correct settings for UFW on my Ubuntu Desktop 11.04 I am setting upo a webserver and want the security for hosting websites but I also need to login to the machine via my LAN computers. I am concerned about setting it up incorrectly and having people hack my machine.
View 3 RepliesI have installed Ubuntu 10.04 Server on an older desktop with the intent of making it into a firewall box. What I would like to do is hook one nic into the modem, and the other nic into my router. I'm not sure if I want to setup the 2 nics as bridged.
View 1 Replies View RelatedI tried to ask this question in the other thread but the admin was saying to me that my other thread here [URL]..( it was not very much the subject of the thread ) People that use Unix,Mac OSX or any Linux OS all none windows do you need anti-virus program like Norton or Kaspersky? And same with firewall like ZoneAlarm and Comodo ?
Some people say you do not need a anti-virus program like Norton or Kaspersky or any firewall.Other people say you do and some say that Unix and Mac OSX have built in firewall.
And if on uses windows use ZoneAlarm or Comodo has it does alot more than windows firewall and router firewall. Note the admin saying the other thread was why windows get more malware and not very much the subject of the thread to post there.
Possible Duplicate: SSH asks for password, even with public key installed [URL]...I am trying to login from machine A to machine B with password-less SSH login as described in the above link.I have followed all the steps but still the password is being prompted for.How to diagnose this and resolve the issue
View 2 Replies View RelatedI am having a little trouble setting up a NAT firewall using iptables. I have 1 PC dedicated to being the firewall running Ubuntu 10.04 LTS. There are 2 NICs in this PC. One NIC is connected to the modem & the other is hooked into my router, sharing the connection through to the other PC on my LAN. Thing is that I am having troubles setting this up using iptables. I have it sharing the connection, but can't seem to make it forward 2 ports through to my webserver on the LAN. I am also wanting to setup init.d to control iptables. I have been trying to google this, but haven't found anything useful to get this accomplished. I put the following into rc.local to make the forwarding work:
/sbin/iptables -F
/sbin/iptables -N block
/sbin/iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A block -m state --state NEW -i ! eth0 -j ACCEPT
/sbin/iptables -A block -j LOG
/sbin/iptables -A block -j DROP
/sbin/iptables -A INPUT -j block
/sbin/iptables --table nat -A POSTROUTING -o eth0 -j MASQUERADE
Setting up firewall
View 12 Replies View Relatedpost the "perfect" tutorial for setting up a router and firewall for Ubuntu 10.10 Server 64-bit? I'm kind of a n00b when it comes to Linux, so I get really confused with some things, I have seen things on the ubuntu wiki about this... but it really confuses me =
I'm trying to setup my ubuntu sys as a router and firewall... Internet -> Ubuntu (Router) -> Switch (no DHCP on it) -> Computers I've already setup bind and dhcp3 and got those working perfectly... I've also setup Squid3 and Dansguardian for content filtering (blocking ads and such) and got them working too... I want to set it all up to be transparent, and allow the system itself to function as a powerful firewall router, giving absolutely NO issues to client computers connected, and no speed reduction at all.... I want to setup the firewall to allow all outgoing connections, but block everything incoming (stealth the network)... Forcing all http/s traffic to pass through dansguardian, then to squid...
But am very confused on how to pull this off... The system is running Ubuntu 10.10 Server 64-bit, with 4 GB of RAM, 320 GB SSD, and two 1Gb NIC cards... Sorry if I'm not very clear, I do speak english perfectly, but just kinda new to the "Linux world", I was using SONICWALL but that's getting a little too costly to my network and wanna do a free alternative... Something completely CUSTOM, not using some network security distro.
So what I want to do is setup a gateway(or router, idk what Ubuntu refers to it as.). So my set up would be Modem>Server>Switch>Router. I know that I need to set up it up as a DHCP server as well. I would also like to setup it up as a firewall too. I already have two Gbit cards that are already configured. So how do I do this? I already tried one tutorial, but it was old and was for Debian. I also installed ebox, but I couldnt figure that out either.
View 1 Replies View Relatedwhat is the best way to turn a pre 2000 macpro into a home/small office firewall?
View 10 Replies View Relatedi have a linux server runnig oracle applications. i need to access this server from putty using ssh through internet. i did by registering my static ip with the dnydns.org and i am able to connect to the server. but now there is no security to authenticate any user as any one knowing the password can login to it. i thought of configuring the firewall of linux server but the client ip`s are not static and they change continiously. so thought of keeping one more pc between the server and the router which will do the work of authenticating. but i am confuse as how to configure it to allow the packets coming from the internet after authenticating and to by pass the packets generated from internal LAN?
i have heared abut freeradius package but i am not sure will it work in my case?
I want to lock down my server to allow only certain ip addresses and ports in. I was thinking of doing this through the iptables but someone sugguested I used the hosts.allow and deny files to allow who can access the system. What do people suggest? If I"m trying to ensure no ip's can access my system except the ones I want, how would I do this with just the allow and deny files?
View 4 Replies View Relatedcould set up a firewall on my linux machine? I have is to connect my router wired to the linux machine and then from the linux machine to my main computer, and obviously routing the internet connection through the linux box as a firewall. I use a Netgear DG834G router
View 9 Replies View RelatedI'm in the situation where I'm trying to create 2 private networks using ESX server, all behind a NAT router (static ips are used). I used an openSuse11 vm as a router and was able to configure it so that a machine on one private network was able to access the public network. The problem I have now it that I need to be able to access a machine on the private network from the public network using a different set of IP's.
So if a machine in the private network has an IP of 10.1.0.222 I should be able to ping it using 10.99.0.222 or some other IP. I have never done this before and after reading up on iptables and linux routing I feel more confused than before. Is it possible to add IPs to eth0 (public) and have them mapped to machines on a private network eth1 or eth
I am behind a university http proxy (squid) server and all of my internet connections have to go through it. I haven't been able to find any setting in Evolution that allows me to specify my proxy settings.
Searching on Google, it suggested that evolution can't work behind proxies and works only with direct connections to the internet.
I wanted to know if there is any way round this problem. I tried posting the same question on gnome list and gnome hacking list and no reply has come so far.
Am I safe when surfing the web with default Firewall setting? Can My Computer be hacked when the firewall is in the default setting? I have no knowledge on configuring Firewalls
View 11 Replies View RelatedI've got an HP ThinClient that my computer dumped in the recycling pile. I swapped out the ATA 1-gig flash drive, and replaced it with a 60 gig ATA hard drive. I installed Ubuntu on it through a flash-drive, and everything comes up just fine. When I boot up the computer, I get the ubuntu screen, it comes to the login, I select my username and enter my password. I hear the little jingle music, and then the computers graphics get messed up. I still see the mouse, and it appears as though I'm opening windows, but they come up really as just screwed up boxes that are black or other colors and the graphics get all distorted.
I just figured out how to get into the GRUB menu, and I was able to boot in reduced graphics mode. verything seems to be in 16 colors, but I can actually log in now and see everything! (really cool). Just to give an update, I can log into the computer using rescue mode, and I can do everything on the computer that I want to in 16-color mode or whatever that mode is. As soon as I reboot in the normal mode, the graphics mess up as SOON as I log in.
I could no handle/circumvent on the past week, despite of the several "googling" and documents reading. I will try to mention all needed bits... I'm managing a network with the following structure:
eth0: internal net
eth1: DMZ
eth2: 10 mbit/sec sync line with eight public /29 IP's + a /30 interconnection network. All public IP's must use the interconnection's network gateway.
eth3: ADSL with ppoe with fixed IP (ppp0).
Now, a few extra info:
- All internal traffic is routed through ppp0 except when it's destined for DMZ and public IP's range.
- DMZ traffic is routed either through ppp0 or eth2. This is done by source IP.
- eth2 has on IP from the interconnection network, and six public IP's are also defined on eth2. Command: "ip addr add ...."
[code].....
While I've been using Linux for a little while now, I have only recently been getting into setting up and using a server at home (in part because until recently I only had ONE computer at home). I have heard of LDAP and OpenLDAP, but I am not sure if this is the best tool to do the following. Centralize logins and passwords for all of the computers at home, so I only have to change/manage one place. Since I keep installing Linux Distros it would be nice if I didn't have to add each person, individually each time.
Provide single sign-on authentication for the user so when they go to the Samba server they don't have to do another login, but they are limited in what they can see. Basically I don't want the kids being able to see *MY* files
- Works with Linux (various) and Windows (Windows 7 more than XP)
- Works with desktop and laptop
- Be able to, possibly, pass this authentication to the web server so likewise do not need to log into the web server after logging into the computer.
- (optional) be able to set up a script to run automatically to either map network drives or mount samba directories based on the user being logged in (smb://user/<username>) and/or backup the system.
I say optional because if it can that is great, but if it cannot then it isn't a show-stopper. Like I said, I am very new to servers and networking and do not know where to start regarding this. Right now I have a basic (too open) file server and a web server just beginning to be developed (working on Drupal). Not only do I need to figure out what/where to research about the server settings but also setting up the client-side of things.
I'm trying to create a PAN (Personal Area Network) using a laptop (Siragon ML-1040) and my desktop computer, but I get the Connection Refused (111) error.
Blueman doesn't detect any network service between the two computers unless I start PAND on one of them and then it detects the NAP service. That, only after I enable the NAP/Workgroup services on the Services submenu in Blueman. However, it doesn't work neither with the NM plugins or without them (dhclient and that other one I can't remember the name of).
Any clues over here? I'm using pand 4.91 and blueman.
Somebody gave me an old Celeron 333MHz system w/ 96 MB RAM and I thought I would set it up as a little torrent server. So I installed Ubuntu server on it, but it does not see the NIC. I know the NIC functions because the person was using it hooked up to a network until a few days ago. Unfortunately, it's an ISA-based NIC and not PCI and my understanding is that I have to pass it IRQ and DMA settings to get it to work. Unfortunately, I wiped the windows 98 partition without thinking of snagging those settings. First of all, lspci does not show the hardware AT ALL. Here's the output I get:
Code:
00:00.0 Host bridge: Intel Corporation 440LX/EX - 82443LX/EX Host bridge (rev 03)
00:01.0 PCI bridge: Intel Corporation 440LX/EX - 82443LX/EX AGP bridge (rev 03)
00:04.0 USB Controller: OPTi Inc. 82C861 (rev 10)
[code]...
The machine is an old 'Compaq Presario 5050' with a really crappy BIOS that doesn't really offer any help. I read a post somewhere that trying to load the 'ne' driver should work, so I tried:
sudo modprobe ne
and it came back saying "no such device".
I recently installed vsftpd on my server. I noticed that users on the machine can login into vsftpd with their username and password on the machine and go to their root dir "/home/username".Now, I want to give some people a vsftpd username and password so they can upload and download files and folders to their folder, but this folder has to be in the "/var/www/(username)" folder. I don't want them to be able to go to any other folder than their own folder like "/var", "/etc" or "/home" etc. Also I don't want them to be able to login on the machine as a user, through putty for example. They should only be allowed to acces their folder with vsftpd, nothing else.
View 1 Replies View RelatedI i'm having trouble setting up my triple boot machine. I have Windows 7 and Mac OSX on two seperatate hard disks and they are dual booting fine with the chameleon bootloader. I just attempted to install ubuntu from liveCD which i downloaded and burned from the ubuntu website. During intallation i the option to "install side by side to windows" and resized the windows partition to make room for Ubuntu(250GB of 1TB), i also selected the option to disable the GRUB bootloader because i want to use chameleon. The installer completed successfully and the computer rebooted but chameleon, Mac OSX or windows (my partition for windows is 250GB smaller) won't recognize the partition.
View 2 Replies View RelatedI'm try to assess the viability of of setting up remote administration on a distant machine. Just for background, the computer I wish to administer is located on a boat in Southern Ireland while I'm in SE England. Sadly, the the boat operator is a far better fisherman than computer user and every now and then some rogue sensor numbers get captured by the boat's computer and these eventually need operator intervention. Anyone who has tried to talk a non PC literate user through correction routines over a dodgy mobile telephone while the said user is trying to operate mouse/keyboard in an Atlantic swell will appreciate the problem.
However, there is a fairly good mobile phone broadband signal available in the area so I was wondering if there was anyway I could set up a point to point connection with the boat over this medium. That would allow me to administer the machine remotely.
link to an up-to-date tutorial for setting up Linux with 3 monitors? Specifically, I want to set up 2 different nvidia video cards with 3 monitors. I can already do 2 monitors on 1 video card, so I am not interested in those tutorials.
View 3 Replies View RelatedI I'm currently working on Nagios Core 3.2.2, and I'm trying to set up a mail notification. I already install postfix and mailx. And I'm able to send a mail via Ubuntu. I checked this with the command: echo "mail test" | mailx -s "test subject" mail address.But I don't know what to do next. I'v tried many different suggestions that I found on goolge, but nothing seems to work.
View 26 Replies View RelatedI have a visichat site and 1and1 server.
i am having a problem of my firewall.
when i activate firewall from my server account users cant login to chat room. the error occured " Connection To Server Failed".
will anybody let me know how can i fix this problem so that i can active my firewall and also users can login.
im trying to connect two computers on lan.One computer has: VMWare Workstation and has Opensuse 11.3 mounted in it.The other computer has: VMWare Player and has Opensuse 11.3 mounted in it.Both computers are connected to a switch with cables.I have followed this guide in both computers:Depanati singuri calculatorul!: Opensuse 11.3 - configure local networkin order to setup a network.In one computer, if i go to: Computer---Network---Network folder, i only see one machine. When in fact i could see both of them right
View 9 Replies View RelatedI am searching for a way to have multiple sessions or users on the same vnc server. I have a machine that I need to remotely access as root (for admin purposes) and as myself (as the normal user) the rest of the time. I probably will never have to remotely login at the same time as both root and myself (I am not that multitasking!)I searched the web for almost 1 hour without finding anything useful... Right now my /etc/rc.d/rc.vncservers.conf looks like:
[code].....
I am having some trouble setting up a cron job that creates a tunnel to my remote machine to work correctly on Ubuntu 9.10. The setup looks like the following:
(1) myscript.sh (executable)
Code:
#!/bin/bash
ssh -2 -x -i /home/user/.ssh/id_rsa.prv -L 3128:myremotemachine:3128 myaccount@myremotemachine
(2) crontab -e, added the following lines:
[Code]...
Im having trouble setting my SAMBA server correctly. I have two Win machines, one with WIN7 and one with XP. I have one Ubuntu machine and Ubuntu Server 10.04. My problem is that I can only acess files from the Win 7 Machine. When I try to map out the shared dirs on my serverI get asked for user and password, when I enter my creditensials it dosent help.. What to do? I used the sample smb.conf file and open for no restrictions..
[Code]....