Ubuntu Servers :: 10.04 Edition - No Open Ports By Default?
Dec 15, 2010
I've tried to set up a Hadoop cluster on a few freshly-installed 10.04 Server Edition machines and hit a problem. (I was able to set up the cluster using Desktop edition previously). The issue is that I can't connect to the service even though the Java process is running and listening on the port and there is no error in the logs. Anyway, I started to wonder if it was firewall issue so I googled it and found conflicting information.
1. "Ubuntu Server has no open ports by default" - [URL]
2. iptables shows different info. ufw is also disabled.
hadoopadmin@machine-1:~$ sudo iptables -L
[sudo] password for hadoopadmin:
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
hadoopadmin@machine-1:~$ sudo ufw status verbose
Status: inactive
I even tried to enable ufw and did "sudo ufw default allow incoming" but still no help. The only package I manually selected during installation is OpenSSH server.
View 1 Replies
ADVERTISEMENT
Dec 15, 2010
"Ubuntu Server has no open ports by default" - [URL]. Does this mean right after a 10.04 Server Edition installation, if a user wants to start a web service e.g. a Java process to listen on say port 8080, he would have to configure the firewall first?
View 1 Replies
View Related
Feb 4, 2010
Does Ubuntu come with a firewall preinstalled and running? I need to open port 9997 - how would I got about doing this?
View 2 Replies
View Related
May 1, 2011
I just finished setting up a Natty box to act as my home router / home web server. I installed beta2 a few days before the final was out and updated all of the packages (also tried a dist-upgrade just in case ).
I performed the following setup:
- set up the webserver and sshd
- set up dhcp server and adressing
- set up rc.local to run rc.firewall with my filtering rules
- set the router live (rebooting it)
And that was basically it. Everything worked fine, except when I tried to open any of the sites that are hosted on the webserver from the outside world. It turned out that all of the ports on the external interface were blocked.
I decided to stop my firewall rules (flushing all rules) and then scan my box from the outside - still, all ports seemed to be filtered. I then decided to reboot the machine, disabling all mention of the rc.firewall script, but the ports were still filtered!
I then disabled apparmor and made sure ufw is disabled, but the ports are still filtered for the outside world. For the internal network they are not filtered.
Is there some other mechanism besides iptables rules that filteres packets?
View 2 Replies
View Related
Mar 28, 2010
I've been struggling for days trying to open port 53 and 25 but can't get it to work. My iptables at /etc/sysconfig contains the following:
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0] .....
On the server machine when I do port scan with nmap I see the following result:
Starting Nmap 4.76 [URL] at 2010-03-28 01:03 CET
Warning: Hostname localhost resolves to 2 IPs. Using 127.0.0.1.
Interesting ports on localhost (127.0.0.1):
Not shown: 986 closed ports .....
But when I try to do telnet from an external machine, e.g:
telnet <IP of host> 53
I get:
Connection refused
telnet: Unable to connect to remote host
I also did a port scan with a tool on an external machine but port 53 and 25 weren't listed as opened ports. Also CheckDNS.net on the server returns "Connection reset. Probably DNS server is offline". I am 100% sure that named and sendmail are running. When I do a ps -aux I see:
named 9261 0.0 0.3 85528 14784 ? Ssl 00:46 0:00 /usr/sbin/named -u named
root 2550 0.0 0.0 9536 1960 ? Ss Mar23 0:02 sendmail: accepting connections
View 14 Replies
View Related
Jul 26, 2010
I am having trouble getting ports to open, on the router that the server is connected to it is set to DMZ, so everything passing through the router should go to the server right? but when I use a port checker none of the ports that I need to be open are. so my question is does ubuntu have a built in firewall that no one told me about? or something that would block me from having the ports open?
