Does anyone know the ubuntu update servers IP addresses. I am trying to fine tune my firewall rules and was unsure of what ip addresses to use for the update servers. I believe they are us.archive.ubuntu.com and security.ubuntu.com. However, I could be wrong.
View 3 Replies
I was running 10.04 LTS and had decided to stick to the LTS versions as I'm now running my machine as a server and don't want to be updating regularly.Every time I logged in via SSH I got a message telling me there where packages to update including a security update. So I did a search to find out how to perform an update on Ubuntu server from the command line.What I found was to do this:sudo apt-get updatesudo apt-get dist-upgradeAfter doing that I rebooted but now my machine gives me this message:
init: ureadahead-other main process (794) terminated with status 4Your disk drives are being checked for errors, this may take some timePress C to cancel all checks currently inprogressI'm not pressing C yet and leaving it alone to finish, but I noticed when the machine booted that one of the options for booting talked about Ubuntu 10.10, so I'm worried that I've updated from 10.04 LTS to 10.10 by accident?
possible to use a gpg key registered on a different email account than the account I have linked to evolution. As is now, I have entered the key id into evolution, but it does not decrypt my mails. It does not even ask for a password.simply opens the message and displays a page of code.
View 2 Replies View Relatedhow do i modify the ubuntu firewall to let in certain ip addresses but lock others out.
View 6 Replies View Relatedwhether iptables logs can be set to automatically resolve IP addresses? I am running the firewall on a network with DDNS/DHCP, and this ability would really help quickly identify hosts with suspect traffic.Failing this, I guess the simplest solution will be to simply set static addresses!
View 1 Replies View RelatedIs there a firewall I can install that will only let certain MAC addresses through on a certain port?
View 2 Replies View Relatedso the firewall rules I am currently using are displayed below.
Code:
# DROP ALL FORWARDED PACKETS
iptables -P FORWARD DROP # DROP ALL PACKETS
# ALLOW DHCP THROUGH THE FIREWALL
[code]....
I have a (headless) Debian (Linux debian 2.6.26-2-486) system running on an old Pentium machine in our home network. I use it as a Samba share, among other things. I recently noticed some Samba log files that I cannot explain the origin of. In /var/log/samba there are a couple of files like this one:/var/log/samba/log.istvan (Note: there is no machine named 'istvan' in my local network)
Code:
[2011/01/04 21:15:34, 1] smbd/service.c:make_connection_snum(1198)
istvan (::ffff:78.92.155.185) connect to service boeken initially as user nobody
[code]...
I want to capture all packets from site "www.examplesite.com" so I checked its ip address in an ip address look up and it was 123.456.abc.def.So I set my filter to "dst host 23.456.abc.def"However I then realised that multiple ip address point to ww.examplesite.com, for example say the following ips also go to987.654.321.000111.222.333.444So is there a filter that will automatically capture all traffic going to www.examplesite.com or do I have to go and manually find all it's ip addresses and pass them all to the filter?
View 2 Replies View RelatedI am having an issue on my server where I can't access certain ip's erratically. These addresses could previously connect to us.I think it may be related to getting rootkitted. I know the risks in not reinstalling but we are not able to install yet at this point. I cleaned out shv4 and shv5 from the os and setup tripwire. The client can't ping the server and likewise back.From my personal computer they both respond to pings.The server is running denyhosts but that is about it in-terms of security.I can't find anyhting anywhere... No ipchains present, nothing in host.deny, subnet is 255.255.255.0.I'm really at a loss so I'm looking for some direction
I know someone is going to tell me that I have to assume all my files are compromised and i should reinstall; I did md5 checks on alot of files and there is no data on here that shouldnt get out and I check for stuff running that shouldn't be daily.The server is 10.04 server. Latest updates.Here is a list of installed packages
Code:
adduserinstall
anacroninstall
[code]...
I'm running a dual boot system at work. I'm connected to a few shared drives in XP, and would also like to connect to them while using Ubuntu.How do I determine the addresses of the servers I'm connected (mapped) to in XP?
View 2 Replies View RelatedI'm using Ubuntu 10.4 box with Apache2 web server. I have a site with several Domain Names. How do I set up tracking?
View 1 Replies View RelatedI want to display the associated host name with each address.
I've found the /var/lib/dhcp3/dhcpd.leases file, but it appears to have an entry for every time a lease was issued so it's hard to tell which ones are currently active.
I am looking for a command which, when typed from the command line, returns the ip-addresses of the DNS nameservers that my ISP is using.I think is should be technically possible to write a program that does this, because linux installers set up /etc/resolv.conf correctly (as does knoppix). But I've been unable to find a command that does it. Is there one, and if so, what is it called?
View 14 Replies View RelatedI have tried several places for help but I am getting no where...Here is my background.I have spent all weekend to replicate my development server back at home. I have an Apache remote server with 3 IP based virtual hosts pointing to
[URL]
Now I have been able to set up a VM on my desktop, installed the OS, the applications, the db server, apache etc. Everything is looking good so far. So right now I have,
[URL]
So when I go to 192.168.0.111, I go to [URL] so I guess apache is working aswell.What I want to do is, instead of going to [URL] I want to change it to another address such as a.me.add1How can I do this? I am looking through the virtual hosts section, I have changed server name entry etc but its not working.Can you tell me in big picture what I would need to do to set that up? My current set up doesnt really help me much once the site get the www address.tell me if Document Root of IP address 192.168.0.111 points to [URL] will it always resolve into that webaddress. That is if I enter 192.168.0.111 the browser will redirect it to [URL].
I'm trying to limit access to port 8443 on our server to 2 specific IP addresses. For some reason, access is still being allowed even though I drop all packets that aren't from the named IP addresses. The default policy is ACCEPT on the INPUT chain and this is how we want to keep it for various reasons I wont get into here. Here's the output from iptables -vnL
[Code]...
Note the actual IP we are using is masked here with 123.123.123.123. Until I can get everything working properly, we're only allowing access from 1 IP instead of 2. We can add the other one once it all works right. I haven't worked with iptables very much. So I'm quite confused about why packets matching the DROP criteria are still being allowed.
My Firestarter logs show periodic outgoing connection attempts to IP addresses in countries such as Malaysia, China, Russian Federation etc... Fortunately, Firestarter appears to be blocking them. I suspect these are not good and want to find out exactly what process is initiating these outgoing connections.
View 6 Replies View RelatedThis is the current setup that we have: We have approx 20 clients who pay us to send out a type of e-mail called an E-Blast to their customers. We currently are using 5 Microsoft Windows Virtual Servers to do this. The problem is that those machines are starting to break down. There are times that it will take Microsoft Windows approx 9-10 hours to complete 1 job. This is way too long. We want to move away from Microsoft Windows for this particular type of job as it seems there are more customers who are wanting to use this type of advertising.
It seems that using a Linux Server "Command Line or Shell" environment would be the best way to go as there is no GUI like Windows. Since there is just text...that is something that would/should process very, very quickly.
I am in the process of setting up a new SMTP outbound mail server. This is the current software & configuration (what is installed on this new machine):
All of the customer data (Names, E-Mail Addresses, etc that these e-mails are going to) are currently loaded in a Microsoft SQL Database.
My machine that I am using is plugged into the DMZ. I have 1 ip address for the 1 network card. I have also added/bound 4 more ip addresses to that network card.
I have configured Postfix for Multiple IP Addresses.
I can, from the command line, send successful test e-mails and receive them in my personal account.
As far as I know everything is setup correctly. I can and will post requested information so that it can be verified that everything is setup correctly.
Here are a couple of my questions:
Ensure that I have my Network / Interfaces file and my Postfix's Master.cf/Main.cf files setup correctly?
How can I setup this server to be an Outbound SMTP server and get it to use all 5 of the IP Addresses to send these e-mails quickly?
What can I use to check and ensure that this server is in fact sending out emails on all 5 IP
Addresses (I heard that there is a program named "Postal" that may help in determing this).
I'm in the process of setting up a script in perl to make 1,000's of curl calls to my companies application on our test server. Our software does all sorts of tracking of data based on IP addresses using geoIP, so i was wondering if anyone knew of a way to fake these addresses to the server?I know a big issue with the IP faking is the return path but i dont really need this. I also cant do it on the hardware level since the script is going to be picking lots of different IP's at random.Anyone have any idea if this is possible and if so, are there any known libraries i can use for this? I prefer perl but any Linux compatiblie scripting language is fine.
View 1 Replies View RelatedI have a CentOS5 server with dual ethernet adapters + Webmin installed as my Router / Firewall / DHCP server working successfully with 1 static IP from my ISP. I also have 7 additional static IP addresses from my ISP needing to configure to individual servers inside my network. I have configured the additional virtual interfaces, but am lost on how to route data specifically from additional ISP address to specific internal network address.
Below is my desired configuration.
98.173.159.xx1 = eth0 physical interface ==> eth1 192.168.1.1
98.173.159.xx2 = eth0:1 virtual interface ==> 192.168.1.10 ==> CentOS Server 2
98.173.159.xx3 = eth0:2 virtual interface ==> 192.168.1.20 ==> CentOS Server 3
98.173.159.xx4 = eth0:3 virtual interface ==> 192.168.1.30 ==> CentOS Server 4
98.173.159.xx5 = eth0:4 virtual interface ==> 192.168.1.40 ==> Mac OS X Server 1
98.173.159.xx6 = eth0:5 virtual interface ==> 192.168.1.50 ==> Mac OS X Server 1
98.173.159.xx7 = eth0:6 virtual interface ==> 192.168.1.60 ==> Network Attached Storage Server 1
98.173.159.xx8 = eth0:7 virtual interface ==> 192.168.1.70 ==> Windows 2008 Server 1
i updated both browsers i have and lost my secure log-in pages (no padlocks showing ) concerning different Web mail accounts.Just before i did these updates i checked an unrelated thing on-line regarding my sound card of which i kept a copy of and got this message below :
!!ALSA/HDA dmesg
!!------------------
[ 12.762633] cfg80211: Calling CRDA for country: AM
[code]....
I am from India, and I tried to update my Ubuntu system today. Code: $sudo apt-get update The update failed because the connection to the India mirror timed out: Code: [URL] Could not connect to in.archive.ubuntu.com:80 (111.91.91.37). - connect (110: Connection timed out) I tried the update a few times, with the same result every time.
I had firestarter running at this time, and noticed that I would get new security events every time I tried an update. I checked the events list, and it turned out that the machine at the ip address 111.91.91.37 (the in.archive.ubuntu.com machine, to go by the above error message) had been trying to make connections to seemingly random ports on the machine every time I tried the update: see the attached screenshot. I then changed my repositories to the Main Server using Synaptic, and tried the update again (from the command-line). This time it worked without a hitch, and firestarter did not report any unwanted incoming connection. why is the India mirror trying to open connections that the Main server apparently does not need in order for me to do the update? Should I (we) be concerned?
Libnss3-1d
xulrunner-1.9.1
xulrunner-1.9.1-gnome support
After click on install updates and entering password, a message says "Some of the packages could not be retrieved from the server(s). Do you want to continue, ignoring these packages? Yes/No.
If I answer No, this message appears:
W: Failed to fetch http://security.ubuntu.com/ubuntu/po....10.1_i386.deb
404 Not Found [IP: 91.189.88.31 80]
If Yes, it tries to download but immediately:
W: Failed to fetch http://security.ubuntu.com/ubuntu/po....10.1_i386.deb
404 Not Found [IP: 91.189.88.31 80]
It has always installed the updates with no problems, until these 3 updates remain in pending installation status.
Just got a sudo update from the update manager-does anyone know what this specific update does?
View 4 Replies View RelatedI am planning on installing an Apache server today. I know how to get it to point to addresses like "localhost" or my outside ip, but how do I get it to point to a URL like [URL]? (That's just an example URL)
View 4 Replies View RelatedJust got a message about critical security holes for phpmyadmin (see e.g. [URL]) and wondering, when I'd get an update for my ubuntu server Lucid Lynx 10.04.3?
Currently installed version is 4:3.3.2-1, published on 2010-04-16.
How can I make the security applet stop showing an update for firefox 3.5.9? I have a more recent version installed from mozilla repo: firefox 3.6. The mozilla repo already has a higher priority (95 instead of 99), so I don't know what to do.
View 5 Replies View RelatedI have Ubuntu Karmic 64-bit installed. Update manager tells me there are updates available, but when i try to install them, downloading the updates fail and throws this error:
Code:
Failed to fetch http://security.ubuntu.com/ubuntu/pool/main/e/eglibc/libc6-i386_2.10.1-0ubuntu16_amd64.deb
Consequently, a similar error occurs when I try installing Sun Java 6 Runtime.
Code:
Failed to fetch http://archive.ubuntu.com/ubuntu/pool/multiverse/s/sun-java6/sun-java6-jre_6-15-1_all.deb Connection failed [IP: 91.189.88.31 80]
Ubuntu Restricted Extras stalls when it's time to download the Java package I tried synaptic, update manager, aptitude, apt-get, and they all throw similar errors. Then I also tried connecting to different servers, to no avail. So to check if it's my connection to the net that has problems somehow, I tried downloading the file directly through my web browser, and it works. (But it's not recommended, and it won't let me!, install the updates manually, right?) I tried searching for the errors on the net and in the forums, and they're all somehow related to proxy servers. I then checked if I'm using some inappropriate proxy settings, and everywhere it's all set up to connect to the net directly, which is, well, my setup.
Take note though, that I am able to install other softwares normally, i.e, using synaptic, apt-get etc. The ones I tried include Pidgin and Mplayer. It's just these updates and Java:
Code:
jeanne@jeanne-desktop:~$ sudo sudo aptitude upgrade
W: The "upgrade" command is deprecated; use "safe-upgrade" instead.
Reading package lists... Done
[code].....
I've install F10 to use it as server and router and found a strange problem on my XP machine which is behind the F10. I've tried to update my Lineage2 client from official server but the update crash, tried to open the web page it didn't open. Also tried to open microsoft web it didn't open. When i try to open the same pages on PC with F10 they open with no problem.
[Code]...
I was reading that Arch does not provide security updates, but just provides security by keeping with up-to-date software...So what is in a security update and what does it patch? The kernel?
View 10 Replies View Related
