Hi Guys,
My certificate in /etc/ssh is different to what is on port 22.
username@server:~$ ssh-keyscan -p 22 127.0.0.1 > /tmp/rsa.tmp
# 127.0.0.1 SSH-1.99-OpenSSH_33.33
username@server:~$ ssh-keygen -lf /tmp/rsa.tmp
1024 46:something..................... 127.0.0.1... (0 Replies)
Hello!
First of all: I am a newbie. :o :(
I have a CentOS 64bit server with Plesk Panel 8.6.
And have been hacked. :mad:
After many tries and support tickets, I am configuring a new server, with Suse 11 and Plesk 9.2.
I know that Plesk 8.6 have a backup utility (Parallels Plesk Control... (3 Replies)
One of the most important ways to keep tou machine secure is to know when it has been broken into. The less time hackers have on your system, the less they can do to it, and the greater you chancens of kicking them off and repairing the damage.
The more sophisticated the hacker, the less likely... (8 Replies)
Hello there,
I have a big problem, and I hope somebody can help me. I try to realize a port forward over three server. Here is a picture...
Client Server1 | Server2
------- ------- | -------
|...... | |...... | | |...... ... (2 Replies)
Just got old ATT server (10 base T)shipped and want to connect to Windows using com port. Got hardware to connect RJ45 from windows box & serial on ATT. I added XP static ip to host file but get no ping return. Do I have to open unix com port? How? (2 Replies)
Hi,
i think someone has hacked my server, the following rules used to come which i haven't put. Please help me i couldnt find out how this rules are apply,
i think someone has put an script which generates enables the rules.
But after restarting the iptables everything seems to be working... (0 Replies)
I want to write a server application that would accept HTTP requests from client.
The server would be on a machine that has no connection to the INTERNET.
The clients that would be posting their HTTP requests would be doing so through webbrowser .Thus it would be sort of intranet application.... (0 Replies)
SHOREWALL-ROUTESTOP(5) [FIXME: manual] SHOREWALL-ROUTESTOP(5)NAME
routestopped - The Shorewall file that governs what traffic flows through the firewall while it is in the 'stopped' state.
SYNOPSIS
/etc/shorewall/routestopped
DESCRIPTION
This file is used to define the hosts that are accessible when the firewall is stopped or is being stopped.
Warning
Changes to this file do not take effect until after the next shorewall start or shorewall restart command.
The columns in the file are as follows (where the column name is followed by a different name in parentheses, the different name is used in
the alternate specification syntax).
INTERFACE - interface
Interface through which host(s) communicate with the firewall
HOST(S) (hosts) - [-|address[,address]...]
Optional. Comma-separated list of IP/subnet addresses. If your kernel and iptables include iprange match support, IP address ranges are
also allowed.
If left empty or supplied as "-", 0.0.0.0/0 is assumed.
OPTIONS - [-|option[,option]...]
Optional. A comma-separated list of options. The order of the options is not important but the list can contain no embedded whitespace.
The currently-supported options are:
routeback
Set up a rule to ACCEPT traffic from these hosts back to themselves. Beginning with Shorewall 4.4.9, this option is automatically
set if routeback is specified in shorewall-interfaces[1] (5) or if the rules compiler detects that the interface is a bridge.
source
Allow traffic from these hosts to ANY destination. Without this option or the dest option, only traffic from this host to other
listed hosts (and the firewall) is allowed. If source is specified then routeback is redundant.
dest
Allow traffic to these hosts from ANY source. Without this option or the source option, only traffic from this host to other listed
hosts (and the firewall) is allowed. If dest is specified then routeback is redundant.
notrack
The traffic will be exempted from conntection tracking.
PROTO (Optional) - protocol-name-or-number
Protocol.
DEST PORT(S) (dport) - service-name/port-number-list
Optional. A comma-separated list of port numbers and/or service names from /etc/services. May also include port ranges of the form
low-port:high-port if your kernel and iptables include port range support.
SOURCE PORT(S) (sport) - service-name/port-number-list
Optional. A comma-separated list of port numbers and/or service names from /etc/services. May also include port ranges of the form
low-port:high-port if your kernel and iptables include port range support.
Note
The source and dest options work best when used in conjunction with ADMINISABSENTMINDED=Yes in shorewall.conf[2](5).
EXAMPLE
Example 1:
#INTERFACE HOST(S) OPTIONS PROTO DEST SOURCE
# PORT(S) PORT(S)
eth2 192.168.1.0/24
eth0 192.0.2.44
br0 - routeback
eth3 - source
eth4 - notrack 41
FILES
/etc/shorewall/routestopped
SEE ALSO
http://shorewall.net/starting_and_stopping_shorewall.htm
http://shorewall.net/configuration_file_basics.htm#Pairs
shorewall(8), shorewall-accounting(5), shorewall-actions(5), shorewall-blacklist(5), shorewall-hosts(5), shorewall_interfaces(5),
shorewall-ipsets(5), shorewall-maclist(5), shorewall-masq(5), shorewall-nat(5), shorewall-netmap(5), shorewall-params(5),
shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5), shorewall-rtrules(5), shorewall-rules(5), shorewall.conf(5),
shorewall-secmarks(5), shorewall-tcclasses(5), shorewall-tcdevices(5), shorewall-tcrules(5), shorewall-tos(5), shorewall-tunnels(5),
shorewall-zones(5)NOTES
1. shorewall-interfaces
http://www.shorewall.net/manpages/shorewall-interfaces.html
2. shorewall.conf
http://www.shorewall.net/manpages/shorewall.conf.html
[FIXME: source] 06/28/2012 SHOREWALL-ROUTESTOP(5)