nemapuji se vnejsi porty

Michal Vymazal gandalf na mbox.vol.cz
Sobota Prosinec 29 11:36:51 CET 2001


jhajas wrote:

> Mam vazny problem. Vubec nevim proc ale najednou z niceho nic se mi na 
> mem domacim serveru, ktery pouzivam zaroven jako firewall nemapuji porty 
>  na vnejsi interface. Je tam jen samba, ketra ma ale stejne zakazane v 
> smb.conf prijimat pozadavky z eth0. Firewallovacima pravidlama by to byt 
> nemelo. Postupne jsem povolil vsechny tcp porty a stejne nic. Pritom 
> kdyz zkontroluju nstat -ln tak to vypada ze demoni poslouchaji spravne. 
> Omlouvam se jestli je to neco jednuducheho ale vazne jsem uz zoufaly, 
> nevim jak dal a potrebuju do zitra donutit minimalne to sshcko aby bylo 
> dostupne zvenku.
> 
> Vypada to takhle:
> 
> # nmap nax.hn.org
> 
> Starting nmap V. 2.12 by Fyodor (fyodor na dhp.com, www.insecure.org/nmap/)
> sendto in send_tcp_raw: sendto(3, packet, 40, 0, 62.24.91.166, 16) => 
> Operation not permitted
> Interesting ports on www.nax.hn.org (62.24.91.166):
> Port    State       Protocol  Service
> 139     open        tcp        netbios-ssn
> 
> Nmap run completed -- 1 IP address (1 host up) scanned in 19 seconds
> [naxsite:/home/nax 11:49:24 Fri Dec 28]
> # nmap localhost
> 
> Starting nmap V. 2.12 by Fyodor (fyodor na dhp.com, www.insecure.org/nmap/)
> sendto in send_tcp_raw: sendto(3, packet, 40, 0, 127.0.0.1, 16) => 
> Operation not permitted
> Interesting ports on localhost (127.0.0.1):
> Port    State       Protocol  Service
> 21      open        tcp        ftp
> 22      open        tcp        ssh
> 111     open        tcp        sunrpc
> 139     open        tcp        netbios-ssn
> 826     open        tcp        unknown
> 904     open        tcp        unknown
> 2049    open        tcp        nfs
> 2401    open        tcp        cvspserver
> 3306    open        tcp        mysql
> 
> Nmap run completed -- 1 IP address (1 host up) scanned in 0 seconds
> [naxsite:/home/nax 11:49:32 Fri Dec 28]
> # nmap 192.168.1.1
> 
> Starting nmap V. 2.12 by Fyodor (fyodor na dhp.com, www.insecure.org/nmap/)
> sendto in send_tcp_raw: sendto(3, packet, 40, 0, 192.168.1.1, 16) => 
> Operation not permitted
> Interesting ports on  (192.168.1.1):
> Port    State       Protocol  Service
> 21      open        tcp        ftp
> 22      open        tcp        ssh
> 111     open        tcp        sunrpc
> 139     open        tcp        netbios-ssn
> 826     open        tcp        unknown
> 904     open        tcp        unknown
> 2049    open        tcp        nfs
> 2401    open        tcp        cvspserver
> 3306    open        tcp        mysql
> 
> # netstat -ln
> Active Internet connections (only servers)
> Proto Recv-Q Send-Q Local Address           Foreign Address State
> tcp        0      0 0.0.0.0:2049            0.0.0.0:* LISTEN
> tcp        0      0 0.0.0.0:2401            0.0.0.0:* LISTEN
> tcp        0      0 0.0.0.0:904             0.0.0.0:* LISTEN
> tcp        0      0 0.0.0.0:3306            0.0.0.0:* LISTEN
> tcp        0      0 0.0.0.0:139             0.0.0.0:* LISTEN
> tcp        0      0 0.0.0.0:111             0.0.0.0:* LISTEN
> tcp        0      0 0.0.0.0:21              0.0.0.0:* LISTEN
> tcp        0      0 0.0.0.0:22              0.0.0.0:* LISTEN
> tcp        0      0 0.0.0.0:826             0.0.0.0:* LISTEN
> udp        0      0 0.0.0.0:2049            0.0.0.0:*
> udp        0      0 0.0.0.0:901             0.0.0.0:*
> udp        0      0 192.168.1.1:137         0.0.0.0:*
> udp        0      0 0.0.0.0:137             0.0.0.0:*
> udp        0      0 192.168.1.1:138         0.0.0.0:*
> udp        0      0 0.0.0.0:138             0.0.0.0:*
> udp        0      0 0.0.0.0:824             0.0.0.0:*
> udp        0      0 0.0.0.0:111             0.0.0.0:*
> Active UNIX domain sockets (only servers)
> Proto RefCnt Flags       Type       State         I-Node Path
> unix  2      [ ACC ]     STREAM     LISTENING     565 
> /var/run/mysqld/mysqld.sock
> unix  2      [ ACC ]     STREAM     LISTENING     600 
> /tmp/.font-unix/fs7100
> unix  2      [ ACC ]     STREAM     LISTENING     47     /var/run/pump.sock
> unix  2      [ ACC ]     STREAM     LISTENING     336    /dev/log
> unix  2      [ ACC ]     STREAM     LISTENING     535    /dev/gpmctl
> 

A copak mate nastaveno v /etc/hosts.deny a  /etc/hosts.allow?

-- 
Michal Vymazal
gandalf na mbox.vol.cz
Home Computer



Další informace o konferenci Linux