Security :: Policy That Limits Connections On Port - Encapsulates Total Sum Of All Connections From Hosts?

Jan 21, 2011

Is it fair to say that connLimit and hashlimit are very similiar on Linux i.e. while hashlimit caters to limits for groups of ports, they both set the connection rate limit per host? How in IPTables, do I configure a policy that limits connections on a port that encapsulates the total sum of all connections from all hosts? i.e. I do not want to allow more than 6000conn/minute for port range that is the sum of all connecting hosts?

View 3 Replies


Ubuntu :: 2 Pptp Vpn Connections - When I Dial One Of My Vpn Connections, My Other Vpn Connections Be Disabled?

Feb 7, 2011

have a problem with my network-manager in ubuntu 10.10.when I dial one of my vpn connections, my other vpn connections be disabled and I can't use them!I tried to restart network-manager and gnome-panel, but it does't seem to solve this problem.

View 1 Replies View Related

Security :: Limit Number Of Connections For Single Ip On Port 80 To CentOS 5.5

Sep 5, 2010

How to number of connections for a single ip on port 80 to CentOS 5.5 with iptables? connlimit did not work on CentOS and nginx does not provide a module for that

View 4 Replies View Related

Debian Configuration :: Port (exp. 1001) Have 20 Connections That The Next New Connection Forword To An Other Port (exp.1002)?

Jul 15, 2011

i want if a port (exp. 1001) have 20 connections that the next new connection forword to an other port (exp. 1002).

View 2 Replies View Related

Fedora Installation :: Network Connections Is Inactive - Cannot Set Internet Connections

May 30, 2011

I recently installed Fedora 15 now, and during installation I set the internet connection manually, then did update and after reboot, the internet connection settings have been removed. Now I can not set because the network connection to the Internet Connection is inactive. I mention that before the update was functional internet connection.

View 5 Replies View Related

Networking :: How To Handles Port Connections

Apr 17, 2010

I'm not sure if this is a Linux standard, but I've always understood that Linux restricts usage of ports below 1025 to root-user only. My question is why was this method developed?My theory is that it's to reduce the possibilty users who may not be as knowledgable with Linux from getting hacked. This is probably wrong though as ports 1025-66535 are available to any program as any user.

View 1 Replies View Related

Networking :: NFS - No Tcp Connections Port 2049 ?

Apr 13, 2011

I explain my problem:

- Server with Slackware 10.1.0 no have tcp connection to the port 2049. And I need that this server have tcp connections.

- The rpcinfo out is.

- The kernel version for this server is linux-2.4.29.

- The file /etc/rpc contain is:

- And the file /etc/service contain about nfs is:

View 20 Replies View Related

General :: Is It Possible To Use Port For Multiple Connections?

Feb 18, 2010

A deamon say ssh will be listening on port 22. when a new connection is requested by the client, it will be authenticated and a new connection gets establihed with some port say 1025. And ssh will continue to listen on 22 for new connections.If I am correct then in my machine I observed following connections are establised to ssh port 22, As per my understanding connection should be established on a different port other than 22.

View 3 Replies View Related

Debian Configuration :: Refuses Port Connections - VNC

Sep 29, 2010

I'm trying to setup VNC on our debian server so the boss can remotely do admin stuff from anywhere in the world. the first step is getting it working from anywhere in the room, though. And I can't even seem to get that far.

So far I have a VNC server setup, although not without problems. I downloaded and installed vnc from the vnc site, that wouldn't work because trying to start a vnc server gave this error: "error while loading shared libraries: cannot open shared object file: No such file or directory"

There are lots of results on google for this error, and the solution everywhere seems to be the same. to install the package: libstdc++2.10-glibc2.2

However, trying to install this package in debian fails. both using apt-get and trying to manually download it from it just doesn't seem to exist.

I've tried tightvnc from the official repositories and it gives the same error, too.

The way I got around that eventually, thanks to another tutorial, was to install the package vnc4server. then run vnc4passwd to create a password. and after that vncserver works fine, or seems to. Creates display 1.

