I have a problem with my ntopng M Entreprise, i want to connect clickhouse remote server so i added
-F="clickhouse;IP#9004;ntopng;default;MyPassword" in a file ntopng config for connect with clickhouse server,
# -d=/var/lib/ntopng
#
# -q|--disable-autologout
# Disable web interface logout for inactivity.
#
# -q=
-F="clickhouse;IP#9004;ntopng;default;MyPassWord"
then when i check connection Clickhouse on interface web i can see Clickhouse was connected but i see in my System ntopng said:
Unable to execute 'cat /var/db/ntopng/tmp/clickhouse/clickhouse-1-alert-83952033.1649775538.sql | /usr/local/bin/clickhouse-client --port 9000 --host "10.0.x.x" --user "default" --password "xxx" -d "ntopng" 2>&1'
and all the flows was save in ntopng server
also port 9000 and 9004 was open on server Clickhouse.
so how can i resolve this problem and how i can make all flow will save in only clickhouse server ?
thanks you
Related
So I just wanted to create some phishing websites to try them out but now whenever I try to create one via ngrok or just start ngrok ./ngrok http 80 and then visit the site it shows me this -
Failed to complete tunnel connection
The connection to https://xxx.xxx.ngrok.io was successfully tunneled to your ngrok client, but the client failed to establish a connection to the local address localhost:80.
Make sure that a web service is running on localhost:80 and that it is a valid address
the error encountered was: dial tcp [::1]:80:Connect:connection refused.
and also google shows a warning to these whenever I visit them
any suggestions?
You should create a local server on port 80 . Use php or python to create a local server .
PHP
~$ php -S localhost:80
Python
~$ python -m http.server 80
After starting the local server open a new terminal session and start ngrok
~$ ./ngrok http 80
You can create a link with ssh also .make sure that you have installed ssh.
~$ php -S localhost:80 | ssh -R 80:localhost:80 ssh.localhost.run
or
~$ python -m localhost:80 | ssh -R 80:localhost:80 ssh.localhost.run
By the way chrome will automatically detect the phishing pages.
So we've accumulated enough applications in our network that use MongoDB to justify building a dedicated server specifically for MongoDB. Unfortunately, I'm pretty new to mongodb (coming from SQL/MySQL derivatives). I have followed several guides on installing and configuring mongodb for my environment. None are perfect, but I think I'm close... I've have managed to get to a point that I can connect to the db server from the local server using the following command:
mongo -u user 127.0.0.1/admin
However, I'm NOT able to connect to the server using this from either the local OR a remote computer using it's network address, IE:
mongo -u user 192.168.24.102/admin
I've tried both with authentication enabled and disabled, and I've tried setting the bindIP to 192.168.24.102 and 0.0.0.0 with no love. Thinking it was a Firewall issue, I disabled the firewall entirely... same. no love...
so what's the secret sauce? how do I connect to a MongoDB server remotely?
Some notes to know: This server is on a local network only. There will be some NAT shenanigans at some point directing public traffic to it from remote application servers, but only specific ports (we will NOT be using 27017 when that happens) and it will sit behind a pretty robust firewall appliance, so I'm not worried about securing the server as I about securing MongoDB itself.
This answer assume a setup where a Linux server is completely remote and has MongoDB already installed.
Steps:
1. Connect to your remote server over SSH.
ssh <userName>#<server-IP-address>
2. Start Mongo shell and add users to MongoDB.
Add the admin;
use admin
db.createUser(
{
user: "AdminSammy",
pwd: "AdminSammy'sSecurePassword",
roles: [
{"userAdminAnyDatabase",
"dbAdminAnyDatabase",
"readWriteAnyDatabase"}
]
}
)
Then add general user/users. Users are added to specific databases.
use some_db
db.createUser({
user: 'userName',
pwd: 'secretPassword',
roles: [{ role: 'readWrite', db:'some_db'}]
})
3. Edit your MongoDB config file, mongod.conf, that is found in etc directory.
sudo vim /etc/mongod.conf
Scroll down to the #security: section and add the following line. Make sure to un-comment the security: line.
security:
authorization: 'enabled'
After authorization has been enabled only those authenticated with password will access the database. In this case these are the ones added in step 2 above.
Note: Visual Studio code can also be used over SSH to edit the mongo.conf file.
4. Add remote server's IP address to mongod.conf file.
Look for the net line and add the IP address of the server that is hosting this MongoDB installation, example 178.45.55.88
# network interfaces
net:
port: 27017
bindIp: 127.0.0.1, 178.45.55.88
5. Open port 27017 on your server instance.
This allows access to your MongoDB server from anywhere in the world to anyone who knows your remote server IP address. This is one reason to have authenticated users. More robust ways of handling security are really important! Consult MongoDB manual for that.
