General :: Outbound Http Connections Blocked
Nov 21, 2010
(centos 5.5 86*64 with cpanel) I am trying to set up a php script.
The script requires an outbound connection to project honeypot and when I go to the honeypot.php on my server I get an error asking if outbound connections are disabled.
They could be...I am not sure where to check, I have checked csf and outbound tcp is allowed on port 80, but I am not sure if I should be looking somewhere else.
Obviously I dont want to make the server insecure, so I am wondering how I can allow this outbound connection.
View 2 Replies
ADVERTISEMENT
Feb 28, 2011
I want to prevent code from making http connections to other, specific hosts. My understanding is this can be done in /etc/hosts.deny. What would that look like?
View 5 Replies
View Related
Oct 19, 2009
I'm having a problem that seems to plague a lot of people judging from my research on the web. I have a hosting provider that limits the number of incoming connections to the shared host to 50 per IP.
I have a single IP for outbound connections and I use Squid as a proxy server.
Lately I've tripped across the 50 connection limit frequently - and that's with only 1 user. It seems the problem is related to the performance you can get out of a desktop these days. Its not impossible to have several browsers open with several connections to different sites on the same server - and boom - locked out!
So it occurred to me that there must be some way to limit the number of outbound connections in the kernel - but I've not found it. I did find that Microsoft had been limiting the number of outbound connections in XP to 10 to address the virus problem, and I've found countless hosting complaints and dialog on the subject with no easy solution.
So my question is simply, does anyone know how to limit the number of OUTBOUND connections to a single IP in the kernel?
View 2 Replies
View Related
Jan 17, 2011
I have problem on VPS running opensuse. When I enable firewall outbound connections stop working. I have tried everything I know (not much when it comes to firewall (iptables)) but could not solve this.
Here is my ifconfig:
Code:
I used xxx.xxx.xxx.xxx to hide real address.
View 2 Replies
View Related
Aug 18, 2010
I am trying to use Bittornado with iptables via Firestarter. Previously, I had no problems, but now I have started using Firestarter, traffic is blocked. AIUI, after selecting the .torrent file, the client (me) connects to the tracker. In Firestarter, I see that my IP is trying to connect to various ports, all of which are blocked.I assumed the problem was that because Firestarter has a restrictive outbound traffic policy, that I needed to add Bittornado to it. So in Bittornado, I selected the acceptable ports as 10000-10010 (randomized), and then in Firestarter for the outbound policy I allowed those same ports.The inbound traffic policy has no rules. All traffic is permitted and I have a direct connection to the Internet (no NAT). I do not understand why, if I have selected the permissible outbound ports in Firestarter, and also selected those same ports in Bittornado, why connections between my IP and the tracker are blocked?
View 2 Replies
View Related
Jul 2, 2011
Recently My ISP provider blocked any kind of http proxies can be used in browsers. When I put my proxy settings in my browser, it keeps loading with no response. I've squid proxy running on my own server and worked fine before that modification.
View 3 Replies
View Related
Aug 3, 2011
I run ubuntu on home pc and am very happy with it. I use internet to surf and to see my email on gmail.com etc. What commands should I give to setup ufw firewall so that only this much is allowed? Also, where can I see if some other connections have been blocked?
View 9 Replies
View Related
Jun 2, 2011
I'm having an issue where a server in CA (1000/full) and in VA (100/full) have very lopsided data transfer.
CA -> VA with iperf shows ~20Mbps
VA -> CA with iperf shows ~93Mbps
If we change the CA server to 100/FULL, transfer speed is 93Mbps both ways.
Some tuning was done to TCP window scaling parameters, but it won't correct the issue, just improve the CA -> VA numbers to what is listed above. I will say, turning TCP window scaling OFF will lower the transfer speed both ways to < 20Mbps.
The only clue I have when looking at wireshark dumps is that the window scale going OUT would never go past 10240 (scale is 8, so 2^8 x 40bytes). In the opposite direction, the window size will go above 3MB (scaled).
It is not a bandwidth problem as iperf with UDP shows 93Mbps both ways. Local transfers (CA 1000/full to CA 100/full) show full speed both ways, so I feel it is strictly related to TCP window scaling.
RedHat 5 64-bit on both sides. Any ideas why it won't scale above 10240?
View 7 Replies
View Related
Feb 22, 2011
Looking at the results of both `lsof | grep IPv4` and `netstat -tp` I noticed that I have a lot of connections open from a program called 'gvfsd-http'.
Using google, I found that this was a Filesystem something from Gnome, that would also be used If I drag something from my browser to my desktop.
Though I wonder, how I activated it, because I didn't do that...
