Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm trying to set up my Apache 2 and SSH servers so I can access them from outside (via a DynDNS address). On my localhost, they work perfectly. Nmap sees these open ports:
(The 1662 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
80/tcp open http
631/tcp open ipp
3306/tcp open mysql
8080/tcp open http-proxy
which looks good to me. However, when I ran nmap on my address from a computer in my university's network, I received this rather unexpected result:
(The 1654 ports scanned but not shown below are in state: filtered)
PORT STATE SERVICE
113/tcp closed auth
135/tcp closed msrpc
411/tcp closed rmt
412/tcp closed synoptics-trap
1214/tcp closed fasttrack
1412/tcp closed innosys
1421/tcp closed gandalf-lm
1720/tcp open H.323/Q.931
4660/tcp closed mosmig
4672/tcp closed rfa
6346/tcp closed gnutella
12345/tcp closed NetBus
27374/tcp closed subseven
31337/tcp closed Elite
I've got no idea what to make of this. Any help would be appreciated.
Distribution: approximately NixOS (http://nixos.org)
Posts: 1,900
Rep:
Look at your firewall (iptables) settings. Many setups block potentially vulnerable services, such as http, mysql, ssh, smtp, http-proxy. Nmap confirms it.
Distribution: approximately NixOS (http://nixos.org)
Posts: 1,900
Rep:
Maybe your provider is kind enough to leave unprotected ports needed by typical-user applications (gnutella) and protect the ports where many users bind something highly vulnerable (like apache when improperly configured). Maybe you can use gnutella and fasttrack ports (for ssh or authenticated SSL proxy - to pass all the services through such a pipe). Or - don't know - maybe you have chances to ask ISP to open port 22 at least.
Distribution: approximately NixOS (http://nixos.org)
Posts: 1,900
Rep:
Can you run wireshark (or tcpdump at least) while trying to ssh to port 22 and to port 1214? And post what have you seen. You probably will see 'connection prohibited' ICMP packet, what is the source of it?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
