Networking :: Transparently And Securely Identifying Clients On A Network?
Dec 12, 2009
following on from [URL] I was having a little think about how to make this concept more secure. its easy enough to separate known and unknown clients out via MAC address. but that system is easier to break than it is to set up either, sniff out a mac address already connected to the system, and spoof that address.or, more simply, set a static IP on your wifi device, and avoid the redirection completely. so, is anyone aware of a relatively straight forward setup that would allow me to identify clients on my network without relying on MAC address, would more forcefully separate out known and unknown hosts (vlan??). As well as doing so without alerting them to the fact, and without requiring known hosts to do anything special, or install software. Or requiring any more hardware than I have already. (hardware = a debian box with 2 NIC's acting as a gateway between all internal network, and the billion router which handles the outside world not getting in, and a WAP attached to the internal side of the network. also somewhere I have a wifi card that I could attach to the server to replace the AP) I assume some sort of authentication mechanism is required, but I dont know much more past that.
View 2 Replies
ADVERTISEMENT
Feb 4, 2010
Starting from January, my Internet connection has become "unstable". I mean that I get occasional interruptions of the connection. This is particularly annoying while listening to a webradio or using voip. Of course, prior to January 2010, I could stay hours or days without interruptions. Now, I have to reconnect manually every 5 min to the service although the reconnection to the ISP is done immediately. So, before I take my axe and visit the office of my ISP, I would like identify where is that connection drop happening. Is it at my pc? at the ADSL modem/router? or the ISP? I use a wireless connection with WPA to my router. Then, the router is basically an ADSL modem. I am running Kubuntu locally. How can I follow up on the network status between different elements and see who is cutting off my connection?
View 1 Replies
View Related
Dec 23, 2008
I boot linux off a USB stick on many different computers with different hardware. How can I determine in a script which devices eth0, eth1, wlan0 exist and which hardware devices they apply too? Sometimes a wireless card is wlan0, other times it is eth1 or even eth3! The proc/net/dev file does not inidicate which hardware is installed.
View 2 Replies
View Related
Aug 6, 2010
How can you use swat securely from a securely location?
View 1 Replies
View Related
Jul 7, 2011
My company requires a proxy server that requires a manual configuration to use. Many Ubuntu apps, however, do not respect the HTTP proxy settings.Is there anyway to modify my local firewall settings to automatically forward IP traffic to the company proxies in the same way a transparent proxy might work?Would I need to set-up my own local, transparent squid proxy which itself forwards to the company proxy?
View 1 Replies
View Related
Nov 20, 2010
got an asus wl500gp v2 and i just had to reflash it. Flashing went through fine, but while setting up the PPPoE connection I got stuck. Here is what the configuration looks like:ADSL Modem ---Ethernet--- Router ---Ethernet--- Laptop I set up OpenWRT to connect over PPPoE over the WAN port and the connection is established:
PAP authentication succeeded
peer from calling number XX:XX:XX:XX authorized
replacing old default route to br-lan
[code].....
View 3 Replies
View Related
Jun 10, 2009
have two internet lines from two isp every one pluged to interface eth0 and eth1 and i have eth2 interface to internel network clients now i need to make some clients to use line 1 and other use line 2 i want make this without use netmask , just for selected IP.
View 1 Replies
View Related
Jul 18, 2010
I'm trying to setup iptables to send web (tcp?) traffic through Squid and Privoxy transparently (to save having to setup everything per browser and hoping they honor their settings). I know I have done this before but I can't find the old config nor remember the exact options needed to do this.What I am wanting specificially is for Privoxy to grab the data as it leaves the browser, do its thing then pass it on to Squid before sending it down the line, then doing the same incoming (Privoxy -> Squid -> requesting app).
View 1 Replies
View Related
Dec 10, 2009
My 32-bit Ubuntu 9.10 [Karmic Koala] LTSP server has two NICs, one with Dynamic IP set by a DSL modem and the other with static IP of 192.168.0.254. I also have 4 thin Clients that boot from this server without any problems and another computer with Ubuntu 9.04 running some PHP programs with dynamic IP given by the same DSL modem. When I send requests to these PHP programs from thin clients, they all give the LTSP server's dynamic IP as their IP so I cannot trace who has sent this request to response back.
I actually know this is logical. Because the requests are sent by a program that's actually running on the LTSP server rather than the thin client. But my question is How can I run a program on a thin client with it's own IP? I also should mention that the dhcp3-server service running on the LTSP server has no conflicts with the DSL dhcp on the network and I know that the 4 thin clients get the IPs ranging from 192.168.1.101 through 192.168.1.104 from the dhcp3-server service. Because I can ping them while they're on. but /sbin/ifconfig on them shows info about the LTSP server.