After a bit of searching, I noticed that `screenshots.debian.net` uses the same IP address as the one noted (hades.car.gr).
PING screenshots.debian.net (78.46.20.5) 56(84) bytes of data.
64 bytes from hades.car.gr (78.46.20.5): icmp_req=1 ttl=56 time=55.4 ms
Question: Do I have some tool enabled that maybe sends statistics to debian or so? Where to find it and kill it.
View 2 Replies
View Related
May 19, 2010
I have troubels with internet, on different Linux x64 systems on my laptop(Lenovo ThinkPad sl510), but if I load WindowsPE all is OK ( what coud it be? where to search?There is an hardwere firewall/nat/gateway in my local network, it allows only connections to dst ports tcp 80 (http), udp 53 (dns) and no frags, no icmp, deny in and etc. But Windows Internet (the same Firefox) works fine , and under Linux sites doesn't loding full or "connetion timed out"...But if I have can start downloading any file it would be downloaded full (I have downloaded DVD iso of SuSe)Dns throu nslookup responce not evry time...Decreasing of MTU to 1372 didn't help (( Deactivating ip v6 also....What coud it be? What is different betwin Windows and Linux in DNS clients is any alternative dns client in SuSe? Is the trouble only in DNS?
View 1 Replies
View Related
Dec 2, 2008
So we have DNS round robin set up for 4 servers. If we ping dns name (basically an alias) server_connect it resolves with different IP address in round robin format. I.E. x.x.x.1 x.x.x.2 for the 4 different server IP addresses. When we do nslookup server_connect it will come back first time as server1_connect server2_connect through server4_connect so the server is able to resolve through ping and nslookup resolving the initial dns name (alias) to the dns name associated in the round robin. Problem is when we try to connect with http or telnet it comes back host unrecognized. I can put one of the 4 round robin servers in /etc/hosts and it connects fine so I'm thinking that either one of three things.
1) ttl
2) It does double connection first to identify itself to the round robin server and then handshake but second time it hits for the handshake the IP and dns name is different than what it expected so it fails.
3) Since we are trying to telnet to dns alias and it is returning different dns name it fails.
2 and 3 seem most promising but now I'm at a stand still.Anyone else come across this issue and if so how did you resolve.
View 1 Replies
View Related
Oct 22, 2009
I've noticed that when I open firefox I get really strange HTTP and HTTPS connections showing up in firestarter (which as I understand it is just a GUI for IPtables). They connect to various bits of a site listed as 1e100.net (when you use "lookup hostnames") such as wy-in-f18.1e100.net, they stay connected all the time as far as I can see unless I close firefox. I've heard people say they are connected to Google, but I can close all tabs after loging out of google and still see them... it's very odd.
View 3 Replies
View Related
Dec 8, 2009
I need to log outbound (server -> remote) ssh traffic, but am unsure of the best way to do this.
I added this to iptables, but nothing is being written to the logs when I ssh from the server to another system.
iptables -A OUTPUT -m state --state NEW -j LOG --log-uid iptables-save
View 2 Replies
View Related
Aug 24, 2010
I wish to prevent some programs from "phoning home", and to allow other programs to access only specific web servers.Is there any way to interactively allow or decline outbound communication from individual programs on Ubuntu?
View 4 Replies
View Related
Mar 14, 2010
My setup is local install so I don't expect it to receive emails from the internet.However I do expect it to be able send messages to the internet, but it doesn't seem like it. I have tried setting up on FreeBSD before and it was able to do so but I wasn't involved in the setting of the machine though. I was just tasked to setup Horde
View 3 Replies
View Related
Feb 7, 2011
have a problem with my network-manager in ubuntu 10.10.when I dial one of my vpn connections, my other vpn connections be disabled and I can't use them!I tried to restart network-manager and gnome-panel, but it does't seem to solve this problem.
View 1 Replies
View Related
Sep 27, 2010
Using netcat, nc(1), craft a valid http/1.1 request for getting http headers (not the html file itself!) for the main index page of www dot aalto dot fi. What request method did you use? Which headers did you need to send to the server? What was the status code for the request? Which headers did the server return? Explain the purpose of each header.
nc -v www dot aalto dot fi 8080
HEAD / HTML/1.1
host: www dot aalto dot fi
And it returns:
200 OK
Content-Length: 858
Content-Type: text/html
Last-Modified: Thu, 02 Sep 2010 12:46:01 GMT
[Code]....
I really don't know what does it mean. Question 2: Using netcat, nc(1), start a bogus web server listening on the loopback interface port 8080. Verify with netstat(, that the server really is listening where it should be. Direct your browser to the bogus server and capture the User-Agent: header "Direct your browser to the bogus server and capture the User-Agent: header" I don't understand this question.
