I've noticed in my Apache logs a lot of hits to a specific URL on my server. The thing is, the URL is invalid and returns a 404. Every hit has a different Agent ID (things like Windows NT 4 and IE 8, Mac OS and Safari, Windows 7 and Mozilla, etc) and usually a slightly different IP address. If you browse the URL with Chrome/Firefox, it gets reported as potential phishing activity - despite it only returning a 404 error.
I blocked a range of IPs with IPTables which worked for a while, but I can see the IP address has changed again (outside of the range I set) and is generating logs again.
Is it possible to automatically block any IP attempting to access this specific URL?
I'm trying to configure our mail server to block email from a specific sender reaching a specific recipient. In other words, if one of our employees is getting harassed by a 'stalker', how would one go about blocking, at the MTA (Sendmail) level, a specific sender email address from reaching a particular users inbox? We do not want to capture the email - simply block it before it consumes server resources.The Sendmail server (MTA) is a front end to our Exchange server so no user accounts exist on the Linux server. We simply use it as a SPAM and Virus scanner then forward clean email to the Exchange server.
In Iran there is a famous "access denied page" that redirects you to a strange page with a lot of HTML errors and lol, telling you RTFM about ridiculous Internet laws.I want to filter the contents of the page, because the page IP, URL, ... are all unknown.I don't know much about squid configuration scripts.I can read but cannot write
Recently I discovered that we were accidentally running a POP server (port 110), when we only should have been running the encrypted version thereof (port 995). This wouldn't have been a problem if the port was blocked in the first place. I had wrongly assumed that any port NOT specifically listed in one's firewall rules (CentOS 5 with default iptables installation) would be blocked. I thought you had to add a rule to /etc/sysconfig/iptables in order to open up a port. Apparently this is NOT the case. So is it true that if I install some random software that starts listening on any number of ports that I have not specifically mentioned in /etc/sysconfig/iptables that it will not be blocked - it will work right away?
Anyway, I guess two questions: 1) What's a generic way to block a specific port? I use rules like this to "open" ports (although is this not needed if they're open anyway?) -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 995 -j ACCEPT What's the analog of this kind of rule to *block* a port? 2) Is there a better way to configure iptables to block all ports that are not mentioned in its configuration? Is that dangerous? (will it block things that I don't want to block?)
I run the openssh daemon on port 22 and have the proftp running on port 21. I would like to block SSH for a specific user.I use proftpd.I would like to prevent the SSH access for this user and leave the FTP working for this user specific.Into /etc/passwd, I tried to change the /bin/bash to /bin/false, but this blocks both SSH and FTP access for this account.
I closed all Internet related apps and the connection persisted. After a reboot it did not reconnect (yet).The IP address appears to belong to esomniture.com - some sort of web analytics company. How do I prevent my computer from connecting to these rascals. I have found a lot of documentation regarding stopping inbound connections to services on my computer but not the other way. I have various filtering addons installed in Firefox however, this connection seems to be at a lower level as no program is specified as being responsible for the connection.
What I want to do is from a file having block like
<event> 8 3 0.2685416E-02 2 -1 0 21 -1 0
[code]...
The first line after the "<event>" is its process-id, so I would like to have at the end a summary of how many "event" block I have for each type, ie how many
6 1 0.2685416E-02
or how many
7 2 0.2685416E-02
etc etc
I do not know in advance how many different-kind of block I will have, so it has to be a bit smart to scan the file, and make an new "summary" info for each unique type I was using something like
Consider a situation in which you want to display only specific lines of contents from a file or of a command's output. Yes, we have head and tail commands. But, how to view all the lines of a file except the last one or vise versa when we don't know the count of lines in advance?
Here, I don't want the last line (in italic) to be included in the result since the last line is due to "grep bash" in the devised command "ps au | grep bash". Well, we can rewrite the devised command:
Quote:
"ps au | grep bash | head -n 2"
But, again, here we are specifying the count of lines to be included. But, in the presented problem we don't know any count in advance!
This sound very weird, but i'll try to explain it as good as i can.When i hit a key on my laptops keyboard, i cannot move my mouse for a split second.I can replicate this by typing and trying to move the mouse mean while.but this is very annoying if you e.g. I hit ctrl+c and trying to move the mouse afterwards or opening a tab, that the mouse just freezes for a while.
Is there a way of allowing only certain domain to send e-mails to certain specific e-mail address. I am using Sendmail, and I have an alias which translate to certain members of staff within my organization. I don't expect e-mails from outside our domain to be sent to this alias e-mail address.
I'm running Ubuntu 10.04. I downloaded the package and am following this guide: http://www.howtoforge.com/how-to-ins...on-ubuntu-9.04
While I'm running through the installation wizard via the terminal, i hit an error at this step:
None of the pre-built vmmon modules for VMware Server is suitable for your running kernel. Do you want this program to try to build the vmmon module for your system (you need to have a C compiler installed on your system)? [yes] code...
I'm trying to get a script to autostart and hitting some snags. I know the script works, because I can manually launch it from a terminal window. I've perused the forums and followed similar advice to put the script in the /etc/rc.d/init.d directory and then create a symlink in the rc5.d directory (S99my_script) I've even tried appending ". /etc/init.d/myscript" to the .bashrc file
I've managed to get the machine to autologin "myuser" upon startup (that's the owner of the .bashrc file I edited), but still the script won't start when myuser auto logs in. the system default is set for password protect on screen save so if I simple let that happen, as soon as I exit screen save the script launches, so it almost works.
so the safest way to go about this is to assume I know nothing. I mean, I have a rough Idea of what a kernel is, no idea what a shell is, etc. I do consider myself computer savvy, but know NOTHING about linux and thats why I'm Diving in, hopefully not too much, this is just to give you an idea of what we're working with here.
