5, /usr/local/tomcat/webapps, PASSWD:ALL This gives the user access to start and stop tomcat but also gives user access to start and stop other services within /etc/init.d - such as httpd etc... What is the proper way to give user access to start and stop service, and limiting that power to only one service....
View 2 Replies
View Related
Aug 25, 2009
Does anybody know if there is a quick and easy way to simply disable samba security to avoid "Access Denied" errors when trying to access shares via Windows XP?
View 2 Replies
View Related
Mar 6, 2010
I happened to be looking at my Apache-2.2.8 log on an Ubuntu LTS 8.04.4 system, and noticed a few lines like this:
Code:
61.160.212.242 - - [06/Mar/2010:07:04:41 -0800] "GET http://218.30.115.246/ HTTP/1.1" 200 295 "-" "-"
61.160.212.242 - - [06/Mar/2010:07:05:29 -0800] "GET http://218.30.115.246/ HTTP/1.1" 200 295 "-" "-"
xxx.xxx.xxx.xxx - - [06/Mar/2010:07:56:15 -0800] "GET http://218.30.115.246/ HTTP/1.1" 400 290 "-" "-"
(The third line is me telnetting to the server and trying to issue the same request. Note that I got a 400 error response, while the guy coming from 61.160.212.242 got 200s. Also, if you just open the http://218.30.114.246/ URL, you get back "hello" (nothing else, just 5 characters). I'm presently putting together a bootable CD with chkrootkit to run on the machine. (I found a thread that mentioned in passing that this was related to PHP, which I have running on that Apache server, but my Google-fu isn't strong enough to track down the original thread.) (After checking with chkrootkit: nothing unusual found.)
View 10 Replies
View Related
Jun 15, 2010
I currently have a user on my Ubuntu server that I want to block completely from login. I know right now they login with SSH keys so they don't need to enter their SSH password. Can anyone tell me how to remove the SSH key login for their username and root user which I believe they use too and block SSH access alltogether.I will then just change the root SSH password.I'm terrified they will do some harm so I need them blocked out ASAP.
View 7 Replies
View Related
Mar 1, 2011
I am using Locked Lynx 10.04r1 on my
Pentium D 3.0GHz
512 RAM
[URL]
UPR does not access the HDD then from where am I getting Swap 245.3 MB in my System Monitor? Not only that it even uses it.
View 5 Replies
View Related
Jun 14, 2011
I am used to, on starting Ubuntu on my Netbook, being prompted with a password challenge to open my Keychain required to authenticate against the WPA enabled WiFi network.
Now, Ive recently installed Ubuntu on a desktop PC, along with some dev tools (Code::Blocks etc.) but it gives me a keychain access challenge about 4 times on startup. I can't seem to figure out which app is trying to (get my permission to) access my keychain, and for what Purpose.
(By contrast: on my Mac, when an application tries to open the keychain, the application, its certificate, and the search data of the matching key that will be accessed are all displayed making it much easier to determine what app is being naughty) How do I do simular diagnostics with Natty?
When I cancel these requests, nothing "breaks".
View 4 Replies
View Related
Feb 18, 2011
What's the best way in centos to block a user from accessing mysql. I don't want him to be able to run the mysql command, so just putting passwords up in mysql is not good enough. Mysql is running ad user=mysql, and i added the user in a different group by he is able to access mysql by typing in the command.
How can i block this command being availible for this user.
View 5 Replies
View Related
Jun 17, 2010
I am traveling outside US and trying to watch netflix from my computer.
However, it is blocked in my region. Is there a way to fake the IP address to looks like i am viewing the content from the US?
View 2 Replies
View Related
Apr 21, 2011
How can I enable passphrase along with the password for login via ssh ? In that whenever I login from server A to server B via ssh, it should ask me for a password and then passphrase to allow me access.
OR
Can we have multiple passwords to login via ssh ?My basic need is to have 2 levels of password.
View 6 Replies
View Related
Apr 20, 2009
One of our web servers has logged many of the same "setroubleshoot: SELinux is preventing the httpd from using potentially mislabeled files /boot (boot_t). For complete SELinux messages. run sealert -l e143c369-a72d-453e-84fe-6b62b7f05c5f" recently. This looks suspicious. We'd like to map these sealert to the httpd access log to see if there's any malicious activity. We added a '%P' option to the Apache combined logformat, so the httpd process id could be logged too. Then we grep'ed all the Apache access logs using the pid from the above sealert -l command. There are not many of them, so we can test them one by one.
Shockingly, none of the access served by the specified pid can repeat the same sealert.
The server was installed a Centos 5 (x86_64) and upgraded to the 5.3 version two days ago. The main components are as following:
Is there any other way we can try to find out the real access which triggered these alerts? The sealert -l output is attached.
View 12 Replies
View Related
Feb 17, 2010
When creating 10 samba users I also created Linux users. I do not want these Samba users to be able to use putty, winscp etc to access the server.
Do you know how I can restrict ssh access to specific users?
View 6 Replies
View Related
Mar 26, 2011
I just realized that I can access other users files and they can access my files simply by using the console to navigate the file system, Its not that big a deal, I am the only one using the computer but this seems like something is not configured correctly. Should each user be able to look at and modify each others files by default? (On Xubuntu 10)
View 7 Replies
View Related
Jan 18, 2010
I have installed an Ubuntu server and it running OK. Before making it a production server, I want to make sure one day if the OS corrupts accidentally, I can still access the users' files on the hard disk.
I burned a Ubuntu desktop live CD, and booted it with this machine. There are 2 hard disks on the server, both could be mounted automatically. However, I can only access some folders like lost+found.
The questions are:
1. how can I access the other folders, given I have the root password of the server.
2. is there a way to access all folders without knowing the users + passwords?
View 9 Replies
View Related
Jan 29, 2010
how i can remote access my pc at home from work ? on different pc that has access to INTERNET. what software shall I install on my pc at home ? I want to be able to install software on my pc at home from my work place, my home pc has unbuntu Linux ubuntu 2.6.31-17-generic #54-Ubuntu SMP Thu Dec 10 17:01:44 UTC 2009 x86_64 GNU/Linux
View 9 Replies
View Related
Mar 3, 2010
I am setting up a new ubuntu server, and I am quite new to linux. This server will be used as code repository for a project I am going to be working on. I plan to setup 3 groups for users: dev, test, doc
- for various developers, testers and documentation users.
I would like to setup the following permissions on the main code repository directory:
dev - write permission
test - execute permission
doc - read permission
public (anyone outside these groups) - deny all access
I am unsure what chmod setting to use, or if this is even possible in ubuntu.
View 2 Replies
View Related
Mar 12, 2010
To get my Thunderbird email to work and to do FTP to my website I have to use TERMINAL and enter the following code in Root;
iptables -F
At one point weeks ago I got Gufw and I don't remember if that had any effect.
View 2 Replies
View Related
May 4, 2010
I'm using Ubuntu x64 (dunno which version, but I don't think it matters) and I'm concerned about security with PHP.I remember using lighttpd and I had some mystic configuration and the secuirty was perfect for me - if one website gets hacked then the others are still safe (kinda).Now with apache2 if I enable safemode I'm still able to go outside web directory and actually I can go really far untill user/group matches.I tested the system with r57shell and I was able to mess up other websites.Is there a way to disallow access to other websites?
View 5 Replies
View Related
