Fedora Servers :: Server And Clients (NFS And NIS) Are In Continuous Attack Via Ssh?

Aug 25, 2009

My server and clients (NFS and NIS) are in continuous attack via ssh. Somebody is trying to guess password and login, and making port 22 busy.What are different ways to stop this attack?I am thinking to block this ip in iptable but I have no good idea because I have not done this before. Any special consideration do I have to take while doing this thing? How is it done and which file does it modify?

View 14 Replies


ADVERTISEMENT

Fedora Security :: Server Seems To Attack The World Hacking?

Apr 10, 2009

I went away from home for a few days, ... Now I am back at home and noticed, that my server is going out with 100% available bandwidth. The server is mainly Http / Ftp / Mail server, so I stopped all services, to see which one it is. ervices stopped, still 100Mbps go out like ants in the flood.

I updated the system, made a backup, installed IPtraf. It seems that I have something 'installed' and my server is running something to attack User computers. It seems to try to find something on random IP's random ports. I am a little bit confused now. As long as my sites are running, I'm ~OK~ but sooner or later I would like to have my bandwidth back. How could I try to hunt down which service/app/process got hacked?

It seems that the monetary system of our society got now more enemy's than friends. Capitalism seems to reach it's end. But my server is serving also ART! Sooner or later we will need to pay copyright even for our thoughts. I was reading today, that the French president wants to punish file sharing as his wife made 3 albums, and wants to get some money ..

View 12 Replies View Related

Server :: Adding More Users In LDAP Servers And Clients?

Mar 18, 2011

I installed and configured LDAP server and client on RHEL5 successfully. Problem is that when I add more than one user on server and clients, It shows error 'invalid user'.When I run the command:-#chown -R user:users /home/user, It shows error 'invalid user'. by step for adding and modifying more users in ldap servers.

View 1 Replies View Related

Server :: How Clients Handle Offline Syslog Servers

Apr 19, 2011

How do clients handle offline syslog servers?Will the log files be buffered locally to be sent to the syslog server when it comes back online, or will any log data generated during downtime be lost in cyber space?

View 1 Replies View Related

Ubuntu Servers :: How To Switch Clients From A Normal Server To A Cloud

Feb 4, 2010

what cloud computing is and i think it can help me with some of my clients i want to switch my clients from a normal ubuntu server to a ubuntu cloud. as of right now i have to send out a bill to them and if they dont pay i have to shut down there service till they pay. what i would like to do is to have a cloud where i can sell them based on what they use not a set price like it is now. and have them be able to pay there bill on the cloud and if they miss the bill then the cloud can shut off there service till its payed.

i dont know if this is possible and i have looked everywhere and all i can find is info on other businesses billing and now how to set up a cloud to do this. i wish there was some kind of tutorial for this. if anyone can direct me to some good notes/tutorials that would be very helpful. this could be a big changing point in my business if i can do this. it would save a lot of time and cash.

View 4 Replies View Related

Ubuntu Servers :: Limit The Number Of Concurrent Clients In Ssh Server?

Feb 1, 2011

I am using ssh server to connect to my Ubuntu desktop. I opened the file sshd_config and change my port number of the server.I want to put a limit on the number of clients in the ssh server.

View 2 Replies View Related

Ubuntu Servers :: Setting Up Home Server With Backup Imaging For Clients?

Jan 31, 2010

I'm trying to setup a server at home, it has some practical implications, but largely it is just to take a stab at it. But I need the help of someone with more experience than I in defining exactly what I'm looking to do.

Here's what I have: old PC running Gutsy server connected to router. Several laptops at home connected via wifi to router. All laptops running either Windows or Ubuntu. Here's what I'm looking for: The server centralizes file storage for all clients. I would likely incorporate a RAID and some synchronised imaging of the files. I also want the server to create disk images of the clients hdd, regardless of client OS.There would also be some shares that would be publicly accessible (myself and friends accross the country would be able to access the same drive).

So I was thinking something like what corporate environment would be nice, you log into a profile that exists on the server. Like a dumb client...all data would be stored on the server. But I'm thinking that's more like a network boot and wouldn't work via wifi (or would it?). Also that wouldn't lend itself well to laptops used on the road in areas without net access. now I'm thinking each client would have its own locally installed OS, and they would just access networked shares. I could store sensitive files on the shares, but that wouldn't provide complete backup solution for each client.

