Search found 37 matches
| Author | Message |
|---|---|
 Topic: Security =>incoming Log (Log_incoming.asp) what caused th |
|
| inetquestion Replies: 11 Views: 219 |
 Forum: Advanced Networking Posted: Thu Feb 02, 2023 23:59 Subject: Security =>incoming Log (Log_incoming.asp) what caused th |
| Tried log level on low & high, there is nothing there about dropped connections.
However, not concerned with figuring out why messages aren't logged in /var/log/messages as I've already parse ... |
|
 |
|
| Topic: Security =>incoming Log (Log_incoming.asp) what caused th |
|
| inetquestion Replies: 11 Views: 219 |
Forum: Advanced Networking Posted: Thu Feb 02, 2023 21:20 Subject: Security =>incoming Log (Log_incoming.asp) what caused th |
| Doing this: grep -i drop /var/log/messages
results in lots of info about "authpriv.info dropbear". There is nothing there about dropped connections. Is there a reason to look here, ... |
|
|
|
| Topic: Security =>incoming Log (Log_incoming.asp) what caused th |
|
| inetquestion Replies: 11 Views: 219 |
Forum: Advanced Networking Posted: Thu Feb 02, 2023 20:58 Subject: Security =>incoming Log (Log_incoming.asp) what caused th |
| The contents change constantly... here is a snapshot.
Questions: - what causes these to appear - Is there any reason I shouldn't parse this list and block them permanently? |
|
|
|
| Topic: Security =>incoming Log (Log_incoming.asp) what caused th |
|
| inetquestion Replies: 11 Views: 219 |
Forum: Advanced Networking Posted: Thu Feb 02, 2023 19:30 Subject: Security =>incoming Log (Log_incoming.asp) what caused th |
| Looking at list of dropped connections in Log_incoming.asp
Are these entries due to port scanning? Is there any reason you shouldn't block entries found in this list permanently? |
|
|
|
| Topic: How to best lockdown router with iptables |
|
| inetquestion Replies: 1 Views: 96 |
Forum: Advanced Networking Posted: Mon Jan 30, 2023 20:49 Subject: How to best lockdown router with iptables |
| Is there a list of FW rules which can be added to iptables to bolster security. Would like to lock it down much more than the check boxes provided within the gui.
Running version r51506 on linksys ... |
|
|
|
| Topic: [SOLVED]Firewall script present, but doesn't do anything |
|
| inetquestion Replies: 9 Views: 221 |
Forum: Advanced Networking Posted: Mon Jan 30, 2023 1:42 Subject: [SOLVED]Firewall script present, but doesn't do anything |
| Out of curiosity, why is using ipset so much faster than adding rules through iptables? It's orders of magnitude faster. For ~10,000 addresses it took around 200-300 seconds to add them. Now it can ... | |
|
|
| Topic: [SOLVED]Firewall script present, but doesn't do anything |
|
| inetquestion Replies: 9 Views: 221 |
Forum: Advanced Networking Posted: Sun Jan 29, 2023 3:30 Subject: [SOLVED]Firewall script present, but doesn't do anything |
| Adding ipset command in the firewall script first fixed it. Didn't realize iptables did a verification to ensure that existed, but it makes sense now. :)
Thanks for the assistance! |
|
|
|
| Topic: [SOLVED]Firewall script present, but doesn't do anything |
|
| inetquestion Replies: 9 Views: 221 |
Forum: Advanced Networking Posted: Sun Jan 29, 2023 3:24 Subject: [SOLVED]Firewall script present, but doesn't do anything |
| The ipset list is created by an external process which updates every minute with new entries. Think I see what you mean...
A test showed I'm unable to issue the iptables command if the ipset part ... |
|
|
|
| Topic: [SOLVED]Firewall script present, but doesn't do anything |
|
| inetquestion Replies: 9 Views: 221 |
Forum: Advanced Networking Posted: Sat Jan 28, 2023 19:51 Subject: firewall script not applied after reboot. |
| Currnetly running version: v3.0-r51306
Linksys WRT3200ACM Many IPs were added to an ipset list named BLOCKED. This part is working. The part I'm confused about is why doesn't the rule below wh ... |
|
|
|
| Topic: [SOLVED]Firewall script present, but doesn't do anything |
|
| inetquestion Replies: 9 Views: 221 |
Forum: Advanced Networking Posted: Sat Jan 28, 2023 15:40 Subject: [SOLVED]Firewall script present, but doesn't do anything |
| Saved an entry in Administration>Commands>Firewall
[code] iptables -I FORWARD -m set --match-set BLOCKED src -j logdrop [/code] Verified the entry above was saved to /tmp/.rc_firewal ... |
|
|
|
| Topic: iptables - programmatically examine dropped IPs? |
|
| inetquestion Replies: 1 Views: 200 |
Forum: Advanced Networking Posted: Fri Oct 21, 2022 21:26 Subject: iptables - programmatically examine dropped IPs? |
| Existing process creates a logdrop entry for offending IPs in iptables. Would like to see how often blocked IPs gets dropped afterward.
Looked in /var/log/messages and see nothing related to dr ... |
|
|
|
| Topic: Enable/Disable Iptables rule via cron... |
|
| inetquestion Replies: 8 Views: 1141 |
Forum: Advanced Networking Posted: Fri Jan 28, 2022 18:41 Subject: iptables additions not taking affect when updated via cron |
| Curious if you figured this out. Doing something similar...
If my script is run manually, it makes iptables additions as expected. The script when run via cron is running and is executing the com ... |
|
|
|
| Topic: Host/network blocking based on IDS scan |
|
| inetquestion Replies: 0 Views: 1483 |
Forum: Advanced Networking Posted: Wed Jan 12, 2022 13:07 Subject: Host/network blocking based on IDS scan |
| Came across an old program (scalp) which scans access logs looking for regex of known security exploits... Thought it would be interesting to integrate this with dd-wrt/iptables to block source of at ... | |
|
|
| Topic: need help Setting QoS via command line (telnet or ssh) |
|
| inetquestion Replies: 12 Views: 8871 |
Forum: Advanced Networking Posted: Sat Oct 30, 2021 19:03 Subject: what was resolution? |
|
Curious, did you resolved the issue/question with QOS? I'm getting something similar with SSH accepting authentication and then hanging. Many of the threads on that topics are pointing to QOS re ... |
|
|
|
| Topic: TFTP upload script with menu - waits until host available |
|
| inetquestion Replies: 3 Views: 13012 |
Forum: Contributions Upload Posted: Mon Oct 11, 2021 13:28 Subject: TFTP upload script with menu - waits until host available |
| Wondered why the HOST was in the *config* section... smh | |
|
|
| All times are GMT |