Ubuntu Security :: One Limit The Number Of Open Sockets To Prevent Exploiting?
Dec 6, 2010
I was searching around and I stumbled upon a Linux Kernelix Sockets Local Denial of Service exploit.I downloaded the exploit, compiled it ran it to check if I am vulnerable.As I was expecting, the exploit instantly "killed" my Maverick system and I had to use the power button to reset my computer...Is there any way to limit the numberof allowed open sockets?I don't think that this can be done using /etc/security/limits.conf in a similar way of preventing the fork bombs
View 1 Replies
ADVERTISEMENT
Dec 13, 2010
Dist: Fedora 14
SSHD: OpenSSH 5.5p1
I need to limit the number of ssh connections a user has. All the users are using tunnel only so their shell is set to /sbin/nologin The logins do not open a shell they just create the tunnel so /etc/security/limits.conf has no effect on them at all.
I tried setting 'MaxSessions 1' in sshd_config but either that doesn't not do what I expect it to or it plain does not work as even with a normal user I was able to open an unlimited number of sessions. I need a good secure way to limit each user to 1 ssh session without them having a shell but Im unable to find a solution.
View 13 Replies
View Related
May 19, 2009
I'm looking for a solution for sendmail to limit the number of emails send per miniute per IP. For example all my local computer user with ip 192.x.x.x need to able to send 10 emails/minite (emails, not connections!. The rest of the world can send for example 200 emails/minute to the mailserver. If the amount of emails per minute is exceeded, sendmail needs to block receiving emails from the spesific IP. I want to do this to stop spaming from my local network. Is it possible?
View 1 Replies
View Related
Jan 18, 2010
I have a standard home set-up for my Ubuntu OS, and I would like to know whether its possible to cut out the repetitive prompts to enter the password, as when you connect to the internet or access files on a partition that's not home, or install new software.
View 1 Replies
View Related
Sep 5, 2010
How to number of connections for a single ip on port 80 to CentOS 5.5 with iptables? connlimit did not work on CentOS and nginx does not provide a module for that
View 4 Replies
View Related
Jan 26, 2010
I have to give it up for the Ubuntu developers. It is nearly impossible to exploit a simple stack overflow. I'm studying overflows for a project so I need it to work. I set /proc/sys/kernel/randomize_va_space to 0 and when I compiled my program I used -mpreferred-stack-boundary=2 and -fno-stack-protector. But for some reason no matter how much input I enter it won't overwrite the EIP. What is stopping this from working that other linux versions don't have? And does anyone know of a way to bypass it?
View 1 Replies
View Related
Jul 12, 2010
if i wanna to compile the unrealircd ircd server with max 150 users what i have to do i remember is on limits.conf the open filesbut i am comfusing the soft and hardmust have the same number !? or different?the second is if i wanna this shell when the user download the pack and he going to make compile to allow him to have only the option to compile in leaf mode and not hubso
View 1 Replies
View Related
May 11, 2010
Is it possible to limit maximum volume in PulseAudio? Currently, PulseAudio sets PCM channel too loud which results in distorted sound. I use aumix to turn volume down, but whenever any other sound is played (IM notification etc), PA plays with knobs, turning master volume down and PCM up. code...
I use OpenSUSE 11.2, pulseaudio 0.9.21, ALSA 1.0.21 and ALC889A sound codec.
View 1 Replies
View Related
May 6, 2010
I have a server with 48 cores, 8 6-way Opteron CPU's. Ubuntu Server 9.04 only sees 32 processors. Is there a limit on the number of cores/processors that the server will use? Windows 2008 on the same server sees all 48 cores and the so does the BIOS, so this is unique to Ubuntu right now.
View 5 Replies
View Related
Aug 31, 2011
I was nosing around in my /home folder and I noticed that the /.thumbnails directory had 38,000+ files in it. That number seem a bit excessive to me. Is there a way to limit the number of files that are allowed to be in that directory, and maybe delete the oldest files automatically when the directory reaches it's limit in order to make room for the new incoming files, so there are no "directory full" type of errors?
