Nmap From FreeBSD Jail
Jun 2, 2008Does anybody has an experience with running nmap from FreeBSD Jail?
Nmap runs on main host OK, but when I try to run it from jail... NO CHANCE! Still has some problem...
Does anybody has an experience with running nmap from FreeBSD Jail?
Nmap runs on main host OK, but when I try to run it from jail... NO CHANCE! Still has some problem...
[root@forum root]# yum install nmap
Loading "fastestmirror" plugin
Loading mirror speeds from cached hostfile
Could not retrieve mirrorlist http://mirrorlist.centos.org/?releas...x86_64&repo=os error was
[Errno 4] IOError: <urlopen error (-3, 'Temporary failure in name resolution')>
removing mirrorlist with no valid mirrors: //var/cache/yum/base/mirrorlist.txt
Error: Cannot find a valid baseurl for repo: base
I tried to install nmap to my server but it fails. May I know what should I do to make it works?
i'v see a subject for Nmap tool and how to scan servers for any Vulnerability and ports ...
so please some Expert in this to help me in install it here ...
I just upgraded to the latest version of APF. I am running CentOS with the 2.6 kernel.
I added my ports to allow, started it up, and it does not seem to be blocking anything.
I get no errors on startup though. If i do an nmap, mysql shows up as open still. I can even telnet to it.
root@me [~]# /usr/local/sbin/apf -r
apf(6367): {glob} flushing
i have rhel5 server ( centos5.2)
i want creating new jail ssh for one user
for example take one user and password to my customer,and he can just using of /home/user1
and can`t see another folder and ...
just /home/user1
In Fail2ban (great idea to include it in plesk!) settings you can set "Time interval for detection of subsequent attacks" (findtime) in general. But it would be interesting this setting per Jail.
You could have 2 jail with same filter but different findtime. Example:
Jail 1) 5 failures in 600 seconds: 1800 seconds ban
Jail 2) 30 failures in 86400 seconds: 604800 seconds ban
There are bots that detect if you have some protection fail2ban or similar and it will adapt, login attempt every 300 seconds for example. Jail 1 no detect this attack, but Jail 2 yes.
See the example, live time :
[root@--------- log]# cat /var/log/maillog | grep 'warning: ---------'
Jul 14 07:10:54 --------- postfix/smtpd[5482]: warning: ---------[--.--.--.---]: SASL LOGIN authentication failed: authentication failure
Jul 14 07:54:16 --------- postfix/smtpd[4782]: warning: ---------[--.--.--.---]: SASL LOGIN authentication failed: authentication failure
[Code] .....
Compliments about the integration of Fail2Ban. I saw a lot of blocks on different IP addresses that tried to logon to the server. Fail2Ban is setup to monitor SSH, FTP, and some more.
It is however not possible to activate the "plesk-apache" and "plesk-apache-badbot" jails.
I receive the following error when I try to activate the jails:
Cannot activate the selected jails: f2bmng failed: ERROR NOK: ('plesk-apache',)
ERROR NOK: (13, 'Permission denied')
ERROR NOK: (13, 'Permission denied')
......
ERROR:f2bmng:Command '['/usr/bin/fail2ban-client', 'reload', 'plesk-apache']' returned non-zero exit status 255
ERROR:f2bmng:Failed to reload following jails due to errors in configuration: plesk-apache
When i look into the logfile of fail2ban, i see that there are no permissions for the log files:
2015-01-10 20:14:40,987 fail2ban.comm [19428]: WARNING Command ['set', 'plesk-apache', 'addlogpath', '/var/www/vhosts/system/[domainname]/logs/error_log'] has failed. Received IOError(13, 'Permission denied')
The file permissions are set as following on all the log files:
-rw-r--r-- root root
I'd really like to activate Fail2Ban for Apache too.
I am not able to enable the recidive jail in Fail2Ban. I get the following error:
Code:
Unable to switch on the selected jails: f2bmng failed: WARNING 'ignoreregex' not defined in 'Definition'. Using default one: ''
ERROR No file(s) found for glob /var/log/fail2ban.log
ERROR Failed during configuration: Have not found any log file for recidive jail
ERROR:f2bmng:Command '['/usr/bin/fail2ban-client', 'reload', 'recidive']' returned non-zero exit status 255
ERROR:f2bmng:Failed to reload following jails due to errors in configuration: recidive
.
There is indeed no /var/log/fail2ban.log, but I doubt that manually creating it will correctly fix this problem.
The problem is also discussed @ [URL] ...., but in my case I have not switched on jails before switching on fail2ban. Also, the given resolution does not work.
We are successfully using fail2ban on our server (CentOS 6.6, Plesk 12.0.18), that is, jails running and blocking potential intruders
However, we tried to create a custom jail for the CMS that is being used by most of our clients.
I followed the instructions (Tools & Settings > IP Address Banning (Fail2Ban) > Jails > Manage Filters > Add Filter) and created the filter I wanted, but then it does not appear in the list, even though it displays a message reading that the filter was created successfully. Then, if I try to create a new Jail, the filter is not available from the list.
Looking at the directory /etc/fail2ban/filter.d/ I can find a file that has the same name as the filter I created, with a .local extension (the file name does not contain whitespaces or other special characters)...
I have a brand new Plesk 12 Installation with just a first Subscription/Domain for my test. Enabling fail2ban jails brings me the following error for the jails plesk-proftpd and ssh. All others went on.
error 'f2bmng failed: ERROR No file(s) found for glob /var/log/secure'.
I see that /var/log/secure is missing, althoug I already used ssh and ftp to log in once. I can go to touch the /var/log/secure file or adjust the jail configs to proper log file location? Which is the way to go?
Do any1 know how to change jail shell to normal shell?
View 14 Replies View Relatedwhether if i will an increase in performance or security if I upgrade from 6.3 to 7.0?
View 12 Replies View RelatedHow do I check if SMP is on in FreeBSD? And if its off what do I need to do to turn it on?
View 8 Replies View RelatedI know someone probably asked this question... I am looking for a VPS provider that offers unmanaged VPSes with FreeBSD + Cpanel, 512RAM guaranteed, ~250-300GB bw, and 10-15GB hdd, for a price of $40-55/mo.
Can anyone recommend a good VPS provider that meets the above requirements?
Can anyone please suggest a good FreeBSD VPS hoster?
View 2 Replies View RelatedI haven't really messed with FreeBSD very much, but I'm picking up a FreeBSD server and needed to know of a good free firewall for it.
On my CentOS/Debian servers I use CSF and have had good luck with it, so I would like something like that if there is one out there.
I installed FreeBSD 6.3 with minimum packedges. (pkg.txt on attach)
Install Apache+PHP+MySQL
But then I load Drupal or Magento (CMS) browser say that:
Warning: include_once(includes/install.inc) [function.include-once]: failed to open stream: No such file or directory in /ftp/drupal.web/includes/database.inc on line 129
Warning: include_once() [function.include]: Failed opening 'includes/install.inc' for inclusion (include_path='/usr/local/share/phpmailer') in /ftp/drupal.web/includes/database.inc on line 129
Fatal error: Call to undefined function install_goto() in /ftp/drupal.web/includes/database.inc on line 130
I didn't udestand WHY?
In joomla and wordpress all work normla.
In attacment I send apache and php configs.
I am using FreeBSD with Cpanel.
df -h:
Filesystem Size Used Avail Capacity Mounted on
/dev/twed0s1a 496M 491M -35M 108% /
devfs 1.0K 1.0K 0B 100% /dev
/dev/twed0s1h 86G 67G 12G 85% /home
/dev/twed0s1d 248M 21M 207M 9% /tmp
/dev/twed0s1g 15G 6.9G 6.5G 51% /usr
/dev/twed0s1f 4.8G 3.6G 827M 82% /var
procfs 4.0K 4.0K 0B 100% /proc
This is creating Problem at Cpanel,How can i recover space from /dev/twed0s1a.
My system is affected with something named __sbmaskrune
I can't connect to FTP at this moment..
I am running FreeBSD
/scripts/ftpup
Ftp Setup Script Version 6.1
This is the proftpd installer
Searching ports for proftpd .....................................found proftpd in /usr/ports/ftp/proftpd....Done
proftpd (1.3.1-1) is already installed.
dedi01# /scripts/ftpup --force
Ftp Setup Script Version 6.1
This is the proftpd installer
/libexec/ld-elf.so.1: /usr/local/lib/libruby18.so.18: Undefined symbol "__sbmaskrune"
Removing old ftp server (pure-ftpd)
pkg_delete: no packages match pattern(s)
The ProFTPd configuration file /usr/local/etc/proftpd.conf appears to be ok!
No matching processes were found
Waiting for ftpserver to restart..............finished.
ftpserver has failed,
gAs per MySQL official page [url]
there is no MySQL 5.0.51 available for FreeBSD.
The latest available version is 5.0.45
5.0.51 was officially released more than a month ago.
We are basically looking for advice on which OS to choose. CentOS appeals as it is basically RHEL - and since people are paying for that they must be doing something right. It is apparently uber stable because the versions have been tested to death... but because the packages are so out of date, or just not there, we will need to install many things from source, which defeats the point to using it for its stability.
FreeBSD seems to have an awful lot of up to date packages, took a look at it on Distrowatch and was very impressed by many are the latest versions. This would make life so much easier because the package manager can handle installs and updates, really can't be bothered with messing around compiling software for install/updates.
In my mind, if an open source project as mature as the likes of Apache, PHP or MySQL, I am pretty sure you are very unlikely to experience problems by using the latest stable version. Surely by using older versions you are more likely to experience problems as of the result of bugs/security exploits that have only been fixed in the more recent releases.
Would you use FreeBSD or CentOS/RHEL? Or are both equally as good?
i having an issue with FreeBSD...
I have a Raid5 setup and working fine, I just put 2 new 18gig drives for raid1.
Now i see in dmesg this.
amrd0: <LSILogic MegaRAID logical drive> on amr0
amrd0: 104193MB (213387264 sectors) RAID 5 (optimal)
amrd1: <LSILogic MegaRAID logical drive> on amr0
amrd1: 17365MB (35563520 sectors) RAID 1 (optimal)
In bold is the 'new' array.
in fdisk i get....
fdisk /dev/amrd1
******* Working on device /dev/amrd1 *******
parameters extracted from in-core disklabel are:
cylinders=2213 heads=255 sectors/track=63 (16065 blks/cyl)
Figures below won't work with BIOS for partitions not in cyl 1
parameters to be used for BIOS calculations are:
cylinders=2213 heads=255 sectors/track=63 (16065 blks/cyl)
fdisk: invalid fdisk partition table found
Media sector size is 512
Warning: BIOS sector numbering starts with sector 1
Information from DOS bootblock is:
The data for partition 1 is:
sysid 165 (0xa5),(FreeBSD/NetBSD/386BSD)
start 63, size 35551782 (17359 Meg), flag 80 (active)
beg: cyl 0/ head 1/ sector 1;
end: cyl 164/ head 254/ sector 63
The data for partition 2 is:
<UNUSED>
The data for partition 3 is:
<UNUSED>
The data for partition 4 is:
<UNUSED>
I get write errors when i use sysinstall. As for the raid status. Its fine.
Logical Drive : 1( Adapter: 0 ): Status: OPTIMAL
---------------------------------------------------
SpanDepth :01 RaidLevel: 1 RdAhead : Adaptive Cache: CachedIo
StripSz :064KB Stripes : 2 WrPolicy: WriteThru
Logical Drive 1 : SpanLevel_0 Disks
Chnl Target StartBlock Blocks Physical Target Status
---- ------ ---------- ------ ----------------------
0 00 0x00000000 0x021ea800 ONLINE
0 03 0x00000000 0x021ea800 ONLINE
I've been using FreeBSD for a while now, but I still feel like a novice when looking at top because I don't understand or know what all of the STATES mean. I know that many of them represent different kernal states and certain programs have their own unique STATES, but what do the usuals mean? man top only has 2-3 listed with very vague descriptions.
Does anyone here understand many of them? If so it would be greatly appreciated if you could write up a few of the basic ones.
select
nanslp
kserel
RUN
pause
lockf
kqread
sbwait
pipered
Those are the ones I currently see in top. I know there are probably thosands of others, but those are the ones I usally look at.
after many painstaking hours, im at a loss as to where to go now (finally managed to get up to the point of running phpize in the ffmpeg directory)
...
Originally I thought i had compiled it in when compiling PHP,
Infact:
Code:
'./configure' '--disable-debug' '--disable-rpath' '--with-bz2' '--with-curl' '--with-gd' '--with-openssl' '--with-png' '--with-zlib' '--with-mcrypt' '--with-mysql' '--with-pear' '--enable-bcmath' '--enable-ftp' '--enable-magic-quotes' '--enable-sockets' '--with-ffmpeg=yes' '--with-apxs2=/usr/local/sbin/apxs'
But when i go to the tests/ffmpeg_test.php file I get:
Code:
Warning: dl() [function.dl]: Unable to load dynamic library '/usr/local/lib/php/extensions/no-debug-non-zts-20020429/ffmpeg.so' - Cannot open "/usr/local/lib/php/extensions/no-debug-non-zts-20020429/ffmpeg.so" in /usr/local/www/apache22/data/tests/test_ffmpeg.php on line 17
Can't load extension /usr/local/lib/php/extensions/no-debug-non-zts-20020429/ffmpeg.so
I used the ports tree to install FFMPEG and here is the version info:
Code:
bsd# ffmpeg -v
ffmpeg version 0.4.9-pre1, build 4718, Copyright (c) 2000-2004 Fabrice Bellard
built on Mar 14 2007 20:42:22, gcc: 3.4.6 [FreeBSD] 20060305
After finally getting to this point, i say the heck with it and just decide to try and use phpize and compile it in that way as an extension ( following: http://ffmpeg-php.sourceforge.net/ ).
However, after I got phpize to work ( had to cp autoconf259 and autoheader259 to autoconf and autoheader since it was complaining about it ), it gave me this set of errors:
Code:
/bin/sh /usr/local/src/ffmpeg-php-0.5.0/libtool --mode=compile gcc -I. -I/usr/local/src/ffmpeg-php-0.5.0 -DPHP_ATOM_INC -I/usr/local/src/ffmpeg-php-0.5.0/include -I/usr/local/src/ffmpeg-php-0.5.0/main -I/usr/local/src/ffmpeg-php-0.5.0 -I/usr/local/include/php -I/usr/local/include/php/main -I/usr/local/include/php/TSRM -I/usr/local/include/php/Zend -I/usr/local/include/ffmpeg -DHAVE_CONFIG_H -g -O2 -Wall -fno-strict-aliasing -c /usr/local/src/ffmpeg-php-0.5.0/ffmpeg-php.c -o ffmpeg-php.lo
gcc -I. -I/usr/local/src/ffmpeg-php-0.5.0 -DPHP_ATOM_INC -I/usr/local/src/ffmpeg-php-0.5.0/include -I/usr/local/src/ffmpeg-php-0.5.0/main -I/usr/local/src/ffmpeg-php-0.5.0 -I/usr/local/include/php -I/usr/local/include/php/main -I/usr/local/include/php/TSRM -I/usr/local/include/php/Zend -I/usr/local/include/ffmpeg -DHAVE_CONFIG_H -g -O2 -Wall -fno-strict-aliasing -c /usr/local/src/ffmpeg-php-0.5.0/ffmpeg-php.c -fPIC -DPIC -o ffmpeg-php.o
In file included from /usr/local/src/ffmpeg-php-0.5.0/ffmpeg-php.c:25:
/usr/local/include/ffmpeg/avcodec.h:14:27: ffmpeg/common.h: No such file or directory
In file included from /usr/local/include/ffmpeg/avcodec.h:15,
from /usr/local/src/ffmpeg-php-0.5.0/ffmpeg-php.c:25:
/usr/local/include/ffmpeg/rational.h: In function `av_cmp_q':
/usr/local/include/ffmpeg/rational.h:36: error: syntax error before "tmp"
/usr/local/include/ffmpeg/rational.h:38: error: `tmp' undeclared (first use in this function)
/usr/local/include/ffmpeg/rational.h:38: error: (Each undeclared identifier is reported only once
/usr/local/include/ffmpeg/rational.h:38: error: for each function it appears in.)
In file included from /usr/local/src/ffmpeg-php-0.5.0/ffmpeg-php.c:26:
/usr/local/include/ffmpeg/avformat.h: In function `av_init_packet':
/usr/local/include/ffmpeg/avformat.h:48: warning: implicit declaration of function `int64_t_C'
/usr/local/include/ffmpeg/avformat.h:48: warning: integer constant is too large for "long" type
/usr/local/include/ffmpeg/avformat.h:49: warning: integer constant is too large for "long" type
*** Error code 1
Stop in /usr/local/src/ffmpeg-php-0.5.0.
After I get all this working and install it on a another machine I plan on writing a guide for FreeBSD users inside the tutorials section - but this one part has stumped me.
The only thing I can think of is something along the lines of maybe i downloaded a 64 bit version of something along the way?
Should i continue along this route with phpize adding it as an extension, or does someone else have some information on that ffmpeg_test.php file?
I plan to install one server with RAID with that run on a dedicated card which support FreeBSD. As i have not much experience in this,
View 4 Replies View Relatedi created a new cron job with "crontab -e" command by using the "root" user.
* * * * * php -f /path/file.php
i tried it for php -q too. while i type this command on the shell the php file works. there is no problem with crontab rule too. the chmod of file.php is 777, user root group wheel..
but it cant work. i couldnt understand why it aint.
i created a shell file and changed the cron like:
* * * * * /path/file.sh
and in file.sh:
#!/bin/sh
php -q /path/file.php
mkdir /path/anydir
so, /path/anydir have been created but file.php not executed. so the problem is not about cron rule.
This is the current setup for the user (which is a normal setup)
ISP
|
switch
|WAN |LAN 10.10.10.0/24
servers
switch is a cisco 2924XL
So on the servers there's dual ports one serves for WAN traffic and the other serves Local traffic.
Ive added in the sysctl net.link.ether.inet.log_arp_wrong_iface = 0 still no affect.
error...
Quote:
arp: IP_ADDRESS is on fxp0 but got reply from HW_ADDRESS on fxp1
arp: IP_ADDRESS is on fxp0 but got reply from HW_ADDRESS on fxp1
arp: IP_ADDRESS is on fxp0 but got reply from HW_ADDRESS on fxp1
arp: IP_ADDRESS is on fxp0 but got reply from HW_ADDRESS on fxp1
arp: IP_ADDRESS is on fxp0 but got reply from HW_ADDRESS on fxp1
arp: IP_ADDRESS is on fxp0 but got reply from HW_ADDRESS on fxp1
whats the command to find out what file system do i use on my FreeBSD server?
Linux Cat didnt worked out.
I'm facing this issue with FreeBSD 6.2.
After FreeBSD 6.2 install completely with no errors, the server is rebooted, then it says "no boot loader" even though the boot loader was installed during the setup.
I have tried to reinstall several times by 3 different sources, but no lucks.
I've been a web developer for some years now, and I've been working with PHP/MySQL in Linux quite a lot, but I've never worked with Linux. But now, I'm in a project where the last programmer was a FreeBSD-guru, but not so good in PHP/MySQL, so they hired me to take over. So the project is hosted on a dedicated FreeBSD-server, and I need to get all sftp-accounts and change them. How do I do that? I have root-access with PuTTY, and I know the basic commands, but I don't know where to start looking for account-settings. Is there anyone who knows how to do this?
I also need to reset the root-login to MySQL. I've only done this on Windows, and I'm not to comfortable testing without knowing. I found this guide: ...
I deleted my /var/log directory to clean up space, and now Exim won't work.
Can anyone please post the directory and subdirectory structure for /var/log on a FreeBSD system? I am hoping that with the right directories, the files will rewrite themselves...