Author Topic: Security question [solved] (Read 1769 times)

metro · « **on:** June 24, 2011, 07:49:41 AM »

Hi Guys
not sure if this is a security or permission issue (can ya tell I'm a noob)

I am using RunBasic http://runbasic.com/ Run BASIC Personal Server is an all-in-one system that makes web programming easy and fun.

all is fine until I make a httpget$() request for a file or image on the net.
I get an error message

Quote

Runtime Error in program 'untitled': Afile$ = httpget$("http://ichart.finance.yahoo.com/table.csv?s=nab.ax&c=2010")
URL not found: http://ichart.finance.yahoo.com/table.csv?s=nab.ax&c=2010

is there somewhere I should be looking within PCLINUXOS to enable access to the net
the program serves on port 8008.
I am using the latest KDE version of PCLINUXOS
pasting the url into Firefox and the file download pops up also my code works fine on winXP in VirtualBox on the same machine
(with windows version of program.)

any help appreciated

regards

Laurie

Joble · « **Reply #1 on:** June 24, 2011, 08:22:12 AM »

Is that in the repo?

Since you can access the net on your machine, I think you would have to ask at the Run BASIC Forum

metro · « **Reply #2 on:** June 24, 2011, 04:29:45 PM »

Thank you Joble

because of initial permission problems when I first setup RB I thought there maybe some thing I missed (didn't understand)

will try RB Forum.

maybe it should be in the REPO there is a free version

regards

Laurie

muungwana · « **Reply #3 on:** June 24, 2011, 05:29:32 PM »

I downloaded the program, started it on the terminal with "./rbp rb.im" as the advised in the "readme.txt file". I run it and it opened a tab in firefox, i added the line you gave above, clicked "run program" and i didnt get any error messages. My initial though was that you are getting the error because you are running a firewall and port 8008 is blocked and that is why you are getting that error. I blocked the port and firefox just spinned and spinned and spinned waiting for a response from the server but no error msg.

I can not reproduce your problem or maybe we are running this program differently? How do you run it?

metro · « **Reply #4 on:** June 24, 2011, 07:36:49 PM »

muungwana
appreciate you taking the time
I have an shortcut setup on the desktop to start RB and as you stated then click "Launch in Browser"
I didn't paste all the code before because it was relevent to the app(RB)

Code: [Select]

'get csv data for ASX Ticker

Afile$ = httpget$("http://ichart.finance.yahoo.com/table.csv?s=nab.ax&c=2011")

'Create a disk file, then write the

open DefaultDir$+osDelimiter$()+"uploads"+osDelimiter$()+"table.csv" for output as #g
'write data to new file
print #g, Afile$;
close #g
wait


function osDelimiter$()
osDelimiter$ = "/"
if Platform$ = "win32" then osDelimiter$ = "\"
end function

paste this into firefox and you will be prompted to save the file

Quote

http://ichart.finance.yahoo.com/table.csv?s=nab.ax&c=2011

I have created several small programs that function fine on served on localhost

EDIT: OK

Quote

My initial though was that you are getting the error because you are running a firewall and port 8008 is blocked and that is why you are getting that error.

I disabled my firewall and my code works thanks muungwana

I guess I now need advice as to enable firewall but allow RB to access the net

thanks in advance

Laurie

muungwana · « **Reply #5 on:** June 24, 2011, 08:24:24 PM »

you disabled the firewall and the code works, you enable the firewall and it doesnt work. So the problem is the firewall.

I run it here and looked and looked at the traffic and it look like this server and the browser communicate over the local interface.

Enable the firewall, check to confirm it doesnt work and then open the terminal, log in as root then run this command and check again if it now works or not

iptables -I INPUT -i lo -p tcp --dport 8008 -j ACCEPT

ps:
copy and paste the command to make sure you dont mistype it

djohnston · « **Reply #6 on:** June 24, 2011, 09:59:07 PM »

In the personal firewall settings GUI, you can also select the advanced options and enter the exception there.

metro · « **Reply #7 on:** June 24, 2011, 10:02:22 PM »

muungwana

thanks again for taking the time

enabled the firewall again with no other changes and it now works
I will keep a note of the command you have outlined and must do some
reading on iptables

Asante sana

Laurie

edit: thanks djohnston will check that out

metro · « **Reply #8 on:** June 25, 2011, 08:26:33 PM »

sorry guys back again

all fine till I re-started today. This time though when I disable the firewall in PCC
it has no effect program still can't access the net.

