Security :: Limit Number Of Connections For Single Ip On Port 80 To CentOS 5.5

Sep 5, 2010

How to number of connections for a single ip on port 80 to CentOS 5.5 with iptables? connlimit did not work on CentOS and nginx does not provide a module for that

View 4 Replies


ADVERTISEMENT

Security :: Limit The Number Of Ssh Connections?

Dec 13, 2010

Dist: Fedora 14
SSHD: OpenSSH 5.5p1

I need to limit the number of ssh connections a user has. All the users are using tunnel only so their shell is set to /sbin/nologin The logins do not open a shell they just create the tunnel so /etc/security/limits.conf has no effect on them at all.

I tried setting 'MaxSessions 1' in sshd_config but either that doesn't not do what I expect it to or it plain does not work as even with a normal user I was able to open an unlimited number of sessions. I need a good secure way to limit each user to 1 ssh session without them having a shell but Im unable to find a solution.

View 13 Replies View Related

Fedora Networking :: Limit Outbound TCP Connections To Single IP?

Oct 19, 2009

I'm having a problem that seems to plague a lot of people judging from my research on the web. I have a hosting provider that limits the number of incoming connections to the shared host to 50 per IP.

I have a single IP for outbound connections and I use Squid as a proxy server.

Lately I've tripped across the 50 connection limit frequently - and that's with only 1 user. It seems the problem is related to the performance you can get out of a desktop these days. Its not impossible to have several browsers open with several connections to different sites on the same server - and boom - locked out!

So it occurred to me that there must be some way to limit the number of outbound connections in the kernel - but I've not found it. I did find that Microsoft had been limiting the number of outbound connections in XP to 10 to address the virus problem, and I've found countless hosting complaints and dialog on the subject with no easy solution.

So my question is simply, does anyone know how to limit the number of OUTBOUND connections to a single IP in the kernel?

View 2 Replies View Related

Server :: Limit Number Of Simultaneous Connections From Any Given IP Addrss Every 5mins Say

Jul 28, 2010

except is there is a way to enhance mod_limitipconn.c to ensure that apart from restricting one connection allowed from a given IP, also set so that an IP can only connect on every set interval ?e.g.restrict the number of connections from a given source IP to say once every 5 minutes or so?if not mod_limitipconn.c, any other mechanism to do the expected result?

View 2 Replies View Related

Security :: Policy That Limits Connections On Port - Encapsulates Total Sum Of All Connections From Hosts?

Jan 21, 2011

Is it fair to say that connLimit and hashlimit are very similiar on Linux i.e. while hashlimit caters to limits for groups of ports, they both set the connection rate limit per host? How in IPTables, do I configure a policy that limits connections on a port that encapsulates the total sum of all connections from all hosts? i.e. I do not want to allow more than 6000conn/minute for port range that is the sum of all connecting hosts?

View 3 Replies View Related

Security :: Limit Number Of Emails Send From One IP?

May 19, 2009

I'm looking for a solution for sendmail to limit the number of emails send per miniute per IP. For example all my local computer user with ip 192.x.x.x need to able to send 10 emails/minite (emails, not connections!. The rest of the world can send for example 200 emails/minute to the mailserver. If the amount of emails per minute is exceeded, sendmail needs to block receiving emails from the spesific IP. I want to do this to stop spaming from my local network. Is it possible?

View 1 Replies View Related

Ubuntu Security :: Possible To Limit Number Of Prompts For Keyring Password?

Jan 18, 2010

I have a standard home set-up for my Ubuntu OS, and I would like to know whether its possible to cut out the repetitive prompts to enter the password, as when you connect to the internet or access files on a partition that's not home, or install new software.

View 1 Replies View Related

Security :: Restrict Number Of Sftp Connections?

Nov 9, 2010

if i want user should`t have more than 20 sftp connections to a server,is there any way we can limit no.of connections to a particular user on the server using ssh configuration

View 7 Replies View Related

Ubuntu Security :: One Limit The Number Of Open Sockets To Prevent Exploiting?

