Recently I discovered that we were accidentally running a POP server (port 110), when we only should have been running the encrypted version thereof (port 995). This wouldn't have been a problem if the port was blocked in the first place.Isn't the default iptables setup on CentOS to block unspecified ports? Specifically, this line from /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
Right? Well, this doesn't seem to be working for me. I added some rules to allow additional ports and commented out a couple (crucially port 110), but for some reason, port 110 is open.Here is /etc/sysconfig/iptables and the output of iptables -L below that:
# cat /etc/sysconfig/iptables # Firewall configuration written by system-config-securitylevel # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0]
Why isn't "-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited" doing what I think it should be doing?
VERY new to linux, erm but I have an issue that needs solving!I recently moved to university, where their network blocks sftp port 22, this means that I cannot connect to my FTP server which is running a version of linux.Now I've got this ftp server connected to a seedbox and it was created using the following walk through..Code:I have written this guide for a friend, but I though it would be useful for others as well.
There are several guides floating around, but I found that most always cock up in some way. This one is tried and tested to work on Debian Etch (on an OVH rps, but should apply to most servers).If there is a new stable release of rtorrent/libtorrent then I will update this guide to show you how to update it (without reinstalling the whole server).
At the bottom there are also instructions to install ftp access & some network monitoring software.Basically, I would really like someone to be able to construct the commands on how to change the listen port for sftp connection on linux or add another port to the list that Linux would use so that I could put in through putty.
Strange issue here when trying to verify firewall on Server 8.04. No ftp service running at all on server, but both nmap and netcat report port 21 as being open, even though it isn't.I am 100% sure that port 21 is not actually accessible and iptables rules are fine. Trying to connect to the port fails, yet nmap and netcat seem to report a "false positive"?Have also checked on a number of other servers I'm running, and this "false positive" seems to apply to all of them.
I have a fresh installation of CentOS 5 I'm using for a server, and I'm having issues with port configuration. I have iptables running, and it started with no /etc/sysconfig/iptables file. I added a few basic rules (port 53, port 10000 for webmin), saved the file, and restarted the service. I tried connecting to webmin, scanned ports, and traffic was blocked. I set iptables to allow all traffic and restarted the service, and it still showed basically every port as being blocked. It seems port 80 and port 22 work for some reason, even when I tell iptables to block all ports.
I'm not sure what's going on here. Iptables is reading the /etc/sysconfig/iptables file, and if I use lynx localhost:someport it responds as it should according to the file. However, if I try connecting by IP, it's like there's some other firewall or something running that does whatever it's configured to do.....
I have a mail server on which I would like to block port 25 on my eth0 for everyone except our external spam filter. the problem is that I want our users to be able to connect via port 10025 which is forwarded to port 25, which then is blocked...
I installed Ubuntu 9.10 and tomcat 6 java servlet container. I am trying to run the tomcat server on port 80, so I edited tomcat's configuration file (server.xml) and changed the default port from "8080" to "80". I launched tomcat server, went to my browser and entered:[url], but it says can not find server/location. Then I edit the server.xml and revert back to port "8080" and then enter: [url] and everything works fine. So my guess is some other service is taking up port 80, but I would think not, since I just installed Ubuntu and made sure apache isn't installed or running.
So I went to "System" --> "Administration", then choose "Network Tools". I then executed Netstat and did not see anything taking up port 80, but I do see port 8080 taken (assuming it is the tomcat server). Then I also did a Port Scan and entered my IP number. Again, I don't see port 80 taken, but do see 8080 being used.
I had a winxp laptop computer behind home wireless and was running tomcat 6 server fine with it, but it over-heated and died recently. So I got a used laptop and just installed Ubuntu 9.10. I have not changed my wireless router settings. It is the same as before. So I have ruled out my home's hardware/network equipment.
So here now I sit, wondering what is up?
For security reasons, is port 80 initially blocked by Ubuntu for some reason? Is there something I have to do beforehand to free up port 80?
I have sendmail running on my centOS 4.6. My lamp server also runs on it. I want to send mail through php mail function. when i execute php page, which fires the mail function, it takes so much long tim1 say even 1 minute, and at last displays that message sent successfully. Suppose, destination address is [URL].... I did not get any mail there. My server is running in LAN. I checked the status of sendmail, it shows me that it ios running. when i issue "nmap localhost" it shows me that SMTP port 25 is open, but when i issue "nmap myserver" (192.168.1.20 myserver ( written in hostfile)), it does not show that SMTP port is open.
I checked the /var/log/maillog, one person in my previous post advice me to see that. There it shows that message is accepted for delivery...but i do not get any mail in my destination, even not in spam folder. One more confusion is that, in my case my server is in LAN and if I am at all enable to open the SMTP port on it, does i need to open SMTP port on my router (which connects my LAN to internet) also needs to open? I think no, because SMTP is application layer protocol, it will wrap my mail in IP packet, which router just need to forward. am i right?
So I set up an Ubuntu 10.04 server with apache2 installed, but for some reason I can't get to it from my browser. the iptables have all changed directories in 10.04 so I can't find the iptables. Apparmor wasn't the problem. The network hard ware is not the problem.There is something inside of 10.04 that is blocking port 80. I can ping it all day using the ip address but when I ping it useing http://ipaddress it can't find the host
So I have two ssh servers I connect to regularly that do not use the standard port 22, so I use the "-p" flag to connect to them. This works flawlessly EVERYWHERE except on my girlfriend's work network. When I am on that network (same laptop), I can ssh into servers which use port 22, but not the other servers on this alternate port.Is there any way OTHER than ssh'ing into a machine I can access and then ssh'ing again from there to my destination (which, by the way, does work)? I want to make a direct connection for speed and security reasons.