Quote

Enable the firewall, check to confirm it doesnt work and then open the terminal, log in as root then run this command and check again if it now works or not

iptables -I INPUT -i lo -p tcp --dport 8008 -j ACCEPT
ps:
copy and paste the command to make sure you dont mistype it

I did this still doesn't work so disabled firewall again and re-booted

not working
trieddjohnston's idea and still no go

any ideas
thanks in advance

Laurie

muungwana · « **Reply #9 on:** June 25, 2011, 08:39:29 PM »

open the terminal, log in as root and do the following:

1. run these commands
service syslog start
echo "" > /var/log/syslog
iptables -I OUTPUT -j LOG

after you run those programs, try to run that program in a way that will make it try go online and then run this last command and post your output in "code" tags for easy readability

cat /var/log/syslog

metro · « **Reply #10 on:** June 25, 2011, 09:41:23 PM »

thanks muungwana

odd thing happening here, left firewall turned off then entered in terminal as root.......... echo "" > /var/log/syslog
imediatley entered cat /var/log/syslog expecting to find syslog empty. but no pages of lines (not sure of meanings)

turned firewall back on followed your list of commands, there are maybe 100 lines of output so I repeated
echo "" > /var/log/syslog
cat /var/log/syslog
then immediatley cat /var/log/syslog again and got the following

Code: [Select]

[root@localhost laurie]# echo " " >/var/log/syslog
[root@localhost laurie]# cat /var/log/syslog
 
