Jump to content

The Sorrow

Active Members
  • Posts

    289
  • Joined

  • Last visited

  • Days Won

    2

Posts posted by The Sorrow

  1. So i want to make a proxy-like system that i can set as my default gateway which will then forward all traffic it sees to my real default gateway. This way i can monitor traffic with wireshark or similar. I know this can be done with IPTables (did something similar but very different). Any help for a guy like me?

  2. Is the 'LOGIN FAILED' coming from the application or MySQL?

    Could it be that the user you are connecting with doesn't have permissions to connect from its current host?

    No, its returned from IMAP. MySQL is only being accessed by the email server to query for mailboxes. Not by the users.

  3. Alright new stuff!

    So i followed THIS tutorial only slightly tweaking the setup for a separately hosted MySQL server. when i try to connect to the server via thunderbird i get the following log messages


    Aug 31 22:19:31 InternalMAILSRV pop3d: Connection, ip=[::ffff:10.x.x.x]
    Aug 31 22:19:31 InternalMAILSRV pop3d: Connection, ip=[::ffff:10.x.x.x]
    Aug 31 22:19:31 InternalMAILSRV pop3d: LOGOUT, ip=[::ffff:10.x.x.x]
    Aug 31 22:19:31 InternalMAILSRV pop3d: Disconnected, ip=[::ffff:10.x.x.x]
    Aug 31 22:19:31 InternalMAILSRV pop3d: LOGOUT, ip=[::ffff:10.x.x.x]
    Aug 31 22:19:31 InternalMAILSRV pop3d: Disconnected, ip=[::ffff:10.x.x.x]
    Aug 31 22:19:31 InternalMAILSRV postfix/smtpd[3794]: connect from unknown[10.x.x.x]
    Aug 31 22:19:31 InternalMAILSRV postfix/smtpd[3794]: disconnect from unknown[10.x.x.x]
    Aug 31 22:19:31 InternalMAILSRV postfix/smtpd[3794]: connect from unknown[10.x.x.x]
    Aug 31 22:19:31 InternalMAILSRV postfix/smtpd[3794]: disconnect from unknown[10.x.x.x]
    Aug 31 22:19:37 InternalMAILSRV postfix/smtpd[3794]: connect from unknown[10.x.x.x]
    Aug 31 22:19:37 InternalMAILSRV postfix/smtpd[3794]: improper command pipelining after EHLO from unknown[10.x.x.x]: QUIT\r\n
    Aug 31 22:19:37 InternalMAILSRV postfix/smtpd[3794]: disconnect from unknown[10.x.x.x]
    Aug 31 22:19:37 InternalMAILSRV postfix/smtpd[3796]: connect from unknown[10.x.x.x]
    Aug 31 22:19:37 InternalMAILSRV imapd: Connection, ip=[::ffff:10.x.x.x]
    Aug 31 22:19:37 InternalMAILSRV postfix/smtpd[3796]: lost connection after CONNECT from unknown[10.x.x.x]
    Aug 31 22:19:37 InternalMAILSRV postfix/smtpd[3796]: disconnect from unknown[10.x.x.x]
    Aug 31 22:19:37 InternalMAILSRV imapd: LOGOUT, ip=[::ffff:10.x.x.x], rcvd=24, sent=464
    Aug 31 22:19:38 InternalMAILSRV imapd: Connection, ip=[::ffff:10.x.x.x]
    Aug 31 22:19:38 InternalMAILSRV imapd: LOGIN FAILED, method=PLAIN, ip=[::ffff:10.x.x.x]
    Aug 31 22:19:43 InternalMAILSRV imapd: LOGIN FAILED, user=user@domain.org, ip=[::ffff:10.x.x.x]
    [/CODE]

    I also installed a postfixadmin instance to manage the users and virtual domains instead of the suggested one. SMTP and all the sql integration works fine. I create users and domains, they populate in the SQL database no problem. I try to get connected via thunderbird i get the above. However if i use squirrelmail i get this:

    [CODE]Aug 31 22:29:11 InternalMAILSRV imapd: Connection, ip=[::ffff:127.0.0.1]
    Aug 31 22:29:11 InternalMAILSRV imapd: LOGIN FAILED, user=user@domain.org, ip=[::ffff:127.0.0.1]
    Aug 31 22:29:16 InternalMAILSRV imapd: LOGOUT, ip=[::ffff:127.0.0.1], rcvd=60, sent=332
    [/CODE]

    Id would like to narrow down what the issue is. My guess is its courier's POP3 and IMAP not working correctly with the SQL integration. Not sure. OS is Ubuntu 12.04.1 LTS. Any gurus got any ideas? I really want to get this to work!!

