Security :: New Fedora DNS Install But No Port 53 Access From The Outside?
Dec 13, 2010
I have installed Bind 9 on a new Fedora machine:
Code:
[root@***]# rpm -q bind
bind-9.7.2-1.P3.fc13.i686
It was yum installed and all went well without error but I'm not able to access bind on port 53. Selinux is disabled for this test, and the iptables have been saved to the below config in the INPUT chain:
Code:
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere udp dpt:domain state NEW
[Code].....
View 6 Replies
ADVERTISEMENT
Mar 17, 2010
I tried changing the sftpserver port but its not working, besides how can i restrict users from particular ips.Eg: users a can ssh from 192.168.*.*user b can sftp from 200.*.*
View 2 Replies
View Related
Dec 23, 2010
I'm trying to limit access to port 8443 on our server to 2 specific IP addresses. For some reason, access is still being allowed even though I drop all packets that aren't from the named IP addresses. The default policy is ACCEPT on the INPUT chain and this is how we want to keep it for various reasons I wont get into here. Here's the output from iptables -vnL
[Code]...
Note the actual IP we are using is masked here with 123.123.123.123. Until I can get everything working properly, we're only allowing access from 1 IP instead of 2. We can add the other one once it all works right. I haven't worked with iptables very much. So I'm quite confused about why packets matching the DROP criteria are still being allowed.
View 10 Replies
View Related
Jun 6, 2011
I'm trying to open port 8080 on my application server. I've included it in my iptables; however I still cannot access through ssh nor putty and it doesn't show up when I netstat either.Here is my iptables-config:
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth0 -s xxx.xx.x.0/24 -j ACCEPT
[code].....
View 7 Replies
View Related
Jul 25, 2010
Is there a firewall I can install that will only let certain MAC addresses through on a certain port?
View 2 Replies
View Related
Nov 1, 2010
sudo ssh -L 750:192.168.123.103:873 username@192.168.123.103It does exactly what it's supposed to do, but how do i edit / remove this rule?Is there some config file where i can alter the forwarding? How does it get stored?Im using Ubuntu 10.10Server Edition (allthough i recon it would be pretty much the same across all versions
View 5 Replies
View Related
Apr 18, 2011
Is there any way to verify if packets being trafficked over a certain port are valid for the service you want to use this port for?
One obvious example that probably clarifies my question:
When I open port 443 (outgoing or incoming) for https/ssl traffic, I don't want this port to be used for say openvpn traffic.
Thus: when someone wants to surf to a website with https, it should be ok but if someone wants to connect to his home openvpn server over that same port, it should be blocked.
View 5 Replies
View Related
Apr 27, 2011
I'll explain this in one sentence: Is it possible to program a port-binding shellcode in which people across the Internet can connect to, without being thwarted by the router blocking their data because the port its bound to doesn't allow port-forwarding
View 2 Replies
View Related
May 10, 2010
I'm trying to set rxtxSerial to work so a Java app has access to a serial port (via SiLabs CP210x driver, port /dev/ttyUSB0). When I use update-alternatives --config java, there are 3 alternatives which provide `java'. I have tried openJDK and Sun. Both fail but with completely different messages.
[Code].....
View 9 Replies
View Related
May 24, 2010
My program tries to open serial port on Fedora 12, and shows "Access denied" on Open Port operation. The same program runs successfully with root rights. What can I do to get COM port access as regular user?
View 2 Replies
View Related
Jul 30, 2011
I'm curious is it possible to access your router settings. I'm trying to open up a port. I have done this in my firewall now I need to open up my port through my router. I'm using fedora 15.
View 5 Replies
View Related
Dec 7, 2009
If I forward port 5764 to port 80 to my VOIP device, I can nmap and get a proper connection. If I forward port 5764 to port 22 to my server, it comes up filtered. It even happens if I try forwarding port 80 to my server. So I'm sure it has something to do with my server, but I'm not sure.Here's my Linksys iptables:
Code:
:wanin - [0:0]
-A FORWARD -i vlan1 -j wanin
[code]....
