Jump to content

luowilliam

Members
  • Content Count

    11
  • Joined

  • Last visited

Community Reputation

1 Neutral

About luowilliam

  • Rank
    Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. luowilliam

    ISP says my IP is sending out spam

    Thank you for the explanation. Here's what I got from the grep command: grep: /boot/config/passwd: No such file or directory /etc/passwd:_kadmin_admin:*:218:-2:Kerberos Admin Service:/var/empty:/usr/bin/false /etc/passwd:_kadmin_changepw:*:219:-2:Kerberos Change Password Service:/var/empty:/usr/bin/false /etc/passwd:_krb_kadmin:*:231:-2:Open Directory Kerberos Admin Service:/var/empty:/usr/bin/false grep: /boot/config/shadow: No such file or directory grep: /etc/shadow: No such file or directory Doesn't look good I guess right? So the next question is how would I restart from scratch and minimize the amount of work I have to do in the configuration? Thanks.
  2. So I have a VM setup and everything is working except that in the VM setting, it won't let me change network bridge mode to bridge. I've already enabled allow bridging in network configuration for the server. Thanks
  3. luowilliam

    ISP says my IP is sending out spam

    Sorry, can you provide a little more explanation for this? Like how is it there's an adm account left there for default and the commands you provided. When I typed those in it says there is no such file or direcotry.
  4. luowilliam

    ISP says my IP is sending out spam

    So I have closed SSH port 22 on my router. Seems like the spamming stopped but do I need to worry about the box been compromised any other way? Also, If I would like to get Plex working over internet. What's the proper and secure way of doing that? Thanks for all the help.
  5. luowilliam

    ISP says my IP is sending out spam

    Interesting, how did you see those connections? I guess it is kinda facing the internet because of the forwarded port for transmission and plex and SSH. How would I find out where the spam bot is and get rid of it?
  6. luowilliam

    ISP says my IP is sending out spam

    Attached is my diagnostics. I used netstat to look at all the established connection can't see anything weird. Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:1967 0.0.0.0:* LISTEN 8608/Plex DLNA Serv tcp 0 0 0.0.0.0:sunrpc 0.0.0.0:* LISTEN 1562/rpcbind tcp 0 0 0.0.0.0:32400 0.0.0.0:* LISTEN 8503/./Plex Media S tcp 0 0 0.0.0.0:http 0.0.0.0:* LISTEN 4822/nginx: master tcp 0 0 NAS1:32401 0.0.0.0:* LISTEN 8503/./Plex Media S tcp 0 0 0.0.0.0:41361 0.0.0.0:* LISTEN 1567/rpc.statd tcp 0 0 0.0.0.0:32469 0.0.0.0:* LISTEN 8608/Plex DLNA Serv tcp 0 0 192.168.122.1:domain 0.0.0.0:* LISTEN 7000/dnsmasq tcp 0 0 0.0.0.0:ftp 0.0.0.0:* LISTEN 4726/inetd tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN 4688/sshd tcp 0 0 0.0.0.0:telnet 0.0.0.0:* LISTEN 4726/inetd tcp 0 0 NAS1:32600 0.0.0.0:* LISTEN 8610/Plex Tuner Ser tcp 0 0 NAS1:34009 0.0.0.0:* LISTEN 8543/Plex Plug-in [ tcp 0 0 NAS1:41339 0.0.0.0:* LISTEN 8669/Plex Plug-in [ tcp 0 0 NAS1:16509 0.0.0.0:* LISTEN 6533/libvirtd tcp 0 0 0.0.0.0:microsoft-ds 0.0.0.0:* LISTEN 1632/smbd tcp 0 0 0.0.0.0:6789 0.0.0.0:* LISTEN 7309/nzbget tcp 0 0 0.0.0.0:netbios-ssn 0.0.0.0:* LISTEN 1632/smbd tcp 0 101 192.168.1.100:34378 news.iad.usenetser:8080 ESTABLISHED 7309/nzbget tcp 0 0 192.168.1.100:42758 news.iad.usenetser:8080 ESTABLISHED 7309/nzbget tcp 0 101 192.168.1.100:42778 news.iad.usenetser:8080 ESTABLISHED 7309/nzbget tcp 0 85 192.168.1.100:34342 news.iad.usenetser:8080 ESTABLISHED 7309/nzbget tcp 0 0 192.168.1.100:42802 news.iad.usenetser:8080 ESTABLISHED 7309/nzbget tcp 0 0 192.168.1.100:42798 news.iad.usenetser:8080 ESTABLISHED 7309/nzbget tcp 0 0 192.168.1.100:6789 172.17.0.3:42748 TIME_WAIT - tcp 0 0 192.168.1.100:34334 news.iad.usenetser:8080 ESTABLISHED 7309/nzbget tcp 1 0 192.168.1.100:56608 ec2-52-208-155-135:http CLOSE_WAIT 8608/Plex DLNA Serv tcp 0 0 192.168.1.100:42770 news.iad.usenetser:8080 ESTABLISHED 7309/nzbget tcp 0 0 192.168.1.100:42774 news.iad.usenetser:8080 ESTABLISHED 7309/nzbget tcp 0 0 192.168.1.100:6789 172.17.0.3:42756 TIME_WAIT - tcp 0 0 192.168.1.100:34322 news.iad.usenetser:8080 ESTABLISHED 7309/nzbget tcp 0 0 192.168.1.100:http 192.168.1.76:59168 ESTABLISHED 4823/nginx: worker tcp 0 0 192.168.1.100:ssh customer.worldstre:2494 ESTABLISHED 4871/sshd: adm [pri tcp 0 0 192.168.1.100:6789 172.17.0.4:33332 TIME_WAIT - tcp 0 0 192.168.1.100:6789 172.17.0.3:42760 TIME_WAIT - tcp 0 320 192.168.1.100:ssh 192.168.1.90:64131 ESTABLISHED 23142/sshd: root@pt tcp 0 0 192.168.1.100:34346 news.iad.usenetser:8080 ESTABLISHED 7309/nzbget tcp 0 0 192.168.1.100:6789 172.17.0.3:42750 TIME_WAIT - tcp 0 0 192.168.1.100:34360 news.iad.usenetser:8080 ESTABLISHED 7309/nzbget tcp 0 101 192.168.1.100:42754 news.iad.usenetser:8080 ESTABLISHED 7309/nzbget tcp 0 0 192.168.1.100:6789 192.168.1.76:59421 ESTABLISHED 7309/nzbget tcp 1 0 NAS1:57568 NAS1:34009 CLOSE_WAIT 8608/Plex DLNA Serv tcp 0 0 192.168.1.100:6789 172.17.0.3:42746 TIME_WAIT - tcp 0 0 192.168.1.100:34318 news.iad.usenetser:8080 ESTABLISHED 7309/nzbget tcp 0 0 192.168.1.100:6789 192.168.1.76:59420 ESTABLISHED 7309/nzbget tcp 0 0 192.168.1.100:6789 172.17.0.4:33330 TIME_WAIT - tcp 0 0 192.168.1.100:http 192.168.1.76:59606 ESTABLISHED 4823/nginx: worker tcp 0 0 192.168.1.100:6789 192.168.1.76:59396 TIME_WAIT - tcp 0 0 192.168.1.100:6789 192.168.1.76:59423 ESTABLISHED 7309/nzbget tcp 64 0 192.168.1.100:42750 news.iad.usenetser:8080 ESTABLISHED 7309/nzbget tcp 0 0 192.168.1.100:44246 184.105.148.98:https ESTABLISHED 8503/./Plex Media S tcp 0 0 192.168.1.100:42782 news.iad.usenetser:8080 ESTABLISHED 7309/nzbget tcp 0 0 192.168.1.100:6789 192.168.1.76:59397 TIME_WAIT - tcp 0 101 192.168.1.100:34362 news.iad.usenetser:8080 ESTABLISHED 7309/nzbget tcp 0 0 192.168.1.100:6789 192.168.1.76:59422 ESTABLISHED 7309/nzbget tcp 0 0 192.168.1.100:6789 172.17.0.4:33328 TIME_WAIT - tcp 0 0 192.168.1.100:34370 news.iad.usenetser:8080 ESTABLISHED 7309/nzbget tcp 0 0 192.168.1.100:34366 news.iad.usenetser:8080 ESTABLISHED 7309/nzbget tcp 0 0 192.168.1.100:34338 news.iad.usenetser:8080 ESTABLISHED 7309/nzbget tcp 0 0 192.168.1.100:6789 172.17.0.3:42758 TIME_WAIT - tcp 0 0 192.168.1.100:http 192.168.1.76:58751 ESTABLISHED 4823/nginx: worker tcp6 0 0 [::]:sunrpc [::]:* LISTEN 1562/rpcbind tcp6 0 0 [::]:http [::]:* LISTEN 4822/nginx: master tcp6 0 0 [::]:51413 [::]:* LISTEN 8156/docker-proxy tcp6 0 0 [::]:ssh [::]:* LISTEN 4688/sshd tcp6 0 0 [::]:60599 [::]:* LISTEN 1567/rpc.statd tcp6 0 0 [::]:8989 [::]:* LISTEN 7817/docker-proxy tcp6 0 0 [::]:9117 [::]:* LISTEN 6561/docker-proxy tcp6 0 0 [::]:microsoft-ds [::]:* LISTEN 1632/smbd tcp6 0 0 [::]:9091 [::]:* LISTEN 8169/docker-proxy tcp6 0 0 [::]:7878 [::]:* LISTEN 7459/docker-proxy tcp6 0 0 [::]:netbios-ssn [::]:* LISTEN 1632/smbd tcp6 0 0 192.168.1.100:9091 172.17.0.4:55036 TIME_WAIT - nas1-diagnostics-20181102-2314.zip
  7. luowilliam

    ISP says my IP is sending out spam

    I will have to look at the machine for detail. What I remember now is the Transmission and Plex media server.
  8. luowilliam

    ISP says my IP is sending out spam

    Sorry what do you mean by rules? Other then forwarding ports for torrents in Transmission there's nothing particular I put in. I will upload the diagnostic zip tonight. Thanks.
  9. luowilliam

    ISP says my IP is sending out spam

    My ISP called/emailed me and said my IP is used for sending out tons of spams. I scanned all my computers except for the unraid box. ISP still reporting spams. Last night, I shut down my unraid box and today ISP said they haven't seen any spam since. What can I do at this point to pin point what happened on the unraid box? Any help is welcome. Thanks in advance. William
  10. luowilliam

    App/Plugin for backing up/Sync external hard drive

    Wow that was really detailed response. I’m new to linux command line and scripting. It looks like rsync is the executable used to do the copying? It has ability to recognize new and changed files and only copy those? thanks again I will definitely have to try this out. William
  11. I have searched around google as well as on the forum for other people's solution on this but couldn't find anything good. Basically what i'm trying to do is that I have a few USB external hard drives I take with me for work. I would like them to be backed up or synced to be more precise (the external drive being the master copy). Right now I'm doing this by every once in a while plug them into my home computer and Acronis it and store it on the unRaid NAS. There are 2 flaws in this system: 1. I have to manually use another computer to Acronis it, taking up resource on that computer. 2. The backup is in the *tib file format, in order to view the content, I need to have a windows computer with Acronis installed to view. I'm hoping to find a solution that would be natively installed on unraid server, where I can just plug in my USB drive to the unraid server, it would copy all the files that are different then what's in the backup already in plain files (not *tib). On the mac, there's this app called carbon copy cloner, but I couldn't find anything similar for unraid. Any help is appreciated. Thanks! William