Now, when I'm trying to connect to hostname:1 from another computer in the LAN. It gives error 10061, connection refused. I installed the debian and I don't recall setting it up to refuse connections on port 1. Is there anything I should check or change to allow the connection, or any log file in debian to check and see what's going wrong?

I'm also trying connecting internally via client on the debian machine, but I can't runvncviewer. I get the same missing shared library error as before. I guess I just worked around, not solved it.

I also can't access it with the java viewer. Trying to connect on port 5801 either from the server itself, or from another one on the lan, tells me it's refusing the connection.

To be clear, I'm certain that the vnc server is started. We have working DNS, and trying to connect directly to the internal IP:1 doesn't work either.

View 6 Replies View Related

Ubuntu :: Allowing Incoming Connections On Port 22 From Anywhere?

Jul 19, 2011

I'm trying to get VNC working but I'm getting this error message:


ssh: connect to host my_ip_address port 22: Connection refused

When typing:


ssh -f -L 5900:localhost:5900 user@my_ip_address x11vnc -safer -localhost -nopw -once -display :0 && sleep 5 && vncviewer localhost:0

I'm trying to follow the instructions here: [URL] but I'm struggling with point 2 & 3:


2. If you have previously reconfigured the firewall on your PC, make sure the firewall allows incoming connections on port 22 from anywhere, and on port 5900 from localhost (also known as

3. If your PC is behind a home router, or any other device that uses NAT, configure your router to send connection attempts on port 22 (but not port 5900) to your PC

So my questions are:

1. I installed a fresh version of Ubuntu 11.4, should I be concerned about step 2? If so, how can I allow incoming connections on port 22 from anywhere, and on port 5900 from localhost?

2. Regarding step 3, I'm using NETGEAR model DGN1000 router. Is that something that I should do from the router's setting page or it's some commands that I should pass through SSH?

View 1 Replies View Related

OpenSUSE Network :: Router With 2 DSL Connections Not Port Forwarding?

Apr 26, 2010

I'm running suse 11.1 which is configured as a router. Configured are two DSL connections with static IP's and one LAN connection (3 NIC's all together).

Problem: suse firewall will only port forward connections from one of the DSL connections and not the other.

Because I'm running two DSL connections is there something special I have to turn on/enable on the firewall?

View 1 Replies View Related

Server :: Apache Virtual Host To Limit The Concurrent Connections Of Virtual Hosts?

Jul 3, 2009

apache virtual host to limit the concurrent connections of virtual hosts? Taking into account the host of each virtual user's home directory can also have more than one subdirectory, which should be restricted to a subdirectory. Is beyond the control of the operation of these sites in a subdirectory. Best local restrictions or limitations to the overall situation.

View 1 Replies View Related

Networking :: Open Port# 9171 On OEL5.5 Server To Accept Connections

Feb 18, 2011

Our DBA has an application running on Server2 which needs to connect to Server1 (Linux OEL5.5 server) thru port# 9171. I use telnet to test basic connectivity.What should I do on Server1 in order to open up port#9171 for connection.

View 4 Replies View Related

Security :: Getting The Connections To IRC Server?

Feb 4, 2010

For some time now I've been noticing the network activity light for my linux box blinking like mad on my router. After a little looking around for ways to see what connections my box has established, I found the following using lsof -i


bash 13839 root 1u IPv4 3118972 TCP shana:49148-> (SYN_SENT)
bash 13839 root 2u IPv4 3118986 TCP shana:34323->


I know I'm not using IRC, and I have my sshd locked down fairly tight, requiring a key to log in, so obviously, it looks like there's something or somebody in Croatia (the origin of that IP address) connecting my system to for some nefarious purpose. Looking at my processes, ID 13839 shows up as


13839 ? S 0:00 bash
Just 'bash', not '-bash' as


13426 pts/0 S 0:00 -bash

my session appears. Previously, this odd bash process was ID 2704, which seemed to imply that it had launched fairly soon after my system booted up which really makes me wonder. Oh, and yes, I did kill that 2704 process, and it returned as this 13839. 2704 also had those same IRC connections present in lsof.

View 12 Replies View Related

Security :: Block Ips With Lot Of Connections?

