Ubuntu Security :: Allow Foreign IP Address In Hosts?
May 30, 2011I found this IP address in my hosts.allowQuote:ALL: 119.42.68.232I cannot find any other evidence of intrusion.
View 4 Replies
ADVERTISEMENT
Ubuntu Servers :: Apache2 Virtual Hosts Foreign Characters?
Apr 23, 2010when I'm trying to add a virtual host with a foreign character in the domain name. The foreign character is .
I've read earlier threads where it was said I should puny code it, which then translates to xn--nda
I then created a virtual host, as shown (replaced the real domain with exampl�:
Code:
<VirtualHost *:80>
ServerAdmin me@exampl�.com
ServerName exampl�.com
[Code]....
However, apache2 doesn't recognize this when I try to enter the domain, it just shows my 000default.
Security :: Use Current /etc/hosts File To Do An Ssh-keyscan Instead Of Making A Special List Of Hosts?
May 2, 2011I'm trying to use ssh-keyscan to get some known_host file population going on, but I have a ton of hosts I want to scan, all with multiple aliases in /etc/hosts. Is there a way to use my current /etc/hosts file to do an ssh-keyscan instead of making a special list of hosts that (from what I've read) ssh-keyscan needs?
View 2 Replies View RelatedUbuntu Servers :: Apache2: SNI & Virtual Hosts - Multiple Virtual Hosts With Ssl And Only 1 Ip Address
Jan 17, 2011[Code]....
What I want: multiple virtual hosts with ssl and only 1 ip address: In my example: server = 192.168.227.129
[Code]....
Networking :: Hosts Not Able To Resolve IP Address?
May 28, 2010I have to build a netwrok for small lab and office setup.Setup as belowI have a PC running with Centos 5.4 and has 4 NIC cards. eth0, eth1, eth2 and eth3
View 3 Replies View RelatedUbuntu Networking :: IP Address Is Wrong /etc/hosts Not Working?
Jan 2, 2011Something is definitely odd here:Quote:
[rena@mercury:~ 500]
$ hostname
mercury
[code]....
Networking :: ARP Does Not Resolve MAC Address Of Hosts On The Same Subnet?
Jul 26, 2011I just changed my CentOS server from DHCP to static IP address. After the change, I cannot ping other hosts on the same subnet. (I can ping the CentOS itself).The IP address of CentOS is 192.168.0.202.After pinging 192.168.0.106 (106 is on and other host can ping it), arp -a shows? (192.168.0.106) at <incomplete> on eth0 It looks ARP cannot resolve MAC address of hosts 192.168.0.106.
View 1 Replies View RelatedServer :: Apache Virtual Hosts With IP Address?
Jul 2, 2010What is the (officially) proper way to configure Apache so that a given IP address can have two or more virtual host names, each going to different distinct configurations (e.g. with different DocumentRoot, Alias, etc), and also do this for the IP address so that it goes to a designated configuration rather than defaulting to the first or a random host name?
Apache documentation does not appear to address this. If so, it has it hidden in a non-obvious place.
Slackware :: Which IP Address To Use When I List Machine Name In /etc/hosts?
Jul 21, 20101) I'm not sure which IP address to use when I list my machine name in /etc/hosts, particularly after reading:
Quote:
By the w]ay, Arnt Gulbrandsen <agulbra@nvg.unit.no> says that 127.0.0.1 # should NEVER be named with the name of the machine. It causes problems # for some (stupid) programs, irc and reputedly talk. :^)
Here's what I have now:
Code:
root@eagleswing:~# hostname
eagleswing
root@eagleswing:~# cat /etc/HOSTNAME
eagleswing.5binc
[Code]...
I'm not certain how to include my router in /etc/hosts so I can use it to link my PCs as stated above. I was thinking of writing (see above link):
192.168.2.1 localbelkin Will this work & is it proper?
3) Do I need to make use of any other IP addresses at this link? What are the WAN IP & Default Gateway addresses used for? I am going to be serving documents & running scripts on Apache.
Ubuntu Servers :: Update DDNS For Fixed-address Hosts?
Apr 3, 2011I have DDNS configured and working for dynamic addresses, but it's not quite right for static addresses yet. The DHCP server assigns the static address, but it doesn't update the DNS sever with the associated host name. Which means I have to use the IP address when accessing the host instead of the host name. How can I get the DHCP server to update the DNS with the host name associated with the fixed-address?Here is my current dhcpd.conf.
Code:
ddns-update-style interim;
ignore client-updates;
[code]....
