similar to: sshd doing dns queries on localhost?

Displaying 20 results from an estimated 300 matches similar to: "sshd doing dns queries on localhost?"

2014 Apr 04
4
Asterisk 1.6
Hello All, my asterisk server is constantly under attack [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '"4941" <sip:4941 at public_ip>' failed for '194.100.46.132 194.100.46.132:56714' - Wrong password [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '"4941"
2015 Aug 14
2
chan_sip.c: Retransmission timeout reached on transmission
Hello friends: I am facing cutoffs randomly when negotiating calls. The PBX dials the destination, the provider (softswitch) receives the request *[1]* and sudenly the PBX hangs up the call* [2]* while the provider is still dialing it, as a consequence the remote peer receives a ghost call. Along the atempt I could see six times a messages regarding NAT isuues *[3]* I hope anyone can give me an
2006 Jun 27
2
non-traditional rails app
I''d like to convert some simple, general ruby scripts I have into rails apps just for testing purposes. Many of these apps are not DB driven, so the whole CRUD concept does not apply to them... here''s a sample: require ''socket'' server = TCPServer.new(''12345'') while (session = server.accept) Thread.new(session) do |this_session|
2004 Sep 22
3
Strange DNAT problems with shorewall 1.4.8
I''ve had some issues with my network, and I''ve had to reconfigure my Gibraltar CD. It runs shorewall 1.4.8, and I have a 2-interface setup, so I downloaded the relevant files from the install page. Masq and such works, but I''m having a problem with my port forwarding. It works for port 22, but it doesn''t seem to work for any other port. I''ve turned
2020 Sep 29
1
samb4 DC on aws
Andrew, Just passing the public IP of our samba to samba_dnsupdate is enough to replicate the data correctly? samba_dnsupdate --verbose --all-names --current-ip=PUBLIC_IP On Fri, Sep 25, 2020 at 6:39 AM Andrew Bartlett <abartlet at samba.org> wrote: > On Thu, 2020-09-24 at 14:59 -0300, Elias Pereira via samba wrote: > > Hello, > > > > Has anyone already installed
2010 Oct 12
1
chan_sip.c: Trying to put 'SIP/2.0 401' onto UDP socket destined for public_ip:2049
Hello, what does this message mean ? [Oct 12 14:03:32] DEBUG[9064] chan_sip.c: Trying to put 'SIP/2.0 401' onto UDP socket destined for public_ip:2049 I find this in my debug log file when "core set debug 25". Is something failing, or is this just informative ? Kind regards, Jonas. -------------- next part -------------- An HTML attachment was scrubbed... URL:
2004 Jan 09
1
Problem with DNS (UDP) queries
Hi all I am trying to get rid of strings: kernel: Connection attempt to UDP FREEBSD_IP:port from DNSSERVER_IP:53 on my console and in log file I understand that those are replies on DNS queries that for some reason took too long time to be answered. I do not want to turn off the "log in vain" feature. As these strings fill up my log I am afraid to miss some sensitive messages (e.g.
2004 Apr 17
7
Is log_in_vain really good or really bad?
Heya.. Yesterday someone "attacked" by box by connection to several ports.. In other words, a simple portscan.. yet, since my box has "log_in_vain" enabled, so it tries to log everything to /var/log/messages, since the logfile got full and the size went over 100K, it tried to rotate the log to save diskspace. (Apr 16 21:00:00 omikron newsyslog[32137]: logfile turned over due
2019 Mar 12
1
classicupgrade, net rpc rights grant NT_STATUS_IO_TIMEOUT and NT_STATUS_INTERNAL_ERROR
Am 12.03.2019 um 10:16 schrieb Rowland Penny via samba: > On Tue, 12 Mar 2019 01:47:53 +0100 > Christian via samba <samba at lists.samba.org> wrote: > >> Am 11.03.2019 um 09:24 schrieb Rowland Penny via samba: >>> On Mon, 11 Mar 2019 07:16:30 +0100 >>> Christian via samba <samba at lists.samba.org> wrote: >>> >>>> Dear all,
2010 Oct 07
2
401 Unauthorized with Snom but not with Zoiper softphone
Hello, I'm having difficulty with registering a SIP account in a Snom 320 IP-phone. This is what sip debug tells me : [Oct 7 13:28:42] VERBOSE[20314] chan_sip.c: [Oct 7 13:28:42] <--- SIP read from UDP:public_ip:58697 ---> REGISTER sip:sip.domain.tld SIP/2.0 Via: SIP/2.0/UDP 192.168.114.200:2048;branch=z9hG4bK-vj1xvbdnp4dw;rport From: <sip:test3 at
2003 Apr 13
1
chfn, chsh, ls, ps - INFECTED
My machine got hacked a few days ago through the samba bug. I reinstalled everything cvsuped src-all, and ran chkrootkit. No more LKM but still... Can anyone please advise ? bash-2.05b# chkrootkit | grep INFECTED Checking `chfn'... INFECTED Checking `chsh'... INFECTED Checking `date'... INFECTED Checking `ls'... INFECTED Checking `ps'... INFECTED -- Jay -------------- next
2003 Apr 14
3
strange connection attempts
hello, I have turned on sysctls variables: net.inet.tcp.log_in_vain: 1 net.inet.udp.log_in_vain: 1 And i have plenty of strange connection attempts on udp protocol Connection attempt to UDP xx.xx.x.xxx:55414 from 192.43.172.34:53 Apr 13 23:56:53 pals /kernel: Connection attempt to UDP xx.xx.x.xxx:55414 from 192.43.172.34:53 Connection attempt to UDP
2014 Jul 24
1
TLS/TCP behind NAT; Signaling issues with offnet phones
Issue is what subject says. Here is the background. Version: 11.11.0 Topology: Asterisk Box at our Data Center behind Cisco Firewall. Everything works fine from remote offices over a VPN. Issue is sales team would like to connect up to our Asterisk box remotely (offnet). Common enough solution, I'm guessing. So, I've opened all the correct holes on the firewall and hammered out
2003 May 30
2
IPFW logging brokeness?
I don't think I'm trying to do anything amazing, but IPFW's logging features are giving me a real headache. I can't find much in the archives either, but I find it hard to believe others havne't found this too. My rule: add 100 allow log tcp from any to <my IP> <ports> limit src-addr 2 I want connecting parties to be able to form no more than 2 connection. This
2011 Jan 25
0
Asterisk and Kamailio integration on cloud EC2 amazon no voice.
Hi All, i am stuck in NAT issue on ec2 cloud computing from last 2-3 days , may be some of you are doing setup and integration on cloud. below is my setup details which may help you to suggest me solution. Asterisk version : 1.6.2.6 1) Kamailio server having public_ip as well local ip .i am using mediaproxy [also tried rtpproxy] . 2) Asterisk server having public_ip as well local ip. setup:
2007 Sep 16
0
Port forwarding from dom0 to bridged domU with IPVS
Hi list, We, an OSS advocacy group, setup a Xen 3.1 machine composed of : . a 64 bits dom0 running Debian stable amd64 . 2 hvm domUs running OpenBSD amd64 . 2 hvm domUs running NetBSD i386 This machine is to be hosted and reachable from the Internet, but it will only have one public IP. Naturally, our first tought was to port-forward using iptables / netfilter. We didn''t really
2003 Aug 12
1
Certification (was RE: realpath(3) et al)
Just saw this from eWeek. "IBM, which paid roughly $500,000 for the testing, and SuSE (pronounced "SOOS-ah") were announcing the certification jointly. " The article is here: http://www.eweek.com/article2/0,3959,1212529,00.asp --- Darren Reed <avalon@caligula.anu.edu.au> wrote: > In some mail from twig les, sie said: > > > > I actually just asked
2003 Jun 12
1
NIC has IP, but has "no carrier"
Hello, My computer is not connecting to the local network with the following configuration: dmesg.boot contains the following lines: ----------------------------------------- vr0: <VIA VT3043 Rhine I 10/100BaseTX> port 0xec00-0xec7f mem 0xfeafbc00-0xfeafbc7f irq 11 at device 12.0 on pci2 vr0: Ethernet address: 00:40:05:a5:00:04 miibus0: <MII bus> on vr0 amphy0: <Am79C873 10/100
2003 Jul 28
10
IPSec
Hi All, I need to configure a VPN between a FreeBSD-4.8 box and a Linux (FreeS/WAN) box. In the Linux side, the network administrator installed FreeS/WAN with RSA authentication without IKE support. Does anybody knows if is possible to make my FreeBSD box connect a VPN with the Linux box? If so, could point me to a documentation about how to install IPSec with RSA authentication and how to make
2003 Sep 08
4
is one of my hosts a scanner?
so i just found that one of my hosts is GENERATING these probe pairs, maybe every minute or two (note the sequence numbers): seq my host victim(s) --- ---------------- --------------- 24) 192.168.0.2:1121 <--> 216.52.3.2:2703 25) 192.168.0.2:1122 <--> 216.52.3.4:2703 39) 192.168.0.2:1124 <-->