Security :: Filter Condition Based On Full Hostname?
May 19, 2010How to filter condition based on full hostname? ie. allow inbound packets to port 25 if the packet comes from [URl]..
View 1 Replies
ADVERTISEMENT
Server :: Using IPtables To Filter Based Off Url?
Oct 8, 2010I have a very simple set up.With Network Manager I can have my laptop act as a router (sharing all connections).I also have apt-cacher-ng as a debian package cacher.I would like to set up iptables to filter only the urls that are meant for a debian package cacher.
For example:I could use a "forward all" rule:
Code:
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3142
Except then I would get a bunch of error pages every time I tried to do normal navigating.My question (again) is: Can iptables handle forwarding only on a specific url? If so how?Or is there another solution? (prferably without full fledged software like squid)
Networking :: ISPs Content Filter Making For Based Laptops And Workstations?
Feb 8, 2011last friday my schools isp enabled iwsva - interscan web security virtual appliance from trendmicro. all traffic is now filtered, and slowed down. videos and other videostreams are now useless. after this we have had serious problems using our netbooks with ubuntu, and upgrading workstations with ubuntu has become very problematic, or almost impossible. i have to run the update process 6-8 times before all packages are updated.
what can i do to document the problem in a good way. the isp tells me that there are no problems, and that it has to be a linux problem. (ever heard that one before?) the ltsp-clients on my debian servers does not have the same problems, maybe because they are using the proxy on this server?
Server :: Potfix Email Filter Based On Sender And Recipient To Forward Messages?
Nov 2, 2010We have MS Exchange email server with postfix/amavis on FreeBSD as proxy for anti-spam and anti-virus. We use our own developed CRM and trying to implement such functionality that when CRM manager send email to CRM client or vice versa through email client like Outlook (no plugins for CRM) this message would be shown in CRM. There is already a solution to parse emails from specific emailbox and show it in CRM.
What I need is to create postfix email filter to check if sender email is in file CRM_managers_emails and recipient email is in file CRM_clients_emails then forward that email to [URL] Filter should check both incoming and outgoing messages. I will auto generate CRM_managers_emails and CRM_clients_email files containing all such emails taken from CRM database. I know i should use something like Postfix After-Queue Content Filter but most of examples are for blocking emails.
Programming :: Filter Source Line Based On Results Line In Log Using Awk And Sed
Apr 5, 2011I have a log file with entries such as;
Where result is 0 or more.
I want to get the list of file names where result count is more than 0 (in other words filter out files names with result 0).
File name and result are in two different lines in log file.
How can i filter file name based on result?
Fedora Security :: How To Filter Ports
Apr 28, 2011I have open ports on my computer for vsftpd, pptpd, and I need help to filter this ports because they aper as open ports on internet, and this is pretty risky
View 3 Replies View RelatedUbuntu Servers :: Ubuntu Based Web Filter
May 18, 2011I am looking to build a Ubuntu based web filter. What we would like it to do is block access to certain sites for our company. We have had several employees get caught spending hours on end on gambling sites so we would like to restrict access to websites on a per user basis.What I am looking for is a piece of software or suite of software that can filter websites based on a blacklist/whitelist or category based scenario. I need to be able to authenticate users. For example I would like it so that when the CEO logs in he can go to whatever website he wants, while most other staff members are blocked from accessing things in the blacklist or categories.
I remember from a recent trip to a hospital that they had all internet traffic re-routed to their landing page and that you had to agree to specific terms on that page before you could do anything else. Something like that might be useful as well.
Security :: Spam Filter Software For ISP Environment.
Jan 24, 2011We operate a small ISP and are currently using a debian distro as our gateway server.Recently we have had an increased number of spam issues with customers (not them sending it directly, rather the customer getting infected with a virus/malware and then their computer becoming a bot).I'd like to set up another gateway of sorts to sit after our authentication gateway but before our backbone to provide spam filtering (and hopefully virus filtering) for any traffic passing through which might be email.I've tried searching for any linux based software which would suit, but I'm coming up empty.
Surely there's something already out there which can perform this task.Finally, just to clarify, I'm not talking about spam filtering for email accounts we host ourselves (this is built into our mail server); I'm talking about spam originating from customers PC's which is passing through our gateway (but not our mail server).
Ubuntu Security :: What Is Good IP Filter / Firewall Program?
Jun 10, 2010What is a good IP filter/firewall program? Seeing as how I like free softwares, I download a lot of torrents. When I was using Windows, I used PeerBlock (the newer fork of PeerGuardian), however, it's not available for Linux. What would be a good alternative for this in Linux? I tried iplist as it has a GUI, and it was extremely buggy and blocked random web pages even after I put them on the exceptions list. And MoBlock has no GUI from I understand, nor has it been updated in years.
