Search Results

Search found 131 results on 6 pages for 'ufw'.

Page 4/6 | < Previous Page | 1 2 3 4 5 6  | Next Page >

  • What Logs / Process Stats to monitor on a Ubuntu FTP server?

    - by Adam Salkin
    I am administering a server with Ubuntu Server which is running pureFTP. So far all is well, but I would like to know what I should be monitoring so that I can spot any potential stability and security issues. I'm not looking for sophisticated software, more an idea of what logs and process statistics are most useful for checking on the health of the system. I'm thinking that I can look at various parameters output from the "ps" command and compare to see if I have things like memory leaks. But I would like to know what experienced admins do. Also, how do I do a disk check so that when I reboot, I don't get a message saying something like "disk not checked for x days, forcing check" which delays the reboot? I assume there is command that I can run as a cron job late at night. How often should it be run? What things should I be looking at to spot intrusion attempts? The only shell access is SSH on a non-standard port through UFW firewall, and I regularly do a grep on auth.log for "Fail" or "Invalid". Is there anything else I should look at? I was logging the firewall (UFW) but I have very few open ports (FTP and SSH on a non standard port) so looking at lists of IP's that have been blocked did not seem useful. Many thanks

    Read the article

  • What Logs / Process Stats to monitor on a Ubuntu FTP server?

    - by Adam Salkin
    I am administering a server with Ubuntu Server which is running pureFTP. So far all is well, but I would like to know what I should be monitoring so that I can spot any potential stability and security issues. I'm not looking for sophisticated software, more an idea of what logs and process statistics are most useful for checking on the health of the system. I'm thinking that I can look at various parameters output from the "ps" command and compare to see if I have things like memory leaks. But I would like to know what experienced admins do. Also, how do I do a disk check so that when I reboot, I don't get a message saying something like "disk not checked for x days, forcing check" which delays the reboot? I assume there is command that I can run as a cron job late at night. How often should it be run? What things should I be looking at to spot intrusion attempts? The only shell access is SSH on a non-standard port through UFW firewall, and I regularly do a grep on auth.log for "Fail" or "Invalid". Is there anything else I should look at? I was logging the firewall (UFW) but I have very few open ports (FTP and SSH on a non standard port) so looking at lists of IP's that have been blocked did not seem useful. Many thanks

    Read the article

  • What is the current state of Ubuntu's transition from init scripts to Upstart? [migrated]

    - by Adam Eberlin
    What is the current state of Ubuntu's transition from init.d scripts to upstart? I was curious, so I compared the contents of /etc/init.d/ to /etc/init/ on one of our development machines, which is running Ubuntu 12.04 LTS Server. # /etc/init.d/ # /etc/init/ acpid acpid.conf apache2 --------------------------- apparmor --------------------------- apport apport.conf atd atd.conf bind9 --------------------------- bootlogd --------------------------- cgroup-lite cgroup-lite.conf --------------------------- console.conf console-setup console-setup.conf --------------------------- container-detect.conf --------------------------- control-alt-delete.conf cron cron.conf dbus dbus.conf dmesg dmesg.conf dns-clean --------------------------- friendly-recovery --------------------------- --------------------------- failsafe.conf --------------------------- flush-early-job-log.conf --------------------------- friendly-recovery.conf grub-common --------------------------- halt --------------------------- hostname hostname.conf hwclock hwclock.conf hwclock-save hwclock-save.conf irqbalance irqbalance.conf killprocs --------------------------- lxc lxc.conf lxc-net lxc-net.conf module-init-tools module-init-tools.conf --------------------------- mountall.conf --------------------------- mountall-net.conf --------------------------- mountall-reboot.conf --------------------------- mountall-shell.conf --------------------------- mounted-debugfs.conf --------------------------- mounted-dev.conf --------------------------- mounted-proc.conf --------------------------- mounted-run.conf --------------------------- mounted-tmp.conf --------------------------- mounted-var.conf networking networking.conf network-interface network-interface.conf network-interface-container network-interface-container.conf network-interface-security network-interface-security.conf newrelic-sysmond --------------------------- ondemand --------------------------- plymouth plymouth.conf plymouth-log plymouth-log.conf plymouth-splash plymouth-splash.conf plymouth-stop plymouth-stop.conf plymouth-upstart-bridge plymouth-upstart-bridge.conf postgresql --------------------------- pppd-dns --------------------------- procps procps.conf rc rc.conf rc.local --------------------------- rcS rcS.conf --------------------------- rc-sysinit.conf reboot --------------------------- resolvconf resolvconf.conf rsync --------------------------- rsyslog rsyslog.conf screen-cleanup screen-cleanup.conf sendsigs --------------------------- setvtrgb setvtrgb.conf --------------------------- shutdown.conf single --------------------------- skeleton --------------------------- ssh ssh.conf stop-bootlogd --------------------------- stop-bootlogd-single --------------------------- sudo --------------------------- --------------------------- tty1.conf --------------------------- tty2.conf --------------------------- tty3.conf --------------------------- tty4.conf --------------------------- tty5.conf --------------------------- tty6.conf udev udev.conf udev-fallback-graphics udev-fallback-graphics.conf udev-finish udev-finish.conf udevmonitor udevmonitor.conf udevtrigger udevtrigger.conf ufw ufw.conf umountfs --------------------------- umountnfs.sh --------------------------- umountroot --------------------------- --------------------------- upstart-socket-bridge.conf --------------------------- upstart-udev-bridge.conf urandom --------------------------- --------------------------- ureadahead.conf --------------------------- ureadahead-other.conf --------------------------- wait-for-state.conf whoopsie whoopsie.conf To be honest, I'm not entirely sure if I'm interpreting the division of responsibilities properly, as I didn't expect to see any overlap (of what framework handles which services). So I was quite surprised to learn that there was a significant amount of overlap in service references, in addition to being unable to discern which of the two was intended to be the primary service framework. Why does there seem to be a fair amount of redundancy in individual service handling between init.d and upstart? Is something else at play here that I'm missing? What is preventing upstart from completely taking over for init.d? Is there some functionality that certain daemons require which upstart does not yet have, which are preventing some services from converting? Or is it something else entirely?

