Slackware :: What Software For Checking On Unauthorized Network Traffic?

May 8, 2010

I have been thinking lately about the number of computers connected to the internet that become "zombies" for sending out span (or worse) when they are attacked with ssh over the internet using some kind of script. Today, I read an article in a magazine about internet detective work when you find that there has been an unauthorized attempt to connect to your machine. According to this article, almost any computer connected to the internet is attacked very frequently and the log files of that computer will show this. I have seen these in my own log files in the past.

I have learned a number of ways to track down the attacker (to a very limited degree). But what I would like to know is a relatively easy application to run and understand to monitor my network traffic and find these attempts quicker. I know I have probably almost nothing to be concerned about, but I would like to be able to head this kind of problem off. I have a number of machines connected to the net and each other and my wife does a lot of business on the internet. So, besides becoming a bot for some criminal, I don't want any credit card details stolen.I have read about Wireshard, snort, etc. Is there an application (with gui preferrably, but not mandatory), that is novice compatible that will let me monitor this?

View 11 Replies


ADVERTISEMENT

Security :: UDP Traffic Unauthorized On Ubuntu 10.04?

Mar 11, 2011

has my Ubuntu machine been cracked?

machine on home lan
192.168.0.102
it is the DMZ from router
ufw on (ports open for aMule)
sshd installed

[Code].....

View 2 Replies View Related

Slackware :: Network Traffic Prints In Console @ Slack 13?

Mar 24, 2010

I've been using slackware since slack12.2 on a linux box as router at home with some servers running on it and it's been awesome and performs perfectly. But since I upgraded to slackware 13 there is something that drives me crazy. I use to manage the box through SSH but sometimes I have to do some configs localy and it's almost impossible because I have constant echos of some traffic the iptables is forwarding to other hosts on the network.

View 6 Replies View Related

Server :: Request From Unauthorized Host - Boot From Network Using PXE And NFS

Apr 25, 2011

In the sys-log from server there a lot of message like this: Code: Apr 25 10:38:45 server portmap[2569]: connect from 192.168.1.3 to getport(nfs): request from unauthorized host Apr 25 10:38:46 server portmap[2570]: connect from 192.168.1.3 to getport(nfs): request from unauthorized host 192.168.1.3 is a client that want to boot from netwrok using PXE and NFS. However it doesn't boot and enters (initramfs) prompt. Seems that the server deny the connection from client.

View 5 Replies View Related

Server :: PPTP Traffic - Gre Traffic Is Being Generated During The Browsing / Reduce Traffic

Sep 27, 2009

Recently I notice that when I'm connected to an vpn server (pptpd) and I'm using it as a default gateway my download and upload speed decreases almost to the half of the usual speed. I made a test using iptables in order to count how much GRE packets are generated (except the real traffic itself) in that way:

Code:
iptables -I INPUT -p gre -j ACCEPT
iptables -I OUTPUT -p gre -j ACCEPT

iptables -I FORWARD -s 172.16.10.101 -j ACCEPT
iptables -I FORWARD -d 172.16.10.101 -j ACCEPT
The first 2 rules match all GRE packets between the pptpd server and client, and the next rules - the traffic between the server and the client.

When I turn the counters to zero and begin to generate traffic (to browse, to download etc.) I see that the GRE packets are even more than these in the FORWARD chain.

So, my question is first of all is my test correct and is it true that so much gre traffic is being generated during the browsing (it becames clear that the traffic is double than if the pptpd wasn't used as a gateway) and if yes - can that traffic be reduced?

View 3 Replies View Related

Networking :: Install Mrtg On A Client Computer In Network And Measure The Network's Router Traffic

Sep 4, 2009

I wanted to know if i can install mrtg on a client computer in network and measure the network's router traffic.i know that it can be installed on the server.

View 5 Replies View Related

OpenSUSE Network :: Blocking Outgoing Network Traffic On Workstation?

Sep 14, 2011

As too my question, at this time I dont control the router/firewall an I would like to block a port thats used for guild wars on my workstation for a while. The reason for blocking is children have abused it an lost it.In this case I am trying to block outgoing traffic on port 6112. I have tried setting up a proxy server on the workstation, but the game seems to ignore it an jump on. Due to the environment, I enabled the workstation SuSEFirewall2 firewall an tried setting up "lo" as a internal an configure the firewall as a router, then disable 0/0 an configured for 0/0,tcp,443 an re route port 80 traffic to proxy.

When I had my own internet, I had a transparent proxy enforcing rules for access times. So setting up a proxy on each machine would not be a bad thing, even if it took some creative thinking. I am trying, but seem to be missing something.Ideally, I would like to setup a transparent proxy, as my kids have learned alot about system administration an know to check the proxy module. If all they have to do is un check "Use Proxy" an by pass a local proxy server, then I am kinda defeated. An applications such as firefox have a proxy setting they could set to none instead of system

View 9 Replies View Related

Slackware :: Checking - And Finding The Source For Dependencies ?

