Networking :: Packets Limiting - Blocks The Whole Port Instead Of Blocking Certain Hosts

Jun 13, 2010

I am currently having problems with my server. Its being DDOSed. I have a vps with Centos 64bit. The attack I want to block is udp flood. I was trying to do something like this: iptables -I INPUT -p udp --dport 123 -m limit --limit 40/s -j DROP but instead of blocking certain hosts it blocks the whole port and during the attack its unreachable. How to limit packets per host or any other way to protect from udp flood.

View 11 Replies


ADVERTISEMENT

Ubuntu Networking :: Ufw Blocking RST Packets When Rule Show Allow It?

Aug 30, 2010

I've setup ufw rules on my system but noticed that the rule i created to allow traffic from my local network is still dropping some RST packets.here's part of the output of dmesg

[43627.361500] [UFW BLOCK] IN=wlan0 OUT= MAC=00:16:ea:03:9c:3a:00:1f:a7:3d:d5:eb:08:00 SRC=192.168.0.4 DST=192.168.0.3 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=2210 PROTO=TCP SPT=59521 DPT=9000 WINDOW=0 RES=0x00 RST URGP=0

[code]....

View 3 Replies View Related

Networking :: Use Iptables In Order To Forward All The Incoming Packets For Port 5555 To Port 5556?

Apr 4, 2011

I'm trying to use iptables in order to forward all the incoming packets for port 5555 to port 5556 on the same server (192.168.2.101).

I wrote the following commands:

iptables -A PREROUTING -t nat -i any -p tcp --dport 5555 -j DNAT --to 192.168.2.101:5556
iptables -A FORWARD -p tcp -m state --state NEW -d 192.168.2.101 --dport 5556 -j ACCEPT

View 3 Replies View Related

Networking :: How Can We Make Port 110 And 25 Packets Pass?

Feb 22, 2011

I've a strange situation in my network: pcs gatewayed to another network, then a proxy, then a firewall.pcs --> router --> cloud --> router --> proxy --> switch <-- fw --> Internet(router, proxy and fw are alla connected by the switch)Some months ago the situation was: pcs --> router --> cloud --> router --> switch <-- fw --> Internet.There was a static route in the router that gatewayed the packets to the firewall, but that route has been deleted, and I cannot reinsert it because I've not access to the routers, so we have to use a proxy to go to Internet, and we have the configuration of all pcs (Windows XP) with the fields "proxy" filled.The proxy ha only one NIC gatewayed to the firewall, and Ubuntu and squid installed, but we have some problems:

1. we cannot use email, so how can we make port 110 and 25 packets pass?

2. squid seems to slow down, so can we uninstall it and route all the traffic directly to the firewall to speed up?

View 2 Replies View Related

Networking :: Proxy Is Blocking Radio Station Port?

Nov 7, 2010

In order to connect to the internet when i am at work i have to use a proxy server; the problem is that this proxy also blocks port xxxxx which is used by a internet radio station. Is there any way to be able to listen to that radio station?

View 5 Replies View Related

Ubuntu :: Ufw Blocking RST And ACK Packets When Rules Should Allow It

Aug 31, 2010

I've setup ufw rules on my system but noticed that the rule i created to allow traffic from my local network is still dropping some RST and ACK packets. here's part of the output of dmesg

[Code]...

View 7 Replies View Related

Networking :: UFW Blocking Synergy - Port 24800 Fully Open?

Feb 22, 2011

I'm having an issue with ufw and Synergy. I'm trying to run my Xubuntu 10.10 desktop as a server, and my Xubuntu 10.10 laptop as a client. I can do this just fine as long as I either: Have ufw enabled on my client but disabled on my server Have ufw disabled on both my client and my server I have no custom rules added to iptables on my client. On my server, however, I have tried the following rules:

$ ufw allow from 192.168.0.0/24 to any port 24800 $ ufw allow from 192.168.0.0/24

Neither of these configurations works. ufw on my server seems to block my client's requests regardless of having port 24800 fully open from any local connection, or just flat-out fully allowing any incoming local connection. I'm not sure why ufw seems to be ignoring the rules I'm creating, but as it stands right now, the only way I can connect the two is if I have ufw on my server disabled. And I have tried to ping the two machines; each machine can ping the other, even if ufw is running on both.

And I can ping the router, as well, from both machines. Any ideas on where to go from here to troubleshoot? I should probably also add that I am using the same configuration file that I do on vanilla Ubuntu (with updated host names, of course), and I have no problems in Ubuntu. This seems to be specific to ufw and my Xubuntu desktop. I can paste the code for my server's configuration file, if desired.