View 9 Replies View RelatedUbuntu Security :: Content Filter At Remote Locations?
Aug 6, 2010We have approximately 100 retail locations that will have split vpn tunneling. Intranet traffic will flow over the vpn to the corporate headquarters, voip traffic will tunnel to a regional hub and internet bound traffic will go over the local isp. The retail locations are small with 1-8 users and no enterprise grade equipment (servers, etc). This setup in effect will render our current content filtering solution useless.
The locations will be equipped with Cisco ASA 5505 Firewalls. The original plan was to use a Websense server and the url filtering feature to act as a content filter. I just found out that pricing for Websense was not included in the budget will be a show stopper.There may also be some performance issues with this method. Putting a proxy server at each location is not really an option. We do not have the resources to place a server at each location, plus the users could simply unplug an inline device or go around it. There is minimal supervision at most of these locations.
Ideally, I would like to find a way to use something like Dansguardian with an ldap interface and the url filtering feature of the ASA firewalls. I found a program called n2h2p, but I can find 0 documentation for it. It is also 2 years old with no updates. I also need to be able totrally manage this as trying to keep up with 100 different configurations for 400 users would be virtually impossible for the amount of time I will have available
Ubuntu Security :: Iptables How To Filter SMTP W/o S/MIME
Jul 10, 2011Does anyone know the iptables statement that will block inbound SMTP messages that are NOT S/MIME encrypted?
View 1 Replies View RelatedSecurity :: Content Filter For Web / Email And Instant Messaging
Apr 12, 2010I have been assigned a task to implement a free open source content filter having feature of web, email, instant messaging etc. If any one has the information or worked on this type of product please share it.
View 8 Replies View RelatedSecurity :: Locate Printer On Remote Network Behind Filter?
Aug 26, 2010so how can I locate a printer behind a firewall? Is it possible to enumerate the subnet behind a router ( even if a connection has not been marked)?
View 3 Replies View RelatedUbuntu :: Firefox Based Flash Player - Full Screen Video Flashes
May 4, 2010I am having some weird problem with the firefox based flash player when playing videos in full screen. The video flashes white in areas while the video is playing. I don't know if this is Ubuntu, Firefox or flash. I am running Lucid on a Macbook Pro
View 1 Replies View RelatedSecurity :: Filter Pam_rhosts_auth Messages To Prevent The Logs Filling Up?
Mar 8, 2010I have a batch job which logs in to the server every 10 minutes via windows rsh. The job checks to see is there are any files that need to be send via a EDI serverto a supplier.The following logwatch report is swamped with the login messages and would like to either suppress the logging in PAM? or suppress the entry in the logwatch report?But I still want logging id the username is not username1.Connections (secure-log) Begin rshd[1754]: pam_rhosts_auth(rsh:auth): allowed to username1@10.0.0.1 as myedi
View 2 Replies View RelatedSecurity :: Full Internet Security Software For Ubuntu?
Dec 16, 2010Do you know guys are there any good reliable Internet security or Anti virus software for ubuntu OS? Don't tell me linux is virus free os. I have dual boot PC so i want some security suite for that?
View 11 Replies View RelatedUbuntu Security :: Add Smtp Authentication To Postfix Installation Used As Spam Filter For Exhange Server
Feb 26, 2010I followed this How To (https://help.ubuntu.com/community/Postfix) in order to add smtp authentication to my Postfix installation used as spam filter for my exhange server, and it'seem all ok; the only thing that I don't understand is where I list all the users (with passwords) that I authorize to send mail through my server...
View 3 Replies View RelatedSecurity :: Define An Appliance Based On Suse For An Application Server And Web Server Apache - Best Network And Security?
Feb 6, 2010We are trying to define an appliance based on Suse for an application server and Web server Apache, so we would like to know configuration best practices for network and security, is there any paper/doc about best practices?
View 3 Replies View RelatedGeneral :: Convert Full-disk RAID5 Array To Partition-based Array?
Dec 23, 2010I have a RAID 5 array, md0, with three full-disk (non-partitioned) members, sdb, sdc, and sdd. My computer will hang during the AHCI BIOS if AHCI is enabled instead of IDE, if these drives are plugged in. I believe it may be because I'm using the whole disk, and the AHCI BIOS expects an MBR to be on the drive (I don't know why it would care).
Is there a way to convert the array to use members sdb1, sdc1 and sdd1, partitioned MBR with 0xFD RAID partitions?
General :: Ubuntu 9.10 Networking Hostname / Can Ping The Linux Box Using Its Hostname From A WinXp. But Cannot Do The Reverse?
Jan 3, 2010I have a network of 2 WinXP machines and one linux box. I have fiddled around with the settings as you do when learning. The network is working. The network neighbourhood on the WinXP machines recognise the linux box and vice versa, (the linux Places|Network recognises the 2 WinXP). I can Ping the linux box using its hostname from a WinXp. But I cannot do the reverse. I get an 'unknown host' response. I can ping the linux to itself using its hostname.
View 7 Replies View RelatedNetworking :: FC13 Install Can Ping By Hostname - Ssh By Hostname Fails
Jul 29, 2010I'm having an issue on two Fedora Core 13 machines where I can ping others by hostname, but the hostname resolution fails whenever I use ssh/scp/vnc/etc. I can still do these things by IP address, just not by hostname. RHEL5.3 machines on the same network with the same configuration do not seem to have this problem.
Here's the not-so-quick-and-dirty description of the situation:
I know that there is a virtual router at 192.168.31.1 and another at 192.168.30.1. I also know that there is another network (let's call it 90.90.90.0) and on that network lies a number of resources. By nature of this configuration, any machine on 90.90.90.0 can be accessed by any 192.168.x.x, but not the other way around. Beyond that is out of my hands and currently out of my scope of knowledge.
I have a dnsmasq server on 90.90.90.10 that operates as a secondary nameserver, another machine out of my sphere of influence is the primary nameserver (90.90.90.31).
The secondary nameserver on 90.90.90.10 holds the hostnames of our development machines. The problem is that in some cases, while I can ping by hostname all day long, services such as ssh, scp, vncviewer, etc all fail to resolve the hostname. In other cases I can do all of these things.
Every machine has an equivalent resolv.conf:
As an example, I will show the output of a handful of my development machines:
I also included columbia as a one-way test -- even though it cannot access 30.x or 31.x, they can access it:
columbia -- physical machine, Red Hat Enterprise 5.3, IP 192.168.100.200
Okay, so here are the various outputs. Remember, nibbler, discovery, and atlantis can ALL:
- Ping by IP address
- Ping by hostname
- ssh, scp, vnc, etc by IP addess
Additionally, the SERVFAIL reply from 90.90.90.31 is expected since my dnsmasq server is on the secondary server.
Note that the only machine that can both ping and ssh/scp/etc by hostname is nibbler, which also happens to be the only one of the three running RHEL5.3 instead of FC13. Other virtual and physical machines running on the 192.168.31.0 and 192.168.30.0 networks (all running RHEL5.3) work just like nibbler does. So the problem seems to only affect machines running FC13.
Final note: selinux is disabled, iptables is disabled, ip6tables is disabled.
Other than that, discovery is a brand-spanking-new install straight off of the FC13 DVD. atlantis has been around longer, but its just a file server so I haven't done anything too crazy to it.
Ubuntu Security :: Vulnerable To Infection From Website Without A "proxy Antivirus Filter"?
Dec 15, 2010I used Avast webfilter (proxied webtraffic through Avast) when running Windows. Sometimes Avast would alert and "protect" me from being infected by a compromised website. NOTE: Avast would alert even absent clicking any links. Just viewing the page could result in infection. Should I be running some kind of proxy webfilter for protection? My understanding is that Firefox can be compromised and this can in turn compromise Ubuntu.Are these kinds of threats specific to Windows running Firefox, or Firefox per se. If Firefox per se it seems like I need some sort of Proxy webfiltering like Avast provides.
View 9 Replies View RelatedOpenSUSE Install :: Set $HOSTNAME To Dynamically Update With The Hostname That Is Specified For The Ip In DNS?
Apr 6, 2010How do I set $HOSTNAME to dynamically update with the hostname that is specified for the ip in DNS?
View 3 Replies View RelatedUbuntu Networking :: Pinging Hostname Rather Than Hostname.local?
May 24, 2010I'm trying to ping another Ubuntu computer on my local network. If I try doing,ping <hostname>then I get the messageping: unknown host <hostname>however, if I doping <hostname>.localthen I get a response back. I was wondering how I can change it so that I can ping without having to append .localI've installed winbind and modified my /etc/nsswitch.conf file but this has made no difference.
View 2 Replies View RelatedUbuntu Networking :: Hostname Changed But Email Still Using Old Hostname?
May 22, 2011I have an ubuntu 10.04 server with hostname "abc.domain.com". However, due to migration, we had to change to hostname to something else, "xyz".
I have done changing /etc/hosts and /etc/hostname and run /etc/init.d/hostname start.