After several install attempts I kept getting a blank screen. Whether it be black,white, or the default gnome desktop (without any icons, and simple things like ctrl+alt+backspace just doesn't work, or anything else for that matter) I was ending up with a blank screen. Driver for moniter....maybe....but I did succesfully install it once, and it worked like a charm...shutdown properly, and the next day after work...Boom, same thing after startup.today I started from scratch and re-installed....samething, until I hit the power button, went from the dvd(iso) and did a fail safe, now my resolution is much better than it was the first time..Actual questions.....what did I do to fix it when failsafe never worked before?
Is there a way to save these settings, so I don't run into the problem again, because I don't even want to turn of my computer at this point?If i'm trying to dive in and learn the command line actions, is there any substancial difference between gnome terminal or hitting "c" to bring up the command line?
i am able to try ubuntu and everything works fine until i try to install. the menu comes up to the first page where it tells you to plug in your machine and make sure there is enough disk space and network connectivity. when i hit next on this page the mouse icon changes but the next page never loads. the longest i let it hang there was 2 hours. ive tried multiple times with the same result.
im running from a flash drive on an ASUS Eee PC 1001P-PU17
Up through Slackware 13.0 I used xorg.conf without trouble. On Slackware 13.1 I am caught between two unacceptable alternatives. If I don't use xorg.conf at all I can't adjust the screen density between e.g., 640 x 480 and 1024 x 768 by hitting <ctl><alt>+ or <ctl<alt>- If I use the same xorg.conf that I have used for years I gain the above facility but when I go to a console session via <ctl><alt>F1 the monitor complains that it is being fed bad information. If I can't resolve this conflict I will have to retreat to Slackware 13.0.
How do I give permission to a logged in user to stop/start a specific service without entering a root/sudo password? So they can do a simple "service SomeService stop|start" It is for a headless Ubuntu server.
my system I want user1 and only user1 to be able to mount and unmount a specific partition, this partition contains backups and is usually mounted read only, needs to be temporarily mounted read/write by user1 while doing the backup.user1 is an unprivileged user. I've read that the user option will let any user mount the file-system (and only that user can then subsequently unmount it) and that the users option allows any user to mount or unmount the file-system.I also found this in mount's man pageQuote:The owner option is similar to the user option, with the restriction that the user must be the owner of the special file. This may be useful e.g. for /dev/fd if a login script makes the console user owner of this device. The group option is similar, with the restriction that the user must be member of the group of the special file.So it looks like I'd need a login script for that user to make the user owner of the device file (/dev/voiceserv/backup in this case)
I need to search a bunch of files in a specific folder for a specific number and add all the numbers together to a total sum. I use Rsync everyday, everytime I run rsync i get a logfile (rsync output) witch contains the textstring "Total bytes sent: xxxxxx".
The "xxxxx" can vary in lenght. I need to extract the "xxxxxx" from each file and add the numbers together to a total size over a week or a month. Is this possible? And I wish to only use bash. One way of doing stuff at a time my friends .
I configure squid to work with squidGuard , and all thing work properly , but there is problemfirst look to this squidGuard.confdhhome /usr/local/squidGuard/dblogdir /usr/local/squidGuard/log
I want to record an internet radio station starting at 2:00am tomorrow morning. The specific program on the radio station lasts until 6:00am. The command I need to run to record the station is: Code:mplayer http://wjcu.jcu.edu:8001/listen.pls -ao pcm:file=indie_heat_of_the_night.wav -vc dummy -vo nullI'd use cron, but 1. I'm not sure how to and 2. it seems unnecessarily complicated for something that I only want to run once. If cron is the only/easiest solution, I guess I'll just have to resort to that, but I'd rather not.
I've used IP block for 10.10. I'm wondering if there is, has, or will be a version of IPblock for 11.04? If there is one already out there, where and how do I get it?
Perhaps I might be a minority demographic here, but I am. Is there a way and how? Ubuntu Software Center doesn't seem to have this option. I come from a long history of being a Windows power user, and I am picking up pretty quickly with this stuff. I find QT ones leave little screen droppings and it bugs me to no end. Some might not, but I like it to be kind of GTK pure. If I wanted a QT app I would have picked Kubuntu with KDE. I admit that it is kind of cool that you can run an app from another desktop and vice versa. I am not trying to start a flame war, nor am I dissing any of the developers that may have made some awesome QT application I may not know about. Is there another software center like thing I can install that at least combines all the QT and GTK ones into separate groups rather than making me fend for myself?
i dont like microsoft. I refuse to support them or give them market share in any way. I get tired of going to a website just to have microsoft linked in it somehow, such as having a bing map display on the page. Is there a way to configure Privoxy to completely block all microsoft related crap? A list or range of IP's that could be blocked? If so, anyone know where I can get a list of microsoft ip's to block?
In a book, I read tha cmchk command is used to get the disk block size. But in Ubuntu, it is not allowed as command is not available.Can some body tell me what is its equivalent in Ubuntu.