Dec 6, 2010

I was searching around and I stumbled upon a Linux Kernelix Sockets Local Denial of Service exploit.I downloaded the exploit, compiled it ran it to check if I am vulnerable.As I was expecting, the exploit instantly "killed" my Maverick system and I had to use the power button to reset my computer...Is there any way to limit the numberof allowed open sockets?I don't think that this can be done using /etc/security/limits.conf in a similar way of preventing the fork bombs

View 1 Replies View Related

CentOS 5 :: Limit To The Number Of Virtual Guests?

Jun 22, 2010

Does anyone know if there is a limit to the number of virtual guests you can have in kvm. RHEL has a limit of 4. RHEL AS is unlimited. What is CentOS?

View 1 Replies View Related

CentOS 5 Hardware :: Limit Sata Speed For A Single Device

Dec 18, 2010

I have an external sata dock for hdd that give me a lot of error till linux decided to lower the speed of it to 1.5 then it start work well

View 2 Replies View Related

Security :: IPtables Port 25 Connection Limit Without Blocking Barracudas

Jan 11, 2011

I am at a loss how to prevent Denial of Service attacks to port 25 and not block legitimate connections from 2 Barracuda 800(s) and block smart phones such as iPhones/Blackberrys/iPhones that use the server smtp.server.com for email.
Presently for port 25
RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT

The 2 Barracuda 800(s) make port 25 connections all the time, plus users with smart_phones have the incoming server type:
IMAP
pop.server.com
smtp.server.com

Is there a way to keep Denial of Service attacks from happening with iptables rules without causing blocking to the Barracuda(s) that make constant port 25 connections & smart phones that poll? I was thinking if I allowed the Barracuda(s) in these lines
-s (barracuda)24.xx.xx.xx -d (emailserver)24.00.xx.xx -p tcp -m tcp --dport 25 -m state --state NEW -j ACCEPT

Where the source would be the Barracuda going to the email server. It would be allowed, then I am left with how to allow other connections like Smart_Phones that connect via Port 25. I am thinking if I put rules in place doing connection counts in a minute it would result in errors connecting to the server and people would start complaining. Plus any limiting may result in blocking real traffic. Then would I need to allow the ISP range in the above example to accept port 25, I am still left with how to drop a flood/denial of service attack.

View 4 Replies View Related

Server :: Limit On The Number Of Virtual Machines Running On RHES / CentOS XEN?

May 2, 2009

We've been experiencing sudden host server crashes minutes after starting a fourth virtual machine. Our setup looks like:

Dell Poweredge T300
1 x Intel Xeon X3323 Quad Core 2.5 ghz
16 GB Ram
CentOS 5.3 (64 bit)

Server is running a stripped down version of CentOS 5.3 (64-bit), running only the built-in Xen Virtualization Environment. There is no other services running on the server (not samba, httpd, sendmail, cups... nothing except Xen) We've created several virtual machines, and as long as we don't start a fourth virtual machine everything runs smoothly (impresive hardware).

Each virtual server is configured as:

PARAVIRTUALIZED
1 Virtual CPU
1 GB RAM

However, 5 minutes or so after starting a fourth virtual machine, the entire host server crashes and restarts itself. Are we limited by the number of cores on the host machine CPU (4 cores)? 1 for the host and 3 for virtual machines? We've read in forums about other Xen setups running up to 11 virtual machines on less powerful hardware? (a dual core server). Should we be using FULLY VIRTUALIZED virtual machines instead? Is the number of XEN virtual machines in fact limited by the number of cores? If so, how can someone run several virtual machines on a single core host?

By the way, we were replacing a previous Dell Server (Poweredge 2600 with 512 MB Ram and a single Xeon single core processor running Open Virtuozzo). We were able to run up to 16 virtual machines at the same time. Of course none of the machines endured hard work (testing environments, etc). But hey, my point is that we expected to get a much higher number of virtual machines on this new hardware.

View 8 Replies View Related

CentOS 5 Networking :: Configuring For Large Number Of Tcp Connections?

