When i start CSF i cant connect VPS or download any data into it It appears i cant connect Linux VP?


 
Thread Tools Search this Thread
Special Forums Cybersecurity When i start CSF i cant connect VPS or download any data into it It appears i cant connect Linux VP?
# 1  
Old 04-07-2014
When i start CSF i cant connect VPS or download any data into it It appears i cant connect Linux VP?

It appears i cant connect linux VPS server via SSH or i cant SCP any file to it and i cant wget any file TO it (from inside it) while CSF (Config Server Firewall, LFD is running. Just after isntall in default configuration and after changing TESTING mode to LIVE mode.

Trying to wget & install comething => stuck
Code:
[root@pvbvfxby ~]# wget http://www.inetbase.com/scripts/ddos/install.sh;chmod 0700 install.sh;
--2014-04-07 08:25:26--  http://www.inetbase.com/scripts/ddos/install.sh
Resolving www.inetbase.com... 184.173.190.146
Connecting to www.inetbase.com|184.173.190.146|:80...

Trying to SCP something into VPS:
Code:
amnesia@amnesia:~$ scp install.sh root@vpsipthere:/root
ERROR: Got error response from SOCKS server: 6 (TTL expired).
FATAL: failed to begin relaying via SOCKS.
ssh_exchange_identification: Connection closed by remote host
lost connection

Nothing in deny file/s
Code:
[root@pvbvfxby log]# cat /etc/*deny*

My computer IP not in iptables:
Code:
[root@pvbvfxby log]# iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination         
ACCEPT     tcp  --  google-public-dns-b.google.com  anywhere            tcp dpt:domain 
ACCEPT     udp  --  google-public-dns-b.google.com  anywhere            udp dpt:domain 
ACCEPT     tcp  --  google-public-dns-b.google.com  anywhere            tcp spt:domain 
ACCEPT     udp  --  google-public-dns-b.google.com  anywhere            udp spt:domain 
ACCEPT     tcp  --  google-public-dns-a.google.com  anywhere            tcp dpt:domain 
ACCEPT     udp  --  google-public-dns-a.google.com  anywhere            udp dpt:domain 
ACCEPT     tcp  --  google-public-dns-a.google.com  anywhere            tcp spt:domain 
ACCEPT     udp  --  google-public-dns-a.google.com  anywhere            udp spt:domain 
LOCALINPUT  all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
INVALID    tcp  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ftp-data 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ftp 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ssh 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:smtp 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:domain 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:http 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:pop3 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:imap 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:https 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:smtps 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:submission 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:imaps 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:pop3s 
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:ftp-data 
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:ftp 
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:domain 
ACCEPT     icmp --  anywhere             anywhere            icmp echo-request limit: avg 1/sec burst 5 
ACCEPT     icmp --  anywhere             anywhere            icmp echo-reply limit: avg 1/sec burst 5 
ACCEPT     icmp --  anywhere             anywhere            icmp time-exceeded 
ACCEPT     icmp --  anywhere             anywhere            icmp destination-unreachable 
LOGDROPIN  all  --  anywhere             anywhere            

Chain FORWARD (policy DROP)
target     prot opt source               destination         

Chain OUTPUT (policy DROP)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             google-public-dns-b.google.com tcp dpt:domain 
ACCEPT     udp  --  anywhere             google-public-dns-b.google.com udp dpt:domain 
ACCEPT     tcp  --  anywhere             google-public-dns-b.google.com tcp spt:domain 
ACCEPT     udp  --  anywhere             google-public-dns-b.google.com udp spt:domain 
ACCEPT     tcp  --  anywhere             google-public-dns-a.google.com tcp dpt:domain 
ACCEPT     udp  --  anywhere             google-public-dns-a.google.com udp dpt:domain 
ACCEPT     tcp  --  anywhere             google-public-dns-a.google.com tcp spt:domain 
ACCEPT     udp  --  anywhere             google-public-dns-a.google.com udp spt:domain 
LOCALOUTPUT  all  --  anywhere             anywhere            
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:domain 
ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain 
ACCEPT     tcp  --  anywhere             anywhere            tcp spt:domain 
ACCEPT     udp  --  anywhere             anywhere            udp spt:domain 
ACCEPT     all  --  anywhere             anywhere            
INVALID    tcp  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ftp-data 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ftp 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ssh 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:smtp 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:domain 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:http 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:pop3 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:auth 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:https 
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:ftp-data 
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:ftp 
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:domain 
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:auth 
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:ntp 
ACCEPT     icmp --  anywhere             anywhere            icmp echo-reply 
ACCEPT     icmp --  anywhere             anywhere            icmp echo-request 
ACCEPT     icmp --  anywhere             anywhere            icmp time-exceeded 
ACCEPT     icmp --  anywhere             anywhere            icmp destination-unreachable 
LOGDROPOUT  all  --  anywhere             anywhere            

