Ubuntu :: Firewall Enabled - Difference Between Rejecting / Denying Traffic?

Apr 3, 2011

I have installed the graphic user interface for IPtables and enabled this firewall. However, I find it a bit strange. What is the difference between rejecting and denying the traffic? If I want to configure IPtables as two-way, how can I define which of my apps can connect to the internet and which can't? If this firewall is enabled, does it really run in the background, protecting the user,or does it run only when its GUI is opened?

View 9 Replies


ADVERTISEMENT

Security :: Shorewall Rejecting Allowed Traffic For Transmission-daemon

May 22, 2011

I have the Shorewall firewall running on Ubuntu 10.10 server and the issue I am having is the firewall is blocking traffic from my transmission-daemon even though I have allowed it in the /etc/shorewall/rules.

the rules file has the following lines

Code:
ACCEPT$FWnettcp60000:60035
ACCEPTnet$FWtcp60000:60035
ACCEPT$FWnetudp51413
ACCEPTnet$FWudp51413

[Code]...

as you can see, Shorewall is rejecting packets with source and destination port 51413 on incoming net2fw and outgoing fw2net even though the rules are set to accept.

View 7 Replies View Related

CentOS 5 Networking :: Configure Firewall - Allow And Forward All Traffic On Eth0 And Block All Traffic On Eth1 Except Ssh Ping

Sep 29, 2010

I need to set up my centOS computer as a firewall in my home network. Ive got 2 interfaces, eth0 and eth1. I want to allow and forward all traffic on eth0 and block all traffic on eth1 except ssh, ping(icmp) and DNS. How do I do this? Ive tried some editing in /etc/sysconfig/iptables but no luck.

View 1 Replies View Related

Ubuntu :: Guarddog - Cannot Run Pogo Games When The Firewall Is Enabled

Aug 11, 2009

I'm running Jaunty. For some reason, I cannot run Pogo games when the firewall is enabled. I've tried allowed "direct play gaming", thinking that might help, but it didn't. So i guess I need a custom protocol. What ports does Pogo use so I can allow them? Hopefully someone knows... and yes, I do have java. Pogo works if I turn the firewall off. Also, Ktorrent does not work either. I happen to know the ports this one uses, but when I make the protocol, it still doesn't allow torrents to run. The ports I'm trying are 6881 and UDP 4444.

View 2 Replies View Related

Ubuntu :: Ad Hoc No Internet - Firewall Not Active And Router Is Enabled

Nov 19, 2010

I am establishing ad hoc connection between two PCs

1. LAPTOP: WIFI adapter OS: Ubuntu 9.10 Connection name: trial Address: 192.168.1.36 Subnet: 255.255.255.0 Gateway: 192.168.1.1

2. PC with wired Internet connection + WIFI adapter OS: Windows XP Connection name and parameters same as above except ip: 192.168.1.40

I can see trial is getting connected with excellent strength. When i try to run an Internet on Ubuntu it is not working. Firewall is not active and Router is enabled.

View 1 Replies View Related

General :: Is There Interactive Firewall For Outbound Traffic On Ubuntu?

Aug 24, 2010

I wish to prevent some programs from "phoning home", and to allow other programs to access only specific web servers.Is there any way to interactively allow or decline outbound communication from individual programs on Ubuntu?

View 4 Replies View Related

Networking :: No Internet Connection When Firewall (UFW) Enabled

Jul 6, 2010

When I enable my ufw it completely shuts me out and I have no internet connection. When I do:

Code:
sudo ufw status numbered
I get:
Status: active

To Action From
-- ------ ----
[ 1] 80 ALLOW IN Anywhere
[ 2] 80 ALLOW OUT Anywhere (out)

But I need to disable my ufw in order to reconnect back to the internet. Why is that? Doesn't the above rules indicate that I should have inbound and outbound traffic even if my firewall is up?

View 5 Replies View Related

Ubuntu :: Antivirus Or Spyware Program - Firewall Enabled By Default ?

Apr 24, 2010

Im a long time windows user and just installed Ubuntu 9.10 and have heard that i dont need any antivirus or spyware program on it, also is the firewall enabled by default if there is one and last thing do you need to do things like disk clean and defrag if so how.

View 6 Replies View Related

Ubuntu Security :: Cannot Connect To Port Number / When Firewall Is Enabled

Sep 5, 2010

i am using 9.10 karmic. Firewall is enabled. added ports with ufw allow [portnumber], and i still cannot connect to a port number. iv tryed ufw allow ssh/tcp but that does not work. the ports work when i disable the firewall and i dont want to do that.

ufw is available in all new installations of Ubuntu since 8.04 LTS, but is disabled by default. The standard Ubuntu installation has a no open service ports policy, so enabling the firewall by default doesn't gain any extra security in the default installation, but could provide confusion for people new to Ubuntu when new software that is installed does not work because of restrictive firewall rules. As a result, when first adding ufw to Ubuntu it was decided that users must 'opt-in' to using the firewall. In Ubuntu 9.04 and later, you can enable ufw during installation using preseeding. See /usr/share/doc/ufw/README.Debian for details.

View 7 Replies View Related

Security :: Is A Firewall Needed If Get All Traffic Through A Router

Aug 8, 2010

I get all my traffic from my router, as this computer seldom moves. So is there a use for a firewall?I am not sure, because when I scan my IP address with nmap, no matter what the changes I make in the firewall, it is always the same scan...cannot fingerprint OS...and all closed ports.The all closed ports thing only changes when i torrent, then i get a wide open port.

View 14 Replies View Related

Ubuntu Security :: Firewall: Completely Prevent Any Traffic From Network?

Jan 4, 2010

I have Ubuntu 8.04 as virtual host. On this host I have installed VirtualBox virtualization software. I have installed Windows XP as virtual machine and installed HTTP server.I would like temporally disable all network connections to host and virtual machine.So on Ubuntu host I have set firewall settings:

Code:
sudo iptables -F (to flush - delete all firewall settings)
sudo iptables -P INPUT DROP (to disable all input traffic)

[code]....

View 9 Replies View Related

Ubuntu Servers :: Forward Traffic From A Domain To Another Server Behind A Firewall

Jan 29, 2010

I have a server on my router on the DMZ. All outside traffic goes to it. This server has Apache running and the domain mysite.com resolves to the the DMZ web server. I have a second server on the LAN that also has apache running. I want to set up another domain, myothersite.com to resolve to the second server on the LAN. Since the main server is on DMZ I have the DNS A records for myothersite.com pointing to the public IP that the DMZ is on.

How do I get myothersite.com to resolve to the second webserver on the LAN? What configuration do I need to do on my DMZ server so it routes traffic for myothersite.com to the other server on teh LAN? Do I use BIND DNS? If so please advise on how to set that up. BIND DNS seems confusing and I having trouble knowing how to configuring it. Is there another option besides BIND?

View 2 Replies View Related

Ubuntu Networking :: Bridging Firewall - How To Block Incoming Traffic

May 2, 2010

I have a ubuntu computer set up as bridge between gateway and lan, with the lan connected to eth0 and gateway on eth1.

I'm trying to get it to basically block everything incoming except for the ports i specify, but also allow outgoing traffic. I've found, tried, modified som examples i found on the web, but still it wont block incoming traffic (ie, im still able to reach my webserver)

These are the rules, and i can't figure out why it wont block:

Code:
#!/bin/bash
iptables -F
iptables -X
iptables -I INPUT -i eth1 -j DROP

[Code].....

View 1 Replies View Related

Networking :: Capture And Log All LAN Traffic - No Access To Router Or Firewall

Jun 10, 2009

I am looking for a solution for our LAN traffic monitoring and would like to use some opensource linux application. I have a linux box with two NIC cards and what I thought is the following: Our setup is as follows. Internet comes in through the router and into the firewall. From the firewall it goes into our switch and distributed among the workstations.
I have no access to the router or the firewall as they are centrally configured. I would like to place a device into the loop through which I could monitor the LAN traffic.

Can I put a linux box between the firewall and the switch and have all packets going through registered and logged? I have a proxy server (non transparent) and that captures some but not all. I would like to get all packets registered without interfering with the LAN etc.

View 3 Replies View Related

Networking :: Preventing Internal Network Traffic With Firewall

Jul 3, 2010

Does anyone know if it is possible to filter/block network traffic between internal hosts on a lan?

Eg. : Linux firewall/router ( 192.168.0.1) - LAN Default G/W - all internal > external traffic gets filtered.

How would you filter tcp/ICMP/UDP traffic from internal host a ( 192.168.0.2 ) to host b ( 192.168.0.3)

All the internal hosts have the linux f/w as the default gateway, and are all on the same /24 subnet.

I would like to know if I can filter traffic between internal hosts.

View 3 Replies View Related

Networking :: Outbound Connections Not Working When Firewall Enabled - Opensuse

Jan 17, 2011

I have problem on VPS running opensuse. When I enable firewall outbound connections stop working. I have tried everything I know (not much when it comes to firewall (iptables)) but could not solve this.

Here is my ifconfig:

Code:

I used xxx.xxx.xxx.xxx to hide real address.

View 2 Replies View Related

General :: What Is Difference Of Firewall And Selinux

Jan 21, 2010

I doubt what 's difference of firewall and selinux. As far as I know... Firewall is security software for block unauthorized others connection. selinux is Linux-based security software.

View 2 Replies View Related

Slackware :: Rc.firewall Vs Iptables / Difference Between Them?

Jan 18, 2011

Does the rc.firewall script just use iptables or is that something completely different?

View 3 Replies View Related

Security :: Firewall Deny Traffic Inbound Destination Port 53372 & 53375?

May 5, 2010

I have a question, on my firewall at work I am seeing a constant flow of denies from many different source IP addresses, of tcp/udp destination port 53372 & 53375.What in the world is that, and why these two ports over and over

View 1 Replies View Related

Server :: PPTP Traffic - Gre Traffic Is Being Generated During The Browsing / Reduce Traffic

Sep 27, 2009

Recently I notice that when I'm connected to an vpn server (pptpd) and I'm using it as a default gateway my download and upload speed decreases almost to the half of the usual speed. I made a test using iptables in order to count how much GRE packets are generated (except the real traffic itself) in that way:

Code:
iptables -I INPUT -p gre -j ACCEPT
iptables -I OUTPUT -p gre -j ACCEPT

iptables -I FORWARD -s 172.16.10.101 -j ACCEPT
iptables -I FORWARD -d 172.16.10.101 -j ACCEPT
The first 2 rules match all GRE packets between the pptpd server and client, and the next rules - the traffic between the server and the client.

When I turn the counters to zero and begin to generate traffic (to browse, to download etc.) I see that the GRE packets are even more than these in the FORWARD chain.

So, my question is first of all is my test correct and is it true that so much gre traffic is being generated during the browsing (it becames clear that the traffic is double than if the pptpd wasn't used as a gateway) and if yes - can that traffic be reduced?

View 3 Replies View Related

Ubuntu :: Denying File Access In Windows?

May 3, 2010

use dual boot with win 7 and ubuntu 10.04, i installed Win7 first on one partition, and afterwards Ubuntu 10.04 on a second partition on the same drive. Now when i try to delete some files in windows like old games that where on a other harddrive it sais "You require permission from S-1-5-21-293015479-4145159318-3171105019-500 to make changes to this folder"How do i resolve the problem that ubuntu takes ownership over some folder/files

View 3 Replies View Related

Networking :: VSFTPD 2.2.2 On Ubuntu Lucid Denying Remote Access

Apr 28, 2011

My apologies if this is the wrong board for this thread, but seeing how the issue appears to be related to where I'm connecting from, I thought this would be the place to look.To start off, I've been running VSFTPD on the box for a good year or so now. Until recently, everything seemed to be working fine, but during the past few days I've run into issues with it and have been having trouble pin-pointing the problem. I've gone as far as reinstalling VSFTPD and rechecking every line in the conf file to no avail.The issue presents itself when I try to login to the FTP server remotely. The moment I put my user name in, I get disconnected without any error message, simply connection closed. That isn't the case when I'm connecting locally from the server.If I try to connect remotely using eth0 (internal network), it works fine again... but if I try eth1 (external network)... it fails. I'm thinking it might be related to PAM, but so far have been unable to figure out what I need to change in the configuration there. Additionally, the PAM log file doesn't show any activity if I'm connecting through eth1, but displays it if connecting through eth0.

View 1 Replies View Related

General :: Denying Login Based On Time

May 1, 2010

i want to deny certain users based on time to login to my machine i am using CentOs 5.0 any sugestions?

View 2 Replies View Related

Security :: Modsecurity - Switching From Logging To Denying

Apr 17, 2011

Just had ModSecurity with CRS installed for me on my hosted website, which I'm hardening after a recent hack. My site is a php-based user community with MySQL back end, so people register as members via php.

First, I'd like to properly log malicious activity Then I'd like to deny access where an attack looks likely Thing is, I'm not sure which /etc/apache2/modsecurity_crs modsecurity config files to tweak.then I can't even see my login page because I'm forbidden from the .php file it loads.I'm guessing I need to change rules individually but I have no idea how or which to change to stop attacks. The CRS documentation is just a bit too heavy to give me the basics.

View 5 Replies View Related

Ubuntu :: Internet Traffic Flow Monitor - Track Traffic Of Each Device

Apr 27, 2010

We have something on our network that is reaking havoc with our content filter. I am trying to track it down, but so far I have been unsuccessful. We have approximately 500 devices in 100+ different locations spread across 9 states. Looking at each computer is not really feasible.

I need a machine that can sit in between our network and our internet connection and graphically monitor in real time and logs how much traffic each device is sending and receiving. It would need to sit inline so it has to have two nics and be able to pass traffic. The machine also needs to be transparent. Reconfiguration of our routers or workstations is not an option.

I have used ethereal and wireshark before. Ethereal may be a viable option, but wireshark seems to provide lots of information, but no practical way to make use of it. how to set up the box to be a transparent device on the network that will allow internet bound traffic to flow (freely)?

View 3 Replies View Related

General :: Firestarter Denying Connections On Ports 80 & 443 Despite Settings

Apr 19, 2011

My firestarter is denying connections on ports 80 and 443, despite the fact that I have set rules to allow both the services, and indeed any connection from my gateway (the source of the connections).

Can someone please advise why this might be?I can surf the 'net fine, unfortunately I cannot load facebook, gmail, or another couple of sites that require logins, and I assume this is due to HTTPS not communicating properly.(On the off chance anyone can answer these real quick, I'm also trying to solve my resolution resetting every time I restart, and one of the icons in my KDE panel turning into a widget from an icon every time I restart. Still working on these, but just if anyone knows already).

View 1 Replies View Related

Security :: How To Make PAM Give Message When Denying Ssh Access?

Oct 23, 2009

We use PAM to control access to our RHEL4 servers. We would like PAM to give a message, of our choice, when users who are not allowed to login try to login. PAM's default is to let the user try 3 times without any explanation.

View 7 Replies View Related

Ubuntu :: Kpackagekit Was Rejecting (correct!) Password

Jan 12, 2010

The problem: when kpackagekit would prompt me to update packages, it would ask for my password. I would enter it, and the dialog would reject it with the message "incorrect password, please try again". Over and over. The password WAS correct -- it worked in Synaptic and on the command line using sudo, and obviously it also worked for logging in.

I suddenly had a hunch that kpackagekit might not be the culprit, and that authentication was being done by a different program -- and lo and behold, the dialog actually said policykit up there...

So, searching for policykit problems out there, I ended up seeing someone reinstalling theirs for their problem (which happened to be different from mine). The code to do that, in the command line:

Code:
sudo apt-get install --reinstall policykit

After that, entering the password after kpackagekit prompts me to has worked fine and the updates happen as nature intended.

View 4 Replies View Related

Networking :: Server To Block All Traffic But US Only Traffic?

Mar 15, 2011

I wanted to tell my server to block all traffic but US only traffic. So i followed this guide:[URL].. Now I know, it's the best way to help prevent hackers/crackers (doesn't matter to me what they are called. I just have to stop them). My server only deals with US clients anyways so might as well just start right there for my server's security before getting into the brute force and injection preventions. So I got it all done compiled everything moved to the proper directory. I then started to setup my iptables. Like so

Code: iptables -F INPUT
iptables -F OUTPUT
iptables -I INPUT 1 -s *.*.*.* -p tcp --dport 22 -j ACCEPT
iptables -I INPUT 2 -s *.*.*.* -p tcp -j ACCEPT

[Code]...

After seeing that i went digging in the code and figured it was something todo with memory allocation.

View 1 Replies View Related

Ubuntu Networking :: Realtek 8185 Rejecting Wireless Key?

Mar 3, 2011

Just installed ubuntu on my computer, but when I try to connect to my wireless I type in my password and it doesn't connect.

It says its WPA/WPA2 and won't let me change that (I am not sure what mine actually is)

Im using a virgin media 'superhub' to connect but have changed the default wireless password.

View 5 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved