networking – Why my RUST game server is doing DoS outgoing to clients?

I make a Rust Server using LinuxGSM, following the guide.

Starting from a new server (provider: IONOS) I followed the steps to install (LinuxGSM) on server and then just started the server ./rustserver start. It was working well, and eventually (5hrs server up) my server got blocked from my provider because of ‘DoS Outgoing Attack’.

I would like to know what I’m doing wrong, and how to fix it :/.

Thanks

networking – Can’t connect to Windows 10 thru SSH or Netcat from Linux

I have installed ‘OpenSSH SSH Server’ on Windows 10 machine, and I’m trying to connect from Kali Linux machine but I always get “ssh: connect to host 192.168.1.181 port 22: Connection timed out”

Same thing with netcat. I go on Windows 10: ncat -nlvp 2900 and on
Kali: nc 192.168.1.181 2900 and after 3-4min I get: “(UNKNOWN) (192.168.1.181) 2900 (?) : Connection timed out”
I have no problem connecting from WIN10 to Kali whatsoever.
I’ve had a success connecting to windows10 from Kali thru Ngrok, but now that doesn’t work either.
I’ve been fighting with this for days now, I run out of ideas…
What else I can do, how to make this connection work?

networking – It is possible to connect a device to a router using WDS Bridging via lan cable , and get internet through it?

First of all, sorry but im kind of a noob in networking and i dont know the offical terminology, that being said, let me explain you my issue:
I have a router in a room, which delivers internet through ethernet cables and wifi to various pc’s, i also have an old router which im using as a wifi extender via wds bridging, because i dont have space to put another eth cable, however i have a device which cannot connect to the network via wifi, and needs to use an ethernet cable.
Now here comes the question, is it possible to connect the device to the old router via an eth cable and connect to internet through it?

networking – How do I simulate a windows domain for windows OS’s for testing

A while back I was making tutorials which required taking a screen dump of specific windows dialog boxes. In order to get to those dialog boxes I had to setup a separate windows active directory server, then switch the windows client from a workgroup to the newly created domain. The windows controls would then un-gray, allowing me to click them and open the relevant dialog boxes.

While this worked, it was very time consuming and tedious so I am wondering if there is a way to either:

A: spoof the domain server (but not making a separate OS or VM)

B: spoof windows into being connected to a domain which has no domain server.

The latter might be possible, because I noticed that when I shut down the server, the client was still on a domain, it just could not log onto the user profile that was on the server and instead logged onto its local profile under a different user account.

This got me thinking that surely there must be some registry entry somewhere which for example gets flipped from two settings, those being 0 for workgroup and 1 for domain. There should also be a string value in regedit for defining the domain name too, since in system properties you have to manually type the domain name and then windows will check if it matches a valid domain name on the network, in my case, the domain name of the server.

Maybe there is a tool for this instead of a registry modification but it would be cooler to be able to do it natively in windows, without 3rd party tools.

Thanks.

networking – Azure Service Bus TimedOut exception when running within K8S instance but not in docker on node host

I’m getting a “ServiceBusCommunicationException” reason “Connection timed out ErrorCode: TimedOut” with an Inner Exception of “SocketException” reason “Connection timed out” when running a .net core 3.1 application in a docker container running in K8S.

K8S is running on Ubuntu 20.04 LTS

When I run the container directly on the host of the node itself (i.e. not in K8S) the connection is fine and it processes messages ok but in K8S I get the above error. There is no firewall running on the host. The containers are based on the mcr.microsoft.com/dotnet/runtime:3.1-buster-slim image. There is nothing else added to this or any other tweaks made.

This suggests a K8S issue, possibly networking, with the AQMP port itself.

K8S reports no network policies in place.

As part of the same container I have a chron job that runs that makes an http GET to the google URL. This continually reports OK (200).

Therefore (at least for HTTP) the pods are communicating with the internet fine.

If I change the authentication credentials to something “bad” I get an unauthorised error … so it does appear to be routing ok for authorisation but not when actually connecting to do some work.

I’m not sure where to go with this. Any advice?

networking – Active-Active HA for mutil ethernet Docker host?

I have a host docker container running debian 10. On this host, I have some containers like mysql, nginx with same user brigde network (docker01-192.168.3.0/24)…
The host that had 2 interface eth1 (192.168.1.10/24, gateway: 192.168.1.1) and eth2 (192.168.2.10/24, gateway: 192.168.2.1), eth1 have lower route metric (default gateway)
Curently, I can access container publised ports by eth1, and I only can access them by eth2 when eth1 down.
Now I want to access by both eth1 and eth2 in same time (active-active HA).

I done source route based routing on host:

Creat routing table

echo “101 eth1” >> /etc/iproute2/rt_tables
echo “102 eth2” >> /etc/iproute2/rt_tables

Add rule:

ip rule add from 192.168.1.0/24 lookup table 101
ip route add default via 192.168.1.1 table 101
ip rule add from 192.168.2.0/24 lookup table 102
ip route add default via 192.168.2.1 table 102

After that, I can ssh to host by both ip IP of eth1 and eth2 in same time, but I still can’t access container by the secondary host’s IP
Otherthing, from inside containers, I can’t reach IP in subnet 192.168.1.0/24 and 192.168.2.0/24 anymore, other subnet still reachable

Please help me resolve this case?

Thank you very much!

networking – What DNS records are required to configure web hosting for a subdomain?

I’ve browsed several questions about DNS setup for subdomains and not quite found an answer, so I’m hoping you can assist.

Our domain name (100storybuilding.org.au) is registered with one provider (NetRegistry), and our main web site is now hosted by SquareSpace (configured using a CNAME record). We need to set up a separate, simple web hosting service with another provider using a subdomain (trapdoor.100storybuilding.org.au).

I was originally advised that we could use their nameservers, and so created NS records for the subdomain with our registrar using the zone management tool available through their control panel. This didn’t work, though. Speaking to the hosting provider, I was advised to add an A name record for the subdomain pointing to a specific IP address for the new site, which I’ve also done. But throughout this process the subdomain has not resolved; I get a failure when using nslookup, as though it’s not recognised anywhere.

Currently we have both the A and NS records for the subdomain on our registrar, and I suspect we should only have one or the other; is that the case? I’m rusty with DNS and didn’t think this would be complicated, but if anyone can advise what records should be sufficient to for setting this up, I’d appreciate it.

networking – ncat script to test source IP addresses with UDP load balancer

I have two Ubuntu Virtual Machines behind an Azure Load Balancer. I’m observing some inconsistencies with the source IP addresses set in outgoing UDP packets from the VM’s. I’m trying to come up with a simple ncat command or script that I can run on the VM’s to test the source IP’s.

My idea is to create a circular path (note the Load Balancer is transparent as far as the scripts and test go):

client -> LB -> VM1 -> VM2 -> LB -> client

What I can’t workout is how to pass the command through VM1 to VM2 to get it to execute a connection back to the client.

I’m thinking it needs to be the same command on VM1 and VM2:

ncat --sh-exec "/bin/bash" -k -u -l 1235

And the client connects to VM1 and sends it a command which gets through to VM2 and cause it to execute an ncat connection back to the client:

ncat -u 10.0.0.4 1235
echo "ncat -u $NCAT_REMOTE_ADDR $NCAT_REMOTE_PORT" | ncat -u 10.0.0.7 1235
```

The connection makes it to VM2 but not back to the client.

networking – Palo Alto virtual Wire and Spanning Tree

I have a problem with my configuration on my palo alto firewall and cisco switches.

My target: Assign a public IP to a VM behind the Palo Alto Firewall.

My idea: Add a second uplink to the ISP-Router and create a virtual Wire at the palo alto with the target: VLAN 10 (see sketch)

My Problem: After I made the configuration change, the ISP-Router (Cisco) disable the Uplink Port for the virtual Wire. A loop was detectet:

%SPANTREE-2-BLOCK_BPDUGUARD: Received BPDU on port GigabitEthernet1/0/35 with BPDU Guard enabled. Disabling port.

%PM-4-ERR_DISABLE: bpduguard error detected on Gi1/0/35, putting Gi1/0/35 in err-disable state

My infrastructure: I am using Palo Alto VMs hosted on ESX-Hosts. The Palo Altos are in a active/passive cluster.

Cisco spanning-tree configuration:
spanning-tree mode rapid-pvst

spanning-tree portfast default

spanning-tree portfast bpduguard default

spanning-tree extend system-id

sorry for my bad sketch and thanks for help to find the best solution!enter image description here

networking – How to forward portsbon a USB tethered connection?

I’m using a USB tethered connection from my phone to my PC, I’d like to know if there’s any way I can forward ports through this tethered connection, so that I’m able to play games that uses peer-to-peer. Keep in mind I have android v7.x.x and Windows 7.