Displaying 20 results from an estimated 5000 matches similar to: "Secure? Samba over internet"
1998 Jun 17
0
Re: Linux and IPFWADM
On Tue, 16 Jun 1998, Avery Pennarun wrote:
> Here is the script I use on my home IP masquerade system. It is designed
> to deny everything except what is specifically allowed in some of the
> definitions near the top. Note that there is one fatal problem -- the
> input firewall is changed to allow incoming data back to ports 1024
> through 65535, because any of those might have
1998 Jun 20
0
Named and Firewalls
Since it seems that named is theme of the month. I though I would present
an example of using firewall to protect your bind service.
One of reasons for presenting is that in all examples shown so far
it seemed that everyone suggested to leave named full-open. However,
it does not always have to be case. Say, if you are running an private
network then you want just to allow named get data
2002 Jul 06
0
FW: Newbie Help
I guess you are in what I think of as "Newbie Hell." It sounds like you
are learning linux like a lot of people, all by yourself. That's how I
did it, and it is maddening and worse, very time consuming. The important
thing is not to keep hitting your head against the brick wall over
and over.
So, what to do.
First, I would join a linux email support group. I belong to a very good
1998 Jul 30
0
ipfwadm configuration utility
* I sent this to the guy doing the Securing RH 5.x online book, but this
is not RedHat specific, should be good for all Linux'es (?). I haven't
seen anything on here about this, so my apologies if maybe I missed it.
>Date: Thu, 30 Jul 1998 08:37:27 -0400
>From: Alan Spicer <aspicer@ebiznet.com>
>Organization: Electronic Business Network
>X-Mailer: Mozilla 4.05 [en]
2009 Aug 18
3
Rules based on ipmasq
Hi,
I had installed squid with ntlm authentication and content filtering
from this tutorial:
http://www.howtoforge.com/dansguardian-with-multi-group-filtering-and-squid-with-ntlm-auth-on-debian-etch.
Next to last point is firewall configuration by ipmasq but I have
installed shorewall. This is content of I89tproxy.rul file:
#!/bin/sh
#
# redirect http requests to non-local hosts to the
2011 Jan 14
1
Spectralink 8002
Hello,
I hope this isn't too off topic, but I'm attempting to set up a Spectralink 8002 Wifi phone with our Asterisk installation, and seem to be running into a brick well (more of a wall than others that have posted their experiences). My problem is that the phone boots, associates with the wireless, grabs an IP (tried static too - same thing), contacts the TFTP server for firmware, then
2006 Feb 09
0
I need help on VICIDIAL and auto dial
Vicidial can't call and transfer to my softphone.
I get some line that says
Spawn Extension....exited on non zero....
Here's some of the CLI output. I am using Asterisk 1.2.4 and astguiclient
1.1.8
...thanks for the help
|SELECT count(*) FROM vicidial_auto_calls where status = 'LIVE' and
server_ip='127.0.0.1' and campaign_id = '' and call_time <
2006 Feb 09
1
Re: Help on Vicidial
Here is another log from the * server CLI, I reall hope some one can help me
out on this one. thanks
|SELECT count(*) FROM vicidial_auto_calls where status = 'LIVE' and
server_ip='127.0.0.1' and
campaign_id = '' and call_time < "" and lead_id != '';|
-- VDAD get agent: |0|update of vla table: |127.0.0.1
|UPDATE vicidial_live_agents set
2004 Jan 28
4
Problems with HTB (ceil being overpassed)
We run a Hosting farm behind a bridge/iptables firewall setup running
Gentoo with kernel 2.4.20-gentoo-r6, connected to a dual 15Mbps
international internet pipe / , as this:
Net Pipe --------- eth1 Bridge/Firewall eth0 -------- Internal Hosting
Network
lately we have been looking at htb to somehow control excessive usage from
the users behind, but in our implementation there seems to be an
2010 Oct 28
3
SIP client floods port 5060 and gets blocked
Hello,
Is there any reason why an IP-phone would pounder on port 5060 ? My
firewall blocks the public IP because it thinks the remote IP is port
scanning on port 5060.
I think the phone is just registering but for some reason it does this
repeatedly in a very short time.
Oct 28 09:01:48 astserver kernel: Firewall: *UDP_IN Blocked* IN=eth0
OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:00:00
2020 Oct 23
0
new dc does not allow login..?
To fix this, i would start with.
First, set the first AD-DC its resolv.conf to
SERVER_IP=$(ip -o route get to 8.8.8.8 | sed -n 's/.*src \([0-9.]\+\).*/\1/p')
search $(hostname -d) > resolv.conf.new
nameserver ${SERVER_IP} >> resolv.conf.new
nameserver 8.8.8.8 # because we want a fallback to internet, for now. >> resolv.conf.new
mv /etc/resolv.conf{,.backup}
mv
1998 Oct 06
1
Unwanted browse lists
Michel,
One approach that hasn't been suggested is to block access to the netbios
nameservice port on the samba host with a firewalling rule. That way the
other computers on the subnet can't register themselves with nmbd.
Suppose that your internal network is all within the 192.168.15.0/24
network. Each Windows workstation will automatically announce itself with
a udp packet broadcast
2004 Aug 06
2
Bug in ices, playlist mode (ices kh47, libshout kh22)
Hello,
ices kh48 seems to have some trouble...
See the stranges characters avec metadata update. (before, it was written bad address)
and also, it is not connecting to icecast: socket error, ...
I go back to kh47 for the moment.
Chris
[2003-11-25 10:45:50] INFO ices-core/main Streamer version IceS 2.0-kh-pre48
[2003-11-25 10:45:50] INFO ices-core/main libshout version 2.0-kh22
[2003-11-25
2006 Feb 21
1
Shaping by IP''s
If in one time 3 IP adresses using internet. TC script:
DEV=eth0 # LAN
SERVER_IP=192.168.1.2 # eth0 ip address
tc qdisc add dev $DEV root handle 1: htb default 255
tc class add dev $DEV parent 1: classid 1:1 htb rate 384Kbit quantum
1500
tc class add dev $DEV parent 1:1 classid 1:20 htb rate 128Kbit ceil
384Kbit prio 0 quantum 1500
tc class add dev $DEV parent 1:1 classid 1:21 htb rate 128Kbit
2020 Nov 01
0
4.13.1 make test failed
Hello
I try today to install samba 4.13.1
?
./configure run without error
Make run without error
Make Check Failed
Debian 10.6
Also all required Packages are installed
--
# cat summary
= Failed tests =
== samba4.blackbox.demote-saveddb ==
command: PYTHON=python3
/usr/src/samba-4.13.1/testprogs/blackbox/demote-saveddb.sh
$PREFIX_ABS/demote
2005 Oct 14
2
"Please Press Any Key to Accept a Call"
Hi,
I'd like to add a feature to my asterisk system that tries to find a user among a couple of locations, and then goes to internal voicemail if the user doesn't pick up. (e,g, an internal extension and a cell phone). The catch is that I want the user to manually accept the call to prevent it from going (for example) to the voice mail on my cell phone.
Scenario
* Call comes in,
2004 Sep 22
3
Strange DNAT problems with shorewall 1.4.8
I''ve had some issues with my network, and I''ve had to reconfigure my
Gibraltar CD. It runs shorewall 1.4.8, and I have a 2-interface setup, so
I downloaded the relevant files from the install page.
Masq and such works, but I''m having a problem with my port forwarding. It
works for port 22, but it doesn''t seem to work for any other port.
I''ve turned
1999 Jan 18
0
ipfwadm and filtering ICMP?
I would like to allow certain types of ICMP traffic and not others.
Is there a way, with ipfwadm do this? I currently either can deny
access to ICMP for what I want or allow it.
Any good examples out there?
[mod: Please summarize in about a week, OK? -- REW]
--
--
#include <std_disclaimer.h>
Peter Kelly
Email: pkelly@ETS.net
PGP Public key: http://www.ets.net/pkelly/pgp.html
Key
2002 Apr 19
2
out of memory in build_hash_table
I recently installed rsync 2.5.5 on both my rsync server and client being
used. I installed the latest version because I was having problems with
rsync stalling with version 2.4.6 (I read that 2.5.5 was supposed to clear
this up or at least give more appropriate errors). I am still having
problems with rsync stalling even after upgrading to 2.5.5. It only stalls
in the "/home" tree
2006 Aug 16
1
Email dictionary attacks and firewall
I keep seeing 'Joe Average compromised computer on broadband' being used
to do email dictionary attacks on our systems. Seems I always have
several domains going through these. One in particular has been in the
'a-' list for weeks with about 20,000 attempts per day from various
systems. Yeah, I do have a system which blocks email from these systems
for a period of time after 3