[root@localhost laurie]# cat /var/log/syslog
 
Jun 26 11:35:13 localhost last message repeated 2 times
Jun 26 11:35:17 localhost psad: scan detected: 127.0.0.1 -> 127.0.0.1 udp: [512] tcp pkts: 2 udp pkts: 2 DL: 4
Jun 26 11:35:17 localhost sendmail[17537]: p5Q3ZHUl017537: from=root, size=1260, class=0, nrcpts=1, msgid=<201106260335.p5Q3ZHUl017537@localhost.localdomain>, relay=root@localhost
Jun 26 11:35:17 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=17072 DF PROTO=TCP SPT=50111 DPT=25 WINDOW=32792 RES=0x00 SYN URGP=0 
Jun 26 11:35:17 localhost last message repeated 2 times
Jun 26 11:35:17 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=25 DPT=50111 WINDOW=32768 RES=0x00 ACK SYN URGP=0 
Jun 26 11:35:17 localhost last message repeated 2 times
Jun 26 11:35:17 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=17073 DF PROTO=TCP SPT=50111 DPT=25 WINDOW=513 RES=0x00 ACK URGP=0 
Jun 26 11:35:17 localhost last message repeated 2 times
Jun 26 11:35:17 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=48556 DF PROTO=TCP SPT=58198 DPT=113 WINDOW=32792 RES=0x00 SYN URGP=0 
Jun 26 11:35:17 localhost last message repeated 2 times
Jun 26 11:35:17 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=113 DPT=58198 WINDOW=0 RES=0x00 ACK RST URGP=0 
Jun 26 11:35:17 localhost last message repeated 2 times
Jun 26 11:35:17 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=141 TOS=0x00 PREC=0x00 TTL=64 ID=36161 DF PROTO=TCP SPT=25 DPT=50111 WINDOW=512 RES=0x00 ACK PSH URGP=0 
Jun 26 11:35:17 localhost last message repeated 2 times
Jun 26 11:35:17 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=17074 DF PROTO=TCP SPT=50111 DPT=25 WINDOW=513 RES=0x00 ACK URGP=0
Jun 26 11:35:17 localhost last message repeated 2 times
Jun 26 11:35:17 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=80 TOS=0x00 PREC=0x00 TTL=64 ID=17075 DF PROTO=TCP SPT=50111 DPT=25 WINDOW=513 RES=0x00 ACK PSH URGP=0
Jun 26 11:35:17 localhost last message repeated 2 times
Jun 26 11:35:17 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=36162 DF PROTO=TCP SPT=25 DPT=50111 WINDOW=512 RES=0x00 ACK URGP=0
Jun 26 11:35:17 localhost last message repeated 2 times
Jun 26 11:35:17 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=271 TOS=0x00 PREC=0x00 TTL=64 ID=36163 DF PROTO=TCP SPT=25 DPT=50111 WINDOW=512 RES=0x00 ACK PSH URGP=0
Jun 26 11:35:17 localhost last message repeated 2 times
Jun 26 11:35:17 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=134 TOS=0x00 PREC=0x00 TTL=64 ID=17076 DF PROTO=TCP SPT=50111 DPT=25 WINDOW=530 RES=0x00 ACK PSH URGP=0
Jun 26 11:35:17 localhost last message repeated 2 times
Jun 26 11:35:17 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=105 TOS=0x00 PREC=0x00 TTL=64 ID=36164 DF PROTO=TCP SPT=25 DPT=50111 WINDOW=512 RES=0x00 ACK PSH URGP=0
Jun 26 11:35:17 localhost last message repeated 2 times
Jun 26 11:35:17 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=17077 DF PROTO=TCP SPT=50111 DPT=25 WINDOW=530 RES=0x00 ACK PSH URGP=0
Jun 26 11:35:17 localhost last message repeated 2 times
Jun 26 11:35:17 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=158 TOS=0x00 PREC=0x00 TTL=64 ID=36165 DF PROTO=TCP SPT=25 DPT=50111 WINDOW=512 RES=0x00 ACK PSH URGP=0
Jun 26 11:35:17 localhost last message repeated 2 times
Jun 26 11:35:17 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=1624 TOS=0x00 PREC=0x00 TTL=64 ID=17078 DF PROTO=TCP SPT=50111 DPT=25 WINDOW=530 RES=0x00 ACK PSH URGP=0
Jun 26 11:35:17 localhost last message repeated 2 times
Jun 26 11:35:18 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=36166 DF PROTO=TCP SPT=25 DPT=50111 WINDOW=770 RES=0x00 ACK URGP=0
Jun 26 11:35:18 localhost last message repeated 2 times
Jun 26 11:35:18 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=55 TOS=0x00 PREC=0x00 TTL=64 ID=17079 DF PROTO=TCP SPT=50111 DPT=25 WINDOW=530 RES=0x00 ACK PSH URGP=0
Jun 26 11:35:18 localhost last message repeated 2 times
Jun 26 11:35:18 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=36167 DF PROTO=TCP SPT=25 DPT=50111 WINDOW=770 RES=0x00 ACK URGP=0
Jun 26 11:35:18 localhost last message repeated 2 times
Jun 26 11:35:18 localhost sendmail[17538]: p5Q3ZHrx017538: from=<root@localhost.localdomain>, size=1528, class=0, nrcpts=1, msgid=<201106260335.p5Q3ZHUl017537@localhost.localdomain>, proto=ESMTP, daemon=MTA, relay=localhost.localdomain [127.0.0.1]
Jun 26 11:35:18 localhost sendmail[17537]: p5Q3ZHUl017537: to=root@localhost, ctladdr=root (0/0), delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=31260, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (p5Q3ZHrx017538 Message accepted for delivery)
Jun 26 11:35:18 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=108 TOS=0x00 PREC=0x00 TTL=64 ID=36168 DF PROTO=TCP SPT=25 DPT=50111 WINDOW=770 RES=0x00 ACK PSH URGP=0
Jun 26 11:35:18 localhost last message repeated 2 times
Jun 26 11:35:18 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=58 TOS=0x00 PREC=0x00 TTL=64 ID=17080 DF PROTO=TCP SPT=50111 DPT=25 WINDOW=530 RES=0x00 ACK PSH URGP=0
Jun 26 11:35:18 localhost last message repeated 2 times
Jun 26 11:35:18 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=36169 DF PROTO=TCP SPT=25 DPT=50111 WINDOW=770 RES=0x00 ACK PSH URGP=0
Jun 26 11:35:18 localhost last message repeated 2 times
Jun 26 11:35:18 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=36170 DF PROTO=TCP SPT=25 DPT=50111 WINDOW=770 RES=0x00 ACK FIN URGP=0
Jun 26 11:35:18 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=17081 DF PROTO=TCP SPT=50111 DPT=25 WINDOW=530 RES=0x00 ACK FIN URGP=0
Jun 26 11:35:18 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=36170 DF PROTO=TCP SPT=25 DPT=50111 WINDOW=770 RES=0x00 ACK FIN URGP=0
Jun 26 11:35:18 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=17081 DF PROTO=TCP SPT=50111 DPT=25 WINDOW=530 RES=0x00 ACK FIN URGP=0
Jun 26 11:35:18 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=36170 DF PROTO=TCP SPT=25 DPT=50111 WINDOW=770 RES=0x00 ACK FIN URGP=0
Jun 26 11:35:18 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=17081 DF PROTO=TCP SPT=50111 DPT=25 WINDOW=530 RES=0x00 ACK FIN URGP=0
Jun 26 11:35:18 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=36171 DF PROTO=TCP SPT=25 DPT=50111 WINDOW=770 RES=0x00 ACK URGP=0
Jun 26 11:35:18 localhost last message repeated 2 times
Jun 26 11:35:18 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=17082 DF PROTO=TCP SPT=50111 DPT=25 WINDOW=530 RES=0x00 ACK URGP=0
Jun 26 11:35:18 localhost last message repeated 2 times
Jun 26 11:35:18 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=62 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=56053 DPT=512 LEN=42
Jun 26 11:35:18 localhost last message repeated 2 times
Jun 26 11:35:18 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=90 TOS=0x00 PREC=0xC0 TTL=64 ID=36091 PROTO=ICMP TYPE=3 CODE=3 [SRC=127.0.0.1 DST=127.0.0.1 LEN=62 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=56053 DPT=512 LEN=42 ]
Jun 26 11:35:18 localhost last message repeated 2 times
Jun 26 11:35:18 localhost sendmail[17539]: p5Q3ZHrx017538: to=<root@localhost.localdomain>, ctladdr=<root@localhost.localdomain> (0/0), delay=00:00:01, xdelay=00:00:00, mailer=local, pri=31761, dsn=2.0.0, stat=Sent
[root@localhost laurie]#

