Ubuntu Servers :: Blocked By Composite Blocking List For Spamming?
Jan 3, 2011
My IP has been blocked by Composite Blocking List for " IP Address 207 is listed in the CBL. It appears to be infected with a spam sending trojan or proxy. It was last detected at 2011-01-02 11:00 GMT (+/- 30 minutes), approximately 1 days, 3 hours, 29 minutes ago. It has been relisted following a previous removal at 2010-12-30 17:15 GMT (3 days, 21 hours, 2 minutes ago)"
How do I find this "trojan" and remove it???? I have a network of 6 computers right now, 5 are running Ubuntu (3 server and 2 Desktop versions) and one windows computer. I have run a virus scan in the windows computer and found nothing. How can I scan a linux computer for a virus?
View 9 Replies
ADVERTISEMENT
Jun 11, 2010
I have an old FC2 box running Squid version 2.5. It has been running since 2003 so I am in the process of replacing it. I have a new machine with FC11, iptables, and Squid 3.0 installed.
On the old machine I use iptables to intercept Port 80 traffic and send it to Squid. By default I block all internet access and allow only sites that are in an Allowed_Sites.txt file. Within Squid I also have statements to allow certain users to bypass Squid based on their IP address.
I have set up the same thing on the new box. I have iptables intercepting the Port 80 traffic and sending it to Squid. That is working because if I remove the redirect statement from iptables all internet access is blocked.
The problem I am having is that Squid is not blocking any websites. It acts like the ACL is set to http_access allow all. I have worked on this for several hours and am stumped.
These are my Squid rules:
acl allowed_sites url_regex "/etc/squid/Allowed_Sites.txt"
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl SSL_ports port 443
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow Bypass_Users
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
acl our_networks src 192.168.1.0/24
http_access allow allowed_sites
http_access allow our_networks
http_access deny all
icp_access deny all
htcp_access deny all
http_port 192.168.1.254:3128 transparent
hierarchy_stoplist cgi-bin ?
access_log /var/log/squid/access.log squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|?) 0 0% 0
refresh_pattern . 0 20% 4320
visible_hostname FC11.proxybox
icp_port 3130
coredump_dir /var/spool/squid
View 2 Replies
View Related
Mar 18, 2011
I have a SSH server on Ubuntu 10.04 running behind a NAT. I have done the port-forwarding at the router. However say for example I want to restrict people connecting to the SSH server by country IP's. When I configure ufw with the following rule it still lets the IPs that are restricted through. Any idea why
sudo ufw allow from xxx.xxx.xxx.xxx/24 to any port 2556
View 5 Replies
View Related
Jan 18, 2011
My Squid is working. But I do not know how to unblock a proxy for two users on my network. My configuration
Code:
acl work src 192.168.16.0/24
acl sites dstdomain "/etc/squid/sites.acl"
acl files urlpath_regex "/etc/squid/files.acl"
acl boss src 192.168.16.12
[Code]....
How to enable blocked sites and files for boss and it_user?
View 2 Replies
View Related
Jan 30, 2010
So first off, it probably seems this question has been asked thousands of times before. but I did do a search, mostly archived posts that ended up being something other than a true ip blocking of the port. [URL]..
So my port 80 is truly blocked. Ive tried setting up the port forwarding on my router, Ive tried manually allowing all traffic on port 80 through ip tables. Ive even dabbled with setting up something like openDNS to see So far nothing, Im only available on my local network.
There has to be some way to do a redirect though. even something as simple as an htaccess file redirecting [URL].. xxxx (the space is there to avoid my url being interrupted by a smiley
View 4 Replies
View Related
Mar 16, 2010
not blocking sites
Code:
dbhome /var/lib/squidguard/db
logdir /var/log/squid
dest block {
domainlist block/domains
[Code]....
under db I created a directory block where I created a domain file and a urls file dosen't seem to be working
View 6 Replies
View Related
Oct 5, 2010
I have Ubuntu Server (x64) installed on my box with Apache2 and Squid. For awahile port 80 (http) was fine, I could update packages and use wget. Then one random day port 80 became blocked for incoming traffic. I couldn't use apt-get and had to change to an ftp mirror to update. Also wget is not working.