Oct 31, 2010

on my linux server i have many websites but with difrent ips address, is some way to i can block all the ips with many connection (100+) just from my website not from all websites

View 5 Replies View Related

Security :: Incoming Connections On 445?

Apr 11, 2010

Its been really bugging me that whenever I scan my connection with wireshark I see this one person sending me a SYN packet every minute on port 445. I know this is the dangerous port that the Conficker worm travels along. So far my computer seems to be immune and I know, at least on the Linux side that I can just add a rule to my ip tables to block that port indefinitely. I want to know what the next step is.

00 0c 41 b2 e4 1d 00 11 09 b2 2f 0e 08 00 45 00
00 30 91 84 40 00 80 06 d1 c7 46 4f 86 29 XX XX
XX XX 10 43 01 bd 9e 23 d6 27 00 00 00 00 70 02
ff ff 65 58 00 00 02 04 05 b4 01 01 04 02

This is one of the packet captures I am getting. After sending me this and getting no reply, all of a sudden he goes up an ip. Basically this would be the pseudocode for what it looks like hes doing on my end.

for(int i = 1; i != 255; i++){
send_connection_attempt("XX.XX.XX." + i);

To me this looks like this guy has hijacked a computer and is using it to run a script over. He is still scanning my network as I said earlier, what should I do? Should I contact my ISP? or just nail down the hatches and make sure nothing is exposed on my network?

View 3 Replies View Related

General :: Pam - /etc/security/limits.conf For Setting Program Limits?

Feb 9, 2011

I have the following inside /etc/security/limits.conf(I have specified root separately because * will not include it.)

user2 - core unlimited
* - core 0
root - core 0


View 2 Replies View Related

Ubuntu Security :: Does Krfb Keep A Log Of VNC Connections

Sep 24, 2010

I checked all the logs in /var/log but couldn't see anything (I was hoping /var/log/auth.log would have it, just like it has ssh connections in there). I've got a machine that several people VNC into and I would like to keep track of things. Are there other VNC servers out there that keep logs? I could switch, but I went with krfb because it works perfectly for me and came already installed.

View 2 Replies View Related

Ubuntu Security :: UFW Is Blocking Connections Even Though It's Set To Allow For In/Out

Aug 1, 2011

I might be misunderstanding the log but it looks like UFW is blocking connections. I want to allow all incoming and outgoing. I guess what I'm saying is that the servers on my computer will open ports but all other ports should respond with closed just like a default Ubuntu install. Trying to use UFW to monitor connections without really doing any firewalling.

Aug 1 07:14:07 universal-mechanism kernel: [311111.963762] [UFW BLOCK] IN=eth0 OUT= MAC=00:1f:c6:8a:e9:66:00:01:5c:32:f4:c1:08:00 SRC= DST= LEN=40 TOS=0x00 PREC=0x00 TTL=233 ID=51984 DF PROTO=TCP SPT=80 DPT=54466 WINDOW=8201 RES=0x00 RST URGP=0

View 2 Replies View Related

Security :: Limit The Number Of Ssh Connections?

Dec 13, 2010

Dist: Fedora 14
SSHD: OpenSSH 5.5p1

I need to limit the number of ssh connections a user has. All the users are using tunnel only so their shell is set to /sbin/nologin The logins do not open a shell they just create the tunnel so /etc/security/limits.conf has no effect on them at all.

I tried setting 'MaxSessions 1' in sshd_config but either that doesn't not do what I expect it to or it plain does not work as even with a normal user I was able to open an unlimited number of sessions. I need a good secure way to limit each user to 1 ssh session without them having a shell but Im unable to find a solution.

View 13 Replies View Related

Ubuntu Security :: Firewall Does Not Block Tor Connections

Oct 2, 2010

I have noticed interesting problem. I use two browsers - Firefox and Konqueror. Konqueror is configured to use tor, Firefox not. Using Gufw I block all incoming and outgoing traffic and it works while using Firefox, I mean that I can't view any www site and it is ok. But if I use Konqueror I can establish any conection. How to understand this? Should I have different firewall while using tor?

View 5 Replies View Related

Ubuntu Security :: Firewall For Watching Connections?

Jan 4, 2011

I know that GNU/Linux does not need a firewall (due to iptables), but I would like a basic firewall that would watch incoming and outgoing connections. I would prefer it to have a try icon and be able to run as a regular user, such that I can add it to my .fluxbox/startup file. Anyone know of any good ones? They don't actually have to interface into iptables (because I would do that myself), but if they do it would be a bonus.

View 4 Replies View Related

Ubuntu Security :: 10.10 - Inbound Connections And Firestarter

Apr 6, 2011

I am running Ubuntu 10.10 I have an question about the firewall Firestarter, when checking the firewall it told me there are 9 serious incoming connections what must I do with this info. Inbound is normally blocked as standard i have also see that someone with port 1234 and 12345 have trying to attempt mine system but failed all trojan ports are fully blocked.

View 2 Replies View Related

Ubuntu Security :: Iptables To Allow HTTPS Connections Only?

Jul 16, 2011

I have tried to configure my iptables to allow only HTTPS connections to the internet. Unfortunately, I didn't get that to work. I configured it like this:


iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -t filter -p tcp --dport 53 -j ACCEPT
iptables -A OUTPUT -t filter -p udp --dport 53 -j ACCEPT


Of course I am only trying to access websites via HTTPS Still, I was wondering if HTTPS somehow under the hood requires the HTTP port to be open or if my rules are in some other way wrong.

ps: I got the rules from that website: [URL]

View 9 Replies View Related

Security :: Adjust Iptables To Only Inbound Syn Connections

Apr 7, 2011

I'm trying to adjust the firewall to only inbound syn connections.

To Allow all home subnets access to port 53 both tcp/udp but deny the rest.

View 1 Replies View Related

Security :: Active Connections Showing In Firestarter 1.0.3?

Feb 26, 2010

I am running Firestarter on Ubuntu 9.10 64 bit. I have noticed several times that after closing all web apps (Firefox, Thunderbird) that some entries remain under the heading "Active connections" on the Firestarter "Status" tab. Often these show no source program. Currently I have 2 showing which show Firefox as the source. These persist after Firefox is shut down. I have verified that no Firfox process is running. And both of the IPs point to google.I have Disconnected eht0 and they still show. I have logged out and back in and they still show. I must reboot the machine to make these entries go away. Which makes me think perhaps this is a bug in Firestarter(?) Is there another way I can identify truly active connections?

View 2 Replies View Related

Security :: Restrict Number Of Sftp Connections?

Nov 9, 2010

if i want user should`t have more than 20 sftp connections to a server,is there any way we can limit no.of connections to a particular user on the server using ssh configuration

View 7 Replies View Related

Ubuntu Security :: Mobloquer Blocking Outgoing Connections?

Jan 18, 2010

Mobloquer starts up at boot and before I've even opened firefox or transmission or anything, mobloquer shows that is has started blocking several outgoing connections as well as ton of incoming connections. I was wondering if the outgoing connections is normal and what's a normal amount of network activity to show up in system monitor when I'm not actively using the internet.

View 2 Replies View Related

Ubuntu Security :: Finding Connections On Ports Despite Ufw Rules?

May 2, 2010

my ufw rules have been loaded and active yet using iptraf i see tcp connections on ports that were never allowed by ufw. can anyone explain this too me does ufw just not work?

View 6 Replies View Related

Security :: IPTABLES Vs Other Firewalls / All Network Connections That Come In To Services That Do Not Use TCP Wrappers?

Jul 23, 2010

I'm having problems with hackers from across the globe trying to get into our servers. Why? i have no clue. nothing of value in my servers worth getting.

Right now my service only does business with USA. So I'm trying to find a way to block all Non USA traffic. I called my hosting provider and they are unable to help. Said it was up to me to do this.

Well I've already taken care of the TCP Wrappers. by spawning a small C program i made that uses MaxMind's GeoIP system. to automatically deny access. Now i need to do something about all the other network connections that come in to services that do not use the TCP wrappers.

So i was wondering if IPTABLES have a way to spawn a sub proccess like TCP wrappers or if there was any other firewall software out there for linux that would let me achieve my goal.

View 10 Replies View Related

Copyrights 2005-15, All rights reserved