Ubuntu Servers :: Firestarter Doesn't Allow Anyway To Block Incoming Connection By IP
Sep 19, 2010
What is the absolute quickest or easiest way to block an incoming connection by their IP address? I'm running an apache2 LAMP server on Ubuntu 8.10. For example, let's say I'm watching my server error logs and I see someone using a script to check for phpmyadmin and other such folders. Right away I know this is a hack attempt. Firestarter does not allow ANY way to block an incoming connection by IP (to my disappointment) and adding the IP to an apache configuration file requires an apache restart (way too much trouble and time).
View 5 Replies
ADVERTISEMENT
Sep 1, 2011
I have been trying to solve this problem for two days now looking at various forums and websites but can't really figure out what's going on here.I have setup postfix on my ubuntu and I can send emails using "telnet localhost 25" and the ehlo thingy. Apache can also send emails. My problem is with incoming emails. When I try to send an email (through Gmail) I get the following error message:
Code:
Delivery to the following recipient has been delayed:
root@example.com
[code]...
View 2 Replies
View Related
Apr 4, 2010
I need some suggestions on software. I would like to offer remote desktop support to some of our clients, but some of them are using ISP's that block incoming connections so, VNC is out of the question. I was wondering if there is something similar to logmein for ubuntu?
View 1 Replies
View Related
Jun 17, 2010
I'm trying to block an incoming URL. My ISP is hijacking 404 pages and annoyingly changing the URL line in the browser and flashing all sorts of popup ads. I just need it for incoming URLs which my router doesn't seem to handle. I'd prefer something packaged with Ubuntu 8.04, but anything simple will do. I know in KDE I could edit the kdeglobals file with:
[KDE URL Restrictions]
rule_1=open,,,,[URL],,false
rule_count=1
View 4 Replies
View Related
Apr 19, 2011
I want to set up Ubuntu Server as a firewall in which I want to direct my internet connection through where Ubuntu Server will block, filter, and monitor anything that come into either three of my computers using the same internet connection. Is this easy to do? sum up the steps that I will have to go through to establish this, and any relevant information, and where I might be able to find necessary information etc. I plan to use ubuntu-10.04.2-server-i386.
View 3 Replies
View Related
May 2, 2010
I have a ubuntu computer set up as bridge between gateway and lan, with the lan connected to eth0 and gateway on eth1.
I'm trying to get it to basically block everything incoming except for the ports i specify, but also allow outgoing traffic. I've found, tried, modified som examples i found on the web, but still it wont block incoming traffic (ie, im still able to reach my webserver)
These are the rules, and i can't figure out why it wont block:
Code:
#!/bin/bash
iptables -F
iptables -X
iptables -I INPUT -i eth1 -j DROP
[Code].....
View 1 Replies
View Related
Jan 6, 2011
I need to configure iptables to block incoming traffic (except specific ports), but allows all outgoing traffic.
I am able to block incoming traffic, but doing so also prevents outgoing traffic (tested by telnet [URL] 80)
The following was used:
iptables -A INPUT -p tcp --dport ssh -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -I INPUT 1 -i lo -j ACCEPT
iptables -A INPUT -j DROP
Also, even allowing NOT SYN requests still prevents outgoing traffic.
iptables -I INPUT 1 -p tcp ! --syn -j ACCEPT
Another point:
# modinfo ipt_state
modinfo: could not open /lib/modules/2.6.18-028stab070.14/modules.dep
How to install ipt_state module on ubuntu?
View 2 Replies
View Related
Jan 12, 2009
assist me in using the iptables firewall to block all incoming mail traffic (SMTP port 25) except that of a certain IP(s)? the situation is that we have a server that we only want to receive mail from a particular sender.
View 1 Replies
View Related
Jul 4, 2010
I am still new to ubuntu and I use firestarter as my firewall tool and I was told that its just ufw in a gui. Well anyways I noticed a connection to 174.129.241.144 using https and python, I didn't have any scripts running and my browser was closed, I read the man files for ufw and it said to do something like deny from 174.129.0.0/12 and I want to block all incoming and outgoing connections to this IP range and I was wondering how to do that, I heard of iptables that it would be able to do this but I dont know anything about it. What I should learn so I can handle these kinds of situation in the future and how I can block this ip subnet or also what does the /8, /12, and /16 stand for?
View 7 Replies
View Related
Feb 5, 2010
At my home I am using firestarter to connect my XBOX 360 to the internet and it works perfectly, never crashes etc and I get a moderate NAT which I've never experienced any problems in having.
I have my devices set up like this
eth0 - ifconfig eth0 192.168.2.1 netmask 255.255.255.0 broadcast 192.168.2.255
XBOX - 192.168.2.10 netmask 255.255.255.0 broadcast 192.168.255 gateway 192.168.2.1
This configuration works perfectly on my router at my house which has the IP of 192.168.0.1
However at my friends house he has a router with the IP adress of 192.168.2.10 or 192.168.2.7*, I don't remember exactly but I'll find out tonight. I have tried changing my IP settings on my xbox and eth0 to no avail. I noticed instantly that the XBOX IP is the same as my friends router. what the new settings would be, or simply changing the router's IP.
However there is also an issue with the DNS servers. I can't find them anywhere on the router or on the router box itself. I heard that I could point it towards my default gateway however.
View 2 Replies
View Related
Jan 1, 2011
I am running ubuntu 10.10. I recently enabled the firewall and installed Firestarter to configure it. Bad decision apparently. I can't connect to the internet using Firefox unless I first stop the firewall using Firestarter. After I do that, Firefox connects to the internet just fine.
If I uninstall Firestarter, will the ubuntu firewall function as it did originally, before I configured it? Or will it continue to function the way it does right now, which doesn't allow me to connect to the internet?
View 9 Replies
View Related
Jul 22, 2010
I am trying to set up a computer to act as a firewall/gateway on my network, and am using the Firestarter program to do this. Everything appears to be set up correctly, and I followed the instructions on their website completely, and I get an error message when I try to start the firewall. It says that eth0 (my internal NIC) isn't ready, and to make sure it's active.
View 3 Replies
View Related
Mar 2, 2010
Since yesterday Firestarter has been prompting me that it is blocking external connection attempts as shown in the picture below:I'm not even going to bother covering the IP addresses because I personally don't see why I should care but as you can see, there has been loads of them attempting to connect to ports 3674 - 3675. I ran nmap 127.0.0.1 and it came back as 631 being the only one open. So then I thought maybe lsof -i would mention much more but all it shown was:
@boris:~$ cat meh
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
cupsd 1644 root 5u IPv6 14329 0t0 TCP localhost:ipp (LISTEN)
[code]...
View 1 Replies
View Related
Sep 11, 2010
A portscan reveals that port 39878 is 'open', service: 'unknown. I deny service for this port in Firestarter FW 'policy' Firestarter does not show any active connection. I am not running any apps, so how can I close this port?
View 9 Replies
View Related
May 1, 2010
I have upgraded to Ubuntu 10.04. The upgrading process went fine but i have some problems now. Firstly, in the tray icon space i don't have sound tray icon and the Ubuntu One icon neither. Moreover, the Firestarter doesn't works and says that probably i don't have internet connection though the internet works fine.
View 2 Replies
View Related
Mar 24, 2010
duplicate ip, my mistakewhen logged into a fc12 server with ssh, and a node tried to connect to the server using ftp...
View 1 Replies
View Related
Apr 6, 2010
I have a router which makes two ppp connections. PPP0 is my default route and is an uncapped ADSL. PPP1 is a Local Only (South Africa) account which has DNS resolving to its IP. PPP1 allows certain connections in. I want all packets coming in on PPP1 to be marked so that after they have been routed through our local servers they can go back out over PPP1. Both connections use dynamically assigned ip addresses. I want to use PPP0 to make a connection to one of our stores, but when our stores connect to us they will be using PPP1. All packets from these incoming connections will need to be routed back over PPP1.
View 14 Replies
View Related
May 3, 2010
How can I drop or forward a incoming connection from a part of a host like *.alicedsl.de
For example:
The user is connection from *.alicedsl.de on port 12345
So how can I drop this connection or forward to google.com on port 80
View 5 Replies
View Related
Jan 7, 2010
I'm installing a server to act as a firewall between a local network and internet. I've installed Firestarter becaused it worked straitgh away (it seems that FS is configuring the routing as well). I've tried to remove it, and then I lost the access from LAN to Internet. (I don't know why -perhaps the routing is disabled then- , so I prefer to keep it).
The problem is that Webmin Bandwidth Monitor (bandwidthd) is not logging anything when FS is active. Does someone has an idea on how I could make it work? I've tried cacti and some other stuff, but it is far too complicated for me.
View 2 Replies
View Related
Feb 13, 2011
Sometime, I got the error messages as I mentioned in the subject:
Quote:
Feb 14 07:46:48 x proftpd[27487]: x - Fatal: unable to open incoming connection: Transport endpoint is not connected
I'm sure there are some clients connect to server at that time. What does this mean exactly? Why did it happen? Below is my configuration file:
Code:
ServerName"ProFTPD server"
ServerIdenton "FTP Server ready."
ServerAdminroot@localhost
[code]....
View 3 Replies
View Related
Feb 5, 2010
I installed firestarter and then at a later date uninstalled/purged it, both actions via synaptic. I have a very verbose boot, I like to see what's going on, and noticed after the uninstall/purge that I was getting an error zooming up the screen containing firestarter in it. After many restarts I found that a file was left in /etc/network/if-up.d/50firestarter and this file was simply a script trying to restart firestarter. At this point I've commented out the calling line and followed the commented line with exit 0. This removes the error but there's still a link calling the file so, is this a bug or am I missing something? It appears the uninstall/purge wasn't entirely complete.
View 1 Replies
View Related
Jul 1, 2011
Where I work we're trying to create a mailbox where our employees sends messages to it and the mail server processess them. Much like the Support of some companies where you send an email a ticket is automatically opened, but instead we need to save the messages to the filesystem depending upon an identified ID in the message.
We're considering two options:
1) Identify by to: header
Messages are sent to 12345@domain.com or os+12345@domain.com, where 12345 is out customer identifier, and the mail server processess messages and saves them to:
/data/os/12345/Customer contact.eml
2) Identify by subject: header
Messages are sent to os@domain.com and the customer identifier is specified in the subject [12345] Customer contact.
We need to do some other verifications as the user (from: header) is authorized to archive messages to that customer, but this is another story.
I tried searching for something along the line of AMaViS and ClamAV filters but had no success.
View 2 Replies
View Related
May 5, 2010
My network name is eth2 it was changed by some reason and now i got these errors... i installed, reinstalled, re re installed, tried to run the asistant but no luck :/
Code:
* Stopping the Firestarter firewall...
eth0: error fetching interface information: Device not found
eth0: error fetching interface information: Device not found
eth0: error fetching interface information: Device not found
[code]....
View 1 Replies
View Related
Apr 21, 2011
I'm looking for a smtp solution that will split all incoming emails and send them to two different servers.
On mail server 1 I have test@example.com
Om mail server 2 (different location than mail server 1) I also have test@example.com
MX-record for example.com should point to mail server 3. Of course there will be a mail server 4 that will do the same as mail server 3. Mail server 3 will receive all incoming mails and forward them to both mail server 1 and 2. This will be a simple and cheap but bullet proof redundancy solution. I'm interested in this solution, have already looked into clusters, backup mx, imap-sync and a ton more of solutions but this is the solution we want. ny one who can point me in the right direction? I've been searching for weeks, the solution exist but I can't find out how to set it up. Not all mail should be forwarded this way, only one example.com, not example2.com or example3.com.
View 3 Replies
View Related
Jun 3, 2011
I open this thread after an unsuccessful long search over the Web. Essentially what I want is to block the outgoing connection of a program. All I know about this program is its name and so I don't have any information regarding the ports it utilizes or the address it may contact.
View 9 Replies
View Related
Oct 21, 2013
I am running Debian on my server (OpenMediaVault) and i am connected to a VPN service, using openvpn. BUT! How do i make sure that the internet connection, stays through my VPN service, or gets blocked, if the connection through the VPN tunnel fails? Jeah, yeah call me paranoid..
I have read this: [URL] ....
I don't know how i use the source code. Is there a script somewhere i can just download? And i don't want the LAN connection to be blocked.. only outgoing traffic!!
View 14 Replies
View Related
Jun 23, 2009
securing VNC connections by tunneling the connection over SSH. However, from the server perspective it will still allow an unsecured connections and you're relying on the client to setup up the SSH tunneling. Is there a way to configure the Linux server to now allow connection over an unsecured channel?
View 4 Replies
View Related
Feb 27, 2010
I wanted to know how can I set a period of time to a tcp connection to wait for request or respond for tcp block read. which system call or function I can use? Does any body know a very simple quick and easy reference on web for socket programing that has lots of socket programing examples in it?
View 1 Replies
View Related
Feb 10, 2011
I am running an Ubuntu Server on a VirtualBox VM running on my windows machine. So I've created a self-signed certificate using the following tutorial: [URL]
From this tutorial I'm left with 3 files:
server.key
server.csr
server.crt
Then I found this very similar tutorial that has an extra bit on installing the certificates in apache: [URL] So I followed it's instructions which boil down to this:
[Code]...
So I'm thinking this should work now. However in Chrome I get: SSL connection error Unable to make a secure connection to the server. This may be a problem with the server, or it may be requiring a client authentication certificate that you don't have. Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error. IE8 gives me a typical "Internet Explorer cannot display the webpage" Note that [URL] fails while [URL] works fine, so it's definitely something in my ssl setup I'm thinking.
View 5 Replies
View Related
Jan 5, 2010
I've been all around the net and can't find a "simple" answer how to block our LAN users from downloading torrents. Is it really that difficult?
Here's our setup:
1. The Server's Configs:
2. sudo gedit /etc/squid/squid.conf
3. sudo gedit /etc/rc.local (to start Firewall rules on bootup)
4. Server NOT a DHCP Server
5. No other iptables rules are configured, just the above ones.
Before in a 1 NIC setup, I blocked Workstations MAC addresses in the Router + Squid Proxy Server (Not Transparent), it worked, but some Online Java Apps didn't work and users can't send/receive email so I abandoned the method.
Now, I installed transparent Squid Proxy with 2 NIC cards, it works, but workstations can still download torrents! I know Squid doesn't block ports, right? So the answer must lie in Iptables Firewall? I basically use Squid just to deny access to Facebook, Friendster, or other "unproductive sites".
Quote:
How to block torrent downloading by using a Firewall? Or is there another "simple" way?
I've heard that it's better just to allow regular ports (80, 22, 465, etc...) then block all the rest, this way, you can prevent unnecessary ports.
I'm not an Iptables/Firewall expert so can you pls. explain it a bit more detailed if that's the case.
I'm also aware of just telling our users NOT to download torrents, but I just want to prohibit it entirely.
I know I will be the most "uncool" employee in our office.
View 9 Replies
View Related
