I would like to open some port from IN to OUT pop3,smtp.whenever i tried to add some rules to existing iptables it gives me an error.Applying iptables firewall rules: iptables-restore: line 21 failed
View 7 RepliesEveryday logwatch sends me the following information from IPTables and it seems odd, can anyone tell me are these entries odd, they all seem to be to two ports 28960 and 28964
[Code]....
A few months ago I installed Ubuntu 9.10 on my girlfriends laptop, on her request, as she didn't like Windows any more. Since then the internet connection periodically slows down due to too many open ports/connections. Always when this happens I call our ISP and usually there are around 80-200(!) active connections to various IP's.
She is not downloading torrents or anything.
She only uses Firefox and a few open tabs as people do.
Skype is open.
Wireless internet connection.
I am thinking either Ubuntu is updating more or less constantly or the ports/connections aren't closed "after use".
I'm trying to open my ports all the way, but for some reason, I am unable to do so. I've forwarded the ports I want open in my router (I switched between two routers to make sure), I made exceptions in Firestarter, and I even added UFW rules, but when I use pretty much any and every port checking tool out there, the ports eithere back stealthed or closed.I'm not a complete noob, and I'm not an expert, but I'm p sure I'm doing everything right, seeing as there isn't much to screw up.The reason I'm trying to fully open these ports is because I'm getting this dumb 'No Incoming Connections
View 3 Replies View RelatedSince there was no response on my other post which i spent about a hour writing, ill go for something simpler. I run this on my server
Code:
# set default policy for the NAT table
iptables -t nat -P PREROUTING ACCEPT
[code]...
Does Ubuntu come with a firewall preinstalled and running? I need to open port 9997 - how would I got about doing this?
View 2 Replies View RelatedI have been running Ubuntu 10.10 and have found that at any time I am connected to the Internet that I will randomly see high port numbers open when doing a port scan on my computer all are in the unknown listings with five digit numbers so I don't know what is going on or who is using them. Please check your system to see if you are having the same thing happen by using network tools and filling in your local ip address in the port scan tab. If you shut down your Ethernet interface and run port scans the high ports are no longer open. this will at least keep whoever is using your ports at bay when you are not using the net.
View 4 Replies View RelatedI forwarded ports 28900(TCP/UDP) and 5029(UDP) to my linux box for a game. Testing my ports with a website now shows these ports as "connection refused" rather than "timeout" which means the connections are getting to my system but the iptables are blocking them. But I added 28900 as a test and it still won't accept anything on this port. This is my output of iptables -L
root@BPC3:~# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:28900
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:28900
What do I need to do exactly to add exceptions for 28900 TCP/UDP and 5029 UDP?
I need to ensure ports 6112 through 6119 are open. I tried using Firestarter to do this, but when I search for what ports are open, it says none of them are. I use Ubuntu 9.04.
View 1 Replies View RelatedI'm trying to set up an SSH connection from my school to my home, but not on port 22. I originally tried port 2222, but it didn't work. I called my school IT people and they said they block that port. I asked if they care if I set up an SSH and they said no, but that they wouldn't tell me which ports are blocked and which are open for "security" reasons (which I guess I can actually understand). They suggested just using port 22 or 222, but said if a ports open I can use it.
My question is, can I check ports without setting up SSH? It seems like a hassle to try a different port every day on my home SSHD file, come to school, see if it works and repeat. Is there a way I can check my computer home for connections that could connect, even if there isn't a service listening? I don't know how to do that, or even if its possible. If not, I suspect I'll just try a few until I find something that works, or just go ahead and use 22.
Yesterday I switched from CentOS to Ubuntu, and wanted to install TeamSpeak3 which runs on ports 9987 UDP and 10011 TCP. The TeamSpeak3 worked fine on CentOS before this.
It appears to be running and netstat -an reports:
Code:
udp 0 0 0.0.0.0:9987 0.0.0.0:*
tcp 0 0 0.0.0.0:10011 0.0.0.0:* LISTEN
I believe the only firewall for Ubuntu is "UFW", am I correct? If so, "ufw status" reports:
Code:
Status: inactive
I do have other things running on UDP (Counter Strike Source servers) and people can connect just fine.
When I telnet localhost 10011 I get a response from the TeamSpeak3 server:
Code:
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
TS3
Welcome to the TeamSpeak 3 ServerQuery interface, type "help" for a list of commands and "help <command>" for information on a specific command. However, telnetting from outside just gets no answer, this is what leads me to believe it is a firewall in the way.
Normally I use 'netstat -an' to determine if a daemon is listening on a specific port. The excerpt of this command below doesn't list things like vnc (5900) on ipv4. It does however show it on ipv6. My issue is I want to know how to determine if it is indeed listening on ipv4 as would normally be seen with 0.0.0.0:5900. It would appear that all ipv4 ports are internally being redirected to ipv6. Of course this does simplify things, but it also leaves me unable to reliably determine the ipv4 listening status. How I can tell at a glance if a specific ipv4 port is being listened on? Is there a way to force netstat to list the ipv4 listens specifically?
Code:
art@eee1:/proc/sys/net/ipv6$ netstat -an
Active Internet connections (servers and established) .....
I've installed a fresh copy of the latest 10.04 distro, lucid lynx and have problems connecting to the machine via ssh because the ports are all blocked (using nmap to check). In past releases, changing the gdm.conf flag "TCPDISALLOW" from true to false would fix this. In the new /etc/gdm/gdm.schemas, I've tried making a similar change, but it's still not opening things up. I've downloaded gufw and have made sure the firewall is off. So, I'm not sure what to try next.
View 1 Replies View RelatedHow do I open ports 5198/udp and 5199/udp on a slackware based firewall?
View 2 Replies View RelatedI set up a vnc connection to my machine the other day and while doing that checked out any open ports.To my astonishment my ftp port is open, although I double checked the firewall and there's no check in the checkbox for the ftp port. I didn't add a "other ports" rule or anything as well.So, how would I be able to fix that?
View 5 Replies View RelatedJust did a check on "shields up" and it says that ten of my ports are open. I get the same result with or without both shorewall and firestarter. I suspect it may have something to do with the mysql server packages added automatically during installation. Am I right. If so, what can be done about it? If not, has anyone any idea how to keep my ports closed?
View 5 Replies View RelatedI'm trying to setup oracle10g but, whenever I try to go to my database homepage http://127.0.0.1:8080/apex I get an "unable to connect to" error. Only reason I can think of as to why I can't connect to it is because my ports aren't open. I also recall SELinux complaining about something awhile ago, I can't seem to bring that up any more for some reason.
View 1 Replies View RelatedI've been struggling for days trying to open port 53 and 25 but can't get it to work. My iptables at /etc/sysconfig contains the following:
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0] .....
On the server machine when I do port scan with nmap I see the following result:
Starting Nmap 4.76 [URL] at 2010-03-28 01:03 CET
Warning: Hostname localhost resolves to 2 IPs. Using 127.0.0.1.
Interesting ports on localhost (127.0.0.1):
Not shown: 986 closed ports .....
But when I try to do telnet from an external machine, e.g:
telnet <IP of host> 53
I get:
Connection refused
telnet: Unable to connect to remote host
I also did a port scan with a tool on an external machine but port 53 and 25 weren't listed as opened ports. Also CheckDNS.net on the server returns "Connection reset. Probably DNS server is offline". I am 100% sure that named and sendmail are running. When I do a ps -aux I see:
named 9261 0.0 0.3 85528 14784 ? Ssl 00:46 0:00 /usr/sbin/named -u named
root 2550 0.0 0.0 9536 1960 ? Ss Mar23 0:02 sendmail: accepting connections
how can i close all of ports and open ssh only?
View 6 Replies View RelatedI'm locking down my laptop. I know I can use a firewall to ensure nothing gets through that I didn't catch, and I certainly plan on using one, but in the meantime, I want to know what exactly is running on my system.
nmap localhost returns:
Code:
james@james-linux:~$ nmap localhost
Starting Nmap 5.00 ( http://nmap.org ) at 2010-07-26 23:33 CDT
Warning: Hostname localhost resolves to 2 IPs. Using 127.0.0.1.
Interesting ports on localhost (127.0.0.1):
Not shown: 994 closed ports
PORT STATE SERVICE
25/tcp open smtp
111/tcp open rpcbind
139/tcp open netbios-ssn
445/tcp open microsoft-ds
631/tcp open ipp
2049/tcp open nfs
Nmap done: 1 IP address (1 host up) scanned in 0.18 seconds
However, I know that localhost goes back to the loopback interface, 127.0.0.1. So, to see what was really open, I ran nmap 192.168.0.108, which is my laptop's IP at the moment.
Code:
james@james-linux:~$ nmap 192.168.0.108
Starting Nmap 5.00 ( http://nmap.org ) at 2010-07-26 23:33 CDT
Interesting ports on 192.168.0.108:
Not shown: 996 closed ports
PORT STATE SERVICE
111/tcp open rpcbind
139/tcp open netbios-ssn
445/tcp open microsoft-ds
2049/tcp open nfs
Nmap done: 1 IP address (1 host up) scanned in 0.14 seconds
Now if I understand correctly, I can attribute 139 and 445 to my Samba share. That I'm okay with. What I don't know is 111 and 2049. Does anyone know what these ports are, what's running on them, and how I could turn them off, supposing that they are a security risk?
I'm getting heat from the head networking office that ports 21, 110, and 143 are open. I can telnet to those ports from a remote machine (not localhost) and get a prompt. There does not seem to be anything listening on those ports according to netstat. I've tried using iptables to discard all traffic to a from those ports but I can still telnet to them. This is a lucid desktop machine.
View 4 Replies View RelatedI'm using ubuntu-linux ( ubuntu 9.10)I use utility autoscan network to scan the systems available in local area network of my hostel.It shows my open TCP ports : like Ssh , Smtp , Http , NetBios-ssn , Microsoft-ds , ipp , Mysql , Postgres.Are all these services need to run all the time or I can manage the ports.Don't know much about it just want to know these ports are by default open or I can manage them.
View 7 Replies View RelatedI am new to Linux. I am installing oracle OBIEE 11g on Linux Red Hat 5.6 64 bits and I got stuck at ports not open error.
I tried adding the following line in the iptables file:
Then Restart iptables service, But did not have any success still getting the same error.
How do I open ports on my server.
I cant get any of my usb ports to open ,m trying to open my "usb external hard drive .
View 2 Replies View RelatedI have 2 routers both with 5 network cards (both different subnets). On both machines I have the following configuration: Eth0 is the internet conection, Eth1 is the conection to the other router and the other network cards are for the subnets.My current Ip tables script allows all the subnets of one router to see each other but not the subnets of the other router.
In the new situation I want not all but specific subnets to see each other (no problem here)The issue is that some of theese subnets are subnets of the other router. For example the subnet of eth2 router1 should be able to connect to eth 3 on router2. This is were eth1 comes in play. My plan was to configure iptables so that in above example eht2 would be forwarded to eth1, which will forward to eth1 on router2.Then the iptables configuration on router2 will forward it to the network card of the correct subnet.
eth2 (router1) -> eth1 (router1)
eth1 (router1) -> eth1 (router2)
eth1 (router2 -> eth3 (router2)
[code]....
I have installed Debian Jessie (<-- brilliant OS ) on my uncles Laptop (it is a Thinkpad E540) with Cinnamon as desktop environment. The installation was no problem. Everything apart from one minor thing works nicely. The minor thing however is the following:
I don't know what it is, but when I don't use a particular usb port for a while and then try to plug in a usb stick or a wacom tablet, it doesn't get recognized, it doesn't show up when I use f.e. Code: Select alllsusb. When I close the lid of the laptop and open it again, then the particular usb device gets recognized and cinnamon asks me what to do, f.e. open a folder and show the content of the usb stick I have plugged in. Because of the success on two other laptops I use the following
Code: Select all# /etc/systemd/system/powertop.service
[Unit]
Description=Powertop tunings
[Service]
Type=oneshot
RemainAfterExit=no
ExecStart=/usr/sbin/powertop --auto-tune
Environment="TERM=xterm"
[Install]
WantedBy=multi-user.target
to save power on the Thinkpad (this is in no way my service script, I tuned everything using powertop in the terminal after having had logged in, the script above stems from a brilliant user here on the forum). Could it therefore be autosuspend that is not working properly here?
I have just switched over from firestart to gufw.I have set all incoming traffic to deny and all outgoing traffic to allow.I have rules set for incoming traffic, and have only opened 1 port on my system for torrents. My router also only has the same port opened which again is for torrents.I use "Network Tools" which is included on squeeze and do a portscan of 192.168.1.100 and 127.0.0.1 I get all kinds of crazy ports coming back as opened. What is even stranger is if I do a few scans, these ports change, so one port on one scan may come up as open, then it will disappear and a different port may show as open.
Mind you none but the torrent port is forwarded in my router, I have no idea what any of these other ports are, or why they are even showing up.What the heck is going on? I dont think this is normal? Am I at any higher risk for attack?
how to open firewall ports without using yast. The reason I'm asking is because I'm working on a .sh script for the installation of a couple of programs. Some ports need to be open for the programs to work, I find it really annoying to go to yast and type the ports manually every time. I've looked at /etc/sysconfig/SuSEfirewall2 but can't seem to find anything, I also know that after the changes I will have to stop start the firewall by running:
SuSEfirewall2 stop
SuSEfirewall2 start
I installed Ubuntu 9.10 recently. I heard that there will be no open ports in the system unless I specifically open one. How do I scan to find a open port in my system.
View 9 Replies View Relatedwhen i enable my ufw it completely shuts me out and closed my internet connection. i installed firewall configuraiton interface and through it defined rules to accept incoming internet connections on port 80, i can see the rules are there but when i enable my firewall it just shuts me out completely again.
when i do(with my firewall enabled):
Code:
$ sudo ufw status
it gives me:
Quote:
Status: active
[Code].....
I also messed around with fwbuilder and iptables but since then deleted fwbuilder(besides i just compiled firewall policy and never actually installed it because of errors while trying to install it. Iptables I cleared with:
Code:
$ sudo iptables -F