Ubuntu Servers :: Configure To Restrict Internet Access?
Jan 2, 2010
I've been searched for the related topic, but i couldn't found any of them. Basically, i want to set up a server to restrict internet access for other computer (windows box), but allow internet connection for kaspersky to download its database. Here are some questions:
1. Do i need two network card at the server box?
2. There are 8 computers but only 2 are allowed all internet connection, 6 of the rest are not allowed, all windows box can accept connection to download database from kaspersky.
3. Is it Iptables the best, easiest way to configure?
View 4 Replies
ADVERTISEMENT
Jul 28, 2011
I'm running Natty and have made two logins on the system. One for myself and family and one for the kids (teens 14-15yr) to play in without Internet access via Admin "Users and Groups". I have hidden the Internet software icons on their screen amongst others i don't want them to see on the menus. On our screen I use a Firefox addon called "Web Of Trust" that can be configured easily for the kids and another addon called 'Blocksite' that I can selectively use for them and myself etc.
I have found out that they have still been able to get on to the net somehow under their login. Will have to observe again!! In the users settings for the kids the tick box for 'Internet'and 'use modem' access is un-ticked so I presumed that would be enough! Not so!!
View 8 Replies
View Related
Oct 7, 2010
I'm running Ubuntu Server 10.04 32-bit.I'm looking to find if there is anyway I can lock down ubuntu so that remote access, whether it be SSH, ftp, apache.etc can be only accessed from a certain IP range, or a certain set of IPs?Essentially, we'll say the Server IP is 192.168.1.32, and I want the IP addresses 192.168.1.33-50 to be able to access the server, but no other IPs.I am in a switched environment, router's are not allowed to be placed on the network, and I do not have access to a DNS or DHCP server.Is there a way to do this in on the server via a configuration of some sort?
View 3 Replies
View Related
Apr 12, 2010
I will mount a nfs share on a client with fstab. Is there a way to don't allow some users accessto that folder ?
View 4 Replies
View Related
Feb 6, 2010
I am trying to configure my Linux router to restrict Internet access for one computer on my LAN. It needs to be restrictive based on the time of day and the days of the week. I am using the MAC address of the computer to single out the one computer that needs to be blocked. However, this is my first attempt at making any rules with iptables, and I am not sure if I am doing this right. If some one can take a look at this I would greatly appreciate it. This is what I have done so far.
Here is my thinking. Create a new target. Check the MAC address, if it is NOT the offending computer return to the default chain. If it is the offending computer check that we are between the allowed hours and dates and ACCEPT. If we are not within the time/date range then drop the packet.
Code:
Here I am trying to route all packets regardless of the computer on the LAN into the blocked_access chain for checking.
Code:
Is it a good idea to route all traffic through the blocked_access chain? I do run other servers that are accessible from the Internet, so I am not sure how this setup will affect that. I also use shorewall on the router to setup iptables for me. How would I integrate this with shorewall?
I am using squid to block access when he is using the web browser. However, he is still able to play games(World of Warcraft) and the like.
I am using Debian sid, iptable(1.4.6), shorewall(4.4.6), kernel 2.6.32-trunk-686.
View 7 Replies
View Related
Jul 1, 2010
I'm trying to configure internet access using KDE network manager. Added new VPN pptp connection, set gateway and other options but manager tries to connect for about a minute and breaks then. Here is /var/log/daemon.log
Code:
Jul 1 17:35:22 dvinokurov-desktop NetworkManager: <info> Starting VPN service 'org.freedesktop.NetworkManager.pptp'...
Jul 1 17:35:22 dvinokurov-desktop NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.pptp' started
[Code]....
As I understand the main problem is in "(IP Config Get) timeout exceeded".
Configuration: Kubuntu 10.04 x86, VPN server with MSCHAPV2 auth, no compression, no encrypting.
View 1 Replies
View Related
Feb 28, 2011
I have Fedora running on the comp which is sitting behind proxy, which required username and password to access internet. The username is E-mail address.