    Read the article

  • How to allow remote connections to Flask?

    - by Ilya Smagin
    Inside the system, running on virtual machine, I can access the running server at 127.0.0.1:5000. Although the 'remote' address of the vm is 192.168.56.101 (ping and ssh work fine), I cannot access the server with 192.168.50.101:5000 neither from the virtual machine nor from the local one. I guess there's something preventing remote connections. Here's /etc/network/interfaces: auto eth1 iface eth1 inet static address 192.168.56.101 netmask 255.255.255.0 ufw is inactive. How do I fix this problem?

    Read the article

  • Ping works , but unable to do ssh

    - by gpuguy
    I disabled the firewall with sudo ufw disable, I can ping the server, the server can ping me but I can't ssh to it: root@ubuntu:/home/acme# ssh 192.168.1.6 ssh: connect to host 192.168.1.6 port 22: Connection refused I removed ssh and reinstalled : sudo apt-get remove openssh-client openssh-server sudo apt-get install openssh-client openssh-server But still ssh is not working and I get the error connection refused How do I tackle this issue? Here are some other stuff I have tried so far: root@ubuntu:/home/acme# sudo service ssh start start: Job is already running: ssh root@ubuntu:/home/acme# ps aux | grep ssh acme 6548 0.0 0.0 12576 320 ? Ss 04:09 0:00 /usr/bin/ssh-agent /usr/bin/dbus-launch --exit-with-session gnome-session --session=ubuntu root 22219 0.0 0.1 50040 2852 ? Ss 05:10 0:00 /usr/sbin/sshd -D root 22277 0.0 0.0 8116 896 pts/0 S+ 05:17 0:00 grep --color=auto ssh Update for future visitors removing and reinstalling ssh on the server worked for me : sudo apt-get remove openssh-client openssh-server sudo apt-get install openssh-client openssh-server

    Read the article

  • How do I open port 51413 for Transmission?

    - by user94159
    Just moved to ubuntu on my macbook and spend whole day trying to open transmission port 51413. Already done: I have ufw but i opened ports there and tried without it - probably not the problem 51413/tcp ALLOW Anywhere 51413/tcp ALLOW Anywhere (v6) 21/tcp ALLOW OUT Anywhere 80 ALLOW OUT Anywhere 143 ALLOW OUT Anywhere 2049 ALLOW OUT Anywhere 110 ALLOW OUT Anywhere 135,139,445/tcp ALLOW OUT Anywhere 137,138/udp ALLOW OUT Anywhere 25/tcp ALLOW OUT Anywhere 631 ALLOW OUT Anywhere 443/tcp ALLOW OUT Anywhere 53/udp ALLOW OUT Anywhere 123/udp ALLOW OUT Anywhere 993/tcp ALLOW OUT Anywhere 465/tcp ALLOW OUT Anywhere 51413/tcp ALLOW OUT Anywhere router Pirelli DRG A125G; tried disabling firewall, forwarding ports according portforward.com but I have no experience with such thing so I dont know if i succeeded On transmission still shows port blocked and nothing is downloading... CanYouSeeMe.org tried tu use to see if ports are open but it shows that port is blocked Also tried qbitorrent it also doesnt work