Chain ALLOWIN (1 references)
target     prot opt source               destination         

Chain ALLOWOUT (1 references)
target     prot opt source               destination         

Chain DENYIN (1 references)
target     prot opt source               destination         

Chain DENYOUT (1 references)
target     prot opt source               destination         

Chain INVALID (2 references)
target     prot opt source               destination         
INVDROP    all  --  anywhere             anywhere            state INVALID 
INVDROP    tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE 
INVDROP    tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG 
INVDROP    tcp  --  anywhere             anywhere            tcp flags:FIN,SYN/FIN,SYN 
INVDROP    tcp  --  anywhere             anywhere            tcp flags:SYN,RST/SYN,RST 
INVDROP    tcp  --  anywhere             anywhere            tcp flags:FIN,RST/FIN,RST 
INVDROP    tcp  --  anywhere             anywhere            tcp flags:FIN,ACK/FIN 
INVDROP    tcp  --  anywhere             anywhere            tcp flags:PSH,ACK/PSH 
INVDROP    tcp  --  anywhere             anywhere            tcp flags:ACK,URG/URG 
INVDROP    tcp  --  anywhere             anywhere            tcp flags:!FIN,SYN,RST,ACK/SYN state NEW 

Chain INVDROP (10 references)
target     prot opt source               destination         
DROP       all  --  anywhere             anywhere            

Chain LOCALINPUT (1 references)
target     prot opt source               destination         
ALLOWIN    all  --  anywhere             anywhere            
DENYIN     all  --  anywhere             anywhere            

Chain LOCALOUTPUT (1 references)
target     prot opt source               destination         
ALLOWOUT   all  --  anywhere             anywhere            
DENYOUT    all  --  anywhere             anywhere            

Chain LOGDROPIN (1 references)
target     prot opt source               destination         
DROP       tcp  --  anywhere             anywhere            tcp dpt:bootps 
DROP       udp  --  anywhere             anywhere            udp dpt:bootps 
DROP       tcp  --  anywhere             anywhere            tcp dpt:bootpc 
DROP       udp  --  anywhere             anywhere            udp dpt:bootpc 
DROP       tcp  --  anywhere             anywhere            tcp dpt:sunrpc 
DROP       udp  --  anywhere             anywhere            udp dpt:sunrpc 
DROP       tcp  --  anywhere             anywhere            tcp dpt:auth 
DROP       udp  --  anywhere             anywhere            udp dpt:auth 
DROP       tcp  --  anywhere             anywhere            tcp dpts:epmap:netbios-ssn 
DROP       udp  --  anywhere             anywhere            udp dpts:epmap:netbios-ssn 
DROP       tcp  --  anywhere             anywhere            tcp dpt:microsoft-ds 
DROP       udp  --  anywhere             anywhere            udp dpt:microsoft-ds 
DROP       tcp  --  anywhere             anywhere            tcp dpt:isakmp 
DROP       udp  --  anywhere             anywhere            udp dpt:isakmp 
DROP       tcp  --  anywhere             anywhere            tcp dpt:login 
DROP       udp  --  anywhere             anywhere            udp dpt:who 
DROP       tcp  --  anywhere             anywhere            tcp dpt:efs 
DROP       udp  --  anywhere             anywhere            udp dpt:router 
LOG        tcp  --  anywhere             anywhere            limit: avg 30/min burst 5 LOG level warning prefix `Firewall: *TCP_IN Blocked* ' 
LOG        udp  --  anywhere             anywhere            limit: avg 30/min burst 5 LOG level warning prefix `Firewall: *UDP_IN Blocked* ' 
LOG        icmp --  anywhere             anywhere            limit: avg 30/min burst 5 LOG level warning prefix `Firewall: *ICMP_IN Blocked* ' 
DROP       all  --  anywhere             anywhere            

Chain LOGDROPOUT (1 references)
target     prot opt source               destination         
LOG        tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 30/min burst 5 LOG level warning uid prefix `Firewall: *TCP_OUT Blocked* ' 
LOG        udp  --  anywhere             anywhere            limit: avg 30/min burst 5 LOG level warning uid prefix `Firewall: *UDP_OUT Blocked* ' 
LOG        icmp --  anywhere             anywhere            limit: avg 30/min burst 5 LOG level warning uid prefix `Firewall: *ICMP_OUT Blocked* ' 
DROP       all  --  anywhere             anywhere

when i do: service csf stop
connections starts working, when i start, it fails to connect, wget..
# 2  
Old 04-11-2014
The LOGDROPIN rule will give you more information on exactly what it being rejected but a useful flag to add to the iptables -L is -v as that also shows the interface the rule applies to. If you post that result here, along with your ifconfig -a (& perhaps obfuscate any sensitive internal network info if you wish) we should be able to get to the bottom of this.

Edit:
Oh, wait, OP is banned... nevermind then.
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Connect direct - SFTP - List of servers that I can connect

Greetings Experts, I am working for a bank client and have a question on connect-direct and SFTP. We are using Linux RedHat servers. We use connect-direct to transfer (NDM) files from one server to another server. At times, we manually transfer the files using SFTP from one server to another... (2 Replies)
Discussion started by: chill3chee
2 Replies

2. UNIX for Dummies Questions & Answers

Connect to my Linux network remotely?

Have - -3 HP Proliant G4P servers - Debian (wheezy) -3 RaspPI's - Raspian -Unmanaged switch that all 6 can ssh into each other with via eth0 -Router (w wifi and 5 ports) - on eth1 of the three G4p's of protocol dhcp Want: To let the six servers, in my basement run, since the HPs are... (5 Replies)
Discussion started by: sas
5 Replies

3. IP Networking

How to connect internet in Linux OS

How to enable internet on my Linux OS My OS: Red Hat Fedora Release 9 (Sulphur) version: 2.6 I have to connect via my Nokia cell phone via cable. This way only I had been using internet on my Windows OS. If any software is required to install on my UNIX for internet, then I don't have any. If... (14 Replies)
Discussion started by: ravisingh
14 Replies

4. Red Hat

How to connect internet in Linux OS?

What all is required so that I can use internet on my Linux OS My OS: Red Hat Fedora version: 2.6 I have to connect via my Nokia cell phone via cable. This way only I had been using internet on my Windows OS. If any software is required to install on my UNIX for internet, then I don't... (1 Reply)
Discussion started by: ravisingh
1 Replies

5. Shell Programming and Scripting

Connect to Windows from Linux using NetCat

Hi Need help to connect from Ubuntu to Windows using NetCat nc I can not get my script to send new-line Her is what I have tried(sleep 2 ; echo user ; sleep 1; echo pass; sleep 2; echo netstat) | nc -t 10.10.10.34 23 gives this outputÿý%ÿûÿûÿý'ÿýÿýÿûWelcome to Microsoft Telnet Service ... (1 Reply)
Discussion started by: Jotne
1 Replies

6. Shell Programming and Scripting

lftp script to connect to external sftp site and download to internal ftp and then send email

Hi there, I'm new to shell scripting and need some help if possible? I need to create a shell script (.sh) to run as a cron job on an ubuntu linux server to connect to an external sftp sites directory using credentials (which I have) and then download to our internal ftp server and then copy... (3 Replies)
Discussion started by: ghath
3 Replies

7. AIX

AIX Remote Connect Fail With “No more multiple IP addresses to connect” Error

We have a production server at a client site running AIX. And recently when users are trying to connect to it via telnet, it prompts "No more multiple IP addresses to connect". Can I know what does this error mean? and how to rectify this? Thanks. (2 Replies)
Discussion started by: a_sim
2 Replies

8. Debian

Connect Reliance netconnect data card in linux debian

Hi, I want to connect Reliance netconnect data card in linux - debian. I don't know which software needs to be install. can you please help me what is the software needs to be install to connect this datacard. I have connected this datacard in windows using the CD which is provided by... (3 Replies)
Discussion started by: latika
3 Replies

9. UNIX for Dummies Questions & Answers

Connect over ssh, start something, disconnect

i'm connecting with ssh from a windows pc to a linux system. i want to start e.g. a download and close my session afterwards. how do i do this without killing the download? thx in advance. (2 Replies)
Discussion started by: sTorm
2 Replies
Login or Register to Ask a Question