Search found 228 matches

by sawbuck
23 Apr 2019, 17:36
Forum: General Discussion (csf)
Topic: Log scanner report
Replies: 2
Views: 2518

Re: Log scanner report

In the CSF configuration under Log Scanner you can disable it
by sawbuck
20 Apr 2019, 19:47
Forum: General Discussion (csf)
Topic: CSF/LFD blocking Authorize.net Relay URL
Replies: 4
Views: 3321

Re: CSF/LFD blocking Authorize.net Relay URL

Try whitelisting the IPs shown here:

https://support.authorize.net/s/article ... -Addresses

Other possibility is to confirm with authorize.net if any specific ports need to be opened.
by sawbuck
26 Mar 2019, 23:17
Forum: General Discussion (csf)
Topic: chkproc: Warning: Possible LKM Trojan installed
Replies: 3
Views: 5089

Re: chkproc: Warning: Possible LKM Trojan installed

Check the FAQ for some additional info: http://chkrootkit.org/faq/

Both rkhunter and chkrootkit are prone to false positives.

Running either or both on a known good system would you give you a baseline.

False positive files and directories can be ignored but not generally considered good practice.
by sawbuck
26 Mar 2019, 21:18
Forum: General Discussion (csf)
Topic: chkproc: Warning: Possible LKM Trojan installed
Replies: 3
Views: 5089

Re: chkproc: Warning: Possible LKM Trojan installed

Those look to be false positives from the chkrootkit script.
by sawbuck
30 Jan 2019, 17:21
Forum: MailScanner Front-End
Topic: Problem with filename.rules.conf
Replies: 3
Views: 4203

Re: Problem with filename.rules.conf

Are the entries in filename.rules.conf separated by "tabs" and not just spaces?

Did you reload MS after making rule changes?
by sawbuck
18 Jan 2019, 18:35
Forum: General Discussion (csf)
Topic: How to allow port only from 1 ip address ?
Replies: 2
Views: 2664

Re: How to allow port only from 1 ip address ?

Generally if it is one IP (or IPs) to a specific port we remove that port from csf.conf. That assumes it is not required for broader access - like port 25. The guide you mention along with the readme.txt for CSF (https://download.configserver.com/csf/readme.txt) section 10 should provide enough info...
by sawbuck
19 Nov 2018, 23:50
Forum: General Discussion (csf)
Topic: only allow 1 ip address to access ssh
Replies: 3
Views: 3056

Re: only allow 1 ip address to access ssh

10. Advanced Allow/Deny Filters ############################### In /etc/csf/csf.allow and /etc/csf/csf.deny you can add more complex port and ip filters using the following format (you must specify a port AND an IP address): tcp/udp|in/out|s/d=port|s/d=ip|u=uid Broken down: tcp/udp : EITHER tcp OR u...