  4. Alright. So i fillowed the above walkthrough to the best of my abilities and ive come across a bit of a rut. It seems like the postfixadmin doesnt update and create users in the MySQL database.

    heres what i get fom /var/log/mail.log

    Aug 22 09:53:46 MAILSRV pop3d: Connection, ip=[::ffff:10.*.*.*]
    Aug 22 09:53:46 MAILSRV authdaemond: received auth request, service=pop3, authtype=login
    Aug 22 09:53:46 MAILSRV authdaemond: authmysql: trying this module
    Aug 22 09:53:46 MAILSRV authdaemond: SQL query: SELECT username, password, "", '5000', '5000', '/home/vmail', "", concat(quota,'S'), name, "" FROM mailbox WHERE username = 'user@domain.org
    Aug 22 09:53:46 MAILSRV authdaemond: zero rows returned
    Aug 22 09:53:46 MAILSRV authdaemond: no password available to compare
    Aug 22 09:53:46 MAILSRV authdaemond: authmysql: REJECT - try next module
    Aug 22 09:53:46 MAILSRV pop3d: LOGIN FAILED, user=user@domain.org, ip=[::ffff:10.*.*.*]
    Aug 22 09:53:46 MAILSRV authdaemond: FAIL, all modules rejected
    Aug 22 09:53:51 MAILSRV pop3d: Disconnected, ip=[::ffff:10.*.*.*][/CODE]

    so since there is maybe ten very long config files, i was hoping you guys could continue to help me pinpoint the issue.

    Thanks ahead of time!

  5. Sorry, the first space should have been a colon.

    192.168.1.2:/path/to/nfs/share /opt/vsftpd/FTPServer/share1 nfs rw,hard,intr 0 0

    I keep getting a "[mntent]: line 16 in /etc/fstab is bad"

    heres the line

    10.50.0.100:/mnt/Videos /opt/The\ Lair\ FTP/Videos/ nfs rw,hard,intr 0 0[/CODE]

  6. Just to clarify you're wanting to make a server that listens / process SMTP traffic?

    yes, im trying to make the server work on intranet at first then NAT the ports to the internet.

    What language?

    Which language are you asking about?

  7. i have a TON of files on my NAS. Can i use NFS to mount the shares on my FTP server root? eg my FTP root is /opt/vsftpd/FTPServer. can i set my nfs shares to load in /opt/vsftpd/FTPServer?

  8. More random stuff here guys! I want to make an email server for personal use. Just like the idea of using my own domain for an email address. Anyway. Ive been trying to find a good howto on making a POP3/IMAP server with SMTP encrypted with SSL. What else interested me was using MySQL as a backend. Makes me want to make a SQL server to hold all my database stuff when its all said and done. But i digress. The few howtos and tutorials always seem to end up leaving me very confused and not sure why something is not working. I always get to the point where IMAP/POP and SMTP work, the web client i use detects the settings, but the user cant authenticate. Can i get some references or some direction from sone of you leet guys that have probably done this already? So far ive tried Postfix, Dovecot and courier with MySQL and Postfix Admin. Any other ideas?

  9. Well i got it figured out. Essentially what has to be done is you have to enable write and select a guest account.

    then i made the directory /opt/vsftpd/FTP

    i set /opt/vsftpd to chmod 444 because the new security rules require the root to be unwritable.

    then i set the FTP directory to chmod 764. created an ftpadmins group and set that as the group for the folder recursively so all new subdirectories and their containing files will mirror those permissions.

  10. I want to set up an FTP that has a generic user which can only download files. This user has to be password protected. I also want to create administrative users that can upload and download files, along with creating directories. I am currently using Ubuntu Server 12.04 and the daemon I'm trying to use at the moment is VSFTPD. Im open to other daemons but would prefer to use VSFTPD if possible.

  11. @Bwall - Well if you could do something like in Iron man, normally Tony has to state Jarvis's name and he quickly replies with a "Yes sir" or similar. Almost like a dialogue version of clicking the bash icon and a command prompt opening up. Then you begin the dialogue and the commands are ran. You could then make a universal terminating command. So if you could make a universal verbal initiator like that, problem more or less solved.

    @Bibbyb - Yes, Ive seen how voice synthesis works (in a small way, not in depth) so it will be a difficult thing to fine tune beyond personal use.

  12. I got inspired by Iron Man to try and make a VUI based linux machine. I know its probably a little advanced since i only really know python, but i can roll with it and see what crazy code i can come up with. My base idea is straightforward. Take a simple voice to text parsing program and use it to transform verbal commands into textual strings. The strings are then passed to an algorithm that will take the words and attempt to logically assign computer-friendly commands to them (possibly PHP script) and then execute the commands/script with an audio response. Now i can start coding the translation module immediately, but it would be nice to see what kind of output i can get from a program that parses voice to text so i can actually see what i would have to work with. Anyone know of such software? I am also more than open to input on how to execute this project as far as logical code flow and the like, since my design may be flawed.

  13. So i seem to have found a decent program to utilize. Sphider is a PHP/MySQL indexer and crawler. Just gonna have to tweak it to do its job automatically and constantly follow links from a root site. Still open to ideas though!

  14. Thanks, both you guys. Those are leads ill follow. But im looking to do some really deep web indexing. So something that follows links to other sites and such would be awesome too. It just sounds like fun to see what a bot can find on the tangle of routers and switches we call the internet.

  15. Im looking to set up a data-mining/spiderbot server for my own devious reasons. Can someone suggest a good piece of software that will run on Ubuntu Server and crawl the interwebs in search of informations? I would like it to toss its findings into some sort of database if all possible.

  16. Well i answered my own question by debating with a couple guys i know. here's the graphical idea:

    64488952.png

    Since i have a base license and the DMZ is restricted (cant initiate connections to the LAN (inside) network) no access lists need to be configured on the ASA. No issue with this except i like to have my DMZ servers use my LAN DNS servers for name resolution. Then on the switch I can use EIGRP to allow inter-vlan routing between all my VLANs and use access lists to limit the DMZ and Public Wifi to external addresses only. Then I can set ACLs for Private wifi and LAN to have access to anything on the network. The VLANs hosted on the switch will be the default gateway and ill set static routes to the ASA for next hop.

    Maybe this will be useful someday. Cheers!

  17. So i got my hands on a Cisco Adaptive Security Appliance 5505. Nifty little toy I'm trying out, just need some config ideas. What i want to do is set up the ASA as my main gateway to the inter-webs, just not sure how I'm gonna do it. I currently have a pfSense firewall which acts as a perimeter firewall and routes between my four different subnets which are:

    10.10.0.0/24 - LAN

    10.20.0.0/24 - DMZ

    10.30.0.0/24 - Private Wifi

    10.40.0.0/24 - Public Wifi

    I currently have the DMZ and LAN networks set as vlans on my 3560 switch. No inter-vlan routing or anything crazy (pfSense handles that). I have a couple ideas on how to do this, just wanted to know which one is the best, or if you guys have any better directions.

    Idea 1:

    plan1z.png

    Pretty simple, the way i assume this would work is the ASA would act as my pfSense firewall does. Only thing is i don't think ASAs can do inter-vlan routing or anything else like that. I know that with access lists configured i can trunk the Wifi port and allow only private wifi between vlans, but I'm not sure if the ASA will hold the default gateway IPs or if the switch will be the default gateway and have static routes to the ASA for addresses outside the network. The ports on the switch will be given vlan access depending on the device that is on said port.

    Idea 2:

    plan2o.png

    This one feels kind of Router-on-a-stick level... the switch holds all the inter-vlan routing with EIGRP and access controls will also be the sole responsibility of the switch. Only problem is i cant see how to make NAT and a DMZ work with this idea.

    So can a cisco guru please give me a direction to go? I really want to implement this ASA!!!

  18. Every school i have attended or heard of requires a student and their parents to sign a document specifying what and how the facility computers are to be used. (Some would call this an Acceptable Use Policy or AUP Agreement). Typically this document graphically explains how school (or any establishment with an organized IT department) computers are to be used, as well as spelling out what sort of disciplinary action will be taken if an individual breaks the terms of the document. This goes for employees and students. Every situation is different, but usually a flaw is fount by someone who is doing something they are not supposed to do. Try poking around any other business network and see how far it gets you when you report a flaw to someone you assume is in charge. The agreement you sign explains what to do, follow it, get rewarded.

×
×
  • Create New...