Ubuntu Security :: Unable To Install Amanda On Any Computers Or Server And The Port Is Not Forwarded By Modem Or Router?
Nov 17, 2010
I did a port scan on my server from outside my network and saw that port 10080 AMANDA is open.Amanda isn't installed on any of my computers or my server and the port is not forwarded by my modem or router. So why is this port open and how can I close it?
sudo ssh -L 750:192.168.123.103:873 firstname.lastname@example.orgIt does exactly what it's supposed to do, but how do i edit / remove this rule?Is there some config file where i can alter the forwarding? How does it get stored?Im using Ubuntu 10.10Server Edition (allthough i recon it would be pretty much the same across all versions
We are forwarding logs (perl script executed logs) to one Red Hat Linux box. We have to get 97 logs for each time the script runs. But we see inconsistent number of logs coming to Linux box. Like one time we got 56, other time 3 , other time 43.. like this.. We are sure that 97 logs are being forwarded. Checked the Rsyslog.config filer any filters and couldn't see any filter dropping them. When we run the tcpdump, we can see 97 connections, but logs are not there in specified location.
As it stands I have a small home network operating behind my modem/router. Some of the ports on this are forwarded to my PS3 for gaming but I was looking at forward some for my file server.
At the moment I've forwarded port xxx22 to port 22 on my server for SSH for instance. ANd similarly 21 for FTP (although it doesnt seem to want to connect for any more than a few seconds using that). What I was thinking of doing was placing a small website for a handful of ppl to use on the server too and port forward again - xxx80 to 80. It works just fine but I'm a little concerned on the security front.
As I've moved the port to something different from the outside world I'm presuming I will have already cut the potential for malicious folks to wander in but is there anything else I should be doing? At the moment there's no firewall operating on the server, usually as its hidden behind the modem/router. But if I open this thign up more permanently what should I be doing? I've read a few articles on it but I'm always left with the overwhelming thought of "Thats if theres no firewall in my router" as they just seem to do the same.
I have my own internal bind9 server, for my local domain, and I forward internal requests for public domains to OpenDNS servers. This server is not in a DMZ, but is instead behind an dynamic NAT. I do not accept queries from the public network, only responses. I understand that DNS is primarilly a UDP protocol, so it can't pass through a stateful/nat. without a firewall allow.
I've done a little reading and learned that bind9 does not run 53 <-> 53 anymore (is now >1024 <-> 53), and modified my config so it works like bind4 did, but I am concerned that this makes me less secure. additionally, I'd really rather not have a completely open 53 rule, but it seems that if I constrain 53 traffic to my known forwarders, it interfers with some of my network services like transmission. so, what firewall rules would you guys recommend for recieving forwarded DNS query responses to my server?
My 2Wire router/modem I got from AT&T for my DSL has port 3479 TCP open and I can't figure out how to close it. It's open to the entire internet. From a quick google search it's some port AT&T can use to update the modem's firmware or something.Consider how in bed AT&T is with government agencies it seems like a easy way for the government to get into my home network just by using what seems to me a backdoor put there by AT&T. Anyway to close this or secure it. Right now I'm using the hardware as my main router for my home network. I have Linsys I modded with DD-WRT. I'm thinking of re-configuring my network to use the DD-WRT router as the main router and the 2wire just as a modem. The 2wire is a hybrid modem/router and I'm kind of lazy and don't feel like re-configuring my entire network if I can just close the port.
I have some issue with my amanda backup server, which is connecting with Scalar Quantum i500 via FC. I got the error as below 3 days ago. These dumps were to tape 000289. *** A TAPE ERROR OCCURRED: [No more writable valid tape found].
Normally I will load the proper tapes and run the amflush to push stuff from the holding disk to tapes manually. However this time amflush in this case did not help, Amanda immediately responded with an out of tape error again.
Meanwhile I got some errors from dmesg as well st3: Error 18 (sugg. bt 0x0, driver bt 0x0, host bt 0x0). scsi1 (0,3,0) : reservation conflict
I've recently been taking a look at my router settings and I've realized i have my vnc port open for some reason. I don't know how or why it got opened because I've only used vnc within my private lan. Anyway, the problem is I couldn't figure out how to close that port on my router, so I just uninstalled all the vnc software from my computer so it wouldn't act like a vnc server for anybody trying to access it from the outside. So, effectively, I cannot vnc into my computer from outside my private lan, but when i port scan my public ip, the vnc port still appears open.
I'm wondering if there's something i'm missing. I'm sure it must be something in the router that I haven't figured out... something that's keeping port 5900 open.
I am trying to make a vnc connection from pc #2 to pc #1. Pc #1 is a debian pc behind a zyxel router (P-2602HW-D1A). Pc #2 is a windows xp pc another place at the internet.I have configured the zyxel router to forward incomming trafic on port 5902 to the local ip-adress of the debian box. The debian box is running a vnc server, listening on port 5902.But i dosn?t work.I have tryed to scan the zyxel routers ipadress on port 5902 from the internet, but the scanner says that the port is closed.The vnc server on pc #1 is working fine on the local network. I can connect to the server from a pc on the same side of the zyxel router.Is it deffenitly a router problem, or could it have something to do with debians own firewall?
