now still don't know how to use that properly.now after a quick sudo tcpdump -n -i eth0 > tcpdump.txtits obvious to me at least that anything 85.9.102.* is not to be trusted.see attached.how do i ban everything and anything from that block, pref without upsetting firehol. whats opinions of ipcop, btw.
View 3 Repliesam trying to use firehol. As i feel a bit thick when it comes to firewalls on linux. nmap told me i had ports 4443 and 6006 open. also i need 137 and 138 open for samba.i added the what i thought was the open and close commands in the firehol.conf. but to no avail. and it only starts when i log on not when the box starts. nmap report
Code:
johnh10000@tux:~$ nmap -v -A tux.isa-geek.org
Starting Nmap 4.76 ( http://nmap.org ) at 2010-02-04 13:25 GMT
Initiating Ping Scan at 13:25
Scanning 192.168.1.3 [1 port]
[code].....
in my firehol.conf there is: client "http https ftp pop3 pop3s smtp cups dhcp dns lpd mysql ntp rdp smtps samba ssh submission telnet p2p" accept When I put: client all accept Transmission is working as it should. I still want to block unknown clients.How can I unblock it?
View 2 Replies View RelatedI'm trying to open ports in Firehol for PS3 Media Server. So far I've tried all options from this Firehol "adding services" page and none of 'em is working for me. Here are the IPs:PC : 192.168.1.139PS3 : 192.168.1.138TV: 192.168.1.131PS3 Media Server Port: 35355If a port can be opened for specific IPs then I would like to open one for only 2 IPs.Firehol configuration:
version 5
# Accept all client traffic on any interface
interface any internet
[code].....
Peering into gconf-editor, I noticed that under desktop>gnome>background the picture_filename is the original warty that comes pre-installed on karmic. However, I am not using that BG, instead one that i told the Appearance Preference manager to find and use. Does this app use a symbolic link to refer to the image, or is it elsewhere? Lookin in /usr/share/backgrounds my image does not exist. So what is drawing the BG? Is it nautilus or compiz?
View 2 Replies View RelatedI upgraded to Ubuntu 10.4 and for various reasons I found myself selecting a KDE session without KDE being installed. This has locked me into a situation where I can't boot up/log in properly. I can get to a command line and start the x environment as root. How can I re-set any user's preferences to default (via the CL)? Ie, I'd like to re-set a user (myself) so that I can again choose the log in to a gnome session.
View 2 Replies View RelatedI just installed Fedora 12 on my computer, and i have a problem. Compiz isn't running properly. It's not responding to changes that i make in the CompizConfig Settings Manager
The cube runs and the wobbly windows work fine.Am i doing something wrong? I installed Compiz and Emerald. And enabled it from the Desktop Effects menu, but when i change some settings it doesn't respond. My graphics card is Intel, don't know what model
I'm running Maverick, trying to change my input method from IBus to Anthy (Japanese) but whenever I click on System > Preferences > Keyboard Input Methods, it won't load the preferences window. It'll say "Starting..." on the taskbar but then disappear. The usual keyboard shortcut does nothing
View 4 Replies View RelatedI'm trying to block an incoming URL. My ISP is hijacking 404 pages and annoyingly changing the URL line in the browser and flashing all sorts of popup ads. I just need it for incoming URLs which my router doesn't seem to handle. I'd prefer something packaged with Ubuntu 8.04, but anything simple will do. I know in KDE I could edit the kdeglobals file with:
[KDE URL Restrictions]
rule_1=open,,,,[URL],,false
rule_count=1
I did one of the recommended port scans and all ports passed but failed on pinging. How do you turn pinging on & off with GFUW?
View 9 Replies View RelatedMy question is how to block a subdomain of a site. To make it as clear as possible, I'll give an example. I am regularly entering this arbitrary site [URL] which redirects me to this page [URL] and this index.html takes an image from a subdomain which is a subfolder of itself, that is: [URL]. What I am asking is blocking the images to be taken, but not the main page itself, i.e. to block www.somesite.abc/images/ without blocking the overall www.somesite.abc.
My idea was to use the /etc/hosts file by redirecting to loopback address:
Code:
127.0.0.1 www.somesite.abc/images
But it looks as if it doesn't affect things at all. Should I use it another way? Modifying /etc/hosts.deny maybe useful?
I have noticed interesting problem. I use two browsers - Firefox and Konqueror. Konqueror is configured to use tor, Firefox not. Using Gufw I block all incoming and outgoing traffic and it works while using Firefox, I mean that I can't view any www site and it is ok. But if I use Konqueror I can establish any conection. How to understand this? Should I have different firewall while using tor?
View 5 Replies View RelatedI want block https sites if suppose block the http it will opening in https.
View 9 Replies View RelatedFor example, can I write something to the effect: block all outbound UDP connections over port 53 except those going to IP 123.456.789. Or stated another way: Block outbound to port 53/udp NOT going to ip address 123.454.678Is it possible to do this? How would I write the argument?
View 3 Replies View Relatedon my linux server i have many websites but with difrent ips address, is some way to i can block all the ips with many connection (100+) just from my website not from all websites
View 5 Replies View RelatedIs this how I would do that?
iptables -A INPUT -p tcp --destination-port 21 -d ! 168.192.1.2 -j DROP
This should block all incoming connections on port 21 from 192.168.1.2, correct? Thus preventing that IP from logging into my FTP.
how to block all ports except pop,pop3,smtp in nat using iptables in squid on redhat A3
View 2 Replies View RelatedI'm trying to implement this method to block php injection attack using fail2ban: here it is, however I'm not sure it applies to Ubuntu. You see, there's this filter that must be added to the fail2ban jail file:
HTML Code:
[php-url-fopen]
enabled = true
port = http,https
filter = php-url-fopen
[Code]....
Is it possible somehow to block some bluetooth device with specif address (mac) ?
(like iptables block by mac)?
today is my second week using ubuntu , my question is how can i insert malware block list on ubuntu? as my regular win user i always put the list in dirrectory x: winblows system32 drivers etc hosts[URL]
View 9 Replies View RelatedBlock Users from USB Drive/Devices and CD-Rom I am using Ubuntu 9.10- the Karmic Koala(64 bit) in my company. I would like to block the users(except Super user) from using USB Drive/Devices and CD-Rom for security resons and to prevent my employees from copying data.
In Users Settings, I tried unchecking some items in User Privileges tab but it didn't work.
I am running a ubuntu server 10.10 with SSH, and OpenVPN. I use it mainly for the VPN, but I have seen log in attempts such as:
Mar 22 14:52:53 UbuntuSvr sshd[2397]: Invalid user support from 85.217.190.69
Mar 22 14:52:55 UbuntuSvr sshd[2399]: Invalid user student from 85.217.190.69
Mar 22 14:52:57 UbuntuSvr sshd[2401]: Invalid user transfer from 85.217.190.69
Mar 22 14:52:59 UbuntuSvr sshd[2403]: Invalid user user from 85.217.190.69
[Code]...
Is it possible to make it so when some one has tried logging in 5 times with an invalid user/pass that the ip is banned for 10 minutes? I have password auth set to no and am using keys.
I would like to allow incoming and outgoing connections when I'm connected to a wired connection, but drop it otherwise. I noticed that ufw can't block outgoing traffic because of will I give iptables a try. I'm unsure if dropping packages that are outgoing will work, the rule after the block rule will allow all outgoing connections.
This what the rules are intended to do, unsure if that is actually the case. Allow all loopback traffic. Allow ping replys Allow incoming on port 12345 if eth0, deny otherwise. Allow outgoing on port 12346 if eth0, deny otherwise.
Code:
iptables -A FORWARD -j DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -p icmp --icmp-type 0 -s -m state --state ESTABLISHED,RELATED -j ACCEPT
[Code]....
I want to block a list websites from myself using a password that I don't know.I would randomly generate it or something.Everything revolves around sudo, though, so I don't know how.Long to short: how do I blacklist websites using a password other than my sudo password.
View 2 Replies View RelatedI open this thread after an unsuccessful long search over the Web. Essentially what I want is to block the outgoing connection of a program. All I know about this program is its name and so I don't have any information regarding the ports it utilizes or the address it may contact.
View 9 Replies View RelatedWhat is the easiest way to block one specifiek web page?Can I use the file /etc/deny host, or should I use another program to do this?I have already search the web andfound iptables, but that is to difficult for me, and I found squid
View 1 Replies View RelatedWhat i wanted to do was block everything from getting in my pc but still be able to surf the web and still use instant messenger.
View 2 Replies View RelatedIm running Centos 5.4 with a sftp server, and I�d like to allow all 172.16.0.x ip and 192.168.0.x ip and block everything else. Does someone have a good way to do this with IPTables or any other opensource FW?
View 10 Replies View RelatedWhat's the best way in centos to block a user from accessing mysql. I don't want him to be able to run the mysql command, so just putting passwords up in mysql is not good enough. Mysql is running ad user=mysql, and i added the user in a different group by he is able to access mysql by typing in the command.
How can i block this command being availible for this user.
I was wondering how to block attachments to gmail. I am running squid 2.7 stab9 with dansguardian 2.10, users authenticated from LDAP. I have configured the POST restrictions in Dansguardian which does block all attachments to hotmail/yahoo etc etc but attachments to gmail continue to upload.
View 1 Replies View Related