View 3 Replies
View Related
Oct 11, 2010
Strange issue here when trying to verify firewall on Server 8.04. No ftp service running at all on server, but both nmap and netcat report port 21 as being open, even though it isn't.I am 100% sure that port 21 is not actually accessible and iptables rules are fine. Trying to connect to the port fails, yet nmap and netcat seem to report a "false positive"?Have also checked on a number of other servers I'm running, and this "false positive" seems to apply to all of them.
View 1 Replies
View Related
Jul 8, 2010
I have a home server that I built recently and I have been looking into things I can make it do, and one idea that came up was software to manage incoming calls. The main thing I want is something that can block numbers, but it would also be nice if it could record calls or broadcast the caller id over my wireless network somehow. I've tried Googling around, but I really didn't find much.
View 7 Replies
View Related
Dec 8, 2010
I blocked facebook and ..... but if any one change the http with https its open with him how can i mange https like http.
View 9 Replies
View Related
Mar 23, 2010
For system calls, is blocking or non-blocking default in C? Simple question, just am not seeing the answer super quickly.
View 4 Replies
View Related
Dec 25, 2010
I have a device that is working on modbus protocol andI have written a small program(with block TCP read method ) to read its registers via modbus protocol.my program is working very well but except those times that I unplug the Ethernet cable or turning off the modbus gateway during programs work.at this time my program stops on recv system call (if it reach this system call exacly when I unplug Ethernet cable or turning off the modbus gateway during programs work).I changed my source to work in nonblock TCP method, at this time with the same situation my program does not stop/block on recv system call but after pluging back the Ethernet cable or resuming the connectivity situation back it reads data incorrectly .this is my code:Quote:
#define DEBUG
#include <fcntl.h>
#include <string.h>
[code]...
View 5 Replies
View Related
Apr 12, 2010
I installed Ubuntu 9.10 and tomcat 6 java servlet container. I am trying to run the tomcat server on port 80, so I edited tomcat's configuration file (server.xml) and changed the default port from "8080" to "80". I launched tomcat server, went to my browser and entered:[url], but it says can not find server/location. Then I edit the server.xml and revert back to port "8080" and then enter: [url] and everything works fine. So my guess is some other service is taking up port 80, but I would think not, since I just installed Ubuntu and made sure apache isn't installed or running.
So I went to "System" --> "Administration", then choose "Network Tools". I then executed Netstat and did not see anything taking up port 80, but I do see port 8080 taken (assuming it is the tomcat server). Then I also did a Port Scan and entered my IP number. Again, I don't see port 80 taken, but do see 8080 being used.
I had a winxp laptop computer behind home wireless and was running tomcat 6 server fine with it, but it over-heated and died recently. So I got a used laptop and just installed Ubuntu 9.10. I have not changed my wireless router settings. It is the same as before. So I have ruled out my home's hardware/network equipment.
So here now I sit, wondering what is up?
For security reasons, is port 80 initially blocked by Ubuntu for some reason? Is there something I have to do beforehand to free up port 80?
View 2 Replies
View Related
Apr 21, 2009
I've got a Fedora postfix server that I just upgraded from 9 to 10 using preupgrade. Starting yesterday, some messages were rejected by servers because the IP address had a poor "reputation". The odd thing is, the IP address they're registering isn't the IP address the server is sending from.
When I look at the full headers of our outgoing e-mail, the e-mail is listed as coming from ***.***.***.11, which is the correct address. But these services are somehow tying the e-mails back to ***.***.***.12, which is used for a different purpose entirely. Since this *.12 address doesn't match the MX record, I'm assuming that's why the mails are being blocked, but I'm not sure how the mails are being identified as coming from that address in the first place. It's odd that this just started when I upgraded.
View 1 Replies
View Related
Jul 7, 2010
My Email Address is spamming
1. I received an email (spam) on Yahoo Mail from someone who was not intending to send it. (While it did go to spam folder, I did 'open' the email (since it came from a trusted sender) but it only contained a link (which because of WOT) I assumed was spam.) I did NOT click the link.
2. I then informed him that his email addy was spamming.
3 Shortly thereafter, i noticed in Ubuntu (firefox) whenever I clicked "reply" to email back to someone, there was a quick flash of letters/numbers in the slot where I would normally write. This instantly disappears and goes blank so I can write something, so I just figured it was a bug. This is happening on BOTH windows and Ubuntu.
4 Now MY EMAIL is spamming people the people I write to.
So far: I have 1. Changed my Yahoo password 2. Deleted firefox 3. In windows Ran Spybot/Search-Destory AVG (turns up nothing) What else can I do?
View 9 Replies
View Related
Jul 7, 2010
Problem: My Email Address is spamming Situation Chronology: 1. I received an email (spam) on Yahoo Mail from someone who was not intending to send it. (While it did go to spam folder, I did 'open' the email (since it came from a trusted sender) but it only contained a link (which because of WOT) I assumed was spam.) I did NOT click the link. 2. I then informed him that his email addy was spamming.3 Shortly thereafter, i noticed in Ubuntu (firefox) whenever I clicked "reply" to email back to someone, there was a quick flash of letters/numbers in the slot where I would normally write. This instantly disappears and goes blank so I can write something, so I just figured it was a bug.
View 11 Replies
View Related
Mar 3, 2011
So I installed Ubuntu 10.10 beta because v9 wouldnt work, I'm using an HP Mini 311. So far everything was working great, and after installing updates I restarted and these "starting file manager" windows kept spamming the desktop!, just along the bottom and you can see in this screenshot basically on the bottom, how do i fix this? i dont want to go back to windows!
View 5 Replies
View Related
Jun 26, 2011
I don't know what to do, I know how to block and delete pretty much every other type of abuse. I run a server with 500+ shared hosting clients and reseller clients and it was just blocked because of email spam. I can keep on top of all other abuse (people trying to do dos attacks etc) but the one thing I can't get my head around is email spamming. how to stop people spamming emails from my server?
View 7 Replies
View Related
Oct 14, 2010
Installed Ubuntu 10.10, 64bit, been working flawlessly for a week.
I have 2 nVidia Corporation G96 [GeForce 9400 GT] Graphics Cards and 2 LG Monitors. I installed the nVidia drivers from the website and everything is working very well. Using Xinerama to extend my desktop.
The problem comes in when I add an additional user to the system. It doesn't matter if it's 1 or 2 users, if they are added into the administrator group or as a desktop user, I can delete re-add them, create a completely different user but the problem persists.
As soon as I login as the new user and go to System | Preferences | Appearance | Visual Effects and try and enable either 'Normal' or Extra' I get the following error;
"The Composite Extension is not Available"
This is strange to me because composite, everything, is working fine for the default user, I have no problems whatsoever, but any additional user I setup it seems the graphics is borked, like it's not picking up the correct drivers or something.
View 2 Replies
View Related
Aug 4, 2009
When my 2 external usb hard drives (just storage based on ext3) are plugged and I'm booting Linux, it starts spamming plenty of output about these devices. I think during loading sensors daemon. At the end hangs. Previously I've noticed that the same happened on terminals. It was annoying, because spam was flooding even vim editor. I see this after major system update or rather new Linux installation. What I supposed to switch off to avoid this unwanted output?
Code:
MOD_AUTOLOAD="yes" #MOD_BLACKLIST=() #deprecated
MODULES=(acpi-cpufreq cpufreq_powersave !dm-mod !speedstep-centrino r8169 iwl3945 !ipw3945 !snd-hda-intel !snd-mixer-oss !snd-pcm-oss !snd-hwdep !snd-page-alloc !snd-pcm !snd-timer !snd !soundcore evdev psmouse !loop !bridge vboxdrv !autofs4 !capability usblp usbcore ohci_hcd ehci_hcd uhci_hcd !dm-crypt !aes-i586 !sha256 !osscore)
# # DAEMONS
# # # Daemons to start at boot-up (in this order)
# - prefix a daemon with a ! to disable it
# - prefix a daemon with a @ to start it up in the background
# DAEMONS=(syslog-ng acpid sensors network netfs hal avahi-daemon cups crond oss)
View 1 Replies
View Related
May 1, 2010
I did a clean install of Ubuntu 10.04 except for the /home partition. I have two monitors. I can't get the setup I had on 9.10 where the second monitor was an extension of the first, and extra visual effects were enabled.
There are two drivers available for my video card, NVIDIA accelerated graphics driver (version 173) and NVIDIA accelerated graphics driver (version current) [Recommended]. I've tried both. I backed up my /etc/X11/xorg.conf, blanked the current one, and run
Code:
I set the each monitor to be a separate X screen, enable Xinerama (I think that's what I need for the extended display), and clicked Save to X Configuration File. Sometimes I merge it with the existing file. At this point I restart and the error, "The Composite extension is not available" is displayed when I try to enable extra visual effects.
View 9 Replies
View Related
Apr 4, 2010
I am using suse 11.2 running kde-4.3 . whenever i tried to install google earth and matlab it gives an error ,your x-server is not running ,
View 4 Replies
View Related
Feb 9, 2010
I am trying to put my appreance preferences to extra so taht I can enable compiz however I get the error message "Composite extension is not available"
below is my xorg file I have nvidia 185.18.36 drivers installed which should work with compiz.
Code:
# nvidia-xconfig: X configuration file generated by nvidia-xconfig
# nvidia-xconfig: version 1.0 (buildmeister@builder63) Fri Aug 14 17:54:58 PDT 2009
Section "ServerLayout"
Identifier "Layout0"
Screen 0 "Screen0"
[Code].....
the above xorg gets my flawless playback in xbmc (xbox media center) or 1080 movies.
View 3 Replies
View Related
Nov 21, 2010
In the composite of the effect desktop I can to use only xrender, just select opengl, I did not make use, why ?
View 1 Replies
View Related
Mar 24, 2010
Basically when trying to activate Normal or Extra visual effects on a new karmic installation, I get the error message "The Composite extension is not available".
Here is my xorg:
View 9 Replies
View Related
May 2, 2010
When i have enable xinerama for 2 displays and i enable visual effect it says The "Composite extension is not available" but i have enabled it in "xorg.conf" but effect are working with not enabled xinerama.
Here is my xorg.conf
Code:
# nvidia-settings: X configuration file generated by nvidia-settings
# nvidia-settings: version 1.0 (buildd@palmer) Fri Apr 9 10:35:18 UTC 2010
Section "ServerLayout"
# Removed Option "Xinerama" "0"
[Code]...
View 5 Replies
View Related
Aug 12, 2010
I have followed a few guides on using video overlays to obtain a watermark. i am suppose to use the Bluescreen video effect along with the composite transition in kdenlive.
I run the following versions of software:
lucid lynx 10.04
FFMPEG compiled from svn
x264 compiled from git
Kdenlive 7.7.1
Kino 1.3.4
melt 0.5.6 from a PPA
Medibuntu repos
My video I want the watermark over is a kino captured file which is dv avi type 2 (open dml).I have done Bluescreen video effect along with the composite transition but the video clip which the video watermark plays on top of ends up getting darker. for the bluescreen color i have chosen red which is the closest red i could pick next to the spinning logo. the lighting changes on it and gives it an undesirable effect as far as how dark it it. i tried other colors but then the logo either disappears or the spinning logos black video background covers up my video. the reason for my "video" watermark is because it is a spinning logo (not a picture) which can be obtained in .mp4 format here:[url]
My goal is to put that on top of some xbox 360 modern warfare 2 gameplay. i haven't uploaded an example of how dark it makes the footage look yet but it does.
View 5 Replies
View Related
Aug 8, 2011
According to the Wiki about Xinerama
Quote:
As of the 1.10 X server release, the Xinerama rendering multiplexer and Composite extensions no longer conflict.[URL].. So does this mean that if I use X 1.10 or later, Xinerama and composting can work even over two GPUs and four monitors?
View 5 Replies
View Related
May 25, 2010
I have set up proftpd many times now one Ubuntu 9.10 and never ran into any problems. I decided to go ahead and do a clean install of the new 10.04 and set everything back up (ie ssh ftp apache... ect)I got done with ssh with no problems and started working on getting proftpd up and running just like I've always have. But now every time I try to login it gets to where it should list all the files in my dir and it just times out. If I connect through my network (192.168.1.101) everything works fine so I dont think its my .conf file.ll ports are open that are needed and I even tried opening up the passive ports to see if that would help but it does not.
View 1 Replies
View Related
Jan 1, 2011
I am almost tempted to go back to an old slackware to try this. Anyway, I found a circuit (with just a few resistors) that allows vga output to go to composite input. To my amazement it actually works and it is very clear, but has a double screen. I am told, to fix it you need to change the horizontal sync and or refresh rate for the card. (17 instead of 35). How would I do this in xorg.conf?
View 2 Replies
View Related