Say I have Computer A behind a router with NAT. I'm unable to add any port forwarding rules to that router. Then I have Computer B with a public IP address that I want to forward X windows from. This computer is headless, but does have a video card so X windows can be used. Here are some of the things I'd perform to setup my scenario.
1. Computer B, I'd run xhost + public_ip of NAT router. 2. Make sure that computer B's sshd service has X11 forwarding enabled. 3. SSH from Computer A to Computer B with the X windows forward option. 4. Once in Computer B, set the DISPLAY env variable to the public_ip of NAT router. 5. On Computer B run xclock.
At this point I'd expect to see an instance of xclock originating from Computer B onto my desktop. However this obviously won't work. The problem is that when the request is made to Computer B to forward the instance of xclock to Computer A the forwarded instance of xclock will get stuck at the NAT router. Without a port forwarding rule the NAT router will not know which internal IP to route the instance of xclock.
Here's my question. Is there any way for Computer A to initiate a connection to Computer B and then forward the instance of xclock? That way if it uses that same connection the NAT router will know which internal IP to route it to because it would be an active connection in the router's routing table. Or is there an alternative? Of course I can vnc into another computer outside the NAT network and then forward an X window to it just fine. But in the spirit of expanding my knowledge on X windows I'd like to see what is possible.
One inconvenience I face now, though, is that I cannot tell if I have already forwarded certain messages or not, because the message is not automatically tagged as forwarded. how to set it up, so it would indicate in the list that the message has been forwarded?
I am trying to make my home server accessible to the whole web. I have installed Nginx on my Fedora 15 64-bit Linux machine, and it works with localhost but it doesn't work online or allow other computers on the network to access it via the IP address. It keeps coming back with: Could not connect
I have port forwarding. I have even tried different ports but they all seem to be blocked. What could be wrong? I have a netgear router.
when i typed command /usr/sbin/amcheck intra on client side i got following error.(expecting a new tape)
NOTE: info dir /var/log/amanda/intra/curinfo: does not exist NOTE: it will be created on the next run. NOTE: index dir /var/log/amanda/intra/index: does not exist NOTE: it will be created on the next run.
I'm using a Debian box as a gateway. I'm planning on bridging my DLink 604T modem/router so that traffic on the LAN goes to my gateway (which only has one NIC). The Debian box is running a PPPoe application which I'm hoping to log into the ISP through the DLink. I plan to configure the box as a squid transparent proxy. Most Howtos I've seen use NAT with 2 NICs, eth0 for the LAN and eth1 for the Internet. Any step-through to set up NAT for this?
I'm trying to get my SSH server I set up on my home box working from behind a router. A 2wire 2700HG-B gateway, in fact. Now, I know my server is working fine, because I can get into it via loopback, anywhere inside the LAN from another machine, OR if I go into the router's config and enable DMZ for the machine. However, I don't like having DMZ on all the time because of the kludge-ness of it, and the security issue of the complete absence of a hardware firewall.If I try to port forward and access it from outside the LAN using the external IP (or my DynDNS, because it's dynamic), it just times out. I have a nonstandard port (45) for the listen port of the server, to keep away hack attempts if I were using the standard 22. I used this to see if the port was open, and it said it was. But, I tried the trick of telnetting the IP with that port, and it also timed out, instead of printing stuff about OpenSSH.
Attached is a screenie of my router's firewall page, so you all can look at it and see if I'm an idiot and doing it wrong. You might notice uTorrent there, it's because this machine is a dual-boot with 7, and the router doesn't differentiate the OS's. Also the SSH @ 46 port is for the Windows side, with freeSSHd. I changed the port on that one so the client I have can distinguish them, so it can run a reachability test.
Just setup an ssh server...kinda. I need to forward the port (22) through my router. I have forwarded ports before for programs so the whole thing isnt a mystery. But i need to know what to put in for a couple boxes.... Private ip: ? protocol type: tcp, udp, or both?
I have a home network with a linux dhcp server and a couple of clients. The Internet comes from a dsl modem with a different subnet than my wireless router. The network works fine and I have no problems, but I now need to ssh to a work computer and the only way I can do that is if I drop the security in my dsl modem. So I thought all I need to do is use port forwarding on my dsl modem, but it won't let me because it is on a different subnet. I tried putting the dsl modem on the same subnet, but that did not work and made it so I could not access anything.
