Security :: Php Includes Blocked By Firewall?
Jun 18, 2009
If I use my current iptables firewall settings my php includes from my own site get blocked by the firewall. If I use accept all tcp and udp it still does not work. If I use a default policy of accept all, then the php includes work which is not safe. I am running a drupal 6 site on a centos 5.3 vps with apache 2.2.0 and php 5.2.6 w/ safe mode on. He is my current iptable configuration.
Quote:
Chain VZ_FORWARD (1 references)
target prot opt source destination
Chain VZ_INPUT (1 references)
target prot opt source destination
[code]....
View 2 Replies
ADVERTISEMENT
Jul 27, 2011
I was using Transmission BitTorrent the other night, when I noticed that I was getting heavily spammed by one particular IP. I then stopped the torrents and disabled the network.I wanted to add my own block-list, containing this IP, to $HOME/.config/transmission/blocklists, but could not get it working. Transmission is supposed to parse this text file into binary format upon startup. I tried both allowed formats, but Transmission kept on creating an empty binary file (this was version 1.93 in the official repo, I have since upgraded to 2.33 by adding a PPA, and it now works correctly).
I then blocked this IP in the firewall outbound traffic policy, allowing Transmission, on the port number that I forwarded on the router, on the inbound policy. After a restart, I watched the torrents picking up speed as more peers connected, and then saw this IP getting blocked. However, the same IP immediately also appeared as a peer in one of my torrents.I then double checked all settings and log files, to ensure that there is no typo. The same IP that was shown as blocked in the log files, also successfully made a connection to Transmission. After a while I gave up, and shut down.The IP was an incoming connection, but was explicitly nominated to be blocked in outgoing traffic. The firewall was supposed to silently ignore this IP, not making a connection possible.
ICMP filtering was enabled, with the following not allowed:
- Address Masking
- Redirection
- Source Quenching
Now surely this is not normal?Is this a bug in ip-tables?Isn't this a serious security breach?
View 2 Replies
View Related
Mar 17, 2010
I'm using Plesk as my control panel. After the PIX was installed, I mapped the old IPs to the new IPs. Port 80 is OPEN. My PHP includes won't work when I use the domain, actually nothing works when I use the domain infront of it. I tried adding 10.0.0.1 [URL] to /etc/hosts and still had no luck
View 1 Replies
View Related
Nov 28, 2009
The firewall in Fedora 12 seems to block UPnP by default, but opening port 1900 for UDP, as I have seen suggestedes not resolve the problem.have the following three scenarios:Firewall Enabled: Transmission cannot open a port by UPnPFirewall Enabled (1900 UDP allowed): Transmission cannot open a port by UPnPFirewall Disabled: Transmission opens a port via UPnP fineAny ideas? Yes, the port that I'm trying to open is also allowed. Router is a Linksys BEFSR41 v4.3, should you care
View 6 Replies
View Related
Aug 3, 2011
I run ubuntu on home pc and am very happy with it. I use internet to surf and to see my email on gmail.com etc. What commands should I give to setup ufw firewall so that only this much is allowed? Also, where can I see if some other connections have been blocked?
View 9 Replies
View Related
Jan 3, 2010
i have a server running vsftpd, and when i connect to it from the server itself using my externel ip address, everything checks ok, and i can browse files. but when i try to do the same on a windows computer on my network, this is what happens: [my externel ip is blocked out with x]
[Code]....
now mind you, my linux server is running from port forwarding from my router, which is connected to the main computer, and i have ssh and squid running as well. not sure if those two have any affect on the service. i think this is a problem with the firewall, because i have read somewhere that multiple ports need to be open for a passive ftp to work.