I've tried the following to configure internet access:
My question is how can I configure internet access through proxy system wide for all applications and commands?
View 8 Replies
View Related
Oct 10, 2010
I just installed Lucid Lynx Ubuntu on my computer. I love it, but I do not see how to configure my dial-up modem and connect. I'm hoping it's still possible. Here's my hardware.
333mHz Pentium III
Lucid Lynx 10.04 LTS
US-Robotics 56K Faxmodem External
256mb RAM
ISP OmniLEC
View 1 Replies
View Related
Aug 12, 2010
I am using DELL Studio 15, Windows Vista Home Premium. I have a dual boot of Linux (RHEL 5). My question is how to configure Internet access in my PC in LINUX OS. Windows mode :
how do i access Internet :
I insert a LAN cable to my laptop and access internet. or I insert the cable to my wifi router and access it wireless whenever I am bit far away. RHEL 5.0 Linux 1) UNABLE to access internet when I connect the lan cable to my laptop. 2) Is there any way i can access internet or should i use any drivers that are provided my dell pc. I am very new to linux and i am not sure to which and how to use it.
View 2 Replies
View Related
Jan 9, 2010
I have a problem configuring my PostGreSQL server for internal network access.
I want to be able to access my postgre server from 192.168.1.10
It works when I set listen_address to *, but if I input 192.168.1.10, or any other IP address, I always get:
Quote:
WARNING: could not create listen socket for "192.168.1.10"
FATAL: could not create any TCP/IP sockets
postgresql.conf section
[Code]....
View 6 Replies
View Related
Oct 20, 2010
I need to get my printer assigned to a hostname "myhost.dyndns.org". What do I need to configure in the cupsd.conf file to put it online?
View 1 Replies
View Related
Dec 11, 2010
I want to share files over the web with only a few people and limiting them to certain folders. I have been doing a remote access (ssh) to my server to access it from a pc on the local network. I later found out the same program doing ssh (open_ssh) was also doing sftp, great I could do both with one system account. Problem I couldn't find away to configure another user to go over the web with limited folder access without messing up my user to access the pc. I tried ftps by using vsftpd, I couldn't get chroot set up correctly or even log in. So my question is what program and/or protocol should I use to do secure ftp over the web?
OS: Ubuntu 64bit 10.04
View 4 Replies
View Related
Nov 15, 2010
I'm a terrible procrastinator, it's awe-inspiring annoying and stressful. This in combination with being a information-holic makes the Internet fairly lethal to me; I risk failing my college course because of it, so trust me when I say I'm deadly serious about this.
However, I think you guys may be able to help out, and maybe this will also help some people here with similar problems:
Because so much of my time is taken up with Interwebz, I thought to carefully restrict my internet use. It's not prefect, but it's part of a solution.
To date: I have Firefox and the ProCon extension which uses a whitelist of websites I can access. The extension cannot be uninstalled/disabled and I use a long hex password split into 3 parts, two of which my friends have (so I have to ask my friends for the password parts in order to update the whitelist, hence making it socially awkward to fritter away time online).
So far, it has worked a treat and I'm really pleased with it.
However, this is the problem:
I need to restrict web access so *only* Firefox can access the web. That way I cannot use Chrome/Opera, or even (shudder) use wine to run Internet Exploder.
View 6 Replies
View Related
Jan 30, 2010
I installed 6.06 LTS on Virtual box and I cannot access the netPlease let me know what I must look for.I am new to linux as well
View 2 Replies
View Related
Jan 10, 2011
I've got VPN setup and working on my server. I can VPN into the server and access my local network from anywhere. It uses pptpd for it. My problem is that I can't access the internet once I'm connected to my VPN. Is it possible to allow internet access through VPN?I mainly would just like to be able to connect, access my local network, and still browse the internet. Is there anything specific I need to change?
View 6 Replies
View Related
Feb 10, 2010
I have a query to ask. I want to configure a samba share. Following is the configuration of the machine.
[root@SGKPC ~]# fdisk -l
Disk /dev/sda: 160.0 GB, 160000000000 bytes
255 heads, 63 sectors/track, 19452 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/sda1 * 1 13 104391 83 Linux
/dev/sda2 14 19452 156143767+ 8e Linux LVM
[Code]...
I want to restrict my Samba Share to 50 GB.
View 1 Replies
View Related
Aug 26, 2010
I have ubuntu server 10.04 installed with wired internet access through my router. I recently installed the ubuntu-desktop packages and cannot get internet through the gui, firefox never gets past the "looking up" stage.I can accessthe internet through the command line and through webmin httptunnel. Wget, apt-get install, apt-get update, apt-get upgrade all work fine from the command line. I have local access to the GUi as well in the form of VNC that is working fine.
View 2 Replies
View Related
Oct 8, 2010
I have ubuntu 10.04 running LAMP and proftpd, I can access over LAN but not when I type my domain name in. I have forwarded all necessary port to to the local ip of that box, added rules to ufw to allow traffic on those specific ports. I use dyndns for a second level domain and have used all their tools to check whether the ports are open and have the results I am looking for.
View 7 Replies
View Related
Feb 13, 2011
I am able to access phpmyadmin via my web browser using either my local ip followed by /phpmyadmin and by using the same layout with localhost. If i use my DNS name provided by no-ip which i bound to in apache2 i am able to get to the "It works!" page with the domain name but if i use /phpmyadmin after it, it will tell me that there is no such directory.
View 1 Replies
View Related
Apr 20, 2010
alright so i set up dhcp server and my clients are getting ip's, can ping each other, and can ping/ssh the server. but nowhere beyond that.
however if i ping an externel site, i get its IP addr, but no pings (100% loss)
im ripping my hair out over this. i know that iptables is right, but i dont know about dns
idk if this helps:
Code:
pavel@ubuntu-server:~$ cat /etc/network/interfaces
auto lo br0 eth0 eth1
iface lo inet loopback
#mapping hotplug
[Code].....
View 9 Replies
View Related
Apr 28, 2010
Ubuntu lts server distro using on remote machine. i have remote site where internet access given via squid proxy. so when we enter in browser it start working internet fine. but on command line(bash shell prompt terminal) like wget,ping,nslookup,traceroute etc these commands does not work.
View 3 Replies
View Related
Jun 21, 2010
I must be very thick as i cannot seem to get my dhcp clients to connect to the Internet properly.
on my lucid server i installed dhcp3 server and bind9, i can ping and dig all on the local network. on the clients however, as soon as i go out of the local network there's messages like "unknown host www.google.com" or "network is unreachable".
View 9 Replies
View Related
Aug 8, 2011
I'm a absolute "server- noob" but I've got some experienced with desktop linux and want to build my own file server to access my stuff over the internet. I'm using dropbox for a while now like a cloud drive by simply mounting the "private" folder (which I encrypted with encfs/BoxCrypt) in order to cross-platform use important files. The problem is that Dropbox only provides 2 GB for free and I don't know how secure my data is up there. Moreover I don't wanna always sync all files locally.
I got an intel atom machine standing around and so I want to build my own file server to provide the same or at least a similar service.
1. Which type of server application provides a "network drive" that computers (several users) from the internet can access?
2. What's the best way to encrypt my data and transmission in order to make the system absolutely unattackable/unreadable from outside?
3. Is there a service that can provide a dropbox-style sync mechanism?
4. Which distro should I use? I'd prefer a non-desktop enviroment solution but never had anything to do with it. Is that possible for an average linux user?
I'm aware that this solution won't be very fast because of the limited upload of a standard internet connection but that would be ok! It's more that I want to have the possibiltiy to access all my data as a thin-client anywhere, anytime on any machine and still be on the safe side. I know that this is some kind of contradiction but what would be the best compromise? I know some questions may sound stupid but I really never had anything to do with servers at all in the past...
View 3 Replies
View Related
Mar 14, 2010
I just finished setting up my small server, however I realized that no one can connect to it from the outside. The reason being is that my router is assigning internal ip's and dyndns is linked to that. I need port 80 for the Apache server, but if I have the router forward that port to my particular ip, won't it screw with everyone else's internet too?
View 5 Replies
View Related
Jun 9, 2010
I'm running a Virtual Box with Ubuntu 9.10 and I'm experimenting with Apache 2.2.12I would like to use the authz_owner module but it is not possible for me to access http://localhost/~b/private/"b" is my username and "private" is the directory definded in the httpd.conf file.My httpd.conf file:
Code:
<Directory /home/*/public_html/private>
AuthType Basic
[code]...
View 2 Replies
View Related
Mar 18, 2010
Ever need to provide access to multiple PC's and did not have a router only a hub. Maybe this isn't original thinking, but then again maybe you didn't think of doing it this way (which i am sure there are many ways to do it) So I have 2 Ubuntu Servers, 1 Windows Box and a Hub - All 3 with internet access off of single ip and single Ethernet port.
While searching for a backup method today I came across Clonezilla. I was wondering if this was the right thing for me and since I needed to backup my roommates PC for a reformat and install of Windows I decided I would give it a try, but only if it would work. I didn't want the hassle of going into the main part of the house and finding out what cord was what as there is a cable modem connected into a switch (4 static IP's with internet) and one port of the switch hooked to a router) Anyways, didn't work he was on the router I was on the switch)
But this got me thinking. When I setup my server to do this, during one of the setup scripts it said it was setting up Internet access for client machines and that it was assigning them IP addresses threw a DHCP server that it had installed.
So, I dug up the hub connected the internet cable to hub up link and Server 1 on port 1 Server 2 on port 2 and Windows on port 3 The main server gets the internet provided IP address and routes it to the hub via a virtual interface. Server 2 is configured for DHCP and the windows box, It was set to get info automatically but it didn't fill the DNS info so I had to manually do that (just a heads up) I decided to use OpenDNS Servers (208.67.222.222 & 208.67.220.220) but im sure putting in the gateway IP address would have worked too.
So, by now if you need this I am sure you are excited and want to get to it. Like i said there are probably other ways of doing it, ways that don't involve you installing clonezilla and DRBL, maybe even just DRBL is needed, maybe one of them installed whats needed as a dependency- all I know is it works, if you know - elaborate so people know, but hey- this way not only do you have internet access on all PC's you can deploy custom images to them as well.
View 1 Replies
View Related
Sep 21, 2010
I have a machine (lets called it machine 1) with two networks card, eth0 and eth1. Both have static IPs. Once in a while the machine refuses to give access to the Internet via Firefox (eth0 is the route to router). Other machines on the network have no problems accessing the Internet. Eventually the machine would just magically start working again, but this time it just seems to have stayed broken. I've done some simple diagnostics and found:
a) I have another machine running Apache with a Wiki on our network - [URL]. Machine 1 is unable to connect to this Wiki. I get 'the connection has timed out'. I can ping 192.168.1.73 and it responds in the usual fashion.
b) If I try to ping www.google.com it times out with: ping: unknown host www.google.com. I can ping google using its IP address.
c) On machine 1 I have tried traceroute on both www.google.com and its IP and I just get:
1 * * *
2 * * *
And so on until hop 30. Doing this on any other machine on the network works. So while it seems I can ping internally in our network and outside, but when it attempts anything traceroute or URL related it does not work.
View 7 Replies
View Related
Nov 9, 2010
What is the simplest way to restrict access to a single folder in Documents?
View 3 Replies
View Related
Aug 12, 2010
If there is a general NFS share in the LAN and for example this share has three files - a, b, c is there any way to restrict file access to the root user of e particular host(falcon) in the same LAN environment while the normal users from the same host(falcon) should be able to access the NFS share & files a, b,
View 3 Replies
View Related
Sep 14, 2010
I have a question in Samba and would like to ask you for the solution. Is there anyway we can restrict the SMB share access to particular domain name? say allowing access for "example.com" domain users only.
View 2 Replies
View Related