Nov 23, 2010

I'm looking to install, and perhaps create a SlackBuild) for an application that I think might be interesting.

The dependencies listed are:

libx11-dev, libxt-dev, libimlib2-dev, giblib-dev, and libxinerama-dev

I've checked to see if the packages are installed w/:

Code:

I've also looked for any existing SlackBuilds, but the only one that showed up in the database is: "giblib"

Where can I look to find these dependencies, their sources, or determine whether they're already installed in Slackware64 13.1?

Also, how would one determine if this can compile for a 64bit, non multi-lib install?

View 3 Replies View Related

Slackware :: Disable Damn Spelling Checking In Firefox 2.0.x.x?

Jun 22, 2011

Linux kernel 2.6.21.5, Slackware 12.0
Firefox 2.0.0.4

What's said.

View 5 Replies View Related

Slackware :: Error: Checking For C Compiler Default Output File Name

Feb 20, 2010

I downloaded Go-OpenOffice from SlackBuilds.org, but I can't build it. make terminates with configure error: checking for C compiler default output file name. configure: error: in `/tmp/SBo/ooo-build-3.1.1.5': configure: error: C compiler cannot create executables See `config.log' for more details.

(I can't find config.log anywhere) I use a quite 'light' installation (no xap, ap), and I suspect that I have some unmet dependencies, but the error message provides no information about what software is needed (I've installed all dependencies listed on SlackBuilds.org). I'm using Slackware64-13 with Xfce

View 3 Replies View Related

Slackware :: Fsck Not Checking Non-root File System At Boot Time

Apr 21, 2011

Fsck is not check any file system which are not root file system at boot time.

Normally it run: /sbin/fsck -A -R -C -a

But this command doesn't do anything.

I've tried to strace it, and looks like this:

Code:

View 2 Replies View Related

General :: Command For Checking The Network Performance And Status?

Jun 15, 2010

what is the command for checking the network performance and status?

View 3 Replies View Related

Software :: Real Time Network Checking On Application?

Apr 17, 2010

I want to monitor an application lets say that it will be apache2 to see how many in real-time it takes network resources such as upload/download per second how can i do that in linux (cmd not gui) ? I know it's possible because i can see this in windows in my nod32 firewall monitoring.

View 3 Replies View Related

Hardware :: Get Stopped At Authentication Required / 401 Unauthorized?

Jul 28, 2010

When I try to add a printer using this web interface.I get stopped at authentication required.I put the root login and pass but

401 Unauthorized.Enter your username and password or the root username and password to access this page. If you are using Kerberos authentication, make sure you have a valid Kerberos ticket.

View 11 Replies View Related

Software :: Redirection With NuFW To Go On Unauthorized Website

Feb 23, 2010

I'm using NuFW but I don't know how could I have a redirection if the user try to go on a unauthorized website... On this moment, my web browers continue to try to join the website, even if nufw has already send a negative response. I would like that my browers redirect me on a other page, how could I do?

View 1 Replies View Related

Fedora Security :: Prevent People From Unauthorized Access?

Mar 19, 2009

I'm doing a research to protect my pc from physical access. What I'm facing here is that my company created a program for fedora 8 and plans to sell the unit away. We created a function where you can configure the program using any web browser from a network so we do not want anybody to have access to the fedora except for out personnel.

Based on my research, I've found [URL] this guide to protect people from accessing grub and single user. I am currently researching on preventing others to clone the harddisk. I would like to know if there are any other methods to prevent people from unauthorized access to fedora.

View 14 Replies View Related

Ubuntu :: Protect A File Or Folder From Unauthorized Delete?

Aug 13, 2011

How can I protect a file or folder from unauthorized delete.

View 9 Replies View Related

Ubuntu :: Checking Disk Mean Checking All Partitions On Hd?

May 10, 2010

Sometimes at startup I get this message "Checking disk 1 of 1". Does that mean it's checking all partitions on the hd? After a bad shutdown there is no prompt for fsck to run and the system just boots up. In fstab I have both options set to "1" for the partition Ubuntu is on, all others set to "0". Any ideas on both?

View 3 Replies View Related

General :: Monitor Network Traffic Of Each Application?

Jan 22, 2010

I am on a slow Internet connection and it really makes me mad if something gets downloaded in background (like automatic update of any software) without my knowledge.

How can I monitor my network traffic sorted according to the "which binary file is using how much"? I can find the total transfer rate in "System Monitor" in Gnome, but what if I want to find for individual process. There are softwares like netmonitor in Windows, but how can I achieve that in UBUNTU LINUX.

GUI application will be nice, command line software will also be fine..