    Read the article

  • ipv6 just wont go away 12.10 server

    - by VladoPortos
    After very long time using Ubuntu old LTS version I have re-installed to new LTS 12.10, but I can't get rid of ipv6 ! I have did: in /etc/modprobe.d/blacklist.conf: blacklist ipv6 blacklist ip6table_filter blacklist ip6_tables in /etc/sysctl.conf net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 net.ipv6.conf.lo.disable_ipv6 = 1 But ufw happily use v6 protocol, and in dmesg: ip6_tables: (C) 2000-2006 Netfilter Core Team . . IPv6: ADDRCONF(NETDEV_CHANGE): em1: link becomes ready What is going to take to get rid of IPv6 ? I swear Terminator didn't put so much fight.

    Read the article

  • SSH not working from outside network

    - by alexander7567
    Ok.. First off my ISP does not block ports. I run web server just fine from another machine. I have port forwarded port 22. I can access within network but not out of.. I.E. my android. I get "The Operation Timed Out" on ConnectBot. Oh and I have allowed 22 on UFW. To answer what exactly happened was my ISP blocks port 22, even though a while back they told me they do not block any ports.. I changed it to port 27 and it worked without a problem.

    Read the article

  • How can I use smbclient to connect to Windows shares by hostname when a firewall is enabled?

    - by skyblue
    I can't connect to file shares on Windows computers using smbclient -L //hostname when the firewall is enabled. This occurs whether I'm using ufw (which allows outgoing traffic and replies back in with the default configuration) or iptables (where I'm allowing outgoing traffic and replies back in with iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT). However, smbclient -L //ip-address works whether the firewall is enabled or not. I also tested this against a Samba server running on Ubuntu and again smbclient -L //hostname does not work when the firewall is enabled, but smbclient -L //ip-address works whether the firewall is enabled or not. For reference, here are the iptables rules I used during testing: *filter :INPUT DROP [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -d 224.0.0.251/32 -p udp -m udp --dport 5353 -j ACCEPT COMMIT

    Read the article

  • How large should I make root, home, usr, var, and tmp partitions?

    - by Teddy Okidoki
    i install ubuntu server 10.04, have 64 Gb VHD. And want to separate partitions in this mode: /dev/xvda0 p on swap (2 Gb) /dev/xvda1a0 e on /boot (128 Mb) /dev/xvda1a1 e on / type ffs (local) /dev/xvda1a2 e on /usr type ffs (local, nodev) /dev/xvda1a3 e on /tmp type ffs (local, nodev) /dev/xvda1a4 e on /var/log type ffs (local, nodev) /dev/xvda1a5 e on /var type ffs (local, nodev, nosuid) /dev/xvda1a6 e on /home type ffs (local, nodev, nosuid, with quotas) /dev/xvda2 p on /new (local, nodev, nosuid, noexec) with rest of space ~50Gb. But i'ma stuck, and don't know what size to give to each folder. Also i want to encrypt partitions. Thank you for any tips. EDIT: System need minimum size, here will be installed about 10 apps like ufw, apache,mysql, chkrootkit and so on.

    Read the article

  • SSH refusing connection after changing default port

    - by wm90
    currently I'm handling 2 server (A and B). In server A I installed Ubuntu 12.10. I changed the SSH port into 1198 and it works fine. In server B it has been installed with Ubuntu 11.04. I tried to change the port number into 1198 as well but it refused the connection when I tried to connect again using Putty. I change the SSH configuration on /etc/ssh/sshd_config and I did restart the SSH using sudo service ssh restart. I was thinking its because of firewall allowed port but the firewall shows inactive when I run sudo ufw status. Any idea why this can happened?

    Read the article

  • ssh client times out to some servers, works on others

    - by mmdanziger
    I have a strange problem and I'm not sure where to begin. My ssh client works on some servers but times out on others. Obviously, I checked that the servers are accessible via ssh from other locations. From my machine A I can log on to C only by logging on to B first. There are at least two servers for which this is the case. To make matters more strange sudo ufw status - Status: inactive nmap -sT -p 22 <problem_server> - ...22/tcp open ssh... On one affected server I am getting: ssh_exchange_identification: Connection closed by remote host and on the other I am getting ssh: connect to host <problem_server> port 22: Connection timed out With both of these servers I can log in from other machines. How can I troubleshoot such a problem?

    Read the article

  • Diagnosing packet loss / high latency in Ubuntu

    - by Sam Gammon
    We have a Linux box (Ubuntu 12.04) running Nginx (1.5.2), which acts as a reverse proxy/load balancer to some Tornado and Apache hosts. The upstream servers are physically and logically close (same DC, sometimes same-rack) and show sub-millisecond latency between them: PING appserver (10.xx.xx.112) 56(84) bytes of data. 64 bytes from appserver (10.xx.xx.112): icmp_req=1 ttl=64 time=0.180 ms 64 bytes from appserver (10.xx.xx.112): icmp_req=2 ttl=64 time=0.165 ms 64 bytes from appserver (10.xx.xx.112): icmp_req=3 ttl=64 time=0.153 ms We receive a sustained load of about 500 requests per second, and are currently seeing regular packet loss / latency spikes from the Internet, even from basic pings: sam@AM-KEEN ~> ping -c 1000 loadbalancer PING 50.xx.xx.16 (50.xx.xx.16): 56 data bytes 64 bytes from loadbalancer: icmp_seq=0 ttl=56 time=11.624 ms 64 bytes from loadbalancer: icmp_seq=1 ttl=56 time=10.494 ms ... many packets later ... Request timeout for icmp_seq 2 64 bytes from loadbalancer: icmp_seq=2 ttl=56 time=1536.516 ms 64 bytes from loadbalancer: icmp_seq=3 ttl=56 time=536.907 ms 64 bytes from loadbalancer: icmp_seq=4 ttl=56 time=9.389 ms ... many packets later ... Request timeout for icmp_seq 919 64 bytes from loadbalancer: icmp_seq=918 ttl=56 time=2932.571 ms 64 bytes from loadbalancer: icmp_seq=919 ttl=56 time=1932.174 ms 64 bytes from loadbalancer: icmp_seq=920 ttl=56 time=932.018 ms 64 bytes from loadbalancer: icmp_seq=921 ttl=56 time=6.157 ms --- 50.xx.xx.16 ping statistics --- 1000 packets transmitted, 997 packets received, 0.3% packet loss round-trip min/avg/max/stddev = 5.119/52.712/2932.571/224.629 ms The pattern is always the same: things operate fine for a while (<20ms), then a ping drops completely, then three or four high-latency pings (1000ms), then it settles down again. Traffic comes in through a bonded public interface (we will call it bond0) configured as such: bond0 Link encap:Ethernet HWaddr 00:xx:xx:xx:xx:5d inet addr:50.xx.xx.16 Bcast:50.xx.xx.31 Mask:255.255.255.224 inet6 addr: <ipv6 address> Scope:Global inet6 addr: <ipv6 address> Scope:Link UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1 RX packets:527181270 errors:1 dropped:4 overruns:0 frame:1 TX packets:413335045 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:240016223540 (240.0 GB) TX bytes:104301759647 (104.3 GB) Requests are then submitted via HTTP to upstream servers on the private network (we can call it bond1), which is configured like so: bond1 Link encap:Ethernet HWaddr 00:xx:xx:xx:xx:5c inet addr:10.xx.xx.70 Bcast:10.xx.xx.127 Mask:255.255.255.192 inet6 addr: <ipv6 address> Scope:Link UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1 RX packets:430293342 errors:1 dropped:2 overruns:0 frame:1 TX packets:466983986 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:77714410892 (77.7 GB) TX bytes:227349392334 (227.3 GB) Output of uname -a: Linux <hostname> 3.5.0-42-generic #65~precise1-Ubuntu SMP Wed Oct 2 20:57:18 UTC 2013 x86_64 GNU/Linux We have customized sysctl.conf in an attempt to fix the problem, with no success. Output of /etc/sysctl.conf (with irrelevant configs omitted): # net: core net.core.netdev_max_backlog = 10000 # net: ipv4 stack net.ipv4.tcp_ecn = 2 net.ipv4.tcp_sack = 1 net.ipv4.tcp_fack = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_tw_recycle = 0 net.ipv4.tcp_timestamps = 1 net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_no_metrics_save = 1 net.ipv4.tcp_max_syn_backlog = 10000 net.ipv4.tcp_congestion_control = cubic net.ipv4.ip_local_port_range = 8000 65535 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_synack_retries = 2 net.ipv4.tcp_thin_dupack = 1 net.ipv4.tcp_thin_linear_timeouts = 1 net.netfilter.nf_conntrack_max = 99999999 net.netfilter.nf_conntrack_tcp_timeout_established = 300 Output of dmesg -d, with non-ICMP UFW messages suppressed: [508315.349295 < 19.852453>] [UFW BLOCK] IN=bond1 OUT= MAC=<mac addresses> SRC=118.xx.xx.143 DST=50.xx.xx.16 LEN=68 TOS=0x00 PREC=0x00 TTL=51 ID=43221 PROTO=ICMP TYPE=3 CODE=1 [SRC=50.xx.xx.16 DST=118.xx.xx.143 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=10220 DF PROTO=TCP SPT=80 DPT=53817 WINDOW=8190 RES=0x00 ACK FIN URGP=0 ] [517787.732242 < 0.443127>] Peer 190.xx.xx.131:59705/80 unexpectedly shrunk window 1155488866:1155489425 (repaired) How can I go about diagnosing the cause of this problem, on a Debian-family Linux box?

    Read the article

  • Help me solve my problem with NPR Media Player

    - by Calcipher
    First of, let me apologize for this getting a bit technical. Several weeks ago, I found that while using NPR's media player (e.g. click on 'Listen to the Show' - this is what I've been using as a test) the stream would suddenly halt after a minute or three. I could not get the stream to restart without reloading the page. Now, I assumed this was an issue with NPR's player and Linux (or just a bug in their stuff in general) so I began to dig, the following is what I have tried to date (please note, the tldr; option is to skip to the latest thing as I think I know what is causing the problem). Note: All testing has been done, for consistency purposes, on a clean install of Chromium with no pluggins running. My machine is Ubuntu 10.10x64. First thing I always try, I disabled all firewall stuff on the system (UFW, default deny all, allow ssh). No change, firewall back up for all additional tests unless otherwise noted. In any case, UFW is stateful, so connections it started on a non-specified on different ports will continue to work. I deleted my ~/.macromeda and ~/.adobe folders, restarted (just to be sure) and tried. Program still froze. I decided the problem might be with my install of flash, so I purged the version I had (and the home folders again). I installed the x64 version of flash from a PPA. This had no effect. I decided that the problem might be with the version of flash, so I purged the x64 version and installed the standard x32 version that comes with Ubuntu. No luck. Back to the x64 version for consistency, I decided to set up a 64-bit mini 'clone' of my system in VirtualBox. I was able to run the media player with no problem. I rsynced (in archive mode) my home directory from my real machine to the virtual machine (with bridged networking, so it was fully visible on the network). I also used a few tricks to install ALL of the same software (and repositories) from the real machine to the virtual machine. I was still able to listen to the player. I decided that the problem was with my install (after all, it had gone through two major version upgrades). As I have /home/ on a separate partition it was easy to reinstall and use the same trick from #6 to have my system up and running again within about an hour. I continue to have issues with the NPR Media Player. By this point the weekend had come. At work, I use a wired connection while at home I use a wireless connection. For some reason I forgot that I was having problems and used the NPR Media Player over the weekend. Low and behold it worked just fine at home on wireless (note: for various reasons, I could not test this on wired at home). Following from #6, I decided that the problem was either something with the network at work or still something with my account. As the latter was easier to test, I created a new account on my system and used that at work. The Media Player worked. At a loss, I decided to watch the traffic with tshark (the text based brother of wireshark) - X's to protect the innocent, I am the XXX.24.200.XXX: sudo tshark -i eth0 -p -t a -R "ip.addr == XXX.24.200.XXX && ip.addr == XXX.166.98.XXX" As you would expect, there were tons and tons of packets, but each and every time the player froze, this is what I got 08:42:20.679200 XXX.166.98.XXX - XXX.24.200.XXX TCP macromedia-fcs 56371 [PSH, ACK] Seq=817686 Ack=6 Win=65535 Len=1448 TSV=495713325 TSER=396467 08:42:20.718602 XXX.24.200.XXX - XXX.166.98.XXX TCP [TCP ZeroWindow] 56371 macromedia-fcs [ACK] Seq=6 Ack=819134 Win=0 Len=0 TSV=396475 TSER=495713325 08:42:21.050183 XXX.166.98.XXX - XXX.24.200.XXX TCP [TCP ZeroWindowProbe] macromedia-fcs 56371 [ACK] Seq=819134 Ack=6 Win=65535 Len=1 TSV=495713362 TSER=396475 08:42:21.050221 XXX.24.200.XXX - XXX.166.98.XXX TCP [TCP ZeroWindowProbeAck] [TCP ZeroWindow] 56371 macromedia-fcs [ACK] Seq=6 Ack=819134 Win=0 Len=0 TSV=396508 TSER=495713362 08:42:21.680548 XXX.166.98.XXX - XXX.24.200.XXX TCP [TCP ZeroWindowProbe] macromedia-fcs 56371 [ACK] Seq=819134 Ack=6 Win=65535 Len=1 TSV=495713425 TSER=396508 08:42:21.680605 XXX.24.200.XXX - XXX.166.98.XXX TCP [TCP ZeroWindowProbeAck] [TCP ZeroWindow] 56371 macromedia-fcs [ACK] Seq=6 Ack=819134 Win=0 Len=0 TSV=396571 TSER=495713425 08:42:22.910354 XXX.166.98.XXX - XXX.24.200.XXX TCP [TCP ZeroWindowProbe] macromedia-fcs 56371 [ACK] Seq=819134 Ack=6 Win=65535 Len=1 TSV=495713548 TSER=396571 08:42:22.910400 XXX.24.200.XXX - XXX.166.98.XXX TCP [TCP ZeroWindowProbeAck] [TCP ZeroWindow] 56371 macromedia-fcs [ACK] Seq=6 Ack=819134 Win=0 Len=0 TSV=396694 TSER=495713548 08:42:25.340458 XXX.166.98.XXX - XXX.24.200.XXX TCP [TCP ZeroWindowProbe] macromedia-fcs 56371 [ACK] Seq=819134 Ack=6 Win=65535 Len=1 TSV=495713791 TSER=396694 08:42:25.340517 XXX.24.200.XXX - XXX.166.98.XXX TCP [TCP ZeroWindowProbeAck] [TCP ZeroWindow] 56371 macromedia-fcs [ACK] Seq=6 Ack=819134 Win=0 Len=0 TSV=396937 TSER=495713791 08:42:30.170698 XXX.166.98.XXX - XXX.24.200.XXX TCP [TCP ZeroWindowProbe] macromedia-fcs 56371 [ACK] Seq=819134 Ack=6 Win=65535 Len=1 TSV=495714274 TSER=396937 08:42:30.170746 XXX.24.200.XXX - XXX.166.98.XXX TCP [TCP ZeroWindowProbeAck] [TCP ZeroWindow] 56371 macromedia-fcs [ACK] Seq=6 Ack=819134 Win=0 Len=0 TSV=397420 TSER=495714274 08:42:39.801738 XXX.166.98.XXX - XXX.24.200.XXX TCP [TCP ZeroWindowProbe] macromedia-fcs 56371 [ACK] Seq=819134 Ack=6 Win=65535 Len=1 TSV=495715237 TSER=397420 08:42:39.801784 XXX.24.200.XXX - XXX.166.98.XXX TCP [TCP ZeroWindowProbeAck] [TCP ZeroWindow] 56371 macromedia-fcs [ACK] Seq=6 Ack=819134 Win=0 Len=0 TSV=398383 TSER=495715237 08:42:59.032648 XXX.166.98.XXX - XXX.24.200.XXX TCP [TCP ZeroWindowProbe] macromedia-fcs 56371 [ACK] Seq=819134 Ack=6 Win=65535 Len=1 TSV=495717160 TSER=398383 08:42:59.032696 XXX.24.200.XXX - XXX.166.98.XXX TCP [TCP ZeroWindowProbeAck] [TCP ZeroWindow] 56371 macromedia-fcs [ACK] Seq=6 Ack=819134 Win=0 Len=0 TSV=400306 TSER=495717160 08:43:00.267721 XXX.24.200.XXX - XXX.166.98.XXX TCP 56371 macromedia-fcs [FIN, ACK] Seq=6 Ack=819134 Win=0 Len=0 TSV=400430 TSER=495717160 08:43:00.267827 XXX.24.200.XXX - XXX.166.98.XXX TCP 56371 macromedia-fcs [RST, ACK] Seq=7 Ack=819134 Win=65535 Len=0 TSV=400430 TSER=495717160 So, as you can see, my machine is sending out a ZeroWindow packet (which I think means some buffer or another filled up) which causes the Media Player to halt (unfortunately, terminally - no controls on it really do anything anymore). Any ideas, at all, what would cause this? Why only on eth0 under my main account?

    Read the article

  • how to enable remote access to a MySQL server on an AZURE virtual machine

    - by Rees
    I have an AZURE virtual machine with a MySQL server installed on it running ubuntu 13.04. I am trying to remote connect to the MySQL server however get the simple error "Can't connect to MySQL server on {IP}" I have already done the follow: * commented out the bind-address within the /etc/mysql/my.cnf * commented out skip-external-locking within the same my.cnf * "ufw allow mysql" * "iptables -A INPUT -i eth0 -p tcp -m tcp --dport 3306 -j ACCEPT" * setup an AZURE endpoint for mysql * "sudo netstat -lpn | grep 3306" does indeed show mysql LISTENING * "GRANT ALL ON *.* TO remote@'%' IDENTIFIED BY 'password'; * "GRANT ALL ON *.* TO remote@'localhost' IDENTIFIED BY 'password'; * "/etc/init.d/mysql restart" * I can connect via SSH tunneling, but not without it * I have spun up an identical ubuntu 13.04 server on rackspace and SUCCESSFULLY connected using the same procedures outlined here. NONE of the above works on my azure server however. I thought the creation of an endpoint would work, but no luck. Any help please? Is there something I'm missing entirely?

    Read the article

  • MySQL port 3306 became filtered when configured with Keepalived on Ubuntu server 12.04 lts

    - by Ludwig
    I'm configuring two load balancer (lb01 & lb02) with keepalived for my two mysql server (db01 & db02) with standard port 3306. There is virtual ip address (192.168.205.10) to access it also act as failover, but somehow the web server in the front can't access this mysql server using vip. Here is my config: Keepalived: Only the mysql part that i added here. LB01: virtual_server 192.168.205.10 3306 { delay_loop 6 lb_algo rr lb_kind DR protocol TCP real_server 192.168.205.4 3306 { weight 10 TCP_CHECK { connect_port 3306 connect_timeout 2 } } } LB02: virtual_server 192.168.205.10 3306 { delay_loop 6 lb_algo rr lb_kind DR protocol TCP real_server 192.168.205.6 3306 { weight 10 TCP_CHECK { connect_port 3306 connect_timeout 2 } } } I already comment out the "bind-address=127.0.0.1" part in both server my.cnf. Also, remove all the firewall prog from my ubuntu server (ufw or iptables). Any help? thanks.

    Read the article

  • Unable to connect my computer from LAN (http, smb) in UBUNTU 10.04

    - by Abdul Majeed
    I installed ubuntu 10.04, Apache, PHP, mysql, smb. Everything work fine in locally in my IP. When i trying to access my computer from LAN (other computer), it shows unable to connect. when i ping my IP from remote computer, its pinging OK. I can access internet, and all other systems (http, smb). But the problem is no one can't access my computer remotely in my LAN network. My ip is 192.168.85.105 and i want access(Appaceh,SMB) from 192.168.85.10. Is there any proxy firewall settings? I had tried following commands.. sudo iptables -F or sudo iptables-restore [logout require] If it does not work then try to disable net-filter sudo ufw --disable Please give me the solution.

    Read the article

  • approx via inetd is not open to connection for others machines

    - by Cédric Girard
    I have an approx server to speed up Debian apt updates, on my Ubuntu 11.04 desktop PC, it had ran fine in the past, but today le 9999 port is open from localhost, but not for others PC. I have not modified inetd configuration at all. What can I check and try? inetd.conf 9999 stream tcp nowait approx /usr/sbin/approx /usr/sbin/approx approx.com # Here are some examples of remote repository mappings. # See http://www.debian.org/mirror/list for mirror sites. debian http://ftp2.fr.debian.org/debian security http://security.debian.org/debian-security volatile http://volatile.debian.org/debian-volatile # The following are the default parameter values, so there is # no need to uncomment them unless you want a different value. # See approx.conf(5) for details. $cache /espace/Dossiers/approx $max_rate unlimited $max_redirects 5 $user approx $group approx $syslog daemon $pdiffs true $offline false $max_wait 10 $verbose false $debug false I tried to allow others PC to connect with a "ALL: ALL" in hosts.allow. ufw is disabled, iptables-save is empty.

    Read the article

  • Configuring vsftpd with nginx on ubuntu

    - by arby
    I have vsftpd installed on Ubuntu 12.04LTS along with nginx, php, and sql on an Amazon ec2 instance. The web server is good to go, but I'm having trouble connecting to the FTP server. I'm not quite sure how to set the privileges or what configuration options I might be missing. By default, the location of the web root is at /usr/share/nginx/www and it is owned by root:root. The web server runs as user www-data in the group www-data. I've opened port 21 and set the passive ports in the ec2 backend and ufw firewall. In vsftpd.conf, I have: ... anonymous_enable=NO local_enable=YES local_umask=0027 chroot_local_user=YES pasv_enable=YES pas_max_port=12100 pasv_min_port=12000 port_enable=YES ... Now, I'm unsure how to create the FTP user that when I login, displays my web directory with write access. I've tried it a few different ways, but I keep running into errors (either no connection, no write access, or very slow timeouts.)

    Read the article

  • linux intrusion detection software

    - by Sam Hammamy
    I have an Ubuntu VPS that I use for practice and deploying prototypes as I am a python developer. I recently started teaching my self sys admin tasks, like installing OpenLDAP. I happened to turn off the ufw firewall for just a minute, and when I ran an netstat command, I saw a foreign ip connected to ssh that I traced to china. I'd like to know a few things: 1) Is there any good network intrusion detection software, such that if any IP that's outside a specific range connects to the VPN, I can be notified? -- I am thinking about scripting this, but I'm pretty sure there's something useful out there and I believe in the wisdom of crowds. 2) How did this person gain access to my server? Is it because my firewall was down? Or is it because they browsed my LDAP directory and from there figured out a way to connect (there was a clear text password in the tree but it wasn't one used by the server's sshd)?

    Read the article

  • Cannot connect to HTTPS port on Ubuntu

    - by Simpleton
    I've installed a new SSL certificate and set up Nginx to use it. But requests time out when trying to hit HTTPS on the site. When I telnet to my domain on port 80 it connects, but times out on port 443. I'm not sure if there's some defaults on Ubuntu preventing a connection. UFW status shows: 443 ALLOW Anywhere netstat -a shows: tcp 0 0 *:https *:* LISTEN nmap localhost shows: 443/tcp open https The relevant block in the Nginx config is: server { listen 443; listen [::]:80 ipv6only=on; listen 80; root /path/to/app; server_name mydomain.com ssl on; ssl_certificate /etc/nginx/ssl/ssl-bundle.crt; ssl_certificate_key /etc/nginx/ssl/server.key; location / { proxy_pass http://mydomain.com; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } }

    Read the article

  • Can't get port forwarding to work on Ubuntu

    - by Znarkus
    I'm using my home server as NAT/router, which works well. But now I'm trying to forward port 3478, which I can't get to work. eth0 = public interface eth1 = private network $ cat /proc/sys/net/ipv4/conf/eth0/forwarding 1 $ cat /proc/sys/net/ipv4/conf/eth1/forwarding 1 Then to forward port 3478 to 10.0.0.7, I read somewhere that I should run iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 3478 -j DNAT --to-destination 10.0.0.7:3478 iptables -A FORWARD -p tcp -d 10.0.0.7 --dport 3478 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT I also ran ufw allow 3478 But testing port 3478 with http://www.canyouseeme.org/ doesn't work. Any idea what I have done wrong?

    Read the article

  • Can't connect to service on ubuntu?

    - by user36914
    I have a service i just installed on a ubuntu workstation machine. Say its running under port 511. I can connect locally : telnet localhost 511 When i try to connect from a remote machine it fails telnet 192.168.0.1 511 Whats wierd is i tried to connect locally using the ip address and i get the following error: "Unable to connect to remote host: Connection Refused" I checked the status of the firewall: sudo ufw status and get back "status:inactive" So does anyone know why i can't connect remotely since the firewall is disabled and why can't i connect locally using its ip address. I don't know if this matters but its running under esxi.

    Read the article

  • Step by Step Install of MAAS and JUJU

    - by John S
    I am working on understanding the pieces that I am missing in being able to deploy Juju across the other MAAS nodes. I don't know If I have a step out of place, or missing a few. The server owns the router which handles the DHCP and DNS. Any assistance is greatly appreciated. When I am at the end I will either get a 409 error, or arbitrary pick tools 1.16.0 error. It is worth mentioning that local, and aws works fine. Hopefully with all of these steps spelled out it will help someone else along the way too. Steps Setting Up MAAS and JUJU - 12.04 LTS Clean install SSH only from the package selection during install sudo apt-get install software-properties-common sudo apt-get install python-software-properties sudo add-apt-repository ppa:maas-maintainers/stable sudo add-apt-repository ppa:juju/stable sudo apt-get update sudo apt-get dist-upgrade sudo reboot sudo apt-get install maas maas-dns maas-dhcp sudo ufw disable sudo reboot - edit /etc/dhcp/dhcpd.conf authoritive subnet 10.0.0.0 netmask 255.255.255.0 { next-server 10.0.0.2; filename "pxelinux.0"; } sudo maas createsuperuser sudo maas-import-pxe-files Login to MAAS http://10.x.x.x/MAAS cluster controller configuration for eth0 manage dhcp and dns IP 10.0.0.2 subnet 255.255.255.0 broadcast 10.0.0.0 routerip 10.0.0.1 ip low 10.0.0.5 ip high 10.0.0.180 Commissioning default and distro is set at 12.04 default domain is at local sudo maas-cli login maas http://10.x.x.x/MAAS/api/1.0 api-key ssh-keygen -t rsa -b 2048 - enter - no password - cat id_rsa.pub and enter key into MAAS ssh sudo maas-cli maas nodes accept-all (interestingly enough I only get back [] when executing this ) PXE one machine, accept and commision, start and deploy. sudo apt-get install juju-core juju-local MAAS config: maas: type: maas maas-server: '://10.x.x.x:80/MAAS' maas-oauth: 'MAAS_API_KEY' admin-secret: 'nothing' default-series: 'precise' juju switch maas sudo juju bootstrap --show-log

    Read the article

< Previous Page | 1 2 3 4 5 6  | Next Page >