Without rambling on anymore, anyone care to throw out some ideas? I'm really just looking to see if I can do what I want. The focus is on centrallizing files, securley backing up data and client OS's and ability to restore said images quickly.

View 3 Replies View Related

Fedora Servers :: CUPS And LPD Clients - Cannot Add Printer?

May 12, 2009

I'm working on CUPS server here now, I am new to the whole Fedora area, I'm starting to like it, tackling one service after the other. I have cups, which I don't recall installing but was there guess its a default. So I added a printer on my server, that was on a 10.0.1.1 block, added it as lpd://10.0.1.1/lab3printer. Ok that worked and printed from my server, but my problem is when other machines try to add the printer. I continue getting this problem
Alberto "recoverable: Network host '10.0.11.25' is busy; will retry in 30 seconds..."
On the computer it was added as printer lpd://10.0.11.25/alberto because my server has that IP and printer well named it alberto. I followed what this said with the xined.d [URL].

View 3 Replies View Related

Fedora Servers :: Samba Will Not Allow Any Clients To Connect ?

May 17, 2010

I've done this before, maybe ten times. This time is different. I don't know why, but Samba will not allow any clients to connect.

I've done:
- installed samba
- setup the samba shares
- have a samba user/passwd
- authentication = users
- punched in the samba stuff for firewall
- workgroup is set right

What the heck? I cannot get any client to connect. Not even the server machine can connect to itself through a client. What am I missing here???

Just for the record, I'm trying to connect to \SERVER:

Code:

Code:

I removed a whole lot of comment lines in the config file.

View 7 Replies View Related

Ubuntu Servers :: Run A DHCP Server On Home Network To Enable PXE Booting For Ethernet Clients

Feb 27, 2010

I'm attempting to run a DHCP server on my home network to enable PXE booting for ethernet clients, but I'm having quite a few issues getting it all up and running. I'm not entirely sure what is wrong, but I keep encountering errors in syslog as follows:

Code:

Feb 27 02:26:46 servnerr-1 dhcpd: Wrote 0 leases to leases file.
Feb 27 02:26:46 servnerr-1 dhcpd:
Feb 27 02:26:46 servnerr-1 dhcpd: No subnet declaration for eth0 (192.168.1.3).

[code]....

Networking is not exactly my strong suit, but I would like to get this up and running if at all possible.

View 9 Replies View Related

Fedora Servers :: Serving Windows Thin Clients

Jan 19, 2009

My brother and I want to set up a server off of which we would provide the processing power for several thin clients. Is it possible to serve the thin clients with images of Windows XP to run?

View 3 Replies View Related

Fedora Servers :: Use Dhcpd To Assign Vpn Clients Their IP And Configuration?

Jan 24, 2009

Is there a way to use dhcpd to assign vpn clients their IP and configuration?

I'd like to have dhcpd listen on br0 (already set as 10.0.0.1) so that devices conecting through eth1 and tap0 (should I be using tun?) will get the same address pool.

View 7 Replies View Related

Fedora Servers :: Create A Pxe Boot For Windows Clients?

Jul 23, 2010

is it possible to create a pxe boot server on fedora for windows clients?

View 2 Replies View Related

Fedora Servers :: Process Of Updating All The Clients Nodes To The Same OS?

Jun 22, 2011

I'm having a problem with NFS. I'm trying to mount /home, which is on the server, to the client nodes. The server is currently running FC14 (64 bit) and I'm in the process of updating all the clients nodes to the same OS. Currently, all the client nodes are running FC8 (32 bit) and are capable of mounting /home on the server. However, the one client node that I have updated to FC14 is having problems mounting /home. I can ssh to the node with no problem however I get the following message:

Could not chdir to home directory /home/myuserid: Permission denied. Now, if I excute the following command: "sudo mount -a" I get no errors and now I can see my home directory.

View 9 Replies View Related

Fedora Servers :: MySql Compromised - Access Denial On Really Clients

Feb 16, 2011

My Linux server which is running my company website have been hacked. Today I saw a number of clients (customers) with some fun characters entries on my database. Access denial on really clients.

View 2 Replies View Related

Ubuntu Servers :: Defend Against A Scripted Attack On Apache2?

Jul 28, 2010

I have a LAMP server that has been up for a month or so before I get stuff like this:

Code:
60.12.233.54 - - [24/Jul/2010:22:46:07 -0400] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 895 "-" "ZmEu"

[code]...

