Ubuntu Security :: Do I Really Need Router For Security?
Oct 5, 2010
I've read that using your computer behind a router is a must for security because of the NAT+SPI firewall so naturally I became interested in getting one. The thing is, I don't need the other features routers have because I don't do wireless, & I only use one computer. So do I really need one? Do the security benefit(s) gained from using a router warrant spending $50+?? Wouldn't using UFW with default deny rule offer the same level of protection?
Also I want to use my Playstation3 online. What security risks will I be taking if I connect it straight to my modem, instead of through a router?
View 9 Replies
ADVERTISEMENT
Nov 11, 2010
As it stands I have a small home network operating behind my modem/router. Some of the ports on this are forwarded to my PS3 for gaming but I was looking at forward some for my file server.
At the moment I've forwarded port xxx22 to port 22 on my server for SSH for instance. ANd similarly 21 for FTP (although it doesnt seem to want to connect for any more than a few seconds using that). What I was thinking of doing was placing a small website for a handful of ppl to use on the server too and port forward again - xxx80 to 80. It works just fine but I'm a little concerned on the security front.
As I've moved the port to something different from the outside world I'm presuming I will have already cut the potential for malicious folks to wander in but is there anything else I should be doing? At the moment there's no firewall operating on the server, usually as its hidden behind the modem/router. But if I open this thign up more permanently what should I be doing? I've read a few articles on it but I'm always left with the overwhelming thought of "Thats if theres no firewall in my router" as they just seem to do the same.
View 5 Replies
View Related
Oct 28, 2010
I need to use an older router, which doesnt use wi-fi protected set-up, but I dont want anyone to be able to sniff the set-up.If I connect my laptop to the router with an ethernet cable, go into set up, turn off the wireless signal, then change the router password, and set the WPA2 password, then turn wireless signal back on, that should be just as secure, shouldnt it?
View 8 Replies
View Related
Feb 14, 2010
I have problems connecting to several things while ufw is enabled, with the most important beeing my router(10.0.0.1) and KGpg key upload. I tried to allow all incoming traffic from 10.0.0.1 but it didn't help. With ufw disabled i can connect to the routerI use wicd and wicd-client for connection and the "cant connect to access point" errorBelow are the output of ufw status numbered and portsentry(dunno if its needed)
Code:
To Action From
-- ------ ----
[code]....
View 3 Replies
View Related
Nov 10, 2010
I have recently been the victim of identify theft and have coincidentally noticed that my router has been under attack for the past few days. I've been monitoring the log on my router (a D-Link DI-624+A) and suddenly while I was on Skype, my wireless connection was lost. I reconnected and found that the router's log had been erased. It appears from the log that the hacker has so far been unsuccessful. I have already done a 'whois' on several of the IPs this hacker has been using and have notified the respective ISPs.
Is it possible to remotely delete a router log?
Here's an example of my log before and after the delete:
Code:
Wed Nov 10 18:00:24 2010 Unrecognized attempt blocked from 221.136.83.1:40245 to xxx.xxx.xxx.xxx TCP:8080
Wed Nov 10 18:08:24 2010 Unrecognized attempt blocked from 60.173.26.168:6000 to xxx.xxx.xxx.xxx TCP:9415
[Code]....
View 1 Replies
View Related
Feb 15, 2011
I want to have a firewall that is connected to my modem and router and have it function as just a firewall no dhcp no routing is that possible?
View 3 Replies
View Related
Apr 1, 2011
Rather than use pfsense, etc I decided to create my own router/proxy etc based on an atom base with 2 nics.Proxy/routing/dns/etc all working fine, I now though want to lockdown the fw rules.ETH1 is the WAN NICETH2 is the LAN NICI'm guessing i want to allow anything out of ETH1, but only allow incoming to ETH1 when its established or related... What about ETH2 though? Any ideas pls? Am used to configuring iptables on single nic, certainly not a router.
Code:
Chain INPUT (policy ACCEPT 18535 packets, 10M bytes)
pkts bytes target prot opt in out source destination
[code]....
View 8 Replies
View Related
Oct 23, 2010
So for ive changed the dns on my home router to Opendns and ive added this What does a dns attack look like? how would i know is my dns was poisoned or if i was under a kaminsky style attack?
View 9 Replies
View Related
Apr 5, 2011
In an effort to learn more about firewalls and iptables I have left behind gui set-up tools and have setup a firewall using iptables that logs to its own file. The firewall is as follows:
Code:
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
:TCP - [0:0]
[Code]...
View 8 Replies
View Related
Aug 8, 2010
I get all my traffic from my router, as this computer seldom moves. So is there a use for a firewall?I am not sure, because when I scan my IP address with nmap, no matter what the changes I make in the firewall, it is always the same scan...cannot fingerprint OS...and all closed ports.The all closed ports thing only changes when i torrent, then i get a wide open port.
View 14 Replies
View Related
Mar 9, 2011
I am trying to setup a firewall using Centos 5.5. The machine has 2 NICs, one connecting to the ISP/Modem and the other connected to a DIR-655 wireless router. The nic is connecting to the internet port on the router.
I do not want DHCP on the Firewall machine but on the wireless router.
[ISP/Modem]<--->[machine eth0]<--->[machine eht1]<--->[DIR-655 internet port]
IP from ISP Dynamic 192.168.1.1 192.168.1.2
IP's on the DIR-655 LAN will be 124.168.0.0/24 network lets say.
I have setup routes on the eth0 192.168.0.0/24 and 124.168.0.0/24
and added 124.168.0.0/24 to eth1.
I can ping eth0 and eth1 but cannot ping 192.168.1.2.
this setup is not actually connected to the internet so I disabled iptables to try testing the ping and still no good.
View 1 Replies
View Related
Apr 20, 2011
There are routers with firewalls which you cannot configure - you just use those routers and get some protection from Internet attacks. Is it possible to configure iptables on GNU/Linux machine so that you'll get better protection than the protection you get from those kind of routers?
View 4 Replies
View Related
Jan 1, 2010
I installed Ubuntu 9.10 netbook remix on my Acer Aspire One D250 computer. The broadcom wireless NIC succeeds in connecting to the network but only if I remove the WPA-PSK security in the Netgear router settings. What do I need to change in order to be able to secure my network?
View 2 Replies
View Related
Dec 19, 2010
I've recently been taking a look at my router settings and I've realized i have my vnc port open for some reason. I don't know how or why it got opened because I've only used vnc within my private lan. Anyway, the problem is I couldn't figure out how to close that port on my router, so I just uninstalled all the vnc software from my computer so it wouldn't act like a vnc server for anybody trying to access it from the outside. So, effectively, I cannot vnc into my computer from outside my private lan, but when i port scan my public ip, the vnc port still appears open.
I'm wondering if there's something i'm missing. I'm sure it must be something in the router that I haven't figured out... something that's keeping port 5900 open.
View 6 Replies
View Related
Mar 1, 2011
This morning I was looking at the router's log file and noticed a certain IP address was able to gain LAN access on port 2222. That just happens to be the port my SSH server is listening on! A whois search revealed that IP address is in Germany. As soon as I found this out I stopped forwarding all ports to this machine in my router.
how to tell what had happened, what information this person was able to obtain, and if he left any goodies behind that could hurt me? I've read through some of the logs on my computer and haven't been able to find much at all. I did have some personal information on the hard drives, but that information is encrypted. I'm thinking if they were able to get my SSH password then that information probably isn't safe either (assuming they have some of it).
View 7 Replies
View Related
Aug 11, 2011
My 2Wire router/modem I got from AT&T for my DSL has port 3479 TCP open and I can't figure out how to close it. It's open to the entire internet. From a quick google search it's some port AT&T can use to update the modem's firmware or something.Consider how in bed AT&T is with government agencies it seems like a easy way for the government to get into my home network just by using what seems to me a backdoor put there by AT&T. Anyway to close this or secure it. Right now I'm using the hardware as my main router for my home network. I have Linsys I modded with DD-WRT. I'm thinking of re-configuring my network to use the DD-WRT router as the main router and the 2wire just as a modem. The 2wire is a hybrid modem/router and I'm kind of lazy and don't feel like re-configuring my entire network if I can just close the port.
View 9 Replies
View Related
Jan 29, 2011
I have my system set up to where the router(dd-wrt) will send it's syslog messages to my Linux PC system. I am using shorewall as my firewall. I have two questions: How can I configure shorewall to allow the messages from my router? If I use my router IP address to allow the messages to come through the firewall, will this be a great security risk as anything from the internet can come through on that router ipaddress?
View 1 Replies
View Related
Mar 25, 2010
I was wondering whether or not it is possible/advisable to install and run Snort on a single laptop with a wireless router (firewall enabled)? Does Snort require root privileges and are there any other issues one needs to be aware of when installing and running software like this?
View 6 Replies
View Related
Apr 22, 2010
I have my router configured so that it drops outgoing telnet connections (and other protocols I don't use). It's a 2wire gateway. 192.168.1.65 is the internal IP of my ubuntu box.I'm trying to figure out what normal network traffic looks like and whether I should be worried by this log entry. At the time this happened I was testing out TOR (just navigating to a few sites (dell, ubuntu forums, etc.) nothing all that interesting.)
View 2 Replies
View Related
May 27, 2010
I've setup OpenVPN-ALS (formerly known as Adito) on Ubuntu Server 10.04 edition. I have a security router (Untangle) in front of my internal network. I have a domain name and an SSL Certificate setup on our security router. I can access our web interface on our security router with no problems.
I've setup a portforward rule on our router to access this OpenVPN-ALS portal and I can access it, but I get an invalid certificate message. So I've bought another SSL certificate to install our our Portal, but I'm getting an error message when I enter in our information at the provider where I've bought the certificate.
Common Name does not contain fully qualified domain name. I'm not sure what the problem is. Do I use the hostname I've setup on the portal or do I use the hostname on my security router when I setup the SSL certificate on our portal?
View 5 Replies
View Related
Mar 31, 2010
Not doubt this sounds alarmist, and perhaps it is... anyway, earlier tonight my mum complained that her home network connection wasn't working. After complaining about Windows and running a virus scan, I returned to my laptop, only to find my Ubuntu 10.04 was having the same problem. Then I noticed the wireless connection light (next to send and receive, which always blinks anyway) was constantly flashing, as if transmitting data, even though neither of us was connected, of course. I turned the router off and on again a few minutes later. Initially the light was still blinking abnormally, but I could now access the internet, as could mum, so I ignored it.
Later on, while the virus scan on mum's computer was running, Windows notified her she was running out of hard drive space - normally about 30GB of the 51GB HD is used on her laptop, but suddenly 50GB had been used. I also noticed my 275GB Ubuntu partition had 235GB free (although total size of files on disk was 128TB - a bug perhaps?), i.e. 40GB used, which seems pretty large for a rather fresh install and a handful of documents!Currently, everything's normal where my router's concerned (no blinking lights except for my browsing), and my Lucid partition is still showing 235GB free (strangely, mum's laptop now shows 46GB used instead of 50GB). So, what do we make of all this? Were our computers hacked for storage space?
View 12 Replies
View Related
Feb 14, 2011
Within the documentation of example OpenVPN setups there is a setup that shows an OpenVPN Server with two network interfaces. One interfaces is plugged into the public internet network and the second interface is plugged into the private network.
Normally I assume that it would be best to place the OpenVPN system inside the network behind the router and firewall and open only the ports needed on the router to allow access to the OpenVPN system. All other router ports would be closed. This is the first example they show. To see what I am talking about see page(s) 6-7 here -> [URL]
If one were to use the two interface public facing setup, when would that setup best be justified? I guess if you didn't want to open any ports on the router/firewall then this could be justified but then you have to lock down this public system individually instead of having it protected by the network firewall.
View 1 Replies
View Related
Nov 17, 2010
I did a port scan on my server from outside my network and saw that port 10080 AMANDA is open.Amanda isn't installed on any of my computers or my server and the port is not forwarded by my modem or router. So why is this port open and how can I close it?
View 6 Replies
View Related
Jan 19, 2010
ubuntu 9.10 login panel is worse with respect to ubuntu 8 since now all the users with names are shown without a way to hide them!Why don't keep the old way at least as an option?
View 5 Replies
View Related
Oct 15, 2010
To avoid having to input a password for the keyring each time I connect to the net via wireless, I enabled the 'Available to all users' option in Network Manager. Now, my question is this. Are the 'users' it refers to just those created on this machine? Would a drive-by be able to use my network without entering the password?
View 3 Replies
View Related
Jan 17, 2011
1. I understand you can protect your files or directories in your website by setting file/directory permissions. The meaning of r w x is clear to me, but I'm not sure how to proceed... Starting with the index.html file, if I wanted to make it so that anyone in the world can read it but can't modify it, do I set its permissions to rwxr-xr-x? If I set it to rwxr--r--, would that mean the file couldn't be served? I mean, what does the x setting do on a .html file, how can a .html file be executable?
2. If file permissions work on the lines of owner-group-others, in the context of a website, who is 'group'? As far as I can tell, there's only the owner, which is me, and others, which is the world accessing the site. Am I correct in thinking that by default, say when creating a website on a shared hosting server, there is no group unless I specifically set one up?
3. My ISP allows the DynDNS.org service, meaning that I could serve a website from my home. It's too early to go that route just yet, but for future reference, I would like to ask about the server software called Hiawatha. It is said to be secure, but having read some evaluations of it, it doesn't seem to offer anything that couldn't be accomplished with Apache or Cherokee, it's just that its security settings are simpler and easier to configure. Am I right about this? Or does Hiawatha truly offer something that the other major server packages don't?
View 9 Replies
View Related
Mar 3, 2011
i updated both browsers i have and lost my secure log-in pages (no padlocks showing ) concerning different Web mail accounts.Just before i did these updates i checked an unrelated thing on-line regarding my sound card of which i kept a copy of and got this message below :
!!ALSA/HDA dmesg
!!------------------
[ 12.762633] cfg80211: Calling CRDA for country: AM
[code]....
View 2 Replies
View Related
Mar 29, 2010
Conky can be used to display a variety of information on the users desktop. I wanted to use Conky instead to display the current status of security as reported by:
SANS Internet Storm Center
IBM Internet Security Systems
Symantec Threatcon
McAfee Threat Center
I therefore created 4 small scripts which download the current status from these sites, and set the colour of those status's depending on the current value.The conky configuration allows for a semi-transparent background - though this is optional.Attached is an example image showing the 4 different colours.Also attached is an archive with the 4.sh files, .conkyrc and draw_bg.lua (from here http:[url].....
View 2 Replies
View Related
May 29, 2010
I just installed Ubuntu on a desktop. Can anyone give me some guidance on installing basic security software? In particular, I'm looking for a firewall, antivirus, and anti-spyware/malware utilities.
View 2 Replies
View Related
Aug 3, 2010
I already posted a topic similar to this concerning the Desktop OS version, but this deals with the Netbook because unlike the Desktop, the Netbook is less cooperative. Allow me to elaborate: Today (or rather yesterday since it's not after midnight where I am), I changed my password because I was hopelessly confounded about how to get my Wireless Network card up and running after it had been installed and I was allowing my dad to use it. This issue has since been resolved, however...
When I chose my password during the original installation, there was no mention of it being "too simple." This is where the Desktop OS and the Netbook OS differ. The desktop will let me change it in the terminal without any errors. The Netbook will not. When I've attempted to revert it back to the original, it will not let me do so in the User Profile or in the Terminal. The Passwords and Encryption Keys application also does not appear to help.
So now even after I've changed it to a different "complicated" password I am still prompted to insert two different passwords since I changed my user password but I am unable to change the password I input during the installation. A bit screwy methinks. This is extremely important. I'd like to know how to change the original installation password.
If I can't change the main password on my laptop then this is a serious potential security breach just waiting to happen (especially since it's on a laptop and I will be hauling it around with me) and I will most likely install a different OS if this isn't resolved --- It would be very unfortunate since I spent the whole day fixing it and I really enjoy the interface. Luckily I can live with this on my Desktop since I'm not going to be hauling it around with me everywhere when the school year starts.
View 9 Replies
View Related
