similar to: [Bug 870] New: Iptables cannot block outbound packets sent by Nessus

Hi! I am trying to use hping to chek the latency of our network. Somehow things are not going to plan and I thought someone might be able to shed some light on the subject. Here is the setup: (the IP addresses gvien here are fake, but they do represent the correct state of the networking setup) vlan interface IP mask V2 eth0 192.168.20.20 32

Greetings, I am running into *possible* Samba/Firewall issues. Our Samba v3.0.11 server is also running iptables. In our log.nmbd file we have noticed the following: [2005/09/27 15:43:41, 1] libsmb/cliconnect.c:cli_connect(1313) Error connecting to 130.xx.xx.xx (Connection refused) [2005/09/27 15:50:21, 0] libsmb/nmblib.c:send_udp(790) Packet send failed to 130.xx.xx.xx(138) ERRNO=Operation

I'm just one of those weirdos, who wanna make a powerfull queues shaper (not QoS but near) with ipfw2 on their freebsd 4.x-stable. My server is using frequently used configuration with NAT+FW ADSL router with one external ip on external network interface (we're using ADSL modem in bringe mode). I've configured single pipe, configured queues to use that pipe, add queues with different

On Sat, 29 May 2004 12:00:52 -0700 (PDT), <freebsd-security-request@freebsd.org> wrote: Hello ! Today i see in snort logs : [**] [1:528:4] BAD-TRAFFIC loopback traffic [**] [Classification: Potentially Bad Traffic] [Priority: 2] 06/07-09:44:39.044590 127.0.0.1:80 -> 10.6.148.173:1566 TCP TTL:128 TOS:0x0 ID:577 IpLen:20 DgmLen:40 ***A*R** Seq: 0x0 Ack: 0x75830001 Win: 0x0 TcpLen:

Hi, I have been doing some tests using hping2 and TCP SYN pings targeting local and remote hosts from two FreeBSD 4.7-RELEASE-p10 and one Linux 2.4.18 host. The three machines have the same hardware configuration and have been running for 6 months now. The average load isnt too high (usually 0.01 to 0.15) on the FreeBSD machines. Here is the output from hping2 (excuse me the line wrap),

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=471 Summary: UDP stream DNAT problem Product: netfilter/iptables Version: linux-2.6.x Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: NAT AssignedTo: laforge@netfilter.org ReportedBy:

Hi all, We want to do some stress testing of firewall configurations/hardware. We have discovered hping that seems a great tool for this, but funny enough Shorewall cuts it !!! even when you leave ports open :) So besides hping, any tool for this? Why is shorewall cutting this traffic? Thanks in advance. Regards. -- Jaime Nebrera - jnebrera@eneotecnologia.com Consultor TI - ENEO

On 05/16/2015 10:23 AM, Leon Fauster wrote: > Well, the destination is not in my realm (different provider). Before > contacting them I want to be sure that my system is not causing this. > So far i just see a "tcp retransmission" while trying to establish > a https connection (captured on our router): That can be difficult to establish. If you're getting no response,

Am 15.05.2015 um 18:17 schrieb Gordon Messmer <gordon.messmer at gmail.com>: > On 05/15/2015 09:02 AM, Leon Fauster wrote: >> >> I have a public peer system (yy.yy.yy.yy) that is reachable >> via my home uplink (xx.xx.xx.xxx). >> >> 15:59:30.244199 IP xx.xx.xx.xxx.42958 > yy.yy.yy.yy.https: tcp 0 >> 15:59:30.281931 IP yy.yy.yy.yy.https >

Hello, I'm experiencing some problems with running IAX2 protocol on quite reliable link with G729A codec. My customer has 2mb FR link to the Internet used in about 20%. Ping statistics: 50 packets transmitted, 49 received, 2% packet loss, time 49496ms rtt min/avg/max/mdev = 9.308/13.126/33.307/4.851 ms Everything would be great, but the quality isn't good enough. I have 2mb/512kb DSL

https://bugzilla.netfilter.org/show_bug.cgi?id=1086 Bug ID: 1086 Summary: Nftables matching packet header fields and unexpected '(': wrong wiki info or bug? Product: nftables Version: unspecified Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: minor

Hi there, I am getting very low throughput (around 0.29Mbps) while running netperf benchmark for guest to guest communication on a single physical host. To analyse where the time is spent in hypervisor I wanna use profiling. Please help me choosing good profiler according to my requirments. Should it be better in my case, Xentrace, gprof, xenoprof  or Oprofile. Is it possible to use some vtune

Hi there, I am getting very low throughput (around 0.29Mbps) while running netperf benchmark for guest to guest communication on a single physical host. To analyse where the time is spent in hypervisor I wanna use profiling. Please help me choosing good profiler according to my requirments. Should it be better in my case, Xentrace, gprof, xenoprof  or Oprofile. Is it possible to use some vtune

I have just seen this, that I thought was an old problem, show up again.. I noticed it when I let a domU stay on DHCP long enough to try to do a renew, then the DHCP server started logging about checksum errors: dhcpd: 5 bad udp checksums in 5 packets DHCP server is 1:9.6.ESV.R4+dfsg-0+lenny1 so newer DHCP releases may contain workaorunds allowing these packets.. Since I had this problem years

After updating From Dovecot 1.07 (included with CentOS 5) to 2.11, NTLM authentication will not work. Attempts to authenticate against Samba version 4.0.4-GIT-20cb7de also fail with 'auth: Info: winbind(?,192.168.2.100): user not authenticated: NT_STATUS_UNSUCCESSFUL', despite the fact that the same user can sign on to the Samba domain and access files. What I'm really trying to

> - Indirectdata finally REALLY REALLY works now! > - More precise debug messages Hmmm ... I can't prove that using the CVS code I checked out this morning. Everything works like yesterday: I can ping the peer but I canot go beyond: *** SERVER *** Jun 27 09:04:56 lemon tinc.9[10186]: tincd 1.0pre3 (Jun 27 2000 08:53:56) startin g, debug level 4 Jun 27 09:04:56 lemon tinc.9[10186]:

The following patch allows the network tests to pass with hvm support enabled. More specifically: 02_network_local_ping_pos.py REASON: ping loopback failed for size 65507. ping eth0 failed for size 65507. (but all other size pings work) 05_network_dom0_ping_pos.py REASON: Ping to dom0 failed for size 65507. (but all other size pings work) 11_network_domU_ping_pos.py passes 100% (even the large

We're being ping-flooded by the Nachi worm, which probes subnets for systems to attack by sending 92-byte ping packets. Unfortunately, IPFW doesn't seem to have the ability to filter packets by length. Assuming that I stick with IPFW, what's the best way to stem the tide? --Brett Glass

Hello, I was trying to build a chrooted sftp account when I faced a problem. The chroot is done with the patch present in the contrib subdirectory in the portable version (I'm under linux slackware current). My problem is that verifying access rights on directories and files are too tight and then I couldn't have the following things : The user sftp, with primary group sftp, is chrooted

I'm having an issue I can't seem to work around after upgrading from Dovecot 1.0.7 to 1.2.17. After getting Dovecot 1.07 working on CentOS 5.9, I decided that it might be wise to upgrade to a later version, so I stuck with 1.x and went with 1.2.17, which I had to compile from source. CentOS was originally using /etc as the starting path for Dovecot files but the source distribution puts