View 6 Replies View Related

Fedora Servers :: Configure Evolution-mail Clients Through SQUID Proxy?

Jul 27, 2011

I have configured router(192.168.1.2) to serve only one machine with IP - '192.168.1.6' and set up SQUID proxy on '192.168.1.6'. I have defined some rules(ACL) regarding connections to internet on SQUID proxy.

I changed the Gateway of rest of machine (192.168.1.60 - 192.168.1.69) from '192.168.1.2' to '192.168.1.6'.

The policies which I defined in SQUID is working properly but 'Linux Evolution mail' client is not fetching mails.

Is I have to do any other settings on 'Linux System' or 'Evolution mail client'.

View 2 Replies View Related

Ubuntu Servers :: Openbsd (4.9) "server" Compatible With Clients?

Sep 1, 2011

Is openbsd (4.9) "server" compatible w/ ubuntu clients? note: have had no problems setting up ubuntu <> ubuntu sever client but having trouble w/ openbsd <> ubuntu client. "pernission denial" messages from openbsd server

View 1 Replies View Related

Fedora Networking :: F10 As Server And Clients Are WinXP

Jun 21, 2009

I'm setting up a network for a school. The network has 11 client computers (windows xp) and a server (fedora 10) All I need to do is have a share for all the children to use. (this I did by adding each client to the workgroup specified on samba then I just map the drive). The issue turns out to be that I have over 300 users. The users don't always use the same computer therefore I need the users to be registered on all 11 clients. How can I do this? I have been searching and I've not gotten anywhere. How can I add the computers to a domain instead of a workgroup? What can I use?

View 1 Replies View Related

Security :: Centos 5.5 Server - How To Protect From Outside Attack

Dec 21, 2010

I have just configured Centos 5.5 LocalMailServer with fetchmail and sendmail , Proxy with Squid and FileServer with samba. Now my concern is security.. How can i protect my server with outside attack. Will I need to block some ports or I need special tools or script so no one from outside can attack my machine. My machine is working on intranet with local ip only.. No web server or static ip exists. Machine is connected with ADSL router to access internet.

View 5 Replies View Related

Security :: Track DDoS Attack On A Server?

Jan 25, 2011

how can I track a Dos and DDoS attack on a server . Does linux have any goiod known command line utilities and log files to us e in this way?

View 1 Replies View Related

Fedora :: Continuous Fan Noise

Jul 7, 2010

My desktop becomes very quiet once windows7 is loaded.. but the fan, maybe cpu fan runs continuously in fedora 13. though it's not quite noisy, I thought I didn't install the correct drivers for the Asus h55 mb. the mb cd has a directory "isolinux", which contains a boot.cat, isolinux.bin, isolinux.cfg along with two subdirectories, data & src. but isolinux.bin is not executable.. how can I install the drivers in fedora?

View 14 Replies View Related

Server :: Lighttpd - Slow HTTP POST Attack

Jan 31, 2011

[url]

I ran across the above article, which described a DoS attack in which requests are sent very slowly to the Web server. I'm running lighttpd 1.4.28 on a Gentoo Linux server, and I'm wondering if there is anything I could do in preparation to defend against such an attack.

A bug report [url] seems to indicate that there was a patch in place already against this sort of attack, but I wanted to be sure that was the same thing and if there was anything else I needed to do.

View 3 Replies View Related

CentOS 5 Server :: Tracing An Attack With A Wireshark Script

Jun 18, 2009

My data center informed me that my shared web hosting server is producing a massive attack. Attack against who? how? etc?... well.. other than "your server is generating an attack of over 150,000 UDP connections", they did not specify the target IP, nor the specific port. The attacks usually run for less than 5 minutes and pose a threat on the datacenter's firewall itself (from within).

I ran various searches on my server and came up with nothing. (over 300 websites with PHP in 25GB of data, database etc).

I do not allow any shell/bash other than myself, so no other logins are available. (I re-checked /etc/passwd for any bash).

I believe that there is probably some php fsckopen call or something to that degree that responds to a call from an external server. To make it easier to diagnose the problem and then stopping it, I need your assistance developing a simple tracing tool, methodology.

I have wireshark installed on the server.

My thoughts on how to capture this attack (which occurs at random) is as follow:

1. run a service that greps and count the UDP connections currently on the server and does this every 60 seconds. ( a simple one minute cron is enough).

netstat -a |grep UDP -cw

2. Currently the output shows: 0 (zero).

3. I do run a DNS server that can be queried, so I expect to see some UDP calls every so often. However, this is probably going to occur at < 50 entries.