View 2 Replies
View Related
Nov 17, 2010
I did a port scan on my server from outside my network and saw that port 10080 AMANDA is open.Amanda isn't installed on any of my computers or my server and the port is not forwarded by my modem or router. So why is this port open and how can I close it?
View 6 Replies
View Related
Aug 23, 2010
how to access networking port and run scripts on that port so as to gain access of remote machine.is that possible through command prompt or through software.
i kno ip address of my frnd who is chattin with me .okay.i want to run an application on his computer .i came to kno tht we can run script o through port
View 2 Replies
View Related
Feb 18, 2010
I want to do a simple port redirect, i.e. whatever comes trough whatever interface on port AAAA will get redirected to port BBBBI thought that iptables -t nat -I PREROUTING --source 0/0 --destination 0/0 -p tcp --dport AAAA -j REDIRECT --to-ports BBBBhowever it doesn't work, e.g. nc -v -w2 -z localhost AAAA gives:
nc: connect to localhost port AAAA (tcp) failed: Connection refused
while
nc -v -w2 -z localhost BBBB
[code]....
View 10 Replies
View Related
Jul 29, 2009
I am having trouble getting my FC10 with tomcat visible to the outside world. first off i am somewhat new to linux. I am running vmware workstation to host my linux web server. i have my VMWare setup to use my second NIC solely. it is bridged and the tcp/ip is disable from the host. i can ping the ip address but cant access tomcat on port 8080 from the outside. i can hit it fine from inside fedora. i have configured my router (wrt54gs with DD-WRT firmware) for port forwarding. so basically i think that the problem is somewhere in between the host and the vmware configuring allowing the port to be forwarded through.
View 2 Replies
View Related
Aug 6, 2011
I am trying to make my home server accessible to the whole web. I have installed Nginx on my Fedora 15 64-bit Linux machine, and it works with localhost but it doesn't work online or allow other computers on the network to access it via the IP address. It keeps coming back with: Could not connect
I have port forwarding. I have even tried different ports but they all seem to be blocked. What could be wrong? I have a netgear router.
View 4 Replies
View Related
Feb 8, 2010
I only began using Linux with the release of FC8. I've upgraded into every new version (upgrade, no clean installs), after the new versions had been out a while. I struggle with command lines, updates, cups and other very cool tools that are only difficult because they have so many options. I'm Windows guy at work, a system admin and db administrator, plus the company expert on Excel. But, all in all, I hate Windows, and I'm loving Fedora, even if I struggle.
This last upgrade really kicked me in the pants. The first thing I noticed was all of my software sources were gone. I did some research around the forum and tried a few things, but it's still not working. Unfortunately, I may have uninstalled Yum in the process, but not rpm. I've tried to re-install the yum packages, but still no luck.
This morning before leaving for work I noticed that a boot log indicated that cups had failed. I went in to restart the service (through gui) and it said it was running. So I stopped the service and re-started. I tried to access port 631 through Firefox and it wouldn't open. I need to check the firewall to see if it's an open port, but beyond that I don't know.
Now I'm wondering if I should just do a clean install. I haven't done this, mainly because I didn't want to hassle with setting up my printer again (although, it's a Brother and they have the drivers and good instructions), and I didn't want to lose any emails that I've received via Thunderbird. The printer is really a non-issue now, as I'll have to set it up anyway. I have a backup of the /usr folder and all the documents. Question is, if I restore the Thunderbird folder after a clean install, would it bring back my email?
View 3 Replies
View Related
Nov 11, 2010
As it stands I have a small home network operating behind my modem/router. Some of the ports on this are forwarded to my PS3 for gaming but I was looking at forward some for my file server.
At the moment I've forwarded port xxx22 to port 22 on my server for SSH for instance. ANd similarly 21 for FTP (although it doesnt seem to want to connect for any more than a few seconds using that). What I was thinking of doing was placing a small website for a handful of ppl to use on the server too and port forward again - xxx80 to 80. It works just fine but I'm a little concerned on the security front.
As I've moved the port to something different from the outside world I'm presuming I will have already cut the potential for malicious folks to wander in but is there anything else I should be doing? At the moment there's no firewall operating on the server, usually as its hidden behind the modem/router. But if I open this thign up more permanently what should I be doing? I've read a few articles on it but I'm always left with the overwhelming thought of "Thats if theres no firewall in my router" as they just seem to do the same.
View 5 Replies
View Related
Apr 26, 2011
I'm a little security paranoid, there are a lot of times that my terminal is available to prying eyes and listless fingers. As a security minded individual, I would like to make sure to lock down my Ubuntu (11.04b3) install in one of the best ways I can think of, and require a dongle to access my box. Is this something any of you other security minded people have done?
What are other great ways to lock my terminal? I would like to make sure that not only the "average" user, but also the ABOVE average user will not be able to penetrate my system without a key. Let me know what you think, and other measures I can take.
View 9 Replies
View Related
May 6, 2010
When I try to ssh into my other ubuntu machine I get an error that says "port 22 connection refused" . I have been hunting around for an answer but can't find any.
View 1 Replies
View Related
Apr 2, 2010
I use putty and plink through ssh to support some process on my vd server (fedora-7) at godaddy. When login with plink frequently (ones per 10 seconds for just few minutes a day), the server blocks my access everywhere (sftp, http, control panel) for about 10 minutes and resumes then.Customer Support told me they do not have any blocker but I see that my ip is blocked for these 10 min. meanwhile I can access everything there from other address.
View 7 Replies
View Related
Jul 8, 2010
How can I display the IP addresses that have accessed my Fedora machine via SSH? In particular i want to know if they logged in and what they may have done while logged in.
View 2 Replies
View Related
Apr 7, 2010
I have 2 users: carol, carol2 and 2 files in /: filea, fileb. I want to carol has access only to filea and carol2 only to fileb. I need to do this with MLS (range). I dont want do this with levels because user that is higher has access to both files. How to do that?
View 13 Replies
View Related
Jul 27, 2011
I recently set up a web server at home, using a non-standard port, due to my ISP blocking 80. I just checked my log files, and I see a TON of entries indicating that a file was not found "proxy-1.php", "proxyheader.php", etc. I do not have these files, not intend to have them as part of my website. I did a whois looking by IP address for several of these, and they all seem to come from an ISP in China. Is there a way to BLOCK any IP address outside the US (that is somewhat simple to do?)
View 5 Replies
View Related
May 30, 2010
Is it possible to install security lab menu on a normal Fedora 13 installation? I don't want to use security spin.
View 14 Replies
View Related
Mar 19, 2009
I'm doing a research to protect my pc from physical access. What I'm facing here is that my company created a program for fedora 8 and plans to sell the unit away. We created a function where you can configure the program using any web browser from a network so we do not want anybody to have access to the fedora except for out personnel.
Based on my research, I've found [URL] this guide to protect people from accessing grub and single user. I am currently researching on preventing others to clone the harddisk. I would like to know if there are any other methods to prevent people from unauthorized access to fedora.
View 14 Replies
View Related
Oct 6, 2009
I'm currently running a dual boot (VistaFedora 11) system. I've noticed that the first time I access files on the Windows partition (via Nautilus GUI) I'm prompted for root access. However, on subsequent attempts to access the Windows partition I am NOT prompted for root access (even after I close/re-open Nautilus). My concern is that I'm leaving my root access "open".
View 4 Replies
View Related
Mar 24, 2011
I'm trying to find a file access honeypot for our Fedora server.That is, if a local file is accessed, it should notify someone. Plain and simple..
View 8 Replies
View Related
May 28, 2010
While reading some papers on securing apache with selinux, I have tried to bind httpd to port 3000 expecting to be blocked by the selinux, since port tcp 3000 isn't on the http_port_t list. However I was able to start the service...
I'm preety sure selinux is enforcing. Also, if I bind httpd to tcp 81 selinux denies the start of the service, as expected!Did I miss something? Why is httpd allowed to start binded to a port that's not explicitly allowed?
View 12 Replies
View Related
