Firewall TCP Out Connections
Oct 29, 2008
Firewall TCP Out Connections
My server started lagging up and I processed my configserver firewall logs and founds tons of TCP out connections. How can I track down which user was making these connections, if possible?
View 12 Replies
ADVERTISEMENT
Jul 11, 2009
I have a virtuozzo VPS with CSF. People can't connect to ftp because the firewall is conflicting with iptables. I looked at the csf guide:
[url]
To correct it, the ftp issues states:
Quote:
For example, with pure-ftpd you could add the port range 30000:35000 to TCP_IN
and add the following line to /etc/pure-ftpd.conf and then restart pure-ftpd:
PassivePortRange30000 35000
Where is pure-ftpd.conf? Do I have to install it or something?
View 8 Replies
View Related
Apr 26, 2008
windows 2003
limit connections per ip to a port
im currently using routix netcom
it can limit the connections( NOT bandwidth) only but not per ip
another firewall which limit connections per ip
View 14 Replies
View Related
Jun 18, 2014
Since the update I have a problem with my Firewall. I need to set "Allow all incoming connections" under "Server => Firewall" in order to connect over FTP with TLS (explicit). This was working before the update without allowing all incoming connections. How to fix this in the Plesk panel?
View 2 Replies
View Related
Dec 17, 2008
Do you recommend a software firewall when behind a hardware firewall?
All of our servers are behind Cisco ASA 5505 firewalls which we rent from Liquidweb. All are being managed correctly and setup to there optimal levels. With hardware firewalls firmly in place, do you still recommend a software firewall such as APF or IPTables (we're talking linux); in our opinion we see it as an extra administration overhead. If this is however untrue, we will change out thinking.
View 3 Replies
View Related
Jun 13, 2008
I've found a dedicated server at a great price and plan to stick with it, my first ( already have 2 vps accounts ). I don't have the money for a hardware firewall. However, I do have a chance to renew a Kerio WinRoute Firewall license from way back.
Does anyone think this would be better than the default windows 2003 firewall?
View 1 Replies
View Related
Dec 22, 2008
Sometimes my server surcharge load average increase at 60 , and all my configuration are OK
when i type :
netstat -plan|grep :80|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -nk 1
i have : ...
View 8 Replies
View Related
Dec 21, 2008
I tried to update a plugin at my blog its a wordpress blog, as soon as the update was started that site on the server stopped working, (later on i closed the upgradation window), after few minutes website start working automatically, Now in my opinion I think that update process is still running in background thats why connections are creating continuously to that website IP.
[root@server ~]# netstat -alpn | grep :80 | awk '{print $4}' | cut -d: -f1 |sort |uniq -c
1001 serverIPhere
its even touching 1500, I tried to contact my server support but unfortunately they can investigate the issue, instead they told me to check with the following command.
netstat -plan |grep :80 | awk '{print $5}' | cut -d: -f1 | sort | uniq -c
which is not an answer to my question. Can anybody please tell me why those connections are making to that website's IP? I don't think its a Ddos attack, because it was just started when i updated the plugin.
View 10 Replies
View Related
May 19, 2008
Could someone comment on the kind of load a VPS service can handle? If I were to run an HTTP server how many connection/sec would be realistic.
View 3 Replies
View Related
Mar 6, 2007
How many simulteanous connections to the site do alot of webhosting company usually allow with shared hosting packages. I was wondering because4 some companies say pay $$ a month get 300gb of bandwith a month. Can they limit the bandwith by limiting your simulteanous connections? I am asking because I just found out my host only allows 50 per hosting package that is on a shared server. To me that seems to be very little.
View 1 Replies
View Related
Apr 19, 2007
WARNING: One or more of your DNS servers does not accept TCP connections. Although rarely used, TCP connections are occasionally used instead of UDP connections. When firewalls block the TCP DNS connections, it can cause hard-to-diagnose problems. The problem servers are:
Error [No response to TCP packets].
APF is installed on the server, how do I allow TCP DNS connections? I already added port 53 to ingress/egress for TCP and UDP.
View 7 Replies
View Related
Dec 20, 2007
I run this a few times a day:
netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
and get outputs like (just the bottom here, IPs removed):
8 IP #1
8 IP #2
8 . . .etc
8
9
9
9
9
9
10
10
11
12
13
14
15
18
19
25
26
32
32
91
The server runs gallery2, how many connections does an IP need just to browse the gallery? I'd like to block wget etc, but don't want to hurt search engine optimization (SEO). Is there a compromise, like limiting IPs to 5 connections, so the site still gets crawled, just slower?
DDoS deflate is installed: [url]
which permabans IPs with 150+ connections
Also what are the commands to block and unblock these IPs,
View 2 Replies
View Related
Apr 21, 2009
i have a vps, and im current use lighttpd, but i want move to litespeed Standard. And i see they limit Max Concurrent Connections =150 on standard version.
but what is Max Concurrent Connections? where can i find it.
and is it the number connection via port 80 (netstat -nt | grep :80 | wc -l)?
View 3 Replies
View Related
May 6, 2009
Has anyone worked with the cable companies on internet connections for hosting? Eg. Comcast, TW.
I worked with a sales rep for Comcast a few years ago on a solution for our offices. He worked out a line that would give us 3+mbits up speed for less then the price of a T1.
It also included a dedicated line to our offices. Would using a cable line be a bad idea for a hosting connection?
View 4 Replies
View Related
Mar 16, 2008
Most of them are from Google and Yahoo...
Server is being heavily loaded beause of this.
I guess blocking crawlers is not the most brilliant
View 6 Replies
View Related
May 2, 2008
I signed up for a hosted account with gator and I don't understand something. They tell me it's a policy change for security reasons but the simultaneous SSH connections has been limited to 2. That's just nuts. Is there a real reason why someone would limit this? i need two for editors, one for shell and one for mysql. Minimum of 4. What security concern could cause them to pick 2 as the number?
I just don't get it.
Here's what they said to me.
info: Please wait for a HostGator operator to respond.
Channel Sanderson: Hi. We're working on our website and have run into a small snag. It seems we can only have two open SSH connections at a time this week. We were able to open more a couple weeks ago. Is this something that you can change?
Kella J.: Ok, the issue is.. You are only alllowed 2, no matter what..
Channel Sanderson: I believe we are not understanding each other. We're not trying to connect 10 times in a minute. We just need more connections. 2 is insufficient. We need a minimum of 4 simultaneous connections to our server.
Kella J.: I am sorry, I checked with my admin.. he said there is only a limit of 2, period..
Channel Sanderson: This is an unnecessary limitation in my view and badly limits my ability to do what I need to do.
View 13 Replies
View Related
Sep 15, 2008
Just logged in my cPanel, and Apache Server Status shows
Parent Server Generation: 7
Server uptime: 2 hours 52 minutes 5 seconds
Total accesses: 701666 - Total Traffic: 63.7 GB
CPU Usage: u1610.22 s255.4 cu0 cs0 - 18.1% CPU load
68 requests/sec - 6.3 MB/second - 95.2 kB/request
400 requests currently being processed, 0 idle workers
I told customer service and said my website (a big forum) have 4000 people now, I felt very slow, could the slowness caused by this max apache connection setting?
I got reply: "400 seems to be as high as Apache can go. Your httpd.conf settings currently show 500 max connections enabled. If Apache is stopping at 400 then this is it's hard limit for maximum connections. Also If it was able to go even higher you would eventually run into memory issues on the server that would cause the server to crash."
Can anyone tells me if "400 requests currently being processed, 0 idle workers " is a problem or could it be the cause of the slowness. I imagin if more people request connection, and apache can't deal with that much, it has to let those request wait in the queue, therefore caused slowness or time-out.
The seem server could deal with 8000 people online before, no any problem at all and speed was quite fast. I don't know what i should do now.
