Since I no longer have access to a spare machine to actually test this out on, I was hoping some kind soul might know the answer, or be willing to try it out for me. I'm trying to find out if the port scanner nmap can detect two different services which are sharing a single port. For instance, if I'd managed to set up, I dunno, a web server and an ftp server to both run over the same port, would nmap with version detection be able to detect both of them, or just one?
Strange issue here when trying to verify firewall on Server 8.04. No ftp service running at all on server, but both nmap and netcat report port 21 as being open, even though it isn't.I am 100% sure that port 21 is not actually accessible and iptables rules are fine. Trying to connect to the port fails, yet nmap and netcat seem to report a "false positive"?Have also checked on a number of other servers I'm running, and this "false positive" seems to apply to all of them.
Is possible to detect port scanning just by using utilities included in linux (netstat, iptables...), Yes there is utility called psad but I would write some scripts for my own and learn something new
I am not a C++ geeg, so first thing that comes to my mind is that i will use simple BASH SCRIPT that will interact with iptables and monitor user activity, network activity etc. (but I thing that would not be good solution due to performance and capabilities, and also I am not familliar with memory in linux at all). I was reading aboud SNORT HIDS, NIDS... AFAIK some information can be obtainet from /proc but I have no idea which values should be monitored.
I am running Ubuntu 11.04 and i am curious to if there is a way to share my established wireless connection through my Ethernet port.. I know it was possible in Windows by going to adapters and bridging the wireless, and Ethernet adapters. how to make this work in Ubuntu?
Hopefully Ody has found a result in the 5 years since he posted this question, for anyone else looking for an answer NMAP scan for a range of individual IP's can be done using the '-' for example: (this is accurate as of 2010, actual results have been altered to match OP's address range)
$nmap -sP 192.168.0.1-14
Starting Nmap 5.00 ( http://nmap.org ) at 2010-12-22 09:55 Interesting ports on 192.168.0.1: Not shown: 999 closed ports PORT STATE SERVICE 80/tcp open http
Interesting ports on 192.168.0.2 Not shown: 999 closed ports PORT STATE SERVICE 80/tcp open http
Interesting ports on 192.168.0.3: Not shown: 999 closed ports PORT STATE SERVICE 80/tcp open http
Nmap done: 14 IP addresses (3 hosts up) scanned in 8.08 seconds
I want to do a simple port redirect, i.e. whatever comes trough whatever interface on port AAAA will get redirected to port BBBBI thought that iptables -t nat -I PREROUTING --source 0/0 --destination 0/0 -p tcp --dport AAAA -j REDIRECT --to-ports BBBBhowever it doesn't work, e.g. nc -v -w2 -z localhost AAAA gives:
nc: connect to localhost port AAAA (tcp) failed: Connection refused while nc -v -w2 -z localhost BBBB
I'm not too sure if this is the right topic to post in but if it isn't please move it to the correct topic. I recently opened some ports for my Playstation 3 and the connection test on the PS3 tells me that the ports are open . But when I execute this command
nmap -p 0-60000 192.168.1.5 I get this
Quote:
Starting Nmap 5.21 ( http://nmap.org ) at 2010-10-16 20:54 AUS Eastern Daylight Time Nmap scan report for PS3 (192.168.1.5) Host is up (0.00063s latency). All 60001 scanned ports on PS3 (192.168.1.5) are closed MAC Address: **:**:**:**:**:** (Sony Computer Entertainment)
Nmap done: 1 IP address (1 host up) scanned in 4.12 seconds
I could be executing the wrong command or something but I have read through the manual and couldn't find anything that helped. I have tried this command on other machines that I have opened ports for and get similar results except for a few Ephemeral ports (80,443 etc.) which also makes me wonder why these aren't listed as open on the PS3?
Is possible to detect port scanning just by using utilities included in linux (netstat, iptables...), Yes there is utility called psad but I would write some scripts for my own and learn something new
writing own Intrusion Detection System? I am not a C++ geeg, so first thing that comes to my mind is that i will use simple BASH SCRIPT that will interact with iptables and monitor user activity, network activity etc. (but I thing that would not be good solution due to performance and capabilities, and also I am not familliar with memory in linux at all). I was reading aboud SNORT HIDS, NIDS... AFAIK some information can be obtainet from /proc but I have no idea which values should be monitored.
I have a need to displace a serial port from one Linux computer to another computer running Windows (XP.) I am running Heyu on a Linux machine in a closet. The power leg for that circuit cannot let the X10 communication reach most of the rest of the house. Where it does work, is from my office but there I am running XP computers only.
I would like to plug the CM11A into my XP computer, share it's serial port and have the home automation computer (running Heyu and Linux) use the LAN to get to the XP serial port without Heyu knowing it is not a local port. Has anyone done this? Can I share a serial port in XP? Can I get Linux to map a serial port to a virtual one on another machine?
everything works fine. I can log in, and local port forwarding is done. Otherwise when I use the command:
ssh user@ssh_server -R 5500:localhost:5500 -p 22
I get an error "remote port forwarding failed for listen port 5500". However when I try remote port forwarding in WinXP by use of putty there is no problem...
is there still a bug in qBittorent with portforwarding 6881? i forwarded it in my router and run nmap on localhost and shows its open yet it is always saying no direct connections on the bottom with that little yellow globe near the nodes
I'm using a Debian servers, as router/firwall.. I've two ethernet interfaces into the server, one for wan and one for lan. The i use SNAT so my LAN clients can access the internet throgh the debian router. That is working... Now i want to be able to access servers on the LAN site from the WAN site, and i wanna use port address translation (PAT). I have a FTP server running on a lan server, so i'm trying to portward port 21.
When people try to access my FTP from the WAN site, they are redirected to the local FTP server, and they are promted for crendentials, but when the credentials are typed, and the local ftp server should answer the wan request, the connections dies.
The wan clients are being promted for credentials, so they are redirected to the local lan server, but after that the connections dies, so i think there is some kind of nat problem, when the local lan server is trying to respond to the wan request..
I make an application on GNU/Linux which listening on a MULTICAST stream, so I open my unconnected socket, bind it on a MULTICAST address and a port, join the multicast group with the "setsockopt (IP_ADD_MEMBERSHIP)", then I receive datagram on my socket.
Now I've two different instances of the same application that run with their own MULTICAST address and port. And what I found strange is that, after a misconfiguration, I switch the ports, for example:
Emitting on 225.0.0.1/23451 and 225.0.0.2/23452 Receiving on 225.0.0.1/23452 and 225.0.0.2/23451
And my receiving part doesn't care about the MULTICAST address, it looks like the socket is listening on the port number only! I mean that the receiver [225.0.0.1/23452] take its datagrams from emitter [225.0.0.2/23452] and vice-versa!
I have a mail server on which I would like to block port 25 on my eth0 for everyone except our external spam filter. the problem is that I want our users to be able to connect via port 10025 which is forwarded to port 25, which then is blocked...
what should I add/change to set up port forwarding of port 1000 to ip 192.168.1.200. also how to get the answer sent by 192.168.1.200 follow the same route used by the data received through port forwarding.
i have an embbeded hardware that uses bootp for booting from a Network Managemnt Host (NMH)on the same ethernet. The embedded hardware has both kind of ports i.e ethernet as well as E1/T1. I would like ask, what do i require to establish a communication-link between the embedded hardware and the NMH throuh E1/T1 ports of embedded hardware, so as to make it boot through from E1/T1. Further, NMH possesses only ethernet port. Just to refine my questions i'd like to know what additions do i need to do on my NMH , like may be i have to put an E1/T1 port or is it possible that the E1/T1 port can be directly connected to an ethernet port on the other host.
pardon me if i am not making absolute sense here as my knowledge is limited on Layer 1 and layer 2.
how to access networking port and run scripts on that port so as to gain access of remote machine.is that possible through command prompt or through software.
i kno ip address of my frnd who is chattin with me .okay.i want to run an application on his computer .i came to kno tht we can run script o through port
I installed ZTE MF 626 modem in my F10 with kernel 2.6.27.12-170, i run usb_modeswitch and so far things happened normally. Watching through /var/log/messages it says that F10 detects two port device for this modem: ttyUSB1 and ttyUSB2, and in the sequence it disable port ttyUSB1 BUT Network Manager still set this port.I mean, when i connect via wvdial appointing to ttyUSB2 i get connection, but Network Manager fails to do it appointing to ttyUSB1. How to change device port in Network Manager?
I just want to use Internet Connection Sharing (ICS) to connect to the internet. I have done a massive amount of troubleshooting, but some of it seems to contradict itself, and the only two things that I know for sure are that it used to work, and that my Ethernet cable is not the problem. When I use Terminal utilities like ifup and dhclient it seems that it can not determine IP information, but when I try to put it in manually, the "Apply" button grays out right after I finish typing it in. When I try to connect normally, in KDE or GNOME, the icon acts like it's connecting, then instead of having the connected icon, I receive a notification that "the network has been disconnected", and it goes back to the disconnected icon.
Oh, and by the way, I know that I could probably find a workaround, but I have limited resources, and this used to work. The Linux is a Dell desktop with Fedora 12 and the Windows is a Windows 7 HP laptop.EDIT: I hope that I didn't mess something up, but I accidentally used system-network-config to try putting in the IP address there, and ended up changing it back to the original settings, but the computer is now calling it Auto Ethernet in the taskbar icon, although sudo iwconfig in the terminal still calls it eth0.
If you have been trying to compile & install the new NMAP 5.20 scanning utility as a 64 bit user, you may have run into some issues as I did...The compiler will halt when you attempt to 'make', saying that you need to recompile using -fPIC.The fix: "./configure CXXFLAGS=-fPIC CFLAGS=-fPIC LPFLAGS=-fPIC"then rerun "make".I hope this helps someone, as it took me way longer than it should have to get this going. Enjoy the new versions as it is supposed to have 10,000 updated OS detection signatures and new scripts!
i have old version for nmap:root@bt:~# nmap --version nmap version 5.35DC1 ( http://nmap.org ) i download new version, but before i install it, is there a way to upgrade the old one on my system? or need to un-install the old version and install the new version? i tried this:
root@bt:~# yum upgrade nmap Setting up Upgrade Process Could not find update match for nmap No Packages marked for Update root@bt:~#