4 . run this logic if no high loads on the server.

If servers load is < 3.00
{
If ( netstat -a |grep UDP -cw ) > 50
{
./tshark > wireshark.hacker.trace<timestamp>.txt;
email me an alert that "hey wireshark was triggered";
sleep (15)
killall -9 tshark
}
}

View 2 Replies View Related

Ubuntu Servers :: Ip Ping Is Continuous, Dns Ping Is Discontinuous?

Aug 5, 2010

When i ping www.google.es, i get something like:Quote:

ping www.google.es
(wait 20 seconds)
64 bytes from 66.249.92.104: icmp_seq=2 ttl:53 time=80 ms

[code].....

View 2 Replies View Related

Server :: Protect My Server From Syn Attack ?

Jun 15, 2011

I want protect my server from syn attack

My server Linux - Cantos 5.6.

View 8 Replies View Related

Fedora Networking :: Unable To Get Continuous Wireless Connection?

Jun 7, 2009

recently I had installed fedora 10 in my acer aspire 4730Z laptop. I successfully configured wireless connection. But I am unable to get constant internet connection. I thought there must be some problem with my OS and I formatted fedora and installed Ubuntu 9 I faced the same problem there Again I installed back fedora , problem not solved Then I thought there must be some problem with my internet connection and I went to my friends house and tried linksys (I have netgear) same problem..I never had this problem when i had windows vistaThis is what my problem is "I AM ABLE TO ACCESS INTERNET FOR FEW MINS THEN CONNECTION FAILED " then i had to wait for few min then everything is fine!!!, then again same thing

View 7 Replies View Related

Security :: Is Server Under DdOS Attack - Not Having Much Load And Only Few Process Runs But Site Opens Very Slow

Aug 5, 2010

I have a server and i think that my server is under Ddos attack. i see that server is not having much load and only few process runs but my site opens very slow. i executed the following command on my ssh:

[Code]....

View 7 Replies View Related

Fedora Security :: Attack Sneaks Rootkits Into Kernel

May 7, 2009

Attack Sneaks Rootkits Into Linux Kernel Quote: A researcher at Black Hat Europe this week will demonstrate a more stealthy way to hack Linux

Apr 14, 2009 | 04:21 PM
By Kelly Jackson Higgins
DarkReading

Kernel rootkits are tough enough to detect, but a researcher this week has demonstrated an even sneakier method of hacking Linux. The attack attack exploits an oft-forgotten function in Linux versions 2.4 and above in order to quietly insert a rootkit into the operating system kernel as a way to hide malware processes, hijack system calls, and open remote backdoors into the machine, for instance. At Black Hat Europe this week in Amsterdam, Anthony Lineberry, senior software engineer for Flexilis, will demonstrate how to hack the Linux kernel by exploiting the driver interface to physically addressable memory in Linux, called /dev/mem.

"One of bonuses of this [approach] is that most kernel module rootkits make a lot noise when they are inserting [the code]. This one is directly manipulating" the memory, so it's less noticeable, he says. The /dev/mem "device" can be opened like a file, and you can read and write to it like a text file, Lineberry says. It's normally used for debugging the kernel, for instance.

Lineberry has developed a proof-of-concept attack that reads and writes to kernel memory as well as stores code inside the kernel, and he plans to release a framework at Black Hat that lets you use /dev/mem to "implement rootkit-like behaviors," he says. The idea of abusing /dev/mem to hack the Linux kernel is not really new, he says. "People have known what you can do with these /dev/mem devices, but I have never seen any rootkits with dev/mem before," he says.

Quote: "The problem with kernel-based rootkits is that the rootkit can mitigate [detection] because it has control," he says. "It's a race in the kernel to see who's going to see who first." [URL]

View 1 Replies View Related

Fedora Security :: Cold Boot Attack Prevention

May 13, 2009

I have full hdd encryption with a rather long key. The thing is the FBI might just show up at my house one day and have a warrant for my PC, and who wants the government looken through there life? I have a few plans on geting my PC shut down before they can get there hands on it. This is all well and good, but if they can sniff my key from the ram It doesn't matter what my key is or weather they find the computer on or off. Anyhow, i was wondering if there was some way I could add a script to the shut-down process that would over-write the ram.

View 11 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved