| |
| |
| |
|
Page: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
Comments:
<0> samiches
<1> my server is being flooded right now!
<2> that's too bad.
<1> how to block tcp connections from a specific ip??
<3> man iptables
<4> iptables -P INPUT DROP
<1> input drop?
<0> p3nguin: good policy
<4> That's what his should have been already.
<5> Wow, my college is on the ball this year.
<0> PHPdoc: I recommend all policies be DROP
<1> guys, around 30 sites are down right now, please be serious
<4> Apparerntly it isn't that, though.
<5> They've already blocked bash.org and ytmnd.c :|
<0> we are serious
<0> your default policy should always be DROP
<4> phpdoc: DROP all on the INPUt side, then allow only the ones you want.
<0> PHPdoc: then later invest in mod_sec
<1> but if i drop all, ill be dropped too, im using ssh
<0> then to tighten things up use iplimit and limit
<0> PHPdoc: then allow your own established and related connections
<0> http://cancel.kicks-***.net/public/guest/howto/iptables
<4> iptables -I INPUT -p all -m state --state ESTABLISHED,RELATED -j ACCEPT
<4> iptables -P INPUT DROP
<4> Fixed.
<5> PHPdoc: Then add your exceptions before adding your default rule. :P
<0> p3nguin: you are turned into an iptables xen master
<0> policies are first
<0> policy is the default rule
<1> can you guys give me a rule to drop a specific ip???
<0> iptables -p all -s ip.goes.here -j DROP
<0> and read the url I just gave you
<0> helpful examples there
<0> of course add the -A INPUT
<0> or -I 1 so its at the top
<0> I suggest you start reading up on the netfilter as well
<0> as you shouldnt even be in the predicament you are in
<1> is "netstat" good enough to see if im flooded?
<4> netstat can show you established sockets of listening daemons.
<4> (along with other things, of course)
<0> iptraf may be good you can see a tad more
<3> depends on the type of flooding. I would suggest using Ethereal to really get a grip on what's going on
<1> iptraf doesnt work :(
<4> It does if you are the system administrator.
<0> well I'd say you need to tighten up your iptables before you start worrying about monitoring
<0> prioritize
<1> ok so i have this ip which does the most traffic to my server, sending much packets - 89.0.90.178
<1> great, thats my ip
<1> i ****
<2> lmfao.
<6> better have strong p***words
<2> pwn3d.
<1> isnt that funny
<6> you will be brute forced for at least 3 people relentlessly
<6> by at least*
<1> iptraf shows that everything is calm
<0> PHPdoc: iptables
<0> learn to use limit and iplimit
<1> why? its my winxp ip, not the server
<0> sad thing is you are for real
<0> uhh because limit and iplimit limit the number connections a single host can make or connections ina time period
<4> "I was wrong, so I don't need to have good security."
<1> i cant learn iptables in a few min! my boss is mad on the phone....
<4> Actually you can.
<1> im the programmer, not the sysadmin, the sysadmin doesnt answer to him
<4> cancel gave you a very good example page with commenting.
<0> actually you can learn it in a few minutes
<0> but key is you have to loose the stinkin thinkin and want to learn it
<5> If you're not the system administrator, then why are they asking you?
<4> And the both of us gave you some rules to issue to accomplish exactly what you asked to do.
<0> I gave him my page with rulesets and howtos
<5> I'm going to piss myself laughing if the file download page at my university will allow me to upload a .php that will cat out their config.php.inc.
<4> In a pinch, read the rules, pick which ones are needed. THEN learn what they do and how to use them more effeciently.
<0> jeian: i'd find something more construction to do at the university with my time
<6> jeian: laughing all the way out of the university
<6> they are rather insecure about security
<5> Eh.
<0> PHPdoc: when you get around to really wanting to learn iptables get back with me. I'm sure p3nguin will ***ist you as well
<1> 246 entries on iptraf
<0> it honestly doesnt take long the rules are like speaking plain english
<5> I'm going to wait until I have a job in OIT before I start doing serious security testing. >_>
<0> jeian: get some virtual machines
<1> i dont get it, at netstat i see so many connections from one place, on iptraf i see connections from a diffrent place
<6> the heck is iptraf
<0> you probably arent properly reading either
<0> iptraf rocks
<0> does what the name says
<0> shows ip traffic
<6> what's wrong with netstat
<0> by interface
<0> well launch iptraf then get back to me
<6> it doesnt work that way
<0> you dont evne know what it is
<0> hahah
<5> Cancel: What for?
<0> <6> the heck is iptraf
<6> sure said that
<4> Is that short for asking, "What the heck is iptraf?"
<6> i'm listening to hank williams
<4> If so, that is consistent with you not knowing that it is or does.
<6> the language is contagious
<0> he doesnt know what it is and is telling me how it works
<6> that is an astute and accurate analysis
<0> love it
<6> i didn't tell you how it works?
<6> "It doesn't work that way" refers to how I'm not going to install it and then get back to you
<6> in the future if you do not understand what someone has said, it may be best to request clarification
<0> I dont know why I didnt get that out of it doesnt work that way
<0> what was I thinking?!?
<6> I'm sorry, I've already dismissed you.
<6> DUN DUN DUN
<0> I can tell by your continuing response
<0> anyways where were we, yes iptables
<0> PHPdoc: when you get ready let us know
<6> just look at a few examples it's actually pretty easy
<6> i set up a linux router from scratch without reading a lot of documentation
<0> just need iptables
<1> where does apache log files sit?
<1> i found the mother ****er :P
<7> offhand i'd guess /var/log
<7> maybe /var/log/apache
<1> im such a good sysadmin :P
<7> hehe
<8> where does the who takes its input from
<7> the who?
<7> i dunno, from the creative talents of the band members?
<7> from their agent?
<7> hehe
<8> ah
<8> when you do a who
<7> you mean on irc?
<8> where does it take its info from
<8> no on linux
<7> ah
<7> mtab i think
<7> someone correct me here, as i am guessing
<8> :|
<7> found it
<7> it takes it from /var/tmp/utmp
<7> ****
<8> hmm
<9> though mtab showed the mounted file systems?
<7> from /var/run/utmp
<4> And wtmp, I think.
<8> hmm
<7> that's per running "man who" on my system
<9> s/though/thought
<8> hmm thanks
<4> mtab is the mounted filesystems.
Return to
#linux
or
Go to some related
logs:
sahrulkhan
nia kampungchat.com
idid amin graveyard
vitun karvat
#kl
what rhymes with truth
#india
#india
#linux
#allnitecafe
|
|