Ubuntu :: Block IPs When Hitting Specific URL?
Feb 11, 2011
I've noticed in my Apache logs a lot of hits to a specific URL on my server. The thing is, the URL is invalid and returns a 404. Every hit has a different Agent ID (things like Windows NT 4 and IE 8, Mac OS and Safari, Windows 7 and Mozilla, etc) and usually a slightly different IP address. If you browse the URL with Chrome/Firefox, it gets reported as potential phishing activity - despite it only returning a 404 error.
I blocked a range of IPs with IPTables which worked for a while, but I can see the IP address has changed again (outside of the range I set) and is generating logs again.
Is it possible to automatically block any IP attempting to access this specific URL?
View 1 Replies
ADVERTISEMENT
Oct 1, 2009
I'm trying to configure our mail server to block email from a specific sender reaching a specific recipient. In other words, if one of our employees is getting harassed by a 'stalker', how would one go about blocking, at the MTA (Sendmail) level, a specific sender email address from reaching a particular users inbox? We do not want to capture the email - simply block it before it consumes server resources.The Sendmail server (MTA) is a front end to our Exchange server so no user accounts exist on the Linux server. We simply use it as a SPAM and Virus scanner then forward clean email to the Exchange server.
View 6 Replies
View Related
Feb 5, 2011
how to block a specific MAC address
View 2 Replies
View Related
Jul 28, 2011
How to block unwanted sites.
View 1 Replies
View Related
Aug 24, 2010
In Iran there is a famous "access denied page" that redirects you to a strange page with a lot of HTML errors and lol, telling you RTFM about ridiculous Internet laws.I want to filter the contents of the page, because the page IP, URL, ... are all unknown.I don't know much about squid configuration scripts.I can read but cannot write
View 1 Replies
View Related
Jul 9, 2011
Recently I discovered that we were accidentally running a POP server (port 110), when we only should have been running the encrypted version thereof (port 995). This wouldn't have been a problem if the port was blocked in the first place. I had wrongly assumed that any port NOT specifically listed in one's firewall rules (CentOS 5 with default iptables installation) would be blocked. I thought you had to add a rule to /etc/sysconfig/iptables in order to open up a port. Apparently this is NOT the case. So is it true that if I install some random software that starts listening on any number of ports that I have not specifically mentioned in /etc/sysconfig/iptables that it will not be blocked - it will work right away?
Anyway, I guess two questions:
1) What's a generic way to block a specific port? I use rules like this to "open" ports (although is this not needed if they're open anyway?)
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 995 -j ACCEPT
What's the analog of this kind of rule to *block* a port?
2) Is there a better way to configure iptables to block all ports that are not mentioned in its configuration? Is that dangerous? (will it block things that I don't want to block?)
View 3 Replies
View Related
Jun 10, 2010
prohibit execution of any program include shell command, only be profiled program could be executed, can apparmor do that?
View 5 Replies
View Related
Jun 19, 2010
I run the openssh daemon on port 22 and have the proftp running on port 21. I would like to block SSH for a specific user.I use proftpd.I would like to prevent the SSH access for this user and leave the FTP working for this user specific.Into /etc/passwd, I tried to change the /bin/bash to /bin/false, but this blocks both SSH and FTP access for this account.
View 3 Replies
View Related
May 19, 2010
I'm trying to block specific websites, preferably using a portion of the url.
For example, if blocking [url], [url] would also be blocked. This implies that simply blocking a single IP using iptables would not work well.
The names to block will be somewhat dynamic, so a list specification would be ideal.
In my case, the LAN has a mix of linux and ms machines, and they all use a linux gateway currently running dnsmasq.
I find suggestions from using /etc/hosts (might work with yp, but not ideal) on the gateway machine, through to using squid on the gateway machine.
View 9 Replies
View Related
Feb 13, 2010
I was taking a peek at the active connections shown by the Firestarter GUI and noticed the following (the source is my computer):
SourceDestinationPortServiceProgram
192.168.0.11266.235.133.4280HTTP
I closed all Internet related apps and the connection persisted. After a reboot it did not reconnect (yet).The IP address appears to belong to esomniture.com - some sort of web analytics company. How do I prevent my computer from connecting to these rascals. I have found a lot of documentation regarding stopping inbound connections to services on my computer but not the other way. I have various filtering addons installed in Firefox however, this connection seems to be at a lower level as no program is specified as being responsible for the connection.
View 8 Replies
View Related
Jul 15, 2011
What I want to do is from a file having block like
<event>
8 3 0.2685416E-02
2 -1 0
21 -1 0
[code]...
The first line after the "<event>" is its process-id, so I would like to have at the end a summary of how many "event" block I have for each type, ie how many
6 1 0.2685416E-02
or how many
7 2 0.2685416E-02
etc etc
I do not know in advance how many different-kind of block I will have, so it has to be a bit smart to scan the file, and make an new "summary" info for each unique type I was using something like
awk '/<event>/,/</event>/{if ($3 -eq 0.2685416E-02 ) { print $1" "$2" "$3}}' file > out
and then
grep -c "$1" "$2" "$3" but with no success since my awk commands prints all lines of each block
Suppose, that in advance I do know the $3, ie the 0.2685416E-02 which is a kind of weight
View 8 Replies
View Related
Apr 23, 2010
Consider a situation in which you want to display only specific lines of contents from a file or of a command's output. Yes, we have head and tail commands. But, how to view all the lines of a file except the last one or vise versa when we don't know the count of lines in advance?
Consider this output:
Code:
[root@localhost ~]# ps au | grep bash
root 6316 0.0 0.0 4672 1440 tty1 Ss+ Apr22 0:02 -bash
root 20847 0.2 0.0 4672 1432 pts/0 Ss Apr23 0:12 -bash
root 21167 0.0 0.0 3920 660 pts/0 S+ 01:00 0:00 grep bash
Here, I don't want the last line (in italic) to be included in the result since the last line is due to "grep bash" in the devised command "ps au | grep bash". Well, we can rewrite the devised command:
Quote:
"ps au | grep bash | head -n 2"
But, again, here we are specifying the count of lines to be included. But, in the presented problem we don't know any count in advance!
View 6 Replies
View Related
Mar 4, 2011
This sound very weird, but i'll try to explain it as good as i can.When i hit a key on my laptops keyboard, i cannot move my mouse for a split second.I can replicate this by typing and trying to move the mouse mean while.but this is very annoying if you e.g. I hit ctrl+c and trying to move the mouse afterwards or opening a tab, that the mouse just freezes for a while.
View 1 Replies
View Related
Apr 29, 2010
Is there a way of allowing only certain domain to send e-mails to certain specific e-mail address. I am using Sendmail, and I have an alias which translate to certain members of staff within my organization. I don't expect e-mails from outside our domain to be sent to this alias e-mail address.
View 1 Replies
View Related
Nov 13, 2010
I'm running Ubuntu 10.04. I downloaded the package and am following this guide: http://www.howtoforge.com/how-to-ins...on-ubuntu-9.04
While I'm running through the installation wizard via the terminal, i hit an error at this step:
None of the pre-built vmmon modules for VMware Server is suitable for your
running kernel. Do you want this program to try to build the vmmon module for
your system (you need to have a C compiler installed on your system)? [yes] code...
View 2 Replies
View Related
May 3, 2011
I'm trying to get a script to autostart and hitting some snags. I know the script works, because I can manually launch it from a terminal window. I've perused the forums and followed similar advice to put the script in the /etc/rc.d/init.d directory and then create a symlink in the rc5.d directory (S99my_script) I've even tried appending ". /etc/init.d/myscript" to the .bashrc file
I've managed to get the machine to autologin "myuser" upon startup (that's the owner of the .bashrc file I edited), but still the script won't start when myuser auto logs in. the system default is set for password protect on screen save so if I simple let that happen, as soon as I exit screen save the script launches, so it almost works.
View 13 Replies
View Related
Feb 25, 2010
so the safest way to go about this is to assume I know nothing. I mean, I have a rough Idea of what a kernel is, no idea what a shell is, etc. I do consider myself computer savvy, but know NOTHING about linux and thats why I'm Diving in, hopefully not too much, this is just to give you an idea of what we're working with here.
After several install attempts I kept getting a blank screen. Whether it be black,white, or the default gnome desktop (without any icons, and simple things like ctrl+alt+backspace just doesn't work, or anything else for that matter) I was ending up with a blank screen. Driver for moniter....maybe....but I did succesfully install it once, and it worked like a charm...shutdown properly, and the next day after work...Boom, same thing after startup.today I started from scratch and re-installed....samething, until I hit the power button, went from the dvd(iso) and did a fail safe, now my resolution is much better than it was the first time..Actual questions.....what did I do to fix it when failsafe never worked before?
Is there a way to save these settings, so I don't run into the problem again, because I don't even want to turn of my computer at this point?If i'm trying to dive in and learn the command line actions, is there any substancial difference between gnome terminal or hitting "c" to bring up the command line?
View 9 Replies
View Related
Oct 12, 2010
i am able to try ubuntu and everything works fine until i try to install. the menu comes up to the first page where it tells you to plug in your machine and make sure there is enough disk space and network connectivity. when i hit next on this page the mouse icon changes but the next page never loads. the longest i let it hang there was 2 hours. ive tried multiple times with the same result.
im running from a flash drive on an ASUS Eee PC 1001P-PU17
View 4 Replies
View Related
Nov 1, 2010
Up through Slackware 13.0 I used xorg.conf without trouble. On Slackware 13.1 I am caught between two unacceptable alternatives. If I don't use xorg.conf at all I can't adjust the screen density between e.g., 640 x 480 and 1024 x 768 by hitting <ctl><alt>+ or <ctl<alt>- If I use the same xorg.conf that I have used for years I gain the above facility but when I go to a console session via <ctl><alt>F1 the monitor complains that it is being fed bad information. If I can't resolve this conflict I will have to retreat to Slackware 13.0.
View 2 Replies
View Related
Jun 8, 2010
How do I give permission to a logged in user to stop/start a specific service without entering a root/sudo password? So they can do a simple "service SomeService stop|start" It is for a headless Ubuntu server.
View 5 Replies
View Related
Jun 9, 2010
my system I want user1 and only user1 to be able to mount and unmount a specific partition, this partition contains backups and is usually mounted read only, needs to be temporarily mounted read/write by user1 while doing the backup.user1 is an unprivileged user. I've read that the user option will let any user mount the file-system (and only that user can then subsequently unmount it) and that the users option allows any user to mount or unmount the file-system.I also found this in mount's man pageQuote:The owner option is similar to the user option, with the restriction that the user must be the owner of the special file. This may be useful e.g. for /dev/fd if a login script makes the console user owner of this device. The group option is similar, with the restriction that the user must be member of the group of the special file.So it looks like I'd need a login script for that user to make the user owner of the device file (/dev/voiceserv/backup in this case)
View 7 Replies
View Related
Jul 24, 2010
I need to search a bunch of files in a specific folder for a specific number and add all the numbers together to a total sum. I use Rsync everyday, everytime I run rsync i get a logfile (rsync output) witch contains the textstring "Total bytes sent: xxxxxx".
The "xxxxx" can vary in lenght. I need to extract the "xxxxxx" from each file and add the numbers together to a total size over a week or a month. Is this possible? And I wish to only use bash. One way of doing stuff at a time my friends .
View 5 Replies
View Related
Dec 2, 2010
for example
else {
for fileDOC in $location/*.doc
do
[code]...
View 12 Replies
View Related
Jul 19, 2010
I want to replace specific character in a file after every specific line. example as follows.
O 000000000000000000
A 111111111111111111
C 222222222222222222
[code]...
View 2 Replies
View Related
Jul 1, 2009
I configure squid to work with squidGuard , and all thing work properly , but there is problemfirst look to this squidGuard.confdhhome /usr/local/squidGuard/dblogdir /usr/local/squidGuard/log
src blacklist {
ip 10.0.0.5
}
[code]...
View 1 Replies
View Related
May 18, 2010
I want to record an internet radio station starting at 2:00am tomorrow morning. The specific program on the radio station lasts until 6:00am. The command I need to run to record the station is: Code:mplayer http://wjcu.jcu.edu:8001/listen.pls -ao pcm:file=indie_heat_of_the_night.wav -vc dummy -vo nullI'd use cron, but 1. I'm not sure how to and 2. it seems unnecessarily complicated for something that I only want to run once. If cron is the only/easiest solution, I guess I'll just have to resort to that, but I'd rather not.
View 12 Replies
View Related
May 2, 2011
I've used IP block for 10.10. I'm wondering if there is, has, or will be a version of IPblock for 11.04? If there is one already out there, where and how do I get it?
View 1 Replies
View Related
Aug 31, 2010
Perhaps I might be a minority demographic here, but I am. Is there a way and how? Ubuntu Software Center doesn't seem to have this option. I come from a long history of being a Windows power user, and I am picking up pretty quickly with this stuff. I find QT ones leave little screen droppings and it bugs me to no end. Some might not, but I like it to be kind of GTK pure. If I wanted a QT app I would have picked Kubuntu with KDE. I admit that it is kind of cool that you can run an app from another desktop and vice versa. I am not trying to start a flame war, nor am I dissing any of the developers that may have made some awesome QT application I may not know about. Is there another software center like thing I can install that at least combines all the QT and GTK ones into separate groups rather than making me fend for myself?
View 4 Replies
View Related
Feb 25, 2010
i dont like microsoft. I refuse to support them or give them market share in any way. I get tired of going to a website just to have microsoft linked in it somehow, such as having a bing map display on the page. Is there a way to configure Privoxy to completely block all microsoft related crap? A list or range of IP's that could be blocked? If so, anyone know where I can get a list of microsoft ip's to block?
View 5 Replies
View Related
Mar 1, 2010
In a book, I read tha cmchk command is used to get the disk block size. But in Ubuntu, it is not allowed as command is not available.Can some body tell me what is its equivalent in Ubuntu.
View 4 Replies
View Related
