Software :: Does Blocking IP Address Saves Bandwidth?
Jun 18, 2010
I have one server that has Asterisk running.On front of that, I use DD-WRT router as gateway. As I have checked the log files, I saw that there is a specific IP Address that is continuously accessing the application and trying to authenticate to SIP with a series of extensions. This is like DoS attack for SIP. What I did was to block/drop the IP in DD-WRT using the iptables. I can see from the /proc/net/ip_conntrack that it is being "UNREPLIED". But my concern is that does it still uses a lot of bandwidth even though it is already being blocked?
View 14 Replies
ADVERTISEMENT
Sep 4, 2009
I hv Cent OS 5.3 installed as server. I hv a network of approx 100 desktops and laptops. For a security purpose i want to block certain laptops from gaining a the network access using dhcp. Can we block the ip address leasing if a specific MAC address request for a ip lease?
View 7 Replies
View Related
Jul 15, 2010
I want to ask about securing the FTP connection... I have one server that Installed with Redhat Linux Fedora 6.
And now, i want to securing the FTP access, so only the selected IP will be allowed to connect. Do anyone know how to do this?
Another thing is, my server using Webmin 1.3 to manage the server and there not installed / not configured yet with Frox FTP, ProFTPD Server, WU-FTP Server... even there is such thing in my Webmin...
Can i make use one of the three FTP i mention above, and if yes, will it be affecting the current FTP access?
View 1 Replies
View Related
Dec 31, 2010
I'm assuming that the following should block the complete 178.123.xxx.xxx address range.
Code:
iptables -I INPUT -s 178.123.0.0/24 -j DROP
Then I believe that I need to save this change.
Code:
service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
However, I'm not so sure that it is actually working based on the fact that there continues to be access to my wiki from that address range. The following is after I made the firewall change.
Quote:
178.123.177.61 - - [31/Dec/2010:04:24:40 -0500] "GET /mywiki/Opera%20Web%20Browser?action=edit&editor=text HTTP/1.1" 200 6346 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
code....
Let me state that I'm new at this iptables thing. I did some reading and decided that I need to make the above change to the firewall but it doesn't seem to make a difference.
View 12 Replies
View Related
May 8, 2010
I would like to COMPLETELY block a specific IP address using iptables. I found this one:
Code:
iptables -A INPUT -p tcp -s xxx.xxx.xxx.xxx -j REJECT --reject-with tcp-reset
Will this work? How do I undo the changes later?
View 2 Replies
View Related
Mar 30, 2009
I am setting up a iptables firewall on one of our servers, and I would like to block a range of addresses from getting into the system. I am using a script that does a BLACKIN and BLACKOUT methodology for specific addresses. One example is the following:
Code:
$IPTABLES -A BLACKIN -s 202.109.114.147 -j DROP
...
$IPTABLES -A BLACKOUT -d 202.109.114.117 -j DROP
What would be the correct syntax to use if I wanted to block an entire remote subnet from getting into the server?
View 4 Replies
View Related
Feb 4, 2011
How to block an ip address from mikrotik so that when a fake user use this ip he doesn't get internet but in the mean time real user gets internet. Real user will not harm if fake user trying to access.
View 3 Replies
View Related
Apr 6, 2011
I need to block mac address in my network then i foolowed as below acl's but am getting output as follows I tried as in /etc/squid/squid.conf acl block arp aa:aa:yy:yy:xx:xx http_access deny block but it give me error as like: - (This is the output of # squid -k parse) aclParseAclLine: Invalid ACL type 'arp' FATAL: Bungled squid.conf line 1234: acl block arp aa:aa:yy:yy:xx:xx squid Cache (Version 2.5.STABLE6): Terminated abnormally.
View 7 Replies
View Related
Jun 29, 2011
I have UBUNTU server 10.04 LTS with 3 NIC "eth0" local and eth1,2 as internet connection and it acts as firewall, http proxy and samba file server ,I installed Zentyal panel manager for my server for easier management I did not configure any specific rule for my firewall but I have some problem with my clients who wants to connect to my server as gateway or as file server even my self experienced these problems too. these problems are as follow:
1. some time for a few minutes (maximum 10 minutes) my server block some of my clients to access it or internet but just for minutes but it is very annoying.
