similar to: Shorewall portscanner example rule.

------- BEGIN FORWARDED MESSAGE ------- From: g.pardon@pi.be To: teastep@shorewall.net Cc: Subject: Re: [Shorewall-users] Open ports How am I testing this? I''m doing a portscan using a portscanner like GFI Languard, Superscanner and nmap to check. Those two TCP-ports always showed up. Although, I think there are other to test it. I read the FAQ and the phenomenon (where is that

I have two CentOS servers running SSH on two different non-standard ports. So far as I can tell, they have identical /etc/ssh/sshd_config files with the exception of the different port (both are 22xx). However, when running nmap on them, one betrays the port that SSH is running on, and the other does not. I have shut down iptables on both machines and the behaviour remains this way. What could be

Hi, Is there any way to automatically block all traffic from IP''s that try more than X number of blocked ports for a preset amount of time? The log I get every morning seems to be getting bigger and bigger with port scans and attempts to access various services, it would be nice if these IP''s could be automatically blocked for like a week or two.. I wouldn''t want

Hi folks Im currently doin firewall project.. the scenario is like this.. my application server open port number 3079 the server ip is 202.188.0.132. and now the port can be accessed from everywhere. Now i want to block all the everywhere accessed. But my problem is, the application will be accessed by few locations that doing transaction with the application server. and the said locations are

This article describes how to implement "Port Knocking" in Shorewall. http://shorewall.net/PortKnocking.html -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key

Dear All, Can anyone recommend a scanner that works well on 4.8. Thanks in advance, Regards, Dave -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: This is a digitally signed message part Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20030906/4c29ef0a/attachment.bin

Hi, Is it possible to block the port scanning through shorewall, if yes then how? Thanks and Best Regards, Arif

Hello, all. I''ve been trying to get shorewall to get LISa working on my Gentoo box. It works as long as I have shorewall turned off, but whenever I turn it on, it seems to block all LISa activity. I have TCP port 7741 opened (as per lisa-home.sourceforge.net), and nmap says it''s open. Ethereal indicates that LISa is communicating via TCP port 7741, from 127.0.0.1 to

Hi, I'm developing a very basic new LLVM backend for a RISC machine (named Risco), based on the existing Sparc and Mips backends and the main tutorial [1]. I'm having trouble registering the backend so the main tools can see it. My project code is outside the source tree, and I've altered the Makefile to generate a shared library for the backend (libLLVMRiscoCodeGen.so). I've

How can I be sure if it is LKM or not? Today I've run chkrootkit and it gave me: Checking `lkm'... You have 179 process hidden for readdir command You have 179 process hidden for ps command chkproc: Warning: Possible LKM Trojan installed Checking `chkutmp'... The tty of the following user process(es) were not found in /var/run/utmp ! ! RUID PID TTY CMD ! root

According to http://www.redhat.com/magazine/006apr05/features/selinux/ there is a package named selinux-policy-strict, which contains a series of rules for correctly handling many situations (software) when using strict policy. Does CentOS have this package available ? If not, can someone make it available through Centosplus or Addon, for example ? This package is not part of the upstream main

Thanks for the info. On Wed, Oct 13, 2010 at 5:27 PM, Anton Korobeynikov <anton at korobeynikov.info> wrote: > > > My project code is outside the source tree, and I've altered the Makefile to > > generate a shared library for the backend (libLLVMRiscoCodeGen.so). > You cannot do this anymore. You need to alter the build system (add > stuff to configure, etc.)

Hello, My hoster updated its kernel packages... It contained some old problems that should have been fixed. My servers have now a wonderful 2.6.21.5 kernel + grsec running. Both are running Debian 4.0 (stable release). mx:/etc/shorewall# iptables --version iptables v1.3.6 mx:/etc/shorewall# uname -a Linux mx.network-hosting.com 2.6.21.5-grsec-xxxx-grs-ipv4-32 #1 SMP Fri Jul 27 17:18:23 CEST

On Sat, 29 May 2004 12:00:52 -0700 (PDT), <freebsd-security-request@freebsd.org> wrote: Hello ! Today i see in snort logs : [**] [1:528:4] BAD-TRAFFIC loopback traffic [**] [Classification: Potentially Bad Traffic] [Priority: 2] 06/07-09:44:39.044590 127.0.0.1:80 -> 10.6.148.173:1566 TCP TTL:128 TOS:0x0 ID:577 IpLen:20 DgmLen:40 ***A*R** Seq: 0x0 Ack: 0x75830001 Win: 0x0 TcpLen:

As I can seen, there is the bind-chroot glue package, but is there a postfix-chroot.rpm glue ? I have looked for it, but I think there is not. If there is not, what is your opinion about creating one ? Thanks -- Vilela -------------- next part -------------- An HTML attachment was scrubbed... URL:

My USB Pendrive gets mounted everytime I put it on the USB port (/dev/sda on /media/usbdisk). This behaviour is the desired. Now I want the OS to automaticaly include the mount option iocharset=iso8859-1 everytime it mounts it. Is there a way to tell haldaemon (or other software) do this, instead of hand-editing /etc/fstab ? -- Vilela -------------- next part -------------- An HTML attachment

Hi, I've been receiving message "No space left on device" but there is space. I've forced fsck on reboot 2 times but did not solve. # yum rpmdb: /var/lib/rpm/__db.001: No space left on device error: db4 error(28) from dbenv->open: No space left on device error: cannot open Packages index using db3 - No space left on device (28) error: cannot open Packages database in

Hi all, I write a complex filter rules as follows: rsync -amvHPRSB131072 -n --delete --delete-excluded \ -f +_dists/jessie/**binary-all/Packages.gz \ -f +_dists/jessie/Release* \ -f +_dists/jessie/**binary-amd64/Packages.gz \ -f +_dists/jessie/**installer-amd64/*** \ -f +_dists/jessie/**binary-i386/Packages.gz \ -f +_dists/jessie/**installer-i386/*** \ -f +_dists/***/ \ -f -_*

Hi: I have a machine with four interfaces connecting four different networks. I am learning to use nmap and trying to force the nmap working only one interface. As nmap man page states, I use -e option and it would not work: nmap -e fx0 -v -sP 192.168.128.0/23 Starting Nmap 3.95 ( http://www.insecure.org/nmap/ ) at 2006-02-04 14:04 CST getinterfaces: Failed to open ethernet interface (el0)

Am 12.08.2015 um 15:16 schrieb Dr J Austin: > Hi Richard > > I have been working at trying to get cyrus to listen on 148.197.29.5 > interface instead of the localhost - I have failed > > Whenever I add things to /etc/cyrus.conf such as > imaps cmd="imapd -s" listen="[148.197.29.5]:imaps" prefork=1 No square brackets around the ip address. >