View 3 Replies
View Related
Nov 19, 2010
I have a JavaCL program trying to open a port on 41xxx and it is getting permission denied unless I run it as root. I would like to grant a single user this permission for opening this port. This program runs fine on a vanilla ubuntu install but not on server. Where does Ubuntu handle user permissions for opening ports?I understand this is typically a no-no on a server but this is an unusual circumstance.
View 1 Replies
View Related
Jul 7, 2011
I have ordered a server with OS:
Ubuntu Server 11.04
After a quick nmap scan I found out a few open ports. What is using these ports?
1102/tcp filtered adobeserver-1
1201/tcp open nucleus-sand
View 4 Replies
View Related
May 26, 2011
I'd like to set up a fileserver for myself and a few trusted individuals. I'm computer savvy and I use various linux servers frequently for work, but this is my first time trying to setup my own. Is it possible to have a Samba server setup so it is both secure and facing the Internet? Two questions:
Will opening Samba ports make my default Ubuntu server particularly vulnerable to penetration? More than having an SSH server running? Does Samba/ can Samba be configured to encrypt traffic or is it sent plainly? If so, does Windows and Mac support this secure communication?
If not, what would you suggest? I'd like to achieve something like a network drive and at a difficulty level that my parents could use this if they really wanted to. I will be storing things like financial information and tax returns, but no weapons-grade secrets.
View 9 Replies
View Related
Jun 25, 2010
i have setup an open vpn server and when i connect to it the client pulls an IP and but not default gateway. My goal is to route all web traffic through the VPN... My config file looks like this...
Code:
dev tun
proto tcp
port 1194
ca /etc/openvpn/easy-rsa/keys/ca.crt
[code].....
View 2 Replies
View Related
Dec 4, 2010
Is it safe to connect a computer running a freshly installed ubuntu desktop edition directly to the internet? Or do I need to actively configure a firewall before connecting it?
View 3 Replies
View Related
Sep 5, 2010
I am running apache2 and tornado web servers on the same server with one ip address.
The apache2 listens on port 80. Tornado listens on port 8888. I want to redirect requests from a specific ip port 80 to port 8888. I don't have the ability to change the port request on the device. It wants is looking for a web server on port 80.
Any other web server request should go to the apache.
I tried adding the following to /etc/ufw/before.rules
When I run iptables -L it doesn't appear. I have disabled and enabled ufw with no help.
View 3 Replies
View Related
Jun 25, 2010
The other day I was using BitTornado and it was running so slow it was almost unholy. After some research I found out that if the yellow light was on it means I couldn't receive any incoming connections and had to open some ports on the firewall. That, my friends, is not the problem. I tried to manually open up the bittorrent port and did some other things that I can't quite remember but eventually I accidentally killed all bittorrent functionality on my laptop.
Is there any way I can reset my network and ports back to the default settings or am I utterly screwed? I'd really prefer not to have to reinstall my whole OS just to fix my bittorrent or worse, have to download on Vista *shudders*. I'd rather go back to my uber-slow bittorrent than none at all. I've tried everything I can think of, even the godlike might of Google couldn't get me out of this one. Now I am forced to bother you, all because I wanted to see a damn sci-fi film from Switzerland (Cargo[2009]).
View 2 Replies
View Related
Apr 6, 2010
A few months ago I installed Ubuntu 9.10 on my girlfriends laptop, on her request, as she didn't like Windows any more. Since then the internet connection periodically slows down due to too many open ports/connections. Always when this happens I call our ISP and usually there are around 80-200(!) active connections to various IP's.
She is not downloading torrents or anything.
She only uses Firefox and a few open tabs as people do.
Skype is open.
Wireless internet connection.
I am thinking either Ubuntu is updating more or less constantly or the ports/connections aren't closed "after use".
View 7 Replies
View Related
Jul 27, 2010
I'm locking down my laptop. I know I can use a firewall to ensure nothing gets through that I didn't catch, and I certainly plan on using one, but in the meantime, I want to know what exactly is running on my system.
nmap localhost returns:
Code:
james@james-linux:~$ nmap localhost
Starting Nmap 5.00 ( http://nmap.org ) at 2010-07-26 23:33 CDT
Warning: Hostname localhost resolves to 2 IPs. Using 127.0.0.1.