General :: Denyhosts Keeps Adding IP Address To Hosts.deny?
Aug 10, 2010I have setup Denyhosts to run on my server, and have been using it succesfully for the last few weeks, to allow me to ssh into my server from my home dev machine.
This morning, I accidentally typed my password incorrectly three times - and ended up being locked out of the system (tghat was ok, because that was what was supposed to happen). I logged into the server via another way and took the following actions (in the order given)
/etc/init.d/ssh stop
/etc/init.d/denyhosts stop
removed my IP address from /etc/hosts.deny
/etc/init.d/ssh start
[Code].....
Networking :: Individually Address Hosts In Private Network From The Outside
May 24, 2011The facts are as follows:
1. I have at work a regular LAN with many PCs, each with a DNS-registered public IP. Therefore I am able to address each of these PCs by their fully-qualified names and, for instance, initiate ssh sessions to any of these computers just by typing "ssh <name_of_machine>" from a terminal.
2. Within the aforementioned LAN I have just created a private network with some clients, which access the LAN through a router (a D-link DIR-825). We have created this private network for many reasons, but most importantly because we need to guarantee that the hosts in this network will remain networked among them even if the LAN goes down for any reason (which unfortunately happens often). But we still need to have access to the hosts in the private network from the LAN.
3. I am able to define port forwarding rules in the router in order to access certain services on the private network's clients. For example. I am able to access (by ssh) hosts "H1" and "H2" on the private network from a client on the LAN by defining rules for forwarding ports "P1" and "P2" on the router's public IP to TCP port 22 on the private IPs of "H1" and "H2", respectively. Then I would access each of these hosts from the LAN by using:
>ssh -p P1 [ip.address.of.router] (for accessing H1) and >ssh -p P2 [ip.address.of.router] (for accessing H2)
4. The problem with the port forwarding approach is that it is not easily scalable. For instance, If I wanted to enable ssh access to each host in the private network, I would have to define a port forwarding rule for each machine, and then REMEMBER all these port rules when initiating a ssh session from the LAN in order to point to the right host. And the problem gets worse when considering more services in addition to ssh.
5. The ideal solution would be to be have a means for addressing each host in the private network individually, in much the same way in which I address the hosts in the LAN (which have DNS-registered names). For instance, in order to access hosts H1 and H2 as in the previous example, i would like to be able to just type
>ssh [name_of_host_H1] (for accessing H1) and >ssh [name_of_host_H2] (for accessing H2)
The bottom line:
I guess I can say that what I need is some kind of combined DNS-ing and routing that allows me to communicate with the hosts in the private network from outside of it in a transparent way.
The question is: what are any possible solutions for accomplishing this? I have searched the web and found stuff about things like VPNs, reverse-proxies and NAT servers, but I really can't understand if any of these could serve to solve my problem (BTW, isn't my router doing some sort of NAT-ing already? could I just add some DNS-ing in some way?)
CentOS 5 Server :: Apache Two Virtual Hosts On A Single IP Address?
Feb 22, 2011I am trying to run two web servers (Virtual Hosts) on a single Linux Centos 5.5 box with a single IP address 192.168.0.182. I did all the pre-installation requirements such yum install mysql, yum install mysqladmin, service httpd start, service mysqld start etc etc.In /var/www/html directory, I have two folder called server1 and server2. These two folders have the necessary web server php script files and folders. I opened the browser and managed to install the script on one web server successfully. When I put the IP address 192.168.0.182 on the browser address bar, the page loads without any problem. Now I would like to be able to install the other web server script and I don't know how to?Here is my httpd configuration;
<VirtualHost *>
DocumentRoot /var/www/html/server1
ServerName development.mysite.com
[code]....
Security :: Address Space Randomization On 2.6.28-15-generic Ubuntu 9.04 - Finding Base Address?
Sep 14, 2009Im an academic (university networks and security lecturer) studying/teaching network and operating system security, and inspired by the work of Hovav Shacham set about testing ASLR on linux. Principley I did this by performing a brute force buffer overflow attack on Fedora 10 and Ubuntu 9. I did this by writting a little concurrent server daemon which accidently on purpose didnt do bounds checking.
I then wrote a client to send it a malicious string brute forcing guessed addresses which caused a return-to-libc to the function usleep with a parameter of 16m causing a delay of 16 seconds as laid out in [URL] Once I hit the delay I new I had found the function and could calculate delta_mmap allowing me to create a standard chained ret-to-libc attack. All of that works fine. However .... To complete my understanding I am trying establish where I can find the standard base address for ubuntu 9 (and other distros) for the following, taken from Shacham:-
Quote:
[code]....
/proc/uid/maps gives me some information but not the base address ldd also gives me the randomised starting address for sections in the user address space but neither gives me the base address. Intrestingly ... when a run ldd with aslr on for over (about) 100 times and checked the start point of libc I determined that the last 3 (least significant) hex digits were always 0's and the fist 4 (most significant) where between 0xB7D7 and 0xB7F9. To me this indicated that bits 22-31 were fixed and bits 12-21 were randomized with bits 11-0 fixed. Although even that doesnt define the boundaries observed correctly.
Note: I am replicating the attack to provide signatures to detect it using IDS, and for teaching purposes. I am NOT a hacker and if needed to could reply from my .ac.uk email address as verification.
Networking :: Referencing Hosts By (special) Hostname For IPv6 Link Local Address
Apr 30, 2010I can reach other hosts by means of their global addresses by either the IP address or hostname (that has the global address). What I want to (also) do is have a hostname that references the IPv6 link local IP address (an AAAA record in DNS, or just the fe80::<whatever> address in /etc/hosts) and use that host name in commands to access that host. The problem is, an interface ID is needed when making such a reference.
It sure looks like the programs just pass the host name string on to the resolver library, which does not understand the significance of the '%' even though it could find and see that the name preceding the '%' is consistent with that being an IPv6 link local address (e.g. the logic could have been "split at first % and see if preceeding name is found as a link local address and accept that if so, or ignore the split otherwise" ... but it isn't). Is there a different syntax for this ... or was it overlooked in the design of programming around IPv6?I want to be able to address a host by its link local address, while still using a mnemonic instead of having to type the IPv6 address.
Ubuntu Security :: Sshd And Hosts.deny Not Always Observed?
Jan 18, 2010I'm having troubles trying to understand this problem:my homeserver until yesterday had a public IP, staying on network, with sshd running and all was fine;this evening I changed the IP, giving it a local lan address, and what happened if I tried to connect to it by ssh?I got an error about "Connection closed by remote host". Google helped me finding that was regarded to hosts.deny file, that was actually containing a lineALL:ALLthat I commented, and all was fine.My question is: why the hosts.deny (that has never changed) was observed only with the local IP?I tried to switch back to the public IP and leaving ALL:ALL, and it did connect without any problem
View 1 Replies View RelatedSecurity :: Ipsec Not Working Between Two Hosts?
Nov 3, 2010I've set up two security associations(in and out) on two hosts, and then set up two policies per host that should filter traffic to those SA's. Yet when I try to ping one host from the other I get no response, meaning that the filters on one side work and drop unprotected packets, but both hosts are configured to communicate using ipsec. Can anyone point me in the right direction?
Code:
ip xfrm state add src 192.168.77.23 dst 192.168.77.24 proto esp spi 0x53fa0fdd mode transport reqid 16386 replay-window 32 auth "hmac(sha1)"
[code]...
Ubuntu Security :: Is Posting The Hardware Address A Security Risk
Feb 28, 2011When posting results from ifconfig, it shows the hardware address of etho, etc. Would you consider that to be a security risk ?
View 9 Replies View RelatedUbuntu Security :: Deny Hosts Removing An Ip And Checking Tcpwrappers?
Oct 21, 2010I could not find any where the documentation the only best which I got was [URL]
My question is the following blog says to remove an IP from /etc/hosts.deny which denyhost has blocked
[URL] you need to have a directory /usr/share/denyhosts/data I do not find any such directory
Also when I tried to check tcp wrapper configuration as given here
[URL]
tcpdchk -v Cannot find your inetd.conf or tlid.conf file. Please specify its location.
what does the above output mean? How do I make sure denyhosts is doing its job?
Security :: Configure Deny.hosts For Opensuse 11.1?
Sep 7, 2010I just downloaded the DenyHosts2.6python2.5.rpm for deny.hosts from sourceforge and would like to set it up. I normally use fish://, smb:// and ftp:// on the boxes on my lan. I already have files called hosts.allow and hosts.deny in the /etc folder. Will the rpm configure hosts.deny when first run?
View 1 Replies View RelatedUbuntu Security :: Denyhosts Working \ First Time Adding Lots Of Ips To The Hosts.deny?
May 16, 2011I just set up denyhosts and it worked properly the first time adding lots of ips to the hosts.deny.I then set it to run every 12 hours noon and midnight.I wanted to see if ran properly and I got all this.Does it look like its working?
Code:
May 15 12:00:01 hyrule CRON[14286]: (root) CMD (python /usr/share/denyhosts/denyhosts_ctl.py -c /usr/share/denyhosts/denyhosts.cfg )
[code]...
CentOS 5 :: Nscd > Millions Of Log Entries Like 'Reloading "[ip Address]" In Hosts Cache!'
May 25, 2011I'm getting millions of log entries in my nscd.log like the ones below. There's no connection to (or from) this IP address so I'm totally at a loss for what would cause this.
Wed 25 May 2011 06:56:49 PM GMT - 5557: Reloading "65.83.237.34" in hosts cache!
Wed 25 May 2011 06:56:49 PM GMT - 5557: Reloading "65.83.237.34" in hosts cache!
Wed 25 May 2011 06:56:49 PM GMT - 5557: Reloading "65.83.237.34" in hosts cache!
[code]...
Security :: Detecting Infected Hosts - Honeypots - Wireshark - Nepenthes
Sep 2, 2010Is there a 'plugin' for wireshark to analyze traffic and spot infected (windows) hosts? I have been using nepenthes with no luck. (and doubt all hosts are clean) is there some better way (other than using antivirus on each host)?
View 10 Replies View RelatedSecurity :: Hosts.Allow Vs. SSH / Sending Message Connection Closed By Remote Host?
May 29, 2010I have set up SSH and redirected the ssh server to listen on another port other than 22 for a bit of added security.
Now in hosts.deny I have:
ALL : ALL
In hosts.allow I have:
SSH : ip_address_of_client
I can no longer connect. I get the message: ssh_exchange_identification: Connection closed by remote host.
When I change hosts.allow to read:
ALL : ip_address_of_client
I can successfully connect the server.
However, I only want to allow SSH access in hosts.allow. What is the correct syntax?
I have tried and failed with each one of these:
SSH : ip_address:port_number
SSH2 : ipaddress
sshfwd-portnumber : ip_address_of_client
Ubuntu Networking :: Proxy Settings: Allowed Hosts Instead Of Ignored Hosts
Aug 17, 2011Well, as many proxy applications, GNOME Network Proxy Preferences only allow to ignore hosts. What I want to do is exactly the opposite. I only want to use the proxy for few sites. Is it possible to define only the allowed hosts in any way?
PS: I know FoxyProxy add-on for Firefox does this, but 1)I don't use Firefox and 2)I want the proxy settings system wide not only for browser.
Security :: Invalid Login Attempts Not Refused Using Deny Hosts And Conf Of Denyhost Not Working?
Oct 28, 2010I am using denyhosts on a server so in a config file/etc/denyhosts.confthe following value is setQuote:DENY_THRESHOLD_INVALID = 3which as per their configuration file saysQuote:
DENY_THRESHOLD_INVALID: block each host after the number of failed login
# attempts has exceeded this value. This value applies to invalid
# user login attempts (eg. non-existent user accounts)
[code]...
Ubuntu :: No Hosts File - Just Hosts.allow And .deny?
Jan 26, 2011Probably an easy (which means stoopid) question...I am trying to reroute a website using my hosts file so that it matches my servers certificate file for testing without effect dns and the live site.When I went to edit my /etc/hosts file it is non-existent. I have, I am assuming in it's place, hosts.allow and hosts.deny. Can anyone explain why I do not have a hosts file?
View 1 Replies View RelatedSecurity :: Policy That Limits Connections On Port - Encapsulates Total Sum Of All Connections From Hosts?
Jan 21, 2011Is it fair to say that connLimit and hashlimit are very similiar on Linux i.e. while hashlimit caters to limits for groups of ports, they both set the connection rate limit per host? How in IPTables, do I configure a policy that limits connections on a port that encapsulates the total sum of all connections from all hosts? i.e. I do not want to allow more than 6000conn/minute for port range that is the sum of all connecting hosts?
View 3 Replies View RelatedSecurity :: Warning: /etc/hosts.deny, Line 20: Missing ":" Separator?
May 15, 2010I am getting a warning from /etc/hosts.deny
Code:
ALL: 192.168.1.3
ALL: 172.68.11.204
[code]...
Ubuntu Security :: Use Address Not Ip In Iptables?
Jul 24, 2010i need to open this address ftp.nai.com, is there a way to use address not ip in iptables?
View 7 Replies View Related