Hi i have installed squid3 proxy server & the server is located between the switch & router all the traffic flows through squid3 server i am not able to:
1.Access FTP using filezilla software
2.Not able to update the mails as i am using thunderbird & microsoft outlook.
3.Not able to take remote of server outside the network using putty & Remote Desktop connection (Microsofts inbuilt tool)
4.Not able to send skype messages outside the network
I am able to
1.Browse http & https
2.Generate logs
I am not so familar with squid & iptables So please help me
I have not modified squid.conf file i have only entered the Network details & uncommented net.ipv4.ip_forward=1
which is present in /etc/sysctl.conf file
Related
I'm currently trying to setup a tunneling tool, specific for game servers.
So you can start the server locally and everyone can join without open your ports or getting unsecure.
Basicly I do a reverse ssh tunnel to one of my dedicated linux servers where the game port get mapped to a different port (for example 8888). So the server is now exposed to the internet and available for anyone and the user don't have to get unsecure and open his own ports. Everyone can connect to the following ip: SERVERADRESS:8888.
The command which gets executed looks like this:
ssh -N -R "*:8888:localhost:25565" root#SERVERADRESS
This works fine just as i want. But I also want to secure my "forwarding" server, so I'm relativ new to networking but I found reverse proxy's. I watched some tutorials and I installed the "Nginx Proxy Manager" tool which comes with a web interface and looks very good and easy. So there is an option to create an Stream (Picture below), there you can enter the incoming port and the forward Host + port, for example: REVERSEPROXY:7777 -> FORWARDINGSERVER:8888. So with this I want to hide the ip adress from the server where all the ssh tunnels. Sadly this Stream tool won't work, I already saw some other topics with that. They all said to enter the port into the docker-compose.yml which I already did + restart. But for now it won't work. Any other soloutions for this problem? Or completly different ideas to protect my server?
https://i.stack.imgur.com/FolLe.png https://i.stack.imgur.com/KuJbt.png https://i.stack.imgur.com/2SN4a.png https://i.stack.imgur.com/9kzbj.jpg
I try to do my own tunneling tool, but with a protection so that my server getting damaged.
I've created a web server on my Raspberry Pi 4 and using it for a web project that I'm currently working on as well as future website projects. Currently, I'm running on Pop OS Linux distro on my main laptop and SSH to the Raspberry Pi running as a web server. I'd like to install the letsencrypt SSL on the webserver. I've found some tutorials on a Google search and have had no luck with the installation of certbot. I'm currently running the Nginx web server on the Raspberry Pi.
I have changed some of the settings on the /etc/Nginx/sites-available & sites-enabled and still no luck with the SSL running on the webserver. Are there any other suggestions or tips that anyone can throw my way to get this web server installed with a secure socket layer of encryption? I'm currently running the web server on my Raspberry Pi's IP Address. Maybe I need to change it to an actual domain name beforehand and see if that works?
When I run:
sudo systemctl status nginx
It returns as active. Which is good. Any suggestions?
You should go for following the steps, serially:
You need to register a domain name with a official DNS (Domain Name System) Register, e.g. NameCheap, Google Domains, Go Daddy.
Install certbot following instructions on Let's Encrypt tutorials all SSL/TLS certificates will be installed automatically, (assuming that you're not requesting a wildcard certificate, I too recommend not doing so as it's a hassle in getting a wildcard certificate).
Make sure all ports are correctly forwarded to the Raspberry Pi and that there is no firewall interfering with the ports 443 and 80 and make sure that your ISP is not blocking them whatsoever, since Let's Encrypt needs to verify that your domain name and website exists and is accessible.
Not able to access nginx from outside the server
I have used ansible role written by me to download nginx on linux machines. But i'm not bale to access that nginx service outside of the server (the one on which it is installed)
https://github.com/kishanagarwal/ansible_poc/tree/master/roles/nginx
You can access the code from above url
I am able to get a welcome page of nginx service running on Centos machines, but can't get anything when i tried to access ip address of machine running on ubuntu 14.04 and having nginx installed on it.
Its simply means nginx port is not opened.
steps to follows:
login to your machine which is trying to access nginx.
if it is windows ,open DOS prompt OR if it is linux, open terminal.
run following command :
telnet
Based on output , if port is not open, you can refer following guide to open port:
https://www.cyberciti.biz/faq/howto-rhel-linux-open-port-using-iptables/
I'm trying to use Google's Colab feature to connect to a remote run-time that is configured with HTTPS. However, I only see an option to inform the port on the UI, not the protocol.
I've checked the Network panel and the website starts a WebSocket connection with http://localhost:8888/http_over_websocket?min_version=0.0.1a3, HTTP-style.
Full details of my setup:
I have a public Jupyter server at https://123.123.123.123:8888 with self-signed certificate and password authentication
I've followed jupyter_http_over_ws' setup on the remote
I started the remote process with jupyter notebook --no-browser --keyfile key.pem --certfile crt.pem --ip 0.0.0.0 --notebook-dir notebook --NotebookApp.allow_origin='https://colab.research.google.com'
I've created a local port forwarding with ssh -L 8888:localhost:8888 dev#123.123.123.123
I've turned on network.websocket.allowInsecureFromHTTPS on Firefox
I've went to https://localhost:8888 and logged in
Naturally, when the UI calls http://localhost:8888/http_over_websocket?min_version=0.0.1a3 it fails. If I manually access https://localhost:8888/http_over_websocket?min_version=0.0.1a3 (note the extra s) it gets through.
I see three options to solve it:
Tell the UI to use secure WS connection
Run a proxy on my local machine to transform the HTTPS into plain HTTP
Turn off HTTPS on my remote
The last two I think will work, but I wouldn't like that way.
How to do #1?
Thanks a lot!
Your option 1 isn't possible in colab today.
Why do you want to use HTTPS over an SSH tunnel that already encrypts forwarded traffic?
When I use WinSCP in Windows to connect to VMware with Ubuntu, it prompted this:
The server rejected SFTP connection, but it listens for FTP connections.
Did you want to use FTP protocol instead of SFTP? Prefer using encryption.
What's the matter?
I can succeed to ping Ubuntu in Windows.
The fact that you can ping the server has nothing to do with what protocols it supports.
The message says that the server does not listen on port 22 (SSH, SFTP), but listens on port 21 (FTP). The point of the message is that WinSCP defaults to SFTP protocol, what is not common. So it tries to help users who expect FTP to be a default. But that's not relevant to you apparently.
As #ps2goat suggested, make sure you setup SSH/SFTP server.
For more details, see the documentation for the error message The server rejected SFTP connection, but it listens for FTP connections.
If you see this error all of a sudden (when SFTP has always worked for you for this particular server), and if you are using CSF (ConfigServer Security & Firewall), then it might be that your IP was blocked for SSH access. Try flushing all blocks. Also, try restarting the SSH server.
Old question but still responding so others might get benefited.
I stumbled upon this error and the first thing I checked was if my ubuntu machine had ssh installed. It was there and the latest version and I still would get this error.
As long as you have ssh access to the target, check the ssh service status and most certainly it'd be found inactive. Turn it on using
sudo service ssh restart
and you should be back in the game.
Do check the status of the SFTP by using
sudo service ssh status
and take any corrective action.