I know that ports are, by default, not filtered; they simply don't respond to requests if there are no services listening on the port. Well, running netstat -tulpn gives:
Code:
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
[code]....
VERY new to linux, erm but I have an issue that needs solving!I recently moved to university, where their network blocks sftp port 22, this means that I cannot connect to my FTP server which is running a version of linux.Now I've got this ftp server connected to a seedbox and it was created using the following walk through..Code:I have written this guide for a friend, but I though it would be useful for others as well.
There are several guides floating around, but I found that most always cock up in some way. This one is tried and tested to work on Debian Etch (on an OVH rps, but should apply to most servers).If there is a new stable release of rtorrent/libtorrent then I will update this guide to show you how to update it (without reinstalling the whole server).
At the bottom there are also instructions to install ftp access & some network monitoring software.Basically, I would really like someone to be able to construct the commands on how to change the listen port for sftp connection on linux or add another port to the list that Linux would use so that I could put in through putty.
How can I find out which process is listening on a port on linux?
View 5 Replies View RelatedIs there a way to determine what program is listening to some port, TCP or UDP, in Linux?
View 4 Replies View RelatedI edited "sshd_config" file and changed port 22 to a new port. After I restart ssh, it listens on port 22 and the new port. How can I disable SSH to listen on port 22? I'm using Debian.
View 6 Replies View RelatedI'm running Ubuntu 10.4 and I've tried disabling IPv6 as I don't currently need it. I rand the following to disable IPv6 and then rebooted my server:
echo "#disable ipv6" | sudo tee -a /etc/sysctl.conf
echo "net.ipv6.conf.all.disable_ipv6 = 1" | sudo tee -a /etc/sysctl.conf
echo "net.ipv6.conf.default.disable_ipv6 = 1" | sudo tee -a /etc/sysctl.conf
echo "net.ipv6.conf.lo.disable_ipv6 = 1" | sudo tee -a /etc/sysctl.conf
After the reboot I can see that IPv& is disabled by running:
cat /proc/sys/net/ipv6/conf/all/disable_ipv6
On running netstat -antlp i see that most of the IPv6 applications have closed but SSHd keeps running:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:9090 0.0.0.0:* LISTEN 663/java
[Code]....
Ho can I close the SSH daemon on port 22 of the IPv6?
When I do netstat -pantu it shows a dash where the pid would be. I have also checked lsof -i and see no pid associated with the port. How do I find what program is keeping the port open?
View 1 Replies View RelatedI am running Ubuntu 64-bit and I have been trying to set up an ssh connection between the Ubuntu server and a Windows 7 client (using putty) and when I enter the command:
Code:
sudo netstat --inet -lpn | grep sshd
I get the following:
[code]....
update:
Code:
luke@media:~$ sudo service bind9 restart
* Stopping domain name service...
[code]....
I am using Fedora 13 64bit. My eclipse program starts a server on port 9050 but I shutdown the program, eclipse fails to properly shutdown the server. Restarting eclipse has no effect.
How can I close or unbind a port forcibly from command line?
I know rebooting or log off and back on will clear the ports but this much slower process for me. I am looking for forcibly closing the port in command line.
My Apache is not listening on port 8080. Hence i cant access my server manager [URL]
View 2 Replies View RelatedI'm using iptables with modules ip_contrack_ftp to be able to use passive ftp. It works well as long as port 21 is being used as listening port. Is there any way to make it work when I configure my ftp server (vsftpd) to listen on an alternative port, lets say 21001 or something? The helper module only seems to be working properly with the standard port, so I was wondering whether there was a way to "tell it" that another port is being used? I mean, of course I make a rule in fw to allow traffic to the alternative port.
But once it's time to start passive connection, then the iptable module cannot handle it properly. I could solve the problem by making a range of passive ports in the ftp-server configuration and allow the incoming traffic to them, but then using helper modules doesn't make any sense. I just want to allow the traffic to the listening port and then want the ip_contrack_ftp module to take care of the rest. This is what I do today - but only port 21 seems to be working. Is there a way to do this with a non-standard ftp port?
Currently Im having a syslog server that consolidate firewall logs on port 514 udp. Im also having a IDS device that I wish to push its logs to this particular syslog server so that I can retrieve my IDS logs on this server as well.
Is it possible to do so?Having syslog listening on port 514 for both firewall and IDS logs? If it is possible will the logs be recorded in a single log file?Or will it be recorded in a separate log file ie. firewall.log, IDS.log etc?? I wish to have them in separate individual log files or else there will be hard time segregating the log entries in a single file. Can anyone advice on how to achieve this??
i tried my best andwrite all the commands given below. but port 27000 is not in listening state.Note: I spoofed MAC address (change MAC address)on this MAchine.here is my iptables file.
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
[code]....
I am learning network prgramming in linux in c,and try to build a server and in this server I want to bind the listening socket to a paricular Ip address and port.Bind function is showing error,I did not want to use wild card. Here is the code.
#include<stdio.h>
#include<sys/socket.h>
#include<strings.h>
#include<netinet/in.h>
#include<arpa/inet.h>
#include<string.h>
[Code]...
is it possible using a perl script to test for a socket listening on a UDP port on a remote host ?I work in an environment where netcat is not allowed and from time to time I need to see if a UDP port is open on a remote host.
View 6 Replies View RelatediSCSI Server, can I change the default port 3260 to other port ?
View 1 Replies View RelatedJst to tryout ufw I tried to close port 80 on my pc. I'm using Ubunutu 9.04. I sudo ufw enable sudo ufw deny 80. But nmap localhost shows port 80 open why? How can I close it? I will need to control some ports on my next server.
View 2 Replies View RelatedI've recently been taking a look at my router settings and I've realized i have my vnc port open for some reason. I don't know how or why it got opened because I've only used vnc within my private lan. Anyway, the problem is I couldn't figure out how to close that port on my router, so I just uninstalled all the vnc software from my computer so it wouldn't act like a vnc server for anybody trying to access it from the outside. So, effectively, I cannot vnc into my computer from outside my private lan, but when i port scan my public ip, the vnc port still appears open.
I'm wondering if there's something i'm missing. I'm sure it must be something in the router that I haven't figured out... something that's keeping port 5900 open.
I would like to Close/Open port 21 using command line. I have an FTP server and I don't want to have the port open all the time. I need only two hours by week to be open port 21 from outside to inside.So I need to know the command line for opening and closing the port 21 then I will implement this in a script into cron.hourly.
View 2 Replies View RelatedI downloaded IPKungFu which is supposed to do this for me, except it did not according to a penetration site. configure IPKungFu perfectly. I did look at this site. IPKungFu easy iptables based server firewall - zarzax the blog I downloaded IPKungFu which is supposed to do this for me, except it did not according to a penetration site. Help me configure IPKungFu perfectly. I did look at this site. IPKungFu easy iptables based server firewall - zarzax the blog
Results
rv @rv-laptop:~$ sudo ipkungfu
Checking integrity: ..PASSED
Checking MD5 Hash of config files:OK
[code]....
A netmap scan of my WAN IP address (cable modem) shows;
23/tcp open telnet?
8080/tcp open tcpwrapped
I've called Linksys and Netgear and they have said there is no user adjustable configuration allowed for the Cable Modems.
How am I supposed to close the open ports if the manufacturer doesn't allow access ?
I scanned my newly installed Debian 8 and found that i have two ports open.
22 for ssh which i want
111 can i safely close port 111 and how?
Running: Ubuntu 10.10
I'm in a bind and I don't know how to get what I want. Nmap shows ipp running cups on port 631. Great, simple enough I uninstall cups, along with its dependencies. A new portscan reveals that the port is closed SUCCESS, but... Ubuntu Update Manager nags me @ every restart about the "important security" updates. I can't lock the version of cups in Synaptic, because cups is not installed! So you see I'm in a bind. If I have cups installed I have an open port, and if I uninstall cups the update manager nags me. What do I do? I've tried:
- stopping the cups service and issuing the chkconfig cups off command... (doesn't close the port)
- uninstalling cups... (update manager nags)
- fuser -k 631/tcp (great, but @ reboot the port is still open)
Please teach me how to close this port / stop this service / tell update manager to shove cups.....
I am using ubuntu 8.04 with firefox browser.
There are some sites which allow you to listen the mp3 song like [url]
I have found the most simple way to get mp3 file
(1)Sometimes you get address ending with .mp3 so just copy the whole URI and use in terminal wget "PasteWhatYouCopied"
(2)But in the link I have mentioned there is no mp3 link in address bar.
Here I found out in totem-plugin-viewer(that is the thing that plays your file in browser).Just Click the button next to sound and select copy
In example taken above it is [url]
And use just like before wget "PasteWhatYouCopied" -O output.wma
Also notice that you have the song as output.wma in current folder of terminal.
(3)If there is a video on webpage then either wait for it to get completely downloaded & get it from /tmp.Remember don't close the page till video gets downloaded completely & you copied it from /tmp then only close that tab.
(4)There is a firefox addon 'unplug' which can help for flv because after sending file to download via unplug you can close that tab.
I'm new to linux runing fedora 14 want to play mp3 and mpeg4 video formats is there an all in one player?
View 1 Replies View RelatedI'm trying to execute X server (automatically), which will not bind to 0.0.0.0 (port 6000) - meaning X server will not listen on generic interface. If it's possible, I'd prefer X server not to listen at all (and communicate through other IPC if needed), is there a way to make it not listening at all? -nolisten flag or something like that? (and do it automatically, every reboot). Also, Is there a way to make X server bind to 127.0.0.1(localhost) instead of 0.0.0.0(generic interface)? It should be in one of the configuration files or the start-up command to run X.
View 1 Replies View RelatedIn my sshd_config file I have the following
Code:
Does this mean that all of my network interfaces are listening as opposed to just one specific network interface? Would 0.0.0.0 include 127.0.0.1?
Also, this computer(A) is on a LAN at my house. It has two network interfaces(eth0 & eth1), both on different subnets. I can connect from another computer(B) on my LAN to this one on one interface(eth0) via SSH just fine. The other interface(eth1) on this computer is hooked up to it's own gateway to the internet using DSL. I'm using this interface(eth1) for running bind.
Anyhow, here's my issue. When using a computer(C), which is a hosted VM , from outside my LAN, to connect to computer(A) via SSH, I get connection refused. So I checked my hosts.deny & hosts.allow files, both empty. I run nmap from computer C and SSH comes up as closed. So I'm thinking it's a firewall issue.
Here's what my iptables -L looks like:
Code:
I've been meaning to learn more about iptables, but which chain is for which network interface? I have also tried running nmap from computer(C) to test bind out on tcp 53 that comes up closed. I run udp 53 and that comes up as closed but then again udp is funny because it's stateless. If I run netcat on udp port 53 from computer C I get a blank line as if it's still running. However, I get that for all other ports anyways so that's of no use.
Unless my AT&T DSL is blocking those ports. But if that were the case would the error 'Connection refused' come up when I try to connect via SSH?
What other tests can I run to troubleshoot?
I reinstalled unbuntu server recently and i am trying to get it to only allow one computer to accsess it. So after doing this etc/ssh/ sudo nano sshd_config I uncomment #ListenAddress 0.0.0.0 Ok so i am trying to accsess my server from a windows machine so i tpyed ipconfig /all to find my ip I found the IPV4 address and i put that address like so ListenAddress 192.168.1.22 But when i try and connect it says connection refused.
View 6 Replies View RelatedI have just installed Ubuntu 10.04 and it works fine. Next, I attempted to install Apache 2.2.16 server on the machine. I was able to get Apache installed but I cant't get it to start. The command I used to get it to start is "apachectl -k start" and got the response "command not found". Then I used the absolute path which is "/home/Administrator/Downloads/apache/bin/apachectl -k start" and got the response"httpd: could not reliably determine ther server's fully qualified domain name, using 127.0.1.1 for ServerName(13)Permission denied: make_sock: could not bind to address 0.0.0.0:80.no listening to sockets available, shutting down". Please advise me on what to do. My eyes hurt from looking at the screen for so long trying different options and reading almost all the apache install instructions that exists. Just ready to have it up and running.
View 7 Replies View Related