Checking the hostname and all shows it is now using hostsname of xyz. However, email sending out is still using old hostname. We have some scripts that will send out alerts like failed rsync or hdd space full to my email account. But I see the sender is still "root@abc.domain.com".
How do change that to xyz? I am using postfix. I have edited main.cf and restarted postfix but no go.
Fedora Security :: SSH Key Based Login Not Working On F11
Jul 20, 2009I'm migrating my file server from Fedora 9 to Fedora 11 (clean install), and I'm having a horrendous time trying to get key based SSH logins working. I've set it up before, and I can't figure out why it won't work now. I copied my public key into ~/.ssh/authorized_keys2 and set the folder permissions for 700 and the file permissions for 600. Then I restarted sshd. Now unless I remember wrong I thought that's all you have to do. It didn't work. So I rebooted just for good measure. Still didn't work. So I made sure that my client was still sane. I can log into my OpenBSD machine just fine. I compared the sshd_config from OpenBSD to the Fedora one, and the options seem pretty close.
At that point I had nothing to lose and just started messing with the Fedora sshd_config. I also noticed in the config that the commented AuthorizedKeys file had dropped the 2 off the end, so I tried changing that as well. Still nothing. Password based logins work, but I really don't want to go that route. Now I can only think of two possibilities. One, some sshd_config setting is wrong and I don't know what it is. Two, there's some package that's required for key based logins that I accidentally unchecked during the install process. That's about all I can come up with. Here's my sshd_config, I tried to just set everything back to default.
Code:
#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
# Disable legacy (protocol version 1) support in the server for new
# installations. In future the default will change to require explicit
# activation of protocol 1
Protocol 2 .....
Security :: Low Interaction Honeypot (based On Nepenthes) Worm Infection?
May 19, 2010I have snipped part of my log i captured on the my honey pot need recommendation on what is going o? The infected computers is located at address ${ADDRESS}. A quick check of my low interaction Honeypot (based on nepenthes) gives the following data: i know its a worm but what is going on thanks in advance
linux-sqos:/opt/nepenthes/var/log # cat nepenthes.log
<snip>
[18032007 02:26:03 info module] 76 4
[18032007 02:26:03 info module] SMB Session Request 76
H CKFDENECFDEFFCFGEFFCCACACACACACA
code....
Security :: Pruned TFH-based Posts From Malware Scanner Thread?
Dec 12, 2010Originally Posted by smokerSuch things can happen on linux. But try googling for actual occurrences.Greetings SmokerWith no prejudice sir: I've got a personal list of at least 75 such occurrences, just this year alone in Linux-OS's... If the Blacks wants to mess-up your OS, they do it as easy as microstuf could nuke any target Windows-98 OS today... Linux is web-page secure, only... You may think Linux is impervious to hack-attack, but it's definitely Not!.. It's just that you haven't been extremely noisy on the internet about how humanity should change its bad-attitudes towards Life and Love, before it's too late... In and from your "safe little box" you are 99.99% safe from the Blacks, IF your are silent and compliant to "North American peasant control policy".. but start doing a little "Al Gore and Greenpeace style bitching noise", and very quickly you'll discover just how unprotected your Linux powered PC really is... Ask Greenpeace and Al Gore about the max-attacks to their computer systems... I had to reinstall the OS about a hundred times this year.. Seems the big money world didn't like that I published, that "to save humanity from its impending early extinction, Money needs be extincted and replaced with something conducive to life and living and love".. They Freaked!, and slammed my PC's repeatedly, hard... Sure, Linux is reasonably secure, but it ain't perfect.
View 5 Replies View RelatedSecurity :: Install Based AntiVirus Server With Windows Clients?
Apr 1, 2010I would like to install Linux based AntiVirus Server with Windows Clients. As per the existing setup, all Windows machines are using "demo" or "evaluation" copy of antivirus & all antivirus softwares are not same on all windows computers.
Someone is using Trend-Micro ,other is using Avast. Due to above listed problem,i want to implement Linux Based Free AntiVirus Server,which will be connected directly on the internet. The Linux AntiVirus server will updated it's database from Internet automatically.
Inside the Linux Server,all Windows PC's are connected in a same Local Area Connection. All windows XP computers will fetch the updated data from the Anti Virus Server. Also,i am searching MAIL RESPONDER OR POP UP Windows,when any virus found on any client machine. My company needs Cost Effective solution & Linux is the best solution for this.
Security :: Can Full Disk Encryption Be Removed ?
Nov 14, 2010I do know about cold boot attacks. But I ran across a couple of posts/websites that had me wonder if it is possible, without the passphrase, to just remove the encryption?
View 4 Replies View Related