Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
So I have a need to do some reverse engineering on a network device that basically when i bush a button sends data over tcp/ip. I have found out the ip of the device and monitoring it shows that it is looking for a server (who has 192.168.0.11 tell 192.168.0.241).
So i changed my ip to 0.11 and monitored again. now it send to me onto port 2000 SYN RST SYN RST.... so obviously it tries to connect to port 2000 but my machine does not accept.
That brings me to the point. Can I somehow open the port send ACK and see what comes next or are there better ways?
Any time you post a question help us help you. Tell us what distro, arch, and version you are running. While a yes/no answer can be made for any Linux, the details on how to accomplish a specific task vary wildly from distro to distro, sometimes even from version to verson, and even on occasion it is different from arch to arch (genreally 32bit vs 64bit).
Yes, you can open any port you wish. We would need to know the above to best answer the question. It would probably also be helpful to know if we are talking tcp, udp, or both.
Have you tried pointing nmap at that IP and see what it says is being offered there?
What is this device supposed to be and why do you need to reverse engineer it?
Essentially it is rfid card reader to give out drinks and the vendor (vendor is small company) of that damn system sayd they cant get it to work and they are not giving us any information how it is programmed.
As I see it working is so: Card is shown. Device sends card info to server. Server does magic. Server returns card credit. Device sends credit info to vending machines coin reader board. Voila u can have a cup of brown liquid.
if I can get what the device sends and what it wants back I'm golden.
As to scanning nmap says so: All 65535 scanned ports on 192.168.0.241 are closed
192.168.0.241 is the device IP?
If all it's ports are closed, then there is no point sending it any ACK or other response: it ain't listening.
Does it respond to ping requests?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.