View 12 Replies
View Related
Jan 15, 2011
I setup Mediatomb on another box in my house to connect to with XBMC. XBMC will only connect though if the firewall is off on the local machine. I have both TCP and UCP ports 1900 and 50500 (the port for Mediatomb) enabled on my laptop (local) and the correct ports are open on the remote machine (my wife's vista laptop will connect through XBMC). I can connect to Mediatomb through it's web interface (to set visible folders/files) but not through UPnP (at least not through XBMC)
View 9 Replies
View Related
Jul 11, 2009
Small server running 5.3 - stock postfix configured to use Maildir. Dovecot configured but both pop and imap ports blocked by firewall. Access to mail is via Squirrelmail via https. Configured to virus scan via ClamAV. Works just fine. Now I want to add procmail filtering. So I create these two files - ~/.forward and ~/.procmailrc in my user home dir: "|exec /usr/bin/procmail -f- || exit 75 #mpeters"
View 1 Replies
View Related
Jul 24, 2010
I am using pidgin messenger. Its not connecting properly as our Internet is blocked by a firewall. Can we do something so that it works properly
View 5 Replies
View Related
Aug 7, 2010
As per our requirement, I need to implement a Secure FTP server for around 500 users which includes security level on both - Transfer and Rest data. Apart from this I also need the following features -
1. Size quota on Users & reminder mails for the same
2. Password expiry notifications and user interface to change their password within specified time interval
3. Aging of data - After specified time, data will be moved to some other location from their home directory
4. All type of log maintenace for each file and user and log exporting
5. Uploading & Downloading speed consistency as per server level.
6. Read-write interface for user and read-only interface for their client for the same account.
7. Backup and Recovery options.
As of now, I am using VSFTPD which does not give these much of features in combine.
View 2 Replies
View Related
Mar 19, 2010
I have prepared a static lib(.a) comprising 2 function definitions. I have created a different shared library(.so) comprising 2 more functions. The two functions of .so use the functions defined in the .a file. That is, the .so file uses the services of the .a file. Next, I create an executable that uses the shared library(.so). When I build my executable, it needs to be linked with the .a file as well. it gives me undefined reference for the functions defined in the .a file. Why is that so? I am posing this question because, the .a file has already been included(static linking) while bulding the .so. Is there any workaround so that I need not link the .a file with my final executable?
View 2 Replies
View Related
May 9, 2011
Can we use iptables as firewall instead of Juniper firewall
View 2 Replies
View Related
Sep 21, 2010
Is there anyway i can ssh/rdp/telnet into my server from the outside bypassing comcast ALL blocked ports
View 1 Replies
View Related
Jun 7, 2011
I've setup the Uncomplicated Firewall (UFW) on Ubuntu 10.04 LTS and blocked an IP address. UFW status shows that the firewall is active and the IP in question is denied. The issue is that I'm seeing the blocked IP address in my Apache logs.
View 1 Replies
View Related
Nov 18, 2010
We have a spam in our network and we installed antivirus in all our systems and cleaned the virus from all pc's after that i had removed my ip from the database of blocked ip's but still my ip is blocked for sending spam i don't know from which pc the spam is going on the internet.
so i have a question that my proxy server is redhat linux and as a newbie i don't know the command's to find out which pc is creating large bandwidth to the internet. If you tell the command how to see which pc is sending spam then i will discard that pc. Also i want a strong firewall to stop spam activities.
View 6 Replies
View Related
Mar 11, 2010
I have installed MoBlock as instructed here: [URL]
After installation I created my own list file in /etc/blockcontrol/custom-blocklist.p2p and have the following uncommented at the bottom of /etc/blockcontrol/blocklists.list:
Code:
locallist /etc/blockcontrol/custom-blocklist.p2p
The list contains the following 2 entries:
Code:
Yahoo:98.137.149.56
Google:74.125.47.147
When I do:
[Code].....
Recently I just noticed that the locallist rules seem to have no effect. I will always get "destination port unreachable" even if the locallist entry in blocklists.list is commented out.
However, whenever I try to browse to that IP, even when blockcontrol is on, even by typing the IP into Konqueror (not the domain name), it lets me go there every time. How can I know that my other applications will not to do the same thing? How can I lock this down and test it empirically to be sure?
View 1 Replies
View Related
Sep 17, 2010
I don't know is this the right place to ask, but i must ask some questions Here's my problem.I'm a student in highscool,and here we use Linux(ubuntu) OS .Every classroom has like 30 PC's connected with the main computer(the teacher's one) so....3 days ago we were forbidden access to some websites it says This domain is Blocked.By the way the Linux version installed is 7.04(feisty Fawn) i tried disable cookies that did not worked,also tried to whitelist some website,that also didn't worked out
View 7 Replies
View Related
Mar 17, 2010
On April 10, 2010, I upgraded some packages on my Ubuntu 9.04 server. This included an upgrade to "ufw 0.27-0ubuntu2". I rebooted the server, and all appeared to be fine.
Now I've noticed that UFW is not logging blocked packets since that reboot. It used to do this. It is still logging the allowed packets that I've configured it to log.
Here's what a "ufw status verbose" says code...
View 2 Replies
View Related
Dec 8, 2010
I come to Ubuntu with the notion that it is much more secure than Windows. In XP I had an anti-virus, third-party firewall and sundry softwares against spybots, rootkits etc. The anitivirus blocked the suspicious web pages while browsing. I generally avoided public networks, carrying a portable internet device Do I need similar stuff with Ubuntu.
View 9 Replies
View Related
Sep 23, 2010
I have a Suse11 box with 2 network cards:
I have squid as a proxy on the Suse box, and with the default firewall I have to enable masquerading to allow clients on the eth3:1-3 to send and receive mail through the Suse box. I found the Suse firewall completely inadequate (all P2P software/connections are allowed once you enable masquerading) and had to install ConfigServer Security & Firewall. In die configuration of csf I could get my way around getting smtp to work for the eth3:1-3 clients, but pop3 connections does not go through the box. I know I need to allow port 110 and 995 to masquerade of NAT (or something) and then the same for port 22
View 2 Replies
View Related
Feb 23, 2011
I tried installing F-prot's linux scanner but it doesn't seem to want to install and I am tired of messing with it.
So I am wondering if I even need it or if there is something else.
I am behind a firewall already with my router if that helps any.
I guess I am having trouble understanding why virus protection is less necessary.
Do people not write viruses for linux systems?
View 7 Replies
View Related
Feb 13, 2010
i want set up IDS(Intrusion detection system) and Firewall in my home just for learning.. The Goal is learn IDS log and Firewall log..
View 4 Replies
View Related
Feb 9, 2011
In the past week or so I've noticed some weird network behaviour. I find accessing some sites such as Amazon, Paypal, and Bigstockphoto really slow. Sometimes the page will not load at all. Other sites are fine. The problem sites are not a problem for others on my LAN at home. When I try to open the problem sites, I can see in Firestarter blocked connections coming from 2.1(8/9).xxx.xxx on various ports such as 36007. This only happens for the problem sites. I attached a typical output from firestarter.
This happens with Firfeox or Chrome. Using Ubuntu 10.10
View 4 Replies
View Related
Jul 20, 2010
I have Ubuntu running on an old PE server. It is running Virtualbox with an instance of Ubuntu inside. The instance is there to run my honeypot.
The server box IP is192.168.1.10. The Virtualbox is bridged with it's own IP of 192.168.1.200. The honeypot daemon is listening to 192.168.1.201 with arpd.
I set up the UFW with DENY. And then enabled only the ports leading to the honeypot scripts which are abound to IP .201. I then forwarded the ports necessary to run VNC to .200.
Here is the UFW status:
buntu@ubuntu-desktop:/var/lib$ sudo ufw status
Status: active
To Action From
-- ------ ----
192.168.1.201 21/tcp ALLOW 21/tcp
192.168.1.201 4444/tcp ALLOW 4444/tcp
192.168.1.201 5544/tcp ALLOW 5544/tcp
[Code].....
View 8 Replies
View Related
Mar 7, 2011
Setting up firewall
View 12 Replies
View Related
Jul 22, 2009
Up until recently, as in a few days ago, I was using Ubuntu and had ufw managing the firewall.It's been "recommended" that iptables itself be used. Where do I do the rules go (as in a file) and how do I call those rules at startup?
View 6 Replies
View Related
Jan 30, 2010
im currently running fedora 11 on my computer and i have this old firewall called firestarter. firestarter is very outdated but it has better rules for blocking connections like IGMP does any one know how to add filter rules so i can block IGMP trace and other unknown protocols it would be cool
View 5 Replies
View Related
Feb 14, 2010
at the end of my first in fedora i've seen that there is an integrated firewall. With ubuntu i used iptable but we haven't a internal gui firewall. I was looking for reviews but i couldn't found no about it because beeing new i'd like to know if this firewall is good or if is better to install iptable.
View 7 Replies
View Related
May 23, 2010
Will I need to actiavte the firewall that comes with Ubuntu since I'm using Transmission?
View 9 Replies
View Related
Aug 13, 2010
I am new to the Ubuntu/Linix world (less than a week).
I have tried the search, but have had difficulty finding threads on this.
Can someone recommend an excellent firewall to use with Ubuntu?
View 9 Replies
View Related
