I'm encountering a strange problem. I need to open and forward all UDP and TCP ports related to VoIPtelephony (5000:32000) in the Suse 11.1 server that's acting as router/firewall in our setup. The ports must redirect to a Asterisk server in the local network. (This server has the IP adress 192.168.0.3)I've opened ports in Yast (Firewall>Ports>Advanced) and putted in some masquerading rulesirewall>Masquerading):0/0,192.168.0.3,tcp,5000:31000,5000:310000/0,192.168.0.3,udp,5000:31000,5000:31000when I do a nmap localhost I get:Starting Nmap 4.75 at 2010-01-08 16:52 CETInteresting ports on localhost (127.0.0.1):
Not shown: 991 closed ports
PORT STATE SERVICE
21/tcp open ftp
nmap is showing a port as closed. I have the firewall stopped on both hosts.It shows as closed on localhost as well.The process that's listening to that port is not started from xinetd so i doubt hosts.allow/deny is the issue.I can't help but feel that I'm forgetting some other access control mechanism.Both hosts are RHEl5.4
I am trying to understand why when running nmap against a SonicWALL firewall at a remote location, the SonicWall firewall is saying that most of its 65535 ports are open? I know this cant be correct and remember reading about how some of these network appliances are setup this way to thwart off attacks.
I have a couple of openSUSE 11.2 machines and each is directly connected to the Internet (they are not behind a router, firewall, etc). I want them to be able to communicate without any firewall restrictions, but keep the firewall rules for all other IP addresses. Is this possible? the software package I'm trying to use randomly chooses a port to use in the range of 32768-61000 and I don't feel comfortable having a port range that wide open on both machines.
I like to select one or two appz then install once a time.But each time when YAST finishes an installation it close without asking.If I want to install another appz in a few seconds,another refreshing repositories is needed.I have to wait a minute.It's quite annoying.Anyway to remain YAST open and let me close it manully?
how to open firewall ports without using yast. The reason I'm asking is because I'm working on a .sh script for the installation of a couple of programs. Some ports need to be open for the programs to work, I find it really annoying to go to yast and type the ports manually every time. I've looked at /etc/sysconfig/SuSEfirewall2 but can't seem to find anything, I also know that after the changes I will have to stop start the firewall by running:
I've had this problem for ages and decided to try to tackle it. It occasionally also occurs on my laptop but only intermittently. The video on the second screen seems to go haywire. On boot, it doesn't display the background image. It only will display a fading black and gray picture. Then anything that is put on the screen is captured like a screen shot on the background. It is just hard to know if things were closed
I'm using opensuse 11.3 32bit with LXDE. I have configured an apache tomcat server listening on port 8080. Yast was used to open udp 8080 and tcp 8080 in the firewall by manual entry under the advanced button of 'allowed services' menu.Another system was used to access the tomcat server via a firefox webbrowser. The attempt was unsuccessful. The url used was [URL]. firefox webbrowser keeps showing'connecting ...' until timeout. I'm assuming that inspite of the specified port openings in the firewall, it is somehow ignored. If I were to disable the firewall, then I can access the tomcat server with the firefox webbrowser.
i have two questions and thought that anyone here could have the answers.first things first,i want to make firewall accept a range of ports (say 8000:9000) because im using mpd process manager to make some parallel processing, does anyone know the command that satisfy this?
the second thing is, when i open a range of ports like that, it would put my system at risk if some bad guys somehow identifies this range, is there is anything that solves that matter(i.e. makes the firewall monitor the packet, if its an mpd accept if not drop)
I have just switched over from firestart to gufw.I have set all incoming traffic to deny and all outgoing traffic to allow.I have rules set for incoming traffic, and have only opened 1 port on my system for torrents. My router also only has the same port opened which again is for torrents.I use "Network Tools" which is included on squeeze and do a portscan of 192.168.1.100 and 127.0.0.1 I get all kinds of crazy ports coming back as opened. What is even stranger is if I do a few scans, these ports change, so one port on one scan may come up as open, then it will disappear and a different port may show as open.
Mind you none but the torrent port is forwarded in my router, I have no idea what any of these other ports are, or why they are even showing up.What the heck is going on? I dont think this is normal? Am I at any higher risk for attack?
I am having trouble getting ports to open, on the router that the server is connected to it is set to DMZ, so everything passing through the router should go to the server right? but when I use a port checker none of the ports that I need to be open are. so my question is does ubuntu have a built in firewall that no one told me about? or something that would block me from having the ports open?
I'd like to have a port open for some streaming radio stations. However, I don't know if they are UDP or TCP or what "direction" to have them set up (inbound or outbound). I also don't know if they should be set up for "host" or "dynamic". The stations I'm interested in are the 181.fm channels mostly (shoutcast stations). We have a Westell A90 type modem/router from Verizon.
I now have a firewall up and running: almost perfectly. When I use nmap and perform the most comprehensive scan I can think of, it cannot detect any wide open ports (unless bittorent is running) and cannot fingerprint the OS. My last 2 questions about my firewall (I am very happy now) are:
It seems as though Firestarter has been "abandoned" by the developers, and that gufw is more current. Does it really matter which firewall I use because don't they all do the same thing? I like firestarters system tray icon a lot. 2nd question is I have two open|filtered ports. Are these still pretty well protected?
It is very pleasing to see that I have no open ports, because if you were an experienced Windows user like I was, you got used to the fact you were going to have open ports no matter what. Linux's builtin firewall completely destroys the expensive and useless scams they call Norton and McAfee. Linux officially rocks now
Within the documentation of example OpenVPN setups there is a setup that shows an OpenVPN Server with two network interfaces. One interfaces is plugged into the public internet network and the second interface is plugged into the private network.
Normally I assume that it would be best to place the OpenVPN system inside the network behind the router and firewall and open only the ports needed on the router to allow access to the OpenVPN system. All other router ports would be closed. This is the first example they show. To see what I am talking about see page(s) 6-7 here -> [URL]
If one were to use the two interface public facing setup, when would that setup best be justified? I guess if you didn't want to open any ports on the router/firewall then this could be justified but then you have to lock down this public system individually instead of having it protected by the network firewall.
I have properly configured my router to open a port for Transmission and Vuze. The OpenSuSE firewall settings are somewhat confusing, however. How do I add a port specifically for the BT protocol? I know it's the firewall causing issues, because when I shut it down, my BT apps roar to life, and die with a whimper when I turn it back on. In Ubuntu, opening a port in the router is automatically configured in the firewall; that is apparently not the case with this distro.
So, when I go to Yast Firewall, I see "allowed services" under the tabs available. When I hit that tab, I see a dropdown menu that contains services such as NetBios Server and Samba Server. Am I choosing one of those available and adding a port to it? Am I adding a custom service via the Advanced settings, and if so, why isn't there a way to label the service so that it shows up under allowed services?
I synced my Music Folders on all my computers with rsync. Now when I open Rhythmbox it shows the mp3s as duplicated. So, every album will have two of track 1 and two of track 2 and so on except for the new records and files that were put into that computers Music Folder because they weren't there before.
So, obviously I am doing something wrong with the path of the files/folders because the rsync must be giving the same file different paths or tags or some such. I know from google searching that Rhythmbox will not display duplicates that are true duplicates.
So, short of simply deleting my music folder on every computer and then putting all of the songs back into it... is there anything I can do?
I should mention that the files/folders are not in reality duplicated. I checked both in the folders and also I opened a folder with VLC and it produced a list of tracks that was not duplicated. Its only Rhythmbox that shows them as duplicates.
I am talking about Rhythmbox on my Fedora 13 64 bit installation.
Does a firewall exist, that shows "whois" info for ALL new connections that are attempted? Or even better, "smartwhois" info?New connections meaning, connections to IP blocks never connected to before. So you go to a site that belongs to owner A, and if an attempt is covertly made to connect to another site that belongs to owner B, an alert is shown and you choose if you trust this owner.
Then I uninstalled Cairo and AWN with Synaptic.I got a notification of an error in the panel saying I had broken packages - see broken package filter to check it out.I can't find filters in Synaptic.Then I noticed DockbarX was empty (and I had pinned Firefox to it) So I tried uninstalling and reinstalling via terminal. No problems with that but when added it to the panel again it was still empty . I rebooted several times during these attempts.
- Launchers disappear - Open applications not reflected in launchers Jun 7/2010 status: New → Incomplete