If I follow your instructions I get much more output
there seems to be a constant activity behind the scenes

Laurie

metro · « **Reply #11 on:** June 25, 2011, 10:09:42 PM »

muungwana
the system here won't accept the full output so here is part of it

Code: [Select]

Jun 26 11:52:55 localhost last message repeated 8 times
Jun 26 11:52:57 localhost psad: scan detected: 192.168.0.199 -> 192.168.0.255 udp: [631] udp pkts: 2 DL: 3
Jun 26 11:52:57 localhost sendmail[21623]: p5Q3qvEJ021623: from=root, size=1656, class=0, nrcpts=1, msgid=<201106260352.p5Q3qvEJ021623@localhost.localdomain>, relay=root@localhost
Jun 26 11:52:57 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=51933 DF PROTO=TCP SPT=39980 DPT=25 WINDOW=32792 RES=0x00 SYN URGP=0 
Jun 26 11:52:57 localhost last message repeated 2 times
Jun 26 11:52:57 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=25 DPT=39980 WINDOW=32768 RES=0x00 ACK SYN URGP=0 
Jun 26 11:52:57 localhost last message repeated 2 times
Jun 26 11:52:57 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=51934 DF PROTO=TCP SPT=39980 DPT=25 WINDOW=513 RES=0x00 ACK URGP=0 
Jun 26 11:52:57 localhost last message repeated 2 times
Jun 26 11:52:57 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=45189 DF PROTO=TCP SPT=35496 DPT=113 WINDOW=32792 RES=0x00 SYN URGP=0 
Jun 26 11:52:57 localhost last message repeated 2 times
Jun 26 11:52:57 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=113 DPT=35496 WINDOW=0 RES=0x00 ACK RST URGP=0 
Jun 26 11:52:57 localhost last message repeated 2 times
Jun 26 11:52:57 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=141 TOS=0x00 PREC=0x00 TTL=64 ID=38396 DF PROTO=TCP SPT=25 DPT=39980 WINDOW=512 RES=0x00 ACK PSH URGP=0 
Jun 26 11:52:57 localhost last message repeated 2 times
Jun 26 11:52:57 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=51935 DF PROTO=TCP SPT=39980 DPT=25 WINDOW=513 RES=0x00 ACK URGP=0 
Jun 26 11:52:57 localhost last message repeated 2 times
Jun 26 11:52:57 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=80 TOS=0x00 PREC=0x00 TTL=64 ID=51936 DF PROTO=TCP SPT=39980 DPT=25 WINDOW=513 RES=0x00 ACK PSH URGP=0 
Jun 26 11:52:57 localhost last message repeated 2 times
Jun 26 11:52:57 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=38397 DF PROTO=TCP SPT=25 DPT=39980 WINDOW=512 RES=0x00 ACK URGP=0 
Jun 26 11:52:57 localhost last message repeated 2 times
Jun 26 11:52:57 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=271 TOS=0x00 PREC=0x00 TTL=64 ID=38398 DF PROTO=TCP SPT=25 DPT=39980 WINDOW=512 RES=0x00 ACK PSH URGP=0 
Jun 26 11:52:57 localhost last message repeated 2 times
Jun 26 11:52:57 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=134 TOS=0x00 PREC=0x00 TTL=64 ID=51937 DF PROTO=TCP SPT=39980 DPT=25 WINDOW=530 RES=0x00 ACK PSH URGP=0 
Jun 26 11:52:57 localhost last message repeated 2 times
Jun 26 11:52:57 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=105 TOS=0x00 PREC=0x00 TTL=64 ID=38399 DF PROTO=TCP SPT=25 DPT=39980 WINDOW=512 RES=0x00 ACK PSH URGP=0 
Jun 26 11:52:57 localhost last message repeated 2 times
Jun 26 11:52:57 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=51938 DF PROTO=TCP SPT=39980 DPT=25 WINDOW=530 RES=0x00 ACK PSH URGP=0 
Jun 26 11:52:57 localhost last message repeated 2 times
Jun 26 11:52:57 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=158 TOS=0x00 PREC=0x00 TTL=64 ID=38400 DF PROTO=TCP SPT=25 DPT=39980 WINDOW=512 RES=0x00 ACK PSH URGP=0 
Jun 26 11:52:57 localhost last message repeated 2 times
Jun 26 11:52:57 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=2036 TOS=0x00 PREC=0x00 TTL=64 ID=51939 DF PROTO=TCP SPT=39980 DPT=25 WINDOW=530 RES=0x00 ACK PSH URGP=0 
Jun 26 11:52:57 localhost last message repeated 2 times
Jun 26 11:52:57 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=38401 DF PROTO=TCP SPT=25 DPT=39980 WINDOW=770 RES=0x00 ACK URGP=0 
Jun 26 11:52:57 localhost last message repeated 2 times
Jun 26 11:52:57 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=55 TOS=0x00 PREC=0x00 TTL=64 ID=51940 DF PROTO=TCP SPT=39980 DPT=25 WINDOW=530 RES=0x00 ACK PSH URGP=0 
Jun 26 11:52:57 localhost last message repeated 2 times
Jun 26 11:52:57 localhost klogd: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=38402 DF PROTO=TCP SPT=25 DPT=39980 WINDOW=770 RES=0x00 ACK URGP=0 
Jun 26 11:52:57 localhost last message repeated 2 times
Jun 26 11:52:57 localhost sendmail[21624]: p5Q3qvLZ021624: from=<root@localhost.localdomain>, size=1924, class=0, nrcpts=1, msgid=<201106260352.p5Q3qvEJ021623@localhost.localdomain>, proto=ESMTP, daemon=MTA, relay=localhost.localdomain [127.0.0.1]
Jun 26 11:52:57 localhost sendmail[21623]: p5Q3qvEJ021623: to=root@localhost, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=31656, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (p5Q3qvLZ021624 Message accepted for delivery)

