Displaying 20 results from an estimated 700 matches similar to: "SipVicious scans getting through iptables firewall - but how?"
2010 Jun 24
2
Friday at 1PM: SIPVicious has a new tool: svcrash
Hi,
Got some great news a few days ago from Sandro Gauci (@SandroGauci)
and we'll be talking about this with him this Friday at 1PM.
SIPVicious, the free security tools for SIP scanning, now include a
new tool: svcrash. It is aimed at helping system administrators stop
bandwidth consuming scans making
use of svwar and svcrack. Here is the announcement on SIPViscious blog:
2010 Aug 18
3
Playing with sipvicious ..
... using it as a tool and understanding what it does...
So one part of it's toolset identifys valid SIP accounts - and I was under
the impression that alwaysauthreject=yes was supposed to stop this...
However, it sends a request for a highly probably non-existent account,
then sends requests for probably existing accounts and I guess compares
the results - account not found vs. bad
2018 May 30
3
Password recovery trick not working on CentOS
Hi,
I remember back in the days, there was a neat trick to recover a lost
root password, or more exactly, redefine a new password for root.
1. In the bootloader, boot the system with the 'init=/bin/bash' kernel
argument.
2. Remount the root partition in read-write mode:
# mount -o remount,rw /
3. Set the password for root:
# passwd
4. Remount the root partition in read-only
2010 Aug 30
1
Fail2ban integration issues with Asterisk 1.4.21 under Debian Lenny
Hi,
I've recently had a fairly prolonged SIP registration attack, 18 hours in
this case and often with 200 attempts per second, and suspect I've had a
number of these in the past. The main symptom I noticed previously was,
because Asterisk was responding to each registration request it received,
it was very quickly using up my 448 kbps upload limit for my home ADSL
connection: any
2010 Oct 21
5
SIP Blacklisting
Hi,
Given the recent increase in SIP brute force attacks, I've had a little idea.
The standard scripts that block after X attempts work well to prevent you actually being compromised, but once you've been 'found' then the attempts seem to keep coming for quite some time. Older versions of sipvicious don't appear to stop once you start sending un-reachables (or straight
2019 Sep 01
2
Problem to access from Win to Win after classicupdate to Samba DC 4.10.7
I have do a classicupdate from a NT4 style domain to Samba DC 4.10.7
BIND_DLZ without (apparently) problem
All seem work fine, access to PC work, join or re-join a PC to domain
work, access from a Linux samba member server to Win7 PC work, access
from Win7 to samba member server work.
But I cannot access from a PC with win7 to another PC with win7.
If I try to access from win7-0 to win7-1 via
2017 May 28
1
Ovirt Hosted-Engine VM iptables
Hi
I would like to add rules into the iptables of the Hosted Engine VM in
Ovirt.
the version is oVirt Engine Version: 4.1.1.8-1.el7.centos
I have tried using the normal process for iptables (iptables-save etc),
but it seems that the file
/etc/sysconfig/iptables
this is ignored in the Ovirt Engine VM.
How can I add permanent rules into the Engine VM?
Kind regards
Andrew
2019 Apr 24
2
Iptables blocks out going connetion some times
Hi?guys.
There is a wierd problem with iptables recently, hopes somebody can help me.
I have installed Centos 7.2.1511 on a bare metal Dell server these days,
disabled firewalld and enabled iptables.services, and setup a group of very
simple rules, as the following:
# iptables-save
# Generated by iptables-save v1.4.21 on Tue Apr 23 09:15:14 2019
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT
2020 Jun 12
3
tcltk image reading problem (on a mac?): [tcl] encountered an unsupported criticial chunk type "eXIf"
I don't know what has changed with Catalina
But I just tried my tk console from the shell command tkcon
And got the following error.
Here is my shell:
$ tkcon
dyld: Library not loaded: /usr/local/lib:/opt/X11/lib/libtk8.6.dylib
Referenced from: /usr/local/bin/wish
Reason: image not found
Abort trap: 6
I don't know whether this is a red herring or not, but the
2013 Jan 02
8
Auto ban IP addresses
Greetings all,
I have been seeing a lot of
[Jan 2 16:36:31] NOTICE[7519]: chan_sip.c:23149 handle_request_invite:
Sending fake auth rejection for device
100<sip:100 at 108.161.145.18>;tag=2e921697
in my logs lately. Is there a way to automatically ban IP address from
attackers within asterisk ?
Thank you
2019 Feb 06
2
Samba and ufw
Rowland,
Did some editing in smb.conf that I had to reverse. Now I'm back to
being able to connect with the firewall disabled. When I enable the
firewall I get as far as windows network -> workgroup but no connection.
I have only the rules you recommended in your last email.
Louis,
The information you requested is below:
martin at radio:~$ dpkg -l|egrep "iptables|ufw"
ii
2020 Jun 11
4
tcltk image reading problem (on a mac?): [tcl] encountered an unsupported criticial chunk type "eXIf"
Hello everyone
I am not sure when this appeared
(sometime post R 3.5.0 and after I switched to Mac OS Catalina).
I do not think it happens on all platforms (e.g. seems to work on windows).
But it seems that
tkimage.create()
no longer works on a Mac for all png files.
(It does work for *some* old png files I have on disk but I have not been able to determine what is different about the
2019 Apr 24
2
答复: Iptables blocks out going connetion some times
Hello, Stephen, thank you for input.
Yes, these servers have the same firewall rules, and both of them have the same problem from time to time, most of time they are good.
Actually, these servers are newly installed to be used as the Glusterfs storage server, so not much data flowing at this time.
>From the sysctl output, I suppose it can't be a conntrack table overflow :
2019 Feb 07
3
Samba and ufw
Rowland,
OK. Should I delete these lines?
diff yours mine
63d62
yours# -A ufw-after-logging-output -m limit --limit 3/min --limit-burst 10
-j LOG --log-prefix "[UFW ALLOW] "
85,87d83
yours# -A ufw-before-logging-forward -m conntrack --ctstate NEW -m limit
--limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW AUDIT] "
yours# -A ufw-before-logging-input -m conntrack
2019 Jan 29
2
Samba and UFW
Reindl,
I will check that. Not sure how fix it. Will look on internet. Would you give some more information on the subject.
Thanks
Sent from my iPad
Marty (843)-546-4822
> On Jan 29, 2019, at 10:43 AM, Reindl Harald <h.reindl at thelounge.net> wrote:
>
>
>
>> Am 29.01.19 um 16:39 schrieb Marty via samba:
>> Here is the ufw.log after enabling logging medium and
2020 Jun 12
3
tcltk image reading problem (on a mac?): [tcl] encountered an unsupported criticial chunk type "eXIf"
Dear Simon,
> On Jun 11, 2020, at 9:00 PM, Simon Urbanek <simon.urbanek at r-project.org> wrote:
>
> Wayne,
>
> that one is unrelated, but interesting - you can fix it with
>
> sudo install_name_tool -change \
> /usr/local/lib:/opt/X11/lib/libtk8.6.dylib \
> /usr/local/lib/libtk8.6.dylib \
> /usr/local/bin/wish8.6
>
> There is a bug in tcltk with
2019 Feb 12
1
Samba and ufw (Martin McGlensey)
Louis,
Made the changes. Still unable to mount office. Firewall also blocks
Thunderbird mail and maybe internet. Will check that more fully
later.Any thoughts ob Tony's response?
Outputs:
martin at radio:/etc$ sudo apt-get install ufw
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no
2006 Jun 22
2
OT EXIF libraray
Hi-
this is slightly off topic, but is anyone aware of a WORKING ruby library that reads EXIF data from JPEG files?
It has to run on both Windows and *nix, so wrappers around unix libs won''t do.
So far I tried rexif, ruby-exif (both throwing exceptions when presented with a JPEG) and RMagick (at least able to get the date
from EXIF, however it adds a ''.'' at the end for
2013 Sep 30
1
map destination files files based on meta data
I am in the process of designing a photo synchronization application -
basically I want to be able to copy all of the images captured throughout
my home's infrastructure to a central repository. The problem that I
foresee is that there may be collisions between filenames between the
various computers where my family members sync their photos, movies, etc.
So doing a simple rsync won't
2017 Jun 20
2
guest A from virbr0 can talk to guest B in virbr1 but not vice versa
Hello,
I came across an interesting problem in my home lab a few weeks ago as I'm
prepping for my RHCE exam using Michael Jang study guide. I've been at this
for days now, and I still can't wrap my head around how two or more virtual
networks in default NAT configuration are even allowed to communicate with
each other despite what the libvirt documentation said.
Here's the