I've a server in an European data center, My server is receiving a lot of UDP Netbios Boradcast packets (I've sniffed them via tcpdump )
I've block the sender IP via iptables but tcpdump again shows the packets that are receiving.
an example tcpdump output 16:35:25.829592 IP SENDER-IP.netbios-ns > MY-SERVER-IP.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
How can I block those broadcast packets?
i have an isolated LAN (no connection to outside) with 3 fedora boxes. Suppose one of the boxes has an IP device connected to the serial port. We use SLIP and slattach to configure it and we can ping the device from every fedora boxes. Is it possible to bring the external device (192.168.1.9) to the set of LAN devices that receive LAN broadcasts?
box 1: 192.168.1.1
box 2: 192.168.1.2
box 3: 192.168.1.3.
It runs slattach and uses 192.168.1.9 to address serial connected ip device. I set up this scenario and the external device is ping(ed) with success but if I build a socket udp program that sends a broadcast to the LAN all the fedora boxes receive it except the external serial device. Why.
At the CLI, I want to know how to get a netbios name from an IP address. It seems that every solution that I have found is windows based, or requires me to install something beyond samba. is a simple "prog-x -somearg 192.168.1.100" or similar to get the netbios name - and that it doesn't require a reconfiguration of my server?
For instance, I would like this to be usable on a desktop system in an ad hoc without having to be run from root.
I have been beating my brains out the last few days trying to get my linux box to ping my Pc's via the netbios name. (ping pc_name) I have read post after post with no luck at all. What i do know is that my pc's can ping the linux box via netbios name with no problem. Samba works from the pc's but not the other way around. I have added wins to my host in the nsswitch.conf fileMy smb.conf file:Quote:
global]
workgroup = OFFICE
server string = Samba Server Version %v
[code]....
I'm having some trouble addressing computers by name. I've just upgraded most my my box's to Lucid, and it was all working fine, but suddenly stopped - not quite sure why, or what I did, but I need it to come back! At first I thought it was my old router dying (which it was) but a new router hasn't helped.
I've now moved DHCP from the router to my server, and that's working fine, giving out static IPs from MAC addresses, and so forth, but I still can't address anything by name. My server is on 192.168.100.1 and called myth-server, if I
[Code]....
In recent days, (today is September 18, 2010) I've been surfing the web trying to learn how to access nodes in my soho lan by netbios names instead of having to connect through the ip number, because ip's change every time according to DHCP assignments. I do not know what has happened to the "new" command mount.cifs, but things seem to have become a bit more complicated with the new version. Security problems, they say, and surely that's the reason.
I show here an automated way of loging into servers by netbios name instead of having to resort to the use of IP numbers, hosts files, wins servers and all that jazz. This is especially useful if your soho lan have five or more network nodes, and you do not want to go finding out the ip numbers assigned to the machines you want to connect to (temporarily or permanently).
This output is piped to gawk to isolate the line containing <00>, and gawk outputs the first element (print $1) of that line, which happens to be the ip of the server ServerName. I tested the script in my soho network, which now has Linux, Windows XP and Windows 7 nodes, and it worked perfectly for both tipes of servers.I'm using GNU's gawk, but I'm pretty sure that awk would do the job just as well.
Givens
LAN
CentOS 5.5
Windows 7 machine (hostname/NETBIOS name: AwesomePC, LAN IP: 192.168.1.20)
Workgroup: Cake
No WINS server
No Domain
No AD
Goal
From CentOS 5.5, have
# ping AwesomePC
resolve to a ping on 192.168.1.20
Problem
# ping AwesomePC
resolves to some random public IP that seems to be coming from my WAN DNS (openDNS) servers
ATTEMPTS
Have edited /etc/nsswitch.conf, edited line: hosts: files wins dns Have edited /etc/resolv.conf, added line: search CAKE Have installed samba (# yum install samba) and run (# service smb start), with /etc/samba/smb.conf, workgroup = CAKE, name resolve order = wins host lmhosts bcast
Does # ping even care about samba? How can I get this to work?
I am on a 172.16.x.x network with about 60 Windows XP home and Vista home clients in a peer-to-peer workgroup that uses DHCP to assign addresses. About half the traffic on my LAN is netbios broadcast. I do not want to do a WINS server because I do not want to have to manually change the registry on every machine. This is only for local name resolution and I do not have any web servers or e-mail servers. I do not have access to a Windows server to use as a DNS server. I am on Debian and using BIND but am open to other suggestions.