View 1 Replies View Related

Debian :: Blocking Hosts - IP Range Access

Sep 3, 2011

How would one block an IP range access to a Debian-based Linux system for say 47.1.1.1. - 48.255.255.255? Would it be with the hosts.deny file? If so, how would it be written in the file? Also, would the system require being restarted for the changes to take effect, after writing to the file?

View 14 Replies View Related

Networking :: Firewall - Allow Packets Coming From Internet After Authenticating And To By Pass Packets Generated From Internal LAN?

Feb 8, 2010

i have a linux server runnig oracle applications. i need to access this server from putty using ssh through internet. i did by registering my static ip with the dnydns.org and i am able to connect to the server. but now there is no security to authenticate any user as any one knowing the password can login to it.

i thought of configuring the firewall of linux server but the client ip`s are not static and they change continiously. so thought of keeping one more pc between the server and the router which will do the work of authenticating. but i am confuse as how to configure it to allow the packets coming from the internet after authenticating and to by pass the packets generated from internal LAN?

View 8 Replies View Related

Programming :: Write A Program In C That Can Sniff Packets From Ethernet And Distinguish RTP Packets From Non-RTP Packets?

Aug 30, 2010

i need to write a program in c that can sniff packets from Ethernet and distinguish RTP packets from Non-RTP packets, i have no idea what should i do

View 9 Replies View Related

Ubuntu :: ISP - Cox - Is Blocking Port 80

Jun 7, 2011

My ISP (Cox) is blocking port 80 and I would like to know if there is a way to open it again. I am to taking about 8080, 8000 or 81 I want to use 80 so I can host my website and every one can access it without the need to put [url]:[PORT] at the URL

View 2 Replies View Related

Ubuntu Networking :: Proxy Settings: Allowed Hosts Instead Of Ignored Hosts

Aug 17, 2011

Well, as many proxy applications, GNOME Network Proxy Preferences only allow to ignore hosts. What I want to do is exactly the opposite. I only want to use the proxy for few sites. Is it possible to define only the allowed hosts in any way?

PS: I know FoxyProxy add-on for Firefox does this, but 1)I don't use Firefox and 2)I want the proxy settings system wide not only for browser.

View 9 Replies View Related

Ubuntu Security :: Ufw Is Blocking Some Port 80 And Should Not?

Apr 15, 2011

I have the default to deny all. The only rule I have in there is:

Code:
To Action From
-- ------ ----

[code]....

View 4 Replies View Related

Ubuntu Servers :: Cox Cable Blocking Port 80?

Jan 30, 2010

So first off, it probably seems this question has been asked thousands of times before. but I did do a search, mostly archived posts that ended up being something other than a true ip blocking of the port. [URL]..

So my port 80 is truly blocked. Ive tried setting up the port forwarding on my router, Ive tried manually allowing all traffic on port 80 through ip tables. Ive even dabbled with setting up something like openDNS to see So far nothing, Im only available on my local network.

There has to be some way to do a redirect though. even something as simple as an htaccess file redirecting [URL].. xxxx (the space is there to avoid my url being interrupted by a smiley

View 4 Replies View Related

Ubuntu Servers :: X64 Blocking Port 80 (HTTP)

Oct 5, 2010

I have Ubuntu Server (x64) installed on my box with Apache2 and Squid. For awahile port 80 (http) was fine, I could update packages and use wget. Then one random day port 80 became blocked for incoming traffic. I couldn't use apt-get and had to change to an ftp mirror to update. Also wget is not working.

View 3 Replies View Related

Debian :: Forwarding TCP Packets - Redirect Also The Port 443 (HTTPS)

Mar 16, 2011

This is where it starts: I have 2 networks. The first: 192.168.1.0/24 composed by the router which has access to the internet with the IP 192.168.1 and the server (who is a gateway) with the IP 192.168.1.42 The other network: 192.168.2.0/24 composed by the gateway with the IP 192.168.2.1 and the clients (on the 192.168.2.0/24 subnet). To sum up, the gateway has 2 IPs (192.168.1.4(eth0) and 192.168.2.1(eth1)). On this gateway, I have squid installed (and listening on port 3128). I also made a redirection to redirect some computers who want to access to the web (port 80) to squid (port 3128) with this command: /sbin/iptables -t nat -A PREROUTING -m mac --mac-source CLIENT_MAC -p tcp -m tcp --dport 80 -j REDIRECT --to-port 3128

At this stage, everything works fine. The clients can access the web by the proxy without "knowing". What I wanted to do, is redirect also the port 443 (HTTPS). Actually, when a client wants to access to, for example, [URL]. He cannot. So I would want to be able to redirect people (without passing by any proxy) directly to google. Like a NAT. But the problem is that I can't. The thing would be to, in the gateway, take all the packets with port 443 in destination and handle them to the router 192.168.1.1. Then, when the router sends the packet back, the gateway takes the packet and handles it to the client. I tried putting ip_forward to 1, but the problem is that all IPs and ALL PORTS are forwarded. And I just want port 443 to be forwarded.

View 4 Replies View Related

General :: Capture Packets With WireShark On 2 Port Ranges?

Jul 3, 2010

I'm trying to capture packets with WireShark on 2 port ranges.

This syntax is not working :

Quote:

bash-3.2# /usr/sbin/tcpdump -ttttvv udp portrange 8500-8600 and portrange 5060-5070

There is no output...

What is the correct syntax for defining multiple port ranges ??

View 4 Replies View Related

Hardware :: Opensuse 11 Machine Cloned With Dd, With Serial Port Blocking?

Feb 23, 2010

I have cloned an embedded system that runs Opensuse 11 x86 using dd. The embedded system uses a simple serial device, by writing to the relevant device file (/dev/ttyS2, usually). Curiously, when I write to the same serial device on the newly cloned system (which, incidentally, has almost identical hardware), thusly:

echo hello > /dev/ttyS2 the command blocks for up to a minute, before finally returning without making the hardware do anything. I can boot into Opensuse's rescue system on the clone and successfully do exactly the same thing, as I can when I boot the original's "identical" operating system. Why might this problem occur? What can I do about it?

View 2 Replies View Related

Security :: Debian 6: Iptables Blocking Certain IP Ranges On A Certain Port Range?

May 16, 2011

I am currently running Debian 6. I would like to know if there is a way and how i would go about blocking a certain IP range from connecting to my server within a certain port range. Say for example.

i want to block ip range 123.123.123.* from connecting to my server on the ports 33000 - 43000. But, i want to allow them to connect on any other port range, and i want to be able to allow connections from my server to the blocked ip range on those same ports. so, blocking incoming only on the above port range.

using iptables.

View 1 Replies View Related

Security :: IPtables Port 25 Connection Limit Without Blocking Barracudas

Jan 11, 2011

I am at a loss how to prevent Denial of Service attacks to port 25 and not block legitimate connections from 2 Barracuda 800(s) and block smart phones such as iPhones/Blackberrys/iPhones that use the server smtp.server.com for email.
Presently for port 25
RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT

The 2 Barracuda 800(s) make port 25 connections all the time, plus users with smart_phones have the incoming server type:
IMAP
pop.server.com
smtp.server.com

Is there a way to keep Denial of Service attacks from happening with iptables rules without causing blocking to the Barracuda(s) that make constant port 25 connections & smart phones that poll? I was thinking if I allowed the Barracuda(s) in these lines
-s (barracuda)24.xx.xx.xx -d (emailserver)24.00.xx.xx -p tcp -m tcp --dport 25 -m state --state NEW -j ACCEPT

Where the source would be the Barracuda going to the email server. It would be allowed, then I am left with how to allow other connections like Smart_Phones that connect via Port 25. I am thinking if I put rules in place doing connection counts in a minute it would result in errors connecting to the server and people would start complaining. Plus any limiting may result in blocking real traffic. Then would I need to allow the ISP range in the above example to accept port 25, I am still left with how to drop a flood/denial of service attack.

View 4 Replies View Related

Ubuntu Security :: Odd Port Scanning Results - 646 - Dropping Packets

Jun 6, 2010

I was testing the security of my Ubuntu 10.04 64bit install by running a port scan from [URL] and I came upon some odd results. It appears that basically all my ports are closed, but only Port 646 is dropping packets silently. Furthermore, Port 80 is open.

View 5 Replies View Related

Ubuntu Security :: Drop Igmp Port 0 Packets With Iptables Rule?

Jan 3, 2011

how can i drop igmp port 0 packets with iptables rule? my log file is full of this router advertisement.

View 2 Replies View Related

Programming :: Get Data From Serial Port Function Read() Blocks When Data Not Available?

Jun 11, 2009

I am using read() in c++ to get data from a serial port. However, if no data is available on the serial port the function blocks until dta arrives.Example code:

//------------------------------------------------------------
char m_readBuffer[255] = {0};
char* p_curChar = m_readBuffer;

[code]...

View 1 Replies View Related

Fedora Networking :: Port Redirect, I.e. Whatever Comes Through Whatever Interface On Port AAAA Will Get Redirected To Port BBBB?

Feb 18, 2010

I want to do a simple port redirect, i.e. whatever comes trough whatever interface on port AAAA will get redirected to port BBBBI thought that iptables -t nat -I PREROUTING --source 0/0 --destination 0/0 -p tcp --dport AAAA -j REDIRECT --to-ports BBBBhowever it doesn't work, e.g. nc -v -w2 -z localhost AAAA gives:

nc: connect to localhost port AAAA (tcp) failed: Connection refused
while
nc -v -w2 -z localhost BBBB

[code]....

View 10 Replies View Related

Networking :: Limiting Bandwith From 2 ISP With Using One Server

Feb 21, 2011

I have 2 ISP where give me IP Public with ISP A (/29) and ISP B (/28). So, I connect this two ISP to unmanaged switch. And from that switch, I take one cable connected to eth0 on the server. (Note : My server have 2 dev ethernet, eth0 and eth1). eth1 will go to the Switch which will go to the LAN.

My Question is : 1. Is this possible to make bandwith control on the gateway server with mode separating International bandwith and local bandwith (my country bandwith)? ie, for my Mail Server I will give the "intl bandwith" only 512 kpbs and for local bandwith with 1Mbps. What a software can I use for this model ?

2. Which model I should to used, with NAT or with Bridging router? That's all for now..

View 5 Replies View Related

Networking :: Limiting Bandwidth Per IP In Ubuntu

Apr 12, 2010

You may have seen some other posts by me about my final year college project. Im implementing a web based network management website. Iv got a lot of the functionality working at this stage but one part is allocating bandwidth.

Iv got an eircom 3mb broadband connection and I want to be able to split this between users. At the moment I only have my desktop and laptop on the network. Im looking for advice on how i can allocate bandwidth with iptables and/or the tc tool in ubuntu.

My website is on an ubuntu virtual machine and written in php. Whatever about running the iptables and tc commands from php I still need to figure out the actual commands i need to use in the first place.

View 14 Replies View Related

Networking :: Kernel - Forward Packets From Eth0 To Eth1 And Eth1-to Eth0 As Well As Get A Copy Of These Packets For Analysis

Sep 27, 2010

I have a hardware device with two ethernet ports, eth0 and eth1 running Centos 5. Basically my goal is to forward packets from eth0->eth1 and eth1->eth0 as well as get a copy of these packets for analysis. If I set IP routing to do the forwarding then I won't get a copy of the packets for analysis.

View 3 Replies View Related

Ubuntu Networking :: Limiting When The Internet Can Be Accessed

Nov 30, 2010

I have a teenage daughter that understands Ubuntu, but not so much the terminal, and she does not know the superuser password. Unfortunately, she regularly goes on the Internet during the nighttime and in the early morning. What I am attempting to do is prevent anyone from going onto the Internet during the night (11 PM - 5:30 AM) unless they know the superuser password or a fair bit about the terminal.

I have already tried some commands, however all of them can be bypassed by restarting the computer. ex. sudo ifconfig eth0 down

For additional information on my Internet:

My Internet connection is relatively slow, so I would prefer if the solution does not hinder it any further. It is slow because there is no high-speed in my area, and I am forced to use Xplorenet -> "Fixed Wireless". I do not have a router.

View 9 Replies View Related

Networking :: DHCP Offers Not Being Limiting To Specified Vlan Interface On Debian?

Jun 25, 2010

I have configured dhcp3-server on my debian box and I'm wanting to offer dhcp on one of the vlan interfaces. The dhcp is functioning but when I test applying it to a different vlan, the original PC can still get an IP. For example: eth1 has vlan100 and vlan200. Our managed switch has the ports configured such the pc1 is on vlan100 and pc2 is on vlan2. This works fine and I can inter-route between vlans with static IPs. Our dhcp config is currently set as:

ping-check true;
ddns-update-style none;
default-lease-time 21600;
max-lease-time 86400;
INTERFACES="vlan100";
authoritative;

[code]....

View 2 Replies View Related

Networking :: Limiting Sshfs Access To Specific Directory / Tunneling Nfs Over Ssh

Jan 22, 2010

I have a server with a /data/ directory, everything in the /data/ folder has "-rwxrw-rw- 1 root root" permissions.all works fine, multiple users are mounting this over a lan and everyone is able to modify files. However I would like to be able to access the /data/music/ directory from the internet.

Is it possible to configure sshfs to only accept logins from a user restricted to reading the /data/music directory, or would it be possible to tunnel nfs over ssh in such a way that everyone on the lan 192.168.0.xxx has unrestricted access to the data directory, but something coming from outside only has read access to the music directory. Although is one were tunneling nfs over ssh, the nfs mount request would appear to come from the server itself. The router is at 192.168.0.1 and the server is at 192.168.0.3.This Seems very much like what I want to do, however I'm having a bit of trouble getting this to work well with other users mounting with full rights over the lan too.

View 5 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved