Is there a firewall installed and running in 10.04? If so are there any gui tools for configuring it and where are they? If there is not a firewall, what should I install to get one properly up and running?
View 2 Replies
I'm running 10.04 without having installed a firewall is that ok? because, i'm also bugged by audio/video and mouse problems which build up and i must warm boot to remedy. (although the drum fanfare at start-up doesn't sound quite right ether?). furthermore i would like to open the port for my torrent client Transmission, but the elements of the web pge (192.168.1.1) are flickering.
View 5 Replies View RelatedI now have a firewall up and running: almost perfectly. When I use nmap and perform the most comprehensive scan I can think of, it cannot detect any wide open ports (unless bittorent is running) and cannot fingerprint the OS. My last 2 questions about my firewall (I am very happy now) are:
It seems as though Firestarter has been "abandoned" by the developers, and that gufw is more current. Does it really matter which firewall I use because don't they all do the same thing? I like firestarters system tray icon a lot. 2nd question is I have two open|filtered ports. Are these still pretty well protected?
It is very pleasing to see that I have no open ports, because if you were an experienced Windows user like I was, you got used to the fact you were going to have open ports no matter what. Linux's builtin firewall completely destroys the expensive and useless scams they call Norton and McAfee. Linux officially rocks now
I installed fail2ban from the Ubuntu Software Center (Ubuntu 10.10) and everything seemed to go fine. But when I try to access the client I get this output:
Code:
wolfgang@Culture:/var/log$ fail2ban-client status
ERROR Unable to contact server. Is it running?
[code]....
Can we use iptables as firewall instead of Juniper firewall
View 2 Replies View Relatedlove security/pentest tools. This script adds ALL the tools from the Security Spin, plus Metasploit. Feel free to modify it if need be.
View 12 Replies View RelatedI have a Suse11 box with 2 network cards:
I have squid as a proxy on the Suse box, and with the default firewall I have to enable masquerading to allow clients on the eth3:1-3 to send and receive mail through the Suse box. I found the Suse firewall completely inadequate (all P2P software/connections are allowed once you enable masquerading) and had to install ConfigServer Security & Firewall. In die configuration of csf I could get my way around getting smtp to work for the eth3:1-3 clients, but pop3 connections does not go through the box. I know I need to allow port 110 and 995 to masquerade of NAT (or something) and then the same for port 22
I tried installing F-prot's linux scanner but it doesn't seem to want to install and I am tired of messing with it.
So I am wondering if I even need it or if there is something else.
I am behind a firewall already with my router if that helps any.
I guess I am having trouble understanding why virus protection is less necessary.
Do people not write viruses for linux systems?
our oracle(oracle 10G) server got a serious problem, the OS is SLES 9 SP4, two HBA adapters(QLogic 2340) with NetApp FC Storage(FAS3140), we have installed multipath-tools on this server and ensure that physical connection and swith configuration are correct, but we only can see a path
:~ # multipath -ll
360a98000572d4d414b4a522d7a62376d dm-2 NETAPP,LUN
[size=200G][features=0][hwhandler=0]
[code]....
I just installed 10.10) i had speaker audio on my laptop but the front jacks for head phones didn't work. After fidiling with some config files, i forget which config thing it is in but there was numerous mentions about where you had to put "options I am already added to the audio group for my computer and running vlc as root does not work (vlc-wrapper) regular won't run as root, i tried that because i have fixed other hardware problems by running programs as root. The laptop is a HP Pavillion dv5-1000 and has a regular sound card and a hdmi port (the sound is configured to play out of the non hdmi one)
View 1 Replies View RelatedI never installed one, but if I wanted to find out for sure if I have one how would I do that?
View 2 Replies View RelatedI need a dev setup which is external to the box I work on at home. I.e. I need to build some form of PC capable of running basic dev tools / scm.Given its very basic needs, was thinking of finding a fanless, probably atom based, micro-itx solution. I.e. small, silent, can just sit somewhere all day with a nightly backup to a NAS. (it would be really cool then as well because I can throw it in a bag and take it places when I need to -- its wrong I get excited about that...).Just wandering if anyone has done anything similar?lightly worried about the performanceWas thinking something like the Shuttle XS35GT:but have a gut feeling I could build something better for 2/3's the price.
Friend suggested buying a simple netbook as its probably one of the cheaper ways to getting an atom powered system, and has a screen for setup. ll it needs to run is a web server, SVN/GIT, Trac, maven, hudson and artifactory. I.e. it does not need to be capable of streaming video content etc (i.e. its not a media box) for 1 user at a time. Projects are not going to be the smallest for home projects, but really in the grand scheme of things its going to be small.
Could you please advice how to clone CentOS with all installed software to another box.
What tools should be used?
I want to see how secure my company is. I am not too concerned about over the wire, more about someone hacking our wireless.
View 6 Replies View RelatedIm trying to run some penetration testing on my home wireless and want to know if the tools that backtrack uses are available in the repository.
Specifically tools that can be used to sniff out valid mac addresses and breaking wep encryption-what tools am i looking for?
how efficient and effective are these snort, argus, ossec etc etc for an organization having 3500 PC Network, connected through 700+ Cisco Devices (Layer 2 and Layer 3), and scattered on 130 different sites (geographically)? what should be the combination of products and what should be the architecture for an efficient forensics activity?
View 2 Replies View RelatedI'm doing some light web development, I installed php5 and apache on my laptop and read that when running apache your computer is technically a server and is thus vulnerable to computer wankery. I'm looking for advice on whether or not I should install a firewall or if I don't really need it. The work I'm doing is not a professional website, just a place for some experiments. All the info I found on the web was targeted to professional web-developers, not so much for amateurs like myself. What do you think?
View 6 Replies View RelatedAnyone know if the collection of STD tools have been included in Fedora repositories? Would love to recreate a STD disk based off of F12+ live cd and those tools. (Knoppix Secuity Tools Disk that seem to have died out a couple years back) Great tools, just the distro doesnt support new hardware....but if in a F12+package......all would be good.
View 3 Replies View RelatedIt seems the fingerprint reader is detected, and several related packages are installed, but I can't find any tools available to either set it up. or activate it for use.
View 6 Replies View RelatedI am facing some problem while running my tools (electronics tools).Actually my company has changed the internet connection (internet provider). Everything is working fine but it changed my IP address (which is ok) but it also changed my HOSTNAME (which is really starnge for me).And the problem with my tools is that with old connection it's working fine but with new connection GUI mode is not working, only batch mode is working.
View 14 Replies View RelatedIt used to be that the dvd menu offered an option to "repair the installed system". THis was really very convenient. The openSUSE 11.3 dvd for x86 now only gives a "system rescue" option which leads to command line directl. Where have been "the repair the installed system" tools? How can we access them now? What is a reasonable set of tips that's supposed to be used after logging into "system rescue"?
View 9 Replies View Relatedsoftware to use against Intrusion and such. The thing is that I don't want to have several anti virus programs running at the same time due to collision.
View 9 Replies View RelatedHow do I know which firewall is installed on my Red Hat 4 system?Are there any commands or procedures I can follow?
View 2 Replies View RelatedQuote: The importance of security should never be underestimated. The consequences of losing data can be disastrous for any organisation. For example, the loss of a single unencrypted laptop may have huge repercussions. This could include breaching data protection legislation with the risk of a significant fine, a loss in the confidence of an organisation, as well as the risk that sensitive data may fall into the hands of a competitor or third party with malicious intent.
View 1 Replies View RelatedFor those with IT jobs, how do you handle security monitoring for your company?
1.How do you determine what to monitor-- The most vulnerable assets, most critical or something else?
2.What kind of data do you collect for security monitoring purposes?
3.What tools and techniques do you use to analyze the data?
I have already developed file type filtering functions through squid. Now I want to deal with content filtering aspects... What tools are available there for so in linux?
View 6 Replies View Relatediam working on mail server in redhat centos. i want to know how to secure my mail server for heavy loading , any monitoring tools in GUI or console , is any essential tool which is used in Like MNC for mail server..
i know few command in like top,netstat,etc through google but i willing to know some more
I have Ubuntu running on an old PE server. It is running Virtualbox with an instance of Ubuntu inside. The instance is there to run my honeypot.
The server box IP is192.168.1.10. The Virtualbox is bridged with it's own IP of 192.168.1.200. The honeypot daemon is listening to 192.168.1.201 with arpd.
I set up the UFW with DENY. And then enabled only the ports leading to the honeypot scripts which are abound to IP .201. I then forwarded the ports necessary to run VNC to .200.
Here is the UFW status:
buntu@ubuntu-desktop:/var/lib$ sudo ufw status
Status: active
To Action From
-- ------ ----
192.168.1.201 21/tcp ALLOW 21/tcp
192.168.1.201 4444/tcp ALLOW 4444/tcp
192.168.1.201 5544/tcp ALLOW 5544/tcp
[Code].....
I just install 1 firewall using Iptables.
Firewall includes 2 NIC:
NIC1 <IP PUBLIC>
NIC2 192.168.10.1
I installed 1 web server IP: 192.168.10.2
I have some PC IP range: 192.168.10.10->20
I set rules NAT on firewall and PC & web server can connect internet good, but I have problems:
When PC access to web server with IP 192.168.10.2 that ok, but PC can't access to web server when using IP Public. But outside internet, I can access to web server using IP Public.
Rules on IPTables
Code:
# Generated by iptables-save v1.3.5 on Sun Mar 7 21:01:16 2010
*nat
:PREROUTING ACCEPT [950:126970]
:POSTROUTING ACCEPT [89:5880]
:OUTPUT ACCEPT [19:1342]
-A PREROUTING -d 209.99.242.124 -i eth0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.10.2:80
-A POSTROUTING -s 192.168.10.0/24 -o eth0 -j SNAT --to-source 209.99.242.124
*filter
:INPUT DROP [1599:157409]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [232:34452]
-A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i eth1 -o eth0 -j ACCEPT
-A FORWARD -i eth0 -o eth1 -d 192.168.10.2 -p tcp --dport 80 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth1 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -o eth1 -j ACCEPT
COMMIT
I am currently running a 64-bit Fedora 14 server which hosts a game server, a voice server, and remote desktop functionality, each on a distinct TCP port. I am currently using the built-in firewall to deny all traffic other than ICMP ping/pong and TCP traffic on those specific ports.I am looking for a graphical application which will let me monitor any connections being made to my server in order to keep an eye out for possible security concerns. To be more specific, I'd like to be able to see the source IP addresses, TCP/UDP ports, and individual bandwidth in use by external connections being made to the server, along with any other information that might be helpful in identifying a possible intrusion attempt.
View 3 Replies View Related