I can't seem to establish a conncction to my site (that I'm hosting in the same computer as the gFTP client- running Lucid Lynx desktop as a server). My site is 'out there', with a domain etc. and also I work on it with localhost. I wanted to use ftp as Joomla has a 'ftp layer' for files permissions etc. But it keeps saying that I can't connect, or the connection 'was reset by a peer' whatever that means. For 'hostname' I use site.com (site is my site's name) and even tried the whole thing like http://www.site.com (I clicke on 'connect to remote, and enter that in the url). or just put it where 'host' goes (when I'm not using localhost) For user name and pass, I just enter what I usually put to access the administrator's back panel in joomla, but maybe I am supposed to use what I use to log on to ubuntu when I start my computer? note sure. Anyway I used a telnet command in the terminal and found that port 21 was blocked. MY isp says they don't block any ports so I don't know. I was able to do this last year so I don't know what is so hard about this lol In the router, I have 'ftp 21 to 21 and ip address 192.168.1.100 (ip is the same for http which is working as I have my site up) now it seems to be open as I used a command at the terminal (found from google). It's open but my ftp still can't connect to my server either localhost or to my site. there is no firewall blocking it and I think my router is set right.
I have a vps server running certain services which can be accessed via a web browser (e.g webmin control panel), but I have recently been unable to access these services from my home machine using Firefox 5.0, running ubuntu 11.04.
I can access the server on port 80 fine, eg: [URL]
However I cannot access my webmin control panel on: [URL]
The pages takes ages to load and then times out. Same with transmission-daemon on: [URL]
Everything is set up fine on my server, the ports are open in firewall etc. and I can access these pages fine from my work computer.
This has only started happening in the last day or two and had been working fine up till then. I have not messed around at all with the firewall on my home machine. I have tried other browsers besides Firefox with same result.
I have Linux server (centos) in my company ,In Server have two Ethernet card we are using one for getting internet connection via eth0 and another one is passing network is shared through this ethernet eth1.Network is shared through this linux squid proxy server to Windows client .But thing is In Windows client Browsing internet via proxy is fine . But while ping google.com in cmd it say could not connect.
I am trying to connect to my linux server using an SCP Key (PPK), but I can't get through using Putty, WinSCP, etc. I think Port 22 might not be open, but I don't know how to open it if I can't at least access the server using SSH.
Our DBA has an application running on Server2 which needs to connect to Server1 (Linux OEL5.5 server) thru port# 9171. I use telnet to test basic connectivity.What should I do on Server1 in order to open up port#9171 for connection.
Ok For some reason I open my ports in security and firewall. I open ssh and other ports and port 7001 for example but when I go to check to see if they are open or try to connect to them. It shows that they are still closed. I am using - [URL] Also yes my ports are open on my router. I know my router works fine with opening ports because I have shoutcast setup on another computer with xp that is currently running. I am willing to pay for who can ever get this fixed for me...
I've recently turned an older PC into a linux box for the purpose of creating an online server with ftp and ssh capability and file sharing. I've installed Kubuntu 9.10 and I'm trying to ssh to the computer from outside the network.I've install the openssh-client and openssh-server and I've created a static ip address, which works fine. I cannot ssh to the machine from outside the isp using either the direct ip address or hostname. The machine is connected to the internet via a Linksys Wireless G router, and I've edited the configuration settings to keep port 22 open for connect in the port server utility.
I've checked the ssh_config and sshd_config settings and port 22 is the default connection port, which is supposed to be open. I've run ifconfig and everything looks fine. I can connect to the computer using a machine connected to the same router, but other computers cannot access it. I want it to be visible to everyone.
I'm having a trouble with sendmail on Centos. When I check the maillog, every emails is sent, but when i check my mail browser, it didn't receive the mail. This problem happens with an email address only. (the red email was not received ) This is the maillog
I have the impression that the sound device is still occupied. Probably I do not properly kill the recording process and I guess that invoking the script 'record.sh' via fcrontab contributes to the problem as well.Is there someone who has an idea what could lead to that 'silence'?
i have a server running vsftpd, and when i connect to it from the server itself using my externel ip address, everything checks ok, and i can browse files. but when i try to do the same on a windows computer on my network, this is what happens: [my externel ip is blocked out with x]
now mind you, my linux server is running from port forwarding from my router, which is connected to the main computer, and i have ssh and squid running as well. not sure if those two have any affect on the service. i think this is a problem with the firewall, because i have read somewhere that multiple ports need to be open for a passive ftp to work.
I use sendmail as the MTA for our company. Lately employees have started working from home. These home users send their email through our company MTA using SASL-AUTH. This works fine for the most part but lately we've seen problems with this. The SORBS blacklist looks not only at the IP address of our company's MTA but also at the IP address of our employees home computers. (After all, the home computer IP address is revealed in the mail header.)
SORBS has been rejecting emails sent from our home users because their dynamic IP address is present in the email headers. This is true despite their email passing through our company MTA which is on a properly forward and reverse mapped static IP. The company MTA is not listed in SORBS but the mere presence of a dynamic IP somewhere in the mail header is causing outright rejection. This seems bizarre to me considering home workers sending through a company relay is a common and reasonable business practice.
Can sendmail offer a solution here? For example, to change headers to obscure the IP address of the MUA or make the email appear to have originated directly on the MTA? I don't want to mess with internet RFC but frankly I'm out of ideas for how to get the mail delivered.