My sysadmin has let me squeeze an Ubuntu server in amongst his many Windows servers. I'm setting it up to let a third party ssh into it, but I'm having some difficulties getting it to work. There's a Sonicwall in between this server and the net. Can anyone suggest a way for me to prove that the firewall is configured incorrectly?
We've configured the firewall, and it looks like it ought to work. We set up ping and ssh services in the firewall admin interface. I can ping the server, no problem, but I can't ssh into it at all. sshd_config is set up with very generic settings; I haven't changed the port it's listening on or anything in the ListenAddress field. If I try to ssh to localhost from the server's command line, it gives me a comforting RSA key warning.
When I check the log after restarting ssh, everything looks okay to me. It's not complaining about being unable to bind the port to the address or anything. Seems obvious to me that something is wrong with the firewall, but perhaps I'm wrong. The only ways I can think of to actually prove that the firewall is misconfigured are:
1) Remove the firewall entirely, and attach the server directly to the net. Ugh.
2) Set up ufw on the server, remove the firewall entirely, and attach the server directly to the net.
There seems to be much disagreement between distros regarding how ipv6 is disabled, even between different versions of the same distro. Rather than just follow instructions for disabling ipv6 for a given distro, I would like to also test that ipv6 is not used any more. Any software or executable that relies on ipv6, that I can use to confirm that ipv6 has been successfully disabled?
I suspect this is an initial configuration bug. All firewall logs seem to be going to all three files. That causes a lot of clutter in the log files, and makes it difficult to see whether there are any serious problems being logged.
I am learning to setup firewall in my home for that i have selected four system(sys1,sys2....sys4) for testing .I have configured sys2 to act as a firewall with two NIC. sys3 and sys4 are inside the firewall . sys1 is not connected to firewall for testing purpose.
the IP assignments are follows :
sys1 : ( fedora, not connected to firewall i am thinking, But i am not sure )
what happened is that sys1(not connected to firewall) can ssh to sys4(connected,inside firewall),since the rules are written not to ssh form sys1 to sys4..
then I came to know whatever the request I give, It directly goes as sys1 --> sys4. Not as sys1-----> sys2(firewall)---> sys4 .and the firewall is not filtering and processing anything for both inbound and outbound (i think it's my mistake some where). the requests are directly going inside without firewall.
I'm trying to build firewall on Debian with 'Firewall Builder'. But it won't let me compile and run unless one interface is set as management. There are two interfaces on my computer: 'eth0' and 'lo'
I don't want to be able to configure firewall remotely, so could I use 'lo' as 'management interface'?
Samba is working correctly if Susefirewall2 is off. I have added Samba client and Samba Services for extern access but samba is not working when firewall is now on. Which services should I also add ?
What is the best (by best I mean most secure) firewall. I have had this urge since I went to a site which said it had a gnomenu icon, however google chrome said something which I didn't read i just killed chrome very quickly however it had a big red X and a red background so I guess it couldn't be good.
I have Ubuntu running on an old PE server. It is running Virtualbox with an instance of Ubuntu inside. The instance is there to run my honeypot.
The server box IP is192.168.1.10. The Virtualbox is bridged with it's own IP of 192.168.1.200. The honeypot daemon is listening to 192.168.1.201 with arpd.
I set up the UFW with DENY. And then enabled only the ports leading to the honeypot scripts which are abound to IP .201. I then forwarded the ports necessary to run VNC to .200.
Here is the UFW status: buntu@ubuntu-desktop:/var/lib$ sudo ufw status Status: active To Action From -- ------ ---- 192.168.1.201 21/tcp ALLOW 21/tcp 192.168.1.201 4444/tcp ALLOW 4444/tcp 192.168.1.201 5544/tcp ALLOW 5544/tcp
we're trying to build a simple Firewall/Gateway out of Ubuntu. We have a machine with 2 NICs running the latest version: 10.04.We have been able to set up the gateway/routing fine using both the built in Internet Connection Sharing as well as using Guidedog. The current setup we are testing is using Guidedog.For the NICs we have set eth0 as our internet connection and eth1 connects to the LAN. We've manually set all IPs...no DHCP at this time.
Next we try to install a firewall. We have tried both Firestarter and Guarddog. After setup with either, the Ubuntu box is still able to get online and access web sites but the LAN gets cut off. No access at all. We are currently running Guarddog and have set the proper protocols (DNS, HTTP, HTTPS) and have also followed the tutorial found here.
However, no matter what settings we make as soon as we re-enable the firewall the LAN is cut off. Disable the FW...LAN is back online. We even set up an "Allow All" protocol allowing all ports from 1:65535 and still we get cut off as soon as the FW is enabled.
We saw this same thing happen with Firestarter and my understanding is they're using the same basic Linux FW underneath? SO, what is it we're neglecting to do? Why does the FW completely seal off our LAN connection no matter what we've told it to allow?