muungwana · « **Reply #12 on:** June 25, 2011, 10:25:59 PM »

you can now run "service iptables restart" to stop your system from making those log entries and then run "echo "" > /var/log/syslog" to clear the log.

It looks like you are running a program called "psad" and it is some sort of an intrusion monitor program and noticed something was logging your traffic and started sending you warning emails. All those logs are of the program sending emails to root and not from the rbp and hence arent very useful.

I was trying to see if traffic was flowing btw your browser and the rbp server but no entry of the traffic is in your post.

Anyway, going back to your earlier comment. The other day you said it worked even after you have the firewall up and this could mean the problem could be with the way you are starting it. It sometimes works and it some times doesnt. The problem could be with how you are starting it or what other program you have running when you are using it.

Start it from the terminal,not from your shortcut and see if it still doesnt work.

metro · « **Reply #13 on:** June 25, 2011, 10:53:34 PM »

thanks muungwana
seems you've got it this time

I have used the desktop shortcut for well over 6 months with no issues
a few days back I created an autostart shortcut in KDE which linked to the desktop icon

had no reason to suspect there was a problem and for the small programs I was creating
there was no issue because I wasn't retrieving info from the net.

I have deleted the autostart shortcut and have gone back to a manual start and even after a re-boot
all works as it should.

sorry to have been a pain.
I really appreciate the time you and others here put into solving problems for us noobs here
we'd be lost with out you all

regards

Laurie

muungwana · « **Reply #14 on:** June 25, 2011, 11:31:30 PM »

Glad you got this one behind you.

No need to apologize as you weren't a pain at all. Problem solving is fun and all you did was giving me and those who followed the thread in silence an opportunity to solve one more problem. Most us wouldnt be here is there were no problems to solve so, without hesitation, just ask as many questions as you can manage to come up with

ps:
where did you learn how to say "thank you" in swahili?

PCLinuxOS-Forums

News:

Author Topic: Security question [solved] (Read 1769 times)

metro

Security question [solved]

Joble

Re: Security question

metro

Re: Security question

muungwana

Re: Security question

metro

Re: Security question

muungwana

Re: Security question

djohnston

Re: Security question

metro

Re: Security question [solved]

metro

Re: Security question

muungwana

Re: Security question

metro

Re: Security question

metro

Re: Security question

muungwana

Re: Security question

metro

Re: Security question

muungwana

Re: Security question [solved]