nemapuji se vnejsi porty
jhajas
jhajas na seznam.cz
Pátek Prosinec 28 12:06:03 CET 2001
Mam vazny problem. Vubec nevim proc ale najednou z niceho nic se mi na
mem domacim serveru, ktery pouzivam zaroven jako firewall nemapuji porty
na vnejsi interface. Je tam jen samba, ketra ma ale stejne zakazane v
smb.conf prijimat pozadavky z eth0. Firewallovacima pravidlama by to byt
nemelo. Postupne jsem povolil vsechny tcp porty a stejne nic. Pritom
kdyz zkontroluju nstat -ln tak to vypada ze demoni poslouchaji spravne.
Omlouvam se jestli je to neco jednuducheho ale vazne jsem uz zoufaly,
nevim jak dal a potrebuju do zitra donutit minimalne to sshcko aby bylo
dostupne zvenku.
Vypada to takhle:
# nmap nax.hn.org
Starting nmap V. 2.12 by Fyodor (fyodor na dhp.com, www.insecure.org/nmap/)
sendto in send_tcp_raw: sendto(3, packet, 40, 0, 62.24.91.166, 16) =>
Operation not permitted
Interesting ports on www.nax.hn.org (62.24.91.166):
Port State Protocol Service
139 open tcp netbios-ssn
Nmap run completed -- 1 IP address (1 host up) scanned in 19 seconds
[naxsite:/home/nax 11:49:24 Fri Dec 28]
# nmap localhost
Starting nmap V. 2.12 by Fyodor (fyodor na dhp.com, www.insecure.org/nmap/)
sendto in send_tcp_raw: sendto(3, packet, 40, 0, 127.0.0.1, 16) =>
Operation not permitted
Interesting ports on localhost (127.0.0.1):
Port State Protocol Service
21 open tcp ftp
22 open tcp ssh
111 open tcp sunrpc
139 open tcp netbios-ssn
826 open tcp unknown
904 open tcp unknown
2049 open tcp nfs
2401 open tcp cvspserver
3306 open tcp mysql
Nmap run completed -- 1 IP address (1 host up) scanned in 0 seconds
[naxsite:/home/nax 11:49:32 Fri Dec 28]
# nmap 192.168.1.1
Starting nmap V. 2.12 by Fyodor (fyodor na dhp.com, www.insecure.org/nmap/)
sendto in send_tcp_raw: sendto(3, packet, 40, 0, 192.168.1.1, 16) =>
Operation not permitted
Interesting ports on (192.168.1.1):
Port State Protocol Service
21 open tcp ftp
22 open tcp ssh
111 open tcp sunrpc
139 open tcp netbios-ssn
826 open tcp unknown
904 open tcp unknown
2049 open tcp nfs
2401 open tcp cvspserver
3306 open tcp mysql
# netstat -ln
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address
State
tcp 0 0 0.0.0.0:2049 0.0.0.0:*
LISTEN
tcp 0 0 0.0.0.0:2401 0.0.0.0:*
LISTEN
tcp 0 0 0.0.0.0:904 0.0.0.0:*
LISTEN
tcp 0 0 0.0.0.0:3306 0.0.0.0:*
LISTEN
tcp 0 0 0.0.0.0:139 0.0.0.0:*
LISTEN
tcp 0 0 0.0.0.0:111 0.0.0.0:*
LISTEN
tcp 0 0 0.0.0.0:21 0.0.0.0:*
LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:*
LISTEN
tcp 0 0 0.0.0.0:826 0.0.0.0:*
LISTEN
udp 0 0 0.0.0.0:2049 0.0.0.0:*
udp 0 0 0.0.0.0:901 0.0.0.0:*
udp 0 0 192.168.1.1:137 0.0.0.0:*
udp 0 0 0.0.0.0:137 0.0.0.0:*
udp 0 0 192.168.1.1:138 0.0.0.0:*
udp 0 0 0.0.0.0:138 0.0.0.0:*
udp 0 0 0.0.0.0:824 0.0.0.0:*
udp 0 0 0.0.0.0:111 0.0.0.0:*
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 565
/var/run/mysqld/mysqld.sock
unix 2 [ ACC ] STREAM LISTENING 600
/tmp/.font-unix/fs7100
unix 2 [ ACC ] STREAM LISTENING 47 /var/run/pump.sock
unix 2 [ ACC ] STREAM LISTENING 336 /dev/log
unix 2 [ ACC ] STREAM LISTENING 535 /dev/gpmctl
Další informace o konferenci Linux