Jan 24, 2011

i've got a select based application that wants to support a large number of mostly idle connections. the code is java and works on windows, suse enterprise linux, mac os x. it does not work on centos 5.5 (32-bit, 2.6.18 kernel, 1G of memory).

i've read and followed the directions in various articles about tuning linux for large numbers of connections (including the C10K problem), and gotten the number of sockets up to 3200.

these didn't make any apparent difference:

[URL]

on windows, i can get up to around 78,000.

on suse enterprise linux (a few years ago), i got up to 90,000. that's where i got bored and stopped.

on my mac laptop with os x (snow leopard), i got up to 10,500.

i have used ulimit -n 10240

my current goal is 10k sockets.

the test is that i'm opening one socket at a time until it fails. when it fails, many of the sockets which have already been opened also fail, in one giant cascade. sounds like a buffer / memory problem.

each group of 64 sockets gets a thread to manage select calls for them. thus i'm only using around 61 threads total when it fails.

View 3 Replies View Related

Security :: Iptables - Limit Access To Port 8443 On Server To 2 Specific IP Addresses

Dec 23, 2010

I'm trying to limit access to port 8443 on our server to 2 specific IP addresses. For some reason, access is still being allowed even though I drop all packets that aren't from the named IP addresses. The default policy is ACCEPT on the INPUT chain and this is how we want to keep it for various reasons I wont get into here. Here's the output from iptables -vnL

[Code]...

Note the actual IP we are using is masked here with 123.123.123.123. Until I can get everything working properly, we're only allowing access from 1 IP instead of 2. We can add the other one once it all works right. I haven't worked with iptables very much. So I'm quite confused about why packets matching the DROP criteria are still being allowed.

View 10 Replies View Related

Ubuntu Security :: Cannot Connect To Port Number / When Firewall Is Enabled

Sep 5, 2010

i am using 9.10 karmic. Firewall is enabled. added ports with ufw allow [portnumber], and i still cannot connect to a port number. iv tryed ufw allow ssh/tcp but that does not work. the ports work when i disable the firewall and i dont want to do that.

ufw is available in all new installations of Ubuntu since 8.04 LTS, but is disabled by default. The standard Ubuntu installation has a no open service ports policy, so enabling the firewall by default doesn't gain any extra security in the default installation, but could provide confusion for people new to Ubuntu when new software that is installed does not work because of restrictive firewall rules. As a result, when first adding ufw to Ubuntu it was decided that users must 'opt-in' to using the firewall. In Ubuntu 9.04 and later, you can enable ufw during installation using preseeding. See /usr/share/doc/ufw/README.Debian for details.

View 7 Replies View Related

Server :: How To Change Sendmail Port Number In Centos 5.4

Aug 4, 2011

currently i want to configure sendmail port number 25 im using these port numberalready how can i chage my senmdail port no.

View 2 Replies View Related

Debian Configuration :: Port (exp. 1001) Have 20 Connections That The Next New Connection Forword To An Other Port (exp.1002)?

Jul 15, 2011

i want if a port (exp. 1001) have 20 connections that the next new connection forword to an other port (exp. 1002).

View 2 Replies View Related

Server :: Limit The SSH Connections?

Jul 14, 2011

Is it possible to do limit the SSH connections using IPTABLES, like per day minimum 10 times only ssh connections can allow like that, or any other way to limit the SSH connections.

View 1 Replies View Related

Ubuntu :: Port Forwarding Crutch - Number Of Apps That Are Unable To Have The Outgoing Port Changed ?

Mar 28, 2010

I'm not that great with mailservers, and just been thrown a curveball with a MS Exchange environment for which there is apparently no solution... yeah, right. But is there a workaround?

The problem is that the site mail (SMTP) needs to be sent via port 26 instead of the commonly used 25. Port 25 is mapped to a mailfilter, which apparently causes havoc with some of the mail, and the techs that have been on site trying to coax the Exchange server to co-operate have said that the only way would be to get rid of the filter.

