I have a win10 machine and after the wannacry thing, I decided to block 445, 135-139 ports and disable samba v1 on it.
But now I need to access files on it from my macbook. How should I proceed?
Do I need to enable samba v2 on win10? Do I have to (must) unblock the ports to samba v2/v3 work?
There is any other way?
Related
I am trying to setup an IPSec tunnel on my virtual machine on Google Compute Engine and it seems all my traffic is blocked. Even though I have open the necessary ports on both the Windows Server 2016 server and Google's Firewall. Question I have is it possible to setup the VPN tunnel on the server it self or should I make use of the Hybrid Connectivity VPN or something else? I have the same setup on a dedicated server but just can't get Main Mode and or Quick Mode functioning at all.
PS I have setup many iPSec tunnels on stand alone server just not on a virtual server using Google Compute Engine.
Thanks in advance for your help on this one.
I was able to set up IPSec VPN server with Debian 10 virtual machine, on Google Compute Engine.
Here's what I did:
While creating virtual machine instance (Debian 10 for example), in "Network interface" window set option "IP forwarding" to "ON";
On "VPC network" page create firewall rule with open ports: "udp: 500, 4500";
Use this script to setup VPN software:
wget https://git.io/vpnsetup -O vpnsetup.sh && sudo sh vpnsetup.sh
It will generate credentials needed for next step. They look like this: "Server IP: ****", "IPsec PSK: ****", "Username: ****", "Password: ****".
For client configuration use credentials generated from above step and IPsec/XAuth protocol while setting vpn connection.
Look here if you encounter problems: https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/docs/clients-xauth.md
Check this guide "IPsec VPN Server Auto Setup Scripts" for more information:
https://github.com/hwdsl2/setup-ipsec-vpn
I am developing simple application with Visual Studio that gets data from remote MySQL server through MySql.Data.dll extension. Everything works fine when I'm in my own network, but when I'm at customer site it won't work. I'm assuming their IT is blocking port 3306. Since this is a big corp with strict rules cooperation with network admin is not an option. I heard about tunneling with SSH, tried to do some research but this time this is something not supported by my remote MySQL server provider. I'm out of ideas. What are my options?
Many thanks,
Paw
You can try the command > telnet <yourDBHost> 3306 to verify if port is blocked.
In that case, if you can't request to your admin to open port, maybe you can change the port of MySQL to another open port in the firewall, using your CPanel or editing config files directly if you can access it.
I would like to mount a local (one I have physical access to) drive on a google compute engine vm.
Any links on how to do it?
Have a look at this. It's written for Ubuntu, since you have not specified what OS you are running locally. You will need to make sure that your machine is running SSH server.
Another thing to keep in mind is local port forwarding. If you are behind a NAT you must specify the IP of your system in the firewall or router in order to accept incoming connections on port 22 (or whatever port you decide on).
If you provide info on your OS type, I can help you further.
I am trying out a "Hello World" exercise for GCE. First, I went with CentOS Image, added the instance, installed Apache, added the Firewall. All looks good as far as configuration is concerned. When I try to access the web page from outside, it cannot reach the page.
The Local Apache Server is running, from the local instance I can do a curl and all is well.
On the other hand, if I try out the same exact steps with the Debian distribution, everything works smoothly.
I saw another post that mentioned about additional firewall settings but I have not tried that out and I am not sure why it should be done either.
Can anyone explain if the CentOS setup does need additional Firewall settings and what those are?
CentOS defaults to a restrictive operating system level firewall (using iptables), while debian defaults to a permissive one. You can relax the firewall rules on CentOS as well. When running on Compute Engine, the service level firewall will only allow connections from the internet via configured ports.
To relax the CentOS firewall:
$ sudo iptables -D INPUT -j REJECT --reject-with icmp-host-prohibited
Then test that your connections work as expected. To save this configuration across system reboots:
$ /sbin/service iptables save
See the IPTables HowTo on the CentOS wiki for more information about working with iptables on CentOS.
You need free the ports in the cloud console.
Watch this video that explain the proccess.
Google Compute Engine Test Drive
I have a windows server 2003, I disabled the firewall with the remote desktop, enable it and I lost the access to my machine (and my sites). I was wondering if there is any backdoor to bypass firewall in situations like this, so if something goes wrong, I could fix it remotely.
In linux for example, there is ssh reverse tunneling which I have enable it and in similar situations I could connect anyway and fix any problem I created.
I don't know how much your firewall is configured, but in case WMI is still working, you can open your local "Services" Management Console, connect to your remote computer, and stop the Windows Firewall Service.
If you install e.g. Teamviewer, you can also connect to because Teamviewer usually creates the firewall rules on it's own.