Security :: Active Connections Showing In Firestarter 1.0.3?
Feb 26, 2010
I am running Firestarter on Ubuntu 9.10 64 bit. I have noticed several times that after closing all web apps (Firefox, Thunderbird) that some entries remain under the heading "Active connections" on the Firestarter "Status" tab. Often these show no source program. Currently I have 2 showing which show Firefox as the source. These persist after Firefox is shut down. I have verified that no Firfox process is running. And both of the IPs point to google.I have Disconnected eht0 and they still show. I have logged out and back in and they still show. I must reboot the machine to make these entries go away. Which makes me think perhaps this is a bug in Firestarter(?) Is there another way I can identify truly active connections?
View 2 Replies
ADVERTISEMENT
Oct 22, 2009
I've noticed that when I open firefox I get really strange HTTP and HTTPS connections showing up in firestarter (which as I understand it is just a GUI for IPtables). They connect to various bits of a site listed as 1e100.net (when you use "lookup hostnames") such as wy-in-f18.1e100.net, they stay connected all the time as far as I can see unless I close firefox. I've heard people say they are connected to Google, but I can close all tabs after loging out of google and still see them... it's very odd.
View 3 Replies
View Related
Apr 6, 2011
I am running Ubuntu 10.10 I have an question about the firewall Firestarter, when checking the firewall it told me there are 9 serious incoming connections what must I do with this info. Inbound is normally blocked as standard i have also see that someone with port 1234 and 12345 have trying to attempt mine system but failed all trojan ports are fully blocked.
View 2 Replies
View Related
Sep 11, 2010
A portscan reveals that port 39878 is 'open', service: 'unknown. I deny service for this port in Firestarter FW 'policy' Firestarter does not show any active connection. I am not running any apps, so how can I close this port?
View 9 Replies
View Related
Apr 27, 2011
i just installed Firestarter firewall and it is showing me 12 serious inbounds after an hour.Is it a serious matter ? What should i do ?
View 3 Replies
View Related
Jan 16, 2010
Firestarter sometimes shows up to a dozen different ip connections for a single webpage that I open. This is for the first webpage I open, not after I have been browsing for awhile so they are not old connections that have not timed out. This just doesn't seem normal to me since other installs I have had of ubuntu have only shown one or two firefox connections at all times.
View 1 Replies
View Related
Apr 19, 2011
My firestarter is denying connections on ports 80 and 443, despite the fact that I have set rules to allow both the services, and indeed any connection from my gateway (the source of the connections).
Can someone please advise why this might be?I can surf the 'net fine, unfortunately I cannot load facebook, gmail, or another couple of sites that require logins, and I assume this is due to HTTPS not communicating properly.(On the off chance anyone can answer these real quick, I'm also trying to solve my resolution resetting every time I restart, and one of the icons in my KDE panel turning into a widget from an icon every time I restart. Still working on these, but just if anyone knows already).
View 1 Replies
View Related
Jan 7, 2010
I'm installing a server to act as a firewall between a local network and internet. I've installed Firestarter becaused it worked straitgh away (it seems that FS is configuring the routing as well). I've tried to remove it, and then I lost the access from LAN to Internet. (I don't know why -perhaps the routing is disabled then- , so I prefer to keep it).
The problem is that Webmin Bandwidth Monitor (bandwidthd) is not logging anything when FS is active. Does someone has an idea on how I could make it work? I've tried cacti and some other stuff, but it is far too complicated for me.
View 2 Replies
View Related
Jan 21, 2011
Is it fair to say that connLimit and hashlimit are very similiar on Linux i.e. while hashlimit caters to limits for groups of ports, they both set the connection rate limit per host? How in IPTables, do I configure a policy that limits connections on a port that encapsulates the total sum of all connections from all hosts? i.e. I do not want to allow more than 6000conn/minute for port range that is the sum of all connecting hosts?
View 3 Replies
View Related
Oct 19, 2010
I am programming on Linux middleware so I need to get a list of all active TCP connections. Is there any API to get such information? I know I can find the connections in /proc/net/tcp, but how to find the PIDs? Apparently ps or netstat command is not an option since it is a middleware.