The problem is that there are number of apps that are unable to have the outgoing port changed and so keep sending mail out on port 25.

I look after the Unix/Linux side of things at work, and I was wondering if there was an easy way to set up a Ubuntu box to receive mail on port 25 and just forward it to the MS box on port 26? So, in other words (and I hope this makes sense): monitor port 25, and forward whatever comes in on port 25 to the server on port 26. Simple portforwarding, or is it? What steps do I need to take?

View 2 Replies View Related

Red Hat / Fedora :: Finding The Maximum Limit Of Connections FTP Server?

Jul 1, 2010

tell me the maximum limit of connections FTP server

View 2 Replies View Related

Fedora :: How To Limit The Number Of Files In A Particular Directory

Aug 31, 2011

I was nosing around in my /home folder and I noticed that the /.thumbnails directory had 38,000+ files in it. That number seem a bit excessive to me. Is there a way to limit the number of files that are allowed to be in that directory, and maybe delete the oldest files automatically when the directory reaches it's limit in order to make room for the new incoming files, so there are no "directory full" type of errors?

View 8 Replies View Related

Ubuntu Servers :: Limit On The Number Of Processors?

May 6, 2010

I have a server with 48 cores, 8 6-way Opteron CPU's. Ubuntu Server 9.04 only sees 32 processors. Is there a limit on the number of cores/processors that the server will use? Windows 2008 on the same server sees all 48 cores and the so does the BIOS, so this is unique to Ubuntu right now.

View 5 Replies View Related

Server :: Limit The Number Of Logins For A User To Only One?

May 3, 2011

I ran into a user today that indicated that their company only allows them to log in through a terminal session once (no multiple logins). On second try their login window terminates. They are using putty.Is this being accomplished through PAM or sshd ( or some other method)?

View 1 Replies View Related

Programming :: Limit In Number Of Fields That Awk Can Handle

Mar 2, 2011

I have a file with 200 000 lines and I want to append the fields of each line based on matching first field. The resulting file should have 70 000 columns but has "only" 18 000. The command I'm using is working perfectly with a smaller file, wich lead to 14 000 columns. Could there be a limit in number of fields that awk can handle ? Here's my awk command :

Code:

awk -F, 'END { for (k in _) print _[k] } { _[$1] = $1 in _ ? _[$1] FS $4 : $1","$4 } ' file > out

Also, this command writes ^M (windows line break) after each columns. Removing them is easy but where do they come from ? Working on Ubuntu 10.10

View 4 Replies View Related

Security :: Iptables Not Opening Port On Centos?

Dec 24, 2010

I'm trying to open port 119. I already have a few ports open. I've used webmin to open both incoming and outgoing ports. iptables --list --numeric gives me:

Code:
...
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:10000

[code]....

View 4 Replies View Related

Programming :: Limit Number Of Concurrent Jobs By Process Name?

Apr 7, 2011

I am trying run audio conversion on my server that I want limited to a certain number of processes based on process name. I am using the following script but it isnt limiting the number of job like I want it to.

Code:
#!/bin/bash
$num_jobs = 13
while [ $(ps -A | grep -v grep | grep -c pacpl) -ge $num_jobs ]
do
sleep 1

[Code]...

View 3 Replies View Related

Ubuntu Servers :: Limit The Number Of Concurrent Clients In Ssh Server?

Feb 1, 2011

I am using ssh server to connect to my Ubuntu desktop. I opened the file sshd_config and change my port number of the server.I want to put a limit on the number of clients in the ssh server.

View 2 Replies View Related

Networking :: Max Number Of Concurrent TCP Connections

Feb 3, 2011

How do I find the maximum number of concurrent connections (in any state)? I'm running RHEL5 2.6.18-194.26.1.el5. Also, does tcp auto tune affect the number of concurrent connections or is it mostly used for dynamic buffer size allocation?

View 3 Replies View Related

General :: Restrict Number Of SSH Connections By User Name Or IP?

Sep 14, 2010

Can I restrict the number of ssh connections to my Linux box - by username or by ip or both?

View 1 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved