similar to: Re: IPTables HowTo (Comment)

just wanted to get some feedback from the community. Over the last few days I have noticed my web server and email box have attempted to ssh'd to using weird names like admin,appuser,nobody,etc.... None of these are valid users. I know that I can block sshd all together with iptables but that will not work for us. I did a little research on google and found programs like sshguard and

This is weird. As in, *deeply* weird. I ssh as root from one box to another (there are keys involved), and I go to vi a file, such as # line 1 # # line 2 # # line 3 # line 4 And what I see in vi is # line 3 # line 4 BUT, if I scroll the cursor over each line with the arrow key... I see all four lines. I've also looked at another file, and same thing. Just checked it out on the server I

hello list I have a network mounted home directory shared between all hosts on my network: [bluethundr at LCENT03:~]#df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/VolGroup00-LogVol00 140G 4.4G 128G 4% / /dev/sda1 99M 35M 60M 37% /boot tmpfs 1.6G 0 1.6G 0% /dev/shm nas.summitnjhome.com:/mnt/nas

Am 11.03.2018 um 11:53 schrieb Nicolas Kovacs <info at microlinux.fr>: > > I've experimented some more, and I have a partial success. Here, I'm > redirecting all HTTPS traffic *except* the one that goes to my bank: > > iptables -A PREROUTING -t nat -i $IFACE_LAN -p tcp ! -d > www.credit-cooperatif.coop --dport 443 -j REDIRECT --to-port 3129 > > This works

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=505 ------- Additional Comments From mbr@cipherdyne.org 2007-03-24 06:01 MET ------- I've tested the proposed patch against the iptables-1.3.7 source, and find that it works in the reported broken case: # iptables -A INPUT -m string --algo kmp --string 111\"222 -j LOG # ./iptables-save > ipt.out # ./iptables-restore

Hello CentOS Docs People! I recently used the Amavisd howto to setup a couple of mailservers, which saved me from hours of searching online and reading novels of documentation. Since Ned is taking a little break from the Amavisd page, I would like to help contribute. There were a few things I'd like to add, like GTUBE/EICAR testing and SELinux config lines. My wiki username is WilliamFong.

Ok, I have OpenSSH installed on two servers. I SSH to server 1. On server 1 I ssh-keygen. I give it an empty passphrase. scp identity.pub to server 2. On server 2 I cat ident > authorized_keys on server 1 I ssh -l user server I asks for the password. If I give it the login it works. Now, I have SecureCRT on my windows machine and it connects to server 2 using a key just fine. Any clues?

Hi all, I'm following a how-to for ISPConfig using CentOS5.1 and have run into the following instruction: ----- Dovecot uses Maildir format (not mbox), so if you install ISPConfig on the server, please make sure you enable Maildir under Management -> Server -> Settings -> Email. ISPConfig will then do the necessary configuration. ---- Since I'm ssh'd in to the box and X

In an environment where users use smart cards to authenticate on Windows and then use ssh to login to UNIX systems via GSSAPI, it is nigh impossible to renew/refresh the Kerberos credentials in the UNIX session. If the user fails to renew their credentials before they expire, the user is stuck and must log out and log back in to get valid tickets. Meanwhile it is entirely likely that on the

Ned, Thank you very much for the response. Great example following through on the premise. It sounds like I need to have a better understanding of the traffic patterns on my network to know the optimal order for iptables filtering rules. My brief example - Premise: I want to limit outsiders from interfering with LAN client machines. So, I have the following rules regarding forwarding traffic:

> Date: Wednesday, April 27, 2016 13:43:00 +0000 > From: "Vanhorn, Mike" <michael.vanhorn at wright.edu> > > On 4/27/16, 9:39 AM, "centos-bounces at centos.org on behalf of > m.roth at 5-cent.us" <centos-bounces at centos.org on behalf of > m.roth at 5-cent.us> wrote: > >> And now, I just >> ssh'd in from another windows, same

Hello, Is anyone else having problems with the ssh session output stalling when ssh'd to another system and the command is running via sudo and a pager is being used (e.g., more)? Too highly reproducible :( to date, all known occurrences have involved Centos 4.3 servers; makes no difference whether client is RHEL WS 4.3, Centos 4.3 or FC 5 or WinDoze. Makes no difference if terminal

Hi, I'm currently setting up a local FTP server, to receive disk images sent with G4L (Ghost4Linux). This server has been running Slackware Linux before, and the Vsftpd setup was relatively simple. With CentOS things seem to be slightly different, so I'm currently trying to work things out. For the moment, two things seem to be creating problems, the simple iptables firewall and

I have a fresh installed CentOS 5.3 server which should route traffic between two networks like this: network A (Internet) -- eth0 (default gw) : server : eth1 -- network B (LAN) I have set in sysctl.conf net.ipv4.ip_forward = 1 and routing works fine like this. But when I switch on the iptables service (with default setup, configured when installing the server), routing stops working (or at

Hi everyone, I want to issue the command: iptables -F and then rebuild everything from the beginning with a very limited scope and then without locking myself block all other traffic. Can you suggest what I should put in the shell that would get me this: Allow traffic from subnet 172.16.0.0/24 (my VPN tunnels) - All traffic including those of Asterisk and HTTP - I trust this network Allow

Appologise if this did make it to the list but I just subscribed and didn't see it come back... I am attmepting to install ssh/sshd on my RH6.1 Intel Box. Everything seems to be working (not quite smooth sailing - I had to resort to precompiled RPM for OpenSSL). I did however get it "working." I generated a host key as root and then changed back to joe-user. I created a key for

I just installed R on my 64 bit SUSE Linux system -- I compiled with the default x windows support on.. This may be a newbie question (apologies in advance)-- but how does this show up in X? I have SSH'd in to my box and set my display -- I can run xcalc OK -- but when I hit the R binary it just goes to the command line -- if does not give me an x-window. I suspect I need another

CentOS 4.1/bind-9.2.4-2. I have named serving as a cache DNS server plus SOA for a local intranet zone. The problem I am encountering - over a period of time it stops responding to queries. nmap scan from a different host shows port 53 is visible. I can telnet to the port but all queries to server time out. So much so that "service named status" and "service named

Under 2.5p2, if I ssh'd back to myself I would get a prompt asking for my passphrase, and if that was incorrect it would then ask for my password. Assuming I had a authorized_keys file with my identity.pub in it. Under 2.9.p1 it goes straight to enter password instead of asking for my passphrase. This wouldn't be a problem except that when I have "PasswordAuthentication no" I

On May 3, 2012, at 3:04 PM, Glenn Cooper wrote: >>>> I never really paid attention to this but a file on an NFS mount is >>>> showing 64M in size, but when copying the file to a local drive, it >>>> shows 2.5MB in size. >>>> >>>> My NFS server is hardware Raided with a volume stripe size of 128K >>>> were the volume size is