View 6 Replies
View Related
Sep 29, 2009
I've created VPN server(PoPToP version 1.3.3) using webmin and all clients are connected successfully. I want to check "current active connections" from CLI(command line interface). what is the command to list all active connections.
View 1 Replies
View Related
Apr 23, 2011
My Debian server is used by people to set up ssh-tunnels for use as a local proxy ( on their remote machines).Since only the tunnel is setup, and no shell is used, I can't use "who" to see which users have an active ssh-tunnel on my server, but I would like to have an idea about who is active etc. I think I should be able to determine this from the auth.log file, but then I would have to use some script to determine what connection is still active. Is there an easy way to see what users have active ssh-tunnels on my Debian server at any given moment?
View 3 Replies
View Related
Jul 24, 2011
On every machine that SSHes in, the connection gets dropped randomly between immediately, and 30 minutes into the session, while the user is actively using the remote system (typing, etc). Before, during and after the disconnection, the system responds to pings regularly (0% packet loss).It takes about 5-10 minutes before I can make an SSH connection again.I have tried restarting SSH on the server and rebooting the server. I even removed and reinstalled sshd and it is still happening.What might be causing these random disconnects and how might I solve this?
View 1 Replies
View Related
Oct 12, 2010
When I typed netstat -lna, the output:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:580 0.0.0.0:* LISTEN
...
...
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node
unix 2 [ ACC ] STREAM LISTENING 23581
...
...
Can anyone explain to me:
1. What is "Active Internet connections" & "Active UNIX domain sockets"?
2. What is unix Proto?
3. Difference between LISTEN and LISTENING state.
View 8 Replies
View Related
Jul 18, 2009
Running Fedora 10 and 11. Using Firestarter firewall.Does anyone know where Firestarter gets the Events which it displays?I do not find anything in /etc/firestarter/.I suspect Firestarter looks in a log file which Fedora keeps somewhere.
View 2 Replies
View Related
Apr 27, 2010
I have an Asus 900 laptop that I put Ubuntu 9.10 on.I know it was made by the Chinese, but why are they trying to hack my pc?I currently put FIRESTARTER a linux firewall on board you can go here to get itNow I can see everyone's IP address and find out where they are and who they are!!
View 9 Replies
View Related
Sep 15, 2010
I was wondering if firestarter (software firewall) works out of the box or does it need some kind of configuration in order for it to provide protection? Is firestarter even needed with ubuntu?
View 6 Replies
View Related
Mar 8, 2011
im having a bit of a problem with Firestarter, i have Transmission opened and i am downloading a movie but when i check Firestarter i see hundreds and hundreds of Ip's that are blocked, and like 10ip's every second that get blocked.
[Code].....
View 2 Replies
View Related
Apr 19, 2010
I am new to Ubuntu and till now I have chosen it to be my favorite distro. I use my laptop in various networks, home, work, school. When I run firestarter the wizard does not give me the option for wireless INTERNET, only ethernet.
View 2 Replies
View Related
Oct 20, 2010
I've been using Firestarter for a while and have used it to set-up inbound and outbound policies (which are probably way too restricitve) but since turning on boot logging the other day I have noted that the boot log contains the message:
Code:
* Starting the Firestarter firewall [fail] I find this somewhat alarming. I have seen post[URL].ht= firestarter (although have not added it the auto startup list and do not wish to have it start without the root password). What I would like to know is as the computer boots up does it set the iptables to their last setting irrespective of whether firestarter starts or does firestarter need to start to set the iptables and therefore my policies?
View 2 Replies
View Related
Jan 26, 2011
what files does firestarter change? I would like to know so I can look at the files so I can learn to do the same thing without firestarter.
View 3 Replies
View Related
Aug 15, 2010
There are far too many 'events' in Firestarter's log. I can't find which file contains the log either by searching my file system or the internet.