View 1 Replies View RelatedI have a fileserver that I want to share out samba shares. However, i configured samba to have another netbios (SAN) and my windows box still sees whoopn-SAN which is the name I gave to my server when i installed it. Now I am using 9.10 and I know that i can create a share from the gnome gui in nautilus and that appears to be a windows like share. How can I turn OFF the windows like shares that ubuntu does out of the box and use ONLY samba? I ask because there appears to be a conflict of permissions b/w samba and this stuff.
View 7 Replies View RelatedI'm fairly new to Ubuntu and having problems with my web cam. I have Karmic and the Creative Live Optia cam. The cam works fine on Cheese and Skype. I would like to do an online broadcast through Justin tv (nothing dirty, just me working) but the website isn't picking up on the cam. Is there anything I can do?
View 1 Replies View RelatedI am currently trying to compile mpeg4ip on F12 in order to do live broadcasts using Mp4live (a real-time encoding tool which mpeg4ip provides). The idea is to use mpeg4ip as broadcast software for Darwin Streaming Server which i am already running (v. 6.0.3 ) and streaming pre-recorded media. So i use the command
Code:
./bootstrap
which eventually tells me that
Code:
Mp4live encoder report:
ffmpeg encoder is installed
xvid encoder is installed
*** x264 encoder is not installed
[Code]....
I'm having trouble getting my debian box to find my windows box. This should be possible using netbios names.
The debian box is a newly installed minimal (nothing but base) release, to which I've added samba (using apt-get).
The windows box can see the debuan box just fine. Attempting to ping it by name results with:
Pinging debbox [192.168.1.100] with 32 bytes of data: ...
But going back the other way, the debian box can't see the windows box.
ping: unknown host winbox
I'm pretty happy that the windows box is behaving itself as there are no problems getting it to interact with other windows machines on the network.
Looking on google, the suggestion is to modify the host line in /etc/nsswitch.conf to include wins: hosts: files dns [b]wins[/b]
This worked on other linux machines in the past but not this time.
So my guess it that I've got SAMBA mis-configured or I'm missing a package.
Does anyone know how to configure Fedora 12 to use netbios over an OpenVPN network
putting
hosts: files wins dns
into the nsswitch.conf file enable netbios over the LAN but not over the VPN.
I have these two ports open for some reason. netstat says they're attached to 'smbd', but when I look at packages installed and search for smbd the only thing that comes up is samba4 which is NOT installed.
I'm guessing some other package installed this as a dependency. Is there anyway to find out what it was and remove it?
If you're running samba server on your Slackware box on a windows network / domain, and you don't want it showing up on the windows computers network neighborhood browser, there's a couple of things you have to do. First, add the line:
disable netbios = yes to the global section of smb.conf. This didn't work for me so I also figured out the next step:
Second, edit the rc.samba script and remove the references to starting or restarting nmbd.
In this line: if [ -x /usr/sbin/smbd -a -x /usr/sbin/nmbd -a -r /etc/samba/smb.conf ]; then
Remove the reference to nmbd (underlined above) so it looks like this:
if [ -x /usr/sbin/smbd -a -r /etc/samba/smb.conf ]; then
Then comment out with a # this part: #echo " /usr/sbin/nmbd -D" # /usr/sbin/nmbd -D
and add a comment # mark here (right before nmbd)
samba_stop() {
killall smbd # nmbd
underlined above, then restart samba or reboot. The first step may not be necessary if you make the changes to rc.samba but I did both and that took care of it.
I've had my FC11 x86_64 installation up and running for 6 months. Until a week ago, I was able to mount windows shares through Nautilis using their netbios names. About a week ago, this all broke with no tinkering on my part. Now, I can mount the shares using the IP address, but not using the netbios name.
When I make he attempt either from scratch or by using a previously working bookmark, I get "cannot display location "smb:\..." When I browse the network using Nautilis I can see the workgroup, but when I try to open it, I get "unable to mount location. Failed to retrieve share list from server." When I use nmblookup with the netbios name, the correct ip adress is returned.
The problem seemed to correspond to a software update that occurred on 2009-11-21 that included updates to selinux-policy and selinux-policy-targeted. SE Linux has the System Default Enforcing Mode set to disabled. The system default policy type is set to targeted with no other options available.nsswitch.conf file appears to have been changed on the same date, but reverting back to the backup version of the file failed to solve the problem. Samba is up and running. My linux shares are accessible from my windows boxes. The firewall is open to smb and smbclient.
using layer 7 filtering how to block the ftp packets?..
In My router i am going to add a below rule.... iptables -A OUTPUT -m layer7 --l7proto tcp --dport 20 -j DROP
above statement will it work in my router?.
I need to block some websites and torrents on my LAN running on mostly WIndows XP pcs and a Windows 2008 domain controller. It's possible to block some sites using DNS in Windows Domain controller, but users have the rights to change DNS and bypass the rule. Editing HOSTS file doesn't workThen I tried using Avast antivirus Site Block feature, but that doesn't work on any browser except Mozilla. We have to use Epic and Mozilla Firefox.We can't use a dedicated hardware firewall due to budget constraints and the fact that we have multiple ADSL lines for internet. No single gateway.
View 7 Replies View RelatedI was following the directions over on the page How to watch Hulu overseas without a proxy server and got to the section about blocking ports, which I need to block port 1935. I figured this would be easy, as the mac instructions are
Code:
sudo ipfw add 0 deny tcp from any to any 1935
sudo ipfw add 0 deny udp from any to any 1935
and the Windows instructions are practically a book in itself. Since this page was lacking instructions on how to do it in Ubuntu, and ipfw seemingly doesn't exist in Ubuntu, how do I block the ports
Can you show me how to block a domain from local access through URL Filter?ay be an example is a very good start.
View 10 Replies View Relatedin my office i have to block all messenger like yahoo messenger, windows live messenger, i have to block websites like www.yahoo.com, some more web sites. i need guidance through which i can accomplish this task through ip tables or through squid server. i can use squid but i had heard that squid blocks pop and smtp also. squid creates some problem in receiving and sending email. i am using red hat linux 4 box and installed squid having two ethernet card 1 is connected to adsl line and 2 is connected to switch. all clients will have proxy address of this linux box. guys need ur help ASAP.
View 2 Replies View Relatedhow to block multiples ports from my internal lan going out to the internet?, I want to prevent LAN user's in accessing this kind of ports for example port from 1500-10000.
im making a personal firewall script, im just testing it for just curiositie's sake.
will i use the foreward chain policy?? to drop all packets, like port 1500:10000
note '#' stands for root
#iptables -A FORWARD -s 192.168.0.1/24 -p tcp --dport 1500:10000 -j DROP
#iptables -A FORWARD -s 192.168.0.1/24 -p udp --dport 1500:10000 -j DROP
Just wondering if it is possible to block web access on a certain ip address with iptables.
Iv seen guides for blocking web traffic on a whole network but i want to just block a single host from accessing the web.
I am using Squid as a proxy server red hat Linux.I want to block some specific web sites like facebook,..... under squid .Please guide me that how can i do it and under which header should i write the script ?
View 14 Replies View RelatedI have a server with slackware 12 and i try to block 2 web sites but without success. I write in iptables rules /etc/iptables.conf
iptables -A INPUT -s web.org -j DROP
iptables -A OUTPUT -d web.org -j DROP
but no effect. What rule i must write to block url`s?
I have One Server which is having IP 10.176.0.155. I want that client 10.176.0.135 is not able to ping this server only & cane it is possible to block through hosts.
View 1 Replies View RelatedI have a Thomson TG782T, I live with 2 people, I don't want one of them using my internet as i never see any money for it, I don't want to change the WPA, Is there anyway i can just block the one laptop?
View 9 Replies View RelatedI want to use iptables to automatically block all IP addresses who send UDP packets with length 11 more than 3 times per 10 seconds.
View 1 Replies View RelatedRecently I discovered that we were accidentally running a POP server (port 110), when we only should have been running the encrypted version thereof (port 995). This wouldn't have been a problem if the port was blocked in the first place. I had wrongly assumed that any port NOT specifically listed in one's firewall rules (CentOS 5 with default iptables installation) would be blocked. I thought you had to add a rule to /etc/sysconfig/iptables in order to open up a port. Apparently this is NOT the case. So is it true that if I install some random software that starts listening on any number of ports that I have not specifically mentioned in /etc/sysconfig/iptables that it will not be blocked - it will work right away?
Anyway, I guess two questions:
1) What's a generic way to block a specific port? I use rules like this to "open" ports (although is this not needed if they're open anyway?)
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 995 -j ACCEPT
What's the analog of this kind of rule to *block* a port?
2) Is there a better way to configure iptables to block all ports that are not mentioned in its configuration? Is that dangerous? (will it block things that I don't want to block?)
I want to block yahoo, skype IM program with a schedule.Just unblock from 10AM - 2PM and 3PM - 5PM everyday.I tried block from router, but it's not block completely and haven't schedule function.I found that a firewall (Iptables and ISA) can do that. Have anything else can? Can anyone give me some advises
View 3 Replies View Related