Security :: Finding Source Of Pings ?
Oct 17, 2010How i know who is pinging me or trying?
View 1 Replies
ADVERTISEMENT
Fedora Security :: Finding The Source Of A Break In ?
Jul 16, 2010I noticed a very very high cpu usage on my webserver. All four CPUs were running on 100%.
Top shows several perl processes from apache that run for a long time, with a high %CPU.
Since the server was fc10, I did a fresh installation to fc13, and the fresh installation didn't have this issue. Then I loaded back all the user-data, and it started again.
Several, 4, 6, 8, ... 100 perl processes from apache.
lsof -p with the pid of such a process
Code:
The estabilished connection is sometimes "proud2pirate.com" wich is a non-existing domain.
Debian Configuration :: Massive Delay Between Pings Yet Pings Fine
Aug 16, 2010I have just installed a testing net install of squeeze on my laptop and I'm having a few problems with my wired connection.
When i try to ping google.co.uk there is a large delay between each result even through the actual ping takes ~30ms. It takes about 5 seconds or more between each ping.
If i use ping -n it works fine. Does anyone know why this is happening?
Debian Configuration :: Apt Not Finding Source?
Feb 21, 2010I just finished installing Debian 2.1 on a very old laptop for some light word processing and web browsing, and am trying to get apt working so I can use it and dselect to install packages. Whenever I run apt-get update as a first step, I get stuck at 0% with an eventual timeout (this also happens when running the update step of dselect).
I know that my network card (a Farallon EtherWave) is working because I can ping my local gateway and remote sites. In my sources.list, I have this line for the Debian archive for this release: deb [url]contrib main non-free
Can anyone think of why I can ping the archive successfully, but apt will not read it? Do I need to change some network configuration, or my source line?
Fedora :: Finding The Openssh 5.1 And 4.3 Source Rpms?
Nov 16, 2010I am looking for openssh 5.1 and 4.3 source rpms. Where can i download them ?
View 3 Replies View RelatedHardware :: Finding Source Of Noise In Computer ?
Jan 28, 2011I am trying to decrease volume of noise coming from computer as much possible, till one point from where I don't know exactly what's the source of noise.
"That noise" starts coming out of computer few seconds about booting, not while POST test, and then it's constant. To me it seems like it's coming out of cpu, but not fan. (I have disconnected all hard drives, have gpu with passive cooling installed, and it's still there. Cpu is AM3 socket AMD Phenom II 810 processor, and motherboard is Asus M4A78T-E.
Also, my other computers with Intel and other AMD processors does not produce such a noise.
Does that noise come out of CPU? is it some "computing sign" of processor (assuming that during first seconds of booting are perfectly quiet), or kind of general problem of AMD (or AM3 socket) cpus.
General :: Finding The Kernel Source Code?
Apr 14, 2011where can i find linux kernel source code?
View 4 Replies View RelatedSlackware :: Checking - And Finding The Source For Dependencies ?
Nov 23, 2010I'm looking to install, and perhaps create a SlackBuild) for an application that I think might be interesting.
The dependencies listed are:
libx11-dev, libxt-dev, libimlib2-dev, giblib-dev, and libxinerama-dev
I've checked to see if the packages are installed w/:
Code:
I've also looked for any existing SlackBuilds, but the only one that showed up in the database is: "giblib"
Where can I look to find these dependencies, their sources, or determine whether they're already installed in Slackware64 13.1?
Also, how would one determine if this can compile for a 64bit, non multi-lib install?
Ubuntu :: USB Over Ethernet - Finding Source Code In Package?
Jun 23, 2010First of all, I am pretty new to linux and I have 2 install a USB OVer IP software. I downloaded the software for UBUNTU n I really do not know where to find the installer. I want to find the source code in the package too.. its an open source project. So I believe the source codes are included in that .
View 5 Replies View RelatedNetworking :: Autofs No Longer Working - Finding Source ?
May 23, 2011After several days of searching, reading and re-installing, I'm at a complete loss as to why autofs has suddenly stopped working.
Basically, I can see the shared folders on the host computer but as soon as I try to cd into the folders I get "-bash: cd: [directory]: No such file or directory" (where [directory] = shared drive).
The setup was working before and the same exact setup is being used and is fully functional on another computer.
I'm running Ubuntu 11.04
Here is the content of auto.cifs:
Code:
Here is the content of auto.master
Code:
And credentials are stored in /etc/auto.smb.goblin (where goblin = name of windows computer sharing folders).
When I do "ls -l /home/shoryuken/TerraDrive/goblin" I get:
Code:
Now if I try to "cd" into any of the shared drives (like D-Drive, GW_Share or TerraDrive) I get the following:
Code:
A second or subsequent attempt at "ls -l" results in:
Code:
Note the question marks that are now everywhere.
I'm not sure where to look to find out why this is failing. The shared drive are visible, but then disappear when I try to access them. The same exact setup, on another machine works perfectly fine.
Server :: Finding The Source Of The Email In The Main Queue?
Mar 7, 2011I have a server (RHEL 4.7) with an mqueue that keeps growing over a two or three day interval. Then I have to manually flush the queue by removing all the mail in the spool directory as the sendmail flush command doesn't work. I've looked at the mail queue manually with a sendmail -bp command and it seems to show an occaisional mail item in the queue. On the other hand, there seems to be a lot more non-legitimate emails in the queue spool. how do I find out the source of the email in the main queue? Next, how do I stop it from building the queue? Next, is there anyway to automatically flush the queue once it builds if I need to?
View 2 Replies View RelatedSoftware :: Finding Source For Libstdc++ - Glibc - Libgcc ?
Jun 7, 2011I have a situation where I need to install the following packages manually:
libstdc++ (including libstdc++6)
glibc
libgcc
All I can find online are rpms... anybody know where I can get these as tarballs?
Ubuntu :: Autofs Has Suddenly Stopped Working - Finding Source ?
May 23, 2011After several days of searching, reading and re-installing, I'm at a complete loss as to why autofs has suddenly stopped working.
Basically, I can see the shared folders on the host computer but as soon as I try to cd into the folders I get "-bash: cd: [directory]: No such file or directory" (where [directory] = shared drive.
The setup used to work and the exact same setup on another computer computer works flawlessly.
I'm running Ubuntu 11.04
Here is the content of auto.cifs:
Code:
Here is the content of auto.master
Code:
And credentials are stored in /etc/auto.smb.goblin (where goblin = name of windows computer sharing folders.
When I do "ls -l /home/shoryuken/TerraDrive/goblin" I get:
Code:
Now if I try to "cd" into any of the shared drives (like D-Drive, GW_Share or TerraDrive) I get the following:
Code:
A second or subsequent attempt at "ls -l" results in:
Code:
Note the question marks that are now everywhere.
I'm not sure where to look to find out why this is failing. The shared drive are visible, but then disappear when I try to access them. The same exact setup, on another machine works perfectly fine.
Applications :: Finding An Open Source Business Intelligence Software?
Apr 22, 2010What is the most well know Open Source Bussiness Intelligence application?
View 1 Replies View RelatedProgramming :: Finding A Open-source Unicode String Library For C++ (or C)?
Jan 3, 2011Is there a good open-source Unicode string library for C++ (or C)?
View 4 Replies View RelatedOpenSUSE :: Finding A Open Source Music Composition Editor Similar To Sibelius
Jan 19, 2009Looking for a Open Source music composition editor similar to Sibelius. I found and settled on Rosegarden. Sound card is Creative Audigy 2 Platinum EX. I also have a midi keyboard which I would like to use with rosegarden. After downloading rosegarden, I found out in order to use the MIDI sequencer, I have to compile and install a real time kernel.
I finally got my kernel configured and installed, recompiled all the video/Ethernet drivers etc (after about a dozen tries ) Now on to the issue... As root, I can run the JACK audio server with realtime priority (as it is needed by Rosegarden) with the command
jackd -R -dalsa &
it starts up and seems to run. Then as a regular user, I try to connect to the JACK audio server using the qjackctl application. Qjackctl loads, but cannot seem to connect to the jack server, giving me the message "UNABLE TO CONNECT TO SERVER AS CLIENT"
HOWEVER, using the same procedure above as root, I can connect to the jack audio server with qjackctl. Rosegarden will start as a regular user but will also not connect to the JACK audio server (therefore: no sound or midi sequencer) Ive tried running Rosegarden as root (I didnt like having to do that), but get a similar error.
Through some googling, I�ve found that JACK clients (qjackctl, rosegarden etc.) must be executed by the same user who launched the JACK server. -- no problem...Except I cannot run a realtime application as a regular user. I read online that regular users can start realtime applications using the LSM module (whatever that is, I couldn�t find all that much).
how do I start the jack audio server in realtime mode as a regular user? if that is not possible...Is there a way to configure JACK so that it is started by root, but allows clients launched by regular users to connect?
Security :: Using Open Source Network Security Tools On Large Network
Jul 5, 2010how efficient and effective are these snort, argus, ossec etc etc for an organization having 3500 PC Network, connected through 700+ Cisco Devices (Layer 2 and Layer 3), and scattered on 130 different sites (geographically)? what should be the combination of products and what should be the architecture for an efficient forensics activity?
View 2 Replies View RelatedSecurity :: Finding And Editing Firestarter Events Log?
Aug 15, 2010There are far too many 'events' in Firestarter's log. I can't find which file contains the log either by searching my file system or the internet.
View 4 Replies View RelatedSecurity :: Finding & Parsing LDAP Logs?
Mar 24, 2010Please let me know:1. What LDAP logs are typically available2. How to find them3. How to Parse them
View 3 Replies View RelatedUbuntu Security :: Finding Connections On Ports Despite Ufw Rules?
May 2, 2010my ufw rules have been loaded and active yet using iptraf i see tcp connections on ports that were never allowed by ufw. can anyone explain this too me does ufw just not work?
View 6 Replies View RelatedUbuntu :: Finding Information Supplied To Verify A Downloaded .iso For Security?
May 28, 2011I searched Using my User Name and did not find the post post made for this problem.Still the search using the User name does not return the first post or this.
View 4 Replies View RelatedSecurity :: Server Hacked - Finding Process Behind Sending Emails
Jun 13, 2011I just got control over a server that was hacked several months back. The other day we started receiving rejected emails sent from my server to a yahoo email address that is no longer active that contained users login information. I am trying to find the process that is sending these emails. So far its been like finding a needle in a haystack. The email that is being sent is appending the login information each time it is sent so there must be a local file that contains this information. I have tried using grep and find without any luck.
View 2 Replies View RelatedUbuntu Security :: Finding Two Strange-looking Files On Windows Shared Folders?
Mar 30, 2011Recently I've been finding two strange-looking files on my Windows shared folders! Their names are 'khy' and 'qffhtx.exe', they appear as hidden, and they're hard to delete!! especially the first one because it has no extension. I use Ubuntu 10.10, but I am worried because I also dual-boot Windows XP. Today I tried to open the .exe file in nautilus to see what is inside and I received the message "Unable to open archive", 'khy' is apparently an empty text file. Then I unmounted my /home partition so my files are out of the way, and I ran the .exe file using WINE,
Now I have a strange-looking applet on my top panel!! and it says "Script paused", also it says "Exit', and also Wine command prompt says something strange about "LockWindowUpdate", don't imagine it I'll post the screenshots so you can see it for yourselves. Also --and this is weird-- the virus apparently is trying to call a Windows process named csrcs.exe!! Again, I'll post the screenshots.
If this is a virus, then it's like a fish out of the water on my Ubuntu, it's probably trying to do something but it can't find its way around, it's kinda funny, but Im worried because I also dual-boot Windows XP, I'm having a hard time trying to remember the name KHY, it's a very weird acronym, it's the acronym of a disease, according to what I googled, i'm sure it's a virus!!! Anyway it's HARD to remember!!!
what can I do about this? How can I see the "script"? can Ubuntu kick its ***?how can I clean my Windows?
Ubuntu Security :: Kubuntu Natty Finding What Programs Have Open Ports?
Jun 25, 2011Well I'm kinda a paranoid person, and got bored and ran a port scan from 0 to 500000 and turned up some interesting results, I was wondering how I find the programs tied to each open port. Its my computer and I'd like to very well know what programs are needing these ports and for what usage.
View 7 Replies View RelatedSecurity :: Cannot See Source On First SSH Entry In IPTables
Jul 23, 2010Now I managed to get iptables to work with my OpenVZ configurations and everything seems to work as it should. However when I run iptables -L I can only see source for the second SSH rule, why isn't the first ones source/IP shown? Also if you have any comments about the setup feel free. I'm running SSH, Apache and local MySQL
The xxx.xxx is simply to hide my IP's
Code:
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
iptables -F
iptables -F INPUT
iptables -F OUTPUT
iptables -F FORWARD
iptables -F -t mangle
iptables -X
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -d 127.0.0.0/8 -j REJECT
iptables -A INPUT -p tcp --dport 22 -s 77.213.xxx.xxx -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 62.198.xxx.xxx -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED -j ACCEPT
iptables -A INPUT -m state --state INVALID -j REJECT
iptables -A INPUT -j REJECT
iptables -A INPUT -j DROP
Debian :: UFW Failing To Deny Incoming Pings
Feb 3, 2016I'm unable to get the "Uncomplicated Firewall" (UFW) to deny incoming pings. I've set it to deny incoming. Yet when I ping it, it responds.I'm using Debian 8.2 jessie KDE fresh/clean install with all updates.Below is the terminal output from a simple test (I've added an extra line feed between the commands for clarity):On a Debian 8.2 computer -- I install UFW, enable it, check its status (deny incoming), and get the Ethernet address:
Code: Select allroot@Computer:/home/user# apt-get install ufw
.... (long output -- no errors or warnings)
root@Computer:/home/user# ufw enable
Firewall is active and enabled on system startup
[code]...
The Debian computer with UFW active is responding to the pings, when it should be ignoring them.Rebooting the Debian computer doesn't fix the problem.This setup is very simple. I'm using all UFW defaults.This is a new Debian 8.2 install (clean) with all updates.
Networking :: OpenVPN Connects But No Replies To Pings
Jan 7, 2011I have an asus router running tomato firmware. Through the webGUI I have set up an openVPN server as per the tomato guides. I am using the network manager plug-in in ubuntu 10.04 to connect as a client to the tomato openVPN. All of my certificates seem to be set up and working correctly.
I am able to successfully connect to the openVPN server using the ubuntu client but after that I get nothing. On the client side I am unable to ping the router, any ip addresses inside my private network, the virtual network ip, and web browsing (client) no longer works.
Also, when connected I am unable to ping the client from the private network.
Before connecting
Code:
chris@ChrisLaptop:~$ ifconfig
eth0 Link encap:Ethernet HWaddr 00:1e:68:90:5e:e9
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
[Code]....
Ubuntu Security :: Restrict SSH To Specific Source Ips?
Apr 7, 2010I want to restrict SSH so that its only accessible via the machines I own on this network. Obviously need to secure user authentication/host authentication, that aside though is the following sufficient at a network level given technical users also use this network? IP addresses are static, though I know they could be spoofed.
Code:
Chain INPUT (policy DROP)
target prot opt source destination
existing-connections all -- anywhere anywhere
allowed all -- anywhere anywhere
[Code]....
Security :: Fix A Source File That Had Definately Not Changed?
Jul 9, 2010I am running a Fedora 10 Virtual Server and get have a feeling I have been hacked. I needed to fix a source file that I had definately not changed myself. It was a PHP file concerned with usernames and passwords so that made me even more suspicious. I have been investigating and found the following. If you need other information give me the command I should run and I will update, I am no expert in this area and use the server to host my website and SVN. I am the only person that has access to the server.
Code:
# lsof -u nobody
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
[code]....
Security :: Updates: Specify Source Port For Traffic?
Dec 14, 2010I've a server, and I want to drop all the traffic going out with other source port than 80 (apache) and 22(ssh). The reason is I want to prevent my machine sending packets I don't know (i.e. my server scanning networks or making DDOS attacks without my knowledge). The problem are the updates. If I do what I've said, the updates will not work. I want to allow updates, so I need to let DNS traffic (port 53) and the traffic of the updates to go out.
The problem is the source port. This traffic uses a dynamic port (I think like HTTP). Is there any way to specify a source port to do this? If a have a static port to do this, I would drop all the traffic going out with other port than 22,53,80 and this port.