Interesting ports on localhost (127.0.0.1):
Not shown: 994 closed ports
PORT STATE SERVICE
25/tcp open smtp
111/tcp open rpcbind
139/tcp open netbios-ssn
445/tcp open microsoft-ds
631/tcp open ipp
2049/tcp open nfs
Nmap done: 1 IP address (1 host up) scanned in 0.18 seconds
However, I know that localhost goes back to the loopback interface, 127.0.0.1. So, to see what was really open, I ran nmap 192.168.0.108, which is my laptop's IP at the moment.
Code:
james@james-linux:~$ nmap 192.168.0.108
Starting Nmap 5.00 ( http://nmap.org ) at 2010-07-26 23:33 CDT
Interesting ports on 192.168.0.108:
Not shown: 996 closed ports
PORT STATE SERVICE
111/tcp open rpcbind
139/tcp open netbios-ssn
445/tcp open microsoft-ds
2049/tcp open nfs
Nmap done: 1 IP address (1 host up) scanned in 0.14 seconds
Now if I understand correctly, I can attribute 139 and 445 to my Samba share. That I'm okay with. What I don't know is 111 and 2049. Does anyone know what these ports are, what's running on them, and how I could turn them off, supposing that they are a security risk?
View 9 Replies
View Related
Mar 18, 2011
I'm getting heat from the head networking office that ports 21, 110, and 143 are open. I can telnet to those ports from a remote machine (not localhost) and get a prompt. There does not seem to be anything listening on those ports according to netstat. I've tried using iptables to discard all traffic to a from those ports but I can still telnet to them. This is a lucid desktop machine.
View 4 Replies
View Related
Apr 5, 2011
I'm trying to open my ports all the way, but for some reason, I am unable to do so. I've forwarded the ports I want open in my router (I switched between two routers to make sure), I made exceptions in Firestarter, and I even added UFW rules, but when I use pretty much any and every port checking tool out there, the ports eithere back stealthed or closed.I'm not a complete noob, and I'm not an expert, but I'm p sure I'm doing everything right, seeing as there isn't much to screw up.The reason I'm trying to fully open these ports is because I'm getting this dumb 'No Incoming Connections
View 3 Replies
View Related
Apr 5, 2010
I'm using ubuntu-linux ( ubuntu 9.10)I use utility autoscan network to scan the systems available in local area network of my hostel.It shows my open TCP ports : like Ssh , Smtp , Http , NetBios-ssn , Microsoft-ds , ipp , Mysql , Postgres.Are all these services need to run all the time or I can manage the ports.Don't know much about it just want to know these ports are by default open or I can manage them.
View 7 Replies
View Related
Dec 4, 2010
Quote:
A year ago I blogged about how hackers managed to hijack hundreds of high-profile websites to make them promote online stores that sold pirated software at about 5-10% of a real cost. They used quite a standard scheme that involved cloaking (making spammy links visible only to search engine crawlers) and conditional redirects (visitors from search engines who clicked on specifically-crafted links on compromised sites got redirected to online stores of software pirates)
Despite of all my warnings, most of those site are still hacked and help sell pirated software and steal credit card numbers. This negligence of site/server administrators encouraged cyber criminals to step even further in abusing reputation and resources of compromised servers. This post will be about one of such steps.
View 6 Replies
View Related
Apr 10, 2010
I installed Ubuntu 9.10 recently. I heard that there will be no open ports in the system unless I specifically open one. How do I scan to find a open port in my system.
View 9 Replies
View Related
Jul 6, 2010
when i enable my ufw it completely shuts me out and closed my internet connection. i installed firewall configuraiton interface and through it defined rules to accept incoming internet connections on port 80, i can see the rules are there but when i enable my firewall it just shuts me out completely again.
when i do(with my firewall enabled):
Code:
$ sudo ufw status
it gives me:
Quote:
Status: active
[Code].....
I also messed around with fwbuilder and iptables but since then deleted fwbuilder(besides i just compiled firewall policy and never actually installed it because of errors while trying to install it. Iptables I cleared with:
Code:
$ sudo iptables -F
View 9 Replies
View Related
Jan 2, 2011
I have been running Ubuntu 10.10 and have found that at any time I am connected to the Internet that I will randomly see high port numbers open when doing a port scan on my computer all are in the unknown listings with five digit numbers so I don't know what is going on or who is using them. Please check your system to see if you are having the same thing happen by using network tools and filling in your local ip address in the port scan tab. If you shut down your Ethernet interface and run port scans the high ports are no longer open. this will at least keep whoever is using your ports at bay when you are not using the net.
View 4 Replies
View Related
Feb 2, 2010
Just did a check on "shields up" and it says that ten of my ports are open. I get the same result with or without both shorewall and firestarter. I suspect it may have something to do with the mysql server packages added automatically during installation. Am I right. If so, what can be done about it? If not, has anyone any idea how to keep my ports closed?
View 5 Replies
View Related
Feb 7, 2010
I'm trying to setup oracle10g but, whenever I try to go to my database homepage http://127.0.0.1:8080/apex I get an "unable to connect to" error. Only reason I can think of as to why I can't connect to it is because my ports aren't open. I also recall SELinux complaining about something awhile ago, I can't seem to bring that up any more for some reason.
View 1 Replies
View Related
Feb 19, 2010
tring to run an ftp server on default ports with port 10100-10199 as passive. Using vsftp. But the ports refuse to open what the heck am I doing wrong? see screen shot. oh using karmac, now.
View 2 Replies
View Related
Mar 13, 2010
On my home-server i have got three hard drives, but i only use one of them. I was wondering if anyone knew a guide, how to get use of the two other HDD?
View 9 Replies
View Related
Jan 20, 2010
Recently I've updated my small file server at home (Ubuntu 9.10) (Linux ubuntu 2.6.31-16-generic) and after I restarted my system No Ports where open anymore. I use ssh, vsftpd, apache2 and samba ... nothing start after reboot, I have to start it manually. I don't know what happened and if is it even direct result of some updates. I have another machine like that at work and there was no problems after resent updates.
View 1 Replies
View Related
Apr 12, 2010
I forwarded ports 28900(TCP/UDP) and 5029(UDP) to my linux box for a game. Testing my ports with a website now shows these ports as "connection refused" rather than "timeout" which means the connections are getting to my system but the iptables are blocking them. But I added 28900 as a test and it still won't accept anything on this port. This is my output of iptables -L
root@BPC3:~# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:28900
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:28900
What do I need to do exactly to add exceptions for 28900 TCP/UDP and 5029 UDP?
View 2 Replies
View Related
Apr 16, 2010
I need to ensure ports 6112 through 6119 are open. I tried using Firestarter to do this, but when I search for what ports are open, it says none of them are. I use Ubuntu 9.04.
View 1 Replies
View Related
Aug 19, 2010
I'm trying to set up an SSH connection from my school to my home, but not on port 22. I originally tried port 2222, but it didn't work. I called my school IT people and they said they block that port. I asked if they care if I set up an SSH and they said no, but that they wouldn't tell me which ports are blocked and which are open for "security" reasons (which I guess I can actually understand). They suggested just using port 22 or 222, but said if a ports open I can use it.
My question is, can I check ports without setting up SSH? It seems like a hassle to try a different port every day on my home SSHD file, come to school, see if it works and repeat. Is there a way I can check my computer home for connections that could connect, even if there isn't a service listening? I don't know how to do that, or even if its possible. If not, I suspect I'll just try a few until I find something that works, or just go ahead and use 22.
View 1 Replies
View Related
