nmap is showing a port as closed. I have the firewall stopped on both hosts.It shows as closed on localhost as well.The process that's listening to that port is not started from xinetd so i doubt hosts.allow/deny is the issue.I can't help but feel that I'm forgetting some other access control mechanism.Both hosts are RHEl5.4
View 3 RepliesI'm encountering a strange problem. I need to open and forward all UDP and TCP ports related to VoIPtelephony (5000:32000) in the Suse 11.1 server that's acting as router/firewall in our setup. The ports must redirect to a Asterisk server in the local network. (This server has the IP adress 192.168.0.3)I've opened ports in Yast (Firewall>Ports>Advanced) and putted in some masquerading rulesirewall>Masquerading):0/0,192.168.0.3,tcp,5000:31000,5000:310000/0,192.168.0.3,udp,5000:31000,5000:31000when I do a nmap localhost I get:Starting Nmap 4.75 at 2010-01-08 16:52 CETInteresting ports on localhost (127.0.0.1):
Not shown: 991 closed ports
PORT STATE SERVICE
21/tcp open ftp
[code]....
My computer is DMZ'ed ports forwarded and stuff, and still this port shows as closed on nmap.
View 2 Replies View RelatedI am only getting 4.7kb/s, dispite there being 31 or so Seeders. The port is just opening and closing it seems, I have no idea why though.The port was opened both with firestarter (which isn't supposed to be firewalling ATM) and "sudo iptables -A INPUT -p tcp --dport 6884 -j ACCEPT".It was also opened under the 'Application Sharing' menu of my router.
View 6 Replies View RelatedWhat are the security implications of closed ports?
View 5 Replies View RelatedI want to open port 2700 on my firewall but I don't know how I try with Code:iptables -A INPUT -i eth0 -p tcp --sport 2700 -m state --state ESTABLISHED -j ACCEPT But the port is not open I see the firewall configuration with the command setup . I use CentOS 5.3 here a screen of my configuration :http://upbg.net/out.php/i3537_sshot3.pngCurrently my firewall is off because I don't know how to turn on 2700 when the port is open I will turn on firewall .If I write 2700 in other ports field will 2700 be open ? Before 1 month I try but the port was not open . I have only 1 last question will firewall reduce the load of the my server now mysql use many CPU % and I just don't know why
View 14 Replies View RelatedI've had this problem for ages and decided to try to tackle it. It occasionally also occurs on my laptop but only intermittently. The video on the second screen seems to go haywire. On boot, it doesn't display the background image. It only will display a fading black and gray picture. Then anything that is put on the screen is captured like a screen shot on the background. It is just hard to know if things were closed
View 1 Replies View RelatedIf I forward port 80 to port 3128 for squid with an iptable rule, does port 3128 have to be open on the firewall or is this all routed behind the firewall?
View 4 Replies View RelatedI want to open the port 18680 on my remote Fedora 14 machine. I didsudo iptables -I INPUT -p tcp --dport 18680 -m state --state NEW,ESTABLISHED -j ACCEPTsudo iptables -I OUTPUT -p tcp --sport 18680 -m state --state ESTABLISHED -j ACCEPTsudo service iptables saveThe status returned is OK.I have also opened the port on my security group on Amazon. Also, I rebooted the machine.When I use the browser to view the application running at port 18680 the browser cannot connect.
View 1 Replies View RelatedGot 3 computers connected by ethernet to a router modem. At this router modem only port 80 is forwarded to a web server (one of the 3 computers). Now I realized several times a port scanning attack displayed at interactive firewall of Webserver ( Apache at Mandriva LINUX ). Actually the message is port scanning attempt of heanet (actually this names are different mostly). I wonder how to figure out is this portscanning attack possible through port 80 or is the modemrouter (Draytek VIGOR) misconfigured, compromised or one of the other 2 machines (Windows) are compromised and attacking the server inside intranet?
View 2 Replies View RelatedI have just set up shorewall on my router running Arch Linux. The external network is on eth0 and the internal network on eth1.I have set it up for masquerading and that works fine and I can open ports to the firewall. But I'm having trouble with port forwarding to my internal machines.The problem I have is that when port 22350 is forwarded to 192.168.1.3 on my local network, checking the port with nmap from a remote computer gives me:
Code:
PORT STATE SERVICE
22350/tcp closed unknown
[code]....
Wow, don't know why I seem to have so much trouble with this ftp stuff. I have so start all over a few times, reinstalling Lucid Lynx destop all over, and adding the needed files to make it a server. I am just trying to do something simple for now- just having a localhost server environment to develop my joomla website, and later on host it from my server 'out there' (I already have a domain name and dynDNS service with nameservers etc. but don't want to do that yet, as I have in the past with my router forwarding port 80, and actually got hacked! so I don't want to do that again until I learn more about security) My problem right now is that I can't even get the localhost ftp to 'connect to the server'. i know the host name (localhost) and username/password that I set when I set up Lucid Lynx, and I'm sure that is what I use for the ftp usernamepassword, host etc. And I put port 21 for the port. I see from 'Shields Up' that my port 21 is closed. So I followed advice on a thread and entered a few commands in the terminal to ad iptables etc. But still, port 21 is closed and I can't install components with the Joomla installer in admin's backend. And I can't use fireftp to even change permissions in my local folders. What do i do next, open port 21 somehow? I saw a terminal command about opening port 21 that was simple but I forget it.
View 2 Replies View RelatedI am writing a program to read and write to devices over my serial port. My program will need to connect to up to four other machines at once. I can connect to machines successfully, it works well. However, after I connect and disconnect once, attempting to connect again will cause the FIRST serial connection will fail and all the ones after it will pass.
e.g.
Code:
fd[0]=connect("/dev/ttyS0");
fd[1]=connect("/dev/ttyS1");
fd[2]=connect("/dev/ttyS2");
fd[3]=connect("/dev/ttyS3");
code....
That works as long as it is executed only once in the program. The second time it is executed, fd[0] will die and fd[1-3] will work normally.I can't figure out why this happens, but I found a workaround by connecting to "/dev/null" before any real serial ports.What should I do?
I had an install of 8.04 running Tomcat 6 on port 80. I did a marathon upgrade session to 8.10, then 9.04, then 9.10, and finally to 10.04. My website no longer loads (from Internet, LAN, or local), and a port scan shows port 80 is not open. I have removed and reinstalled Tomcat 6, to no avail.
Could it be that the 10.04 upgrade saw an existing Desktop install and locked this port down? The /etc/Tomcat6/server.xml shows it is using port 80, so that much appears to be correctly configured. Before this would give me the ROOT webapp. Anything else I can check? Does this sound like a Tomcat problem or something Ubuntu is doing?
As a side note, I have installed the Tomcat 6 Docs and Manager apps as well. These also worked before the upgrades, and do not now.
I have a java application that I wrote recently. It runs off port 9955. The application runs great on my mac server. When I installed it on my linux box i cant get to it from outside the box. A port scan shows the port as closed. I flushed my iptables, did not help. I can telnet into the app locally, from the server and it works great. I cannot telnet from outside the server. I have a reference to the application in /etc/services as a tcp port (which it is).
netstat shows it as listening
netstat --listen
tcp6 0 0 [::]: SimpleSocketTest [::]:* LISTEN
netstat -anp | grep 9955
tcp6 0 0 ::: 9955 :::* LISTEN 1484/java
I am currently having an issue attempting to set up a dedicated server for source games (TF2, CS:S, L4D2). The required port (27015), along with most others, appears closed to the rest of the world and upon a port scan with DMZ hosting on (therefore no router interference between the internet and my computer) only a few ports are open (80, 139, 443, 445). My ISP does not block ports so therefore the only issue I can find is with my computer running Ubuntu 11.04. I have ensured that all traffic is allowed via iptables and I can't think of anything else that would have ports closed.
View 9 Replies View RelatedI have the following problem: syslog is constantly writing to disk, because the kernel spams these messages
Code:
Apr 4 14:14:56 aspire kernel: [138498.252610] display port opened
Apr 4 14:14:56 aspire kernel: [138498.299755] display port closed
Apr 4 14:14:57 aspire kernel: [138499.328206] display port opened
Apr 4 14:14:57 aspire kernel: [138499.371835] display port closed
Apr 4 14:14:58 aspire kernel: [138500.452671] display port opened
[Code]...
i have to deal with reverse proxy issue and want to access few LAN devices having port 5900 and 9999, what exact steps i have to follow to allow this port in fedora firewall.
View 3 Replies View RelatedI have a problem sending of file attachment using Instant Messengeri have a firewall using firestarter, if i used outside firewall they can able to recieve my file in instant meesenger but if i used firestarter it always cancelled my sending of file attachment....
View 3 Replies View RelatedI just installed Mandriva 2010 and set up the interactive firewall via the MLCC. I set it up not to allow any services to connect (didn't check any boxes). However, when I check my system using a port scanner (shields up at www.grc.com) it says that port 23 is open. Does anyone know why this would be and how I can close it When I look at the daemons running I notice that iptables and ip6tables are 'stopped' although shorewall is running - is this correct? I (perhaps wrongly) thought that iptables needed to be running in order for the firewall to work properly.
View 2 Replies View RelatedI have setup sshd_config for port 3210! I have difficult setup the iptables firewall to allow ssh on port 3210! i always enter this:
iptables -A INPUT -p tcp --dport 3210 -j ACCEPT
iptables -A OUTPUT -p tcp --sport 3210 -j ACCEPT
but after i restart ssh, the system do not allow port 3210... why? do i forget something?
Jst to tryout ufw I tried to close port 80 on my pc. I'm using Ubunutu 9.04. I sudo ufw enable sudo ufw deny 80. But nmap localhost shows port 80 open why? How can I close it? I will need to control some ports on my next server.
View 2 Replies View Relatedhad some problems with setting up Linux on my virtual machine as I cannot connect with putty (connection gets refused) to it but now I guess I figured my problem out, just not the way how to solve it .If I do netstat -nap | grep :22 I get the following output:[[ see attachment ]]
Shouldn`t there be some kind of LAN IP instead of 0.0.0.0?Does anyone have a possible solution for that? Checked iptables and such, they are not causing it.
I have properly configured my router to open a port for Transmission and Vuze. The OpenSuSE firewall settings are somewhat confusing, however. How do I add a port specifically for the BT protocol? I know it's the firewall causing issues, because when I shut it down, my BT apps roar to life, and die with a whimper when I turn it back on. In Ubuntu, opening a port in the router is automatically configured in the firewall; that is apparently not the case with this distro.
So, when I go to Yast Firewall, I see "allowed services" under the tabs available. When I hit that tab, I see a dropdown menu that contains services such as NetBios Server and Samba Server. Am I choosing one of those available and adding a port to it? Am I adding a custom service via the Advanced settings, and if so, why isn't there a way to label the service so that it shows up under allowed services?
I used to have Opensuse 11.0 and Vuze 4.0.2 and both were working great. Recently I upgraded to OpenSuse 11.3 and installed Vuze 4.5.10. I did not change any configuration in the ADSL router but now I could not get the smiley icon to go green. I followed all the steps given here: A Quick Bittorrent Guide (with screenshots). It doesn't work. so I modified FW_ROUTE and FW_MASQUERADE to yes in /etc/sysconfig/SuSefirewall2. That also does not work. What did I miss here? My ADSL router is DSL-2640T.
View 3 Replies View RelatedIs there a firewall I can install that will only let certain MAC addresses through on a certain port?
View 2 Replies View RelatedI can't port forward to ftp behind my firewall, I tried several attempts but none worked.
Can anyone help me solve this?
I am trying to make a vnc connection from pc #2 to pc #1. Pc #1 is a debian pc behind a zyxel router (P-2602HW-D1A). Pc #2 is a windows xp pc another place at the internet.I have configured the zyxel router to forward incomming trafic on port 5902 to the local ip-adress of the debian box. The debian box is running a vnc server, listening on port 5902.But i dosn?t work.I have tryed to scan the zyxel routers ipadress on port 5902 from the internet, but the scanner says that the port is closed.The vnc server on pc #1 is working fine on the local network. I can connect to the server from a pc on the same side of the zyxel router.Is it deffenitly a router problem, or could it have something to do with debians own firewall?
View 2 Replies View RelatedI have a computer which has a public IP.My ISP has allowed only port 22 for my machine to be accessed outside from internet.I want rest of my computers which are connected to this machine be accessible via SSH on internet.I can configure IPTABLES to route different ports to internal machines but since ISP has given only one port for the gateway how can I go for it any guesses. I came across some thing reverse SSH tunneling but that has to keep the connection alive all the time at gateway I want my trusted people to be directly able to access the machines on LAN to which they have account to login in this scenario.
View 3 Replies View RelatedMy host is blocking port 3960 which I need to use for an SVN server, they are telling me that I will have to install my own firewall. I've not done this before and am not sure of what to do or whether anything I can install will be enough protection.
View 2 Replies View Related