Check firewall status using ufw.
sudo ufw status
If its not active, activate it.
sudo ufw enable
Then,
sudo ufw allow 27017
Important: You also need to allow port 22 for your SSH communication with your remote server. Otherwise you will be locked out from your remote server. Assumption here is that SSH uses port 22 for communication, the default.
sudo ufw allow 22
6. Restart Mongo daemon (mongod)
sudo systemctl restart mongod
7. Connect to remote Mongo server using Mongo shell
You can now connect to the remote MongoDB server using the following command.
mongo -u <user-name> -p <user-password> <remote-server-IP-address>:<mongo-server-port>
You can also connect to the remote MongoDB server with authentication:
mongo -u <user-name> -p <user-password> <remote-server-IP-address>:<mongo-server-port> --authenticationDatabase <auth-db-name>
You can also connect to a specific remote MongoDB database with authentication:
mongo -u <user-name> -p <user-password> <remote-server-IP-address>:<mongo-server-port>/<db-name> --authenticationDatabase <auth-db-name>
At this moment you can read and write within the some_db database from your local computer without ssh.
Important: Put into consideration the standard security measures for any database. Local security practices should guide what to do at any of the above steps.
I'm trying to run the odoo docker container and linking it with my local (not container) postgresql.
I tried this command (as suggest here).
docker container run -p 8089:8069 -e HOST=127.0.0.1 -e USER=tux -e PASSWORD=tux --name odoo -t odoo
Ran it and got these errors :
Database connection failure: could not connect to server: Connection refused
Is the server running on host "localhost" (127.0.0.1) and accepting
TCP/IP connections on port 5432?
could not connect to server: Cannot assign requested address
Is the server running on host "localhost" (::1) and accepting
TCP/IP connections on port 5432?
I tried to open up the port 5432 with ufw but got the same erros. I also tried to change 127.0.0.1 to 0.0.0.0 but nothing.
Could you help me?
ps : the USER and PASSWORD are corrects, I use them when I run odoo instance in my local.
you might need to add the host network with a flag --network=host
WARNING: Published ports are discarded when using host network mode
that just means you cannot change the port bindings. thats as secure as your machine is.
I have been trying to monitor a remote server using Nagios-Nrpe.
The remote host is the Amazon Ec2 instance where I have installed npre daemon on xinetd.
I have added my nagios server IP to "only-from" property in /etc/xinet.d/nrpe file.
I have added the entry in /etc/services.
I have made changes in iptables also.
I have added an entry for TCP port 5666 in my security group too.
These commands work properly:
$ netstat -at | grep nrpe
$usr/local/nagios/libexec/check_nrpe -H localhost
I have setup the nagios server and nrpe_check plugin on my local machine.
But whenever I am doing:
/usr/local/nagios/libexec/check_nrpe -H <"amazon-ec2-IP-address">
I get the following error:
connect to address <"amazon-ec2-IP-address"> port 5666: Connection refused ......
connect to host <"amazon-ec2-IP-address"> port 5666: Connection refused
I have tried making the nrpe client on another linux on my LAN and the command worked, but not for Amazon Ec2.
If anyone has the solution for this issue, please do share ASAP.
Make sure you have,
Opened up port 5666 in the Security Group linked to the EC2-instance.
I'm having an issue with PostgreSQL
anytime I run
psql -h localhost
I get
psql: could not connect to server: Connection refused
Is the server running on host "localhost" (127.0.0.1) and accepting
TCP/IP connections on port 5432?
A. First make sure PostgreSQL server has been started to remote server.
# /etc/init.d/postgresql start
If it is running and you get above error, you need to add enable TCP/IP support. By default, the PostgreSQL server only allows connections to the database from the local machine or localhost. This is a security feature.
Step # 1: Allow remote IP address to access PostgreSQL
You need to open file called /var/lib/pgsql/data/pg_hba.conf. Login as postgres user using su command:
$ su - postgres
$ vi /var/lib/pgsql/data/pg_hba.conf
Now append following line. Let us say you would like to give access to 192.168.1.0/24 network:
host all all 192.168.1.0 255.255.255.0 trust
Please replace 192.168.1.0 and 255.255.255.0 to reflect the actual network IP address range of the clients system in your own network.
Save close the file.
Step # 2: Allow communication over TCP/IP
You need to open PostgreSQL configuration file /var/lib/pgsql/data/postgresql.conf
$ vi /var/lib/pgsql/data/postgresql.conf
Now bind and open TCP/IP port by setting tcpip_socket to true:
tcpip_socket = true
Save and close the file.
Step # 3: Restart PostgreSQL server
Restart the PostgreSQL server with the following command
# /etc/init.d/postgresql restart
This will open default port 5432.
Step # 4: Test your setup
Use psql command from client system as follows:
psql -h PostgreSQL-IP-ADDRESS -U USERNAME -d DATABASENAME
Connect to remote server by IP address 192.168.1.5 and login using vivek user to connect to sales database, use:
$ psql -h 192.168.1.5 -U vivek -d sales
Where,
-h 192.168.1.5 : Specifies the host name of the machine or IP address (192.168.1.5) on which the server is running.
-U vivek : Connect to the database as the vivek username instead of the default. You must have account and permission to connect as vivek user.
-d sales : Specifies the name of the database (sales) to connect to.
For anyone reading this and using Postgres.app, you may need host: localhost in your database.yml. http://postgresapp.com/documentation#toc_3