Networking :: Ubuntu Server Does Not Accept Incoming Network Connections Like SSH?
Feb 25, 2011
I have a bunch of Ubuntu boxes on one subnet, 192.168.1.0. I have a Windows 7 box on another subnet, 192.168.2.0. I am able to ping and SSH to all servers on the .1 subnet except for one server, which I will call PITA. I will attempt to SSH to PITA, and it won't respond, nor does it respond to pings. I will the SSH to PITA from another of the test servers, successfully connect, and then when I SSH from my Windows 7 machine I can connect successfully. If I first connect via console to PITA and send some pings out (to anywhere, like 4.2.2.2), I can also connect from my Windows 7 machine. I've never seen anything like this.
One of the weird things is that I used PITA to create an image that I then used to create many of the other test servers, and they work fine, so I'm not sure what the problem is. I've checked /var/log/messages and syslog and there's nothing in them that indicates a problem. I've rebooted this server, restarted SSH, changed the IP in case it was conflicting with something else, forced an ARP update in case it was cached (since I had bonded the interfaces), cleared the ARP cache on my own machine, verified Network Manager is not installed...and I still have this issue.
Here are some network-related config:
/etc/network/interfaces
Quote:
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
[code]....
View 3 Replies
ADVERTISEMENT
Feb 18, 2011
Our DBA has an application running on Server2 which needs to connect to Server1 (Linux OEL5.5 server) thru port# 9171. I use telnet to test basic connectivity.What should I do on Server1 in order to open up port#9171 for connection.
View 4 Replies
View Related
May 19, 2010
My question is simple - is there any linux app or applet which is able to show (monitor) incoming and outgoing connections assuming it's a direct internet access? I was using a firewall on a system off Redmont which was able to show every connection, listening ports of services if some were opened etc.
View 1 Replies
View Related
Jul 13, 2010
I'm having problems getting openssh server to accept connections in Ubuntu 10.04.Here's what I've done (twice): Installed Ubuntu 10.04 on USB drive with pendrive installer. This creates a default user "ubuntu" and you don't get the chance to choose a password for it. Started a keyring for network access and selected password. Works.Enabled VNC and selected password. Works fine with VNC client on local network. Logs in as "ubuntu" user and asks for the VNC password, then connects. Note: the client doesn't know the "ubuntu" user password, and neither do I! However, it works.Installed openssh client and server from Ubuntu s/w center.
$ ssh localhost OR $ ssh ubuntu@localhost try to connect, but asks for password, which I don't know (see step one, above) so, then I created a new user, with known password, logged in as new user in Ubuntu, works.however, $ ssh newuser@localhost still fails, even when correct password for <newuser> is supplied. Rejects the password three times, then gets the usual error about keys.I also tried connecting with an SSH terminal app from my iPad, again using <newuser>. It gets essentially the same error, "failure to authenticate".
All this is still on my own LAN, haven't gotten to going outside the router yet.What I want to do in the end is use VNC over SSH from a client on my iPad to talk securely to Ubuntu while I'm traveling.
View 9 Replies
View Related
Feb 24, 2010
I want to allow 100 incoming connections to my linux server running smtp. I know that tcpserver -c will set the limit of allowed incoming connections, but how can I tell what the currently set limit is?
View 4 Replies
View Related
Mar 13, 2010
I'm using Linux Mint 8 KDE, which is essentially kubuntu karmic.
Been trying to set up bittorrent (tried several different apps), have followed all the usual steps, forwarded ports on both Guarddog and my router, but still no incoming connections. Then tried disabling the firewall in Guarddog - still no incoming connections. Never had any problems configuring my router before so can only think that there must be something else blocking ports in linux other than iptables.Also had same problem just using ufw and gufw
View 1 Replies
View Related
Jul 4, 2010
I am still new to ubuntu and I use firestarter as my firewall tool and I was told that its just ufw in a gui. Well anyways I noticed a connection to 174.129.241.144 using https and python, I didn't have any scripts running and my browser was closed, I read the man files for ufw and it said to do something like deny from 174.129.0.0/12 and I want to block all incoming and outgoing connections to this IP range and I was wondering how to do that, I heard of iptables that it would be able to do this but I dont know anything about it. What I should learn so I can handle these kinds of situation in the future and how I can block this ip subnet or also what does the /8, /12, and /16 stand for?
View 7 Replies
View Related
Jun 5, 2010
This is on Centos 5.3 by the way..... I had a DVD and, well, just wanted to test some things.. I'm aware that this is not the latest release.
And, by the way (I just read an earlier post) I've added the username and password with which I'm trying to login (..hello?).
I'm at work and I don't have a copy of my Vsftpd configuration file (don't wanna edit this whole thing - actually there is a copy, below). I've used Slackware for years and never had any issues with Vsftpd - it just works. I am trying Centos because I need help with upgrading my mail server (qmail) and there's not much help for Slackware users. Also, I used to run RHEL3 and had vsftpd working fine (had to copy some file to /etc/pam.d) but it worked famously. I compiled all my web server stuff (just don't like these default things where I have no idea how things are integrated) and I'm hung up on - of all things - vsftpd.
Anyway....When I try to log into my ftp server I get "KERBEROS_V4 rejected as an authentication type" and only the anonymous account works. Any other logins produce an error (incorrect login - see ya' later). I have SE Linux and the firewall OFF. I don't recall the directive, precisely, but my vsftpd.conf file is set allow local users to connect. I installed with yum and it added some lines at the bottom (one was about a user list and the other was about PAM). I've got a chroot list and a user list although it's not clear to me precisely where the user list should be placed. I actually uninstalled the RPM and compiled, too. I've done everything but call an exorcist. And I've found tons of posts regarding this on the net and none of the fixes worked. Man - on slackware you type "make" and "make install" (I build it with tcp_wrappers) and you're off to the races.
Actually - I did upload the vsftpd.conf file to work (where I'm at, now). Minus lines that were commented out it looks like this:
Could it, possibly, be something about how I am adding the user, the shell type, etc? I know that in Redhat I used to type "/usr/sbin/useradd -d /home/someuser joe". I've done it that way and I've also done it like so: "useradd -d /home/schmoe -s /bin/bash schmoe".
View 2 Replies
View Related
Jan 5, 2010
I've recently been asked to setup our FTP server to accept connections from a remote host. They sent me a file "id_dsa.pub" with instructions to add this key to the xfer user.
Unfortunately I've no idea how to do this!
I'm running vsftpd 2.0.5 on Centos 5.3
View 4 Replies
View Related
May 14, 2010
After I installed Lucid on my Netbook, I have different problems with ekiga.
First of all, some information about my ekiga account:
In ekiga I created a SIP-Account with a usual landline phone-number, my voip-provider is 1&1 (in Germany). In ekiga the account is named "Standard%limit", because I cannot register my sip-account without the "%limit". If I leave the "%limit" out, I get the message "Could not register (Forbidden)", but here on ubuntuforums (or maybe on launchpad) I read about the "%limit" as a workaround. Maybe it has something to do with my problem, I don't know.
Now, this is my problem:
Ekiga does not accept incoming phone calls after a few minutes after launching ekiga. Well, let me describe it this way: Usually ekiga plays a ringtone and shows a message whenever there is an incoming call. However, ekiga only behaves as described and expected just after launching ekiga. A few minutes later, lets say five or ten minutes, ekiga does not accept incoming calls anymore. I tested it with my mobile phone - when I call myself on the landline with my mobile phone, I expect ekiga to play the ringtone and show a message that there is an incoming call. However, ekiga does not do anything and after a few seconds the call is terminated automatically. But it is not the same as if ekiga is not running because if ekiga is not running I get the message that the subscriber is not available.
View 1 Replies
View Related
Apr 4, 2010
I need some suggestions on software. I would like to offer remote desktop support to some of our clients, but some of them are using ISP's that block incoming connections so, VNC is out of the question. I was wondering if there is something similar to logmein for ubuntu?
View 1 Replies
View Related
Apr 11, 2010
Its been really bugging me that whenever I scan my connection with wireshark I see this one person sending me a SYN packet every minute on port 445. I know this is the dangerous port that the Conficker worm travels along. So far my computer seems to be immune and I know, at least on the Linux side that I can just add a rule to my ip tables to block that port indefinitely. I want to know what the next step is.
00 0c 41 b2 e4 1d 00 11 09 b2 2f 0e 08 00 45 00
00 30 91 84 40 00 80 06 d1 c7 46 4f 86 29 XX XX
XX XX 10 43 01 bd 9e 23 d6 27 00 00 00 00 70 02
ff ff 65 58 00 00 02 04 05 b4 01 01 04 02
This is one of the packet captures I am getting. After sending me this and getting no reply, all of a sudden he goes up an ip. Basically this would be the pseudocode for what it looks like hes doing on my end.
while(1){
for(int i = 1; i != 255; i++){
send_connection_attempt("XX.XX.XX." + i);
}
}
To me this looks like this guy has hijacked a computer and is using it to run a script over. He is still scanning my network as I said earlier, what should I do? Should I contact my ISP? or just nail down the hatches and make sure nothing is exposed on my network?
View 3 Replies
View Related
Jul 19, 2011
I'm trying to get VNC working but I'm getting this error message:
Quote:
ssh: connect to host my_ip_address port 22: Connection refused
When typing:
Quote:
ssh -f -L 5900:localhost:5900 user@my_ip_address x11vnc -safer -localhost -nopw -once -display :0 && sleep 5 && vncviewer localhost:0
I'm trying to follow the instructions here: [URL] but I'm struggling with point 2 & 3:
Quote:
2. If you have previously reconfigured the firewall on your PC, make sure the firewall allows incoming connections on port 22 from anywhere, and on port 5900 from localhost (also known as 127.0.0.1)
3. If your PC is behind a home router, or any other device that uses NAT, configure your router to send connection attempts on port 22 (but not port 5900) to your PC
So my questions are:
1. I installed a fresh version of Ubuntu 11.4, should I be concerned about step 2? If so, how can I allow incoming connections on port 22 from anywhere, and on port 5900 from localhost?
2. Regarding step 3, I'm using NETGEAR model DGN1000 router. Is that something that I should do from the router's setting page or it's some commands that I should pass through SSH?
View 1 Replies
View Related
Oct 24, 2009
incoming connections are not being reported to my /var/log/secure. I can't see if people are trying to connect. I can't troubleshoot because I can't do anything.
View 5 Replies
View Related
Aug 1, 2009
I tried to set up vnc following the steps of this webpage:
[URL]
which did not work. I changed everything back the way it was, but when I tried to ssh in to my remote server, the connection timed out? It showed nothing in secure logs. I tried to ssh in through webmin, in asked for auth but did not connect. The logs said this:
Jul 30 12:05:10 server sshd[2829]: Did not receive identification string from 209.139.209.100
I tried to telnet port 22 through the shell in webmin and got this:
> telnet 209.139.209.100 22
Trying 209.139.209.100...
Connected to 209.139.209.100.
Escape character is '^]'.
Connection closed by foreign host.
I tried reinstalling ssh, but got the same errors...It worked fine before the howto. I can't imagine how it changed something in ssh...
View 1 Replies
View Related
May 28, 2009
I am writing a server which uses edge-triggered epoll. When the server calls accept(), it just extracts the first connection in the pending queue. If there are more connections that are waiting, can we make the server accept all the pending connections? I wrote a loop like the following:
do {
client_fd = accept(...);
/* Work with the client fd */
} while (client_fd != -1); [/code]
Doesn't seem to work. A related question, more a clarification, is as follows. My understanding was that a connect() at the client returns only when accept() in the server returns. Clearly, I was incorrect. Even with no accept() call in the server, my client was able to connect and send data. Am I getting this right?
View 2 Replies
View Related
Apr 7, 2010
I'm using 9.10 most recent updates. I want to connect to a wireless network and get a dialog box offering "WPA & WPA2 personal" as the only choice. The passphrase I was given is 6 letters but the "Connect" button does not light up until I get to 8 when entering wpa/wpa2.
Do I need to convert the passphrase somehow?
Atheros 9k and Linksys "Wirelss G router with SRX200".
View 2 Replies
View Related
Feb 26, 2010
I have openSUSE 11.2 installed and i need to create a gateway server that allows virtual private network connections. I want to play with my friends some lan games, but we are in different networks, so i want to create this gateway server so we can connect with VPN clients to this server and play freely.
View 7 Replies
View Related
Mar 14, 2010
OS : CentOS 5.3 64bit How to trace incoming and outgoing network traffic for a give user? User 'A' logs in to the system and does various network connectivity As root user need to find what are the outgoing and incoming connection that are related with user 'A'. basically need to check the connection flow. netstat will show ESTABLISHED, LISTEN etc.. need something like tcpdump
Eg:- --user option for tcpdump tcpdump -vv -nn -i eth0 host 10.200.2.1 and tcp dst port 8080 --user A Can someone tell me any tool which can do such thing? Even if it can show the process ID of the client application which is trying to establish network connectivity will do.
View 1 Replies
View Related
Aug 13, 2010
I have a server with a domain running and im trying to resolve the mail server but i can't see where to start. I use OpenSuse 11.2. Basically, for starting, i want postfix to send incoming emails to a php script or perl. for outgoing emails i guess that i could use php mail function and i will see what else to have. I configured the dns. I do a dig.mydomain.tld MX and i get the following:
mydomain.tld3600INMX0 mail.mydomain.tld
mail.mydomain.tld 3600INAmyNumericalIp
So now my system is receiving MX content but i dont know what to do.
View 9 Replies
View Related
May 31, 2010
I'm working with a Ubuntu 10.04 LTS system with two network interfaces (both Ethernet). I wish to setup this system such that it is simultaneously connected to my local and an OpenVPN network and able direct traffic between the connections depending on what program is sending the traffic. The problem: Under my current OpenVPN configuration all network traffic is directed to the VPN.
My OpenVPN config file (some details omitted)
--remote [gateway ip] # vpn12 load:
--remote [gateway ip] # vpn11 load:
--remote [gateway ip] # vpn15 load:
--remote [gateway ip] # vpn16 load:
[code]....
In practice, I would like OpenVPN to operate out of one of my two network interfaces and leave the other interface connected to the local network. Then by default all network traffic should be directed to my local network unless I specify (on a per program bases) that certain traffic should go though the VPN. These two network connections can (should) stay completely independent of each other and do not need to talk to each other.
View 2 Replies
View Related
Mar 30, 2011
I have a server that I can only access via SSH (it's located far away) and I would like to secure it by blocking all ports except the ones that I need (which are HTTP and SSH). I still want to be able to make outgoing connections to enable software updates and other things.This is my iptables -L -n :
Code:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:1:21
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:23:79
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:81:65535
code....
In my opinion, this should block all incoming packets except the ones on port 80 and 22, but allow responses to outgoing connections. But a wget http://google.com does not work, it can't establish the connection.
Maybe this is not the best style for iptables rules, but I want to be absolutely sure to not accidently lock myself out from SSH, so I chose not to configure a "block-everything rule".
Does this configuration not enable incoming packets from connections initiated from inside?
View 3 Replies
View Related
Dec 26, 2010
i'm attemping to re-route incoming traffic of https to one of my servers. (a windows xp with subversion on it)
problem is if i do that ALL https traffic from other pc's is stopped. meaning i can't get any reply from any url with https;
View 6 Replies
View Related
May 21, 2010
I have set up a Virtual machine on a dedicated server from 1and1. I hoped to use a bridge to give the vm direct access to the internet but 1and1 do mac filtering and so the only option is to use NAT.
I used Virtual Machine Manager on my Ubuntu 10.04 machine at home to install Debain Lenny on the vm on the server using KVM and all went well. I put it on a virtual network 192.168.100.0 and i can access it from the host and i can access the internet from the guest using NAT that libvirt set-up.
I bought another ip address from 1and1 with the hope of forwarding packets to the new ip address 11.22.33.02 to the guest vm.
I have tried all sorts of routing rules using iptables without any success.
my virtual network is on virbr1 the guest ip is 192.168.100.50 my external network device is ip say 11.22.33.01 on eth0 with the secondary ip say 11.22.33.02 on eth0:1
Here are the latest rules i tried:
Quote:
iptables -t nat -A PREROUTING -d 11.22.33.02 -i eth0 -j DNAT --to-destination 192.168.100.50
iptables -t nat -A POSTROUTING -s 192.168.100.50 -o eth0 -j SNAT --to-source 11.22.33.02
iptables -A FORWARD -p tcp -i eth0 -o virbr1 -d 192.168.100.50 -m state --state NEW -j ACCEPT
iptables -A FORWARD -t filter -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
[Code].....
View 2 Replies
View Related
Aug 23, 2010
Neither of my wired network connections are listed in the network manager applet. I know that networking seems to be functional since I can ping local devices on the network. I can't resolve DNS names however. I suppose this is because network manager usually handles DNS? I've posted the outputs of various configurations below.
Code:
/etc/NetworkManager/nm-system-settings.cfg
# This file is installed into /etc/NetworkManager, and is loaded by
# NetworkManager by default. To override, specify: '--config file'
# during NM startup. This can be done by appending to DAEMON_OPTS in
[code]....
View 4 Replies
View Related
May 30, 2011
I recently installed Fedora 15 now, and during installation I set the internet connection manually, then did update and after reboot, the internet connection settings have been removed. Now I can not set because the network connection to the Internet Connection is inactive. I mention that before the update was functional internet connection.
View 5 Replies
View Related
Jan 30, 2010
Here is the layout of my network:My cable modem plugs into eth0 on my ubuntu server which acts as a firewall (shorewall) and dhcp server to my lan. A dd-wrt access point is plugged into eth1 and then a bridge connecting my xbox360 and another bridge connecting a desktop computer.Everything works pretty well, except a few times a day, my network will just shut down. The wireless on my macbook and my wife's laptop will just shut down, and if my xbox is running, it will lose connectivity. It will be down for maybe a minute or two, and then come back up like nothing ever happened.I never had this problem when I had just a dd-wrt router running everything instead of my server.When I ssh into my server afterwards and run dmesg, this is what I will get:
Code:
[398598.251548] martian source 169.254.1.255 from 169.254.1.33, on dev eth1
[398598.251565] ll header: ff:ff:ff:ff:ff:ff:00:23:69:3d:b1:82:08:00
[code]....
View 2 Replies
View Related
Jul 8, 2011
i've installed ubuntu 11.04 on a friends Asus Eee pc 1005HA netbook. after the installation i tried to connect to the router using wireless, and when i enter the key, it fails to connect, so i tried using an Ethernet cable to connect but that doesn't work either,the network devices on the computer are:
Atheros AR8132 PCI-e fast ethernet controller
Atheros AR 9285 wireless network adapter
It lists the wireless device and the solutions to the problem, however, the solutions seem to be for Ubuntu 10.04 and also 10.10, and im not sure if it will work for 11.04 so far i have been unable to find out anything on the forums about the ethernet
View 9 Replies
View Related
Apr 28, 2010
i need is to have http and https allowed, together with mail server (incoming and outgoing) and ftp, ftps and ssh. all other ports have to be closed.
View 3 Replies
View Related
Jun 18, 2009
once I updated , there will be no connections to Internet in GUI , while it's available in TUI . So it's wired , huh ? Before upating, it's available both in TUI and GUI, though all the time the network-manager shows no connection , in fact , there is and both GUI and CUI . Now I updated , and it can't access Internet from GUI.
View 2 Replies
View Related
