IANA Scanning Ports
Dec 3, 2007My internet security software blocked port scanning from IANA
Internet Assigned Numbers Authority. Who is this and what are they doing scanning the ports on my computer.
My internet security software blocked port scanning from IANA
Internet Assigned Numbers Authority. Who is this and what are they doing scanning the ports on my computer.
i have one problem in cpanel take one error for restart httpd
xx.xxx.xxx.xx:0 -- mixing * ports and non-* ports with a NameVirtualHost address is not supported, proceeding with undefined results
I have been receiving a lot of emails from LFD about this ip (93.190.138.129) port scanning.
I get about 3+ of these emails a day letting me know that ldf has blocked the ip temporary.
I am now wondering should I be worried about this ip port scanning?
The ip is from the netherlands where my server is hosted and was wondering if its a coincidence or not?
I found several requests in my error log which looks like someone was scanning my site for phpMyAdmin. This was a newly created subdomain. So I checked my main site and another subdomain and they also contained similar entries. Should I do something?
[Fri Jul 03 03:23:16 2009] [error] [client 65.23.157.214] File does not exist: /var/www/vhosts/mydomain.com/subdomains/mysubdomain/httpdocs/phpMyAdmin
[Fri Jul 03 03:23:16 2009] [error] [client 65.23.157.214] File does not exist: /var/www/vhosts/mydomain.com/subdomains/mysubdomain/httpdocs/phpmyadmin
[Fri Jul 03 03:23:16 2009] [error] [client 65.23.157.214] File does not exist: /var/www/vhosts/mydomain.com/subdomains/mysubdomain/httpdocs/pma ...
A website I've recently been entrusted with was cracked into via brute force ftp earlier this week. Apparently the bad guys ran a script that added iframe links to every page named index.html. The iframe linked to 3 sites that prompted malware downloads.
I think I've found and removed all the affected code, however I'm looking for an online website scanner that will drill down through all the links on a given site and search the code for similar problems.
I've only found a couple of these so far and they don't seem to fit the bill; was wondering if anyone here had recommendations or experience with similar tools...
Does anyone have experience of PCI DSS scanning on a shared server? Our current hosting company have told us that it's unlikely to pass on a shared server, and that we should move to a Virtual Managed Server for them to make the necessary changes to pass a PCI scan.
In particular, we're talking PCI compliance to use PayPal website payments pro UK.
From Googling there seems to be a lot of debate on this issue - varying from 'all you need for PCI compliance is a SSL certificate' (this seems to be paypals attitude), to 'PCI scans can be passed on a shared server if your host is willing to help' to 'you need separate dedicated servers for the database and site etc'.
Does anyone use website payments pro UK, have a shared server, and regularly pass quarterly PCI scans? Also, we would much prefer a host based in the UK - we seem to get much better performance from our UK host than we did when the site was hosted in the US (our customers are almost completely UK based).
I get a lot of messages from CSF about Port Scanning and Bruteforce detection.. Is there a way to avoid all of these attacks ? Because it tries to figure out my clients ftp or pop3 user with several usernames, i.e. administrator, postgres, mysql, httpd, and many more..
I know a little about internet security.. Is it possible to make my public IP of shared hosting untraceable ? Like this one..
Just do a ping to ebay.com or paypal.com and then you will receive RTO message or Destination host unreachable, but actually the site is running well..
What do you recommend for scanning a site against intrusions and security holes?
View 1 Replies View RelatedSo I've been working on getting the modsecurity upload scan function to work for over 4 hours now and i'm done with this junk to say the least.
Using modsec 1.9
Cpanel 10x
Apache 1.3
in the modsec.conf
SecUploadDir /tmp
SecUploadApproveScript /usr/local/apache/htdocs/upload_scan.pl
All I get in the audit_log is:
Access denied with code 406. Error verifying files: Received no output from the approver script (execution failed?) "/usr/local/apache/htdocs/upload_scan.pl" ....
My main goal was stopping incomingo spam.. and MailScanner is doing a great work on that.. but, it is taking too much time extracting and scanning attachments... does anyone know how to disable scanning the attachments ?
This is my top output from MailScanner running:
Code:
12:10 3 MailScanner: extracting attachments
I tried to configure Sendmail as e-mail MTA with ClamAV & SpamAssassin before my local network. I can send and receive e-mail but spamassassin doesn't filter them. Do you know where I should look for?
I was trying to install mailscanner on a cpanel box using chirpy's script [url], followed every step, until this:
Code:
[root@server.yourbox.com:~]perl mscpanel.pl -i
Unable to open spam.scanning.rules for reading: file or directory doesnt exist at mscpanel.pl line 115.
On the 115 line i found this:
Code:
open (IN, "</usr/mailscanner/etc/rules/spam.scanning.rules") or die "Unable to open spam.scanning.rules for reading: $!";
The file /usr/mailscanner/etc/rules/spam.scanning.rules just doesnt exists... maybe chirpy's script is not working well installing everything its needed..
I'm running CentOS with Paralells Plesk bundled Paralellls Premium Antivirus (Dr Web). After the latest yum updates DrWeb continously seems to crash and be restarted by the Parallells watchdog. By default there were no logs for DrWeb, but when I enable logging to a file it gets spammed continously with the following error:
Cannot create pipe for communication with scanning childs (Too many open files)and the Drweb process runs at 99% CPU for long periods. This totally fills the disk with logs and I've now disabled logging again and Drweb is back to continously being restarted by the watchdog.
I'm trying to install HyperVM (I know, it isn't great, but need something quick) but need to unblock ports 8888 and 8887. I have no idea on how to do this via SSH. I've looked on Google, but nothing.
If you have a suggestion for another VPS panel which you think is much better than HyperVM and is free, please let me know. I might aswell install that then.
I have a cPanel Centos VPS.
if they know of any service that I would have running on a basic webserver that would need the following inbound
I have opened up ports 5151 and 123 via iptables. From outside the box, is there a way I can verify that these ports are open?
View 6 Replies View RelatedI have a dedicated server.
How can I check which ports are open on my server and which of them are not?
and does the port 6603 has any security notice?
I am currently using 25 and 26 in a cPanel/WHM/Centos box.
Is there any way to set up more SMTP ports?
Like 25, 26 and submission port 587 all togehter?
Which command can I verify if a port is opened?
View 3 Replies View RelatedI have my server set up with the smtp daemon running on port 125, and assp listening on ports 25 and 26, and forwarding to port 125 if the mail passes. This setup has been working for months and months. Already today I've received several emails.
I just attempted to send an email, however, and thunderbird could not connect to port 26. (I use an alternate port because my ISP blocks port 25 except to their mail servers)
So I thought that assp had stopped running. Attempted to go to myip:55555, but the page would not load. Now I really thought assp was broken. SSH'd into server and was able to telnet to localhost, port 26 without an issue. Was also able to lynx [url] without an issue.
Since I'm able to log in to all of these weird ports via SSH but not from my local computer, I'm apt to think that they are blocking the ports (for some reason).
Is there any way I can test this theory? Nothing has changed on my side firewall-wise, and the poor girl at the ISP company didn't even know what a port was. I would like to be 100% sure before I give them another call demanding to speak to someone higher up...
I've installed Darwin Streaming Server on a brand new server (vps). But, what do you know, the RTSP and MP3 streaming TCP ports are not defined in the etc/services file of the server.
Is this normal? Should I have an issue with the service provider?
I'm behind the firewall on a public computer and all online port scan tests I've tried show that ALL ports on a computer I'm using are closed. Is this possible? I've been previously succesfully uploaded some files through cpanelproxy.net to get access to my site, for which opened port 80 was needed.
View 6 Replies View RelatedI'd like to know how I can use DNS to do something like make a CNAME record that points the same address to different addresses based on the port used.
mail.example.org on port 80 points to ghs.google.com
mail.example.org on port 995 points to pop.gmail.com
mail.example.org on port 587 poitns to smtp.gmail.com
I have dedicated server..i installed cpanel on it but when am accessing it
[url]
i am not able to open it..so i think port is not open so can any one tell me how to open ports...the os installed is centos..
Do SMTP servers by default use port 25 for receiving mail from another SMTP server? Are there any other receiving ports an SMTP server would be listening on by default?
My question is, a server I will be setting up is going to be behind a firewall that blocks outgoing connections *to* port 25. Is there going to be any way around this that is workable besides opening the port?
i have problem with ports in server
how may i check ports?
for example 37549,53377,17235 and ...
i want know this ports are AVAILABLE or no
I am attempting to route traffic through some various open ports on my Win2k Server. I have ports 8001-8005 open for a few projects, and I would like to have the traffic from [url]site 1, localhost:8002 goto site 2, etc.
How can I set this up using IIS and the IIS Manager?