I don't use Ubuntu, but I do occasionally recommend it to others. Does Ubuntu have an automatic set up of a firewall, or do users have to install one on their own (IE, install a program such as firestarter, fwbuilder, shorewall, pyroman, or guarddog)? How do Ubuntu users generally set up a firewall?
How to turn OFF firewall. But how and ever, I noticed unlike the other distros ubuntu has a specific driver for my graphic card PNY nvidia GeForce under gnome system administration.
As soon as I selected that I lost my network connection. I did some trouble shooting and am concluding it has to be software setting to do with ubuntu more than likely some sort of firewall.
I was not able to ping anything. I could not even get my router's browser.
The very act of setting up the graphic must have thrown off the router settings.
I booted into the dual boot windows setup on the same system and WAS able to log into router ( no firewall installed ). True to enough, the router password and username were taken off. Now I can get a network with windows but the ubuntu that is on my hard drive still wont connect.
I can also use ubuntu live dvd to log in to network.
I have checked gnomes system authorizations but have not found anything helpful.
I have setup a static ip in /etc/network/interfaces and name server in /etc/resolv.conf
If this was windows I would reset tcp/ip but don't how this is done in Linux.
I am looking for some firewall for ubuntu with GUI, something like comodo firewall available for windows, which lets you to allow only specific processes to connect to Internet. Currently I am using Fire-starter but I dont like it much also it is very old and doesn't allow you to block specific program.
EDIT: I need it for personal use not for any server.
I would like to create a hardware firewall. I just don't know how i can do it. I know that i need at least 2 NIC cards but i don't know about the configuration of this.
Is there any guide or some think that can show me how to create a proper one? I need any informations that you might have couse this is my final "article" for my university
I have a VPS (Ubuntu 8.04 server eition) and as such am stuck with using a software firewall.
i currently have UFW installed.
I would ideally like to have my firewall be a little rude, or rather just not polite. I know what i am asking will break the RFC, but i consider this ok due to the security benefits.
I would like to have my firewall 1) ignore (eg drop without responding)all packets that dont start with a syn flag 2)for all other traffic that is currently blocked, have it dropped (again drop it without responding)
If there are any other rules you can think of i would like to know them. I already have only the services i want open and the rest blocked.
I've been using Windows for quite a few years now. I loved the way how I used to set incoming/outgoing rules for my applications. But I'm having hard time doing that in Ubuntu. I tried searching for a good GUI for iptables but I need your help selecting the best. I might learn iptables someday but for the time being I will be using a nice GUI. I'm currently using GUFW, I've tried Firestarter. All I need is a firewall that would allow me to configure rules for my applications.
On the office we have a Firewall/VPN infrastructure. Everybody connects to internet trough an Access Point (Lynksys RWT120N), which, in turn, connects to a WatchWard/Firebox red box. I suppose this is the equipment that does the VPN stuff. Finally, the red box connects to a DSL modem from our ISP.The problem is: Everybody on the office can connect to the AP and surf the internet without any issues, excepting me when I connect with ubuntu 10.10. I have windows on the same machine and I can access the internet without problems.
What I have seen so far is that Network Manager associates with the AP, gets what I would consider all the expected information from DHCP, but internet connectivity is none.For "expected information from DHCP" i mean: IP address, gateway, and DNS.I can ping my assigned IP address, the gateway and even other machines in the same network. I cannot ping the DNS or other external IP addresses.
How do I get my firewall up and running to secure the ubuntu servers.. I have 2x network cards & 1x pppoe connection atm. eth0 192.168.1.200 / eth1 192.168.0.200 and the ppp0 connection iptables looks like this so far.
# Generated by iptables-save v1.4.4 on Thu Dec 9 11:12:04 2010 *nat PREROUTING ACCEPT [108:8763] :OUTPUT ACCEPT [52:3594] POSTROUTING ACCEPT [111:10071] COMMIT ..... A far as I can see my ppp0 connection is open atm & I would like to close off any traffic except ports 80 10000 5900 21 & 22.
I have set up a Ubuntu 10.10 server. I have been using ssh tunnels to encrypt my web traffic at public wifi. I am trying to make this server as secure as posible so I enabled ufw. I allowed SSH and HTTP traffic in and denied everything else. But when I do that I can not use SSH -D because when I try to visit a webpage it does not load and I get the following.
Code: uname@mybox:~$ channel 3: open failed: connect failed: Connection timed out ^C uname@mybox:~$ fclchannel 4: open failed: connect failed: Connection timed out ^C uname@mybox:~$ exit logout
What do I have to do to allow ufw to allow ssh tunnels through?
I am a Linux newbie so please bear with me if I sound stupid. I was checking out how to set up a firewall for my system and landed on this webpage: [URL]. But I am so confused with how this ufw application works. What I understand is that once I set it to "default deny" it prevents unauthorized incoming connection but what does it mean when the author says to add exceptions for services I need? When do I need to do that? Also what's an SSH server?
I want to have file sharing with Windows computers, but I guess I am not allowed to while my gufw firewall tool is on. Is there a way I can set up an easy work-around using my firewall?