View 1 Replies
View Related
Sep 7, 2010
got the problem with multiple ssh-tunnels. The case is:I have 1 server running Slackware 13.0 with external ip and few windows-machines. inetd daemon is running on the server, my script is listening on port 2345. I create multiple ssh-tunnels from client machines to the 2345 port of the server in order to initiate script execution. For debugging reasons the script simply echoes the incoming information to the connection initiator. This is how the connection is initiated.
Code:
ssh <user>@<my_server_IP> -L 5555:<my_server_IP>:2345
echo "hello"|nc -vn 127.0.0.1 5555 (a port on a client-machine, that is forwarded to <my_server_IP>:2345)
gives "hello" output.
Code:
client1 port 5555|----ssh-tunnel---- eth0|-------server---------------|
[Code]...
The problem is that i need my script to execute some commands (registry parsing) on a remote client machine with winexe utility. So I need to identify each tunnel or each connection in order to execute the command on each of the client workstations. I need at least to have access to some ID of the ssh session or a tunnel, through which a certain connection was initiated and then use it to create a reverse tunnel or just connect to certain client via that client`s tunnel.
View 3 Replies
View Related
Feb 3, 2009
I loaded F10 up on my laptop a few nights back. NetworkManager connects via Ethernet just fine. It will also connect wirelessly, but only when security is disabled. I've been using 128-bit WEP.
When I try to connect using security, this is what appears in the log:
Code:
Jan 29 21:07:17 localhost NetworkManager: <info> Activation (wlan0) Stage 1 of 5 (Device Prepare) complete.
Jan 29 21:07:17 localhost NetworkManager: <info> Activation (wlan0) Stage 2 of 5 (Device Configure) starting...
[Code]......
View 2 Replies
View Related
Feb 7, 2009
I have a Slicehost VPS and I'm trying to set up PPTPD on it. I only have one IP address (the public IP of the box). All the PPTPD howto's I've seen rely on assigning remote clients IPs from the local subnet (e.g. the PPTD server's local IP is 192.168.0.20, and remote IPs are taken from a pool of 192.168.0.30-40).
However I don't think I can do that as I only have the one IP address on Slicehost's network - that public IP (and all other IPs in the segment are public). So what I really want to do is to be able to create a private LAN segment or virtual network adapter and have VPN clients assigned addresses in that segment, then routed out onto the Internet effectively using the PPTPD box as a router. I am using Ubuntu Hardy (LTS).
View 2 Replies
View Related
Jun 22, 2010
I have Ubuntu 10.4 (lucid) and I want to be able to access computers on my home network (all of which are either on XP and Windows 7) If I go into: Places --> Network All I see is one folder named "Windows Networks" and if I go into that folder I see that there is nothing there! I know you can see windows computers in the "Network" folder because my friend can (Also with Ubuntu lucid) but he said he didnt have to do any configuring to enable this feature?
View 2 Replies
View Related
Aug 28, 2010
I have two almost identical images of the same size that I want to compare. I'd like to over-lay them one on top of the other and vary each image's transparency so that I can compare them. Anyone know of any software that does this?
View 4 Replies
View Related
Jan 18, 2010
i have an Opensuse 10.3 server running samba and i just wanted to know how i could attach ms dos clients to samba if thats possible,i tried downloading TCP/IP software for dos but i could not find anything on the net that works.
View 9 Replies
View Related
Jan 2, 2011
Upgraded two machines to 11.3 in the past 2 weeks. NFS is broken on both, in different ways. The problem I'll mention here is that the nfs server is running, but clients can't connect.
The server is running:
tinderbox:~ # /etc/init.d/nfsserver status
Checking for kernel based NFS server: idmapd running
mounted running
statd running
nfsd running
It has a valid export list:
tinderbox:~ # showmount -e
Export list for tinderbox:
/usr/local/share/common 192.168.1.0/24
The export exists:
tinderbox:~ # ls -lR /usr/local/share/
/usr/local/share/:
total 4
drwxrwxrwx 2 root root 4096 Jan 2 12:10 common
/usr/local/share/common:
total 0
-rw-r--r-- 1 root root 0 Jan 2 12:10 test.txt
But attempts to mount the export are unsuccessful, both from the local machine:
tinderbox:~ # mount.nfs 192.169.1.200:/usr/local/share/common /mnt -v
mount.nfs: timeout set for Sun Jan 2 12:14:19 2011
mount.nfs: trying text-based options 'addr=192.169.1.200,vers=4,clientaddr=192.168.1.200'
mount.nfs: mount(2): Connection timed out
mount.nfs: Connection timed out
...and from an OpenSUSE 11.0 machine.
moira:~ # mount.nfs 192.169.1.200:/usr/local/share/common /mnt/tmp/ -v
mount.nfs: timeout set for Sun Jan 2 11:52:17 2011
mount.nfs: text-based options: 'addr=192.169.1.200'
mount.nfs: Unable to connect to 192.169.1.200:111, errno 110 (Connection timed out)
mount.nfs: mount to NFS server 'rpcbind' failed: timed out, giving up
I've had NFS running on my local network for over a decade, and never had problems like this before.
View 2 Replies
View Related
Oct 26, 2010
i am using RouterTik OS as my edge router. My clients are connected to one of the lan card of this router PC. One of my client has MAC book. He can discover all the clients connected to that lan card. How can i restrict my clients unable to discover each others?
View 2 Replies
View Related
Feb 5, 2009
I currently have a network with an older machine, which is (usually) operated in headless mode as a data & backup server, with a fixed IP of 192.168.0.10. I have two client machines, a desktop & a laptop, which use DHCP. All three computers are running Slackware-12.2, the clients with a full install & the server without any X components. I want to set the server to serve a scanner & have been following this link, which is mostly a rewrite of the man page for sane.d. I set up saned per the article, adding the saned:saned user. 'scanimage -L' works for both root & my local user on the server. I can ssh into the server as my desktop user & 'scanimage -L' works. Ditto if I ssh into the server, then 'su -' to root. I can scan either locally from the server or via ssh from the desktop machine. BUT, I cannot get the scanner recognized on the network. On the server, I have this line in /etc/sane.d/saned.conf:
Code:
192.168.0.0/24 this line in /etc/services:
Code:
sane-port 6566/tcp #SANE network scanner daemon & this line in /etc/inetc.conf:
Code:
sane-port stream tcp nowait saned:saned /usr/sbin/saned saned
I have changed the line in /etc/sane.d/saned.conf to just "+", for testing. That didn't work either. On the clients, I have these two uncommented lines in /etc/sane.d/net.conf:
[code]....
My server user is in the same groups, less vboxusers. The server is identified in /etc/hosts & I can connect to it via ssh & mount nfs shares from it. What am I (not) doing that is killing network scanning?
View 3 Replies
View Related
Jan 12, 2011
In my work I want to build up a Linux based network, where windows and linux clients are going to share a Thecus network drive.Each client will have specific permissions for accessing the samba shares. I have installed Ubuntu SRV 10.4 with gui and webmin.
View 1 Replies
View Related
Feb 3, 2010
The router should handle everything automatically and transparently. All you need to do is make sure that the wireless Ethernet adapters in the laptops can "talk" to the wireless router.
View 4 Replies
View Related
Mar 26, 2011
I tried this command to print the buffer of an existing screen session to stdout but I don't know why it doesn't print anything.
screen -x lftp -X hardcopy /dev/fd/1
screen -x lftp -X hardcopy /dev/stdout
It works if I use a regular file instead, so why doesn't it print to stdout when I use /dev/fd/1? I do this with other applications don't have an option to write to stdout and it works, so what does GNU/Screen do that makes it not work?
View 1 Replies
View Related
Mar 12, 2010
I have the problems with transfer speed between samba and Windows XP clients.
Samba server configuration:
Quad Core 6600 CPU.
4 Gb RAM
OpenSUSE 11.2 with kernel "2.6.31.12-0.1-desktop"
Samba - samba-3.5.1-1.1.i586
Test: 4 GB File copying. One file.
Transfer speed from Samba Server to Windows 7 and XP clients:
(Windows clients copy file from Server share -> to local drive)
From Server to Windows 7 client 1:
85-90 Mb/sec
From Server to Windows 7 client 2:
90-100 Mb/sec
From Server to XP1 client 3
75-100 Mb/sec
Transfer speed from Windows 7 and XP clients TO Samba Server:
(client copy file from local drive -> to server Share)
From Server to Windows 7 client 1:
12-20 Mb/sec
From Server to Windows 7 client 2:
30-35 Mb/sec
From Server to Windows XP client 1
20-27 Mb/sec
(Copying file from Windows local drive to Windows remote share)
From Window 7 client 1 TO Windows XP client 1
40-50 Mb/sec
From Window 7 client 2 TO Windows XP client 1
50-60 Mb/sec
Copying file from Windows 7 client 2 share -> TO Windows XP client 1 show me 100-120 Mb/sec speed permanent.
Copying file from Linux hosts to NFS server is stable 50-90
Mb/sec bidirectional.
This part of my smb.conf file
Code:
# version at /usr/share/doc/packages/samba/examples/smb.conf.SUSE if the
# samba-doc package is installed.
# Date: 2009-10-27
[global]
log level = 1
debug level = 0
max log size = 50 .....
I have very slow write speed when copying file from Windows clients to Samba Share. Samba speed is slower than Windows native clients connections ?
View 9 Replies
View Related
Jan 11, 2011
Using CentOS 5.5, FreeRADIUS 2.1.7.
Objective is simply to be able to allow wireless clients access to my network based on their MAC address (I have about 10 WAPs around the country which I need to be able to manage user access centrally). Not interested in LDAP or dishing out keys/certificates etc.
I have been trying to follow the guide here. Sounds like it's exactly what I need but I'm not sure about a few things.
1) For each of the conf files am I supposed to be replacing everything currently existing in the respective file with what is suggested?
2) "raddb/modules/file" does not exist, so I assume I should use "raddb/modules/files"?
3) If I uncomment the line:
Code:
#rewrite_calling_station_id
under the "raddb/sites-available/default authorize{}" section, the radiusd startup gives me the following error:
/etc/raddb/sites-enabled/default[69]: Failed to find module "rewrite_calling_station_id".
If anyone familiar with FreeRADIUS 2 could answer these queries I might be on the right path
View 12 Replies
View Related
Feb 27, 2010
I'm attempting to run a DHCP server on my home network to enable PXE booting for ethernet clients, but I'm having quite a few issues getting it all up and running. I'm not entirely sure what is wrong, but I keep encountering errors in syslog as follows:
Code:
Feb 27 02:26:46 servnerr-1 dhcpd: Wrote 0 leases to leases file.
Feb 27 02:26:46 servnerr-1 dhcpd:
Feb 27 02:26:46 servnerr-1 dhcpd: No subnet declaration for eth0 (192.168.1.3).
[code]....
Networking is not exactly my strong suit, but I would like to get this up and running if at all possible.
View 9 Replies
View Related
Mar 9, 2010
I have a fileserver running openSUSE 11.2 and samba services for file access from MS Windows based workstations. My question relates to changing default permissions on files and directories created from the windows clients.
Following are extracts of the /etc/samba/smb.conf file :
Even with the above entries, sometimes there are files and directories created by the windows clients having permission
Probably my lack of understanding in ACLS.
View 9 Replies
View Related
Nov 6, 2010
So I have a bunch of CDs I have burnt over the past year or two, and only problem is, I would burn them, use it and forget about it. I never bothered labelling it. Now, I want to label them appropriately. Is there any way I can find out the following just looking at the CD contents-
1. Distribution - lucid / karmic / etc
2. Architecture - amd64 or i386
3. Type - server, desktop, alternate etc
I know if I boot into the machine from the CD drive, I can find out, but I prefer not having to do that
View 1 Replies
View Related
Dec 23, 2010
How do we check as to how many links have been created that point to a particular file?
Let's say there is this file /work/contacts.dat
and we have, let's say, 10 soft links that have been created by different users in their home directories. Now how can I figure by looking at the file /work/contacts.dat that there are 10 (soft or hard)links pointing to this particular file so that I know that it is being used or refered to by those many users and before deleting it I can check with them.
View 3 Replies
View Related
May 31, 2010
I just encountered a very weird issue and I am having hard time replicating and identifying the root cause. We have one RH9 server and we received an alert that the /var reached 85%, I checked and found out that /var/log/audit.d is occupying most of the space. It has a lot of files inside it consisting file size of 21MB each everyday. I ask the customer if can housekeep and it eventually climbed up to 100%. My colleague did some house keeping but what he did was he compressed the audit.d directory and remove it.
After that users are complaining they cannot telnet to the server even though the service is on. I have recreated the audit.d directory and restarted the xinetd as usual. Still the same problem. And the weird thing is that I cannot even switch to any user from the root. I tried to do "su - someuser" but it hangs there without doing anything. I also tried to telnet, it will ask for login and password but same thing it hangs in there. Did some restart on xinetd and did "chkconfig telnet off" "chkconfig telnet on" but with no success. Could this be caused by the deletion of audit.d? Or is the 100% utilization of /var the system could not cope up? The good thing is everything worked fine after restart. But still the root cause is unknown. If I check /var/log/secure it shows the user being authenticated though it is not getting any session. /var/log/messages also does not reveal anything.
View 3 Replies
View Related
Feb 18, 2011
I have a Debian Squeeze installed on my old iBook G4 mid 2005. The computer has been giving me hard time and I want to sell it for parts. Before that however I'd like to erase the hard drive securely. Is there a software that this forum recommends for erasing hard drives completely and securely? Is there Linux equivalent for something like DBAN which can be installed on a CD and then boot the computer from it?
View 14 Replies
View Related
Dec 29, 2010
Tried to test the 10.10 Netbook's Unity but after keying the password I got a "Unity missing driver" without any identification of the driver. Is it available in the repositories? How can I identify it to install it? Why isn't it included?
View 5 Replies
View Related