2. all of my clients those who login to an https servers or login to their mail or those who has some software like team viewer say that they are logging out from their session randomly I mean some of them logging out from their mail(yahoomail or googlemail ) or disconnecting from teamviewer connection or as I saw team viewer disconnecting for a few seconds and then comes back again. but I did not set any thing in my firewall or other services. this is my complete iptable rules:
View 9 Replies
View Related
Sep 21, 2010
i configured Squid3 server in my Ubuntu 10.04.Now the ip based and content based blocking is working fine.Now i want to configured bandwidth allocation of ip address and group ip address..pls give the solution
View 11 Replies
View Related
Jan 21, 2010
I'm trying to shape bandwidth using HTB method and filtering classes with destination mac address. for this I've found two codes but none of them seem to filter bandwidth as i want (test with iperf)
code 1 Code: tc qdisc add dev eth0 root handle 1: htb
tc class add dev eth0 parent 1: classid 1:1 htb rate 1000kbit ceil 1000kbit
tc filter add dev eth0 parent 1: protocol ip prio 3 u32 match u16 0x0800 0xFFFF at -2 match u16 0xM4M5 0xFFFF
code....
View 1 Replies
View Related
Mar 23, 2010
For system calls, is blocking or non-blocking default in C? Simple question, just am not seeing the answer super quickly.
View 4 Replies
View Related
Nov 18, 2010
I created a the class like this for shaping the packets with a specified bandwidth rate.....
tc qdisc del dev eth0 root
tc qdisc add dev eth0 root handle 1: htb default 15
tc class add dev eth0 parent 1:0 classid 1:1 htb rate 750kbit ceil 750kbit
tc class add dev eth0 parent 1:1 classid 1:3 htb rate 600kbit ceil 750kbit prio 0
For Our Requirement:-
I dont want to specify the bandwidth rate strictly like this rate750kbit ceil 750kbit,based on whatever speed is coming which should allocate the bandwidth rate for particular class...I need one application for finding the upcoming bandwidth & Is any other method is there for specify the bandwidth rate in a classes.
View 1 Replies
View Related
Dec 25, 2010
I have a device that is working on modbus protocol andI have written a small program(with block TCP read method ) to read its registers via modbus protocol.my program is working very well but except those times that I unplug the Ethernet cable or turning off the modbus gateway during programs work.at this time my program stops on recv system call (if it reach this system call exacly when I unplug Ethernet cable or turning off the modbus gateway during programs work).I changed my source to work in nonblock TCP method, at this time with the same situation my program does not stop/block on recv system call but after pluging back the Ethernet cable or resuming the connectivity situation back it reads data incorrectly .this is my code:Quote:
#define DEBUG
#include <fcntl.h>
#include <string.h>
[code]...
View 5 Replies
View Related
Feb 9, 2010
My computer saves it's state when shutting down. So when I boot back up, all the applications I had running boot again. I HATE THAT. When I shut it down, I want everything GONE on next boot up. How do I fix this?
View 2 Replies
View Related
May 27, 2009
We have a sipmle office network set up that we also use use to connect to the internet, however of late the number of users has increased thus slowing internet access. Bandwidth upgrade is not an option thus i have to do bandwidth shaping on our linux router. The question is how do set the squid configs to allow certain IP's range a certain percentage bandwidtheg 60% and furthe divide the rest. Alternatively how can allow certain IPs to have higher bandwidth access.
View 1 Replies
View Related
Mar 10, 2010
i am using ubuntu 9.04 jaunty. i want to save the .deb files of the applications i have installed. now the synaptic package manager saves the .deb files to /var/cache/apt/archives . but where does the add/remove saves the the .deb files?
View 7 Replies
View Related
Oct 16, 2010
Just started using the above distro - anyone know how to make persistent saves to a USB device?
View 5 Replies
View Related
Aug 30, 2010
When I save txt document in "gedit", it also saves cursor's position. How do I disable this feature?
View 1 Replies
View Related
Aug 4, 2011
To change where Cheese stores photos/videos you have to change it in gconf-editor.under /app/cheese...But it's missing. What am I missing?
View 3 Replies
View Related
Nov 3, 2010
Once I've used the 32-flash plugin on Ubuntu 64-bit, it was buggy but it saved all the movies (from ..... and other websites) to the /tmp folder which was great.
Now I've installed the native 64-bit flash and I have a no idea where it saves the movies - do you know ?
View 5 Replies
View Related
Aug 11, 2010
after update f12 to f13 geany stopped to work correctly on remote storage (sftp). Geany opens file correctly, but when I try to save, it saves empty file. I tried "notepad" and "gedit", they work good on f13. Geany on f12 worked correctly too.
View 3 Replies
View Related
Feb 27, 2011
I would like to create a command in the vim that saves a text document and also compile it. Is it possible?
View 4 Replies
View Related
Nov 2, 2009
Is there a graphical front end for xrandr that also allows you to save your setup so that it automatically sets up the X configuration at boot time thereby simplifying this process. For example, at the moment if i want to use an external monitor on my laptop i have to manually set it up after booting as it defaults to the laptop resolution which is not a big deal but would still be nice to have this happen automatically. I tried putting a script into rc.local to do this but didnt work.I have tried programs such as lxrandr, grandr, arandr which are all good but dont allow you to save your choices so that they are automatically applied at the next boot of the X system.
View 1 Replies
View Related
Mar 7, 2011
It's a few days now that I notice everytime I save a page in Firefox, only the .html file is saves, and firefox does not make a folder associated with the page in which it saves the images, etc..Could this be because I installed TOR and the TORBUTTON for firefox?I have, however disabled the TORBUTTON addon from Firefox, and restarted the browserbut the problem persists.
View 2 Replies
View Related
Jan 21, 2011
I know how to take a screenshot on my Ubuntu, but I want to take many screenshots within a limited time (taking screenshots of a single execution of a program which I can not pause). Is there a program that takes the "PrtScr" keyboard key in charge and just stores every screenshot without asking? The standard Ubuntu tool pops up a dialog to ask where I want to save the file, I would like a tool that doesn't ask and just saves on the Desktop or wherever as 00001.png 00002.png etc.
View 1 Replies
View Related
Mar 31, 2010
My question is quite simple:What are type of applications where socket in blocking mode can be used ?
And where non-blocking mode to be used ??
TCP is blocking by default.
View 2 Replies
View Related
May 21, 2010
I have dual boot and every time I turn on my systen, the system asks for " F1: Save changes" and after clicking on "F1" button it saves the changes and then boots.
View 2 Replies
View Related
Mar 1, 2010
I just came back from a meeting with someone wo wants this functionality:When he saves a file on *his* machine, it will automatically get copied onto a server (this is on an office LAN). This is so if there's a virus attack on his machine, he will have an uninfected backup copy.
To make matters worse, the client machines will be WINDOZE. Apparently he's seen this kind of functionality at an office somewhere (he was saying something about "Microsoft" , but my brain has erased that part of the conversation ), and now wants it for himself.
I was thinking about Samba obviously, but the tricky part is doing the copying when the user *saves* a file. This will require hooks into the OS to see when a file is being saved.*If* I manage to persuade him to switch his client machines to Linux (which would be the ideal choice and make life far easier), how would it be done? I'd have to use the File Alteration MOnitor in the kernel, right?Would it be possible to write the copying code in a shell script?
View 6 Replies
View Related
Sep 14, 2009
Im an academic (university networks and security lecturer) studying/teaching network and operating system security, and inspired by the work of Hovav Shacham set about testing ASLR on linux. Principley I did this by performing a brute force buffer overflow attack on Fedora 10 and Ubuntu 9. I did this by writting a little concurrent server daemon which accidently on purpose didnt do bounds checking.
I then wrote a client to send it a malicious string brute forcing guessed addresses which caused a return-to-libc to the function usleep with a parameter of 16m causing a delay of 16 seconds as laid out in [URL] Once I hit the delay I new I had found the function and could calculate delta_mmap allowing me to create a standard chained ret-to-libc attack. All of that works fine. However .... To complete my understanding I am trying establish where I can find the standard base address for ubuntu 9 (and other distros) for the following, taken from Shacham:-
Quote:
[code]....
/proc/uid/maps gives me some information but not the base address ldd also gives me the randomised starting address for sections in the user address space but neither gives me the base address. Intrestingly ... when a run ldd with aslr on for over (about) 100 times and checked the start point of libc I determined that the last 3 (least significant) hex digits were always 0's and the fist 4 (most significant) where between 0xB7D7 and 0xB7F9. To me this indicated that bits 22-31 were fixed and bits 12-21 were randomized with bits 11-0 fixed. Although even that doesnt define the boundaries observed correctly.
Note: I am replicating the attack to provide signatures to detect it using IDS, and for teaching purposes. I am NOT a hacker and if needed to could reply from my .ac.uk email address as verification.
View 1 Replies
View Related