View 4 Replies
View Related
Feb 3, 2011
I gave a presentation on the Firestarter Firewall interface at my local LUG meeting tonight (another member followed with a presentation on iptables).You can download a copy of the handout from this link.
View 3 Replies
View Related
Jan 1, 2011
I am running ubuntu 10.10. I recently enabled the firewall and installed Firestarter to configure it. Bad decision apparently. I can't connect to the internet using Firefox unless I first stop the firewall using Firestarter. After I do that, Firefox connects to the internet just fine.
If I uninstall Firestarter, will the ubuntu firewall function as it did originally, before I configured it? Or will it continue to function the way it does right now, which doesn't allow me to connect to the internet?
View 9 Replies
View Related
Mar 11, 2011
Just want to stealth ports on my laptop. Had problems with firestarter when I installed in on 10.10. Set Firestater back to defaults and then dumped it with:
Code:
sudo apt-get purge firestarter
Set up Gufw to defaults and now am not sure what I am seeing with iptables.
iptables -L shows .....
Do these settings look correct for default settings for Gufw? or do I still have some problems with the old firestarter settings not being removed. All I want is all ports stealthed. I know that ping is enabled but I believe that is a default setting in ufw. Could I restore iptables to default with:
Code:
sudo iptables -F
and then enable Gufw and set default?
View 5 Replies
View Related
Jan 12, 2010
When I click on the network manager icon next to the date in the upper right corner of my screen, my network connections do not show up. I have added two DSL connections on my laptop (username & password) but it doesn't show up. Everyday I need to use
Code:
sudo pppoeconf
if I wish to connect to the internet.
Both these connections are added in the same way on my Desktop Computer and it shows up on the network manager. One of them is even the default which connects automatically on startup.
Because it's not working I assume network manager is not compatible with my laptop. Are there patches to install or other programs that can easily manage my internet connection?
I'm using Ubuntu 9.10 on a not-so-new laptop.
View 2 Replies
View Related
Apr 30, 2010
I recently purchased an Asus USB-N13 and am having some trouble getting it setup. I have followed this post [URL] including downloading the driver version, but I am now a little stuck. This is a laptop which used to have a Netgear Wg111v2 wireless USB adapter (laptop does not have internal wireless). That adapter died so I purchased the Asus. The day I purchased the Asus adapter they were both plugged in at the same time for a short period - not sure if that is relevant or not but just thought I should let you know. Here is some output from various commands:
lspci
Code:
ron@ron-laptop:~$ lspci
00:00.0 Host bridge: Intel Corporation 82855PM Processor to I/O Controller (rev 21)
00:01.0 PCI bridge: Intel Corporation 82855PM Processor to AGP Controller (rev 21)
[code]....
I have restarted a couple of times with it plugged in and with it not plugged. At no time does it show in the Network Manager aplet.
View 9 Replies
View Related
Mar 17, 2010
I got alarm on Firestarter showing attack from samba service on port 139 . Is that ok for my host computer ? or a serious attack .
View 9 Replies
View Related
Aug 19, 2010
I am trying to configure Bittorando and iptables using Firestarter. I have got it working but am concerned about security holes.
Let me explain.
AIUI, the Bittornado program contacts the "tracker" on various ports which (from the previously blocked connections in Firestarter) ranged from 4664 to 65532. Therefore, currently I have set this range to be open to allow downloads of the torrent.
However, this seems, IMHO, to devalue to point of having a restrictive exit policy for Firestarter since now virtually all ports are open. I can see nothing on the Bittornado client to restrict the outgoing ports although the "listening" (incoming) ports can be restricted.
I would prefer to have my system locked-down so that the minimal number of ports are open to initiate external connections so is there any way to achieve this with Bittornado?
View 9 Replies
View Related
Feb 7, 2010
I have been using Ubuntu for a couple of days now and I am starting to like it alot. I decided to install it on my laptop, but getting it to connect wireless is becoming a problem. I have been searching all day on how to fix this but nothing so far has helped.I had Windows 7 installed before and it connected fine.
View 1 Replies
View Related