View 8 Replies
View Related
May 3, 2011
I ran into a user today that indicated that their company only allows them to log in through a terminal session once (no multiple logins). On second try their login window terminates. They are using putty.Is this being accomplished through PAM or sshd ( or some other method)?
View 1 Replies
View Related
Mar 2, 2011
I have a file with 200 000 lines and I want to append the fields of each line based on matching first field. The resulting file should have 70 000 columns but has "only" 18 000. The command I'm using is working perfectly with a smaller file, wich lead to 14 000 columns. Could there be a limit in number of fields that awk can handle ? Here's my awk command :
Code:
awk -F, 'END { for (k in _) print _[k] } { _[$1] = $1 in _ ? _[$1] FS $4 : $1","$4 } ' file > out
Also, this command writes ^M (windows line break) after each columns. Removing them is easy but where do they come from ? Working on Ubuntu 10.10
View 4 Replies
View Related
Jun 22, 2010
Does anyone know if there is a limit to the number of virtual guests you can have in kvm. RHEL has a limit of 4. RHEL AS is unlimited. What is CentOS?
View 1 Replies
View Related
Feb 1, 2011
I am using ssh server to connect to my Ubuntu desktop. I opened the file sshd_config and change my port number of the server.I want to put a limit on the number of clients in the ssh server.
View 2 Replies
View Related
Sep 14, 2010
The problem started when I noticed I couldn't upload to people using a torrent downloading program, the program listened on port X and when I sniffed on the same port I saw that syn's are forwarded correctly from my nat to that port but the program doesn't relate to those packets. Then I listened with NC, and even on another port nothing is being answered to those syns packets.
View 3 Replies
View Related
Apr 7, 2011
I am trying run audio conversion on my server that I want limited to a certain number of processes based on process name. I am using the following script but it isnt limiting the number of job like I want it to.
Code:
#!/bin/bash
$num_jobs = 13
while [ $(ps -A | grep -v grep | grep -c pacpl) -ge $num_jobs ]
do
sleep 1
[Code]...
View 3 Replies
View Related
Jul 28, 2010
except is there is a way to enhance mod_limitipconn.c to ensure that apart from restricting one connection allowed from a given IP, also set so that an IP can only connect on every set interval ?e.g.restrict the number of connections from a given source IP to say once every 5 minutes or so?if not mod_limitipconn.c, any other mechanism to do the expected result?
View 2 Replies
View Related
May 2, 2009
We've been experiencing sudden host server crashes minutes after starting a fourth virtual machine. Our setup looks like:
Dell Poweredge T300
1 x Intel Xeon X3323 Quad Core 2.5 ghz
16 GB Ram
CentOS 5.3 (64 bit)
Server is running a stripped down version of CentOS 5.3 (64-bit), running only the built-in Xen Virtualization Environment. There is no other services running on the server (not samba, httpd, sendmail, cups... nothing except Xen) We've created several virtual machines, and as long as we don't start a fourth virtual machine everything runs smoothly (impresive hardware).
Each virtual server is configured as:
PARAVIRTUALIZED
1 Virtual CPU
1 GB RAM
However, 5 minutes or so after starting a fourth virtual machine, the entire host server crashes and restarts itself. Are we limited by the number of cores on the host machine CPU (4 cores)? 1 for the host and 3 for virtual machines? We've read in forums about other Xen setups running up to 11 virtual machines on less powerful hardware? (a dual core server). Should we be using FULLY VIRTUALIZED virtual machines instead? Is the number of XEN virtual machines in fact limited by the number of cores? If so, how can someone run several virtual machines on a single core host?
By the way, we were replacing a previous Dell Server (Poweredge 2600 with 512 MB Ram and a single Xeon single core processor running Open Virtuozzo). We were able to run up to 16 virtual machines at the same time. Of course none of the machines endured hard work (testing environments, etc). But hey, my point is that we expected to get a much higher number of virtual machines on this new hardware.
View 8 Replies
View Related
Mar 27, 2010
I'd like to limit ps aux command outputs to current user only(the one, who invoked "ps". I've recently saw this feature on FreeBSD systems and on at least one Linux system running on shell.sf.net. I run Linux 2.6.33, I wanted to know how to make that. Any advice? Googling around wasn't too successful, perhaps I don't know how to query that, recently tried with "limit ps outputs" "ps aux current user", etc... had no luck.
View 2 Replies
View Related
Oct 12, 2009
Is there any way to limit x number of samba users by samba ? Say if there are already 5 samba users using the share, I would like to restrict any futher samba requests.. How do i do that ?
View 1 Replies
View Related
Oct 13, 2010
I have question about the UNIX sockets. my goal is to connect multiple sockets from a single client to a single server and keep them open...I'm not sure if that is possible to create or not. Do you have any suggestion or an example of code?
View 1 Replies
View Related
Mar 24, 2010
This is happening on Ubuntu 9.10 serverI'm trying to increase the number of open files allowed for a user. This is for an nginx webserver where the current limit of 1024 is not enough.According to the posts I've found so far, I should be able to put lines into /etc/security/limits.conf like this;
Code:
* soft nofile 4096
* hard nofile 4096
[code]...
View 2 Replies
View Related
Mar 7, 2011
Running an nginx webserver on Ubuntu 10.04 lts In the process of trying to optimize the mysql, various tuning scripts keep telling me to raise the table cache. But they also say the table cache should stay below 1/3 of the open files limit. I can raise that in mysql, but I guess you're not supposed to raise it above the OS's open files max. So I'd like to raise it (found what appear to be solid instructions here: [URL] But... Post by Kees here says it's not safe to raise it [URL] at least, not safe under certain conditions. But I'm not clear on what the conditions are. is it safe or not? If I knew how to just raise it for mysql, I'd do that. But as you can probably see, I'm pretty new to all this. Don't want to wreck my server. (my current limit is the default 1024... wd like to go to 204
View 5 Replies
View Related
May 20, 2015
Learning about the ulimit command, I came across something unexpected..
Checking the root account limits:
# ulimit -a
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 16382
max locked memory (kbytes, -l) 64
max memory size (kbytes, -m) unlimited
[code]...
View 2 Replies
View Related
Apr 15, 2010
Is there a way to create a guest account and have Ubuntu "automagically" limit the amount of time the user can access the Internet? So, for example, could she set up an account for her son and limit his Internet access to an hour at a time?
View 9 Replies
View Related
May 14, 2011
I'm trying to limit the number of the ICMP packets reaching my server, so I'm using the limit module of iptables, unfortunately it seems the limit I set is totally ignored as I can easily send tens of ICMP packets and get a reply in less than 0.3 second Quote:
m3xican@m3xtop:~$ sudo ping -i0 -c20 x.x.x.x 20 packets transmitted, 20 received, 0% packet loss, time 230ms
rtt min/avg/max/mdev = 184.969/185.895/189.732/1.301 ms, pipe 16, ipg/ewma 12.138/186.232 ms This is the rule I'm using to accept ICMP packets (default setting is DROP)
Code:
iptables -A INPUT -p icmp -m limit --limit 1/s -j ACCEPT
And these are the kernel modules related to iptables
Code:
Module Size Used by
xt_limit 1382 0
[Code]...
View 5 Replies
View Related
Jul 14, 2011
Windows have many firewalls to prevent the system. But Ubuntu have few. Why is it so? Is it not needed to prevent Ubuntu or if it is prevented?
View 5 Replies
View Related
Apr 2, 2011
[root@itsupport ~]# service httpd restart Stopping httpd: [FAILED] Starting httpd: (98)Address already in use: make_sock: could not bind to address [::]:80 (98)Address already in use: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down Unable to open logs [FAILED] Iam facing the above error when i restart the service httpd
View 9 Replies
View Related
Apr 28, 2011
I have a problem with open file limit. The software I'm installing claims "Open file limit (ulimit -H -n) too low (1014), need at least 6311" but when I check the linit I get the following
Code:
# uname -a
Linux server 2.6.32-5-amd64 #1 SMP Mon Mar 7 21:35:22 UTC 2011 x86_64 GNU/Linux
[code]...
View 2 Replies
View Related
Jul 17, 2009
I use CentOS 5.3 and trying to change limit of max. open files.I added in /etc/security/limits.conf
root soft nofile 50000
root hard nofile 50000
View 3 Replies
View Related