View 14 Replies
View Related
Jun 20, 2008
I've had a problem a couple of times where there is a bad ftp connection to a host. A trace reveals that there is a node timing out. What is a good way to work around this. Web based ftp client or other solution?
View 0 Replies
View Related
May 15, 2008
How can I Limit connections per IP in IIS6?
For example 10 connection per IP is allowed in a minute.
View 0 Replies
View Related
Apr 2, 2008
my server always have problem about the mysql connection:
Discuz! info: Can not connect to MySQL server
Time: 2004-5-14 8:55am
Script: /index.php
Error: Too many connections
Errno.: 1040
Similar error report has beed dispatched to administrator before.
i find the solution:
add "set-variable = max_connections=1000" in my.cnf file
but didnt find the file my.cnf,my control panel is directadmin,
View 6 Replies
View Related
Jan 16, 2008
My PHP application is starting to reach max mysql server user connections limit (currently set to 60). I listed mysql process list in phpmyadmin and found there lot of queries with status "LOCKED" these hang there for a long time(not always just sometimes - twice a day) and then connection limit is reached. It causes load average about 40 for as long as 10 - 20 minutes
I think it may be bacause of query structure. There are some queries with many inner joins...
Here is typical situation from phpmyadmin's process list:
1. select ... from table_1
inner join table_2
inner join table_3
inner join table_4
inner join table_5
This show status : "Copying to tmp table" in phpmyadmin
2. update table_2 set ....
This shows status: Locked
3. select ... from table_2
This shows status: Locked
Seems then when temp table is being created the table_2 is locked and it cannot make update to table_2. or maybe it's locked because of just that update on table_2.
I want to avoid of creating temp tables... Can it help if I'll make separate selects without large table joins ?
View 3 Replies
View Related
Jan 7, 2007
My site is hosted on Dreamhost and gets over 1 million hits a day. The site is highly optimized, so it can handle the load easily without slowing the server down. Most pages have a loading time of under 0.2 seconds.
However, Dreamhost is telling me now that I'm using up too many "connections" and have limited my connections to 150 every 3 seconds (or so they say). Now 503 errors are coming up left and right, and its highly annoying to me and my users. Oh, and Dreamhost has mentioned several times that I'm oh such a very good candidate to upgrade to $400/mo dedicated hosting (from $8/mo currently).
So my question is, is this connection restriction really a valid concern of Dreamhost or are they just trying to milk me for money because my site is popular?
View 22 Replies
View Related
May 31, 2008
on setting up some sort of firewall who only allows 10 connections from the same ip to avoid spamming, abuse on the server.
How should i do this?
View 3 Replies
View Related
Jan 19, 2007
is a way to understand whats the bext max apache settings for me?
Maybe to look over httpd-status requests currently being processed and the number of idle servers or the number of strokes?
Or probably the best way is to use some benchmark application but then i am not sure how to test my config?
View 4 Replies
View Related
Nov 2, 2007
I currently have two 30/10 MB connections and I am hosting a MMO Gaming server on one of them. I have seen some topics on some forums but never really had the need to do this but now since I am getting quite a few users It would be best for me to start looking for a way to upgrade my connection. This is the fastest connection in my area. Anyways I remember hearing about a router that could combine two connections. And I was wondering could this work hosting a gaming server? I think i remember someone saying that i could setup a domain to route the server to connect to both the ips allowing twice the amout of people to connect to the server with out (connection) lag. I was wondering if this is true.
And if someone would link me to your unrecommended hardware that would be great.
View 11 Replies
View Related
Mar 28, 2007
I plan on installing dos_evasive as it can temporarily kill/ban an IP that makes over X amount of connections.
I ran netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n, and this is what I got:
10 218.111.214.231
10 219.95.251.185
10 222.124.226.228
10 58.187.167.20
10 61.94.234.75
10 62.168.125.217
10 82.160.42.74
10 87.116.131.18
10 89.41.71.178
11 200.193.24.226
11 218.186.9.1
11 219.93.199.121
11 220.235.171.64
11 59.128.43.234
11 60.53.77.34
11 63.109.246.234
11 83.20.72.102
11 83.237.102.75
11 84.234.144.107
11 88.226.100.145
11 88.240.137.82
12 195.229.236.216
12 203.79.252.192
12 212.90.248.182
12 220.132.87.2
12 80.130.75.239
12 82.114.184.16
12 83.26.18.242
12 85.30.223.227
12 86.108.127.28
12 87.109.49.69
12 88.247.64.131
13 200.52.193.228
13 202.155.71.40
13 222.124.172.177
13 82.116.129.110
14 195.93.21.1
14 41.251.65.79
14 80.5.154.95
14 81.10.80.75
14 82.224.40.111
14 86.17.117.193
15 196.218.42.134
15 201.19.134.99
15 212.200.185.213
15 217.171.180.249
15 218.208.196.224
15 222.124.101.183
15 80.134.70.222
15 85.160.97.238
15 88.232.120.183
16 200.188.254.9
16 200.52.193.236
16 212.118.15.140
16 81.192.124.52
16 83.14.145.170
16 85.138.71.91
16 87.207.16.154
16 89.113.75.141
17 61.196.234.202
17 82.89.37.29
17 86.135.231.183
18 80.232.249.45
18 82.114.184.206
18 88.101.26.210
19 163.121.149.170
19 194.29.137.41
19 194.44.45.13
19 195.242.99.125
19 196.202.14.244
19 196.218.117.135
19 202.158.121.223
19 81.67.245.180
19 84.255.141.132
20 200.52.193.229
20 219.83.5.20
20 88.229.128.50
20 89.245.120.136
21 196.218.143.124
21 203.130.201.196
21 63.170.84.176
21 66.249.72.173
21 72.14.207.191
21 81.192.135.224
21 82.66.227.150
21 84.29.1.151
22 155.143.244.17
22 195.207.101.112
22 202.153.240.168
22 61.94.125.143
22 85.101.146.161
23 124.106.151.75
23 88.149.99.7
24 82.77.27.129
24 88.16.34.231
25 160.39.145.94
25 202.153.240.70
25 216.125.127.12
26 196.205.97.92
26 200.104.157.183
26 202.163.117.8
26 213.180.127.198
26 60.50.95.39
26 85.71.230.49
27 194.29.137.52
27 195.189.142.249
27 201.226.162.206
27 210.6.13.208
27 81.203.41.204
27 86.90.238.96
28 193.0.240.121
28 212.76.37.150
28 89.120.133.44
29 125.162.66.116
29 74.53.121.131
30 203.222.202.121
30 213.39.219.81
30 71.109.116.122
31 222.124.143.18
31 89.34.87.91
33 193.0.240.113
33 201.9.175.242
33 212.71.37.101
33 70.68.249.239
33 81.77.85.207
34 195.229.236.215
34 86.123.142.128
35 72.49.255.217
35 85.31.137.11
36 193.231.17.50
36 202.69.97.206
36 90.156.29.82
37 77.122.158.251
37 89.40.138.184
38 121.52.52.6
38 203.218.71.132
38 82.167.71.189
39 213.17.10.87
40 196.218.145.82
40 201.22.94.226
40 206.73.210.65
40 86.9.66.1
41 152.78.243.248
42 201.220.93.84
42 210.5.121.190
43 196.204.241.250
43 196.218.89.213
44 196.218.96.82
46 84.56.103.77
48 125.212.148.112
48 41.251.69.199
49 83.203.134.84
50 213.119.151.116
50 80.133.209.50
52 81.38.15.124
53 195.245.232.26
54 88.0.63.179
57 82.201.222.144
57 83.131.27.137
57 84.226.41.129
61 129.215.149.96
64 195.113.227.31
65 198.150.36.49
65 61.102.87.80
71 84.56.109.139
73 82.216.54.222
76 196.218.136.202
76 87.118.157.79
77 89.35.90.211
78 59.127.203.49
79 81.10.35.77
81 82.148.97.68
82 213.171.62.94
84 84.36.132.189
104 213.6.215.214
108 213.51.9.184
108 41.250.0.35
110 83.41.58.76
125 84.22.2.55
132 87.209.11.249
155 196.218.142.212
165 195.242.99.84
176 200.73.225.104
190 62.135.105.86
2946 195.242.99.102
server:/#
Does that look normal to you? Because I read somewhere that you should allow no more then 30 connections per IP. But most are taking much more then that.
View 8 Replies
View Related
Jan 7, 2007
I'm currently using MySQL 4.1.12 for Windows 2003, and I need to know how much possible connections can MySQL achieve? I'm currently around 650. I'm having 4 new servers online, and that will bring my total concurrent connections to 1000+.
how high it can go?
View 3 Replies
View Related
Sep 24, 2007
I currently have a dedicated server with the following specs:
Celeron 2.6ghz
2gb ram
100mbit connection
the cpu load is always under 0.7, and I always have at least 400mb of free ram.
The site takes about 5-10 seconds to load a test page with just a single word on it. When I type netstat -n | grep :80 | wc -l
I get around 1100-1200 connections. I get about 130k page views per day.
My site is about 95% static html, it has about 150 images per page. How can I speed up my site?
Here are my apache httpd.conf settings:
Timeout - 100
KeepAlive - on
KeepAliveTimeout - 12
StartServers - 48
MinSpareServers - 32
MaxSpareServers - 64
MaxClients - 1500
MaxRequestsPerChild - 1000000
View 6 Replies
View Related
May 24, 2007
I notice that most hosting have limit of mySQL connections.
If the max mySQL connections is 50 and I run a forum on this hosting,about how many people can visit my website at one time?
View 3 Replies
View Related
Sep 16, 2007
I've still got a problem with my colocated server.
Specs:
Intel Core 2 Q6600
2x2048MB DDRII PC5300 ECC (CL5.0)
2x250GB Seagate 7200RPM 16MB Cache
Asus P5M2-M/C i3000 (NIC: broadcom NetXtreme 5721)
Asus ASMB3 IPMI2.0
Windows 2003 Ent R2
Now, the issue is something with my network card (I think).
Whenever I use Virtual Server R2 or VMWare to bridge the connection of a VM to the physical network to assign an own IP to it, it simply doesn't work.
Host and guest (tried Vista/XP/Server 2003/CentOS/Fedora) can ping each other, but they can't get any further.
Now I've been googling, and there seems to be somesort of a problem/bug with this networkcards and bridged connections, but I didn't found a solution for this.
I've updated its network driver (if rightclicking the .inf and clicking install was enough) with no result.
View 4 Replies
View Related
Jun 13, 2007
This problem might be related to phpBB 3.RC1, but I somewhat finds that hard to believe. The story:
Two days ago I upgradet our phpBB 2.0.22 forum to 3.0.RC1.
Since the update I have experienced some weirdness on the server. I have a script, that amongst other things, prints out how many active connections there are to the server at any time. This value has always been between 50 (nighttime) and 300 (80-100 users on the forum). But since the update, occasionally the number of connections climbs well above 800, the DDOS protection gets alarmed, and I get an email saying xx.xx.xx.xx ip adress was banned.
Soo... Today the alarms went of again, and this time i checked the ip address with the forums online users list, and it turned out it was a forum user, and I knew him. I called him up on the phone and asked what had happened.
To make a long story short:
1. Server behaves normally
2. User x opens browser, goes to the forum, and start browsing categories.
3. For each click the user makes, the server get 100 more open connections.
4. User x says that for each click he makes the forum grinds even closer to a halt.
While this is happening, other users are browsing the forum just fine, with no performance problems.
5. User x reaches 800+ open connections to the server, and are locked out.
I've checked with netstat, and all hanging connections from the ip in question are flagged SYN_RECV.
This happens not only to this user, but also a couple of others. Not many though.
Is it possible that phpBB3 never closes connections for some users? Pages never load completely, or would this have to be a client problem?
Any other reasons why so many SYN_RECV connections accumulate?
View 3 Replies
View Related