1. Need to connect 2 CCTV DVRs and view from remote. 2. Can get a static IP address. But I dont know if this is a secure way since any once can view if the know the ip address. 3. Question is : is it possible to connect the DVR( s) to a linux server which will get user name and password before letting us view the DVR. Currently there is one set as follows: 1. From location X a device is connected to location Y using leased line and static IP (12 kms distance). In location Y a router is placed and port forwarding is configured. From Location Z using internet and remote desktop concept the device at location X is viewed and data captured. Is it possible to use a similar concept but with some sort of security authentication procedure in place.
I'm building a new router for my home. I have a pci-x motherboard with two network connections on the motherboard, SUSE 11. I intended to use one network connection for the external zone and the other for the Internal zone, (the internal port going to a four port switch). Recently, a friend gave me an "Intel PRO 1000 MT PCI-X Quad-Port Adapter C32199" which will plug into my motherboard, presumably giving me a total of 6 (4+2) network connections. 1) Can it be as simple as setting one network connection to "external zone" and the other five to "Internal zone", and plug my other computers into the internal zone connectors, eliminating the need for a switch?
2) There seem to be a lot of these QUAD server adapters on Ebay; how where they originally used?
3) Can I dedicate one internal net-port for some exclusive traffic (e.g. all mail, going to network connector 3, connected to the mail server)? IPtable rules?
I couldn't connect my Micromax 300G modem in Debian Linux. From internet (in Windows Vista), I came across the information of USB_ModeSwitch and then I downloaded it. While going to install it, I came across the problem that TCL-interpreter is not available in Debian Linux. Then again I restarted my laptop in Windows Vista and connected my Micromax modem and from internet downloaded TCL8.5.10-src.tar.gz. But while going to install it, I came across the problem that " configure: error: no acceptable C compiler found in $PATH " . Also as presently, I am unable to connect my modem therefore I am unable to issue the code:" apt-get update ".
if i have Fedora 13 installed on a desktop and on a laptop, can i organize so that both machines use the same dsl connection? I have an external DSL modem that is currently connected to my PC via an ethernet cable. When I want to use my my laptop I usually unplug the dsl connection from my computer and plug it into my lap top. is there some way i can have it connected to both?
I've setup OpenVPN-ALS (formerly known as Adito) on Ubuntu Server 10.04 edition. I have a security router (Untangle) in front of my internal network. I have a domain name and an SSL Certificate setup on our security router. I can access our web interface on our security router with no problems.
I've setup a portforward rule on our router to access this OpenVPN-ALS portal and I can access it, but I get an invalid certificate message. So I've bought another SSL certificate to install our our Portal, but I'm getting an error message when I enter in our information at the provider where I've bought the certificate.
Common Name does not contain fully qualified domain name. I'm not sure what the problem is. Do I use the hostname I've setup on the portal or do I use the hostname on my security router when I setup the SSL certificate on our portal?
Are there ways to link computers together with a linksys router to get increased performance? Can I create this cooperative supercomputer on the same router that my internet runs through? Can I run Windows on top of this supercomputer to get increased performance in the audio field where I need it most?
- CAN connect to other computers - ssh and vnc over the home network (via D-link 524 router). - CAN get an IP address via DHCP - CANNOT get internet connections - including router at 192.168.0.1 - CANNOT even ping router (but I get an IP address - weird) - Other computers on the network CAN access internet - Live CD could not access internet
results of ifconfig
I am wondering if his ISP could be doing this - he has received a warning letter about bitorrent. Could the isolate a single computer behind a NAT router?
This is the results from dmesg:
I have tried:
- to set proxy settings as "Direct internet connection" - disconnecting power to (including 30 sec wait): modem, router, computer + unplugging ethernet from computer - Live CD (he only had an old one 7.10) which also didn't connect to internet, but as I am remote, I couldn't do any more. We are downloading a 10.04.1 iso for him to burn tomorrow, and will try that again. - Uninstalled Crashplan which was the last software that we installed (and it was working ok).
I am currently ssh'ing into another computer on the network that IS working, and then ssh'ing into my Dad's computer - including a VNC session (tunneled through both machines and router).
If I have a desktop with a USB wifi adapter connected to the internet through an ethernet cable, is it possible to create a wireless network using the adapter that will allow other users to connect to the internet through mine? I'm in a fairly low-tech place for the next few weeks and getting a router isn't likely.
If it's possible, anyone have links or instructions for how to do it?
I downloaded the usb-modeswitch and usb-modeswitch-data as suggested by one of the users from [URL] but whenever I try to install after going to the folder using sudo make install, none of the packages get inatalled. I am a new user and I am using ubuntu 9.10. I want to use my MICROMAX 300G USB modem to surf internet but can not do.
I'm trying to install my first linux system. I would like to use it as a server on an old 386 PC.For the internet connexion (ADSL) i use a Speedtouch USB modem.When i list the peripheral installed on the system, i see the modem with apparently a driver, but the device is listed as non classified. For me it should be directed to DSL0 but..According to some tuto i declared a DSL connection, ppp with ATM (VPI8 and VCI35).I launch the connection with pinternet but the connection failed.