Ubuntu Security :: Block Incoming URL In 8.10?

Jun 17, 2010

I'm trying to block an incoming URL. My ISP is hijacking 404 pages and annoyingly changing the URL line in the browser and flashing all sorts of popup ads. I just need it for incoming URLs which my router doesn't seem to handle. I'd prefer something packaged with Ubuntu 8.04, but anything simple will do. I know in KDE I could edit the kdeglobals file with:

[KDE URL Restrictions]
rule_1=open,,,,[URL],,false
rule_count=1

View 4 Replies


ADVERTISEMENT

Ubuntu :: Using ISP's That Block Incoming Connections?

Apr 4, 2010

I need some suggestions on software. I would like to offer remote desktop support to some of our clients, but some of them are using ISP's that block incoming connections so, VNC is out of the question. I was wondering if there is something similar to logmein for ubuntu?

View 1 Replies View Related

Ubuntu Networking :: Bridging Firewall - How To Block Incoming Traffic

May 2, 2010

I have a ubuntu computer set up as bridge between gateway and lan, with the lan connected to eth0 and gateway on eth1.

I'm trying to get it to basically block everything incoming except for the ports i specify, but also allow outgoing traffic. I've found, tried, modified som examples i found on the web, but still it wont block incoming traffic (ie, im still able to reach my webserver)

These are the rules, and i can't figure out why it wont block:

Code:
#!/bin/bash
iptables -F
iptables -X
iptables -I INPUT -i eth1 -j DROP

[Code].....

View 1 Replies View Related

Ubuntu Servers :: Firestarter Doesn't Allow Anyway To Block Incoming Connection By IP

Sep 19, 2010

What is the absolute quickest or easiest way to block an incoming connection by their IP address? I'm running an apache2 LAMP server on Ubuntu 8.10. For example, let's say I'm watching my server error logs and I see someone using a script to check for phpmyadmin and other such folders. Right away I know this is a hack attempt. Firestarter does not allow ANY way to block an incoming connection by IP (to my disappointment) and adding the IP to an apache configuration file requires an apache restart (way too much trouble and time).

View 5 Replies View Related

Ubuntu Networking :: Iptables: Block Incoming And Allow Outgoing Traffic

Jan 6, 2011

I need to configure iptables to block incoming traffic (except specific ports), but allows all outgoing traffic.

I am able to block incoming traffic, but doing so also prevents outgoing traffic (tested by telnet [URL] 80)

The following was used:

iptables -A INPUT -p tcp --dport ssh -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -I INPUT 1 -i lo -j ACCEPT
iptables -A INPUT -j DROP

Also, even allowing NOT SYN requests still prevents outgoing traffic.

iptables -I INPUT 1 -p tcp ! --syn -j ACCEPT

Another point:

# modinfo ipt_state
modinfo: could not open /lib/modules/2.6.18-028stab070.14/modules.dep

How to install ipt_state module on ubuntu?

View 2 Replies View Related

Networking :: Block All Incoming Mail Traffic Except Certain Addresses?

Jan 12, 2009

assist me in using the iptables firewall to block all incoming mail traffic (SMTP port 25) except that of a certain IP(s)? the situation is that we have a server that we only want to receive mail from a particular sender.

View 1 Replies View Related

Ubuntu Networking :: Firewall - Block Incoming / Outgoing Connections To IP Range

Jul 4, 2010

I am still new to ubuntu and I use firestarter as my firewall tool and I was told that its just ufw in a gui. Well anyways I noticed a connection to 174.129.241.144 using https and python, I didn't have any scripts running and my browser was closed, I read the man files for ufw and it said to do something like deny from 174.129.0.0/12 and I want to block all incoming and outgoing connections to this IP range and I was wondering how to do that, I heard of iptables that it would be able to do this but I dont know anything about it. What I should learn so I can handle these kinds of situation in the future and how I can block this ip subnet or also what does the /8, /12, and /16 stand for?

View 7 Replies View Related

Security :: Incoming Connections On 445?

Apr 11, 2010

Its been really bugging me that whenever I scan my connection with wireshark I see this one person sending me a SYN packet every minute on port 445. I know this is the dangerous port that the Conficker worm travels along. So far my computer seems to be immune and I know, at least on the Linux side that I can just add a rule to my ip tables to block that port indefinitely. I want to know what the next step is.

00 0c 41 b2 e4 1d 00 11 09 b2 2f 0e 08 00 45 00
00 30 91 84 40 00 80 06 d1 c7 46 4f 86 29 XX XX
XX XX 10 43 01 bd 9e 23 d6 27 00 00 00 00 70 02
ff ff 65 58 00 00 02 04 05 b4 01 01 04 02

This is one of the packet captures I am getting. After sending me this and getting no reply, all of a sudden he goes up an ip. Basically this would be the pseudocode for what it looks like hes doing on my end.

while(1){
for(int i = 1; i != 255; i++){
send_connection_attempt("XX.XX.XX." + i);
}
}

To me this looks like this guy has hijacked a computer and is using it to run a script over. He is still scanning my network as I said earlier, what should I do? Should I contact my ISP? or just nail down the hatches and make sure nothing is exposed on my network?

View 3 Replies View Related

Security :: Limit Incoming HTTP Bandwidth Usage With IPtables

Apr 5, 2011

Can I, with only the use of IPTABLES, limit the incoming bandwith for a protocol? We have for example servers that have a FTP and HTTP server running and whenever HTTP has a lot of connections open, the other uploads/downloads get a timeout. I know I can limit the number of connections but prefer to limit on protocol level. Is this possible using IPTABLES and if so, can someone indicate how to proceed or provide a link? If it's not possible can someone point me to the right tool for the job?

View 6 Replies View Related

Security :: Iptables State Module - Configuration Error / Not Enable Incoming Packets From Connections Initiated From Inside?

Mar 30, 2011

I have a server that I can only access via SSH (it's located far away) and I would like to secure it by blocking all ports except the ones that I need (which are HTTP and SSH). I still want to be able to make outgoing connections to enable software updates and other things.This is my iptables -L -n :

Code:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:1:21
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:23:79
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:81:65535
code....

In my opinion, this should block all incoming packets except the ones on port 80 and 22, but allow responses to outgoing connections. But a wget http://google.com does not work, it can't establish the connection.

Maybe this is not the best style for iptables rules, but I want to be absolutely sure to not accidently lock myself out from SSH, so I chose not to configure a "block-everything rule".

Does this configuration not enable incoming packets from connections initiated from inside?

View 3 Replies View Related

Ubuntu Security :: Block Pinging With GUFW?

Jan 25, 2010

I did one of the recommended port scans and all ports passed but failed on pinging. How do you turn pinging on & off with GFUW?

View 9 Replies View Related

Ubuntu Security :: How To Block Subdomain Of Any Site

Mar 26, 2010

My question is how to block a subdomain of a site. To make it as clear as possible, I'll give an example. I am regularly entering this arbitrary site [URL] which redirects me to this page [URL] and this index.html takes an image from a subdomain which is a subfolder of itself, that is: [URL]. What I am asking is blocking the images to be taken, but not the main page itself, i.e. to block www.somesite.abc/images/ without blocking the overall www.somesite.abc.

My idea was to use the /etc/hosts file by redirecting to loopback address:
Code:
127.0.0.1 www.somesite.abc/images
But it looks as if it doesn't affect things at all. Should I use it another way? Modifying /etc/hosts.deny maybe useful?

View 6 Replies View Related

Ubuntu Security :: Firewall Does Not Block Tor Connections

Oct 2, 2010

I have noticed interesting problem. I use two browsers - Firefox and Konqueror. Konqueror is configured to use tor, Firefox not. Using Gufw I block all incoming and outgoing traffic and it works while using Firefox, I mean that I can't view any www site and it is ok. But if I use Konqueror I can establish any conection. How to understand this? Should I have different firewall while using tor?

View 5 Replies View Related

Ubuntu Security :: How To Block The HTTPS Sites

Jun 17, 2011

I want block https sites if suppose block the http it will opening in https.

View 9 Replies View Related

Ubuntu Security :: Can To Write Block All But NOT Rule For UFW?

Jul 23, 2011

For example, can I write something to the effect: block all outbound UDP connections over port 53 except those going to IP 123.456.789. Or stated another way: Block outbound to port 53/udp NOT going to ip address 123.454.678Is it possible to do this? How would I write the argument?

View 3 Replies View Related

Security :: Block Ips With Lot Of Connections?

Oct 31, 2010

on my linux server i have many websites but with difrent ips address, is some way to i can block all the ips with many connection (100+) just from my website not from all websites

View 5 Replies View Related

Security :: Iptables To Block Ip From Ftp?

Mar 6, 2010

Is this how I would do that?

iptables -A INPUT -p tcp --destination-port 21 -d ! 168.192.1.2 -j DROP

This should block all incoming connections on port 21 from 192.168.1.2, correct? Thus preventing that IP from logging into my FTP.

View 1 Replies View Related

Ubuntu Security :: Block All Ports Except Pop And Smtp In NAT Through Iptables?

Jan 20, 2010

how to block all ports except pop,pop3,smtp in nat using iptables in squid on redhat A3

View 2 Replies View Related

Ubuntu Security :: Ban Everything And Anything From That Block, Pref Without Upsetting Firehol?

Feb 1, 2010

now still don't know how to use that properly.now after a quick sudo tcpdump -n -i eth0 > tcpdump.txtits obvious to me at least that anything 85.9.102.* is not to be trusted.see attached.how do i ban everything and anything from that block, pref without upsetting firehol. whats opinions of ipcop, btw.

View 3 Replies View Related

Ubuntu Security :: Block PHP Injection Attacks With Fail2ban

Apr 12, 2010

I'm trying to implement this method to block php injection attack using fail2ban: here it is, however I'm not sure it applies to Ubuntu. You see, there's this filter that must be added to the fail2ban jail file:

HTML Code:
[php-url-fopen]
enabled = true
port = http,https
filter = php-url-fopen

[Code]....

View 7 Replies View Related

Ubuntu Security :: Block Device By Bluetooth Address?

Apr 22, 2010

Is it possible somehow to block some bluetooth device with specif address (mac) ?
(like iptables block by mac)?

View 3 Replies View Related

Ubuntu Security :: How To Insert Malware Block Lists

Sep 8, 2010

today is my second week using ubuntu , my question is how can i insert malware block list on ubuntu? as my regular win user i always put the list in dirrectory x: winblows system32 drivers etc hosts[URL]

View 9 Replies View Related

Ubuntu Security :: Block Users From USB Drive/Devices And CD-Rom

Sep 20, 2010

Block Users from USB Drive/Devices and CD-Rom I am using Ubuntu 9.10- the Karmic Koala(64 bit) in my company. I would like to block the users(except Super user) from using USB Drive/Devices and CD-Rom for security resons and to prevent my employees from copying data.

In Users Settings, I tried unchecking some items in User Privileges tab but it didn't work.

View 6 Replies View Related

Ubuntu Security :: Block Multiple Ssh Login Attempts?

Mar 22, 2011

I am running a ubuntu server 10.10 with SSH, and OpenVPN. I use it mainly for the VPN, but I have seen log in attempts such as:

Mar 22 14:52:53 UbuntuSvr sshd[2397]: Invalid user support from 85.217.190.69
Mar 22 14:52:55 UbuntuSvr sshd[2399]: Invalid user student from 85.217.190.69
Mar 22 14:52:57 UbuntuSvr sshd[2401]: Invalid user transfer from 85.217.190.69
Mar 22 14:52:59 UbuntuSvr sshd[2403]: Invalid user user from 85.217.190.69

[Code]...

Is it possible to make it so when some one has tried logging in 5 times with an invalid user/pass that the ip is banned for 10 minutes? I have password auth set to no and am using keys.

View 7 Replies View Related

Ubuntu Security :: Iptables, Block Port Except For Eth0

May 24, 2011

I would like to allow incoming and outgoing connections when I'm connected to a wired connection, but drop it otherwise. I noticed that ufw can't block outgoing traffic because of will I give iptables a try. I'm unsure if dropping packages that are outgoing will work, the rule after the block rule will allow all outgoing connections.

This what the rules are intended to do, unsure if that is actually the case. Allow all loopback traffic. Allow ping replys Allow incoming on port 12345 if eth0, deny otherwise. Allow outgoing on port 12346 if eth0, deny otherwise.

Code:
iptables -A FORWARD -j DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -p icmp --icmp-type 0 -s -m state --state ESTABLISHED,RELATED -j ACCEPT

[Code]....

View 3 Replies View Related

Ubuntu Security :: Block Websites With Nonsudo Password?

May 30, 2011

I want to block a list websites from myself using a password that I don't know.I would randomly generate it or something.Everything revolves around sudo, though, so I don't know how.Long to short: how do I blacklist websites using a password other than my sudo password.

View 2 Replies View Related

Ubuntu Security :: Block Outgoing Connection From A Program?

Jun 3, 2011

I open this thread after an unsuccessful long search over the Web. Essentially what I want is to block the outgoing connection of a program. All I know about this program is its name and so I don't have any information regarding the ports it utilizes or the address it may contact.

View 9 Replies View Related

Fedora Security :: Block One Web Page?

Mar 13, 2009

What is the easiest way to block one specifiek web page?Can I use the file /etc/deny host, or should I use another program to do this?I have already search the web andfound iptables, but that is to difficult for me, and I found squid

View 1 Replies View Related

Fedora Security :: Iptables - Block Everything From Getting In My Pc

Mar 17, 2009

What i wanted to do was block everything from getting in my pc but still be able to surf the web and still use instant messenger.

View 2 Replies View Related

Security :: Allow Internal Ips And Block External Ips?

Jul 19, 2010

Im running Centos 5.4 with a sftp server, and I�d like to allow all 172.16.0.x ip and 192.168.0.x ip and block everything else. Does someone have a good way to do this with IPTables or any other opensource FW?

View 10 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved