Networking :: Https://hostname:8834/ Is Blocked By Iptables?
Jul 22, 2010
https://hostname:8834/ is blocked by iptables ?
I have nessus application is running in the target machine and the url
is https://hostname:8834/ - which is not accessible
But when i login in the target machine via ssh and check that this application and the service is running fine So i think it is blocked by the iptables in the same machine, where the nessus is running
find the iptables status when iptables -L
iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:nessus1
ACCEPT tcp -- anywhere anywhere tcp dpt:nessus1
[Code].....
View 3 Replies
ADVERTISEMENT
Nov 29, 2010
I connect to the internet at work through an authenticating proxy, and to avoid having to enter the proxy info into every app I use (e.g. firefox, wget, kde, etc) I have set up squid as a local transparent proxy which authenticates and routes all traffic to the work proxy. It has been working fine, but lately I haven't been able to connect to any https sites. I don't think I have changed the configuration, so perhaps it is the result of an upgrade, or something badly configured on my system from the start. I have tried connecting to https sites without squid and iptables and it works fine. My system is Arch linux, and my squid.conf file is: Code:
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80# http
acl Safe_ports port 21# ftp
acl Safe_ports port 443# https
[Code]....
View 2 Replies
View Related
Mar 2, 2010
how to allow a specific hostname with specific ports in iptables?
View 1 Replies
View Related
Apr 28, 2010
i need is to have http and https allowed, together with mail server (incoming and outgoing) and ftp, ftps and ssh. all other ports have to be closed.
View 3 Replies
View Related
Mar 25, 2010
I have a mail server on which I would like to block port 25 on my eth0 for everyone except our external spam filter. the problem is that I want our users to be able to connect via port 10025 which is forwarded to port 25, which then is blocked...
View 2 Replies
View Related
Jan 20, 2010
I get today a server with CentOS.. and someone told me to block access to port 22 for all IP's except my.. so I did
Code:
iptables -A INPUT -p tcp -s my_ip --dport 22 -j ACCEPT
and after
[code]...
View 7 Replies
View Related
Jul 16, 2011
I have tried to configure my iptables to allow only HTTPS connections to the internet. Unfortunately, I didn't get that to work. I configured it like this:
Quote:
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -t filter -p tcp --dport 53 -j ACCEPT
iptables -A OUTPUT -t filter -p udp --dport 53 -j ACCEPT
[Code]....
Of course I am only trying to access websites via HTTPS Still, I was wondering if HTTPS somehow under the hood requires the HTTP port to be open or if my rules are in some other way wrong.
ps: I got the rules from that website: [URL]
View 9 Replies
View Related
Aug 11, 2011
I am trying to configure iptables for only HTTP and HTTPS traffic. I start by blocking all traffic, which works, via:
Code:
iptables -F
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP
I then try to allow HTTP and HTTPS on eth0 with these commands, which does not work:
Code:
iptables -A INPUT -i eth0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT
Code:
iptables -A INPUT -i eth0 -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT After these commands I should be able to access the internet. Does anyone know why this is not working?
View 4 Replies
View Related
Jul 4, 2009
I have a fresh installation of CentOS 5 I'm using for a server, and I'm having issues with port configuration. I have iptables running, and it started with no /etc/sysconfig/iptables file. I added a few basic rules (port 53, port 10000 for webmin), saved the file, and restarted the service. I tried connecting to webmin, scanned ports, and traffic was blocked. I set iptables to allow all traffic and restarted the service, and it still showed basically every port as being blocked. It seems port 80 and port 22 work for some reason, even when I tell iptables to block all ports.
I'm not sure what's going on here. Iptables is reading the /etc/sysconfig/iptables file, and if I use lynx localhost:someport it responds as it should according to the file. However, if I try connecting by IP, it's like there's some other firewall or something running that does whatever it's configured to do.....
View 2 Replies
View Related
Oct 11, 2010
Strange issue here when trying to verify firewall on Server 8.04. No ftp service running at all on server, but both nmap and netcat report port 21 as being open, even though it isn't.I am 100% sure that port 21 is not actually accessible and iptables rules are fine. Trying to connect to the port fails, yet nmap and netcat seem to report a "false positive"?Have also checked on a number of other servers I'm running, and this "false positive" seems to apply to all of them.
View 1 Replies
View Related
Jan 3, 2010
I have a network of 2 WinXP machines and one linux box. I have fiddled around with the settings as you do when learning. The network is working. The network neighbourhood on the WinXP machines recognise the linux box and vice versa, (the linux Places|Network recognises the 2 WinXP). I can Ping the linux box using its hostname from a WinXp. But I cannot do the reverse. I get an 'unknown host' response. I can ping the linux to itself using its hostname.
View 7 Replies
View Related
Jul 29, 2010
I'm having an issue on two Fedora Core 13 machines where I can ping others by hostname, but the hostname resolution fails whenever I use ssh/scp/vnc/etc. I can still do these things by IP address, just not by hostname. RHEL5.3 machines on the same network with the same configuration do not seem to have this problem.
Here's the not-so-quick-and-dirty description of the situation:
I know that there is a virtual router at 192.168.31.1 and another at 192.168.30.1. I also know that there is another network (let's call it 90.90.90.0) and on that network lies a number of resources. By nature of this configuration, any machine on 90.90.90.0 can be accessed by any 192.168.x.x, but not the other way around. Beyond that is out of my hands and currently out of my scope of knowledge.
I have a dnsmasq server on 90.90.90.10 that operates as a secondary nameserver, another machine out of my sphere of influence is the primary nameserver (90.90.90.31).
The secondary nameserver on 90.90.90.10 holds the hostnames of our development machines. The problem is that in some cases, while I can ping by hostname all day long, services such as ssh, scp, vncviewer, etc all fail to resolve the hostname. In other cases I can do all of these things.
Every machine has an equivalent resolv.conf:
As an example, I will show the output of a handful of my development machines:
I also included columbia as a one-way test -- even though it cannot access 30.x or 31.x, they can access it:
columbia -- physical machine, Red Hat Enterprise 5.3, IP 192.168.100.200
Okay, so here are the various outputs. Remember, nibbler, discovery, and atlantis can ALL:
- Ping by IP address
- Ping by hostname
- ssh, scp, vnc, etc by IP addess
Additionally, the SERVFAIL reply from 90.90.90.31 is expected since my dnsmasq server is on the secondary server.
Note that the only machine that can both ping and ssh/scp/etc by hostname is nibbler, which also happens to be the only one of the three running RHEL5.3 instead of FC13. Other virtual and physical machines running on the 192.168.31.0 and 192.168.30.0 networks (all running RHEL5.3) work just like nibbler does. So the problem seems to only affect machines running FC13.
Final note: selinux is disabled, iptables is disabled, ip6tables is disabled.
Other than that, discovery is a brand-spanking-new install straight off of the FC13 DVD. atlantis has been around longer, but its just a file server so I haven't done anything too crazy to it.
View 3 Replies
View Related
May 24, 2010
I'm trying to ping another Ubuntu computer on my local network. If I try doing,ping <hostname>then I get the messageping: unknown host <hostname>however, if I doping <hostname>.localthen I get a response back. I was wondering how I can change it so that I can ping without having to append .localI've installed winbind and modified my /etc/nsswitch.conf file but this has made no difference.
View 2 Replies
View Related
May 22, 2011
I have an ubuntu 10.04 server with hostname "abc.domain.com". However, due to migration, we had to change to hostname to something else, "xyz".
I have done changing /etc/hosts and /etc/hostname and run /etc/init.d/hostname start.
Checking the hostname and all shows it is now using hostsname of xyz. However, email sending out is still using old hostname. We have some scripts that will send out alerts like failed rsync or hdd space full to my email account. But I see the sender is still "root@abc.domain.com".
How do change that to xyz? I am using postfix. I have edited main.cf and restarted postfix but no go.
View 1 Replies
View Related
Jun 11, 2010
I have an old FC2 box running Squid version 2.5. It has been running since 2003 so I am in the process of replacing it. I have a new machine with FC11, iptables, and Squid 3.0 installed.
On the old machine I use iptables to intercept Port 80 traffic and send it to Squid. By default I block all internet access and allow only sites that are in an Allowed_Sites.txt file. Within Squid I also have statements to allow certain users to bypass Squid based on their IP address.
I have set up the same thing on the new box. I have iptables intercepting the Port 80 traffic and sending it to Squid. That is working because if I remove the redirect statement from iptables all internet access is blocked.
The problem I am having is that Squid is not blocking any websites. It acts like the ACL is set to http_access allow all. I have worked on this for several hours and am stumped.
These are my Squid rules:
acl allowed_sites url_regex "/etc/squid/Allowed_Sites.txt"
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl SSL_ports port 443
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow Bypass_Users
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
acl our_networks src 192.168.1.0/24
http_access allow allowed_sites
http_access allow our_networks
http_access deny all
icp_access deny all
htcp_access deny all
http_port 192.168.1.254:3128 transparent
hierarchy_stoplist cgi-bin ?
access_log /var/log/squid/access.log squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|?) 0 0% 0
refresh_pattern . 0 20% 4320
visible_hostname FC11.proxybox
icp_port 3130
coredump_dir /var/spool/squid
View 2 Replies
View Related
May 22, 2011
I have set up certain portions of my web site to be forced https:// How do I force, non https:// protocols. I know this sounds confusing, so let me give you an example.
[Code]...
View 7 Replies
View Related
Apr 27, 2010
So I set up an Ubuntu 10.04 server with apache2 installed, but for some reason I can't get to it from my browser. the iptables have all changed directories in 10.04 so I can't find the iptables. Apparmor wasn't the problem. The network hard ware is not the problem.There is something inside of 10.04 that is blocking port 80. I can ping it all day using the ip address but when I ping it useing http://ipaddress it can't find the host
View 4 Replies
View Related
Jun 12, 2010
I dont know how, but somehow all the ports on my comp appear to be blocked except for 24, for ssh and 5900 unknown. I can connect to the network, but as far as I can tell, I'm powerless to do anything. No webpages load, I'm typing this on my phone.
View 1 Replies
View Related
Jul 15, 2010
In my Ubuntu 9.04 installation, just a few days ago, I lost my usage of the internet. I still had internet access. Firstly though, there was a problem with the router, so I tried a friend's router (both Netgear DG834) and the friend's one worked. But in Ubuntu, I could not access any web pages or email. Skype works.
I tried using my netbook and that could access web pages okay. So then I booted my main PC into the old installation that I kept there of Ubuntu 8.04, which I am using now. And in this the internet works just fine, I can access websites and download and send email.
But in Ubuntu 9.04, it seems like something is blocking my access. I do not recall installing anything new, although something may have been updated recently. I can see the DNS servers from Ubuntu 9.04 and it gets an IP address from the router. What is the likely cause of the Internet being blocked for websites and email (but not Skype)?
View 2 Replies
View Related
Mar 2, 2011
All ports are blocked only 22 and 80 are open. I scan localhost and ports are open. When I scan IP address ports are blocked.I have no firewall rules.
View 5 Replies
View Related
Apr 6, 2010
How do I set $HOSTNAME to dynamically update with the hostname that is specified for the ip in DNS?
View 3 Replies
View Related
Jul 29, 2011
I'm trying to use svn over http or https because I'm rear of a corporate proxy. Only allows HTTP connections.
I tried connect-tunnel but no success.
I also modified ./subversion/servers and I added the proxy server but no success.
View 2 Replies
View Related
Nov 28, 2009
The firewall in Fedora 12 seems to block UPnP by default, but opening port 1900 for UDP, as I have seen suggestedes not resolve the problem.have the following three scenarios:Firewall Enabled: Transmission cannot open a port by UPnPFirewall Enabled (1900 UDP allowed): Transmission cannot open a port by UPnPFirewall Disabled: Transmission opens a port via UPnP fineAny ideas? Yes, the port that I'm trying to open is also allowed. Router is a Linksys BEFSR41 v4.3, should you care
View 6 Replies
View Related
Feb 15, 2011
Fedora 13 64. NetworkManager tries to unlink /etc/hosts and is blocked:
Code:
SELinux is preventing /usr/sbin/NetworkManager from unlink access on the file /etc/hosts.
Additional Information:
[code]....
View 2 Replies
View Related
Dec 8, 2010
I recently installed the XRDP server on my desktop edition of Ubuntu v10.04 following the simple instructions available here. I did this on two computers. One computer has Firestarter installed while the other does not.
When I use Windows to connect to the Ubuntu box without Firestarter, everything works just fine. However, when I try to connect to the one running Firestarter, I get a pop up showing an error message (see the attached file).
I checked the incoming rules in Firestarter and I don't see a way to add RDP sessions to the list of exceptions. I also tried adding my IP address in the host section but this too didn't help the situation.
View 1 Replies
View Related
Oct 13, 2010
In my work I am trying to connect my home server behind symantech gateway but I cannot but when I try to connect with telnet to ssh port I can make connection.How can I connect my server via ssh client.
View 11 Replies
View Related
May 17, 2010
Last night I installed all the updates that were available for CentOS. Today, I discovered that all connections to port 25 (Sendmail) are being blocked except connections coming from localhost.
I tried disabling the firewall to see if anything would change but it is still blocked.
If it is not the firewall doing the blocking, what else might it be?
View 4 Replies
View Related
Jul 10, 2011
Recently I discovered that we were accidentally running a POP server (port 110), when we only should have been running the encrypted version thereof (port 995). This wouldn't have been a problem if the port was blocked in the first place.Isn't the default iptables setup on CentOS to block unspecified ports? Specifically, this line from /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
Right? Well, this doesn't seem to be working for me. I added some rules to allow additional ports and commented out a couple (crucially port 110), but for some reason, port 110 is open.Here is /etc/sysconfig/iptables and the output of iptables -L below that:
# cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
[code]....
Why isn't "-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited" doing what I think it should be doing?
View 3 Replies
View Related
Dec 22, 2010
I am trying to open a site named [url] and it gives me error connection refused the network may be down.
I had checked that ip and it's pinging from my pc but the site is not opening
My internet server is red hat linux and i have done all the iptables thing but it's not working
View 5 Replies
View Related
Oct 4, 2010
I am running a Linux firewall (IPcop) to bridge two networks. Hosts on network A have to use a proxy server in order to get online. This server runs a transparent proxy (squid) configured to use the proxy needed to connect to the internet as an upstream proxy, therefore meaning all the hosts on network B can connect to the internet without the user having to configure a proxy address.
The problem is that HTTPS also has to go through the upstream proxy, which I'm told can't be proxied by my server transparently because of security issues. This means that hosts on network B can't currently access HTTPS sites.
View 6 Replies
View Related