≡ Menu

ip address

Security Through Obscurity: MAC Address Filtering ( Layer 2 Filtering )

MAC Filtering (layer 2 address filtering) refers to a security access control methodology whereby the 48-bit address assigned to each network card is used to determine access to the network. Iptables, pf, and IPFW can block a certain MAC address on a network, just like an IP. One can deny or allow from MAC address like 00:1e:2a:47:42:8d using open source firewalls. MAC address filtering is often used to secure LAN or wireless network / devices. Is this technique effective?
[click to continue…]

How to Access Network When Everything Else is Blocked

There is a program called Ping Tunnel to send TCP traffic over ICMP. From the project home page:

Ptunnel is an application that allows you to reliably tunnel TCP connections to a remote host using ICMP echo request and reply packets, commonly known as ping requests and replies. At first glance, this might seem like a rather useless thing to do, but it can actually come in handy in some cases. The following example illustrates the main motivation in creating ptunnel:

Setting: You're on the go, and stumble across an open wireless network. The network gives you an IP address, but won't let you send TCP or UDP packets out to the rest of the internet, for instance to check your mail. What to do? By chance, you discover that the network will allow you to ping any computer on the rest of the internet. With ptunnel, you can utilize this feature to check your mail, or do other things that require TCP.

Absolutely fantastic -- it Just Works. Download ping tunnel here.

Linux Calculating Subnets with ipcalc and sipcalc Utilities

If you need to calculate subnet under Linux use an IP Netmask/broadcast calculator called ipcal. You can calculate IPv4 or IPv6 address. Supported features:

=> Multiple address and netmask input formats.
=> Retrieving of address information from interfaces.
=> Classfull and CIDR output.
=> Multiple address and netmask output formats (dotted quad, hex, number of bits).
=> Output of broadcast address, network class, Cisco wildcard, hosts/range, network range.
=> Output of multiple types of bitmaps.

=> Output of a user-defined number of extra networks.
=> Multiple networks input from commandline.
=> DNS resolutions of hostnames.
=> Compressed and expanded input addresses.
=> Compressed and expanded output.
[click to continue…]

February 6, 2007 : nixCraft FAQ Roundup

Recently updated/posted Linux and UNIX FAQ:

=> Shell command or script to write simple output on screen under Linux and UNIX

=> Delete a log files in Linux or UNIX

=> VSFTPD limit the number of simultaneous vsftpd connections for a single IP address

=> Gnome Desktop Keyboard Shortcut Keys

=> Disable Advanced power management (APM) on Linux

=> Locate files on linux, FreeBSD and UNIX system

=> List installed packages on Linux or FreeBSD / OpenBSD system

=> Howto: Use mysql or run mysql queries from shell script

=> Linux configure batch jobs using at command

=> Solaris add a new swap file for database

=> Apache server view performance status with mod_status configuration

=> Howto Secure portmap service using iptables and TCP Wrappers under Linux

Lighttpd restrict or deny access by IP address

Lighttpd logo

So how do you restrict or deny access by IP address using Lighttpd web server?

Lighttpd has mod_access module. The access module is used to deny access to files with given trailing path names. You need to combine this with remoteip conditional configuration. Syntax is as follows:

$HTTP["remoteip"] == "IP" : Match on the remote IP
$HTTP["remoteip"] !~ "IP1|IP2" : Do not match on the remote IP (perl style regular expression not match)
$HTTP["remoteip"] =~ "IP1|IP2" : Match on the remote IP (perl style regular expression match)

Task: Match on the remote IP

For example block access to http://theos.in/stats/ url if IP address is NOT and (restrict access to these 2 IPs only):

Open /etc/lighttpd/lighttpd.conf file
# vi /etc/lighttpd/lighttpd.conf
Append following configuration directive:

$HTTP["remoteip"] !~ "|" {
    $HTTP["url"] =~ "^/stats/" {
      url.access-deny = ( "" )

Save and restart lighttpd:
# /etc/init.d/lighttpd restart

Task: Block single remote IP

Do not allow IP address to access our site:

$HTTP["remoteip"] == "" {
       url.access-deny = ( "" )

Do not allow IP address, to access our site:
Do not allow IP address to access our site:

$HTTP["remoteip"] =~ "|" {
       url.access-deny = ( "" )

See also

=> Lighttpd deny access to certain files

Linux How to bind Qmail to specific IP address

qmail is a mail transfer agent that runs on Linux and Unixish oses. It is more secure replacement for the popular Sendmail program. Yes, it is possible to bind Qmail to specific IP. Here is what I did. Please note that I am running light weight QMAIL server from xinetd service.

1) Open your /etc/xinetd.d/smtp file and add bind=IP line:

# vi /etc/xinetd.d/smtp
Append/add following line to it:
bind =


  • bind = Qmail IP address to bind.

2) Save file

3) Reload xinetd with any one of the following command:
# /etc/init.d/xinetd reload
/etc/init.d/xinetd restart