I just installed open Suse 11.3, and I cannot SSH my school. Upon further investigation I could not even ping any machines outside my local area network. Ironically I could nmap machines outside my local area network.
I'm working with a Ubuntu 10.04 LTS system with two network interfaces (both Ethernet). I wish to setup this system such that it is simultaneously connected to my local and an OpenVPN network and able direct traffic between the connections depending on what program is sending the traffic. The problem: Under my current OpenVPN configuration all network traffic is directed to the VPN.
In practice, I would like OpenVPN to operate out of one of my two network interfaces and leave the other interface connected to the local network. Then by default all network traffic should be directed to my local network unless I specify (on a per program bases) that certain traffic should go though the VPN. These two network connections can (should) stay completely independent of each other and do not need to talk to each other.
One question that weight a lot of points was about ethernet... the professor asked why ethernet is used only in local area network? resuming i wrote that ethernet is used only in LAN because it is shared and so for big network there could be a lot problem in using the shared channel.. for istance using protocol such as CSMA/CD, if a big network has a lot of hosts, they could wait a long time before sending...is it right or am I wrong?
At home I have two computers running linux connected to the same router. I would like to be able to connect them so that I can move files between them and execute simple commands. What is the most simple way to access a prompt on the other computer or to mount a partition currently used by the other computer?Using the www it is possible to connect two computers using ssh, but it should be easier to do this over the LAN, right? I have been googling a lot but not found anything.
I am new to networking and trying to setup my own local area network using virtual box machines. I have installed BIND 9.7.3 using yum in Fedora (dns server) and created all necessary .conf and zone fil es. I am successfully able to resolve domain names on this host machine (dns server). for example dig @dns.domain.lan client1.domain.lan correctly resolves domain name.
I have a computer, the one I am on now, with Ubuntu 10.10, it should be completely updated... and I can network with other computers, I can access Windows XP and 7 shared locations on other computers, and I can also get Ubuntu on other computers to access this computer's shared files.What I can't do, however, is share my hardrives that are on this computer, I have tried sharing them in /media/ and etc, but it is not working, apparently you have to mount them in some mystical way.
Another problem is getting Windows machines to access Ubuntu computers on the network - which I believe is a Windows problem, so I can figure that out some other time, but importantly, I want to be able to share my hardrives over the network.
If someone can give me some instructions to mounting and sharing hardrives(internal), and even my DVD-Drives, and portable USB devices, would also be fantastic - since, in Windows you can just right click, "share", and it's done.. It is a very useful thing to have, and I don't want to use Windows on this computer anymore, but I have no choice, really, if I can't share my storage to the other computers.
My network diagram is internet<---->dansguardian proxy(centos5)<--->my network i have blocked facebook for my network but now i want to give only 2 ips to get its access & i do not want to enter these ip in exceptioniplist as if i doo so then they will be able to access all the sites that i have blocked. and if i am giving this entry [URL] in bannedsite list it is also not working.....
I want to write a custom rule to allow all connections to the ip addresses on my local network (192.168.2.2 through ...99) but I don't know how. I know adding a custom rule asks me to read a file and put it in "iptables" format, but I don't know how...
I just set up my firewall, and now I can't see any Samba workgroups. It says it can't find any workgroups on my local network, and it may be caused by a firewall. It is a firewall issue because if I disable my firewall, I can see the workgroup. What do I need to open on my firewall to see the workgroup? I am using Slackware64 13.37.
Here is how I set up my firewall.
Code: iptables -P INPUT DROP iptables -P FORWARD DROP iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -i lo -j ACCEPT iptables -A INPUT -p icmp -j ACCEPT I got the commands from here url.
I want some advice for making my system more secure. I want deactivate any network connection that is unnecessary. Only my browser and the update ability of zypper should have access to the internet. On windows there are personal firewalls.
How can I block internetaccess for all other programmes on openSUSE?
i have successfully done the setup of postfix and dovecot on this link [URL]I run Cent OS on top of window 7 via VM Player,i want to access mailbox from windows 7 using email client like Thunderbird and Outlook. What setting i need to do in my mail server ?
From this thread I've decided to try add a feature of removing local port forwardings in ssh.Here are some very ugly and not-yet working hacks what I made so far:
* Patch for channels.c * Patch for channels.h * Patch for clientloop.c
I was clearly expecting this to work without any troubles-everything seem to be logically correct, but I made a programming mistake somewhere: don't know where, maybe you will point me to this?Many sites say there is a WAY AROUND with -D param(starting socks proxy as a tunnel-generator), added since 5.2, but I don't need that way around. I need a way through. I use exact ports for exact services and if I want to change it runtime I'd like to have ability to do so.If you have other ideas or points instead of coding this, please share them here & here(original question).
I run a small (cabled) network between a desktop with XP with two printers hooked to it and a laptop with Ubuntu 10.04.1 64b. I can approach and use these printers from my laptop and filesharing works also. BUT ... this only works when my Ubuntu firewall (Gufw 10.04.5) is switched off. I am operating behind my router_modem which has a hardware type of firewall switched on at all times so I presume I'm safe. Now my questions:
1. Is this really safe enough? 2. What kind of settings would Gufw need to be able to use it AND use my mini-network for printing? I have no experience whatsoever with firewall rules and settings.
I currently want to set up a network with 2 Ubuntu servers (mail and web) in a DMZ in order to separate them from an internal network. I want to use a dedicated Linux firewall. This firewall will have 3 network interfaces on it. One network interface will connect to the external router/modem (router and modem in one box), one interface will connect to the DMZ and the other interface will connect to the internal network. The router/modem lets you put, I think it's 1 or 2, interfaces in a DMZ.
But, when I think of any of the dedicated firewall's or servers' interfaces it doesn't make sense to me to put any of them in the router/modem's DMZ (I think it would be better for the dedicated firewall's and the servers' interfaces to have static private I.Ps ie 192.168.2.4 etc right?). What I mean is that even if, as far as the router/modem is concerned, none of the interfaces were in a DMZ, the area where the servers are would still effectively be a perimeter network and with such a set up would still be, effectively,a DMZ, right?
I have Ubuntu 8.04 as virtual host. On this host I have installed VirtualBox virtualization software. I have installed Windows XP as virtual machine and installed HTTP server.I would like temporally disable all network connections to host and virtual machine.So on Ubuntu host I have set firewall settings:
Code: sudo iptables -F (to flush - delete all firewall settings) sudo iptables -P INPUT DROP (to disable all input traffic)
A bunch of hosts all connected to each other.I'd like to have a directory where a group of hosts can dump files and all access, synchronising with each other their changes automatically and transparent to the user.How can I have it so that rsync updates both ways?
* host A asks host B for a list of files, modification dates, checksums
* then applies the rules to select which files it will fetch from B
--> if A owns the file then do not get modifications from B --> files differ, then select newer file
I was having a discussion with someone who said that telnet, FTP, HTTP plain-text authentication in the local subnet is ok because it's a switched network. Also, that these protocols are not good over the net but in a local subnet they are just fine.
I know that someone can plug a hub in the network port and connect 2 (or more) PCs and see the packets. Also, heard about ettercap but haven't really delved into it. I know dsniff was written to prove the point that unencrypted protocols are bad. Would like to get opinion about unencrypted protocols over a switched networks.
I suspect this is an initial configuration bug. All firewall logs seem to be going to all three files. That causes a lot of clutter in the log files, and makes it difficult to see whether there are any serious problems being logged.
I installed a fresh copy of Ubuntu 11.04 on my server about 2 weeks ago, I setup remote desktop and figured to just leave the password field out as it suppose to be pre-configured to only accept local connections, well, apparently not. I was noticing some strange network activity and checked my router connections and sure enough I see port 5900 to the server, open vino icon and see that there is someone else connected! (IP of unauthorized user: 188.8.131.52 ).. Immediately kick them and set a password. This should really be addressed and/or a password should be defaulted or at the very least the "Your desktop is only reachable over the local network." should be removed.
I have squid as a proxy on the Suse box, and with the default firewall I have to enable masquerading to allow clients on the eth3:1-3 to send and receive mail through the Suse box. I found the Suse firewall completely inadequate (all P2P software/connections are allowed once you enable masquerading) and had to install ConfigServer Security & Firewall. In die configuration of csf I could get my way around getting smtp to work for the eth3:1-3 clients, but pop3 connections does not go through the box. I know I need to allow port 110 and 995 to masquerade of NAT (or something) and then the same for port 22
I have a local install of Wordpress and I've added a port forward rule in my firewall to share our site with family and friends (we're using a members only plugin). I have a DYNDNS account and my router automatically updates with this account.The problem I'm having is when I test accessing our local site from outside my network. I use my dyndns account name and port number to access my local Wordpress, I can see the login screen but once I login, the url changes from my dyndns name to the IP Address of my local server and then I never see any pages on my site.
I'm thinking it has something to do with either the WordPress address (URL) or the Site address (URL) since they currently have the ip address of my local ubuntu server that hosts our Wordpress site.So what have I configured incorrectly here?