Ubuntu Security :: Router - Port Forwarding And Network Security
Nov 11, 2010
As it stands I have a small home network operating behind my modem/router. Some of the ports on this are forwarded to my PS3 for gaming but I was looking at forward some for my file server.
At the moment I've forwarded port xxx22 to port 22 on my server for SSH for instance. ANd similarly 21 for FTP (although it doesnt seem to want to connect for any more than a few seconds using that). What I was thinking of doing was placing a small website for a handful of ppl to use on the server too and port forward again - xxx80 to 80. It works just fine but I'm a little concerned on the security front.
As I've moved the port to something different from the outside world I'm presuming I will have already cut the potential for malicious folks to wander in but is there anything else I should be doing? At the moment there's no firewall operating on the server, usually as its hidden behind the modem/router. But if I open this thign up more permanently what should I be doing? I've read a few articles on it but I'm always left with the overwhelming thought of "Thats if theres no firewall in my router" as they just seem to do the same.
View 5 Replies
ADVERTISEMENT
Nov 1, 2010
sudo ssh -L 750:192.168.123.103:873 username@192.168.123.103It does exactly what it's supposed to do, but how do i edit / remove this rule?Is there some config file where i can alter the forwarding? How does it get stored?Im using Ubuntu 10.10Server Edition (allthough i recon it would be pretty much the same across all versions
View 5 Replies
View Related
Apr 27, 2011
I'll explain this in one sentence: Is it possible to program a port-binding shellcode in which people across the Internet can connect to, without being thwarted by the router blocking their data because the port its bound to doesn't allow port-forwarding
View 2 Replies
View Related
Apr 26, 2010
I'm running suse 11.1 which is configured as a router. Configured are two DSL connections with static IP's and one LAN connection (3 NIC's all together).
Problem: suse firewall will only port forward connections from one of the DSL connections and not the other.
Because I'm running two DSL connections is there something special I have to turn on/enable on the firewall?
View 1 Replies
View Related
Feb 4, 2010
Up to now I've been playing with Ubuntu whilst storing important data elsewhere for about 2 years. Now I'm ready to move to Ubuntu completely but want to address my security.I'm currently using a desktop and server behind a hardware firewall / Internet router. The router has DynDNS and forwards port 80 to the webserver and a port I picked at random to the desktop 22 for SSH with private keys. SSH passwords are disabled.
The first question is, is there a danger of running different security levels on the two machines? I don't care about the server, there is no data on it so I currently forward port 80 and am considering forwarding ports 631 (CUPS) and a port for LDAP. Will this effect my desktop (which has info I don't want to loose).The next question is whether port forwarding / hardware firewall is actually a safeguard against attack.
View 3 Replies
View Related
May 13, 2010
I'm trying to SSH into my home computer from a remote location outside of my house's LAN and can't figure out remote port fowarding.
The guide here says to use the following:
Code:
I've tried connecting to my home computer through many combinations of the syntax listed above, read the man file, and looked online for help. But can't find out the proper syntax or a good guide that isn't written for Windows users using Putty.
Let's assume for the sake of simplicity that the public IP address of my home SSH server is 123.123.123.123, the private IP address of my home SSH server is 192.168.1.100, my home SSH port is 2222, and the SSH port at my current location is is 22. How would I write out the command?
Every time I try to connect I get a "connection times out" error.
View 9 Replies
View Related
Mar 1, 2011
This morning I was looking at the router's log file and noticed a certain IP address was able to gain LAN access on port 2222. That just happens to be the port my SSH server is listening on! A whois search revealed that IP address is in Germany. As soon as I found this out I stopped forwarding all ports to this machine in my router.
how to tell what had happened, what information this person was able to obtain, and if he left any goodies behind that could hurt me? I've read through some of the logs on my computer and haven't been able to find much at all. I did have some personal information on the hard drives, but that information is encrypted. I'm thinking if they were able to get my SSH password then that information probably isn't safe either (assuming they have some of it).
View 7 Replies
View Related
Sep 5, 2010
I've got two virtual machines running, the first VM (VM1) has two network interfaces, one bridged with my real lan, one a private subnet. The second VM (VM2) has one nic, only on the private subnet.
I have VM1 acting as a router for VM2, giving access to my real lan for internet access. The problem I'm having is I cannot get VM1 to forward ports 80 (http) or 222 (ssh) to VM2 from my real lan.
Here is the script I've cobbled together from various (foreshadowing!) locations:
Code:
View 1 Replies
View Related
Dec 7, 2009
If I forward port 5764 to port 80 to my VOIP device, I can nmap and get a proper connection. If I forward port 5764 to port 22 to my server, it comes up filtered. It even happens if I try forwarding port 80 to my server. So I'm sure it has something to do with my server, but I'm not sure.Here's my Linksys iptables:
Code:
:wanin - [0:0]
-A FORWARD -i vlan1 -j wanin
[code]....
View 2 Replies
View Related
Jul 22, 2010
I'm having a mare with SSL with Apache. I have set it up and if I go to the follwoing address http://192.168.1.2 it seems to work and the pages are delivered to my browser. However if I try to access it from an exernal PC it will not work.
I can get to the non-ssl part of the site so the static ip is resolved and the port forwarding all works.
Does any one have any ideas (and in fact i think I may have just solved it - Ports - 80 mis open but I haven't done anything with 443. Will check it out and post back.
View 1 Replies
View Related
Dec 19, 2010
I've recently been taking a look at my router settings and I've realized i have my vnc port open for some reason. I don't know how or why it got opened because I've only used vnc within my private lan. Anyway, the problem is I couldn't figure out how to close that port on my router, so I just uninstalled all the vnc software from my computer so it wouldn't act like a vnc server for anybody trying to access it from the outside. So, effectively, I cannot vnc into my computer from outside my private lan, but when i port scan my public ip, the vnc port still appears open.
I'm wondering if there's something i'm missing. I'm sure it must be something in the router that I haven't figured out... something that's keeping port 5900 open.
View 6 Replies
View Related
Nov 17, 2010
I did a port scan on my server from outside my network and saw that port 10080 AMANDA is open.Amanda isn't installed on any of my computers or my server and the port is not forwarded by my modem or router. So why is this port open and how can I close it?
View 6 Replies
View Related
Aug 22, 2010
I have logged into my router and set up port-forwarding on port 22. I can log into the machine fine from a machine on the local network using the machines internal IP but when I try to log on from a remote machine using my router's external IP or my DyDNS host-name I get a message saying "connection refused" or "connection timed out." I have configured port-forwarding on the router and the firewall rules says that port 22 is open but when I nmap my routers external ip it says that only port 23 and 80 are open. I am very new to linux and networking.
View 8 Replies
View Related
Mar 4, 2009
I have the wake on lan option enabled on my debian computer. If i wake it by sending:
-mac adres
-internal ip in my home network
-subnetmask
-port 7
It all works fine, but when i try to do it from outside my network and change the ip address to the router adress it wont go on. I have also opened the port 7 in my router.
View 6 Replies
View Related
Aug 29, 2010
I'm trying to get my SSH server I set up on my home box working from behind a router. A 2wire 2700HG-B gateway, in fact. Now, I know my server is working fine, because I can get into it via loopback, anywhere inside the LAN from another machine, OR if I go into the router's config and enable DMZ for the machine. However, I don't like having DMZ on all the time because of the kludge-ness of it, and the security issue of the complete absence of a hardware firewall.If I try to port forward and access it from outside the LAN using the external IP (or my DynDNS, because it's dynamic), it just times out. I have a nonstandard port (45) for the listen port of the server, to keep away hack attempts if I were using the standard 22. I used this to see if the port was open, and it said it was. But, I tried the trick of telnetting the IP with that port, and it also timed out, instead of printing stuff about OpenSSH.
Attached is a screenie of my router's firewall page, so you all can look at it and see if I'm an idiot and doing it wrong. You might notice uTorrent there, it's because this machine is a dual-boot with 7, and the router doesn't differentiate the OS's. Also the SSH @ 46 port is for the Windows side, with freeSSHd. I changed the port on that one so the client I have can distinguish them, so it can run a reachability test.
View 9 Replies
View Related
Dec 26, 2010
I have a laptop connected to the the net thru an adsl modem, when I switch off the laptop network interface,(thru system-config-network) the light of the laptop network card plugged in the router stays on ( green) where as in my pc, when i do the same thing , the light of my pc network card goes off in the modem
View 5 Replies
View Related
Feb 22, 2011
Say I have Computer A behind a router with NAT. I'm unable to add any port forwarding rules to that router. Then I have Computer B with a public IP address that I want to forward X windows from. This computer is headless, but does have a video card so X windows can be used. Here are some of the things I'd perform to setup my scenario.
1. Computer B, I'd run xhost + public_ip of NAT router.
2. Make sure that computer B's sshd service has X11 forwarding enabled.
3. SSH from Computer A to Computer B with the X windows forward option.
4. Once in Computer B, set the DISPLAY env variable to the public_ip of NAT router.
5. On Computer B run xclock.
At this point I'd expect to see an instance of xclock originating from Computer B onto my desktop. However this obviously won't work. The problem is that when the request is made to Computer B to forward the instance of xclock to Computer A the forwarded instance of xclock will get stuck at the NAT router. Without a port forwarding rule the NAT router will not know which internal IP to route the instance of xclock.
Here's my question. Is there any way for Computer A to initiate a connection to Computer B and then forward the instance of xclock? That way if it uses that same connection the NAT router will know which internal IP to route it to because it would be an active connection in the router's routing table. Or is there an alternative? Of course I can vnc into another computer outside the NAT network and then forward an X window to it just fine. But in the spirit of expanding my knowledge on X windows I'd like to see what is possible.
View 5 Replies
View Related
Jul 30, 2011
1. Need to connect 2 CCTV DVRs and view from remote. 2. Can get a static IP address. But I dont know if this is a secure way since any once can view if the know the ip address. 3. Question is : is it possible to connect the DVR( s) to a linux server which will get user name and password before letting us view the DVR. Currently there is one set as follows: 1. From location X a device is connected to location Y using leased line and static IP (12 kms distance). In location Y a router is placed and port forwarding is configured. From Location Z using internet and remote desktop concept the device at location X is viewed and data captured. Is it possible to use a similar concept but with some sort of security authentication procedure in place.
View 1 Replies
View Related
Sep 2, 2010
what I have: Belkin G Wireless Router Model F5D7234-4. To attempt to get Subsonic working, I changed the port forwarding settings (Belkin calls it Virtual Servers) to forward port 4040 to my desktop computer. I then saved changes, and my wireless disconnected. I waited about 3 minutes, and nothing was happening, so I restarted my router. This left me in the position that I am in now. Even when the router and modem are fully booted, the router does not broadcast my SSID. In addition, a wired connection will not connect to the network through the router. This leaves me completely unable to use wireless, and unable to change any settings in the router.
View 3 Replies
View Related
May 18, 2010
I've managed to confirm that I can reach my home network via ssh from a remote location through my SMC Barricade when it is directly connected to the desktop machine but when the second router is put back into the chain ssh requests time out. The second router is a Linksys WRT 54GL running the Tomato firmware. The chain looks like this: ISP's router (bridged) --> Barricade -->WRT54GL-->desktop
The Barricade has port 22 forwarded to the Linksys' WAN address and it in turn forwards to the desktop address. It appears that it is a setting on the Linksys firmware that is preventing the remote connection. I've looked through the various settings many times but cannot see anything that would cause the problem.
View 4 Replies
View Related
Mar 30, 2011
I'm relatively new to Ubuntu and these forums. I ran rkhunter, and saw this warning in the check for backdoor ports: [14:45:09] Warning: Network TCP port 32982 is being used by /usr/bin/python2.6. Possible rootkit: Solaris Wanuk Use the 'lsof -i' or 'netstat -an' command to check this. I also saw these warnings toward the bottom:
[Code]....
I was wondering first of all about the first warning, the port. I have a feeling that the second set of warnings are false positives, but I would be open to thoughts on that as well.
View 9 Replies
View Related
Oct 5, 2010
I've read that using your computer behind a router is a must for security because of the NAT+SPI firewall so naturally I became interested in getting one. The thing is, I don't need the other features routers have because I don't do wireless, & I only use one computer. So do I really need one? Do the security benefit(s) gained from using a router warrant spending $50+?? Wouldn't using UFW with default deny rule offer the same level of protection?
Also I want to use my Playstation3 online. What security risks will I be taking if I connect it straight to my modem, instead of through a router?
View 9 Replies
View Related
Jul 5, 2010
how efficient and effective are these snort, argus, ossec etc etc for an organization having 3500 PC Network, connected through 700+ Cisco Devices (Layer 2 and Layer 3), and scattered on 130 different sites (geographically)? what should be the combination of products and what should be the architecture for an efficient forensics activity?
View 2 Replies
View Related
Dec 12, 2009
I have just set up shorewall on my router running Arch Linux. The external network is on eth0 and the internal network on eth1.I have set it up for masquerading and that works fine and I can open ports to the firewall. But I'm having trouble with port forwarding to my internal machines.The problem I have is that when port 22350 is forwarded to 192.168.1.3 on my local network, checking the port with nmap from a remote computer gives me:
Code:
PORT STATE SERVICE
22350/tcp closed unknown
[code]....
View 2 Replies
View Related
Oct 15, 2010
To avoid having to input a password for the keyring each time I connect to the net via wireless, I enabled the 'Available to all users' option in Network Manager. Now, my question is this. Are the 'users' it refers to just those created on this machine? Would a drive-by be able to use my network without entering the password?
View 3 Replies
View Related
Jun 7, 2011
The default Firewall ufw is not enabled by default at the time of installation and it has to be enabled by the user.Isn't this a security risk or is the user whether ufw is enabled or not secured from external threats?I am not much knowledgeable about network security But I am trying to understand the Ubuntu mentality behind this default setting.
View 4 Replies
View Related
Feb 26, 2010
I have a question about port forwarding. I have an internal Red Hat server and I would like to use it as a central connection point to some back end servers. This is not an internet router setup. I was thinking I could use iptables and do port forwarding similar to an internet router but internal to internal.
Basically I would like to take any connections to port 22 on server1 interface eth0 and forward them out of interface eth1 to server2 port 22.I am finding a lot of information on port forwarding, but it is all based on using an internet router that is passing through to an internal server. I need to know how to configure a basic linux setup with no existing iptables entries so that I can do this within an existing network.Also, if there is a better or easier approach I would appreciate any direction. I don't want to do this through an SSH tunnel.I know to start I need the following to enable forwarding in the kernel and a firewall PREROUTING rule.
View 5 Replies
View Related
May 15, 2011
I want to create a tunnel from my home computer to a linux server by SSH, then i can use the tunnel as a tcp forwarding proxy(SOCK 5) to access the web via the linux server. But i got "Internet Explorer cannot display the webpage" on my home computer, and when i check the "/var/log/secure" in the linux server(fedora), I found: "sshd[17926]: error: connect to xx.xx.xx.xx port 80 failed: Permission denied"
View 14 Replies
View Related
Jan 15, 2011
I used to have Opensuse 11.0 and Vuze 4.0.2 and both were working great. Recently I upgraded to OpenSuse 11.3 and installed Vuze 4.5.10. I did not change any configuration in the ADSL router but now I could not get the smiley icon to go green. I followed all the steps given here: A Quick Bittorrent Guide (with screenshots). It doesn't work. so I modified FW_ROUTE and FW_MASQUERADE to yes in /etc/sysconfig/SuSefirewall2. That also does not work. What did I miss here? My ADSL router is DSL-2640T.
View 3 Replies
View Related
May 17, 2011
I have two SUSE(2.6) virtual machines running in the same subnet with two network cards each as shown below.
VM1------------------------------------------------------------------------------
appstage1:~ # ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:22:5A:24
inet addr:192.168.128.12 Bcast:192.168.128.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe22:5a24/64 Scope:Link
[Code]....
Ultimately my DB will run in VM2 and any DB requests coming in at 2055 of VM1 should be forwarded to port 2055 of VM2. Since I do not yet have a DB running I am trying to test with netcat.
View 5 Replies
View Related