View 2 Replies
View Related
Aug 4, 2010
I installed Nagios on my Ubuntu 10.04 server using apt-get and when I accessed the web console, everything was OK. I made some changes to apache (creating some new virtual sites) and since then Nagios gives me a warning message for HTTP with the message, HTTP WARNING: HTTP/1.1 404 Not Found. The sites that I created are working perfectly. I noticed that the attemps are 4/4. Does this need to be reset or does Nagios automatically reset that once it detects the issue is resolved?
View 1 Replies
View Related
Jan 20, 2010
I get today a server with CentOS.. and someone told me to block access to port 22 for all IP's except my.. so I did
Code:
iptables -A INPUT -p tcp -s my_ip --dport 22 -j ACCEPT
and after
[code]...
View 7 Replies
View Related
Jan 21, 2011
Is it fair to say that connLimit and hashlimit are very similiar on Linux i.e. while hashlimit caters to limits for groups of ports, they both set the connection rate limit per host? How in IPTables, do I configure a policy that limits connections on a port that encapsulates the total sum of all connections from all hosts? i.e. I do not want to allow more than 6000conn/minute for port range that is the sum of all connecting hosts?
View 3 Replies
View Related
May 30, 2011
I recently installed Fedora 15 now, and during installation I set the internet connection manually, then did update and after reboot, the internet connection settings have been removed. Now I can not set because the network connection to the Internet Connection is inactive. I mention that before the update was functional internet connection.
View 5 Replies
View Related
Oct 4, 2010
I have a centos5.3 server. I want to configure it as transparent squid proxy server. Internet is connected to eth0(192.168.0.100) and lan is connected to eth1(192.168.200.0/24) and eth1 ip is 192.168.200.1 .
I have configured it as dhcp,squid and its working fine.
Now I want to configure it as a transparent,so that no one has to manually configure in browser.
I just added a line
Code:
http_port 3128 transparent
to make it transparent.
Now while adding nat rules,
Quote:
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128
code....
Internet is totally blocked on eth1. And after stopping the firewall the internet comes.
View 14 Replies
View Related
Mar 14, 2011
Looking at the output of netstat, I'm not seeing a definitive way to tell which torrent connections are clients reaching in to my machine vs my machine reaching out to the world. Is there a clear way to determine which is which?
View 1 Replies
View Related
Nov 7, 2010
I have internal-only email server that has internal BIND9 running. Thought it only has its IP address defined in /etc/resolv.conf, it is still resolving outside addresses.
View 2 Replies
View Related
May 26, 2010
I have just built an internal postfix server for sending mail only, it's not accessible outside our network. I will be sending from our domain, Rewriting the from field to abc.com is turned on in the postfix config. A friend is telling me this will not work as they will do reverse lookups on our domain. What does this mean? Obviously the domain the email is sent from is a valid domain. If they do a lookup from the IP the mail came from it would be global crossing, our internet provider? These outbound emails are critical client reports, I want to make sure they are not seen as spam.
View 1 Replies
View Related
Jul 24, 2011
I'm sending files to a remote server by way of FTP via a PHP script. With the firewall turned on these files are getting to the remote server with 0kb and the remote server is timing out before all the files are received. When the firewall is turned off the all files are received in tact. There are no outbound rules set in the iptables, looking for ideas on what to check next.
View 4 Replies
View Related
Jul 22, 2011
Is there a way I can count inbound/outbound mails for a particular user? I'm using sendmail as MTA and dovecot for POP3.
View 1 Replies
View Related
Aug 17, 2010
Is there a way to configure my interface to promisc mode and also make it not capture the "transmitted" packets. ?I mean, i want the interface in Promisc mode but only for inbound traffic.If there isnt any using ifconfig, can it be by configuring eth0 to promisc using ifconfig , and filtering outbound traffic from being captured using sockets or something ?
View 4 Replies
View Related
Apr 15, 2011
I understand the difference between Reject vs Drop for incoming traffic, but are there any differences between reject and drop for Outbound Traffic? Are there reasons to pick one over the other or are they functionally identical when talking about Outbound traffic?
View 6 Replies
View Related
Jul 23, 2011
What should I do to keep important files on my computer from being uploaded to the internet? Don't I need an outbound firewall to prevent this?
What causes my computer to send an outbound request to the internet that would result in files being uploaded from my computer onto the internet? I'm afraid to put anything of importance (like reports that I've written for work) onto a computer with internet access because I don't want them to be uploaded to the internet. I wouldn't upload them on purpose obviously, but I'm afraid it would happen without my knowledge because I don't know what I'm doing.
View 4 Replies
View Related