View 2 Replies View Related

Ubuntu Networking :: Unknown Network Traffic

Jan 16, 2011

I noticed a huge data transfer to my computer. I wasn't downloading anything big, I have just opened Firefox, Thunderbird etc. It stopped after a minute but I'd like to know, what that was - this wasn't the first time something like this happened. I promptly started Wireshark and captured a few packets, all of them look like this:

[code]...

I tried to look at [URL]... but that webpage does not work. what the traffic might be caused by? Couldn't anyone hacked my pc?

View 9 Replies View Related

Ubuntu Networking :: Monitor Network Traffic ?

Jan 20, 2011

Is there an easy way to monitor network traffic? I want to make sure my kids are surfing safe...

View 5 Replies View Related

Networking :: Software That Measure QoS Of Network Traffic?

Jan 31, 2010

I need software that measure the QoS of network traffic , Any recommend program?

View 3 Replies View Related

Networking :: Filtering Traffic On Network Interfaces?

Feb 8, 2010

I am manually capturing and injecting Ethernet traffic (using lib_net/lib_pcap libraries) for an application. At the moment , both capturing and injecting are done on the same physical interface (e.g. eth0). The problem is that all the traffic that I inject, are captured again by my application causing an unwanted feedback of injected traffic. This caused that I had to implement traffic filtering when capturing traffic, which is consuming resources and eventually will become too complicated to support.

I have tried using virtual interfaces to separate the capturing and injecting streams, but that also presented the same problem as all the traffic from eth0 is forwarded to both eth0:1 and eth0:2. If possible I would like both streams to go through 1 physical device, using more PDs will be the last resort. I am also looking at using TUN/TAP devices to try and separate the two streams, maybe writing a user-space program that lies between the physical device and the TUN/TAP devices to do the routing of traffic.

View 1 Replies View Related

Networking :: Software That Measure The QoS Of Network Traffic

Jan 31, 2010

I need software that measure the QoS of network traffic , Any recommend program??

View 1 Replies View Related

Networking :: How To Know Which Program Generates Network Traffic

Dec 8, 2008

Via a network traffic monitoring tool I see that my laptop is generating lots of outgoing (EDIT : incoming !!) network traffic. Although no download program is running or any other program of which I know that could be generating this much traffic. Something strange is going on and I need to know how I can find out which program( s ) are generating network traffic.

View 7 Replies View Related

CentOS 5 Networking :: How To Configure Network For Web Traffic

Oct 18, 2009

how to configure my network for web traffic.Here is my setup:I have the following virtual machines, (all guest are running on CentOS 5.3);

firewall: Smoothwall 3.0, (hardware, not virtual)
guest # 1: Apache http server
guest # 2: Qmail server
guest # 3: Proftp server

I want all of these services on different machines for security reasons, (mainly the ftp server) how do I route the traffic from the firewall to the different machines? I have been looking at setting up a reverse proxy, however, everything that I have read says that a reverse proxy will not handle the smtp/pop3 traffic. Can I just use a DNS server to route the traffic?

View 5 Replies View Related

Ubuntu Security :: Program - Network Traffic Monitoring

Jan 31, 2010

Is there a program that monitors and displays 'who' is on your wireless Internet signal that one may not be aware of? Like, the ability to see when someone that you don't know is accessing your locked wireless?

View 9 Replies View Related

Ubuntu Networking :: Monitor Network Traffic (for All Computers)?

Sep 27, 2010

what I want to achieve is just to be able to say to who ever is killing our relatively fast connect that they aren't the only person using the network. Everyone just says "I hardly download anything." which is obviously untruthful as normally I can download at 1.5 MB/s but now loading even google.com takes way too long (same with pinging and all other sites). Once I do this, I can determine whether or not I need to call my ISP and do the long 'on hold' dance and "have you tried rebooting the router" BS.

View 8 Replies View Related

Ubuntu :: Conky For Network Traffic Based On Time

Dec 11, 2010

I have installed conky from soft manager after knowing its power today. I'm using 10.10. I want to design a conky script which monitor the network traffic ie total upload + download on monthly basis as I'm on limited internet plan which is too common here. I have free usage from 2am to 8am in the morning and want to exclude this traffic. So I'm in search of a custom script which can accomplish this.

View 1 Replies View Related

Ubuntu Networking :: System Generating Lot Of Network Traffic

Apr 4, 2011

I am running Ubuntu 10.10, upgraded a few weeks ago from 10.04. I noted from the system monitor that the system was generating a lot of network traffic, on the order of 10Mbps if the information is correct (using system monitor and iftop). From the process table, it appears that smbd is accumulating a lot of CPU time, which sort of makes sense as I use Samba for printing from a Windows 7 laptop. But the traffic seems to be making a round trip as I just rebooted the system and it reports in about 10 minutes of uptime 1.2GB was send and 1.2GB was received. Laptop is used for work, it is sitting idle for the last 30 minutes (VPN connection, etc); no backup or other interaction with the Ubuntu system.

View 6 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved