Security :: Allowing Dyndns Client - Update Iptables Frequently?
Sep 11, 2010
I am using dyndns to keep track of my smartphone's ip address. The idea is to be able to ssh into my home network, protected by an iptables firewall. If I use the command: # iptables -I INPUT 9 -s myname.dyndns.org -p tcp -m tcp --dport 22 -j ACCEPT it updates using the current ip address, but the next time I get an ip address update to my phone and update dyndns to properly provide nslookups, this is not being updated in iptables unless I restart my firewall. Is there a better way to do this?
View 3 Replies
ADVERTISEMENT
Dec 8, 2009
i've got a few questions about iptables. i know how to set up ip tables to only allow from an ip address or a subnetting ip addresses. question is how do i allow from 2 different networks? would i need to create 2 lines of entry in iptables to the same port? e: allow 10.168.1.1 and 196.168.1.1 on port 22 is there a way to put all that in 1 line or would i need to create to rules for the port? i know i can use the ssh allow or deny but i'd like to stop access even before it gets to the ssh. stop it at the source kinda thing.
View 4 Replies
View Related
Sep 5, 2010
I've got two virtual machines running, the first VM (VM1) has two network interfaces, one bridged with my real lan, one a private subnet. The second VM (VM2) has one nic, only on the private subnet.
I have VM1 acting as a router for VM2, giving access to my real lan for internet access. The problem I'm having is I cannot get VM1 to forward ports 80 (http) or 222 (ssh) to VM2 from my real lan.
Here is the script I've cobbled together from various (foreshadowing!) locations:
Code:
View 1 Replies
View Related
May 27, 2011
Where are there good instructions to configure the DynDNS update client? It is not updating my IP number.
View 5 Replies
View Related
Jan 23, 2011
Is it possible to open dyndns port at iptables?I have a remote server which is cenots 5.5 x86 and uses iptable rules. And my local pc is windows 7 x64 and have a dyndns address as mypc.dyndns.org.I want to connect local pc with mypc.dyndns.org to remote server with iptable rules as follows.Quote:
# Xmanager
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 6000:6010 -s mypc.dyndns.org -j ACCEPT
[code]...
View 2 Replies
View Related
Jul 29, 2010
i opened access to [URL](without port limit) in iptables to let my systems to update mcafee, but still get unable to download in mcafee update log.
i have another ip that tried to connect via port 21 on those machines, but the ip is not belongs to [URL], is this possible thats redirecting?
View 6 Replies
View Related
Jun 4, 2010
I had configured IPSEC/L2Tp on my Centos 5.4 gateway machine .For testing i had disabled firewall and Ipsec is working fine.I am able to connect from client etc...Now i want to allow Ipsec and l2tp throught Firewall.here is my Current Working Firewall.Only Openvpn is allowed and is Redirected.
eth0=XXXSTATICIPXXX
eth1=192.168.1.81
OpenVpn IP Range = 172.24.0.16/4
Ipsec Ip Range = 192.168.1.0/24
[Code].....
View 2 Replies
View Related
May 17, 2010
I have ubuntu 9.10 and using dyndns by apt-get install ddclient but when my internet disconnect and my real ip changed it wont update automatically i have to go to computer and type in terminal ddclient then it get update ....is there any way to get it update automatically.
View 2 Replies
View Related
Mar 30, 2011
I am trying to remotely update my dyndns using the commandwget --no-cache h ttp //$USR:$PWD@$DYN_HOST/nic/update hostname=$HST&myip=$MY_IP(the h ttp : // is because I can't post links yet...)when "MY_IP" is my remote computer's ip,but the dyndns seems to ignore this parameter.. It updates the "real" ip that I have in the computer that running that command..I read previous threads an saw that someone used --no-cacheSo I tried that and it did not work for me.
View 1 Replies
View Related
Jan 1, 2011
With Azureus/Vuze, can we set an upload/download rate limit depending on the time of day?
If not, do you know a torrent client allowing this? Client must be available on Linux.
I learned that you can install plugins for Azureus/Vuze. There is one about scheduling. I've tried to install it but I got a NullPointerException.
View 3 Replies
View Related
May 3, 2010
I keep finding packets that appear to be whois on port 44. they appear to originate from me to whois.arin.net (2 packets each time) and 199.212.0.43 (also 2 packets each time) when I put 199.212.0.43 in the URL box it says "Failure To Connect To Web Server". when I whois it it says:
Quote:
Available at [url] And yes, I did get the same packets when I used whois. Why is my computer randomly whoising stuff?
View 3 Replies
View Related
Jul 15, 2010
I want to ask about securing the FTP connection... I have one server that Installed with Redhat Linux Fedora 6.
And now, i want to securing the FTP access, so only the selected IP will be allowed to connect. Do anyone know how to do this?
Another thing is, my server using Webmin 1.3 to manage the server and there not installed / not configured yet with Frox FTP, ProFTPD Server, WU-FTP Server... even there is such thing in my Webmin...
Can i make use one of the three FTP i mention above, and if yes, will it be affecting the current FTP access?
View 1 Replies
View Related
Feb 2, 2010
Hope you can help me out. I'm trying to setup a "drop-box" on ubuntu 9.10 server with vsftpd. I'm able to login and land in the /home/user directory, however I cannot write anything.
View 5 Replies
View Related
Feb 23, 2010
If I allow, my server's IP is:
11.11.11.11
If I allow 11.11.11.11, and block 22.22.22.22
22.22.22.22 can't access the server
But if I allow 11.11.11.0/24, and block 22.22.22.22
22.22.22.22 can still access the server!!
Does anyone know why that is?
View 4 Replies
View Related
Feb 27, 2010
I never use firefox because I use opera however I am really bored and I want to play around with my firefox however I have already ran into a problem, my problem is that firefox does not let me update to 3.6. I am currently using 3.0. How can I update my firefox? I use ubuntu 9.04.
View 5 Replies
View Related
Feb 19, 2010
According to this article -- [URL] there are problems with FireFox security, as a veriety of Zeus is being used by crackers in Europe and China. Allowing for alarmist reporting, this still looks unpleasant. Does anyone have definitive information about how this attack affects the various operating systems?
View 8 Replies
View Related
Feb 21, 2011
i am relatively new to ubuntu. Just recenty i have not been able to access certain files(for example the history and bookmarks in the firefox folder), download files individually from the internet(music,fonts,etc), recieving an error message
Quote: Originally Posted by firefox error console
Error: [Exception... "Component returned failure code: 0x80520015 (NS_ERROR_FILE_ACCESS_DENIED) [nsIFileOutputStream.init]" nsresult: "0x80520015 (NS_ERROR_FILE_ACCESS_DENIED)" location: "JS frame :: file:///usr/lib/firefox-3.6.13/components/nsSessionStore.js :: sss_writeFile :: line 2944" data: no][code]...
i have sudo priveleges and can install via update manager. i read somewhere that compizfusion might affect access permissions and i do use compiz and emerald at the same time.
View 9 Replies
View Related
May 16, 2011
Client is running Oracle VM Server 2.2.1 (kernel 2.6.18-128.2.1.4.37.el5xen). Storage is a NetApp 3210 (NFS configured to use TCP). Iptables on client has udp and tcp ports 111, 2049 and the NFS server ports opened. Info retrieved using: rpcinfo -p NetApp When trying a manual mount.
[Code]....
stopping iptables also works (I can manually mount the share without using proto=tcp). Is the mounting process somehow trying to negotiate first using udp which the Netapp doesn't respond and hence it fails by timing out? Can I configure iptables such that I don't have to use the proto=tcp option? Or is there another configuration file I can tweak so that I don't have to use the proto=tcp option?
View 2 Replies
View Related
May 17, 2011
Client is running Oracle VM Server 2.2.1 (kernel 2.6.18-128.2.1.4.37.el5xen). Storage is a NetApp 3210 (NFS configured to use TCP).
Iptables on client has udp and tcp ports 111, 2049 and the NFS server ports opened. Info retrieved using: rpcinfo -p NetApp
When trying a manual mount ...
But when using the proto=tcp option, it works ...
Stopping iptables also works (I can manually mount the share without using proto=tcp).
Is the mounting process somehow trying to negotiate first using udp which the Netapp doesn't respond and hence it fails by timing out?
Can I configure iptables such that I don't have to use the proto=tcp option? Or is there another configuration file I can tweak so that I don't have to use the proto=tcp option?
View 8 Replies
View Related
Apr 19, 2009
I've install F10 to use it as server and router and found a strange problem on my XP machine which is behind the F10. I've tried to update my Lineage2 client from official server but the update crash, tried to open the web page it didn't open. Also tried to open microsoft web it didn't open. When i try to open the same pages on PC with F10 they open with no problem.
[Code]...
View 6 Replies
View Related
Feb 1, 2009
I have been struggling with this for a very long time now. I have installed Fedora Core 9 on my computer. I have set it up as a caching-nameserver and this is working.
Then I wanted to secure my server with iptables, and I have so far made this script:
# Load the connection tracker kernel module
modprobe ip_conntrack
iptables -F
iptables -P INPUT DROP
iptables -P FORWARD DROP
[Code]....
I can reach the dns server with ping. When trying Nslookup it says that it got SERVFAIL from 127.0.0.1 trying next server, and then it times out.
My resolv.conf file lists:
nameserver 127.0.0.1
nameserver DNS-server
View 13 Replies
View Related
Dec 14, 2009
Im pulling my hair out trying to get ftp to work through iptables.Im using vsftpd
Table: filter
Chain INPUT (policy DROP)
num target prot opt source destination
1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
2 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
[code].....
View 3 Replies
View Related
Feb 25, 2010
I have a problem with iptables, when I execute
[code]....
View 5 Replies
View Related
Apr 4, 2010
I am trying to figure out how I can configure IPtables to only allow VNC traffic to an internal server over SSH.
My configuration is WAN < --- > Gateway (Ubuntu 9.10 Server) < --- > Internal Server (that I want to control with VNC over SSH)
View 12 Replies
View Related
Dec 5, 2010
I am using Fedora on my desktop pc. I want to know how can i protact my PC from outside world. What firewall policy should i implement in iptables to keep it more secure.
View 5 Replies
View Related
Jan 5, 2010
I'm following an openvpn installtion how to and it says to add this to the iptables:
Quote:
# External Interface for VPN
# VPN Interface
VPNIF="tun0"
VPNNET="172.16.0.0/24"
VPNIP="172.16.0.1"
### OpenVPN
[Code]....
Any thoughts as the whole formatting is separate and has the addition of FORWARD rules, etc. I need the VPN running on the .199 address
View 16 Replies
View Related
Jun 3, 2010
i set up a dmz to have a internet web server and ftp server, and ssh only from local network, so i wrote a iptables script to load during boot :
[Code]...
The problem is that everything works fine ( i have the same rules for other services such as samba, nfs, mysql on another server) BUT ftp there is no way to make it work. not even locally.when i try to connect, i log in, but while listing the directory i get MLSD ... and it hangs like this for a moment, then i get error message "connection time out" , "impossible to list directory". if i turn off the iptables script no problem,ftp works fine.. but why all services work and ftp no?
how do i have to modify the rules? what is strange also is that if i set as OUTPUT policy "accept", the server seems to be offline."host unknown" error message. I was thinking the rule INPUT is fine cause at least i can login, but the dir list is not going out, so gotta modify output rules. or state?
View 7 Replies
View Related
Mar 19, 2010
I've started a new job and have inherited a couple of RHEL4 64-bit servers. The firewall on them is currently disabled. I'm struggling to get them up and running as iptables is not the most user-friendly application. This lead me to downloading and trying a GUI front-end: Guarddog. Great app! But it doesn't have the default behavior I'm looking for. Here is what I need:
Default behavior: Firewall should be wide open, allowing ALL ports/IP's/TCP/UDP in and out of the server.
Blacklist: Oracle TCP port 1521 needs to be blocked in/out of the server.
This will help get us passed our company's security vulnerability scan. (We aren't able to patch/upgrade Oracle at this time because we'd lose vedor support with a legacy app). I will use these settings as a starting point, and then once I learn more and get more comfortable with iptables (or a GUI app) then I can fine tune things to make them more secure. As far as I know (correct me if I'm wrong) once I get a script I just copy it into /etc/rc.firewall and it will load when iptables starts.
View 14 Replies
View Related
Mar 6, 2010
Is this how I would do that?
iptables -A INPUT -p tcp --destination-port 21 -d ! 168.192.1.2 -j DROP
This should block all incoming connections on port 21 from 192.168.1.2, correct? Thus preventing that IP from logging into my FTP.
View 1 Replies
View Related
Mar 17, 2009
What i wanted to do was block everything from getting in my pc but still be able to surf the web and still use instant messenger.
View 2 Replies
View Related
