linux – How do I block port 22 to prevent incoming ssh on Ubuntu?

The thing to remember is that firewall rules are checked in the order they are listed. The kernel will stop processing the chain when a rule is triggered that will either allow or dis-allow a packet or connection.

I think the most common mistake for novice firewall administrators is that they follow the correct instructions to open a new port, such as the one one you did
and then discover that it won’t take effect.

The reason for that is that the -A option adds that new rule, after all existing rules and you probably have a higher priority existing rule that allows SSH.

Use -I to insert your new rules as the first in the chain and they will not be negated by existing rules, or rather , always look at your complete firewall config

See also Debugging iptables and common firewall pitfalls?

Full OS setup in USB pen drive connected to a monitor with USB port

Are there USB drive devices where I can plug it into a monitor with USB port and boot a Ubuntu OS ?
I am asking after coming across this.
I’m not looking for a live Ubuntu OS as the data doesn’t get stored in the USB flash drive. I am looking for full OS setup in the pen drive. Do such things exist ?

https://www.intel.com/content/www/us/en/products/boards-kits/compute-stick.html

recovery mode – Htc u11 didn’t any reaction to press button ony to see the computer the com port and phone flash

Stack Exchange Network


Stack Exchange network consists of 176 Q&A communities including Stack Overflow, the largest, most trusted online community for developers to learn, share their knowledge, and build their careers.

Visit Stack Exchange

applications – How can I make an Android Smart TV stop listening on a specific port?

So, I used the app “Remote ADB Shell” on my Android phone to grant the WRITE_SECURE_SETTINGS permission to my AndroidTV (HiSense Smart ATV). In order to grant this permission I had to connect my phone to my TV on my network using RSA key authentication.

It has been a while since I did the procedure, however, I believe that I set the IP address of my TV (192.168.0.9) and a port number of my selection (5756). I got a prompt on my TV asking me to allow the RSA key, I pressed accept and was able to send the ADB command necessary.

However, now my TV still listens on port 5756. How can I stop the TV from listening on this port?

networking – I have to type in port 80 after my website to see it (www.example.com:80 – but only with ssl)

I am new to server management and decided to learn by deploying my own website 😀

The problem is probably that I misconfigured iptables / didn’t configure them enough.

I have a node app running on port 8080 (https server, certificates are working well)

I ran sudo iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
to reroute all traffic that goes into the 80 port to go to 8080 – that worked for the normal http server -> I could go to www.example.com without issue.

tcptracerroute

tcptraceroute 159... 80
Selected device lo, address 159, port 35499 for outgoing packets
Tracing the path to 159 on TCP port 80 (http), 30 hops max
 1  ubuntu-main (159) (closed)  0.178 ms  0.064 ms  0.142 ms

(If it would help I can give the domain name / ip address)

netstat -ltnp

(sudo) password for twiggeh: 
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      531/systemd-resolve 
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      675/sshd: /usr/sbin 
tcp        0      0 127.0.0.1:42143         0.0.0.0:*               LISTEN      950/node            
tcp6       0      0 :::22                   :::*                    LISTEN      675/sshd: /usr/sbin 
tcp6       0      0 :::8080                 :::*                    LISTEN      1279/node   

iptables -L

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination 

networking – Create IPV6 proxies using a VPS /64 subnet to each port

Recently I adquired a VPS that has a ipv6 /64 subnet, and I would like to use my vps to create some ipv6 proxies. What I want to acomplish is this simillar to this project: https://github.com/dukaev/ipv4-ipv6-proxy

But for some reason, it’s not working for me. I would like to generate something like 1000 proxies from that subnet, without any authentication or anything.

I have almost no experience on this area, so I would like to ask for advice or any help about this. Thanks.

linux – Remove mirrored port in OpenVSwitch?

I’m using OpenVSwitch on a Linux host and I’ve managed to setup a port mirror. The problem is, now I can’t figure out how to remove it. I have a single bridge named vSwitch_WAN setup with multiple physical ethernet ports attached to it.

The command I used to create the mirror is the following:

#echo "Setup eth3 as a mirror port to capture off of eth7"
ovs-vsctl -- set Bridge vSwitch_WAN mirrors=@m -- --id=@eth7 get Port eth7 -- --id=@eth3 get Port eth3 -- --id=@m create Mirror name=mirror1 select-dst-port=@eth7 select-src-port=@eth7 output-port=@eth3

Now I want to remove this mirrored configuration. Anyone know how to do that?

Can I use an HDD on/off (6) switch controller with drives connected to an Adaptec 71605 16 port card?

attempting to build huge x299 to upgrade my Asrock Z87 Extreme 11ac
many of the storage drives are only required to be on “occasinally”
so to save on power consumption etc I’ve got hold of a 5.25 unit
with 6 on off switches and I wish to connect 2 hard drives to each “switch”
allowing me to keep 12 drives OFF or ON as required

my issue is that if I were to use an Adaptec ASR-71605 (in JBOD – non RAID)
will it allow some of the drives to function in this way
or will they simply not show up without rebooting

an alternative is to use two different non raid controllers (8 port each)

complete novice when it comes to understanding the complexities of raid controllers
as I’ve only ever required them to expand SATA ports and nothing else

apologies if i’m in the wrong place but I’m chomping at the bit to proceed with my huge pooter build

JouJye Super Gaming Chassis
ASUS X299 ROG Rampage VI Extreme
i9 9960X
G.Skill 8 x 8GB (64GB) DDR4 2666Mhz
3x 1TB m.2
18 Drives of 10 and 12Tb with one 14TB…. totalling 195TB

in the ideal world I am led to believe that a QNap is a must
but with what I’ve spent on the X299 build it’s gonna be
some considerable time (if ever) before I can afford such a unit

battery life – Do cables exist that will both charge via usb micro, but also function with a female usb port

I have a tablet, in particular, a Hyundai Protocol x8. The only port on it is a USB 2.0 micro type B port.
I can use a USB micro B to USB A Female adapter, then a USB hub, to plug in a keyboard, mouse, and other peripherals.
The problem arises that the tablet is then not charging, and is in fact, discharging a bit faster, as it is powering my mouse and keyboard.

Is there a solution or simple cable / hub anyone knows of, that would allow me to both charge the tablet, and have a USB hub? Id like to plug it in more permanently and use it as a very basic self-contained desktop and monitor.

html – Port Knocking usando javascript

estoy intentando realizar un portknoker mediante HTML y JavaScript usando websocket, pero tengo el problema que al realizar la apertura del websocket, el cual apunta a un host + port, se generan 3 conexiones tipo TCP, si bien el port en el server no esta abierto ni nateado, el mismo recibe la solicitud websocket y empieza a dialogar con el solicitante.
Solo necesito que haga una conexión, que no reintente.

Alguna idea? Muchas gracias.

Como ejecuto la conexión: new WebSocket(‘wss://algunaurl:port’);

asi lo ve el wireshark cuando analizo el trafico:
log del wireshark

Y ai lo ve el router desde el otro lado, en este caso un MKT.
log del MkT